On Mon, May 11, 2020 at 06:42:00PM +0200, Boris Fiuczynski wrote: > Add checking in virt-host-validate for secure guest support > on x86 for AMD Secure Encrypted Virtualization. > > Signed-off-by: Boris Fiuczynski <fiuczy@xxxxxxxxxxxxx> > Reviewed-by: Paulo de Rezende Pinatti <ppinatti@xxxxxxxxxxxxx> > Reviewed-by: Bjoern Walk <bwalk@xxxxxxxxxxxxx> > --- > docs/kbase/launch_security_sev.rst | 7 ++++-- > tools/virt-host-validate-common.c | 36 ++++++++++++++++++++++++++++-- > tools/virt-host-validate-common.h | 1 + > 3 files changed, 40 insertions(+), 4 deletions(-) > > diff --git a/docs/kbase/launch_security_sev.rst b/docs/kbase/launch_security_sev.rst > index fa602c7432..45166b3886 100644 > --- a/docs/kbase/launch_security_sev.rst > +++ b/docs/kbase/launch_security_sev.rst > @@ -30,8 +30,11 @@ Enabling SEV on the host > ======================== > > Before VMs can make use of the SEV feature you need to make sure your > -AMD CPU does support SEV. You can check whether SEV is among the CPU > -flags with: > +AMD CPU does support SEV. You can run ``libvirt-host-validate`` > +(libvirt >= 6.4.0) to check if your host supports secure guests or you > +can follow the manual checks below. > + > +You can manually check whether SEV is among the CPU flags with: ^this change should go along the (<6.4.0) in one of the earlier patches into a standalone patch. Otherwise looking good. -- Erik Skultety
