A host directory can be shared with the guest by
1. virtiofsd[1] flag: `--shared-dir /path/to/dir --socket-path /tmp/virtiofsd`
2. Alioth flag: `--fs vu,socket=/tmp/virtiofsd,tag=host-dir`
[1]: https://gitlab.com/virtio-fs/virtiofsd
Signed-off-by: Changyuan Lyu <changyuanl@google.com>
Add kernel, initramfs, and cmdline to the FwCfg device when a
firmware image is provided at the same time. This enables Alioth to
boot SEV enabled guests with a compressed bzImage file.
Signed-off-by: Changyuan Lyu <changyuanl@google.com>
With all the preparation, SEV guests are ready to go,
* SEV guests: --coco sev,policy=0x1
* SEV-ES guests: --coco sev,policy=0x5
We still need to make virtio devices work with SEV guests.
Signed-off-by: Changyuan Lyu <changyuanl@google.com>
Alioth is able to boot a Linux ELF kernel along with the stage0 [1]
firmware by
target/x86_64-unknown-linux-gnu/release/alioth \
--log-to-file \
run \
--num-cpu 2 \
--mem-size 1G \
-f $HOME/data/oak_stage0.bin \
--fw-cfg opt/stage0/elf_kernel,file=$HOME/data/vmlinuz-6.6.17.bin \
--fw-cfg opt/stage0/initramfs,file=$HOME/data/initramfs.linux_amd64.cpio \
--fw-cfg opt/stage0/cmdline,string="console=ttyS0"
[1] https://github.com/project-oak/oak/tree/main/stage0_bin
Signed-off-by: Changyuan Lyu <changyuanl@google.com>
The current virtio-net implementation assumes the tap device path is
referring to a macvtap or ipvtap. This commit allows using a tun/tap
interface pre-created by `ip tuntap add mode tap $IF_NAME` as a
backend.
Usage:
```
--net if=$IF_NAME,mac=$IF_MAC,mtu=$IF_MTU
```
Signed-off-by: Changyuan Lyu <changyuanl@google.com>
