On Sun, Jul 04, 2021 at 09:16:59AM +0300, Dov Murik wrote:
> Hi Michael,
>
> [+cc Connor, Dave]
>
> On 03/07/2021 19:42, Michael S. Tsirkin wrote:
> > On Tue, May 25, 2021 at 06:59:31AM +, Dov Murik wrote:
> >> From: James Bottomley
> >>
> >> If the VM is using memory encryption and also spe
Hi Michael,
[+cc Connor, Dave]
On 03/07/2021 19:42, Michael S. Tsirkin wrote:
> On Tue, May 25, 2021 at 06:59:31AM +, Dov Murik wrote:
>> From: James Bottomley
>>
>> If the VM is using memory encryption and also specifies a kernel/initrd
>> or appended command line, calculate the hashes and
On Tue, May 25, 2021 at 06:59:31AM +, Dov Murik wrote:
> From: James Bottomley
>
> If the VM is using memory encryption and also specifies a kernel/initrd
> or appended command line, calculate the hashes and add them to the
> encrypted data. For this to work, OVMF must support an encrypted a
On 6/21/21 11:15 AM, Philippe Mathieu-Daudé wrote:
> On 6/21/21 10:44 AM, Thomas Huth wrote:
>> On 17/06/2021 17.48, Philippe Mathieu-Daudé wrote:
>> [...]
>>> This works, but I'd rather use:
>>>
>>> if (sev_enabled()) {
>>> sev_kernel_loader_calc_cmdline_hash(&sev_loader_context,
>>>
On 6/21/21 10:44 AM, Thomas Huth wrote:
> On 17/06/2021 17.48, Philippe Mathieu-Daudé wrote:
> [...]
>> This works, but I'd rather use:
>>
>> if (sev_enabled()) {
>> sev_kernel_loader_calc_cmdline_hash(&sev_loader_context,
>> kernel_cmdline);
>>
On 17/06/2021 17.48, Philippe Mathieu-Daudé wrote:
[...]
This works, but I'd rather use:
if (sev_enabled()) {
sev_kernel_loader_calc_cmdline_hash(&sev_loader_context,
kernel_cmdline);
}
And have sev_enabled() defined as:
#ifdef CONFIG_SEV
On Thu, Jun 17, 2021 at 3:17 PM Dov Murik wrote:
>
>
>
> On 17/06/2021 20:22, Eduardo Habkost wrote:
> > On Thu, Jun 17, 2021 at 03:48:52PM +0300, Dov Murik wrote:
> >>
> >>
> >> On 15/06/2021 22:53, Philippe Mathieu-Daudé wrote:
> >>> Hi Dov, James,
> >>>
> >>> +Connor who asked to be reviewer.
>
On 17/06/2021 20:22, Eduardo Habkost wrote:
> On Thu, Jun 17, 2021 at 03:48:52PM +0300, Dov Murik wrote:
>>
>>
>> On 15/06/2021 22:53, Philippe Mathieu-Daudé wrote:
>>> Hi Dov, James,
>>>
>>> +Connor who asked to be reviewer.
>>>
>>> On 6/15/21 5:20 PM, Eduardo Habkost wrote:
On Tue, May 25
Hi Dov,
+Thomas
On 6/17/21 2:48 PM, Dov Murik wrote:
> On 15/06/2021 22:53, Philippe Mathieu-Daudé wrote:
>> Hi Dov, James,
>>
>> +Connor who asked to be reviewer.
>>
>> On 6/15/21 5:20 PM, Eduardo Habkost wrote:
>>> On Tue, May 25, 2021 at 06:59:31AM +, Dov Murik wrote:
From: James Bott
On Thu, Jun 17, 2021 at 03:48:52PM +0300, Dov Murik wrote:
>
>
> On 15/06/2021 22:53, Philippe Mathieu-Daudé wrote:
> > Hi Dov, James,
> >
> > +Connor who asked to be reviewer.
> >
> > On 6/15/21 5:20 PM, Eduardo Habkost wrote:
> >> On Tue, May 25, 2021 at 06:59:31AM +, Dov Murik wrote:
> >
On 15/06/2021 22:53, Philippe Mathieu-Daudé wrote:
> Hi Dov, James,
>
> +Connor who asked to be reviewer.
>
> On 6/15/21 5:20 PM, Eduardo Habkost wrote:
>> On Tue, May 25, 2021 at 06:59:31AM +, Dov Murik wrote:
>>> From: James Bottomley
>>>
>>> If the VM is using memory encryption and als
Hi Eduardo,
On 15/06/2021 18:20, Eduardo Habkost wrote:
> On Tue, May 25, 2021 at 06:59:31AM +, Dov Murik wrote:
>> From: James Bottomley
>>
>> If the VM is using memory encryption and also specifies a kernel/initrd
>> or appended command line, calculate the hashes and add them to the
>> encr
Hi Dov, James,
+Connor who asked to be reviewer.
On 6/15/21 5:20 PM, Eduardo Habkost wrote:
> On Tue, May 25, 2021 at 06:59:31AM +, Dov Murik wrote:
>> From: James Bottomley
>>
>> If the VM is using memory encryption and also specifies a kernel/initrd
>> or appended command line, calculate t
On Tue, May 25, 2021 at 06:59:31AM +, Dov Murik wrote:
> From: James Bottomley
>
> If the VM is using memory encryption and also specifies a kernel/initrd
> or appended command line, calculate the hashes and add them to the
> encrypted data. For this to work, OVMF must support an encrypted a
ping
Reminder: this is to support secure (measured) boot with AMD SEV with
QEMU's -kernel/-initrd/-append switches.
The OVMF side of the implementation is under review (with some changes
requested), but so far no functional changes are exepcted from the QEMU
side, on top of this proposed patch.
On 25/05/2021 9:59, Dov Murik wrote:
> From: James Bottomley
>
> If the VM is using memory encryption and also specifies a kernel/initrd
> or appended command line, calculate the hashes and add them to the
> encrypted data. For this to work, OVMF must support an encrypted area
> to place the
From: James Bottomley
If the VM is using memory encryption and also specifies a kernel/initrd
or appended command line, calculate the hashes and add them to the
encrypted data. For this to work, OVMF must support an encrypted area
to place the data which is advertised via a special GUID in the O
17 matches
Mail list logo
