Ubuntu
libvirt package

Bug #1874647
Comment #31

Comment 31 for bug 1874647

Revision history for this message

bugproxy (bugproxy) wrote on 2020-09-24: Comment bridged from LTC Bugzilla

#31

------- Comment From <email address hidden> 2020-09-24 09:56 EDT-------
Installed focal.
Added proposed repo
$ cat <<EOF >/etc/apt/sources.list.d/ubuntu-$(lsb_release -cs)-proposed.list
# Enable Ubuntu proposed archive
deb http://ports.ubuntu.com/ubuntu-ports $(lsb_release -cs)-proposed restricted main multiverse universe
EOF

Ran
$ apt-get upgrade

Checked installed packages
$ apt list --installed | grep -e libvirt -e qemu -e linux-image
libvirt-clients/focal-proposed,now 6.0.0-0ubuntu8.4 s390x [installed]
libvirt-daemon-driver-qemu/focal-proposed,now 6.0.0-0ubuntu8.4 s390x [installed]
libvirt-daemon-driver-storage-rbd/focal-proposed,now 6.0.0-0ubuntu8.4 s390x [installed,automatic]
libvirt-daemon-system-systemd/focal-proposed,now 6.0.0-0ubuntu8.4 s390x [installed,automatic]
libvirt-daemon-system/focal-proposed,now 6.0.0-0ubuntu8.4 s390x [installed]
libvirt-daemon/focal-proposed,now 6.0.0-0ubuntu8.4 s390x [installed]
libvirt0/focal-proposed,now 6.0.0-0ubuntu8.4 s390x [installed,automatic]
linux-image-5.4.0-48-generic/focal-updates,focal-security,focal-proposed,now 5.4.0-48.52 s390x [installed,automatic]
linux-image-generic/focal-updates,focal-security,now 5.4.0.48.51 s390x [installed,upgradable to: 5.4.0.49.52]
qemu-block-extra/focal-updates,focal-security,now 1:4.2-3ubuntu6.6 s390x [installed,automatic]
qemu-kvm/focal-updates,focal-security,now 1:4.2-3ubuntu6.6 s390x [installed]
qemu-system-common/focal-updates,focal-security,now 1:4.2-3ubuntu6.6 s390x [installed,automatic]
qemu-system-data/focal-updates,focal-security,now 1:4.2-3ubuntu6.6 all [installed,automatic]
qemu-system-s390x/focal-updates,focal-security,now 1:4.2-3ubuntu6.6 s390x [installed,automatic]
qemu-utils/focal-updates,focal-security,now 1:4.2-3ubuntu6.6 s390x [installed,automatic]

Ran virt-host-validate and received the expected warning: "WARN (IBM Secure Execution appears to be disabled in kernel. Add prot_virt=1 to kernel cmdline arguments)"

Enabled protected virtualization by adding kernel parameter "prot_virt=1" and rebooted.
Libvirts cached capabilities file was updated and virt-host-validate returned "PASS" for "QEMU: Checking for secure guest support" and as expected an SE guest was able to start.

Disabled protected virtualization by changing kernel parameter "prot_virt=1" to "prot-virt=0" and rebooted.
Libvirts cached capabilities file was updated and virt-host-validate returned "WARN..." for "QEMU: Checking for secure guest support" and as expected an SE guest was NOT able to start.

Reenabled protected virtualization by changing kernel parameter "prot-virt=0" to "prot-virt=1" and rebooted.
Libvirts cached capabilities file was updated and virt-host-validate returned "PASS" for "QEMU: Checking for secure guest support" and as expected an SE guest was able to start.

------- Comment From boris_fiuczynski@de.ibm.com 2020-09-24 09:56 EDT-------
Installed focal.
Added proposed repo
$ cat <<EOF >/etc/apt/sources.list.d/ubuntu-$(lsb_release -cs)-proposed.list
# Enable Ubuntu proposed archive
deb http://ports.ubuntu.com/ubuntu-ports $(lsb_release -cs)-proposed restricted main multiverse universe
EOF

Ran
$ apt-get upgrade

Ran virt-host-validate and received the expected warning: "WARN (IBM Secure Execution appears to be disabled in kernel. Add prot_virt=1 to kernel cmdline arguments)"

Ubuntulibvirt package

Comment 31 for bug 1874647

Ubuntu
libvirt package