Home
last modified time | relevance | path

Searched refs:SEV (Results 1 – 19 of 19) sorted by relevance

/linux/Documentation/virt/coco/
H A Dsev-guest.rst4 The Definitive SEV Guest API Documentation
10 The SEV API is a set of ioctls that are used by the guest or hypervisor
11 to get or set a certain aspect of the SEV virtual machine. The ioctls belong
15 whole SEV firmware. These ioctl are used by platform provisioning tools.
17 - Guest ioctls: These query and set attributes of the SEV virtual machine.
22 This section describes ioctls that is used for querying the SEV guest report
23 from the SEV firmware. For each ioctl, the following information is provided
27 which SEV technology provides this ioctl. SEV, SEV-ES, SEV-SNP or all.
96 SEV-SNP firmware. The ioctl uses the SNP_GUEST_REQUEST (MSG_REPORT_REQ) command
97 provided by the SEV-SNP firmware to query the attestation report.
[all …]
/linux/Documentation/virt/kvm/x86/
H A Damd-memory-encryption.rst4 Secure Encrypted Virtualization (SEV)
10 Secure Encrypted Virtualization (SEV) is a feature found on AMD processors.
12 SEV is an extension to the AMD-V architecture which supports running
17 The hypervisor can determine the SEV support through the CPUID
19 to SEV::
22 Bit[1] indicates support for SEV
27 If support for SEV is present, MSR 0xc001_0010 (MSR_AMD64_SYSCFG) and MSR 0xc001_0015
38 When SEV support is available, it can be enabled in a specific VM by
39 setting the SEV bit before executing VMRUN.::
42 Bit[1] 1 = SEV is enabled
[all …]
/linux/Documentation/translations/zh_CN/security/secrets/
H A Dcoco.rst20 机密计算硬件(如AMD SEV,Secure Encrypted Virtualization)允许虚拟机
22 钥。在SEV中,密钥注入需在虚拟机启动流程的早期阶段(客户机开始运行前)
36 虚拟机启动过程中,虚拟机管理器可向该区域注入密钥。在AMD SEVSEV-ES中,此
91 请参见 [sev-api-spec_CN]_ 以获取有关SEV ``LAUNCH_SECRET`` 操作的更多信息。
/linux/Documentation/security/secrets/
H A Dcoco.rst15 Confidential Computing (coco) hardware such as AMD SEV (Secure Encrypted
17 memory without the host/hypervisor being able to read them. In SEV,
36 area. In AMD SEV and SEV-ES this is performed using the
99 See [sev-api-spec]_ for more info regarding SEV ``LAUNCH_SECRET`` operation.
/linux/arch/arm/include/asm/
H A Dspinlock.h39 #define SEV __ALT_SMP_ASM(WASM(sev), WASM(nop)) macro
45 __asm__(SEV); in dsb_sev()
/linux/Documentation/virt/hyperv/
H A Dcoco.rst25 * AMD processor with SEV-SNP. Hyper-V does not run guest VMs with AMD SME,
26 SEV, or SEV-ES encryption, and such encryption is not sufficient for a CoCo
79 * With AMD SEV-SNP processors, in fully-enlightened mode the guest OS runs in
85 as defined by the SEV-SNP architecture. This mode simplifies guest management
93 MSR indicates if the underlying processor uses AMD SEV-SNP or Intel TDX, and
108 AMD SEV-SNP in fully-enlightened mode.
116 * CPUID flags. Both AMD SEV-SNP and Intel TDX provide a CPUID flag in the
122 abstracting the differences between SEV-SNP and TDX. But the
125 flags are not set. The exception is early boot memory setup on SEV-SNP, which
126 tests the CPUID SEV-SNP flag. But not having the flag in Hyper-V paravisor
[all …]
/linux/Documentation/ABI/testing/
H A Dsecurityfs-secrets-coco9 platforms (such as AMD SEV and SEV-ES) for secret injection by
/linux/arch/x86/kvm/
H A DKconfig157 bool "AMD Secure Encrypted Virtualization (SEV) support"
168 Encrypted Virtualization (SEV), Secure Encrypted Virtualization with
169 Encrypted State (SEV-ES), and Secure Encrypted Virtualization with
170 Secure Nested Paging (SEV-SNP) technologies on AMD processors.
H A Dcpuid.c1223 VENDOR_F(SEV), in kvm_initialize_cpu_caps()
/linux/drivers/virt/coco/efi_secret/
H A DKconfig10 confidential computing secret injection (for example for AMD SEV
/linux/drivers/crypto/ccp/
H A DKconfig46 management commands in Secure Encrypted Virtualization (SEV) mode,
/linux/tools/arch/x86/kcpuid/
H A Dcpuid.csv978 # AMD encrypted memory capabilities (SME/SEV)
983 0x8000001f, 0, eax, 3, sev_es , SEV Encrypted State
984 0x8000001f, 0, eax, 4, sev_nested_paging , SEV secure nested paging
991 0x8000001f, 0, eax, 11, req_64bit_hypervisor , SEV guest mandates 64-bit hypervisor
994 0x8000001f, 0, eax, 14, debug_swap , SEV-ES: Full debug state swap
995 0x8000001f, 0, eax, 15, disallow_host_ibs , SEV-ES: Disallowing IBS use by the host
999 0x8000001f, 0, eax, 19, virt_ibs , SEV-ES guests: IBS state virtualization
1008 0x8000001f, 0, edx, 31:0, min_sev_asid_no_sev_es , Minimum ASID for SEV-enabled SEV-ES-disabled guest
/linux/drivers/char/tpm/
H A DKconfig251 This is a driver for the AMD SVSM vTPM protocol that a SEV-SNP guest
/linux/drivers/firmware/efi/
H A DKconfig254 Confidential Computing platforms (such as AMD SEV) allow the
/linux/Documentation/admin-guide/
H A Dkernel-parameters.txt1074 like Hyper-V, PowerPC (fadump) and AMD SEV-SNP.
3194 If ciphertext hiding is enabled, the joint SEV-ES and
3195 SEV-SNP ASID space is partitioned into separate SEV-ES
3196 and SEV-SNP ASID ranges, with the SEV-SNP range being
3197 [1..max_snp_asid] and the SEV-ES range being
3201 A non-zero value enables SEV-SNP ciphertext hiding and
3202 adjusts the ASID ranges for SEV-ES and SEV-SNP guests.
3203 KVM caps the number of SEV-SNP ASIDs at the maximum
3205 joint SEV-ES and SEV-SNP ASIDs to SEV-SNP. Note,
3206 assigning all joint ASIDs to SEV-SNP, i.e. configuring
[all …]
/linux/arch/x86/include/asm/
H A Dkvm_host.h1387 __APICV_INHIBIT_REASON(SEV), \
/linux/Documentation/virt/kvm/
H A Dapi.rst4826 (SEV) commands on AMD Processors and Trusted Domain Extensions (TDX) commands
4843 It is used in the SEV-enabled guest. When encryption is enabled, a guest
4844 memory region may contain encrypted data. The SEV memory encryption
4848 swapped. So relocating (or migrating) physical backing pages for the SEV
4851 Note: The current SEV key management spec does not provide commands to
6956 - KVM_SYSTEM_EVENT_SEV_TERM -- an AMD SEV guest requested termination.
7428 KVM_EXIT_SNP_REQ_CERTS indicates an SEV-SNP guest with certificate-fetching
8328 :Architectures: x86 SEV enabled
8410 :Architectures: x86 SEV enabled
/linux/arch/x86/
H A DKconfig491 APIC accesses and support for managing guest owned APIC state for SEV-SNP
/linux/
H A DMAINTAINERS1062 AMD CRYPTOGRAPHIC COPROCESSOR (CCP) DRIVER - SEV SUPPORT