github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-08-17 15:38:00 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #5038 from Alex-Carter01/sev-kernel-makefile

Browse Source 
CC | packaging: Build SEV capable kernel + efi_secret module
This commit is contained in:
Wainer Moschetta 2022-09-19 09:32:33 -03:00 committed by GitHub
commit ad49a11761
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 18 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
tools/packaging/kata-deploy/local-build/Makefile
View File

@ -86,6 +86,7 @@ cc: cc-cloud-hypervisor-tarball \
cc-shim-v2-tarball \ cc-shim-v2-tarball \
cc-virtiofsd-tarball \ cc-virtiofsd-tarball \
cc-tdx-kernel-tarball \ cc-tdx-kernel-tarball \
cc-sev-kernel-tarball \
cc-tdx-qemu-tarball \ cc-tdx-qemu-tarball \
cc-tdx-td-shim-tarball \ cc-tdx-td-shim-tarball \
cc-tdx-tdvf-tarball \ cc-tdx-tdvf-tarball \
@ -119,6 +120,9 @@ cc-tdx-cloud-hypervisor-tarball:
cc-tdx-kernel-tarball: cc-tdx-kernel-tarball:
${MAKE} $@-build ${MAKE} $@-build
cc-sev-kernel-tarball:
${MAKE} $@-build
cc-tdx-qemu-tarball: cc-tdx-qemu-tarball:
${MAKE} $@-build ${MAKE} $@-build

17
tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh
View File

@ -87,6 +87,7 @@ options:
cc-cloud-hypervisor cc-cloud-hypervisor
cc-kernel cc-kernel
cc-tdx-kernel cc-tdx-kernel
cc-sev-kernel
cc-qemu cc-qemu
cc-tdx-qemu cc-tdx-qemu
cc-rootfs-image cc-rootfs-image
@ -170,17 +171,23 @@ install_tdx_cc_clh() {
#Install CC kernel assert, with TEE support #Install CC kernel assert, with TEE support
install_cc_tee_kernel() { install_cc_tee_kernel() {
tee="${1}" tee="${1}"
kernel_version="${2}"
[ "${tee}" != "tdx" ] && die "Non supported TEE" [[ "${tee}" != "tdx" && "${tee}" != "sev" ]] && die "Non supported TEE"
export kernel_version="$(yq r $versions_yaml assets.kernel.${tee}.tag)" kernel_url="$(yq r $versions_yaml assets.kernel.${tee}.url)"
export kernel_url="$(yq r $versions_yaml assets.kernel.${tee}.url)"
DESTDIR="${destdir}" PREFIX="${cc_prefix}" "${kernel_builder}" -x "${tee}" -v "${kernel_version}" -u "${kernel_url}" DESTDIR="${destdir}" PREFIX="${cc_prefix}" "${kernel_builder}" -x "${tee}" -v "${kernel_version}" -u "${kernel_url}"
} }
#Install CC kernel assert for Intel TDX #Install CC kernel assert for Intel TDX
install_cc_tdx_kernel() { install_cc_tdx_kernel() {
install_cc_tee_kernel "tdx" kernel_version="$(yq r $versions_yaml assets.kernel.tdx.tag)"
install_cc_tee_kernel "tdx" "${kernel_version}"
}
install_cc_sev_kernel() {
kernel_version="$(yq r $versions_yaml assets.kernel.sev.version)"
install_cc_tee_kernel "sev" "${kernel_version}"
} }
install_cc_tee_qemu() { install_cc_tee_qemu() {
@ -345,6 +352,8 @@ handle_build() {
cc-tdx-kernel) install_cc_tdx_kernel ;; cc-tdx-kernel) install_cc_tdx_kernel ;;
cc-sev-kernel) install_cc_sev_kernel ;;
cc-tdx-qemu) install_cc_tdx_qemu ;; cc-tdx-qemu) install_cc_tdx_qemu ;;
cc-tdx-td-shim) install_cc_tdx_td_shim ;; cc-tdx-td-shim) install_cc_tdx_td_shim ;;

1
tools/packaging/static-build/kernel/Dockerfile
View File

@ -17,6 +17,7 @@ RUN apt-get update && \
git \ git \
iptables \ iptables \
libelf-dev \ libelf-dev \
libssl-dev \
patch && \ patch && \
if [ "$(uname -m)" = "s390x" ]; then apt-get install -y --no-install-recommends libssl-dev; fi && \ if [ "$(uname -m)" = "s390x" ]; then apt-get install -y --no-install-recommends libssl-dev; fi && \
apt-get clean && rm -rf /var/lib/lists/ apt-get clean && rm -rf /var/lib/lists/