If a user tries to pass the optional "dhCert" or "session" data to the SEV firmware, these are in form of a base64-encoded strings which libvirt then takes and creates files with those strings as content under /var/lib/libvirt/qemu/<domain>. Libvirt then puts paths to these files on to QEMU cmdline. QEMU then uses these files within its communication with SEV firmware, provided it has access to those files. https://bugzilla.redhat.com/show_bug.cgi?id=1658112 Erik Skultety (2): qemu: process: SEV: Assume libDir to be the directory to create files in qemu: process: SEV: Relabel guest owner's SEV files created before start src/qemu/qemu_process.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) -- 2.19.2 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
