Documentation: Update build/install instructions to use IGVM #237
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
roy-hopkins
commented
Jan 31, 2024
Comment on lines
+90
to
+95
| ``` | ||
| git clone https://github.com/microsoft/igvm | ||
| cd igvm | ||
| make -f igvm_c/Makefile | ||
| sudo make -f igvm_c/Makefile install | ||
| ``` |
There was a problem hiding this comment.
This will only work after microsoft/igvm#3 has been merged.
There was a problem hiding this comment.
We may need more changes in the igvm repository. Although the igvm#3 got merged, it is still failing to build.
First I installed some dependencies:
$ cargo install cbindgen
$ sudo zypper install cunit-devel
Then I tried to build it:
cclaudio@dobby:~/src/coconut/igvm> make -f igvm_c/Makefile
cbindgen -c /home/cclaudio/src/coconut/igvm/igvm_c/cbindgen_igvm.toml /home/cclaudio/src/coconut/igvm/igvm_c/../igvm -o "/home/cclaudio/src/coconut/igvm/igvm_c/include/igvm.h"
WARN: Skip igvm::IGVM_HANDLES - (not `no_mangle`).
WARN: Skip igvm::IGVM_HANDLE_FACTORY - (not `no_mangle`).
WARN: Skip igvm::X64_CR4_LA57 - (not `pub`).
WARN: Skip igvm::X64_PTE_PRESENT - (not `pub`).
WARN: Skip igvm::X64_PTE_READ_WRITE - (not `pub`).
WARN: Skip igvm::X64_PTE_ACCESSED - (not `pub`).
WARN: Skip igvm::X64_PTE_DIRTY - (not `pub`).
WARN: Skip igvm::X64_PTE_LARGE_PAGE - (not `pub`).
WARN: Skip igvm::PAGE_TABLE_ENTRY_COUNT - (not `pub`).
WARN: Skip igvm::X64_PAGE_SHIFT - (not `pub`).
WARN: Skip igvm::X64_PTE_BITS - (not `pub`).
WARN: Cannot find a mangling for generic path GenericPath { path: Path { name: "U64" }, export_name: "U64", generics: [Type(Path(GenericPath { path: Path { name: "LittleEndian" }, export_name: "LittleEndian", generics: [], ctype: None }))], ctype: None }. This usually means that a type referenced by this generic was incompatible or not found.
WARN: Missing `[defines]` entry for `feature = "igvm-c"` in cbindgen config.
<...snip...>
cbindgen -c /home/cclaudio/src/coconut/igvm/igvm_c/cbindgen_igvm_defs.toml /home/cclaudio/src/coconut/igvm/igvm_c/../igvm_defs -o "/home/cclaudio/src/coconut/igvm/igvm_c/include/igvm_defs.h"
WARN: Skip igvm_defs::IGVM_MAGIC_VALUE - (Unsupported call expression. Call(ExprCall { attrs: [], func: Path(ExprPath { attrs: [], qself: None, path: Path { leading_colon: None, segments: [PathSegment { ident: Ident(u32), arguments: None }, Colon2, PathSegment { ident: Ident(from_le_bytes), arguments: None }] } }), paren_token: Paren, args: [Unary(ExprUnary { attrs: [], op: Deref(Star), expr: Lit(ExprLit { attrs: [], lit: ByteStr(LitByteStr { token: b"IGVM" }) }) })] }))
WARN: Skip igvm_defs::IGVM_VHT_RANGE_PLATFORM - (Unsupported expression. Range(ExprRange { attrs: [], from: Some(Lit(ExprLit { attrs: [], lit: Int(LitInt { token: 0x1 }) })), limits: Closed(DotDotEq), to: Some(Lit(ExprLit { attrs: [], lit: Int(LitInt { token: 0x100 }) })) }))
WARN: Skip igvm_defs::IGVM_VHT_RANGE_INIT - (Unsupported expression. Range(ExprRange { attrs: [], from: Some(Lit(ExprLit { attrs: [], lit: Int(LitInt { token: 0x101 }) })), limits: Closed(DotDotEq), to: Some(Lit(ExprLit { attrs: [], lit: Int(LitInt { token: 0x200 }) })) }))
WARN: Skip igvm_defs::IGVM_VHT_RANGE_DIRECTIVE - (Unsupported expression. Range(ExprRange { attrs: [], from: Some(Lit(ExprLit { attrs: [], lit: Int(LitInt { token: 0x301 }) })), limits: Closed(DotDotEq), to: Some(Lit(ExprLit { attrs: [], lit: Int(LitInt { token: 0x400 }) })) }))
WARN: Skip igvm_defs::IGVM_DT_IGVM_TYPE_PROPERTY - (Unsupported literal expression. Str(LitStr { token: "microsoft,igvm-type" }))
WARN: Skip igvm_defs::IGVM_DT_IGVM_FLAGS_PROPERTY - (Unsupported literal expression. Str(LitStr { token: "microsoft,igvm-flags" }))
WARN: Skip igvm_defs::IGVM_DT_VTL_PROPERTY - (Unsupported literal expression. Str(LitStr { token: "microsoft,vtl" }))
WARN: Can't find IgvmPageDataFlags. This usually means that this type was incompatible or not found.
WARN: Can't find u64_le. This usually means that this type was incompatible or not found.
WARN: Can't find u32_le. This usually means that this type was incompatible or not found.
WARN: Can't find RequiredMemoryFlags. This usually means that this type was incompatible or not found.
WARN: Can't find MemoryMapEntryFlags. This usually means that this type was incompatible or not found.
WARN: Missing `[defines]` entry for `feature = "unstable"` in cbindgen config.
CARGO_TARGET_DIR=/home/cclaudio/src/coconut/igvm/igvm_c/../target_c cargo build --features "igvm-c" --manifest-path=/home/cclaudio/src/coconut/igvm/igvm_c/../igvm/Cargo.toml
Compiling proc-macro2 v1.0.78
Compiling unicode-ident v1.0.12
Compiling syn v1.0.109
Compiling byteorder v1.5.0
Compiling once_cell v1.19.0
Compiling crc32fast v1.3.2
Compiling thiserror v1.0.56
Compiling static_assertions v1.1.0
Compiling cfg-if v1.0.0
Compiling pin-project-lite v0.2.13
Compiling hex v0.4.3
Compiling range_map_vec v0.1.0
Compiling tracing-core v0.1.32
Compiling quote v1.0.35
Compiling syn v2.0.48
Compiling open-enum-derive v0.4.1
Compiling zerocopy-derive v0.7.32
Compiling tracing-attributes v0.1.27
Compiling thiserror-impl v1.0.56
Compiling bitfield-struct v0.5.6
Compiling open-enum v0.4.1
Compiling zerocopy v0.7.32
Compiling tracing v0.1.40
Compiling igvm_defs v0.1.4 (/home/cclaudio/src/coconut/igvm/igvm_defs)
Compiling igvm v0.1.4 (/home/cclaudio/src/coconut/igvm/igvm)
Finished dev [unoptimized + debuginfo] target(s) in 5.47s
cc -g3 -O0 -I /home/cclaudio/src/coconut/igvm/igvm_c -L "/home/cclaudio/src/coconut/igvm/igvm_c/../target_c/debug" -o "/home/cclaudio/src/coconut/igvm/igvm_c/../target_c/debug"/dump_igvm /home/cclaudio/src/coconut/igvm/igvm_c/include/igvm.h /home/cclaudio/src/coconut/igvm/igvm_c/sample/dump_igvm.c "/home/cclaudio/src/coconut/igvm/igvm_c/../target_c/debug"/libigvm.a -ligvm -lcunit
/usr/lib64/gcc/x86_64-suse-linux/7/../../../../x86_64-suse-linux/bin/ld: /home/cclaudio/src/coconut/igvm/igvm_c/../target_c/debug/libigvm.a(std-b149a04e58514815.std.afc0969a1e8d0069-cgu.0.rcgu.o): undefined reference to symbol 'dlsym@@GLIBC_2.2.5'
/usr/lib64/gcc/x86_64-suse-linux/7/../../../../x86_64-suse-linux/bin/ld: /lib64/libdl.so.2: error adding symbols: DSO missing from command line
collect2: error: ld returned 1 exit status
make: *** [igvm_c/Makefile:40: "/home/cclaudio/src/coconut/igvm/igvm_c/../target_c/debug"/dump_igvm] Error 1
There was a problem hiding this comment.
Hey Claudio, I just tried it here and it works on my side with latest Tumbleweed. What build environment are you using and which Rust version?
There was a problem hiding this comment.
Same here - works on my Tumbleweed. It's not a rust error, it's building the C dump_igvm utility. Can you try running the compiler command with the -ldl option to see if it fixes it?
cc -g3 -O0 -I /home/cclaudio/src/coconut/igvm/igvm_c -L "/home/cclaudio/src/coconut/igvm/igvm_c/../target_c/debug" -o "/home/cclaudio/src/coconut/igvm/igvm_c/../target_c/debug"/dump_igvm /home/cclaudio/src/coconut/igvm/igvm_c/include/igvm.h /home/cclaudio/src/coconut/igvm/igvm_c/sample/dump_igvm.c "/home/cclaudio/src/coconut/igvm/igvm_c/../target_c/debug"/libigvm.a -ligvm -lcunit -ldl
There was a problem hiding this comment.
I am able to build it with these changes
diff --git a/igvm_c/Makefile b/igvm_c/Makefile
index a0acba18eb91..dfe91fd68706 100644
--- a/igvm_c/Makefile
+++ b/igvm_c/Makefile
@@ -37,10 +37,10 @@ include/igvm.h: $(RUST_SOURCE)
cbindgen -c $(API_DIR)/cbindgen_igvm_defs.toml $(IGVM_DIR)/igvm_defs -o "$(API_DIR)/include/igvm_defs.h"
$(TARGET_PATH)/dump_igvm: $(API_DIR)/include/igvm.h $(API_DIR)/sample/dump_igvm.c $(TARGET_PATH)/libigvm.a
- cc -g3 -O0 -I $(API_DIR) -L $(TARGET_PATH) -o $@ $^ -ligvm -lcunit
+ cc -g3 -O0 -I $(API_DIR) -L $(TARGET_PATH) -o $@ $^ -ligvm -lcunit -ldl -pthread
$(TARGET_PATH)/igvm_test: $(API_DIR)/include/igvm.h $(API_DIR)/tests/igvm_test.c $(TARGET_PATH)/libigvm.a
- cc -g3 -O0 -I $(API_DIR) -L $(TARGET_PATH) -o $@ $^ -ligvm -lcunit
+ cc -g3 -O0 -I $(API_DIR) -L $(TARGET_PATH) -o $@ $^ -ligvm -lcunit -ldl -pthread
$(TARGET_PATH)/igvm.bin: $(TARGET_PATH)/test_data
$(TARGET_PATH)/test_data $(TARGET_PATH)/igvm.binbut I still see all the warnings posted earlier. Those related to [defines] can be solved adding something like this to the Cargo.toml file, however, that will just add some #ifdef CONFIG_IGVM_C to the generated C code. Maybe we could just decorate the rust code to ignore those kind of warnings.
[defines]
"feature = igvm_c" = CONFIG_IGVM_C
I did not check how to fix the other warnings.
I am running openSUSE Leap 15.5 and rustc 1.74.1 (a28077b28 2023-12-04)
There was a problem hiding this comment.
Ok, thanks for this. I'm not sure why your build requires -ldl and -pthread. What compiler does your cc use?
I've tried to reproduce with other versions of gcc to see if that makes a difference but they all succeed for me. I'm using the same version of rustc as you. I don't see any harm in adding those libraries to the build for these tools so I'll raise a PR on the IGVM library with that change.
Regarding the warnings, I did look into how to prevent them without polluting the rust code or the generated header files but the only solution I could come up with was to disable the warnings altogether. I chose not to do this on the original PR, but on reflection maybe that would be the better option.
|
microsoft/igvm#3 has now been merged so this PR is ready for review. |
|
Hey Roy, this looks good to me, thanks for updating the documentation. One last think which is needed before this can be merged is to update |
Coconut SVSM supports launch using two different custom builds of QEMU: 1. https://github.com/coconut-svsm/qemu/tree/svsm-v8.0.0 which contains a coconut SVSM specific launch protocol for the guest. 2. https://github.com/coconut-svsm/qemu/tree/svsm-igvm which supports launching a guest using IGVM. The current installation instructions describe how to launch SVSM using 1. However, the plan is to move to only supporting IGVM. Therefore the documentaton has been updated to describe how to build an IGVM file containing SVSM/OVMF, build the required branch of QEMU and launch the guest. The IGVM file packages SVSM with OVMF, therefore the item in the TODO list in README.md has been removed. Signed-off-by: Roy Hopkins <roy.hopkins@suse.com>
Launching a guest that supports SEV-SNP with COCONUT-SVSM requires careful configuration of QEMU parameters. This is documented in `Documentation/INSTALL.md` but would benefit from a script that allows a guest to be simply launched. This commit adds `scripts/launch_guest.sh` and documents its usage. Signed-off-by: Roy Hopkins <roy.hopkins@suse.com>
The documentation has been updated to use IGVM when packaging and launching the COCONUT-SVSM binary in a QEMU SEV-SNP supported guest in preparation for removing support for the previous QEMU SVSM modifications. Therefore, the test-in-svsm Makefile target should also be updated to use IGVM to launch the guest that runs the tests. This patch builds adds a new Makefile target to build an IGVM file that contains the svsm-test binary and makes use of scripts/launch_guest.sh to launch the SVSM test binary using QEMU. Signed-off-by: Roy Hopkins <roy.hopkins@suse.com>
roy-hopkins
force-pushed
the
igvm_install_doc
branch
from
0c7ae89 to
3c01f04
Compare
Done. I've added two commits - one to add a generic launch script then a subsequent commit to use this to launch the |
chris-oo
added a commit
to microsoft/igvm
that referenced
this pull request
Feb 27, 2024
) It was reported on coconut-svsm/svsm#237 that on certain environments, the C unit tests and sample fail to build due to missing library dependencies. Also, the status of the build is hard to determine due to the amount of warnings generated by cbindgen. See the comment thread in that PR from @cclaudio. The required list of libraries can be determined with the following command: ``` cargo rustc --verbose --features "igvm-c" --manifest-path=igvm/Cargo.toml -- --print=native-static-libs ``` This PR updates the Makefile to reflect the output of this command. In addition, the cbindgen `-q` flag is used to suppress warnings - it would be good to fix the warnings but this would require the generation of redundant additional output in the header files which is not ideal. Finally, add a section to the README to describe how to install the library. --------- Signed-off-by: Roy Hopkins <roy.hopkins@suse.com> Co-authored-by: Chris Oo <cho@microsoft.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Coconut SVSM supports launch using two different custom builds of QEMU:
The current installation instructions describe how to launch SVSM using 1. However, the plan is to move to only supporting IGVM. Therefore the documentaton has been updated to describe how to build an IGVM file containing SVSM/OVMF, build the required branch of QEMU and launch the guest.
The IGVM file packages SVSM with OVMF, therefore the item in the TODO list in README.md has been removed.
Note that the documentation refers to cloning and building the IGVM github repository. This currently does not include the required C API and is waiting on microsoft/igvm#3 to be merged, hence this PR is marked as draft.