5959 */
6060#define KRUN_VM_FILE "/.krun_vm.json"
6161
62+ #define KRUN_FLAVOR_SEV "sev"
63+
6264struct krun_config
6365{
6466 void * handle ;
@@ -199,6 +201,60 @@ libkrun_configure_vm (uint32_t ctx_id, void *handle, bool *configured, yajl_val
199201 return 0 ;
200202}
201203
204+ static int
205+ libkrun_configure_flavor (void * cookie , yajl_val * config_tree , libcrun_error_t * err )
206+ {
207+ int ret , sev_indicated = 0 ;
208+ const char * path_flavor [] = { "flavor" , (const char * ) 0 };
209+ struct krun_config * kconf = (struct krun_config * ) cookie ;
210+ yajl_val val_flavor = NULL ;
211+ char * flavor = NULL ;
212+
213+ // Read if the SEV flavor was indicated in the krun VM config.
214+ val_flavor = yajl_tree_get (* config_tree , path_flavor , yajl_t_string );
215+ if (val_flavor != NULL && YAJL_IS_STRING (val_flavor ))
216+ {
217+ flavor = YAJL_GET_STRING (val_flavor );
218+
219+ // The SEV flavor will be used if the krun VM config indicates to use SEV
220+ // within the "flavor" field.
221+ sev_indicated |= strcmp (flavor , KRUN_FLAVOR_SEV ) == 0 ;
222+ }
223+
224+ // To maintain backward compatibility, also use the SEV flavor if the
225+ // KRUN_SEV_FILE was found.
226+ sev_indicated |= access (KRUN_SEV_FILE , F_OK ) == 0 ;
227+
228+ if (sev_indicated )
229+ {
230+ if (kconf -> handle_sev == NULL )
231+ error (EXIT_FAILURE , 0 , "the container requires libkrun-sev but it's not available" );
232+
233+ // We no longer need the libkrun handle.
234+ ret = dlclose (kconf -> handle );
235+ if (UNLIKELY (ret != 0 ))
236+ return crun_make_error (err , 0 , "could not unload handle: `%s`" , dlerror ());
237+
238+ kconf -> handle = kconf -> handle_sev ;
239+ kconf -> ctx_id = kconf -> ctx_id_sev ;
240+ kconf -> sev = true;
241+ }
242+ else
243+ {
244+ if (kconf -> handle == NULL )
245+ error (EXIT_FAILURE , 0 , "the container requires libkrun but it's not available" );
246+
247+ // We no longer need the libkrun-sev handle.
248+ ret = dlclose (kconf -> handle_sev );
249+ if (UNLIKELY (ret != 0 ))
250+ return crun_make_error (err , 0 , "could not unload handle: `%s`" , dlerror ());
251+
252+ kconf -> sev = false;
253+ }
254+
255+ return 0 ;
256+ }
257+
202258static int
203259libkrun_exec (void * cookie , libcrun_container_t * container , const char * pathname , char * const argv [])
204260{
@@ -222,22 +278,12 @@ libkrun_exec (void *cookie, libcrun_container_t *container, const char *pathname
222278 if (UNLIKELY (ret < 0 ))
223279 error (EXIT_FAILURE , - ret , "libkrun VM config exists, but unable to parse" );
224280
225- if (access (KRUN_SEV_FILE , F_OK ) == 0 )
226- {
227- if (kconf -> handle_sev == NULL )
228- error (EXIT_FAILURE , 0 , "the container requires libkrun-sev but it's not available" );
229- handle = kconf -> handle_sev ;
230- ctx_id = kconf -> ctx_id_sev ;
231- kconf -> sev = true;
232- }
233- else
234- {
235- if (kconf -> handle == NULL )
236- error (EXIT_FAILURE , 0 , "the container requires libkrun but it's not available" );
237- handle = kconf -> handle ;
238- ctx_id = kconf -> ctx_id ;
239- kconf -> sev = false;
240- }
281+ ret = libkrun_configure_flavor (cookie , & config_tree , & err );
282+ if (UNLIKELY (ret < 0 ))
283+ error (EXIT_FAILURE , - ret , "unable to configure libkrun flavor" );
284+
285+ handle = kconf -> handle ;
286+ ctx_id = kconf -> ctx_id ;
241287
242288 krun_set_log_level = dlsym (handle , "krun_set_log_level" );
243289 krun_start_enter = dlsym (handle , "krun_start_enter" );
@@ -484,12 +530,6 @@ libkrun_unload (void *cookie, libcrun_error_t *err)
484530 if (UNLIKELY (r != 0 ))
485531 return crun_make_error (err , 0 , "could not unload handle: `%s`" , dlerror ());
486532 }
487- if (kconf -> handle_sev != NULL )
488- {
489- r = dlclose (kconf -> handle_sev );
490- if (UNLIKELY (r != 0 ))
491- return crun_make_error (err , 0 , "could not unload handle_sev: `%s`" , dlerror ());
492- }
493533 }
494534 return 0 ;
495535}
0 commit comments