[Libguestfs] [PATCH] launch: direct: Pass -enable-fips option if qemu supports it.
Richard W.M. Jones
rjones at redhat.com
Thu Dec 5 22:38:53 UTC 2013
From: "Richard W.M. Jones" <rjones at redhat.com>
---
src/launch-direct.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/src/launch-direct.c b/src/launch-direct.c
index f06bb23..58e4b1a 100644
--- a/src/launch-direct.c
+++ b/src/launch-direct.c
@@ -328,6 +328,13 @@ launch_direct (guestfs_h *g, void *datav, const char *arg)
ADD_CMDLINE (VIRTIO_BLK ".scsi=off");
}
+ /* This oddly named option doesn't actually enable FIPS. It just
+ * causes qemu to do the right thing if FIPS is enabled in the
+ * kernel. So like libvirt, we pass it unconditionally.
+ */
+ if (qemu_supports (g, data, "-enable-fips"))
+ ADD_CMDLINE ("-enable-fips");
+
if (qemu_supports (g, data, "-nodefconfig"))
ADD_CMDLINE ("-nodefconfig");
--
1.8.3.1
More information about the Libguestfs
mailing list