agent: allow disabling detect_initdata_device

Allow users to build the Kata Agent using INIT_DATA=no to disable the detect_initdata_device() code loop and associated debug log output. Future additional improvements related to Init Data are tracked by #11532. Signed-off-by: Dan Mihai <dmihai@microsoft.com>
2026-04-04 19:16:12 +00:00 · 2025-11-25 00:34:28 +00:00
parent 5429464019
commit 32cbf4aec2
7 changed files with 23 additions and 2 deletions
--- a/src/agent/Cargo.toml
+++ b/src/agent/Cargo.toml
@@ -203,6 +203,7 @@ lto = true
 seccomp = ["rustjail/seccomp"]
 standard-oci-runtime = ["rustjail/standard-oci-runtime"]
 agent-policy = ["kata-agent-policy"]
+init-data = []

 [[bin]]
 name = "kata-agent"
--- a/src/agent/Makefile
+++ b/src/agent/Makefile
@@ -41,6 +41,14 @@ ifeq ($(AGENT_POLICY),yes)
    override EXTRA_RUSTFEATURES += agent-policy
 endif

+##VAR INIT_DATA=yes|no define if agent enables the init data feature
+INIT_DATA ?= yes
+
+# Enable the init data fature of rust build
+ifeq ($(INIT_DATA),yes)
+    override EXTRA_RUSTFEATURES += init-data
+endif
+
 include ../../utils.mk

 ##VAR STANDARD_OCI_RUNTIME=yes|no define if agent enables standard oci runtime feature
--- a/src/agent/src/initdata.rs
+++ b/src/agent/src/initdata.rs
@@ -9,6 +9,7 @@
 // SPDX-License-Identifier: Apache-2.0
 //

+#[cfg(feature = "init-data")]
 use std::{os::unix::fs::FileTypeExt, path::Path};

 use anyhow::{bail, Context, Result};
@@ -37,8 +38,16 @@ pub const AA_CONFIG_PATH: &str = concatcp!(INITDATA_PATH, "/aa.toml");
 pub const CDH_CONFIG_PATH: &str = concatcp!(INITDATA_PATH, "/cdh.toml");

 /// Magic number of initdata device
+#[cfg(feature = "init-data")]
 pub const INITDATA_MAGIC_NUMBER: &[u8] = b"initdata";

+#[cfg(not(feature = "init-data"))]
+async fn detect_initdata_device(logger: &Logger) -> Result<Option<String>> {
+    debug!(logger, "Initdata is disabled");
+    Ok(None)
+}
+
+#[cfg(feature = "init-data")]
 async fn detect_initdata_device(logger: &Logger) -> Result<Option<String>> {
    let dev_dir = Path::new("/dev");
    let mut read_dir = tokio::fs::read_dir(dev_dir).await?;
--- a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries-in-docker.sh
+++ b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries-in-docker.sh
@@ -113,6 +113,7 @@ AGENT_POLICY="${AGENT_POLICY:-yes}"
 RUNTIME_CHOICE="${RUNTIME_CHOICE:-both}"
 IMAGE_SIZE_ALIGNMENT_MB=${IMAGE_SIZE_ALIGNMENT_MB:-}
 KERNEL_DEBUG_ENABLED="${KERNEL_DEBUG_ENABLED:-}"
+INIT_DATA="${INIT_DATA:-yes}"

 docker run \
 	-v $HOME/.docker:/root/.docker \
--- a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh
+++ b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh
@@ -61,6 +61,7 @@ RELEASE="${RELEASE:-"no"}"
 KBUILD_SIGN_PIN="${KBUILD_SIGN_PIN:-}"
 RUNTIME_CHOICE="${RUNTIME_CHOICE:-both}"
 KERNEL_DEBUG_ENABLED=${KERNEL_DEBUG_ENABLED:-"no"}
+INIT_DATA="${INIT_DATA:-yes}"

 workdir="${WORKDIR:-$PWD}"

--- a/tools/packaging/static-build/agent/build-static-agent.sh
+++ b/tools/packaging/static-build/agent/build-static-agent.sh
@@ -18,8 +18,8 @@ build_agent_from_source() {
 	/usr/bin/install_libseccomp.sh /opt /opt

 	cd src/agent
-	DESTDIR=${DESTDIR} AGENT_POLICY=${AGENT_POLICY} make
-	DESTDIR=${DESTDIR} AGENT_POLICY=${AGENT_POLICY} make install
+	DESTDIR=${DESTDIR} AGENT_POLICY=${AGENT_POLICY} INIT_DATA=${INIT_DATA} make
+	DESTDIR=${DESTDIR} AGENT_POLICY=${AGENT_POLICY} INIT_DATA=${INIT_DATA} make install
 }

 build_agent_from_source "$@"
--- a/tools/packaging/static-build/agent/build.sh
+++ b/tools/packaging/static-build/agent/build.sh
@@ -26,6 +26,7 @@ docker pull ${container_image} || \
 docker run --rm -i -v "${repo_root_dir}:${repo_root_dir}" \
 	--env DESTDIR=${DESTDIR} \
 	--env AGENT_POLICY=${AGENT_POLICY:-no} \
+	--env INIT_DATA=${INIT_DATA:-yes} \
 	--env LIBSECCOMP_VERSION=${LIBSECCOMP_VERSION} \
 	--env LIBSECCOMP_URL=${LIBSECCOMP_URL} \
 	--env GPERF_VERSION=${GPERF_VERSION} \