On 6/20/24 17:19, Jonathon Jongsma wrote: > On 6/20/24 6:22 AM, Michal Privoznik wrote: >> SEV-SNP support just landed in QEMU. Here is the first round of patches >> to incorporate support into libvirt. >> >> TODOs (aka problems of future me): >> >> - Teach tools/virt-qemu-sev-validate how to deal with SEV-SNP >> - Try to find a SEV-SNP machine a test these patches in real worl >> - Write a kbase article on attestation with SEV-SNP > > None of the CPU models that we currently have in libvirt allow you to > run an SNP guest. That was the impetus behind my versioned CPU model > series: > https://lists.libvirt.org/archives/list/devel@xxxxxxxxxxxxxxxxx/thread/2GLISAQLU3ZTX7KSD732LM3CXU74JFEH/#2OZAJNGSVVNDQ4EZBITMOD2QJBX5NHWG > > I've been meaning to push that series forward again, but hadn't gotten > to it yet. I'm not that familiar with all gotchas, but should the following just work? <cpu mode='host-passthrough' migratable='off'/> AFAIK, migration with SEV-SNP is not implemented yet. > > Also, what about reporting domain capabilities for sev-snp support? It > will require checking whether the host CPU supports SNP similarly to how > we check the max sev guests, etc. Good point! Let me post patch(es) for that. Michal
