Adding an "Enable Launch Security" checkbox to the Memory Details dialog
Daniel P. Berrangé
berrange at redhat.com
Fri Mar 27 16:18:54 UTC 2020
On Fri, Mar 27, 2020 at 12:13:09PM -0400, Cole Robinson wrote:
> CCing Erik who knows more about that launchSecurity/sev than I do
>
> On 3/27/20 11:44 AM, Charles Arnold wrote:
> > What is the opinion of adding a checkbox called "Enable Launch
> > Security" under the 'Current allocation' and 'Maximum allocation' boxes
> > on the Details->Memory dialog? It would only be enabled if libvirt
> > detected support for it.
> >
>
> Provided libvirt capabilities report everything we need to know to
> whether it's really supported on the host and will actually work, and
> there's a sensible noncontroversial set of defaults we can fill in, then
> a single checkbox is worth considering. It's certainly an advanced
> feature but it's also getting more and more mention these days so maybe
> it's good to get out ahead of any future RFEs.
Two issues right now. There is a ridiculously low limit of 15 VMs
on first generation CPUs, perhaps not a huge problem for typical
scenarios using virt-manager though. Second though is that while
libvirt reports whether the feature exists & is supported in QEMU,
QEMU is lieing to us, because it isn't checking whether kvm-amd
actually allows the feature to be used.
https://bugzilla.redhat.com/show_bug.cgi?id=1689202
https://bugzilla.redhat.com/show_bug.cgi?id=1731439
As long as the checkbox isn't enabled by default, its probably ok
to ignore those two issues
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
More information about the virt-tools-list
mailing list