diff --git a/src/runtime/pkg/oci/utils.go b/src/runtime/pkg/oci/utils.go index c64bb1967f..8bc8dd5ed8 100644 --- a/src/runtime/pkg/oci/utils.go +++ b/src/runtime/pkg/oci/utils.go @@ -556,6 +556,9 @@ func addHypervisorConfigOverrides(ocispec specs.Spec, config *vc.SandboxConfig, config.HypervisorConfig.SGXEPCSize = size } + if initdata, ok := ocispec.Annotations[vcAnnotations.Initdata]; ok { + config.HypervisorConfig.Initdata = initdata + } return nil } diff --git a/src/runtime/pkg/oci/utils_test.go b/src/runtime/pkg/oci/utils_test.go index d363b8b204..f034490264 100644 --- a/src/runtime/pkg/oci/utils_test.go +++ b/src/runtime/pkg/oci/utils_test.go @@ -773,6 +773,12 @@ func TestAddRemoteHypervisorAnnotations(t *testing.T) { ocispec.Annotations[vcAnnotations.DefaultMemory] = "1" err = addAnnotations(ocispec, &sbConfig, runtimeConfig) assert.NoError(err) + + // When initdata specified, remote hypervisor annotations do have the annotation added. + ocispec.Annotations[vcAnnotations.Initdata] = "initdata" + err = addAnnotations(ocispec, &sbConfig, runtimeConfig) + assert.NoError(err) + assert.Equal(sbConfig.HypervisorConfig.Initdata, "initdata") } func TestAddProtectedHypervisorAnnotations(t *testing.T) { @@ -860,6 +866,7 @@ func TestAddRuntimeAnnotations(t *testing.T) { ocispec.Annotations[vcAnnotations.DisableNewNetNs] = "true" ocispec.Annotations[vcAnnotations.InterNetworkModel] = "macvtap" ocispec.Annotations[vcAnnotations.CreateContainerTimeout] = "100" + ocispec.Annotations[vcAnnotations.Initdata] = "initdata" addAnnotations(ocispec, &config, runtimeConfig) assert.Equal(config.DisableGuestSeccomp, true) @@ -867,6 +874,7 @@ func TestAddRuntimeAnnotations(t *testing.T) { assert.Equal(config.NetworkConfig.DisableNewNetwork, true) assert.Equal(config.NetworkConfig.InterworkingModel, vc.NetXConnectMacVtapModel) assert.Equal(config.CreateContainerTimeout, uint64(100)) + assert.Equal(config.HypervisorConfig.Initdata, "initdata") } func TestRegexpContains(t *testing.T) { diff --git a/src/runtime/virtcontainers/hypervisor.go b/src/runtime/virtcontainers/hypervisor.go index cc37433105..853ad4d5be 100644 --- a/src/runtime/virtcontainers/hypervisor.go +++ b/src/runtime/virtcontainers/hypervisor.go @@ -684,6 +684,9 @@ type HypervisorConfig struct { // QgsPort defines Intel Quote Generation Service port exposed from the host QgsPort uint32 + + // Initdata defines the initdata passed into guest when CreateVM + Initdata string } // vcpu mapping from vcpu number to thread number diff --git a/src/runtime/virtcontainers/pkg/annotations/annotations.go b/src/runtime/virtcontainers/pkg/annotations/annotations.go index 9414d05397..8b6adc56fa 100644 --- a/src/runtime/virtcontainers/pkg/annotations/annotations.go +++ b/src/runtime/virtcontainers/pkg/annotations/annotations.go @@ -243,6 +243,9 @@ const ( // EnableRootlessHypervisor is a sandbox annotation to enable rootless hypervisor (only supported in QEMU currently). EnableRootlessHypervisor = kataAnnotHypervisorPrefix + "rootless" + + // Initdata is the initdata passed in when CreateVM + Initdata = kataConfAnnotationsPrefix + "runtime.cc_init_data" ) // Runtime related annotations diff --git a/src/runtime/virtcontainers/remote.go b/src/runtime/virtcontainers/remote.go index 0250566736..d0bb1674c3 100644 --- a/src/runtime/virtcontainers/remote.go +++ b/src/runtime/virtcontainers/remote.go @@ -79,6 +79,7 @@ func (rh *remoteHypervisor) CreateVM(ctx context.Context, id string, network Net annotations[hypannotations.MachineType] = hypervisorConfig.HypervisorMachineType annotations[hypannotations.DefaultVCPUs] = strconv.FormatUint(uint64(hypervisorConfig.NumVCPUs()), 10) annotations[hypannotations.DefaultMemory] = strconv.FormatUint(uint64(hypervisorConfig.MemorySize), 10) + annotations[hypannotations.Initdata] = hypervisorConfig.Initdata req := &pb.CreateVMRequest{ Id: id,