runtime: disable protection check

sprt · sprt · commit dcdc39a5b9e3 · 2024-01-12T17:43:22.000Z
enableProtection() is called when confidential_guest=true, so we
disable this check to allow us to test running with
confidential_guest=true and sev_snp_guest=false.

Note this was already done by Wedson previously to allow testing on
non-SNP CPUs, but the purpose here is different.

Signed-off-by: Aurelien Bombo &lt;abombo@microsoft.com&gt;
diff --git a/src/runtime/virtcontainers/clh.go b/src/runtime/virtcontainers/clh.go
@@ -474,7 +474,8 @@ func (clh *cloudHypervisor) enableProtection() error {
 		return nil
 
 	default:
-		return errors.New("This system doesn't support Confidential Computing (Guest Protection)")
+		// Allow running with no hardware protection for testing.
+		return nil
 	}
 }
 

Original file line number	Diff line number	Diff line change
`@@ -474,7 +474,8 @@ func (clh *cloudHypervisor) enableProtection() error {`
`474`	`474`	`return nil`
`475`	`475`
`476`	`476`	`default:`
`477`		`- return errors.New("This system doesn't support Confidential Computing (Guest Protection)")`
	`477`	`+ // Allow running with no hardware protection for testing.`
	`478`	`+ return nil`
`478`	`479`	`}`
`479`	`480`	`}`
`480`	`481`