runtime: Support for AMD SEV-SNP VMs

This commit adds AMD SEV-SNP as a confidential guest option to the
runtime. Information on required components such as OVMF, QEMU and
a kernel supporting SEV-SNP are defined in the versions file and
corresponding configs are added.

Note: The CPU model 'host' provided by the current SNP-QEMU does
not support all SNP capabilities yet, which is why this option is
changed to EPYC-v4.

Note: The guest's physical address space reduction specified with
ReducedPhysBits is 1. Details are can be found in Section 15.34.6
here https://www.amd.com/system/files/TechDocs/24593.pdf

Fixes #4437

Signed-off-by: Joana Pecholt <joana.pecholt@aisec.fraunhofer.de>

src/runtime/pkg/govmm/qemu/qemu.go

@@ -231,6 +231,9 @@ const (
 	// SEVGuest represents an SEV guest object
 	SEVGuest ObjectType = "sev-guest"
 
+	// SNPGuest represents an SNP guest object
+	SNPGuest ObjectType = "sev-snp-guest"
+
 	// SecExecGuest represents an s390x Secure Execution (Protected Virtualization in QEMU) object
 	SecExecGuest ObjectType = "s390-pv-guest"
 	// PEFGuest represent ppc64le PEF(Protected Execution Facility) object.
@@ -295,6 +298,8 @@ func (object Object) Valid() bool {
 	case TDXGuest:
 		return object.ID != "" && object.File != "" && object.DeviceID != ""
 	case SEVGuest:
+		fallthrough
+	case SNPGuest:
 		return object.ID != "" && object.File != "" && object.CBitPos != 0 && object.ReducedPhysBits != 0
 	case SecExecGuest:
 		return object.ID != ""
@@ -349,6 +354,8 @@ func (object Object) QemuParams(config *Config) []string {
 			deviceParams = append(deviceParams, fmt.Sprintf("config-firmware-volume=%s", object.FirmwareVolume))
 		}
 	case SEVGuest:
+		fallthrough
+	case SNPGuest:
 		objectParams = append(objectParams, string(object.Type))
 		objectParams = append(objectParams, fmt.Sprintf("id=%s", object.ID))
 		objectParams = append(objectParams, fmt.Sprintf("cbitpos=%d", object.CBitPos))