libvirt driver launching SEV-ES-encrypted instances
This work follows what was already done in https:/
AMD released new CPUs which supports new versions of SEV feature. One of them is SEV-ES which is already supported by underlying components such as kernel/
This work aim to extend the existing feature to allow users to select using AMD SEV-ES instead of AMD SEV as encryption mechanism to protect their instances from its hypervisor more strictly.
Blueprint information
- Status:
- Complete
- Approver:
- Sylvain Bauza
- Priority:
- Undefined
- Drafter:
- Takashi Kajinami
- Direction:
- Approved
- Assignee:
- Takashi Kajinami
- Definition:
- Approved
- Series goal:
- Accepted for 2025.2
- Implementation:
-
Implemented
- Milestone target:
- None
- Started by
- Sylvain Bauza
- Completed by
- Uggla
Related branches
Related bugs
Sprints
Whiteboard
Gerrit topic: https:/
Addressed by: https:/
libvirt: AMD SEV-ES support
Addressed by: https:/
Migrate MEM_ENCRYPTION_
[20240719 bauzas] Spec approved for the Dalmatian cycle
Addressed by: https:/
Follow up for "libvirt: AMD SEV-ES support"
Addressed by: https:/
Detect AMD SEV-ES support
Addressed by: https:/
libvirt: Launch instances with SEV-ES memory encryption
Addressed by: https:/
Add hw_mem_
Addressed by: https:/
Re-propose "libvirt: AMD SEV-ES support" for 2025.1
[20241119 bauzas] Spec got approved for the Epoxy timeframe
Addressed by: https:/
Re-propose "libvirt: AMD SEV-ES support" for 2025.2
[2025MMDD bauzas] Spec was approved during the Flamingo cycle
Addressed by: https:/
Add functional test scenario for mixed SEV RPs
Addressed by: https:/
Purge nested SEV RPs when SEV is disabled
[20250829 Uggla] Spec implemented \o/
Gerrit topic: https:/
Addressed by: https:/
Add hw_mem_
