[pve-devel] [PATCH qemu-server v2 2/2] config: add AMD SEV-SNP support.
Daniel Kral
d.kral at proxmox.com
Tue Feb 18 12:00:32 CET 2025
On 2/17/25 15:06, Philipp Giersfeld wrote:
> This patch is for enabling AMD SEV-SNP support.
>
> Where applicable, it extends support for existing SEV(-ES) variables
> to SEV-SNP. This means that it retains no-debug and kernel-hashes
> options, but the no-key-sharing option is removed.
>
> The default policy value is identical to QEMU’s, and the therefore
> required option has been added to configure SMT support.
>
> The code was tested by running a VM without SEV, with SEV, SEV-ES,
> SEV-SNP. Each configuration was tested with and without an EFI disk
> attached. For SEV-enabled configurations it was also verified that the
> kernel actually used the respective feature.
>
> Signed-off-by: Philipp Giersfeld <philipp.giersfeld at canarybit.eu>
> Reviewed-by: Daniel Kral <d.kral at proxmox.com>
> ---
>
> changes since v1: https://lists.proxmox.com/pipermail/pve-devel/2025-February/068159.html
> * Fix formatting and code layout
> * Fix bug in policy calculation
>
> Signed-off-by: Philipp Giersfeld <philipp.giersfeld at canarybit.eu>
LGTM! As already pointed out by @Markus in another patch, the Signed-off
is only needed for the patch message itself, not the comments, but no
trouble at all - it's not relevant when applied anyway.
Cross-checked with my nits & comments and all were implemented, so it's
indeed:
Reviewed-by: Daniel Kral <d.kral at proxmox.com>
BTW is there a reason you used the at form at the tested-by/reviewed-by
emails?
More information about the pve-devel
mailing list