|
|
acda74 |
From 33d57465bc7d0c23c281c4db27fc7eb2ed62b24a Mon Sep 17 00:00:00 2001
|
|
|
acda74 |
Message-Id: <33d57465bc7d0c23c281c4db27fc7eb2ed62b24a@dist-git>
|
|
|
acda74 |
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
|
|
|
acda74 |
Date: Thu, 16 Feb 2023 15:51:03 +0000
|
|
|
acda74 |
Subject: [PATCH] docs/kbase: fix example for SEV validation
|
|
|
acda74 |
MIME-Version: 1.0
|
|
|
acda74 |
Content-Type: text/plain; charset=UTF-8
|
|
|
acda74 |
Content-Transfer-Encoding: 8bit
|
|
|
acda74 |
|
|
|
acda74 |
The offline validation example needs to include the firmware path,
|
|
|
acda74 |
and is also missing line continuation markers.
|
|
|
acda74 |
|
|
|
acda74 |
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
|
|
acda74 |
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
|
acda74 |
(cherry picked from commit 9541ce080a0896411bebb299f47e39112810a648)
|
|
|
acda74 |
https://bugzilla.redhat.com/show_bug.cgi?id=2172347
|
|
|
acda74 |
---
|
|
|
acda74 |
docs/kbase/launch_security_sev.rst | 13 +++++++------
|
|
|
acda74 |
1 file changed, 7 insertions(+), 6 deletions(-)
|
|
|
acda74 |
|
|
|
acda74 |
diff --git a/docs/kbase/launch_security_sev.rst b/docs/kbase/launch_security_sev.rst
|
|
|
acda74 |
index 7f692af748..f3c8695f73 100644
|
|
|
acda74 |
--- a/docs/kbase/launch_security_sev.rst
|
|
|
acda74 |
+++ b/docs/kbase/launch_security_sev.rst
|
|
|
acda74 |
@@ -465,12 +465,13 @@ scope of this document. Fortunately, libvirt provides a tool that can be used
|
|
|
acda74 |
to perform this validation::
|
|
|
acda74 |
|
|
|
acda74 |
$ virt-qemu-sev-validate \
|
|
|
acda74 |
- --measurement LMnv8i8N2QejezMPkscShF0cyPYCslgUoCxGWRqQuyt0Q0aUjVkH/T6NcmkwZkWp
|
|
|
acda74 |
- --api-major 0
|
|
|
acda74 |
- --api-minor 24
|
|
|
acda74 |
- --build-id 15
|
|
|
acda74 |
- --policy 3
|
|
|
acda74 |
- --tik ${myvmname}_tik.bin
|
|
|
acda74 |
+ --measurement LMnv8i8N2QejezMPkscShF0cyPYCslgUoCxGWRqQuyt0Q0aUjVkH/T6NcmkwZkWp \
|
|
|
acda74 |
+ --api-major 0 \
|
|
|
acda74 |
+ --api-minor 24 \
|
|
|
acda74 |
+ --build-id 15 \
|
|
|
acda74 |
+ --policy 3 \
|
|
|
acda74 |
+ --firmware /path/to/OVMF.sev.fd \
|
|
|
acda74 |
+ --tik ${myvmname}_tik.bin \
|
|
|
acda74 |
--tek ${myvmname}_tek.bin
|
|
|
acda74 |
OK: Looks good to me
|
|
|
acda74 |
|
|
|
acda74 |
--
|
|
|
acda74 |
2.39.2
|
|
|
acda74 |
|