amd-sev-migration-attack/launch-qemu.sh at master · PSPReverse/amd-sev-migration-attack · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
#!/bin/bash

#
# user changeable parameters
#
HDA_FILE=PATHTO"sev.qcow2"
GUEST_SIZE_IN_MB="768"
SEV_GUEST="1"
SMP_NCPUS="1"
CONSOLE="qxl"
QEMU_INSTALL_DIR=
UEFI_BIOS_CODE="OVMF_CODE.fd"
UEFI_BIOS_VARS="OVMF_VARS.fd"
VNC_PORT="1"
USE_VIRTIO="1"

usage() {
	echo "$0 [options]"
	echo "Available <commands>:"
	echo " -hda          hard disk ($HDA_FILE)"
	echo " -nosev        disable sev support"
	echo " -mem          guest memory"
	echo " -smp          number of cpus"
	echo " -console      display console to use (serial or gxl)"
	echo " -vnc          VNC port to use"
	echo " -bios         bios to use (default $UEFI_BIOS_CODE)"
	echo " -kernel       kernel to use"
	echo " -initrd       initrd to use"
	echo " -cdrom        CDROM image"
	echo " -virtio       use virtio devices"
	echo " -gdb          start gdbserver"
	exit 1
}

add_opts() {
	echo -n "$* " >> ${QEMU_CMDLINE}
}

run_cmd () {
	$*
	if [ $? -ne 0 ]; then
		echo "command $* failed"
		exit 1
	fi
}

if [ `id -u` -ne 0 ]; then
	echo "Must be run as root!"
	exit 1
fi

while [[ $1 != "" ]]; do
	case "$1" in
		-hda) 		HDA_FILE="${2}"
				shift
				;;
		-nosev) 	SEV_GUEST="0"
				;;
		-mem)  		GUEST_SIZE_IN_MB=${2}
				shift
				;;
		-console)	CONSOLE=${2}
				shift
				;;
		-smp)		SMP_NCPUS=$2
				shift
				;;
		-vnc)		VNC_PORT=$2
				shift
				if [ "${VNC_PORT}" = "" ]; then
					usage
				fi
				;;
		-bios)		UEFI_BIOS_CODE="`readlink -f $2`"
				shift
				;;
		-netconsole)	NETCONSOLE_PORT=$2
				shift
				;;
		-initrd)	INITRD_FILE=$2
				shift
				;;
		-kernel)	KERNEL_FILE=$2
				shift
				;;
		-cdrom)		CDROM_FILE=$2
				shift
				;;
		-virtio)        USE_VIRTIO="1"
				;;
		-gdb)      	USE_GDB="1"
				;;
		*) 		usage;;
	esac
	shift
done

# we add all the qemu command line options into a file
QEMU_CMDLINE=/tmp/cmdline.$$
rm -rf ${QEMU_CMDLINE}

add_opts "${QEMU_INSTALL_DIR}qemu-system-x86_64"

# Basic virtual machine property
add_opts "-enable-kvm -cpu EPYC -machine q35"

# add number of VCPUs
[ ! -z ${SMP_NCPUS} ] && add_opts "-smp ${SMP_NCPUS},maxcpus=64"

# define guest memory
add_opts "-m ${GUEST_SIZE_IN_MB}M,slots=5,maxmem=30G"

# The OVMF binary, including the non-volatile variable store, appears as a
# "normal" qemu drive on the host side, and it is exposed to the guest as a
# persistent flash device.
add_opts "-drive if=pflash,format=raw,unit=0,file=${UEFI_BIOS_CODE},readonly"
add_opts "-drive if=pflash,format=raw,unit=1,file=${UEFI_BIOS_VARS}"

# add CDROM if specified
[ ! -z ${CDROM_FILE} ] && add_opts "-drive file=${CDROM_FILE},media=cdrom -boot d"

add_opts "-netdev user,id=vmnic -device e1000,netdev=vmnic,romfile="

# Make guest SSH available on port 10022
add_opts "-net user,hostfwd=tcp::10022-:22 -net nic"

# If harddisk file is specified then add the HDD drive
if [ ! -z ${HDA_FILE} ]; then
	if [ "$USE_VIRTIO" = "1" ]; then
		if [[ ${HDA_FILE} = *"qcow2" ]]; then
			add_opts "-drive file=${HDA_FILE},if=none,id=disk0,format=qcow2"
		else
			add_opts "-drive file=${HDA_FILE},if=none,id=disk0,format=raw"
		fi
		add_opts "-device virtio-scsi-pci,id=scsi,disable-legacy=on,iommu_platform=true"
		add_opts "-device scsi-hd,drive=disk0"
	else
		if [[ ${HDA_FILE} = *"qcow2" ]]; then
			add_opts "-drive file=${HDA_FILE},format=qcow2"
		else
			add_opts "-drive file=${HDA_FILE},format=raw"
		fi
	fi
fi

# If this is SEV guest then add the encryption device objects to enable support
if [ ${SEV_GUEST} = "1" ]; then
	# Policy is set to: min minor ver 0x11, enforce SEV on migrate target, debug disable
  # See: Secure Encrypted Virtualization API Version 0.22, Chapter 3
	add_opts "-object sev-guest,id=sev0,policy=0x11000021,cbitpos=47,reduced-phys-bits=1"
	add_opts "-machine memory-encryption=sev0"
fi

# if console is serial then disable graphical interface
if [ "${CONSOLE}" = "serial" ]; then
	add_opts "-nographic"
else
	add_opts "-vga ${CONSOLE}"
fi

# if -kernel arg is specified then use the kernel provided in command line for boot
if [ "${KERNEL_FILE}" != "" ]; then
	add_opts "-kernel $KERNEL_FILE"
	add_opts "-append \"console=ttyS0 earlyprintk=serial root=/dev/sda2\""
	[ ! -z ${INITRD_FILE} ] && add_opts "-initrd ${INITRD_FILE}"
fi

# start vnc server
[ ! -z ${VNC_PORT} ] && add_opts "-vnc :${VNC_PORT}" && echo "Starting VNC on port ${VNC_PORT}"

# start monitor on pty
add_opts "-monitor tcp::5000,server,nowait"

# Add qmp server
add_opts "-qmp tcp::4444,server,nowait"

# Add gdb server
add_opts "-s"

# add virtio ring
if [ "$USE_VIRTIO" = "1" ]; then
	add_opts "-device virtio-rng-pci,disable-legacy=on,iommu_platform=true"
fi

# log the console  output in stdout.log
QEMU_CONSOLE_LOG=`pwd`/stdout.log

# save the command line args into log file
cat $QEMU_CMDLINE | tee ${QEMU_CONSOLE_LOG}
echo | tee -a ${QEMU_CONSOLE_LOG}


# map CTRL-C to CTRL ]
echo "Mapping CTRL-C to CTRL-]"
stty intr ^]

echo "Launching VM ..."
bash ${QEMU_CMDLINE} 2>&1 | tee -a ${QEMU_CONSOLE_LOG}

# restore the mapping
stty intr ^c

rm -rf ${QEMU_CMDLINE}