[PATCH v3 4/7] tools: secure guest check on s390 in virt-host-validate
Erik Skultety
eskultet at redhat.com
Mon Jun 15 14:19:49 UTC 2020
On Mon, Jun 15, 2020 at 10:28:09AM +0200, Paulo de Rezende Pinatti wrote:
> From: Boris Fiuczynski <fiuczy at linux.ibm.com>
>
> Add checking in virt-host-validate for secure guest support
> on s390 for IBM Secure Execution.
>
> Signed-off-by: Boris Fiuczynski <fiuczy at linux.ibm.com>
> Tested-by: Viktor Mihajlovski <mihajlov at linux.ibm.com>
> Reviewed-by: Paulo de Rezende Pinatti <ppinatti at linux.ibm.com>
> Reviewed-by: Bjoern Walk <bwalk at linux.ibm.com>
> Reviewed-by: Erik Skultety <eskultet at redhat.com>
> ---
My RB still stands, again small enhancement:
diff --git a/tools/virt-host-validate-common.c b/tools/virt-host-validate-common.c
index a279e9cc19..6e03235ceb 100644
--- a/tools/virt-host-validate-common.c
+++ b/tools/virt-host-validate-common.c
@@ -471,10 +471,6 @@ int virHostValidateSecureGuests(const char *hvname,
if (virFileReadValueString(&cmdline, "/proc/cmdline") < 0)
return -1;
- /* we're prefix matching rather than equality matching here, because
- * kernel would treat even something like prot_virt='yFOO' as
- * enabled
- */
if (virKernelCmdlineMatchParam(cmdline, "prot_virt", kIBMValues,
G_N_ELEMENTS(kIBMValues),
VIR_KERNEL_CMDLINE_FLAGS_SEARCH_FIRST |
More information about the libvir-list
mailing list