mirror of
https://github.com/kata-containers/kata-containers.git
synced 2025-04-29 04:04:45 +00:00
config: Expand confidential_guest comments
Let's clarify that an error will be reported in case confidential_guest is enabled, but the hardware where Kata Containers is running doesn't provide the required feature set. Fixes: #3787 Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
This commit is contained in:
parent
641d475fa6
commit
de57466212
@ -19,7 +19,8 @@ image = "@IMAGEPATH@"
|
|||||||
# Toggling that setting may trigger different hardware features, ranging
|
# Toggling that setting may trigger different hardware features, ranging
|
||||||
# from memory encryption to both memory and CPU-state encryption and integrity.
|
# from memory encryption to both memory and CPU-state encryption and integrity.
|
||||||
# The Kata Containers runtime dynamically detects the available feature set and
|
# The Kata Containers runtime dynamically detects the available feature set and
|
||||||
# aims at enabling the largest possible one.
|
# aims at enabling the largest possible one, returning an error if none is
|
||||||
|
# available, or none is supported by the hypervisor.
|
||||||
#
|
#
|
||||||
# Known limitations:
|
# Known limitations:
|
||||||
# * Does not work by design:
|
# * Does not work by design:
|
||||||
|
@ -20,7 +20,8 @@ machine_type = "@MACHINETYPE@"
|
|||||||
# Toggling that setting may trigger different hardware features, ranging
|
# Toggling that setting may trigger different hardware features, ranging
|
||||||
# from memory encryption to both memory and CPU-state encryption and integrity.
|
# from memory encryption to both memory and CPU-state encryption and integrity.
|
||||||
# The Kata Containers runtime dynamically detects the available feature set and
|
# The Kata Containers runtime dynamically detects the available feature set and
|
||||||
# aims at enabling the largest possible one.
|
# aims at enabling the largest possible one, returning an error if none is
|
||||||
|
# available, or none is supported by the hypervisor.
|
||||||
#
|
#
|
||||||
# Known limitations:
|
# Known limitations:
|
||||||
# * Does not work by design:
|
# * Does not work by design:
|
||||||
|
Loading…
Reference in New Issue
Block a user