On 4/4/22 8:37 AM, Boris Fiuczynski wrote:
On 4/4/22 2:50 PM, Daniel P. Berrangé wrote:
On Fri, Apr 01, 2022 at 12:13:17PM -0600, Charles Arnold wrote:
From d700e8cee7cd525c0022b5a9a440f64c4ab149f0 Mon Sep 17 00:00:00 2001
From: Charles Arnold <carnold@xxxxxxxx>
Date: Fri, 1 Apr 2022 12:01:21 -0600
Subject: [PATCH 1/1] Add support for enabling Secure Encrypted
Virtualization
in the GUI
Add an "Enable Launch Security" checkbox on the Details memory tab.
Do the minimal configuration required for libvirt to enable this
feature
on compatible hardware.
Don't we need to turn on the 'iommu' option for all virtio devices
too, and disable PXE on any NICs ?
https://libvirt.org/kbase/launch_security_sev.html#virtio
With regards,
Daniel
Hi Arnold,
your patch does not take into account that libvirt uses launch
security for more types besides sev.
Good point. I haven't taken into account the s390 case which I can correct.
I'm not aware of other launch security types besides those two.
- Charles
