Split tdx feature into tdcall and tdvmcall features as tdvmcall usage may be optional for some use cases #1045
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| on: | |
| push: | |
| paths-ignore: | |
| - "**.md" | |
| pull_request: | |
| paths-ignore: | |
| - "**.md" | |
| workflow_dispatch: | |
| name: Integration Test on TDX Server | |
| env: | |
| AS: nasm | |
| RUST_TOOLCHAIN: 1.83.0 | |
| TOOLCHAIN_PROFILE: minimal | |
| jobs: | |
| system_compile: | |
| name: Run TDX Integration Test | |
| runs-on: [self-hosted, tdx] | |
| timeout-minutes: 45 | |
| steps: | |
| # Install first since it's needed to build NASM | |
| - name: Install LLVM and Clang | |
| uses: KyleMayes/install-llvm-action@v2 | |
| with: | |
| version: "10.0" | |
| directory: ${{ runner.temp }}/llvm | |
| - name: Checkout sources | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Install toolchain | |
| run: bash sh_script/update_toolchain.sh ${{ env.RUST_TOOLCHAIN }} | |
| - name: Add `x86_64-unknown-none` target | |
| run: rustup target add x86_64-unknown-none | |
| - name: Preparation Work | |
| run: bash sh_script/preparation.sh | |
| - name: Build PE format payload with boot-kernel support | |
| run: bash sh_script/build_final.sh boot_kernel | |
| - name: Run Tests - Boot Kernel | |
| run: | | |
| bash sh_script/integration_tdx.sh -c 1 -m 1G -f target/release/final-boot-kernel.bin | |
| bash sh_script/integration_tdx.sh -c 1 -m 2G -f target/release/final-boot-kernel.bin | |
| bash sh_script/integration_tdx.sh -c 2 -m 4G -f target/release/final-boot-kernel.bin | |
| bash sh_script/integration_tdx.sh -c 4 -m 8G -f target/release/final-boot-kernel.bin | |
| bash sh_script/integration_tdx.sh -c 8 -m 16G -f target/release/final-boot-kernel.bin | |
| bash sh_script/integration_tdx.sh -c 16 -m 16G -f target/release/final-boot-kernel.bin | |
| # bash sh_script/integration_tdx.sh -c 16 -m 32G -f target/release/final-boot-kernel.bin | |
| - name: Build ELF format payload with test TD payload | |
| run: bash sh_script/build_final.sh elf_test | |
| - name: Run Tests - Run ELF format test TD payload | |
| run: | | |
| bash sh_script/integration_tdx.sh -c 1 -m 1G -t elf -f target/release/final-elf-test1.bin | |
| bash sh_script/integration_tdx.sh -c 1 -m 2G -t elf -f target/release/final-elf-test2.bin | |
| bash sh_script/integration_tdx.sh -c 2 -m 4G -t elf -f target/release/final-elf-test3.bin | |
| bash sh_script/integration_tdx.sh -c 4 -m 8G -t elf -f target/release/final-elf-test4.bin | |
| bash sh_script/integration_tdx.sh -c 8 -m 16G -t elf -f target/release/final-elf-test5.bin | |
| - name: Build ELF format payload for secure boot test | |
| run: bash sh_script/build_final.sh elf_sb_test | |
| - name: Run Tests - Run secure boot test with ELF format payload | |
| run: | | |
| bash sh_script/integration_tdx.sh -t elf -f target/release/final-elf-sb-normal.bin | |
| bash sh_script/integration_tdx.sh -t elf -f target/release/final-elf-sb-mismatch-pubkey.bin | |
| bash sh_script/integration_tdx.sh -t elf -f target/release/final-elf-sb-unsigned.bin |