Note: This bug is displayed in read-only format because
the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Description of problem:
virt-install man page typo issue for "--launchSecurity" option
Version-Release number of selected component (if applicable):
kernel-4.18.0-128.el8.x86_64
virt-manager-2.2.1-1.el8.noarch
libvirt-4.5.0-31.module+el8.1.0+3808+3325c1a3.x86_64
qemu-kvm-2.12.0-83.module+el8.1.0+3852+0ba8aef0.x86_64
python3-libvirt-4.5.0-2.module+el8.1.0+3531+2918145b.x86_64
How reproducible:
100%
Steps to Reproduce:
1. Document checking for sev in virt-install man page
# man virt-install
------------------------------------------------------------------------------
Part-1
--launch-security TYPE[,OPTS]
Enable launch security for the guest, e.g. AMD SEV.
Use --launch-security=? to see a list of all available sub options. Complete details at <https://libvirt.org/formatdomain.html#launchSecurity>. Example invocations:
===Testing result: No option "--launch-security", it should be "--launchSecurity"
# virt-install --launch-security=?
usage: virt-install --name NAME --memory MB STORAGE INSTALL [options]
virt-install: error: unrecognized arguments: --launch-security=?
# virt-install --launchSecurity=?
--launchSecurity options:
clearxml
cbitpos
dhCert
policy
reducedPhysBits
session
type
------------------------------------------------------------------------------
Part-2
Start an SEV launch security VM with 4GB RAM, 4GB+256MiB of hard_limit, with a couple of virtio devices:
Note: The IOMMU flag needs to be turned on with driver.iommu for virtio devices. Usage of --memtune is currently required because of SEV limitations, refer to libvirt docs for a detailed
explanation.
# virt-install \
--name foo \
--memory 4096 \
--boot uefi \
--machine q35 \
--memtune hard_limit=4563402 \
--disk size=15,target.bus=scsi \
--import \
--controller type=scsi,model=virtio-scsi,driver.iommu=on \
--controller type=virtio-serial,driver.iommu=on \
--network network=default,model=virtio,driver.iommu=on \
--rng driver,iommu=on \
--memballoon driver.iommu=on \
--launchSecurity sev
===Testing result: A typo issue found in "EXAMPLES", it should use '.' instead of ',' in string "--rng driver,iommu=on ".
What's more, we cannot use it like this, we need specify rng type in command, such as "--rng type=/dev/random,driver.iommu=on "
Actual results:
As description.
Expected results:
Fix it.
Additional info:
https://bugzilla.redhat.com/show_bug.cgi?id=1501608#c22
V2 posted upstream: https://www.redhat.com/archives/virt-tools-list/2019-August/msg00023.html
Try to verify this bug with new build:
libvirt-4.5.0-31.module+el8.1.0+3980+a02d9447.x86_64
virt-manager-2.2.1-2.el8.noarch
virt-install-2.2.1-2.el8.noarch
qemu-kvm-2.12.0-84.module+el8.1.0+3980+a02d9447.x86_64
Steps:
1. Document checking for sev in virt-install man page
# man virt-install
part-1
--launchSecurity TYPE[,OPTS]
Enable launch security for the guest, e.g. AMD SEV.
Use --launchSecurity=? to see a list of all available sub options. Complete details at
<https://libvirt.org/formatdomain.html#launchSecurity>. Example invocations:
part-2
virt-install \
--name foo \
--memory 4096 \
--boot uefi \
--machine q35 \
--memtune hard_limit=4563402 \
--disk size=15,target.bus=scsi \
--import \
--controller type=scsi,model=virtio-scsi,driver.iommu=on \
--controller type=virtio-serial,driver.iommu=on \
--network network=default,model=virtio,driver.iommu=on \
--rng /dev/random,driver.iommu=on \
--memballoon driver.iommu=on \
--launchSecurity sev
Result: All typo issues have been fixed('--launchSecurity' and '--rng /dev/random,driver.iommu=on \'), so I move this bug from ON_QA to VERIFIED, thanks.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://access.redhat.com/errata/RHSA-2019:3464
Description of problem: virt-install man page typo issue for "--launchSecurity" option Version-Release number of selected component (if applicable): kernel-4.18.0-128.el8.x86_64 virt-manager-2.2.1-1.el8.noarch libvirt-4.5.0-31.module+el8.1.0+3808+3325c1a3.x86_64 qemu-kvm-2.12.0-83.module+el8.1.0+3852+0ba8aef0.x86_64 python3-libvirt-4.5.0-2.module+el8.1.0+3531+2918145b.x86_64 How reproducible: 100% Steps to Reproduce: 1. Document checking for sev in virt-install man page # man virt-install ------------------------------------------------------------------------------ Part-1 --launch-security TYPE[,OPTS] Enable launch security for the guest, e.g. AMD SEV. Use --launch-security=? to see a list of all available sub options. Complete details at <https://libvirt.org/formatdomain.html#launchSecurity>. Example invocations: ===Testing result: No option "--launch-security", it should be "--launchSecurity" # virt-install --launch-security=? usage: virt-install --name NAME --memory MB STORAGE INSTALL [options] virt-install: error: unrecognized arguments: --launch-security=? # virt-install --launchSecurity=? --launchSecurity options: clearxml cbitpos dhCert policy reducedPhysBits session type ------------------------------------------------------------------------------ Part-2 Start an SEV launch security VM with 4GB RAM, 4GB+256MiB of hard_limit, with a couple of virtio devices: Note: The IOMMU flag needs to be turned on with driver.iommu for virtio devices. Usage of --memtune is currently required because of SEV limitations, refer to libvirt docs for a detailed explanation. # virt-install \ --name foo \ --memory 4096 \ --boot uefi \ --machine q35 \ --memtune hard_limit=4563402 \ --disk size=15,target.bus=scsi \ --import \ --controller type=scsi,model=virtio-scsi,driver.iommu=on \ --controller type=virtio-serial,driver.iommu=on \ --network network=default,model=virtio,driver.iommu=on \ --rng driver,iommu=on \ --memballoon driver.iommu=on \ --launchSecurity sev ===Testing result: A typo issue found in "EXAMPLES", it should use '.' instead of ',' in string "--rng driver,iommu=on ". What's more, we cannot use it like this, we need specify rng type in command, such as "--rng type=/dev/random,driver.iommu=on " Actual results: As description. Expected results: Fix it. Additional info: https://bugzilla.redhat.com/show_bug.cgi?id=1501608#c22 V2 posted upstream: https://www.redhat.com/archives/virt-tools-list/2019-August/msg00023.html