feat: Add Azure CVM Emulation (AzCVMEmu) support for development and testing

This commit introduces comprehensive Azure CVM emulation capabilities to enable
MigTD development and testing as a standard Rust application inside an Azure TDX CVM,
while exercising almost all MigTDCore code and flows, including RA-TLS with TDX Quote
and migration policy enforcement.

**Emulation Infrastructure:**
- Relevant td-shim interfaces emulation under `deps/td-shim-AzCVMEmu/`
- Relevant TDX TDCALL emulation
- MigTD Quote emulation by Azure TDX CVM virtual FW Quote, or mock TD REPORT and Quote
- Event logging emulation with CCEL (CC Event Log) interface
- Interrupt handling emulation
- File-based policy and root CA configuration loading
- TCP transport layer for source/destination communication

**MigTDCore Integration:**
- Conditional compilation support via `AzCVMEmu` feature flag
- Command-line interface with argument parsing and help
- Standard library (std) support for development workflows

**Development and Testing Support:**
- `migtdemu.sh` runner script with automatic environment detection
- CI/CD integration with GitHub Actions workflow
- Documentation in `doc/AzCVMEmu.md`
- `test_disable_ra_and_accept_all` support for mock attestation, enabling build and integration test on generic Linux machine

**Development/Testing (Azure TDX CVM + TPM2-TSS):**
```bash
cargo build --no-default-features --features "AzCVMEmu" --bin migtd
```

**Development/Testing (any Linux system):**
```bash
cargo build --no-default-features --features "AzCVMEmu,test_disable_ra_and_accept_all" --bin migtd
```

This implementation enables comprehensive end-to-end testing of MigTD's
RATLS, policy enforcement, and migration workflows in a broadly available development
environments.

Special acknowledgments:
- src/attestation/fixup-libservtd-attest-lib.sh: Investigation, design and implementation by Mike Brasher <[email protected]>

Co-authored-by: Haitao Huang <[email protected]>
Signed-off-by: Bo Zhang (ACC) <[email protected]>

Author: bodzhang

.github/workflows/integration-emu.yml

@@ -0,0 +1,183 @@
+name: Integration (Emulation Mode)
+
+# Trigger on push and pull request events
+on:
+  push:
+    paths-ignore:
+      - "**.md"
+      - "doc/**"
+  pull_request:
+    paths-ignore:
+      - "**.md"
+      - "doc/**"
+  workflow_dispatch:
+
+env:
+  AS: nasm
+  RUST_TOOLCHAIN: 1.83.0
+  TOOLCHAIN_PROFILE: minimal
+
+permissions:
+  contents: read
+
+jobs:
+  build-and-test:
+    name: Build and Test MigTD in Emulation Mode
+    runs-on: ubuntu-22.04
+    timeout-minutes: 60
+
+    steps:
+      # Install first since it's needed to build NASM
+      - name: Install LLVM and Clang
+        uses: KyleMayes/install-llvm-action@a7a1a882e2d06ebe05d5bb97c3e1f8c984ae96fc # v2.0.7
+        with:
+          version: "10.0"
+          directory: ${{ runner.temp }}/llvm
+      
+      - name: Install libtinfo5
+        run: sudo apt-get update -y && sudo apt-get install libtinfo5 -y
+
+      - name: Install NASM
+        uses: ilammy/setup-nasm@72793074d3c8cdda771dba85f6deafe00623038b # v1.5.2
+
+      - name: Install build dependencies
+        run: sudo apt-get install build-essential ocaml ocamlbuild automake autoconf libtool wget python-is-python3 libssl-dev git cmake perl libtss2-dev pkg-config
+
+      - name: Checkout sources
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        with:
+          submodules: recursive
+
+      - name: Install Rust toolchain
+        uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af # v1.0.7
+        with:
+          profile: ${{ env.TOOLCHAIN_PROFILE }}
+          toolchain: ${{ env.RUST_TOOLCHAIN }}
+          override: true
+          components: rust-src
+
+      - name: Add x86_64-unknown-none target
+        run: rustup target add x86_64-unknown-none
+        
+      - name: Run preparation script
+        run: bash sh_script/preparation.sh
+
+      - name: Build MigTD with test features for emulation
+        run: |
+          echo "Building MigTD with AzCVMEmu and test features for emulation testing..."
+          cargo build --release --features "AzCVMEmu,test_disable_ra_and_accept_all" --no-default-features
+
+      - name: Verify emulation script and binary
+        run: |
+          if [[ ! -f "./migtdemu.sh" ]]; then
+            echo "Error: migtdemu.sh not found"
+            exit 1
+          fi
+          chmod +x ./migtdemu.sh
+          
+          if [[ ! -f "./target/release/migtd" ]]; then
+            echo "Error: migtd binary not found after build"
+            exit 1
+          fi
+          
+          echo "Emulation script and binary are ready"
+
+      - name: Run MigTD emulation tests
+        id: emulation_test
+        run: |
+          echo "Running MigTD emulation tests with both source and destination..."
+          echo "This will start destination, then source, and test the migration flow"
+          echo "Command: ./migtdemu.sh --skip-ra --both --no-sudo --log-level info"
+          
+          # Run the test with timeout and capture exit code
+          set +e
+          timeout 300 ./migtdemu.sh --skip-ra --both --no-sudo --log-level info
+          EXIT_CODE=$?
+          set -e
+          
+          echo "Test completed with exit code: $EXIT_CODE"
+          
+          if [[ $EXIT_CODE -eq 0 ]]; then
+            echo "✅ Emulation test completed successfully"
+            echo "test_status=success" >> $GITHUB_OUTPUT
+          elif [[ $EXIT_CODE -eq 124 ]]; then
+            echo "❌ Emulation test timed out after 300 seconds"
+            echo "test_status=timeout" >> $GITHUB_OUTPUT
+            exit 1
+          else
+            echo "❌ Emulation test failed with exit code $EXIT_CODE"
+            echo "test_status=failed" >> $GITHUB_OUTPUT
+            exit $EXIT_CODE
+          fi
+
+      - name: Check test outputs and logs
+        if: always()
+        run: |
+          echo "=== Test Execution Summary ==="
+          echo "Test status: ${{ steps.emulation_test.outputs.test_status || 'unknown' }}"
+          
+          if [[ -f "dest.out.log" ]]; then
+            DEST_LOG_SIZE=$(wc -l < dest.out.log)
+            echo "Destination log found: $DEST_LOG_SIZE lines"
+            
+            echo ""
+            echo "=== Last 50 lines of destination log ==="
+            tail -n 50 dest.out.log
+            
+            echo ""
+            echo "=== First 20 lines of destination log ==="
+            head -n 20 dest.out.log
+          else
+            echo "No destination log file found"
+          fi
+          
+          # Check for any process dumps or error files
+          if ls core* 1> /dev/null 2>&1; then
+            echo ""
+            echo "=== Core dumps found ==="
+            ls -la core*
+          fi
+          
+          # Show summary of what was tested
+          echo ""
+          echo "=== Test Summary ==="
+          echo "- Built MigTD with AzCVMEmu and test_disable_ra_and_accept_all features"
+          echo "- Ran emulation test with both source and destination instances"
+          echo "- Skip RA mode enabled (mock attestation, no TPM/Azure CVM required)"
+
+      - name: Upload test artifacts on failure
+        if: failure()
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
+        with:
+          name: migtd-test-logs-${{ github.run_id }}
+          path: |
+            dest.out.log
+            *.log
+            core*
+            target/release/migtd
+          retention-days: 7
+          if-no-files-found: ignore
+
+      - name: Report final status
+        if: always()
+        run: |
+          case "${{ steps.emulation_test.outputs.test_status }}" in
+            "success")
+              echo "🎉 MigTD PR tests passed successfully!"
+              echo "✅ Build completed"
+              echo "✅ Emulation tests passed"
+              echo "The PR is ready for code review."
+              ;;
+            "timeout")
+              echo "⏰ MigTD tests timed out"
+              echo "✅ Build completed"
+              echo "❌ Tests timed out after 5 minutes"
+              echo "Check logs for hanging processes or infinite loops."
+              ;;
+            "failed"|*)
+              echo "❌ MigTD tests failed"
+              echo "✅ Build completed"
+              echo "❌ Emulation tests failed"
+              echo "Check the test logs above and uploaded artifacts for debugging details."
+              ;;
+          esac

.gitignore

@@ -18,6 +18,11 @@ coverage
 # migtd-core
 clear-*-kvm.img*
 fat*.img
+
+# Test artifacts
+dest.out.log
+*.log
+core*
 test_data
 *.o
 *.obj