From 0d076b07d474012930678661b4fd046082078f515b00cbc8caa2d367da6ad381 Mon Sep 17 00:00:00 2001
From: James Fehlig <jfehlig@suse.com>
Date: Thu, 7 Oct 2021 04:15:49 +0000
Subject: [PATCH] - tools: Fix virt-host-validate SEV detection  
 3f9c1a4b-fix-host-validate-sev.patch   boo#1188715

OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=906
---
 3f9c1a4b-fix-host-validate-sev.patch | 30 ++++++++++++++++++++++++++++
 libvirt.changes                      |  7 +++++++
 libvirt.spec                         |  1 +
 3 files changed, 38 insertions(+)
 create mode 100644 3f9c1a4b-fix-host-validate-sev.patch

diff --git a/3f9c1a4b-fix-host-validate-sev.patch b/3f9c1a4b-fix-host-validate-sev.patch
new file mode 100644
index 0000000..fe09099
--- /dev/null
+++ b/3f9c1a4b-fix-host-validate-sev.patch
@@ -0,0 +1,30 @@
+commit 3f9c1a4bb8416dafdaa89358498233aa6684377c
+Author: Jim Fehlig <jfehlig@suse.com>
+Date:   Tue Oct 5 22:34:57 2021 -0600
+
+    tools: Fix virt-host-validate SEV detection
+    
+    virt-host-validate checks if AMD SEV is enabled by verifying
+    /sys/module/kvm_amd/parameters/sev is set to '1'. On a system
+    running kernel 5.13, the parameter is reported as 'Y'. To be
+    extra paranoid, add a check for 'y' along with 'Y' to complement
+    the existing check for '1'.
+    
+    Fixes: https://bugzilla.opensuse.org/show_bug.cgi?id=1188715
+    
+    Signed-off-by: Jim Fehlig <jfehlig@suse.com>
+    Reviewed-by: Andrea Bolognani <abologna@redhat.com>
+
+Index: libvirt-7.8.0/tools/virt-host-validate-common.c
+===================================================================
+--- libvirt-7.8.0.orig/tools/virt-host-validate-common.c
++++ libvirt-7.8.0/tools/virt-host-validate-common.c
+@@ -501,7 +501,7 @@ int virHostValidateSecureGuests(const ch
+             return VIR_HOST_VALIDATE_FAILURE(level);
+         }
+ 
+-        if (mod_value[0] != '1') {
++        if (mod_value[0] != '1' && mod_value[0] != 'Y' && mod_value[0] != 'y') {
+             virHostMsgFail(level,
+                            "AMD Secure Encrypted Virtualization appears to be "
+                            "disabled in kernel. Add kvm_amd.sev=1 "
diff --git a/libvirt.changes b/libvirt.changes
index 902476c..faaaa23 100644
--- a/libvirt.changes
+++ b/libvirt.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Thu Oct  7 04:14:22 UTC 2021 - James Fehlig <jfehlig@suse.com>
+
+- tools: Fix virt-host-validate SEV detection
+  3f9c1a4b-fix-host-validate-sev.patch
+  boo#1188715
+
 -------------------------------------------------------------------
 Fri Oct  1 15:22:44 UTC 2021 - James Fehlig <jfehlig@suse.com>
 
diff --git a/libvirt.spec b/libvirt.spec
index d8c9382..ebee90e 100644
--- a/libvirt.spec
+++ b/libvirt.spec
@@ -285,6 +285,7 @@ Source6:        libvirtd-relocation-server.xml
 Source99:       baselibs.conf
 Source100:      %{name}-rpmlintrc
 # Upstream patches
+Patch0:         3f9c1a4b-fix-host-validate-sev.patch
 # Patches pending upstream review
 Patch100:       libxl-dom-reset.patch
 Patch101:       network-don-t-use-dhcp-authoritative-on-static-netwo.patch