From e334c23933712a15ff3550901bd37bab0ee1910a Mon Sep 17 00:00:00 2001 From: Zixi Chen Date: Wed, 11 Dec 2024 12:07:40 +0800 Subject: [PATCH] snp_multi_vm: Add multi vms SNP tests Boot multi vms with different cpu and memory resources Signed-off-by: Zixi Chen --- qemu/tests/cfg/snp_multi_vm.cfg | 32 ++++++++++++++ qemu/tests/snp_multi_vm.py | 74 +++++++++++++++++++++++++++++++++ 2 files changed, 106 insertions(+) create mode 100644 qemu/tests/cfg/snp_multi_vm.cfg create mode 100644 qemu/tests/snp_multi_vm.py diff --git a/qemu/tests/cfg/snp_multi_vm.cfg b/qemu/tests/cfg/snp_multi_vm.cfg new file mode 100644 index 0000000000..fb673815dc --- /dev/null +++ b/qemu/tests/cfg/snp_multi_vm.cfg @@ -0,0 +1,32 @@ +- snp_multi_vm: + type = snp_multi_vm + only Linux + kill_vm = yes + login_timeout = 240 + start_vm = no + image_snapshot = yes + vm_secure_guest_type = snp + vm_sev_reduced_phys_bits = 1 + vm_sev_cbitpos = 51 + virtio_dev_disable_legacy = on + bios_path = /usr/share/edk2/ovmf/OVMF.amdsev.fd + snp_module_path = "/sys/module/kvm_amd/parameters/sev_snp" + module_status = Y y 1 + snp_guest_check = "journalctl|grep -i -w snp" + guest_tool_install = "dnf install -y snpguest" + attestation_script = regular_attestation_workflow.sh + guest_dir = /home + guest_cmd = ${guest_dir}/${attestation_script} + host_script = sev-snp/${attestation_script} + variants: + - single_vcpu: + vms += " vm2" + smp_fixed = 1 + vcpu_maxcpus=${smp_fixed} + vcpu_cores_fixed = 1 + vcpu_threads_fixed = 1 + vcpu_sockets_fixed = 1 + mem = 4096 + - four_vms: + vms += " vm2 vm3 vm4" + smp = 8 diff --git a/qemu/tests/snp_multi_vm.py b/qemu/tests/snp_multi_vm.py new file mode 100644 index 0000000000..0ac9d07fb3 --- /dev/null +++ b/qemu/tests/snp_multi_vm.py @@ -0,0 +1,74 @@ +import os + +from virttest import data_dir as virttest_data_dir +from virttest import env_process, error_context +from virttest.utils_misc import get_mem_info, normalize_data_size, verify_dmesg + + +@error_context.context_aware +def run(test, params, env): + """ + Qemu snp basic test on Milan and above host: + 1. Check host snp capability + 2. Adjust guest memory by host resources + 3. Boot snp VM + 4. Verify snp enabled in guest + 5. Test attestation + + :param test: QEMU test object + :param params: Dictionary with the test parameters + :param env: Dictionary with test environment. + """ + + error_context.context("Start sev-snp test", test.log.info) + timeout = params.get_numeric("login_timeout", 240) + + snp_module_path = params["snp_module_path"] + if os.path.exists(snp_module_path): + with open(snp_module_path) as f: + output = f.read().strip() + if output not in params.objects("module_status"): + test.cancel("Host sev-snp support check fail.") + else: + test.cancel("Host sev-snp support check fail.") + # Define vm memory size for multi vcpus scenario + if params.get_numeric("smp") > 1: + MemFree = float( + normalize_data_size("%s KB" % get_mem_info(attr="MemFree"), "M") + ) + vm_num = len(params.get("vms").split()) + params["mem"] = MemFree // (2 * vm_num) + + vms = params.objects("vms") + for vm_name in vms: + env_process.preprocess_vm(test, params, env, vm_name) + vm = env.get_vm(vm_name) + vm.create() + vm.verify_alive() + session = vm.wait_for_login(timeout=timeout) + verify_dmesg() + guest_check_cmd = params["snp_guest_check"] + try: + session.cmd_output(guest_check_cmd, timeout=240) + except Exception as e: + test.fail("Guest snp verify fail: %s" % str(e)) + else: + # Verify attestation + error_context.context("Start to do attestation", test.log.info) + guest_dir = params["guest_dir"] + host_script = params["host_script"] + guest_cmd = params["guest_cmd"] + deps_dir = virttest_data_dir.get_deps_dir() + host_file = os.path.join(deps_dir, host_script) + try: + vm.copy_files_to(host_file, guest_dir) + session.cmd_output(params["guest_tool_install"], timeout=240) + session.cmd_output("chmod 755 %s" % guest_cmd) + except Exception as e: + test.fail("Guest test preperation fail: %s" % str(e)) + s = session.cmd_status(guest_cmd, timeout=360) + if s: + test.fail("Guest script error") + finally: + session.close() + vm.destroy()