Initial support for creating confidential windows UtilityVMs #2388
+450
−60
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Currently WCOW UVM only support booting with VmbFS and legacy layers. However, we are adding support for booting the UVM with BlockCIM layers. This commit updates the WCOWBootFiles struct to support different boot configurations. Signed-off-by: Amit Barve <ambarve@microsoft.com>
Initial changes to allow creating confidential WCOW UVMs. uvmboot tool is also updated for easier command line testing of confidential UVMs. Signed-off-by: Amit Barve <ambarve@microsoft.com>
helsaawy
reviewed
Feb 28, 2025
| @@ -0,0 +1,5 @@ | |||
| package hcsschema | |||
|
|
|||
| type FirmwareFile struct { | |||
There was a problem hiding this comment.
can you add a note saying this is experimental?
Comment on lines
+143
to
+146
| } else { | ||
| return fmt.Errorf("invalid boot type specified") | ||
| } | ||
| return nil |
There was a problem hiding this comment.
Suggested change
| } else { | |
| return fmt.Errorf("invalid boot type specified") | |
| } | |
| return nil | |
| } | |
| return fmt.Errorf("invalid boot type specified: %s", bootFiles.BootType) |
might be cleaner overall as:
switch bootFiles.BootType {
case VmbFSBoot:
// ...
case BlockCIMBoot:
// ...
default:
}
return fmt.Errorf("invalid boot type specified: %s", bootFiles.BootType)| ConsolePipe string // The named pipe path to use for the serial console (COM1). eg \\.\pipe\vmpipe | ||
| } | ||
|
|
||
| func verifyWCOWBootFiles(bootFiles *WCOWBootFiles) error { |
There was a problem hiding this comment.
maybe make this a method and move it to create_wcow.go?
Suggested change
| func verifyWCOWBootFiles(bootFiles *WCOWBootFiles) error { | |
| func (bf *WCOWBootFiles) verify() error { | |
| if bf == nil { return nil } | |
| // ... |
| @@ -156,6 +178,12 @@ func verifyOptions(_ context.Context, options interface{}) error { | |||
| if opts.SCSIControllerCount != 1 { | |||
| return errors.New("exactly 1 SCSI controller is required for WCOW") | |||
| } | |||
| if err := verifyWCOWBootFiles(opts.BootFiles); err != nil { | |||
There was a problem hiding this comment.
may also want to have a nil check here, just in case someone did something funky with the options
| // UVM. gcsServiceID can either be the service ID of the default GCS that is present in | ||
| // all UtilityVMs or it can be the service ID of the sidecar GCS that is used mostly in | ||
| // confidential mode. | ||
| func (uvm *UtilityVM) startExternalGcsListener(ctx context.Context, gcsServiceID guid.GUID) error { | ||
| log.G(ctx).WithField("vmID", uvm.runtimeID).Debug("Using external GCS bridge") |
There was a problem hiding this comment.
Suggested change
| log.G(ctx).WithField("vmID", uvm.runtimeID).Debug("Using external GCS bridge") | |
| log.G(ctx).WithFields(logrus.Fields{ | |
| logfields.UVMID: uvm.id, | |
| "gcServiceGUID": gcsServiceID.String(), | |
| }).Debug("Using external GCS bridge") |
Comment on lines
+496
to
+501
| if opts.SecurityPolicyEnabled { | ||
| err = uvm.startExternalGcsListener(ctx, windowsSidecarGcsHvsockServiceID) | ||
| } else { | ||
| err = uvm.startExternalGcsListener(ctx, gcs.WindowsGcsHvsockServiceID) | ||
| } | ||
| if err != nil { |
There was a problem hiding this comment.
maybe this so we dont duplicate the same function call?
Suggested change
| if opts.SecurityPolicyEnabled { | |
| err = uvm.startExternalGcsListener(ctx, windowsSidecarGcsHvsockServiceID) | |
| } else { | |
| err = uvm.startExternalGcsListener(ctx, gcs.WindowsGcsHvsockServiceID) | |
| } | |
| if err != nil { | |
| gcsGUID := gcs.WindowsGcsHvsockServiceID | |
| if opts.SecurityPolicyEnabled { | |
| gcsGUID = windowsSidecarGcsHvsockServiceID | |
| } | |
| if err = uvm.startExternalGcsListener(ctx); err != nil { |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR brings in changes via 2 different commits:
First commit updates the WCOW boot files struct to allow different kinds of boot configurations for WCOW UtilityVMs.
Second commit builds on top of the first commit to add support for running confidential WCOW UtilityVMs. This involves using Block CIMs to boot the VM and setting other confidential VM specific configurations in the HCS doc of the UtilityVM.