projects / qemu.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 70943ad) | patch
hw/i386/sev: Add support to encrypt BIOS when SEV-SNP is enabled
authorBrijesh Singh <brijesh.singh@amd.com>
Thu, 30 May 2024 11:16:36 +0000 (06:16 -0500)
committerPaolo Bonzini <pbonzini@redhat.com>
Wed, 5 Jun 2024 09:01:06 +0000 (11:01 +0200)
commit77d1abd91e5352ad30ae2f83790f95fa6a3c0b6b
tree1530ea0735909bf80044948b0209647f726f3cf0tree | snapshot
parent70943ad8e4dfbe5f77006b880290219be9d03553commit | diff
hw/i386/sev: Add support to encrypt BIOS when SEV-SNP is enabled

As with SEV, an SNP guest requires that the BIOS be part of the initial
encrypted/measured guest payload. Extend sev_encrypt_flash() to handle
the SNP case and plumb through the GPA of the BIOS location since this
is needed for SNP.

Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Michael Roth <michael.roth@amd.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@amd.com>
Message-ID: <20240530111643.1091816-25-pankaj.gupta@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
hw/i386/pc_sysfw.c diff | blob | history
hw/i386/x86-common.c diff | blob | history
include/hw/i386/x86.h diff | blob | history
target/i386/sev-sysemu-stub.c diff | blob | history
target/i386/sev.c diff | blob | history
target/i386/sev.h diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.