[PATCH] docs: tpm: Clarify omission or removal of active_pcr_banks node
Jiri Denemark
jdenemar at redhat.com
Thu Jan 13 09:21:41 UTC 2022
On Wed, Jan 12, 2022 at 10:49:52 -0500, Stefan Berger wrote:
> Add a sentence to the active_pcr_banks node documentation that clarifies
> that when the active_pcr_banks node is removed from the XML or when it
> is omitted that the set of active PCR banks is not changed anymore.
>
> Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2039246
> Signed-off-by: Stefan Berger <stefanb at linux.ibm.com>
> ---
> docs/formatdomain.rst | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst
> index d4f30bb8af..a84be77c37 100644
> --- a/docs/formatdomain.rst
> +++ b/docs/formatdomain.rst
> @@ -7640,6 +7640,8 @@ Example: usage of the TPM Emulator
> of a TPM 2.0 to activate. Valid names are for example sha1, sha256, sha384,
> and sha512. If this node is provided, the set of PCR banks are activated
> before every start of a VM and this step is logged in the swtpm's log.
> + If this node is removed or omitted then libvirt will not modify the
> + active PCR banks upon VM start but leave them at their last configuration.
> This attribute requires that swtpm_setup v0.7 or later is installed
> and may not have any effect otherwise. The selection of PCR banks only works
> with the ``emulator`` backend. since:`Since 7.10.0`
Reviewed-by: Jiri Denemark <jdenemar at redhat.com>
And safe for 8.0.0.
More information about the libvir-list
mailing list