9:05 a.m.
Some minor docs/rpm issues found in testing
Daniel P. Berrangé (3):
docs: refer to --firmware instead of --loader
rpm: add missing deps for the virt-qemu-sev-validate
docs/kbase: fix example for SEV validation
docs/kbase/launch_security_sev.rst | 13 +++++++------
docs/manpages/virt-qemu-sev-validate.rst | 4 ++--
libvirt.spec.in | 2 ++
3 files changed, 11 insertions(+), 8 deletions(-)
--
2.39.2
9:05 a.m.
New subject: [libvirt PATCH 1/3] docs: refer to --firmware instead of --loader
The --loader syntax was left over from an earlier version of the code
before it was renamed to --firmware.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
docs/manpages/virt-qemu-sev-validate.rst | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/docs/manpages/virt-qemu-sev-validate.rst
b/docs/manpages/virt-qemu-sev-validate.rst
index 9eff387aea..b1392e0a50 100644
--- a/docs/manpages/virt-qemu-sev-validate.rst
+++ b/docs/manpages/virt-qemu-sev-validate.rst
@@ -309,7 +309,7 @@ inject a disk password on success:
::
# virt-qemu-sev-validate \
- --loader OVMF.sev.fd \
+ --firmware OVMF.sev.fd \
--tk this-guest-tk.bin \
--measurement Zs2pf19ubFSafpZ2WKkwquXvACx9Wt/BV+eJwQ/taO8jhyIj/F8swFrybR1fZ2ID \
--api-major 0 \
@@ -390,7 +390,7 @@ inject a disk password on success:
# virt-qemu-sev-validate \
--connect qemu+ssh://root@some.remote.host/system \
- --loader OVMF.sev.fd \
+ --firmware OVMF.sev.fd \
--tk this-guest-tk.bin \
--domain fedora34x86_64 \
--disk-password passwd.txt
--
2.39.2
9:05 a.m.
New subject: [libvirt PATCH 2/3] rpm: add missing deps for the virt-qemu-sev-validate
The RPM automatic deps generator for python does not pick these up
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
libvirt.spec.in | 2 ++
1 file changed, 2 insertions(+)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index e795b98d48..e62534c31d 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -961,6 +961,8 @@ capabilities of recent versions of Linux (and other OSes).
Summary: Additional client side utilities for QEMU
Requires: libvirt-libs = %{version}-%{release}
Requires: python3-libvirt >= 3.7.0
+Requires: python3-cryptography
+Requires: python3-lxml
%description client-qemu
The additional client binaries are used to interact
--
2.39.2
9:05 a.m.
New subject: [libvirt PATCH 3/3] docs/kbase: fix example for SEV validation
The offline validation example needs to include the firmware path,
and is also missing line continuation markers.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
docs/kbase/launch_security_sev.rst | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/docs/kbase/launch_security_sev.rst b/docs/kbase/launch_security_sev.rst
index 7f692af748..f3c8695f73 100644
--- a/docs/kbase/launch_security_sev.rst
+++ b/docs/kbase/launch_security_sev.rst
@@ -465,12 +465,13 @@ scope of this document. Fortunately, libvirt provides a tool that
can be used
to perform this validation::
$ virt-qemu-sev-validate \
- --measurement LMnv8i8N2QejezMPkscShF0cyPYCslgUoCxGWRqQuyt0Q0aUjVkH/T6NcmkwZkWp
- --api-major 0
- --api-minor 24
- --build-id 15
- --policy 3
- --tik ${myvmname}_tik.bin
+ --measurement LMnv8i8N2QejezMPkscShF0cyPYCslgUoCxGWRqQuyt0Q0aUjVkH/T6NcmkwZkWp \
+ --api-major 0 \
+ --api-minor 24 \
+ --build-id 15 \
+ --policy 3 \
+ --firmware /path/to/OVMF.sev.fd \
+ --tik ${myvmname}_tik.bin \
--tek ${myvmname}_tek.bin
OK: Looks good to me
--
2.39.2
9:17 a.m.
On a Tuesday in 2023, Daniel P. Berrangé wrote:
Some minor docs/rpm issues found in testing
Daniel P. Berrangé (3):
docs: refer to --firmware instead of --loader
rpm: add missing deps for the virt-qemu-sev-validate
docs/kbase: fix example for SEV validation
docs/kbase/launch_security_sev.rst | 13 +++++++------
docs/manpages/virt-qemu-sev-validate.rst | 4 ++--
libvirt.spec.in | 2 ++
3 files changed, 11 insertions(+), 8 deletions(-)
Reviewed-by: Ján Tomko <jtomko(a)redhat.com>
Jano
643
days inactive
643
days old
4 comments
2 participants
participants (2)
-
Daniel P. Berrangé -
Ján Tomko