On 4/28/20 12:58 PM, Boris Fiuczynski wrote:
From: Viktor Mihajlovski <mihajlov@xxxxxxxxxxxxx>
[...]
+ +If the check fails despite the host system actually supporting +protected virtualization guests, this can be caused by a stale +libvirt capabilities cache. To recover, run the following +commands + +:: + + $ systemctl stop libvirtd + $ rm /var/cache/libvirt/qemu/capabilities/*.xml + $ systemctl start libvirtd + +
Why isn't Libvirt re-fetching the capabilities after host changes that affects KVM capabilities? I see that we're following up QEMU timestamps to detect if the binary changes, which is sensible, but what about /dev/kvm? Shouldn't we refresh domain capabilities every time following a host reboot? IMHO this is a discussion worth having before making this sort of workaround an official part of the feature. Thanks, DHB
