github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-08-23 10:12:10 +00:00
Code Issues Projects Releases Wiki Activity

kata-deploy: Add MEASURED_ROOTFS check

Browse Source 
- Check MEASURED_ROOTFS is set before adding the cc_rootfs_verity
config

Signed-off-by: stevenhorsman <steven@uk.ibm.com>
This commit is contained in:
stevenhorsman 2023-06-19 17:16:37 +01:00
parent 6350f49baf
commit a7fce537c7
1 changed files with 17 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh
View File

@ -389,21 +389,25 @@ install_cc_shimv2() {
export RUST_VERSION
export REMOVE_VMM_CONFIGS="acrn fc"
extra_opts="DEFSERVICEOFFLOAD=true"
if [ -f "${repo_root_dir}/tools/osbuilder/root_hash_vanilla.txt" ]; then
root_hash=$(sudo sed -e 's/Root hash:\s*//g;t;d' "${repo_root_dir}/tools/osbuilder/root_hash_vanilla.txt")
root_measure_config="cc_rootfs_verity.scheme=dm-verity cc_rootfs_verity.hash=${root_hash}"
extra_opts+=" ROOTMEASURECONFIG=\"${root_measure_config}\""
fi
if [ "${MEASURED_ROOTFS}" == "yes" ]; then
extra_opts="DEFSERVICEOFFLOAD=true"
if [ -f "${repo_root_dir}/tools/osbuilder/root_hash_vanilla.txt" ]; then
root_hash=$(sudo sed -e 's/Root hash:\s*//g;t;d' "${repo_root_dir}/tools/osbuilder/root_hash_vanilla.txt")
root_measure_config="cc_rootfs_verity.scheme=dm-verity cc_rootfs_verity.hash=${root_hash}"
extra_opts+=" ROOTMEASURECONFIG=\"${root_measure_config}\""
fi
if [ -f "${repo_root_dir}/tools/osbuilder/root_hash_tdx.txt" ]; then
root_hash=$(sudo sed -e 's/Root hash:\s*//g;t;d' "${repo_root_dir}/tools/osbuilder/root_hash_tdx.txt")
root_measure_config="cc_rootfs_verity.scheme=dm-verity cc_rootfs_verity.hash=${root_hash}"
extra_opts+=" ROOTMEASURECONFIGTDX=\"${root_measure_config}\""
if [ -f "${repo_root_dir}/tools/osbuilder/root_hash_tdx.txt" ]; then
root_hash=$(sudo sed -e 's/Root hash:\s*//g;t;d' "${repo_root_dir}/tools/osbuilder/root_hash_tdx.txt")
root_measure_config="cc_rootfs_verity.scheme=dm-verity cc_rootfs_verity.hash=${root_hash}"
extra_opts+=" ROOTMEASURECONFIGTDX=\"${root_measure_config}\""
fi
info "extra_opts: ${extra_opts}"
DESTDIR="${destdir}" PREFIX="${cc_prefix}" EXTRA_OPTS="${extra_opts}" "${shimv2_builder}"
else
DESTDIR="${destdir}" PREFIX="${cc_prefix}" "${shimv2_builder}"
fi
info "extra_opts: ${extra_opts}"
DESTDIR="${destdir}" PREFIX="${cc_prefix}" EXTRA_OPTS="${extra_opts}" "${shimv2_builder}"
}
# Install static CC virtiofsd asset