Re: Add support for enabling Secure Encrypted Virtualization in the GUI

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On 4/4/22 5:48 PM, Charles Arnold wrote:
On 4/4/22 8:37 AM, Boris Fiuczynski wrote:
On 4/4/22 2:50 PM, Daniel P. Berrangé wrote:
On Fri, Apr 01, 2022 at 12:13:17PM -0600, Charles Arnold wrote:
 From d700e8cee7cd525c0022b5a9a440f64c4ab149f0 Mon Sep 17 00:00:00 2001
From: Charles Arnold <carnold@xxxxxxxx>
Date: Fri, 1 Apr 2022 12:01:21 -0600
Subject: [PATCH 1/1] Add support for enabling Secure Encrypted
  in the GUI

Add an "Enable Launch Security" checkbox on the Details memory tab.
Do the minimal configuration required for libvirt to enable this feature
on compatible hardware.

Don't we need to turn on the 'iommu' option for all virtio devices
too, and disable PXE on any NICs ?

With regards,

Hi Arnold,
your patch does not take into account that libvirt uses launch security for more types besides sev.

Good point. I haven't taken into account the s390 case which I can correct.
I'm not aware of other launch security types besides those two.

- Charles

There has been a patch series for TDX on the mailing list in July 2021 but I am not sure what finally happened to it.

Mit freundlichen Grüßen/Kind regards
   Boris Fiuczynski

IBM Deutschland Research & Development GmbH
Vorsitzender des Aufsichtsrats: Gregor Pillen
Geschäftsführung: David Faller
Sitz der Gesellschaft: Böblingen
Registergericht: Amtsgericht Stuttgart, HRB 243294

[Index of Archives]     [Linux Virtualization]     [KVM Development]     [CentOS Virtualization]     [Netdev]     [Ethernet Bridging]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]     [Video 4 Linux]

  Powered by Linux