tests: Modernise SGX testing

The jammy disk image has a new enough kernel to support SGX and if we rely on just the CPUid information (which is sufficient) then we can use the regular jammy test image for testing. Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2024-10-03 20:15:45 +00:00 · 2022-11-18 15:54:33 +00:00 · 2022-11-18 15:54:33 +00:00 · 1a2185ea96
commit 1a2185ea96
parent 8cea5db955
2 changed files with 31 additions and 21 deletions
--- a/scripts/run_integration_tests_sgx.sh
+++ b/scripts/run_integration_tests_sgx.sh
@ -11,6 +11,33 @@ if [[ "$hypervisor" = "mshv" ]]; then
    exit 1
 fi

+WORKLOADS_DIR="$HOME/workloads"
+mkdir -p "$WORKLOADS_DIR"
+
+FW_URL=$(curl --silent https://api.github.com/repos/cloud-hypervisor/rust-hypervisor-firmware/releases/latest | grep "browser_download_url" | grep -o 'https://.*[^ "]')
+FW="$WORKLOADS_DIR/hypervisor-fw"
+pushd $WORKLOADS_DIR
+rm -f $FW
+time wget --quiet $FW_URL || exit 1
+popd
+
+JAMMY_OS_IMAGE_NAME="jammy-server-cloudimg-amd64-custom-20220329-0.qcow2"
+JAMMY_OS_IMAGE_URL="https://cloud-hypervisor.azureedge.net/$JAMMY_OS_IMAGE_NAME"
+JAMMY_OS_IMAGE="$WORKLOADS_DIR/$JAMMY_OS_IMAGE_NAME"
+if [ ! -f "$JAMMY_OS_IMAGE" ]; then
+    pushd $WORKLOADS_DIR
+    time wget --quiet $JAMMY_OS_IMAGE_URL || exit 1
+    popd
+fi
+
+JAMMY_OS_RAW_IMAGE_NAME="jammy-server-cloudimg-amd64-custom-20220329-0.raw"
+JAMMY_OS_RAW_IMAGE="$WORKLOADS_DIR/$JAMMY_OS_RAW_IMAGE_NAME"
+if [ ! -f "$JAMMY_OS_RAW_IMAGE" ]; then
+    pushd $WORKLOADS_DIR
+    time qemu-img convert -p -f qcow2 -O raw $JAMMY_OS_IMAGE_NAME $JAMMY_OS_RAW_IMAGE_NAME || exit 1
+    popd
+fi
+
 # For now these values are default for kvm
 features=""

--- a/tests/integration.rs
+++ b/tests/integration.rs
@ -7774,19 +7774,14 @@ mod sgx {

    #[test]
    fn test_sgx() {
-        let focal = UbuntuDiskConfig::new(FOCAL_SGX_IMAGE_NAME.to_string());
-        let guest = Guest::new(Box::new(focal));
-        let mut workload_path = dirs::home_dir().unwrap();
-        workload_path.push("workloads");
-
-        let mut kernel_path = workload_path;
-        kernel_path.push("vmlinux_w_sgx");
+        let jammy_image = JAMMY_IMAGE_NAME.to_string();
+        let jammy = UbuntuDiskConfig::new(jammy_image);
+        let guest = Guest::new(Box::new(jammy));

        let mut child = GuestCommand::new(&guest)
            .args(["--cpus", "boot=1"])
            .args(["--memory", "size=512M"])
-            .args(["--kernel", kernel_path.to_str().unwrap()])
-            .args(["--cmdline", DIRECT_KERNEL_BOOT_CMDLINE])
+            .args(["--kernel", fw_path(FwType::RustHypervisorFirmware).as_str()])
            .default_disks()
            .default_net()
            .args(["--sgx-epc", "id=epc0,size=64M"])
@ -7808,18 +7803,6 @@ mod sgx {
                    .trim(),
                "0x0000000004000000"
            );
-
-            // Run a test relying on SGX enclaves and check if it runs
-            // successfully.
-            assert!(guest
-                .ssh_command("cd /linux-sgx/SampleCode/LocalAttestation/bin/ && sudo ./app")
-                .unwrap()
-                .trim()
-                .contains(
-                    "succeed to load enclaves.\nsucceed to \
-                        establish secure channel.\nSucceed to exchange \
-                        secure message...\nSucceed to close Session..."
-                ));
        });

        let _ = child.kill();