[libvirt PATCH] virsh: domsetlaunchsecstate: mark options as mandatory

Andrea Bolognani abologna at redhat.com
Wed Jan 26 16:13:49 UTC 2022

On Wed, Jan 26, 2022 at 04:43:52PM +0100, Ján Tomko wrote:
> We exit if they are not present.
> Let the virsh option parser do the checking instead of checking
> it manually. Change the type to OT_DATA (i.e. a mandatory string),
> mark them as required and remove VSH_OFLAG_REQ_OPT so that the
> header file and the secret file can be specified without the option
> names.
> https://bugzilla.redhat.com/show_bug.cgi?id=2046024
> Signed-off-by: Ján Tomko <jtomko at redhat.com>
> ---
>  tools/virsh-domain.c | 11 ++++-------
>  1 file changed, 4 insertions(+), 7 deletions(-)

You should update virsh.rst accordingly with something along the
lines of the diff included below. With that taken care of,

  Reviewed-by: Andrea Bolognani <abologna at redhat.com>

diff --git a/docs/manpages/virsh.rst b/docs/manpages/virsh.rst
index e28927ed6c..65002f968a 100644
--- a/docs/manpages/virsh.rst
+++ b/docs/manpages/virsh.rst
@@ -2095,18 +2095,17 @@ domsetlaunchsecstate


-   domsetlaunchsecstate domain --secrethdr hdr-filename
-       --secret secret-filename [--set-address address]
+   domsetlaunchsecstate domain secrethdr secret [--set-address address]

 Set a launch security secret in the guest's memory. The guest must have a
 launchSecurity type enabled in its configuration and be in a paused state.
 On success, the guest can be transitioned to a running state. On failure,
 the guest should be destroyed.

-*--secrethdr* specifies a filename containing the base64-encoded secret header.
+*secrethdr* is the path to a file containing the base64-encoded secret header.
 The header includes artifacts needed by the hypervisor firmware to recover the
-plain text of the launch secret. *--secret* specifies the filename containing
-the base64-encoded encrypted launch secret.
+plain text of the launch secret. *secret* is the path to a file containing the
+base64-encoded encrypted launch secret.

 The *--set-address* option can be used to specify a physical address within
 the guest's memory to set the secret. If not specified, the address will be
Andrea Bolognani / Red Hat / Virtualization

More information about the libvir-list mailing list