diff options
| author | Roy Hopkins <roy.hopkins@randomman.co.uk> | 2025-07-03 17:21:58 +0100 |
|---|---|---|
| committer | Paolo Bonzini <pbonzini@redhat.com> | 2025-07-12 15:28:21 +0200 |
| commit | 2ff75825cc5a5d56ea90d79cd15578f6b1893561 (patch) | |
| tree | 9966e40d32dd6ec3d559dc1b85f692c9929592ab /scripts/tracetool/backend/simple.py | |
| parent | 915b47078d6b4cffde209aab81ab56f73e4a2632 (diff) | |
| download | qemu-2ff75825cc5a5d56ea90d79cd15578f6b1893561.zip qemu-2ff75825cc5a5d56ea90d79cd15578f6b1893561.tar.gz qemu-2ff75825cc5a5d56ea90d79cd15578f6b1893561.tar.bz2 | |
i386/sev: Add implementation of CGS set_guest_policy()
The new cgs_set_guest_policy() function is provided to receive the guest
policy flags, SNP ID block and SNP ID authentication from guest
configuration such as an IGVM file and apply it to the platform prior to
launching the guest.
The policy is used to populate values for the existing 'policy',
'id_block' and 'id_auth' parameters. When provided, the guest policy is
applied and the ID block configuration is used to verify the launch
measurement and signatures. The guest is only successfully started if
the expected launch measurements match the actual measurements and the
signatures are valid.
Signed-off-by: Roy Hopkins <roy.hopkins@randomman.co.uk>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Stefano Garzarella <sgarzare@redhat.com>
Acked-by: Gerd Hoffman <kraxel@redhat.com>
Reviewed-by: Ani Sinha <anisinha@redhat.com>
Link: https://lore.kernel.org/r/99e82ddec4ad2970c790db8bea16ea3f57eb0e53.1751554099.git.roy.hopkins@randomman.co.uk
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'scripts/tracetool/backend/simple.py')
0 files changed, 0 insertions, 0 deletions