From 10b9ab38abdfebd4f8a0d98bbb6cf09c172570d6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Sat, 16 May 2026 11:15:58 +0200 Subject: [PATCH 1/2] runtime-rs: preserve ccw address for modern block devices MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Store the hotplugged CCW address in BlockModern configs and use it when building storage sources so s390x encrypted emptyDir paths no longer fall back to /dev/vda. Signed-off-by: Fabiano FidĂȘncio --- .../hypervisor/src/device/driver/virtio_blk_modern.rs | 3 +++ src/runtime-rs/crates/hypervisor/src/qemu/inner.rs | 10 +++++++--- src/runtime-rs/crates/resource/src/volume/utils.rs | 7 +++++++ 3 files changed, 17 insertions(+), 3 deletions(-) diff --git a/src/runtime-rs/crates/hypervisor/src/device/driver/virtio_blk_modern.rs b/src/runtime-rs/crates/hypervisor/src/device/driver/virtio_blk_modern.rs index 6d40af4746..11141492cc 100644 --- a/src/runtime-rs/crates/hypervisor/src/device/driver/virtio_blk_modern.rs +++ b/src/runtime-rs/crates/hypervisor/src/device/driver/virtio_blk_modern.rs @@ -53,6 +53,9 @@ pub struct BlockConfigModern { /// scsi_addr is of the format SCSI-Id:LUN pub scsi_addr: Option, + /// CCW device address for virtio-blk-ccw on s390x (e.g., "0.0.0005") + pub ccw_addr: Option, + /// device attach count pub attach_count: u64, diff --git a/src/runtime-rs/crates/hypervisor/src/qemu/inner.rs b/src/runtime-rs/crates/hypervisor/src/qemu/inner.rs index db1172ec0d..353e80dd80 100644 --- a/src/runtime-rs/crates/hypervisor/src/qemu/inner.rs +++ b/src/runtime-rs/crates/hypervisor/src/qemu/inner.rs @@ -978,7 +978,7 @@ impl QemuInner { }; // Second, execute the asynchronous hotplug without holding the lock. - let (pci_path, scsi_addr) = qmp + let (pci_path, addr_str) = qmp .hotplug_block_device( &driver, index, @@ -1000,8 +1000,12 @@ impl QemuInner { if let Some(p) = pci_path { cfg.pci_path = Some(p); } - if let Some(s) = scsi_addr { - cfg.scsi_addr = Some(s); + if let Some(addr) = addr_str { + if driver == VIRTIO_BLK_CCW { + cfg.ccw_addr = Some(addr); + } else { + cfg.scsi_addr = Some(addr); + } } info!(sl!(), "Completed BlockModern hotplug: {:?}", &cfg); } diff --git a/src/runtime-rs/crates/resource/src/volume/utils.rs b/src/runtime-rs/crates/resource/src/volume/utils.rs index 363742be07..c2b6cde6c5 100644 --- a/src/runtime-rs/crates/resource/src/volume/utils.rs +++ b/src/runtime-rs/crates/resource/src/volume/utils.rs @@ -107,6 +107,13 @@ pub async fn handle_block_volume( return Err(anyhow!("block driver is scsi but no scsi address exists")); } } + KATA_CCW_DEV_TYPE => { + if let Some(ccw_addr) = &device.config.ccw_addr { + ccw_addr.to_string() + } else { + return Err(anyhow!("block driver is ccw but no ccw address exists")); + } + } _ => device.config.virt_path.clone(), }; device_id = device.device_id.clone(); From 1a4074ab2ec641fd91ceaa20b5a58fd1a0dd9f5f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Sat, 16 May 2026 12:07:12 +0200 Subject: [PATCH 2/2] agent: handle encrypted ephemeral storage for CCW block devices MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit VirtioBlkCcwHandler::create_device was calling common_storage_handler directly, bypassing the handle_block_storage function that checks for the encryption_key=ephemeral driver option. This meant that encrypted emptyDir volumes on s390x would attempt a plain mount of the raw block device instead of setting up dm-crypt via the CDH, resulting in an EINVAL mount error. Route CCW block devices through handle_block_storage, matching the pattern used by VirtioBlkPciHandler. Fixes: failed to mount /dev/vda to .../storage/..., EINVAL Signed-off-by: Fabiano FidĂȘncio --- src/agent/src/storage/block_handler.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/agent/src/storage/block_handler.rs b/src/agent/src/storage/block_handler.rs index d604922062..e4310a33b8 100644 --- a/src/agent/src/storage/block_handler.rs +++ b/src/agent/src/storage/block_handler.rs @@ -163,8 +163,8 @@ impl StorageHandler for VirtioBlkCcwHandler { let ccw_device = ccw::Device::from_str(&storage.source)?; let dev_path = get_virtio_blk_ccw_device_name(ctx.sandbox, &ccw_device).await?; storage.source = dev_path; - let path = common_storage_handler(ctx.logger, &storage)?; - new_device(path) + let dev_num = get_device_number(&storage.source, None)?; + handle_block_storage(ctx.logger, &storage, &dev_num).await } #[cfg(not(target_arch = "s390x"))]