Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-129673

Domain capabilities always reports TDX is supported

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • rhel-10.1
    • libvirt / General
    • None
    • Yes
    • Important
    • 1
    • rhel-virt-core-libvirt-1
    • None
    • False
    • False
    • Hide

      None

      Show
      None
    • None
    • Libvirt Bugs already in Sprint
    • None
    • None
    • Unspecified
    • Unspecified
    • Unspecified
    • x86_64
    • None

      What were you trying to do that didn't work?

      On an AMD EPYC host I queried whether SEV was available and got told that TDX was available too

      # virsh domcapabilities  --xpath //launchSecurity
<launchSecurity supported="yes">
  <enum name="sectype">
    <value>sev</value>
    <value>sev-snp</value>
    <value>tdx</value>
  </enum>
</launchSecurity>

      What is the impact of this issue to you?

      Management applications incorrectly beleive that guests can be created using TDX

      Please provide the package NVR for which the bug is seen:

      libvirt-11.5.0-4.1.el10_1.x86_64

      How reproducible is this bug?:

      Always

      Steps to reproduce

      1. virsh domcapabilities --xpath //launchSecurity

      Expected results

      TDX is ONLY reported as available if TDX is available.

      Actual results

      TDX is always reported as available if QEMU has TDX compiled in.

              rhn-engineering-berrange Daniel Berrangé
              rhn-engineering-berrange Daniel Berrangé
              virt-maint virt-maint
              virt-bugs virt-bugs
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated: