[pve-devel] [PATCH edk2-firmware v3 2/5] Add OVMF targets for AMD SEV-ES and SEV-SNP
Thomas Lamprecht
t.lamprecht at proxmox.com
Wed Mar 5 16:35:48 CET 2025
Am 05.03.25 um 15:18 schrieb Fiona Ebner:
> Am 24.02.25 um 13:37 schrieb Philipp Giersfeld:
>> AMD SEV-SNP boots with a single volatile firmware image OVMF.fd via the
>> -bios option.
>>
>> Currently, an SEV-enabled VM will not boot with an OVMF
>> firmware that was compiled with `SECURE_BOOT_ENABLE` [1].
>>
>> Furthermore, during testing, SEV-enabled amchines did not boot with
>> `SMM_REQUIRE`.
>>
>> Therefore, introduce a new target build-ovmf-cvm that builds OVMF
>> firmware suitable for AMD SEV.
>>
>> [1] https://github.com/tianocore/edk2/pull/6285
>>
>
> This has been merged in edk2-stable202502, which is already out now. I'd
> prefer going directly for that tag. Can we avoid splitting out the
> SMM_REQUIRE flag then?
>
An edk2 update is due since quite a bit already, so I'd apply your first
patch and would rebase on latest edk2-stable202502 and release that; we
can still do another bump if something else is needed while getting
feedback about the new version independent of SEV related changes already.
More information about the pve-devel
mailing list