Re: [RFC PATCH 0/6] Add AMD Secure Nested Paging (SEV-SNP) support

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RFC PATCH 0/6] Add AMD Secure Nested Paging (SEV-SNP) support

From:	Dr. David Alan Gilbert
Subject:	Re: [RFC PATCH 0/6] Add AMD Secure Nested Paging (SEV-SNP) support
Date:	Wed, 14 Jul 2021 10:52:21 +0100
User-agent:	Mutt/2.0.7 (2021-05-04)

* Brijesh Singh (brijesh.singh@amd.com) wrote:
> 
> 
> On 7/13/21 3:05 AM, Dov Murik wrote:>
> > Particularly confusing is the `policy` attribute which is only relevant
> > for SEV / SEV-ES, while there's a new `snp.policy` attribute for SNP...
> > Maybe the irrelevant attributes should not be added to the tree when not
> > in SNP.
> 
> The policy fields are also applicable to the SNP. The main difference are:
> 
> - in SEV/SEV-ES the policy is 32-bit compare to 64-bit value in SEV-SNP.
> However, for SEV-SNP spec uses lower 32-bit value and higher bits are marked
> reserved.
> 
> - the bit field meaning are different

Ah, I see that from the SNP ABI spec (section 4.3).

That's a bit subtle; in that at the moment we select SEV or SEV-ES based
on the existing guest policy flags; I think you're saying that SEV-SNP
is enabled by the user explicitly.

> Based on this, we can introduce a new filed 'snp-policy'.

Yes, people are bound to confuse them if they're not clearly separated;
although I guess whatever comes after SNP will probably share that
longer field?

Dave

> -Brijesh
> 
-- 
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [RFC PATCH 2/6] i386/sev: extend sev-guest property to include SEV-SNP, (continued)
- [RFC PATCH 3/6] i386/sev: initialize SNP context, Brijesh Singh, 2021/07/09
- [RFC PATCH 4/6] i386/sev: add the SNP launch start context, Brijesh Singh, 2021/07/09
- [RFC PATCH 5/6] i386/sev: add support to encrypt BIOS when SEV-SNP is enabled, Brijesh Singh, 2021/07/09
- [RFC PATCH 6/6] i386/sev: populate secrets and cpuid page and finalize the SNP launch, Brijesh Singh, 2021/07/09
- Re: [RFC PATCH 0/6] Add AMD Secure Nested Paging (SEV-SNP) support, Tom Lendacky, 2021/07/12
- Re: [RFC PATCH 0/6] Add AMD Secure Nested Paging (SEV-SNP) support, Dov Murik, 2021/07/13
  - Re: [RFC PATCH 0/6] Add AMD Secure Nested Paging (SEV-SNP) support, Dr. David Alan Gilbert, 2021/07/13
    - Re: [RFC PATCH 0/6] Add AMD Secure Nested Paging (SEV-SNP) support, Brijesh Singh, 2021/07/13
  - Re: [RFC PATCH 0/6] Add AMD Secure Nested Paging (SEV-SNP) support, Brijesh Singh, 2021/07/13
    - Re: [RFC PATCH 0/6] Add AMD Secure Nested Paging (SEV-SNP) support, Dr. David Alan Gilbert <=
    - Re: [RFC PATCH 0/6] Add AMD Secure Nested Paging (SEV-SNP) support, Brijesh Singh, 2021/07/14

Prev by Date: [PATCH v1 15/21] contrib/gitdm: add domain-map for ZTE
Next by Date: [PATCH v1 17/21] contrib/gitdm: add domain-map for NVIDIA
Previous by thread: Re: [RFC PATCH 0/6] Add AMD Secure Nested Paging (SEV-SNP) support
Next by thread: Re: [RFC PATCH 0/6] Add AMD Secure Nested Paging (SEV-SNP) support
Index(es):
- Date
- Thread