Skip to content

Commit

Permalink
packaging: kernel: Remove sev/snp/tdx specific stuff
Browse files Browse the repository at this point in the history 
Now we're using a "confidential" image that has support for all of
those.

Fixes: kata-containers#9010 -- part II
       kata-containers#8982 -- part II
       kata-containers#8978 -- part II

Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
  • Loading branch information
@fidencio
fidencio committed Feb 5, 2024
1 parent 3a3f363 commit af66bf8
Showing 1 changed file with 7 additions and 15 deletions.
22 changes: 7 additions & 15 deletions tools/packaging/kernel/build-kernel.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -110,7 +110,7 @@ Options:
-t <hypervisor> : Hypervisor_target.
-u <url> : Kernel URL to be used to download the kernel tarball.
-v <version> : Kernel version to use if kernel path not provided.
-x <type> : Confidential guest protection type, such as sev, snp, tdx, or "confidential" (for all of those).
-x <type> : All the confidential guest protection type for a specific architecture.
EOF
exit "$exit_code"
}
Expand Down Expand Up @@ -142,11 +142,7 @@ get_tee_kernel() {
mkdir -p ${kernel_path}

if [ -z "${kernel_url}" ]; then
if [[ "${conf_guest}" == "tdx" ]]; then
kernel_url=$(get_from_kata_deps "assets.kernel-tdx-experimental.url")
else
kernel_url=$(get_from_kata_deps "assets.kernel.${tee}.url")
fi
kernel_url=$(get_from_kata_deps "assets.kernel.${tee}.url")
fi

local kernel_tarball="${version}.tar.gz"
Expand Down Expand Up @@ -262,7 +258,7 @@ get_kernel_frag_path() {
info "Add kernel config for GPU due to '-g ${gpu_vendor}'"
# If conf_guest is set we need to update the CONFIG_LOCALVERSION
# to match the suffix created in install_kata
# -nvidia-gpu-{snp|tdx}, the linux headers will be named the very
# -nvidia-gpu-confidential, the linux headers will be named the very
# same if build with make deb-pkg for TDX or SNP.
local gpu_configs=$(mktemp).conf
local gpu_subst_configs="${gpu_path}/${gpu_vendor}.${arch_target}.conf.in"
Expand Down Expand Up @@ -457,7 +453,7 @@ build_kernel() {
arch_target=$(arch_to_kernel "${arch_target}")
pushd "${kernel_path}" >>/dev/null
make -j $(nproc ${CI:+--ignore 1}) ARCH="${arch_target}" ${CROSS_BUILD_ARG}
if [ "${conf_guest}" == "sev" ] || [ "${conf_guest}" == "confidential" ]; then
if [ "${conf_guest}" == "confidential" ]; then
make -j $(nproc ${CI:+--ignore 1}) INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=${kernel_path} modules_install
fi
[ "$arch_target" != "powerpc" ] && ([ -e "arch/${arch_target}/boot/bzImage" ] || [ -e "arch/${arch_target}/boot/Image.gz" ])
Expand Down Expand Up @@ -603,7 +599,7 @@ main() {
x)
conf_guest="${OPTARG}"
case "$conf_guest" in
confidential|sev|snp|tdx) ;;
confidential) ;;
*) die "Confidential guest type '$conf_guest' not supported" ;;
esac
;;
Expand Down Expand Up @@ -645,12 +641,8 @@ main() {
kernel_version=$(get_from_kata_deps "assets.kernel-dragonball-experimental.version")
elif [[ "${conf_guest}" != "" ]]; then
#If specifying a tag for kernel_version, must be formatted version-like to avoid unintended parsing issues
if [[ "${conf_guest}" == "tdx" ]]; then
kernel_version=$(get_from_kata_deps "assets.kernel-tdx-experimental.version" 2>/dev/null || true)
else
kernel_version=$(get_from_kata_deps "assets.kernel.${conf_guest}.version" 2>/dev/null || true)
[ -n "${kernel_version}" ] || kernel_version=$(get_from_kata_deps "assets.kernel.${conf_guest}.tag")
fi
kernel_version=$(get_from_kata_deps "assets.kernel.${conf_guest}.version" 2>/dev/null || true)
[ -n "${kernel_version}" ] || kernel_version=$(get_from_kata_deps "assets.kernel.${conf_guest}.tag")
else
kernel_version=$(get_from_kata_deps "assets.kernel.version")
fi
Expand Down

0 comments on commit af66bf8

Please sign in to comment.