From 2962d8db4591bece48393747cf67b20c0b4ed6a3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Thu, 18 May 2023 12:43:38 +0200 Subject: [PATCH] Revert "runtime/qemu: Drop "kvm-type=tdx"" MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This reverts commit ed145365ecadf35b6a5050b4bf58f71c3c4a5d66. As the Jenkins TDX CI is running on a system with a TDX stack called "2022ww44", we should keep the QEMU / kernel / OVMF versions matching what's provided in that stack. The reason we were able to update this on `main` is because the GHA TDX CI is running on a TDX stack called "2023ww01", but we have decided to NOT take the bullet, NOT updating the Jenkins CI in order to avoid unexepected breakages. This regression was introduced as part of the last CCv0 merge to main, and would've been caught by the CI, and should've been caught by the reviewer (myself :-)), but CI was having a hard time to even build the compoenents and I wrote in the PR and I'm quoting it here: "I rather deal with possible breakages on this later on, than block this PR to get in." ... and here we are. :-) Fixes: #6884 Signed-off-by: Fabiano FidĂȘncio --- src/runtime/virtcontainers/qemu_amd64.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/runtime/virtcontainers/qemu_amd64.go b/src/runtime/virtcontainers/qemu_amd64.go index e9cda5b9e9..d24953e61e 100644 --- a/src/runtime/virtcontainers/qemu_amd64.go +++ b/src/runtime/virtcontainers/qemu_amd64.go @@ -260,7 +260,7 @@ func (q *qemuAmd64) enableProtection() error { if q.qemuMachine.Options != "" { q.qemuMachine.Options += "," } - q.qemuMachine.Options += "confidential-guest-support=tdx" + q.qemuMachine.Options += "kvm-type=tdx,confidential-guest-support=tdx" logger.Info("Enabling TDX guest protection") return nil case sevProtection: