Google Git
Sign in
qemu / qemu / 70943ad8e4dfbe5f77006b880290219be9d03553
commit70943ad8e4dfbe5f77006b880290219be9d03553[log] [tgz]
authorMichael Roth <michael.roth@amd.com>Thu May 30 06:16:32 2024 -0500
committerPaolo Bonzini <pbonzini@redhat.com>Wed Jun 05 11:01:06 2024 +0200
tree425432d99d7801a45d261852f7ac086daf597e4c
parent3d8c2a7f4806ff39423312e503737fd76c34dcae [diff]
i386/sev: Add support for SNP CPUID validation

SEV-SNP firmware allows a special guest page to be populated with a
table of guest CPUID values so that they can be validated through
firmware before being loaded into encrypted guest memory where they can
be used in place of hypervisor-provided values[1].

As part of SEV-SNP guest initialization, use this interface to validate
the CPUID entries reported by KVM_GET_CPUID2 prior to initial guest
start and populate the CPUID page reserved by OVMF with the resulting
encrypted data.

[1] SEV SNP Firmware ABI Specification, Rev. 0.8, 8.13.2.6

Signed-off-by: Michael Roth <michael.roth@amd.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@amd.com>
Message-ID: <20240530111643.1091816-21-pankaj.gupta@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
1 file changed
tree: 425432d99d7801a45d261852f7ac086daf597e4c
  1. .github/
  2. .gitlab/
  3. .gitlab-ci.d/
  4. accel/
  5. audio/
  6. authz/
  7. backends/
  8. block/
  9. bsd-user/
  10. chardev/
  11. common-user/
  12. configs/
  13. contrib/
  14. crypto/
  15. disas/
  16. docs/
  17. dump/
  18. ebpf/
  19. fpu/
  20. fsdev/
  21. gdb-xml/
  22. gdbstub/
  23. host/
  24. hw/
  25. include/
  26. io/
  27. libdecnumber/
  28. linux-headers/
  29. linux-user/
  30. migration/
  31. monitor/
  32. nbd/
  33. net/
  34. pc-bios/
  35. plugins/
  36. po/
  37. python/
  38. qapi/
  39. qga/
  40. qobject/
  41. qom/
  42. replay/
  43. roms/
  44. scripts/
  45. scsi/
  46. semihosting/
  47. stats/
  48. storage-daemon/
  49. stubs/
  50. subprojects/
  51. system/
  52. target/
  53. tcg/
  54. tests/
  55. tools/
  56. trace/
  57. ui/
  58. util/
  59. .dir-locals.el
  60. .editorconfig
  61. .exrc
  62. .gdbinit
  63. .git-blame-ignore-revs
  64. .gitattributes
  65. .gitignore
  66. .gitlab-ci.yml
  67. .gitmodules
  68. .gitpublish
  69. .mailmap
  70. .patchew.yml
  71. .readthedocs.yml
  72. .travis.yml
  73. block.c
  74. blockdev-nbd.c
  75. blockdev.c
  76. blockjob.c
  77. configure
  78. COPYING
  79. COPYING.LIB
  80. cpu-common.c
  81. cpu-target.c
  82. event-loop-base.c
  83. gitdm.config
  84. hmp-commands-info.hx
  85. hmp-commands.hx
  86. iothread.c
  87. job-qmp.c
  88. job.c
  89. Kconfig
  90. Kconfig.host
  91. LICENSE
  92. MAINTAINERS
  93. Makefile
  94. meson.build
  95. meson_options.txt
  96. module-common.c
  97. os-posix.c
  98. os-win32.c
  99. page-target.c
  100. page-vary-common.c
  101. page-vary-target.c
  102. pythondeps.toml
  103. qemu-bridge-helper.c
  104. qemu-edid.c
  105. qemu-img-cmds.hx
  106. qemu-img.c
  107. qemu-io-cmds.c
  108. qemu-io.c
  109. qemu-keymap.c
  110. qemu-nbd.c
  111. qemu-options.hx
  112. qemu.nsi
  113. qemu.sasl
  114. README.rst
  115. replication.c
  116. trace-events
  117. VERSION
  118. version.rc