feat(ftxvme-runner-cargo): add amd-sev-snp logic

Author: tvsfx

fortanix-vme/fortanix-vme-tools/src/bin/ftxvme-runner-cargo.rs

@@ -31,14 +31,26 @@ struct CommonArgs {
 
 #[derive(Subcommand, Debug)]
 enum Commands {
+    AmdSevSnp(AmdSevSnpArgs),
     AwsNitro(AwsNitroArgs),
 }
 
+struct AmdSevSnpCli {
+    common_args: CommonArgs,
+    amd_sev_snp_args: AmdSevSnpArgs,
+}
+
 struct AwsNitroCli {
     common_args: CommonArgs,
     aws_nitro_args: AwsNitroArgs,
 }
 
+#[derive(Clone, Debug, Args)]
+struct AmdSevSnpArgs {
+    #[arg(trailing_var_arg = true)]
+    others: Vec<String>,
+}
+
 #[derive(Clone, Debug, Args)]
 struct AwsNitroArgs {
     #[arg(trailing_var_arg = true)]
@@ -51,6 +63,12 @@ impl CommonArgs {
         eif_path.set_extension("elf");
         eif_path
     }
+
+    pub fn uki_path(&self) -> PathBuf {
+        let mut uki_path = self.elf_path.clone();
+        uki_path.set_extension("efi");
+        uki_path
+    }
 }
 
 fn parse_elf_path(arg: &str) -> Result<PathBuf> {
@@ -124,6 +142,13 @@ fn main() -> anyhow::Result<()> {
     let fortanix_vme_config = FortanixVmeConfig::get()?;
 
     match cli.command {
+        Commands::AmdSevSnp(amd_sev_snp_args) => {
+            let amd_sev_snp_cli = AmdSevSnpCli {
+                common_args: cli.common_args,
+                amd_sev_snp_args,
+            };
+            cargo_run_sev_snp_vm(amd_sev_snp_cli, fortanix_vme_config)
+        }
         Commands::AwsNitro(aws_nitro_args) => {
             let aws_nitro_cli = AwsNitroCli {
                 common_args: cli.common_args,
@@ -134,6 +159,43 @@ fn main() -> anyhow::Result<()> {
     }
 }
 
+fn cargo_run_sev_snp_vm(
+    amd_sev_snp_cli: AmdSevSnpCli,
+    fortanix_vme_config: FortanixVmeConfig,
+) -> Result<(), anyhow::Error> {
+    let AmdSevSnpCli {
+        common_args,
+        amd_sev_snp_args,
+    } = amd_sev_snp_cli;
+
+    let uki_path = common_args.uki_path();
+
+    // TODO: we can assume this is installed right?
+    let mut ftxvme_elf2uki = Command::new("ftxvme-elf2uki");
+    ftxvme_elf2uki
+        .arg("--app")
+        .arg(&common_args.elf_path)
+        .arg("--output-path")
+        .arg(&uki_path)
+        .arg("--cmdline")
+        .arg("console=ttyS0 earlyprintk=serial"); //TODO: should we use this as default?
+    run_command(ftxvme_elf2uki)?;
+
+    let mut fortanix_vme_runner = Command::new("fortanix-vme-runner");
+    fortanix_vme_runner.arg("--enclave-file").arg(&uki_path);
+
+    add_runner_config_args(&mut fortanix_vme_runner, &fortanix_vme_config);
+
+    add_runner_common_args(&mut fortanix_vme_runner, &common_args);
+
+    fortanix_vme_runner.arg("amd-sev-snp");
+    add_other_args(&mut fortanix_vme_runner, amd_sev_snp_args.others);
+
+    run_command(fortanix_vme_runner)?;
+
+    Ok(())
+}
+
 fn cargo_run_nitro_enclave(
     aws_nitro_cli: AwsNitroCli,
     fortanix_vme_config: FortanixVmeConfig,
@@ -158,25 +220,17 @@ fn cargo_run_nitro_enclave(
 
     add_runner_config_args(&mut fortanix_vme_runner, &fortanix_vme_config);
 
-    add_runner_common_args::<_, String>(
-        &mut fortanix_vme_runner,
-        &common_args,
-        aws_nitro_args.others,
-    );
+    add_runner_common_args(&mut fortanix_vme_runner, &common_args);
+
+    fortanix_vme_runner.arg("aws-nitro");
+    add_other_args(&mut fortanix_vme_runner, aws_nitro_args.others);
 
     run_command(fortanix_vme_runner)?;
 
     Ok(())
 }
 
-fn add_runner_common_args<I, S>(
-    fortanix_vme_runner: &mut Command,
-    common_args: &CommonArgs,
-    other_args: I,
-) where
-    I: IntoIterator<Item = S>,
-    S: AsRef<OsStr>,
-{
+fn add_runner_common_args(fortanix_vme_runner: &mut Command, common_args: &CommonArgs) {
     if common_args.simulate {
         fortanix_vme_runner.arg("--simulate");
     }
@@ -185,12 +239,6 @@ fn add_runner_common_args<I, S>(
         fortanix_vme_runner.env("RUST_LOG", "debug");
         fortanix_vme_runner.arg("--verbose");
     }
-
-    let mut peek = other_args.into_iter().peekable();
-    if !peek.peek().is_none() {
-        fortanix_vme_runner.arg("--");
-        fortanix_vme_runner.args(peek);
-    }
 }
 
 fn add_runner_config_args(
@@ -206,6 +254,18 @@ fn add_runner_config_args(
     }
 }
 
+fn add_other_args<I, S>(fortanix_vme_runner: &mut Command, other_args: I)
+where
+    I: IntoIterator<Item = S>,
+    S: AsRef<OsStr>,
+{
+    let mut peek = other_args.into_iter().peekable();
+    if !peek.peek().is_none() {
+        fortanix_vme_runner.arg("--");
+        fortanix_vme_runner.args(peek);
+    }
+}
+
 #[derive(Debug, Error)]
 enum CommandFail {
     #[error("Failed to run {0}")]