mirror of
https://github.com/aljazceru/kata-containers.git
synced 2026-01-01 05:24:19 +01:00
a87698fe56
AMD SEV pre-attestation is handled by the runtime before the guest is launched. Guest VM is started paused and the runtime communicates with a remote keybroker service (e.g., simple-kbs) to validate the attestation measurement and to receive launch secret. Upon validation, the launch secret is injected into guest memory and the VM is started. Fixes: #4280 Signed-off-by: Jim Cadden <jcadden@ibm.com> Signed-off-by: Tobin Feldman-Fitzthum <tobin@ibm.com> Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>