github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-07-18 17:33:02 +00:00
Code Issues Projects Releases Wiki Activity

runtime: clh: Use the new API to boot with TDX firmware (td-shim)

Browse Source 
The new way to boot from TDX firmware (e.g. td-shim) is using the
combination of '--platform tdx=on' with '--firmware tdshim'.

Fixes: #5309

Signed-off-by: Bo Chen <chen.bo@intel.com>
(cherry picked from commit 067e2b1e33)
This commit is contained in:
Bo Chen 2022-09-30 14:12:38 -07:00 committed by Fabiano Fidêncio
parent f3eac35b55
commit 9a0ab92f65
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/runtime/virtcontainers/clh.go
View File

@ -415,7 +415,13 @@ func (clh *cloudHypervisor) enableProtection() error {
return errors.New("Firmware path is not specified")
}
clh.vmconfig.Tdx = chclient.NewTdxConfig(firmwarePath)
clh.vmconfig.Payload.SetFirmware(firmwarePath)
if clh.vmconfig.Platform == nil {
clh.vmconfig.Platform = chclient.NewPlatformConfig()
}
clh.vmconfig.Platform.SetTdx(true)
return nil
case sevProtection: