[libvirt] [PATCH 0/2] AMD SEV: Relabel session data under /var/lib/libvirt

Erik Skultety eskultet at redhat.com
Tue Dec 11 14:43:48 UTC 2018


If a user tries to pass the optional "dhCert" or "session" data to the SEV
firmware, these are in form of a base64-encoded strings which libvirt then
takes and creates files with those strings as content under
/var/lib/libvirt/qemu/<domain>. Libvirt then puts paths to these files on to
QEMU cmdline. QEMU then uses these files within its communication with SEV
firmware, provided it has access to those files.

https://bugzilla.redhat.com/show_bug.cgi?id=1658112

Erik Skultety (2):
  qemu: process: SEV: Assume libDir to be the directory to create files
    in
  qemu: process: SEV: Relabel guest owner's SEV files created before
    start

 src/qemu/qemu_process.c | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

--
2.19.2




More information about the libvir-list mailing list