Re: [PATCH 5/6] tools: secure guest check for AMD in virt-host-validate

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, May 11, 2020 at 06:42:00PM +0200, Boris Fiuczynski wrote:
> Add checking in virt-host-validate for secure guest support
> on x86 for AMD Secure Encrypted Virtualization.
> 
> Signed-off-by: Boris Fiuczynski <fiuczy@xxxxxxxxxxxxx>
> Reviewed-by: Paulo de Rezende Pinatti <ppinatti@xxxxxxxxxxxxx>
> Reviewed-by: Bjoern Walk <bwalk@xxxxxxxxxxxxx>
> ---
>  docs/kbase/launch_security_sev.rst |  7 ++++--
>  tools/virt-host-validate-common.c  | 36 ++++++++++++++++++++++++++++--
>  tools/virt-host-validate-common.h  |  1 +
>  3 files changed, 40 insertions(+), 4 deletions(-)
> 
> diff --git a/docs/kbase/launch_security_sev.rst b/docs/kbase/launch_security_sev.rst
> index fa602c7432..45166b3886 100644
> --- a/docs/kbase/launch_security_sev.rst
> +++ b/docs/kbase/launch_security_sev.rst
> @@ -30,8 +30,11 @@ Enabling SEV on the host
>  ========================
>  
>  Before VMs can make use of the SEV feature you need to make sure your
> -AMD CPU does support SEV. You can check whether SEV is among the CPU
> -flags with:
> +AMD CPU does support SEV. You can run ``libvirt-host-validate``
> +(libvirt >= 6.4.0) to check if your host supports secure guests or you
> +can follow the manual checks below.
> +
> +You can manually check whether SEV is among the CPU flags with:

^this change should go along the (<6.4.0) in one of the earlier patches into a
standalone patch.

Otherwise looking good.

-- 
Erik Skultety




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux