Re: [PATCH 0/8] Expose SEV-SNP in domcaps and virt-host-validate

On Tue, Jun 25, 2024 at 11:48:45 +0200, Michal Privoznik wrote: > This is a promised follow up to: > > https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/message/7... > > Michal Prívozník (8): > libvirt_private.syms: Export virDomainLaunchSecurity enum handlers > qemuxmlconftest; Explicitly enable QEMU_CAPS_SEV_SNP_GUEST for > "launch-security-sev-snp" > qemu_capabilities: Probe SEV capabilities even for > QEMU_CAPS_SEV_SNP_GUEST > domcaps: Report launchSecurity > qemu: Fill launchSecurity in domaincaps > qemu_validate: Use domaincaps to validate supported launchSecurity > type > virt-host-validate: Move AMD SEV into a separate func > virt-host-validate: Detect SEV-ES and SEV-SNP Overall it looks OK (see replies to 3/8 and 5/8 for a few nits) and it makes sense to me. But you should probably wait for a second look from someone familiar with SEV to check the design makes sense. Reviewed-by: Jiri Denemark <jdenemar(a)redhat.com&gt;