Merge pull request #10890 from zvonkok/arm64-fix-release

release: Remove artifacts for release
2026-02-28 09:42:21 +00:00 · 2025-02-17 22:29:23 +02:00 · 2025-02-17 20:16:48 +00:00 · 2025-02-17 20:25:30 +02:00 · 2025-02-17 12:49:51 -05:00 · 2025-02-17 12:45:54 -05:00
600 changed files with 28509 additions and 8437 deletions
--- a/.github/actionlint.yaml
+++ b/.github/actionlint.yaml
@@ -7,7 +7,7 @@
 self-hosted-runner:
  # Labels of self-hosted runner that linter should ignore
  labels:
-    - arm64-builder
+    - ubuntu-22.04-arm
    - garm-ubuntu-2004
    - garm-ubuntu-2004-smaller
    - garm-ubuntu-2204
--- a/.github/workflows/actionlint.yaml
+++ b/.github/workflows/actionlint.yaml
@@ -0,0 +1,33 @@
+name: Lint GHA workflows
+
+on:
+  workflow_dispatch:
+  pull_request:
+    types:
+      - opened
+      - edited
+      - reopened
+      - synchronize
+    paths:
+      - '.github/workflows/**'
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  run-actionlint:
+    env:
+      GH_TOKEN: ${{ github.token }}
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout the code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Install actionlint gh extension
+        run: gh extension install https://github.com/cschleiden/gh-actionlint
+
+      - name: Run actionlint
+        run:  gh actionlint
--- a/.github/workflows/add-issues-to-project.yaml
+++ b/.github/workflows/add-issues-to-project.yaml
@@ -33,7 +33,7 @@ jobs:
        run: |
          # Clone into a temporary directory to avoid overwriting
          # any existing github directory.
-          pushd $(mktemp -d) &>/dev/null
+          pushd "$(mktemp -d)" &>/dev/null
          git clone --single-branch --depth 1 "https://github.com/kata-containers/.github" && cd .github/scripts
          sudo install hub-util.sh /usr/local/bin
          popd &>/dev/null
--- a/.github/workflows/add-pr-sizing-label.yaml
+++ b/.github/workflows/add-pr-sizing-label.yaml
@@ -36,7 +36,7 @@ jobs:
        run: |
          # Clone into a temporary directory to avoid overwriting
          # any existing github directory.
-          pushd $(mktemp -d) &>/dev/null
+          pushd "$(mktemp -d)" &>/dev/null
          git clone --single-branch --depth 1 "https://github.com/kata-containers/.github" && cd .github/scripts
          sudo install pr-add-size-label.sh /usr/local/bin
          popd &>/dev/null
--- a/.github/workflows/basic-ci-amd64.yaml
+++ b/.github/workflows/basic-ci-amd64.yaml
@@ -56,6 +56,51 @@ jobs:
        timeout-minutes: 10
        run: bash tests/integration/cri-containerd/gha-run.sh run

+  run-containerd-sandboxapi:
+    strategy:
+      # We can set this to true whenever we're 100% sure that
+      # the all the tests are not flaky, otherwise we'll fail
+      # all the tests due to a single flaky instance.
+      fail-fast: false
+      matrix:
+        containerd_version: ['latest']
+        vmm: ['dragonball', 'cloud-hypervisor', 'qemu-runtime-rs']
+    runs-on: ubuntu-22.04
+    env:
+      CONTAINERD_VERSION: ${{ matrix.containerd_version }}
+      GOPATH: ${{ github.workspace }}
+      KATA_HYPERVISOR: ${{ matrix.vmm }}
+      #the latest containerd from 2.0 need to set the CGROUP_DRIVER for e2e testing
+      CGROUP_DRIVER: ""
+      SANDBOXER: "shim"
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ inputs.commit-hash }}
+          fetch-depth: 0
+
+      - name: Rebase atop of the latest target branch
+        run: |
+          ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch"
+        env:
+          TARGET_BRANCH: ${{ inputs.target-branch }}
+
+      - name: Install dependencies
+        run: bash tests/integration/cri-containerd/gha-run.sh install-dependencies
+
+      - name: get-kata-tarball
+        uses: actions/download-artifact@v4
+        with:
+          name: kata-static-tarball-amd64${{ inputs.tarball-suffix }}
+          path: kata-artifacts
+
+      - name: Install kata
+        run: bash tests/integration/cri-containerd/gha-run.sh install-kata kata-artifacts
+
+      - name: Run containerd-sandboxapi tests
+        timeout-minutes: 10
+        run: bash tests/integration/cri-containerd/gha-run.sh run
+
  run-containerd-stability:
    strategy:
      fail-fast: false
@@ -67,6 +112,7 @@ jobs:
      CONTAINERD_VERSION: ${{ matrix.containerd_version }}
      GOPATH: ${{ github.workspace }}
      KATA_HYPERVISOR: ${{ matrix.vmm }}
+      SANDBOXER: "podsandbox"
    steps:
      - uses: actions/checkout@v4
        with:
@@ -138,6 +184,8 @@ jobs:
        run: bash tests/integration/nydus/gha-run.sh run

  run-runk:
+    # Skip runk tests as we have no maintainers. TODO: Decide when to remove altogether
+    if: false
    runs-on: ubuntu-22.04
    env:
      CONTAINERD_VERSION: lts
@@ -260,6 +308,8 @@ jobs:
        vmm:
          - clh
          - qemu
+          - dragonball
+          - cloud-hypervisor
    runs-on: ubuntu-22.04
    env:
      KATA_HYPERVISOR: ${{ matrix.vmm }}
--- a/.github/workflows/build-checks.yaml
+++ b/.github/workflows/build-checks.yaml
@@ -19,7 +19,6 @@ jobs:
          - runtime-rs
          - agent-ctl
          - kata-ctl
-          - runk
          - trace-forwarder
          - genpolicy
        command:
@@ -40,22 +39,18 @@ jobs:
            component-path: src/tools/agent-ctl
          - component: kata-ctl
            component-path: src/tools/kata-ctl
-          - component: runk
-            component-path: src/tools/runk
          - component: trace-forwarder
            component-path: src/tools/trace-forwarder
          - install-libseccomp: no
          - component: agent
            install-libseccomp: yes
-          - component: runk
-            install-libseccomp: yes
          - component: genpolicy
            component-path: src/tools/genpolicy
    steps:
      - name: Adjust a permission for repo
        run: |
-          sudo chown -R $USER:$USER $GITHUB_WORKSPACE $HOME
-          sudo rm -rf $GITHUB_WORKSPACE/* && echo "GITHUB_WORKSPACE removed" || { sleep 10 && sudo rm -rf $GITHUB_WORKSPACE/*; }
+          sudo chown -R "$USER":"$USER" "$GITHUB_WORKSPACE" "$HOME"
+          sudo rm -rf "$GITHUB_WORKSPACE"/* || { sleep 10 && sudo rm -rf "$GITHUB_WORKSPACE"/*; }
          sudo rm -f /tmp/kata_hybrid*  # Sometime we got leftover from test_setup_hvsock_failed()

      - name: Checkout the code
@@ -72,12 +67,12 @@ jobs:
        if: ${{ matrix.component == 'runtime' }}
        run: |
          ./tests/install_go.sh -f -p
-          echo "/usr/local/go/bin" >> $GITHUB_PATH
+          echo "/usr/local/go/bin" >> "$GITHUB_PATH"
      - name: Install rust
        if: ${{ matrix.component != 'runtime' }}
        run: |
          ./tests/install_rust.sh
-          echo "${HOME}/.cargo/bin" >> $GITHUB_PATH
+          echo "${HOME}/.cargo/bin" >> "$GITHUB_PATH"
      - name: Install musl-tools
        if: ${{ matrix.component != 'runtime' }}
        run: sudo apt-get -y install musl-tools
@@ -91,19 +86,19 @@ jobs:
          gperf_install_dir=$(mktemp -d -t gperf.XXXXXXXXXX)
          ./ci/install_libseccomp.sh "${libseccomp_install_dir}" "${gperf_install_dir}"
          echo "Set environment variables for the libseccomp crate to link the libseccomp library statically"
-          echo "LIBSECCOMP_LINK_TYPE=static" >> $GITHUB_ENV
-          echo "LIBSECCOMP_LIB_PATH=${libseccomp_install_dir}/lib" >> $GITHUB_ENV
+          echo "LIBSECCOMP_LINK_TYPE=static" >> "$GITHUB_ENV"
+          echo "LIBSECCOMP_LIB_PATH=${libseccomp_install_dir}/lib" >> "$GITHUB_ENV"
      - name: Install protobuf-compiler
-        if: ${{ matrix.command != 'make vendor' && (matrix.component == 'agent' || matrix.component == 'runk' || matrix.component == 'genpolicy') }}
+        if: ${{ matrix.command != 'make vendor' && (matrix.component == 'agent' || matrix.component == 'genpolicy' || matrix.component == 'agent-ctl') }}
        run: sudo apt-get -y install protobuf-compiler
      - name: Install clang
-        if: ${{ matrix.command == 'make check' && matrix.component == 'agent' }}
+        if: ${{ matrix.command == 'make check' && (matrix.component == 'agent' || matrix.component == 'agent-ctl') }}
        run: sudo apt-get -y install clang
      - name: Setup XDG_RUNTIME_DIR for the `runtime` tests
        if: ${{ matrix.command != 'make vendor' && matrix.command != 'make check' && matrix.component == 'runtime' }}
        run: |
-          XDG_RUNTIME_DIR=$(mktemp -d /tmp/kata-tests-$USER.XXX | tee >(xargs chmod 0700))
-          echo "XDG_RUNTIME_DIR=${XDG_RUNTIME_DIR}" >> $GITHUB_ENV
+          XDG_RUNTIME_DIR=$(mktemp -d "/tmp/kata-tests-$USER.XXX" | tee >(xargs chmod 0700))
+          echo "XDG_RUNTIME_DIR=${XDG_RUNTIME_DIR}" >> "$GITHUB_ENV"
      - name: Running `${{ matrix.command }}` for ${{ matrix.component }}
        run: |
          cd ${{ matrix.component-path }}
--- a/.github/workflows/build-kata-static-tarball-amd64.yaml
+++ b/.github/workflows/build-kata-static-tarball-amd64.yaml
@@ -24,14 +24,21 @@ on:
 jobs:
  build-asset:
    runs-on: ubuntu-22.04
+    permissions:
+      contents: read
+      packages: write
+      id-token: write
+      attestations: write
    strategy:
      matrix:
        asset:
          - agent
          - agent-ctl
+          - busybox
          - cloud-hypervisor
          - cloud-hypervisor-glibc
          - coco-guest-components
+          - csi-kata-directvolume
          - firecracker
          - genpolicy
          - kata-ctl
@@ -48,13 +55,6 @@ jobs:
          - qemu
          - qemu-snp-experimental
          - stratovirt
-          - rootfs-image
-          - rootfs-image-confidential
-          - rootfs-initrd
-          - rootfs-initrd-confidential
-          - rootfs-initrd-mariner
-          - runk
-          - shim-v2
          - trace-forwarder
          - virtiofsd
        stage:
@@ -62,6 +62,8 @@ jobs:
        exclude:
          - asset: cloud-hypervisor-glibc
            stage: release
+    env:
+      PERFORM_ATTESTATION: ${{ matrix.asset == 'agent' && inputs.push-to-registry == 'yes' && 'yes' || 'no' }}
    steps:
      - name: Login to Kata Containers quay.io
        if: ${{ inputs.push-to-registry == 'yes' }}
@@ -83,11 +85,115 @@ jobs:
          TARGET_BRANCH: ${{ inputs.target-branch }}

      - name: Build ${{ matrix.asset }}
+        id: build
        run: |
          make "${KATA_ASSET}-tarball"
          build_dir=$(readlink -f build)
          # store-artifact does not work with symlink
-          mkdir -p kata-build && cp "${build_dir}"/kata-static-${KATA_ASSET}*.tar.* kata-build/.
+          mkdir -p kata-build && cp "${build_dir}"/kata-static-"${KATA_ASSET}"*.tar.* kata-build/.
+        env:
+          KATA_ASSET: ${{ matrix.asset }}
+          TAR_OUTPUT: ${{ matrix.asset }}.tar.gz
+          PUSH_TO_REGISTRY: ${{ inputs.push-to-registry }}
+          ARTEFACT_REGISTRY: ghcr.io
+          ARTEFACT_REGISTRY_USERNAME: ${{ github.actor }}
+          ARTEFACT_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+          TARGET_BRANCH: ${{ inputs.target-branch }}
+          RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}
+
+      - name: Parse OCI image name and digest
+        id: parse-oci-segments
+        if: ${{ env.PERFORM_ATTESTATION == 'yes' }}
+        run: |
+          oci_image="$(<"build/${{ matrix.asset }}-oci-image")"
+          echo "oci-name=${oci_image%@*}" >> "$GITHUB_OUTPUT"
+          echo "oci-digest=${oci_image#*@}" >> "$GITHUB_OUTPUT"
+
+      - uses: oras-project/setup-oras@v1
+        if: ${{ env.PERFORM_ATTESTATION == 'yes' }}
+        with:
+          version: "1.2.0"
+
+      # for pushing attestations to the registry
+      - uses: docker/login-action@v3
+        if: ${{ env.PERFORM_ATTESTATION == 'yes' }}
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - uses: actions/attest-build-provenance@v1
+        if: ${{ env.PERFORM_ATTESTATION == 'yes' }}
+        with:
+          subject-name: ${{ steps.parse-oci-segments.outputs.oci-name }}
+          subject-digest: ${{ steps.parse-oci-segments.outputs.oci-digest }}
+          push-to-registry: true
+
+      - name: store-artifact ${{ matrix.asset }}
+        uses: actions/upload-artifact@v4
+        with:
+          name: kata-artifacts-amd64-${{ matrix.asset }}${{ inputs.tarball-suffix }}
+          path: kata-build/kata-static-${{ matrix.asset }}.tar.xz
+          retention-days: 15
+          if-no-files-found: error
+
+      - name: store-extratarballs-artifact ${{ matrix.asset }}
+        if: ${{ startsWith(matrix.asset, 'kernel-nvidia-gpu') }}
+        uses: actions/upload-artifact@v4
+        with:
+          name: kata-artifacts-amd64-${{ matrix.asset }}-headers${{ inputs.tarball-suffix }}
+          path: kata-build/kata-static-${{ matrix.asset }}-headers.tar.xz
+          retention-days: 15
+          if-no-files-found: error
+
+  build-asset-rootfs:
+    runs-on: ubuntu-22.04
+    needs: build-asset
+    strategy:
+      matrix:
+        asset:
+          - rootfs-image
+          - rootfs-image-confidential
+          - rootfs-image-mariner
+          - rootfs-initrd
+          - rootfs-initrd-confidential
+          - rootfs-nvidia-gpu-initrd
+          - rootfs-nvidia-gpu-confidential-initrd
+    steps:
+      - name: Login to Kata Containers quay.io
+        if: ${{ inputs.push-to-registry == 'yes' }}
+        uses: docker/login-action@v3
+        with:
+          registry: quay.io
+          username: ${{ secrets.QUAY_DEPLOYER_USERNAME }}
+          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}
+
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ inputs.commit-hash }}
+          fetch-depth: 0 # This is needed in order to keep the commit ids history
+
+      - name: Rebase atop of the latest target branch
+        run: |
+          ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch"
+        env:
+          TARGET_BRANCH: ${{ inputs.target-branch }}
+
+      - name: get-artifacts
+        uses: actions/download-artifact@v4
+        with:
+          pattern: kata-artifacts-amd64-*${{ inputs.tarball-suffix }}
+          path: kata-artifacts
+          merge-multiple: true
+
+      - name: Build ${{ matrix.asset }}
+        id: build
+        run: |
+          ./tests/gha-adjust-to-use-prebuilt-components.sh kata-artifacts "${KATA_ASSET}"
+          make "${KATA_ASSET}-tarball"
+          build_dir=$(readlink -f build)
+          # store-artifact does not work with symlink
+          mkdir -p kata-build && cp "${build_dir}"/kata-static-"${KATA_ASSET}"*.tar.* kata-build/.
        env:
          KATA_ASSET: ${{ matrix.asset }}
          TAR_OUTPUT: ${{ matrix.asset }}.tar.gz
@@ -99,7 +205,6 @@ jobs:
          RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}

      - name: store-artifact ${{ matrix.asset }}
-        if: ${{ matrix.stage != 'release' || (matrix.asset != 'agent' && matrix.asset != 'coco-guest-components' && matrix.asset != 'pause-image') }}
        uses: actions/upload-artifact@v4
        with:
          name: kata-artifacts-amd64-${{ matrix.asset }}${{ inputs.tarball-suffix }}
@@ -107,9 +212,97 @@ jobs:
          retention-days: 15
          if-no-files-found: error

+  # We don't need the binaries installed in the rootfs as part of the release tarball, so can delete them now we've built the rootfs
+  remove-rootfs-binary-artifacts:
+    runs-on: ubuntu-22.04
+    needs: build-asset-rootfs
+    strategy:
+      matrix:
+        asset:
+          - busybox
+          - coco-guest-components
+          - kernel-nvidia-gpu-headers
+          - kernel-nvidia-gpu-confidential-headers
+          - pause-image
+    steps:
+      - uses: geekyeggo/delete-artifact@v5
+        with:
+          name: kata-artifacts-amd64-${{ matrix.asset}}${{ inputs.tarball-suffix }}
+
+  # We don't need the binaries installed in the rootfs as part of the release tarball, so can delete them now we've built the rootfs
+  remove-rootfs-binary-artifacts-for-release:
+    runs-on: ubuntu-22.04
+    needs: build-asset-rootfs
+    strategy:
+      matrix:
+        asset:
+          - agent
+    steps:
+      - uses: geekyeggo/delete-artifact@v5
+        if: ${{ inputs.stage == 'release' }}
+        with:
+          name: kata-artifacts-amd64-${{ matrix.asset}}${{ inputs.tarball-suffix }}
+
+  build-asset-shim-v2:
+    runs-on: ubuntu-22.04
+    needs: [build-asset, build-asset-rootfs, remove-rootfs-binary-artifacts, remove-rootfs-binary-artifacts-for-release]
+    steps:
+      - name: Login to Kata Containers quay.io
+        if: ${{ inputs.push-to-registry == 'yes' }}
+        uses: docker/login-action@v3
+        with:
+          registry: quay.io
+          username: ${{ secrets.QUAY_DEPLOYER_USERNAME }}
+          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}
+
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ inputs.commit-hash }}
+          fetch-depth: 0 # This is needed in order to keep the commit ids history
+
+      - name: Rebase atop of the latest target branch
+        run: |
+          ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch"
+        env:
+          TARGET_BRANCH: ${{ inputs.target-branch }}
+
+      - name: get-artifacts
+        uses: actions/download-artifact@v4
+        with:
+          pattern: kata-artifacts-amd64-*${{ inputs.tarball-suffix }}
+          path: kata-artifacts
+          merge-multiple: true
+
+      - name: Build shim-v2
+        id: build
+        run: |
+          ./tests/gha-adjust-to-use-prebuilt-components.sh kata-artifacts "${KATA_ASSET}"
+          make "${KATA_ASSET}-tarball"
+          build_dir=$(readlink -f build)
+          # store-artifact does not work with symlink
+          mkdir -p kata-build && cp "${build_dir}"/kata-static-"${KATA_ASSET}"*.tar.* kata-build/.
+        env:
+          KATA_ASSET: shim-v2
+          TAR_OUTPUT: shim-v2.tar.gz
+          PUSH_TO_REGISTRY: ${{ inputs.push-to-registry }}
+          ARTEFACT_REGISTRY: ghcr.io
+          ARTEFACT_REGISTRY_USERNAME: ${{ github.actor }}
+          ARTEFACT_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+          TARGET_BRANCH: ${{ inputs.target-branch }}
+          RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}
+          MEASURED_ROOTFS: yes
+
+      - name: store-artifact shim-v2
+        uses: actions/upload-artifact@v4
+        with:
+          name: kata-artifacts-amd64-shim-v2${{ inputs.tarball-suffix }}
+          path: kata-build/kata-static-shim-v2.tar.xz
+          retention-days: 15
+          if-no-files-found: error
+
  create-kata-tarball:
    runs-on: ubuntu-22.04
-    needs: build-asset
+    needs: [build-asset, build-asset-rootfs, build-asset-shim-v2]
    steps:
      - uses: actions/checkout@v4
        with:
--- a/.github/workflows/build-kata-static-tarball-arm64.yaml
+++ b/.github/workflows/build-kata-static-tarball-arm64.yaml
@@ -23,22 +23,28 @@ on:

 jobs:
  build-asset:
-    runs-on: arm64-builder
+    runs-on: ubuntu-22.04-arm
+    permissions:
+      contents: read
+      packages: write
+      id-token: write
+      attestations: write
    strategy:
      matrix:
        asset:
          - agent
+          - busybox
          - cloud-hypervisor
          - firecracker
          - kernel
          - kernel-dragonball-experimental
+          - kernel-nvidia-gpu
          - nydus
          - qemu
          - stratovirt
-          - rootfs-image
-          - rootfs-initrd
-          - shim-v2
          - virtiofsd
+    env:
+      PERFORM_ATTESTATION: ${{ matrix.asset == 'agent' && inputs.push-to-registry == 'yes' && 'yes' || 'no' }}
    steps:
      - name: Login to Kata Containers quay.io
        if: ${{ inputs.push-to-registry == 'yes' }}
@@ -64,7 +70,105 @@ jobs:
          make "${KATA_ASSET}-tarball"
          build_dir=$(readlink -f build)
          # store-artifact does not work with symlink
-          mkdir -p kata-build && cp "${build_dir}"/kata-static-${KATA_ASSET}*.tar.* kata-build/.
+          mkdir -p kata-build && cp "${build_dir}"/kata-static-"${KATA_ASSET}"*.tar.* kata-build/.
+        env:
+          KATA_ASSET: ${{ matrix.asset }}
+          TAR_OUTPUT: ${{ matrix.asset }}.tar.gz
+          PUSH_TO_REGISTRY: ${{ inputs.push-to-registry }}
+          ARTEFACT_REGISTRY: ghcr.io
+          ARTEFACT_REGISTRY_USERNAME: ${{ github.actor }}
+          ARTEFACT_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+          TARGET_BRANCH: ${{ inputs.target-branch }}
+          RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}
+
+      - name: Parse OCI image name and digest
+        id: parse-oci-segments
+        if: ${{ env.PERFORM_ATTESTATION == 'yes' }}
+        run: |
+          oci_image="$(<"build/${{ matrix.asset }}-oci-image")"
+          echo "oci-name=${oci_image%@*}" >> "$GITHUB_OUTPUT"
+          echo "oci-digest=${oci_image#*@}" >> "$GITHUB_OUTPUT"
+
+      - uses: oras-project/setup-oras@v1
+        if: ${{ env.PERFORM_ATTESTATION == 'yes' }}
+        with:
+          version: "1.2.0"
+
+      # for pushing attestations to the registry
+      - uses: docker/login-action@v3
+        if: ${{ env.PERFORM_ATTESTATION == 'yes' }}
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - uses: actions/attest-build-provenance@v1
+        if: ${{ env.PERFORM_ATTESTATION == 'yes' }}
+        with:
+          subject-name: ${{ steps.parse-oci-segments.outputs.oci-name }}
+          subject-digest: ${{ steps.parse-oci-segments.outputs.oci-digest }}
+          push-to-registry: true
+
+      - name: store-artifact ${{ matrix.asset }}
+        uses: actions/upload-artifact@v4
+        with:
+          name: kata-artifacts-arm64-${{ matrix.asset }}${{ inputs.tarball-suffix }}
+          path: kata-build/kata-static-${{ matrix.asset }}.tar.xz
+          retention-days: 15
+          if-no-files-found: error
+
+      - name: store-extratarballs-artifact ${{ matrix.asset }}
+        if: ${{ startsWith(matrix.asset, 'kernel-nvidia-gpu') }}
+        uses: actions/upload-artifact@v4
+        with:
+          name: kata-artifacts-arm64-${{ matrix.asset }}-headers${{ inputs.tarball-suffix }}
+          path: kata-build/kata-static-${{ matrix.asset }}-headers.tar.xz
+          retention-days: 15
+          if-no-files-found: error
+
+  build-asset-rootfs:
+    runs-on: ubuntu-22.04-arm
+    needs: build-asset
+    strategy:
+      matrix:
+        asset:
+          - rootfs-image
+          - rootfs-initrd
+          - rootfs-nvidia-gpu-initrd
+    steps:
+      - name: Login to Kata Containers quay.io
+        if: ${{ inputs.push-to-registry == 'yes' }}
+        uses: docker/login-action@v3
+        with:
+          registry: quay.io
+          username: ${{ secrets.QUAY_DEPLOYER_USERNAME }}
+          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}
+
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ inputs.commit-hash }}
+          fetch-depth: 0 # This is needed in order to keep the commit ids history
+
+      - name: Rebase atop of the latest target branch
+        run: |
+          ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch"
+        env:
+          TARGET_BRANCH: ${{ inputs.target-branch }}
+
+      - name: get-artifacts
+        uses: actions/download-artifact@v4
+        with:
+          pattern: kata-artifacts-arm64-*${{ inputs.tarball-suffix }}
+          path: kata-artifacts
+          merge-multiple: true
+
+      - name: Build ${{ matrix.asset }}
+        run: |
+          ./tests/gha-adjust-to-use-prebuilt-components.sh kata-artifacts "${KATA_ASSET}"
+          make "${KATA_ASSET}-tarball"
+          build_dir=$(readlink -f build)
+          # store-artifact does not work with symlink
+          mkdir -p kata-build && cp "${build_dir}"/kata-static-"${KATA_ASSET}"*.tar.* kata-build/.
        env:
          KATA_ASSET: ${{ matrix.asset }}
          TAR_OUTPUT: ${{ matrix.asset }}.tar.gz
@@ -76,7 +180,6 @@ jobs:
          RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}

      - name: store-artifact ${{ matrix.asset }}
-        if: ${{ inputs.stage != 'release' || matrix.asset != 'agent' }}
        uses: actions/upload-artifact@v4
        with:
          name: kata-artifacts-arm64-${{ matrix.asset }}${{ inputs.tarball-suffix }}
@@ -84,14 +187,93 @@ jobs:
          retention-days: 15
          if-no-files-found: error

-  create-kata-tarball:
-    runs-on: arm64-builder
-    needs: build-asset
+  # We don't need the binaries installed in the rootfs as part of the release tarball, so can delete them now we've built the rootfs
+  remove-rootfs-binary-artifacts:
+    runs-on: ubuntu-22.04-arm
+    needs: build-asset-rootfs
+    strategy:
+      matrix:
+        asset:
+          - busybox
+          - kernel-nvidia-gpu-headers
    steps:
-      - name: Adjust a permission for repo
-        run: |
-          sudo chown -R $USER:$USER $GITHUB_WORKSPACE
+      - uses: geekyeggo/delete-artifact@v5
+        with:
+          name: kata-artifacts-arm64-${{ matrix.asset}}${{ inputs.tarball-suffix }}

+  # We don't need the binaries installed in the rootfs as part of the release tarball, so can delete them now we've built the rootfs
+  remove-rootfs-binary-artifacts-for-release:
+    runs-on: ubuntu-22.04-arm
+    needs: build-asset-rootfs
+    strategy:
+      matrix:
+        asset:
+          - agent
+    steps:
+      - uses: geekyeggo/delete-artifact@v5
+        if: ${{ inputs.stage == 'release' }}
+        with:
+          name: kata-artifacts-arm64-${{ matrix.asset}}${{ inputs.tarball-suffix }}
+
+  build-asset-shim-v2:
+    runs-on: ubuntu-22.04-arm
+    needs: [build-asset, build-asset-rootfs, remove-rootfs-binary-artifacts, remove-rootfs-binary-artifacts-for-release]
+    steps:
+      - name: Login to Kata Containers quay.io
+        if: ${{ inputs.push-to-registry == 'yes' }}
+        uses: docker/login-action@v3
+        with:
+          registry: quay.io
+          username: ${{ secrets.QUAY_DEPLOYER_USERNAME }}
+          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}
+
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ inputs.commit-hash }}
+          fetch-depth: 0 # This is needed in order to keep the commit ids history
+
+      - name: Rebase atop of the latest target branch
+        run: |
+          ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch"
+        env:
+          TARGET_BRANCH: ${{ inputs.target-branch }}
+
+      - name: get-artifacts
+        uses: actions/download-artifact@v4
+        with:
+          pattern: kata-artifacts-arm64-*${{ inputs.tarball-suffix }}
+          path: kata-artifacts
+          merge-multiple: true
+
+      - name: Build shim-v2
+        run: |
+          ./tests/gha-adjust-to-use-prebuilt-components.sh kata-artifacts "${KATA_ASSET}"
+          make "${KATA_ASSET}-tarball"
+          build_dir=$(readlink -f build)
+          # store-artifact does not work with symlink
+          mkdir -p kata-build && cp "${build_dir}"/kata-static-"${KATA_ASSET}"*.tar.* kata-build/.
+        env:
+          KATA_ASSET: shim-v2
+          TAR_OUTPUT: shim-v2.tar.gz
+          PUSH_TO_REGISTRY: ${{ inputs.push-to-registry }}
+          ARTEFACT_REGISTRY: ghcr.io
+          ARTEFACT_REGISTRY_USERNAME: ${{ github.actor }}
+          ARTEFACT_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+          TARGET_BRANCH: ${{ inputs.target-branch }}
+          RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}
+
+      - name: store-artifact shim-v2
+        uses: actions/upload-artifact@v4
+        with:
+          name: kata-artifacts-arm64-shim-v2${{ inputs.tarball-suffix }}
+          path: kata-build/kata-static-shim-v2.tar.xz
+          retention-days: 15
+          if-no-files-found: error
+
+  create-kata-tarball:
+    runs-on: ubuntu-22.04-arm
+    needs: [build-asset, build-asset-rootfs, build-asset-shim-v2]
+    steps:
      - uses: actions/checkout@v4
        with:
          ref: ${{ inputs.commit-hash }}
--- a/.github/workflows/build-kata-static-tarball-ppc64le.yaml
+++ b/.github/workflows/build-kata-static-tarball-ppc64le.yaml
@@ -30,16 +30,15 @@ jobs:
          - agent
          - kernel
          - qemu
-          - rootfs-initrd
-          - shim-v2
          - virtiofsd
        stage:
          - ${{ inputs.stage }}
    steps:
      - name: Prepare the self-hosted runner
+        timeout-minutes: 15
        run: |
-            ${HOME}/scripts/prepare_runner.sh
-            sudo rm -rf $GITHUB_WORKSPACE/*
+            "${HOME}/scripts/prepare_runner.sh"
+            sudo rm -rf "$GITHUB_WORKSPACE"/*

      - name: Login to Kata Containers quay.io
        if: ${{ inputs.push-to-registry == 'yes' }}
@@ -65,7 +64,7 @@ jobs:
          make "${KATA_ASSET}-tarball"
          build_dir=$(readlink -f build)
          # store-artifact does not work with symlink
-          mkdir -p kata-build && cp "${build_dir}"/kata-static-${KATA_ASSET}*.tar.* kata-build/.
+          mkdir -p kata-build && cp "${build_dir}"/kata-static-"${KATA_ASSET}"*.tar.* kata-build/.
        env:
          KATA_ASSET: ${{ matrix.asset }}
          TAR_OUTPUT: ${{ matrix.asset }}.tar.gz
@@ -77,7 +76,6 @@ jobs:
          RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}

      - name: store-artifact ${{ matrix.asset }}
-        if: ${{ inputs.stage != 'release' || matrix.asset != 'agent' }}
        uses: actions/upload-artifact@v4
        with:
          name: kata-artifacts-ppc64le-${{ matrix.asset }}${{ inputs.tarball-suffix }}
@@ -85,13 +83,155 @@ jobs:
          retention-days: 1
          if-no-files-found: error

-  create-kata-tarball:
+  build-asset-rootfs:
    runs-on: ppc64le
    needs: build-asset
+    strategy:
+      matrix:
+        asset:
+          - rootfs-initrd
+        stage:
+          - ${{ inputs.stage }}
+    steps:
+      - name: Prepare the self-hosted runner
+        timeout-minutes: 15
+        run: |
+            "${HOME}/scripts/prepare_runner.sh"
+            sudo rm -rf "$GITHUB_WORKSPACE"/*
+
+      - name: Login to Kata Containers quay.io
+        if: ${{ inputs.push-to-registry == 'yes' }}
+        uses: docker/login-action@v3
+        with:
+          registry: quay.io
+          username: ${{ secrets.QUAY_DEPLOYER_USERNAME }}
+          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}
+
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ inputs.commit-hash }}
+          fetch-depth: 0 # This is needed in order to keep the commit ids history
+
+      - name: Rebase atop of the latest target branch
+        run: |
+          ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch"
+        env:
+          TARGET_BRANCH: ${{ inputs.target-branch }}
+
+      - name: get-artifacts
+        uses: actions/download-artifact@v4
+        with:
+          pattern: kata-artifacts-ppc64le-*${{ inputs.tarball-suffix }}
+          path: kata-artifacts
+          merge-multiple: true
+
+      - name: Build ${{ matrix.asset }}
+        run: |
+          ./tests/gha-adjust-to-use-prebuilt-components.sh kata-artifacts "${KATA_ASSET}"
+          make "${KATA_ASSET}-tarball"
+          build_dir=$(readlink -f build)
+          # store-artifact does not work with symlink
+          mkdir -p kata-build && cp "${build_dir}"/kata-static-"${KATA_ASSET}"*.tar.* kata-build/.
+        env:
+          KATA_ASSET: ${{ matrix.asset }}
+          TAR_OUTPUT: ${{ matrix.asset }}.tar.gz
+          PUSH_TO_REGISTRY: ${{ inputs.push-to-registry }}
+          ARTEFACT_REGISTRY: ghcr.io
+          ARTEFACT_REGISTRY_USERNAME: ${{ github.actor }}
+          ARTEFACT_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+          TARGET_BRANCH: ${{ inputs.target-branch }}
+          RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}
+
+      - name: store-artifact ${{ matrix.asset }}
+        uses: actions/upload-artifact@v4
+        with:
+          name: kata-artifacts-ppc64le-${{ matrix.asset }}${{ inputs.tarball-suffix }}
+          path: kata-build/kata-static-${{ matrix.asset }}.tar.xz
+          retention-days: 1
+          if-no-files-found: error
+
+  # We don't need the binaries installed in the rootfs as part of the release tarball, so can delete them now we've built the rootfs
+  remove-rootfs-binary-artifacts:
+    runs-on: ubuntu-22.04
+    needs: build-asset-rootfs
+    strategy:
+      matrix:
+        asset:
+          - agent
+    steps:
+      - uses: geekyeggo/delete-artifact@v5
+        if: ${{ inputs.stage == 'release' }}
+        with:
+          name: kata-artifacts-ppc64le-${{ matrix.asset}}${{ inputs.tarball-suffix }}
+
+  build-asset-shim-v2:
+    runs-on: ppc64le
+    needs: [build-asset, build-asset-rootfs, remove-rootfs-binary-artifacts]
+    steps:
+      - name: Prepare the self-hosted runner
+        timeout-minutes: 15
+        run: |
+            "${HOME}/scripts/prepare_runner.sh"
+            sudo rm -rf "$GITHUB_WORKSPACE"/*
+
+      - name: Login to Kata Containers quay.io
+        if: ${{ inputs.push-to-registry == 'yes' }}
+        uses: docker/login-action@v3
+        with:
+          registry: quay.io
+          username: ${{ secrets.QUAY_DEPLOYER_USERNAME }}
+          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}
+
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ inputs.commit-hash }}
+          fetch-depth: 0 # This is needed in order to keep the commit ids history
+
+      - name: Rebase atop of the latest target branch
+        run: |
+          ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch"
+        env:
+          TARGET_BRANCH: ${{ inputs.target-branch }}
+
+      - name: get-artifacts
+        uses: actions/download-artifact@v4
+        with:
+          pattern: kata-artifacts-ppc64le-*${{ inputs.tarball-suffix }}
+          path: kata-artifacts
+          merge-multiple: true
+
+      - name: Build shim-v2
+        run: |
+          ./tests/gha-adjust-to-use-prebuilt-components.sh kata-artifacts "${KATA_ASSET}"
+          make "${KATA_ASSET}-tarball"
+          build_dir=$(readlink -f build)
+          # store-artifact does not work with symlink
+          mkdir -p kata-build && cp "${build_dir}"/kata-static-"${KATA_ASSET}"*.tar.* kata-build/.
+        env:
+          KATA_ASSET: shim-v2
+          TAR_OUTPUT: shim-v2.tar.gz
+          PUSH_TO_REGISTRY: ${{ inputs.push-to-registry }}
+          ARTEFACT_REGISTRY: ghcr.io
+          ARTEFACT_REGISTRY_USERNAME: ${{ github.actor }}
+          ARTEFACT_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+          TARGET_BRANCH: ${{ inputs.target-branch }}
+          RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}
+
+      - name: store-artifact shim-v2
+        uses: actions/upload-artifact@v4
+        with:
+          name: kata-artifacts-ppc64le-shim-v2${{ inputs.tarball-suffix }}
+          path: kata-build/kata-static-shim-v2.tar.xz
+          retention-days: 1
+          if-no-files-found: error
+
+  create-kata-tarball:
+    runs-on: ppc64le
+    needs: [build-asset, build-asset-rootfs, build-asset-shim-v2]
    steps:
      - name: Adjust a permission for repo
        run: |
-          sudo chown -R $USER:$USER $GITHUB_WORKSPACE
+          sudo chown -R "$USER":"$USER" "$GITHUB_WORKSPACE"

      - uses: actions/checkout@v4
        with:
--- a/.github/workflows/build-kata-static-tarball-s390x.yaml
+++ b/.github/workflows/build-kata-static-tarball-s390x.yaml
@@ -24,6 +24,11 @@ on:
 jobs:
  build-asset:
    runs-on: s390x
+    permissions:
+      contents: read
+      packages: write
+      id-token: write
+      attestations: write
    strategy:
      matrix:
        asset:
@@ -33,12 +38,9 @@ jobs:
          - kernel-confidential
          - pause-image
          - qemu
-          - rootfs-image
-          - rootfs-image-confidential
-          - rootfs-initrd
-          - rootfs-initrd-confidential
-          - shim-v2
          - virtiofsd
+    env:
+      PERFORM_ATTESTATION: ${{ matrix.asset == 'agent' && inputs.push-to-registry == 'yes' && 'yes' || 'no' }}
    steps:
      - name: Login to Kata Containers quay.io
        if: ${{ inputs.push-to-registry == 'yes' }}
@@ -60,11 +62,98 @@ jobs:
          TARGET_BRANCH: ${{ inputs.target-branch }}

      - name: Build ${{ matrix.asset }}
+        id: build
        run: |
          make "${KATA_ASSET}-tarball"
          build_dir=$(readlink -f build)
          # store-artifact does not work with symlink
-          mkdir -p kata-build && cp "${build_dir}"/kata-static-${KATA_ASSET}*.tar.* kata-build/.
+          mkdir -p kata-build && cp "${build_dir}"/kata-static-"${KATA_ASSET}"*.tar.* kata-build/.
+        env:
+          KATA_ASSET: ${{ matrix.asset }}
+          TAR_OUTPUT: ${{ matrix.asset }}.tar.gz
+          PUSH_TO_REGISTRY: ${{ inputs.push-to-registry }}
+          ARTEFACT_REGISTRY: ghcr.io
+          ARTEFACT_REGISTRY_USERNAME: ${{ github.actor }}
+          ARTEFACT_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+          TARGET_BRANCH: ${{ inputs.target-branch }}
+          RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}
+
+      - name: Parse OCI image name and digest
+        id: parse-oci-segments
+        if: ${{ env.PERFORM_ATTESTATION == 'yes' }}
+        run: |
+          oci_image="$(<"build/${{ matrix.asset }}-oci-image")"
+          echo "oci-name=${oci_image%@*}" >> "$GITHUB_OUTPUT"
+          echo "oci-digest=${oci_image#*@}" >> "$GITHUB_OUTPUT"
+
+      # for pushing attestations to the registry
+      - uses: docker/login-action@v3
+        if: ${{ env.PERFORM_ATTESTATION == 'yes' }}
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - uses: actions/attest-build-provenance@v1
+        if: ${{ env.PERFORM_ATTESTATION == 'yes' }}
+        with:
+          subject-name: ${{ steps.parse-oci-segments.outputs.oci-name }}
+          subject-digest: ${{ steps.parse-oci-segments.outputs.oci-digest }}
+          push-to-registry: true
+
+      - name: store-artifact ${{ matrix.asset }}
+        uses: actions/upload-artifact@v4
+        with:
+          name: kata-artifacts-s390x-${{ matrix.asset }}${{ inputs.tarball-suffix }}
+          path: kata-build/kata-static-${{ matrix.asset }}.tar.xz
+          retention-days: 15
+          if-no-files-found: error
+
+  build-asset-rootfs:
+    runs-on: s390x
+    needs: build-asset
+    strategy:
+      matrix:
+        asset:
+          - rootfs-image
+          - rootfs-image-confidential
+          - rootfs-initrd
+          - rootfs-initrd-confidential
+    steps:
+      - name: Login to Kata Containers quay.io
+        if: ${{ inputs.push-to-registry == 'yes' }}
+        uses: docker/login-action@v3
+        with:
+          registry: quay.io
+          username: ${{ secrets.QUAY_DEPLOYER_USERNAME }}
+          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}
+
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ inputs.commit-hash }}
+          fetch-depth: 0 # This is needed in order to keep the commit ids history
+
+      - name: Rebase atop of the latest target branch
+        run: |
+          ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch"
+        env:
+          TARGET_BRANCH: ${{ inputs.target-branch }}
+
+      - name: get-artifacts
+        uses: actions/download-artifact@v4
+        with:
+          pattern: kata-artifacts-s390x-*${{ inputs.tarball-suffix }}
+          path: kata-artifacts
+          merge-multiple: true
+
+      - name: Build ${{ matrix.asset }}
+        id: build
+        run: |
+          ./tests/gha-adjust-to-use-prebuilt-components.sh kata-artifacts "${KATA_ASSET}"
+          make "${KATA_ASSET}-tarball"
+          build_dir=$(readlink -f build)
+          # store-artifact does not work with symlink
+          mkdir -p kata-build && cp "${build_dir}"/kata-static-"${KATA_ASSET}"*.tar.* kata-build/.
        env:
          KATA_ASSET: ${{ matrix.asset }}
          TAR_OUTPUT: ${{ matrix.asset }}.tar.gz
@@ -76,7 +165,6 @@ jobs:
          RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}

      - name: store-artifact ${{ matrix.asset }}
-        if: ${{ inputs.stage != 'release' || (matrix.asset != 'agent' && matrix.asset != 'coco-guest-components' && matrix.asset != 'pause-image') }}
        uses: actions/upload-artifact@v4
        with:
          name: kata-artifacts-s390x-${{ matrix.asset }}${{ inputs.tarball-suffix }}
@@ -86,7 +174,7 @@ jobs:

  build-asset-boot-image-se:
    runs-on: s390x
-    needs: build-asset
+    needs: [build-asset, build-asset-rootfs]
    steps:
      - uses: actions/checkout@v4

@@ -112,15 +200,11 @@ jobs:

      - name: Build boot-image-se
        run: |
-          base_dir=tools/packaging/kata-deploy/local-build/
-          cp -r kata-artifacts ${base_dir}/build
-          # Skip building dependant artifacts of boot-image-se-tarball
-          # because we already have them from the previous build
-          sed -i 's/\(^boot-image-se-tarball:\).*/\1/g' ${base_dir}/Makefile
+          ./tests/gha-adjust-to-use-prebuilt-components.sh kata-artifacts "boot-image-se"
          make boot-image-se-tarball
          build_dir=$(readlink -f build)
          sudo cp -r "${build_dir}" "kata-build"
-          sudo chown -R $(id -u):$(id -g) "kata-build"
+          sudo chown -R "$(id -u)":"$(id -g)" "kata-build"
        env:
          HKD_PATH: "host-key-document"

@@ -132,9 +216,86 @@ jobs:
          retention-days: 1
          if-no-files-found: error

+  # We don't need the binaries installed in the rootfs as part of the release tarball, so can delete them now we've built the rootfs
+  remove-rootfs-binary-artifacts:
+    runs-on: ubuntu-22.04
+    needs: [build-asset-rootfs, build-asset-boot-image-se]
+    strategy:
+      matrix:
+        asset:
+          - agent
+          - coco-guest-components
+          - pause-image
+    steps:
+      - uses: geekyeggo/delete-artifact@v5
+        if: ${{ inputs.stage == 'release' }}
+        with:
+          name: kata-artifacts-s390x-${{ matrix.asset}}${{ inputs.tarball-suffix }}
+
+  build-asset-shim-v2:
+    runs-on: s390x
+    needs: [build-asset, build-asset-rootfs, remove-rootfs-binary-artifacts]
+    steps:
+      - name: Login to Kata Containers quay.io
+        if: ${{ inputs.push-to-registry == 'yes' }}
+        uses: docker/login-action@v3
+        with:
+          registry: quay.io
+          username: ${{ secrets.QUAY_DEPLOYER_USERNAME }}
+          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}
+
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ inputs.commit-hash }}
+          fetch-depth: 0 # This is needed in order to keep the commit ids history
+
+      - name: Rebase atop of the latest target branch
+        run: |
+          ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch"
+        env:
+          TARGET_BRANCH: ${{ inputs.target-branch }}
+
+      - name: get-artifacts
+        uses: actions/download-artifact@v4
+        with:
+          pattern: kata-artifacts-s390x-*${{ inputs.tarball-suffix }}
+          path: kata-artifacts
+          merge-multiple: true
+
+      - name: Build shim-v2
+        id: build
+        run: |
+          ./tests/gha-adjust-to-use-prebuilt-components.sh kata-artifacts "${KATA_ASSET}"
+          make "${KATA_ASSET}-tarball"
+          build_dir=$(readlink -f build)
+          # store-artifact does not work with symlink
+          mkdir -p kata-build && cp "${build_dir}"/kata-static-"${KATA_ASSET}"*.tar.* kata-build/.
+        env:
+          KATA_ASSET: shim-v2
+          TAR_OUTPUT: shim-v2.tar.gz
+          PUSH_TO_REGISTRY: ${{ inputs.push-to-registry }}
+          ARTEFACT_REGISTRY: ghcr.io
+          ARTEFACT_REGISTRY_USERNAME: ${{ github.actor }}
+          ARTEFACT_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+          TARGET_BRANCH: ${{ inputs.target-branch }}
+          RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}
+          MEASURED_ROOTFS: yes
+
+      - name: store-artifact shim-v2
+        uses: actions/upload-artifact@v4
+        with:
+          name: kata-artifacts-s390x-shim-v2${{ inputs.tarball-suffix }}
+          path: kata-build/kata-static-shim-v2.tar.xz
+          retention-days: 15
+          if-no-files-found: error
+
  create-kata-tarball:
    runs-on: s390x
-    needs: [build-asset, build-asset-boot-image-se]
+    needs:
+      - build-asset
+      - build-asset-rootfs
+      - build-asset-boot-image-se
+      - build-asset-shim-v2
    steps:
      - uses: actions/checkout@v4
        with:
--- a/.github/workflows/cargo-deny-runner.yaml
+++ b/.github/workflows/cargo-deny-runner.yaml
@@ -24,7 +24,7 @@ jobs:
        run: bash cargo-deny-generator.sh
        working-directory: ./.github/cargo-deny-composite-action/
        env:
-          GOPATH: ${{ runner.workspace }}/kata-containers
+          GOPATH: ${{ github.workspace }}/kata-containers
      - name: Run Action
        if: ${{ !contains(github.event.pull_request.labels.*.name, 'force-skip-ci') }}
        uses: ./.github/cargo-deny-composite-action
--- a/.github/workflows/ci-devel.yaml
+++ b/.github/workflows/ci-devel.yaml
@@ -0,0 +1,13 @@
+name: Kata Containers CI (manually triggered)
+on:
+  workflow_dispatch:
+
+jobs:
+  kata-containers-ci-on-push:
+    uses: ./.github/workflows/ci.yaml
+    with:
+      commit-hash: ${{ github.sha }}
+      pr-number: "dev"
+      tag: ${{ github.sha }}-dev
+      target-branch: ${{ github.ref_name }}
+    secrets: inherit
--- a/.github/workflows/ci-nightly-s390x.yaml
+++ b/.github/workflows/ci-nightly-s390x.yaml
@@ -16,6 +16,6 @@ jobs:
    - name: Fetch a test result for {{ matrix.test_title }}
      run: |
        file_name="${TEST_TITLE}-$(date +%Y-%m-%d).log"
-        /home/${USER}/script/handle_test_log.sh download $file_name
+        "/home/${USER}/script/handle_test_log.sh" download "$file_name"
      env:
        TEST_TITLE: ${{ matrix.test_title }}
--- a/.github/workflows/ci-nightly.yaml
+++ b/.github/workflows/ci-nightly.yaml
@@ -2,7 +2,6 @@ name: Kata Containers Nightly CI
 on:
  schedule:
    - cron: '0 0 * * *'
-  workflow_dispatch:

 concurrency:
  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
--- a/.github/workflows/ci-on-push.yaml
+++ b/.github/workflows/ci-on-push.yaml
@@ -19,12 +19,21 @@ concurrency:
  cancel-in-progress: true

 jobs:
-  kata-containers-ci-on-push:
+  skipper:
    if: ${{ contains(github.event.pull_request.labels.*.name, 'ok-to-test') }}
+    uses: ./.github/workflows/gatekeeper-skipper.yaml
+    with:
+      commit-hash: ${{ github.event.pull_request.head.sha }}
+      target-branch: ${{ github.event.pull_request.base.ref }}
+
+  kata-containers-ci-on-push:
+    needs: skipper
+    if: ${{ needs.skipper.outputs.skip_build != 'yes' }}
    uses: ./.github/workflows/ci.yaml
    with:
      commit-hash: ${{ github.event.pull_request.head.sha }}
      pr-number: ${{ github.event.pull_request.number }}
      tag: ${{ github.event.pull_request.number }}-${{ github.event.pull_request.head.sha }}
      target-branch: ${{ github.event.pull_request.base.ref }}
+      skip-test: ${{ needs.skipper.outputs.skip_test }}
    secrets: inherit
--- a/.github/workflows/ci-weekly.yaml
+++ b/.github/workflows/ci-weekly.yaml
@@ -37,7 +37,7 @@ jobs:
    secrets: inherit

  build-and-publish-tee-confidential-unencrypted-image:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
@@ -83,4 +83,5 @@ jobs:
      commit-hash: ${{ inputs.commit-hash }}
      pr-number: ${{ inputs.pr-number }}
      target-branch: ${{ inputs.target-branch }}
+      tarball-suffix: -${{ inputs.tag }}
    secrets: inherit
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -15,6 +15,10 @@ on:
        required: false
        type: string
        default: ""
+      skip-test:
+        required: false
+        type: string
+        default: no

 jobs:
  build-kata-static-tarball-amd64:
@@ -131,7 +135,58 @@ jobs:
          platforms: linux/amd64, linux/s390x
          file: tests/integration/kubernetes/runtimeclass_workloads/confidential/unencrypted/Dockerfile

+  publish-csi-driver-amd64:
+    needs: build-kata-static-tarball-amd64
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ inputs.commit-hash }}
+          fetch-depth: 0
+
+      - name: Rebase atop of the latest target branch
+        run: |
+          ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch"
+        env:
+          TARGET_BRANCH: ${{ inputs.target-branch }}
+
+      - name: get-kata-tarball
+        uses: actions/download-artifact@v4
+        with:
+          name: kata-static-tarball-amd64-${{ inputs.tag }}
+          path: kata-artifacts
+
+      - name: Install tools
+        run: bash tests/integration/kubernetes/gha-run.sh install-kata-tools kata-artifacts
+
+      - name: Copy binary into Docker context
+        run: |
+          # Copy to the location where the Dockerfile expects the binary.
+          mkdir -p src/tools/csi-kata-directvolume/bin/
+          cp /opt/kata/bin/csi-kata-directvolume src/tools/csi-kata-directvolume/bin/directvolplugin
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to Kata Containers ghcr.io
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Docker build and push
+        uses: docker/build-push-action@v5
+        with:
+          tags: ghcr.io/kata-containers/csi-kata-directvolume:${{ inputs.pr-number }}
+          push: true
+          context: src/tools/csi-kata-directvolume/
+          platforms: linux/amd64
+          file: src/tools/csi-kata-directvolume/Dockerfile
+
  run-kata-monitor-tests:
+    if: ${{ inputs.skip-test != 'yes' }}
    needs: build-kata-static-tarball-amd64
    uses: ./.github/workflows/run-kata-monitor-tests.yaml
    with:
@@ -140,6 +195,7 @@ jobs:
      target-branch: ${{ inputs.target-branch }}

  run-k8s-tests-on-aks:
+    if: ${{ inputs.skip-test != 'yes' }}
    needs: publish-kata-deploy-payload-amd64
    uses: ./.github/workflows/run-k8s-tests-on-aks.yaml
    with:
@@ -153,6 +209,7 @@ jobs:
    secrets: inherit

  run-k8s-tests-on-amd64:
+    if: ${{ inputs.skip-test != 'yes' }}
    needs: publish-kata-deploy-payload-amd64
    uses: ./.github/workflows/run-k8s-tests-on-amd64.yaml
    with:
@@ -165,9 +222,14 @@ jobs:
    secrets: inherit

  run-kata-coco-tests:
-    needs: [publish-kata-deploy-payload-amd64, build-and-publish-tee-confidential-unencrypted-image]
+    if: ${{ inputs.skip-test != 'yes' }}
+    needs:
+     - publish-kata-deploy-payload-amd64
+     - build-and-publish-tee-confidential-unencrypted-image
+     - publish-csi-driver-amd64
    uses: ./.github/workflows/run-kata-coco-tests.yaml
    with:
+      tarball-suffix: -${{ inputs.tag }}
      registry: ghcr.io
      repo: ${{ github.repository_owner }}/kata-deploy-ci
      tag: ${{ inputs.tag }}-amd64
@@ -177,6 +239,7 @@ jobs:
    secrets: inherit

  run-k8s-tests-on-zvsi:
+    if: ${{ inputs.skip-test != 'yes' }}
    needs: [publish-kata-deploy-payload-s390x, build-and-publish-tee-confidential-unencrypted-image]
    uses: ./.github/workflows/run-k8s-tests-on-zvsi.yaml
    with:
@@ -189,6 +252,7 @@ jobs:
    secrets: inherit

  run-k8s-tests-on-ppc64le:
+    if: ${{ inputs.skip-test != 'yes' }}
    needs: publish-kata-deploy-payload-ppc64le
    uses: ./.github/workflows/run-k8s-tests-on-ppc64le.yaml
    with:
@@ -200,6 +264,7 @@ jobs:
      target-branch: ${{ inputs.target-branch }}

  run-metrics-tests:
+    if: ${{ inputs.skip-test != 'yes' }}
    needs: build-kata-static-tarball-amd64
    uses: ./.github/workflows/run-metrics.yaml
    with:
@@ -208,6 +273,7 @@ jobs:
      target-branch: ${{ inputs.target-branch }}

  run-basic-amd64-tests:
+    if: ${{ inputs.skip-test != 'yes' }}
    needs: build-kata-static-tarball-amd64
    uses: ./.github/workflows/basic-ci-amd64.yaml
    with:
@@ -216,6 +282,7 @@ jobs:
      target-branch: ${{ inputs.target-branch }}

  run-cri-containerd-tests-s390x:
+    if: ${{ inputs.skip-test != 'yes' }}
    needs: build-kata-static-tarball-s390x
    uses: ./.github/workflows/run-cri-containerd-tests-s390x.yaml
    with:
@@ -224,6 +291,7 @@ jobs:
      target-branch: ${{ inputs.target-branch }}

  run-cri-containerd-tests-ppc64le:
+    if: ${{ inputs.skip-test != 'yes' }}
    needs: build-kata-static-tarball-ppc64le
    uses: ./.github/workflows/run-cri-containerd-tests-ppc64le.yaml
    with:
--- a/.github/workflows/darwin-tests.yaml
+++ b/.github/workflows/darwin-tests.yaml
@@ -16,9 +16,9 @@ jobs:
    runs-on: macos-latest
    steps:
    - name: Install Go
-      uses: actions/setup-go@v2
+      uses: actions/setup-go@v5
      with:
-        go-version: 1.22.2
+        go-version: 1.22.11
    - name: Checkout code
      uses: actions/checkout@v4
    - name: Build utils
--- a/.github/workflows/docs-url-alive-check.yaml
+++ b/.github/workflows/docs-url-alive-check.yaml
@@ -12,15 +12,15 @@ jobs:
      target_branch: ${{ github.base_ref }}
    steps:
    - name: Install Go
-      uses: actions/setup-go@v2
+      uses: actions/setup-go@v5
      with:
-        go-version: 1.22.2
+        go-version: 1.22.11
      env:
-        GOPATH: ${{ runner.workspace }}/kata-containers
+        GOPATH: ${{ github.workspace }}/kata-containers
    - name: Set env
      run: |
-        echo "GOPATH=${{ github.workspace }}" >> $GITHUB_ENV
-        echo "${{ github.workspace }}/bin" >> $GITHUB_PATH
+        echo "GOPATH=${{ github.workspace }}" >> "$GITHUB_ENV"
+        echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH"
    - name: Checkout code
      uses: actions/checkout@v4
      with:
@@ -29,4 +29,4 @@ jobs:
    # docs url alive check
    - name: Docs URL Alive Check
      run: |
-        cd ${GOPATH}/src/github.com/${{ github.repository }} && make docs-url-alive-check
+        cd "${GOPATH}/src/github.com/${{ github.repository }}" && make docs-url-alive-check
--- a/.github/workflows/gatekeeper-skipper.yaml
+++ b/.github/workflows/gatekeeper-skipper.yaml
@@ -0,0 +1,52 @@
+name: Skipper
+
+# This workflow sets various "skip_*" output values that can be used to
+# determine what workflows/jobs are expected to be executed. Sample usage:
+#
+#   skipper:
+#     uses: ./.github/workflows/gatekeeper-skipper.yaml
+#     with:
+#       commit-hash: ${{ github.event.pull_request.head.sha }}
+#       target-branch: ${{ github.event.pull_request.base.ref }}
+#
+#   your-workflow:
+#     needs: skipper
+#     if: ${{ needs.skipper.outputs.skip_build != 'yes' }}
+
+on:
+  workflow_call:
+    inputs:
+      commit-hash:
+        required: true
+        type: string
+      target-branch:
+        required: false
+        type: string
+        default: ""
+    outputs:
+      skip_build:
+        value: ${{ jobs.skipper.outputs.skip_build }}
+      skip_test:
+        value: ${{ jobs.skipper.outputs.skip_test }}
+      skip_static:
+        value: ${{ jobs.skipper.outputs.skip_static }}
+
+
+jobs:
+  skipper:
+    runs-on: ubuntu-22.04
+    outputs:
+      skip_build: ${{ steps.skipper.outputs.skip_build }}
+      skip_test: ${{ steps.skipper.outputs.skip_test }}
+      skip_static: ${{ steps.skipper.outputs.skip_static }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ inputs.commit-hash }}
+          fetch-depth: 0
+      - id: skipper
+        env:
+          TARGET_BRANCH: ${{ inputs.target-branch }}
+        run: |
+          python3 tools/testing/gatekeeper/skips.py | tee -a "$GITHUB_OUTPUT"
+        shell: /usr/bin/bash -x {0}
--- a/.github/workflows/gatekeeper.yaml
+++ b/.github/workflows/gatekeeper.yaml
@@ -0,0 +1,44 @@
+name: Gatekeeper
+
+# Gatekeeper uses the "skips.py" to determine which job names/regexps are
+# required for given PR and waits for them to either complete or fail
+# reporting the status.
+
+on:
+  pull_request_target:
+    types:
+      - opened
+      - synchronize
+      - reopened
+      - labeled
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  gatekeeper:
+    runs-on: ubuntu-22.04
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}
+          fetch-depth: 0
+      - id: gatekeeper
+        env:
+          TARGET_BRANCH: ${{ github.event.pull_request.base.ref }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          COMMIT_HASH: ${{ github.event.pull_request.head.sha }}
+          GH_PR_NUMBER: ${{ github.event.pull_request.number }}
+        run: |
+          #!/usr/bin/env bash -x
+          mapfile -t lines < <(python3 tools/testing/gatekeeper/skips.py -t)
+          export REQUIRED_JOBS="${lines[0]}"
+          export REQUIRED_REGEXPS="${lines[1]}"
+          export REQUIRED_LABELS="${lines[2]}"
+          echo "REQUIRED_JOBS: $REQUIRED_JOBS"
+          echo "REQUIRED_REGEXPS: $REQUIRED_REGEXPS"
+          echo "REQUIRED_LABELS: $REQUIRED_LABELS"
+          python3 tools/testing/gatekeeper/jobs.py
+          exit $?
+        shell: /usr/bin/bash -x {0}
--- a/.github/workflows/kata-runtime-classes-sync.yaml
+++ b/.github/workflows/kata-runtime-classes-sync.yaml
@@ -20,9 +20,9 @@ jobs:
      run: |
        pushd tools/packaging/kata-deploy/runtimeclasses/
        echo "::group::Combine runtime classes"
-        for runtimeClass in `find . -type f \( -name "*.yaml" -and -not -name "kata-runtimeClasses.yaml" \) | sort`; do
+        for runtimeClass in $(find . -type f \( -name "*.yaml" -and -not -name "kata-runtimeClasses.yaml" \) | sort); do
            echo "Adding ${runtimeClass} to the resultingRuntimeClasses.yaml"
-            cat ${runtimeClass} >> resultingRuntimeClasses.yaml;
+            cat "${runtimeClass}" >> resultingRuntimeClasses.yaml;
        done
        echo "::endgroup::"
        echo "::group::Displaying the content of resultingRuntimeClasses.yaml"
--- a/.github/workflows/move-issues-to-in-progress.yaml
+++ b/.github/workflows/move-issues-to-in-progress.yaml
@@ -31,7 +31,7 @@ jobs:
        run: |
          # Clone into a temporary directory to avoid overwriting
          # any existing github directory.
-          pushd $(mktemp -d) &>/dev/null
+          pushd "$(mktemp -d)" &>/dev/null
          git clone --single-branch --depth 1 "https://github.com/kata-containers/.github" && cd .github/scripts
          sudo install hub-util.sh /usr/local/bin
          popd &>/dev/null
@@ -72,9 +72,9 @@ jobs:
          project_type="org"
          project_column="In progress"

-          for issue_url in $(echo "$linked_issue_urls")
+          for issue_url in $linked_issue_urls
          do
-            issue=$(echo "$issue_url"| awk -F\/ '{print $NF}' || true)
+            issue=$(echo "$issue_url"| awk -F/ '{print $NF}' || true)

            [ -z "$issue" ] && {
              echo "::error::Cannot determine issue number from $issue_url for PR $pr"
--- a/.github/workflows/publish-kata-deploy-payload-amd64.yaml
+++ b/.github/workflows/publish-kata-deploy-payload-amd64.yaml
@@ -62,5 +62,5 @@ jobs:
        id: build-and-push-kata-payload
        run: |
          ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \
-          $(pwd)/kata-static.tar.xz \
+          "$(pwd)"/kata-static.tar.xz \
          ${{ inputs.registry }}/${{ inputs.repo }} ${{ inputs.tag }}
--- a/.github/workflows/publish-kata-deploy-payload-arm64.yaml
+++ b/.github/workflows/publish-kata-deploy-payload-arm64.yaml
@@ -24,12 +24,8 @@ on:

 jobs:
  kata-payload:
-    runs-on: arm64-builder
+    runs-on: ubuntu-22.04-arm
    steps:
-      - name: Adjust a permission for repo
-        run: |
-          sudo chown -R $USER:$USER $GITHUB_WORKSPACE
-
      - uses: actions/checkout@v4
        with:
          ref: ${{ inputs.commit-hash }}
@@ -66,6 +62,5 @@ jobs:
        id: build-and-push-kata-payload
        run: |
          ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \
-          $(pwd)/kata-static.tar.xz \
+          "$(pwd)"/kata-static.tar.xz \
          ${{ inputs.registry }}/${{ inputs.repo }} ${{ inputs.tag }}
-
--- a/.github/workflows/publish-kata-deploy-payload-ppc64le.yaml
+++ b/.github/workflows/publish-kata-deploy-payload-ppc64le.yaml
@@ -27,13 +27,14 @@ jobs:
    runs-on: ppc64le
    steps:
      - name: Prepare the self-hosted runner
+        timeout-minutes: 15
        run: |
-          ${HOME}/scripts/prepare_runner.sh
-          sudo rm -rf $GITHUB_WORKSPACE/*
+          "${HOME}/scripts/prepare_runner.sh"
+          sudo rm -rf "$GITHUB_WORKSPACE"/*

      - name: Adjust a permission for repo
        run: |
-          sudo chown -R $USER:$USER $GITHUB_WORKSPACE
+          sudo chown -R "$USER":"$USER" "$GITHUB_WORKSPACE"

      - uses: actions/checkout@v4
        with:
@@ -71,5 +72,5 @@ jobs:
        id: build-and-push-kata-payload
        run: |
          ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \
-          $(pwd)/kata-static.tar.xz \
+          "$(pwd)"/kata-static.tar.xz \
          ${{ inputs.registry }}/${{ inputs.repo }} ${{ inputs.tag }}
--- a/.github/workflows/publish-kata-deploy-payload-s390x.yaml
+++ b/.github/workflows/publish-kata-deploy-payload-s390x.yaml
@@ -62,5 +62,5 @@ jobs:
        id: build-and-push-kata-payload
        run: |
          ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \
-          $(pwd)/kata-static.tar.xz \
+          "$(pwd)"/kata-static.tar.xz \
          ${{ inputs.registry }}/${{ inputs.repo }} ${{ inputs.tag }}
--- a/.github/workflows/release-amd64.yaml
+++ b/.github/workflows/release-amd64.yaml
@@ -42,18 +42,18 @@ jobs:
        run: |
          # We need to do such trick here as the format of the $GITHUB_REF
          # is "refs/tags/<tag>"
-          tag=$(echo $GITHUB_REF | cut -d/ -f3-)
+          tag=$(echo "$GITHUB_REF" | cut -d/ -f3-)
          if [ "${tag}" = "main" ]; then
              tag=$(./tools/packaging/release/release.sh release-version)
-              tags=(${tag} "latest")
+              tags=("${tag}" "latest")
          else
-              tags=(${tag})
+              tags=("${tag}")
          fi
-          for tag in ${tags[@]}; do
+          for tag in "${tags[@]}"; do
              ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \
-                  $(pwd)/kata-static.tar.xz "docker.io/katadocker/kata-deploy" \
+                  "$(pwd)"/kata-static.tar.xz "docker.io/katadocker/kata-deploy" \
                  "${tag}-${{ inputs.target-arch }}"
              ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \
-                  $(pwd)/kata-static.tar.xz "quay.io/kata-containers/kata-deploy" \
+                  "$(pwd)"/kata-static.tar.xz "quay.io/kata-containers/kata-deploy" \
                  "${tag}-${{ inputs.target-arch }}"
          done
--- a/.github/workflows/release-arm64.yaml
+++ b/.github/workflows/release-arm64.yaml
@@ -16,7 +16,7 @@ jobs:

  kata-deploy:
    needs: build-kata-static-tarball-arm64
-    runs-on: arm64-builder
+    runs-on: ubuntu-22.04-arm
    steps:
      - name: Login to Kata Containers docker.io
        uses: docker/login-action@v3
@@ -42,18 +42,18 @@ jobs:
        run: |
          # We need to do such trick here as the format of the $GITHUB_REF
          # is "refs/tags/<tag>"
-          tag=$(echo $GITHUB_REF | cut -d/ -f3-)
+          tag=$(echo "$GITHUB_REF" | cut -d/ -f3-)
          if [ "${tag}" = "main" ]; then
              tag=$(./tools/packaging/release/release.sh release-version)
-              tags=(${tag} "latest")
+              tags=("${tag}" "latest")
          else
-              tags=(${tag})
+              tags=("${tag}")
          fi
-          for tag in ${tags[@]}; do
+          for tag in "${tags[@]}"; do
              ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \
-                  $(pwd)/kata-static.tar.xz "docker.io/katadocker/kata-deploy" \
+                  "$(pwd)"/kata-static.tar.xz "docker.io/katadocker/kata-deploy" \
                  "${tag}-${{ inputs.target-arch }}"
              ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \
-                  $(pwd)/kata-static.tar.xz "quay.io/kata-containers/kata-deploy" \
+                  "$(pwd)"/kata-static.tar.xz "quay.io/kata-containers/kata-deploy" \
                  "${tag}-${{ inputs.target-arch }}"
          done
--- a/.github/workflows/release-ppc64le.yaml
+++ b/.github/workflows/release-ppc64le.yaml
@@ -19,9 +19,10 @@ jobs:
    runs-on: ppc64le
    steps:
      - name: Prepare the self-hosted runner
+        timeout-minutes: 15
        run: |
-          bash ${HOME}/scripts/prepare_runner.sh
-          sudo rm -rf $GITHUB_WORKSPACE/*
+          bash "${HOME}/scripts/prepare_runner.sh"
+          sudo rm -rf "$GITHUB_WORKSPACE"/*

      - name: Login to Kata Containers docker.io
        uses: docker/login-action@v3
@@ -47,18 +48,18 @@ jobs:
        run: |
          # We need to do such trick here as the format of the $GITHUB_REF
          # is "refs/tags/<tag>"
-          tag=$(echo $GITHUB_REF | cut -d/ -f3-)
+          tag=$(echo "$GITHUB_REF" | cut -d/ -f3-)
          if [ "${tag}" = "main" ]; then
              tag=$(./tools/packaging/release/release.sh release-version)
-              tags=(${tag} "latest")
+              tags=("${tag}" "latest")
          else
-              tags=(${tag})
+              tags=("${tag}")
          fi
-          for tag in ${tags[@]}; do
+          for tag in "${tags[@]}"; do
              ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \
-                  $(pwd)/kata-static.tar.xz "docker.io/katadocker/kata-deploy" \
+                  "$(pwd)"/kata-static.tar.xz "docker.io/katadocker/kata-deploy" \
                  "${tag}-${{ inputs.target-arch }}"
              ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \
-                  $(pwd)/kata-static.tar.xz "quay.io/kata-containers/kata-deploy" \
+                  "$(pwd)"/kata-static.tar.xz "quay.io/kata-containers/kata-deploy" \
                  "${tag}-${{ inputs.target-arch }}"
          done
--- a/.github/workflows/release-s390x.yaml
+++ b/.github/workflows/release-s390x.yaml
@@ -42,18 +42,18 @@ jobs:
        run: |
          # We need to do such trick here as the format of the $GITHUB_REF
          # is "refs/tags/<tag>"
-          tag=$(echo $GITHUB_REF | cut -d/ -f3-)
+          tag=$(echo "$GITHUB_REF" | cut -d/ -f3-)
          if [ "${tag}" = "main" ]; then
              tag=$(./tools/packaging/release/release.sh release-version)
-              tags=(${tag} "latest")
+              tags=("${tag}" "latest")
          else
-              tags=(${tag})
+              tags=("${tag}")
          fi
-          for tag in ${tags[@]}; do
+          for tag in "${tags[@]}"; do
              ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \
-                  $(pwd)/kata-static.tar.xz "docker.io/katadocker/kata-deploy" \
+                  "$(pwd)"/kata-static.tar.xz "docker.io/katadocker/kata-deploy" \
                  "${tag}-${{ inputs.target-arch }}"
              ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \
-                  $(pwd)/kata-static.tar.xz "quay.io/kata-containers/kata-deploy" \
+                  "$(pwd)"/kata-static.tar.xz "quay.io/kata-containers/kata-deploy" \
                  "${tag}-${{ inputs.target-arch }}"
          done
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -175,6 +175,23 @@ jobs:
        env:
          GH_TOKEN: ${{ github.token }}

+  upload-helm-chart-tarball:
+    needs: release
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Install helm
+        uses: azure/setup-helm@v4.2.0
+        id: install
+
+      - name: Generate and upload helm chart tarball
+        run: |
+          ./tools/packaging/release/release.sh upload-helm-chart-tarball
+        env:
+          GH_TOKEN: ${{ github.token }}
+
  publish-release:
    needs: [ build-and-push-assets-amd64, build-and-push-assets-arm64, build-and-push-assets-s390x, build-and-push-assets-ppc64le, publish-multi-arch-images, upload-multi-arch-static-tarball, upload-versions-yaml, upload-cargo-vendored-tarball, upload-libseccomp-tarball ]
    runs-on: ubuntu-22.04
--- a/.github/workflows/run-cri-containerd-tests-ppc64le.yaml
+++ b/.github/workflows/run-cri-containerd-tests-ppc64le.yaml
@@ -30,12 +30,13 @@ jobs:
      KATA_HYPERVISOR: ${{ matrix.vmm }}
    steps:
      - name: Adjust a permission for repo
-        run: sudo chown -R $USER:$USER $GITHUB_WORKSPACE
-  
+        run: sudo chown -R "$USER":"$USER" "$GITHUB_WORKSPACE"
+
      - name: Prepare the self-hosted runner
+        timeout-minutes: 15
        run: |
-          bash ${HOME}/scripts/prepare_runner.sh cri-containerd
-          sudo rm -rf $GITHUB_WORKSPACE/*
+          bash "${HOME}/scripts/prepare_runner.sh" cri-containerd
+          sudo rm -rf "$GITHUB_WORKSPACE"/*

      - uses: actions/checkout@v4
        with:
@@ -49,6 +50,7 @@ jobs:
          TARGET_BRANCH: ${{ inputs.target-branch }}

      - name: Install dependencies
+        timeout-minutes: 15
        run: bash tests/integration/cri-containerd/gha-run.sh install-dependencies

      - name: get-kata-tarball
@@ -62,6 +64,6 @@ jobs:

      - name: Run cri-containerd tests
        run: bash tests/integration/cri-containerd/gha-run.sh run
-      
+
      - name: Cleanup actions for the self hosted runner
-        run: ${HOME}/scripts/cleanup_runner.sh
+        run: bash "${HOME}/scripts/cleanup_runner.sh"
--- a/.github/workflows/run-k8s-tests-on-aks.yaml
+++ b/.github/workflows/run-k8s-tests-on-aks.yaml
@@ -47,13 +47,16 @@ jobs:
            vmm: clh
            instance-type: small
            genpolicy-pull-method: oci-distribution
+            auto-generate-policy: yes
          - host_os: cbl-mariner
            vmm: clh
            instance-type: small
            genpolicy-pull-method: containerd
+            auto-generate-policy: yes
          - host_os: cbl-mariner
            vmm: clh
            instance-type: normal
+            auto-generate-policy: yes
    runs-on: ubuntu-22.04
    env:
      DOCKER_REGISTRY: ${{ inputs.registry }}
@@ -66,6 +69,7 @@ jobs:
      USING_NFD: "false"
      K8S_TEST_HOST_TYPE: ${{ matrix.instance-type }}
      GENPOLICY_PULL_METHOD: ${{ matrix.genpolicy-pull-method }}
+      AUTO_GENERATE_POLICY: ${{ matrix.auto-generate-policy }}
    steps:
      - uses: actions/checkout@v4
        with:
@@ -99,8 +103,13 @@ jobs:
          AZ_SUBSCRIPTION_ID: ${{ secrets.AZ_SUBSCRIPTION_ID }}

      - name: Create AKS cluster
-        timeout-minutes: 10
-        run: bash tests/integration/kubernetes/gha-run.sh create-cluster
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 15
+          max_attempts: 20
+          retry_on: error
+          retry_wait_seconds: 10
+          command: bash tests/integration/kubernetes/gha-run.sh create-cluster

      - name: Install `bats`
        run: bash tests/integration/kubernetes/gha-run.sh install-bats
--- a/.github/workflows/run-k8s-tests-on-amd64.yaml
+++ b/.github/workflows/run-k8s-tests-on-amd64.yaml
@@ -49,13 +49,14 @@ jobs:
      DOCKER_REGISTRY: ${{ inputs.registry }}
      DOCKER_REPO: ${{ inputs.repo }}
      DOCKER_TAG: ${{ inputs.tag }}
-      PR_NUMBER: ${{ inputs.pr-number }}
+      GH_PR_NUMBER: ${{ inputs.pr-number }}
      KATA_HYPERVISOR: ${{ matrix.vmm }}
      KUBERNETES: ${{ matrix.k8s }}
      KUBERNETES_EXTRA_PARAMS: ${{ matrix.container_runtime != 'crio' && '' || '--cri-socket remote:unix:///var/run/crio/crio.sock --kubelet-extra-args --cgroup-driver="systemd"' }}
      SNAPSHOTTER: ${{ matrix.snapshotter }}
      USING_NFD: "false"
      K8S_TEST_HOST_TYPE: all
+      CONTAINER_RUNTIME: ${{ matrix.container_runtime }}
    steps:
      - uses: actions/checkout@v4
        with:
@@ -85,11 +86,11 @@ jobs:

      - name: Install `bats`
        run: bash tests/integration/kubernetes/gha-run.sh install-bats
-  
+
      - name: Run tests
        timeout-minutes: 30
        run: bash tests/integration/kubernetes/gha-run.sh run-tests
-  
+
      - name: Collect artifacts ${{ matrix.vmm }}
        if: always()
        run: bash tests/integration/kubernetes/gha-run.sh collect-artifacts
@@ -98,10 +99,11 @@ jobs:
      - name: Archive artifacts ${{ matrix.vmm }}
        uses: actions/upload-artifact@v4
        with:
-          name: k8s-tests-${{ matrix.vmm }}-${{ matrix.snapshotter }}-${{ matrix.k8s }}-${{ matrix.instance }}-${{ inputs.tag }}
+          name: k8s-tests-${{ matrix.vmm }}-${{ matrix.snapshotter }}-${{ matrix.k8s }}-${{ inputs.tag }}
          path: /tmp/artifacts
          retention-days: 1

      - name: Delete kata-deploy
        if: always()
+        timeout-minutes: 5
        run: bash tests/integration/kubernetes/gha-run.sh cleanup
--- a/.github/workflows/run-k8s-tests-on-ppc64le.yaml
+++ b/.github/workflows/run-k8s-tests-on-ppc64le.yaml
@@ -36,7 +36,7 @@ jobs:
      DOCKER_REGISTRY: ${{ inputs.registry }}
      DOCKER_REPO: ${{ inputs.repo }}
      DOCKER_TAG: ${{ inputs.tag }}
-      PR_NUMBER: ${{ inputs.pr-number }}
+      GH_PR_NUMBER: ${{ inputs.pr-number }}
      GOPATH: ${{ github.workspace }}
      KATA_HYPERVISOR: ${{ matrix.vmm }}
      KUBERNETES: ${{ matrix.k8s }}
@@ -44,9 +44,10 @@ jobs:
      TARGET_ARCH: "ppc64le"
    steps:
      - name: Prepare the self-hosted runner
-        run: | 
-          bash ${HOME}/scripts/prepare_runner.sh kubernetes
-          sudo rm -rf $GITHUB_WORKSPACE/*
+        timeout-minutes: 15
+        run: |
+          bash "${HOME}/scripts/prepare_runner.sh" kubernetes
+          sudo rm -rf "$GITHUB_WORKSPACE"/*

      - uses: actions/checkout@v4
        with:
@@ -62,13 +63,13 @@ jobs:
      - name: Install golang
        run: |
          ./tests/install_go.sh -f -p
-          echo "/usr/local/go/bin" >> $GITHUB_PATH
+          echo "/usr/local/go/bin" >> "$GITHUB_PATH"

      - name: Prepare the runner for k8s cluster creation
-        run: bash ${HOME}/scripts/k8s_cluster_cleanup.sh
+        run: bash "${HOME}/scripts/k8s_cluster_cleanup.sh"

      - name: Create k8s cluster using kubeadm
-        run: bash ${HOME}/scripts/k8s_cluster_create.sh
+        run: bash "${HOME}/scripts/k8s_cluster_create.sh"

      - name: Deploy Kata
        timeout-minutes: 10
@@ -79,4 +80,4 @@ jobs:
        run: bash tests/integration/kubernetes/gha-run.sh run-tests

      - name: Delete cluster and post cleanup actions
-        run: bash ${HOME}/scripts/k8s_cluster_cleanup.sh
+        run: bash "${HOME}/scripts/k8s_cluster_cleanup.sh"
--- a/.github/workflows/run-k8s-tests-on-zvsi.yaml
+++ b/.github/workflows/run-k8s-tests-on-zvsi.yaml
@@ -36,7 +36,7 @@ jobs:
          - qemu-runtime-rs
          - qemu-coco-dev
        k8s:
-          - k3s
+          - kubeadm
        include:
          - snapshotter: devmapper
            pull-type: default
@@ -64,7 +64,6 @@ jobs:
      DOCKER_REGISTRY: ${{ inputs.registry }}
      DOCKER_REPO: ${{ inputs.repo }}
      DOCKER_TAG: ${{ inputs.tag }}
-      PR_NUMBER: ${{ inputs.pr-number }}
      GH_PR_NUMBER: ${{ inputs.pr-number }}
      KATA_HOST_OS: "ubuntu"
      KATA_HYPERVISOR: ${{ matrix.vmm }}
@@ -88,18 +87,15 @@ jobs:
          TARGET_BRANCH: ${{ inputs.target-branch }}

      - name: Set SNAPSHOTTER to empty if overlayfs
-        run: echo "SNAPSHOTTER=" >> $GITHUB_ENV
+        run: echo "SNAPSHOTTER=" >> "$GITHUB_ENV"
        if: ${{ matrix.snapshotter == 'overlayfs' }}

      - name: Set KBS and KBS_INGRESS if qemu-coco-dev
        run: |
-          echo "KBS=true" >> $GITHUB_ENV
-          echo "KBS_INGRESS=nodeport" >> $GITHUB_ENV
+          echo "KBS=true" >> "$GITHUB_ENV"
+          echo "KBS_INGRESS=nodeport" >> "$GITHUB_ENV"
        if: ${{ matrix.vmm == 'qemu-coco-dev' }}

-      - name: Deploy ${{ matrix.k8s }}
-        run: bash tests/integration/kubernetes/gha-run.sh deploy-k8s
-
      # qemu-runtime-rs only works with overlayfs
      # See: https://github.com/kata-containers/kata-containers/issues/10066
      - name: Configure the ${{ matrix.snapshotter }} snapshotter
--- a/.github/workflows/run-kata-coco-stability-tests.yaml
+++ b/.github/workflows/run-kata-coco-stability-tests.yaml
@@ -21,6 +21,9 @@ on:
        required: false
        type: string
        default: ""
+      tarball-suffix:
+        required: false
+        type: string

 jobs:
  # Generate jobs for testing CoCo on non-TEE environments
@@ -34,13 +37,12 @@ jobs:
          - nydus
        pull-type:
          - guest-pull
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
    env:
      DOCKER_REGISTRY: ${{ inputs.registry }}
      DOCKER_REPO: ${{ inputs.repo }}
      DOCKER_TAG: ${{ inputs.tag }}
      GH_PR_NUMBER: ${{ inputs.pr-number }}
-      KATA_HOST_OS: ${{ matrix.host_os }}
      KATA_HYPERVISOR: ${{ matrix.vmm }}
      # Some tests rely on that variable to run (or not)
      KBS: "true"
@@ -64,6 +66,15 @@ jobs:
        env:
          TARGET_BRANCH: ${{ inputs.target-branch }}

+      - name: get-kata-tarball
+        uses: actions/download-artifact@v4
+        with:
+          name: kata-static-tarball-amd64${{ inputs.tarball-suffix }}
+          path: kata-artifacts
+
+      - name: Install kata
+        run: bash tests/integration/kubernetes/gha-run.sh install-kata-tools kata-artifacts
+
      - name: Download Azure CLI
        run: bash tests/integration/kubernetes/gha-run.sh install-azure-cli

@@ -76,8 +87,13 @@ jobs:
          AZ_SUBSCRIPTION_ID: ${{ secrets.AZ_SUBSCRIPTION_ID }}

      - name: Create AKS cluster
-        timeout-minutes: 10
-        run: bash tests/integration/kubernetes/gha-run.sh create-cluster
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 15
+          max_attempts: 20
+          retry_on: error
+          retry_wait_seconds: 10
+          command: bash tests/integration/kubernetes/gha-run.sh create-cluster

      - name: Install `bats`
        run: bash tests/integration/kubernetes/gha-run.sh install-bats
--- a/.github/workflows/run-kata-coco-tests.yaml
+++ b/.github/workflows/run-kata-coco-tests.yaml
@@ -2,6 +2,9 @@ name: CI | Run kata coco tests
 on:
  workflow_call:
    inputs:
+      tarball-suffix:
+        required: false
+        type: string
      registry:
        required: true
        type: string
@@ -38,7 +41,7 @@ jobs:
      DOCKER_REGISTRY: ${{ inputs.registry }}
      DOCKER_REPO: ${{ inputs.repo }}
      DOCKER_TAG: ${{ inputs.tag }}
-      PR_NUMBER: ${{ inputs.pr-number }}
+      GH_PR_NUMBER: ${{ inputs.pr-number }}
      KATA_HYPERVISOR: ${{ matrix.vmm }}
      KUBERNETES: "vanilla"
      USING_NFD: "true"
@@ -49,6 +52,8 @@ jobs:
      PULL_TYPE: ${{ matrix.pull-type }}
      AUTHENTICATED_IMAGE_USER: ${{ secrets.AUTHENTICATED_IMAGE_USER }}
      AUTHENTICATED_IMAGE_PASSWORD: ${{ secrets.AUTHENTICATED_IMAGE_PASSWORD }}
+      ITA_KEY: ${{ secrets.ITA_KEY }}
+      AUTO_GENERATE_POLICY: "yes"
    steps:
      - uses: actions/checkout@v4
        with:
@@ -81,8 +86,12 @@ jobs:
        timeout-minutes: 10
        run: bash tests/integration/kubernetes/gha-run.sh install-kbs-client

+      - name: Deploy CSI driver
+        timeout-minutes: 5
+        run: bash tests/integration/kubernetes/gha-run.sh deploy-csi-driver
+
      - name: Run tests
-        timeout-minutes: 50
+        timeout-minutes: 100
        run: bash tests/integration/kubernetes/gha-run.sh run-tests

      - name: Delete kata-deploy
@@ -97,63 +106,11 @@ jobs:
        if: always()
        run: bash tests/integration/kubernetes/gha-run.sh delete-coco-kbs

-  run-k8s-tests-on-sev:
-    strategy:
-      fail-fast: false
-      matrix:
-        vmm:
-          - qemu-sev
-        snapshotter:
-          - nydus
-        pull-type:
-          - guest-pull
-    runs-on: sev
-    env:
-      DOCKER_REGISTRY: ${{ inputs.registry }}
-      DOCKER_REPO: ${{ inputs.repo }}
-      DOCKER_TAG: ${{ inputs.tag }}
-      PR_NUMBER: ${{ inputs.pr-number }}
-      KATA_HYPERVISOR: ${{ matrix.vmm }}
-      KUBECONFIG: /home/kata/.kube/config
-      KUBERNETES: "vanilla"
-      USING_NFD: "false"
-      K8S_TEST_HOST_TYPE: "baremetal"
-      SNAPSHOTTER: ${{ matrix.snapshotter }}
-      PULL_TYPE: ${{ matrix.pull-type }}
-      AUTHENTICATED_IMAGE_USER: ${{ secrets.AUTHENTICATED_IMAGE_USER }}
-      AUTHENTICATED_IMAGE_PASSWORD: ${{ secrets.AUTHENTICATED_IMAGE_PASSWORD }}
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          ref: ${{ inputs.commit-hash }}
-          fetch-depth: 0
-
-      - name: Rebase atop of the latest target branch
-        run: |
-          ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch"
-        env:
-          TARGET_BRANCH: ${{ inputs.target-branch }}
-
-      - name: Deploy Snapshotter
+      - name: Delete CSI driver
        timeout-minutes: 5
-        run: bash tests/integration/kubernetes/gha-run.sh deploy-snapshotter
-
-      - name: Deploy Kata
-        timeout-minutes: 10
-        run: bash tests/integration/kubernetes/gha-run.sh deploy-kata-sev
-
-      - name: Run tests
-        timeout-minutes: 50
-        run: bash tests/integration/kubernetes/gha-run.sh run-tests
-
-      - name: Delete kata-deploy
-        if: always()
-        run: bash tests/integration/kubernetes/gha-run.sh cleanup-sev
-
-      - name: Delete Snapshotter
-        if: always()
-        run: bash tests/integration/kubernetes/gha-run.sh cleanup-snapshotter
+        run: bash tests/integration/kubernetes/gha-run.sh delete-csi-driver

+  # AMD has deprecated SEV support on Kata and henceforth SNP will be the only feature supported for Kata Containers.
  run-k8s-tests-sev-snp:
    strategy:
      fail-fast: false
@@ -169,7 +126,7 @@ jobs:
      DOCKER_REGISTRY: ${{ inputs.registry }}
      DOCKER_REPO: ${{ inputs.repo }}
      DOCKER_TAG: ${{ inputs.tag }}
-      PR_NUMBER: ${{ inputs.pr-number }}
+      GH_PR_NUMBER: ${{ inputs.pr-number }}
      KATA_HYPERVISOR: ${{ matrix.vmm }}
      KUBECONFIG: /home/kata/.kube/config
      KUBERNETES: "vanilla"
@@ -181,6 +138,7 @@ jobs:
      PULL_TYPE: ${{ matrix.pull-type }}
      AUTHENTICATED_IMAGE_USER: ${{ secrets.AUTHENTICATED_IMAGE_USER }}
      AUTHENTICATED_IMAGE_PASSWORD: ${{ secrets.AUTHENTICATED_IMAGE_PASSWORD }}
+      AUTO_GENERATE_POLICY: "yes"
    steps:
      - uses: actions/checkout@v4
        with:
@@ -213,6 +171,10 @@ jobs:
        timeout-minutes: 10
        run: bash tests/integration/kubernetes/gha-run.sh install-kbs-client

+      - name: Deploy CSI driver
+        timeout-minutes: 5
+        run: bash tests/integration/kubernetes/gha-run.sh deploy-csi-driver
+
      - name: Run tests
        timeout-minutes: 50
        run: bash tests/integration/kubernetes/gha-run.sh run-tests
@@ -229,6 +191,10 @@ jobs:
        if: always()
        run: bash tests/integration/kubernetes/gha-run.sh delete-coco-kbs

+      - name: Delete CSI driver
+        timeout-minutes: 5
+        run: bash tests/integration/kubernetes/gha-run.sh delete-csi-driver
+
  # Generate jobs for testing CoCo on non-TEE environments
  run-k8s-tests-coco-nontee:
    strategy:
@@ -246,7 +212,6 @@ jobs:
      DOCKER_REPO: ${{ inputs.repo }}
      DOCKER_TAG: ${{ inputs.tag }}
      GH_PR_NUMBER: ${{ inputs.pr-number }}
-      KATA_HOST_OS: ${{ matrix.host_os }}
      KATA_HYPERVISOR: ${{ matrix.vmm }}
      # Some tests rely on that variable to run (or not)
      KBS: "true"
@@ -258,6 +223,7 @@ jobs:
      AUTHENTICATED_IMAGE_PASSWORD: ${{ secrets.AUTHENTICATED_IMAGE_PASSWORD }}
      SNAPSHOTTER: ${{ matrix.snapshotter }}
      USING_NFD: "false"
+      AUTO_GENERATE_POLICY: "yes"
    steps:
      - uses: actions/checkout@v4
        with:
@@ -270,6 +236,15 @@ jobs:
        env:
          TARGET_BRANCH: ${{ inputs.target-branch }}

+      - name: get-kata-tarball
+        uses: actions/download-artifact@v4
+        with:
+          name: kata-static-tarball-amd64${{ inputs.tarball-suffix }}
+          path: kata-artifacts
+
+      - name: Install kata
+        run: bash tests/integration/kubernetes/gha-run.sh install-kata-tools kata-artifacts
+
      - name: Download Azure CLI
        run: bash tests/integration/kubernetes/gha-run.sh install-azure-cli

@@ -282,8 +257,13 @@ jobs:
          AZ_SUBSCRIPTION_ID: ${{ secrets.AZ_SUBSCRIPTION_ID }}

      - name: Create AKS cluster
-        timeout-minutes: 10
-        run: bash tests/integration/kubernetes/gha-run.sh create-cluster
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 15
+          max_attempts: 20
+          retry_on: error
+          retry_wait_seconds: 10
+          command: bash tests/integration/kubernetes/gha-run.sh create-cluster

      - name: Install `bats`
        run: bash tests/integration/kubernetes/gha-run.sh install-bats
@@ -310,8 +290,12 @@ jobs:
        timeout-minutes: 10
        run: bash tests/integration/kubernetes/gha-run.sh install-kbs-client

+      - name: Deploy CSI driver
+        timeout-minutes: 5
+        run: bash tests/integration/kubernetes/gha-run.sh deploy-csi-driver
+
      - name: Run tests
-        timeout-minutes: 60
+        timeout-minutes: 80
        run: bash tests/integration/kubernetes/gha-run.sh run-tests

      - name: Delete AKS cluster
--- a/.github/workflows/run-kata-deploy-tests-on-aks.yaml
+++ b/.github/workflows/run-kata-deploy-tests-on-aks.yaml
@@ -71,8 +71,13 @@ jobs:
          AZ_SUBSCRIPTION_ID: ${{ secrets.AZ_SUBSCRIPTION_ID }}

      - name: Create AKS cluster
-        timeout-minutes: 10
-        run: bash tests/functional/kata-deploy/gha-run.sh create-cluster
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 15
+          max_attempts: 20
+          retry_on: error
+          retry_wait_seconds: 10
+          command: bash tests/integration/kubernetes/gha-run.sh create-cluster

      - name: Install `bats`
        run: bash tests/functional/kata-deploy/gha-run.sh install-bats
@@ -85,7 +90,7 @@ jobs:

      - name: Run tests
        run: bash tests/functional/kata-deploy/gha-run.sh run-tests
-      
+
      - name: Delete AKS cluster
        if: always()
        run: bash tests/functional/kata-deploy/gha-run.sh delete-cluster
--- a/.github/workflows/run-kata-deploy-tests-on-garm.yaml
+++ b/.github/workflows/run-kata-deploy-tests-on-garm.yaml
@@ -43,7 +43,7 @@ jobs:
      DOCKER_REGISTRY: ${{ inputs.registry }}
      DOCKER_REPO: ${{ inputs.repo }}
      DOCKER_TAG: ${{ inputs.tag }}
-      PR_NUMBER: ${{ inputs.pr-number }}
+      GH_PR_NUMBER: ${{ inputs.pr-number }}
      KATA_HYPERVISOR: ${{ matrix.vmm }}
      KUBERNETES: ${{ matrix.k8s }}
      USING_NFD: "false"
--- a/.github/workflows/run-metrics.yaml
+++ b/.github/workflows/run-metrics.yaml
@@ -48,7 +48,7 @@ jobs:
      # all the tests due to a single flaky instance.
      fail-fast: false
      matrix:
-        vmm: ['clh', 'qemu', 'stratovirt']
+        vmm: ['clh', 'qemu']
      max-parallel: 1
    runs-on: metrics
    env:
--- a/.github/workflows/run-runk-tests.yaml
+++ b/.github/workflows/run-runk-tests.yaml
@@ -15,6 +15,8 @@ on:

 jobs:
  run-runk:
+    # Skip runk tests as we have no maintainers. TODO: Decide when to remove altogether
+    if: false
    runs-on: ubuntu-22.04
    env:
      CONTAINERD_VERSION: lts
--- a/.github/workflows/shellcheck.yaml
+++ b/.github/workflows/shellcheck.yaml
@@ -0,0 +1,29 @@
+# https://github.com/marketplace/actions/shellcheck
+name: Check shell scripts
+
+on:
+  workflow_dispatch:
+  pull_request:
+    types:
+      - opened
+      - edited
+      - reopened
+      - synchronize
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  shellcheck:
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout the code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - uses: actions/checkout@v4
+      - name: Run ShellCheck
+        uses: ludeeus/action-shellcheck@master
+
--- a/.github/workflows/static-checks-self-hosted.yaml
+++ b/.github/workflows/static-checks-self-hosted.yaml
@@ -12,13 +12,21 @@ concurrency:

 name: Static checks self-hosted
 jobs:
-  build-checks:
+  skipper:
    if: ${{ contains(github.event.pull_request.labels.*.name, 'ok-to-test') }}
+    uses: ./.github/workflows/gatekeeper-skipper.yaml
+    with:
+      commit-hash: ${{ github.event.pull_request.head.sha }}
+      target-branch: ${{ github.event.pull_request.base.ref }}
+
+  build-checks:
+    needs: skipper
+    if: ${{ needs.skipper.outputs.skip_static != 'yes' }}
    strategy:
      fail-fast: false
      matrix:
        instance:
-          - "arm-no-k8s"
+          - "ubuntu-22.04-arm"
          - "s390x"
          - "ppc64le"
    uses: ./.github/workflows/build-checks.yaml
--- a/.github/workflows/static-checks.yaml
+++ b/.github/workflows/static-checks.yaml
@@ -12,7 +12,15 @@ concurrency:

 name: Static checks
 jobs:
+  skipper:
+    uses: ./.github/workflows/gatekeeper-skipper.yaml
+    with:
+      commit-hash: ${{ github.event.pull_request.head.sha }}
+      target-branch: ${{ github.event.pull_request.base.ref }}
+
  check-kernel-config-version:
+    needs: skipper
+    if: ${{ needs.skipper.outputs.skip_static != 'yes' }}
    runs-on: ubuntu-22.04
    steps:
      - name: Checkout the code
@@ -23,8 +31,8 @@ jobs:
        run: |
          kernel_dir="tools/packaging/kernel/"
          kernel_version_file="${kernel_dir}kata_config_version"
-          modified_files=$(git diff --name-only origin/$GITHUB_BASE_REF..HEAD)
-          if git diff --name-only origin/$GITHUB_BASE_REF..HEAD "${kernel_dir}" | grep "${kernel_dir}"; then
+          modified_files=$(git diff --name-only origin/"$GITHUB_BASE_REF"..HEAD)
+          if git diff --name-only origin/"$GITHUB_BASE_REF"..HEAD "${kernel_dir}" | grep "${kernel_dir}"; then
            echo "Kernel directory has changed, checking if $kernel_version_file has been updated"
            if echo "$modified_files" | grep -v "README.md" | grep "${kernel_dir}" >>"/dev/null"; then
              echo "$modified_files" | grep "$kernel_version_file" >>/dev/null || ( echo "Please bump version in $kernel_version_file" && exit 1)
@@ -35,12 +43,16 @@ jobs:
          fi

  build-checks:
+    needs: skipper
+    if: ${{ needs.skipper.outputs.skip_static != 'yes' }}
    uses: ./.github/workflows/build-checks.yaml
    with:
      instance: ubuntu-22.04

  build-checks-depending-on-kvm:
    runs-on: ubuntu-22.04
+    needs: skipper
+    if: ${{ needs.skipper.outputs.skip_static != 'yes' }}
    strategy:
      fail-fast: false
      matrix:
@@ -78,6 +90,8 @@ jobs:

  static-checks:
    runs-on: ubuntu-22.04
+    needs: skipper
+    if: ${{ needs.skipper.outputs.skip_static != 'yes' }}
    strategy:
      fail-fast: false
      matrix:
@@ -93,19 +107,19 @@ jobs:
          path: ./src/github.com/${{ github.repository }}
      - name: Install yq
        run: |
-          cd ${GOPATH}/src/github.com/${{ github.repository }}
+          cd "${GOPATH}/src/github.com/${{ github.repository }}"
          ./ci/install_yq.sh
        env:
          INSTALL_IN_GOPATH: false
      - name: Install golang
        run: |
-          cd ${GOPATH}/src/github.com/${{ github.repository }}
+          cd "${GOPATH}/src/github.com/${{ github.repository }}"
          ./tests/install_go.sh -f -p
-          echo "/usr/local/go/bin" >> $GITHUB_PATH
+          echo "/usr/local/go/bin" >> "$GITHUB_PATH"
      - name: Install system dependencies
        run: |
          sudo apt-get -y install moreutils hunspell hunspell-en-gb hunspell-en-us pandoc
      - name: Run check
        run: |
-          export PATH=${PATH}:${GOPATH}/bin
-          cd ${GOPATH}/src/github.com/${{ github.repository }} && ${{ matrix.cmd }}
+          export PATH="${PATH}:${GOPATH}/bin"
+          cd "${GOPATH}/src/github.com/${{ github.repository }}" && ${{ matrix.cmd }}
--- a/2
+++ b/2
@@ -1 +1 @@
-3.9.0
+3.14.0
--- a/ci/README.md
+++ b/ci/README.md
@@ -41,7 +41,7 @@ responsible for ensuring that:

 ### Jobs that require a maintainer's approval to run

-These are the required tests, and our so-called "CI".  These require a
+There are some tests, and our so-called "CI".  These require a
 maintainer's approval to run as parts of those jobs will be running on "paid
 runners", which are currently using Azure infrastructure.

@@ -55,14 +55,14 @@ of a PR review), the following tests will be executed:
 - Run the following tests:
  - Tests depending on the generated tarball
    - Metrics (runs on bare-metal)
-    - `docker` (runs on Azure small instances)
-    - `nerdctl` (runs on Azure small instances)
-    - `kata-monitor` (runs on Azure small instances)
-    - `cri-containerd` (runs on Azure small instances)
-    - `nydus` (runs on Azure small instances)
-    - `vfio` (runs on Azure normal instances)
+    - `docker` (runs on cost free runners)
+    - `nerdctl` (runs on cost free runners)
+    - `kata-monitor` (runs on cost free runners)
+    - `cri-containerd` (runs on cost free runners)
+    - `nydus` (runs on cost free runners)
+    - `vfio` (runs on cost free runners)
  - Tests depending on the generated kata-deploy payload
-    - kata-deploy (runs on Azure small instances)
+    - kata-deploy (runs on cost free runners)
      - Tests are performed using different "Kubernetes flavors", such as k0s, k3s, rke2, and Azure Kubernetes Service (AKS).
    - Kubernetes (runs in Azure small and medium instances depending on what's required by each test, and on TEE bare-metal machines)
      - Tests are performed with different runtime engines, such as CRI-O and containerd.
@@ -77,11 +77,11 @@ them to merely debug issues.

 In the previous section we've mentioned using different runners, now in this section we'll go through each type of runner used.

- Cost free runners:  Those are the runners provided by GIthub itself, and
-  those are fairly small machines with no virtualization capabilities enabled - 
+- Cost free runners:  Those are the runners provided by GitHub itself, and
+  those are fairly small machines with virtualization capabilities enabled.
 - Azure small instances: Those are runners which have virtualization
  capabilities enabled, 2 CPUs, and 8GB of RAM.  These runners have a "-smaller"
-  suffix to their name. 
+  suffix to their name.
 - Azure normal instances: Those are runners which have virtualization
  capabilities enabled, 4 CPUs, and 16GB of RAM.  These runners are usually
  `garm` ones with no "-smaller" suffix.
@@ -91,7 +91,7 @@ In the previous section we've mentioned using different runners, now in this sec
  runners which will be actually performing the tests must have virtualization
  capabilities and a reasonable amount for CPU and RAM available (at least
  matching the Azure normal instances).
-  
+
 ## Adding new tests

 Before someone decides to add a new test, we strongly recommend them to go
@@ -138,6 +138,63 @@ Following those examples, the community advice during the review, and even
 asking the community directly on Slack are the best ways to get your test
 accepted.

+## Required tests
+
+In our CI we have two categories of jobs - required and non-required:
+- Required jobs need to all pass for a PR to be merged normally and
+should cover all the core features on Kata Containers that we want to
+ensure don't have regressions.
+- The non-required jobs are for unstable tests, or for features that
+are experimental and not-fully supported. We'd like those tests to also
+pass on all PRs ideally, but don't block merging if they don't as it's
+not necessarily an indication of the PR code causing regressions.
+
+### Transitioning between required and non-required status
+
+Required jobs that fail block merging of PRs, so we want to ensure that
+jobs are stable and maintained before we make them required.
+
+The [Kata Containers CI Dashboard](https://kata-containers.github.io/)
+is a useful resource to check when collecting evidence of job stability.
+At time of writing it reports the last ten days of Kata CI nightly test
+results for each job. This isn't perfect as it doesn't currently capture
+results on PRs, but is a good guideline for stability.
+
+> [!NOTE]
+> Below are general guidelines about jobs being marked as
+> required/non-required, but they are subject to change and the Kata
+> Architecture Committee may overrule these guidelines at their
+> discretion.
+
+#### Initial marking as required
+
+For new jobs, or jobs that haven't been marked as required recently,
+the criteria to be initially marked as required is ten days
+of passing tests, with no relevant PR failures reported in that time.
+Required jobs also need one or more nominated maintainers that are
+responsible for the stability of their jobs.
+
+> [!NOTE]
+> We don't currently have a good place to record the job maintainers, but
+> once we have this, the intention is to show it on the CI Dashboard so
+> people can find the contact easily.
+
+#### Expectation of required job maintainers
+
+Due to the nature of the Kata Containers community having contributors
+spread around the world, required jobs being blocked due to infrastructure,
+or test issues can have a big impact on work. As such, the expectation is
+that when a problem with a required job is noticed/reported, the maintainers
+have one working day to acknowledge the issue, perform an initial
+investigation and then either fix it, or get it marked as non-required
+whilst the investigation and/or fix it done.
+
+### Re-marking of required status
+
+Once a job has been removed from the required list, it requires two
+consecutive successful nightly test runs before being made required
+again.
+
 ## Running tests

 ### Running the tests as part of the CI
@@ -247,7 +304,7 @@ $ git remote add upstream https://github.com/kata-containers/kata-containers
 $ git remote update
 $ git config --global user.email "you@example.com"
 $ git config --global user.name "Your Name"
-$ git rebase upstream/main 
+$ git rebase upstream/main
 ```

 Now copy the `kata-static.tar.xz` into your `kata-containers/kata-artifacts` directory
@@ -261,7 +318,7 @@ $ cp ../kata-static.tar.xz kata-artifacts/
 > If you downloaded the .zip from GitHub you need to uncompress first to see `kata-static.tar.xz`

 And finally run the tests following what's in the yaml file for the test you're
-debugging. 
+debugging.

 In our case, the `run-nerdctl-tests-on-garm.yaml`.

@@ -284,7 +341,7 @@ $ bash tests/integration/nerdctl/gha-run.sh run

 And with this you should've been able to reproduce exactly the same issue found
 in the CI, and from now on you can build your own code, use your own binaries,
-and have fun debugging and hacking! 
+and have fun debugging and hacking!

 ### Debugging a Kubernetes test

@@ -332,7 +389,7 @@ If you want to remove a current self-hosted runner:

 - For each runner there's a "..." menu, where you can just click and the
  "Remove runner" option will show up
-  
+
 ## Known limitations

 As the GitHub actions are structured right now we cannot: Test the addition of a
--- a/ci/gh-util.sh
+++ b/ci/gh-util.sh
@@ -79,8 +79,8 @@ list_issues_for_pr()
    #     "<git-commit> <git-commit-msg>"
    #
    local issues=$(echo "$commits" |\
-        egrep -v "^( |	)" |\
-        egrep -i "fixes:* *(#*[0-9][0-9]*)" |\
+        grep -v -E "^( |	)" |\
+        grep -i -E "fixes:* *(#*[0-9][0-9]*)" |\
        tr ' ' '\n' |\
        grep "[0-9][0-9]*" |\
        sed 's/[.,\#]//g' |\
--- a/ci/install_yq.sh
+++ b/ci/install_yq.sh
@@ -14,20 +14,38 @@ die() {
 	exit 1
 }

+function verify_yq_exists() {
+	local yq_path=$1
+	local yq_version=$2
+	local expected="yq (https://github.com/mikefarah/yq/) version $yq_version"
+	if [ -x  "${yq_path}" ] && [ "$($yq_path --version)"X == "$expected"X ]; then
+		return 0
+	else
+		return 1
+	fi
+}
+
 # Install the yq yaml query package from the mikefarah github repo
 # Install via binary download, as we may not have golang installed at this point
 function install_yq() {
 	local yq_pkg="github.com/mikefarah/yq"
-	local yq_version=v4.40.7
+	local yq_version=v4.44.5
 	local precmd=""
+	local yq_path=""
 	INSTALL_IN_GOPATH=${INSTALL_IN_GOPATH:-true}

-	if [ "${INSTALL_IN_GOPATH}"  == "true" ];then
+	if [ "${INSTALL_IN_GOPATH}" == "true" ]; then
 		GOPATH=${GOPATH:-${HOME}/go}
 		mkdir -p "${GOPATH}/bin"
-		local yq_path="${GOPATH}/bin/yq"
+		yq_path="${GOPATH}/bin/yq"
 	else
 		yq_path="/usr/local/bin/yq"
+	fi
+	if verify_yq_exists "$yq_path" "$yq_version"; then
+		echo "yq is already installed in correct version"
+		return
+	fi
+	if [ "${yq_path}" == "/usr/local/bin/yq" ]; then
 		# Check if we need sudo to install yq
 		if [ ! -w "/usr/local/bin" ]; then
 			# Check if we have sudo privileges
@@ -38,7 +56,6 @@ function install_yq() {
 			fi
 		fi
 	fi
-	[ -x  "${yq_path}" ] && [ "`${yq_path} --version`"X == "yq (https://github.com/mikefarah/yq/) version ${yq_version}"X ] && return

 	read -r -a sysInfo <<< "$(uname -sm)"

@@ -65,6 +82,9 @@ function install_yq() {
 			goarch=arm64
 		fi
 		;;
+	"riscv64")
+		goarch=riscv64
+		;;
 	"ppc64le")
 		goarch=ppc64le
 		;;
--- a/ci/openshift-ci/bisect-range.sh
+++ b/ci/openshift-ci/bisect-range.sh
@@ -16,9 +16,12 @@ REPO="quay.io/kata-containers/kata-deploy-ci"
 TAGS=$(skopeo list-tags "docker://$REPO")
 # Only amd64
 TAGS=$(echo "$TAGS" | jq '.Tags' | jq "map(select(endswith(\"$ARCH\")))" | jq -r '.[]')
-# Tags since $GOOD
-TAGS=$(echo "$TAGS" | sed -n -e "/$GOOD/,$$p")
-# Tags up to $BAD
-[ -n "$BAD" ] && TAGS=$(echo "$TAGS" | sed "/$BAD/q")
+# Sort by git
+SORTED=""
+[ -n "$BAD" ] && LOG_ARGS="$GOOD~1..$BAD" || LOG_ARGS="$GOOD~1.."
+for TAG in $(git log --merges --pretty=format:%H --reverse $LOG_ARGS); do
+	[[ "$TAGS" =~ "$TAG" ]] && SORTED+="
+kata-containers-$TAG-$ARCH"
+done
 # Comma separated tags with repo
-echo "$TAGS" | sed -e "s@^@$REPO:@" | paste -s -d, -
+echo "$SORTED" | tail -n +2 | sed -e "s@^@$REPO:@" | paste -s -d, -
--- a/ci/openshift-ci/cluster/deploy_webhook.sh
+++ b/ci/openshift-ci/cluster/deploy_webhook.sh
@@ -13,16 +13,11 @@ set -e
 set -o nounset
 set -o pipefail

-script_dir="$(dirname $0)"
+script_dir="$(realpath $(dirname $0))"
 webhook_dir="${script_dir}/../../../tools/testing/kata-webhook"
 source "${script_dir}/../lib.sh"
 KATA_RUNTIME=${KATA_RUNTIME:-kata-ci}

-info "Creates the kata-webhook ConfigMap"
-RUNTIME_CLASS="${KATA_RUNTIME}" \
-	envsubst < "${script_dir}/deployments/configmap_kata-webhook.yaml.in" \
-	| oc apply -f -
-
 pushd "${webhook_dir}" >/dev/null
 # Build and deploy the webhook
 #
@@ -30,6 +25,12 @@ info "Builds the kata-webhook"
 ./create-certs.sh
 info "Deploys the kata-webhook"
 oc apply -f deploy/
+
+info "Override our KATA_RUNTIME ConfigMap"
+RUNTIME_CLASS="${KATA_RUNTIME}" \
+	envsubst < "${script_dir}/deployments/configmap_kata-webhook.yaml.in" \
+	| oc apply -f -
+
 # Check the webhook was deployed and is working.
 RUNTIME_CLASS="${KATA_RUNTIME}" ./webhook-check.sh
 popd >/dev/null
--- a/ci/openshift-ci/smoke/http-server.yaml.in
+++ b/ci/openshift-ci/smoke/http-server.yaml.in
@@ -13,7 +13,7 @@ metadata:
 spec:
  containers:
    - name: http-server
-      image: registry.fedoraproject.org/fedora
+      image: docker.io/library/python:3
      ports:
        - containerPort: 8080
      command: ["python3"]
--- a/docs/Developer-Guide.md
+++ b/docs/Developer-Guide.md
@@ -198,7 +198,7 @@ it stores. When messages are suppressed, it is noted in the logs. This can be ch
 for by looking for those notifications, such as:

 ```bash
-$ sudo journalctl --since today | fgrep Suppressed
+$ sudo journalctl --since today | grep -F Suppressed
 Jun 29 14:51:17 mymachine systemd-journald[346]: Suppressed 4150 messages from /system.slice/docker.service
 ```

@@ -268,7 +268,7 @@ to install `libseccomp` for the agent.

 ```bash
 $ mkdir -p ${seccomp_install_path} ${gperf_install_path}
-$ pushd kata-containers/ci 
+$ pushd kata-containers/ci
 $ script -fec 'sudo -E ./install_libseccomp.sh ${seccomp_install_path} ${gperf_install_path}"'
 $ export LIBSECCOMP_LIB_PATH="${seccomp_install_path}/lib"
 $ popd
@@ -499,19 +499,6 @@ If you do not want to install the respective QEMU version, the configuration fil

 See the [static-build script for QEMU](../tools/packaging/static-build/qemu/build-static-qemu.sh) for a reference on how to get, setup, configure and build QEMU for Kata.

-### Build a custom QEMU for aarch64/arm64 - REQUIRED
-> **Note:**
->
-> - You should only do this step if you are on aarch64/arm64.
-> - You should include [Eric Auger's latest PCDIMM/NVDIMM patches](https://patchwork.kernel.org/cover/10647305/) which are
->   under upstream review for supporting NVDIMM on aarch64.
->
-You could build the custom `qemu-system-aarch64` as required with the following command:
-```bash
-$ git clone https://github.com/kata-containers/tests.git
-$ script -fec 'sudo -E tests/.ci/install_qemu.sh'
-```
-
 ## Build `virtiofsd`

 When using the file system type virtio-fs (default), `virtiofsd` is required
@@ -640,7 +627,7 @@ the following steps (using rootfs or initrd image).
 >
 > Look for `INIT_PROCESS=systemd` in the `config.sh` osbuilder rootfs config file
 > to verify an osbuilder distro supports systemd for the distro you want to build rootfs for.
-> For an example, see the [Clear Linux config.sh file](../tools/osbuilder/rootfs-builder/clearlinux/config.sh).
+> For an example, see the [Ubuntu config.sh file](../tools/osbuilder/rootfs-builder/ubuntu/config.sh).
 >
 > For a non-systemd-based distro, create an equivalent system
 > service using that distro’s init system syntax. Alternatively, you can build a distro
--- a/docs/Release-Process.md
+++ b/docs/Release-Process.md
@@ -28,10 +28,30 @@ Bug fixes are released as part of `MINOR` or `MAJOR` releases only. `PATCH` is a

 ## Release Process

-### Bump the `VERSION` file
+### Bump the `VERSION` and `Chart.yaml` file

 When the `kata-containers/kata-containers` repository is ready for a new release,
-first create a PR to set the release in the `VERSION` file and have it merged.
+first create a PR to set the release in the [`VERSION`](./../VERSION) file and update the
+`version` and `appVersion` in the
+[`Chart.yaml`](./../tools/packaging/kata-deploy/helm-chart/kata-deploy/Chart.yaml) file and
+have it merged.
+
+### Lock the `main` branch
+
+In order to prevent any PRs getting merged during the release process, and slowing the release
+process down, by impacting the payload caches, we have recently trailed setting the `main`
+branch to read only whilst the release action runs.
+
+> [!NOTE]
+> Admin permission is needed to complete this task.
+
+### Wait for the `VERSION` bump PR payload publish to complete
+
+To reduce the chance of need to re-run the release workflow, check the
+[CI | Publish Kata Containers payload](https://github.com/kata-containers/kata-containers/actions/workflows/payload-after-push.yaml)
+once the `VERSION` PR bump has merged to check that the assets build correctly
+and are cached, so that the release process can just download these artifacts
+rather than needing to build them all, which takes time and can reveal errors in infra.

 ### Check GitHub Actions

@@ -40,6 +60,9 @@ We make use of [GitHub actions](https://github.com/features/actions) in the
 file from the `kata-containers/kata-containers` repository to build and upload
 release artifacts.

+> [!NOTE]
+> Write permissions to trigger the action.
+
 The action is manually triggered and is responsible for generating a new
 release (including a new tag), pushing those to the
 `kata-containers/kata-containers` repository. The new release is initially
@@ -59,6 +82,11 @@ If for some reason you need to cancel the workflow or re-run it entirely, go fir
 to the [Release page](https://github.com/kata-containers/kata-containers/releases) and
 delete the draft release from the previous run.

+### Unlock the `main` branch
+
+After the release process has concluded, either unlock the `main` branch, or ask
+an admin to do it.
+
 ### Improve the release notes

 Release notes are auto-generated by the GitHub CLI tool used as part of our
--- a/docs/design/architecture/guest-assets.md
+++ b/docs/design/architecture/guest-assets.md
@@ -135,7 +135,7 @@ See also the [process overview](README.md#process-overview).

 | Image type | Default distro | Init daemon | Reason | Notes |
 |-|-|-|-|-|
-| [image](background.md#root-filesystem-image) | [Clear Linux](https://clearlinux.org) (for x86_64 systems)| systemd | Minimal and highly optimized | systemd offers flexibility |
+| [image](background.md#root-filesystem-image) | [Ubuntu](https://ubuntu.com) (for x86_64 systems) | systemd | Fully tested in our CI |  systemd offers flexibility |
 | [initrd](#initrd-image) | [Alpine Linux](https://alpinelinux.org) | Kata [agent](README.md#agent) (as no systemd support) | Security hardened and tiny C library |

 See also:
--- a/docs/design/architecture_3.0/README.md
+++ b/docs/design/architecture_3.0/README.md
@@ -50,7 +50,7 @@ We provide `Dragonball` Sandbox to enable built-in VMM by integrating VMM's func
 #### How To Support Async
 The kata-runtime is controlled by TOKIO_RUNTIME_WORKER_THREADS to run the OS thread, which is 2 threads by default. For TTRPC and container-related threads run in the `tokio` thread in a unified manner, and related dependencies need to be switched to Async, such as Timer, File, Netlink, etc. With the help of Async, we can easily support no-block I/O and timer. Currently, we only utilize Async for kata-runtime. The built-in VMM keeps the OS thread because it can ensure that the threads are controllable.

-**For N tokio worker threads and M containers**
+**For N `tokio` worker threads and M containers**

 - Sync runtime(both OS thread and `tokio` task are OS thread but without `tokio` worker thread)  OS thread number:  4 + 12*M
 - Async runtime(only OS thread is OS thread) OS thread number: 2 + N
@@ -103,7 +103,6 @@ In our case, there will be a variety of resources, and every resource has severa
 | `Cgroup V2`                |                     | Stage 2               |  🚧        |
 | Hypervisor                 | `Dragonball`        | Stage 1               |  🚧        |
 |                            | QEMU                | Stage 2               |  🚫        |
-|                            | ACRN                | Stage 3               |  🚫        |
 |                            | Cloud Hypervisor    | Stage 3               |  🚫        |
 |                            | Firecracker         | Stage 3               |  🚫        |

@@ -166,4 +165,4 @@ In our case, there will be a variety of resources, and every resource has severa

 - What is the security boundary for the monolithic / "Built-in VMM" case?
  
-  It has the security boundary of virtualization. More details will be provided in next stage.
+  It has the security boundary of virtualization. More details will be provided in next stage.
--- a/docs/design/virtualization.md
+++ b/docs/design/virtualization.md
@@ -98,8 +98,7 @@ of Kata Containers, the Cloud Hypervisor configuration supports both CPU
 and memory resize, device hotplug (disk and VFIO), file-system sharing through virtio-fs,
 block-based volumes, booting from VM images backed by pmem device, and
 fine-grained seccomp filters for each VMM threads (e.g. all virtio
-device worker threads). Please check [this GitHub Project](https://github.com/orgs/kata-containers/projects/21)
-for details of ongoing integration efforts.
+device worker threads).

 Devices and features used:
 - virtio VSOCK or virtio serial
--- a/docs/how-to/README.md
+++ b/docs/how-to/README.md
@@ -20,12 +20,6 @@
   for the VM rootfs. Refer to the following guide for additional configuration
   steps:
   - [Setup Kata containers with `firecracker`](how-to-use-kata-containers-with-firecracker.md)
- `ACRN`
-
-  While `qemu` , `cloud-hypervisor` and `firecracker` work out of the box with installation of Kata,
-  some additional configuration is needed in case of `ACRN`.
-  Refer to the following guides for additional configuration steps:
- [Kata Containers with ACRN Hypervisor](how-to-use-kata-containers-with-acrn.md)

 ## Confidential Containers Policy

@@ -52,4 +46,4 @@
 - [How to use EROFS to build rootfs in Kata Containers](how-to-use-erofs-build-rootfs.md)
 - [How to run Kata Containers with kinds of Block Volumes](how-to-run-kata-containers-with-kinds-of-Block-Volumes.md)
 - [How to use the Kata Agent Policy](how-to-use-the-kata-agent-policy.md)
- [How to pull images in the guest](how-to-pull-images-in-guest-with-kata.md)
+- [How to pull images in the guest](how-to-pull-images-in-guest-with-kata.md)
--- a/docs/how-to/how-to-run-kata-containers-with-SNP-VMs.md
+++ b/docs/how-to/how-to-run-kata-containers-with-SNP-VMs.md
@@ -10,7 +10,19 @@ To run  Kata Containers in SNP-VMs, the following software stack is used.

 ![Kubernetes integration with shimv2](./images/SNP-stack.svg)

-The host BIOS and kernel must be capable of supporting AMD SEV-SNP and configured accordingly. For Kata Containers, the host kernel with branch [`sev-snp-iommu-avic_5.19-rc6_v3`](https://github.com/AMDESE/linux/tree/sev-snp-iommu-avic_5.19-rc6_v3) and commit [`3a88547`](https://github.com/AMDESE/linux/commit/3a885471cf89156ea555341f3b737ad2a8d9d3d0) is known to work in conjunction with SEV Firmware version 1.51.3 (0xh\_1.33.03) available on AMD's [SEV developer website](https://developer.amd.com/sev/). See [AMD's guide](https://github.com/AMDESE/AMDSEV/tree/sev-snp-devel) to configure the host accordingly. Verify that you are able to run SEV-SNP encrypted VMs first. The guest components required for Kata Containers are built as described below.
+The host BIOS and kernel must be capable of supporting AMD SEV-SNP and the host must be configured accordingly.
+
+The latest SEV Firmware version is available on AMD's [SEV Developer Webpage](https://www.amd.com/en/developer/sev.html). It can also be updated via a platform OEM BIOS update.
+
+The host kernel must be equal to or later than upstream version [6.11](https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-6.11.tar.xz).
+
+[`sev-utils`](https://github.com/amd/sev-utils/blob/coco-202501150000/docs/snp.md) is an easy way to install the required host kernel with the `setup-host` command. However, it will also build compatible guest kernel, OVMF, and QEMU components which are not necessary as these components are packaged with kata. The `sev-utils` script utility can be used with these additional components to test the memory encrypted launch and attestation of a base QEMU SNP guest.
+
+For a simplified way to build just the upstream compatible host kernel, use the Confidential Containers fork of [AMDESE AMDSEV](https://github.com/confidential-containers/amdese-amdsev/tree/amd-snp-202501150000). Individual components can be built by running the following command:
+
+```
+./build.sh kernel host --install
+```

 **Tip**: It is easiest to first have Kata Containers running on your system and then modify it to run containers in SNP-VMs. Follow the [Developer guide](../Developer-Guide.md#warning) and then follow the below steps. Nonetheless, you can just follow this guide from the start.

@@ -29,16 +41,16 @@ __SNP-specific steps:__
 - Build the SNP-specific kernel as shown below (see this [guide](../../tools/packaging/kernel/README.md#build-kata-containers-kernel) for more information)
 ```bash
 $ pushd kata-containers/tools/packaging/
-$ ./kernel/build-kernel.sh -a x86_64 -x snp setup
-$ ./kernel/build-kernel.sh -a x86_64 -x snp build
-$ sudo -E PATH="${PATH}" ./kernel/build-kernel.sh -x snp install
+$ ./kernel/build-kernel.sh -a x86_64 -x setup
+$ ./kernel/build-kernel.sh -a x86_64 -x build
+$ sudo -E PATH="${PATH}" ./kernel/build-kernel.sh -x install
 $ popd
 ```
 - Build a current OVMF capable of SEV-SNP:
 ```bash
 $ pushd kata-containers/tools/packaging/static-build/ovmf
-$ ./build.sh
-$ tar -xvf edk2-x86_64.tar.gz
+$ ovmf_build=sev ./build.sh
+$ tar -xvf edk2-sev.tar.gz
 $ popd
 ```
 - Build a custom QEMU
@@ -106,7 +118,7 @@ sev_snp_guest = true
 ```
  - Configure an OVMF (add path)
 ```toml
-firmware = "/path/to/kata-containers/tools/packaging/static-build/ovmf/opt/kata/share/ovmf/OVMF.fd"
+firmware = "/path/to/kata-containers/tools/packaging/static-build/ovmf/opt/kata/share/ovmf/AMDSEV.fd"
 ```
  - SNP attestation (add cert-chain to default path or add the path with cert-chain)
 ```toml
--- a/docs/how-to/how-to-set-sandbox-config-kata.md
+++ b/docs/how-to/how-to-set-sandbox-config-kata.md
@@ -46,7 +46,6 @@ There are several kinds of Kata configurations and they are listed below.
 | `io.katacontainers.config.hypervisor.block_device_cache_set` | `boolean` | cache-related options will be set to block devices or not |
 | `io.katacontainers.config.hypervisor.block_device_driver` | string | the driver to be used for block device, valid values are `virtio-blk`, `virtio-scsi`, `nvdimm`|
 | `io.katacontainers.config.hypervisor.cpu_features` | `string` | Comma-separated list of CPU features to pass to the CPU (QEMU) |
-| `io.katacontainers.config.hypervisor.ctlpath` (R) | `string` | Path to the `acrnctl` binary for the ACRN hypervisor |
 | `io.katacontainers.config.hypervisor.default_max_vcpus` | uint32| the maximum number of vCPUs allocated for the VM by the hypervisor |
 | `io.katacontainers.config.hypervisor.default_memory` | uint32| the memory assigned for a VM by the hypervisor in `MiB` |
 | `io.katacontainers.config.hypervisor.default_vcpus` | float32| the default vCPUs assigned for a VM by the hypervisor |
@@ -95,6 +94,8 @@ There are several kinds of Kata configurations and they are listed below.
 | `io.katacontainers.config.hypervisor.virtio_fs_extra_args` | string | extra options passed to `virtiofs` daemon |
 | `io.katacontainers.config.hypervisor.enable_guest_swap` | `boolean` | enable swap in the guest |
 | `io.katacontainers.config.hypervisor.use_legacy_serial` | `boolean` | uses legacy serial device for guest's console (QEMU) |
+| `io.katacontainers.config.hypervisor.default_gpus` | uint32 | the minimum number of GPUs required for the VM. Only used by remote hypervisor to help with instance selection |
+| `io.katacontainers.config.hypervisor.default_gpu_model` | string | the GPU model required for the VM. Only used by remote hypervisor to help with instance selection |

 ## Container Options
 | Key | Value Type | Comments |
@@ -209,7 +210,6 @@ the configuration entry:

 | Key | Config file entry | Comments |
 |-------| ----- | ----- |
-| `ctlpath`  | `valid_ctlpaths` | Valid paths for `acrnctl` binary |
 | `entropy_source` | `valid_entropy_sources` | Valid entropy sources, e.g. `/dev/random` |
 | `file_mem_backend`  | `valid_file_mem_backends` | Valid locations for the file-based memory backend root directory |
 | `jailer_path`  | `valid_jailer_paths`| Valid paths for the jailer constraining the container VM (Firecracker) |
--- a/docs/how-to/how-to-use-kata-containers-with-acrn.md
+++ b/docs/how-to/how-to-use-kata-containers-with-acrn.md
@@ -1,125 +0,0 @@
-# Kata Containers with ACRN
-
-This document provides an overview on how to run Kata containers with ACRN hypervisor and device model.
-
-## Introduction
-
-ACRN is a flexible, lightweight Type-1 reference hypervisor built with real-time and safety-criticality in mind. ACRN uses an open source platform making it optimized to streamline embedded development.
-
-Some of the key features being:
-
- Small footprint - Approx. 25K lines of code (LOC).
- Real Time - Low latency, faster boot time, improves overall responsiveness with hardware.
- Adaptability - Multi-OS support for guest operating systems like Linux, Android, RTOSes.
- Rich I/O mediators - Allows sharing of various I/O devices across VMs.
- Optimized for a variety of IoT (Internet of Things) and embedded device solutions.
-
-Please refer to ACRN [documentation](https://projectacrn.github.io/latest/index.html) for more details on ACRN hypervisor and device model.
-
-## Pre-requisites
-
-This document requires the presence of the ACRN hypervisor and Kata Containers on your system. Install using the instructions available through the following links:
-
- ACRN supported [Hardware](https://projectacrn.github.io/latest/hardware.html#supported-hardware).
-  > **Note:** Please make sure to have a minimum of 4 logical processors (HT) or cores.
- ACRN [software](https://projectacrn.github.io/latest/tutorials/run_kata_containers.html) setup.
- For networking, ACRN supports either MACVTAP or TAP. If MACVTAP is not enabled in the Service OS, please follow the below steps to update the kernel:
-
-  ```sh
-   $ git clone https://github.com/projectacrn/acrn-kernel.git
-   $ cd acrn-kernel
-   $ cp kernel_config_sos .config
-   $ sed -i "s/# CONFIG_MACVLAN is not set/CONFIG_MACVLAN=y/" .config
-   $ sed -i '$ i CONFIG_MACVTAP=y' .config
-   $ make clean && make olddefconfig && make && sudo make modules_install INSTALL_MOD_PATH=out/
-  ```
-  Login into Service OS and update the kernel with MACVTAP support:
-
-  ```sh
-  $ sudo mount /dev/sda1 /mnt
-  $ sudo scp -r <user name>@<host address>:<your workspace>/acrn-kernel/arch/x86/boot/bzImage /mnt/EFI/org.clearlinux/
-  $ sudo scp -r <user name>@<host address>:<your workspace>/acrn-kernel/out/lib/modules/* /lib/modules/
-  $ conf_file=$(sed -n '$ s/default //p' /mnt/loader/loader.conf).conf
-  $ kernel_img=$(sed -n 2p /mnt/loader/entries/$conf_file | cut -d'/' -f4)
-  $ sudo sed -i "s/$kernel_img/bzImage/g" /mnt/loader/entries/$conf_file
-  $ sync && sudo umount /mnt && sudo reboot
-  ```
- Kata Containers installation: Automated installation does not seem to be supported for Clear Linux, so please use [manual installation](../Developer-Guide.md) steps.
-
-> **Note:** Create rootfs image and not initrd image.
-
-In order to run Kata with ACRN, your container stack must provide block-based storage, such as device-mapper.
-
-> **Note:** Currently, by design you can only launch one VM from Kata Containers using ACRN hypervisor (SDC scenario). Based on feedback from community we can increase number of VMs.
-
-## Configure Docker
-
-To configure Docker for device-mapper and Kata,
-
-1. Stop Docker daemon if it is already running.
-
-```bash
-$ sudo systemctl stop docker
-```
-
-2. Set `/etc/docker/daemon.json` with the following contents.
-
-```
-{
-  "storage-driver": "devicemapper"
-}
-```
-
-3. Restart docker.
-
-```bash
-$ sudo systemctl daemon-reload
-$ sudo systemctl restart docker
-```
-
-4. Configure [Docker](../Developer-Guide.md#update-the-docker-systemd-unit-file) to use `kata-runtime`.
-
-## Configure Kata Containers with ACRN
-
-To configure Kata Containers with ACRN, copy the generated `configuration-acrn.toml` file when building the `kata-runtime` to either `/etc/kata-containers/configuration.toml` or `/usr/share/defaults/kata-containers/configuration.toml`.
-
-The following command shows full paths to the `configuration.toml` files that the runtime loads. It will use the first path that exists. (Please make sure the kernel and image paths are set correctly in the `configuration.toml` file)
-
-```bash
-$ sudo kata-runtime --show-default-config-paths
-```
-
->**Warning:** Please offline CPUs using [this](offline_cpu.sh) script, else VM launches will fail.
-
-```bash
-$ sudo ./offline_cpu.sh
-```
-
-Start an ACRN based Kata Container,
-
-```bash
-$ sudo docker run -ti --runtime=kata-runtime busybox sh
-```
-
-You will see ACRN(`acrn-dm`) is now running on your system, as well as a `kata-shim`. You should obtain an interactive shell prompt. Verify that all the Kata processes terminate once you exit the container.
-
-```bash
-$ ps -ef | grep -E "kata|acrn"
-```
-
-Validate ACRN hypervisor by using `kata-runtime kata-env`,
-
-```sh
-$ kata-runtime kata-env | awk -v RS= '/\[Hypervisor\]/'
-[Hypervisor]
-  MachineType = ""
-  Version = "DM version is: 1.2-unstable-254577a6-dirty (daily tag:acrn-2019w27.4-140000p)
-  Path = "/usr/bin/acrn-dm"
-  BlockDeviceDriver = "virtio-blk"
-  EntropySource = "/dev/urandom"
-  Msize9p = 0
-  MemorySlots = 10
-  Debug = false
-  UseVSock = false
-  SharedFS = ""
-```
--- a/docs/how-to/offline_cpu.sh
+++ b/docs/how-to/offline_cpu.sh
@@ -18,7 +18,6 @@ for i in $(ls -d /sys/devices/system/cpu/cpu[1-9]*); do
                        echo 0 > $i/online
                        online=`cat $i/online`
                done
-                echo $idx > /sys/class/vhm/acrn_vhm/offline_cpu
        fi
 done

--- a/docs/hypervisors.md
+++ b/docs/hypervisors.md
@@ -18,7 +18,6 @@ which hypervisors you may wish to investigate further.

 | Hypervisor | Written in | Architectures | Type |
 |-|-|-|-|
-|[ACRN] | C | `x86_64` | Type 1 (bare metal) |
 |[Cloud Hypervisor] | rust | `aarch64`, `x86_64` | Type 2 ([KVM]) |
 |[Firecracker] | rust | `aarch64`, `x86_64` | Type 2 ([KVM]) |
 |[QEMU] | C | all | Type 2 ([KVM]) | `configuration-qemu.toml` |
@@ -38,7 +37,6 @@ the hypervisors:

 | Hypervisor | Summary | Features | Limitations | Container Creation speed | Memory density | Use cases | Comment |
 |-|-|-|-|-|-|-|-|
-|[ACRN] | Safety critical and real-time workloads | | | excellent | excellent | Embedded and IOT systems | For advanced users |
 |[Cloud Hypervisor] | Low latency, small memory footprint, small attack surface | Minimal | | excellent | excellent | High performance modern cloud workloads | |
 |[Firecracker] | Very slimline | Extremely minimal | Doesn't support all device types | excellent | excellent | Serverless / FaaS | |
 |[QEMU] | Lots of features | Lots | | good | good | Good option for most users | |
@@ -57,7 +55,6 @@ are available, their default values and how each setting can be used.

 | Hypervisor | Golang runtime config file | golang runtime short name | golang runtime default | rust runtime config file | rust runtime short name | rust runtime default |
 |-|-|-|-|-|-|-|
-| [ACRN] | [`configuration-acrn.toml`](../src/runtime/config/configuration-acrn.toml.in) | `acrn` | | | | |
 | [Cloud Hypervisor] | [`configuration-clh.toml`](../src/runtime/config/configuration-clh.toml.in) | `clh` | | [`configuration-cloud-hypervisor.toml`](../src/runtime-rs/config/configuration-cloud-hypervisor.toml.in) | `cloud-hypervisor` | |
 | [Firecracker] | [`configuration-fc.toml`](../src/runtime/config/configuration-fc.toml.in) | `fc` | | | | |
 | [QEMU] | [`configuration-qemu.toml`](../src/runtime/config/configuration-qemu.toml.in) | `qemu` | yes | [`configuration-qemu.toml`](../src/runtime-rs/config/configuration-qemu-runtime-rs.toml.in) | `qemu` | |
@@ -93,10 +90,9 @@ are available, their default values and how each setting can be used.
 To switch the configured hypervisor, you only need to run a single command.
 See [the `kata-manager` documentation](../utils/README.md#choose-a-hypervisor) for further details.

-[ACRN]: https://projectacrn.org
 [Cloud Hypervisor]: https://github.com/cloud-hypervisor/cloud-hypervisor
 [Firecracker]: https://github.com/firecracker-microvm/firecracker
 [KVM]: https://en.wikipedia.org/wiki/Kernel-based_Virtual_Machine
-[QEMU]: http://www.qemu-project.org
+[QEMU]: http://www.qemu.org
 [`Dragonball`]: https://github.com/kata-containers/kata-containers/blob/main/src/dragonball
 [StratoVirt]: https://gitee.com/openeuler/stratovirt
--- a/docs/install/kata-containers-3.0-rust-runtime-installation-guide.md
+++ b/docs/install/kata-containers-3.0-rust-runtime-installation-guide.md
@@ -83,6 +83,23 @@ $ make && sudo make install
 ```
 After running the command above, the default config file `configuration.toml` will be installed under `/usr/share/defaults/kata-containers/`,  the binary file `containerd-shim-kata-v2` will be installed under `/usr/local/bin/` .

+### Install Shim Without Builtin Dragonball VMM
+
+By default, runtime-rs includes the `Dragonball` VMM. To build without the built-in `Dragonball` hypervisor, use `make USE_BUILDIN_DB=false`:
+```bash
+$ cd kata-containers/src/runtime-rs
+$ make USE_BUILDIN_DB=false
+```
+After building, specify the desired hypervisor during installation using `HYPERVISOR`. For example, to use `qemu` or `cloud-hypervisor`:
+
+```
+sudo make install HYPERVISOR=qemu
+```
+or
+```
+sudo make install HYPERVISOR=cloud-hypervisor
+```
+
 ### Build Kata Containers Kernel
 Follow the [Kernel installation guide](/tools/packaging/kernel/README.md).

--- a/docs/install/minikube-installation-guide.md
+++ b/docs/install/minikube-installation-guide.md
@@ -98,7 +98,7 @@ a number larger than `0` if you have either of the `vmx` or `svm` nested virtual
 available:

 ```sh
-$ minikube ssh "egrep -c 'vmx|svm' /proc/cpuinfo"
+$ minikube ssh "grep -c -E 'vmx|svm' /proc/cpuinfo"
 ```

 ## Installing Kata Containers
@@ -122,8 +122,8 @@ and will be executing a `sleep infinity` once it has successfully completed its
 You can accomplish this by running the following:

 ```sh
-$ podname=$(kubectl -n kube-system get pods -o=name | fgrep kata-deploy | sed 's?pod/??')
-$ kubectl -n kube-system exec ${podname} -- ps -ef | fgrep infinity
+$ podname=$(kubectl -n kube-system get pods -o=name | grep -F kata-deploy | sed 's?pod/??')
+$ kubectl -n kube-system exec ${podname} -- ps -ef | grep -F infinity
 ```

 > *NOTE:* This check only works for single node clusters, which is the default for Minikube.
@@ -197,7 +197,7 @@ $ minikube ssh -- uname -a
 And then compare that against the kernel that is running inside the container:

 ```sh
-$ podname=$(kubectl get pods -o=name | fgrep php-apache-kata-qemu | sed 's?pod/??')
+$ podname=$(kubectl get pods -o=name | grep -F php-apache-kata-qemu | sed 's?pod/??')
 $ kubectl exec ${podname} -- uname -a
 ```

--- a/docs/use-cases/using-Intel-QAT-and-kata.md
+++ b/docs/use-cases/using-Intel-QAT-and-kata.md
@@ -2,13 +2,13 @@

 # Introduction

-Intel® QuickAssist Technology (QAT) provides hardware acceleration 
-for security (cryptography) and compression. These instructions cover the 
-steps for the latest [Ubuntu LTS release](https://ubuntu.com/download/desktop) 
-which already include the QAT host driver. These instructions can be adapted to 
-any Linux distribution. These instructions guide the user on how to download 
-the kernel sources, compile kernel driver modules against those sources, and 
-load them onto the host as well as preparing a specially built Kata Containers 
+Intel® QuickAssist Technology (QAT) provides hardware acceleration
+for security (cryptography) and compression. These instructions cover the
+steps for the latest [Ubuntu LTS release](https://ubuntu.com/download/desktop)
+which already include the QAT host driver. These instructions can be adapted to
+any Linux distribution. These instructions guide the user on how to download
+the kernel sources, compile kernel driver modules against those sources, and
+load them onto the host as well as preparing a specially built Kata Containers
 kernel and custom Kata Containers rootfs.

 * Download kernel sources
@@ -16,7 +16,7 @@ kernel and custom Kata Containers rootfs.
 * Compile kernel driver modules against those sources
 * Download rootfs
 * Add driver modules to rootfs
-* Build rootfs image 
+* Build rootfs image

 ## Helpful Links before starting

@@ -35,8 +35,8 @@ reboot, and some steps to complete when the host kernel changes.

 ## Script variables

-The following list of variables must be set before running through the 
-scripts. These variables refer to locations to store modules and configuration 
+The following list of variables must be set before running through the
+scripts. These variables refer to locations to store modules and configuration
 files on the host and links to the drivers to use. Modify these as
 needed to point to updated drivers or different install locations.

@@ -58,9 +58,9 @@ $ export KATA_ROOTFS_LOCATION=~/kata

 ## Prepare the Ubuntu Host

-The host could be a bare metal instance or a virtual machine. If using a 
-virtual machine, make sure that KVM nesting is enabled. The following 
-instructions reference an Intel® C62X chipset. Some of the instructions must be 
+The host could be a bare metal instance or a virtual machine. If using a
+virtual machine, make sure that KVM nesting is enabled. The following
+instructions reference an Intel® C62X chipset. Some of the instructions must be
 modified if using a different Intel® QAT device. The Intel® QAT chipset can be
 identified by executing the following.

@@ -74,7 +74,7 @@ $ for i in 0434 0435 37c8 1f18 1f19; do lspci -d 8086:$i; done

 These packages are necessary to compile the Kata kernel, Intel® QAT driver, and to
 prepare the rootfs for Kata. [Docker](https://docs.docker.com/engine/install/ubuntu/)
-also needs to be installed to be able to build the rootfs. To test that 
+also needs to be installed to be able to build the rootfs. To test that
 everything works a Kubernetes pod is started requesting Intel® QAT resources. For the
 pass through of the virtual functions the kernel boot parameter needs to have
 `INTEL_IOMMU=on`.
@@ -89,7 +89,7 @@ $ sudo reboot

 ### Download Intel® QAT drivers

-This will download the [Intel® QAT drivers](https://www.intel.com/content/www/us/en/developer/topic-technology/open/quick-assist-technology/overview.html). 
+This will download the [Intel® QAT drivers](https://www.intel.com/content/www/us/en/developer/topic-technology/open/quick-assist-technology/overview.html).
 Make sure to check the website for the latest version.

 ```bash
@@ -100,13 +100,13 @@ $ curl -L $QAT_DRIVER_URL | tar zx

 ### Copy Intel® QAT configuration files and enable virtual functions

-Modify the instructions below as necessary if using a different Intel® QAT hardware 
-platform. You can learn more about customizing configuration files at the 
+Modify the instructions below as necessary if using a different Intel® QAT hardware
+platform. You can learn more about customizing configuration files at the
 [Intel® QAT Engine repository](https://github.com/intel/QAT_Engine/#copy-the-correct-intel-quickassist-technology-driver-config-files)
-This section starts from a base config file and changes the `SSL` section to 
+This section starts from a base config file and changes the `SSL` section to
 `SHIM` to support the OpenSSL engine. There are more tweaks that you can make
 depending on the use case and how many Intel® QAT engines should be run. You
-can find more information about how to customize in the 
+can find more information about how to customize in the
 [Intel® QuickAssist Technology Software for Linux* - Programmer's Guide.](https://www.intel.com/content/www/us/en/content-details/709196/intel-quickassist-technology-api-programmer-s-guide.html)

 > **Note: This section assumes that a Intel® QAT `c6xx` platform is used.**
@@ -119,16 +119,16 @@ $ sed -i 's/\[SSL\]/\[SHIM\]/g' $QAT_CONF_LOCATION/c6xxvf_dev0.conf

 ### Expose and Bind Intel® QAT virtual functions to VFIO-PCI (Every reboot)

-To enable virtual functions, the host OS should have IOMMU groups enabled. In 
-the UEFI Firmware Intel® Virtualization Technology for Directed I/O 
-(Intel® VT-d) must be enabled. Also, the kernel boot parameter should be 
+To enable virtual functions, the host OS should have IOMMU groups enabled. In
+the UEFI Firmware Intel® Virtualization Technology for Directed I/O
+(Intel® VT-d) must be enabled. Also, the kernel boot parameter should be
 `intel_iommu=on` or `intel_iommu=ifgx_off`. This should have been set from
-the instructions above. Check the output of `/proc/cmdline` to confirm. The 
+the instructions above. Check the output of `/proc/cmdline` to confirm. The
 following commands assume you installed an Intel® QAT card, IOMMU is on, and
 VT-d is enabled. The vendor and device ID add to the `VFIO-PCI` driver so that
 each exposed virtual function can be bound to the `VFIO-PCI` driver. Once
 complete, each virtual function passes into a Kata Containers container using
-the PCIe device passthrough feature. For Kubernetes, the 
+the PCIe device passthrough feature. For Kubernetes, the
 [Intel device plugin](https://github.com/intel/intel-device-plugins-for-kubernetes)
 for Kubernetes handles the binding of the driver, but the VF’s still must be
 enabled.
@@ -155,10 +155,10 @@ $ for f in /sys/bus/pci/devices/0000:$QAT_PCI_BUS_PF_1/virtfn*

 ### Check Intel® QAT virtual functions are enabled

-If the following command returns empty, then the virtual functions are not 
-properly enabled. This command checks the enumerated device IDs for just the 
-virtual functions. Using the Intel® QAT as an example, the physical device ID 
-is `37c8` and virtual function device ID is `37c9`. The following command checks 
+If the following command returns empty, then the virtual functions are not
+properly enabled. This command checks the enumerated device IDs for just the
+virtual functions. Using the Intel® QAT as an example, the physical device ID
+is `37c8` and virtual function device ID is `37c9`. The following command checks
 if VF's are enabled for any of the currently known Intel® QAT device ID's. The
 following `ls` command should show the 16 VF's bound to `VFIO-PCI`.

@@ -182,7 +182,7 @@ follows the instructions from the
 [packaging kernel repository](../../tools/packaging/kernel)
 and uses the latest Kata kernel
 [config](../../tools/packaging/kernel/configs).
-There are some patches that must be installed as well, which the 
+There are some patches that must be installed as well, which the
 `build-kernel.sh` script should automatically apply. If you are using a
 different kernel version, then you might need to manually apply them. Since
 the Kata Containers kernel has a minimal set of kernel flags set, you must
@@ -228,17 +228,17 @@ $ cp ${GOPATH}/${LINUX_VER}/vmlinux ${KATA_KERNEL_LOCATION}/${KATA_KERNEL_NAME}

 ### Prepare Kata root filesystem

-These instructions build upon the OS builder instructions located in the 
+These instructions build upon the OS builder instructions located in the
 [Developer Guide](../Developer-Guide.md). At this point it is recommended that
 [Docker](https://docs.docker.com/engine/install/ubuntu/) is installed first, and
 then [Kata-deploy](../../tools/packaging/kata-deploy)
-is use to install Kata. This will make sure that the correct `agent` version 
+is use to install Kata. This will make sure that the correct `agent` version
 is installed into the rootfs in the steps below.

-The following instructions use Ubuntu as the root filesystem with systemd as 
-the init and will add in the `kmod` binary, which is not a standard binary in 
-a Kata rootfs image. The `kmod` binary is necessary to load the Intel® QAT 
-kernel modules when the virtual machine rootfs boots. 
+The following instructions use Ubuntu as the root filesystem with systemd as
+the init and will add in the `kmod` binary, which is not a standard binary in
+a Kata rootfs image. The `kmod` binary is necessary to load the Intel® QAT
+kernel modules when the virtual machine rootfs boots.

 ```bash
 $ export OSBUILDER=$GOPATH/src/github.com/kata-containers/kata-containers/tools/osbuilder
@@ -247,7 +247,7 @@ $ export EXTRA_PKGS='kmod'
 ```

 Make sure that the `kata-agent` version matches the installed `kata-runtime`
-version. Also make sure the `kata-runtime` install location is in your `PATH` 
+version. Also make sure the `kata-runtime` install location is in your `PATH`
 variable. The following `AGENT_VERSION` can be set manually to match
 the `kata-runtime` version if the following commands don't work.

@@ -262,10 +262,10 @@ $ script -fec 'sudo -E GOPATH=$GOPATH USE_DOCKER=true SECCOMP=no ./rootfs.sh ubu

 ### Compile Intel® QAT drivers for Kata Containers kernel and add to Kata Containers rootfs

-After the Kata Containers kernel builds with the proper configuration flags, 
+After the Kata Containers kernel builds with the proper configuration flags,
 you must build the Intel® QAT drivers against that Kata Containers kernel
-version in a similar way they were previously built for the host OS. You must 
-set the `KERNEL_SOURCE_ROOT` variable to the Kata Containers kernel source 
+version in a similar way they were previously built for the host OS. You must
+set the `KERNEL_SOURCE_ROOT` variable to the Kata Containers kernel source
 directory and build the Intel® QAT drivers again. The  `make` command will
 install the Intel® QAT modules into the Kata rootfs.

@@ -284,16 +284,16 @@ $ sudo -E make INSTALL_MOD_PATH=$ROOTFS_DIR qat-driver-install -j $(nproc)
 ```

 The `usdm_drv` module also needs to be copied into the rootfs modules path and
-`depmod` should be run. 
+`depmod` should be run.

 ```bash
-$ sudo cp $QAT_SRC/build/usdm_drv.ko $ROOTFS_DIR/lib/modules/${KERNEL_ROOTFS_DIR}/updates/drivers  
+$ sudo cp $QAT_SRC/build/usdm_drv.ko $ROOTFS_DIR/lib/modules/${KERNEL_ROOTFS_DIR}/updates/drivers
 $ sudo depmod -a -b ${ROOTFS_DIR} ${KERNEL_ROOTFS_DIR}
 $ cd ${OSBUILDER}/image-builder
 $ script -fec 'sudo -E USE_DOCKER=true ./image_builder.sh ${ROOTFS_DIR}'
 ```

-> **Note: Ignore any errors on modules.builtin and modules.order when running 
+> **Note: Ignore any errors on modules.builtin and modules.order when running
 > `depmod`.**

 ### Copy Kata rootfs
@@ -305,17 +305,17 @@ $ cp ${OSBUILDER}/image-builder/kata-containers.img $KATA_ROOTFS_LOCATION

 ## Verify Intel® QAT works in a container

-The following instructions uses a OpenSSL Dockerfile that builds the 
-Intel® QAT engine to allow OpenSSL to offload crypto functions. It is a 
+The following instructions uses a OpenSSL Dockerfile that builds the
+Intel® QAT engine to allow OpenSSL to offload crypto functions. It is a
 convenient way to test that VFIO device passthrough for the Intel® QAT VF’s are
 working properly with the Kata Containers VM.

 ### Build OpenSSL Intel® QAT engine container

-Use the OpenSSL Intel® QAT [Dockerfile](https://github.com/intel/intel-device-plugins-for-kubernetes/tree/main/demo/openssl-qat-engine) 
-to build a container image with an optimized OpenSSL engine for 
+Use the OpenSSL Intel® QAT [Dockerfile](https://github.com/intel/intel-device-plugins-for-kubernetes/tree/main/demo/openssl-qat-engine)
+to build a container image with an optimized OpenSSL engine for
 Intel® QAT. Using `docker build` with the Kata Containers runtime can sometimes
-have issues. Therefore, make sure that `runc` is the default Docker container 
+have issues. Therefore, make sure that `runc` is the default Docker container
 runtime.

 ```bash
@@ -324,12 +324,12 @@ $ curl -O $QAT_DOCKERFILE
 $ sudo docker build -t openssl-qat-engine .
 ```

-> **Note: The Intel® QAT driver version in this container might not match the 
+> **Note: The Intel® QAT driver version in this container might not match the
 > Intel® QAT driver compiled and loaded on the host when compiling.**

 ### Test Intel® QAT with the ctr tool

-The `ctr` tool can be used to interact with the containerd daemon. It may be 
+The `ctr` tool can be used to interact with the containerd daemon. It may be
 more convenient to use this tool to verify the kernel and image instead of
 setting up a Kubernetes cluster. The correct Kata runtimes need to be added
 to the containerd `config.toml`. Below is a sample snippet that can be added
@@ -350,7 +350,7 @@ to allow QEMU and Cloud Hypervisor (CLH) to work with `ctr`.
    ConfigPath = "/opt/kata/share/defaults/kata-containers/configuration-clh.toml"
 ```

-In addition, containerd expects the binary to be in `/usr/local/bin` so add 
+In addition, containerd expects the binary to be in `/usr/local/bin` so add
 this small script so that it redirects to be able to use either QEMU or
 Cloud Hypervisor with Kata.

@@ -363,30 +363,30 @@ $ echo 'KATA_CONF_FILE=/opt/kata/share/defaults/kata-containers/configuration-cl
 $ sudo chmod +x /usr/local/bin/containerd-shim-kata-clh-v2
 ```

-After the OpenSSL image is built and imported into containerd, a Intel® QAT 
-virtual function exposed in the step above can be added to the `ctr` command. 
-Make sure to change the `/dev/vfio` number to one that actually exists on the 
-host system. When using the `ctr` tool, the`configuration.toml` for Kata needs 
-to point to the custom Kata kernel and rootfs built above and the Intel® QAT 
-modules in the Kata rootfs need to load at boot. The following steps assume that 
-`kata-deploy` was used to install Kata and QEMU is being tested. If using a 
-different hypervisor, different install method for Kata, or a different 
-Intel® QAT chipset then the command will need to be modified. 
+After the OpenSSL image is built and imported into containerd, a Intel® QAT
+virtual function exposed in the step above can be added to the `ctr` command.
+Make sure to change the `/dev/vfio` number to one that actually exists on the
+host system. When using the `ctr` tool, the`configuration.toml` for Kata needs
+to point to the custom Kata kernel and rootfs built above and the Intel® QAT
+modules in the Kata rootfs need to load at boot. The following steps assume that
+`kata-deploy` was used to install Kata and QEMU is being tested. If using a
+different hypervisor, different install method for Kata, or a different
+Intel® QAT chipset then the command will need to be modified.

-> **Note: The following was tested with 
+> **Note: The following was tested with
 [containerd v1.4.6](https://github.com/containerd/containerd/releases/tag/v1.4.6).**

 ```bash
 $ config_file="/opt/kata/share/defaults/kata-containers/configuration-qemu.toml"
 $ sudo sed -i "/kernel =/c kernel = "\"${KATA_ROOTFS_LOCATION}/${KATA_KERNEL_NAME}\""" $config_file
 $ sudo sed -i "/image =/c image = "\"${KATA_KERNEL_LOCATION}/kata-containers.img\""" $config_file
-$ sudo sed -i -e 's/^kernel_params = "\(.*\)"/kernel_params = "\1 modules-load=usdm_drv,qat_c62xvf"/g' $config_file 
+$ sudo sed -i -e 's/^kernel_params = "\(.*\)"/kernel_params = "\1 modules-load=usdm_drv,qat_c62xvf"/g' $config_file
 $ sudo docker save -o openssl-qat-engine.tar openssl-qat-engine:latest
 $ sudo ctr images import openssl-qat-engine.tar
 $ sudo ctr run --runtime io.containerd.run.kata-qemu.v2 --privileged -t --rm --device=/dev/vfio/180 --mount type=bind,src=/dev,dst=/dev,options=rbind:rw --mount type=bind,src=${QAT_CONF_LOCATION}/c6xxvf_dev0.conf,dst=/etc/c6xxvf_dev0.conf,options=rbind:rw  docker.io/library/openssl-qat-engine:latest bash
 ```

-Below are some commands to run in the container image to verify Intel® QAT is 
+Below are some commands to run in the container image to verify Intel® QAT is
 working

 ```sh
@@ -412,24 +412,24 @@ root@67561dc2757a/ # openssl engine -c -t qat-hw

 ### Test Intel® QAT in Kubernetes

-Start a Kubernetes cluster with containerd as the CRI. The host should 
-already be setup with 16 virtual functions of the Intel® QAT card bound to 
-`VFIO-PCI`. Verify this by looking in `/dev/vfio` for a listing of devices. 
-You might need to disable Docker before initializing Kubernetes. Be aware 
+Start a Kubernetes cluster with containerd as the CRI. The host should
+already be setup with 16 virtual functions of the Intel® QAT card bound to
+`VFIO-PCI`. Verify this by looking in `/dev/vfio` for a listing of devices.
+You might need to disable Docker before initializing Kubernetes. Be aware
 that the OpenSSL container image built above will need to be exported from
 Docker and imported into containerd.

 If Kata is installed through [`kata-deploy`](../../tools/packaging/kata-deploy/README.md)
-there will be multiple `configuration.toml` files associated with different 
-hypervisors. Rather than add in the custom Kata kernel, Kata rootfs, and 
+there will be multiple `configuration.toml` files associated with different
+hypervisors. Rather than add in the custom Kata kernel, Kata rootfs, and
 kernel modules to each `configuration.toml` as the default, instead use
 [annotations](../how-to/how-to-load-kernel-modules-with-kata.md)
-in the Kubernetes YAML file to tell Kata which kernel and rootfs to use. The 
+in the Kubernetes YAML file to tell Kata which kernel and rootfs to use. The
 easy way to do this is to use `kata-deploy` which will install the Kata binaries
-to `/opt` and properly configure the `/etc/containerd/config.toml` with annotation 
+to `/opt` and properly configure the `/etc/containerd/config.toml` with annotation
 support. However, the `configuration.toml` needs to enable support for
 annotations as well. The following configures both QEMU and Cloud Hypervisor
-`configuration.toml` files that are currently available with Kata Container 
+`configuration.toml` files that are currently available with Kata Container
 versions 2.0 and higher.

 ```bash
@@ -446,15 +446,15 @@ $ sudo ctr -n=k8s.io images import openssl-qat-engine.tar

 The [Intel® QAT Plugin](https://github.com/intel/intel-device-plugins-for-kubernetes/blob/main/cmd/qat_plugin/README.md)
 needs to be started so that the virtual functions can be discovered and
-used by Kubernetes. 
+used by Kubernetes.

 The following YAML file can be used to start a Kata container with Intel® QAT
-support. If Kata is installed with `kata-deploy`, then the containerd 
-`configuration.toml` should have all of the Kata runtime classes already 
-populated and annotations supported. To use a Intel® QAT virtual function, the 
-Intel® QAT plugin needs to be started after the VF's are bound to `VFIO-PCI` as 
-described [above](#expose-and-bind-intel-qat-virtual-functions-to-vfio-pci-every-reboot). 
-Edit the following to point to the correct Kata kernel and rootfs location 
+support. If Kata is installed with `kata-deploy`, then the containerd
+`configuration.toml` should have all of the Kata runtime classes already
+populated and annotations supported. To use a Intel® QAT virtual function, the
+Intel® QAT plugin needs to be started after the VF's are bound to `VFIO-PCI` as
+described [above](#expose-and-bind-intel-qat-virtual-functions-to-vfio-pci-every-reboot).
+Edit the following to point to the correct Kata kernel and rootfs location
 built with Intel® QAT support.

 ```bash
@@ -497,7 +497,7 @@ spec:
 EOF
 ```

-Use `kubectl` to start the pod. Verify that Intel® QAT card acceleration is 
+Use `kubectl` to start the pod. Verify that Intel® QAT card acceleration is
 working with the Intel® QAT engine.
 ```bash
 $ kubectl apply -f kata-openssl-qat.yaml
@@ -531,14 +531,14 @@ $ ls /dev/vfio
 * Check that the modules load when inside the Kata Container.

 ```sh
-bash-5.0# egrep "qat|usdm_drv" /proc/modules
+bash-5.0# grep -E "qat|usdm_drv" /proc/modules
 qat_c62xvf 16384 - - Live 0x0000000000000000 (O)
 usdm_drv 86016 - - Live 0x0000000000000000 (O)
 intel_qat 184320 - - Live 0x0000000000000000 (O)
 ```

-* Verify that at least the first `c6xxvf_dev0.conf` file mounts inside the 
-container image in `/etc`. You will need one configuration file for each VF 
+* Verify that at least the first `c6xxvf_dev0.conf` file mounts inside the
+container image in `/etc`. You will need one configuration file for each VF
 passed into the container.

 ```sh
@@ -548,10 +548,10 @@ c6xxvf_dev1.conf   c6xxvf_dev12.conf  c6xxvf_dev15.conf  c6xxvf_dev4.conf  c6xxv
 c6xxvf_dev10.conf  c6xxvf_dev13.conf  c6xxvf_dev2.conf   c6xxvf_dev5.conf c6xxvf_dev8.conf  hosts
 ```

-* Check `dmesg` inside the container to see if there are any issues with the 
+* Check `dmesg` inside the container to see if there are any issues with the
 Intel® QAT driver.

-* If there are issues building the OpenSSL Intel® QAT container image, then 
+* If there are issues building the OpenSSL Intel® QAT container image, then
 check to make sure that runc is the default runtime for building container.

 ```sh
@@ -564,11 +564,11 @@ Environment="DOCKER_DEFAULT_RUNTIME=--default-runtime runc"

 ### Verify Intel® QAT card counters are incremented

-To check the built in firmware counters, the Intel® QAT driver has to be compiled 
-and installed to the host and can't rely on the built in host driver. The 
-counters will increase when the accelerator is actively being used. To verify 
-Intel® QAT is actively accelerating the containerized application, use the 
-following instructions to check if any of the counters increment. Make 
+To check the built in firmware counters, the Intel® QAT driver has to be compiled
+and installed to the host and can't rely on the built in host driver. The
+counters will increase when the accelerator is actively being used. To verify
+Intel® QAT is actively accelerating the containerized application, use the
+following instructions to check if any of the counters increment. Make
 sure to change the PCI Device ID to match whats in the system.

 ```bash
--- a/docs/use-cases/using-SRIOV-and-kata.md
+++ b/docs/use-cases/using-SRIOV-and-kata.md
@@ -42,7 +42,7 @@ The following is an example of how to use `lspci` to check if your NIC supports
 SR-IOV.

 ```
-$ lspci | fgrep -i ethernet
+$ lspci | grep -i -F ethernet
 01:00.0 Ethernet controller: Intel Corporation Ethernet Controller 10-Gigabit X540-AT2 (rev 03)

 ...
--- a/src/agent/Cargo.lock
+++ b/src/agent/Cargo.lock
--- a/src/agent/Cargo.toml
+++ b/src/agent/Cargo.toml
@@ -7,11 +7,12 @@ license = "Apache-2.0"

 [dependencies]
 runtime-spec = { path = "../libs/runtime-spec" }
+mem-agent = { path = "../mem-agent" }
 oci-spec = { version = "0.6.8", features = ["runtime"] }
 rustjail = { path = "rustjail" }
 protocols = { path = "../libs/protocols", features = ["async", "with-serde"] }
 lazy_static = "1.3.0"
-ttrpc = { version = "0.8", features = ["async"], default-features = false }
+ttrpc = { version = "0.8.4", features = ["async"], default-features = false }
 protobuf = "3.2.0"
 libc = "0.2.58"
 nix = "0.24.2"
@@ -77,13 +78,17 @@ strum = "0.26.2"
 strum_macros = "0.26.2"

 # Image pull/decrypt
-image-rs = { git = "https://github.com/confidential-containers/guest-components", rev = "v0.10.0", default-features = false, optional = true }
+image-rs = { git = "https://github.com/confidential-containers/guest-components", rev = "514c561d933cb11a0f1628621a0b930157af76cd", default-features = false, optional = true }

 # Agent Policy
-regorus = { version = "0.1.4", default-features = false, features = [
+regorus = { version = "0.2.6", default-features = false, features = [
    "arc",
    "regex",
+    "std",
 ], optional = true }
+cdi = { git = "https://github.com/cncf-tags/container-device-interface-rs", rev = "fba5677a8e7cc962fc6e495fcec98d7d765e332a" }
+json-patch = "2.0.0"
+kata-agent-policy = { path = "policy" }

 [dev-dependencies]
 tempfile = "3.1.0"
@@ -93,7 +98,7 @@ rstest = "0.18.0"
 async-std = { version = "1.12.0", features = ["attributes"] }

 [workspace]
-members = ["rustjail"]
+members = ["rustjail", "policy"]

 [profile.release]
 lto = true
--- a/src/agent/policy/Cargo.toml
+++ b/src/agent/policy/Cargo.toml
@@ -0,0 +1,33 @@
+[package]
+name = "kata-agent-policy"
+version = "0.1.0"
+authors = ["The Kata Containers community <kata-dev@lists.katacontainers.io>"]
+edition = "2018"
+license = "Apache-2.0"
+
+[dependencies]
+# Async runtime
+tokio = { version = "1.39.0", features = ["full"] }
+tokio-vsock = "0.3.4"
+
+anyhow = "1"
+
+# Configuration
+serde = { version = "1.0.129", features = ["derive"] }
+serde_json = "1.0.39"
+
+# Agent Policy
+regorus = { version = "0.2.8", default-features = false, features = [
+    "arc",
+    "regex",
+    "std",
+] }
+json-patch = "2.0.0"
+
+
+# Note: this crate sets the slog 'max_*' features which allows the log level
+# to be modified at runtime.
+logging = { path = "../../libs/logging" }
+slog = "2.5.2"
+slog-scope = "4.1.2"
+slog-term = "2.9.0"
--- a/src/agent/policy/src/lib.rs
+++ b/src/agent/policy/src/lib.rs
@@ -0,0 +1,6 @@
+// Copyright (c) 2024 Edgeless Systems GmbH
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+pub mod policy;
--- a/src/agent/policy/src/policy.rs
+++ b/src/agent/policy/src/policy.rs
@@ -0,0 +1,243 @@
+// Copyright (c) 2023 Microsoft Corporation
+// Copyright (c) 2024 Edgeless Systems GmbH
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+//! Policy evaluation for the kata-agent.
+
+use anyhow::{bail, Result};
+use slog::{debug, error, info, warn};
+use tokio::io::AsyncWriteExt;
+
+static POLICY_LOG_FILE: &str = "/tmp/policy.txt";
+static POLICY_DEFAULT_FILE: &str = "/etc/kata-opa/default-policy.rego";
+
+/// Convenience macro to obtain the scope logger
+macro_rules! sl {
+    () => {
+        slog_scope::logger()
+    };
+}
+
+/// Singleton policy object.
+#[derive(Debug, Default)]
+pub struct AgentPolicy {
+    /// When true policy errors are ignored, for debug purposes.
+    allow_failures: bool,
+
+    /// "/tmp/policy.txt" log file for policy activity.
+    log_file: Option<tokio::fs::File>,
+
+    /// Regorus engine
+    engine: regorus::Engine,
+}
+
+#[derive(serde::Deserialize, Debug)]
+struct MetadataResponse {
+    allowed: bool,
+    ops: Option<json_patch::Patch>,
+}
+
+impl AgentPolicy {
+    /// Create AgentPolicy object.
+    pub fn new() -> Self {
+        Self {
+            allow_failures: false,
+            engine: Self::new_engine(),
+            ..Default::default()
+        }
+    }
+
+    fn new_engine() -> regorus::Engine {
+        let mut engine = regorus::Engine::new();
+        engine.set_strict_builtin_errors(false);
+        engine.set_gather_prints(true);
+        // assign a slice of the engine data "pstate" to be used as policy state
+        engine
+            .add_data(
+                regorus::Value::from_json_str(
+                    r#"{
+                        "pstate": {}
+                    }"#,
+                )
+                .unwrap(),
+            )
+            .unwrap();
+        engine
+    }
+
+    /// Initialize regorus.
+    pub async fn initialize(
+        &mut self,
+        log_level: usize,
+        default_policy_file: String,
+        log_file: Option<String>,
+    ) -> Result<()> {
+        // log file path
+        let log_file_path = match log_file {
+            Some(path) => path,
+            None => POLICY_LOG_FILE.to_string(),
+        };
+        let log_file_path = log_file_path.as_str();
+
+        if log_level >= slog::Level::Debug.as_usize() {
+            self.log_file = Some(
+                tokio::fs::OpenOptions::new()
+                    .write(true)
+                    .truncate(true)
+                    .create(true)
+                    .open(&log_file_path)
+                    .await?,
+            );
+            debug!(sl!(), "policy: log file: {}", log_file_path);
+        }
+
+        // Check if policy file has been set via AgentConfig
+        // If empty, use default file.
+        let mut default_policy_file = default_policy_file;
+        if default_policy_file.is_empty() {
+            default_policy_file = POLICY_DEFAULT_FILE.to_string();
+        }
+        info!(sl!(), "default policy: {default_policy_file}");
+
+        self.engine.add_policy_from_file(default_policy_file)?;
+        self.update_allow_failures_flag().await?;
+        Ok(())
+    }
+
+    async fn apply_patch_to_state(&mut self, patch: json_patch::Patch) -> Result<()> {
+        // Convert the current engine data to a JSON value
+        let mut state = serde_json::to_value(self.engine.get_data())?;
+
+        // Apply the patch to the state
+        json_patch::patch(&mut state, &patch)?;
+
+        // Clear the existing data in the engine
+        self.engine.clear_data();
+
+        // Add the patched state back to the engine
+        self.engine
+            .add_data(regorus::Value::from_json_str(&state.to_string())?)?;
+
+        Ok(())
+    }
+
+    /// Ask regorus if an API call should be allowed or not.
+    pub async fn allow_request(&mut self, ep: &str, ep_input: &str) -> Result<(bool, String)> {
+        debug!(sl!(), "policy check: {ep}");
+        self.log_eval_input(ep, ep_input).await;
+
+        let query = format!("data.agent_policy.{ep}");
+        self.engine.set_input_json(ep_input)?;
+
+        let results = self.engine.eval_query(query, false)?;
+
+        let prints = match self.engine.take_prints() {
+            Ok(p) => p.join(" "),
+            Err(e) => format!("Failed to get policy log: {e}"),
+        };
+
+        if results.result.len() != 1 {
+            // Results are empty when AllowRequestsFailingPolicy is used to allow a Request that hasn't been defined in the policy
+            if self.allow_failures {
+                return Ok((true, prints));
+            }
+            bail!(
+                "policy check: unexpected eval_query result len {:?}",
+                results
+            );
+        }
+
+        if results.result[0].expressions.len() != 1 {
+            bail!(
+                "policy check: unexpected eval_query result expressions {:?}",
+                results
+            );
+        }
+
+        let mut allow = match &results.result[0].expressions[0].value {
+            regorus::Value::Bool(b) => *b,
+
+            // Match against a specific variant that could be interpreted as MetadataResponse
+            regorus::Value::Object(obj) => {
+                let json_str = serde_json::to_string(obj)?;
+
+                self.log_eval_input(ep, &json_str).await;
+
+                let metadata_response: MetadataResponse = serde_json::from_str(&json_str)?;
+
+                if metadata_response.allowed {
+                    if let Some(ops) = metadata_response.ops {
+                        self.apply_patch_to_state(ops).await?;
+                    }
+                }
+                metadata_response.allowed
+            }
+
+            _ => {
+                error!(sl!(), "allow_request: unexpected eval_query result type");
+                bail!(
+                    "policy check: unexpected eval_query result type {:?}",
+                    results
+                );
+            }
+        };
+
+        if !allow && self.allow_failures {
+            warn!(sl!(), "policy: ignoring error for {ep}");
+            allow = true;
+        }
+
+        Ok((allow, prints))
+    }
+
+    /// Replace the Policy in regorus.
+    pub async fn set_policy(&mut self, policy: &str) -> Result<()> {
+        self.engine = Self::new_engine();
+        self.engine
+            .add_policy("agent_policy".to_string(), policy.to_string())?;
+        self.update_allow_failures_flag().await?;
+        Ok(())
+    }
+
+    async fn log_eval_input(&mut self, ep: &str, input: &str) {
+        if let Some(log_file) = &mut self.log_file {
+            match ep {
+                "StatsContainerRequest" | "ReadStreamRequest" | "SetPolicyRequest" => {
+                    // - StatsContainerRequest and ReadStreamRequest are called
+                    //   relatively often, so we're not logging them, to avoid
+                    //   growing this log file too much.
+                    // - Confidential Containers Policy documents are relatively
+                    //   large, so we're not logging them here, for SetPolicyRequest.
+                    //   The Policy text can be obtained directly from the pod YAML.
+                }
+                _ => {
+                    let log_entry = format!("[\"ep\":\"{ep}\",{input}],\n\n");
+
+                    if let Err(e) = log_file.write_all(log_entry.as_bytes()).await {
+                        warn!(sl!(), "policy: log_eval_input: write_all failed: {}", e);
+                    } else if let Err(e) = log_file.flush().await {
+                        warn!(sl!(), "policy: log_eval_input: flush failed: {}", e);
+                    }
+                }
+            }
+        }
+    }
+
+    async fn update_allow_failures_flag(&mut self) -> Result<()> {
+        self.allow_failures = match self.allow_request("AllowRequestsFailingPolicy", "{}").await {
+            Ok((allowed, _prints)) => {
+                if allowed {
+                    warn!(
+                        sl!(),
+                        "policy: AllowRequestsFailingPolicy is enabled - will ignore errors"
+                    );
+                }
+                allowed
+            }
+            Err(_) => false,
+        };
+        Ok(())
+    }
+}
--- a/src/agent/rustjail/src/cgroups/fs/mod.rs
+++ b/src/agent/rustjail/src/cgroups/fs/mod.rs
@@ -1170,6 +1170,23 @@ impl Manager {
        })
    }

+    pub fn subcgroup(&self) -> &str {
+        // Check if we're in a Docker-in-Docker setup by verifying:
+        // 1. We're using cgroups v2 (which restricts direct process control)
+        // 2. An "init" subdirectory exists (used by DinD for process delegation)
+        let is_dind = cgroups::hierarchies::is_cgroup2_unified_mode()
+            && cgroups::hierarchies::auto()
+                .root()
+                .join(&self.cpath)
+                .join("init")
+                .exists();
+        if is_dind {
+            "/init/"
+        } else {
+            "/"
+        }
+    }
+
    fn get_paths_and_mounts(
        cpath: &str,
    ) -> Result<(HashMap<String, String>, HashMap<String, String>)> {
--- a/src/agent/rustjail/src/cgroups/systemd/dbus_client.rs
+++ b/src/agent/rustjail/src/cgroups/systemd/dbus_client.rs
@@ -19,7 +19,7 @@ pub trait SystemdInterface {
    fn kill_unit(&self) -> Result<()>;
    fn freeze_unit(&self) -> Result<()>;
    fn thaw_unit(&self) -> Result<()>;
-    fn add_process(&self, pid: i32) -> Result<()>;
+    fn add_process(&self, pid: i32, subcgroup: &str) -> Result<()>;
    fn get_version(&self) -> Result<String>;
    fn unit_exists(&self) -> Result<bool>;
 }
@@ -151,11 +151,10 @@ impl SystemdInterface for DBusClient {
        }
    }

-    fn add_process(&self, pid: i32) -> Result<()> {
+    fn add_process(&self, pid: i32, subcgroup: &str) -> Result<()> {
        let proxy = self.build_proxy()?;
-
        proxy
-            .attach_processes_to_unit(&self.unit_name, "/", &[pid as u32])
+            .attach_processes_to_unit(&self.unit_name, subcgroup, &[pid as u32])
            .context(format!(
                "failed to add process into unit {}",
                self.unit_name
--- a/src/agent/rustjail/src/cgroups/systemd/manager.rs
+++ b/src/agent/rustjail/src/cgroups/systemd/manager.rs
@@ -41,7 +41,8 @@ pub struct Manager {
 impl CgroupManager for Manager {
    fn apply(&self, pid: pid_t) -> Result<()> {
        if self.dbus_client.unit_exists()? {
-            self.dbus_client.add_process(pid)?;
+            let subcgroup = self.fs_manager.subcgroup();
+            self.dbus_client.add_process(pid, subcgroup)?;
        } else {
            self.dbus_client.start_unit(
                (pid as u32).try_into().unwrap(),
--- a/src/agent/rustjail/src/container.rs
+++ b/src/agent/rustjail/src/container.rs
@@ -158,7 +158,7 @@ lazy_static! {
                .typ(oci::LinuxDeviceType::C)
                .major(1)
                .minor(3)
-                .file_mode(0o066_u32)
+                .file_mode(0o666_u32)
                .uid(0xffffffff_u32)
                .gid(0xffffffff_u32)
                .build()
@@ -168,7 +168,7 @@ lazy_static! {
                .typ(oci::LinuxDeviceType::C)
                .major(1)
                .minor(5)
-                .file_mode(0o066_u32)
+                .file_mode(0o666_u32)
                .uid(0xffffffff_u32)
                .gid(0xffffffff_u32)
                .build()
@@ -178,7 +178,7 @@ lazy_static! {
                .typ(oci::LinuxDeviceType::C)
                .major(1)
                .minor(7)
-                .file_mode(0o066_u32)
+                .file_mode(0o666_u32)
                .uid(0xffffffff_u32)
                .gid(0xffffffff_u32)
                .build()
@@ -188,7 +188,7 @@ lazy_static! {
                .typ(oci::LinuxDeviceType::C)
                .major(5)
                .minor(0)
-                .file_mode(0o066_u32)
+                .file_mode(0o666_u32)
                .uid(0xffffffff_u32)
                .gid(0xffffffff_u32)
                .build()
@@ -198,7 +198,7 @@ lazy_static! {
                .typ(oci::LinuxDeviceType::C)
                .major(1)
                .minor(9)
-                .file_mode(0o066_u32)
+                .file_mode(0o666_u32)
                .uid(0xffffffff_u32)
                .gid(0xffffffff_u32)
                .build()
@@ -208,7 +208,7 @@ lazy_static! {
                .typ(oci::LinuxDeviceType::C)
                .major(1)
                .minor(8)
-                .file_mode(0o066_u32)
+                .file_mode(0o666_u32)
                .uid(0xffffffff_u32)
                .gid(0xffffffff_u32)
                .build()
--- a/src/agent/rustjail/src/mount.rs
+++ b/src/agent/rustjail/src/mount.rs
@@ -233,7 +233,7 @@ pub fn init_rootfs(
        // bind may be only specified in the oci spec options -> flags update r#type
        let m = &{
            let mut mbind = m.clone();
-            if mbind.typ().is_none() && flags & MsFlags::MS_BIND == MsFlags::MS_BIND {
+            if is_none_mount_type(mbind.typ()) && flags & MsFlags::MS_BIND == MsFlags::MS_BIND {
                mbind.set_typ(Some("bind".to_string()));
            }
            mbind
@@ -397,6 +397,13 @@ fn mount_cgroups_v2(cfd_log: RawFd, m: &Mount, rootfs: &str, flags: MsFlags) ->
    Ok(())
 }

+fn is_none_mount_type(typ: &Option<String>) -> bool {
+    match typ {
+        Some(t) => t == "none",
+        None => true,
+    }
+}
+
 fn mount_cgroups(
    cfd_log: RawFd,
    m: &Mount,
@@ -829,6 +836,7 @@ fn mount_from(
        if !src.is_dir() {
            let _ = OpenOptions::new()
                .create(true)
+                .truncate(true)
                .write(true)
                .open(&dest)
                .map_err(|e| {
--- a/src/agent/src/cdh.rs
+++ b/src/agent/src/cdh.rs
@@ -8,13 +8,15 @@
 // https://github.com/confidential-containers/guest-components/tree/main/confidential-data-hub

 use crate::AGENT_CONFIG;
-use crate::CDH_SOCKET_URI;
-use anyhow::{Context, Result};
+use anyhow::{bail, Context, Result};
 use derivative::Derivative;
 use protocols::{
    confidential_data_hub, confidential_data_hub_ttrpc_async,
    confidential_data_hub_ttrpc_async::{SealedSecretServiceClient, SecureMountServiceClient},
 };
+use std::fs;
+use std::os::unix::fs::symlink;
+use std::path::Path;
 use tokio::sync::OnceCell;

 // Nanoseconds
@@ -22,8 +24,14 @@ lazy_static! {
    static ref CDH_API_TIMEOUT: i64 = AGENT_CONFIG.cdh_api_timeout.as_nanos() as i64;
    pub static ref CDH_CLIENT: OnceCell<CDHClient> = OnceCell::new();
 }
+
 const SEALED_SECRET_PREFIX: &str = "sealed.";

+// Convenience function to obtain the scope logger.
+fn sl() -> slog::Logger {
+    slog_scope::logger().new(o!("subsystem" => "cdh"))
+}
+
 #[derive(Derivative)]
 #[derivative(Clone, Debug)]
 pub struct CDHClient {
@@ -34,8 +42,8 @@ pub struct CDHClient {
 }

 impl CDHClient {
-    pub fn new() -> Result<Self> {
-        let client = ttrpc::asynchronous::Client::connect(CDH_SOCKET_URI)?;
+    pub fn new(cdh_socket_uri: &str) -> Result<Self> {
+        let client = ttrpc::asynchronous::Client::connect(cdh_socket_uri)?;
        let sealed_secret_client =
            confidential_data_hub_ttrpc_async::SealedSecretServiceClient::new(client.clone());
        let secure_mount_client =
@@ -78,9 +86,11 @@ impl CDHClient {
    }
 }

-pub async fn init_cdh_client() -> Result<()> {
+pub async fn init_cdh_client(cdh_socket_uri: &str) -> Result<()> {
    CDH_CLIENT
-        .get_or_try_init(|| async { CDHClient::new().context("Failed to create CDH Client") })
+        .get_or_try_init(|| async {
+            CDHClient::new(cdh_socket_uri).context("Failed to create CDH Client")
+        })
        .await?;
    Ok(())
 }
@@ -106,6 +116,74 @@ pub async fn unseal_env(env: &str) -> Result<String> {
    Ok((*env.to_owned()).to_string())
 }

+pub async fn unseal_file(path: &str) -> Result<()> {
+    let cdh_client = CDH_CLIENT
+        .get()
+        .expect("Confidential Data Hub not initialized");
+
+    if !Path::new(path).exists() {
+        bail!("sealed secret file {:?} does not exist", path);
+    }
+
+    // Iterate over all entries to handle the sealed secret file.
+    // For example, the directory is as follows:
+    // The secret directory in the guest: /run/kata-containers/shared/containers/21bbf0d932b70263d65d7052ecfd72ee46de03f766650cb378e93852ddb30a54-5063be11b6800f96-sealed-secret-target/:
+    // - ..2024_09_30_02_55_58.2237819815
+    // - ..data -> ..2024_09_30_02_55_58.2237819815
+    // - secret -> ..2024_09_30_02_55_58.2237819815/secret
+    //
+    // The directory "..2024_09_30_02_55_58.2237819815":
+    // - secret
+    for entry in fs::read_dir(path)? {
+        let entry = entry?;
+        let entry_type = entry.file_type()?;
+        if !entry_type.is_symlink() && !entry_type.is_file() {
+            debug!(
+                sl(),
+                "skipping sealed source entry {:?} because its file type is {:?}",
+                entry,
+                entry_type
+            );
+            continue;
+        }
+
+        let target_path = fs::canonicalize(entry.path())?;
+        info!(sl(), "sealed source entry target path: {:?}", target_path);
+
+        // Skip if the target path is not a file (e.g., it's a symlink pointing to the secret file).
+        if !target_path.is_file() {
+            debug!(sl(), "sealed source is not a file: {:?}", target_path);
+            continue;
+        }
+
+        let secret_name = entry.file_name();
+        let contents = fs::read_to_string(&target_path)?;
+        if contents.starts_with(SEALED_SECRET_PREFIX) {
+            // Get the directory name of the sealed secret file
+            let dir_name = target_path
+                .parent()
+                .and_then(|p| p.file_name())
+                .map(|name| name.to_string_lossy().to_string())
+                .unwrap_or_default();
+
+            // Create the unsealed file name in the same directory, which will be written the unsealed data.
+            let unsealed_filename = format!("{}.unsealed", target_path.to_string_lossy());
+            // Create the unsealed file symlink, which is used for reading the unsealed data in the container.
+            let unsealed_filename_symlink =
+                format!("{}/{}.unsealed", dir_name, secret_name.to_string_lossy());
+
+            // Unseal the secret and write it to the unsealed file
+            let unsealed_value = cdh_client.unseal_secret_async(&contents).await?;
+            fs::write(&unsealed_filename, unsealed_value)?;
+
+            // Remove the original sealed symlink and create a symlink to the unsealed file
+            fs::remove_file(entry.path())?;
+            symlink(unsealed_filename_symlink, entry.path())?;
+        }
+    }
+    Ok(())
+}
+
 pub async fn secure_mount(
    volume_type: &str,
    options: &std::collections::HashMap<String, String>,
@@ -123,17 +201,15 @@ pub async fn secure_mount(
 }

 #[cfg(test)]
-#[cfg(feature = "sealed-secret")]
 mod tests {
-    use crate::cdh::CDHClient;
-    use crate::cdh::CDH_ADDR;
-    use anyhow::anyhow;
+    use super::*;
    use async_trait::async_trait;
-    use protocols::{confidential_data_hub, confidential_data_hub_ttrpc_async};
+    use std::fs::File;
+    use std::io::{Read, Write};
    use std::sync::Arc;
+    use tempfile::tempdir;
    use test_utils::skip_if_not_root;
    use tokio::signal::unix::{signal, SignalKind};
-
    struct TestService;

    #[async_trait]
@@ -161,17 +237,17 @@ mod tests {
        Ok(())
    }

-    fn start_ttrpc_server() {
+    fn start_ttrpc_server(cdh_socket_uri: String) {
        tokio::spawn(async move {
            let ss = Box::new(TestService {})
                as Box<dyn confidential_data_hub_ttrpc_async::SealedSecretService + Send + Sync>;
            let ss = Arc::new(ss);
            let ss_service = confidential_data_hub_ttrpc_async::create_sealed_secret_service(ss);

-            remove_if_sock_exist(CDH_ADDR).unwrap();
+            remove_if_sock_exist(&cdh_socket_uri).unwrap();

            let mut server = ttrpc::asynchronous::Server::new()
-                .bind(CDH_ADDR)
+                .bind(&cdh_socket_uri)
                .unwrap()
                .register_service(ss_service);

@@ -187,23 +263,58 @@ mod tests {
    }

    #[tokio::test]
-    async fn test_unseal_env() {
+    async fn test_sealed_secret() {
        skip_if_not_root!();
+        let test_dir = tempdir().expect("failed to create tmpdir");
+        let test_dir_path = test_dir.path();
+        let cdh_sock_uri = &format!(
+            "unix://{}",
+            test_dir_path.join("cdh.sock").to_str().unwrap()
+        );

        let rt = tokio::runtime::Runtime::new().unwrap();
        let _guard = rt.enter();
-        start_ttrpc_server();
+        start_ttrpc_server(cdh_sock_uri.to_string());
        std::thread::sleep(std::time::Duration::from_secs(2));
+        init_cdh_client(cdh_sock_uri).await.unwrap();

-        let cc = Some(CDHClient::new().unwrap());
-        let cdh_client = cc.as_ref().ok_or(anyhow!("get cdh_client failed")).unwrap();
+        // Test sealed secret as env vars
        let sealed_env = String::from("key=sealed.testdata");
-        let unsealed_env = cdh_client.unseal_env(&sealed_env).await.unwrap();
+        let unsealed_env = unseal_env(&sealed_env).await.unwrap();
        assert_eq!(unsealed_env, String::from("key=unsealed"));
        let normal_env = String::from("key=testdata");
-        let unchanged_env = cdh_client.unseal_env(&normal_env).await.unwrap();
+        let unchanged_env = unseal_env(&normal_env).await.unwrap();
        assert_eq!(unchanged_env, String::from("key=testdata"));

+        // Test sealed secret as files
+        let sealed_dir = test_dir_path.join("..test");
+        fs::create_dir(&sealed_dir).unwrap();
+        let sealed_filename = sealed_dir.join("secret");
+        let mut sealed_file = File::create(sealed_filename.clone()).unwrap();
+        sealed_file.write_all(b"sealed.testdata").unwrap();
+        let secret_symlink = test_dir_path.join("secret");
+        symlink(&sealed_filename, &secret_symlink).unwrap();
+
+        unseal_file(test_dir_path.to_str().unwrap()).await.unwrap();
+
+        let unsealed_filename = test_dir_path.join("secret");
+        let mut unsealed_file = File::open(unsealed_filename.clone()).unwrap();
+        let mut contents = String::new();
+        unsealed_file.read_to_string(&mut contents).unwrap();
+        assert_eq!(contents, String::from("unsealed"));
+        fs::remove_file(sealed_filename).unwrap();
+        fs::remove_file(unsealed_filename).unwrap();
+
+        let normal_filename = test_dir_path.join("secret");
+        let mut normal_file = File::create(normal_filename.clone()).unwrap();
+        normal_file.write_all(b"testdata").unwrap();
+        unseal_file(test_dir_path.to_str().unwrap()).await.unwrap();
+        let mut contents = String::new();
+        let mut normal_file = File::open(normal_filename.clone()).unwrap();
+        normal_file.read_to_string(&mut contents).unwrap();
+        assert_eq!(contents, String::from("testdata"));
+        fs::remove_file(normal_filename).unwrap();
+
        rt.shutdown_background();
        std::thread::sleep(std::time::Duration::from_secs(2));
    }
--- a/src/agent/src/config.rs
+++ b/src/agent/src/config.rs
--- a/src/agent/src/device/mod.rs
+++ b/src/agent/src/device/mod.rs
@@ -11,6 +11,9 @@ use self::vfio_device_handler::{VfioApDeviceHandler, VfioPciDeviceHandler};
 use crate::pci;
 use crate::sandbox::Sandbox;
 use anyhow::{anyhow, Context, Result};
+use cdi::annotations::parse_annotations;
+use cdi::cache::{new_cache, with_auto_refresh, CdiOption};
+use cdi::spec_dirs::with_spec_dirs;
 use kata_types::device::DeviceHandlerManager;
 use nix::sys::stat;
 use oci::{LinuxDeviceCgroup, Spec};
@@ -25,6 +28,8 @@ use std::path::PathBuf;
 use std::str::FromStr;
 use std::sync::Arc;
 use tokio::sync::Mutex;
+use tokio::time;
+use tokio::time::Duration;
 use tracing::instrument;

 pub mod block_device_handler;
@@ -238,6 +243,74 @@ pub async fn add_devices(
    update_spec_devices(logger, spec, dev_updates)
 }

+#[instrument]
+pub async fn handle_cdi_devices(
+    logger: &Logger,
+    spec: &mut Spec,
+    spec_dir: &str,
+    cdi_timeout: time::Duration,
+) -> Result<()> {
+    if let Some(container_type) = spec
+        .annotations()
+        .as_ref()
+        .and_then(|a| a.get("io.katacontainers.pkg.oci.container_type"))
+    {
+        if container_type == "pod_sandbox" {
+            return Ok(());
+        }
+    }
+
+    let (_, devices) = parse_annotations(spec.annotations().as_ref().unwrap())?;
+
+    if devices.is_empty() {
+        info!(logger, "no CDI annotations, no devices to inject");
+        return Ok(());
+    }
+    // Explicitly set the cache options to disable auto-refresh and
+    // to use the single spec dir "/var/run/cdi" for tests it can be overridden
+    let options: Vec<CdiOption> = vec![with_auto_refresh(false), with_spec_dirs(&[spec_dir])];
+    let cache: Arc<std::sync::Mutex<cdi::cache::Cache>> = new_cache(options);
+
+    for i in 0..=cdi_timeout.as_secs() {
+        let inject_result = {
+            // Lock cache within this scope, std::sync::Mutex has no Send
+            // and await will not work with time::sleep
+            let mut cache = cache.lock().unwrap();
+            match cache.refresh() {
+                Ok(_) => {}
+                Err(e) => {
+                    return Err(anyhow!("error refreshing cache: {:?}", e));
+                }
+            }
+            cache.inject_devices(Some(spec), devices.clone())
+        };
+
+        match inject_result {
+            Ok(_) => {
+                info!(
+                    logger,
+                    "all devices injected successfully, modified CDI container spec: {:?}", &spec
+                );
+                return Ok(());
+            }
+            Err(e) => {
+                info!(
+                    logger,
+                    "waiting for CDI spec(s) to be generated ({} of {} max tries) {:?}",
+                    i,
+                    cdi_timeout.as_secs(),
+                    e
+                );
+            }
+        }
+        time::sleep(Duration::from_secs(1)).await;
+    }
+    Err(anyhow!(
+        "failed to inject devices after CDI timeout of {} seconds",
+        cdi_timeout.as_secs()
+    ))
+}
+
 #[instrument]
 async fn validate_device(
    logger: &Logger,
@@ -1110,4 +1183,101 @@ mod tests {
        assert!(name.is_ok(), "{}", name.unwrap_err());
        assert_eq!(name.unwrap(), devname);
    }
+
+    #[tokio::test]
+    async fn test_handle_cdi_devices() {
+        let logger = slog::Logger::root(slog::Discard, o!());
+        let mut spec = Spec::default();
+
+        let mut annotations = HashMap::new();
+        // cdi.k8s.io/vendor1_devices: vendor1.com/device=foo
+        annotations.insert(
+            "cdi.k8s.io/vfio17".to_string(),
+            "kata.com/gpu=0".to_string(),
+        );
+        spec.set_annotations(Some(annotations));
+
+        let temp_dir = tempdir().expect("Failed to create temporary directory");
+        let cdi_file = temp_dir.path().join("kata.json");
+
+        let cdi_version = "0.6.0";
+        let kind = "kata.com/gpu";
+        let device_name = "0";
+        let annotation_whatever = "false";
+        let annotation_whenever = "true";
+        let inner_env = "TEST_INNER_ENV=TEST_INNER_ENV_VALUE";
+        let outer_env = "TEST_OUTER_ENV=TEST_OUTER_ENV_VALUE";
+        let inner_device = "/dev/zero";
+        let outer_device = "/dev/null";
+
+        let cdi_content = format!(
+            r#"{{
+            "cdiVersion": "{cdi_version}",
+            "kind": "{kind}",
+            "devices": [
+                {{
+                    "name": "{device_name}",
+                    "annotations": {{
+                        "whatever": "{annotation_whatever}",
+                        "whenever": "{annotation_whenever}"
+                    }},
+                    "containerEdits": {{
+                        "env": [
+                            "{inner_env}"
+                        ],
+                        "deviceNodes": [
+                            {{
+                                "path": "{inner_device}"
+                            }}
+                        ]
+                    }}
+                }}
+            ],
+            "containerEdits": {{
+                "env": [
+                    "{outer_env}"
+                ],
+                "deviceNodes": [
+                    {{
+                        "path": "{outer_device}"
+                    }}
+                ]
+            }}
+        }}"#
+        );
+
+        fs::write(&cdi_file, cdi_content).expect("Failed to write CDI file");
+
+        let cdi_timeout = Duration::from_secs(0);
+
+        let res = handle_cdi_devices(
+            &logger,
+            &mut spec,
+            temp_dir.path().to_str().unwrap(),
+            cdi_timeout,
+        )
+        .await;
+        println!("modfied spec {:?}", spec);
+        assert!(res.is_ok(), "{}", res.err().unwrap());
+
+        let linux = spec.linux().as_ref().unwrap();
+        let devices = linux
+            .resources()
+            .as_ref()
+            .unwrap()
+            .devices()
+            .as_ref()
+            .unwrap();
+        assert_eq!(devices.len(), 2);
+
+        let env = spec.process().as_ref().unwrap().env().as_ref().unwrap();
+
+        // find string TEST_OUTER_ENV in env
+        let outer_env = env.iter().find(|e| e.starts_with("TEST_OUTER_ENV"));
+        assert!(outer_env.is_some(), "TEST_OUTER_ENV not found in env");
+
+        // find TEST_INNER_ENV in env
+        let inner_env = env.iter().find(|e| e.starts_with("TEST_INNER_ENV"));
+        assert!(inner_env.is_some(), "TEST_INNER_ENV not found in env");
+    }
 }
--- a/src/agent/src/device/vfio_device_handler.rs
+++ b/src/agent/src/device/vfio_device_handler.rs
@@ -12,7 +12,9 @@ use crate::pci;
 use crate::sandbox::Sandbox;
 use crate::uevent::{wait_for_uevent, Uevent, UeventMatcher};
 use anyhow::{anyhow, Context, Result};
-use kata_types::device::{DRIVER_VFIO_AP_TYPE, DRIVER_VFIO_PCI_GK_TYPE, DRIVER_VFIO_PCI_TYPE};
+use kata_types::device::{
+    DRIVER_VFIO_AP_COLD_TYPE, DRIVER_VFIO_AP_TYPE, DRIVER_VFIO_PCI_GK_TYPE, DRIVER_VFIO_PCI_TYPE,
+};
 use protocols::agent::Device;
 use slog::Logger;
 use std::ffi::OsStr;
@@ -94,7 +96,7 @@ impl DeviceHandler for VfioPciDeviceHandler {
 impl DeviceHandler for VfioApDeviceHandler {
    #[instrument]
    fn driver_types(&self) -> &[&str] {
-        &[DRIVER_VFIO_AP_TYPE]
+        &[DRIVER_VFIO_AP_TYPE, DRIVER_VFIO_AP_COLD_TYPE]
    }

    #[cfg(target_arch = "s390x")]
@@ -103,7 +105,16 @@ impl DeviceHandler for VfioApDeviceHandler {
        // Force AP bus rescan
        fs::write(AP_SCANS_PATH, "1")?;
        for apqn in device.options.iter() {
-            wait_for_ap_device(ctx.sandbox, ap::Address::from_str(apqn)?).await?;
+            let ap_address = ap::Address::from_str(apqn).context("Failed to parse AP address")?;
+            match device.type_.as_str() {
+                DRIVER_VFIO_AP_TYPE => {
+                    wait_for_ap_device(ctx.sandbox, ap_address).await?;
+                }
+                DRIVER_VFIO_AP_COLD_TYPE => {
+                    check_ap_device(ctx.sandbox, ap_address).await?;
+                }
+                _ => return Err(anyhow!("Unsupported AP device type: {}", device.type_)),
+            }
        }
        let dev_update = Some(DevUpdate::new(Z9_CRYPT_DEV_PATH, Z9_CRYPT_DEV_PATH)?);
        Ok(SpecUpdate {
@@ -201,6 +212,37 @@ async fn wait_for_ap_device(sandbox: &Arc<Mutex<Sandbox>>, address: ap::Address)
    Ok(())
 }

+#[cfg(target_arch = "s390x")]
+#[instrument]
+async fn check_ap_device(sandbox: &Arc<Mutex<Sandbox>>, address: ap::Address) -> Result<()> {
+    let ap_path = format!(
+        "/sys/{}/card{:02x}/{}/online",
+        AP_ROOT_BUS_PATH, address.adapter_id, address
+    );
+    if !Path::new(&ap_path).is_file() {
+        return Err(anyhow!(
+            "AP device online file not found or not accessible: {}",
+            ap_path
+        ));
+    }
+    match fs::read_to_string(&ap_path) {
+        Ok(content) => {
+            let is_online = content.trim() == "1";
+            if !is_online {
+                return Err(anyhow!("AP device {} exists but is not online", address));
+            }
+        }
+        Err(e) => {
+            return Err(anyhow!(
+                "Failed to read online status for AP device {}: {}",
+                address,
+                e
+            ));
+        }
+    }
+    Ok(())
+}
+
 pub async fn wait_for_pci_device(
    sandbox: &Arc<Mutex<Sandbox>>,
    pcipath: &pci::Path,
--- a/src/agent/src/image.rs
+++ b/src/agent/src/image.rs
@@ -9,10 +9,11 @@ use safe_path::scoped_join;
 use std::collections::HashMap;
 use std::env;
 use std::fs;
-use std::path::{Path, PathBuf};
+use std::path::Path;
 use std::sync::Arc;

 use anyhow::{anyhow, bail, Context, Result};
+use image_rs::builder::ClientBuilder;
 use image_rs::image::ImageClient;
 use kata_sys_util::validate::verify_id;
 use oci_spec::runtime as oci;
@@ -21,6 +22,9 @@ use tokio::sync::Mutex;
 use crate::rpc::CONTAINER_BASE;
 use crate::AGENT_CONFIG;

+use kata_types::mount::KATA_VIRTUAL_VOLUME_IMAGE_GUEST_PULL;
+use protocols::agent::Storage;
+
 pub const KATA_IMAGE_WORK_DIR: &str = "/run/kata-containers/image/";
 const CONFIG_JSON: &str = "config.json";
 const KATA_PAUSE_BUNDLE: &str = "/pause_bundle";
@@ -54,15 +58,16 @@ pub struct ImageService {
 }

 impl ImageService {
-    pub fn new() -> Self {
-        let mut image_client = ImageClient::new(PathBuf::from(KATA_IMAGE_WORK_DIR));
+    pub async fn new() -> Result<Self> {
+        let mut image_client_builder =
+            ClientBuilder::default().work_dir(KATA_IMAGE_WORK_DIR.into());
        #[cfg(feature = "guest-pull")]
        {
            if !AGENT_CONFIG.image_registry_auth.is_empty() {
                let registry_auth = &AGENT_CONFIG.image_registry_auth;
                debug!(sl(), "Set registry auth file {:?}", registry_auth);
-                image_client.config.file_paths.auth_file = registry_auth.clone();
-                image_client.config.auth = true;
+                image_client_builder = image_client_builder
+                    .authenticated_registry_credentials_uri(registry_auth.into());
            }

            let enable_signature_verification = &AGENT_CONFIG.enable_signature_verification;
@@ -70,15 +75,37 @@ impl ImageService {
                sl(),
                "Enable image signature verification: {:?}", enable_signature_verification
            );
-            image_client.config.security_validate = *enable_signature_verification;
-
-            if !AGENT_CONFIG.image_policy_file.is_empty() {
+            if !AGENT_CONFIG.image_policy_file.is_empty() && *enable_signature_verification {
                let image_policy_file = &AGENT_CONFIG.image_policy_file;
-                debug!(sl(), "Use imagepolicy file {:?}", image_policy_file);
-                image_client.config.file_paths.policy_path = image_policy_file.clone();
+                debug!(sl(), "Use image policy file {:?}", image_policy_file);
+                image_client_builder =
+                    image_client_builder.image_security_policy_uri(image_policy_file.into());
            }
        }
-        Self { image_client }
+        let image_client = image_client_builder.build().await?;
+        Ok(Self { image_client })
+    }
+
+    /// get guest pause image process specification
+    fn get_pause_image_process() -> Result<oci::Process> {
+        let guest_pause_bundle = Path::new(KATA_PAUSE_BUNDLE);
+        if !guest_pause_bundle.exists() {
+            bail!("Pause image not present in rootfs");
+        }
+        let guest_pause_config = scoped_join(guest_pause_bundle, CONFIG_JSON)?;
+
+        let image_oci = oci::Spec::load(guest_pause_config.to_str().ok_or_else(|| {
+            anyhow!(
+                "Failed to load the guest pause image config from {:?}",
+                guest_pause_config
+            )
+        })?)
+        .context("load image config file")?;
+
+        let image_oci_process = image_oci.process().as_ref().ok_or_else(|| {
+            anyhow!("The guest pause image config does not contain a process specification. Please check the pause image.")
+        })?;
+        Ok(image_oci_process.clone())
    }

    /// pause image is packaged in rootfs
@@ -132,6 +159,20 @@ impl ImageService {
        Ok(pause_rootfs.display().to_string())
    }

+    /// check whether the image is for sandbox or for container.
+    fn is_sandbox(image_metadata: &HashMap<String, String>) -> bool {
+        let mut is_sandbox = false;
+        for key in K8S_CONTAINER_TYPE_KEYS.iter() {
+            if let Some(value) = image_metadata.get(key as &str) {
+                if value == "sandbox" {
+                    is_sandbox = true;
+                    break;
+                }
+            }
+        }
+        is_sandbox
+    }
+
    /// pull_image is used for call image-rs to pull image in the guest.
    /// # Parameters
    /// - `image`: Image name (exp: quay.io/prometheus/busybox:latest)
@@ -147,18 +188,7 @@ impl ImageService {
    ) -> Result<String> {
        info!(sl(), "image metadata: {image_metadata:?}");

-        //Check whether the image is for sandbox or for container.
-        let mut is_sandbox = false;
-        for key in K8S_CONTAINER_TYPE_KEYS.iter() {
-            if let Some(value) = image_metadata.get(key as &str) {
-                if value == "sandbox" {
-                    is_sandbox = true;
-                    break;
-                }
-            }
-        }
-
-        if is_sandbox {
+        if Self::is_sandbox(image_metadata) {
            let mount_path = Self::unpack_pause_image(cid)?;
            return Ok(mount_path);
        }
@@ -194,6 +224,32 @@ impl ImageService {
    }
 }

+/// get_process overrides the OCI process spec with pause image process spec if needed
+pub fn get_process(
+    ocip: &oci::Process,
+    oci: &oci::Spec,
+    storages: Vec<Storage>,
+) -> Result<oci::Process> {
+    let mut guest_pull = false;
+    for storage in storages {
+        if storage.driver == KATA_VIRTUAL_VOLUME_IMAGE_GUEST_PULL {
+            guest_pull = true;
+            break;
+        }
+    }
+    if guest_pull {
+        match oci.annotations() {
+            Some(a) => {
+                if ImageService::is_sandbox(a) {
+                    return ImageService::get_pause_image_process();
+                }
+            }
+            None => {}
+        }
+    }
+    Ok(ocip.clone())
+}
+
 /// Set proxy environment from AGENT_CONFIG
 pub async fn set_proxy_env_vars() {
    if env::var("HTTPS_PROXY").is_err() {
@@ -222,9 +278,10 @@ pub async fn set_proxy_env_vars() {
 }

 /// Init the image service
-pub async fn init_image_service() {
-    let image_service = ImageService::new();
+pub async fn init_image_service() -> Result<()> {
+    let image_service = ImageService::new().await?;
    *IMAGE_SERVICE.lock().await = Some(image_service);
+    Ok(())
 }

 pub async fn pull_image(
--- a/src/agent/src/linux_abi.rs
+++ b/src/agent/src/linux_abi.rs
@@ -12,7 +12,7 @@ use std::fs;

 pub const SYSFS_DIR: &str = "/sys";
 #[cfg(any(
-    target_arch = "powerpc64",
+    all(target_arch = "powerpc64", target_endian = "little"),
    target_arch = "s390x",
    target_arch = "x86_64",
    target_arch = "x86"
--- a/src/agent/src/main.rs
+++ b/src/agent/src/main.rs
@@ -21,7 +21,7 @@ extern crate slog;
 use anyhow::{anyhow, Context, Result};
 use cfg_if::cfg_if;
 use clap::{AppSettings, Parser};
-use const_format::concatcp;
+use const_format::{concatcp, formatcp};
 use nix::fcntl::OFlag;
 use nix::sys::reboot::{reboot, RebootMode};
 use nix::sys::socket::{self, AddressFamily, SockFlag, SockType, VsockAddr};
@@ -29,7 +29,7 @@ use nix::unistd::{self, dup, sync, Pid};
 use std::env;
 use std::ffi::OsStr;
 use std::fs::{self, File};
-use std::os::unix::fs as unixfs;
+use std::os::unix::fs::{self as unixfs, FileTypeExt};
 use std::os::unix::io::AsRawFd;
 use std::path::Path;
 use std::process::exit;
@@ -109,7 +109,18 @@ const CDH_SOCKET_URI: &str = concatcp!(UNIX_SOCKET_PREFIX, CDH_SOCKET);
 const API_SERVER_PATH: &str = "/usr/local/bin/api-server-rest";

 /// Path of ocicrypt config file. This is used by image-rs when decrypting image.
-const OCICRYPT_CONFIG_PATH: &str = "/tmp/ocicrypt_config.json";
+const OCICRYPT_CONFIG_PATH: &str = "/run/confidential-containers/ocicrypt_config.json";
+
+const OCICRYPT_CONFIG: &str = formatcp!(
+    r#"{{
+    "key-providers": {{
+        "attestation-agent": {{
+            "ttrpc": "{}"
+        }}
+    }}
+}}"#,
+    CDH_SOCKET_URI
+);

 const DEFAULT_LAUNCH_PROCESS_TIMEOUT: i32 = 6;

@@ -123,7 +134,7 @@ lazy_static! {

 #[cfg(feature = "agent-policy")]
 lazy_static! {
-    static ref AGENT_POLICY: Mutex<policy::AgentPolicy> = Mutex::new(AgentPolicy::new());
+    static ref AGENT_POLICY: Mutex<AgentPolicy> = Mutex::new(AgentPolicy::new());
 }

 #[derive(Parser)]
@@ -217,8 +228,9 @@ async fn real_main(init_mode: bool) -> std::result::Result<(), Box<dyn std::erro
        })?;

        lazy_static::initialize(&AGENT_CONFIG);
+        let cgroup_v2 = AGENT_CONFIG.unified_cgroup_hierarchy || AGENT_CONFIG.cgroup_no_v1 == "all";

-        init_agent_as_init(&logger, AGENT_CONFIG.unified_cgroup_hierarchy)?;
+        init_agent_as_init(&logger, cgroup_v2)?;
        drop(logger_async_guard);
    } else {
        lazy_static::initialize(&AGENT_CONFIG);
@@ -408,19 +420,32 @@ async fn start_sandbox(
    sandbox.lock().await.sender = Some(tx);

    let gc_procs = config.guest_components_procs;
-    if gc_procs != GuestComponentsProcs::None {
-        if !attestation_binaries_available(logger, &gc_procs) {
-            warn!(
-                logger,
-                "attestation binaries requested for launch not available"
-            );
-        } else {
-            init_attestation_components(logger, config).await?;
-        }
+    if !attestation_binaries_available(logger, &gc_procs) {
+        warn!(
+            logger,
+            "attestation binaries requested for launch not available"
+        );
+    } else {
+        init_attestation_components(logger, config).await?;
+    }
+
+    let mut oma = None;
+    let mut _ort = None;
+    if let Some(c) = &config.mem_agent {
+        let (ma, rt) =
+            mem_agent::agent::MemAgent::new(c.memcg_config.clone(), c.compact_config.clone())
+                .map_err(|e| {
+                    error!(logger, "MemAgent::new fail: {}", e);
+                    e
+                })
+                .context("start mem-agent")?;
+        oma = Some(ma);
+        _ort = Some(rt);
    }

    // vsock:///dev/vsock, port
-    let mut server = rpc::start(sandbox.clone(), config.server_addr.as_str(), init_mode).await?;
+    let mut server =
+        rpc::start(sandbox.clone(), config.server_addr.as_str(), init_mode, oma).await?;

    server.start().await?;

@@ -447,12 +472,7 @@ fn attestation_binaries_available(logger: &Logger, procs: &GuestComponentsProcs)
    true
 }

-// Start-up attestation-agent, CDH and api-server-rest if they are packaged in the rootfs
-// and the corresponding procs are enabled in the agent configuration. the process will be
-// launched in the background and the function will return immediately.
-// If the CDH is started, a CDH client will be instantiated and returned.
-async fn init_attestation_components(logger: &Logger, config: &AgentConfig) -> Result<()> {
-    // skip launch of any guest-component
+async fn launch_guest_component_procs(logger: &Logger, config: &AgentConfig) -> Result<()> {
    if config.guest_components_procs == GuestComponentsProcs::None {
        return Ok(());
    }
@@ -472,17 +492,6 @@ async fn init_attestation_components(logger: &Logger, config: &AgentConfig) -> R
        return Ok(());
    }

-    let ocicrypt_config = serde_json::json!({
-        "key-providers": {
-            "attestation-agent":{
-                "ttrpc":CDH_SOCKET_URI
-            }
-        }
-    });
-
-    fs::write(OCICRYPT_CONFIG_PATH, ocicrypt_config.to_string().as_bytes())?;
-    env::set_var("OCICRYPT_KEYPROVIDER_CONFIG", OCICRYPT_CONFIG_PATH);
-
    debug!(
        logger,
        "spawning confidential-data-hub process {}", CDH_PATH
@@ -497,9 +506,6 @@ async fn init_attestation_components(logger: &Logger, config: &AgentConfig) -> R
    )
    .map_err(|e| anyhow!("launch_process {} failed: {:?}", CDH_PATH, e))?;

-    // initialize cdh client
-    cdh::init_cdh_client().await?;
-
    // skip launch of api-server-rest
    if config.guest_components_procs == GuestComponentsProcs::ConfidentialDataHub {
        return Ok(());
@@ -522,6 +528,33 @@ async fn init_attestation_components(logger: &Logger, config: &AgentConfig) -> R
    Ok(())
 }

+// Start-up attestation-agent, CDH and api-server-rest if they are packaged in the rootfs
+// and the corresponding procs are enabled in the agent configuration. the process will be
+// launched in the background and the function will return immediately.
+// If the CDH is started, a CDH client will be instantiated and returned.
+async fn init_attestation_components(logger: &Logger, config: &AgentConfig) -> Result<()> {
+    launch_guest_component_procs(logger, config).await?;
+
+    // If a CDH socket exists, initialize the CDH client and enable ocicrypt
+    match tokio::fs::metadata(CDH_SOCKET).await {
+        Ok(md) => {
+            if md.file_type().is_socket() {
+                cdh::init_cdh_client(CDH_SOCKET_URI).await?;
+                fs::write(OCICRYPT_CONFIG_PATH, OCICRYPT_CONFIG.as_bytes())?;
+                env::set_var("OCICRYPT_KEYPROVIDER_CONFIG", OCICRYPT_CONFIG_PATH);
+            } else {
+                debug!(logger, "File {} is not a socket", CDH_SOCKET);
+            }
+        }
+        Err(err) => warn!(
+            logger,
+            "Failed to probe CDH socket file {}: {:?}", CDH_SOCKET, err
+        ),
+    }
+
+    Ok(())
+}
+
 fn wait_for_path_to_exist(logger: &Logger, path: &str, timeout_secs: i32) -> Result<()> {
    let p = Path::new(path);
    let mut attempts = 0;
@@ -600,7 +633,15 @@ fn init_agent_as_init(logger: &Logger, unified_cgroup_hierarchy: bool) -> Result

 #[cfg(feature = "agent-policy")]
 async fn initialize_policy() -> Result<()> {
-    AGENT_POLICY.lock().await.initialize().await
+    AGENT_POLICY
+        .lock()
+        .await
+        .initialize(
+            AGENT_CONFIG.log_level.as_usize(),
+            AGENT_CONFIG.policy_file.clone(),
+            None,
+        )
+        .await
 }

 // The Rust standard library had suppressed the default SIGPIPE behavior,
@@ -618,7 +659,7 @@ use crate::config::AgentConfig;
 use std::os::unix::io::{FromRawFd, RawFd};

 #[cfg(feature = "agent-policy")]
-use crate::policy::AgentPolicy;
+use kata_agent_policy::policy::AgentPolicy;

 #[cfg(test)]
 mod tests {
--- a/src/agent/src/mount.rs
+++ b/src/agent/src/mount.rs
@@ -299,7 +299,13 @@ pub fn cgroups_mount(logger: &Logger, unified_cgroup_hierarchy: bool) -> Result<

    // Enable memory hierarchical account.
    // For more information see https://www.kernel.org/doc/Documentation/cgroup-v1/memory.txt
-    online_device("/sys/fs/cgroup/memory/memory.use_hierarchy")
+    // cgroupsV2 will automatically enable memory.use_hierarchy.
+    // additinoally this directory layout is not present in cgroupsV2.
+    if !unified_cgroup_hierarchy {
+        return online_device("/sys/fs/cgroup/memory/memory.use_hierarchy");
+    }
+
+    Ok(())
 }

 #[instrument]
@@ -531,6 +537,7 @@ mod tests {

        OpenOptions::new()
            .create(true)
+            .truncate(true)
            .write(true)
            .open(test_file_filename)
            .expect("failed to create test file");
--- a/src/agent/src/netlink.rs
+++ b/src/agent/src/netlink.rs
@@ -1079,8 +1079,8 @@ mod tests {
            .expect("failed to show neigh")
            .stdout;

-        let stdout = std::str::from_utf8(&stdout).expect("failed to conveert stdout");
-        assert_eq!(stdout, format!("{} lladdr {} PERMANENT\n", to_ip, mac));
+        let stdout = std::str::from_utf8(&stdout).expect("failed to convert stdout");
+        assert_eq!(stdout.trim(), format!("{} lladdr {} PERMANENT", to_ip, mac));

        clean_env_for_test_add_one_arp_neighbor(dummy_name, to_ip);
    }
--- a/src/agent/src/policy.rs
+++ b/src/agent/src/policy.rs
@@ -3,22 +3,11 @@
 // SPDX-License-Identifier: Apache-2.0
 //

-use anyhow::Result;
 use protobuf::MessageDyn;
-use tokio::io::AsyncWriteExt;

 use crate::rpc::ttrpc_error;
-use crate::{AGENT_CONFIG, AGENT_POLICY};
-
-static POLICY_LOG_FILE: &str = "/tmp/policy.txt";
-static POLICY_DEFAULT_FILE: &str = "/etc/kata-opa/default-policy.rego";
-
-/// Convenience macro to obtain the scope logger
-macro_rules! sl {
-    () => {
-        slog_scope::logger()
-    };
-}
+use crate::AGENT_POLICY;
+use kata_agent_policy::policy::AgentPolicy;

 async fn allow_request(policy: &mut AgentPolicy, ep: &str, request: &str) -> ttrpc::Result<()> {
    match policy.allow_request(ep, request).await {
@@ -54,141 +43,3 @@ pub async fn do_set_policy(req: &protocols::agent::SetPolicyRequest) -> ttrpc::R
        .await
        .map_err(|e| ttrpc_error(ttrpc::Code::INVALID_ARGUMENT, e))
 }
-
-/// Singleton policy object.
-#[derive(Debug, Default)]
-pub struct AgentPolicy {
-    /// When true policy errors are ignored, for debug purposes.
-    allow_failures: bool,
-
-    /// "/tmp/policy.txt" log file for policy activity.
-    log_file: Option<tokio::fs::File>,
-
-    /// Regorus engine
-    engine: regorus::Engine,
-}
-
-impl AgentPolicy {
-    /// Create AgentPolicy object.
-    pub fn new() -> Self {
-        Self {
-            allow_failures: false,
-            engine: Self::new_engine(),
-            ..Default::default()
-        }
-    }
-
-    fn new_engine() -> regorus::Engine {
-        let mut engine = regorus::Engine::new();
-        engine.set_strict_builtin_errors(false);
-        engine.set_gather_prints(true);
-        engine
-    }
-
-    /// Initialize regorus.
-    pub async fn initialize(&mut self) -> Result<()> {
-        if AGENT_CONFIG.log_level.as_usize() >= slog::Level::Debug.as_usize() {
-            self.log_file = Some(
-                tokio::fs::OpenOptions::new()
-                    .write(true)
-                    .truncate(true)
-                    .create(true)
-                    .open(POLICY_LOG_FILE)
-                    .await?,
-            );
-            debug!(sl!(), "policy: log file: {}", POLICY_LOG_FILE);
-        }
-
-        // Check if policy file has been set via AgentConfig
-        // If empty, use default file.
-        let mut default_policy_file = AGENT_CONFIG.policy_file.clone();
-        if default_policy_file.is_empty() {
-            default_policy_file = POLICY_DEFAULT_FILE.to_string();
-        }
-        info!(sl!(), "default policy: {default_policy_file}");
-
-        self.engine.add_policy_from_file(default_policy_file)?;
-        self.update_allow_failures_flag().await?;
-        Ok(())
-    }
-
-    /// Ask regorus if an API call should be allowed or not.
-    async fn allow_request(&mut self, ep: &str, ep_input: &str) -> Result<(bool, String)> {
-        debug!(sl!(), "policy check: {ep}");
-        self.log_eval_input(ep, ep_input).await;
-
-        let query = format!("data.agent_policy.{ep}");
-        self.engine.set_input_json(ep_input)?;
-
-        let mut allow = match self.engine.eval_bool_query(query, false) {
-            Ok(a) => a,
-            Err(e) => {
-                if !self.allow_failures {
-                    return Err(e);
-                }
-                false
-            }
-        };
-
-        if !allow && self.allow_failures {
-            warn!(sl!(), "policy: ignoring error for {ep}");
-            allow = true;
-        }
-
-        let prints = match self.engine.take_prints() {
-            Ok(p) => p.join(" "),
-            Err(e) => format!("Failed to get policy log: {e}"),
-        };
-
-        Ok((allow, prints))
-    }
-
-    /// Replace the Policy in regorus.
-    pub async fn set_policy(&mut self, policy: &str) -> Result<()> {
-        self.engine = Self::new_engine();
-        self.engine
-            .add_policy("agent_policy".to_string(), policy.to_string())?;
-        self.update_allow_failures_flag().await?;
-        Ok(())
-    }
-
-    async fn log_eval_input(&mut self, ep: &str, input: &str) {
-        if let Some(log_file) = &mut self.log_file {
-            match ep {
-                "StatsContainerRequest" | "ReadStreamRequest" | "SetPolicyRequest" => {
-                    // - StatsContainerRequest and ReadStreamRequest are called
-                    //   relatively often, so we're not logging them, to avoid
-                    //   growing this log file too much.
-                    // - Confidential Containers Policy documents are relatively
-                    //   large, so we're not logging them here, for SetPolicyRequest.
-                    //   The Policy text can be obtained directly from the pod YAML.
-                }
-                _ => {
-                    let log_entry = format!("[\"ep\":\"{ep}\",{input}],\n\n");
-
-                    if let Err(e) = log_file.write_all(log_entry.as_bytes()).await {
-                        warn!(sl!(), "policy: log_eval_input: write_all failed: {}", e);
-                    } else if let Err(e) = log_file.flush().await {
-                        warn!(sl!(), "policy: log_eval_input: flush failed: {}", e);
-                    }
-                }
-            }
-        }
-    }
-
-    async fn update_allow_failures_flag(&mut self) -> Result<()> {
-        self.allow_failures = match self.allow_request("AllowRequestsFailingPolicy", "{}").await {
-            Ok((allowed, _prints)) => {
-                if allowed {
-                    warn!(
-                        sl!(),
-                        "policy: AllowRequestsFailingPolicy is enabled - will ignore errors"
-                    );
-                }
-                allowed
-            }
-            Err(_) => false,
-        };
-        Ok(())
-    }
-}
--- a/src/agent/src/random.rs
+++ b/src/agent/src/random.rs
@@ -12,9 +12,9 @@ use std::os::unix::io::{AsRawFd, FromRawFd};
 use tracing::instrument;

 pub const RNGDEV: &str = "/dev/random";
-#[cfg(target_arch = "powerpc64")]
+#[cfg(all(target_arch = "powerpc64", target_endian = "little"))]
 pub const RNDADDTOENTCNT: libc::c_uint = 0x80045201;
-#[cfg(target_arch = "powerpc64")]
+#[cfg(all(target_arch = "powerpc64", target_endian = "little"))]
 pub const RNDRESEEDCRNG: libc::c_int = 0x20005207;
 #[cfg(not(target_arch = "powerpc64"))]
 pub const RNDADDTOENTCNT: libc::c_int = 0x40045201;
--- a/src/agent/src/rpc.rs
+++ b/src/agent/src/rpc.rs
@@ -58,7 +58,7 @@ use rustjail::process::ProcessOperations;
 use crate::cdh;
 use crate::device::block_device_handler::get_virtio_blk_pci_device_name;
 use crate::device::network_device_handler::wait_for_net_interface;
-use crate::device::{add_devices, update_env_pci};
+use crate::device::{add_devices, handle_cdi_devices, update_env_pci};
 use crate::features::get_build_features;
 use crate::image::KATA_IMAGE_WORK_DIR;
 use crate::linux_abi::*;
@@ -179,6 +179,7 @@ impl<T> OptionToTtrpcResult<T> for Option<T> {
 pub struct AgentService {
    sandbox: Arc<Mutex<Sandbox>>,
    init_mode: bool,
+    oma: Option<mem_agent::agent::MemAgent>,
 }

 impl AgentService {
@@ -224,54 +225,16 @@ impl AgentService {
        // cannot predict everything from the caller.
        add_devices(&sl(), &req.devices, &mut oci, &self.sandbox).await?;

-        let process = oci
-            .process_mut()
-            .as_mut()
-            .ok_or_else(|| anyhow!("Spec didn't contain process field"))?;
-        if cdh::is_cdh_client_initialized().await {
-            if let Some(envs) = process.env_mut().as_mut() {
-                for env in envs.iter_mut() {
-                    match cdh::unseal_env(env).await {
-                        Ok(unsealed_env) => *env = unsealed_env.to_string(),
-                        Err(e) => {
-                            warn!(sl(), "Failed to unseal secret: {}", e)
-                        }
-                    }
-                }
-            }
-        }
+        // In guest-kernel mode some devices need extra handling. Taking the
+        // GPU as an example the shim will inject CDI annotations that will
+        // be used by the kata-agent to do containerEdits according to the
+        // CDI spec coming from a registry that is created on the fly by UDEV
+        // or other entities for a specifc device.
+        // In Kata we only consider the directory "/var/run/cdi", "/etc" may be
+        // readonly
+        handle_cdi_devices(&sl(), &mut oci, "/var/run/cdi", AGENT_CONFIG.cdi_timeout).await?;

-        let linux = oci
-            .linux()
-            .as_ref()
-            .ok_or_else(|| anyhow!("Spec didn't contain linux field"))?;
-
-        if cdh::is_cdh_client_initialized().await {
-            if let Some(devices) = linux.devices() {
-                for specdev in devices.iter() {
-                    if specdev.path().as_path().to_str() == Some(TRUSTED_IMAGE_STORAGE_DEVICE) {
-                        let dev_major_minor = format!("{}:{}", specdev.major(), specdev.minor());
-                        let secure_storage_integrity =
-                            AGENT_CONFIG.secure_storage_integrity.to_string();
-                        info!(
-                            sl(),
-                            "trusted_store device major:min {}, enable data integrity {}",
-                            dev_major_minor,
-                            secure_storage_integrity
-                        );
-
-                        let options = std::collections::HashMap::from([
-                            ("deviceId".to_string(), dev_major_minor),
-                            ("encryptType".to_string(), "LUKS".to_string()),
-                            ("dataIntegrity".to_string(), secure_storage_integrity),
-                        ]);
-                        cdh::secure_mount("BlockDevice", &options, vec![], KATA_IMAGE_WORK_DIR)
-                            .await?;
-                        break;
-                    }
-                }
-            }
-        }
+        cdh_handler(&mut oci).await?;

        // Both rootfs and volumes (invoked with --volume for instance) will
        // be processed the same way. The idea is to always mount any provided
@@ -280,7 +243,13 @@ impl AgentService {
        // After all those storages have been processed, no matter the order
        // here, the agent will rely on rustjail (using the oci.Mounts
        // list) to bind mount all of them inside the container.
-        let m = add_storages(sl(), req.storages, &self.sandbox, Some(req.container_id)).await?;
+        let m = add_storages(
+            sl(),
+            req.storages.clone(),
+            &self.sandbox,
+            Some(req.container_id),
+        )
+        .await?;

        let mut s = self.sandbox.lock().await;
        s.container_mounts.insert(cid.clone(), m);
@@ -335,6 +304,13 @@ impl AgentService {
        let pipe_size = AGENT_CONFIG.container_pipe_size;

        let p = if let Some(p) = oci.process() {
+            #[cfg(feature = "guest-pull")]
+            {
+                let new_p = image::get_process(p, &oci, req.storages.clone())?;
+                Process::new(&sl(), &new_p, cid.as_str(), true, pipe_size, proc_io)?
+            }
+
+            #[cfg(not(feature = "guest-pull"))]
            Process::new(&sl(), p, cid.as_str(), true, pipe_size, proc_io)?
        } else {
            info!(sl(), "no process configurations!");
@@ -721,6 +697,37 @@ impl AgentService {
    }
 }

+fn mem_agent_memcgconfig_to_memcg_optionconfig(
+    mc: &protocols::agent::MemAgentMemcgConfig,
+) -> mem_agent::memcg::OptionConfig {
+    mem_agent::memcg::OptionConfig {
+        disabled: mc.disabled,
+        swap: mc.swap,
+        swappiness_max: mc.swappiness_max.map(|x| x as u8),
+        period_secs: mc.period_secs,
+        period_psi_percent_limit: mc.period_psi_percent_limit.map(|x| x as u8),
+        eviction_psi_percent_limit: mc.eviction_psi_percent_limit.map(|x| x as u8),
+        eviction_run_aging_count_min: mc.eviction_run_aging_count_min,
+        ..Default::default()
+    }
+}
+
+fn mem_agent_compactconfig_to_compact_optionconfig(
+    cc: &protocols::agent::MemAgentCompactConfig,
+) -> mem_agent::compact::OptionConfig {
+    mem_agent::compact::OptionConfig {
+        disabled: cc.disabled,
+        period_secs: cc.period_secs,
+        period_psi_percent_limit: cc.period_psi_percent_limit.map(|x| x as u8),
+        compact_psi_percent_limit: cc.compact_psi_percent_limit.map(|x| x as u8),
+        compact_sec_max: cc.compact_sec_max,
+        compact_order: cc.compact_order.map(|x| x as u8),
+        compact_threshold: cc.compact_threshold,
+        compact_force_times: cc.compact_force_times,
+        ..Default::default()
+    }
+}
+
 #[async_trait]
 impl agent_ttrpc::AgentService for AgentService {
    async fn create_container(
@@ -1285,6 +1292,9 @@ impl agent_ttrpc::AgentService for AgentService {
            }
        }

+        #[cfg(feature = "guest-pull")]
+        image::init_image_service().await.map_ttrpc_err(same)?;
+
        Ok(Empty::new())
    }

@@ -1536,6 +1546,54 @@ impl agent_ttrpc::AgentService for AgentService {

        Ok(Empty::new())
    }
+
+    async fn mem_agent_memcg_set(
+        &self,
+        _ctx: &::ttrpc::r#async::TtrpcContext,
+        config: protocols::agent::MemAgentMemcgConfig,
+    ) -> ::ttrpc::Result<Empty> {
+        if let Some(ma) = &self.oma {
+            ma.memcg_set_config_async(mem_agent_memcgconfig_to_memcg_optionconfig(&config))
+                .await
+                .map_err(|e| {
+                    let estr = format!("ma.memcg_set_config_async fail: {}", e);
+                    error!(sl(), "{}", estr);
+                    ttrpc::Error::RpcStatus(ttrpc::get_status(ttrpc::Code::INTERNAL, estr))
+                })?;
+        } else {
+            let estr = "mem-agent is disabled";
+            error!(sl(), "{}", estr);
+            return Err(ttrpc::Error::RpcStatus(ttrpc::get_status(
+                ttrpc::Code::INTERNAL,
+                estr,
+            )));
+        }
+        Ok(Empty::new())
+    }
+
+    async fn mem_agent_compact_set(
+        &self,
+        _ctx: &::ttrpc::r#async::TtrpcContext,
+        config: protocols::agent::MemAgentCompactConfig,
+    ) -> ::ttrpc::Result<Empty> {
+        if let Some(ma) = &self.oma {
+            ma.compact_set_config_async(mem_agent_compactconfig_to_compact_optionconfig(&config))
+                .await
+                .map_err(|e| {
+                    let estr = format!("ma.compact_set_config_async fail: {}", e);
+                    error!(sl(), "{}", estr);
+                    ttrpc::Error::RpcStatus(ttrpc::get_status(ttrpc::Code::INTERNAL, estr))
+                })?;
+        } else {
+            let estr = "mem-agent is disabled";
+            error!(sl(), "{}", estr);
+            return Err(ttrpc::Error::RpcStatus(ttrpc::get_status(
+                ttrpc::Code::INTERNAL,
+                estr,
+            )));
+        }
+        Ok(Empty::new())
+    }
 }

 #[derive(Clone)]
@@ -1679,19 +1737,18 @@ pub async fn start(
    s: Arc<Mutex<Sandbox>>,
    server_address: &str,
    init_mode: bool,
+    oma: Option<mem_agent::agent::MemAgent>,
 ) -> Result<TtrpcServer> {
    let agent_service = Box::new(AgentService {
        sandbox: s,
        init_mode,
+        oma,
    }) as Box<dyn agent_ttrpc::AgentService + Send + Sync>;
    let aservice = agent_ttrpc::create_agent_service(Arc::new(agent_service));

    let health_service = Box::new(HealthService {}) as Box<dyn health_ttrpc::Health + Send + Sync>;
    let hservice = health_ttrpc::create_health(Arc::new(health_service));

-    #[cfg(feature = "guest-pull")]
-    image::init_image_service().await;
-
    let server = TtrpcServer::new()
        .bind(server_address)?
        .register_service(aservice)
@@ -1726,13 +1783,19 @@ fn update_container_namespaces(
    if let Some(namespaces) = linux.namespaces_mut() {
        for namespace in namespaces.iter_mut() {
            if namespace.typ().to_string() == NSTYPEIPC {
-                namespace.set_path(Some(PathBuf::from(&sandbox.shared_ipcns.path.clone())));
-                namespace.set_path(None);
+                namespace.set_path(if !sandbox.shared_ipcns.path.is_empty() {
+                    Some(PathBuf::from(&sandbox.shared_ipcns.path))
+                } else {
+                    None
+                });
                continue;
            }
            if namespace.typ().to_string() == NSTYPEUTS {
-                namespace.set_path(Some(PathBuf::from(&sandbox.shared_utsns.path.clone())));
-                namespace.set_path(None);
+                namespace.set_path(if !sandbox.shared_utsns.path.is_empty() {
+                    Some(PathBuf::from(&sandbox.shared_utsns.path))
+                } else {
+                    None
+                });
                continue;
            }
        }
@@ -1750,7 +1813,7 @@ fn update_container_namespaces(
                if !pidns.path.is_empty() {
                    pid_ns.set_path(Some(PathBuf::from(&pidns.path)));
                }
-            } else {
+            } else if !sandbox.containers.is_empty() {
                return Err(anyhow!(ERR_NO_SANDBOX_PIDNS));
            }
        }
@@ -2093,6 +2156,112 @@ fn load_kernel_module(module: &protocols::agent::KernelModule) -> Result<()> {
    }
 }

+fn is_sealed_secret_path(source_path: &str) -> bool {
+    // Base path to check
+    let base_path = "/run/kata-containers/shared/containers";
+    // Paths to exclude
+    let excluded_suffixes = [
+        "resolv.conf",
+        "termination-log",
+        "hostname",
+        "hosts",
+        "serviceaccount",
+    ];
+
+    // Ensure the path starts with the base path and does not end with any excluded suffix
+    source_path.starts_with(base_path)
+        && !excluded_suffixes
+            .iter()
+            .any(|suffix| source_path.ends_with(suffix))
+}
+
+async fn cdh_handler(oci: &mut Spec) -> Result<()> {
+    if !cdh::is_cdh_client_initialized().await {
+        return Ok(());
+    }
+    let process = oci
+        .process_mut()
+        .as_mut()
+        .ok_or_else(|| anyhow!("Spec didn't contain process field"))?;
+    if let Some(envs) = process.env_mut().as_mut() {
+        for env in envs.iter_mut() {
+            match cdh::unseal_env(env).await {
+                Ok(unsealed_env) => *env = unsealed_env.to_string(),
+                Err(e) => {
+                    warn!(sl(), "Failed to unseal secret: {}", e)
+                }
+            }
+        }
+    }
+
+    let mounts = oci
+        .mounts_mut()
+        .as_mut()
+        .ok_or_else(|| anyhow!("Spec didn't contain mounts field"))?;
+
+    for m in mounts.iter_mut() {
+        let Some(source_path) = m.source().as_ref().and_then(|p| p.to_str()) else {
+            warn!(sl(), "Mount source is None or invalid");
+            continue;
+        };
+
+        // Check if source_path starts with "/run/kata-containers/shared/containers"
+        // For a volume mount path /mydir,
+        // the secret file path will be like this under the /run/kata-containers/shared/containers dir
+        // a128482812bad768f404e063f225decd425fc94a673aec4add45a9caa1122ccb-75490e32e51da3ff-mydir
+        // We can ignore few paths like: resolv.conf, termination-log, hostname,hosts,serviceaccount
+        if is_sealed_secret_path(source_path) {
+            debug!(
+                sl(),
+                "Calling unseal_file for - source: {:?} destination: {:?}",
+                source_path,
+                m.destination()
+            );
+            // Call unseal_file. This function checks the files under the source_path
+            // for the sealed secret header and unseal it if the header is present.
+            // This is suboptimal as we are going through every file under the source_path.
+            // But currently there is no quick way to determine which volume-mount is referring
+            // to a sealed secret without reading the file.
+            // And relying on file naming heuristic is inflexible. So we are going with this approach.
+            if let Err(e) = cdh::unseal_file(source_path).await {
+                warn!(
+                    sl(),
+                    "Failed to unseal file: {:?}, Error: {:?}", source_path, e
+                );
+            }
+        }
+    }
+
+    let linux = oci
+        .linux()
+        .as_ref()
+        .ok_or_else(|| anyhow!("Spec didn't contain linux field"))?;
+
+    if let Some(devices) = linux.devices() {
+        for specdev in devices.iter() {
+            if specdev.path().as_path().to_str() == Some(TRUSTED_IMAGE_STORAGE_DEVICE) {
+                let dev_major_minor = format!("{}:{}", specdev.major(), specdev.minor());
+                let secure_storage_integrity = AGENT_CONFIG.secure_storage_integrity.to_string();
+                info!(
+                    sl(),
+                    "trusted_store device major:min {}, enable data integrity {}",
+                    dev_major_minor,
+                    secure_storage_integrity
+                );
+
+                let options = std::collections::HashMap::from([
+                    ("deviceId".to_string(), dev_major_minor),
+                    ("encryptType".to_string(), "LUKS".to_string()),
+                    ("dataIntegrity".to_string(), secure_storage_integrity),
+                ]);
+                cdh::secure_mount("BlockDevice", &options, vec![], KATA_IMAGE_WORK_DIR).await?;
+                break;
+            }
+        }
+    }
+    Ok(())
+}
+
 #[cfg(test)]
 #[allow(dead_code)]
 mod tests {
@@ -2241,6 +2410,7 @@ mod tests {
        let agent_service = Box::new(AgentService {
            sandbox: Arc::new(Mutex::new(sandbox)),
            init_mode: true,
+            oma: None,
        });

        let req = protocols::agent::UpdateInterfaceRequest::default();
@@ -2258,6 +2428,7 @@ mod tests {
        let agent_service = Box::new(AgentService {
            sandbox: Arc::new(Mutex::new(sandbox)),
            init_mode: true,
+            oma: None,
        });

        let req = protocols::agent::UpdateRoutesRequest::default();
@@ -2275,6 +2446,7 @@ mod tests {
        let agent_service = Box::new(AgentService {
            sandbox: Arc::new(Mutex::new(sandbox)),
            init_mode: true,
+            oma: None,
        });

        let req = protocols::agent::AddARPNeighborsRequest::default();
@@ -2413,6 +2585,7 @@ mod tests {
            let agent_service = Box::new(AgentService {
                sandbox: Arc::new(Mutex::new(sandbox)),
                init_mode: true,
+                oma: None,
            });

            let result = agent_service
@@ -2527,14 +2700,6 @@ mod tests {
                    .unwrap()],
                ..Default::default()
            },
-            TestData {
-                namespaces: vec![],
-                sandbox_pidns_path: None,
-                use_sandbox_pidns: true,
-                result: Err(anyhow!(ERR_NO_SANDBOX_PIDNS)),
-                expected_namespaces: vec![],
-                ..Default::default()
-            },
            TestData {
                has_linux_in_spec: false,
                result: Err(anyhow!(ERR_NO_LINUX_FIELD)),
@@ -2911,6 +3076,7 @@ OtherField:other
        let agent_service = Box::new(AgentService {
            sandbox: Arc::new(Mutex::new(sandbox)),
            init_mode: true,
+            oma: None,
        });

        let ctx = mk_ttrpc_context();
@@ -3060,4 +3226,54 @@ COMMIT
            "We should see the resulting rule"
        );
    }
+
+    #[tokio::test]
+    async fn test_is_sealed_secret_path() {
+        #[derive(Debug)]
+        struct TestData<'a> {
+            source_path: &'a str,
+            result: bool,
+        }
+
+        let tests = &[
+            TestData {
+                source_path: "/run/kata-containers/shared/containers/somefile",
+                result: true,
+            },
+            TestData {
+                source_path: "/run/kata-containers/shared/containers/a128482812bad768f404e063f225decd425fc94a673aec4add45a9caa1122ccb-75490e32e51da3ff-resolv.conf",
+                result: false,
+            },
+            TestData {
+                source_path: "/run/kata-containers/shared/containers/a128482812bad768f404e063f225decd425fc94a673aec4add45a9caa1122ccb-75490e32e51da3ff-termination-log",
+                result: false,
+            },
+            TestData {
+                source_path: "/run/kata-containers/shared/containers/a128482812bad768f404e063f225decd425fc94a673aec4add45a9caa1122ccb-75490e32e51da3ff-hostname",
+                result: false,
+            },
+            TestData {
+                source_path: "/run/kata-containers/shared/containers/a128482812bad768f404e063f225decd425fc94a673aec4add45a9caa1122ccb-75490e32e51da3ff-hosts",
+                result: false,
+            },
+            TestData {
+                source_path: "/run/kata-containers/shared/containers/a128482812bad768f404e063f225decd425fc94a673aec4add45a9caa1122ccb-75490e32e51da3ff-serviceaccount",
+                result: false,
+            },
+            TestData {
+                source_path: "/run/kata-containers/shared/containers/a128482812bad768f404e063f225decd425fc94a673aec4add45a9caa1122ccb-75490e32e51da3ff-mysecret",
+                result: true,
+            },
+            TestData {
+                source_path: "/some/other/path",
+                result: false,
+            },
+        ];
+
+        for (i, d) in tests.iter().enumerate() {
+            let msg = format!("test[{}]: {:?}", i, d);
+            let result = is_sealed_secret_path(d.source_path);
+            assert_eq!(d.result, result, "{}", msg);
+        }
+    }
 }
--- a/src/agent/src/sandbox.rs
+++ b/src/agent/src/sandbox.rs
@@ -1065,7 +1065,7 @@ mod tests {

        let logger = slog::Logger::root(slog::Discard, o!());

-        let test_pids = [std::i32::MIN, -1, 0, 1, std::i32::MAX];
+        let test_pids = [i32::MIN, -1, 0, 1, i32::MAX];

        for test_pid in test_pids {
            let mut s = Sandbox::new(&logger).unwrap();
--- a/src/agent/src/storage/ephemeral_handler.rs
+++ b/src/agent/src/storage/ephemeral_handler.rs
@@ -170,7 +170,7 @@ impl EphemeralHandler {
        let size = size_str
            .unwrap()
            .parse::<u64>()
-            .context(format!("parse size: {:?}", &pagesize_str))?;
+            .context(format!("parse size: {:?}", &size_str))?;

        Ok((pagesize, size))
    }
--- a/src/agent/src/util.rs
+++ b/src/agent/src/util.rs
@@ -18,14 +18,14 @@ const BUF_SIZE: usize = 8192;

 // Interruptable I/O copy using readers and writers
 // (an interruptable version of "io::copy()").
-pub async fn interruptable_io_copier<R: Sized, W: Sized>(
+pub async fn interruptable_io_copier<R, W>(
    mut reader: R,
    mut writer: W,
    mut shutdown: Receiver<bool>,
 ) -> io::Result<u64>
 where
-    R: tokio::io::AsyncRead + Unpin,
-    W: tokio::io::AsyncWrite + Unpin,
+    R: tokio::io::AsyncRead + Unpin + Sized,
+    W: tokio::io::AsyncWrite + Unpin + Sized,
 {
    let mut total_bytes: u64 = 0;

@@ -181,13 +181,13 @@ mod tests {
        }
    }

-    impl ToString for BufWriter {
-        fn to_string(&self) -> String {
+    impl std::fmt::Display for BufWriter {
+        fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
            let data_ref = self.data.clone();
            let output = data_ref.lock().unwrap();
            let s = (*output).clone();

-            String::from_utf8(s).unwrap()
+            write!(f, "{}", String::from_utf8(s).unwrap())
        }
    }

--- a/src/dragonball/Cargo.lock
+++ b/src/dragonball/Cargo.lock
@@ -428,9 +428,12 @@ dependencies = [

 [[package]]
 name = "deranged"
-version = "0.3.8"
+version = "0.3.11"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f2696e8a945f658fd14dc3b87242e6b80cd0f36ff04ea560fa39082368847946"
+checksum = "b42b6fa04a440b495c8b04d0e71b707c585f83cb9cb28cf8cd0d976c315e31b4"
+dependencies = [
+ "powerfmt",
+]

 [[package]]
 name = "derivative"
@@ -1146,6 +1149,12 @@ dependencies = [
 "memoffset",
 ]

+[[package]]
+name = "num-conv"
+version = "0.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "51d515d32fb182ee37cda2ccdcb92950d6a3c2893aa280e540671c2cd0f3b1d9"
+
 [[package]]
 name = "num-traits"
 version = "0.2.16"
@@ -1379,6 +1388,12 @@ version = "0.3.27"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "26072860ba924cbfa98ea39c8c19b4dd6a4a25423dbdf219c1eca91aa0cf6964"

+[[package]]
+name = "powerfmt"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "439ee305def115ba05938db6eb1644ff94165c5ab5e9420d1c1bcedbba909391"
+
 [[package]]
 name = "proc-macro2"
 version = "1.0.66"
@@ -1897,14 +1912,16 @@ dependencies = [

 [[package]]
 name = "time"
-version = "0.3.28"
+version = "0.3.37"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "17f6bb557fd245c28e6411aa56b6403c689ad95061f50e4be16c274e70a17e48"
+checksum = "35e7868883861bd0e56d9ac6efcaaca0d6d5d82a2a7ec8209ff492c07cf37b21"
 dependencies = [
 "deranged",
 "itoa",
 "libc",
+ "num-conv",
 "num_threads",
+ "powerfmt",
 "serde",
 "time-core",
 "time-macros",
@@ -1912,16 +1929,17 @@ dependencies = [

 [[package]]
 name = "time-core"
-version = "0.1.1"
+version = "0.1.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7300fbefb4dadc1af235a9cef3737cea692a9d97e1b9cbcd4ebdae6f8868e6fb"
+checksum = "ef927ca75afb808a4d64dd374f00a2adf8d0fcff8e7b184af886c3c87ec4a3f3"

 [[package]]
 name = "time-macros"
-version = "0.2.14"
+version = "0.2.19"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1a942f44339478ef67935ab2bbaec2fb0322496cf3cbe84b261e06ac3814c572"
+checksum = "2834e6017e3e5e4b9834939793b282bc03b37a3336245fa820e35e233e2a85de"
 dependencies = [
+ "num-conv",
 "time-core",
 ]

--- a/src/dragonball/Cargo.toml
+++ b/src/dragonball/Cargo.toml
@@ -50,7 +50,7 @@ vm-memory = { version = "0.10.0", features = ["backend-mmap"] }
 crossbeam-channel = "0.5.6"
 fuse-backend-rs = "0.10.5"
 vfio-bindings = { version = "0.3.0", optional = true }
-vfio-ioctls =  { version = "0.1.0", optional = true }
+vfio-ioctls = { version = "0.1.0", optional = true }

 [dev-dependencies]
 slog-async = "2.7.0"
@@ -81,3 +81,8 @@ vhost-user-fs = ["dbs-virtio-devices/vhost-user-fs"]
 vhost-user-net = ["dbs-virtio-devices/vhost-user-net"]
 vhost-user-blk = ["dbs-virtio-devices/vhost-user-blk"]
 host-device = ["dep:vfio-bindings", "dep:vfio-ioctls", "dep:dbs-pci"]
+
+[lints.rust]
+unexpected_cfgs = { level = "warn", check-cfg = [
+    'cfg(feature, values("test-mock"))',
+] }
--- a/src/dragonball/Makefile
+++ b/src/dragonball/Makefile
@@ -6,7 +6,7 @@ include ../../utils.mk

 PROJECT_DIRS := $(shell find . -name Cargo.toml -printf '%h\n' | sort -u)

-ifeq ($(ARCH), $(filter $(ARCH), s390x ppc64le))
+ifeq ($(ARCH), $(filter $(ARCH), s390x powerpc64le))
 default build check test clippy vendor:
 	@echo "$(ARCH) is not support currently"
 	exit 0
@@ -34,7 +34,7 @@ vendor:

 format:
 	@echo "INFO: rust fmt..."
-	# This is kinda dirty step here simply because cargo fmt --all will apply fmt to all dependencies of dragonball which will include /src/libs/protocols with some file generated during compilation time and could not be formatted when you use cargo fmt --all before building the whole project. In order to avoid this problem, we do fmt check in this following way. 
+	# This is kinda dirty step here simply because cargo fmt --all will apply fmt to all dependencies of dragonball which will include /src/libs/protocols with some file generated during compilation time and could not be formatted when you use cargo fmt --all before building the whole project. In order to avoid this problem, we do fmt check in this following way.
 	rustfmt --edition 2018 ./src/dbs_address_space/src/lib.rs ./src/dbs_allocator/src/lib.rs ./src/dbs_arch/src/lib.rs ./src/dbs_boot/src/lib.rs ./src/dbs_device/src/lib.rs ./src/dbs_interrupt/src/lib.rs ./src/dbs_legacy_devices/src/lib.rs ./src/dbs_pci/src/lib.rs ./src/dbs_upcall/src/lib.rs ./src/dbs_utils/src/lib.rs ./src/dbs_virtio_devices/src/lib.rs ./src/lib.rs --check

 clean:
--- a/src/dragonball/src/config_manager.rs
+++ b/src/dragonball/src/config_manager.rs
@@ -165,7 +165,7 @@ impl<T> DeviceConfigInfo<T>
 where
    T: ConfigItem + Clone,
 {
-    /// Create a new instance of ['DeviceInfoGroup'].
+    /// Create a new instance of ['DeviceConfigInfo'].
    pub fn new(config: T) -> Self {
        DeviceConfigInfo {
            config,
@@ -173,7 +173,7 @@ where
        }
    }

-    /// Create a new instance of ['DeviceInfoGroup'] with optional device.
+    /// Create a new instance of ['DeviceConfigInfo'] with optional device.
    pub fn new_with_device(config: T, device: Option<Arc<dyn DeviceIo>>) -> Self {
        DeviceConfigInfo { config, device }
    }
--- a/src/dragonball/src/dbs_allocator/src/interval_tree.rs
+++ b/src/dragonball/src/dbs_allocator/src/interval_tree.rs
@@ -166,15 +166,6 @@ impl Range {
    }
 }

-impl PartialOrd for Range {
-    fn partial_cmp(&self, other: &Self) -> Option<Ordering> {
-        match self.min.cmp(&other.min) {
-            Ordering::Equal => Some(self.max.cmp(&other.max)),
-            res => Some(res),
-        }
-    }
-}
-
 impl Ord for Range {
    fn cmp(&self, other: &Self) -> Ordering {
        match self.min.cmp(&other.min) {
@@ -184,6 +175,12 @@ impl Ord for Range {
    }
 }

+impl PartialOrd for Range {
+    fn partial_cmp(&self, other: &Self) -> Option<Ordering> {
+        Some(self.cmp(other))
+    }
+}
+
 /// State of interval tree node.
 ///
 /// Valid state transitions:
@@ -424,7 +421,7 @@ impl<T> Node<T> {
        let l = height(&self.0.left);
        let r = height(&self.0.right);
        match (l as i32) - (r as i32) {
-            1 | 0 | -1 => self,
+            -1..=1 => self,
            2 => self.rotate_left_successor(),
            -2 => self.rotate_right_successor(),
            _ => unreachable!(),
--- a/src/dragonball/src/dbs_device/src/device_manager.rs
+++ b/src/dragonball/src/dbs_device/src/device_manager.rs
@@ -152,7 +152,7 @@ impl Ord for IoRange {

 impl PartialOrd for IoRange {
    fn partial_cmp(&self, other: &IoRange) -> Option<Ordering> {
-        self.base.partial_cmp(&other.base)
+        Some(self.cmp(other))
    }
 }

--- a/src/dragonball/src/dbs_interrupt/src/kvm/msi_generic.rs
+++ b/src/dragonball/src/dbs_interrupt/src/kvm/msi_generic.rs
@@ -93,7 +93,7 @@ mod test {
        }
    }

-    #[cfg(all(feature = "legacy_irq", target_arch = "x86_64"))]
+    #[cfg(all(feature = "legacy-irq", target_arch = "x86_64"))]
    #[test]
    fn test_new_msi_routing_multi() {
        let mut msi_fds = Vec::with_capacity(16);
--- a/Show More
+++ b/Show More
@@ -1 +1 @@
 .9.0
 .14.0