From b87820ee8c38ba0ca442e981b025142b3d73f86d Mon Sep 17 00:00:00 2001
From: Unmesh Deodhar <udeodhar@amd.com>
Date: Mon, 17 Apr 2023 23:19:25 +0000
Subject: [PATCH] packaging: add support to build initrd for sev

We need special initrd for SEV. The work on SEV initrd is based on
Ubuntu. Thus, adding another entry in versions.yaml
This binary will have '-sev' suffix to distinguish it from the generic
binary.

Fixes: #6572

Signed-Off-By: Unmesh Deodhar <udeodhar@amd.com>
---
 tools/packaging/guest-image/build_image.sh    | 15 ++++++-
 .../kata-deploy/local-build/Makefile          |  4 ++
 .../local-build/kata-deploy-binaries.sh       | 45 ++++---------------
 versions.yaml                                 |  3 ++
 4 files changed, 30 insertions(+), 37 deletions(-)

diff --git a/tools/packaging/guest-image/build_image.sh b/tools/packaging/guest-image/build_image.sh
index 914b72a795..d602b85c08 100755
--- a/tools/packaging/guest-image/build_image.sh
+++ b/tools/packaging/guest-image/build_image.sh
@@ -22,6 +22,8 @@ readonly osbuilder_dir="$(cd "${repo_root_dir}/tools/osbuilder" && pwd)"
 export GOPATH=${GOPATH:-${HOME}/go}
 
 arch_target="$(uname -m)"
+final_initrd_name="kata-containers-initrd"
+image_initrd_extension=".img"
 
 build_initrd() {
 	info "Build initrd"
@@ -37,7 +39,7 @@ build_initrd() {
 	mv "kata-containers-initrd.img" "${install_dir}/${initrd_name}"
 	(
 		cd "${install_dir}"
-		ln -sf "${initrd_name}" kata-containers-initrd.img
+		ln -sf "${initrd_name}" "${final_initrd_name}${image_initrd_extension}"
 	)
 }
 
@@ -71,6 +73,7 @@ Options:
  --imagetype=${image_type}
  --prefix=${prefix}
  --destdir=${destdir}
+ --image_initrd_suffix=${image_initrd_suffix}
 EOF
 
 	exit "${return_code}"
@@ -80,6 +83,7 @@ main() {
 	image_type=image
 	destdir="$PWD"
 	prefix="/opt/kata"
+	image_initrd_suffix=""
 	builddir="${PWD}"
 	while getopts "h-:" opt; do
 		case "$opt" in
@@ -99,6 +103,15 @@ main() {
 				initrd_os_version=$(get_from_kata_deps "assets.initrd.architecture.${arch_target}.version")
 				initrd_name="kata-${initrd_distro}-${initrd_os_version}.${image_type}"
 				;;
+			image_initrd_suffix=*)
+				image_initrd_suffix=${OPTARG#*=}
+				if [ "${image_initrd_suffix}" == "sev" ]; then
+					initrd_distro=$(get_from_kata_deps "assets.initrd.architecture.${arch_target}.sev.name")
+					initrd_os_version=$(get_from_kata_deps "assets.initrd.architecture.${arch_target}.sev.version")
+					initrd_name="kata-${initrd_distro}-${initrd_os_version}-${image_initrd_suffix}.${image_type}"
+					final_initrd_name="${final_initrd_name}-${image_initrd_suffix}"
+				fi
+				;;
 			prefix=*)
 				prefix=${OPTARG#*=}
 				;;
diff --git a/tools/packaging/kata-deploy/local-build/Makefile b/tools/packaging/kata-deploy/local-build/Makefile
index 88de4399a6..5e20f91088 100644
--- a/tools/packaging/kata-deploy/local-build/Makefile
+++ b/tools/packaging/kata-deploy/local-build/Makefile
@@ -39,6 +39,7 @@ all: serial-targets \
 serial-targets:
 	${MAKE} -f $(MK_PATH) -j 1 V= \
 	rootfs-image-tarball \
+	rootfs-initrd-sev-tarball \
 	rootfs-initrd-tarball \
 	cloud-hypervisor-tarball
 
@@ -87,6 +88,9 @@ qemu-tdx-experimental-tarball:
 rootfs-image-tarball:
 	${MAKE} $@-build
 
+rootfs-initrd-sev-tarball: kernel-sev-tarball
+	${MAKE} $@-build
+
 rootfs-initrd-tarball:
 	${MAKE} $@-build
 
diff --git a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh
index 7b02274427..f551fc8d97 100755
--- a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh
+++ b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh
@@ -91,6 +91,7 @@ options:
 	qemu-tdx-experimental
 	rootfs-image
 	rootfs-initrd
+	rootfs-initrd-sev
 	shim-v2
 	tdvf
 	virtiofsd
@@ -155,8 +156,10 @@ install_image() {
 
 #Install guest initrd
 install_initrd() {
-	local jenkins="${jenkins_url}/job/kata-containers-main-rootfs-initrd-$(uname -m)/${cached_artifacts_path}"
-	local component="rootfs-initrd"
+	local initrd_type="${1:-""}"
+	local initrd_suffix="${2:-""}"
+	local jenkins="${jenkins_url}/job/kata-containers-main-rootfs-${initrd_type}-$(uname -m)/${cached_artifacts_path}"
+	local component="rootfs-${initrd_type}"
 
 	local osbuilder_last_commit="$(get_last_modification "${repo_root_dir}/tools/osbuilder")"
 	local guest_image_last_commit="$(get_last_modification "${repo_root_dir}/tools/packaging/guest-image")"
@@ -169,7 +172,7 @@ install_initrd() {
 	install_cached_tarball_component \
 		"${component}" \
 		"${jenkins}" \
-		"${osbuilder_last_commit}-${guest_image_last_commit}-${agent_last_commit}-${libs_last_commit}-${gperf_version}-${libseccomp_version}-${rust_version}-initrd" \
+		"${osbuilder_last_commit}-${guest_image_last_commit}-${agent_last_commit}-${libs_last_commit}-${gperf_version}-${libseccomp_version}-${rust_version}-${initrd_type}" \
 		"" \
 		"${final_tarball_name}" \
 		"${final_tarball_path}" \
@@ -184,39 +187,6 @@ install_initrd_sev() {
 	install_initrd "initrd-sev" "sev"
 }
 
-#Install kernel component helper
-install_cached_kernel_tarball_component() {
-	local kernel_name=${1}
-
-	install_cached_tarball_component \
-		"${kernel_name}" \
-		"${jenkins_url}/job/kata-containers-main-${kernel_name}-$(uname -m)/${cached_artifacts_path}" \
-		"${kernel_version}-${kernel_kata_config_version}" \
-		"$(get_kernel_image_name)" \
-		"${final_tarball_name}" \
-		"${final_tarball_path}" \
-		|| return 1
-	
-	if [[ "${kernel_name}" != "kernel-sev" ]]; then
-		return 0
-	fi
-
-	# SEV specific code path
-	install_cached_tarball_component \
-		"${kernel_name}" \
-		"${jenkins_url}/job/kata-containers-main-${kernel_name}-$(uname -m)/${cached_artifacts_path}" \
-		"${kernel_version}-${kernel_kata_config_version}" \
-		"$(get_kernel_image_name)" \
-		"kata-static-kernel-sev-modules.tar.xz" \
-		"${workdir}/kata-static-kernel-sev-modules.tar.xz" \
-		|| return 1
-
-	mkdir -p "${module_dir}"
-	tar xvf "${workdir}/kata-static-kernel-sev-modules.tar.xz" -C  "${module_dir}" && return 0
-
-	return 1
-}
-
 #Install kernel asset
 install_kernel_helper() {
 	local kernel_version_yaml_path="${1}"
@@ -504,6 +474,7 @@ handle_build() {
 		install_firecracker
 		install_image
 		install_initrd
+		install_initrd_sev
 		install_kernel
 		install_kernel_dragonball_experimental
 		install_kernel_tdx_experimental
@@ -545,6 +516,8 @@ handle_build() {
 
 	rootfs-initrd) install_initrd ;;
 
+	rootfs-initrd-sev) install_initrd_sev ;;
+	
 	shim-v2) install_shimv2 ;;
 
 	tdvf) install_tdvf ;;
diff --git a/versions.yaml b/versions.yaml
index c222499d97..d95946749b 100644
--- a/versions.yaml
+++ b/versions.yaml
@@ -156,6 +156,9 @@ assets:
       x86_64:
         name: *default-initrd-name
         version: *default-initrd-version
+        sev:
+          name: *glibc-initrd-name
+          version: *glibc-initrd-version
 
   kernel:
     description: "Linux kernel optimised for virtual machines"