Richard W.M. Jones
2013-Dec-05 22:38 UTC
[Libguestfs] [PATCH] launch: direct: Pass -enable-fips option if qemu supports it.
From: "Richard W.M. Jones" <rjones@redhat.com>
---
src/launch-direct.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/src/launch-direct.c b/src/launch-direct.c
index f06bb23..58e4b1a 100644
--- a/src/launch-direct.c
+++ b/src/launch-direct.c
@@ -328,6 +328,13 @@ launch_direct (guestfs_h *g, void *datav, const char *arg)
ADD_CMDLINE (VIRTIO_BLK ".scsi=off");
}
+ /* This oddly named option doesn't actually enable FIPS. It just
+ * causes qemu to do the right thing if FIPS is enabled in the
+ * kernel. So like libvirt, we pass it unconditionally.
+ */
+ if (qemu_supports (g, data, "-enable-fips"))
+ ADD_CMDLINE ("-enable-fips");
+
if (qemu_supports (g, data, "-nodefconfig"))
ADD_CMDLINE ("-nodefconfig");
--
1.8.3.1
Possibly Parallel Threads
- [PATCH 1/2] launch: direct: Use a single -machine [type, ]accel=... option.
- [PATCH] lib: direct: Remove support for virtio-blk as the default.
- [PATCH] launch: direct: Add DAX root filesystem support.
- [PATCH] launch: switch from -nographic to -display none
- [PATCH v2 5/7] launch: direct: Remove dead code promising we were going to use virtio-console.
Wisdom of the Ancients
