[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v4 03/14] migration.json: add AMD SEV specific migration para
From: |
Eric Blake |
Subject: |
Re: [PATCH v4 03/14] migration.json: add AMD SEV specific migration parameters |
Date: |
Thu, 5 Aug 2021 15:18:51 -0500 |
User-agent: |
NeoMutt/20210205-687-0ed190 |
On Wed, Aug 04, 2021 at 11:54:43AM +0000, Ashish Kalra wrote:
> From: Brijesh Singh <brijesh.singh@amd.com>
>
> AMD SEV migration flow requires that target machine's public Diffie-Hellman
> key (PDH) and certificate chain must be passed before initiating the guest
> migration. User can use QMP 'migrate-set-parameters' to pass the certificate
> chain. The certificate chain will be used while creating the outgoing
> encryption context.
>
> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
> Signed-off-by: Ashish Kalra <ashish.kalra@amd.com>
> ---
> +++ b/qapi/migration.json
> @@ -743,6 +743,15 @@
> # block device name if there is one, and to their
> node name
> # otherwise. (Since 5.2)
> #
> +# @sev-pdh: The target host platform diffie-hellman key encoded in base64
> +# (Since 4.2)
6.2, not 4.2.
> +#
> +# @sev-plat-cert: The target host platform certificate chain encoded in
> base64
> +# (Since 4.2)
And again; I'll quit pointing it out.
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
- [PATCH v4 00/14] Add SEV guest live migration support, Ashish Kalra, 2021/08/04
- [PATCH v4 01/14] doc: update AMD SEV API spec web link, Ashish Kalra, 2021/08/04
- [PATCH v4 02/14] doc: update AMD SEV to include Live migration flow, Ashish Kalra, 2021/08/04
- [PATCH v4 03/14] migration.json: add AMD SEV specific migration parameters, Ashish Kalra, 2021/08/04
- [PATCH v4 04/14] confidential guest support: introduce ConfidentialGuestMemoryEncryptionOps for encrypted VMs, Ashish Kalra, 2021/08/04
- [PATCH v4 05/14] target/i386: sev: provide callback to setup outgoing context, Ashish Kalra, 2021/08/04
- [PATCH v4 06/14] target/i386: sev: do not create launch context for an incoming guest, Ashish Kalra, 2021/08/04
- [PATCH v4 07/14] target/i386: sev: add support to encrypt the outgoing page, Ashish Kalra, 2021/08/04
- [PATCH v4 08/14] target/i386: sev: add support to load incoming encrypted page, Ashish Kalra, 2021/08/04