Merge pull request #11693 from BbolroC/revert-initdata-annotation

runtime-rs: Fix issues for initdata
2025-09-17 06:48:51 +00:00 · 2025-08-20 21:17:52 +08:00
parent dd1752ac1c 0daafecef2
commit 014ab2fce6
13 changed files with 164 additions and 18 deletions
--- a/src/runtime-rs/Makefile
+++ b/src/runtime-rs/Makefile
@@ -147,6 +147,7 @@ DEFMAXMEMSZ := 0
 ##VAR DEFBRIDGES=<number> Default number of bridges
 DEFBRIDGES := 0
 DEFENABLEANNOTATIONS := [\"kernel_params\"]
+DEFENABLEANNOTATIONS_COCO := [\"kernel_params\",\"cc_init_data\"]
 DEFDISABLEGUESTSECCOMP := true
 DEFDISABLEGUESTEMPTYDIR := false
 ##VAR DEFAULTEXPFEATURES=[features] Default experimental features enabled
@@ -482,6 +483,7 @@ USER_VARS += DEFVIRTIOFSCACHE
 USER_VARS += DEFVIRTIOFSQUEUESIZE
 USER_VARS += DEFVIRTIOFSEXTRAARGS
 USER_VARS += DEFENABLEANNOTATIONS
+USER_VARS += DEFENABLEANNOTATIONS_COCO
 USER_VARS += DEFENABLEIOTHREADS
 USER_VARS += DEFSECCOMPSANDBOXPARAM
 USER_VARS += DEFGUESTSELINUXLABEL
--- a/src/runtime-rs/config/configuration-qemu-se-runtime-rs.toml.in
+++ b/src/runtime-rs/config/configuration-qemu-se-runtime-rs.toml.in
@@ -45,7 +45,7 @@ confidential_guest = true
 # List of valid annotation names for the hypervisor
 # Each member of the list is a regular expression, which is the base name
 # of the annotation, e.g. "path" for io.katacontainers.config.hypervisor.path"
-enable_annotations = @DEFENABLEANNOTATIONS@
+enable_annotations = @DEFENABLEANNOTATIONS_COCO@

 # List of valid annotations values for the hypervisor
 # Each member of the list is a path pattern as described by glob(3).
--- a/src/runtime-rs/crates/hypervisor/src/remote/inner.rs
+++ b/src/runtime-rs/crates/hypervisor/src/remote/inner.rs
@@ -14,8 +14,8 @@ use kata_types::{
        cri_containerd::{SANDBOX_NAMESPACE_LABEL_KEY, SANDBOX_NAME_LABEL_KEY},
        KATA_ANNO_CFG_HYPERVISOR_DEFAULT_GPUS, KATA_ANNO_CFG_HYPERVISOR_DEFAULT_GPU_MODEL,
        KATA_ANNO_CFG_HYPERVISOR_DEFAULT_MEMORY, KATA_ANNO_CFG_HYPERVISOR_DEFAULT_VCPUS,
-        KATA_ANNO_CFG_HYPERVISOR_IMAGE_PATH, KATA_ANNO_CFG_HYPERVISOR_MACHINE_TYPE,
-        KATA_ANNO_CFG_RUNTIME_INIT_DATA,
+        KATA_ANNO_CFG_HYPERVISOR_IMAGE_PATH, KATA_ANNO_CFG_HYPERVISOR_INIT_DATA,
+        KATA_ANNO_CFG_HYPERVISOR_MACHINE_TYPE,
    },
    capabilities::{Capabilities, CapabilityBits},
 };
@@ -127,7 +127,7 @@ impl RemoteInner {
            config.boot_info.image.to_string(),
        );
        annotations.insert(
-            KATA_ANNO_CFG_RUNTIME_INIT_DATA.to_string(),
+            KATA_ANNO_CFG_HYPERVISOR_INIT_DATA.to_string(),
            config.security_info.initdata.to_string(),
        );
        annotations.insert(