From c72fdaf91696114d90c389d5caa79ec50bbe20fa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Tue, 1 Nov 2022 13:53:02 +0100 Subject: [PATCH] packaging: Build TDX specific guest image MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The specific TDX image relies on having EAA KBC, instead of using the default `offline_fs_kbc`. This image is, with this commit, built and distributed, but not yet used by TDX specific configurations, which will be done in a follow-up commit. Signed-off-by: Fabiano FidĂȘncio --- .github/workflows/cc-payload-after-push.yaml | 1 + .github/workflows/cc-payload.yaml | 1 + tools/packaging/kata-deploy/local-build/Makefile | 6 +++++- .../kata-deploy/local-build/kata-deploy-binaries.sh | 12 +++++++++++- 4 files changed, 18 insertions(+), 2 deletions(-) diff --git a/.github/workflows/cc-payload-after-push.yaml b/.github/workflows/cc-payload-after-push.yaml index b7b08dd230..7d524de881 100644 --- a/.github/workflows/cc-payload-after-push.yaml +++ b/.github/workflows/cc-payload-after-push.yaml @@ -20,6 +20,7 @@ jobs: - cc-sev-ovmf - cc-sev-rootfs-initrd - cc-tdx-kernel + - cc-tdx-rootfs-image - cc-tdx-qemu - cc-tdx-td-shim - cc-tdx-tdvf diff --git a/.github/workflows/cc-payload.yaml b/.github/workflows/cc-payload.yaml index 44d6e4442f..ca9b38a549 100644 --- a/.github/workflows/cc-payload.yaml +++ b/.github/workflows/cc-payload.yaml @@ -20,6 +20,7 @@ jobs: - cc-sev-ovmf - cc-sev-rootfs-initrd - cc-tdx-kernel + - cc-tdx-rootfs-image - cc-tdx-qemu - cc-tdx-td-shim - cc-tdx-tdvf diff --git a/tools/packaging/kata-deploy/local-build/Makefile b/tools/packaging/kata-deploy/local-build/Makefile index 6c09ab87a6..8cf603e57e 100644 --- a/tools/packaging/kata-deploy/local-build/Makefile +++ b/tools/packaging/kata-deploy/local-build/Makefile @@ -91,7 +91,8 @@ cc: cc-cloud-hypervisor-tarball \ cc-tdx-td-shim-tarball \ cc-tdx-tdvf-tarball \ cc-sev-ovmf-tarball \ - cc-sev-rootfs-initrd-tarball + cc-sev-rootfs-initrd-tarball \ + cc-tdx-rootfs-tarball cc-cloud-hypervisor-tarball: ${MAKE} $@-build @@ -108,6 +109,9 @@ cc-rootfs-image-tarball: cc-sev-rootfs-initrd-tarball: cc-sev-kernel-tarball ${MAKE} $@-build +cc-tdx-rootfs-image-tarball: + ${MAKE} $@-build + cc-shim-v2-tarball: ${MAKE} $@-build diff --git a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh index efbbe646f1..3b4f19f4f2 100755 --- a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh +++ b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh @@ -118,10 +118,11 @@ install_cc_clh() { install_cc_image() { export AA_KBC="${1:-offline_fs_kbc}" image_type="${2:-image}" + image_initrd_suffix="${3:-""}" export KATA_BUILD_CC=yes info "Create CC image configured with AA_KBC=${AA_KBC}" - "${rootfs_builder}" --imagetype="${image_type}" --prefix="${cc_prefix}" --destdir="${destdir}" + "${rootfs_builder}" --imagetype="${image_type}" --prefix="${cc_prefix}" --destdir="${destdir}" --image_initrd_suffix="${image_initrd_suffix}" } install_cc_sev_image() { @@ -130,6 +131,13 @@ install_cc_sev_image() { install_cc_image "${AA_KBC}" "${image_type}" } +install_cc_tdx_image() { + AA_KBC="eaa_kbc" + image_type="image" + image_suffix="tdx" + install_cc_image "${AA_KBC}" "${image_type}" "${image_suffix}" +} + #Install CC kernel asset install_cc_kernel() { export KATA_BUILD_CC=yes @@ -359,6 +367,8 @@ handle_build() { cc-sev-rootfs-initrd) install_cc_sev_image ;; + cc-tdx-rootfs-image) install_cc_tdx_image ;; + cc-shim-v2) install_cc_shimv2 ;; cc-virtiofsd) install_cc_virtiofsd ;;