On Fri, Jan 15, 2021 at 04:36:46PM +0100, Cornelia Huck wrote: > On Thu, 14 Jan 2021 10:58:07 +1100 > David Gibson wrote: > > > Now that we've implemented a generic machine option for configuring various > > confidential guest support mechanisms: > > 1. Update docs/amd-memory-encryption.txt to reference this rather than > > the earlier SEV specific option > > 2. Add a docs/confidential-guest-support.txt to cover the generalities of > > the confidential guest support scheme > > > > Signed-off-by: David Gibson > > --- > > docs/amd-memory-encryption.txt | 2 +- > > docs/confidential-guest-support.txt | 43 +++++++++++++++++++++++++++++ > > 2 files changed, 44 insertions(+), 1 deletion(-) > > create mode 100644 docs/confidential-guest-support.txt > > > > diff --git a/docs/amd-memory-encryption.txt b/docs/amd-memory-encryption.txt > > index 80b8eb00e9..145896aec7 100644 > > --- a/docs/amd-memory-encryption.txt > > +++ b/docs/amd-memory-encryption.txt > > @@ -73,7 +73,7 @@ complete flow chart. > > To launch a SEV guest > > > > # ${QEMU} \ > > - -machine ...,memory-encryption=sev0 \ > > + -machine ...,confidential-guest-support=sev0 \ > > -object sev-guest,id=sev0,cbitpos=47,reduced-phys-bits=1 > > > > Debugging > > diff --git a/docs/confidential-guest-support.txt b/docs/confidential-guest-support.txt > > new file mode 100644 > > index 0000000000..2790425b38 > > --- /dev/null > > +++ b/docs/confidential-guest-support.txt > > Maybe make this a proper .rst from the start and hook this up into the > system guide? It is already almost there. Hrm. I considered it, but didn't really want to spend the time integrating it into the overall structure of the system guide. I kind of want to get this dang thing wrapped up. > > > @@ -0,0 +1,43 @@ > > +Confidential Guest Support > > +========================== > > + > > +Traditionally, hypervisors such as qemu have complete access to a > > s/qemu/QEMU/ ? Fixed. > > > +guest's memory and other state, meaning that a compromised hypervisor > > +can compromise any of its guests. A number of platforms have added > > +mechanisms in hardware and/or firmware which give guests at least some > > +protection from a compromised hypervisor. This is obviously > > +especially desirable for public cloud environments. > > + > > +These mechanisms have different names and different modes of > > +operation, but are often referred to as Secure Guests or Confidential > > +Guests. We use the term "Confidential Guest Support" to distinguish > > +this from other aspects of guest security (such as security against > > +attacks from other guests, or from network sources). > > + > > +Running a Confidential Guest > > +---------------------------- > > + > > +To run a confidential guest you need to add two command line parameters: > > + > > +1. Use "-object" to create a "confidential guest support" object. The > > + type and parameters will vary with the specific mechanism to be > > + used > > +2. Set the "confidential-guest-support" machine parameter to the ID of > > + the object from (1). > > + > > +Example (for AMD SEV):: > > + > > + qemu-system-x86_64 \ > > + \ > > + -machine ...,confidential-guest-support=sev0 \ > > + -object sev-guest,id=sev0,cbitpos=47,reduced-phys-bits=1 > > + > > +Supported mechanisms > > +-------------------- > > + > > +Currently supported confidential guest mechanisms are: > > + > > +AMD Secure Encrypted Virtualization (SEV) > > + docs/amd-memory-encryption.txt > > + > > +Other mechanisms may be supported in future. > > LGTM. > -- David Gibson | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_ | _way_ _around_! http://www.ozlabs.org/~dgibson