gha: remove ci env

Signed-off-by: Aurélien Bombo <abombo@microsoft.com>
Merge pull request #11475 from kata-containers/sprt/zizmor-fixes
2026-03-13 16:22:06 +00:00 · 2025-07-03 14:34:15 -05:00 · 2025-07-03 13:29:47 -05:00 · 2025-07-03 08:18:34 -05:00 · 2025-07-03 17:35:08 +08:00 · 2025-07-03 15:11:36 +08:00
162 changed files with 5247 additions and 1771 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -19,12 +19,18 @@ updates:
    ignore:
    # rust-vmm repos might cause incompatibilities on patch versions, so
    # lets handle them manually for now.
-      - dependency-name: "vhost"
-      - dependency-name: "vhost-user-backend"
+      - dependency-name: "event-manager"
+      - dependency-name: "kvm-bindings"
+      - dependency-name: "kvm-ioctls"
+      - dependency-name: "linux-loader"
+      - dependency-name: "seccompiler"
+      - dependency-name: "vfio-bindings"
+      - dependency-name: "vfio-ioctls"
      - dependency-name: "virtio-bindings"
      - dependency-name: "virtio-queue"
-      - dependency-name: "virtio-vsock"
+      - dependency-name: "vm-fdt"
      - dependency-name: "vm-memory"
+      - dependency-name: "vm-superio"
      - dependency-name: "vmm-sys-util"
    # As we often have up to 8/9 components that need the same versions bumps
    # create groups for common dependencies, so they can all go in a single PR
--- a/.github/workflows/PR-wip-checks.yaml
+++ b/.github/workflows/PR-wip-checks.yaml
@@ -22,7 +22,6 @@ jobs:
    name: WIP Check
    steps:
    - name: WIP Check
-      if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }}
      uses: tim-actions/wip-check@1c2a1ca6c110026b3e2297bb2ef39e1747b5a755 # master (2021-06-10)
      with:
        labels: '["do-not-merge", "wip", "rfc"]'
--- a/.github/workflows/actionlint.yaml
+++ b/.github/workflows/actionlint.yaml
@@ -25,7 +25,7 @@ jobs:
    runs-on: ubuntu-24.04
    steps:
      - name: Checkout the code
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          fetch-depth: 0
          persist-credentials: false
--- a/.github/workflows/basic-ci-amd64.yaml
+++ b/.github/workflows/basic-ci-amd64.yaml
@@ -35,7 +35,7 @@ jobs:
      KATA_HYPERVISOR: ${{ matrix.vmm }}
      SANDBOXER: "shim"
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -51,7 +51,7 @@ jobs:
        run: bash tests/integration/cri-containerd/gha-run.sh install-dependencies

      - name: get-kata-tarball
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-amd64${{ inputs.tarball-suffix }}
          path: kata-artifacts
@@ -76,7 +76,7 @@ jobs:
      KATA_HYPERVISOR: ${{ matrix.vmm }}
      SANDBOXER: "podsandbox"
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -91,7 +91,7 @@ jobs:
        run: bash tests/stability/gha-run.sh install-dependencies

      - name: get-kata-tarball
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-amd64${{ inputs.tarball-suffix }}
          path: kata-artifacts
@@ -118,7 +118,7 @@ jobs:
      GOPATH: ${{ github.workspace }}
      KATA_HYPERVISOR: ${{ matrix.vmm }}
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -134,7 +134,7 @@ jobs:
        run: bash tests/integration/nydus/gha-run.sh install-dependencies

      - name: get-kata-tarball
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-amd64${{ inputs.tarball-suffix }}
          path: kata-artifacts
@@ -153,7 +153,7 @@ jobs:
    env:
      CONTAINERD_VERSION: lts
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -169,7 +169,7 @@ jobs:
        run: bash tests/integration/runk/gha-run.sh install-dependencies

      - name: get-kata-tarball
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-amd64${{ inputs.tarball-suffix }}
          path: kata-artifacts
@@ -195,7 +195,7 @@ jobs:
    env:
      KATA_HYPERVISOR: ${{ matrix.vmm }}
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -211,7 +211,7 @@ jobs:
        run: bash tests/functional/tracing/gha-run.sh install-dependencies

      - name: get-kata-tarball
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-amd64${{ inputs.tarball-suffix }}
          path: kata-artifacts
@@ -239,7 +239,7 @@ jobs:
      GOPATH: ${{ github.workspace }}
      KATA_HYPERVISOR: ${{ matrix.vmm }}
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -255,7 +255,7 @@ jobs:
        run: bash tests/functional/vfio/gha-run.sh install-dependencies

      - name: get-kata-tarball
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-amd64${{ inputs.tarball-suffix }}
          path: kata-artifacts
@@ -280,7 +280,7 @@ jobs:
    env:
      KATA_HYPERVISOR: ${{ matrix.vmm }}
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -296,7 +296,7 @@ jobs:
        run: bash tests/integration/docker/gha-run.sh install-dependencies

      - name: get-kata-tarball
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-amd64${{ inputs.tarball-suffix }}
          path: kata-artifacts
@@ -324,7 +324,7 @@ jobs:
    env:
      KATA_HYPERVISOR: ${{ matrix.vmm }}
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -342,7 +342,7 @@ jobs:
        run: bash tests/integration/nerdctl/gha-run.sh install-dependencies

      - name: get-kata-tarball
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-amd64${{ inputs.tarball-suffix }}
          path: kata-artifacts
@@ -360,7 +360,7 @@ jobs:
        continue-on-error: true

      - name: Archive artifacts ${{ matrix.vmm }}
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: nerdctl-tests-garm-${{ matrix.vmm }}
          path: /tmp/artifacts
@@ -369,7 +369,7 @@ jobs:
  run-kata-agent-apis:
    runs-on: ubuntu-22.04
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -385,7 +385,7 @@ jobs:
        run: bash tests/functional/kata-agent-apis/gha-run.sh install-dependencies

      - name: get-kata-tarball
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-amd64${{ inputs.tarball-suffix }}
          path: kata-artifacts
--- a/.github/workflows/basic-ci-s390x.yaml
+++ b/.github/workflows/basic-ci-s390x.yaml
@@ -35,7 +35,7 @@ jobs:
      KATA_HYPERVISOR: ${{ matrix.vmm }}
      SANDBOXER: "shim"
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -51,7 +51,7 @@ jobs:
        run: bash tests/integration/cri-containerd/gha-run.sh install-dependencies

      - name: get-kata-tarball
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-s390x${{ inputs.tarball-suffix }}
          path: kata-artifacts
@@ -76,7 +76,7 @@ jobs:
      KATA_HYPERVISOR: ${{ matrix.vmm }}
      SANDBOXER: "podsandbox"
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -92,7 +92,7 @@ jobs:
        run: bash tests/stability/gha-run.sh install-dependencies

      - name: get-kata-tarball
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-s390x${{ inputs.tarball-suffix }}
          path: kata-artifacts
@@ -116,7 +116,7 @@ jobs:
    env:
      KATA_HYPERVISOR: ${{ matrix.vmm }}
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -132,7 +132,7 @@ jobs:
        run: bash tests/integration/docker/gha-run.sh install-dependencies

      - name: get-kata-tarball
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-s390x${{ inputs.tarball-suffix }}
          path: kata-artifacts
--- a/.github/workflows/build-checks-preview-riscv64.yaml
+++ b/.github/workflows/build-checks-preview-riscv64.yaml
@@ -72,7 +72,7 @@ jobs:
          sudo rm -f /tmp/kata_hybrid*  # Sometime we got leftover from test_setup_hvsock_failed()

      - name: Checkout the code
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          fetch-depth: 0
          persist-credentials: false
--- a/.github/workflows/build-checks.yaml
+++ b/.github/workflows/build-checks.yaml
@@ -70,7 +70,7 @@ jobs:
          sudo rm -f /tmp/kata_hybrid*  # Sometime we got leftover from test_setup_hvsock_failed()

      - name: Checkout the code
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          fetch-depth: 0
          persist-credentials: false
--- a/.github/workflows/build-kata-static-tarball-amd64.yaml
+++ b/.github/workflows/build-kata-static-tarball-amd64.yaml
@@ -80,7 +80,7 @@ jobs:
          username: ${{ vars.QUAY_DEPLOYER_USERNAME }}
          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}

-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0 # This is needed in order to keep the commit ids history
@@ -130,7 +130,7 @@ jobs:
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

-      - uses: actions/attest-build-provenance@v1
+      - uses: actions/attest-build-provenance@ef244123eb79f2f7a7e75d99086184180e6d0018 # v1.4.4
        if: ${{ env.PERFORM_ATTESTATION == 'yes' }}
        with:
          subject-name: ${{ steps.parse-oci-segments.outputs.oci-name }}
@@ -138,7 +138,7 @@ jobs:
          push-to-registry: true

      - name: store-artifact ${{ matrix.asset }}
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: kata-artifacts-amd64-${{ matrix.asset }}${{ inputs.tarball-suffix }}
          path: kata-build/kata-static-${{ matrix.asset }}.tar.xz
@@ -147,7 +147,7 @@ jobs:

      - name: store-extratarballs-artifact ${{ matrix.asset }}
        if: ${{ startsWith(matrix.asset, 'kernel-nvidia-gpu') }}
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: kata-artifacts-amd64-${{ matrix.asset }}-headers${{ inputs.tarball-suffix }}
          path: kata-build/kata-static-${{ matrix.asset }}-headers.tar.xz
@@ -179,7 +179,7 @@ jobs:
          username: ${{ vars.QUAY_DEPLOYER_USERNAME }}
          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}

-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0 # This is needed in order to keep the commit ids history
@@ -192,7 +192,7 @@ jobs:
          TARGET_BRANCH: ${{ inputs.target-branch }}

      - name: get-artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          pattern: kata-artifacts-amd64-*${{ inputs.tarball-suffix }}
          path: kata-artifacts
@@ -217,7 +217,7 @@ jobs:
          RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}

      - name: store-artifact ${{ matrix.asset }}
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: kata-artifacts-amd64-${{ matrix.asset }}${{ inputs.tarball-suffix }}
          path: kata-build/kata-static-${{ matrix.asset }}.tar.xz
@@ -270,7 +270,7 @@ jobs:
          username: ${{ vars.QUAY_DEPLOYER_USERNAME }}
          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}

-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0 # This is needed in order to keep the commit ids history
@@ -283,7 +283,7 @@ jobs:
          TARGET_BRANCH: ${{ inputs.target-branch }}

      - name: get-artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          pattern: kata-artifacts-amd64-*${{ inputs.tarball-suffix }}
          path: kata-artifacts
@@ -309,7 +309,7 @@ jobs:
          MEASURED_ROOTFS: yes

      - name: store-artifact shim-v2
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: kata-artifacts-amd64-shim-v2${{ inputs.tarball-suffix }}
          path: kata-build/kata-static-shim-v2.tar.xz
@@ -323,7 +323,7 @@ jobs:
      contents: read
      packages: write
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -334,7 +334,7 @@ jobs:
        env:
          TARGET_BRANCH: ${{ inputs.target-branch }}
      - name: get-artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          pattern: kata-artifacts-amd64-*${{ inputs.tarball-suffix }}
          path: kata-artifacts
@@ -343,7 +343,7 @@ jobs:
        run: |
          ./tools/packaging/kata-deploy/local-build/kata-deploy-merge-builds.sh kata-artifacts versions.yaml
      - name: store-artifacts
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: kata-static-tarball-amd64${{ inputs.tarball-suffix }}
          path: kata-static.tar.xz
--- a/.github/workflows/build-kata-static-tarball-arm64.yaml
+++ b/.github/workflows/build-kata-static-tarball-arm64.yaml
@@ -61,7 +61,7 @@ jobs:
          username: ${{ vars.QUAY_DEPLOYER_USERNAME }}
          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}

-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0 # This is needed in order to keep the commit ids history
@@ -110,7 +110,7 @@ jobs:
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

-      - uses: actions/attest-build-provenance@v1
+      - uses: actions/attest-build-provenance@ef244123eb79f2f7a7e75d99086184180e6d0018 # v1.4.4
        if: ${{ env.PERFORM_ATTESTATION == 'yes' }}
        with:
          subject-name: ${{ steps.parse-oci-segments.outputs.oci-name }}
@@ -118,7 +118,7 @@ jobs:
          push-to-registry: true

      - name: store-artifact ${{ matrix.asset }}
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: kata-artifacts-arm64-${{ matrix.asset }}${{ inputs.tarball-suffix }}
          path: kata-build/kata-static-${{ matrix.asset }}.tar.xz
@@ -127,7 +127,7 @@ jobs:

      - name: store-extratarballs-artifact ${{ matrix.asset }}
        if: ${{ startsWith(matrix.asset, 'kernel-nvidia-gpu') }}
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: kata-artifacts-arm64-${{ matrix.asset }}-headers${{ inputs.tarball-suffix }}
          path: kata-build/kata-static-${{ matrix.asset }}-headers.tar.xz
@@ -155,7 +155,7 @@ jobs:
          username: ${{ vars.QUAY_DEPLOYER_USERNAME }}
          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}

-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0 # This is needed in order to keep the commit ids history
@@ -168,7 +168,7 @@ jobs:
          TARGET_BRANCH: ${{ inputs.target-branch }}

      - name: get-artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          pattern: kata-artifacts-arm64-*${{ inputs.tarball-suffix }}
          path: kata-artifacts
@@ -192,7 +192,7 @@ jobs:
          RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}

      - name: store-artifact ${{ matrix.asset }}
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: kata-artifacts-arm64-${{ matrix.asset }}${{ inputs.tarball-suffix }}
          path: kata-build/kata-static-${{ matrix.asset }}.tar.xz
@@ -242,7 +242,7 @@ jobs:
          username: ${{ vars.QUAY_DEPLOYER_USERNAME }}
          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}

-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0 # This is needed in order to keep the commit ids history
@@ -255,7 +255,7 @@ jobs:
          TARGET_BRANCH: ${{ inputs.target-branch }}

      - name: get-artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          pattern: kata-artifacts-arm64-*${{ inputs.tarball-suffix }}
          path: kata-artifacts
@@ -279,7 +279,7 @@ jobs:
          RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}

      - name: store-artifact shim-v2
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: kata-artifacts-arm64-shim-v2${{ inputs.tarball-suffix }}
          path: kata-build/kata-static-shim-v2.tar.xz
@@ -293,7 +293,7 @@ jobs:
      contents: read
      packages: write
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -304,7 +304,7 @@ jobs:
        env:
          TARGET_BRANCH: ${{ inputs.target-branch }}
      - name: get-artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          pattern: kata-artifacts-arm64-*${{ inputs.tarball-suffix }}
          path: kata-artifacts
@@ -313,7 +313,7 @@ jobs:
        run: |
          ./tools/packaging/kata-deploy/local-build/kata-deploy-merge-builds.sh kata-artifacts versions.yaml
      - name: store-artifacts
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: kata-static-tarball-arm64${{ inputs.tarball-suffix }}
          path: kata-static.tar.xz
--- a/.github/workflows/build-kata-static-tarball-ppc64le.yaml
+++ b/.github/workflows/build-kata-static-tarball-ppc64le.yaml
@@ -51,7 +51,7 @@ jobs:
          username: ${{ vars.QUAY_DEPLOYER_USERNAME }}
          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}

-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0 # This is needed in order to keep the commit ids history
@@ -80,7 +80,7 @@ jobs:
          RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}

      - name: store-artifact ${{ matrix.asset }}
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: kata-artifacts-ppc64le-${{ matrix.asset }}${{ inputs.tarball-suffix }}
          path: kata-build/kata-static-${{ matrix.asset }}.tar.xz
@@ -108,7 +108,7 @@ jobs:
          username: ${{ vars.QUAY_DEPLOYER_USERNAME }}
          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}

-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0 # This is needed in order to keep the commit ids history
@@ -121,7 +121,7 @@ jobs:
          TARGET_BRANCH: ${{ inputs.target-branch }}

      - name: get-artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          pattern: kata-artifacts-ppc64le-*${{ inputs.tarball-suffix }}
          path: kata-artifacts
@@ -145,7 +145,7 @@ jobs:
          RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}

      - name: store-artifact ${{ matrix.asset }}
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: kata-artifacts-ppc64le-${{ matrix.asset }}${{ inputs.tarball-suffix }}
          path: kata-build/kata-static-${{ matrix.asset }}.tar.xz
@@ -181,7 +181,7 @@ jobs:
          username: ${{ vars.QUAY_DEPLOYER_USERNAME }}
          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}

-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0 # This is needed in order to keep the commit ids history
@@ -194,7 +194,7 @@ jobs:
          TARGET_BRANCH: ${{ inputs.target-branch }}

      - name: get-artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          pattern: kata-artifacts-ppc64le-*${{ inputs.tarball-suffix }}
          path: kata-artifacts
@@ -218,7 +218,7 @@ jobs:
          RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}

      - name: store-artifact shim-v2
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: kata-artifacts-ppc64le-shim-v2${{ inputs.tarball-suffix }}
          path: kata-build/kata-static-shim-v2.tar.xz
@@ -236,7 +236,7 @@ jobs:
        run: |
          sudo chown -R "$USER":"$USER" "$GITHUB_WORKSPACE"

-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -247,7 +247,7 @@ jobs:
        env:
          TARGET_BRANCH: ${{ inputs.target-branch }}
      - name: get-artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          pattern: kata-artifacts-ppc64le-*${{ inputs.tarball-suffix }}
          path: kata-artifacts
@@ -256,7 +256,7 @@ jobs:
        run: |
          ./tools/packaging/kata-deploy/local-build/kata-deploy-merge-builds.sh kata-artifacts versions.yaml
      - name: store-artifacts
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: kata-static-tarball-ppc64le${{ inputs.tarball-suffix }}
          path: kata-static.tar.xz
--- a/.github/workflows/build-kata-static-tarball-riscv64.yaml
+++ b/.github/workflows/build-kata-static-tarball-riscv64.yaml
@@ -49,7 +49,7 @@ jobs:
          username: ${{ vars.QUAY_DEPLOYER_USERNAME }}
          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}

-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0 # This is needed in order to keep the commit ids history
@@ -78,7 +78,7 @@ jobs:
          RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}

      - name: store-artifact ${{ matrix.asset }}
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: kata-artifacts-riscv64-${{ matrix.asset }}${{ inputs.tarball-suffix }}
          path: kata-build/kata-static-${{ matrix.asset }}.tar.xz
--- a/.github/workflows/build-kata-static-tarball-s390x.yaml
+++ b/.github/workflows/build-kata-static-tarball-s390x.yaml
@@ -59,7 +59,7 @@ jobs:
          username: ${{ vars.QUAY_DEPLOYER_USERNAME }}
          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}

-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0 # This is needed in order to keep the commit ids history
@@ -104,7 +104,7 @@ jobs:
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

-      - uses: actions/attest-build-provenance@v1
+      - uses: actions/attest-build-provenance@ef244123eb79f2f7a7e75d99086184180e6d0018 # v1.4.4
        if: ${{ env.PERFORM_ATTESTATION == 'yes' }}
        with:
          subject-name: ${{ steps.parse-oci-segments.outputs.oci-name }}
@@ -112,7 +112,7 @@ jobs:
          push-to-registry: true

      - name: store-artifact ${{ matrix.asset }}
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: kata-artifacts-s390x-${{ matrix.asset }}${{ inputs.tarball-suffix }}
          path: kata-build/kata-static-${{ matrix.asset }}.tar.xz
@@ -141,7 +141,7 @@ jobs:
          username: ${{ vars.QUAY_DEPLOYER_USERNAME }}
          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}

-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0 # This is needed in order to keep the commit ids history
@@ -154,7 +154,7 @@ jobs:
          TARGET_BRANCH: ${{ inputs.target-branch }}

      - name: get-artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          pattern: kata-artifacts-s390x-*${{ inputs.tarball-suffix }}
          path: kata-artifacts
@@ -179,7 +179,7 @@ jobs:
          RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}

      - name: store-artifact ${{ matrix.asset }}
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: kata-artifacts-s390x-${{ matrix.asset }}${{ inputs.tarball-suffix }}
          path: kata-build/kata-static-${{ matrix.asset }}.tar.xz
@@ -193,7 +193,7 @@ jobs:
      contents: read
      packages: write
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          persist-credentials: false
      - name: Rebase atop of the latest target branch
@@ -203,7 +203,7 @@ jobs:
          TARGET_BRANCH: ${{ inputs.target-branch }}

      - name: get-artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          pattern: kata-artifacts-s390x-*${{ inputs.tarball-suffix }}
          path: kata-artifacts
@@ -227,7 +227,7 @@ jobs:
          HKD_PATH: "host-key-document"

      - name: store-artifact boot-image-se
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: kata-artifacts-s390x${{ inputs.tarball-suffix }}
          path: kata-build/kata-static-boot-image-se.tar.xz
@@ -265,7 +265,7 @@ jobs:
          username: ${{ vars.QUAY_DEPLOYER_USERNAME }}
          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}

-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0 # This is needed in order to keep the commit ids history
@@ -278,7 +278,7 @@ jobs:
          TARGET_BRANCH: ${{ inputs.target-branch }}

      - name: get-artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          pattern: kata-artifacts-s390x-*${{ inputs.tarball-suffix }}
          path: kata-artifacts
@@ -304,7 +304,7 @@ jobs:
          MEASURED_ROOTFS: no

      - name: store-artifact shim-v2
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: kata-artifacts-s390x-shim-v2${{ inputs.tarball-suffix }}
          path: kata-build/kata-static-shim-v2.tar.xz
@@ -322,7 +322,7 @@ jobs:
      contents: read
      packages: write
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -333,7 +333,7 @@ jobs:
        env:
          TARGET_BRANCH: ${{ inputs.target-branch }}
      - name: get-artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          pattern: kata-artifacts-s390x-*${{ inputs.tarball-suffix }}
          path: kata-artifacts
@@ -342,7 +342,7 @@ jobs:
        run: |
          ./tools/packaging/kata-deploy/local-build/kata-deploy-merge-builds.sh kata-artifacts versions.yaml
      - name: store-artifacts
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: kata-static-tarball-s390x${{ inputs.tarball-suffix }}
          path: kata-static.tar.xz
--- a/.github/workflows/cargo-deny-runner.yaml
+++ b/.github/workflows/cargo-deny-runner.yaml
@@ -20,16 +20,13 @@ jobs:

    steps:
      - name: Checkout Code
-        if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }}
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          persist-credentials: false
      - name: Generate Action
-        if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }}
        run: bash cargo-deny-generator.sh
        working-directory: ./.github/cargo-deny-composite-action/
        env:
          GOPATH: ${{ github.workspace }}/kata-containers
      - name: Run Action
-        if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }}
        uses: ./.github/cargo-deny-composite-action
--- a/.github/workflows/ci-coco-stability.yaml
+++ b/.github/workflows/ci-coco-stability.yaml
@@ -1,7 +1,8 @@
 name: Kata Containers CoCo Stability Tests Weekly
 on:
-  schedule:
-    - cron: '0 0 * * 0'
+  # Note: This workload is not currently maintained, so skipping it's scheduled runs
+  # schedule:
+  #   - cron: '0 0 * * 0'
  workflow_dispatch:

 concurrency:
--- a/.github/workflows/ci-on-push.yaml
+++ b/.github/workflows/ci-on-push.yaml
@@ -16,7 +16,6 @@ on:

 permissions:
  contents: read
-  id-token: write

 concurrency:
  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
--- a/.github/workflows/ci-weekly.yaml
+++ b/.github/workflows/ci-weekly.yaml
@@ -69,7 +69,7 @@ jobs:
    runs-on: ubuntu-22.04
    steps:
      - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -185,7 +185,7 @@ jobs:
    runs-on: ubuntu-22.04
    steps:
      - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -227,7 +227,7 @@ jobs:
    runs-on: ubuntu-22.04
    steps:
      - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -240,7 +240,7 @@ jobs:
          TARGET_BRANCH: ${{ inputs.target-branch }}

      - name: get-kata-tarball
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-amd64-${{ inputs.tag }}
          path: kata-artifacts
--- a/.github/workflows/cleanup-resources.yaml
+++ b/.github/workflows/cleanup-resources.yaml
@@ -11,9 +11,8 @@ permissions:
 jobs:
  cleanup-resources:
    runs-on: ubuntu-22.04
-    environment: ci
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          persist-credentials: false

--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -60,7 +60,7 @@ jobs:
        # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
    steps:
    - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      with:
        persist-credentials: false

--- a/.github/workflows/commit-message-check.yaml
+++ b/.github/workflows/commit-message-check.yaml
@@ -27,7 +27,6 @@ jobs:
    name: Commit Message Check
    steps:
    - name: Get PR Commits
-      if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }}
      id: 'get-pr-commits'
      uses: tim-actions/get-pr-commits@c64db31d359214d244884dd68f971a110b29ab83 # v1.2.0
      with:
@@ -43,19 +42,18 @@ jobs:
        filter_out_pattern: '^Revert "|^Reapply "'

    - name: DCO Check
-      if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }}
      uses: tim-actions/dco@2fd0504dc0d27b33f542867c300c60840c6dcb20 # master (2020-04-28)
      with:
        commits: ${{ steps.get-pr-commits.outputs.commits }}

    - name: Commit Body Missing Check
-      if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') && ( success() || failure() ) }}
+      if: ${{ success() || failure() }}
      uses: tim-actions/commit-body-check@d2e0e8e1f0332b3281c98867c42a2fbe25ad3f15 # v1.0.2
      with:
        commits: ${{ steps.get-pr-commits.outputs.commits }}

    - name: Check Subject Line Length
-      if: ${{ (env.PR_AUTHOR != 'dependabot[bot]') && !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') && ( success() || failure() ) }}
+      if: ${{ (env.PR_AUTHOR != 'dependabot[bot]') && ( success() || failure() ) }}
      uses: tim-actions/commit-message-checker-with-regex@d6d9770051dd6460679d1cab1dcaa8cffc5c2bbd # v0.3.1
      with:
        commits: ${{ steps.get-pr-commits.outputs.commits }}
@@ -64,7 +62,7 @@ jobs:
        post_error: ${{ env.error_msg }}

    - name: Check Body Line Length
-      if: ${{ (env.PR_AUTHOR != 'dependabot[bot]') && !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') && ( success() || failure() ) }}
+      if: ${{ (env.PR_AUTHOR != 'dependabot[bot]') && ( success() || failure() ) }}
      uses: tim-actions/commit-message-checker-with-regex@d6d9770051dd6460679d1cab1dcaa8cffc5c2bbd # v0.3.1
      with:
        commits: ${{ steps.get-pr-commits.outputs.commits }}
@@ -95,7 +93,7 @@ jobs:
        post_error: ${{ env.error_msg }}

    - name: Check Subsystem
-      if: ${{ (env.PR_AUTHOR != 'dependabot[bot]') && !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') && ( success() || failure() ) }}
+      if: ${{ (env.PR_AUTHOR != 'dependabot[bot]') && ( success() || failure() ) }}
      uses: tim-actions/commit-message-checker-with-regex@d6d9770051dd6460679d1cab1dcaa8cffc5c2bbd # v0.3.1
      with:
        commits: ${{ steps.get-pr-commits.outputs.commits }}
--- a/.github/workflows/darwin-tests.yaml
+++ b/.github/workflows/darwin-tests.yaml
@@ -19,11 +19,11 @@ jobs:
    runs-on: macos-latest
    steps:
    - name: Install Go
-      uses: actions/setup-go@v5
+      uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
      with:
        go-version: 1.23.10
    - name: Checkout code
-      uses: actions/checkout@v4
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      with:
        persist-credentials: false
    - name: Build utils
--- a/.github/workflows/docs-url-alive-check.yaml
+++ b/.github/workflows/docs-url-alive-check.yaml
@@ -15,7 +15,7 @@ jobs:
      target_branch: ${{ github.base_ref }}
    steps:
    - name: Install Go
-      uses: actions/setup-go@v5
+      uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
      with:
        go-version: 1.23.10
      env:
@@ -25,7 +25,7 @@ jobs:
        echo "GOPATH=${{ github.workspace }}" >> "$GITHUB_ENV"
        echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH"
    - name: Checkout code
-      uses: actions/checkout@v4
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      with:
        fetch-depth: 0
        persist-credentials: false
--- a/.github/workflows/gatekeeper-skipper.yaml
+++ b/.github/workflows/gatekeeper-skipper.yaml
@@ -42,7 +42,7 @@ jobs:
      skip_test: ${{ steps.skipper.outputs.skip_test }}
      skip_static: ${{ steps.skipper.outputs.skip_static }}
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
--- a/.github/workflows/gatekeeper.yaml
+++ b/.github/workflows/gatekeeper.yaml
@@ -28,7 +28,7 @@ jobs:
      issues: read
      pull-requests: read
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ github.event.pull_request.head.sha }}
          fetch-depth: 0
--- a/.github/workflows/kata-runtime-classes-sync.yaml
+++ b/.github/workflows/kata-runtime-classes-sync.yaml
@@ -18,7 +18,7 @@ jobs:
    runs-on: ubuntu-22.04
    steps:
    - name: Checkout code
-      uses: actions/checkout@v4
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      with:
        persist-credentials: false
    - name: Ensure the split out runtime classes match the all-in-one file
--- a/.github/workflows/payload-after-push.yaml
+++ b/.github/workflows/payload-after-push.yaml
@@ -143,7 +143,7 @@ jobs:
    needs: [publish-kata-deploy-payload-amd64, publish-kata-deploy-payload-arm64, publish-kata-deploy-payload-s390x, publish-kata-deploy-payload-ppc64le]
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          persist-credentials: false

--- a/.github/workflows/publish-kata-deploy-payload.yaml
+++ b/.github/workflows/publish-kata-deploy-payload.yaml
@@ -44,7 +44,7 @@ jobs:
      packages: write
    runs-on: ${{ inputs.runner }}
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -57,7 +57,7 @@ jobs:
          TARGET_BRANCH: ${{ inputs.target-branch }}

      - name: get-kata-tarball for ${{ inputs.arch }}
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-${{ inputs.arch}}${{ inputs.tarball-suffix }}

@@ -79,7 +79,12 @@ jobs:

      - name: build-and-push-kata-payload for ${{ inputs.arch }}
        id: build-and-push-kata-payload
+        env:
+          REGISTRY: ${{ inputs.registry }}
+          REPO: ${{ inputs.repo }}
+          TAG: ${{ inputs.tag }}
        run: |
          ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \
-          "$(pwd)"/kata-static.tar.xz \
-          ${{ inputs.registry }}/${{ inputs.repo }} ${{ inputs.tag }}
+          "$(pwd)/kata-static.tar.xz" \
+          "${REGISTRY}/${REPO}" \
+          "${TAG}"
--- a/.github/workflows/release-amd64.yaml
+++ b/.github/workflows/release-amd64.yaml
@@ -47,16 +47,18 @@ jobs:
          username: ${{ vars.QUAY_DEPLOYER_USERNAME }}
          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}

-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          persist-credentials: false
      - name: get-kata-tarball
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-amd64

      - name: build-and-push-kata-deploy-ci-amd64
        id: build-and-push-kata-deploy-ci-amd64
+        env:
+          TARGET_ARCH: ${{ inputs.target-arch }}
        run: |
          # We need to do such trick here as the format of the $GITHUB_REF
          # is "refs/tags/<tag>"
@@ -70,8 +72,8 @@ jobs:
          for tag in "${tags[@]}"; do
              ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \
                  "$(pwd)"/kata-static.tar.xz "ghcr.io/kata-containers/kata-deploy" \
-                  "${tag}-${{ inputs.target-arch }}"
+                  "${tag}-${TARGET_ARCH}"
              ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \
                  "$(pwd)"/kata-static.tar.xz "quay.io/kata-containers/kata-deploy" \
-                  "${tag}-${{ inputs.target-arch }}"
+                  "${tag}-${TARGET_ARCH}"
          done
--- a/.github/workflows/release-arm64.yaml
+++ b/.github/workflows/release-arm64.yaml
@@ -47,16 +47,18 @@ jobs:
          username: ${{ vars.QUAY_DEPLOYER_USERNAME }}
          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}

-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          persist-credentials: false
      - name: get-kata-tarball
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-arm64

      - name: build-and-push-kata-deploy-ci-arm64
        id: build-and-push-kata-deploy-ci-arm64
+        env:
+          TARGET_ARCH: ${{ inputs.target-arch }}
        run: |
          # We need to do such trick here as the format of the $GITHUB_REF
          # is "refs/tags/<tag>"
@@ -70,8 +72,8 @@ jobs:
          for tag in "${tags[@]}"; do
              ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \
                  "$(pwd)"/kata-static.tar.xz "ghcr.io/kata-containers/kata-deploy" \
-                  "${tag}-${{ inputs.target-arch }}"
+                  "${tag}-${TARGET_ARCH}"
              ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \
                  "$(pwd)"/kata-static.tar.xz "quay.io/kata-containers/kata-deploy" \
-                  "${tag}-${{ inputs.target-arch }}"
+                  "${tag}-${TARGET_ARCH}"
          done
--- a/.github/workflows/release-ppc64le.yaml
+++ b/.github/workflows/release-ppc64le.yaml
@@ -47,16 +47,18 @@ jobs:
          username: ${{ vars.QUAY_DEPLOYER_USERNAME }}
          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}

-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          persist-credentials: false
      - name: get-kata-tarball
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-ppc64le

      - name: build-and-push-kata-deploy-ci-ppc64le
        id: build-and-push-kata-deploy-ci-ppc64le
+        env:
+          TARGET_ARCH: ${{ inputs.target-arch }}
        run: |
          # We need to do such trick here as the format of the $GITHUB_REF
          # is "refs/tags/<tag>"
@@ -70,8 +72,8 @@ jobs:
          for tag in "${tags[@]}"; do
              ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \
                  "$(pwd)"/kata-static.tar.xz "ghcr.io/kata-containers/kata-deploy" \
-                  "${tag}-${{ inputs.target-arch }}"
+                  "${tag}-${TARGET_ARCH}"
              ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \
                  "$(pwd)"/kata-static.tar.xz "quay.io/kata-containers/kata-deploy" \
-                  "${tag}-${{ inputs.target-arch }}"
+                  "${tag}-${TARGET_ARCH}"
          done
--- a/.github/workflows/release-s390x.yaml
+++ b/.github/workflows/release-s390x.yaml
@@ -51,16 +51,18 @@ jobs:
          username: ${{ vars.QUAY_DEPLOYER_USERNAME }}
          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}

-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          persist-credentials: false
      - name: get-kata-tarball
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-s390x

      - name: build-and-push-kata-deploy-ci-s390x
        id: build-and-push-kata-deploy-ci-s390x
+        env:
+          TARGET_ARCH: ${{ inputs.target-arch }}
        run: |
          # We need to do such trick here as the format of the $GITHUB_REF
          # is "refs/tags/<tag>"
@@ -74,8 +76,8 @@ jobs:
          for tag in "${tags[@]}"; do
              ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \
                  "$(pwd)"/kata-static.tar.xz "ghcr.io/kata-containers/kata-deploy" \
-                  "${tag}-${{ inputs.target-arch }}"
+                  "${tag}-${TARGET_ARCH}"
              ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \
                  "$(pwd)"/kata-static.tar.xz "quay.io/kata-containers/kata-deploy" \
-                  "${tag}-${{ inputs.target-arch }}"
+                  "${tag}-${TARGET_ARCH}"
          done
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -12,7 +12,7 @@ jobs:
      contents: write # needed for the `gh release create` command
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          fetch-depth: 0
          persist-credentials: false
@@ -84,7 +84,7 @@ jobs:
      packages: write # needed to push the multi-arch manifest to ghcr.io
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          persist-credentials: false

@@ -120,7 +120,7 @@ jobs:
    runs-on: ubuntu-22.04
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          persist-credentials: false

@@ -130,7 +130,7 @@ jobs:
          echo "KATA_STATIC_TARBALL=${tarball}" >> "$GITHUB_ENV"

      - name: Download amd64 artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-amd64

@@ -142,7 +142,7 @@ jobs:
          ARCHITECTURE: amd64

      - name: Download arm64 artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-arm64

@@ -154,7 +154,7 @@ jobs:
          ARCHITECTURE: arm64

      - name: Download s390x artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-s390x

@@ -166,7 +166,7 @@ jobs:
          ARCHITECTURE: s390x

      - name: Download ppc64le artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-ppc64le

@@ -184,7 +184,7 @@ jobs:
      contents: write # needed for the `gh release` commands
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          persist-credentials: false

@@ -201,7 +201,7 @@ jobs:
      contents: write # needed for the `gh release` commands
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          persist-credentials: false

@@ -218,7 +218,7 @@ jobs:
      contents: write # needed for the `gh release` commands
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          persist-credentials: false

@@ -236,7 +236,7 @@ jobs:
      packages: write # needed to push the helm chart to ghcr.io
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          persist-credentials: false

@@ -251,9 +251,12 @@ jobs:
          GH_TOKEN: ${{ github.token }}

      - name: Login to the OCI registries
+        env:
+          QUAY_DEPLOYER_USERNAME: ${{ vars.QUAY_DEPLOYER_USERNAME }}
+          GITHUB_ACTOR: ${{ github.actor }}
        run: |
-          echo "${{ secrets.QUAY_DEPLOYER_PASSWORD }}" | helm registry login quay.io --username "${{ vars.QUAY_DEPLOYER_USERNAME }}" --password-stdin
-          echo "${{ github.token }}" | helm registry login ghcr.io --username "${{ github.actor }}" --password-stdin
+          echo "${{ secrets.QUAY_DEPLOYER_PASSWORD }}" | helm registry login quay.io --username "${QUAY_DEPLOYER_USERNAME}" --password-stdin
+          echo "${{ github.token }}" | helm registry login ghcr.io --username "${GITHUB_ACTOR}" --password-stdin

      - name: Push helm chart to the OCI registries
        run: |
@@ -268,7 +271,7 @@ jobs:
      contents: write # needed for the `gh release` commands
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          persist-credentials: false

--- a/.github/workflows/run-cri-containerd-tests.yaml
+++ b/.github/workflows/run-cri-containerd-tests.yaml
@@ -44,7 +44,7 @@ jobs:
      GOPATH: ${{ github.workspace }}
      KATA_HYPERVISOR: ${{ inputs.vmm }}
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -61,7 +61,7 @@ jobs:
        run: bash tests/integration/cri-containerd/gha-run.sh install-dependencies

      - name: get-kata-tarball for ${{ inputs.arch }}
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-${{ inputs.arch }}${{ inputs.tarball-suffix }}
          path: kata-artifacts
--- a/.github/workflows/run-k8s-tests-on-aks.yaml
+++ b/.github/workflows/run-k8s-tests-on-aks.yaml
@@ -71,7 +71,6 @@ jobs:
            instance-type: normal
            auto-generate-policy: yes
    runs-on: ubuntu-22.04
-    environment: ci
    env:
      DOCKER_REGISTRY: ${{ inputs.registry }}
      DOCKER_REPO: ${{ inputs.repo }}
@@ -85,7 +84,7 @@ jobs:
      GENPOLICY_PULL_METHOD: ${{ matrix.genpolicy-pull-method }}
      AUTO_GENERATE_POLICY: ${{ matrix.auto-generate-policy }}
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -98,7 +97,7 @@ jobs:
          TARGET_BRANCH: ${{ inputs.target-branch }}

      - name: get-kata-tarball
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-amd64${{ inputs.tarball-suffix }}
          path: kata-artifacts
--- a/.github/workflows/run-k8s-tests-on-amd64.yaml
+++ b/.github/workflows/run-k8s-tests-on-amd64.yaml
@@ -61,7 +61,7 @@ jobs:
      K8S_TEST_HOST_TYPE: all
      CONTAINER_RUNTIME: ${{ matrix.container_runtime }}
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -101,7 +101,7 @@ jobs:
        continue-on-error: true

      - name: Archive artifacts ${{ matrix.vmm }}
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: k8s-tests-${{ matrix.vmm }}-${{ matrix.snapshotter }}-${{ matrix.k8s }}-${{ inputs.tag }}
          path: /tmp/artifacts
--- a/.github/workflows/run-k8s-tests-on-arm64.yaml
+++ b/.github/workflows/run-k8s-tests-on-arm64.yaml
@@ -46,7 +46,7 @@ jobs:
      K8S_TEST_HOST_TYPE: all
      TARGET_ARCH: "aarch64"
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -75,7 +75,7 @@ jobs:
        continue-on-error: true

      - name: Archive artifacts ${{ matrix.vmm }}
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: k8s-tests-${{ matrix.vmm }}-${{ matrix.k8s }}-${{ inputs.tag }}
          path: /tmp/artifacts
--- a/.github/workflows/run-k8s-tests-on-ppc64le.yaml
+++ b/.github/workflows/run-k8s-tests-on-ppc64le.yaml
@@ -46,7 +46,7 @@ jobs:
      USING_NFD: "false"
      TARGET_ARCH: "ppc64le"
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
--- a/.github/workflows/run-k8s-tests-on-zvsi.yaml
+++ b/.github/workflows/run-k8s-tests-on-zvsi.yaml
@@ -81,7 +81,7 @@ jobs:
      AUTHENTICATED_IMAGE_USER: ${{ vars.AUTHENTICATED_IMAGE_USER }}
      AUTHENTICATED_IMAGE_PASSWORD: ${{ secrets.AUTHENTICATED_IMAGE_PASSWORD }}
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
--- a/.github/workflows/run-kata-coco-stability-tests.yaml
+++ b/.github/workflows/run-kata-coco-stability-tests.yaml
@@ -52,7 +52,6 @@ jobs:
        pull-type:
          - guest-pull
    runs-on: ubuntu-22.04
-    environment: ci
    env:
      DOCKER_REGISTRY: ${{ inputs.registry }}
      DOCKER_REPO: ${{ inputs.repo }}
@@ -70,7 +69,7 @@ jobs:
      SNAPSHOTTER: ${{ matrix.snapshotter }}
      USING_NFD: "false"
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -83,7 +82,7 @@ jobs:
          TARGET_BRANCH: ${{ inputs.target-branch }}

      - name: get-kata-tarball
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-amd64${{ inputs.tarball-suffix }}
          path: kata-artifacts
--- a/.github/workflows/run-kata-coco-tests.yaml
+++ b/.github/workflows/run-kata-coco-tests.yaml
@@ -70,7 +70,7 @@ jobs:
      ITA_KEY: ${{ secrets.ITA_KEY }}
      AUTO_GENERATE_POLICY: "yes"
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -156,7 +156,7 @@ jobs:
      AUTHENTICATED_IMAGE_PASSWORD: ${{ secrets.AUTHENTICATED_IMAGE_PASSWORD }}
      AUTO_GENERATE_POLICY: "yes"
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -224,7 +224,6 @@ jobs:
        pull-type:
          - guest-pull
    runs-on: ubuntu-22.04
-    environment: ci
    env:
      DOCKER_REGISTRY: ${{ inputs.registry }}
      DOCKER_REPO: ${{ inputs.repo }}
@@ -248,7 +247,7 @@ jobs:
      USING_NFD: "false"
      AUTO_GENERATE_POLICY: "yes"
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -261,7 +260,7 @@ jobs:
          TARGET_BRANCH: ${{ inputs.target-branch }}

      - name: get-kata-tarball
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-amd64${{ inputs.tarball-suffix }}
          path: kata-artifacts
--- a/.github/workflows/run-kata-deploy-tests-on-aks.yaml
+++ b/.github/workflows/run-kata-deploy-tests-on-aks.yaml
@@ -49,7 +49,6 @@ jobs:
          - host_os: cbl-mariner
            vmm: clh
    runs-on: ubuntu-22.04
-    environment: ci
    env:
      DOCKER_REGISTRY: ${{ inputs.registry }}
      DOCKER_REPO: ${{ inputs.repo }}
@@ -60,7 +59,7 @@ jobs:
      KUBERNETES: "vanilla"
      USING_NFD: "false"
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
--- a/.github/workflows/run-kata-deploy-tests.yaml
+++ b/.github/workflows/run-kata-deploy-tests.yaml
@@ -47,7 +47,7 @@ jobs:
      KUBERNETES: ${{ matrix.k8s }}
      USING_NFD: "false"
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
--- a/.github/workflows/run-kata-monitor-tests.yaml
+++ b/.github/workflows/run-kata-monitor-tests.yaml
@@ -40,7 +40,7 @@ jobs:
      #CONTAINERD_VERSION: ${{ matrix.containerd_version }}
      KATA_HYPERVISOR: ${{ matrix.vmm }}
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -56,7 +56,7 @@ jobs:
        run: bash tests/functional/kata-monitor/gha-run.sh install-dependencies

      - name: get-kata-tarball
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-amd64${{ inputs.tarball-suffix }}
          path: kata-artifacts
--- a/.github/workflows/run-metrics.yaml
+++ b/.github/workflows/run-metrics.yaml
@@ -47,7 +47,7 @@ jobs:
      USING_NFD: "false"
      KUBERNETES: kubeadm
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -116,7 +116,7 @@ jobs:
        run: bash tests/metrics/gha-run.sh make-tarball-results

      - name: archive metrics results ${{ matrix.vmm }}
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
          name: metrics-artifacts-${{ matrix.vmm }}
          path: results-${{ matrix.vmm }}.tar.gz
--- a/.github/workflows/run-runk-tests.yaml
+++ b/.github/workflows/run-runk-tests.yaml
@@ -24,7 +24,7 @@ jobs:
    env:
      CONTAINERD_VERSION: lts
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
@@ -40,7 +40,7 @@ jobs:
        run: bash tests/integration/runk/gha-run.sh install-dependencies

      - name: get-kata-tarball
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          name: kata-static-tarball-amd64${{ inputs.tarball-suffix }}
          path: kata-artifacts
--- a/.github/workflows/scorecard.yaml
+++ b/.github/workflows/scorecard.yaml
@@ -0,0 +1,60 @@
+# This workflow uses actions that are not certified by GitHub. They are provided
+# by a third-party and are governed by separate terms of service, privacy
+# policy, and support documentation.
+
+name: Scorecard supply-chain security
+on:
+  # For Branch-Protection check. Only the default branch is supported. See
+  # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection
+  branch_protection_rule:
+  push:
+    branches: [ "main" ]
+  workflow_dispatch:
+
+permissions: {}
+
+jobs:
+  analysis:
+    name: Scorecard analysis
+    runs-on: ubuntu-latest
+    # `publish_results: true` only works when run from the default branch. conditional can be removed if disabled.
+    if: github.event.repository.default_branch == github.ref_name || github.event_name == 'pull_request'
+    permissions:
+      # Needed to upload the results to code-scanning dashboard.
+      security-events: write
+      # Needed to publish results and get a badge (see publish_results below).
+      id-token: write
+
+    steps:
+      - name: "Checkout code"
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          persist-credentials: false
+
+      - name: "Run analysis"
+        uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1
+        with:
+          results_file: results.sarif
+          results_format: sarif
+
+          # Public repositories:
+          #   - Publish results to OpenSSF REST API for easy access by consumers
+          #   - Allows the repository to include the Scorecard badge.
+          #   - See https://github.com/ossf/scorecard-action#publishing-results.
+          publish_results: true
+
+      # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
+      # format to the repository Actions tab.
+      - name: "Upload artifact"
+        uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
+        with:
+          name: SARIF file
+          path: results.sarif
+          retention-days: 5
+
+      # Upload the results to GitHub's code scanning dashboard (optional).
+      # Commenting out will disable upload of results to your repo's Code Scanning dashboard
+      - name: "Upload to code-scanning"
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: results.sarif
--- a/.github/workflows/shellcheck.yaml
+++ b/.github/workflows/shellcheck.yaml
@@ -22,7 +22,7 @@ jobs:
    runs-on: ubuntu-24.04
    steps:
      - name: Checkout the code
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          fetch-depth: 0
          persist-credentials: false
--- a/.github/workflows/shellcheck_required.yaml
+++ b/.github/workflows/shellcheck_required.yaml
@@ -23,7 +23,7 @@ jobs:
    runs-on: ubuntu-24.04
    steps:
      - name: Checkout the code
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          fetch-depth: 0
          persist-credentials: false
--- a/.github/workflows/stale.yaml
+++ b/.github/workflows/stale.yaml
@@ -11,7 +11,7 @@ jobs:
  stale:
    runs-on: ubuntu-22.04
    steps:
-      - uses: actions/stale@v9
+      - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # v9.1.0
        with:
          stale-pr-message: 'This PR has been opened without with no activity for 180 days. Comment on the issue otherwise it will be closed in 7 days'
          days-before-pr-stale: 180
--- a/.github/workflows/static-checks.yaml
+++ b/.github/workflows/static-checks.yaml
@@ -5,6 +5,7 @@ on:
      - edited
      - reopened
      - synchronize
+  workflow_dispatch:

 permissions:
  contents: read
@@ -27,7 +28,7 @@ jobs:
    runs-on: ubuntu-22.04
    steps:
      - name: Checkout the code
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          fetch-depth: 0
          persist-credentials: false
@@ -69,7 +70,7 @@ jobs:
            component-path: src/dragonball
    steps:
      - name: Checkout the code
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          fetch-depth: 0
          persist-credentials: false
@@ -105,9 +106,12 @@ jobs:
          - "make static-checks"
    env:
      GOPATH: ${{ github.workspace }}
+    permissions:
+      contents: read  # for checkout
+      packages: write # for push to ghcr.io
    steps:
      - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          fetch-depth: 0
          persist-credentials: false
@@ -131,6 +135,10 @@ jobs:
          cd "${GOPATH}/src/github.com/${{ github.repository }}"
          ./tests/install_opa.sh
      - name: Install regorus
+        env:
+          ARTEFACT_REPOSITORY: "${{ github.repository }}"
+          ARTEFACT_REGISTRY_USERNAME: "${{ github.actor }}"
+          ARTEFACT_REGISTRY_PASSWORD: "${{ secrets.GITHUB_TOKEN }}"
        run: |
          "${GOPATH}/src/github.com/${{ github.repository }}/tests/install_regorus.sh"
      - name: Run check
--- a/.github/workflows/zizmor.yaml
+++ b/.github/workflows/zizmor.yaml
@@ -0,0 +1,29 @@
+name: GHA security analysis
+
+on:
+  push:
+    branches: ["main"]
+  pull_request:
+
+permissions:
+  contents: read
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  zizmor:
+    runs-on: ubuntu-22.04
+    permissions:
+      contents: read
+      security-events: write
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          fetch-depth: 0
+          persist-credentials: false
+
+      - name: Run zizmor
+        uses: zizmorcore/zizmor-action@f52a838cfabf134edcbaa7c8b3677dde20045018 # v0.1.1
--- a/README.md
+++ b/README.md
@@ -1,6 +1,7 @@
 <img src="https://object-storage-ca-ymq-1.vexxhost.net/swift/v1/6e4619c416ff4bd19e1c087f27a43eea/www-images-prod/openstack-logo/kata/SVG/kata-1.svg" width="900">

 [![CI | Publish Kata Containers payload](https://github.com/kata-containers/kata-containers/actions/workflows/payload-after-push.yaml/badge.svg)](https://github.com/kata-containers/kata-containers/actions/workflows/payload-after-push.yaml) [![Kata Containers Nightly CI](https://github.com/kata-containers/kata-containers/actions/workflows/ci-nightly.yaml/badge.svg)](https://github.com/kata-containers/kata-containers/actions/workflows/ci-nightly.yaml)
+[![OpenSSF Scorecard](https://api.scorecard.dev/projects/github.com/kata-containers/kata-containers/badge)](https://scorecard.dev/viewer/?uri=github.com/kata-containers/kata-containers)

 # Kata Containers

--- a/src/agent/Cargo.lock
+++ b/src/agent/Cargo.lock
@@ -1,6 +1,6 @@
 # This file is automatically @generated by Cargo.
 # It is not intended for manual editing.
-version = 3
+version = 4

 [[package]]
 name = "addr2line"
@@ -405,17 +405,6 @@ version = "1.1.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1505bd5d3d116872e7271a6d4e16d81d0c8570876c8de68093a09ac269d8aac0"

-[[package]]
-name = "atty"
-version = "0.2.14"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d9b39be18770d11421cdb1b9947a45dd3f37e93092cbf377614828a319d5fee8"
-dependencies = [
- "hermit-abi 0.1.19",
- "libc",
- "winapi",
-]
-
 [[package]]
 name = "autocfg"
 version = "1.4.0"
@@ -661,7 +650,7 @@ version = "0.1.0"
 source = "git+https://github.com/cncf-tags/container-device-interface-rs?rev=fba5677a8e7cc962fc6e495fcec98d7d765e332a#fba5677a8e7cc962fc6e495fcec98d7d765e332a"
 dependencies = [
 "anyhow",
- "clap 4.5.37",
+ "clap",
 "const_format",
 "jsonschema",
 "lazy_static",
@@ -719,61 +708,31 @@ dependencies = [

 [[package]]
 name = "clap"
-version = "3.2.25"
+version = "4.5.40"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4ea181bf566f71cb9a5d17a59e1871af638180a18fb0035c92ae62b705207123"
-dependencies = [
- "atty",
- "bitflags 1.3.2",
- "clap_derive 3.2.25",
- "clap_lex 0.2.4",
- "indexmap 1.9.3",
- "once_cell",
- "strsim 0.10.0",
- "termcolor",
- "textwrap",
-]
-
-[[package]]
-name = "clap"
-version = "4.5.37"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "eccb054f56cbd38340b380d4a8e69ef1f02f1af43db2f0cc817a4774d80ae071"
+checksum = "40b6887a1d8685cebccf115538db5c0efe625ccac9696ad45c409d96566e910f"
 dependencies = [
 "clap_builder",
- "clap_derive 4.5.32",
+ "clap_derive",
 ]

 [[package]]
 name = "clap_builder"
-version = "4.5.37"
+version = "4.5.40"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "efd9466fac8543255d3b1fcad4762c5e116ffe808c8a3043d4263cd4fd4862a2"
+checksum = "e0c66c08ce9f0c698cbce5c0279d0bb6ac936d8674174fe48f736533b964f59e"
 dependencies = [
 "anstream",
 "anstyle",
- "clap_lex 0.7.4",
- "strsim 0.11.1",
+ "clap_lex",
+ "strsim",
 ]

 [[package]]
 name = "clap_derive"
-version = "3.2.25"
+version = "4.5.40"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ae6371b8bdc8b7d3959e9cf7b22d4435ef3e79e138688421ec654acf8c81b008"
-dependencies = [
- "heck 0.4.1",
- "proc-macro-error",
- "proc-macro2",
- "quote",
- "syn 1.0.109",
-]
-
-[[package]]
-name = "clap_derive"
-version = "4.5.32"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "09176aae279615badda0765c0c0b3f6ed53f4709118af73cf4655d85d1530cd7"
+checksum = "d2c7947ae4cc3d851207c1adb5b5e260ff0cca11446b1d6d1423788e442257ce"
 dependencies = [
 "heck 0.5.0",
 "proc-macro2",
@@ -781,15 +740,6 @@ dependencies = [
 "syn 2.0.101",
 ]

-[[package]]
-name = "clap_lex"
-version = "0.2.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2850f2f5a82cbf437dd5af4d49848fbdfc27c157c3d010345776f952765261c5"
-dependencies = [
- "os_str_bytes",
-]
-
 [[package]]
 name = "clap_lex"
 version = "0.7.4"
@@ -970,7 +920,7 @@ dependencies = [
 "ident_case",
 "proc-macro2",
 "quote",
- "strsim 0.11.1",
+ "strsim",
 "syn 2.0.101",
 ]

@@ -1249,6 +1199,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7ced92e76e966ca2fd84c8f7aa01a4aea65b0eb6648d72f7c8f3e2764a67fece"
 dependencies = [
 "crc32fast",
+ "libz-sys",
 "miniz_oxide",
 ]

@@ -1525,27 +1476,12 @@ dependencies = [
 "unicode-segmentation",
 ]

-[[package]]
-name = "heck"
-version = "0.4.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "95505c38b4572b2d910cecb0281560f54b440a19336cbbcb27bf6ce6adc6f5a8"
-
 [[package]]
 name = "heck"
 version = "0.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea"

-[[package]]
-name = "hermit-abi"
-version = "0.1.19"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "62b467343b94ba476dcb2500d242dadbb39557df889310ac77c5d99100aaac33"
-dependencies = [
- "libc",
-]
-
 [[package]]
 name = "hermit-abi"
 version = "0.3.9"
@@ -1997,7 +1933,7 @@ dependencies = [
 "anyhow",
 "base64 0.22.1",
 "bytecount",
- "clap 4.5.37",
+ "clap",
 "fancy-regex",
 "fraction",
 "getrandom 0.2.16",
@@ -2031,7 +1967,7 @@ dependencies = [
 "cdi",
 "cfg-if",
 "cgroups-rs",
- "clap 3.2.25",
+ "clap",
 "const_format",
 "derivative",
 "futures",
@@ -2052,7 +1988,7 @@ dependencies = [
 "opentelemetry",
 "procfs 0.12.0",
 "prometheus",
- "protobuf 3.7.1",
+ "protobuf 3.7.2",
 "protocols",
 "regex",
 "rstest",
@@ -2139,7 +2075,9 @@ dependencies = [
 "base64 0.13.1",
 "bitmask-enum",
 "byte-unit",
+ "flate2",
 "glob",
+ "hex",
 "lazy_static",
 "num_cpus",
 "oci-spec",
@@ -2148,6 +2086,7 @@ dependencies = [
 "serde",
 "serde-enum-str",
 "serde_json",
+ "sha2",
 "slog",
 "slog-scope",
 "sysinfo",
@@ -2225,6 +2164,17 @@ version = "0.2.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "9a7cbbd4ad467251987c6e5b47d53b11a5a05add08f2447a9e2d70aef1e0d138"

+[[package]]
+name = "libz-sys"
+version = "1.1.22"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8b70e7a7df205e92a1a4cd9aaae7898dac0aa555503cc0a649494d0d60e7651d"
+dependencies = [
+ "cc",
+ "pkg-config",
+ "vcpkg",
+]
+
 [[package]]
 name = "linux-raw-sys"
 version = "0.3.8"
@@ -3242,9 +3192,9 @@ checksum = "106dd99e98437432fed6519dedecfade6a06a73bb7b2a1e019fdd2bee5778d94"

 [[package]]
 name = "protobuf"
-version = "3.7.1"
+version = "3.7.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a3a7c64d9bf75b1b8d981124c14c179074e8caa7dfe7b6a12e6222ddcd0c8f72"
+checksum = "d65a1d4ddae7d8b5de68153b48f6aa3bba8cb002b243dbdbc55a5afbc98f99f4"
 dependencies = [
 "once_cell",
 "protobuf-support",
@@ -3262,13 +3212,13 @@ dependencies = [

 [[package]]
 name = "protobuf-codegen"
-version = "3.7.1"
+version = "3.7.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e26b833f144769a30e04b1db0146b2aaa53fd2fd83acf10a6b5f996606c18144"
+checksum = "5d3976825c0014bbd2f3b34f0001876604fe87e0c86cd8fa54251530f1544ace"
 dependencies = [
 "anyhow",
 "once_cell",
- "protobuf 3.7.1",
+ "protobuf 3.7.2",
 "protobuf-parse",
 "regex",
 "tempfile",
@@ -3277,14 +3227,14 @@ dependencies = [

 [[package]]
 name = "protobuf-parse"
-version = "3.7.1"
+version = "3.7.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "322330e133eab455718444b4e033ebfac7c6528972c784fcde28d2cc783c6257"
+checksum = "b4aeaa1f2460f1d348eeaeed86aea999ce98c1bded6f089ff8514c9d9dbdc973"
 dependencies = [
 "anyhow",
 "indexmap 2.9.0",
 "log",
- "protobuf 3.7.1",
+ "protobuf 3.7.2",
 "protobuf-support",
 "tempfile",
 "thiserror 1.0.69",
@@ -3293,9 +3243,9 @@ dependencies = [

 [[package]]
 name = "protobuf-support"
-version = "3.7.1"
+version = "3.7.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b088fd20b938a875ea00843b6faf48579462630015c3788d397ad6a786663252"
+checksum = "3e36c2f31e0a47f9280fb347ef5e461ffcd2c52dd520d8e216b52f93b0b0d7d6"
 dependencies = [
 "thiserror 1.0.69",
 ]
@@ -3306,7 +3256,7 @@ version = "0.1.0"
 dependencies = [
 "async-trait",
 "oci-spec",
- "protobuf 3.7.1",
+ "protobuf 3.7.2",
 "serde",
 "serde_json",
 "ttrpc",
@@ -3711,7 +3661,7 @@ dependencies = [
 "nix 0.24.3",
 "oci-spec",
 "path-absolutize",
- "protobuf 3.7.1",
+ "protobuf 3.7.2",
 "protocols",
 "regex",
 "rlimit",
@@ -4117,12 +4067,6 @@ version = "1.1.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "a2eb9349b6444b326872e140eb1cf5e7c522154d69e7a0ffb0fb81c06b37543f"

-[[package]]
-name = "strsim"
-version = "0.10.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623"
-
 [[package]]
 name = "strsim"
 version = "0.11.1"
@@ -4249,15 +4193,6 @@ dependencies = [
 "winapi",
 ]

-[[package]]
-name = "termcolor"
-version = "1.4.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "06794f8f6c5c898b3275aebefa6b8a1cb24cd2c6c79397ab15774837a0bc5755"
-dependencies = [
- "winapi-util",
-]
-
 [[package]]
 name = "termtree"
 version = "0.5.1"
@@ -4271,12 +4206,6 @@ dependencies = [
 "nix 0.24.3",
 ]

-[[package]]
-name = "textwrap"
-version = "0.16.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c13547615a44dc9c452a8a534638acdf07120d4b6847c8178705da06306a3057"
-
 [[package]]
 name = "thiserror"
 version = "1.0.69"
@@ -4621,8 +4550,8 @@ dependencies = [
 "libc",
 "log",
 "nix 0.26.4",
- "protobuf 3.7.1",
- "protobuf-codegen 3.7.1",
+ "protobuf 3.7.2",
+ "protobuf-codegen 3.7.2",
 "thiserror 1.0.69",
 "tokio",
 "tokio-vsock 0.4.0",
@@ -4637,7 +4566,7 @@ checksum = "cdc0529f65223eca94fc5830e7d552d0d152ff42b74aff5c641edac39592f41f"
 dependencies = [
 "home",
 "protobuf 2.28.0",
- "protobuf-codegen 3.7.1",
+ "protobuf-codegen 3.7.2",
 "protobuf-support",
 "ttrpc-compiler",
 ]
@@ -4752,6 +4681,12 @@ version = "1.11.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "943ce29a8a743eb10d6082545d861b24f9d1b160b7d741e0f2cdf726bec909c5"

+[[package]]
+name = "vcpkg"
+version = "0.2.15"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426"
+
 [[package]]
 name = "version_check"
 version = "0.9.5"
@@ -4948,7 +4883,7 @@ version = "0.1.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "cf221c93e13a30d793f7645a0e7762c55d169dbb0a49671918a2319d289b10bb"
 dependencies = [
- "windows-sys 0.48.0",
+ "windows-sys 0.59.0",
 ]

 [[package]]
--- a/src/agent/Cargo.toml
+++ b/src/agent/Cargo.toml
@@ -11,7 +11,7 @@ rust-version = "1.85.1"
 oci-spec = { version = "0.6.8", features = ["runtime"] }
 lazy_static = "1.3.0"
 ttrpc = { version = "0.8.4", features = ["async"], default-features = false }
-protobuf = "=3.7.1"
+protobuf = "3.7.2"
 libc = "0.2.94"
 nix = "0.24.2"
 capctl = "0.2.0"
@@ -66,7 +66,7 @@ opentelemetry = { version = "0.14.0", features = ["rt-tokio-current-thread"] }
 serde = { version = "1.0.129", features = ["derive"] }
 serde_json = "1.0.39"
 toml = "0.5.8"
-clap = { version = "3.0.1", features = ["derive"] }
+clap = { version = "4.5.40", features = ["derive"] }
 strum = "0.26.2"
 strum_macros = "0.26.2"

--- a/src/agent/rustjail/src/mount.rs
+++ b/src/agent/rustjail/src/mount.rs
@@ -1144,7 +1144,6 @@ mod tests {
    use std::fs::remove_dir_all;
    use std::fs::remove_file;
    use std::io;
-    use std::os::unix::fs;
    use std::os::unix::io::AsRawFd;
    use tempfile::tempdir;
    use test_utils::assert_result;
--- a/src/agent/src/initdata.rs
+++ b/src/agent/src/initdata.rs
@@ -15,7 +15,7 @@ use anyhow::{bail, Context, Result};
 use async_compression::tokio::bufread::GzipDecoder;
 use base64::{engine::general_purpose::STANDARD, Engine};
 use const_format::concatcp;
-use serde::Deserialize;
+use kata_types::initdata::InitData;
 use sha2::{Digest, Sha256, Sha384, Sha512};
 use slog::Logger;
 use tokio::io::{AsyncReadExt, AsyncSeekExt};
@@ -23,6 +23,10 @@ use tokio::io::{AsyncReadExt, AsyncSeekExt};
 /// This is the target directory to store the extracted initdata.
 pub const INITDATA_PATH: &str = "/run/confidential-containers/initdata";

+const AA_CONFIG_KEY: &str = "aa.toml";
+const CDH_CONFIG_KEY: &str = "cdh.toml";
+const POLICY_KEY: &str = "policy.rego";
+
 /// The path of AA's config file
 pub const AA_CONFIG_PATH: &str = concatcp!(INITDATA_PATH, "/aa.toml");

@@ -32,30 +36,6 @@ pub const CDH_CONFIG_PATH: &str = concatcp!(INITDATA_PATH, "/cdh.toml");
 /// Magic number of initdata device
 pub const INITDATA_MAGIC_NUMBER: &[u8] = b"initdata";

-/// Now only initdata `0.1.0` is defined.
-const INITDATA_VERSION: &str = "0.1.0";
-
-/// Initdata defined in
-/// <https://github.com/confidential-containers/trustee/blob/47d7a2338e0be76308ac19be5c0c172c592780aa/kbs/docs/initdata.md>
-#[derive(Deserialize)]
-pub struct Initdata {
-    version: String,
-    algorithm: String,
-    data: DefinedFields,
-}
-
-/// Well-defined keys for initdata of kata/CoCo
-#[derive(Deserialize, Default)]
-#[serde(deny_unknown_fields)]
-pub struct DefinedFields {
-    #[serde(rename = "aa.toml")]
-    aa_config: Option<String>,
-    #[serde(rename = "cdh.toml")]
-    cdh_config: Option<String>,
-    #[serde(rename = "policy.rego")]
-    policy: Option<String>,
-}
-
 async fn detect_initdata_device(logger: &Logger) -> Result<Option<String>> {
    let dev_dir = Path::new("/dev");
    let mut read_dir = tokio::fs::read_dir(dev_dir).await?;
@@ -137,29 +117,26 @@ pub async fn initialize_initdata(logger: &Logger) -> Result<Option<InitdataRetur
        .await
        .inspect_err(|e| error!(logger, "Failed to read initdata: {e:?}"))?;

-    let initdata: Initdata =
+    let initdata: InitData =
        toml::from_slice(&initdata_content).context("parse initdata failed")?;
-    info!(logger, "Initdata version: {}", initdata.version);
+    info!(logger, "Initdata version: {}", initdata.version());
+    initdata.validate()?;

-    if initdata.version != INITDATA_VERSION {
-        bail!("Unsupported initdata version");
-    }
-
-    let digest = match &initdata.algorithm[..] {
+    let digest = match initdata.algorithm() {
        "sha256" => Sha256::digest(&initdata_content).to_vec(),
        "sha384" => Sha384::digest(&initdata_content).to_vec(),
        "sha512" => Sha512::digest(&initdata_content).to_vec(),
        others => bail!("Unsupported hash algorithm {others}"),
    };

-    if let Some(config) = initdata.data.aa_config {
+    if let Some(config) = initdata.get_coco_data(AA_CONFIG_KEY) {
        tokio::fs::write(AA_CONFIG_PATH, config)
            .await
            .context("write aa config failed")?;
        info!(logger, "write AA config from initdata");
    }

-    if let Some(config) = initdata.data.cdh_config {
+    if let Some(config) = initdata.get_coco_data(CDH_CONFIG_KEY) {
        tokio::fs::write(CDH_CONFIG_PATH, config)
            .await
            .context("write cdh config failed")?;
@@ -170,7 +147,7 @@ pub async fn initialize_initdata(logger: &Logger) -> Result<Option<InitdataRetur

    let res = InitdataReturnValue {
        digest,
-        _policy: initdata.data.policy,
+        _policy: initdata.get_coco_data(POLICY_KEY).cloned(),
    };

    Ok(Some(res))
--- a/src/agent/src/main.rs
+++ b/src/agent/src/main.rs
@@ -21,7 +21,7 @@ extern crate slog;
 use anyhow::{anyhow, bail, Context, Result};
 use base64::Engine;
 use cfg_if::cfg_if;
-use clap::{AppSettings, Parser};
+use clap::Parser;
 use const_format::concatcp;
 use initdata::{InitdataReturnValue, AA_CONFIG_PATH, CDH_CONFIG_PATH};
 use nix::fcntl::OFlag;
@@ -128,7 +128,7 @@ lazy_static! {

 #[derive(Parser)]
 // The default clap version info doesn't match our form, so we need to override it
-#[clap(global_setting(AppSettings::DisableVersionFlag))]
+#[clap(disable_version_flag = true)]
 struct AgentOpts {
    /// Print the version information
    #[clap(short, long)]
--- a/src/dragonball/Cargo.lock
+++ b/src/dragonball/Cargo.lock
@@ -1067,9 +1067,9 @@ checksum = "ef53942eb7bf7ff43a617b3e2c1c4a5ecf5944a7c1bc12d7ee39bbb15e5c1519"

 [[package]]
 name = "linux-raw-sys"
-version = "0.4.7"
+version = "0.4.15"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1a9bad9f94746442c783ca431b22403b519cd7fbeed0533fdd6328b2f2212128"
+checksum = "d26c52dbd32dccf2d10cac7725f8eae5296885fb5703b261f7d0a0739ec807ab"

 [[package]]
 name = "lock_api"
@@ -1482,7 +1482,7 @@ dependencies = [
 "byteorder",
 "hex",
 "lazy_static",
- "rustix 0.36.15",
+ "rustix 0.36.17",
 ]

 [[package]]
@@ -1606,9 +1606,9 @@ checksum = "d626bb9dae77e28219937af045c257c28bfd3f69333c512553507f5f9798cb76"

 [[package]]
 name = "rustix"
-version = "0.36.15"
+version = "0.36.17"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c37f1bd5ef1b5422177b7646cba67430579cfe2ace80f284fee876bca52ad941"
+checksum = "305efbd14fde4139eb501df5f136994bb520b033fa9fbdce287507dc23b8c7ed"
 dependencies = [
 "bitflags 1.3.2",
 "errno",
@@ -1620,9 +1620,9 @@ dependencies = [

 [[package]]
 name = "rustix"
-version = "0.37.23"
+version = "0.37.28"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4d69718bf81c6127a49dc64e44a742e8bb9213c0ff8869a22c308f84c1d4ab06"
+checksum = "519165d378b97752ca44bbe15047d5d3409e875f39327546b42ac81d7e18c1b6"
 dependencies = [
 "bitflags 1.3.2",
 "errno",
@@ -1634,14 +1634,14 @@ dependencies = [

 [[package]]
 name = "rustix"
-version = "0.38.13"
+version = "0.38.25"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d7db8590df6dfcd144d22afd1b83b36c21a18d7cbc1dc4bb5295a8712e9eb662"
+checksum = "dc99bc2d4f1fed22595588a013687477aedf3cdcfb26558c559edb67b4d9b22e"
 dependencies = [
 "bitflags 2.4.0",
 "errno",
 "libc",
- "linux-raw-sys 0.4.7",
+ "linux-raw-sys 0.4.15",
 "windows-sys 0.48.0",
 ]

@@ -1905,7 +1905,7 @@ dependencies = [
 "cfg-if",
 "fastrand",
 "redox_syscall 0.3.5",
- "rustix 0.38.13",
+ "rustix 0.38.25",
 "windows-sys 0.48.0",
 ]

@@ -2005,7 +2005,7 @@ version = "1.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "3d3fd47d83ad0b5c7be2e8db0b9d712901ef6ce5afbcc6f676761004f5104ea2"
 dependencies = [
- "rustix 0.37.23",
+ "rustix 0.37.28",
 ]

 [[package]]
--- a/src/dragonball/out
+++ b/src/dragonball/out
--- a/src/dragonball/src/api/v1/vmm_action.rs
+++ b/src/dragonball/src/api/v1/vmm_action.rs
@@ -9,8 +9,9 @@
 use std::fs::File;
 use std::sync::{Arc, Mutex};

-use crossbeam_channel::{unbounded, Receiver, Sender, TryRecvError};
+use crossbeam_channel::{Receiver, Sender, TryRecvError};
 use log::{debug, error, info, warn};
+use std::sync::mpsc;
 use tracing::instrument;

 use crate::error::{Result, StartMicroVmError, StopMicrovmError};
@@ -284,7 +285,7 @@ pub enum VmmData {
    /// Return vfio device's slot number in guest.
    VfioDeviceData(Option<u8>),
    /// Sync Hotplug
-    SyncHotplug((Sender<Option<i32>>, Receiver<Option<i32>>)),
+    SyncHotplug((mpsc::Sender<Option<i32>>, mpsc::Receiver<Option<i32>>)),
 }

 /// Request data type used to communicate between the API and the VMM.
@@ -900,7 +901,7 @@ impl VmmService {
            }
        })?;

-        let (sender, receiver) = unbounded();
+        let (sender, receiver) = mpsc::channel();

        // It is safe because we don't expect poison lock.
        let vfio_manager = vm.device_manager.vfio_manager.lock().unwrap();
@@ -965,15 +966,17 @@ impl VmmService {
            ));
        }

+        let (sender, revceiver) = mpsc::channel();
+
        #[cfg(feature = "dbs-upcall")]
-        vm.resize_vcpu(config, None).map_err(|e| {
+        vm.resize_vcpu(config, Some(sender.clone())).map_err(|e| {
            if let VcpuResizeError::UpcallServerNotReady = e {
                return VmmActionError::UpcallServerNotReady;
            }
            VmmActionError::ResizeVcpu(e)
        })?;

-        Ok(VmmData::Empty)
+        Ok(VmmData::SyncHotplug((sender, revceiver)))
    }

    #[cfg(feature = "virtio-mem")]
--- a/src/dragonball/src/device_manager/vfio_dev_mgr/mod.rs
+++ b/src/dragonball/src/device_manager/vfio_dev_mgr/mod.rs
@@ -16,9 +16,9 @@ use std::collections::HashMap;
 use std::ops::Deref;
 use std::os::fd::RawFd;
 use std::path::Path;
+use std::sync::mpsc::Sender;
 use std::sync::{Arc, Weak};

-use crossbeam_channel::Sender;
 use dbs_device::resources::Resource::LegacyIrq;
 use dbs_device::resources::{DeviceResources, Resource, ResourceConstraint};
 use dbs_device::DeviceIo;
--- a/src/dragonball/src/vcpu/vcpu_manager.rs
+++ b/src/dragonball/src/vcpu/vcpu_manager.rs
@@ -225,7 +225,7 @@ pub struct VcpuManager {
    vm_as: GuestAddressSpaceImpl,
    pub(crate) vm_fd: Arc<VmFd>,

-    action_sycn_tx: Option<Sender<bool>>,
+    action_sycn_tx: Option<Sender<Option<i32>>>,
    vcpus_in_action: (VcpuAction, Vec<u8>),
    pub(crate) reset_event_fd: Option<EventFd>,

@@ -756,7 +756,9 @@ impl VcpuManager {

    fn sync_action_finish(&mut self, got_error: bool) {
        if let Some(tx) = self.action_sycn_tx.take() {
-            if let Err(e) = tx.send(got_error) {
+            let result = if got_error { 0 } else { -1 };
+
+            if let Err(e) = tx.send(Some(result)) {
                debug!("cpu sync action send to closed channel {}", e);
            }
        }
@@ -856,7 +858,7 @@ mod hotplug {
        pub fn resize_vcpu(
            &mut self,
            vcpu_count: u8,
-            sync_tx: Option<Sender<bool>>,
+            sync_tx: Option<Sender<Option<i32>>>,
        ) -> std::result::Result<(), VcpuResizeError> {
            if self.get_vcpus_action() != VcpuAction::None {
                return Err(VcpuResizeError::VcpuIsHotplugging);
--- a/src/dragonball/src/vm/mod.rs
+++ b/src/dragonball/src/vm/mod.rs
@@ -832,7 +832,7 @@ impl Vm {
    pub fn resize_vcpu(
        &mut self,
        config: VcpuResizeInfo,
-        sync_tx: Option<Sender<bool>>,
+        sync_tx: Option<Sender<Option<i32>>>,
    ) -> std::result::Result<(), VcpuResizeError> {
        if self.upcall_client().is_none() {
            Err(VcpuResizeError::UpcallClientMissing)
--- a/src/libs/Cargo.lock
+++ b/src/libs/Cargo.lock
@@ -17,6 +17,12 @@ version = "1.0.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe"

+[[package]]
+name = "adler2"
+version = "2.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "512761e0bb2578dd7380c6baaa0f4ce03e84f95e960231d1dec8bf4d7d6e2627"
+
 [[package]]
 name = "ahash"
 version = "0.7.7"
@@ -114,7 +120,7 @@ dependencies = [
 "cc",
 "cfg-if",
 "libc",
- "miniz_oxide",
+ "miniz_oxide 0.7.3",
 "object",
 "rustc-demangle",
 ]
@@ -159,6 +165,15 @@ dependencies = [
 "wyz",
 ]

+[[package]]
+name = "block-buffer"
+version = "0.10.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71"
+dependencies = [
+ "generic-array",
+]
+
 [[package]]
 name = "borsh"
 version = "1.5.2"
@@ -277,6 +292,24 @@ version = "0.8.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "773648b94d0e5d620f64f280777445740e61fe701025087ec8b57f45c791888b"

+[[package]]
+name = "cpufeatures"
+version = "0.2.17"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "59ed5838eebb26a2bb2e58f6d5b5316989ae9d08bab10e0e6d103e656d1b0280"
+dependencies = [
+ "libc",
+]
+
+[[package]]
+name = "crc32fast"
+version = "1.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a97769d94ddab943e4510d138150169a2758b5ef3eb191a9ee688de3e23ef7b3"
+dependencies = [
+ "cfg-if",
+]
+
 [[package]]
 name = "crossbeam"
 version = "0.8.3"
@@ -341,6 +374,16 @@ dependencies = [
 "cfg-if",
 ]

+[[package]]
+name = "crypto-common"
+version = "0.1.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3"
+dependencies = [
+ "generic-array",
+ "typenum",
+]
+
 [[package]]
 name = "darling"
 version = "0.14.4"
@@ -461,6 +504,16 @@ dependencies = [
 "syn 2.0.66",
 ]

+[[package]]
+name = "digest"
+version = "0.10.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292"
+dependencies = [
+ "block-buffer",
+ "crypto-common",
+]
+
 [[package]]
 name = "dirs-next"
 version = "2.0.0"
@@ -533,6 +586,17 @@ version = "0.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "37ab347416e802de484e4d03c7316c48f1ecb56574dfd4a46a80f173ce1de04d"

+[[package]]
+name = "flate2"
+version = "1.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7ced92e76e966ca2fd84c8f7aa01a4aea65b0eb6648d72f7c8f3e2764a67fece"
+dependencies = [
+ "crc32fast",
+ "libz-sys",
+ "miniz_oxide 0.8.8",
+]
+
 [[package]]
 name = "fnv"
 version = "1.0.7"
@@ -640,6 +704,16 @@ dependencies = [
 "slab",
 ]

+[[package]]
+name = "generic-array"
+version = "0.14.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a"
+dependencies = [
+ "typenum",
+ "version_check",
+]
+
 [[package]]
 name = "getrandom"
 version = "0.2.6"
@@ -942,7 +1016,9 @@ dependencies = [
 "base64",
 "bitmask-enum",
 "byte-unit",
+ "flate2",
 "glob",
+ "hex",
 "lazy_static",
 "nix 0.24.2",
 "num_cpus",
@@ -952,6 +1028,7 @@ dependencies = [
 "serde",
 "serde-enum-str",
 "serde_json",
+ "sha2",
 "slog",
 "slog-scope",
 "sysinfo",
@@ -973,6 +1050,17 @@ version = "0.2.172"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d750af042f7ef4f724306de029d18836c26c1765a54a6a3f094cbd23a7267ffa"

+[[package]]
+name = "libz-sys"
+version = "1.1.22"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8b70e7a7df205e92a1a4cd9aaae7898dac0aa555503cc0a649494d0d60e7651d"
+dependencies = [
+ "cc",
+ "pkg-config",
+ "vcpkg",
+]
+
 [[package]]
 name = "linux-raw-sys"
 version = "0.9.4"
@@ -1052,6 +1140,15 @@ dependencies = [
 "adler",
 ]

+[[package]]
+name = "miniz_oxide"
+version = "0.8.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3be647b768db090acb35d5ec5db2b0e1f1de11133ca123b9eacf5137868f892a"
+dependencies = [
+ "adler2",
+]
+
 [[package]]
 name = "mio"
 version = "1.0.3"
@@ -1332,6 +1429,12 @@ version = "0.1.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184"

+[[package]]
+name = "pkg-config"
+version = "0.3.32"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7edddbd0b52d732b21ad9a5fab5c704c14cd949e5e9a1ec5929a24fded1b904c"
+
 [[package]]
 name = "powerfmt"
 version = "0.2.0"
@@ -1471,9 +1574,9 @@ checksum = "cf7e6d18738ecd0902d30d1ad232c9125985a3422929b16c65517b38adc14f96"

 [[package]]
 name = "protobuf"
-version = "3.7.1"
+version = "3.7.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a3a7c64d9bf75b1b8d981124c14c179074e8caa7dfe7b6a12e6222ddcd0c8f72"
+checksum = "d65a1d4ddae7d8b5de68153b48f6aa3bba8cb002b243dbdbc55a5afbc98f99f4"
 dependencies = [
 "once_cell",
 "protobuf-support",
@@ -1491,13 +1594,13 @@ dependencies = [

 [[package]]
 name = "protobuf-codegen"
-version = "3.7.1"
+version = "3.7.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e26b833f144769a30e04b1db0146b2aaa53fd2fd83acf10a6b5f996606c18144"
+checksum = "5d3976825c0014bbd2f3b34f0001876604fe87e0c86cd8fa54251530f1544ace"
 dependencies = [
 "anyhow",
 "once_cell",
- "protobuf 3.7.1",
+ "protobuf 3.7.2",
 "protobuf-parse",
 "regex",
 "tempfile",
@@ -1506,14 +1609,14 @@ dependencies = [

 [[package]]
 name = "protobuf-parse"
-version = "3.7.1"
+version = "3.7.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "322330e133eab455718444b4e033ebfac7c6528972c784fcde28d2cc783c6257"
+checksum = "b4aeaa1f2460f1d348eeaeed86aea999ce98c1bded6f089ff8514c9d9dbdc973"
 dependencies = [
 "anyhow",
 "indexmap 2.9.0",
 "log",
- "protobuf 3.7.1",
+ "protobuf 3.7.2",
 "protobuf-support",
 "tempfile",
 "thiserror",
@@ -1522,9 +1625,9 @@ dependencies = [

 [[package]]
 name = "protobuf-support"
-version = "3.7.1"
+version = "3.7.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b088fd20b938a875ea00843b6faf48579462630015c3788d397ad6a786663252"
+checksum = "3e36c2f31e0a47f9280fb347ef5e461ffcd2c52dd520d8e216b52f93b0b0d7d6"
 dependencies = [
 "thiserror",
 ]
@@ -1535,7 +1638,7 @@ version = "0.1.0"
 dependencies = [
 "async-trait",
 "oci-spec",
- "protobuf 3.7.1",
+ "protobuf 3.7.2",
 "serde",
 "serde_json",
 "ttrpc",
@@ -1859,6 +1962,17 @@ dependencies = [
 "syn 1.0.91",
 ]

+[[package]]
+name = "sha2"
+version = "0.10.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "793db75ad2bcafc3ffa7c68b215fee268f537982cd901d132f89c6343f3a3dc8"
+dependencies = [
+ "cfg-if",
+ "cpufeatures",
+ "digest",
+]
+
 [[package]]
 name = "shim-interface"
 version = "0.1.0"
@@ -2269,8 +2383,8 @@ dependencies = [
 "libc",
 "log",
 "nix 0.26.4",
- "protobuf 3.7.1",
- "protobuf-codegen 3.7.1",
+ "protobuf 3.7.2",
+ "protobuf-codegen 3.7.2",
 "thiserror",
 "tokio",
 "tokio-vsock",
@@ -2285,7 +2399,7 @@ checksum = "cdc0529f65223eca94fc5830e7d552d0d152ff42b74aff5c641edac39592f41f"
 dependencies = [
 "home",
 "protobuf 2.27.1",
- "protobuf-codegen 3.7.1",
+ "protobuf-codegen 3.7.2",
 "protobuf-support",
 "ttrpc-compiler",
 ]
@@ -2306,6 +2420,12 @@ dependencies = [
 "tempfile",
 ]

+[[package]]
+name = "typenum"
+version = "1.18.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1dccffe3ce07af9386bfd29e80c0ab1a8205a2fc34e4bcd40364df902cfa8f3f"
+
 [[package]]
 name = "unicode-ident"
 version = "1.0.12"
@@ -2336,6 +2456,12 @@ version = "1.6.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "5e395fcf16a7a3d8127ec99782007af141946b4795001f876d54fb0d55978560"

+[[package]]
+name = "vcpkg"
+version = "0.2.15"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426"
+
 [[package]]
 name = "version_check"
 version = "0.9.4"
--- a/src/libs/kata-sys-util/src/protection.rs
+++ b/src/libs/kata-sys-util/src/protection.rs
@@ -225,7 +225,7 @@ mod tests {

        let actual = arch_guest_protection("/xyz/tmp", path.to_str().unwrap());
        assert!(actual.is_ok());
-        assert_eq!(actual.unwrap(), GuestProtection::Snp);
+        assert!(matches!(actual.unwrap(), GuestProtection::Snp(_)));

        writeln!(snp_file, "N").unwrap();
        let actual = arch_guest_protection("/xyz/tmp", path.to_str().unwrap());
@@ -244,7 +244,7 @@ mod tests {

        let actual = arch_guest_protection(sev_path.to_str().unwrap(), "/xyz/tmp");
        assert!(actual.is_ok());
-        assert_eq!(actual.unwrap(), GuestProtection::Sev);
+        assert!(matches!(actual.unwrap(), GuestProtection::Sev(_)));

        writeln!(sev_file, "N").unwrap();
        let actual = arch_guest_protection(sev_path.to_str().unwrap(), "/xyz/tmp");
--- a/src/libs/kata-types/Cargo.toml
+++ b/src/libs/kata-types/Cargo.toml
@@ -27,6 +27,9 @@ thiserror = "1.0"
 toml = "0.5.8"
 serde-enum-str = "0.4"
 sysinfo = "0.34.2"
+sha2 = "0.10.8"
+flate2 = { version = "1.0", features = ["zlib"] }
+hex = "0.4"

 oci-spec = { version = "0.6.8", features = ["runtime"] }
 safe-path = { path = "../safe-path" }
--- a/src/libs/kata-types/src/annotations/mod.rs
+++ b/src/libs/kata-types/src/annotations/mod.rs
@@ -15,6 +15,7 @@ use serde::Deserialize;
 use crate::config::hypervisor::{get_hypervisor_plugin, HugePageType};

 use crate::config::TomlConfig;
+use crate::initdata::add_hypervisor_initdata_overrides;
 use crate::sl;

 use self::cri_containerd::{SANDBOX_CPU_PERIOD_KEY, SANDBOX_CPU_QUOTA_KEY, SANDBOX_MEM_KEY};
@@ -271,6 +272,17 @@ pub const KATA_ANNO_CFG_HYPERVISOR_VIRTIO_FS_EXTRA_ARGS: &str =
    "io.katacontainers.config.hypervisor.virtio_fs_extra_args";
 /// A sandbox annotation to specify as the msize for 9p shares.
 pub const KATA_ANNO_CFG_HYPERVISOR_MSIZE_9P: &str = "io.katacontainers.config.hypervisor.msize_9p";
+/// The initdata annotation passed in when CVM launchs
+pub const KATA_ANNO_CFG_HYPERVISOR_INIT_DATA: &str =
+    "io.katacontainers.config.hypervisor.cc_init_data";
+
+/// GPU specific annotations for remote hypervisor to help with instance selection
+/// It's for minimum number of GPUs required for the VM.
+pub const KATA_ANNO_CFG_HYPERVISOR_DEFAULT_GPUS: &str =
+    "io.katacontainers.config.hypervisor.default_gpus";
+/// It's for the GPU model(tesla, h100, a100, radeon etc.) required for the VM.
+pub const KATA_ANNO_CFG_HYPERVISOR_DEFAULT_GPU_MODEL: &str =
+    "io.katacontainers.config.hypervisor.default_gpu_model";

 // Runtime related annotations
 /// Prefix for Runtime configurations.
@@ -303,6 +315,9 @@ pub const KATA_ANNO_CFG_DISABLE_NEW_NETNS: &str =
 pub const KATA_ANNO_CFG_VFIO_MODE: &str = "io.katacontainers.config.runtime.vfio_mode";
 /// An annotation to declare shared mount points, which is a set of mount points that directly share mounted objects between containers.
 pub const KATA_ANNO_CFG_SHARED_MOUNTS: &str = "io.katacontainers.config.runtime.shared_mounts";
+/// An annotation to set timeout value in second when do create container
+pub const KATA_ANNO_CFG_RUNTIME_CREATE_CONTAINTER_TIMEOUT: &str =
+    "io.katacontainers.config.runtime.create_container_timeout";

 /// A sandbox annotation used to specify prefetch_files.list host path container image
 /// being used,
@@ -880,6 +895,21 @@ impl Annotation {
                        hv.security_info.validate_path(value)?;
                        hv.security_info.guest_hook_path = value.to_string();
                    }
+                    KATA_ANNO_CFG_HYPERVISOR_INIT_DATA => {
+                        hv.security_info.initdata =
+                            add_hypervisor_initdata_overrides(value).unwrap();
+                    }
+                    KATA_ANNO_CFG_HYPERVISOR_DEFAULT_GPUS => match self.get_value::<u32>(key) {
+                        Ok(r) => {
+                            hv.remote_info.default_gpus = r.unwrap_or_default();
+                        }
+                        Err(_e) => {
+                            return Err(u32_err);
+                        }
+                    },
+                    KATA_ANNO_CFG_HYPERVISOR_DEFAULT_GPU_MODEL => {
+                        hv.remote_info.default_gpu_model = value.to_string();
+                    }
                    KATA_ANNO_CFG_HYPERVISOR_ENABLE_ROOTLESS_HYPERVISOR => {
                        match self.get_value::<bool>(key) {
                            Ok(r) => {
@@ -962,6 +992,14 @@ impl Annotation {
                            return Err(u32_err);
                        }
                    },
+                    KATA_ANNO_CFG_RUNTIME_CREATE_CONTAINTER_TIMEOUT => match self.get_value::<u32>(key) {
+                        Ok(v) => {
+                            ag.request_timeout_ms = v.unwrap_or_default() * 1000;
+                        }
+                        Err(_e) => {
+                            return Err(u32_err);
+                        }
+                    },
                    // update runtime config
                    KATA_ANNO_CFG_RUNTIME_NAME => {
                        let runtime = vec!["virt-container", "linux-container", "wasm-container"];
--- a/src/libs/kata-types/src/config/agent.rs
+++ b/src/libs/kata-types/src/config/agent.rs
@@ -112,7 +112,10 @@ pub struct Agent {
    pub reconnect_timeout_ms: u32,

    /// Agent request timeout value in millisecond
-    #[serde(default = "default_request_timeout")]
+    /// This timeout value is used to set the maximum duration for the agent to process a CreateContainerRequest.
+    /// It's also used to ensure that workloads, especially those involving large image pulls within the guest,
+    /// have sufficient time to complete.
+    #[serde(default = "default_request_timeout", rename = "create_container_timeout")]
    pub request_timeout_ms: u32,

    /// Agent health check request timeout value in millisecond
--- a/src/libs/kata-types/src/config/hypervisor/mod.rs
+++ b/src/libs/kata-types/src/config/hypervisor/mod.rs
@@ -885,6 +885,12 @@ pub struct SecurityInfo {
    #[serde(default)]
    pub guest_hook_path: String,

+    /// Initdata is dynamic configuration (like policies, configs, and identity files) with encoded format that users inject
+    /// into the TEE Guest upon CVM launch. And it's implemented based on the `InitData Specification`:
+    /// https://github.com/confidential-containers/trustee/blob/61c1dc60ee1f926c2eb95d69666c2430c3fea808/kbs/docs/initdata.md
+    #[serde(default)]
+    pub initdata: String,
+
    /// List of valid annotation names for the hypervisor.
    ///
    /// Each member of the list is a regular expression, which is the base name of the annotation,
@@ -1104,6 +1110,14 @@ pub struct RemoteInfo {
    /// Remote hyperisor timeout of creating (in seconds)
    #[serde(default)]
    pub hypervisor_timeout: i32,
+
+    /// GPU specific annotations (currently only applicable for Remote Hypervisor)
+    /// default_gpus specifies the number of GPUs required for the Kata VM
+    #[serde(default)]
+    pub default_gpus: u32,
+    /// default_gpu_model specifies GPU model like tesla, h100, a100, readeon etc.
+    #[serde(default)]
+    pub default_gpu_model: String,
 }

 /// Common configuration information for hypervisors.
--- a/src/libs/kata-types/src/initdata.rs
+++ b/src/libs/kata-types/src/initdata.rs
@@ -0,0 +1,351 @@
+// Copyright (c) 2025 Ant Group
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+use anyhow::{anyhow, Context, Result};
+use flate2::read::GzDecoder;
+use serde::{Deserialize, Serialize};
+use sha2::{Digest, Sha256, Sha384, Sha512};
+use std::{collections::HashMap, io::Read};
+
+/// Currently, initdata only supports version 0.1.0.
+const INITDATA_VERSION: &str = "0.1.0";
+/// supported algorithms list
+const SUPPORTED_ALGORITHMS: [&str; 3] = ["sha256", "sha384", "sha512"];
+
+/// TEE platform type
+#[derive(Debug, Default, Clone, Copy)]
+pub enum ProtectedPlatform {
+    /// Tdx platform for Intel TDX
+    Tdx,
+    /// Snp platform for AMD SEV-SNP
+    Snp,
+    /// Cca platform for ARM CCA
+    Cca,
+    /// Default with no protection
+    #[default]
+    NoProtection,
+}
+
+#[allow(clippy::doc_lazy_continuation)]
+/// <https://github.com/confidential-containers/trustee/blob/47d7a2338e0be76308ac19be5c0c172c592780aa/kbs/docs/initdata.md>
+/// The Initdata specification defines the key data structures and algorithms for injecting any well-defined data
+/// from an untrusted host into a TEE (Trusted Execution Environment). To guarantee the integrity of the data,
+/// either the hostdata capability of TEE evidence or the (v)TPM dynamic measurement capability will be utilized.
+/// And its format looks like as below:
+/// ```toml
+/// algorithm = "sha384"
+/// version = "0.1.0"
+///
+/// [data]
+/// key1 = "value1"
+/// key2 = "value2"
+///```
+#[derive(Debug, Clone, Serialize, Deserialize)]
+#[serde(rename_all = "snake_case")]
+pub struct InitData {
+    /// version of InitData Spec
+    version: String,
+    /// algorithm: sha256, sha512, sha384
+    algorithm: String,
+    /// data for specific "key:value"
+    data: HashMap<String, String>,
+}
+
+impl InitData {
+    /// new InitData
+    pub fn new(algorithm: impl Into<String>, version: impl Into<String>) -> Self {
+        Self {
+            version: version.into(),
+            algorithm: algorithm.into(),
+            data: HashMap::new(),
+        }
+    }
+
+    /// get coco data
+    pub fn get_coco_data(&self, key: &str) -> Option<&String> {
+        self.data.get(key)
+    }
+
+    /// insert data items
+    pub fn insert_data(&mut self, key: impl Into<String>, value: impl Into<String>) {
+        self.data.insert(key.into(), value.into());
+    }
+
+    /// get algorithm
+    pub fn algorithm(&self) -> &str {
+        &self.algorithm
+    }
+
+    /// get version
+    pub fn version(&self) -> &str {
+        &self.version
+    }
+
+    /// get data
+    pub fn data(&self) -> &HashMap<String, String> {
+        &self.data
+    }
+
+    /// serialize it to Vec<u8>
+    pub fn to_vec(&self) -> Result<Vec<u8>> {
+        Ok(toml::to_vec(&self)?)
+    }
+
+    /// serialize config to TOML string
+    pub fn to_string(&self) -> Result<String> {
+        Ok(toml::to_string_pretty(self)?)
+    }
+
+    /// Validate InitData
+    pub fn validate(&self) -> Result<()> {
+        // Currently, it only supports 0.1.0
+        if self.version != INITDATA_VERSION {
+            return Err(anyhow!(
+                "unsupported version: {}, expected: {}",
+                self.version,
+                INITDATA_VERSION
+            ));
+        }
+
+        if !SUPPORTED_ALGORITHMS
+            .iter()
+            .any(|&alg| alg == self.algorithm)
+        {
+            return Err(anyhow!(
+                "unsupported algorithm: {}, supported algorithms: {}",
+                self.algorithm,
+                SUPPORTED_ALGORITHMS.join(", ")
+            ));
+        }
+
+        Ok(())
+    }
+}
+
+/// calculate initdata digest
+fn calculate_digest(algorithm: &str, data: &str) -> Result<Vec<u8>> {
+    let digest = match algorithm {
+        "sha256" => {
+            let mut hasher = Sha256::new();
+            hasher.update(&data);
+            hasher.finalize().to_vec()
+        }
+        "sha384" => {
+            let mut hasher = Sha384::new();
+            hasher.update(&data);
+            hasher.finalize().to_vec()
+        }
+        "sha512" => {
+            let mut hasher = Sha512::new();
+            hasher.update(&data);
+            hasher.finalize().to_vec()
+        }
+        _ => return Err(anyhow!("unsupported Hash algorithm: {}", algorithm).into()),
+    };
+
+    Ok(digest)
+}
+
+/// Handle digest for different TEE platform
+fn adjust_digest(digest: &[u8], platform: ProtectedPlatform) -> Vec<u8> {
+    let required_len = match platform {
+        ProtectedPlatform::Tdx => 48,
+        ProtectedPlatform::Snp => 32,
+        ProtectedPlatform::Cca => 64,
+        ProtectedPlatform::NoProtection => digest.len(),
+    };
+
+    let mut adjusted = Vec::with_capacity(required_len);
+
+    if digest.len() >= required_len {
+        adjusted.extend_from_slice(&digest[..required_len]);
+    } else {
+        adjusted.extend_from_slice(digest);
+        adjusted.resize(required_len, 0u8); // padding with zero
+    }
+
+    // Vec<u8>
+    adjusted
+}
+
+/// Parse initdata
+fn parse_initdata(initdata_str: &str) -> Result<InitData> {
+    let initdata: InitData = toml::from_str(&initdata_str)?;
+    initdata.validate()?;
+
+    Ok(initdata)
+}
+
+/// calculate initdata digest
+/// 1. Parse InitData
+/// 2. Calculate Digest
+/// 3. Adjust Digest with Platform
+/// 4. Encode digest with base64/Standard
+pub fn calculate_initdata_digest(
+    initdata_toml: &str,
+    platform: ProtectedPlatform,
+) -> Result<String> {
+    // 1. Parse InitData
+    let initdata: InitData = parse_initdata(initdata_toml).context("parse initdata")?;
+    let algorithm: &str = &initdata.algorithm;
+
+    // 2. Calculate Digest
+    let digest = calculate_digest(algorithm, &initdata_toml).context("calculate digest")?;
+
+    // 3. Adjust Digest with Platform
+    let digest_platform = adjust_digest(&digest, platform);
+
+    // 4. Encode digest with base64/Standard
+    let b64encoded_digest = base64::encode_config(digest_platform, base64::STANDARD);
+
+    Ok(b64encoded_digest)
+}
+
+/// The argument `initda_annotation` is a Standard base64 encoded string containing a TOML formatted content.
+/// This function decodes the base64 string, parses the TOML content into an InitData structure.
+pub fn add_hypervisor_initdata_overrides(initda_annotation: &str) -> Result<String> {
+    // Base64 decode the annotation value
+    let b64_decoded =
+        base64::decode_config(initda_annotation, base64::STANDARD).context("base64 decode")?;
+
+    // Gzip decompress the decoded data
+    let mut gz_decoder = GzDecoder::new(&b64_decoded[..]);
+    let mut initdata_str = String::new();
+    gz_decoder
+        .read_to_string(&mut initdata_str)
+        .context("gz decoder failed")?;
+
+    // Parse the initdata
+    let initdata: InitData = parse_initdata(&initdata_str).context("parse initdata overrides")?;
+
+    // initdata within a TOML string
+    initdata.to_string()
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use flate2::write::GzEncoder;
+    use flate2::Compression;
+    use std::io::Write;
+
+    /// Test InitData creation and serialization
+    #[test]
+    fn test_init_data() {
+        let mut init_data = InitData::new("sha384", "0.1.0");
+        init_data.insert_data("initdata_key", "initdata_value");
+
+        // Verify data insertion
+        assert_eq!(
+            init_data.data().get("initdata_key").unwrap(),
+            "initdata_value"
+        );
+        assert_eq!(init_data.version(), "0.1.0");
+        assert_eq!(init_data.algorithm(), "sha384");
+
+        // Test TOML serialization
+        let toml_str = init_data.to_string().unwrap();
+        assert!(toml_str.contains("initdata_key = 'initdata_value'\n"));
+        assert!(toml_str.starts_with("version = '0.1.0'"));
+    }
+
+    /// Test calculate_digest with different algorithms
+    #[test]
+    fn test_calculate_digest() {
+        let data = "test_data";
+
+        // Test SHA256
+        let sha256 = calculate_digest("sha256", data).unwrap();
+        assert_eq!(sha256.len(), 32);
+
+        // Test SHA384
+        let sha384 = calculate_digest("sha384", data).unwrap();
+        assert_eq!(sha384.len(), 48);
+
+        // Test SHA512
+        let sha512 = calculate_digest("sha512", data).unwrap();
+        assert_eq!(sha512.len(), 64);
+
+        // Test invalid algorithm
+        assert!(calculate_digest("md5", data).is_err());
+    }
+
+    /// Test digest adjustment for different platforms
+    #[test]
+    fn test_adjust_digest() {
+        let sample_digest = vec![0xAA; 64]; // 64-byte digest
+
+        // Test TDX platform (requires 48 bytes)
+        let tdx_result = adjust_digest(&sample_digest, ProtectedPlatform::Tdx);
+        assert_eq!(tdx_result.len(), 48);
+        assert_eq!(&tdx_result[..48], &sample_digest[..48]);
+
+        // Test SNP platform (requires 32 bytes)
+        let snp_result = adjust_digest(&sample_digest, ProtectedPlatform::Snp);
+        assert_eq!(snp_result.len(), 32);
+
+        // Test short digest with CCA platform (requires 64 bytes)
+        let short_digest = vec![0xBB; 32];
+        let cca_result = adjust_digest(&short_digest, ProtectedPlatform::Cca);
+        assert_eq!(cca_result.len(), 64);
+        assert_eq!(&cca_result[..32], &short_digest[..]);
+        assert_eq!(&cca_result[32..], vec![0u8; 32]);
+    }
+
+    /// Test hypervisor initdata processing with compression
+    #[test]
+    fn test_hypervisor_initdata_processing() {
+        // Create test initdata
+        let mut init_data = InitData::new("sha512", "0.1.0");
+        init_data.insert_data("hypervisor_key", "config_value");
+
+        // Create compressed annotation
+        let mut encoder = GzEncoder::new(Vec::new(), Compression::default());
+        encoder
+            .write_all(init_data.to_string().unwrap().as_bytes())
+            .unwrap();
+        let compressed = encoder.finish().unwrap();
+        let b64_annotation = base64::encode(compressed);
+
+        // Test processing
+        let result = add_hypervisor_initdata_overrides(&b64_annotation).unwrap();
+        assert!(result.contains("hypervisor_key = 'config_value'\n"));
+        assert!(result.contains("algorithm = 'sha512'\n"));
+    }
+
+    /// Test input validation
+    #[test]
+    fn test_initdata_validation() {
+        // Valid TOML
+        let valid_toml = r#"
+            version = "0.1.0"
+            algorithm = "sha384"
+            
+            [data]
+            valid_key = "valid_value"
+        "#;
+        assert!(parse_initdata(valid_toml).is_ok());
+
+        // Invalid TOML (missing version)
+        let invalid_toml = r#"
+            algorithm = "sha256"
+            
+            [data]
+            key = "value"
+        "#;
+        assert!(parse_initdata(invalid_toml).is_err());
+    }
+
+    /// Test error handling for malformed inputs
+    #[test]
+    fn test_error_handling() {
+        // Invalid base64
+        assert!(add_hypervisor_initdata_overrides("invalid_base64!!").is_err());
+
+        // Invalid compression format
+        let invalid_data = base64::encode("raw uncompressed data");
+        assert!(add_hypervisor_initdata_overrides(&invalid_data).is_err());
+    }
+}
--- a/src/libs/kata-types/src/lib.rs
+++ b/src/libs/kata-types/src/lib.rs
@@ -40,6 +40,10 @@ pub(crate) mod utils;
 /// hypervisor capabilities
 pub mod capabilities;

+/// The Initdata specification defines the key data structures and algorithms for injecting
+/// any well-defined data from an untrusted host into a TEE (Trusted Execution Environment).
+pub mod initdata;
+
 /// Common error codes.
 #[derive(thiserror::Error, Debug)]
 pub enum Error {
--- a/src/libs/protocols/Cargo.toml
+++ b/src/libs/protocols/Cargo.toml
@@ -13,11 +13,11 @@ async = ["ttrpc/async", "async-trait"]
 [dependencies]
 ttrpc = "0.8.4"
 async-trait = { version = "0.1.42", optional = true }
-protobuf = { version = "=3.7.1" }
+protobuf = { version = "3.7.2" }
 serde = { version = "1.0.130", features = ["derive"] }
 serde_json = "1.0.68"
 oci-spec = { version = "0.6.8", features = ["runtime"] }

 [build-dependencies]
 ttrpc-codegen = "0.5.0"
-protobuf = { version = "=3.7.1" }
+protobuf = { version = "3.7.2" }
--- a/src/mem-agent/example/Cargo.lock
+++ b/src/mem-agent/example/Cargo.lock
@@ -1,6 +1,6 @@
 # This file is automatically @generated by Cargo.
 # It is not intended for manual editing.
-version = 3
+version = 4

 [[package]]
 name = "addr2line"
@@ -285,6 +285,12 @@ version = "1.10.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "11157ac094ffbdde99aa67b23417ebdd801842852b500e395a45a9c0aac03e4a"

+[[package]]
+name = "equivalent"
+version = "1.0.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "877a4ace8713b0bcf2a4e7eec82529c029f1d0619886d18145fea96c3ffe5c0f"
+
 [[package]]
 name = "errno"
 version = "0.3.8"
@@ -419,6 +425,12 @@ version = "0.12.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888"

+[[package]]
+name = "hashbrown"
+version = "0.15.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5971ac85611da7067dbfcabef3c70ebb5606018acd9e2a3903a0da507521e0d5"
+
 [[package]]
 name = "heck"
 version = "0.3.3"
@@ -482,7 +494,17 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "bd070e393353796e801d209ad339e89596eb4c8d430d18ede6a1cced8fafbd99"
 dependencies = [
 "autocfg",
- "hashbrown",
+ "hashbrown 0.12.3",
+]
+
+[[package]]
+name = "indexmap"
+version = "2.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cea70ddb795996207ad57735b50c5982d8844f38ba9ee5f1aedcfb708a2aa11e"
+dependencies = [
+ "equivalent",
+ "hashbrown 0.15.4",
 ]

 [[package]]
@@ -599,7 +621,7 @@ dependencies = [
 "maplit",
 "mem-agent",
 "page_size",
- "protobuf 3.4.0",
+ "protobuf 3.7.2",
 "slog",
 "slog-async",
 "slog-scope",
@@ -768,7 +790,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "467d164a6de56270bd7c4d070df81d07beace25012d5103ced4e9ff08d6afdb7"
 dependencies = [
 "fixedbitset",
- "indexmap",
+ "indexmap 1.9.3",
 ]

 [[package]]
@@ -881,9 +903,9 @@ checksum = "106dd99e98437432fed6519dedecfade6a06a73bb7b2a1e019fdd2bee5778d94"

 [[package]]
 name = "protobuf"
-version = "3.4.0"
+version = "3.7.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "58678a64de2fced2bdec6bca052a6716a0efe692d6e3f53d1bda6a1def64cfc0"
+checksum = "d65a1d4ddae7d8b5de68153b48f6aa3bba8cb002b243dbdbc55a5afbc98f99f4"
 dependencies = [
 "once_cell",
 "protobuf-support",
@@ -901,13 +923,13 @@ dependencies = [

 [[package]]
 name = "protobuf-codegen"
-version = "3.4.0"
+version = "3.7.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "32777b0b3f6538d9d2e012b3fad85c7e4b9244b5958d04a6415f4333782b7a77"
+checksum = "5d3976825c0014bbd2f3b34f0001876604fe87e0c86cd8fa54251530f1544ace"
 dependencies = [
 "anyhow",
 "once_cell",
- "protobuf 3.4.0",
+ "protobuf 3.7.2",
 "protobuf-parse",
 "regex",
 "tempfile",
@@ -916,14 +938,14 @@ dependencies = [

 [[package]]
 name = "protobuf-parse"
-version = "3.4.0"
+version = "3.7.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "96cb37955261126624a25b5e6bda40ae34cf3989d52a783087ca6091b29b5642"
+checksum = "b4aeaa1f2460f1d348eeaeed86aea999ce98c1bded6f089ff8514c9d9dbdc973"
 dependencies = [
 "anyhow",
- "indexmap",
+ "indexmap 2.9.0",
 "log",
- "protobuf 3.4.0",
+ "protobuf 3.7.2",
 "protobuf-support",
 "tempfile",
 "thiserror",
@@ -932,9 +954,9 @@ dependencies = [

 [[package]]
 name = "protobuf-support"
-version = "3.4.0"
+version = "3.7.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e1ed294a835b0f30810e13616b1cd34943c6d1e84a8f3b0dcfe466d256c3e7e7"
+checksum = "3e36c2f31e0a47f9280fb347ef5e461ffcd2c52dd520d8e216b52f93b0b0d7d6"
 dependencies = [
 "thiserror",
 ]
@@ -1330,8 +1352,8 @@ dependencies = [
 "libc",
 "log",
 "nix 0.26.4",
- "protobuf 3.4.0",
- "protobuf-codegen 3.4.0",
+ "protobuf 3.7.2",
+ "protobuf-codegen 3.7.2",
 "thiserror",
 "tokio",
 "tokio-vsock",
@@ -1345,7 +1367,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "94d7f7631d7a9ebed715a47cd4cb6072cbc7ae1d4ec01598971bbec0024340c2"
 dependencies = [
 "protobuf 2.28.0",
- "protobuf-codegen 3.4.0",
+ "protobuf-codegen 3.7.2",
 "protobuf-support",
 "ttrpc-compiler",
 ]
--- a/src/mem-agent/example/Cargo.toml
+++ b/src/mem-agent/example/Cargo.toml
@@ -18,7 +18,7 @@ ttrpc = { version = "0.8", features = ["async"] }
 tokio = { version = "1.44.2", features = ["full"] }
 async-trait = "0.1"
 byteorder = "1.5"
-protobuf = "3.1"
+protobuf = "3.7.2"
 lazy_static = "1.4"
 # Rust 1.68 doesn't support 0.5.9
 home = "=0.5.5"
--- a/src/runtime-rs/Cargo.lock
+++ b/src/runtime-rs/Cargo.lock
@@ -50,7 +50,7 @@ dependencies = [
 "logging",
 "nix 0.24.3",
 "oci-spec",
- "protobuf 3.7.1",
+ "protobuf 3.7.2",
 "protocols",
 "serde",
 "serde_json",
@@ -189,7 +189,7 @@ dependencies = [
 "log",
 "parking",
 "polling",
- "rustix 0.37.23",
+ "rustix 0.37.28",
 "slab",
 "socket2 0.4.9",
 "waker-fn",
@@ -585,7 +585,7 @@ dependencies = [
 "nix 0.24.3",
 "oci-spec",
 "persist",
- "protobuf 3.7.1",
+ "protobuf 3.7.2",
 "protocols",
 "resource",
 "runtime-spec",
@@ -657,7 +657,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "967dbd2804aceb398bd7d867410342d68b9d74c1fead823ad8353b3ab5f23eb7"
 dependencies = [
 "async-trait",
- "protobuf 3.7.1",
+ "protobuf 3.7.2",
 "ttrpc",
 "ttrpc-codegen 0.4.2",
 ]
@@ -1787,7 +1787,7 @@ dependencies = [
 "oci-spec",
 "path-clean",
 "persist",
- "protobuf 3.7.1",
+ "protobuf 3.7.2",
 "protocols",
 "qapi",
 "qapi-qmp",
@@ -2007,7 +2007,9 @@ dependencies = [
 "base64 0.13.1",
 "bitmask-enum",
 "byte-unit",
+ "flate2",
 "glob",
+ "hex",
 "lazy_static",
 "num_cpus",
 "oci-spec",
@@ -2016,6 +2018,7 @@ dependencies = [
 "serde",
 "serde-enum-str",
 "serde_json",
+ "sha2 0.10.9",
 "slog",
 "slog-scope",
 "sysinfo",
@@ -2596,7 +2599,7 @@ dependencies = [
 "openssl",
 "serde",
 "serde_json",
- "sha2 0.10.7",
+ "sha2 0.10.9",
 "tokio",
 "zstd",
 ]
@@ -3156,7 +3159,7 @@ dependencies = [
 "byteorder",
 "hex",
 "lazy_static",
- "rustix 0.36.15",
+ "rustix 0.36.17",
 ]

 [[package]]
@@ -3235,9 +3238,9 @@ checksum = "106dd99e98437432fed6519dedecfade6a06a73bb7b2a1e019fdd2bee5778d94"

 [[package]]
 name = "protobuf"
-version = "3.7.1"
+version = "3.7.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a3a7c64d9bf75b1b8d981124c14c179074e8caa7dfe7b6a12e6222ddcd0c8f72"
+checksum = "d65a1d4ddae7d8b5de68153b48f6aa3bba8cb002b243dbdbc55a5afbc98f99f4"
 dependencies = [
 "once_cell",
 "protobuf-support",
@@ -3255,13 +3258,13 @@ dependencies = [

 [[package]]
 name = "protobuf-codegen"
-version = "3.7.1"
+version = "3.7.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e26b833f144769a30e04b1db0146b2aaa53fd2fd83acf10a6b5f996606c18144"
+checksum = "5d3976825c0014bbd2f3b34f0001876604fe87e0c86cd8fa54251530f1544ace"
 dependencies = [
 "anyhow",
 "once_cell",
- "protobuf 3.7.1",
+ "protobuf 3.7.2",
 "protobuf-parse",
 "regex",
 "tempfile",
@@ -3270,14 +3273,14 @@ dependencies = [

 [[package]]
 name = "protobuf-parse"
-version = "3.7.1"
+version = "3.7.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "322330e133eab455718444b4e033ebfac7c6528972c784fcde28d2cc783c6257"
+checksum = "b4aeaa1f2460f1d348eeaeed86aea999ce98c1bded6f089ff8514c9d9dbdc973"
 dependencies = [
 "anyhow",
 "indexmap 2.8.0",
 "log",
- "protobuf 3.7.1",
+ "protobuf 3.7.2",
 "protobuf-support",
 "tempfile",
 "thiserror 1.0.69",
@@ -3286,9 +3289,9 @@ dependencies = [

 [[package]]
 name = "protobuf-support"
-version = "3.7.1"
+version = "3.7.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b088fd20b938a875ea00843b6faf48579462630015c3788d397ad6a786663252"
+checksum = "3e36c2f31e0a47f9280fb347ef5e461ffcd2c52dd520d8e216b52f93b0b0d7d6"
 dependencies = [
 "thiserror 1.0.69",
 ]
@@ -3299,7 +3302,7 @@ version = "0.1.0"
 dependencies = [
 "async-trait",
 "oci-spec",
- "protobuf 3.7.1",
+ "protobuf 3.7.2",
 "serde",
 "serde_json",
 "ttrpc",
@@ -3607,6 +3610,7 @@ dependencies = [
 "bitflags 2.9.0",
 "byte-unit",
 "cgroups-rs 0.3.5",
+ "flate2",
 "futures 0.3.28",
 "hypervisor",
 "inotify",
@@ -3775,9 +3779,9 @@ checksum = "d626bb9dae77e28219937af045c257c28bfd3f69333c512553507f5f9798cb76"

 [[package]]
 name = "rustix"
-version = "0.36.15"
+version = "0.36.17"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c37f1bd5ef1b5422177b7646cba67430579cfe2ace80f284fee876bca52ad941"
+checksum = "305efbd14fde4139eb501df5f136994bb520b033fa9fbdce287507dc23b8c7ed"
 dependencies = [
 "bitflags 1.3.2",
 "errno",
@@ -3789,9 +3793,9 @@ dependencies = [

 [[package]]
 name = "rustix"
-version = "0.37.23"
+version = "0.37.28"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4d69718bf81c6127a49dc64e44a742e8bb9213c0ff8869a22c308f84c1d4ab06"
+checksum = "519165d378b97752ca44bbe15047d5d3409e875f39327546b42ac81d7e18c1b6"
 dependencies = [
 "bitflags 1.3.2",
 "errno",
@@ -4081,9 +4085,9 @@ dependencies = [

 [[package]]
 name = "sha2"
-version = "0.10.7"
+version = "0.10.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "479fb9d862239e610720565ca91403019f2f00410f1864c5aa7479b950a76ed8"
+checksum = "a7507d819769d01a365ab707794a4084392c824f54a7a6a7862f8c3d0892b283"
 dependencies = [
 "cfg-if 1.0.0",
 "cpufeatures",
@@ -4114,7 +4118,7 @@ dependencies = [
 "logging",
 "nix 0.24.3",
 "oci-spec",
- "protobuf 3.7.1",
+ "protobuf 3.7.2",
 "rand 0.8.5",
 "runtime-spec",
 "runtimes",
@@ -4612,7 +4616,7 @@ version = "1.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "3d3fd47d83ad0b5c7be2e8db0b9d712901ef6ce5afbcc6f676761004f5104ea2"
 dependencies = [
- "rustix 0.37.23",
+ "rustix 0.37.28",
 ]

 [[package]]
@@ -4839,8 +4843,8 @@ dependencies = [
 "libc",
 "log",
 "nix 0.26.2",
- "protobuf 3.7.1",
- "protobuf-codegen 3.7.1",
+ "protobuf 3.7.2",
+ "protobuf-codegen 3.7.2",
 "thiserror 1.0.69",
 "tokio",
 "tokio-vsock",
@@ -4854,7 +4858,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "94d7f7631d7a9ebed715a47cd4cb6072cbc7ae1d4ec01598971bbec0024340c2"
 dependencies = [
 "protobuf 2.28.0",
- "protobuf-codegen 3.7.1",
+ "protobuf-codegen 3.7.2",
 "protobuf-support",
 "ttrpc-compiler 0.6.1",
 ]
@@ -4867,7 +4871,7 @@ checksum = "cdc0529f65223eca94fc5830e7d552d0d152ff42b74aff5c641edac39592f41f"
 dependencies = [
 "home",
 "protobuf 2.28.0",
- "protobuf-codegen 3.7.1",
+ "protobuf-codegen 3.7.2",
 "protobuf-support",
 "ttrpc-compiler 0.7.0",
 ]
@@ -5057,7 +5061,7 @@ dependencies = [
 "nix 0.24.3",
 "oci-spec",
 "persist",
- "protobuf 3.7.1",
+ "protobuf 3.7.2",
 "resource",
 "runtime-spec",
 "sendfd",
--- a/src/runtime-rs/Cargo.toml
+++ b/src/runtime-rs/Cargo.toml
@@ -60,7 +60,7 @@ log = "0.4.14"
 netns-rs = "0.1.0"
 nix = "0.24.2"
 oci-spec = { version = "0.6.8", features = ["runtime"] }
-protobuf = "=3.7.1"
+protobuf = "3.7.2"
 rand = "0.8.4"
 serde = { version = "1.0.145", features = ["derive"] }
 serde_json = "1.0.91"
--- a/src/runtime-rs/Makefile
+++ b/src/runtime-rs/Makefile
@@ -182,6 +182,10 @@ DEFBINDMOUNTS := []
 DEFDANCONF := /run/kata-containers/dans
 DEFFORCEGUESTPULL := false
 QEMUTDXQUOTEGENERATIONSERVICESOCKETPORT := 4050
+
+# Create Container Timeout in seconds
+DEFCREATECONTAINERTIMEOUT ?= 30
+
 SED = sed
 CLI_DIR = cmd
 SHIMV2 = containerd-shim-kata-v2
@@ -221,7 +225,7 @@ ifneq (,$(DBCMD))
    CONFIGS += $(CONFIG_DB)
    # dragonball-specific options (all should be suffixed by "_DB")
    VMROOTFSDRIVER_DB := virtio-blk-pci
-    DEFMAXVCPUS_DB := 1
+    DEFMAXVCPUS_DB := 0
    DEFBLOCKSTORAGEDRIVER_DB := virtio-blk-mmio
    DEFNETWORKMODEL_DB := tcfilter
    KERNELPARAMS_DB = console=ttyS1 agent.log_vport=1025
@@ -512,6 +516,7 @@ USER_VARS += KATA_INSTALL_CFG_PERMS
 USER_VARS += DEFDANCONF
 USER_VARS += DEFFORCEGUESTPULL
 USER_VARS += QEMUTDXQUOTEGENERATIONSERVICESOCKETPORT
+USER_VARS += DEFCREATECONTAINERTIMEOUT

 SOURCES := \
  $(shell find . 2>&1 | grep -E '.*\.rs$$') \
--- a/src/runtime-rs/config/configuration-cloud-hypervisor.toml.in
+++ b/src/runtime-rs/config/configuration-cloud-hypervisor.toml.in
@@ -376,6 +376,19 @@ container_pipe_size=@PIPESIZE@
 # Default to 18446744073709551615
 #compact_force_times = 18446744073709551615

+# Create Container Request Timeout
+# This timeout value is used to set the maximum duration for the agent to process a CreateContainerRequest.
+# It's also used to ensure that workloads, especially those involving large image pulls within the guest,
+# have sufficient time to complete.
+#
+# Effective Timeout Determination:
+# The effective timeout for a CreateContainerRequest is determined by taking the minimum of the following two values:
+# - create_container_timeout: The timeout value configured for creating containers (default: 30,000 milliseconds).
+# - runtime-request-timeout: The timeout value specified in the Kubelet configuration described as the link below:
+# (https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/#:~:text=runtime%2Drequest%2Dtimeout)
+# Defaults to @DEFCREATECONTAINERTIMEOUT@ second(s)
+# create_container_timeout = @DEFCREATECONTAINERTIMEOUT@
+
 [runtime]
 # If enabled, the runtime will log additional debug messages to the
 # system log
--- a/src/runtime-rs/config/configuration-dragonball.toml.in
+++ b/src/runtime-rs/config/configuration-dragonball.toml.in
@@ -285,6 +285,19 @@ container_pipe_size=@PIPESIZE@
 # (default: 3000)
 #reconnect_timeout_ms = 3000

+# Create Container Request Timeout
+# This timeout value is used to set the maximum duration for the agent to process a CreateContainerRequest.
+# It's also used to ensure that workloads, especially those involving large image pulls within the guest,
+# have sufficient time to complete.
+#
+# Effective Timeout Determination:
+# The effective timeout for a CreateContainerRequest is determined by taking the minimum of the following two values:
+# - create_container_timeout: The timeout value configured for creating containers (default: 30,000 milliseconds).
+# - runtime-request-timeout: The timeout value specified in the Kubelet configuration described as the link below:
+# (https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/#:~:text=runtime%2Drequest%2Dtimeout)
+# Defaults to @DEFCREATECONTAINERTIMEOUT@ second(s)
+# create_container_timeout = @DEFCREATECONTAINERTIMEOUT@
+
 [agent.@PROJECT_TYPE@.mem_agent]
 # Control the mem-agent function enable or disable.
 # Default to false
--- a/src/runtime-rs/config/configuration-qemu-runtime-rs.toml.in
+++ b/src/runtime-rs/config/configuration-qemu-runtime-rs.toml.in
@@ -694,6 +694,19 @@ kernel_modules=[]
 # Default to 18446744073709551615
 #compact_force_times = 18446744073709551615

+# Create Container Request Timeout
+# This timeout value is used to set the maximum duration for the agent to process a CreateContainerRequest.
+# It's also used to ensure that workloads, especially those involving large image pulls within the guest,
+# have sufficient time to complete.
+#
+# Effective Timeout Determination:
+# The effective timeout for a CreateContainerRequest is determined by taking the minimum of the following two values:
+# - create_container_timeout: The timeout value configured for creating containers (default: 30,000 milliseconds).
+# - runtime-request-timeout: The timeout value specified in the Kubelet configuration described as the link below:
+# (https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/#:~:text=runtime%2Drequest%2Dtimeout)
+# Defaults to @DEFCREATECONTAINERTIMEOUT@ second(s)
+# create_container_timeout = @DEFCREATECONTAINERTIMEOUT@
+
 [runtime]
 # If enabled, the runtime will log additional debug messages to the
 # system log
--- a/src/runtime-rs/config/configuration-qemu-se-runtime-rs.toml.in
+++ b/src/runtime-rs/config/configuration-qemu-se-runtime-rs.toml.in
@@ -546,6 +546,19 @@ dial_timeout_ms = 30
 # (default: 3000)
 #reconnect_timeout_ms = 3000

+# Create Container Request Timeout
+# This timeout value is used to set the maximum duration for the agent to process a CreateContainerRequest.
+# It's also used to ensure that workloads, especially those involving large image pulls within the guest,
+# have sufficient time to complete.
+#
+# Effective Timeout Determination:
+# The effective timeout for a CreateContainerRequest is determined by taking the minimum of the following two values:
+# - create_container_timeout: The timeout value configured for creating containers (default: 30,000 milliseconds).
+# - runtime-request-timeout: The timeout value specified in the Kubelet configuration described as the link below:
+# (https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/#:~:text=runtime%2Drequest%2Dtimeout)
+# Defaults to @DEFCREATECONTAINERTIMEOUT@ second(s)
+# create_container_timeout = @DEFCREATECONTAINERTIMEOUT@
+
 [runtime]
 # If enabled, the runtime will log additional debug messages to the
 # system log
--- a/src/runtime-rs/config/configuration-remote.toml.in
+++ b/src/runtime-rs/config/configuration-remote.toml.in
@@ -41,7 +41,7 @@ remote_hypervisor_timeout = 600
 # Each member of the list is a regular expression, which is the base name
 # of the annotation, e.g. "path" for io.katacontainers.config.hypervisor.path"
 # Note: Remote hypervisor is only handling the following annotations
-enable_annotations = ["machine_type", "default_memory", "default_vcpus"]
+enable_annotations = ["machine_type", "default_memory", "default_vcpus", "default_gpus", "default_gpu_model"]

 # Optional space-separated list of options to pass to the guest kernel.
 # For example, use `kernel_params = "vsyscall=emulate"` if you are having
@@ -171,6 +171,19 @@ disable_guest_selinux = true
 # (default: 30)
 #dial_timeout = 30

+# Create Container Request Timeout
+# This timeout value is used to set the maximum duration for the agent to process a CreateContainerRequest.
+# It's also used to ensure that workloads, especially those involving large image pulls within the guest,
+# have sufficient time to complete.
+#
+# Effective Timeout Determination:
+# The effective timeout for a CreateContainerRequest is determined by taking the minimum of the following two values:
+# - create_container_timeout: The timeout value configured for creating containers (default: 30,000 milliseconds).
+# - runtime-request-timeout: The timeout value specified in the Kubelet configuration described as the link below:
+# (https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/#:~:text=runtime%2Drequest%2Dtimeout)
+# Defaults to @DEFCREATECONTAINERTIMEOUT@ second(s)
+# create_container_timeout = @DEFCREATECONTAINERTIMEOUT@
+
 [runtime]
 # If enabled, the runtime will log additional debug messages to the
 # system log
--- a/src/runtime-rs/config/configuration-rs-fc.toml.in
+++ b/src/runtime-rs/config/configuration-rs-fc.toml.in
@@ -281,6 +281,19 @@ dial_timeout = 45
 # (default: 50)
 #cdh_api_timeout = 50

+# Create Container Request Timeout
+# This timeout value is used to set the maximum duration for the agent to process a CreateContainerRequest.
+# It's also used to ensure that workloads, especially those involving large image pulls within the guest,
+# have sufficient time to complete.
+#
+# Effective Timeout Determination:
+# The effective timeout for a CreateContainerRequest is determined by taking the minimum of the following two values:
+# - create_container_timeout: The timeout value configured for creating containers (default: 30,000 milliseconds).
+# - runtime-request-timeout: The timeout value specified in the Kubelet configuration described as the link below:
+# (https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/#:~:text=runtime%2Drequest%2Dtimeout)
+# Defaults to @DEFCREATECONTAINERTIMEOUT@ second(s)
+# create_container_timeout = @DEFCREATECONTAINERTIMEOUT@
+
 [runtime]
 # If enabled, the runtime will log additional debug messages to the
 # system log
--- a/src/runtime-rs/crates/hypervisor/ch-config/src/ch_api.rs
+++ b/src/runtime-rs/crates/hypervisor/ch-config/src/ch_api.rs
@@ -2,8 +2,10 @@
 //
 // SPDX-License-Identifier: Apache-2.0

-use crate::{DeviceConfig, DiskConfig, FsConfig, NetConfig, VmConfig, VsockConfig};
-use anyhow::{anyhow, Result};
+use crate::{
+    DeviceConfig, DiskConfig, FsConfig, NetConfig, VmConfig, VmInfo, VmResize, VsockConfig,
+};
+use anyhow::{anyhow, Context, Result};
 use api_client::simple_api_full_command_and_response;

 use serde::{Deserialize, Serialize};
@@ -190,3 +192,34 @@ pub async fn cloud_hypervisor_vm_vsock_add(
    })
    .await?
 }
+
+pub async fn cloud_hypervisor_vm_info(mut socket: UnixStream) -> Result<VmInfo> {
+    let vm_info = task::spawn_blocking(move || -> Result<Option<String>> {
+        let response = simple_api_full_command_and_response(&mut socket, "GET", "vm.info", None)
+            .map_err(|e| anyhow!(format!("failed to run get vminfo with err: {:?}", e)))?;
+
+        Ok(response)
+    })
+    .await??;
+
+    let vm_info = vm_info.ok_or(anyhow!("failed to get vminfo"))?;
+    serde_json::from_str(&vm_info).with_context(|| format!("failed to serde {}", vm_info))
+}
+
+pub async fn cloud_hypervisor_vm_resize(
+    mut socket: UnixStream,
+    vmresize: VmResize,
+) -> Result<Option<String>> {
+    task::spawn_blocking(move || -> Result<Option<String>> {
+        let response = simple_api_full_command_and_response(
+            &mut socket,
+            "PUT",
+            "vm.resize",
+            Some(&serde_json::to_string(&vmresize)?),
+        )
+        .map_err(|e| anyhow!(e))?;
+
+        Ok(response)
+    })
+    .await?
+}
--- a/src/runtime-rs/crates/hypervisor/ch-config/src/lib.rs
+++ b/src/runtime-rs/crates/hypervisor/ch-config/src/lib.rs
@@ -500,6 +500,32 @@ pub struct NamedHypervisorConfig {
    pub guest_protection_to_use: GuestProtection,
 }

+#[derive(Clone, Debug, Deserialize, Serialize, Default)]
+pub struct VmResize {
+    pub desired_vcpus: Option<u8>,
+    pub desired_ram: Option<u64>,
+    pub desired_balloon: Option<u64>,
+}
+
+/// VmInfo : Virtual Machine information
+#[derive(Clone, Default, Debug, Serialize, Deserialize)]
+pub struct VmInfo {
+    pub config: VmConfig,
+    pub state: State,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub memory_actual_size: Option<u64>,
+}
+
+#[derive(Clone, Copy, Debug, Default, Serialize, Deserialize)]
+#[serde(rename_all = "PascalCase")]
+pub enum State {
+    #[default]
+    Created,
+    Running,
+    Shutdown,
+    Paused,
+}
+
 // Returns true if the enabled guest protection is Intel TDX.
 pub fn guest_protection_is_tdx(guest_protection_to_use: GuestProtection) -> bool {
    matches!(guest_protection_to_use, GuestProtection::Tdx)
--- a/src/runtime-rs/crates/hypervisor/ch-config/src/net_util.rs
+++ b/src/runtime-rs/crates/hypervisor/ch-config/src/net_util.rs
@@ -2,16 +2,24 @@
 //
 // SPDX-License-Identifier: Apache-2.0

-use serde::{Deserialize, Serialize, Serializer};
+use anyhow::{anyhow, Result};
+use serde::de::{self, Visitor};
+use serde::{Deserialize, Deserializer, Serialize, Serializer};
 use std::fmt;

 pub const MAC_ADDR_LEN: usize = 6;

-#[derive(Clone, Copy, Debug, PartialEq, Eq, Deserialize, Default)]
+#[derive(Clone, Copy, Debug, PartialEq, Eq, Default)]
 pub struct MacAddr {
    pub bytes: [u8; MAC_ADDR_LEN],
 }

+impl MacAddr {
+    pub fn new(addr: [u8; MAC_ADDR_LEN]) -> MacAddr {
+        MacAddr { bytes: addr }
+    }
+}
+
 // Note: Implements ToString automatically.
 impl fmt::Display for MacAddr {
    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
@@ -30,3 +38,186 @@ impl Serialize for MacAddr {
        self.to_string().serialize(serializer)
    }
 }
+
+// Helper function: parse MAC address string to byte array
+fn parse_mac_address_str(s: &str) -> Result<[u8; MAC_ADDR_LEN]> {
+    let parts: Vec<&str> = s.split(':').collect();
+    if parts.len() != MAC_ADDR_LEN {
+        return Err(anyhow!(
+            "Invalid MAC address format: expected {} parts separated by ':', got {}",
+            MAC_ADDR_LEN,
+            parts.len()
+        ));
+    }
+
+    let mut bytes = [0u8; MAC_ADDR_LEN];
+    for (i, part) in parts.iter().enumerate() {
+        if part.len() != 2 {
+            return Err(anyhow!(
+                "Invalid MAC address part '{}': expected 2 hex digits",
+                part
+            ));
+        }
+        bytes[i] = u8::from_str_radix(part, 16)
+            .map_err(|e| anyhow!("Invalid hex digit in '{}': {}", part, e))?;
+    }
+    Ok(bytes)
+}
+
+// Customize Deserialize implementation, because the system's own one does not work.
+impl<'de> Deserialize<'de> for MacAddr {
+    fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
+    where
+        D: Deserializer<'de>,
+    {
+        // We expect the deserializer to provide a string, so we use deserialize_string
+        deserializer.deserialize_string(MacAddrVisitor)
+    }
+}
+
+// MacAddrVisitor will handle the actual conversion from string to MacAddr
+struct MacAddrVisitor;
+
+impl Visitor<'_> for MacAddrVisitor {
+    type Value = MacAddr;
+
+    // When deserialization fails, Serde will call this method to get a description of the expected format
+    fn expecting(&self, formatter: &mut fmt::Formatter) -> fmt::Result {
+        formatter.write_str("a MAC address string in format \"XX:XX:XX:XX:XX:XX\"")
+    }
+
+    // Called when the deserializer provides a string slice
+    fn visit_str<E>(self, v: &str) -> Result<Self::Value, E>
+    where
+        E: de::Error,
+    {
+        // Use our auxiliary function to parse the string and convert it to MacAddr
+        parse_mac_address_str(v)
+            .map(MacAddr::new) // If the parsing is successful, create a MacAddr with a byte array
+            .map_err(de::Error::custom) // If parsing fails, convert the error to Serde's error type
+    }
+
+    // Called when the deserializer provides a String (usually delegated to visit_str)
+    fn visit_string<E>(self, v: String) -> Result<Self::Value, E>
+    where
+        E: de::Error,
+    {
+        self.visit_str(&v)
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*; // Import parent module items, including MAC_ADDR_LEN and parse_mac_address_str
+
+    #[test]
+    fn test_parse_mac_address_str_valid() {
+        // Test a standard MAC address
+        let mac_str = "00:11:22:33:44:55";
+        let expected_bytes = [0x00, 0x11, 0x22, 0x33, 0x44, 0x55];
+        assert_eq!(parse_mac_address_str(mac_str).unwrap(), expected_bytes);
+
+        // Test a MAC address with uppercase letters
+        let mac_str_upper = "AA:BB:CC:DD:EE:FF";
+        let expected_bytes_upper = [0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF];
+        assert_eq!(
+            parse_mac_address_str(mac_str_upper).unwrap(),
+            expected_bytes_upper
+        );
+
+        // Test a mixed-case MAC address
+        let mac_str_mixed = "aA:Bb:Cc:Dd:Ee:Ff";
+        let expected_bytes_mixed = [0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF];
+        assert_eq!(
+            parse_mac_address_str(mac_str_mixed).unwrap(),
+            expected_bytes_mixed
+        );
+
+        // Test an all-zero MAC address
+        let mac_str_zero = "00:00:00:00:00:00";
+        let expected_bytes_zero = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
+        assert_eq!(
+            parse_mac_address_str(mac_str_zero).unwrap(),
+            expected_bytes_zero
+        );
+    }
+
+    #[test]
+    fn test_parse_mac_address_str_invalid_length() {
+        // MAC address with too few segments
+        let mac_str_short = "00:11:22:33:44";
+        let err = parse_mac_address_str(mac_str_short).unwrap_err();
+        assert!(err
+            .to_string()
+            .contains("Invalid MAC address format: expected 6 parts separated by ':', got 5"));
+
+        // MAC address with too many segments
+        let mac_str_long = "00:11:22:33:44:55:66";
+        let err = parse_mac_address_str(mac_str_long).unwrap_err();
+        assert!(err
+            .to_string()
+            .contains("Invalid MAC address format: expected 6 parts separated by ':', got 7"));
+
+        // Empty string
+        let mac_str_empty = "";
+        let err = parse_mac_address_str(mac_str_empty).unwrap_err();
+        // Note: split(':') on an empty string returns a Vec containing [""] if delimiter is not found,
+        // so its length will be 1.
+        assert!(err
+            .to_string()
+            .contains("Invalid MAC address format: expected 6 parts separated by ':', got 1"));
+    }
+
+    #[test]
+    fn test_parse_mac_address_str_invalid_part_length() {
+        // Part with insufficient length (1 digit)
+        let mac_str_part_short = "0:11:22:33:44:55";
+        let err = parse_mac_address_str(mac_str_part_short).unwrap_err();
+        assert!(err
+            .to_string()
+            .contains("Invalid MAC address part '0': expected 2 hex digits"));
+
+        // Part with excessive length (3 digits)
+        let mac_str_part_long = "000:11:22:33:44:55";
+        let err = parse_mac_address_str(mac_str_part_long).unwrap_err();
+        assert!(err
+            .to_string()
+            .contains("Invalid MAC address part '000': expected 2 hex digits"));
+    }
+
+    #[test]
+    fn test_parse_mac_address_str_invalid_chars() {
+        // Contains non-hexadecimal character (letter G)
+        let mac_str_invalid_char_g = "00:11:22:33:44:GG";
+        let err = parse_mac_address_str(mac_str_invalid_char_g).unwrap_err();
+        assert!(err.to_string().contains("Invalid hex digit in 'GG'"));
+
+        // Contains non-hexadecimal character (symbol @)
+        let mac_str_invalid_char_at = "00:11:22:33:44:@5";
+        let err = parse_mac_address_str(mac_str_invalid_char_at).unwrap_err();
+        assert!(err.to_string().contains("Invalid hex digit in '@5'"));
+
+        // Contains whitespace character
+        let mac_str_with_space = "00:11:22:33:44: 5";
+        let err = parse_mac_address_str(mac_str_with_space).unwrap_err();
+        assert!(err.to_string().contains("Invalid hex digit in ' 5'"));
+    }
+
+    #[test]
+    fn test_parse_mac_address_str_malformed_string() {
+        // String with only colons
+        let mac_str_colon_only = ":::::";
+        let err = parse_mac_address_str(mac_str_colon_only).unwrap_err();
+        // Each empty part will trigger the "expected 2 hex digits" error
+        assert!(err
+            .to_string()
+            .contains("Invalid MAC address part '': expected 2 hex digits"));
+
+        // String with trailing colon
+        let mac_str_trailing_colon = "00:11:22:33:44:55:";
+        let err = parse_mac_address_str(mac_str_trailing_colon).unwrap_err();
+        assert!(err
+            .to_string()
+            .contains("Invalid MAC address format: expected 6 parts separated by ':', got 7"));
+    }
+}
--- a/src/runtime-rs/crates/hypervisor/src/ch/inner.rs
+++ b/src/runtime-rs/crates/hypervisor/src/ch/inner.rs
@@ -74,8 +74,8 @@ pub struct CloudHypervisorInner {
    // None.
    pub(crate) ch_features: Option<Vec<String>>,

-    /// Size of memory block of guest OS in MB (currently unused)
-    pub(crate) _guest_memory_block_size_mb: u32,
+    /// Size of memory block of guest OS in MB
+    pub(crate) guest_memory_block_size_mb: u32,

    pub(crate) exit_notify: Option<mpsc::Sender<i32>>,
 }
@@ -117,7 +117,7 @@ impl CloudHypervisorInner {
            tasks: None,
            guest_protection_to_use: GuestProtection::NoProtection,
            ch_features: None,
-            _guest_memory_block_size_mb: 0,
+            guest_memory_block_size_mb: 0,

            exit_notify,
        }
--- a/src/runtime-rs/crates/hypervisor/src/ch/inner_hypervisor.rs
+++ b/src/runtime-rs/crates/hypervisor/src/ch/inner_hypervisor.rs
@@ -7,15 +7,18 @@ use super::inner::CloudHypervisorInner;
 use crate::ch::utils::get_api_socket_path;
 use crate::ch::utils::get_vsock_path;
 use crate::kernel_param::KernelParams;
-use crate::utils::{get_jailer_root, get_sandbox_path};
+use crate::utils::{bytes_to_megs, get_jailer_root, get_sandbox_path, megs_to_bytes};
 use crate::MemoryConfig;
 use crate::VM_ROOTFS_DRIVER_BLK;
 use crate::VM_ROOTFS_DRIVER_PMEM;
 use crate::{VcpuThreadIds, VmmState};
 use anyhow::{anyhow, Context, Result};
-use ch_config::ch_api::{
-    cloud_hypervisor_vm_create, cloud_hypervisor_vm_start, cloud_hypervisor_vmm_ping,
-    cloud_hypervisor_vmm_shutdown,
+use ch_config::{
+    ch_api::{
+        cloud_hypervisor_vm_create, cloud_hypervisor_vm_info, cloud_hypervisor_vm_resize,
+        cloud_hypervisor_vm_start, cloud_hypervisor_vmm_ping, cloud_hypervisor_vmm_shutdown,
+    },
+    VmResize,
 };
 use ch_config::{guest_protection_is_tdx, NamedHypervisorConfig, VmConfig};
 use core::future::poll_fn;
@@ -678,8 +681,50 @@ impl CloudHypervisorInner {
        Ok(())
    }

-    pub(crate) async fn resize_vcpu(&self, old_vcpu: u32, new_vcpu: u32) -> Result<(u32, u32)> {
-        Ok((old_vcpu, new_vcpu))
+    pub(crate) async fn resize_vcpu(
+        &self,
+        old_vcpus: u32,
+        mut new_vcpus: u32,
+    ) -> Result<(u32, u32)> {
+        info!(
+            sl!(),
+            "cloud hypervisor resize_vcpu(): {} -> {}", old_vcpus, new_vcpus
+        );
+
+        if new_vcpus == 0 {
+            return Err(anyhow!("resize to 0 vcpus requested"));
+        }
+
+        if new_vcpus > self.config.cpu_info.default_maxvcpus {
+            warn!(
+                sl!(),
+                "Cannot allocate more vcpus than the max allowed number of vcpus. The maximum allowed amount of vcpus will be used instead.");
+            new_vcpus = self.config.cpu_info.default_maxvcpus;
+        }
+
+        if new_vcpus == old_vcpus {
+            return Ok((old_vcpus, new_vcpus));
+        }
+
+        let socket = self
+            .api_socket
+            .as_ref()
+            .ok_or("missing socket")
+            .map_err(|e| anyhow!(e))?;
+
+        let vmresize = VmResize {
+            desired_vcpus: Some(new_vcpus as u8),
+            ..Default::default()
+        };
+
+        cloud_hypervisor_vm_resize(
+            socket.try_clone().context("failed to clone socket")?,
+            vmresize,
+        )
+        .await
+        .context("resize vcpus")?;
+
+        Ok((old_vcpus, new_vcpus))
    }

    pub(crate) async fn get_pids(&self) -> Result<Vec<u32>> {
@@ -748,17 +793,99 @@ impl CloudHypervisorInner {
    }

    pub(crate) fn set_guest_memory_block_size(&mut self, size: u32) {
-        self._guest_memory_block_size_mb = size;
+        self.guest_memory_block_size_mb = bytes_to_megs(size as u64);
    }

    pub(crate) fn guest_memory_block_size_mb(&self) -> u32 {
-        self._guest_memory_block_size_mb
+        self.guest_memory_block_size_mb
    }

-    pub(crate) fn resize_memory(&self, _new_mem_mb: u32) -> Result<(u32, MemoryConfig)> {
-        warn!(sl!(), "CH memory resize not implemented - see https://github.com/kata-containers/kata-containers/issues/8801");
+    pub(crate) async fn resize_memory(&self, new_mem_mb: u32) -> Result<(u32, MemoryConfig)> {
+        let socket = self
+            .api_socket
+            .as_ref()
+            .ok_or("missing socket")
+            .map_err(|e| anyhow!(e))?;

-        Ok((0, MemoryConfig::default()))
+        let vminfo =
+            cloud_hypervisor_vm_info(socket.try_clone().context("failed to clone socket")?)
+                .await
+                .context("get vminfo")?;
+
+        let current_mem_size = vminfo.config.memory.size;
+        let new_total_mem = megs_to_bytes(new_mem_mb);
+
+        info!(
+            sl!(),
+            "cloud-hypervisor::resize_memory(): asked to resize memory to {} MB, current memory is {} MB", new_mem_mb, bytes_to_megs(current_mem_size)
+        );
+
+        // Early Check to verify if boot memory is the same as requested
+        if current_mem_size == new_total_mem {
+            info!(sl!(), "VM alreay has requested memory");
+            return Ok((new_mem_mb, MemoryConfig::default()));
+        }
+
+        if current_mem_size > new_total_mem {
+            info!(sl!(), "Remove memory is not supported, nothing to do");
+            return Ok((new_mem_mb, MemoryConfig::default()));
+        }
+
+        let guest_mem_block_size = megs_to_bytes(self.guest_memory_block_size_mb);
+
+        let mut new_hotplugged_mem = new_total_mem - current_mem_size;
+
+        info!(
+            sl!(),
+            "new hotplugged mem before alignment: {} B ({} MB), guest_mem_block_size: {} MB",
+            new_hotplugged_mem,
+            bytes_to_megs(new_hotplugged_mem),
+            bytes_to_megs(guest_mem_block_size)
+        );
+
+        let is_unaligned = new_hotplugged_mem % guest_mem_block_size != 0;
+        if is_unaligned {
+            new_hotplugged_mem = ch_config::convert::checked_next_multiple_of(
+                new_hotplugged_mem,
+                guest_mem_block_size,
+            )
+            .ok_or(anyhow!(format!(
+                "alignment of {} B to the block size of {} B failed",
+                new_hotplugged_mem, guest_mem_block_size
+            )))?
+        }
+
+        let new_total_mem_aligned = new_hotplugged_mem + current_mem_size;
+
+        let max_total_mem = megs_to_bytes(self.config.memory_info.default_maxmemory);
+        if new_total_mem_aligned > max_total_mem {
+            return Err(anyhow!(
+                "requested memory ({} MB) is greater than maximum allowed ({} MB)",
+                bytes_to_megs(new_total_mem_aligned),
+                self.config.memory_info.default_maxmemory
+            ));
+        }
+
+        info!(
+            sl!(),
+            "hotplugged mem from {} MB to {} MB)",
+            bytes_to_megs(current_mem_size),
+            bytes_to_megs(new_total_mem_aligned)
+        );
+
+        let vmresize = VmResize {
+            desired_ram: Some(new_total_mem_aligned),
+            ..Default::default()
+        };
+
+        cloud_hypervisor_vm_resize(
+            socket.try_clone().context("failed to clone socket")?,
+            vmresize,
+        )
+        .await
+        .context("resize memory")?;
+
+        Ok((new_mem_mb, MemoryConfig::default()))
    }
 }

--- a/src/runtime-rs/crates/hypervisor/src/ch/mod.rs
+++ b/src/runtime-rs/crates/hypervisor/src/ch/mod.rs
@@ -206,7 +206,7 @@ impl Hypervisor for CloudHypervisor {

    async fn resize_memory(&self, new_mem_mb: u32) -> Result<(u32, MemoryConfig)> {
        let inner = self.inner.read().await;
-        inner.resize_memory(new_mem_mb)
+        inner.resize_memory(new_mem_mb).await
    }

    async fn get_passfd_listener_addr(&self) -> Result<(String, u32)> {
--- a/src/runtime-rs/crates/hypervisor/src/device/driver/protection_device.rs
+++ b/src/runtime-rs/crates/hypervisor/src/device/driver/protection_device.rs
@@ -22,6 +22,7 @@ pub struct SevSnpConfig {
    pub is_snp: bool,
    pub cbitpos: u32,
    pub firmware: String,
+    pub host_data: Option<String>,
 }

 #[derive(Debug, Clone)]
--- a/src/runtime-rs/crates/hypervisor/src/dragonball/inner.rs
+++ b/src/runtime-rs/crates/hypervisor/src/dragonball/inner.rs
@@ -28,7 +28,7 @@ use kata_types::{
 };
 use nix::mount::MsFlags;
 use persist::sandbox_persist::Persist;
-use std::cmp::Ordering;
+use std::{cmp::Ordering, time::Duration};
 use std::{collections::HashSet, fs::create_dir_all};
 use tokio::sync::mpsc;

@@ -37,6 +37,9 @@ const DRAGONBALL_INITRD: &str = "initrd";
 const DRAGONBALL_ROOT_FS: &str = "rootfs";
 const BALLOON_DEVICE_ID: &str = "balloon0";
 const MEM_DEVICE_ID: &str = "memmr0";
+/// default hotplug timeout
+const DEFAULT_HOTPLUG_TIMEOUT: u64 = 250;
+
 #[derive(Debug)]
 pub struct DragonballInner {
    /// sandbox id
@@ -391,7 +394,10 @@ impl DragonballInner {
            vcpu_count: Some(new_vcpus as u8),
        };
        self.vmm_instance
-            .resize_vcpu(&cpu_resize_info)
+            .resize_vcpu(
+                &cpu_resize_info,
+                Some(Duration::from_millis(DEFAULT_HOTPLUG_TIMEOUT)),
+            )
            .context(format!(
                "failed to do_resize_vcpus on new_vcpus={:?}",
                new_vcpus
--- a/src/runtime-rs/crates/hypervisor/src/dragonball/vmm_instance.rs
+++ b/src/runtime-rs/crates/hypervisor/src/dragonball/vmm_instance.rs
@@ -9,6 +9,7 @@ use std::{
    os::unix::{io::IntoRawFd, prelude::AsRawFd},
    sync::{Arc, Mutex, RwLock},
    thread,
+    time::Duration,
 };

 use anyhow::{anyhow, Context, Result};
@@ -292,9 +293,17 @@ impl VmmInstance {
        Ok(())
    }

-    pub fn resize_vcpu(&self, cfg: &VcpuResizeInfo) -> Result<()> {
-        self.handle_request(Request::Sync(VmmAction::ResizeVcpu(cfg.clone())))
+    pub fn resize_vcpu(&self, cfg: &VcpuResizeInfo, timeout: Option<Duration>) -> Result<()> {
+        let vmmdata = self
+            .handle_request(Request::Sync(VmmAction::ResizeVcpu(cfg.clone())))
            .with_context(|| format!("Failed to resize_vm(hotplug vcpu), cfg: {:?}", cfg))?;
+
+        if let Some(timeout) = timeout {
+            if let VmmData::SyncHotplug((_, receiver)) = vmmdata {
+                let _ = receiver.recv_timeout(timeout)?;
+            }
+        }
+
        Ok(())
    }

--- a/src/runtime-rs/crates/hypervisor/src/qemu/cmdline_generator.rs
+++ b/src/runtime-rs/crates/hypervisor/src/qemu/cmdline_generator.rs
@@ -1798,17 +1798,18 @@ struct ObjectSevSnpGuest {
    cbitpos: u32,
    reduced_phys_bits: u32,
    kernel_hashes: bool,
-
+    host_data: Option<String>,
    is_snp: bool,
 }

 impl ObjectSevSnpGuest {
-    fn new(is_snp: bool, cbitpos: u32) -> Self {
+    fn new(is_snp: bool, cbitpos: u32, host_data: Option<String>) -> Self {
        ObjectSevSnpGuest {
            id: (if is_snp { "snp" } else { "sev" }).to_owned(),
            cbitpos,
            reduced_phys_bits: 1,
            kernel_hashes: true,
+            host_data,
            is_snp,
        }
    }
@@ -1834,6 +1835,9 @@ impl ToQemuParams for ObjectSevSnpGuest {
                "kernel-hashes={}",
                if self.kernel_hashes { "on" } else { "off" }
            ));
+            if let Some(host_data) = &self.host_data {
+                params.push(format!("host-data={}", host_data))
+            }
        }
        Ok(vec!["-object".to_owned(), params.join(",")])
    }
@@ -2430,7 +2434,7 @@ impl<'a> QemuCmdLine<'a> {
    }

    pub fn add_sev_protection_device(&mut self, cbitpos: u32, firmware: &str) {
-        let sev_object = ObjectSevSnpGuest::new(false, cbitpos);
+        let sev_object = ObjectSevSnpGuest::new(true, cbitpos, None);
        self.devices.push(Box::new(sev_object));

        self.devices.push(Box::new(Bios::new(firmware.to_owned())));
@@ -2440,8 +2444,13 @@ impl<'a> QemuCmdLine<'a> {
            .set_nvdimm(false);
    }

-    pub fn add_sev_snp_protection_device(&mut self, cbitpos: u32, firmware: &str) {
-        let sev_snp_object = ObjectSevSnpGuest::new(true, cbitpos);
+    pub fn add_sev_snp_protection_device(
+        &mut self,
+        cbitpos: u32,
+        firmware: &str,
+        host_data: &Option<String>,
+    ) {
+        let sev_snp_object = ObjectSevSnpGuest::new(true, cbitpos, host_data.clone());
        self.devices.push(Box::new(sev_snp_object));

        self.devices.push(Box::new(Bios::new(firmware.to_owned())));
--- a/src/runtime-rs/crates/hypervisor/src/qemu/inner.rs
+++ b/src/runtime-rs/crates/hypervisor/src/qemu/inner.rs
@@ -7,10 +7,12 @@ use super::cmdline_generator::{get_network_device, QemuCmdLine, QMP_SOCKET_FILE}
 use super::qmp::Qmp;
 use crate::device::topology::PCIePort;
 use crate::{
-    device::driver::ProtectionDeviceConfig, hypervisor_persist::HypervisorState,
-    utils::enter_netns, HypervisorConfig, MemoryConfig, VcpuThreadIds, VsockDevice,
-    HYPERVISOR_QEMU,
+    device::driver::ProtectionDeviceConfig, hypervisor_persist::HypervisorState, HypervisorConfig,
+    MemoryConfig, VcpuThreadIds, VsockDevice, HYPERVISOR_QEMU,
 };
+
+use crate::utils::{bytes_to_megs, enter_netns, megs_to_bytes};
+
 use anyhow::{anyhow, Context, Result};
 use async_trait::async_trait;
 use kata_sys_util::netns::NetnsGuard;
@@ -136,6 +138,7 @@ impl QemuInner {
                            cmdline.add_sev_snp_protection_device(
                                sev_snp_cfg.cbitpos,
                                &sev_snp_cfg.firmware,
+                                &sev_snp_cfg.host_data,
                            )
                        } else {
                            cmdline.add_sev_protection_device(
@@ -388,7 +391,9 @@ impl QemuInner {
        let mut caps = Capabilities::default();

        // Confidential Guest doesn't permit virtio-fs.
-        let flags = if self.hypervisor_config().security_info.confidential_guest {
+        let flags = if self.hypervisor_config().security_info.confidential_guest
+            || self.hypervisor_config().shared_fs.shared_fs.is_none()
+        {
            CapabilityBits::BlockDeviceSupport | CapabilityBits::BlockDeviceHotplugSupport
        } else {
            CapabilityBits::BlockDeviceSupport
@@ -453,15 +458,6 @@ impl QemuInner {
            "QemuInner::resize_memory(): asked to resize memory to {} MB", new_total_mem_mb
        );

-        // stick to the apparent de facto convention and represent megabytes
-        // as u32 and bytes as u64
-        fn bytes_to_megs(bytes: u64) -> u32 {
-            (bytes / (1 << 20)) as u32
-        }
-        fn megs_to_bytes(bytes: u32) -> u64 {
-            bytes as u64 * (1 << 20)
-        }
-
        let qmp = match self.qmp {
            Some(ref mut qmp) => qmp,
            None => {
--- a/src/runtime-rs/crates/hypervisor/src/remote/inner.rs
+++ b/src/runtime-rs/crates/hypervisor/src/remote/inner.rs
@@ -12,6 +12,7 @@ use async_trait::async_trait;
 use kata_types::{
    annotations::{
        cri_containerd::{SANDBOX_NAMESPACE_LABEL_KEY, SANDBOX_NAME_LABEL_KEY},
+        KATA_ANNO_CFG_HYPERVISOR_DEFAULT_GPUS, KATA_ANNO_CFG_HYPERVISOR_DEFAULT_GPU_MODEL,
        KATA_ANNO_CFG_HYPERVISOR_DEFAULT_MEMORY, KATA_ANNO_CFG_HYPERVISOR_DEFAULT_VCPUS,
        KATA_ANNO_CFG_HYPERVISOR_IMAGE_PATH, KATA_ANNO_CFG_HYPERVISOR_MACHINE_TYPE,
    },
@@ -124,6 +125,14 @@ impl RemoteInner {
            KATA_ANNO_CFG_HYPERVISOR_IMAGE_PATH.to_string(),
            config.boot_info.image.to_string(),
        );
+        annotations.insert(
+            KATA_ANNO_CFG_HYPERVISOR_DEFAULT_GPUS.to_string(),
+            config.remote_info.default_gpus.to_string(),
+        );
+        annotations.insert(
+            KATA_ANNO_CFG_HYPERVISOR_DEFAULT_GPU_MODEL.to_string(),
+            config.remote_info.default_gpu_model.to_string(),
+        );
        annotations
    }

--- a/src/runtime-rs/crates/hypervisor/src/utils.rs
+++ b/src/runtime-rs/crates/hypervisor/src/utils.rs
@@ -192,6 +192,14 @@ impl std::fmt::Display for SocketAddress {
    }
 }

+pub fn bytes_to_megs(bytes: u64) -> u32 {
+    (bytes / (1 << 20)) as u32
+}
+
+pub fn megs_to_bytes(bytes: u32) -> u64 {
+    bytes as u64 * (1 << 20)
+}
+
 #[cfg(test)]
 mod tests {
    use super::create_fds;
--- a/src/runtime-rs/crates/resource/Cargo.toml
+++ b/src/runtime-rs/crates/resource/Cargo.toml
@@ -35,6 +35,8 @@ uuid = { version = "0.4", features = ["v4"] }
 oci-spec = { workspace = true }
 inotify = "0.11.0"
 walkdir = "2.5.0"
+flate2 = { version = "1.0", features = ["zlib"] }
+tempfile = "3.19.1"

 ## Dependencies from `rust-netlink`
 netlink-packet-route = "0.22"
--- a/src/runtime-rs/crates/resource/src/coco_data/initdata.rs
+++ b/src/runtime-rs/crates/resource/src/coco_data/initdata.rs
@@ -0,0 +1,19 @@
+// Copyright (c) 2025 Ant Group
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+use hypervisor::BlockConfig;
+
+/// The path /run/kata-containers/shared/initdata, combined with the sandbox ID,
+/// will form the directory for storing the initdata image.
+/// Path::new(KATA_SHARED_INIT_DATA_PATH).join(SID)
+pub const KATA_SHARED_INIT_DATA_PATH: &str = "/run/kata-containers/shared/initdata";
+
+/// kata initdata image
+pub const KATA_INIT_DATA_IMAGE: &str = "initdata.image";
+
+/// InitDataConfig which is a tuple of Block Device Config and its digest of the encoded
+/// string included in the disk. And, both of them will come up at the same time.
+#[derive(Clone, Debug)]
+pub struct InitDataConfig(pub BlockConfig, pub String);
--- a/src/runtime-rs/crates/resource/src/coco_data/initdata_block.rs
+++ b/src/runtime-rs/crates/resource/src/coco_data/initdata_block.rs
@@ -0,0 +1,335 @@
+// Copyright (c) 2025 Ant Group
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+use flate2::{Compression, GzBuilder};
+use std::{
+    fmt, fs,
+    io::{self, BufWriter, Seek, Write},
+    path::{Path, PathBuf},
+};
+use tempfile::NamedTempFile;
+
+#[derive(Debug)]
+pub enum InitDataError {
+    InvalidPath(PathBuf),
+    IoError(String, io::Error),
+    CompressionError(io::Error),
+    PersistError(tempfile::PersistError),
+}
+
+impl fmt::Display for InitDataError {
+    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
+        match self {
+            Self::InvalidPath(p) => write!(f, "Invalid path: {}", p.display()),
+            Self::IoError(ctx, e) => write!(f, "I/O error during {}: {}", ctx, e),
+            Self::CompressionError(e) => write!(f, "Compression failed: {}", e),
+            Self::PersistError(e) => write!(f, "File persistence failed: {}", e),
+        }
+    }
+}
+
+impl std::error::Error for InitDataError {
+    fn source(&self) -> Option<&(dyn std::error::Error + 'static)> {
+        match self {
+            Self::IoError(_, e) => Some(e),
+            Self::CompressionError(e) => Some(e),
+            Self::PersistError(e) => Some(e),
+            _ => None,
+        }
+    }
+}
+
+impl From<io::Error> for InitDataError {
+    fn from(err: io::Error) -> Self {
+        InitDataError::IoError("I/O operation".into(), err)
+    }
+}
+
+const MAGIC_HEADER: &[u8; 8] = b"initdata";
+const SECTOR_SIZE: u64 = 512;
+
+// Default buffer size, adjustable based on target storage optimization
+const DEFAULT_BUFFER_SIZE: usize = 128 * 1024;
+
+/// Determines the optimal buffer size
+fn determine_buffer_size(data_size: usize) -> usize {
+    // Use smaller buffers for small data to reduce memory usage
+    if data_size < 4 * 1024 {
+        return 4 * 1024;
+    } else if data_size < 64 * 1024 {
+        return 32 * 1024;
+    }
+    // Use larger buffers for big data to improve throughput
+    DEFAULT_BUFFER_SIZE
+}
+
+/// create compressed block compliant with RAW format requirements
+///
+/// # Arguments
+/// - `initdata`: Initialization data to be compressed and stored (TOML/JSON format, etc.)
+/// - `image_path`: Target image file path
+/// - `compression_level`: Compression level (0-9, default maximum compression)
+///
+/// # Returns
+/// - `Ok(file_size)`: Total bytes written to the image file on success
+/// - `Err(InitDataError)`: Error details on failure
+///
+/// # Safety
+/// - Atomic writes ensure crash recovery
+/// - Automatic temporary file cleanup
+/// - File permissions restricted to 0o600 on Unix systems
+fn create_compressed_block(
+    initdata: &str,
+    image_path: &Path,
+    compression_level: Option<u32>,
+) -> Result<u64, InitDataError> {
+    // 1. Skip file creation if initdata is empty
+    if initdata.is_empty() {
+        info!(
+            sl!(),
+            "No initialization data provided, skipping image creation for {}",
+            image_path.display()
+        );
+        return Ok(0);
+    }
+
+    // Store initdata size for logging and optimization
+    let initdata_size = initdata.len();
+    info!(
+        sl!(),
+        "Processing {} bytes of initialization data", initdata_size
+    );
+
+    // Ensure parent directory exists
+    if let Some(parent_dir) = image_path.parent() {
+        if !parent_dir.exists() {
+            info!(sl!(), "Creating parent directory: {}", parent_dir.display());
+            fs::create_dir_all(parent_dir).map_err(|e| {
+                InitDataError::IoError(format!("creating directory {}", parent_dir.display()), e)
+            })?;
+        }
+    } else {
+        return Err(InitDataError::InvalidPath(image_path.to_owned()));
+    }
+
+    // 2. Determine optimal buffer size based on data size
+    let buffer_size = determine_buffer_size(initdata_size);
+    info!(sl!(), "Using buffer size of {} bytes", buffer_size);
+
+    // 3. Create temp file in parent directory (ensures atomic rename)
+    let parent_dir = image_path
+        .parent()
+        .ok_or_else(|| InitDataError::InvalidPath(image_path.to_owned()))?;
+
+    info!(
+        sl!(),
+        "Creating temporary file in: {}",
+        parent_dir.display()
+    );
+
+    // Using named temporary files offers crucial benefits for writing data:
+    // - It ensures atomic operations by renaming the file only on successful completion;
+    // - It prevents concurrent conflicts through unique naming;
+    // - And it guarantees reliable atomic renames by creating the temporary file in the same directory as the target.
+    let temp_file = NamedTempFile::new_in(parent_dir).map_err(|e| {
+        InitDataError::IoError(format!("creating temp file in {}", parent_dir.display()), e)
+    })?;
+
+    info!(
+        sl!(),
+        "Temporary file created: {}",
+        temp_file.path().display()
+    );
+
+    // 4. Set strict file permissions
+    #[cfg(unix)]
+    {
+        use std::os::unix::fs::PermissionsExt;
+        let mut perms = temp_file.as_file().metadata()?.permissions();
+        perms.set_mode(0o600); // User read/write permissions
+        temp_file.as_file().set_permissions(perms)?;
+    }
+
+    // 5. Create buffered writer
+    let mut writer = BufWriter::with_capacity(buffer_size, temp_file);
+
+    // 6. Write magic header
+    writer.write_all(MAGIC_HEADER)?;
+    info!(sl!(), "Magic header written: {:?}", MAGIC_HEADER);
+
+    // 7. Configure compression level and initialize GZ writer
+    let compression =
+        compression_level.map_or(Compression::best(), |lvl| Compression::new(lvl.min(9)));
+
+    info!(
+        sl!(),
+        "Compressing data with compression level {}",
+        compression.level()
+    );
+
+    let mut gz = GzBuilder::new()
+        .filename("initdata.toml") // Embed original filename metadata
+        .comment("Generated by Confidential Containers")
+        .write(writer, compression);
+
+    // 8. Write data in chunks to avoid large memory allocation
+    let mut bytes_written = 0;
+    for chunk in initdata.as_bytes().chunks(buffer_size) {
+        bytes_written += gz.write(chunk)?;
+    }
+    info!(sl!(), "written {} bytes", bytes_written);
+
+    // 9. Finalize compression and retrieve writer
+    let mut writer = gz.finish()?;
+    let compressed_size = writer.stream_position()?;
+
+    info!(
+        sl!(),
+        "Data compressed: {} -> {} bytes (ratio: {:.2}%)",
+        initdata_size,
+        compressed_size,
+        (compressed_size as f64 / initdata_size as f64) * 100.0
+    );
+
+    // 10. Calculate padding for sector alignment
+    let current_pos = compressed_size;
+    let padding = (SECTOR_SIZE - (current_pos % SECTOR_SIZE)) % SECTOR_SIZE;
+
+    // 11. Zero-byte padding using small blocks
+    if padding > 0 {
+        info!(
+            sl!(),
+            "Adding {} bytes of padding for sector alignment", padding
+        );
+        const ZERO_BLOCK: [u8; 4096] = [0; 4096];
+        let mut remaining = padding as usize;
+
+        while remaining > 0 {
+            let write_size = std::cmp::min(remaining, ZERO_BLOCK.len());
+            writer.write_all(&ZERO_BLOCK[..write_size])?;
+            remaining -= write_size;
+        }
+    }
+
+    // 12. Ensure data persistence
+    writer
+        .flush()
+        .map_err(|e| InitDataError::IoError("flush buffer".into(), e))?;
+
+    // This extracts the NamedTempFile from the BufWriter.
+    // Essentially, it unwraps the layered writers (compression, buffering) to get back the original temporary file (temp_file),
+    // allowing direct operations like syncing or renaming.
+    let original_tempfile = writer
+        .into_inner()
+        .map_err(|e| InitDataError::IoError("retrieving inner writer".into(), e.into()))?;
+
+    // 13. Ensure all data is written to storage
+    original_tempfile.as_file().sync_all()?;
+
+    // 14. Atomic commit
+    let final_size = original_tempfile.as_file().metadata()?.len();
+    info!(
+        sl!(),
+        "Final image size: {} bytes, persisting to: {}",
+        final_size,
+        image_path.display()
+    );
+
+    original_tempfile
+        .persist(image_path)
+        .map_err(InitDataError::PersistError)?;
+
+    Ok(final_size)
+}
+
+/// Add data to a compressed image at the specified path
+pub fn push_data(initdata_path: &Path, data: &str) -> anyhow::Result<()> {
+    let _ = fs::remove_file(initdata_path);
+    let size = create_compressed_block(data, initdata_path, None)
+        .map_err(|e| anyhow::anyhow!("Failed to create image: {}", e))?;
+    info!(
+        sl!(),
+        "Create compressed image successfully, size {} bytes and  created at {}",
+        size,
+        initdata_path.display()
+    );
+
+    Ok(())
+}
+
+// Unit tests
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use std::env;
+    use std::io::Read;
+
+    fn setup_test_env() -> PathBuf {
+        let dir = env::temp_dir().join("initimg_test");
+        fs::create_dir_all(&dir).unwrap();
+        dir
+    }
+
+    #[test]
+    fn test_valid_creation() {
+        let dir = setup_test_env();
+        let path = dir.join("test.img");
+
+        let data = "[config]\nkey = \"value\"\n";
+        let result = create_compressed_block(data, &path, Some(6));
+
+        assert!(result.is_ok());
+        assert!(path.exists());
+
+        // Verify basic structure
+        let meta = fs::metadata(&path).unwrap();
+        assert_eq!(meta.len() % SECTOR_SIZE, 0);
+
+        // Verify magic header
+        let mut file = fs::File::open(&path).unwrap();
+        let mut header = [0u8; 8];
+        file.read_exact(&mut header).unwrap();
+        assert_eq!(&header, MAGIC_HEADER);
+
+        // Cleanup
+        fs::remove_file(path).unwrap();
+    }
+
+    #[test]
+    fn test_empty_input() {
+        let dir = setup_test_env();
+        let path = dir.join("empty.img");
+
+        let result = create_compressed_block("", &path, None);
+
+        // Should succeed but return zero size
+        assert!(result.is_ok());
+        assert_eq!(result.unwrap(), 0);
+        // Should not create file
+        assert!(!path.exists());
+    }
+
+    #[test]
+    fn test_different_compression_levels() {
+        let dir = setup_test_env();
+        let data = "[config]\n".repeat(1000); // Generate large test data
+
+        let sizes = vec![0, 3, 9]
+            .into_iter()
+            .map(|level| {
+                let path = dir.join(format!("test_comp_{}.img", level));
+                let res = create_compressed_block(&data, &path, Some(level));
+                let size = res.unwrap();
+                fs::remove_file(&path).unwrap();
+                size
+            })
+            .collect::<Vec<_>>();
+
+        // Different compression levels should produce different sizes
+        // Simple check due to data and environment variability
+        println!("Compression level sizes: {:?}", sizes);
+        assert!(sizes[0] > 0);
+    }
+}
--- a/src/runtime-rs/crates/resource/src/coco_data/mod.rs
+++ b/src/runtime-rs/crates/resource/src/coco_data/mod.rs
@@ -0,0 +1,7 @@
+// Copyright (c) 2025 Ant Group
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+pub mod initdata;
+pub mod initdata_block;
--- a/Show More
+++ b/Show More