]>
Commit | Line | Data |
---|---|---|
64d19f33 DG |
1 | Confidential Guest Support |
2 | ========================== | |
3 | ||
4 | Traditionally, hypervisors such as QEMU have complete access to a | |
5 | guest's memory and other state, meaning that a compromised hypervisor | |
6 | can compromise any of its guests. A number of platforms have added | |
7 | mechanisms in hardware and/or firmware which give guests at least some | |
8 | protection from a compromised hypervisor. This is obviously | |
9 | especially desirable for public cloud environments. | |
10 | ||
11 | These mechanisms have different names and different modes of | |
12 | operation, but are often referred to as Secure Guests or Confidential | |
13 | Guests. We use the term "Confidential Guest Support" to distinguish | |
14 | this from other aspects of guest security (such as security against | |
15 | attacks from other guests, or from network sources). | |
16 | ||
17 | Running a Confidential Guest | |
18 | ---------------------------- | |
19 | ||
20 | To run a confidential guest you need to add two command line parameters: | |
21 | ||
22 | 1. Use "-object" to create a "confidential guest support" object. The | |
23 | type and parameters will vary with the specific mechanism to be | |
24 | used | |
25 | 2. Set the "confidential-guest-support" machine parameter to the ID of | |
26 | the object from (1). | |
27 | ||
28 | Example (for AMD SEV):: | |
29 | ||
30 | qemu-system-x86_64 \ | |
31 | <other parameters> \ | |
32 | -machine ...,confidential-guest-support=sev0 \ | |
33 | -object sev-guest,id=sev0,cbitpos=47,reduced-phys-bits=1 | |
34 | ||
35 | Supported mechanisms | |
36 | -------------------- | |
37 | ||
38 | Currently supported confidential guest mechanisms are: | |
39 | ||
40 | AMD Secure Encrypted Virtualization (SEV) | |
41 | docs/amd-memory-encryption.txt | |
42 | ||
6c8ebe30 DG |
43 | POWER Protected Execution Facility (PEF) |
44 | docs/papr-pef.txt | |
45 | ||
64d19f33 | 46 | Other mechanisms may be supported in future. |