On Tue, Dec 14, 2021 at 16:07:06 +0000, Daniel P. Berrangé wrote: > Set the kernel-hashes property on the sev-guest object if the config > asked for it explicitly. While QEMU machine types currently default to > having this setting off, it is not guaranteed to remain this way. > > We can't assume that the QEMU capabilities were generated on an AMD host > with SEV, so we must force set the QEMU_CAPS_SEV_GUEST. This also means > that the 'sev' info in the qemuCaps struct might be NULL, but this is > harmless from POV of testing the CLI generator. > > Signed-off-by: Daniel P. Berrangé <berrange@xxxxxxxxxx> > --- > src/qemu/qemu_capabilities.c | 5 +++ > src/qemu/qemu_command.c | 1 + > src/qemu/qemu_validate.c | 7 ++++ > ...nch-security-sev-direct.x86_64-latest.args | 40 +++++++++++++++++++ > .../launch-security-sev-direct.xml | 39 ++++++++++++++++++ > tests/qemuxml2argvtest.c | 5 +++ > tests/testutilsqemu.c | 15 ++++--- Please split out the testutils change to a separate commit, you can use my R-b for that without posting to the list. > 7 files changed, 107 insertions(+), 5 deletions(-) > create mode 100644 tests/qemuxml2argvdata/launch-security-sev-direct.x86_64-latest.args > create mode 100644 tests/qemuxml2argvdata/launch-security-sev-direct.xml Reviewed-by: Peter Krempa <pkrempa@xxxxxxxxxx>
