motorhead/qemu
1
0
Fork 0
mirror of https://github.com/Motorhead1991/qemu.git synced 2025-08-07 17:53:56 -06:00
Code Issues Projects Releases Packages Wiki Activity Actions

sev: add sev-inject-launch-secret

Browse source 
AMD SEV allows a guest owner to inject a secret blob
into the memory of a virtual machine. The secret is
encrypted with the SEV Transport Encryption Key and
integrity is guaranteed with the Transport Integrity
Key. Although QEMU facilitates the injection of the
launch secret, it cannot access the secret.

Signed-off-by: Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>
Message-Id: <20201027170303.47550-1-tobin@linux.ibm.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
This commit is contained in:
Tobin Feldman-Fitzthum 2020-10-27 13:03:03 -04:00 committed by Eduardo Habkost
parent 1bf8b88f14
commit c7f7e6970d
8 changed files with 114 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

7
target/i386/monitor.c
View file

@ -729,3 +729,10 @@ SevCapability *qmp_query_sev_capabilities(Error **errp)
{
return sev_get_capabilities(errp);
}
void qmp_sev_inject_launch_secret(const char *packet_hdr,
const char *secret, uint64_t gpa,
Error **errp)
{
sev_inject_launch_secret(packet_hdr, secret, gpa, errp);
}