Skip to content

runtime: disable protection check #141

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jan 16, 2024
Merged

runtime: disable protection check #141

merged 1 commit into from
Jan 16, 2024

Conversation

@sprt
Copy link

@sprt sprt commented Jan 12, 2024
edited
Loading

Merge Checklist
Summary

microsoft/azurelinux#6942 introduces a debug config file with confidential_guest=true and sev_snp_guest=false. This PR enables that config file to be used. See commit message for more info.

Test Methodology

Local testing

@sprt
runtime: disable protection check
dcdc39a 
enableProtection() is called when confidential_guest=true, so we
disable this check to allow us to test running with
confidential_guest=true and sev_snp_guest=false.

Note this was already done by Wedson previously to allow testing on
non-SNP CPUs, but the purpose here is different.

Signed-off-by: Aurelien Bombo <[email protected]>
@sprt sprt force-pushed the sprt/debug-conf-guest branch from 23e3dba to dcdc39a Compare January 12, 2024 17:43
@sprt sprt marked this pull request as ready for review January 12, 2024 17:44
dallasd1
dallasd1 reviewed Jan 12, 2024
View reviewed changes
src/runtime/virtcontainers/clh.go
default:
return errors.New("This system doesn't support Confidential Computing (Guest Protection)")
// Allow running with no hardware protection for testing.
return nil
Copy link

@dallasd1 dallasd1 Jan 12, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[nit] would it be useful to add a log here saying there's no hardware protection?

@dallasd1
Copy link

dallasd1 commented Jan 12, 2024

Is there a pointer to the new debug file with these options?

@sprt
Copy link
Author

sprt commented Jan 12, 2024

Is there a pointer to the new debug file with these options?

Yep I linked the spec PR in the description 🙂

@sprt sprt merged commit 74a9b96 into msft-main Jan 16, 2024
@sprt sprt added the upstream/missing PRs that are yet to be upstreamed label Jan 22, 2024
@sprt sprt mentioned this pull request Jan 22, 2024
Merged
12 tasks
sprt added a commit that referenced this pull request Feb 10, 2025
@sprt
Merge pull request #141 from microsoft/sprt/debug-conf-guest
5da1ed0 
runtime: disable protection check
sprt added a commit that referenced this pull request Feb 27, 2025
@sprt
Merge pull request #141 from microsoft/sprt/debug-conf-guest
cfaa336 
runtime: disable protection check
sprt added a commit that referenced this pull request Mar 3, 2025
@sprt
Merge pull request #141 from microsoft/sprt/debug-conf-guest
7d5c74d 
runtime: disable protection check
sprt added a commit that referenced this pull request Mar 4, 2025
@sprt
Merge pull request #141 from microsoft/sprt/debug-conf-guest
0c91805 
runtime: disable protection check
sprt added a commit that referenced this pull request Mar 4, 2025
@sprt
Merge pull request #141 from microsoft/sprt/debug-conf-guest
12d52fc 
runtime: disable protection check
sprt added a commit that referenced this pull request Mar 4, 2025
@sprt
Merge pull request #141 from microsoft/sprt/debug-conf-guest
80f212c 
runtime: disable protection check
sprt added a commit that referenced this pull request Mar 4, 2025
@sprt
Merge pull request #141 from microsoft/sprt/debug-conf-guest
f07e605 
runtime: disable protection check
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@danmihai1 danmihai1 danmihai1 approved these changes

@dallasd1 dallasd1 dallasd1 approved these changes

Assignees

No one assigned

Labels

upstream/missing PRs that are yet to be upstreamed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@sprt @dallasd1 @danmihai1