[PATCH 5/6] tools: secure guest check for AMD in virt-host-validate
Erik Skultety
eskultet at redhat.com
Tue May 19 06:25:32 UTC 2020
...
> > > diff --git a/docs/kbase/launch_security_sev.rst b/docs/kbase/launch_security_sev.rst
> > > index fa602c7432..45166b3886 100644
> > > --- a/docs/kbase/launch_security_sev.rst
> > > +++ b/docs/kbase/launch_security_sev.rst
> > > @@ -30,8 +30,11 @@ Enabling SEV on the host
> > > ========================
> > > Before VMs can make use of the SEV feature you need to make sure your
> > > -AMD CPU does support SEV. You can check whether SEV is among the CPU
> > > -flags with:
> > > +AMD CPU does support SEV. You can run ``libvirt-host-validate``
> > > +(libvirt >= 6.4.0) to check if your host supports secure guests or you
> > > +can follow the manual checks below.
> > > +
> > > +You can manually check whether SEV is among the CPU flags with:
> >
> > ^this change should go along the (<6.4.0) in one of the earlier patches into a
> > standalone patch.
>
> Actually the earlier patches fix the stale cap cache and this update is
> because of a new support in libvirt-host-validate. I am not sure that we
> should tie these to into one patch.
> I would prefer to keep the two doc changes separate and with the changes
> that caused the update.
I won't argue against that logic. However, both patch 3 and this one update the
same knowledge article. What IMO matters here the most is that once all of the
changes you're introducing are applied as a unit, the article needs to
reflect both the changes. From that perspective, at least to me it makes total
sense to group the docs changes from both 3/6 and this patch to a single update
to the SEV article accordingly.
--
Erik Skultety
More information about the libvir-list
mailing list