libvirt driver launching Arm-CCA encrypted instances

Registered by Taketani Ryo

Arm has released a new architecture (Armv9-A) that supports Confidential Computing Architecture (CCA).

AMD SEV (https://blueprints.launchpad.net/nova/+spec/amd-sev-libvirt-support) is an existing feature,
and AMD SEV-ES (https://blueprints.launchpad.net/nova/+spec/amd-sev-es-libvirt-support) is under development.
This work aims to extend existing functionality to allow users to select Arm CCA by specifying an aarch64 flavor for memory encryption,
thereby protecting their aarch64 instances from the hypervisor.

* Underlying components such as kernel/qemu/libvirt are under development but have not yet been merged.

Blueprint information

Status:
Not started
Approver:
None
Priority:
Undefined
Drafter:
Taketani Ryo
Direction:
Needs approval
Assignee:
Taketani Ryo
Definition:
New
Series goal:
None
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

Gerrit topic: https://review.opendev.org/#/q/topic:bp/arm-cca-libvirt-support

Addressed by: https://review.opendev.org/c/openstack/nova-specs/+/938276
    Add a spec for libvirt driver launching Arm CCA-encrypted instances

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.