runtime: Add confidential kernel to the makefile

With this we can properly generate and the the `-confidential` kernel,
which supports SEV / SNP / TDX as part of our configuration files.

Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
This commit is contained in:
Fabiano Fidêncio 2024-01-12 18:30:25 +01:00
parent 40d9a65601
commit a618461d3a
No known key found for this signature in database
GPG Key ID: EE926C2BDACC177B

View File

@ -390,6 +390,10 @@ ifneq (,$(QEMUCMD))
KERNELSNPNAME = $(call MAKE_KERNEL_SNP_NAME,$(KERNELSNPTYPE))
KERNELSNPPATH = $(KERNELDIR)/$(KERNELSNPNAME)
KERNELCONFIDENTIALTYPE = compressed
KERNELCONFIDENTIALNAME = $(call MAKE_KERNEL_CONFIDENTIAL_NAME,$(KERNELCONFIDENTIALTYPE))
KERNELCONFIDENTIALPATH = $(KERNELDIR)/$(KERNELCONFIDENTIALNAME)
KERNELSENAME = kata-containers-se.img
KERNELSEPATH = $(KERNELDIR)/$(KERNELSENAME)
endif
@ -585,6 +589,7 @@ USER_VARS += KERNELTYPE_ACRN
USER_VARS += KERNELTYPE_CLH
USER_VARS += KERNELPATH_ACRN
USER_VARS += KERNELPATH
USER_VARS += KERNELCONFIDENTIALPATH
USER_VARS += KERNELSEVPATH
USER_VARS += KERNELTDXPATH
USER_VARS += KERNELSNPPATH
@ -786,6 +791,10 @@ define MAKE_KERNEL_SNP_NAME
$(if $(findstring uncompressed,$1),vmlinux-sev.container,vmlinuz-sev.container)
endef
define MAKE_KERNEL_CONFIDENTIAL_NAME
$(if $(findstring uncompressed,$1),vmlinux-confidential.container,vmlinuz-confidential.container)
endef
GENERATED_FILES += pkg/katautils/config-settings.go
$(RUNTIME_OUTPUT): $(SOURCES) $(GENERATED_FILES) $(MAKEFILE_LIST) | show-summary