[NODE-1305] Continue to use SEV kernel on SetupOS

ic-os/setupos/rootfs/Dockerfile.base

@@ -34,3 +34,23 @@ RUN apt-get -y update && \
     apt-get -y upgrade && \
     apt-get -y --no-install-recommends install $(for P in ${PACKAGE_FILES}; do cat /tmp/$P | sed -e "s/#.*//" ; done) && \
     rm /tmp/packages.*
+
+# Install kernel modified to support sev-snp. Link the resulting kernel as the default.
+# Then clean up old kernel to save space
+# In the future this will change. Either:
+# - the mainline kernel will get SEV-SNP or
+# - AMDSEV repo might get built as part of this dockerfile
+# This sev-snp kernel is only used to check hardware capability.
+ARG MODIFIED_KERNEL_DEB="linux-image-6.1.0-rc4-snp-host-93fa8c5918a4_6.1.0-rc4-snp-host-93fa8c5918a4-1_amd64.deb"
+RUN curl -LsSf --remote-name https://github.com/dfinity/AMDSEV/releases/download/snp-release-2023-05-24/${MODIFIED_KERNEL_DEB} \
+    && dpkg -i ${MODIFIED_KERNEL_DEB} \
+    && rm ${MODIFIED_KERNEL_DEB} \
+    && ln -sf vmlinuz-6.1.0-rc4-snp-host-93fa8c5918a4 /boot/vmlinuz \
+    && ln -sf initrd.img-6.1.0-rc4-snp-host-93fa8c5918a4 /boot/initrd.img \
+    && find /boot -name "*.old" | xargs -L 1 unlink \
+    && find /boot -name "initrd*generic" \
+    -o -name "vmlinuz*generic" \
+    -o -name "config*generic" \
+    -o -name "System*generic" \
+    | xargs rm \
+    && find /usr/lib/modules -maxdepth 1 -type d -name "*generic" | xargs rm -rf