All of lore.kernel.org
 help / color / mirror / Atom feed
From: Laszlo Ersek <lersek@redhat.com>
To: Tom Lendacky <thomas.lendacky@amd.com>, qemu-devel@nongnu.org
Cc: Pavel Hrdina <phrdina@redhat.com>,
	"Daniel P . Berrange" <berrange@redhat.com>,
	Eduardo Habkost <ehabkost@redhat.com>,
	Michal Privoznik <mprivozn@redhat.com>,
	"Dr. David Alan Gilbert" <dgilbert@redhat.com>,
	Brijesh Singh <brijesh.singh@amd.com>,
	Paolo Bonzini <pbonzini@redhat.com>
Subject: Re: [PATCH v2 3/3] docs/interop/firmware.json: Add SEV-ES support
Date: Mon, 26 Apr 2021 14:39:42 +0200	[thread overview]
Message-ID: <8e7010dc-0920-eb49-8b61-d047c05176aa@redhat.com> (raw)
In-Reply-To: <b941a7ee105dfeb67607cf2d24dafcb82658b212.1619208498.git.thomas.lendacky@amd.com>

On 04/23/21 22:08, Tom Lendacky wrote:
> From: Tom Lendacky <thomas.lendacky@amd.com>
> 
> Create an enum definition, '@amd-sev-es', for SEV-ES and add documention
> for the new enum. Add an example that shows some of the requirements for
> SEV-ES, including not having SMM support and the requirement for an
> X64-only build.
> 
> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
> ---
>  docs/interop/firmware.json | 47 +++++++++++++++++++++++++++++++++++++-
>  1 file changed, 46 insertions(+), 1 deletion(-)
> 
> diff --git a/docs/interop/firmware.json b/docs/interop/firmware.json
> index 9d94ccafa9..8d8b0be030 100644
> --- a/docs/interop/firmware.json
> +++ b/docs/interop/firmware.json
> @@ -115,6 +115,12 @@
>  #           this feature are documented in
>  #           "docs/amd-memory-encryption.txt".
>  #
> +# @amd-sev-es: The firmware supports running under AMD Secure Encrypted
> +#              Virtualization - Encrypted State, as specified in the AMD64
> +#              Architecture Programmer's Manual. QEMU command line options
> +#              related to this feature are documented in
> +#              "docs/amd-memory-encryption.txt".
> +#
>  # @enrolled-keys: The variable store (NVRAM) template associated with
>  #                 the firmware binary has the UEFI Secure Boot
>  #                 operational mode turned on, with certificates
> @@ -179,7 +185,7 @@
>  # Since: 3.0
>  ##
>  { 'enum' : 'FirmwareFeature',
> -  'data' : [ 'acpi-s3', 'acpi-s4', 'amd-sev', 'enrolled-keys',
> +  'data' : [ 'acpi-s3', 'acpi-s4', 'amd-sev', 'amd-sev-es', 'enrolled-keys',
>               'requires-smm', 'secure-boot', 'verbose-dynamic',
>               'verbose-static' ] }
>  
> @@ -504,6 +510,45 @@
>  # }
>  #
>  # {
> +#     "description": "OVMF with SEV-ES support",
> +#     "interface-types": [
> +#         "uefi"
> +#     ],
> +#     "mapping": {
> +#         "device": "flash",
> +#         "executable": {
> +#             "filename": "/usr/share/OVMF/OVMF_CODE.fd",
> +#             "format": "raw"
> +#         },
> +#         "nvram-template": {
> +#             "filename": "/usr/share/OVMF/OVMF_VARS.fd",
> +#             "format": "raw"
> +#         }
> +#     },
> +#     "targets": [
> +#         {
> +#             "architecture": "x86_64",
> +#             "machines": [
> +#                 "pc-q35-*"
> +#             ]
> +#         }
> +#     ],
> +#     "features": [
> +#         "acpi-s3",
> +#         "amd-sev",
> +#         "amd-sev-es",
> +#         "verbose-dynamic"
> +#     ],
> +#     "tags": [
> +#         "-a X64",
> +#         "-p OvmfPkg/OvmfPkgX64.dsc",
> +#         "-t GCC48",
> +#         "-b DEBUG",
> +#         "-D FD_SIZE_4MB"
> +#     ]
> +# }
> +#
> +# {
>  #     "description": "UEFI firmware for ARM64 virtual machines",
>  #     "interface-types": [
>  #         "uefi"
> 

Reviewed-by: Laszlo Ersek <lersek@redhat.com>

Thanks!
Laszlo



  reply	other threads:[~2021-04-26 12:40 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-04-23 20:08 [PATCH v2 1/3] doc: Fix some mistakes in the SEV documentation Tom Lendacky
2021-04-23 20:08 ` [PATCH v2 2/3] docs: Add SEV-ES documentation to amd-memory-encryption.txt Tom Lendacky
2021-04-26 12:33   ` Laszlo Ersek
2021-04-23 20:08 ` [PATCH v2 3/3] docs/interop/firmware.json: Add SEV-ES support Tom Lendacky
2021-04-26 12:39   ` Laszlo Ersek [this message]
2021-04-26 12:11 ` [PATCH v2 1/3] doc: Fix some mistakes in the SEV documentation Laszlo Ersek
2021-06-02 19:19 ` Tom Lendacky
2021-06-03  8:29   ` Laszlo Ersek
2021-06-03 19:54     ` Eduardo Habkost
2021-06-02 20:07 ` Connor Kuehl

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=8e7010dc-0920-eb49-8b61-d047c05176aa@redhat.com \
    --to=lersek@redhat.com \
    --cc=berrange@redhat.com \
    --cc=brijesh.singh@amd.com \
    --cc=dgilbert@redhat.com \
    --cc=ehabkost@redhat.com \
    --cc=mprivozn@redhat.com \
    --cc=pbonzini@redhat.com \
    --cc=phrdina@redhat.com \
    --cc=qemu-devel@nongnu.org \
    --cc=thomas.lendacky@amd.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.