Bug 2380941

Summary: Review Request: rust-sev4 - Library for AMD SEV - version 4
Product: [Fedora] Fedora Reporter: Uri Lublin <uril>
Component: Package ReviewAssignee: Fabio Valentini <decathorpe>
Status: CLOSED WONTFIX QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: crobinso, decathorpe, package-review, slopezpa, tfanelli, yafu
Target Milestone: ---Flags: decathorpe: fedora-review?
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2025-09-04 14:40:41 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Uri Lublin 2025-07-16 14:32:19 UTC 
Spec URL: https://download.copr.fedorainfracloud.org/results/uril/trustee-attester/fedora-rawhide-x86_64/09270025-rust-sev4/rust-sev4.spec
SRPM URL: https://download.copr.fedorainfracloud.org/results/uril/trustee-attester/fedora-rawhide-x86_64/09270025-rust-sev4/rust-sev4-4.0.0-1.fc43.src.rpm
Description: Library for AMD SEV.
Fedora Account System Username: uril


Currently available in Fedora rust-sev version 6, but some packages depends on
rust-sev version 4.

Spec file was created with:
fedpkg clone -a rust-sev
cd rust-sev
git checkout -b sev4 078c510ed92f03969cf36d56f88fb4797a143c0e
# 078c510ed92f03969cf36d56f88fb4797a143c0e is the last commit before version 6
vim rust-sev.spec # changing Name from rust-sev to rust-sev4
mv rust-sev.spec rust-sev4.spec
Comment 1 Sergio Lopez 2025-07-17 14:26:37 UTC 
@uril Which Fedora packages depend on sev4?

@tfanelli PTAL.
Comment 2 Tyler Fanelli 2025-07-18 00:09:53 UTC 
Are you using the launch API in this version? Version 4 of this library doesn't set the memory region attributes to private, which may cause issues with guest_memfd on newer kernels. If you're not using that, then introducing this is fine with me.
Comment 3 Fabio Valentini 2025-07-18 10:19:02 UTC 
I don't know what happened here, but the crate downloaded from crates.io doesn't match the tarball you used in this package. Both the sha256sum of the .crate file and checksums of individual files don't match.
Comment 4 Uri Lublin 2025-07-20 07:21:43 UTC 
(In reply to Sergio Lopez from comment #1)
> @uril Which Fedora packages depend on sev4?
> 
> @tfanelli PTAL.

az-cvm-vtpm - bug 2370932
az-snp-vtpm - bug 2370933
trustee-guest-components depends on these
Comment 5 Uri Lublin 2025-07-27 14:15:33 UTC 
(In reply to Fabio Valentini from comment #3)
> I don't know what happened here, but the crate downloaded from crates.io
> doesn't match the tarball you used in this package. Both the sha256sum of
> the .crate file and checksums of individual files don't match.

I changed nothing but the name, such that rust-sev4 is the same as
rust-sev (version 4.0.0), as it was already tested and used.
Comment 6 Fabio Valentini 2025-07-30 20:58:33 UTC 
The question isn't the origin of the *.spec file, the question is the origin of the *.crate file.

It doesn't match the one downloaded from crates.io, which is quite suspicious.
Comment 7 Uri Lublin 2025-08-03 12:43:42 UTC 
Yes, I understand your concern is the crate file. My comment 5 still holds.

I'll prepare an SRPM with the original crate.
Comment 8 Uri Lublin 2025-08-03 12:55:50 UTC 
(In reply to Uri Lublin from comment #7)
> I'll prepare an SRPM with the original crate.

I'll first try building rust-az-???-vtpm v0.7.3 (related: bug 2370932 comment 11)
Comment 9 Fabio Valentini 2025-09-04 13:46:37 UTC 
Do you still need this package for v4?
Comment 10 Uri Lublin 2025-09-04 14:40:41 UTC 
No, we modified the code to use sev-v6.
Closing it as won'tfix.