From 73cd7e0c02fbd6a6a151cdf41ad001d6d6c9fd06 Mon Sep 17 00:00:00 2001 From: Tao Su Date: Tue, 30 Sep 2025 01:58:47 -0400 Subject: [PATCH] Add generate_tdx_quote test --- Makefile | 1 + test/nix/apps.nix | 11 +++++- test/nix/tdx-attest.nix | 44 +++++++++++++++++++++++ test/src/apps/Makefile | 4 +++ test/src/apps/generate_tdx_quote/Makefile | 41 +++++++++++++++++++++ test/src/apps/scripts/process.sh | 7 ++++ 6 files changed, 107 insertions(+), 1 deletion(-) create mode 100644 test/nix/tdx-attest.nix create mode 100644 test/src/apps/generate_tdx_quote/Makefile diff --git a/Makefile b/Makefile index 945c2cbd0..00c591179 100644 --- a/Makefile +++ b/Makefile @@ -70,6 +70,7 @@ ENABLE_BASIC_TEST := true ifneq ($(SMP), 1) CARGO_OSDK_BUILD_ARGS += --kcmd-args="BLOCK_UNSUPPORTED_SMP_TESTS=1" endif +CARGO_OSDK_BUILD_ARGS += --kcmd-args="INTEL_TDX=$(INTEL_TDX)" CARGO_OSDK_BUILD_ARGS += --init-args="/test/run_general_test.sh" else ifeq ($(AUTO_TEST), boot) ENABLE_BASIC_TEST := true diff --git a/test/nix/apps.nix b/test/nix/apps.nix index fce8a0ea9..b10052a98 100644 --- a/test/nix/apps.nix +++ b/test/nix/apps.nix @@ -1,4 +1,9 @@ -{ lib, stdenv, fetchFromGitHub, hostPlatform, glibc, libnl, }: rec { +{ lib, stdenv, fetchFromGitHub, hostPlatform, glibc, libnl, callPackage, +}: rec { + + tdxAttest = lib.optionalAttrs (builtins.getEnv "INTEL_TDX" == "1") + (callPackage ./tdx-attest.nix { }); + mongoose_src = fetchFromGitHub { owner = "cesanta"; repo = "mongoose"; @@ -16,6 +21,10 @@ MONGOOSE_DIR = "${mongoose_src}"; + INTEL_TDX = builtins.getEnv "INTEL_TDX"; + TDX_ATTEST_DIR = lib.optionalString (builtins.getEnv "INTEL_TDX" == "1") + "${tdxAttest}/QuoteGeneration"; + HOST_PLATFORM = "${hostPlatform.system}"; CC = "${stdenv.cc.targetPrefix}cc"; C_FLAGS = "-I${libnl.dev}/include/libnl3"; diff --git a/test/nix/tdx-attest.nix b/test/nix/tdx-attest.nix new file mode 100644 index 000000000..92cb076a5 --- /dev/null +++ b/test/nix/tdx-attest.nix @@ -0,0 +1,44 @@ +{ fetchurl, stdenv }: + +let + DCAP_VERSION = "DCAP_1.23"; + DCAP_URL_PREFIX = + "https://github.com/intel/SGXDataCenterAttestationPrimitives/raw/${DCAP_VERSION}/QuoteGeneration/quote_wrapper"; + + files = { + tdx_attest_c = fetchurl { + url = "${DCAP_URL_PREFIX}/tdx_attest/tdx_attest.c"; + sha256 = "08aijjx7jnmswimv4dhfwgbb0inwl0xg9hry37zy8k4wln6dys27"; + }; + tdx_attest_h = fetchurl { + url = "${DCAP_URL_PREFIX}/tdx_attest/tdx_attest.h"; + sha256 = "0zsljf3gm9x0rp6dyin039akaf6lwf9fj0d6dskjzmlnsfzhqhmb"; + }; + test_tdx_attest_c = fetchurl { + url = "${DCAP_URL_PREFIX}/tdx_attest/test_tdx_attest.c"; + sha256 = "1l7gx7wd2462ghwvf3i17kp7phq0sgyb22rpx568zlha48jqp9sc"; + }; + qgs_msg_lib_cpp = fetchurl { + url = "${DCAP_URL_PREFIX}/qgs_msg_lib/qgs_msg_lib.cpp"; + sha256 = "0ffnmy8vg5yn12d9mz1zjdlfg98i9k112kyybr1fnm5yh1rdcnys"; + }; + qgs_msg_lib_h = fetchurl { + url = "${DCAP_URL_PREFIX}/qgs_msg_lib/inc/qgs_msg_lib.h"; + sha256 = "092dvr5qbrwk707s0jwgqz79cw0dimp1n2qqkl9v6dik8l9fgfa6"; + }; + }; +in stdenv.mkDerivation { + pname = "dcap-quote-generation"; + version = DCAP_VERSION; + + dontUnpack = true; + + installPhase = '' + mkdir -p $out/QuoteGeneration + cp ${files.tdx_attest_c} $out/QuoteGeneration/tdx_attest.c + cp ${files.tdx_attest_h} $out/QuoteGeneration/tdx_attest.h + cp ${files.test_tdx_attest_c} $out/QuoteGeneration/test_tdx_attest.c + cp ${files.qgs_msg_lib_cpp} $out/QuoteGeneration/qgs_msg_lib.cpp + cp ${files.qgs_msg_lib_h} $out/QuoteGeneration/qgs_msg_lib.h + ''; +} diff --git a/test/src/apps/Makefile b/test/src/apps/Makefile index 711e1656d..342fe29c1 100644 --- a/test/src/apps/Makefile +++ b/test/src/apps/Makefile @@ -52,6 +52,10 @@ TEST_APPS += \ signal_c endif +ifeq ($(INTEL_TDX), 1) +TEST_APPS += generate_tdx_quote +endif + # The C head and source files of all the apps, excluding the downloaded mongoose files C_SOURCES := \ $(shell find . -type f \( -name "*.c" -or -name "*.h" \) \ diff --git a/test/src/apps/generate_tdx_quote/Makefile b/test/src/apps/generate_tdx_quote/Makefile new file mode 100644 index 000000000..a17f28623 --- /dev/null +++ b/test/src/apps/generate_tdx_quote/Makefile @@ -0,0 +1,41 @@ +# SPDX-License-Identifier: MPL-2.0 + +MAIN_MAKEFILE := $(firstword $(MAKEFILE_LIST)) +INCLUDE_MAKEFILE := $(lastword $(MAKEFILE_LIST)) +CUR_DIR := $(shell dirname $(realpath $(MAIN_MAKEFILE))) +CUR_DIR_NAME := $(shell basename $(realpath $(CUR_DIR))) +TDX_ATTEST_DIR ?= $(CUR_DIR) +TDX_SRCS := test_tdx_attest.c tdx_attest.c qgs_msg_lib.cpp +BUILD_DIR := $(CUR_DIR)/../../../build +OBJ_OUTPUT_DIR := $(BUILD_DIR)/initramfs/test/$(CUR_DIR_NAME) +CC ?= gcc +C_FLAGS ?= -Wall -Werror +DCAP_VERSION := DCAP_1.23 +DCAP_URL_PREFIX := "https://github.com/intel/SGXDataCenterAttestationPrimitives/raw/$(DCAP_VERSION)/QuoteGeneration/quote_wrapper" +ATOMIC_WGET := $(CUR_DIR)/../../../../tools/atomic_wget.sh + +.PHONY: all + +all: $(OBJ_OUTPUT_DIR) $(OBJ_OUTPUT_DIR)/generate_tdx_quote + +$(OBJ_OUTPUT_DIR): + @mkdir -p $(OBJ_OUTPUT_DIR) + +$(OBJ_OUTPUT_DIR)/generate_tdx_quote: $(addprefix $(TDX_ATTEST_DIR)/,$(TDX_SRCS)) + @$(CC) $(C_FLAGS) $^ -o $@ + @echo "CC <= $@" + +$(TDX_ATTEST_DIR)/tdx_attest.c: $(TDX_ATTEST_DIR)/tdx_attest.h $(TDX_ATTEST_DIR)/qgs_msg_lib.h + @$(ATOMIC_WGET) $@ "$(DCAP_URL_PREFIX)/tdx_attest/tdx_attest.c" + +$(TDX_ATTEST_DIR)/tdx_attest.h: + @$(ATOMIC_WGET) $@ "$(DCAP_URL_PREFIX)/tdx_attest/tdx_attest.h" + +$(TDX_ATTEST_DIR)/test_tdx_attest.c: + @$(ATOMIC_WGET) $@ "$(DCAP_URL_PREFIX)/tdx_attest/test_tdx_attest.c" + +$(TDX_ATTEST_DIR)/qgs_msg_lib.cpp: + @$(ATOMIC_WGET) $@ "$(DCAP_URL_PREFIX)/qgs_msg_lib/qgs_msg_lib.cpp" + +$(TDX_ATTEST_DIR)/qgs_msg_lib.h: + @$(ATOMIC_WGET) $@ "$(DCAP_URL_PREFIX)/qgs_msg_lib/inc/qgs_msg_lib.h" diff --git a/test/src/apps/scripts/process.sh b/test/src/apps/scripts/process.sh index 27b10ac62..27134b533 100755 --- a/test/src/apps/scripts/process.sh +++ b/test/src/apps/scripts/process.sh @@ -58,6 +58,13 @@ signal_c/signal_test signal_c/signal_test2 " +# Add TDX-specific tests +if [ "$INTEL_TDX" = "1" ]; then +tests="${tests} +generate_tdx_quote/generate_tdx_quote +" +fi + for testcase in ${tests} do echo "Running test ${testcase}......"