From 3018c9ad517874779a0017ab38a9796ab1c79da9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= <fabiano.fidencio@intel.com>
Date: Thu, 23 Mar 2023 09:03:16 +0100
Subject: [PATCH] versions: Update QEMU TDX version
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Let's update the QEMU TDX version to what's the latest tested release of
the Intel TDX tools with Kata Containers.

In order to do such update, we had to relax the checks on the QEMU
version for some of the configuration options, as those were removed
right after the window was open for the 7.1.0 development (thus the
7.0.50 check).

Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
---
 .../no_patches.txt                                         | 0
 tools/packaging/scripts/configure-hypervisor.sh            | 7 +++++--
 versions.yaml                                              | 5 +++--
 3 files changed, 8 insertions(+), 4 deletions(-)
 create mode 100644 tools/packaging/qemu/patches/tag_patches/ad4c7f529a279685da84297773b4ec8080153c2d-plus-TDX-v1.3/no_patches.txt

diff --git a/tools/packaging/qemu/patches/tag_patches/ad4c7f529a279685da84297773b4ec8080153c2d-plus-TDX-v1.3/no_patches.txt b/tools/packaging/qemu/patches/tag_patches/ad4c7f529a279685da84297773b4ec8080153c2d-plus-TDX-v1.3/no_patches.txt
new file mode 100644
index 0000000000..e69de29bb2
diff --git a/tools/packaging/scripts/configure-hypervisor.sh b/tools/packaging/scripts/configure-hypervisor.sh
index 61e479237c..751b2866f9 100755
--- a/tools/packaging/scripts/configure-hypervisor.sh
+++ b/tools/packaging/scripts/configure-hypervisor.sh
@@ -242,9 +242,12 @@ generate_qemu_options() {
 	# Disable graphical network access
 	qemu_options+=(size:--disable-vnc)
 	qemu_options+=(size:--disable-vnc-jpeg)
-	if ! gt_eq "${qemu_version}" "7.2.0" ; then
+	if ! gt_eq "${qemu_version}" "7.0.50" ; then
 		qemu_options+=(size:--disable-vnc-png)
+	else
+		qemu_options+=(size:--disable-png)
 	fi
+
 	qemu_options+=(size:--disable-vnc-sasl)
 
 	# Disable PAM authentication: it's a feature used together with VNC access
@@ -358,7 +361,7 @@ generate_qemu_options() {
 	qemu_options+=(size:--disable-vde)
 
 	# Don't build other options which can't be depent on build server.
-	if ! gt_eq "${qemu_version}" "7.2.0" ; then
+	if ! gt_eq "${qemu_version}" "7.0.50" ; then
 		qemu_options+=(size:--disable-xfsctl)
 		qemu_options+=(size:--disable-libxml2)
 	fi
diff --git a/versions.yaml b/versions.yaml
index a906b5307f..b6c84b3f31 100644
--- a/versions.yaml
+++ b/versions.yaml
@@ -110,9 +110,10 @@ assets:
       version: "7a800cf9496fddddf71b21a00991e0ec757a170a"
 
     qemu-tdx-experimental:
-      description: "VMM that uses KVM and supports TDX"
+      # yamllint disable-line rule:line-length
+      description: "QEMU with TDX support - based on https://github.com/intel/tdx-tools/releases/tag/2023ww01"
       url: "https://github.com/kata-containers/qemu"
-      tag: "TDX-v3.1"
+      tag: "ad4c7f529a279685da84297773b4ec8080153c2d-plus-TDX-v1.3"
 
   image:
     description: |