aljaz/kata-containers
1
0
Fork 0
mirror of https://github.com/aljazceru/kata-containers.git synced 2026-01-08 00:44:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

runtime: suppport split firmware

Browse Source 
firmware can be split into FIRMWARE_VARS.fd (UEFI variables as
configuration) and FIRMWARE_CODE.fd (UEFI program image). UEFI
variables can be customized per each user while UEFI code is kept same.

fixes #3583

Signed-off-by: Julio Montes <julio.montes@intel.com>
This commit is contained in:
Julio Montes
2022-02-01 11:19:21 -06:00
parent 732c45de94
commit 1f29478b09
22 changed files with 140 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/runtime/virtcontainers/pkg/annotations/annotations.go
View File

@@ -55,6 +55,10 @@ const (
// FirmwarePath is a sandbox annotation for passing a per container path pointing at the guest firmware that will run the container VM.
FirmwarePath = kataAnnotHypervisorPrefix + "firmware"
// FirmwareVolumePath is a sandbox annotation for passing a per container path pointing at the guest firmware volume
// that will be passed to the container VM.
FirmwareVolumePath = kataAnnotHypervisorPrefix + "firmware_volume"
// KernelHash is a sandbox annotation for passing a container kernel image SHA-512 hash value.
KernelHash = kataAnnotHypervisorPrefix + "kernel_hash"
@@ -76,6 +80,9 @@ const (
// FirmwareHash is an sandbox annotation for passing a container guest firmware SHA-512 hash value.
FirmwareHash = kataAnnotHypervisorPrefix + "firmware_hash"
// FirmwareVolumeHash is an sandbox annotation for passing a container guest firmware volume SHA-512 hash value.
FirmwareVolumeHash = kataAnnotHypervisorPrefix + "firmware_volume_hash"
// AssetHashType is the hash type used for assets verification
AssetHashType = kataAnnotationsPrefix + "asset_hash_type"