github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-07-06 12:06:49 +00:00
Code Issues Projects Releases Wiki Activity

qemu: Add support for PEF

Browse Source 
Adding the support for Protected Execution Facility(PEF) is
which is the confidential computing technology on ppc64le.

Fixes: #174

Signed-off-by: Amulyam24 <amulmek1@in.ibm.com>
This commit is contained in:
Amulyam24 2021-05-19 16:39:14 +05:30
parent 6fd848e95e
commit c135681d9a
1 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
qemu/qemu.go
View File

@ -134,6 +134,9 @@ const (
// Loader is the Loader device driver. // Loader is the Loader device driver.
Loader DeviceDriver = "loader" Loader DeviceDriver = "loader"
// SpaprTPMProxy is used for enabling guest to run in secure mode on ppc64le.
SpaprTPMProxy DeviceDriver = "spapr-tpm-proxy"
) )
func isDimmSupported(config *Config) bool { func isDimmSupported(config *Config) bool {
@ -236,6 +239,8 @@ const (
// SecExecGuest represents an s390x Secure Execution (Protected Virtualization in QEMU) object // SecExecGuest represents an s390x Secure Execution (Protected Virtualization in QEMU) object
SecExecGuest ObjectType = "s390-pv-guest" SecExecGuest ObjectType = "s390-pv-guest"
// PEFGuest represent ppc64le PEF(Protected Execution Facility) object.
PEFGuest ObjectType = "pef-guest"
) )
// Object is a qemu object representation. // Object is a qemu object representation.
@ -285,6 +290,9 @@ func (object Object) Valid() bool {
return object.ID != "" && object.File != "" && object.CBitPos != 0 && object.ReducedPhysBits != 0 return object.ID != "" && object.File != "" && object.CBitPos != 0 && object.ReducedPhysBits != 0
case SecExecGuest: case SecExecGuest:
return object.ID != "" return object.ID != ""
case PEFGuest:
return object.ID != "" && object.File != ""
default: default:
return false return false
} }
@ -327,6 +335,14 @@ func (object Object) QemuParams(config *Config) []string {
case SecExecGuest: case SecExecGuest:
objectParams = append(objectParams, string(object.Type)) objectParams = append(objectParams, string(object.Type))
objectParams = append(objectParams, fmt.Sprintf(",id=%s", object.ID)) objectParams = append(objectParams, fmt.Sprintf(",id=%s", object.ID))
case PEFGuest:
objectParams = append(objectParams, string(object.Type))
objectParams = append(objectParams, fmt.Sprintf(",id=%s", object.ID))
deviceParams = append(deviceParams, string(object.Driver))
deviceParams = append(deviceParams, fmt.Sprintf(",id=%s", object.DeviceID))
deviceParams = append(deviceParams, fmt.Sprintf(",host-path=%s", object.File))
} }
if len(deviceParams) > 0 { if len(deviceParams) > 0 {