]>
Commit | Line | Data |
---|---|---|
64d19f33 DG |
1 | Confidential Guest Support |
2 | ========================== | |
3 | ||
4 | Traditionally, hypervisors such as QEMU have complete access to a | |
5 | guest's memory and other state, meaning that a compromised hypervisor | |
6 | can compromise any of its guests. A number of platforms have added | |
7 | mechanisms in hardware and/or firmware which give guests at least some | |
8 | protection from a compromised hypervisor. This is obviously | |
9 | especially desirable for public cloud environments. | |
10 | ||
11 | These mechanisms have different names and different modes of | |
12 | operation, but are often referred to as Secure Guests or Confidential | |
13 | Guests. We use the term "Confidential Guest Support" to distinguish | |
14 | this from other aspects of guest security (such as security against | |
15 | attacks from other guests, or from network sources). | |
16 | ||
17 | Running a Confidential Guest | |
18 | ---------------------------- | |
19 | ||
20 | To run a confidential guest you need to add two command line parameters: | |
21 | ||
96a46def | 22 | 1. Use ``-object`` to create a "confidential guest support" object. The |
64d19f33 DG |
23 | type and parameters will vary with the specific mechanism to be |
24 | used | |
96a46def | 25 | 2. Set the ``confidential-guest-support`` machine parameter to the ID of |
64d19f33 DG |
26 | the object from (1). |
27 | ||
28 | Example (for AMD SEV):: | |
29 | ||
30 | qemu-system-x86_64 \ | |
31 | <other parameters> \ | |
32 | -machine ...,confidential-guest-support=sev0 \ | |
33 | -object sev-guest,id=sev0,cbitpos=47,reduced-phys-bits=1 | |
34 | ||
35 | Supported mechanisms | |
36 | -------------------- | |
37 | ||
38 | Currently supported confidential guest mechanisms are: | |
39 | ||
96a46def CH |
40 | * AMD Secure Encrypted Virtualization (SEV) (see :doc:`i386/amd-memory-encryption`) |
41 | * POWER Protected Execution Facility (PEF) (see :ref:`power-papr-protected-execution-facility-pef`) | |
42 | * s390x Protected Virtualization (PV) (see :doc:`s390x/protvirt`) | |
651615d9 | 43 | |
64d19f33 | 44 | Other mechanisms may be supported in future. |