Description of problem: From https://bugzilla.redhat.com/show_bug.cgi?id=2103630#c15 Larry Dewey notes that the Genoa certificates were added to sev. We should backport this into sevctl for the current release. So let's include https://github.com/virtee/sev/pull/50 after we've completed the rebase bug 2135744
Given some issues building a backported patch, we'll just move this to 9.3.0 for now and have it addressed by rebase. If something changes, we can always move it back to 9.2.0.
@zixchen Hello. Yes, I'm planning to rebase sevctl on 9.3 within the week. This issue would be fixed with this rebase.
Moving to POST making dependent upon rebase bug 2222104
Verify genoa cert fix with sevctl-0.4.1-2.el9.x86_64, no issue on this feature. Version: sevctl-0.4.1-2.el9.x86_64 Steps: https://bugzilla.redhat.com/show_bug.cgi?id=2222104#c13 verifies the new sevctl functions on Genoa. Regression test on Genoa: https://beaker-archive.hosts.prod.psi.bos.redhat.com/beaker-logs/2023/07/80876/8087612/14257789/163096533/taskout.log, failed cases is discussed on rebase bug bz2222104 Enable SNP on a Genoa host. # sevctl ok [ PASS ] - AMD CPU [ PASS ] - Microcode support [ PASS ] - Secure Memory Encryption (SME) [ PASS ] - Secure Encrypted Virtualization (SEV) [ PASS ] - Encrypted State (SEV-ES) [ PASS ] - Secure Nested Paging (SEV-SNP) [ PASS ] - VM Permission Levels [ PASS ] - Number of VMPLs: 4 [ PASS ] - Physical address bit reduction: 5 [ PASS ] - C-bit location: 51 [ PASS ] - Number of encrypted guests supported simultaneously: 509 [ PASS ] - Minimum ASID value for SEV-enabled, SEV-ES disabled guest: 100 [ PASS ] - SEV enabled in KVM: enabled [ PASS ] - SEV-ES enabled in KVM: enabled [ PASS ] - Reading /dev/sev: /dev/sev readable [ PASS ] - Writing /dev/sev: /dev/sev writable [ PASS ] - Page flush MSR: ENABLED [ PASS ] - KVM supported: API version: 12 [ PASS ] - Memlock resource limit: Soft: 8388608 | Hard: 8388608
Since rebase bug includes all commits needed in this bug, close this as CURRENTRELEASE