github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-05-02 05:34:46 +00:00
Code Issues Projects Releases Wiki Activity

virtcontainers: Lint protection types

Browse Source 
Protection types like tdxProtection or seProtection were marked nolint,
remove this. As a side effect, ARM needs dummy tests for these.

Fixes: #2801
Signed-off-by: Jakob Naucke <jakob.naucke@ibm.com>
This commit is contained in:
Jakob Naucke 2021-11-09 17:35:07 +01:00
parent b192d388c1
commit b7b89905d4
No known key found for this signature in database
GPG Key ID: 45FA1C7D310C0EBE
2 changed files with 47 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/runtime/virtcontainers/qemu_arch_base.go
View File

@ -159,22 +159,22 @@ const (
//Intel Trust Domain Extensions //Intel Trust Domain Extensions
//https://software.intel.com/content/www/us/en/develop/articles/intel-trust-domain-extensions.html //https://software.intel.com/content/www/us/en/develop/articles/intel-trust-domain-extensions.html
// Exclude from lint checking for it won't be used on arm64 code // Exclude from lint checking for it won't be used on arm64 code
tdxProtection //nolint tdxProtection
// AMD Secure Encrypted Virtualization // AMD Secure Encrypted Virtualization
// https://developer.amd.com/sev/ // https://developer.amd.com/sev/
// Exclude from lint checking for it won't be used on arm64 code // Exclude from lint checking for it won't be used on arm64 code
sevProtection //nolint sevProtection
// IBM POWER 9 Protected Execution Facility // IBM POWER 9 Protected Execution Facility
// https://www.kernel.org/doc/html/latest/powerpc/ultravisor.html // https://www.kernel.org/doc/html/latest/powerpc/ultravisor.html
// Exclude from lint checking for it won't be used on arm64 code // Exclude from lint checking for it won't be used on arm64 code
pefProtection //nolint pefProtection
// IBM Secure Execution (IBM Z & LinuxONE) // IBM Secure Execution (IBM Z & LinuxONE)
// https://www.kernel.org/doc/html/latest/virt/kvm/s390-pv.html // https://www.kernel.org/doc/html/latest/virt/kvm/s390-pv.html
// Exclude from lint checking for it won't be used on arm64 code // Exclude from lint checking for it won't be used on arm64 code
seProtection //nolint seProtection
) )
var guestProtectionStr = [...]string{ var guestProtectionStr = [...]string{

43
src/runtime/virtcontainers/qemu_arm64_test.go
View File

@ -170,3 +170,46 @@ func TestQemuArm64WithInitrd(t *testing.T) {
assert.NotContains(arm64.machine().Options, qemuNvdimmOption) assert.NotContains(arm64.machine().Options, qemuNvdimmOption)
} }
func TestQemuArm64AppendProtectionDevice(t *testing.T) {
assert := assert.New(t)
arm64 := newTestQemu(assert, QemuVirt)
var devices []govmmQemu.Device
var bios, firmware string
var err error
// no protection
devices, bios, err = arm64.appendProtectionDevice(devices, firmware)
assert.Empty(devices)
assert.Empty(bios)
assert.NoError(err)
// PEF protection
arm64.(*qemuArm64).protection = pefProtection
devices, bios, err = arm64.appendProtectionDevice(devices, firmware)
assert.Empty(devices)
assert.Empty(bios)
assert.NoError(err)
// Secure Execution protection
arm64.(*qemuArm64).protection = seProtection
devices, bios, err = arm64.appendProtectionDevice(devices, firmware)
assert.Empty(devices)
assert.Empty(bios)
assert.NoError(err)
// SEV protection
arm64.(*qemuArm64).protection = sevProtection
devices, bios, err = arm64.appendProtectionDevice(devices, firmware)
assert.Empty(devices)
assert.Empty(bios)
assert.NoError(err)
// TDX protection
arm64.(*qemuArm64).protection = tdxProtection
devices, bios, err = arm64.appendProtectionDevice(devices, firmware)
assert.Empty(devices)
assert.Empty(bios)
assert.NoError(err)
}