github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-08-18 07:58:36 +00:00
Code Issues Projects Releases Wiki Activity

runtime-rs: support initdata within nontee scenarios

Browse Source 
NoProtection cases

Signed-off-by: Alex Lyn <alex.lyn@antgroup.com>
This commit is contained in:
Alex Lyn 2025-08-12 14:26:23 +08:00
parent 3c6855e492
commit 730c600286
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/runtime-rs/crates/runtimes/virt_container/src/sandbox.rs
View File

@ -429,6 +429,7 @@ impl VirtSandbox {
debug: false, debug: false,
}))) })))
}, },
GuestProtection::NoProtection => Ok(None),
_ => Err(anyhow!("confidential_guest requested by configuration but no supported protection available")) _ => Err(anyhow!("confidential_guest requested by configuration but no supported protection available"))
} }
} }
@ -437,6 +438,10 @@ impl VirtSandbox {
&self, &self,
hypervisor_config: &HypervisorConfig, hypervisor_config: &HypervisorConfig,
) -> Result<Option<InitDataConfig>> { ) -> Result<Option<InitDataConfig>> {
if !hypervisor_config.security_info.confidential_guest {
return Ok(None);
}
let initdata = hypervisor_config.security_info.initdata.clone(); let initdata = hypervisor_config.security_info.initdata.clone();
if initdata.is_empty() { if initdata.is_empty() {
return Ok(None); return Ok(None);
@ -452,6 +457,9 @@ impl VirtSandbox {
GuestProtection::Snp(_details) => { GuestProtection::Snp(_details) => {
calculate_initdata_digest(&initdata, ProtectedPlatform::Snp)? calculate_initdata_digest(&initdata, ProtectedPlatform::Snp)?
} }
GuestProtection::NoProtection => {
calculate_initdata_digest(&initdata, ProtectedPlatform::NoProtection)?
}
// TODO: there's more `GuestProtection` types to be supported. // TODO: there's more `GuestProtection` types to be supported.
_ => return Ok(None), _ => return Ok(None),
}; };