External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-12-22 05:35:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

tools: Fix detection of remote libvirt access in virt-qemu-sev-validate

Browse Source 
The VM's firmware path is not extracted from the XML when invoking
virt-qemu-sev-validate in insecure mode and connecting to the local libvirt

virt-qemu-sev-validate --insecure --tk tek-tik.bin --domain test-sev-es
ERROR: Cannot access firmware path remotely

The test for remote access compares the return value from socket.gethostname()
to the return value from conn.getHostname(). The former doesn't always return
the fqdn, whereas the latter does. Use socket.getfqdn() instead.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
Jim Fehlig 2023-02-02 11:04:20 -07:00
parent 8eb54255ec
commit 0f350a4d07
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
tools/virt-qemu-sev-validate
View File

@ -942,7 +942,7 @@ class LibvirtConfidentialVM(ConfidentialVM):
def load_domain(self, uri, id_name_uuid, secure, ignore_config):
self.conn = libvirt.open(uri)
remote = socket.gethostname() != self.conn.getHostname()
remote = socket.getfqdn() != self.conn.getHostname()
if not remote and secure:
raise InsecureUsageException(
"running locally on the hypervisor host is not secure")