[virt-tools-list] [virt-install PATCH v2 0/6] Introduce initial support for AMD SEV launch security
Singh, Brijesh
brijesh.singh at amd.com
Thu Jun 13 19:58:09 UTC 2019
On 6/13/19 2:43 AM, Erik Skultety wrote:
> On Wed, Jun 12, 2019 at 03:43:44PM +0000, Singh, Brijesh wrote:
>> Hi Erik,
>>
>> On 6/11/19 10:41 AM, Erik Skultety wrote:
>>> * Since v1:
>>> - dropped all validation checks from the parser and moved them into the
>>> DomainLaunchSecurity object, either into validate() or set_defaults()
>>> - shortened the man page to contain only virt-install relevant bits with the
>>> promise that I'll use the stripped bits in a dedicated libvirt SEV docs page.
>>> - dropped a couple of checks in order to let libvirt/QEMU fail and not bloat
>>> virt-install with such code
>>>
>>> Please give it a try if you can, I'm looking at you Brijesh ;)
>>
>> I will give this a try soon. Admittedly I am not familiar with
>> virt-install, Do you have some instruction which I can follow to
>> verify it ?
>
> virt-install has a few mandatory arguments --name, --memory, --disk which it
> will complain about if you omit them. You can have a look at my branch on
> github https://github.com/eskultety/virt-manager/tree/launch-security and open
> the virt-install-sev.sh script which contains the cmdline I was testing with,
> the virt-install man page should have the same example for that matter, I also
> put a few example invocations in there - in general, virt-install's man page
> provides many example invocations for all its options.
>
Thanks, the script and man was extremely helpful.
> The thing with virt-install is that it uses some handy defaults for you which
> is convenient, e.g. using many virtio devices implicitly...until you need to
> enable the IOMMU flag, that's why I had to explicitly add a virtio-scsi
> controller in there for example.
>
> Let us know if you'll struggle with a specific issue.
>
I have test the virt-install in my setup and did some smoke test from
SEV point of view and things are looking good. Thank you so much for
the work.
Acked-by: Brijesh Singh <brijesh.singh at amd.com>
Tested-By: Brijesh Singh <brijesh.singh at amd.com>
-Brijesh
More information about the virt-tools-list
mailing list