Re: [PATCH] docs: Describe protected virtualization guest setup
On 4/28/20 12:58 PM, Boris Fiuczynski wrote:
From: Viktor Mihajlovski <mihajlov(a)linux.ibm.com>
[...]
+
+If the check fails despite the host system actually supporting
+protected virtualization guests, this can be caused by a stale
+libvirt capabilities cache. To recover, run the following
+commands
+
+::
+
+ $ systemctl stop libvirtd
+ $ rm /var/cache/libvirt/qemu/capabilities/*.xml
+ $ systemctl start libvirtd
+
+
Why isn't Libvirt re-fetching the capabilities after host changes that affects
KVM capabilities? I see that we're following up QEMU timestamps to detect
if the binary changes, which is sensible, but what about /dev/kvm? Shouldn't
we refresh domain capabilities every time following a host reboot?
IMHO this is a discussion worth having before making this sort of workaround
an official part of the feature.
Thanks,
DHB