Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add handling VBS known issue on ESXi 7.0.3 #429

Merged
merged 17 commits into from
Apr 12, 2023

Conversation

Tomorrow9
Copy link
Member

  1. Add check available security properties in guest OS, missing 5 on ESXi 7.0.3, which is known issue and will be fixed in next patch release.
  2. Add check credential guard and HVCI services running.

@Tomorrow9 Tomorrow9 added this to the v2.3 milestone Mar 2, 2023
@Tomorrow9 Tomorrow9 force-pushed the fix_vbs_known_issue branch from d0c1708 to 41e84e4 Compare April 10, 2023 05:49
@Tomorrow9 Tomorrow9 changed the title [WIP] Add handling VBS known issue on ESXi 7.0.3 Add handling VBS known issue on ESXi 7.0.3 Apr 11, 2023
Signed-off-by: Diane Wang <dianew@vmware.com>
Signed-off-by: Diane Wang <dianew@vmware.com>
Signed-off-by: Diane Wang <dianew@vmware.com>
Signed-off-by: Diane Wang <dianew@vmware.com>
Signed-off-by: Diane Wang <dianew@vmware.com>
Signed-off-by: Diane Wang <dianew@vmware.com>
Signed-off-by: Diane Wang <dianew@vmware.com>
Signed-off-by: Diane Wang <dianew@vmware.com>
Signed-off-by: Diane Wang <dianew@vmware.com>
Signed-off-by: Diane Wang <dianew@vmware.com>
Signed-off-by: Diane Wang <dianew@vmware.com>
Signed-off-by: Diane Wang <dianew@vmware.com>
Signed-off-by: Diane Wang <dianew@vmware.com>
@Tomorrow9 Tomorrow9 force-pushed the fix_vbs_known_issue branch from 62a2670 to d4ec4db Compare April 11, 2023 06:34
Signed-off-by: Diane Wang <dianew@vmware.com>
@Tomorrow9
Copy link
Member Author

known_issues.log

2023-04-11 07:35:25,011 | Known Issue in Play [3_vbs_enable_disable] *****************

2023-04-11 07:35:25,011 | TASK [3_vbs_enable_disable][Known issue - NX protections are not present in AvailableSecurityProperties on ESXi 7.0.3] 
task path: /home/worker/workspace/Ansible_Windows_Server_LTSC_Physical_70U3_LSILOGICSAS_E1000E_EFI/ansible-vsphere-gos-validation/windows/vbs_enable_disable/vbs_enable_test.yml:63
ok: [localhost] => {
    "msg": [
        "NX protections are not present in guest OS 'AvailableSecurityProperties' issue exists on ESXi 7.0.3 build 21313628, which is fixed in ESXi 7.0U3L patch build 21424296. Please refer to KB article: https://kb.vmware.com/s/article/91199."
    ]
}

@Tomorrow9 Tomorrow9 requested review from keirazhang and 123lzxm April 11, 2023 07:50
windows/utils/win_get_dg_security_properties.yml Outdated Show resolved Hide resolved
windows/vbs_enable_disable/vbs_disable_test.yml Outdated Show resolved Hide resolved
windows/vbs_enable_disable/vbs_disable_test.yml Outdated Show resolved Hide resolved
windows/vbs_enable_disable/vbs_enable_test.yml Outdated Show resolved Hide resolved
windows/vbs_enable_disable/vbs_enable_test.yml Outdated Show resolved Hide resolved
windows/vbs_enable_disable/vbs_enable_test.yml Outdated Show resolved Hide resolved
windows/vbs_enable_disable/vbs_enable_test.yml Outdated Show resolved Hide resolved
Signed-off-by: Diane Wang <dianew@vmware.com>
Signed-off-by: Diane Wang <dianew@vmware.com>
keirazhang
keirazhang previously approved these changes Apr 12, 2023
Copy link
Contributor

@keirazhang keirazhang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Thanks

Signed-off-by: Diane Wang <dianew@vmware.com>
@Tomorrow9 Tomorrow9 merged commit 1cd0d11 into vmware:main Apr 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants