mirror of
https://github.com/kata-containers/kata-containers.git
synced 2026-05-04 12:31:27 +00:00
runtime-rs: Pass protection device config to payload conversion
This commit implements the conversion logic for the newly introduced CoCo/Initdata configurations, ensuring that `ProtectionDevConfig` data, particularly the `mrconfigid`, is correctly passed. And the main Changes are as below: - Importing `ProtectionDevConfig` for use in conversion logic. - Extracting `protection_device` from `NamedHypervisorConfig` and passing it during the conversion to `VmConfig`. - Updating the `TryFrom` implementation for `PayloadConfig` to accept the `ProtectionDevConfig` and use its `mrconfigid` to populate the `PayloadConfig`'s `mrconfigid` field. - Adjusting unit tests to reflect the updated `PayloadConfig` conversion signature and `mrconfigid` handling. Signed-off-by: alex.lyn <alex.lyn@antgroup.com>
This commit is contained in:
alex.lyn
@@ -3,6 +3,7 @@
|
||||
// SPDX-License-Identifier: Apache-2.0
|
||||
|
||||
use crate::NamedHypervisorConfig;
|
||||
use crate::ProtectionDevConfig;
|
||||
use crate::VmConfig;
|
||||
use crate::{
|
||||
guest_protection_is_tdx, ConsoleConfig, ConsoleOutputMode, CpuFeatures, CpuTopology,
|
||||
@@ -110,6 +111,7 @@ impl TryFrom<NamedHypervisorConfig> for VmConfig {
|
||||
let fs = n.shared_fs_devices;
|
||||
let net = n.network_devices;
|
||||
let host_devices = n.host_devices;
|
||||
let protection_dev = n.protection_device;
|
||||
|
||||
let cpus = CpusConfig::try_from((cfg.cpu_info, guest_protection_to_use.clone()))
|
||||
.map_err(VmConfigError::CPUError)?;
|
||||
@@ -143,6 +145,7 @@ impl TryFrom<NamedHypervisorConfig> for VmConfig {
|
||||
boot_info.clone(),
|
||||
kernel_params,
|
||||
guest_protection_to_use.clone(),
|
||||
protection_dev,
|
||||
))
|
||||
.map_err(VmConfigError::PayloadError)?,
|
||||
);
|
||||
@@ -385,13 +388,28 @@ impl From<String> for CpuFeatures {
|
||||
//
|
||||
// - The 3rd tuple element determines if TDX is enabled.
|
||||
//
|
||||
impl TryFrom<(BootInfo, Option<String>, GuestProtection)> for PayloadConfig {
|
||||
impl
|
||||
TryFrom<(
|
||||
BootInfo,
|
||||
Option<String>,
|
||||
GuestProtection,
|
||||
Option<ProtectionDevConfig>,
|
||||
)> for PayloadConfig
|
||||
{
|
||||
type Error = PayloadConfigError;
|
||||
|
||||
fn try_from(args: (BootInfo, Option<String>, GuestProtection)) -> Result<Self, Self::Error> {
|
||||
fn try_from(
|
||||
args: (
|
||||
BootInfo,
|
||||
Option<String>,
|
||||
GuestProtection,
|
||||
Option<ProtectionDevConfig>,
|
||||
),
|
||||
) -> Result<Self, Self::Error> {
|
||||
let boot_info = args.0;
|
||||
let cmdline = args.1;
|
||||
let guest_protection_to_use = args.2;
|
||||
let protection_device = args.3;
|
||||
|
||||
// The kernel is always specified here,
|
||||
// not in the top level VmConfig.kernel.
|
||||
@@ -419,12 +437,18 @@ impl TryFrom<(BootInfo, Option<String>, GuestProtection)> for PayloadConfig {
|
||||
Some(PathBuf::from(boot_info.firmware))
|
||||
};
|
||||
|
||||
let mrconfigid = if let Some(data) = protection_device {
|
||||
data.mrconfigid
|
||||
} else {
|
||||
None
|
||||
};
|
||||
|
||||
let payload = PayloadConfig {
|
||||
kernel: Some(kernel),
|
||||
initramfs,
|
||||
cmdline,
|
||||
firmware,
|
||||
mrconfigid: None,
|
||||
mrconfigid,
|
||||
};
|
||||
|
||||
Ok(payload)
|
||||
@@ -696,6 +720,7 @@ mod tests {
|
||||
initramfs: Some(PathBuf::from(initramfs)),
|
||||
firmware: payload_firmware,
|
||||
cmdline,
|
||||
mrconfigid: None,
|
||||
};
|
||||
|
||||
(boot_info, payload_config)
|
||||
@@ -1273,6 +1298,7 @@ mod tests {
|
||||
boot_info: BootInfo,
|
||||
cmdline: Option<String>,
|
||||
guest_protection: GuestProtection,
|
||||
protection_device: Option<ProtectionDevConfig>,
|
||||
result: Result<PayloadConfig, PayloadConfigError>,
|
||||
}
|
||||
|
||||
@@ -1309,6 +1335,7 @@ mod tests {
|
||||
boot_info: BootInfo::default(),
|
||||
cmdline: None,
|
||||
guest_protection: GuestProtection::NoProtection,
|
||||
protection_device: None,
|
||||
result: Err(PayloadConfigError::NoKernel),
|
||||
},
|
||||
TestData {
|
||||
@@ -1321,6 +1348,7 @@ mod tests {
|
||||
},
|
||||
cmdline: None,
|
||||
guest_protection: GuestProtection::NoProtection,
|
||||
protection_device: None,
|
||||
result: Ok(PayloadConfig {
|
||||
kernel: Some(PathBuf::from(kernel)),
|
||||
cmdline: None,
|
||||
@@ -1340,11 +1368,13 @@ mod tests {
|
||||
},
|
||||
cmdline: None,
|
||||
guest_protection: GuestProtection::NoProtection,
|
||||
protection_device: None,
|
||||
result: Ok(PayloadConfig {
|
||||
kernel: Some(PathBuf::from(kernel)),
|
||||
cmdline: None,
|
||||
initramfs: Some(PathBuf::from(initramfs)),
|
||||
firmware: Some(PathBuf::from(firmware)),
|
||||
mrconfigid: None,
|
||||
}),
|
||||
},
|
||||
TestData {
|
||||
@@ -1357,6 +1387,7 @@ mod tests {
|
||||
},
|
||||
cmdline: Some(cmdline.to_string()),
|
||||
guest_protection: GuestProtection::NoProtection,
|
||||
protection_device: None,
|
||||
result: Ok(PayloadConfig {
|
||||
kernel: Some(PathBuf::from(kernel)),
|
||||
initramfs: Some(PathBuf::from(initramfs)),
|
||||
@@ -1374,18 +1405,21 @@ mod tests {
|
||||
},
|
||||
cmdline: None,
|
||||
guest_protection: GuestProtection::Tdx,
|
||||
protection_device: None,
|
||||
result: Err(PayloadConfigError::TDXFirmwareMissing),
|
||||
},
|
||||
TestData {
|
||||
boot_info: boot_info_with_initrd,
|
||||
cmdline: Some(cmdline.to_string()),
|
||||
guest_protection: GuestProtection::Tdx,
|
||||
protection_device: None,
|
||||
result: Ok(payload_config_with_initrd),
|
||||
},
|
||||
TestData {
|
||||
boot_info: boot_info_without_initrd,
|
||||
cmdline: Some(cmdline.to_string()),
|
||||
guest_protection: GuestProtection::Tdx,
|
||||
protection_device: None,
|
||||
result: Ok(payload_config_without_initrd),
|
||||
},
|
||||
];
|
||||
@@ -1397,6 +1431,7 @@ mod tests {
|
||||
d.boot_info.clone(),
|
||||
d.cmdline.clone(),
|
||||
d.guest_protection.clone(),
|
||||
d.protection_device.clone(),
|
||||
));
|
||||
|
||||
let msg = format!("{}: actual result: {:?}", msg, result);
|
||||
|
||||
Reference in New Issue
Block a user