Add support for enabling Secure Encrypted Virtualization in the GUI
Boris Fiuczynski
fiuczy at linux.ibm.com
Mon Apr 4 16:21:42 UTC 2022
On 4/4/22 5:48 PM, Charles Arnold wrote:
> On 4/4/22 8:37 AM, Boris Fiuczynski wrote:
>> On 4/4/22 2:50 PM, Daniel P. Berrangé wrote:
>>> On Fri, Apr 01, 2022 at 12:13:17PM -0600, Charles Arnold wrote:
>>>> From d700e8cee7cd525c0022b5a9a440f64c4ab149f0 Mon Sep 17 00:00:00 2001
>>>> From: Charles Arnold <carnold at suse.com>
>>>> Date: Fri, 1 Apr 2022 12:01:21 -0600
>>>> Subject: [PATCH 1/1] Add support for enabling Secure Encrypted
>>>> Virtualization
>>>> in the GUI
>>>>
>>>> Add an "Enable Launch Security" checkbox on the Details memory tab.
>>>> Do the minimal configuration required for libvirt to enable this
>>>> feature
>>>> on compatible hardware.
>>>>
>>>
>>> Don't we need to turn on the 'iommu' option for all virtio devices
>>> too, and disable PXE on any NICs ?
>>>
>>> https://libvirt.org/kbase/launch_security_sev.html#virtio
>>>
>>> With regards,
>>> Daniel
>>>
>>
>> Hi Arnold,
>> your patch does not take into account that libvirt uses launch
>> security for more types besides sev.
>>
>>
> Good point. I haven't taken into account the s390 case which I can correct.
> I'm not aware of other launch security types besides those two.
>
> - Charles
>
There has been a patch series for TDX on the mailing list in July 2021
but I am not sure what finally happened to it.
https://listman.redhat.com/archives/libvir-list/2021-July/221098.html
--
Mit freundlichen Grüßen/Kind regards
Boris Fiuczynski
IBM Deutschland Research & Development GmbH
Vorsitzender des Aufsichtsrats: Gregor Pillen
Geschäftsführung: David Faller
Sitz der Gesellschaft: Böblingen
Registergericht: Amtsgericht Stuttgart, HRB 243294
More information about the virt-tools-list
mailing list