Re: [RFC PATCH 3/6] i386/sev: initialize SNP context

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RFC PATCH 3/6] i386/sev: initialize SNP context

From:	Brijesh Singh
Subject:	Re: [RFC PATCH 3/6] i386/sev: initialize SNP context
Date:	Thu, 15 Jul 2021 08:24:25 -0500
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0



On 7/15/21 4:32 AM, Dov Murik wrote:


Just making sure I understand:

* sev_enabled() returns true for SEV or newer (SEV or SEV-ES or
   SEV-SNP).
* sev_es_enabled() returns true for SEV-ES or newer (SEV-ES or SEV-SNP).
* sev_snp_enabled() returns true for SEV-SNP or newer (currently only
   SEV-SNP).

Is that indeed the intention?

Yes. The SEV-SNP support requires the SEV and SEV-ES to be enabled. Seethe text from the APM vol2 section 15.36.


        The SEV-SNP features enable additional protection for encrypted
        VMs designed to achieve stronger isolation from the hypervisor.
        SEV-SNP is used with the SEV and SEV-ES features described in
        Section 15.34 and Section 15.35 respectively and requires the
        enablement and use of these features.

thanks

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [RFC PATCH 2/6] i386/sev: extend sev-guest property to include SEV-SNP, (continued)
- [RFC PATCH 3/6] i386/sev: initialize SNP context, Brijesh Singh, 2021/07/09
  - Re: [RFC PATCH 3/6] i386/sev: initialize SNP context, Dov Murik, 2021/07/15
    - Re: [RFC PATCH 3/6] i386/sev: initialize SNP context, Brijesh Singh <=
- [RFC PATCH 4/6] i386/sev: add the SNP launch start context, Brijesh Singh, 2021/07/09
  - Re: [RFC PATCH 4/6] i386/sev: add the SNP launch start context, Dov Murik, 2021/07/19
    - Re: [RFC PATCH 4/6] i386/sev: add the SNP launch start context, Brijesh Singh, 2021/07/19
- [RFC PATCH 5/6] i386/sev: add support to encrypt BIOS when SEV-SNP is enabled, Brijesh Singh, 2021/07/09
  - Re: [RFC PATCH 5/6] i386/sev: add support to encrypt BIOS when SEV-SNP is enabled, Connor Kuehl, 2021/07/14
    - Re: [RFC PATCH 5/6] i386/sev: add support to encrypt BIOS when SEV-SNP is enabled, Brijesh Singh, 2021/07/14
    - Re: [RFC PATCH 5/6] i386/sev: add support to encrypt BIOS when SEV-SNP is enabled, Dov Murik, 2021/07/15
  - Re: [RFC PATCH 5/6] i386/sev: add support to encrypt BIOS when SEV-SNP is enabled, Dov Murik, 2021/07/19
- [RFC PATCH 6/6] i386/sev: populate secrets and cpuid page and finalize the SNP launch, Brijesh Singh, 2021/07/09
  - Re: [RFC PATCH 6/6] i386/sev: populate secrets and cpuid page and finalize the SNP launch, Dr. David Alan Gilbert, 2021/07/14

Prev by Date: [PATCH] target/i386/cpu: Use the KVM reported value for the number of ASIDs
Next by Date: Re: [RFC PATCH 0/6] job: replace AioContext lock with job_mutex
Previous by thread: Re: [RFC PATCH 3/6] i386/sev: initialize SNP context
Next by thread: [RFC PATCH 4/6] i386/sev: add the SNP launch start context
Index(es):
- Date
- Thread