[PATCH] docs: Describe protected virtualization guest setup

Daniel Henrique Barboza danielhb413 at gmail.com
Wed Apr 29 13:19:20 UTC 2020

On 4/28/20 12:58 PM, Boris Fiuczynski wrote:
> From: Viktor Mihajlovski <mihajlov at linux.ibm.com>

> +
> +If the check fails despite the host system actually supporting
> +protected virtualization guests, this can be caused by a stale
> +libvirt capabilities cache. To recover, run the following
> +commands
> +
> +::
> +
> +   $ systemctl stop libvirtd
> +   $ rm /var/cache/libvirt/qemu/capabilities/*.xml
> +   $ systemctl start libvirtd
> +
> +

Why isn't Libvirt re-fetching the capabilities after host changes that affects
KVM capabilities? I see that we're following up QEMU timestamps to detect
if the binary changes, which is sensible, but what about /dev/kvm? Shouldn't
we refresh domain capabilities every time following a host reboot?

IMHO this is a discussion worth having before making this sort of workaround
an official part of the feature.



More information about the libvir-list mailing list