Skip to content

Commit e8f42a0

Browse files
wojciechozgawojciechozga
authored
Support mapping of empty pages during TVM's execution (#85)
* enabled mapping of an empty page during TVM runtime * improved broadcasting of remote commands * optimize TAP decoding and verification * make sure we use same endianness for serializing and deserializing TAP * update Linux kernel patches * add Qemu patches --------- Signed-off-by: Wojciech Ozga <[email protected]>
1 parent 8247d52 commit e8f42a0

File tree

28 files changed

+688
-465
lines changed

28 files changed

+688
-465
lines changed

confidential-vms/linux_vm/Makefile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -70,6 +70,7 @@ dev:
7070
$(MAKE) -s -C $(LINUX_VM_BUILDROOT_SOURCE_DIR) RISCV=$(RISCV_GNU_TOOLCHAIN_WORK_DIR) PATH=$(PATH) O=$(LINUX_VM_BUILDROOT_WORK_DIR) CROSS_COMPILE=$(CROSS_COMPILE) BR2_JLEVEL=0 linux-rebuild all
7171

7272
overlay: setup
73+
echo "Rebuilding overloay"; \
7374
mkdir -p $(LINUX_VM_OVERLAY_WORK_DIR) ;\
7475
mkdir -p $(LINUX_VM_OVERLAY_WORK_ROOT_DIR); \
7576
cp -r $(LINUX_VM_OVERLAY_SOURCE_DIR)/* $(LINUX_VM_OVERLAY_WORK_DIR)/ ;\
@@ -78,9 +79,8 @@ overlay: setup
7879
cp $(LINUX_VM_ROOTFS_SOURCE_DIR)/*.sh $(HYPERVISOR_OVERLAY_ROOT_DIR)/ ;\
7980
rm -rf $(HYPERVISOR_OVERLAY_LINUX_VM_DIR) && mkdir -p $(HYPERVISOR_OVERLAY_LINUX_VM_DIR) ;\
8081
rm -f $(LINUX_VM_COVE_TAP_QEMU) ;\
81-
$(eval $@_TMP = $(shell $(TOOLS_WORK_DIR)/cove-tap-tool measure --embedded-tap --kernel-file=$(LINUX_VM_IMAGE) | cut -d' ' -f2-;) )
82+
$(eval $@_TMP = $(shell $(TOOLS_WORK_DIR)/cove-tap-tool measure --base-address=0x80000000 --kernel-file=$(LINUX_VM_IMAGE) | cut -d' ' -f2-;) )
8283
$(TOOLS_WORK_DIR)/cove-tap-tool generate --pcrs 4=$($@_TMP) --secrets 0=0xc0ffee --output-file=$(LINUX_VM_COVE_TAP_QEMU)
83-
$(TOOLS_WORK_DIR)/cove-tap-tool attach --tap-file=$(LINUX_VM_COVE_TAP_QEMU) --kernel-file=$(LINUX_VM_IMAGE)
8484
cp $(LINUX_VM_COVE_TAP_QEMU) $(HYPERVISOR_OVERLAY_LINUX_VM_DIR)/
8585
cp $(LINUX_VM_IMAGE) $(HYPERVISOR_OVERLAY_LINUX_VM_DIR)/
8686
cp $(LINUX_VM_BUILDROOT_ROOTFS) $(HYPERVISOR_OVERLAY_LINUX_VM_DIR)

confidential-vms/linux_vm/hypervisor_rootfs/run_linux_vm_qemu.sh

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@ QEMU_CMD=qemu-system-riscv64
77
KERNEL=/root/linux_vm/Image
88
DRIVE=/root/linux_vm/rootfs.ext2
99
INITRAMFS=/root/linux_vm/rootfs.cpio
10+
TAP=/root/linux_vm/cove_tap_qemu
1011

1112
HOST_PORT="$((3000 + RANDOM % 3000))"
1213
INTERACTIVE="-nographic"
@@ -52,7 +53,7 @@ echo "Number of cores assigned to the guest: ${SMP}"
5253
${QEMU_CMD} ${DEBUG_OPTIONS} \
5354
${INTERACTIVE} \
5455
--enable-kvm \
55-
-machine virt -cpu rv64,f=true -smp ${SMP} -m ${MEMORY} \
56+
-machine virt,cove=true,cove-tap-filename=${TAP} -cpu rv64,f=true -smp ${SMP} -m ${MEMORY} \
5657
-kernel ${KERNEL} \
5758
-seed 0 \
5859
-global virtio-mmio.force-legacy=false \

hypervisor/Makefile

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -45,7 +45,7 @@ buildroot: setup
4545
sed "s@^BR2_ROOTFS_OVERLAY=.*@BR2_ROOTFS_OVERLAY=\"$(HYPERVISOR_OVERLAY_DIR)\"@g" -i $(BUILDROOT_WORK_DIR)/.config; \
4646
sed "s@^BR2_TARGET_ROOTFS_EXT2_SIZE=.*@BR2_TARGET_ROOTFS_EXT2_SIZE=\"$(HYPERVISOR_ROOTFS_SIZE)\"@g" -i $(BUILDROOT_WORK_DIR)/.config; \
4747
sed "s@^BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE=.*@BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE=\"$(HYPERVISOR_LINUX_CONFIG)\"@g" -i $(BUILDROOT_WORK_DIR)/.config; \
48-
sed "s@^BR2_LINUX_KERNEL_PATCH=.*@BR2_LINUX_KERNEL_PATCH=\"$(HYPERVISOR_LINUX_PATCH)\"@g" -i $(BUILDROOT_WORK_DIR)/.config; \
48+
sed "s@^BR2_GLOBAL_PATCH_DIR=.*@BR2_GLOBAL_PATCH_DIR=\"$(HYPERVISOR_PATCHES_DIR)\"@g" -i $(BUILDROOT_WORK_DIR)/.config; \
4949
if [ ! -f "$(BUILDROOT_SOURCE_DIR)/Makefile" ]; then \
5050
echo "Buildroot repository not initialized. Did you forget to run: git submodule update --init --recursive?" ;\
5151
exit 1 ;\
@@ -64,7 +64,8 @@ overlay: kvmtool
6464
dev:
6565
sed "s@^BR2_PACKAGE_OVERRIDE_FILE=.*@BR2_PACKAGE_OVERRIDE_FILE=\"$(HYPERVISOR_BUILDROOT_OVERRIDE_DIR)\"@g" -i $(BUILDROOT_WORK_DIR)/.config; \
6666
sed "s@^BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE=.*@BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE=\"$(HYPERVISOR_LINUX_CONFIG)\"@g" -i $(BUILDROOT_WORK_DIR)/.config; \
67-
$(MAKE) -s -C $(BUILDROOT_SOURCE_DIR) RISCV=$(RISCV_GNU_TOOLCHAIN_WORK_DIR) PATH=$(PATH) O=$(BUILDROOT_WORK_DIR) BR2_JLEVEL=0 linux-rebuild all
67+
$(MAKE) -s -C $(BUILDROOT_SOURCE_DIR) RISCV=$(RISCV_GNU_TOOLCHAIN_WORK_DIR) PATH=$(PATH) O=$(BUILDROOT_WORK_DIR) BR2_JLEVEL=0 linux-rebuild all; \
68+
#$(MAKE) -s -C $(BUILDROOT_SOURCE_DIR) RISCV=$(RISCV_GNU_TOOLCHAIN_WORK_DIR) PATH=$(PATH) O=$(BUILDROOT_WORK_DIR) BR2_JLEVEL=0 qemu-rebuild all
6869

6970
rootfs: overlay
7071
echo "Generating hypervisor's root filesystem" ;\

hypervisor/configurations/qemu_riscv64_virt_defconfig

Lines changed: 2 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -52,6 +52,8 @@ BR2_LINUX_KERNEL_PATCH=""
5252
# development with custom Linux kernel sources
5353
BR2_PACKAGE_OVERRIDE_FILE=""
5454

55+
BR2_GLOBAL_PATCH_DIR=""
56+
5557
# Packages
5658
BR2_PACKAGE_DROPBEAR=y
5759

@@ -62,17 +64,6 @@ BR2_PACKAGE_QEMU_SYSTEM=y
6264
# build just QEMU for riscv64
6365
BR2_PACKAGE_QEMU_CHOOSE_TARGETS=y
6466
BR2_PACKAGE_QEMU_TARGET_RISCV64=y
65-
#
66-
BR2_PACKAGE_QEMU_HAS_EMULS=y
67-
BR2_PACKAGE_QEMU_FDT=y
68-
BR2_PACKAGE_QEMU_TOOLS=y
69-
BR2_PACKAGE_HOST_QEMU=y
70-
BR2_PACKAGE_HOST_QEMU_SYSTEM_MODE=y
71-
BR2_PACKAGE_QEMU_BLOBS=y
72-
73-
# below not needed?
74-
BR2_TARGET_OPENSBI=y
75-
BR2_TARGET_OPENSBI_PLAT="generic"
7667

7768
BR2_PER_PACKAGE_DIRECTORIES=y
7869
BR2_VERBOSE=0

0 commit comments

Comments
 (0)