tools: Fix virt-host-validate SEV detection

virt-host-validate checks if AMD SEV is enabled by verifying /sys/module/kvm_amd/parameters/sev is set to '1'. On a system running kernel 5.13, the parameter is reported as 'Y'. To be extra paranoid, add a check for 'y' along with 'Y' to complement the existing check for '1'. Fixes: https://bugzilla.opensuse.org/show_bug.cgi?id=1188715 Signed-off-by: Jim Fehlig <jfehlig@suse.com> Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2024-07-31 05:57:16 +00:00 · 2021-10-05 22:34:57 -06:00 · 2021-10-05 22:34:57 -06:00 · 3f9c1a4bb8
commit 3f9c1a4bb8
parent b96ca3b848
1 changed files with 1 additions and 1 deletions
--- a/tools/virt-host-validate-common.c
+++ b/tools/virt-host-validate-common.c
@ -501,7 +501,7 @@ int virHostValidateSecureGuests(const char *hvname,
            return VIR_HOST_VALIDATE_FAILURE(level);
        }

-        if (mod_value[0] != '1') {
+        if (mod_value[0] != '1' && mod_value[0] != 'Y' && mod_value[0] != 'y') {
            virHostMsgFail(level,
                           "AMD Secure Encrypted Virtualization appears to be "
                           "disabled in kernel. Add kvm_amd.sev=1 "