Re: [libvirt] [PATCH] docs: kbase: Add a section explaining how to verify SEV from the guest
On Fri, Sep 20, 2019 at 01:47:09PM +0200, Erik Skultety wrote:
Commit 50dfabbb59 forgot to add this important bit on how to check
that
all the changes to the XML actually worked.
---
docs/kbase/launch_security_sev.html.in | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/docs/kbase/launch_security_sev.html.in
b/docs/kbase/launch_security_sev.html.in
index 923bb52b25..4b8e06ccc1 100644
--- a/docs/kbase/launch_security_sev.html.in
+++ b/docs/kbase/launch_security_sev.html.in
@@ -349,6 +349,18 @@ EOF</pre>
...
</domain></pre>
+ <h2><a id="Guest">Checking SEV from within the
guest</a></h2>
+ <p>
+ After making the necessary adjustments discussed in
+ <a href="#Configuration">Configuration</a>, the VM should
now boot
+ successfully with SEV enabled. You can then verify that the guest
+ enabled with SEV by running:
-EPARSE
You can then verify that the guest has SEV enabled by running
or
You can verify that SEV is enabled by running this command in the guest
+ </p>
+
+ <pre>
+# dmesg | grep -i sev
+AMD Secure Encrypted Virtualization (SEV) active</pre>
+
<h2><a id="Limitations">Limitations</a></h2>
<p>
Currently, the boot disk cannot be of type virtio-blk, instead, virtio-scsi
--
2.20.1
Reviewed-by: Ján Tomko <jtomko(a)redhat.com>
Jano
Attachments:
- signature.asc (application/pgp-signature — 488 bytes)