autotest · zixi-chen · Aug 8, 2025
diff --git a/qemu/deps/tdx/attestation.sh b/qemu/deps/tdx/attestation.sh
@@ -0,0 +1,8 @@
+set -e
+report=/sys/kernel/config/tsm/report/report0
+mkdir $report
+dd if=/dev/urandom bs=64 count=1 > $report/inblob
+hexdump -C $report/outblob
+wget https://file.rdu.redhat.com/~berrange/tdx.py
+pip install ecdsa pyopenssl pyasn1_modules
+python tdx.py $report/outblob
diff --git a/qemu/tests/cfg/tdx_multi_vms.cfg b/qemu/tests/cfg/tdx_multi_vms.cfg
@@ -0,0 +1,34 @@
+- tdx_multi_vms:
+    type = tdx_multi_vms
+    only Linux
+    kill_vm = yes
+    login_timeout = 240
+    start_vm = no
+    image_snapshot = yes
+    vm_secure_guest_type = tdx
+    vm_secure_guest_object_options = attributes=10000000 quote-generation-socket.type=unix quote-generation-socket.path=/run/tdx-qgs/qgs.socket
+    machine_type_extra_params = "kernel-irqchip=split"
+    bios_path =  /usr/share/edk2/ovmf/OVMF.inteltdx.fd
+    tdx_module_path = "/sys/module/kvm_intel/parameters/tdx"
+    module_status = Y y 1
+    tdx_guest_check = "journalctl|grep -i -w tdx"
+#    guest_tool_install = "dnf install -y tdxguesddt"
+    attestation_script = attestation.sh
+    guest_dir = /home
+    guest_cmd = ${guest_dir}/${attestation_script}
+    host_script = tdx/${attestation_script}
+    variants:
+        - single_vcpu:
+            vms += " vm2"
+            smp_fixed = 1
+            vcpu_maxcpus=${smp_fixed}
+            vcpu_cores_fixed = 1
+            vcpu_threads_fixed = 1
+            vcpu_sockets_fixed = 1
+            mem = 4096
+        - four_vms:
+            vms += " vm2 vm3 vm4"
+            smp = 8
+        - 32_vms:
+            num_vms = 32
+            max_vcpu_cmd = "ls -d /sys/devices/system/cpu/cpu[0-9]* | wc -l"
diff --git a/qemu/tests/tdx_multi_vms.py b/qemu/tests/tdx_multi_vms.py
@@ -0,0 +1,88 @@
+import os
+
+from avocado.utils import process
+from virttest import data_dir as virttest_data_dir
+from virttest import env_process, error_context
+from virttest.utils_misc import (
+    get_mem_info,
+    normalize_data_size,
+    verify_dmesg,
+)
+
+
+@error_context.context_aware
+def run(test, params, env):
+    """
+    Qemu tdx basic test on Milan and above host:
+    1. Check host tdx capability
+    2. Adjust guest memory by host resources
+    3. Boot tdx VM
+    4. Verify tdx enabled in guest
+    5. Test attestation
+
+    :param test: QEMU test object
+    :param params: Dictionary with the test parameters
+    :param env: Dictionary with test environment.
+    """
+
+    error_context.context("Start sev-tdx test", test.log.info)
+    timeout = params.get_numeric("login_timeout", 240)
+
+    tdx_module_path = params["tdx_module_path"]
+    if os.path.exists(tdx_module_path):
+        with open(tdx_module_path) as f:
+            output = f.read().strip()
+        if output not in params.objects("module_status"):
+            test.cancel("Host tdx support check fail.")
+    else:
+        test.cancel("Host tdx support check fail.")
+
+    # Define guests configurations
+    num_vms = params.get_numeric("num_vms")
+    if num_vms:
+        guest_check_cmd = params["tdx_guest_check"]
+        for i in range(1, num_vms):
+            params["vms"] += " vm_%s" % i
+        max_smp = int(process.system_output(params["max_vcpu_cmd"], shell=True))
+        params["smp"] = max_smp // num_vms
+
+    # Define vm memory size for multi vcpus scenario
+    if params.get_numeric("smp") > 1:
+        MemFree = float(
+            normalize_data_size("%s KB" % get_mem_info(attr="MemFree"), "M")
+        )
+        vm_num = len(params.get("vms").split())
+        params["mem"] = MemFree // (2 * vm_num)
+
+    vms = params.objects("vms")
+    for vm_name in vms:
+        env_process.preprocess_vm(test, params, env, vm_name)
+        vm = env.get_vm(vm_name)
+        vm.create()
+        vm.verify_alive()
+        session = vm.wait_for_login(timeout=timeout)
+        verify_dmesg()
+        guest_check_cmd = params["tdx_guest_check"]
+        try:
+            session.cmd_output(guest_check_cmd, timeout=240)
+        except Exception as e:
+            test.fail("Guest tdx verify fail: %s" % str(e))
+        else:
+            # Verify attestation
+            error_context.context("Start to do attestation", test.log.info)
+            guest_dir = params["guest_dir"]
+            host_script = params["host_script"]
+            guest_cmd = params["guest_cmd"]
+            deps_dir = virttest_data_dir.get_deps_dir()
+            host_file = os.path.join(deps_dir, host_script)
+            try:
+                vm.copy_files_to(host_file, guest_dir)
+                session.cmd_output("chmod 755 %s" % guest_cmd)
+            except Exception as e:
+                test.fail("Guest test preperation fail: %s" % str(e))
+            s = session.cmd_status(guest_cmd, timeout=360)
+            if s:
+                test.fail("Guest script error")
+        finally:
+            session.close()
+            vm.destroy()