From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: <pve-devel-bounces@lists.proxmox.com> Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 7233A1FF16E for <inbox@lore.proxmox.com>; Mon, 17 Feb 2025 15:07:29 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 3063D29128; Mon, 17 Feb 2025 15:07:25 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1739801236; x=1740406036; d=canarybit.eu; s=rsa2; h=content-transfer-encoding:mime-version:message-id:date:subject:cc:to:from: from; bh=ADW1APzH5pU1s7JLV1uugiFB+ZKc9KtS7ml0wDdkMSg=; b=TKR490ZKVLlEJc+8hZMbkI6Re9uN+IRO2SaWhPNNVB+fcZQPQTRGCFs6g6fvJp/0gwDb9EnZkrpXJ vbrEeVR/fIUQP1oJbP3u0l4Hk7K0NBe/gP7CZN2GCa0aBq/kF9ILmi339Qs88VohignM+zXC3YVoCz P1p2xc59chux/xpgUaSJ6ne5fDBIduR5AnJuz0Uf3ePVJdKFGs5vvNG3YtYUTnZo/+WwWsI3kDzw/5 goUVemncBvvy8nxs4qZoRlN+38gSr9G0h4VYVIugj0/PR8mGInhbuP6USvhx56SaX3eA61kt54Z3yB g9zR/rvRig66Y7R22euYyF4p1qZ1KXA== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; t=1739801236; x=1740406036; d=canarybit.eu; s=ed2; h=content-transfer-encoding:mime-version:message-id:date:subject:cc:to:from: from; bh=ADW1APzH5pU1s7JLV1uugiFB+ZKc9KtS7ml0wDdkMSg=; b=vSDHWUoRvS3dH8FjQ3NfQjuc5Qm8OSwdMznPeLuyK8iPNauVjAl62ElOleJyHawQSBD1S7b0wRlgR ZwfiUqeCQ== X-HalOne-ID: 78d8720b-ed38-11ef-9e45-152d8afab6bc From: Philipp Giersfeld <philipp.giersfeld@canarybit.eu> To: pve-devel@lists.proxmox.com Date: Mon, 17 Feb 2025 15:06:46 +0100 Message-Id: <20250217140705.271726-1-philipp.giersfeld@canarybit.eu> X-Mailer: git-send-email 2.39.5 MIME-Version: 1.0 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.297 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DKIM_SIGNED 0.1 Message has a DKIM or DK signature, not necessarily valid DKIM_VALID -0.1 Message has at least one valid DKIM or DK signature DKIM_VALID_AU -0.1 Message has a valid DKIM or DK signature from author's domain DKIM_VALID_EF -0.1 Message has a valid DKIM or DK signature from envelope-from domain DMARC_MISSING 0.1 Missing DMARC policy RCVD_IN_DNSWL_NONE -0.0001 Sender listed at https://www.dnswl.org/, no trust SPF_HELO_PASS -0.001 SPF: HELO matches SPF record SPF_NONE 0.001 SPF: sender does not publish an SPF Record Subject: [pve-devel] [PATCH edk2-firmware/qemu-server/manager 0/5] AMD SEV-SNP X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com> List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe> List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/> List-Post: <mailto:pve-devel@lists.proxmox.com> List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help> List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe> Reply-To: Proxmox VE development discussion <pve-devel@lists.proxmox.com> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" <pve-devel-bounces@lists.proxmox.com> This patch series adds support for AMD SEV-SNP. Where possible it mimics the existing support for AMD SEV(-ES). Running SEV-SNP VMs requires a more recent version of edk2 and OVMF firmware image. Contrary to other setups, SEV-SNP does not support loading the firmware via pflash. Instead, the firmware image is loaded via the -bios option. Tested-by: Markus Frank <m.frank at proxmox.com> --- Thanks to Daniel for the feedback. changes since v1: https://lists.proxmox.com/pipermail/pve-devel/2025-February/068159.html * Add patch to calculate policy using shift and OR * Add note in WebUI for required host kernel version * Fix formatting and code layout * Fix bug in policy calculation * Disable key-sharing option for SNP _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel