xcp-ng · Th0rOnDoR · Jul 22, 2025 · Jul 22, 2025 · Jul 24, 2025 · Jul 16, 2025
diff --git a/tools/include/libxl.h b/tools/include/libxl.h
@@ -3025,6 +3025,27 @@ static inline int libxl_qemu_monitor_command_0x041200(libxl_ctx *ctx,
  */
 int libxl_clear_domid_history(libxl_ctx *ctx);
 
+/*
+ * Used to retrieve an attestation for a coco domain
+ */
+int libxl_coco_domain_attestation(libxl_ctx *ctx, uint32_t domid, int file, bool is_mmonce_file, char *mmonce);
+
+/*
+ * Used to retrieve platform public keys and relevant information (identification, certificates);
+ */
+int libxl_coco_platform_certs(libxl_ctx *ctx, char *path);
+
+/*
+ * Retrieve a certificate signing request
+ */
+int libxl_coco_csr(libxl_ctx *ctx, char* path);
+
+int libxl_coco_update(libxl_ctx *ctx, char* path);
+
+int libxl_coco_regen_certificate(libxl_ctx *ctx, char* cert);
+
+int libxl_coco_import_certificate(libxl_ctx *ctx, char* pek, char *crt);
+
 #endif /* LIBXL_H */
 
 /*

diff --git a/tools/include/xenctrl.h b/tools/include/xenctrl.h
@@ -1685,6 +1685,13 @@ int xc_get_hvm_param(xc_interface *handle, uint32_t dom, int param, unsigned lon
 
 int xc_coco_platform_status(xc_interface *handle, coco_platform_status_t *status);
 int xc_coco_prepare_initial_mem(xc_interface *handle, coco_prepare_initial_mem_t *cmd);
+int xc_coco_finish_initial_mem(xc_interface *handle, domid_t domid);
+int xc_coco_get_attestation(xc_interface *handle, coco_attestation_report_t *report);
+int xc_coco_get_platform_certs(xc_interface *handle, coco_platform_certs_t *cmd);
+int xc_coco_get_csr(xc_interface *handle, coco_certificate_t *cmd);
+int xc_coco_regen_certificate(xc_interface *handle, coco_certificate_name_t cert);
+int xc_coco_import_certificate(xc_interface *handle, coco_platform_import_certs_t *cmd);
+int xc_coco_update(xc_interface *handle, coco_update_t *cmd);
 
 /* HVM guest pass-through */
 int xc_assign_device(xc_interface *xch,
@@ -2684,4 +2691,4 @@ int xc_dt_overlay_domain(xc_interface *xch, void *overlay_fdt,
  * tab-width: 4
  * indent-tabs-mode: nil
  * End:
- */
+ */
diff --git a/tools/libs/ctrl/xc_domain.c b/tools/libs/ctrl/xc_domain.c
@@ -1532,6 +1532,43 @@ int xc_coco_prepare_initial_mem(xc_interface *handle, coco_prepare_initial_mem_t
     return rc;
 }
 
+int xc_coco_finish_initial_mem(xc_interface *handle, domid_t domid)
+{
+    DECLARE_HYPERCALL_BUFFER(domid_t, arg);
+    int rc;
+
+    arg = xc_hypercall_buffer_alloc(handle, arg, sizeof(*arg));
+    if ( arg == NULL )
+        return -1;
+    *arg = domid;
+
+    rc = xencall2(handle->xcall, __HYPERVISOR_coco_op, XEN_COCO_finish_initial_mem,
+                  HYPERCALL_BUFFER_AS_ARG(arg));
+
+    xc_hypercall_buffer_free(handle, arg);
+    return rc;
+}
+
+int xc_coco_get_attestation(xc_interface *handle, coco_attestation_report_t *cmd)
+{
+    DECLARE_HYPERCALL_BUFFER(coco_attestation_report_t, arg);
+    int rc;
+
+    arg = xc_hypercall_buffer_alloc(handle, arg, sizeof(*arg));
+    if ( arg == NULL )
+        return -1;
+    memcpy(arg, cmd, sizeof(coco_attestation_report_t));
+
+    rc = xencall2(handle->xcall, __HYPERVISOR_coco_op, XEN_COCO_attestation_report,
+        HYPERCALL_BUFFER_AS_ARG(arg));
+
+    if (!rc) {
+        memcpy(cmd, arg, sizeof(coco_attestation_report_t));
+    }
+    xc_hypercall_buffer_free(handle, arg);
+    return rc;
+}
+
 int xc_domain_setdebugging(xc_interface *xch,
                            uint32_t domid,
                            unsigned int enable)

diff --git a/tools/libs/ctrl/xc_version.c b/tools/libs/ctrl/xc_version.c
@@ -7,6 +7,7 @@
 
 #include "xc_private.h"
 #include <assert.h>
+#include <xen/hvm/coco.h>
 
 static int do_xen_version(xc_interface *xch, int cmd,
                           xc_hypercall_buffer_t *dest)
@@ -204,3 +205,101 @@ char *xc_xenver_buildid(xc_interface *xch)
 
     return res;
 }
+
+
+int xc_coco_get_platform_certs(xc_interface *handle, coco_platform_certs_t *cmd)
+{
+    DECLARE_HYPERCALL_BUFFER(coco_platform_certs_t, arg);
+    int rc;
+
+    arg = xc_hypercall_buffer_alloc(handle, arg, sizeof(*arg));
+    if ( arg == NULL )
+        return -1;
+    memcpy(arg, cmd, sizeof(coco_platform_certs_t));
+
+    rc = xencall2(handle->xcall, __HYPERVISOR_coco_op, XEN_COCO_platform_certs,
+        HYPERCALL_BUFFER_AS_ARG(arg));
+
+    if (!rc) {
+        memcpy(cmd, arg, sizeof(coco_platform_certs_t));
+    }
+    xc_hypercall_buffer_free(handle, arg);
+    return rc;
+}
+
+int xc_coco_get_csr(xc_interface *handle, coco_certificate_t *cmd)
+{
+    DECLARE_HYPERCALL_BUFFER(coco_certificate_t, arg);
+    int rc;
+
+    arg = xc_hypercall_buffer_alloc(handle, arg, sizeof(*arg));
+    if ( arg == NULL )
+        return -1;
+    memcpy(arg, cmd, sizeof(coco_certificate_t));
+
+    rc = xencall2(handle->xcall, __HYPERVISOR_coco_op, XEN_COCO_platform_csr,
+        HYPERCALL_BUFFER_AS_ARG(arg));
+
+    if (!rc) {
+        memcpy(cmd, arg, sizeof(coco_certificate_t));
+    }
+    xc_hypercall_buffer_free(handle, arg);
+    return rc;
+}
+
+int xc_coco_update(xc_interface *handle, coco_update_t *cmd)
+{
+    DECLARE_HYPERCALL_BUFFER(coco_update_t, arg);
+    int rc;
+
+    arg = xc_hypercall_buffer_alloc(handle, arg, sizeof(*arg));
+    if ( arg == NULL )
+        return -1;
+    memcpy(arg, cmd, sizeof(coco_update_t));
+
+    rc = xencall2(handle->xcall, __HYPERVISOR_coco_op, XEN_COCO_platform_update,
+        HYPERCALL_BUFFER_AS_ARG(arg));
+
+    if (!rc) {
+        memcpy(cmd, arg, sizeof(coco_update_t));
+    }
+    xc_hypercall_buffer_free(handle, arg);
+    return rc;
+}
+int xc_coco_regen_certificate(xc_interface *handle, coco_certificate_name_t cert)
+{
+    /* Maybe it's not necessary to add another syscall for that */
+    DECLARE_HYPERCALL_BUFFER(coco_certificate_name_t, arg);
+    int rc;
+
+    arg = xc_hypercall_buffer_alloc(handle, arg, sizeof(*arg));
+    if ( arg == NULL )
+        return -1;
+    *arg = cert;
+
+    rc = xencall2(handle->xcall, __HYPERVISOR_coco_op, XEN_COCO_platform_regen_cert,
+        HYPERCALL_BUFFER_AS_ARG(arg));
+
+    xc_hypercall_buffer_free(handle, arg);
+    return rc;
+}
+
+int xc_coco_import_certificate(xc_interface *handle, coco_platform_import_certs_t *cmd)
+{
+    DECLARE_HYPERCALL_BUFFER(coco_platform_import_certs_t, arg);
+    int rc;
+
+    arg = xc_hypercall_buffer_alloc(handle, arg, sizeof(*arg));
+    if ( arg == NULL )
+        return -1;
+    memcpy(arg, cmd, sizeof(coco_platform_import_certs_t));
+
+    rc = xencall2(handle->xcall, __HYPERVISOR_coco_op, XEN_COCO_platform_cert_import,
+        HYPERCALL_BUFFER_AS_ARG(arg));
+
+    if (!rc) {
+        memcpy(cmd, arg, sizeof(coco_platform_import_certs_t));
+    }
+    xc_hypercall_buffer_free(handle, arg);
+    return rc;
+}
diff --git a/tools/libs/guest/xg_dom_boot.c b/tools/libs/guest/xg_dom_boot.c
@@ -192,10 +192,10 @@ int xc_dom_boot_image(struct xc_dom_image *dom)
          (rc = dom->arch_hooks->setup_pgtables(dom)) != 0 )
         return rc;
 
-    if ( dom->coco )
+    if ( dom->coco ) {
         /* We need to check if we are actually a SEV-ES guest to set SIF_HVM_GHCB */
         dom->use_ghcb = info.arch_config.coco.sev.policy & 0x4;
-
+    }
     /* start info page */
     if ( dom->arch_hooks->start_info )
         dom->arch_hooks->start_info(dom);
@@ -241,6 +241,12 @@ int xc_dom_boot_image(struct xc_dom_image *dom)
     /* let the vm run */
     if ( (rc = dom->arch_hooks->vcpu(dom)) != 0 )
         return rc;
+
+    if (dom->coco) {
+        /* vcpu needs to be initialized */
+        if ( (rc = xg_dom_coco_finish_encrypt(dom->xch, dom)) != 0 )
+            return rc;
+    }
     xc_dom_unmap_all(dom);
 
     return rc;

diff --git a/tools/libs/guest/xg_dom_coco.c b/tools/libs/guest/xg_dom_coco.c
@@ -32,4 +32,8 @@ int xg_dom_coco_encrypt_seg(xc_interface *xch, struct xc_dom_image *dom,
     cmd.count = seg.pages;
 
     return xc_coco_prepare_initial_mem(xch, &cmd);
+}
+int xg_dom_coco_finish_encrypt(xc_interface *xch, struct xc_dom_image *dom)
+{
+    return xc_coco_finish_initial_mem(xch, dom->guest_domid);
 }
diff --git a/tools/libs/guest/xg_dom_coco.h b/tools/libs/guest/xg_dom_coco.h
@@ -26,6 +26,8 @@
 int xg_dom_coco_encrypt_seg(xc_interface *xch, struct xc_dom_image *dom,
                             struct xc_dom_seg seg, const char *name);
 
+int xg_dom_coco_finish_encrypt(xc_interface *xch, struct xc_dom_image *dom);                            
+
 #endif /* XC_DOM_COCO_H */
 
 /*

diff --git a/tools/libs/light/Makefile b/tools/libs/light/Makefile
@@ -27,6 +27,8 @@ OBJS-y += libxl_colo_nic.o
 else
 OBJS-y += libxl_no_colo.o
 endif
+# TODO: add something like CONFIG_COCO ?
+OBJS-y += libxl_coco.o
 
 ACPI_PATH  = $(XEN_ROOT)/tools/libacpi
 DSDT_FILES-$(CONFIG_X86) = dsdt_pvh.c