runtime-rs: Introduce Tdx Protection Device and add it into cmdline

This patch introduces TdxConfig with key fields, firmare,
qgs_port, mrconfigid, and other useful things. With this config,
a new ProtectionDeviceConfig type `Tdx(TdxConfig)` is added.

With this new type supported, we finally add tdx protection device
into the cmdline to launch a TDX-based CVM.

Signed-off-by: alex.lyn <alex.lyn@antgroup.com>

src/runtime-rs/crates/hypervisor/src/device/driver/protection_device.rs

@@ -14,6 +14,7 @@ use async_trait::async_trait;
 pub enum ProtectionDeviceConfig {
     SevSnp(SevSnpConfig),
     Se,
+    Tdx(TdxConfig),
 }
 
 #[derive(Debug, Clone)]
@@ -23,6 +24,20 @@ pub struct SevSnpConfig {
     pub firmware: String,
 }
 
+#[derive(Debug, Clone)]
+pub struct TdxConfig {
+    // Object ID
+    pub id: String,
+    // Firmware path
+    pub firmware: String,
+    // Quote Qeneration Socket port
+    pub qgs_port: u32,
+    // mrconfigid
+    pub mrconfigid: Option<String>,
+    // Debug mode
+    pub debug: bool,
+}
+
 #[derive(Debug, Clone)]
 pub struct ProtectionDevice {
     pub device_id: String,

src/runtime-rs/crates/hypervisor/src/qemu/inner.rs

@@ -145,6 +145,13 @@ impl QemuInner {
                         }
                     }
                     ProtectionDeviceConfig::Se => cmdline.add_se_protection_device(),
+                    ProtectionDeviceConfig::Tdx(tdx_config) => cmdline.add_tdx_protection_device(
+                        &tdx_config.id,
+                        &tdx_config.firmware,
+                        tdx_config.qgs_port,
+                        &tdx_config.mrconfigid,
+                        tdx_config.debug,
+                    ),
                 },
                 DeviceType::PortDevice(port_device) => {
                     let port_type = port_device.config.port_type;