TUN_F_USO4/TUN_F_USO6 were added in Linux 6.2.
There is no easy way to query the supported features from the tap
device, so similar to QEMU (tap_fd_set_offload() in net/tap-linux.c),
we try tun_set_offload() until success.
Signed-off-by: Changyuan Lyu <changyuanl@google.com>
For now we do not need the new features of
KVM_GET_SREGS2/KVM_SET_SREGS2. Use the old ioctls for better
compatibility.
Signed-off-by: Changyuan Lyu <changyuanl@google.com>
With all the preparation, SEV guests are ready to go,
* SEV guests: --coco sev,policy=0x1
* SEV-ES guests: --coco sev,policy=0x5
We still need to make virtio devices work with SEV guests.
Signed-off-by: Changyuan Lyu <changyuanl@google.com>
This includes
* parse the firmware blob to get the AP EIP value
* set up AP registers based on the parsed EIP
* call sev_launch_update_vmsa before booting CPUs
Ref:
[1] QEMU hw/i386/pc_sysfw_ovmf.c
[2] QEMU docs/specs/sev-guest-firmware.rst
[3] https://github.com/project-oak/oak snp_measurement/src/stage0.rs
Signed-off-by: Changyuan Lyu <changyuanl@google.com>
For now PhysAddrReduction and CbitPosition is hardcoded to 1 and 51,
which is good for milan CPUs.
Ref: AMD64 Architecture Programmer's Manual Vol. 3, section E.4.17.
Signed-off-by: Changyuan Lyu <changyuanl@google.com>
This includes opening the sev char device file and issuing
KVM_SEV_INIT or KVM_SEV_ES_INIT command.
Signed-off-by: Changyuan Lyu <changyuanl@google.com>
This gives us the backward compatibility for command line options
like `--net if=test-tap,mac=aa:bb:cc:dd:ee:ff,mtu=1500`.
Fixes: 6a66b2d299 ("feat(cli)!: use serde-aco to parse cli options")
Signed-off-by: Changyuan Lyu <changyuanl@google.com>
`serde-aco` is for parsing complex data structures from command line.
Nested structures can be expressed by multiple key-value pair
strings.
This crate is inspired by QEMU's `-object` flag.
Signed-off-by: Changyuan Lyu <changyuanl@google.com>
QEMU sets this flag in qemu_chr_set_echo_stdio() of
chardev/char-stdio.c.
With this bit set, the line breaks of the outputs from stage0 work
as expected.
Signed-off-by: Changyuan Lyu <changyuanl@google.com>
Alioth is able to boot a Linux ELF kernel along with the stage0 [1]
firmware by
target/x86_64-unknown-linux-gnu/release/alioth \
--log-to-file \
run \
--num-cpu 2 \
--mem-size 1G \
-f $HOME/data/oak_stage0.bin \
--fw-cfg opt/stage0/elf_kernel,file=$HOME/data/vmlinuz-6.6.17.bin \
--fw-cfg opt/stage0/initramfs,file=$HOME/data/initramfs.linux_amd64.cpio \
--fw-cfg opt/stage0/cmdline,string="console=ttyS0"
[1] https://github.com/project-oak/oak/tree/main/stage0_bin
Signed-off-by: Changyuan Lyu <changyuanl@google.com>
Inspired by QEMU(hw/acpi/bios-linker-loader.c), build a relocatable
ACPI table. The `relocate()` method can update the checksums and
pointers in the table bytes.
This commit is a preparation for reusing the ACPI module in a future
QEMU fw_cfg device.
Signed-off-by: Changyuan Lyu <changyuanl@google.com>
From Linux doc[1]
> While this can be any 32-bit number that uniquely identifies an
> action for a particular driver, ...
However, the `ioctl` function is `int ioctl(int, unsigned long, ...)`
in glibc and `int ioctl(int, int, ...)` in musl libc.
This commit changes the type of request codes to `u32`, and when it
is passed to `ioctl`, use `as _` to let rust compiler do the
conversion.
[1] https://docs.kernel.org/driver-api/ioctl.html#command-number-definitions
Signed-off-by: Changyuan Lyu <changyuanl@google.com>
The current virtio-net implementation assumes the tap device path is
referring to a macvtap or ipvtap. This commit allows using a tun/tap
interface pre-created by `ip tuntap add mode tap $IF_NAME` as a
backend.
Usage:
```
--net if=$IF_NAME,mac=$IF_MAC,mtu=$IF_MTU
```
Signed-off-by: Changyuan Lyu <changyuanl@google.com>
