On Tue, Jun 25, 2024 at 01:54:59PM +0200, Jiri Denemark wrote:
On Tue, Jun 25, 2024 at 11:48:45 +0200, Michal Privoznik wrote:
This is a promised follow up to:
https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/message/7QQX...
Michal Prívozník (8): libvirt_private.syms: Export virDomainLaunchSecurity enum handlers qemuxmlconftest; Explicitly enable QEMU_CAPS_SEV_SNP_GUEST for "launch-security-sev-snp" qemu_capabilities: Probe SEV capabilities even for QEMU_CAPS_SEV_SNP_GUEST domcaps: Report launchSecurity qemu: Fill launchSecurity in domaincaps qemu_validate: Use domaincaps to validate supported launchSecurity type virt-host-validate: Move AMD SEV into a separate func virt-host-validate: Detect SEV-ES and SEV-SNP
Overall it looks OK (see replies to 3/8 and 5/8 for a few nits) and it makes sense to me. But you should probably wait for a second look from someone familiar with SEV to check the design makes sense.
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Looks fine to me. Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|