github.com/kata-containers/tests@v0.0.0-20240307153542-772105b56064/functional/sgx/run.sh (about) 1 #!/bin/bash 2 # 3 # Copyright (c) 2022 Intel Corporation 4 # 5 # SPDX-License-Identifier: Apache-2.0 6 # 7 8 set -x 9 set -o errexit 10 set -o nounset 11 set -o pipefail 12 set -o errtrace 13 14 script_path=$(dirname "$0") 15 source "${script_path}/../../lib/common.bash" 16 17 tmp_data_dir="$(mktemp -d)" 18 rootfs_tar="${tmp_data_dir}/rootfs.tar" 19 trap cleanup EXIT 20 21 # kata-runtime options 22 HYPERVISOR=${HYPERVISOR:-"qemu"} 23 24 cleanup() { 25 clean_env_ctr 26 sudo rm -rf "${tmp_data_dir}" 27 } 28 29 pull_rootfs() { 30 # pull and export busybox image in tar file 31 local image="quay.io/prometheus/busybox:latest" 32 sudo -E ctr i pull ${image} 33 sudo -E ctr i export "${rootfs_tar}" "${image}" 34 sudo chown ${USER}:${USER} "${rootfs_tar}" 35 sync 36 } 37 38 create_bundle() { 39 local bundle_dir="$1" 40 mkdir -p "${bundle_dir}" 41 42 # extract busybox rootfs 43 local rootfs_dir="${bundle_dir}/rootfs" 44 mkdir -p "${rootfs_dir}" 45 local layers_dir="$(mktemp -d)" 46 tar -C "${layers_dir}" -pxf "${rootfs_tar}" 47 for ((i=0;i<$(cat ${layers_dir}/manifest.json | jq -r ".[].Layers | length");i++)); do 48 tar -C ${rootfs_dir} -xf ${layers_dir}/$(cat ${layers_dir}/manifest.json | jq -r ".[].Layers[${i}]") 49 done 50 sync 51 52 # Copy config.json 53 cp -a "${script_path}/config.json" "${bundle_dir}/config.json" 54 } 55 56 run_container() { 57 local container_id="$1" 58 local bundle_dir="$2" 59 60 sudo -E ctr run -d --runtime io.containerd.kata.v2 --config "${bundle_dir}/config.json" "${container_id}" 61 } 62 63 get_ctr_cmd_output() { 64 local container_id="$1" 65 shift 66 sudo -E ctr t exec --exec-id 2 "${container_id}" "${@}" 67 } 68 69 get_dmesg() { 70 local container_id="$1" 71 get_ctr_cmd_output "${container_id}" dmesg 72 } 73 74 setup_configuration_file() { 75 local qemu_config_file="configuration-qemu.toml" 76 local clh_config_file="configuration-clh.toml" 77 local kata_config_file="" 78 79 for file in $(kata-runtime --kata-show-default-config-paths); do 80 if [ ! -f "${file}" ]; then 81 continue 82 fi 83 84 kata_config_file="${file}" 85 config_dir=$(dirname ${file}) 86 config_filename="" 87 88 if [ "$HYPERVISOR" = "qemu" ]; then 89 config_filename="${qemu_config_file}" 90 elif [ "$HYPERVISOR" = "clh" ]; then 91 config_filename="${clh_config_file}" 92 fi 93 94 config_file="${config_dir}/${config_filename}" 95 if [ -f "${config_file}" ]; then 96 rm -f "${kata_config_file}" 97 cp -a $(realpath "${config_file}") "${kata_config_file}" 98 break 99 fi 100 done 101 102 # enable debug 103 sed -i -e 's/^#\(enable_debug\).*=.*$/\1 = true/g' \ 104 -e 's/^#\(debug_console_enabled\).*=.*$/\1 = true/g' \ 105 -e 's/^kernel_params = "\(.*\)"/kernel_params = "\1 agent.log=debug"/g' \ 106 "${kata_config_file}" 107 } 108 109 run_test_container() { 110 local container_id="$1" 111 local bundle_dir="$2" 112 local config_json_in="$3" 113 114 # generate final config.json 115 sed -e '/^#.*/d' \ 116 -e 's|@ROOTFS@|'"${bundle_dir}/rootfs"'|g' \ 117 "${config_json_in}" > "${script_path}/config.json" 118 119 create_bundle "${bundle_dir}" 120 121 # run container 122 run_container "${container_id}" "${bundle_dir}" 123 124 get_ctr_cmd_output "${container_id}" grep -qio sgx /proc/cpuinfo 125 get_dmesg "${container_id}" | grep -qio "sgx: EPC section" 126 127 # output VM dmesg 128 get_dmesg "${container_id}" 129 } 130 131 main() { 132 # 133 # Get the device ready on the host 134 # 135 setup_configuration_file 136 137 restart_containerd_service 138 139 # Get the rootfs we'll use for all tests 140 pull_rootfs 141 142 # 143 # Run the tests 144 # 145 # test sgx 146 sgx_cid="sgx-${RANDOM}" 147 run_test_container "${sgx_cid}" \ 148 "${tmp_data_dir}/sgx" \ 149 "${script_path}/sgx.json.in" 150 } 151 152 main $@