github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-06-30 01:02:33 +00:00
Code Issues Projects Releases Wiki Activity

runtime: clh: Use the new API to boot with TDX firmware (td-shim)

Browse Source 
The new way to boot from TDX firmware (e.g. td-shim) is using the
combination of '--platform tdx=on' with '--firmware tdshim'.

Fixes: #5309

Signed-off-by: Bo Chen <chen.bo@intel.com>
This commit is contained in:
Bo Chen 2022-09-30 14:12:38 -07:00
parent 5d63fcf344
commit 067e2b1e33
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/runtime/virtcontainers/clh.go
View File

@ -417,7 +417,13 @@ func (clh *cloudHypervisor) enableProtection() error {
return errors.New("Firmware path is not specified") return errors.New("Firmware path is not specified")
} }
clh.vmconfig.Tdx = chclient.NewTdxConfig(firmwarePath) clh.vmconfig.Payload.SetFirmware(firmwarePath)
if clh.vmconfig.Platform == nil {
clh.vmconfig.Platform = chclient.NewPlatformConfig()
}
clh.vmconfig.Platform.SetTdx(true)
return nil return nil
case sevProtection: case sevProtection: