init version

Signed-off-by: Jiaqi Gao <[email protected]>

.cargo/config.toml

@@ -0,0 +1,4 @@
+[alias]
+xtask = "run --package xtask --release --"
+image = "xtask image"
+hash = "xtask hash"

.github/workflows/fuzz.yml

@@ -0,0 +1,62 @@
+on:
+  push:
+    paths-ignore:
+      - "**.md"
+  pull_request:
+    paths-ignore:
+      - "**.md"
+  workflow_dispatch:
+
+name: Fuzzing Test
+
+env:
+  AS: nasm
+  AR_x86_64_unknown_uefi: llvm-ar
+  CC_x86_64_unknown_uefi: clang
+  RUST_TOOLCHAIN: nightly-2022-11-15
+  TOOLCHAIN_PROFILE: minimal
+
+jobs:
+  system_compile:
+    name: Run fuzzing test
+    runs-on: [self-hosted, host]
+    # timeout-minutes: 30
+
+    steps:
+      - name: Checkout sources
+        uses: actions/checkout@v2
+        with: 
+          token: ${{ secrets.MIGTD }}
+          submodules: recursive
+
+      - name: Preparation Work
+        run: bash sh_script/preparation.sh
+
+      # - name: Install rustup-init
+      #   run: curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs > rustup-init.sh
+
+      # - name: Install toolchain
+      #   run: chmod +x rustup-init.sh;./rustup-init.sh -y --profile ${{ env.TOOLCHAIN_PROFILE }} --default-toolchain ${{ env.RUST_TOOLCHAIN }}
+
+      # - name: Run cargo install cargo-xbuild
+      #   run: cargo install cargo-xbuild
+
+      # - name: Install AFL (Linux)
+      #   uses: actions-rs/cargo@v1
+      #   with:
+      #     command: install
+      #     args: afl
+      #   if: runner.os == 'Linux'
+
+      # - name: Install Cargo-Fuzz (Linux)
+      #   uses: actions-rs/cargo@v1
+      #   with:
+      #     command: install
+      #     args: cargo-fuzz
+      #   if: runner.os == 'Linux'
+
+      - name: Run all afl fuzzing test cases
+        run: bash sh_script/fuzzing.sh -n afl_all -t 10
+
+      - name: Run all libfuzzer fuzzing test cases
+        run: bash sh_script/fuzzing.sh -n libfuzzer_all -t 60

.github/workflows/integration-tdx.yml

@@ -0,0 +1,105 @@
+on:
+  push:
+    paths-ignore:
+      - "**.md"
+  pull_request:
+    paths-ignore:
+      - "**.md"
+  workflow_dispatch:
+
+name: Ingetration Test on TDX Server
+
+env:
+  AS: nasm
+  RUST_TOOLCHAIN: nightly-2022-11-15
+  TOOLCHAIN_PROFILE: minimal
+
+jobs:
+  system_compile:
+    name: Run TDX Integration Test
+    runs-on: [self-hosted, tdx]
+    # timeout-minutes: 30
+
+    steps:
+      # Install first since it's needed to build NASM
+      # - name: Install LLVM and Clang
+      #   uses: KyleMayes/install-llvm-action@v1
+      #   with:
+      #     version: "10.0"
+      #     directory: ${{ runner.temp }}/llvm
+
+      - name: Checkout sources
+        uses: actions/checkout@v2
+        with: 
+          token: ${{ secrets.MIGTD }}
+          submodules: recursive
+
+      - name: Build Attestation Libray
+        run: |
+          pushd deps/linux-sgx
+          make clean
+          make td_migration_preparation
+          make td_migration
+          popd
+
+      - name: Build Migration TD binary
+        run: bash sh_script/build_final.sh -t migtd -c -a on
+
+      - name: Run Tests - Test Migration TD
+        run: |
+          sudo bash sh_script/integration_tdx.sh -f target/release/migtd.bin
+
+      - name: Run Tests - Cycle Test Migration TD (20)
+        run: |
+          sudo bash sh_script/integration_tdx.sh -f target/release/migtd.bin -n 20
+      
+      - name: Build all test binaries
+        run: bash sh_script/build_final.sh -t test -c -a on
+
+      - name: Run Tests - Run test TD payload
+        run: |
+          sudo bash sh_script/integration_tdx.sh -f Bin/final-test.bin
+
+      - name: Run Tests - Run migration test case 001
+        run: |
+          sudo bash sh_script/integration_tdx.sh -f Bin/migtd_001.bin 
+      
+      - name: Run Tests - Run migration test case 002
+        run: |
+          sudo bash sh_script/integration_tdx.sh -f Bin/migtd_002.bin 
+      
+      - name: Run Tests - Run migration test case 003
+        run: |
+          sudo bash sh_script/integration_tdx.sh -f Bin/migtd_003.bin 
+
+      - name: Run Tests - Run migration test case 004
+        run: |
+          sudo bash sh_script/integration_tdx.sh -f Bin/migtd_004.bin 
+      
+      - name: Run Tests - Run migration test case 005
+        run: |
+          sudo bash sh_script/integration_tdx.sh -f Bin/migtd_005.bin 
+      
+      - name: Run Tests - Run migration test case 006
+        run: |
+          sudo bash sh_script/integration_tdx.sh -f Bin/migtd_006.bin
+
+      - name: Run Tests - Run migration test case 007
+        run: |
+          sudo bash sh_script/integration_tdx.sh -f Bin/migtd_007.bin 
+      
+      - name: Run Tests - Run migration test case 008
+        run: |
+          sudo bash sh_script/integration_tdx.sh -f Bin/migtd_008.bin 
+      
+      - name: Run Tests - Run migration test case 009
+        run: |
+          sudo bash sh_script/integration_tdx.sh -f Bin/migtd_009.bin  
+      
+      - name: Run Tests - Run migration test case 010
+        run: |
+          sudo bash sh_script/integration_tdx.sh -f Bin/migtd_010.bin 
+      
+      - name: Run Tests - Run migration test case 011
+        run: |
+          sudo bash sh_script/integration_tdx.sh -f Bin/migtd_011.bin

.github/workflows/main.yml

@@ -0,0 +1,84 @@
+on:
+  push:
+    paths-ignore:
+      - "**.md"
+  pull_request:
+    paths-ignore:
+      - "**.md"
+  workflow_dispatch:
+
+name: main
+
+env:
+  AS: nasm
+  AR: llvm-ar
+  CC: clang
+  RUST_TOOLCHAIN: nightly-2022-11-15
+  TOOLCHAIN_PROFILE: minimal
+
+jobs:
+  system_compile:
+    name: Linting and build code
+    runs-on: [self-hosted, host]
+    # timeout-minutes: 30
+
+    steps:
+      # Install first since it's needed to build NASM
+      # - name: Install LLVM and Clang
+      #   uses: KyleMayes/install-llvm-action@v1
+      #   with:
+      #     version: "10.0"
+      #     directory: ${{ runner.temp }}/llvm
+
+      # - name: install NASM
+      #   uses: ilammy/setup-nasm@v1
+
+      - name: Checkout sources
+        uses: actions/checkout@v2
+        with: 
+          token: ${{ secrets.MIGTD }}
+          submodules: recursive
+
+      # - name: Install rustup-init
+      #   run: curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs > rustup-init.sh
+
+      # - name: Install toolchain
+      #   run: chmod +x rustup-init.sh;./rustup-init.sh -y --profile ${{ env.TOOLCHAIN_PROFILE }} --default-toolchain ${{ env.RUST_TOOLCHAIN }}
+
+      # - name: Run cargo install cargo-xbuild
+      #   run: cargo install cargo-xbuild
+
+      - name: Preparation Work
+        run: bash sh_script/preparation.sh
+
+      - name: Set environment variable
+        run: export CC=clang && export AR=llvm-ar
+
+      - name: Run cargo check
+        run: cargo check
+
+      - name: Run cargo install cargo-deny
+        run: cargo install cargo-deny
+
+      - run: cargo deny check sources bans advisories
+
+      - name: Run cargo fmt
+        run: cargo fmt -- --check
+
+      - name: Run cargo clippy
+        run: cargo clippy -- -A clippy::redundant_field_names
+
+      - name: Build library crates
+        run: cargo xtask lib-build
+
+      - name: Test library crates
+        run: cargo xtask lib-test
+
+      - name: Unset environment variable
+        run: unset CC && unset AR
+
+      - name: Build Migtd Final Binary
+        run: bash sh_script/build_final.sh -t migtd -c -a on
+
+      - name: Build Migtd Final Binary Using Vmcall-Vsock
+        run: bash sh_script/build_final.sh -t migtd -v vmcall -c

.gitignore

@@ -0,0 +1,27 @@
+*~
+
+# Cargo Junk
+target/
+*.bin
+*.o
+*.obj
+
+# Cargo lock file
+**/fuzz/Cargo.lock
+
+# afl fuzz and libfuzzer
+*.profraw
+corpus
+artifacts
+coverage
+
+# migtd-core
+clear-*-kvm.img*
+fat*.img
+test_data
+*.o
+*.obj
+
+# vscode
+.vscode
+

.gitmodules

@@ -0,0 +1,9 @@
+[submodule "deps/linux-sgx"]
+	path = deps/linux-sgx
+	url = https://github.com/intel/linux-sgx.git
+[submodule "deps/td-shim"]
+	path = deps/td-shim
+	url = https://github.com/confidential-containers/td-shim
+[submodule "deps/rustls"]
+	path = deps/rustls
+	url = https://github.com/rustls/rustls.git