From 1a2185ea96f61324b0a258510253c83e57bb6273 Mon Sep 17 00:00:00 2001
From: Rob Bradford <robert.bradford@intel.com>
Date: Fri, 18 Nov 2022 15:54:33 +0000
Subject: [PATCH] tests: Modernise SGX testing

The jammy disk image has a new enough kernel to support SGX and if we
rely on just the CPUid information (which is sufficient) then we can use
the regular jammy test image for testing.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
---
 scripts/run_integration_tests_sgx.sh | 27 +++++++++++++++++++++++++++
 tests/integration.rs                 | 25 ++++---------------------
 2 files changed, 31 insertions(+), 21 deletions(-)

diff --git a/scripts/run_integration_tests_sgx.sh b/scripts/run_integration_tests_sgx.sh
index 6a5334aac..815709a45 100755
--- a/scripts/run_integration_tests_sgx.sh
+++ b/scripts/run_integration_tests_sgx.sh
@@ -11,6 +11,33 @@ if [[ "$hypervisor" = "mshv" ]]; then
     exit 1
 fi
 
+WORKLOADS_DIR="$HOME/workloads"
+mkdir -p "$WORKLOADS_DIR"
+
+FW_URL=$(curl --silent https://api.github.com/repos/cloud-hypervisor/rust-hypervisor-firmware/releases/latest | grep "browser_download_url" | grep -o 'https://.*[^ "]')
+FW="$WORKLOADS_DIR/hypervisor-fw"
+pushd $WORKLOADS_DIR
+rm -f $FW
+time wget --quiet $FW_URL || exit 1
+popd
+
+JAMMY_OS_IMAGE_NAME="jammy-server-cloudimg-amd64-custom-20220329-0.qcow2"
+JAMMY_OS_IMAGE_URL="https://cloud-hypervisor.azureedge.net/$JAMMY_OS_IMAGE_NAME"
+JAMMY_OS_IMAGE="$WORKLOADS_DIR/$JAMMY_OS_IMAGE_NAME"
+if [ ! -f "$JAMMY_OS_IMAGE" ]; then
+    pushd $WORKLOADS_DIR
+    time wget --quiet $JAMMY_OS_IMAGE_URL || exit 1
+    popd
+fi
+
+JAMMY_OS_RAW_IMAGE_NAME="jammy-server-cloudimg-amd64-custom-20220329-0.raw"
+JAMMY_OS_RAW_IMAGE="$WORKLOADS_DIR/$JAMMY_OS_RAW_IMAGE_NAME"
+if [ ! -f "$JAMMY_OS_RAW_IMAGE" ]; then
+    pushd $WORKLOADS_DIR
+    time qemu-img convert -p -f qcow2 -O raw $JAMMY_OS_IMAGE_NAME $JAMMY_OS_RAW_IMAGE_NAME || exit 1
+    popd
+fi
+
 # For now these values are default for kvm
 features=""
 
diff --git a/tests/integration.rs b/tests/integration.rs
index 4e2dfa216..b1545bf4c 100644
--- a/tests/integration.rs
+++ b/tests/integration.rs
@@ -7774,19 +7774,14 @@ mod sgx {
 
     #[test]
     fn test_sgx() {
-        let focal = UbuntuDiskConfig::new(FOCAL_SGX_IMAGE_NAME.to_string());
-        let guest = Guest::new(Box::new(focal));
-        let mut workload_path = dirs::home_dir().unwrap();
-        workload_path.push("workloads");
-
-        let mut kernel_path = workload_path;
-        kernel_path.push("vmlinux_w_sgx");
+        let jammy_image = JAMMY_IMAGE_NAME.to_string();
+        let jammy = UbuntuDiskConfig::new(jammy_image);
+        let guest = Guest::new(Box::new(jammy));
 
         let mut child = GuestCommand::new(&guest)
             .args(["--cpus", "boot=1"])
             .args(["--memory", "size=512M"])
-            .args(["--kernel", kernel_path.to_str().unwrap()])
-            .args(["--cmdline", DIRECT_KERNEL_BOOT_CMDLINE])
+            .args(["--kernel", fw_path(FwType::RustHypervisorFirmware).as_str()])
             .default_disks()
             .default_net()
             .args(["--sgx-epc", "id=epc0,size=64M"])
@@ -7808,18 +7803,6 @@ mod sgx {
                     .trim(),
                 "0x0000000004000000"
             );
-
-            // Run a test relying on SGX enclaves and check if it runs
-            // successfully.
-            assert!(guest
-                .ssh_command("cd /linux-sgx/SampleCode/LocalAttestation/bin/ && sudo ./app")
-                .unwrap()
-                .trim()
-                .contains(
-                    "succeed to load enclaves.\nsucceed to \
-                        establish secure channel.\nSucceed to exchange \
-                        secure message...\nSucceed to close Session..."
-                ));
         });
 
         let _ = child.kill();