xref: /qemu/hw/i386/nitro_enclave.c (revision 06b40d250ecfa1633209c2e431a7a38acfd03a98) 
1f1826463SDorjoy Chowdhury /*
2f1826463SDorjoy Chowdhury  * AWS nitro-enclave machine
3f1826463SDorjoy Chowdhury  *
4f1826463SDorjoy Chowdhury  * Copyright (c) 2024 Dorjoy Chowdhury <dorjoychy111@gmail.com>
5f1826463SDorjoy Chowdhury  *
6f1826463SDorjoy Chowdhury  * This work is licensed under the terms of the GNU GPL, version 2 or
7f1826463SDorjoy Chowdhury  * (at your option) any later version.  See the COPYING file in the
8f1826463SDorjoy Chowdhury  * top-level directory.
9f1826463SDorjoy Chowdhury  */
10f1826463SDorjoy Chowdhury 
11f1826463SDorjoy Chowdhury #include "qemu/osdep.h"
12f1826463SDorjoy Chowdhury #include "qemu/error-report.h"
13f1826463SDorjoy Chowdhury #include "qapi/error.h"
14f1826463SDorjoy Chowdhury #include "qom/object_interfaces.h"
15f1826463SDorjoy Chowdhury 
16f1826463SDorjoy Chowdhury #include "chardev/char.h"
17f1826463SDorjoy Chowdhury #include "hw/sysbus.h"
18f1826463SDorjoy Chowdhury #include "hw/core/eif.h"
19f1826463SDorjoy Chowdhury #include "hw/i386/x86.h"
20f1826463SDorjoy Chowdhury #include "hw/i386/microvm.h"
21f1826463SDorjoy Chowdhury #include "hw/i386/nitro_enclave.h"
22f1826463SDorjoy Chowdhury #include "hw/virtio/virtio-mmio.h"
23f1826463SDorjoy Chowdhury #include "hw/virtio/virtio-nsm.h"
24f1826463SDorjoy Chowdhury #include "hw/virtio/vhost-user-vsock.h"
2532cad1ffSPhilippe Mathieu-Daudé #include "system/hostmem.h"
26f1826463SDorjoy Chowdhury 
find_free_virtio_mmio_bus(void)27f1826463SDorjoy Chowdhury static BusState *find_free_virtio_mmio_bus(void)
28f1826463SDorjoy Chowdhury {
29f1826463SDorjoy Chowdhury     BusChild *kid;
30f1826463SDorjoy Chowdhury     BusState *bus = sysbus_get_default();
31f1826463SDorjoy Chowdhury 
32f1826463SDorjoy Chowdhury     QTAILQ_FOREACH(kid, &bus->children, sibling) {
33f1826463SDorjoy Chowdhury         DeviceState *dev = kid->child;
34f1826463SDorjoy Chowdhury         if (object_dynamic_cast(OBJECT(dev), TYPE_VIRTIO_MMIO)) {
35f1826463SDorjoy Chowdhury             VirtIOMMIOProxy *mmio = VIRTIO_MMIO(OBJECT(dev));
36f1826463SDorjoy Chowdhury             VirtioBusState *mmio_virtio_bus = &mmio->bus;
37f1826463SDorjoy Chowdhury             BusState *mmio_bus = &mmio_virtio_bus->parent_obj;
38f1826463SDorjoy Chowdhury             if (QTAILQ_EMPTY(&mmio_bus->children)) {
39f1826463SDorjoy Chowdhury                 return mmio_bus;
40f1826463SDorjoy Chowdhury             }
41f1826463SDorjoy Chowdhury         }
42f1826463SDorjoy Chowdhury     }
43f1826463SDorjoy Chowdhury 
44f1826463SDorjoy Chowdhury     return NULL;
45f1826463SDorjoy Chowdhury }
46f1826463SDorjoy Chowdhury 
vhost_user_vsock_init(NitroEnclaveMachineState * nems)47f1826463SDorjoy Chowdhury static void vhost_user_vsock_init(NitroEnclaveMachineState *nems)
48f1826463SDorjoy Chowdhury {
49f1826463SDorjoy Chowdhury     DeviceState *dev = qdev_new(TYPE_VHOST_USER_VSOCK);
50f1826463SDorjoy Chowdhury     VHostUserVSock *vsock = VHOST_USER_VSOCK(dev);
51f1826463SDorjoy Chowdhury     BusState *bus;
52f1826463SDorjoy Chowdhury 
53f1826463SDorjoy Chowdhury     if (!nems->vsock) {
54f1826463SDorjoy Chowdhury         error_report("A valid chardev id for vhost-user-vsock device must be "
55f1826463SDorjoy Chowdhury                      "provided using the 'vsock' machine option");
56f1826463SDorjoy Chowdhury         exit(1);
57f1826463SDorjoy Chowdhury     }
58f1826463SDorjoy Chowdhury 
59f1826463SDorjoy Chowdhury     bus = find_free_virtio_mmio_bus();
60f1826463SDorjoy Chowdhury     if (!bus) {
61f1826463SDorjoy Chowdhury         error_report("Failed to find bus for vhost-user-vsock device");
62f1826463SDorjoy Chowdhury         exit(1);
63f1826463SDorjoy Chowdhury     }
64f1826463SDorjoy Chowdhury 
65f1826463SDorjoy Chowdhury     Chardev *chardev = qemu_chr_find(nems->vsock);
66f1826463SDorjoy Chowdhury     if (!chardev) {
67f1826463SDorjoy Chowdhury         error_report("Failed to find chardev with id %s", nems->vsock);
68f1826463SDorjoy Chowdhury         exit(1);
69f1826463SDorjoy Chowdhury     }
70f1826463SDorjoy Chowdhury 
71f1826463SDorjoy Chowdhury     vsock->conf.chardev.chr = chardev;
72f1826463SDorjoy Chowdhury 
73f1826463SDorjoy Chowdhury     qdev_realize_and_unref(dev, bus, &error_fatal);
74f1826463SDorjoy Chowdhury }
75f1826463SDorjoy Chowdhury 
virtio_nsm_init(NitroEnclaveMachineState * nems)76f1826463SDorjoy Chowdhury static void virtio_nsm_init(NitroEnclaveMachineState *nems)
77f1826463SDorjoy Chowdhury {
78f1826463SDorjoy Chowdhury     DeviceState *dev = qdev_new(TYPE_VIRTIO_NSM);
79f1826463SDorjoy Chowdhury     VirtIONSM *vnsm = VIRTIO_NSM(dev);
80f1826463SDorjoy Chowdhury     BusState *bus = find_free_virtio_mmio_bus();
81f1826463SDorjoy Chowdhury 
82f1826463SDorjoy Chowdhury     if (!bus) {
83f1826463SDorjoy Chowdhury         error_report("Failed to find bus for virtio-nsm device.");
84f1826463SDorjoy Chowdhury         exit(1);
85f1826463SDorjoy Chowdhury     }
86f1826463SDorjoy Chowdhury 
87f1826463SDorjoy Chowdhury     qdev_prop_set_string(dev, "module-id", nems->id);
88f1826463SDorjoy Chowdhury 
89f1826463SDorjoy Chowdhury     qdev_realize_and_unref(dev, bus, &error_fatal);
90f1826463SDorjoy Chowdhury     nems->vnsm = vnsm;
91f1826463SDorjoy Chowdhury }
92f1826463SDorjoy Chowdhury 
nitro_enclave_devices_init(NitroEnclaveMachineState * nems)93f1826463SDorjoy Chowdhury static void nitro_enclave_devices_init(NitroEnclaveMachineState *nems)
94f1826463SDorjoy Chowdhury {
95f1826463SDorjoy Chowdhury     vhost_user_vsock_init(nems);
96f1826463SDorjoy Chowdhury     virtio_nsm_init(nems);
97f1826463SDorjoy Chowdhury }
98f1826463SDorjoy Chowdhury 
nitro_enclave_machine_state_init(MachineState * machine)99f1826463SDorjoy Chowdhury static void nitro_enclave_machine_state_init(MachineState *machine)
100f1826463SDorjoy Chowdhury {
101f1826463SDorjoy Chowdhury     NitroEnclaveMachineClass *ne_class =
102f1826463SDorjoy Chowdhury         NITRO_ENCLAVE_MACHINE_GET_CLASS(machine);
103f1826463SDorjoy Chowdhury     NitroEnclaveMachineState *ne_state = NITRO_ENCLAVE_MACHINE(machine);
104f1826463SDorjoy Chowdhury 
105f1826463SDorjoy Chowdhury     ne_class->parent_init(machine);
106f1826463SDorjoy Chowdhury     nitro_enclave_devices_init(ne_state);
107f1826463SDorjoy Chowdhury }
108f1826463SDorjoy Chowdhury 
nitro_enclave_machine_reset(MachineState * machine,ResetType type)109f1826463SDorjoy Chowdhury static void nitro_enclave_machine_reset(MachineState *machine, ResetType type)
110f1826463SDorjoy Chowdhury {
111f1826463SDorjoy Chowdhury     NitroEnclaveMachineClass *ne_class =
112f1826463SDorjoy Chowdhury         NITRO_ENCLAVE_MACHINE_GET_CLASS(machine);
113f1826463SDorjoy Chowdhury     NitroEnclaveMachineState *ne_state = NITRO_ENCLAVE_MACHINE(machine);
114f1826463SDorjoy Chowdhury 
115f1826463SDorjoy Chowdhury     ne_class->parent_reset(machine, type);
116f1826463SDorjoy Chowdhury 
117f1826463SDorjoy Chowdhury     memset(ne_state->vnsm->pcrs, 0, sizeof(ne_state->vnsm->pcrs));
118f1826463SDorjoy Chowdhury 
119f1826463SDorjoy Chowdhury     /* PCR0 */
1205b86ddd8SDorjoy Chowdhury     ne_state->vnsm->extend_pcr(ne_state->vnsm, 0, ne_state->image_hash,
121f1826463SDorjoy Chowdhury                                QCRYPTO_HASH_DIGEST_LEN_SHA384);
122f1826463SDorjoy Chowdhury     /* PCR1 */
1235b86ddd8SDorjoy Chowdhury     ne_state->vnsm->extend_pcr(ne_state->vnsm, 1, ne_state->bootstrap_hash,
124f1826463SDorjoy Chowdhury                                QCRYPTO_HASH_DIGEST_LEN_SHA384);
125f1826463SDorjoy Chowdhury     /* PCR2 */
1265b86ddd8SDorjoy Chowdhury     ne_state->vnsm->extend_pcr(ne_state->vnsm, 2, ne_state->app_hash,
127f1826463SDorjoy Chowdhury                                QCRYPTO_HASH_DIGEST_LEN_SHA384);
128f1826463SDorjoy Chowdhury     /* PCR3 */
129f1826463SDorjoy Chowdhury     if (ne_state->parent_role) {
130f1826463SDorjoy Chowdhury         ne_state->vnsm->extend_pcr(ne_state->vnsm, 3,
131f1826463SDorjoy Chowdhury                                    (uint8_t *) ne_state->parent_role,
132f1826463SDorjoy Chowdhury                                    strlen(ne_state->parent_role));
133f1826463SDorjoy Chowdhury     }
134f1826463SDorjoy Chowdhury     /* PCR4 */
135f1826463SDorjoy Chowdhury     if (ne_state->parent_id) {
136f1826463SDorjoy Chowdhury         ne_state->vnsm->extend_pcr(ne_state->vnsm, 4,
137f1826463SDorjoy Chowdhury                                    (uint8_t *) ne_state->parent_id,
138f1826463SDorjoy Chowdhury                                    strlen(ne_state->parent_id));
139f1826463SDorjoy Chowdhury     }
140f1826463SDorjoy Chowdhury     /* PCR8 */
141f1826463SDorjoy Chowdhury     if (ne_state->signature_found) {
142f1826463SDorjoy Chowdhury         ne_state->vnsm->extend_pcr(ne_state->vnsm, 8,
1435b86ddd8SDorjoy Chowdhury                                    ne_state->fingerprint_hash,
144f1826463SDorjoy Chowdhury                                    QCRYPTO_HASH_DIGEST_LEN_SHA384);
145f1826463SDorjoy Chowdhury     }
146f1826463SDorjoy Chowdhury 
147f1826463SDorjoy Chowdhury     /* First 16 PCRs are locked from boot and reserved for nitro enclave */
148f1826463SDorjoy Chowdhury     for (int i = 0; i < 16; ++i) {
149f1826463SDorjoy Chowdhury         ne_state->vnsm->lock_pcr(ne_state->vnsm, i);
150f1826463SDorjoy Chowdhury     }
151f1826463SDorjoy Chowdhury }
152f1826463SDorjoy Chowdhury 
nitro_enclave_machine_initfn(Object * obj)153f1826463SDorjoy Chowdhury static void nitro_enclave_machine_initfn(Object *obj)
154f1826463SDorjoy Chowdhury {
155f1826463SDorjoy Chowdhury     MicrovmMachineState *mms = MICROVM_MACHINE(obj);
156f1826463SDorjoy Chowdhury     X86MachineState *x86ms = X86_MACHINE(obj);
157f1826463SDorjoy Chowdhury     NitroEnclaveMachineState *nems = NITRO_ENCLAVE_MACHINE(obj);
158f1826463SDorjoy Chowdhury 
159f1826463SDorjoy Chowdhury     nems->id = g_strdup("i-234-enc5678");
160f1826463SDorjoy Chowdhury 
161f1826463SDorjoy Chowdhury     /* AWS nitro enclaves have PCIE and ACPI disabled */
162f1826463SDorjoy Chowdhury     mms->pcie = ON_OFF_AUTO_OFF;
163f1826463SDorjoy Chowdhury     x86ms->acpi = ON_OFF_AUTO_OFF;
164f1826463SDorjoy Chowdhury }
165f1826463SDorjoy Chowdhury 
x86_load_eif(X86MachineState * x86ms,FWCfgState * fw_cfg,int acpi_data_size,bool pvh_enabled)166f1826463SDorjoy Chowdhury static void x86_load_eif(X86MachineState *x86ms, FWCfgState *fw_cfg,
167f1826463SDorjoy Chowdhury                          int acpi_data_size, bool pvh_enabled)
168f1826463SDorjoy Chowdhury {
169f1826463SDorjoy Chowdhury     Error *err = NULL;
170f1826463SDorjoy Chowdhury     char *eif_kernel, *eif_initrd, *eif_cmdline;
171f1826463SDorjoy Chowdhury     MachineState *machine = MACHINE(x86ms);
172f1826463SDorjoy Chowdhury     NitroEnclaveMachineState *nems = NITRO_ENCLAVE_MACHINE(x86ms);
173f1826463SDorjoy Chowdhury 
174f1826463SDorjoy Chowdhury     if (!read_eif_file(machine->kernel_filename, machine->initrd_filename,
175f1826463SDorjoy Chowdhury                        &eif_kernel, &eif_initrd, &eif_cmdline,
1765b86ddd8SDorjoy Chowdhury                        nems->image_hash, nems->bootstrap_hash,
1775b86ddd8SDorjoy Chowdhury                        nems->app_hash, nems->fingerprint_hash,
178f1826463SDorjoy Chowdhury                        &(nems->signature_found), &err)) {
179f1826463SDorjoy Chowdhury         error_report_err(err);
180f1826463SDorjoy Chowdhury         exit(1);
181f1826463SDorjoy Chowdhury     }
182f1826463SDorjoy Chowdhury 
183f1826463SDorjoy Chowdhury     g_free(machine->kernel_filename);
184f1826463SDorjoy Chowdhury     machine->kernel_filename = eif_kernel;
185f1826463SDorjoy Chowdhury     g_free(machine->initrd_filename);
186f1826463SDorjoy Chowdhury     machine->initrd_filename = eif_initrd;
187f1826463SDorjoy Chowdhury 
188f1826463SDorjoy Chowdhury     /*
189f1826463SDorjoy Chowdhury      * If kernel cmdline argument was provided, let's concatenate it to the
190f1826463SDorjoy Chowdhury      * extracted EIF kernel cmdline.
191f1826463SDorjoy Chowdhury      */
192f1826463SDorjoy Chowdhury     if (machine->kernel_cmdline != NULL) {
193f1826463SDorjoy Chowdhury         char *cmd = g_strdup_printf("%s %s", eif_cmdline,
194f1826463SDorjoy Chowdhury                                     machine->kernel_cmdline);
195f1826463SDorjoy Chowdhury         g_free(eif_cmdline);
196f1826463SDorjoy Chowdhury         g_free(machine->kernel_cmdline);
197f1826463SDorjoy Chowdhury         machine->kernel_cmdline = cmd;
198f1826463SDorjoy Chowdhury     } else {
199f1826463SDorjoy Chowdhury         machine->kernel_cmdline = eif_cmdline;
200f1826463SDorjoy Chowdhury     }
201f1826463SDorjoy Chowdhury 
202f1826463SDorjoy Chowdhury     x86_load_linux(x86ms, fw_cfg, 0, true);
203f1826463SDorjoy Chowdhury 
204f1826463SDorjoy Chowdhury     unlink(machine->kernel_filename);
205f1826463SDorjoy Chowdhury     unlink(machine->initrd_filename);
206f1826463SDorjoy Chowdhury }
207f1826463SDorjoy Chowdhury 
create_memfd_backend(MachineState * ms,const char * path,Error ** errp)208f1826463SDorjoy Chowdhury static bool create_memfd_backend(MachineState *ms, const char *path,
209f1826463SDorjoy Chowdhury                                  Error **errp)
210f1826463SDorjoy Chowdhury {
211f1826463SDorjoy Chowdhury     Object *obj;
212f1826463SDorjoy Chowdhury     MachineClass *mc = MACHINE_GET_CLASS(ms);
213f1826463SDorjoy Chowdhury     bool r = false;
214f1826463SDorjoy Chowdhury 
215f1826463SDorjoy Chowdhury     obj = object_new(TYPE_MEMORY_BACKEND_MEMFD);
216f1826463SDorjoy Chowdhury     if (!object_property_set_int(obj, "size", ms->ram_size, errp)) {
217f1826463SDorjoy Chowdhury         goto out;
218f1826463SDorjoy Chowdhury     }
219f1826463SDorjoy Chowdhury     object_property_add_child(object_get_objects_root(), mc->default_ram_id,
220f1826463SDorjoy Chowdhury                               obj);
221f1826463SDorjoy Chowdhury 
222f1826463SDorjoy Chowdhury     if (!user_creatable_complete(USER_CREATABLE(obj), errp)) {
223f1826463SDorjoy Chowdhury         goto out;
224f1826463SDorjoy Chowdhury     }
225f1826463SDorjoy Chowdhury     r = object_property_set_link(OBJECT(ms), "memory-backend", obj, errp);
226f1826463SDorjoy Chowdhury 
227f1826463SDorjoy Chowdhury out:
228f1826463SDorjoy Chowdhury     object_unref(obj);
229f1826463SDorjoy Chowdhury     return r;
230f1826463SDorjoy Chowdhury }
231f1826463SDorjoy Chowdhury 
nitro_enclave_get_vsock_chardev_id(Object * obj,Error ** errp)232f1826463SDorjoy Chowdhury static char *nitro_enclave_get_vsock_chardev_id(Object *obj, Error **errp)
233f1826463SDorjoy Chowdhury {
234f1826463SDorjoy Chowdhury     NitroEnclaveMachineState *nems = NITRO_ENCLAVE_MACHINE(obj);
235f1826463SDorjoy Chowdhury 
236f1826463SDorjoy Chowdhury     return g_strdup(nems->vsock);
237f1826463SDorjoy Chowdhury }
238f1826463SDorjoy Chowdhury 
nitro_enclave_set_vsock_chardev_id(Object * obj,const char * value,Error ** errp)239f1826463SDorjoy Chowdhury static void nitro_enclave_set_vsock_chardev_id(Object *obj, const char *value,
240f1826463SDorjoy Chowdhury                                                Error **errp)
241f1826463SDorjoy Chowdhury {
242f1826463SDorjoy Chowdhury     NitroEnclaveMachineState *nems = NITRO_ENCLAVE_MACHINE(obj);
243f1826463SDorjoy Chowdhury 
244f1826463SDorjoy Chowdhury     g_free(nems->vsock);
245f1826463SDorjoy Chowdhury     nems->vsock = g_strdup(value);
246f1826463SDorjoy Chowdhury }
247f1826463SDorjoy Chowdhury 
nitro_enclave_get_id(Object * obj,Error ** errp)248f1826463SDorjoy Chowdhury static char *nitro_enclave_get_id(Object *obj, Error **errp)
249f1826463SDorjoy Chowdhury {
250f1826463SDorjoy Chowdhury     NitroEnclaveMachineState *nems = NITRO_ENCLAVE_MACHINE(obj);
251f1826463SDorjoy Chowdhury 
252f1826463SDorjoy Chowdhury     return g_strdup(nems->id);
253f1826463SDorjoy Chowdhury }
254f1826463SDorjoy Chowdhury 
nitro_enclave_set_id(Object * obj,const char * value,Error ** errp)255f1826463SDorjoy Chowdhury static void nitro_enclave_set_id(Object *obj, const char *value,
256f1826463SDorjoy Chowdhury                                             Error **errp)
257f1826463SDorjoy Chowdhury {
258f1826463SDorjoy Chowdhury     NitroEnclaveMachineState *nems = NITRO_ENCLAVE_MACHINE(obj);
259f1826463SDorjoy Chowdhury 
260f1826463SDorjoy Chowdhury     g_free(nems->id);
261f1826463SDorjoy Chowdhury     nems->id = g_strdup(value);
262f1826463SDorjoy Chowdhury }
263f1826463SDorjoy Chowdhury 
nitro_enclave_get_parent_role(Object * obj,Error ** errp)264f1826463SDorjoy Chowdhury static char *nitro_enclave_get_parent_role(Object *obj, Error **errp)
265f1826463SDorjoy Chowdhury {
266f1826463SDorjoy Chowdhury     NitroEnclaveMachineState *nems = NITRO_ENCLAVE_MACHINE(obj);
267f1826463SDorjoy Chowdhury 
268f1826463SDorjoy Chowdhury     return g_strdup(nems->parent_role);
269f1826463SDorjoy Chowdhury }
270f1826463SDorjoy Chowdhury 
nitro_enclave_set_parent_role(Object * obj,const char * value,Error ** errp)271f1826463SDorjoy Chowdhury static void nitro_enclave_set_parent_role(Object *obj, const char *value,
272f1826463SDorjoy Chowdhury                                           Error **errp)
273f1826463SDorjoy Chowdhury {
274f1826463SDorjoy Chowdhury     NitroEnclaveMachineState *nems = NITRO_ENCLAVE_MACHINE(obj);
275f1826463SDorjoy Chowdhury 
276f1826463SDorjoy Chowdhury     g_free(nems->parent_role);
277f1826463SDorjoy Chowdhury     nems->parent_role = g_strdup(value);
278f1826463SDorjoy Chowdhury }
279f1826463SDorjoy Chowdhury 
nitro_enclave_get_parent_id(Object * obj,Error ** errp)280f1826463SDorjoy Chowdhury static char *nitro_enclave_get_parent_id(Object *obj, Error **errp)
281f1826463SDorjoy Chowdhury {
282f1826463SDorjoy Chowdhury     NitroEnclaveMachineState *nems = NITRO_ENCLAVE_MACHINE(obj);
283f1826463SDorjoy Chowdhury 
284f1826463SDorjoy Chowdhury     return g_strdup(nems->parent_id);
285f1826463SDorjoy Chowdhury }
286f1826463SDorjoy Chowdhury 
nitro_enclave_set_parent_id(Object * obj,const char * value,Error ** errp)287f1826463SDorjoy Chowdhury static void nitro_enclave_set_parent_id(Object *obj, const char *value,
288f1826463SDorjoy Chowdhury                                         Error **errp)
289f1826463SDorjoy Chowdhury {
290f1826463SDorjoy Chowdhury     NitroEnclaveMachineState *nems = NITRO_ENCLAVE_MACHINE(obj);
291f1826463SDorjoy Chowdhury 
292f1826463SDorjoy Chowdhury     g_free(nems->parent_id);
293f1826463SDorjoy Chowdhury     nems->parent_id = g_strdup(value);
294f1826463SDorjoy Chowdhury }
295f1826463SDorjoy Chowdhury 
nitro_enclave_class_init(ObjectClass * oc,const void * data)296*12d1a768SPhilippe Mathieu-Daudé static void nitro_enclave_class_init(ObjectClass *oc, const void *data)
297f1826463SDorjoy Chowdhury {
298f1826463SDorjoy Chowdhury     MachineClass *mc = MACHINE_CLASS(oc);
299f1826463SDorjoy Chowdhury     MicrovmMachineClass *mmc = MICROVM_MACHINE_CLASS(oc);
300f1826463SDorjoy Chowdhury     NitroEnclaveMachineClass *nemc = NITRO_ENCLAVE_MACHINE_CLASS(oc);
301f1826463SDorjoy Chowdhury 
302f1826463SDorjoy Chowdhury     mmc->x86_load_linux = x86_load_eif;
303f1826463SDorjoy Chowdhury 
304f1826463SDorjoy Chowdhury     mc->family = "nitro_enclave_i386";
305f1826463SDorjoy Chowdhury     mc->desc = "AWS Nitro Enclave";
306f1826463SDorjoy Chowdhury 
307f1826463SDorjoy Chowdhury     nemc->parent_init = mc->init;
308f1826463SDorjoy Chowdhury     mc->init = nitro_enclave_machine_state_init;
309f1826463SDorjoy Chowdhury 
310f1826463SDorjoy Chowdhury     nemc->parent_reset = mc->reset;
311f1826463SDorjoy Chowdhury     mc->reset = nitro_enclave_machine_reset;
312f1826463SDorjoy Chowdhury 
313f1826463SDorjoy Chowdhury     mc->create_default_memdev = create_memfd_backend;
314f1826463SDorjoy Chowdhury 
315f1826463SDorjoy Chowdhury     object_class_property_add_str(oc, NITRO_ENCLAVE_VSOCK_CHARDEV_ID,
316f1826463SDorjoy Chowdhury                                   nitro_enclave_get_vsock_chardev_id,
317f1826463SDorjoy Chowdhury                                   nitro_enclave_set_vsock_chardev_id);
318f1826463SDorjoy Chowdhury     object_class_property_set_description(oc, NITRO_ENCLAVE_VSOCK_CHARDEV_ID,
319f1826463SDorjoy Chowdhury                                           "Set chardev id for vhost-user-vsock "
320f1826463SDorjoy Chowdhury                                           "device");
321f1826463SDorjoy Chowdhury 
322f1826463SDorjoy Chowdhury     object_class_property_add_str(oc, NITRO_ENCLAVE_ID, nitro_enclave_get_id,
323f1826463SDorjoy Chowdhury                                   nitro_enclave_set_id);
324f1826463SDorjoy Chowdhury     object_class_property_set_description(oc, NITRO_ENCLAVE_ID,
325f1826463SDorjoy Chowdhury                                           "Set enclave identifier");
326f1826463SDorjoy Chowdhury 
327f1826463SDorjoy Chowdhury     object_class_property_add_str(oc, NITRO_ENCLAVE_PARENT_ROLE,
328f1826463SDorjoy Chowdhury                                   nitro_enclave_get_parent_role,
329f1826463SDorjoy Chowdhury                                   nitro_enclave_set_parent_role);
330f1826463SDorjoy Chowdhury     object_class_property_set_description(oc, NITRO_ENCLAVE_PARENT_ROLE,
331f1826463SDorjoy Chowdhury                                           "Set parent instance IAM role ARN");
332f1826463SDorjoy Chowdhury 
333f1826463SDorjoy Chowdhury     object_class_property_add_str(oc, NITRO_ENCLAVE_PARENT_ID,
334f1826463SDorjoy Chowdhury                                   nitro_enclave_get_parent_id,
335f1826463SDorjoy Chowdhury                                   nitro_enclave_set_parent_id);
336f1826463SDorjoy Chowdhury     object_class_property_set_description(oc, NITRO_ENCLAVE_PARENT_ID,
337f1826463SDorjoy Chowdhury                                           "Set parent instance identifier");
338f1826463SDorjoy Chowdhury }
339f1826463SDorjoy Chowdhury 
340f1826463SDorjoy Chowdhury static const TypeInfo nitro_enclave_machine_info = {
341f1826463SDorjoy Chowdhury     .name          = TYPE_NITRO_ENCLAVE_MACHINE,
342f1826463SDorjoy Chowdhury     .parent        = TYPE_MICROVM_MACHINE,
343f1826463SDorjoy Chowdhury     .instance_size = sizeof(NitroEnclaveMachineState),
344f1826463SDorjoy Chowdhury     .instance_init = nitro_enclave_machine_initfn,
345f1826463SDorjoy Chowdhury     .class_size    = sizeof(NitroEnclaveMachineClass),
346f1826463SDorjoy Chowdhury     .class_init    = nitro_enclave_class_init,
347f1826463SDorjoy Chowdhury };
348f1826463SDorjoy Chowdhury 
nitro_enclave_machine_init(void)349f1826463SDorjoy Chowdhury static void nitro_enclave_machine_init(void)
350f1826463SDorjoy Chowdhury {
351f1826463SDorjoy Chowdhury     type_register_static(&nitro_enclave_machine_info);
352f1826463SDorjoy Chowdhury }
353f1826463SDorjoy Chowdhury type_init(nitro_enclave_machine_init);
354