mirror of
https://github.com/kata-containers/kata-containers.git
synced 2025-08-30 23:37:45 +00:00
config: Adjust TDXKERNELPARAMS for different VMMs
As Cloud Hypervisor and QEMU are using different rootfs images (the former with `offline_fs_kbc` as aa_kbc, and the latter with `eaa_kbc`), we need to differentiate the kernel parameters passed to each one of those, as the `root_hash.txt` file used for measured boot will differ according to the rootfs used. Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
This commit is contained in:
Fabiano Fidêncio
parent
24c7066425
commit
788f1e6d61
@ -132,7 +132,9 @@ ROOTMEASURECONFIGTDX ?= ""
|
||||
AGENT_AA_KBC_PARAMS ?= ""
|
||||
AGENT_AA_KBC_PARAMS_TDX ?= ""
|
||||
AGENT_AA_KBC_PARAMS_SEV ?= ""
|
||||
TDXKERNELPARAMS := tdx_disable_filter $(ROOTMEASURECONFIGTDX) agent.enable_signature_verification=false $(AGENT_AA_KBC_PARAMS_TDX)
|
||||
TDXKERNELPARAMS := tdx_disable_filter agent.enable_signature_verification=false $(AGENT_AA_KBC_PARAMS_TDX)
|
||||
TDXKERNELPARAMS_QEMU += $(TDXKERNELPARAMS) $(ROOTMEASURECONFIGTDX)
|
||||
TDXKERNELPARAMS_CLH += $(TDXKERNELPARAMS) $(ROOTMEASURECONFIG)
|
||||
SEVKERNELPARAMS := $(AGENTCONFIGFILEKERNELPARAM) agent.enable_signature_verification=false $(AGENT_AA_KBC_PARAMS_SEV)
|
||||
KERNELPARAMS += $(ROOTMEASURECONFIG) agent.enable_signature_verification=false $(AGENT_AA_KBC_PARAMS)
|
||||
|
||||
@ -519,6 +521,8 @@ USER_VARS += TDXCPUFEATURES
|
||||
USER_VARS += DEFMACHINETYPE_CLH
|
||||
USER_VARS += KERNELPARAMS
|
||||
USER_VARS += TDXKERNELPARAMS
|
||||
USER_VARS += TDXKERNELPARAMS_QEMU
|
||||
USER_VARS += TDXKERNELPARAMS_CLH
|
||||
USER_VARS += SEVKERNELPARAMS
|
||||
USER_VARS += LIBEXECDIR
|
||||
USER_VARS += LOCALSTATEDIR
|
||||
|
||||
@ -70,7 +70,7 @@ valid_hypervisor_paths = @CLHVALIDHYPERVISORPATHS@
|
||||
# may stop the virtual machine from booting.
|
||||
# To see the list of default parameters, enable hypervisor debug, create a
|
||||
# container and look for 'default-kernel-parameters' log entries.
|
||||
kernel_params = "@TDXKERNELPARAMS@"
|
||||
kernel_params = "@TDXKERNELPARAMS_CLH@"
|
||||
|
||||
# Default number of vCPUs per SB/VM:
|
||||
# unspecified or 0 --> will be set to @DEFVCPUS@
|
||||
|
||||
@ -59,7 +59,7 @@ valid_hypervisor_paths = @QEMUTDXVALIDHYPERVISORPATHS@
|
||||
# may stop the virtual machine from booting.
|
||||
# To see the list of default parameters, enable hypervisor debug, create a
|
||||
# container and look for 'default-kernel-parameters' log entries.
|
||||
kernel_params = "@TDXKERNELPARAMS@"
|
||||
kernel_params = "@TDXKERNELPARAMS_QEMU@"
|
||||
|
||||
# Path to the firmware.
|
||||
# If you want that qemu uses the default firmware leave this option empty
|
||||
|
||||
Loading…
Reference in New Issue
Block a user