github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-09-01 00:46:38 +00:00
Code Issues Projects Releases Wiki Activity

CCv0: Remove qemu paramter 'policy' for SNP container

Browse Source 
Removed the qemu paramter 'policy' (and also dh-cert-file, session-file, kernel-hashes=on)
for SNP container.

Fixes: #5795

Signed-off-by: Niteesh Dubey <niteesh@linux.ibm.com>
This commit is contained in:
Niteesh Dubey
2022-11-29 21:25:58 +00:00
parent d3547814e5
commit 55b36212e6
1 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/runtime/pkg/govmm/qemu/qemu.go
View File

@@ -274,11 +274,11 @@ type Object struct {
FirmwareVolume string FirmwareVolume string
// CBitPos is the location of the C-bit in a guest page table entry // CBitPos is the location of the C-bit in a guest page table entry
// This is only relevant for sev-guest objects // This is only relevant for sev-guest and sev-snp-guest objects
CBitPos uint32 CBitPos uint32
// ReducedPhysBits is the reduction in the guest physical address space // ReducedPhysBits is the reduction in the guest physical address space
// This is only relevant for sev-guest objects // This is only relevant for sev-guest and sev-snp-guest objects
ReducedPhysBits uint32 ReducedPhysBits uint32
// ReadOnly specifies whether `MemPath` is opened read-only or read/write (default) // ReadOnly specifies whether `MemPath` is opened read-only or read/write (default)
@@ -370,8 +370,6 @@ func (object Object) QemuParams(config *Config) []string {
deviceParams = append(deviceParams, fmt.Sprintf("config-firmware-volume=%s", object.FirmwareVolume)) deviceParams = append(deviceParams, fmt.Sprintf("config-firmware-volume=%s", object.FirmwareVolume))
} }
case SEVGuest: case SEVGuest:
fallthrough
case SNPGuest:
objectParams = append(objectParams, string(object.Type)) objectParams = append(objectParams, string(object.Type))
objectParams = append(objectParams, fmt.Sprintf("id=%s", object.ID)) objectParams = append(objectParams, fmt.Sprintf("id=%s", object.ID))
objectParams = append(objectParams, fmt.Sprintf("cbitpos=%d", object.CBitPos)) objectParams = append(objectParams, fmt.Sprintf("cbitpos=%d", object.CBitPos))
@@ -389,6 +387,14 @@ func (object Object) QemuParams(config *Config) []string {
// Add OVMF firmware as pflash drive // Add OVMF firmware as pflash drive
driveParams = append(driveParams, "if=pflash,format=raw,readonly=on") driveParams = append(driveParams, "if=pflash,format=raw,readonly=on")
driveParams = append(driveParams, fmt.Sprintf("file=%s", object.File)) driveParams = append(driveParams, fmt.Sprintf("file=%s", object.File))
case SNPGuest:
objectParams = append(objectParams, string(object.Type))
objectParams = append(objectParams, fmt.Sprintf("id=%s", object.ID))
objectParams = append(objectParams, fmt.Sprintf("cbitpos=%d", object.CBitPos))
objectParams = append(objectParams, fmt.Sprintf("reduced-phys-bits=%d", object.ReducedPhysBits))
// Add OVMF firmware as pflash drive
driveParams = append(driveParams, "if=pflash,format=raw,readonly=on")
driveParams = append(driveParams, fmt.Sprintf("file=%s", object.File))
case SecExecGuest: case SecExecGuest:
objectParams = append(objectParams, string(object.Type)) objectParams = append(objectParams, string(object.Type))
objectParams = append(objectParams, fmt.Sprintf("id=%s", object.ID)) objectParams = append(objectParams, fmt.Sprintf("id=%s", object.ID))