mirror of https://github.com/aljazceru/kata-containers.git synced 2026-01-18 05:44:24 +01:00

Files

Dov Murik adec86cc40 runtime: Support launching SEV-ES guests

The `sev_guest_policy` configuration field distinguishes between SEV and
SEV-ES guests (according to standard AMD SEV policy values).

Modify the kata runtime to detect SEV-ES guests and calculate calculate
the expected launch digest taking into account the number of VCPUs and
their CPU signature (model/family/stepping).

Fixes: #5471

Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>

2022-12-21 21:29:45 +00:00

testdata

runtime: sev: Add unittests; allow measurement without kernel

2022-10-27 16:45:53 +03:00

ovmf.go

runtime: pkg/sev: Support SEV-ES launch digest calculation

2022-11-28 18:08:50 +00:00

README.md

runtime: sev: Add unittests; allow measurement without kernel

2022-10-27 16:45:53 +03:00

sev_test.go

runtime: pkg/sev: Support SEV-ES launch digest calculation

2022-11-28 18:08:50 +00:00

sev.go

runtime: pkg/sev: Support SEV-ES launch digest calculation

2022-11-28 18:08:50 +00:00

vcpu_sigs_test.go

runtime: Support launching SEV-ES guests

2022-12-21 21:29:45 +00:00

vcpu_sigs.go

runtime: Support launching SEV-ES guests

2022-12-21 21:29:45 +00:00

vmsa.go

runtime: pkg/sev: Support SEV-ES launch digest calculation

2022-11-28 18:08:50 +00:00

README.md

AMD SEV confidential guest utilities

This package provides utilities for launching AMD SEV confidential guests.

Calculating expected launch digests

The CalculateLaunchDigest function can be used to calculate the expected SHA-256 of an SEV confidential guest given its firmware, kernel, initrd, and kernel command-line.

Unit test data

The testdata directory contains file used for testing CalculateLaunchDigest.