packaging: Adding caching capability for SEV kernel

Cache and reuse kernel tarball whenever possible. Fixes: #6176 Signed-off-by: Unmesh Deodhar <udeodhar@amd.com> Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
2025-08-31 08:28:34 +00:00 · 2023-02-14 16:08:04 -06:00
parent 321b061a53
commit 2313b7fa8c
2 changed files with 44 additions and 9 deletions
--- a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh
+++ b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh
@@ -394,24 +394,50 @@ install_cc_virtiofsd() {
 	sudo install -D --owner root --group root --mode 0744 virtiofsd/virtiofsd "${destdir}/${cc_prefix}/libexec/virtiofsd"
 }

-#Install CC kernel assert, with TEE support
-install_cc_tee_kernel() {
-	export KATA_BUILD_CC=yes
+# Install cached kernel compoenent
+install_cached_kernel_component() {
 	tee="${1}"
 	kernel_version="${2}"
+	module_dir="${3:-}"

-	[[ "${tee}" != "tdx" && "${tee}" != "sev" ]] && die "Non supported TEE"
-
-	export kernel_version=${kernel_version}
-
-	install_cached_component \
+	install_cached_compnent \
 		"kernel" \
 		"${jenkins_url}/job/kata-containers-2.0-kernel-${tee}-cc-$(uname -m)/${cached_artifacts_path}" \
 		"${kernel_version}" \
 		"$(get_kernel_image_name)" \
 		"${final_tarball_name}" \
 		"${final_tarball_path}" \
-		&& return 0
+		|| return 1
+
+	[ "${tee}" == "tdx" ] && return 0
+
+	# SEV specific code path
+	install_cached_component \
+		"kernel-modules" \
+		"${jenkins_url}/job/kata-containers-2.0-kernel-sev-cc-$(uname -m)/${cached_artifacts_path}" \
+		"${kernel_version}" \
+		"$(get_kernel_image_name)" \
+		"kata-static-cc-sev-kernel-modules.tar.xz" \
+		"${workdir}/kata-static-cc-sev-kernel-modules.tar.xz" \
+	|| return 1
+		
+	tar xvf "${workdir}/kata-static-cc-sev-kernel-modules.tar.xz" -C  "${module_dir}" && return 0
+
+	return 1
+}
+
+#Install CC kernel assert, with TEE support
+install_cc_tee_kernel() {
+	export KATA_BUILD_CC=yes
+	tee="${1}"
+	kernel_version="${2}"
+	module_dir="${3:-}"
+
+	[[ "${tee}" != "tdx" && "${tee}" != "sev" ]] && die "Non supported TEE"
+
+	export kernel_version=${kernel_version}
+
+	install_cached_kernel_component "${tee}" "${kernel_version}" "${module_dir}" && return 0

 	info "build initramfs for TEE kernel"
 	"${initramfs_builder}"
--- a/tools/packaging/static-build/cache_components.sh
+++ b/tools/packaging/static-build/cache_components.sh
@@ -45,6 +45,15 @@ cache_kernel_artifacts() {
 		[ "${TEE}" == "sev" ] && current_kernel_version="$(get_from_kata_deps "assets.kernel.${TEE}.version")"
 	fi
 	create_cache_asset "${kernel_tarball_name}" "${current_kernel_version}" "${current_kernel_image}"
+
+	if [ "${TEE}" == "sev" ]; then
+		module_dir="${repo_root_dir}/tools/packaging/kata-deploy/local-build/build/cc-sev-kernel/builddir/kata-linux-${kernel_version#v}-${get_config_version}/lib/modules/${kernel_version#v}"
+		pushd "${repo_root_dir}/tools/packaging/kata-deploy/local-build/build/"
+		tar cvfJ "kata-static-cc-sev-kernel-modules.tar.xz" "${module_dir}/kernel/drivers/virt/coco/efi_secret/"
+		popd
+		create_cache_asset "kata-static-cc-kernel-modules.tar.xz" "${current_kernel_version}" "${current_kernel_image}"
+	fi
+
 }

 cache_firmware_artifacts() {