sphinx.addnodesdocument)}( rawsourcechildren]( translations LanguagesNode)}(hhh](h pending_xref)}(hhh]docutils.nodesTextChinese (Simplified)}parenthsba attributes}(ids]classes]names]dupnames]backrefs] refdomainstdreftypedoc reftarget6/translations/zh_CN/virt/kvm/x86/amd-memory-encryptionmodnameN classnameN refexplicitutagnamehhh ubh)}(hhh]hChinese (Traditional)}hh2sbah}(h]h ]h"]h$]h&] refdomainh)reftypeh+ reftarget6/translations/zh_TW/virt/kvm/x86/amd-memory-encryptionmodnameN classnameN refexplicituh1hhh ubh)}(hhh]hItalian}hhFsbah}(h]h ]h"]h$]h&] refdomainh)reftypeh+ reftarget6/translations/it_IT/virt/kvm/x86/amd-memory-encryptionmodnameN classnameN refexplicituh1hhh ubh)}(hhh]hJapanese}hhZsbah}(h]h ]h"]h$]h&] refdomainh)reftypeh+ reftarget6/translations/ja_JP/virt/kvm/x86/amd-memory-encryptionmodnameN classnameN refexplicituh1hhh ubh)}(hhh]hKorean}hhnsbah}(h]h ]h"]h$]h&] refdomainh)reftypeh+ reftarget6/translations/ko_KR/virt/kvm/x86/amd-memory-encryptionmodnameN classnameN refexplicituh1hhh ubh)}(hhh]hSpanish}hhsbah}(h]h ]h"]h$]h&] refdomainh)reftypeh+ reftarget6/translations/sp_SP/virt/kvm/x86/amd-memory-encryptionmodnameN classnameN refexplicituh1hhh ubeh}(h]h ]h"]h$]h&]current_languageEnglishuh1h hh _documenthsourceNlineNubhcomment)}(h SPDX-License-Identifier: GPL-2.0h]h SPDX-License-Identifier: GPL-2.0}hhsbah}(h]h ]h"]h$]h&] xml:spacepreserveuh1hhhhhhP/var/lib/git/docbuild/linux/Documentation/virt/kvm/x86/amd-memory-encryption.rsthKubhsection)}(hhh](htitle)}(h%Secure Encrypted Virtualization (SEV)h]h%Secure Encrypted Virtualization (SEV)}(hhhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhhhhhKubh)}(hhh](h)}(hOverviewh]hOverview}(hhhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhhhhhKubh paragraph)}(hKSecure Encrypted Virtualization (SEV) is a feature found on AMD processors.h]hKSecure Encrypted Virtualization (SEV) is a feature found on AMD processors.}(hhhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhK hhhhubh)}(hSEV is an extension to the AMD-V architecture which supports running virtual machines (VMs) under the control of a hypervisor. When enabled, the memory contents of a VM will be transparently encrypted with a key unique to that VM.h]hSEV is an extension to the AMD-V architecture which supports running virtual machines (VMs) under the control of a hypervisor. When enabled, the memory contents of a VM will be transparently encrypted with a key unique to that VM.}(hhhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhK hhhhubh)}(hThe hypervisor can determine the SEV support through the CPUID instruction. The CPUID function 0x8000001f reports information related to SEV::h]hThe hypervisor can determine the SEV support through the CPUID instruction. The CPUID function 0x8000001f reports information related to SEV:}(hhhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKhhhhubh literal_block)}(h0x8000001f[eax]: Bit[1] indicates support for SEV ... [ecx]: Bits[31:0] Number of encrypted guests supported simultaneouslyh]h0x8000001f[eax]: Bit[1] indicates support for SEV ... [ecx]: Bits[31:0] Number of encrypted guests supported simultaneously}hjsbah}(h]h ]h"]h$]h&]hhuh1jhhhKhhhhubh)}(hIf support for SEV is present, MSR 0xc001_0010 (MSR_AMD64_SYSCFG) and MSR 0xc001_0015 (MSR_K7_HWCR) can be used to determine if it can be enabled::h]hIf support for SEV is present, MSR 0xc001_0010 (MSR_AMD64_SYSCFG) and MSR 0xc001_0015 (MSR_K7_HWCR) can be used to determine if it can be enabled:}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKhhhhubj)}(hX0xc001_0010: Bit[23] 1 = memory encryption can be enabled 0 = memory encryption can not be enabled 0xc001_0015: Bit[0] 1 = memory encryption can be enabled 0 = memory encryption can not be enabledh]hX0xc001_0010: Bit[23] 1 = memory encryption can be enabled 0 = memory encryption can not be enabled 0xc001_0015: Bit[0] 1 = memory encryption can be enabled 0 = memory encryption can not be enabled}hj$sbah}(h]h ]h"]h$]h&]hhuh1jhhhKhhhhubh)}(hrWhen SEV support is available, it can be enabled in a specific VM by setting the SEV bit before executing VMRUN.::h]hqWhen SEV support is available, it can be enabled in a specific VM by setting the SEV bit before executing VMRUN.:}(hj2hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhK&hhhhubj)}(hZVMCB[0x90]: Bit[1] 1 = SEV is enabled 0 = SEV is disabledh]hZVMCB[0x90]: Bit[1] 1 = SEV is enabled 0 = SEV is disabled}hj@sbah}(h]h ]h"]h$]h&]hhuh1jhhhK)hhhhubh)}(hSEV hardware uses ASIDs to associate a memory encryption key with a VM. Hence, the ASID for the SEV-enabled guests must be from 1 to a maximum value defined in the CPUID 0x8000001f[ecx] field.h]hSEV hardware uses ASIDs to associate a memory encryption key with a VM. Hence, the ASID for the SEV-enabled guests must be from 1 to a maximum value defined in the CPUID 0x8000001f[ecx] field.}(hjNhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhK-hhhhubeh}(h]overviewah ]h"]overviewah$]h&]uh1hhhhhhhhKubh)}(hhh](h)}(hThe KVM_MEMORY_ENCRYPT_OP ioctlh]hThe KVM_MEMORY_ENCRYPT_OP ioctl}(hjghhhNhNubah}(h]h ]h"]h$]h&]uh1hhjdhhhhhK2ubh)}(hXThe main ioctl to access SEV is KVM_MEMORY_ENCRYPT_OP, which operates on the VM file descriptor. If the argument to KVM_MEMORY_ENCRYPT_OP is NULL, the ioctl returns 0 if SEV is enabled and ``ENOTTY`` if it is disabled (on some older versions of Linux, the ioctl tries to run normally even with a NULL argument, and therefore will likely return ``EFAULT`` instead of zero if SEV is enabled). If non-NULL, the argument to KVM_MEMORY_ENCRYPT_OP must be a struct kvm_sev_cmd::h](hThe main ioctl to access SEV is KVM_MEMORY_ENCRYPT_OP, which operates on the VM file descriptor. If the argument to KVM_MEMORY_ENCRYPT_OP is NULL, the ioctl returns 0 if SEV is enabled and }(hjuhhhNhNubhliteral)}(h ``ENOTTY``h]hENOTTY}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1j}hjuubh if it is disabled (on some older versions of Linux, the ioctl tries to run normally even with a NULL argument, and therefore will likely return }(hjuhhhNhNubj~)}(h ``EFAULT``h]hEFAULT}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1j}hjuubhv instead of zero if SEV is enabled). If non-NULL, the argument to KVM_MEMORY_ENCRYPT_OP must be a struct kvm_sev_cmd:}(hjuhhhNhNubeh}(h]h ]h"]h$]h&]uh1hhhhK4hjdhhubj)}(hhstruct kvm_sev_cmd { __u32 id; __u64 data; __u32 error; __u32 sev_fd; };h]hhstruct kvm_sev_cmd { __u32 id; __u64 data; __u32 error; __u32 sev_fd; };}hjsbah}(h]h ]h"]h$]h&]hhuh1jhhhK``.h](h On output, }(hj hhhNhNubj~)}(h ``error``h]herror}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1j}hj ubhC is zero on success, or an error code. Error codes are defined in }(hj hhhNhNubj~)}(h````h]h}(hj'hhhNhNubah}(h]h ]h"]h$]h&]uh1j}hj ubh.}(hj hhhNhNubeh}(h]h ]h"]h$]h&]uh1hhhhKIhjdhhubh)}(hKVM implements the following commands to support common lifecycle events of SEV guests, such as launching, running, snapshotting, migrating and decommissioning.h]hKVM implements the following commands to support common lifecycle events of SEV guests, such as launching, running, snapshotting, migrating and decommissioning.}(hj?hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKLhjdhhubh)}(hhh](h)}(h1. KVM_SEV_INIT2h]h1. KVM_SEV_INIT2}(hjPhhhNhNubah}(h]h ]h"]h$]h&]uh1hhjMhhhhhKPubh)}(hThe KVM_SEV_INIT2 command is used by the hypervisor to initialize the SEV platform context. In a typical workflow, this command should be the first command issued.h]hThe KVM_SEV_INIT2 command is used by the hypervisor to initialize the SEV platform context. In a typical workflow, this command should be the first command issued.}(hj^hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKRhjMhhubh)}(hFor this command to be accepted, either KVM_X86_SEV_VM or KVM_X86_SEV_ES_VM must have been passed to the KVM_CREATE_VM ioctl. A virtual machine created with those machine types in turn cannot be run until KVM_SEV_INIT2 is invoked.h]hFor this command to be accepted, either KVM_X86_SEV_VM or KVM_X86_SEV_ES_VM must have been passed to the KVM_CREATE_VM ioctl. A virtual machine created with those machine types in turn cannot be run until KVM_SEV_INIT2 is invoked.}(hjlhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKUhjMhhubh)}(h$Parameters: struct kvm_sev_init (in)h]h$Parameters: struct kvm_sev_init (in)}(hjzhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKYhjMhhubh)}(h)Returns: 0 on success, -negative on errorh]h)Returns: 0 on success, -negative on error}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhK[hjMhhubj)}(hXstruct kvm_sev_init { __u64 vmsa_features; /* initial value of features field in VMSA */ __u32 flags; /* must be 0 */ __u16 ghcb_version; /* maximum guest GHCB version allowed */ __u16 pad1; __u32 pad2[8]; };h]hXstruct kvm_sev_init { __u64 vmsa_features; /* initial value of features field in VMSA */ __u32 flags; /* must be 0 */ __u16 ghcb_version; /* maximum guest GHCB version allowed */ __u16 pad1; __u32 pad2[8]; };}hjsbah}(h]h ]h"]h$]h&]hhuh1jhhhK_hjMhhubh)}(hIt is an error if the hypervisor does not support any of the bits that are set in ``flags`` or ``vmsa_features``. ``vmsa_features`` must be 0 for SEV virtual machines, as they do not have a VMSA.h](hRIt is an error if the hypervisor does not support any of the bits that are set in }(hjhhhNhNubj~)}(h ``flags``h]hflags}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1j}hjubh or }(hjhhhNhNubj~)}(h``vmsa_features``h]h vmsa_features}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1j}hjubh. }(hjhhhNhNubj~)}(h``vmsa_features``h]h vmsa_features}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1j}hjubh@ must be 0 for SEV virtual machines, as they do not have a VMSA.}(hjhhhNhNubeh}(h]h ]h"]h$]h&]uh1hhhhKghjMhhubh)}(h``ghcb_version`` must be 0 for SEV virtual machines, as they do not issue GHCB requests. If ``ghcb_version`` is 0 for any other guest type, then the maximum allowed guest GHCB protocol will default to version 2.h](j~)}(h``ghcb_version``h]h ghcb_version}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1j}hjubhL must be 0 for SEV virtual machines, as they do not issue GHCB requests. If }(hjhhhNhNubj~)}(h``ghcb_version``h]h ghcb_version}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1j}hjubhg is 0 for any other guest type, then the maximum allowed guest GHCB protocol will default to version 2.}(hjhhhNhNubeh}(h]h ]h"]h$]h&]uh1hhhhKkhjMhhubh)}(hThis command replaces the deprecated KVM_SEV_INIT and KVM_SEV_ES_INIT commands. The commands did not have any parameters (the ```data``` field was unused) and only work for the KVM_X86_DEFAULT_VM machine type (0).h](h~This command replaces the deprecated KVM_SEV_INIT and KVM_SEV_ES_INIT commands. The commands did not have any parameters (the }(hjhhhNhNubj~)}(h ```data```h]h`data`}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1j}hjubhM field was unused) and only work for the KVM_X86_DEFAULT_VM machine type (0).}(hjhhhNhNubeh}(h]h ]h"]h$]h&]uh1hhhhKohjMhhubh)}(hThey behave as if:h]hThey behave as if:}(hj6hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKshjMhhubh bullet_list)}(hhh](h list_item)}(hYthe VM type is KVM_X86_SEV_VM for KVM_SEV_INIT, or KVM_X86_SEV_ES_VM for KVM_SEV_ES_INIT h]h)}(hXthe VM type is KVM_X86_SEV_VM for KVM_SEV_INIT, or KVM_X86_SEV_ES_VM for KVM_SEV_ES_INITh]hXthe VM type is KVM_X86_SEV_VM for KVM_SEV_INIT, or KVM_X86_SEV_ES_VM for KVM_SEV_ES_INIT}(hjOhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKuhjKubah}(h]h ]h"]h$]h&]uh1jIhjFhhhhhNubjJ)}(hthe ``flags`` and ``vmsa_features`` fields of ``struct kvm_sev_init`` are set to zero, and ``ghcb_version`` is set to 0 for KVM_SEV_INIT and 1 for KVM_SEV_ES_INIT. h]h)}(hthe ``flags`` and ``vmsa_features`` fields of ``struct kvm_sev_init`` are set to zero, and ``ghcb_version`` is set to 0 for KVM_SEV_INIT and 1 for KVM_SEV_ES_INIT.h](hthe }(hjghhhNhNubj~)}(h ``flags``h]hflags}(hjohhhNhNubah}(h]h ]h"]h$]h&]uh1j}hjgubh and }(hjghhhNhNubj~)}(h``vmsa_features``h]h vmsa_features}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1j}hjgubh fields of }(hjghhhNhNubj~)}(h``struct kvm_sev_init``h]hstruct kvm_sev_init}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1j}hjgubh are set to zero, and }(hjghhhNhNubj~)}(h``ghcb_version``h]h ghcb_version}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1j}hjgubh8 is set to 0 for KVM_SEV_INIT and 1 for KVM_SEV_ES_INIT.}(hjghhhNhNubeh}(h]h ]h"]h$]h&]uh1hhhhKxhjcubah}(h]h ]h"]h$]h&]uh1jIhjFhhhhhNubeh}(h]h ]h"]h$]h&]bullet*uh1jDhhhKuhjMhhubh)}(hXIf the ``KVM_X86_SEV_VMSA_FEATURES`` attribute does not exist, the hypervisor only supports KVM_SEV_INIT and KVM_SEV_ES_INIT. In that case, note that KVM_SEV_ES_INIT might set the debug swap VMSA feature (bit 5) depending on the value of the ``debug_swap`` parameter of ``kvm-amd.ko``.h](hIf the }(hjhhhNhNubj~)}(h``KVM_X86_SEV_VMSA_FEATURES``h]hKVM_X86_SEV_VMSA_FEATURES}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1j}hjubh attribute does not exist, the hypervisor only supports KVM_SEV_INIT and KVM_SEV_ES_INIT. In that case, note that KVM_SEV_ES_INIT might set the debug swap VMSA feature (bit 5) depending on the value of the }(hjhhhNhNubj~)}(h``debug_swap``h]h debug_swap}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1j}hjubh parameter of }(hjhhhNhNubj~)}(h``kvm-amd.ko``h]h kvm-amd.ko}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1j}hjubh.}(hjhhhNhNubeh}(h]h ]h"]h$]h&]uh1hhhhK|hjMhhubeh}(h] kvm-sev-init2ah ]h"]1. kvm_sev_init2ah$]h&]uh1hhjdhhhhhKPubh)}(hhh](h)}(h2. KVM_SEV_LAUNCH_STARTh]h2. KVM_SEV_LAUNCH_START}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhjhhhhhKubh)}(hThe KVM_SEV_LAUNCH_START command is used for creating the memory encryption context. To create the encryption context, user must provide a guest policy, the owner's public Diffie-Hellman (PDH) key and session information.h]hThe KVM_SEV_LAUNCH_START command is used for creating the memory encryption context. To create the encryption context, user must provide a guest policy, the owner’s public Diffie-Hellman (PDH) key and session information.}(hj(hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKhjhhubh)}(h1Parameters: struct kvm_sev_launch_start (in/out)h]h1Parameters: struct kvm_sev_launch_start (in/out)}(hj6hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKhjhhubh)}(h)Returns: 0 on success, -negative on errorh]h)Returns: 0 on success, -negative on error}(hjDhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKhjhhubj)}(hXstruct kvm_sev_launch_start { __u32 handle; /* if zero then firmware creates a new handle */ __u32 policy; /* guest's policy */ __u64 dh_uaddr; /* userspace address pointing to the guest owner's PDH key */ __u32 dh_len; __u64 session_addr; /* userspace address which points to the guest session information */ __u32 session_len; };h]hXstruct kvm_sev_launch_start { __u32 handle; /* if zero then firmware creates a new handle */ __u32 policy; /* guest's policy */ __u64 dh_uaddr; /* userspace address pointing to the guest owner's PDH key */ __u32 dh_len; __u64 session_addr; /* userspace address which points to the guest session information */ __u32 session_len; };}hjRsbah}(h]h ]h"]h$]h&]hhuh1jhhhKhjhhubh)}(hTOn success, the 'handle' field contains a new handle and on error, a negative value.h]hXOn success, the ‘handle’ field contains a new handle and on error, a negative value.}(hj`hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKhjhhubh)}(h?KVM_SEV_LAUNCH_START requires the ``sev_fd`` field to be valid.h](h"KVM_SEV_LAUNCH_START requires the }(hjnhhhNhNubj~)}(h ``sev_fd``h]hsev_fd}(hjvhhhNhNubah}(h]h ]h"]h$]h&]uh1j}hjnubh field to be valid.}(hjnhhhNhNubeh}(h]h ]h"]h$]h&]uh1hhhhKhjhhubh)}(h+For more details, see SEV spec Section 6.2.h]h+For more details, see SEV spec Section 6.2.}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKhjhhubeh}(h]kvm-sev-launch-startah ]h"]2. kvm_sev_launch_startah$]h&]uh1hhjdhhhhhKubh)}(hhh](h)}(h3. KVM_SEV_LAUNCH_UPDATE_DATAh]h3. KVM_SEV_LAUNCH_UPDATE_DATA}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhjhhhhhKubh)}(hX$The KVM_SEV_LAUNCH_UPDATE_DATA is used for encrypting a memory region. It also calculates a measurement of the memory contents. The measurement is a signature of the memory contents that can be sent to the guest owner as an attestation that the memory was encrypted correctly by the firmware.h]hX$The KVM_SEV_LAUNCH_UPDATE_DATA is used for encrypting a memory region. It also calculates a measurement of the memory contents. The measurement is a signature of the memory contents that can be sent to the guest owner as an attestation that the memory was encrypted correctly by the firmware.}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKhjhhubh)}(h3Parameters (in): struct kvm_sev_launch_update_datah]h3Parameters (in): struct kvm_sev_launch_update_data}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKhjhhubh)}(h)Returns: 0 on success, -negative on errorh]h)Returns: 0 on success, -negative on error}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKhjhhubj)}(hstruct kvm_sev_launch_update { __u64 uaddr; /* userspace address to be encrypted (must be 16-byte aligned) */ __u32 len; /* length of the data to be encrypted (must be 16-byte aligned) */ };h]hstruct kvm_sev_launch_update { __u64 uaddr; /* userspace address to be encrypted (must be 16-byte aligned) */ __u32 len; /* length of the data to be encrypted (must be 16-byte aligned) */ };}hjsbah}(h]h ]h"]h$]h&]hhuh1jhhhKhjhhubh)}(h+For more details, see SEV spec Section 6.3.h]h+For more details, see SEV spec Section 6.3.}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKhjhhubeh}(h]kvm-sev-launch-update-dataah ]h"]3. kvm_sev_launch_update_dataah$]h&]uh1hhjdhhhhhKubh)}(hhh](h)}(h4. KVM_SEV_LAUNCH_MEASUREh]h4. KVM_SEV_LAUNCH_MEASURE}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhjhhhhhKubh)}(hXThe KVM_SEV_LAUNCH_MEASURE command is used to retrieve the measurement of the data encrypted by the KVM_SEV_LAUNCH_UPDATE_DATA command. The guest owner may wait to provide the guest with confidential information until it can verify the measurement. Since the guest owner knows the initial contents of the guest at boot, the measurement can be verified by comparing it to what the guest owner expects.h]hXThe KVM_SEV_LAUNCH_MEASURE command is used to retrieve the measurement of the data encrypted by the KVM_SEV_LAUNCH_UPDATE_DATA command. The guest owner may wait to provide the guest with confidential information until it can verify the measurement. Since the guest owner knows the initial contents of the guest at boot, the measurement can be verified by comparing it to what the guest owner expects.}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKhjhhubh)}(h[If len is zero on entry, the measurement blob length is written to len and uaddr is unused.h]h[If len is zero on entry, the measurement blob length is written to len and uaddr is unused.}(hj"hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKhjhhubh)}(h/Parameters (in): struct kvm_sev_launch_measureh]h/Parameters (in): struct kvm_sev_launch_measure}(hj0hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKhjhhubh)}(h)Returns: 0 on success, -negative on errorh]h)Returns: 0 on success, -negative on error}(hj>hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKhjhhubj)}(hstruct kvm_sev_launch_measure { __u64 uaddr; /* where to copy the measurement */ __u32 len; /* length of measurement blob */ };h]hstruct kvm_sev_launch_measure { __u64 uaddr; /* where to copy the measurement */ __u32 len; /* length of measurement blob */ };}hjLsbah}(h]h ]h"]h$]h&]hhuh1jhhhKhjhhubh)}(hPFor more details on the measurement verification flow, see SEV spec Section 6.4.h]hPFor more details on the measurement verification flow, see SEV spec Section 6.4.}(hjZhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKhjhhubeh}(h]kvm-sev-launch-measureah ]h"]4. kvm_sev_launch_measureah$]h&]uh1hhjdhhhhhKubh)}(hhh](h)}(h5. KVM_SEV_LAUNCH_FINISHh]h5. KVM_SEV_LAUNCH_FINISH}(hjshhhNhNubah}(h]h ]h"]h$]h&]uh1hhjphhhhhKubh)}(hAfter completion of the launch flow, the KVM_SEV_LAUNCH_FINISH command can be issued to make the guest ready for the execution.h]hAfter completion of the launch flow, the KVM_SEV_LAUNCH_FINISH command can be issued to make the guest ready for the execution.}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKhjphhubh)}(h)Returns: 0 on success, -negative on errorh]h)Returns: 0 on success, -negative on error}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKhjphhubeh}(h]kvm-sev-launch-finishah ]h"]5. kvm_sev_launch_finishah$]h&]uh1hhjdhhhhhKubh)}(hhh](h)}(h6. KVM_SEV_GUEST_STATUSh]h6. KVM_SEV_GUEST_STATUS}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhjhhhhhKubh)}(hbThe KVM_SEV_GUEST_STATUS command is used to retrieve status information about a SEV-enabled guest.h]hbThe KVM_SEV_GUEST_STATUS command is used to retrieve status information about a SEV-enabled guest.}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKhjhhubh)}(h-Parameters (out): struct kvm_sev_guest_statush]h-Parameters (out): struct kvm_sev_guest_status}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKhjhhubh)}(h)Returns: 0 on success, -negative on errorh]h)Returns: 0 on success, -negative on error}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKhjhhubj)}(hstruct kvm_sev_guest_status { __u32 handle; /* guest handle */ __u32 policy; /* guest policy */ __u8 state; /* guest state (see enum below) */ };h]hstruct kvm_sev_guest_status { __u32 handle; /* guest handle */ __u32 policy; /* guest policy */ __u8 state; /* guest state (see enum below) */ };}hjsbah}(h]h ]h"]h$]h&]hhuh1jhhhKhjhhubh)}(hSEV guest state:h]hSEV guest state:}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKhjhhubj)}(hXenum { SEV_STATE_INVALID = 0; SEV_STATE_LAUNCHING, /* guest is currently being launched */ SEV_STATE_SECRET, /* guest is being launched and ready to accept the ciphertext data */ SEV_STATE_RUNNING, /* guest is fully launched and running */ SEV_STATE_RECEIVING, /* guest is being migrated in from another SEV machine */ SEV_STATE_SENDING /* guest is getting migrated out to another SEV machine */ };h]hXenum { SEV_STATE_INVALID = 0; SEV_STATE_LAUNCHING, /* guest is currently being launched */ SEV_STATE_SECRET, /* guest is being launched and ready to accept the ciphertext data */ SEV_STATE_RUNNING, /* guest is fully launched and running */ SEV_STATE_RECEIVING, /* guest is being migrated in from another SEV machine */ SEV_STATE_SENDING /* guest is getting migrated out to another SEV machine */ };}hjsbah}(h]h ]h"]h$]h&]hhuh1jhhhKhjhhubeh}(h]kvm-sev-guest-statusah ]h"]6. kvm_sev_guest_statusah$]h&]uh1hhjdhhhhhKubh)}(hhh](h)}(h7. KVM_SEV_DBG_DECRYPTh]h7. KVM_SEV_DBG_DECRYPT}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhjhhhhhKubh)}(hThe KVM_SEV_DEBUG_DECRYPT command can be used by the hypervisor to request the firmware to decrypt the data at the given memory region.h]hThe KVM_SEV_DEBUG_DECRYPT command can be used by the hypervisor to request the firmware to decrypt the data at the given memory region.}(hj#hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKhjhhubh)}(h#Parameters (in): struct kvm_sev_dbgh]h#Parameters (in): struct kvm_sev_dbg}(hj1hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKhjhhubh)}(h)Returns: 0 on success, -negative on errorh]h)Returns: 0 on success, -negative on error}(hj?hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhKhjhhubj)}(hstruct kvm_sev_dbg { __u64 src_uaddr; /* userspace address of data to decrypt */ __u64 dst_uaddr; /* userspace address of destination */ __u32 len; /* length of memory region to decrypt */ };h]hstruct kvm_sev_dbg { __u64 src_uaddr; /* userspace address of data to decrypt */ __u64 dst_uaddr; /* userspace address of destination */ __u32 len; /* length of memory region to decrypt */ };}hjMsbah}(h]h ]h"]h$]h&]hhuh1jhhhMhjhhubh)}(hJThe command returns an error if the guest policy does not allow debugging.h]hJThe command returns an error if the guest policy does not allow debugging.}(hj[hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhjhhubeh}(h]kvm-sev-dbg-decryptah ]h"]7. kvm_sev_dbg_decryptah$]h&]uh1hhjdhhhhhKubh)}(hhh](h)}(h8. KVM_SEV_DBG_ENCRYPTh]h8. KVM_SEV_DBG_ENCRYPT}(hjthhhNhNubah}(h]h ]h"]h$]h&]uh1hhjqhhhhhM ubh)}(hThe KVM_SEV_DEBUG_ENCRYPT command can be used by the hypervisor to request the firmware to encrypt the data at the given memory region.h]hThe KVM_SEV_DEBUG_ENCRYPT command can be used by the hypervisor to request the firmware to encrypt the data at the given memory region.}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhM hjqhhubh)}(h#Parameters (in): struct kvm_sev_dbgh]h#Parameters (in): struct kvm_sev_dbg}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhjqhhubh)}(h)Returns: 0 on success, -negative on errorh]h)Returns: 0 on success, -negative on error}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhjqhhubj)}(hstruct kvm_sev_dbg { __u64 src_uaddr; /* userspace address of data to encrypt */ __u64 dst_uaddr; /* userspace address of destination */ __u32 len; /* length of memory region to encrypt */ };h]hstruct kvm_sev_dbg { __u64 src_uaddr; /* userspace address of data to encrypt */ __u64 dst_uaddr; /* userspace address of destination */ __u32 len; /* length of memory region to encrypt */ };}hjsbah}(h]h ]h"]h$]h&]hhuh1jhhhMhjqhhubh)}(hJThe command returns an error if the guest policy does not allow debugging.h]hJThe command returns an error if the guest policy does not allow debugging.}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhjqhhubeh}(h]kvm-sev-dbg-encryptah ]h"]8. kvm_sev_dbg_encryptah$]h&]uh1hhjdhhhhhM ubh)}(hhh](h)}(h9. KVM_SEV_LAUNCH_SECRETh]h9. KVM_SEV_LAUNCH_SECRET}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhjhhhhhMubh)}(hThe KVM_SEV_LAUNCH_SECRET command can be used by the hypervisor to inject secret data after the measurement has been validated by the guest owner.h]hThe KVM_SEV_LAUNCH_SECRET command can be used by the hypervisor to inject secret data after the measurement has been validated by the guest owner.}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhM hjhhubh)}(h-Parameters (in): struct kvm_sev_launch_secreth]h-Parameters (in): struct kvm_sev_launch_secret}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhM#hjhhubh)}(h)Returns: 0 on success, -negative on errorh]h)Returns: 0 on success, -negative on error}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhM%hjhhubj)}(hXstruct kvm_sev_launch_secret { __u64 hdr_uaddr; /* userspace address containing the packet header */ __u32 hdr_len; __u64 guest_uaddr; /* the guest memory region where the secret should be injected */ __u32 guest_len; __u64 trans_uaddr; /* the hypervisor memory region which contains the secret */ __u32 trans_len; };h]hXstruct kvm_sev_launch_secret { __u64 hdr_uaddr; /* userspace address containing the packet header */ __u32 hdr_len; __u64 guest_uaddr; /* the guest memory region where the secret should be injected */ __u32 guest_len; __u64 trans_uaddr; /* the hypervisor memory region which contains the secret */ __u32 trans_len; };}hj sbah}(h]h ]h"]h$]h&]hhuh1jhhhM)hjhhubeh}(h]kvm-sev-launch-secretah ]h"]9. kvm_sev_launch_secretah$]h&]uh1hhjdhhhhhMubh)}(hhh](h)}(h"10. KVM_SEV_GET_ATTESTATION_REPORTh]h"10. KVM_SEV_GET_ATTESTATION_REPORT}(hj$hhhNhNubah}(h]h ]h"]h$]h&]uh1hhj!hhhhhM5ubh)}(hX[The KVM_SEV_GET_ATTESTATION_REPORT command can be used by the hypervisor to query the attestation report containing the SHA-256 digest of the guest memory and VMSA passed through the KVM_SEV_LAUNCH commands and signed with the PEK. The digest returned by the command should match the digest used by the guest owner with the KVM_SEV_LAUNCH_MEASURE.h]hX[The KVM_SEV_GET_ATTESTATION_REPORT command can be used by the hypervisor to query the attestation report containing the SHA-256 digest of the guest memory and VMSA passed through the KVM_SEV_LAUNCH commands and signed with the PEK. The digest returned by the command should match the digest used by the guest owner with the KVM_SEV_LAUNCH_MEASURE.}(hj2hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhM7hj!hhubh)}(h[If len is zero on entry, the measurement blob length is written to len and uaddr is unused.h]h[If len is zero on entry, the measurement blob length is written to len and uaddr is unused.}(hj@hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhM<hj!hhubh)}(h+Parameters (in): struct kvm_sev_attestationh]h+Parameters (in): struct kvm_sev_attestation}(hjNhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhM?hj!hhubh)}(h)Returns: 0 on success, -negative on errorh]h)Returns: 0 on success, -negative on error}(hj\hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMAhj!hhubj)}(hstruct kvm_sev_attestation_report { __u8 mnonce[16]; /* A random mnonce that will be placed in the report */ __u64 uaddr; /* userspace address where the report should be copied */ __u32 len; };h]hstruct kvm_sev_attestation_report { __u8 mnonce[16]; /* A random mnonce that will be placed in the report */ __u64 uaddr; /* userspace address where the report should be copied */ __u32 len; };}hjjsbah}(h]h ]h"]h$]h&]hhuh1jhhhMEhj!hhubeh}(h]kvm-sev-get-attestation-reportah ]h"]"10. kvm_sev_get_attestation_reportah$]h&]uh1hhjdhhhhhM5ubh)}(hhh](h)}(h11. KVM_SEV_SEND_STARTh]h11. KVM_SEV_SEND_START}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhjhhhhhMMubh)}(hlThe KVM_SEV_SEND_START command can be used by the hypervisor to create an outgoing guest encryption context.h]hlThe KVM_SEV_SEND_START command can be used by the hypervisor to create an outgoing guest encryption context.}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMOhjhhubh)}(hIf session_len is zero on entry, the length of the guest session information is written to session_len and all other fields are not used.h]hIf session_len is zero on entry, the length of the guest session information is written to session_len and all other fields are not used.}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMRhjhhubh)}(h*Parameters (in): struct kvm_sev_send_starth]h*Parameters (in): struct kvm_sev_send_start}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMUhjhhubh)}(h)Returns: 0 on success, -negative on errorh]h)Returns: 0 on success, -negative on error}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMWhjhhubj)}(hXstruct kvm_sev_send_start { __u32 policy; /* guest policy */ __u64 pdh_cert_uaddr; /* platform Diffie-Hellman certificate */ __u32 pdh_cert_len; __u64 plat_certs_uaddr; /* platform certificate chain */ __u32 plat_certs_len; __u64 amd_certs_uaddr; /* AMD certificate */ __u32 amd_certs_len; __u64 session_uaddr; /* Guest session information */ __u32 session_len; };h]hXstruct kvm_sev_send_start { __u32 policy; /* guest policy */ __u64 pdh_cert_uaddr; /* platform Diffie-Hellman certificate */ __u32 pdh_cert_len; __u64 plat_certs_uaddr; /* platform certificate chain */ __u32 plat_certs_len; __u64 amd_certs_uaddr; /* AMD certificate */ __u32 amd_certs_len; __u64 session_uaddr; /* Guest session information */ __u32 session_len; };}hjsbah}(h]h ]h"]h$]h&]hhuh1jhhhM[hjhhubeh}(h]kvm-sev-send-startah ]h"]11. kvm_sev_send_startah$]h&]uh1hhjdhhhhhMMubh)}(hhh](h)}(h12. KVM_SEV_SEND_UPDATE_DATAh]h12. KVM_SEV_SEND_UPDATE_DATA}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhjhhhhhMlubh)}(hThe KVM_SEV_SEND_UPDATE_DATA command can be used by the hypervisor to encrypt the outgoing guest memory region with the encryption context creating using KVM_SEV_SEND_START.h]hThe KVM_SEV_SEND_UPDATE_DATA command can be used by the hypervisor to encrypt the outgoing guest memory region with the encryption context creating using KVM_SEV_SEND_START.}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMnhjhhubh)}(hIf hdr_len or trans_len are zero on entry, the length of the packet header and transport region are written to hdr_len and trans_len respectively, and all other fields are not used.h]hIf hdr_len or trans_len are zero on entry, the length of the packet header and transport region are written to hdr_len and trans_len respectively, and all other fields are not used.}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMrhjhhubh)}(h0Parameters (in): struct kvm_sev_send_update_datah]h0Parameters (in): struct kvm_sev_send_update_data}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMvhjhhubh)}(h)Returns: 0 on success, -negative on errorh]h)Returns: 0 on success, -negative on error}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMxhjhhubj)}(hX_struct kvm_sev_launch_send_update_data { __u64 hdr_uaddr; /* userspace address containing the packet header */ __u32 hdr_len; __u64 guest_uaddr; /* the source memory region to be encrypted */ __u32 guest_len; __u64 trans_uaddr; /* the destination memory region */ __u32 trans_len; };h]hX_struct kvm_sev_launch_send_update_data { __u64 hdr_uaddr; /* userspace address containing the packet header */ __u32 hdr_len; __u64 guest_uaddr; /* the source memory region to be encrypted */ __u32 guest_len; __u64 trans_uaddr; /* the destination memory region */ __u32 trans_len; };}hj(sbah}(h]h ]h"]h$]h&]hhuh1jhhhM|hjhhubeh}(h]kvm-sev-send-update-dataah ]h"]12. kvm_sev_send_update_dataah$]h&]uh1hhjdhhhhhMlubh)}(hhh](h)}(h13. KVM_SEV_SEND_FINISHh]h13. KVM_SEV_SEND_FINISH}(hjAhhhNhNubah}(h]h ]h"]h$]h&]uh1hhj>hhhhhMubh)}(hAfter completion of the migration flow, the KVM_SEV_SEND_FINISH command can be issued by the hypervisor to delete the encryption context.h]hAfter completion of the migration flow, the KVM_SEV_SEND_FINISH command can be issued by the hypervisor to delete the encryption context.}(hjOhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhj>hhubh)}(h)Returns: 0 on success, -negative on errorh]h)Returns: 0 on success, -negative on error}(hj]hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhj>hhubeh}(h]kvm-sev-send-finishah ]h"]13. kvm_sev_send_finishah$]h&]uh1hhjdhhhhhMubh)}(hhh](h)}(h14. KVM_SEV_SEND_CANCELh]h14. KVM_SEV_SEND_CANCEL}(hjvhhhNhNubah}(h]h ]h"]h$]h&]uh1hhjshhhhhMubh)}(hAfter completion of SEND_START, but before SEND_FINISH, the source VMM can issue the SEND_CANCEL command to stop a migration. This is necessary so that a cancelled migration can restart with a new target later.h]hAfter completion of SEND_START, but before SEND_FINISH, the source VMM can issue the SEND_CANCEL command to stop a migration. This is necessary so that a cancelled migration can restart with a new target later.}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhjshhubh)}(h)Returns: 0 on success, -negative on errorh]h)Returns: 0 on success, -negative on error}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhjshhubeh}(h]kvm-sev-send-cancelah ]h"]14. kvm_sev_send_cancelah$]h&]uh1hhjdhhhhhMubh)}(hhh](h)}(h15. KVM_SEV_RECEIVE_STARTh]h15. KVM_SEV_RECEIVE_START}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhjhhhhhMubh)}(hThe KVM_SEV_RECEIVE_START command is used for creating the memory encryption context for an incoming SEV guest. To create the encryption context, the user must provide a guest policy, the platform public Diffie-Hellman (PDH) key and session information.h]hThe KVM_SEV_RECEIVE_START command is used for creating the memory encryption context for an incoming SEV guest. To create the encryption context, the user must provide a guest policy, the platform public Diffie-Hellman (PDH) key and session information.}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhjhhubh)}(h2Parameters: struct kvm_sev_receive_start (in/out)h]h2Parameters: struct kvm_sev_receive_start (in/out)}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhjhhubh)}(h)Returns: 0 on success, -negative on errorh]h)Returns: 0 on success, -negative on error}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhjhhubj)}(hXstruct kvm_sev_receive_start { __u32 handle; /* if zero then firmware creates a new handle */ __u32 policy; /* guest's policy */ __u64 pdh_uaddr; /* userspace address pointing to the PDH key */ __u32 pdh_len; __u64 session_uaddr; /* userspace address which points to the guest session information */ __u32 session_len; };h]hXstruct kvm_sev_receive_start { __u32 handle; /* if zero then firmware creates a new handle */ __u32 policy; /* guest's policy */ __u64 pdh_uaddr; /* userspace address pointing to the PDH key */ __u32 pdh_len; __u64 session_uaddr; /* userspace address which points to the guest session information */ __u32 session_len; };}hjsbah}(h]h ]h"]h$]h&]hhuh1jhhhMhjhhubh)}(hTOn success, the 'handle' field contains a new handle and on error, a negative value.h]hXOn success, the ‘handle’ field contains a new handle and on error, a negative value.}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhjhhubh)}(h,For more details, see SEV spec Section 6.12.h]h,For more details, see SEV spec Section 6.12.}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhjhhubeh}(h]kvm-sev-receive-startah ]h"]15. kvm_sev_receive_startah$]h&]uh1hhjdhhhhhMubh)}(hhh](h)}(h16. KVM_SEV_RECEIVE_UPDATE_DATAh]h16. KVM_SEV_RECEIVE_UPDATE_DATA}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1hhj hhhhhMubh)}(hThe KVM_SEV_RECEIVE_UPDATE_DATA command can be used by the hypervisor to copy the incoming buffers into the guest memory region with encryption context created during the KVM_SEV_RECEIVE_START.h]hThe KVM_SEV_RECEIVE_UPDATE_DATA command can be used by the hypervisor to copy the incoming buffers into the guest memory region with encryption context created during the KVM_SEV_RECEIVE_START.}(hj& hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhj hhubh)}(h3Parameters (in): struct kvm_sev_receive_update_datah]h3Parameters (in): struct kvm_sev_receive_update_data}(hj4 hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhj hhubh)}(h)Returns: 0 on success, -negative on errorh]h)Returns: 0 on success, -negative on error}(hjB hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhj hhubj)}(hXastruct kvm_sev_launch_receive_update_data { __u64 hdr_uaddr; /* userspace address containing the packet header */ __u32 hdr_len; __u64 guest_uaddr; /* the destination guest memory region */ __u32 guest_len; __u64 trans_uaddr; /* the incoming buffer memory region */ __u32 trans_len; };h]hXastruct kvm_sev_launch_receive_update_data { __u64 hdr_uaddr; /* userspace address containing the packet header */ __u32 hdr_len; __u64 guest_uaddr; /* the destination guest memory region */ __u32 guest_len; __u64 trans_uaddr; /* the incoming buffer memory region */ __u32 trans_len; };}hjP sbah}(h]h ]h"]h$]h&]hhuh1jhhhMhj hhubeh}(h]kvm-sev-receive-update-dataah ]h"]16. kvm_sev_receive_update_dataah$]h&]uh1hhjdhhhhhMubh)}(hhh](h)}(h17. KVM_SEV_RECEIVE_FINISHh]h17. KVM_SEV_RECEIVE_FINISH}(hji hhhNhNubah}(h]h ]h"]h$]h&]uh1hhjf hhhhhMubh)}(hAfter completion of the migration flow, the KVM_SEV_RECEIVE_FINISH command can be issued by the hypervisor to make the guest ready for execution.h]hAfter completion of the migration flow, the KVM_SEV_RECEIVE_FINISH command can be issued by the hypervisor to make the guest ready for execution.}(hjw hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhjf hhubh)}(h)Returns: 0 on success, -negative on errorh]h)Returns: 0 on success, -negative on error}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhjf hhubeh}(h]kvm-sev-receive-finishah ]h"]17. kvm_sev_receive_finishah$]h&]uh1hhjdhhhhhMubh)}(hhh](h)}(h18. KVM_SEV_SNP_LAUNCH_STARTh]h18. KVM_SEV_SNP_LAUNCH_START}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1hhj hhhhhMubh)}(hThe KVM_SNP_LAUNCH_START command is used for creating the memory encryption context for the SEV-SNP guest. It must be called prior to issuing KVM_SEV_SNP_LAUNCH_UPDATE or KVM_SEV_SNP_LAUNCH_FINISH;h]hThe KVM_SNP_LAUNCH_START command is used for creating the memory encryption context for the SEV-SNP guest. It must be called prior to issuing KVM_SEV_SNP_LAUNCH_UPDATE or KVM_SEV_SNP_LAUNCH_FINISH;}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhj hhubh)}(h1Parameters (in): struct kvm_sev_snp_launch_starth]h1Parameters (in): struct kvm_sev_snp_launch_start}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhj hhubh)}(h)Returns: 0 on success, -negative on errorh]h)Returns: 0 on success, -negative on error}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhj hhubj)}(hXstruct kvm_sev_snp_launch_start { __u64 policy; /* Guest policy to use. */ __u8 gosvw[16]; /* Guest OS visible workarounds. */ __u16 flags; /* Must be zero. */ __u8 pad0[6]; __u64 pad1[4]; };h]hXstruct kvm_sev_snp_launch_start { __u64 policy; /* Guest policy to use. */ __u8 gosvw[16]; /* Guest OS visible workarounds. */ __u16 flags; /* Must be zero. */ __u8 pad0[6]; __u64 pad1[4]; };}hj sbah}(h]h ]h"]h$]h&]hhuh1jhhhMhj hhubh)}(hSee SNP_LAUNCH_START in the SEV-SNP specification [snp-fw-abi]_ for further details on the input parameters in ``struct kvm_sev_snp_launch_start``.h](h2See SNP_LAUNCH_START in the SEV-SNP specification }(hj hhhNhNubh)}(h snp-fw-abih]hinline)}(hj h]h [snp-fw-abi]}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1j hj ubah}(h]id1ah ]h"]h$]h&] refdomaincitationreftyperef reftargetj refwarnsupport_smartquotesuh1hhhhMhj hhubh0 for further details on the input parameters in }(hj hhhNhNubj~)}(h#``struct kvm_sev_snp_launch_start``h]hstruct kvm_sev_snp_launch_start}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1j}hj ubh.}(hj hhhNhNubeh}(h]h ]h"]h$]h&]uh1hhhhMhj hhubeh}(h]kvm-sev-snp-launch-startah ]h"]18. kvm_sev_snp_launch_startah$]h&]uh1hhjdhhhhhMubh)}(hhh](h)}(h19. KVM_SEV_SNP_LAUNCH_UPDATEh]h19. KVM_SEV_SNP_LAUNCH_UPDATE}(hj4 hhhNhNubah}(h]h ]h"]h$]h&]uh1hhj1 hhhhhMubh)}(hXThe KVM_SEV_SNP_LAUNCH_UPDATE command is used for loading userspace-provided data into a guest GPA range, measuring the contents into the SNP guest context created by KVM_SEV_SNP_LAUNCH_START, and then encrypting/validating that GPA range so that it will be immediately readable using the encryption key associated with the guest context once it is booted, after which point it can attest the measurement associated with its context before unlocking any secrets.h]hXThe KVM_SEV_SNP_LAUNCH_UPDATE command is used for loading userspace-provided data into a guest GPA range, measuring the contents into the SNP guest context created by KVM_SEV_SNP_LAUNCH_START, and then encrypting/validating that GPA range so that it will be immediately readable using the encryption key associated with the guest context once it is booted, after which point it can attest the measurement associated with its context before unlocking any secrets.}(hjB hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhj1 hhubh)}(hIt is required that the GPA ranges initialized by this command have had the KVM_MEMORY_ATTRIBUTE_PRIVATE attribute set in advance. See the documentation for KVM_SET_MEMORY_ATTRIBUTES for more details on this aspect.h]hIt is required that the GPA ranges initialized by this command have had the KVM_MEMORY_ATTRIBUTE_PRIVATE attribute set in advance. See the documentation for KVM_SET_MEMORY_ATTRIBUTES for more details on this aspect.}(hjP hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhj1 hhubh)}(hXUpon success, this command is not guaranteed to have processed the entire range requested. Instead, the ``gfn_start``, ``uaddr``, and ``len`` fields of ``struct kvm_sev_snp_launch_update`` will be updated to correspond to the remaining range that has yet to be processed. The caller should continue calling this command until those fields indicate the entire range has been processed, e.g. ``len`` is 0, ``gfn_start`` is equal to the last GFN in the range plus 1, and ``uaddr`` is the last byte of the userspace-provided source buffer address plus 1. In the case where ``type`` is KVM_SEV_SNP_PAGE_TYPE_ZERO, ``uaddr`` will be ignored completely.h](hhUpon success, this command is not guaranteed to have processed the entire range requested. Instead, the }(hj^ hhhNhNubj~)}(h ``gfn_start``h]h gfn_start}(hjf hhhNhNubah}(h]h ]h"]h$]h&]uh1j}hj^ ubh, }(hj^ hhhNhNubj~)}(h ``uaddr``h]huaddr}(hjx hhhNhNubah}(h]h ]h"]h$]h&]uh1j}hj^ ubh, and }(hj^ hhhNhNubj~)}(h``len``h]hlen}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1j}hj^ ubh fields of }(hj^ hhhNhNubj~)}(h$``struct kvm_sev_snp_launch_update``h]h struct kvm_sev_snp_launch_update}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1j}hj^ ubh will be updated to correspond to the remaining range that has yet to be processed. The caller should continue calling this command until those fields indicate the entire range has been processed, e.g. }(hj^ hhhNhNubj~)}(h``len``h]hlen}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1j}hj^ ubh is 0, }(hj^ hhhNhNubj~)}(h ``gfn_start``h]h gfn_start}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1j}hj^ ubh3 is equal to the last GFN in the range plus 1, and }(hj^ hhhNhNubj~)}(h ``uaddr``h]huaddr}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1j}hj^ ubh\ is the last byte of the userspace-provided source buffer address plus 1. In the case where }(hj^ hhhNhNubj~)}(h``type``h]htype}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1j}hj^ ubh is KVM_SEV_SNP_PAGE_TYPE_ZERO, }(hj^ hhhNhNubj~)}(h ``uaddr``h]huaddr}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1j}hj^ ubh will be ignored completely.}(hj^ hhhNhNubeh}(h]h ]h"]h$]h&]uh1hhhhMhj1 hhubh)}(h2Parameters (in): struct kvm_sev_snp_launch_updateh]h2Parameters (in): struct kvm_sev_snp_launch_update}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhj1 hhubh)}(hCReturns: 0 on success, < 0 on error, -EAGAIN if caller should retryh]hCReturns: 0 on success, < 0 on error, -EAGAIN if caller should retry}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhj1 hhubj)}(hXstruct kvm_sev_snp_launch_update { __u64 gfn_start; /* Guest page number to load/encrypt data into. */ __u64 uaddr; /* Userspace address of data to be loaded/encrypted. */ __u64 len; /* 4k-aligned length in bytes to copy into guest memory.*/ __u8 type; /* The type of the guest pages being initialized. */ __u8 pad0; __u16 flags; /* Must be zero. */ __u32 pad1; __u64 pad2[4]; };h]hXstruct kvm_sev_snp_launch_update { __u64 gfn_start; /* Guest page number to load/encrypt data into. */ __u64 uaddr; /* Userspace address of data to be loaded/encrypted. */ __u64 len; /* 4k-aligned length in bytes to copy into guest memory.*/ __u8 type; /* The type of the guest pages being initialized. */ __u8 pad0; __u16 flags; /* Must be zero. */ __u32 pad1; __u64 pad2[4]; };}hj* sbah}(h]h ]h"]h$]h&]hhuh1jhhhM hj1 hhubh)}(h9where the allowed values for page_type are #define'd as::h]h:where the allowed values for page_type are #define’d as:}(hj8 hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMhj1 hhubj)}(hKVM_SEV_SNP_PAGE_TYPE_NORMAL KVM_SEV_SNP_PAGE_TYPE_ZERO KVM_SEV_SNP_PAGE_TYPE_UNMEASURED KVM_SEV_SNP_PAGE_TYPE_SECRETS KVM_SEV_SNP_PAGE_TYPE_CPUIDh]hKVM_SEV_SNP_PAGE_TYPE_NORMAL KVM_SEV_SNP_PAGE_TYPE_ZERO KVM_SEV_SNP_PAGE_TYPE_UNMEASURED KVM_SEV_SNP_PAGE_TYPE_SECRETS KVM_SEV_SNP_PAGE_TYPE_CPUID}hjF sbah}(h]h ]h"]h$]h&]hhuh1jhhhMhj1 hhubh)}(h^See the SEV-SNP spec [snp-fw-abi]_ for further details on how each page type is used/measured.h](hSee the SEV-SNP spec }(hjT hhhNhNubh)}(h snp-fw-abih]j )}(hj^ h]h [snp-fw-abi]}(hj` hhhNhNubah}(h]h ]h"]h$]h&]uh1j hj\ ubah}(h]id2ah ]h"]h$]h&] refdomainj reftypej reftargetj^ refwarnsupport_smartquotesuh1hhhhM hjT hhubh< for further details on how each page type is used/measured.}(hjT hhhNhNubeh}(h]h ]h"]h$]h&]uh1hhhhM hj1 hhubeh}(h]kvm-sev-snp-launch-updateah ]h"]19. kvm_sev_snp_launch_updateah$]h&]uh1hhjdhhhhhMubh)}(hhh](h)}(h20. KVM_SEV_SNP_LAUNCH_FINISHh]h20. KVM_SEV_SNP_LAUNCH_FINISH}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1hhj hhhhhM$ubh)}(hAfter completion of the SNP guest launch flow, the KVM_SEV_SNP_LAUNCH_FINISH command can be issued to make the guest ready for execution.h]hAfter completion of the SNP guest launch flow, the KVM_SEV_SNP_LAUNCH_FINISH command can be issued to make the guest ready for execution.}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhM&hj hhubh)}(h1Parameters (in): struct kvm_sev_snp_launch_finishh]h1Parameters (in): struct kvm_sev_snp_launch_finish}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhM)hj hhubh)}(h)Returns: 0 on success, -negative on errorh]h)Returns: 0 on success, -negative on error}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhM+hj hhubj)}(hX4struct kvm_sev_snp_launch_finish { __u64 id_block_uaddr; __u64 id_auth_uaddr; __u8 id_block_en; __u8 auth_key_en; __u8 vcek_disabled; __u8 host_data[32]; __u8 pad0[3]; __u16 flags; /* Must be zero */ __u64 pad1[4]; };h]hX4struct kvm_sev_snp_launch_finish { __u64 id_block_uaddr; __u64 id_auth_uaddr; __u8 id_block_en; __u8 auth_key_en; __u8 vcek_disabled; __u8 host_data[32]; __u8 pad0[3]; __u16 flags; /* Must be zero */ __u64 pad1[4]; };}hj sbah}(h]h ]h"]h$]h&]hhuh1jhhhM/hj hhubh)}(hSee SNP_LAUNCH_FINISH in the SEV-SNP specification [snp-fw-abi]_ for further details on the input parameters in ``struct kvm_sev_snp_launch_finish``.h](h3See SNP_LAUNCH_FINISH in the SEV-SNP specification }(hj hhhNhNubh)}(h snp-fw-abih]j )}(hj h]h [snp-fw-abi]}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1j hj ubah}(h]id3ah ]h"]h$]h&] refdomainj reftypej reftargetj refwarnsupport_smartquotesuh1hhhhM<hj hhubh0 for further details on the input parameters in }(hj hhhNhNubj~)}(h$``struct kvm_sev_snp_launch_finish``h]h struct kvm_sev_snp_launch_finish}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1j}hj ubh.}(hj hhhNhNubeh}(h]h ]h"]h$]h&]uh1hhhhM<hj hhubeh}(h]kvm-sev-snp-launch-finishah ]h"]20. kvm_sev_snp_launch_finishah$]h&]uh1hhjdhhhhhM$ubeh}(h]the-kvm-memory-encrypt-op-ioctlah ]h"]the kvm_memory_encrypt_op ioctlah$]h&]uh1hhhhhhhhK2ubh)}(hhh](h)}(hDevice attribute APIh]hDevice attribute API}(hj( hhhNhNubah}(h]h ]h"]h$]h&]uh1hhj% hhhhhM@ubh)}(hAttributes of the SEV implementation can be retrieved through the ``KVM_HAS_DEVICE_ATTR`` and ``KVM_GET_DEVICE_ATTR`` ioctls on the ``/dev/kvm`` device node, using group ``KVM_X86_GRP_SEV``.h](hBAttributes of the SEV implementation can be retrieved through the }(hj6 hhhNhNubj~)}(h``KVM_HAS_DEVICE_ATTR``h]hKVM_HAS_DEVICE_ATTR}(hj> hhhNhNubah}(h]h ]h"]h$]h&]uh1j}hj6 ubh and }(hj6 hhhNhNubj~)}(h``KVM_GET_DEVICE_ATTR``h]hKVM_GET_DEVICE_ATTR}(hjP hhhNhNubah}(h]h ]h"]h$]h&]uh1j}hj6 ubh ioctls on the }(hj6 hhhNhNubj~)}(h ``/dev/kvm``h]h/dev/kvm}(hjb hhhNhNubah}(h]h ]h"]h$]h&]uh1j}hj6 ubh device node, using group }(hj6 hhhNhNubj~)}(h``KVM_X86_GRP_SEV``h]hKVM_X86_GRP_SEV}(hjt hhhNhNubah}(h]h ]h"]h$]h&]uh1j}hj6 ubh.}(hj6 hhhNhNubeh}(h]h ]h"]h$]h&]uh1hhhhMBhj% hhubh)}(h,Currently only one attribute is implemented:h]h,Currently only one attribute is implemented:}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1hhhhMFhj% hhubjE)}(hhh]jJ)}(h{``KVM_X86_SEV_VMSA_FEATURES``: return the set of all bits that are accepted in the ``vmsa_features`` of ``KVM_SEV_INIT2``. h]h)}(hz``KVM_X86_SEV_VMSA_FEATURES``: return the set of all bits that are accepted in the ``vmsa_features`` of ``KVM_SEV_INIT2``.h](j~)}(h``KVM_X86_SEV_VMSA_FEATURES``h]hKVM_X86_SEV_VMSA_FEATURES}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1j}hj ubh6: return the set of all bits that are accepted in the }(hj hhhNhNubj~)}(h``vmsa_features``h]h vmsa_features}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1j}hj ubh of }(hj hhhNhNubj~)}(h``KVM_SEV_INIT2``h]h KVM_SEV_INIT2}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1j}hj ubh.}(hj hhhNhNubeh}(h]h ]h"]h$]h&]uh1hhhhMHhj ubah}(h]h ]h"]h$]h&]uh1jIhj hhhhhNubah}(h]h ]h"]h$]h&]jjuh1jDhhhMHhj% hhubeh}(h]device-attribute-apiah ]h"]device attribute apiah$]h&]uh1hhhhhhhhM@ubh)}(hhh](h)}(hFirmware Managementh]hFirmware Management}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1hhj hhhhhMLubh)}(hXqThe SEV guest key management is handled by a separate processor called the AMD Secure Processor (AMD-SP). Firmware running inside the AMD-SP provides a secure key management interface to perform common hypervisor activities such as encrypting bootstrap code, snapshot, migrating and debugging the guest. For more information, see the SEV Key Management spec [api-spec]_h](hXfThe SEV guest key management is handled by a separate processor called the AMD Secure Processor (AMD-SP). Firmware running inside the AMD-SP provides a secure key management interface to perform common hypervisor activities such as encrypting bootstrap code, snapshot, migrating and debugging the guest. For more information, see the SEV Key Management spec }(hj hhhNhNubh)}(hapi-spech]j )}(hj h]h [api-spec]}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1j hj ubah}(h]id4ah ]h"]h$]h&] refdomainj reftypej reftargetj refwarnsupport_smartquotesuh1hhhhMNhj hhubeh}(h]h ]h"]h$]h&]uh1hhhhMNhj hhubh)}(hXOThe AMD-SP firmware can be initialized either by using its own non-volatile storage or the OS can manage the NV storage for the firmware using parameter ``init_ex_path`` of the ``ccp`` module. If the file specified by ``init_ex_path`` does not exist or is invalid, the OS will create or override the file with PSP non-volatile storage.h](hThe AMD-SP firmware can be initialized either by using its own non-volatile storage or the OS can manage the NV storage for the firmware using parameter }(hj1 hhhNhNubj~)}(h``init_ex_path``h]h init_ex_path}(hj9 hhhNhNubah}(h]h ]h"]h$]h&]uh1j}hj1 ubh of the }(hj1 hhhNhNubj~)}(h``ccp``h]hccp}(hjK hhhNhNubah}(h]h ]h"]h$]h&]uh1j}hj1 ubh" module. If the file specified by }(hj1 hhhNhNubj~)}(h``init_ex_path``h]h init_ex_path}(hj] hhhNhNubah}(%h]h ]h"]h$]h&]uh1j}hj1 ubhe does not exist or is invalid, the OS will create or override the file with PSP non-volatile storage.}(hj1 hhhNhNubeh}(h]h ]h"]h$]h&]uh1hhhhMThj hhubeh}(h]firmware-managementah ]h"]firmware managementah$]h&]uh1hhhhhhhhMLubh)}(hhh](h)}(h Referencesh]h References}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1hhj} hhhhhM[ubh)}(h[See [white-paper]_, [api-spec]_, [amd-apm]_, [kvm-forum]_, and [snp-fw-abi]_ for more info.h](hSee }(hj hhhNhNubh)}(h white-paperh]j )}(hj h]h [white-paper]}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1j hj ubah}(h]id5ah ]h"]h$]h&] refdomainj reftypej reftargetj refwarnsupport_smartquotesuh1hhhhM^hj hhubh, }(hj hhhNhNubh)}(hapi-spech]j )}(hj h]h [api-spec]}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1j hj ubah}(h]id6ah ]h"]h$]h&] refdomainj reftypej reftargetj refwarnsupport_smartquotesuh1hhhhM^hj hhubh, }hj sbh)}(hamd-apmh]j )}(hj h]h [amd-apm]}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1j hj ubah}(h]id7ah ]h"]h$]h&] refdomainj reftypej reftargetj refwarnsupport_smartquotesuh1hhhhM^hj hhubh, }hj sbh)}(h kvm-forumh]j )}(hj h]h [kvm-forum]}(hj hhhNhNubah}(h]h ]h"]h$]h&]uh1j hj ubah}(h]id8ah ]h"]h$]h&] refdomainj reftypej reftargetj refwarnsupport_smartquotesuh1hhhhM^hj hhubh, and }(hj hhhNhNubh)}(h snp-fw-abih]j )}(hjh]h [snp-fw-abi]}(hjhhhNhNubah}(h]h ]h"]h$]h&]uh1j hjubah}(h]id9ah ]h"]h$]h&] refdomainj reftypej reftargetjrefwarnsupport_smartquotesuh1hhhhM^hj hhubh for more info.}(hj hhhNhNubeh}(h]h ]h"]h$]h&]uh1hhhhM^hj} hhubhj )}(h`https://developer.amd.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdfh](hlabel)}(h white-paperh]h white-paper}(hjHhhhNhNubah}(h]h ]h"]h$]h&]support_smartquotesuh1jFhjBubh)}(hjDh]h reference)}(hjDh]h`https://developer.amd.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf}(hj\hhhNhNubah}(h]h ]h"]h$]h&]refurijDuh1jZhjWubah}(h]h ]h"]h$]h&]uh1hhhhMahjBubeh}(h] white-paperah ]h"] white-paperah$]h&]j adocname"virt/kvm/x86/amd-memory-encryptionuh1j hhhMahj} hhresolvedKubjA)}(hChttps://support.amd.com/TechDocs/55766_SEV-KM_API_Specification.pdfh](jG)}(hapi-spech]hapi-spec}(hjhhhNhNubah}(h]h ]h"]h$]h&]jVuh1jFhj{ubh)}(hj}h]j[)}(hj}h]hChttps://support.amd.com/TechDocs/55766_SEV-KM_API_Specification.pdf}(hjhhhNhNubah}(h]h ]h"]h$]h&]refurij}uh1jZhjubah}(h]h ]h"]h$]h&]uh1hhhhMbhj{ubeh}(h]api-specah ]h"]api-specah$]h&](j! j ejxjyuh1j hhhMbhj} hhjzKubjA)}(h:https://support.amd.com/TechDocs/24593.pdf (section 15.34)h](jG)}(hamd-apmh]hamd-apm}(hjhhhNhNubah}(h]h ]h"]h$]h&]jVuh1jFhjubh)}(hjh](j[)}(h*https://support.amd.com/TechDocs/24593.pdfh]h*https://support.amd.com/TechDocs/24593.pdf}(hjhhhNhNubah}(h]h ]h"]h$]h&]refurijuh1jZhjubh (section 15.34)}(hjhhhNhNubeh}(h]h ]h"]h$]h&]uh1hhhhMchjubeh}(h]amd-apmah ]h"]amd-apmah$]h&]j ajxjyuh1j hhhMchj} hhjzKubjA)}(hqhttps://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtualizatoin_Memory_Encryption_Technology.pdfh](jG)}(h kvm-forumh]h kvm-forum}(hjhhhNhNubah}(h]h ]h"]h$]h&]jVuh1jFhjubh)}(hjh]j[)}(hjh]hqhttps://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtualizatoin_Memory_Encryption_Technology.pdf}(hjhhhNhNubah}(h]h ]h"]h$]h&]refurijuh1jZhjubah}(h]h ]h"]h$]h&]uh1hhhhMdhjubeh}(h] kvm-forumah ]h"] kvm-forumah$]h&]j ajxjyuh1j hhhMdhj} hhjzKubjA)}(h3https://www.amd.com/system/files/TechDocs/56860.pdfh](jG)}(h snp-fw-abih]h snp-fw-abi}(hjhhhNhNubah}(h]h ]h"]h$]h&]jVuh1jFhjubh)}(hjh]j[)}(hjh]h3https://www.amd.com/system/files/TechDocs/56860.pdf}(hj(hhhNhNubah}(h]h ]h"]h$]h&]refurijuh1jZhj%ubah}(h]h ]h"]h$]h&]uh1hhhhMehjubeh}(h] snp-fw-abiah ]h"] snp-fw-abiah$]h&](j jo j j-ejxjyuh1j hhhMehj} hhjzKubeh}(h] referencesah ]h"] referencesah$]h&]uh1hhhhhhhhM[ubeh}(h]#secure-encrypted-virtualization-sevah ]h"]%secure encrypted virtualization (sev)ah$]h&]uh1hhhhhhhhKubeh}(h]h ]h"]h$]h&]sourcehuh1hcurrent_sourceN current_lineNsettingsdocutils.frontendValues)}(hN generatorN datestampN source_linkN source_urlN toc_backlinksentryfootnote_backlinksK sectnum_xformKstrip_commentsNstrip_elements_with_classesN strip_classesN report_levelK halt_levelKexit_status_levelKdebugNwarning_streamN tracebackinput_encoding utf-8-siginput_encoding_error_handlerstrictoutput_encodingutf-8output_encoding_error_handlerjwerror_encodingutf-8error_encoding_error_handlerbackslashreplace language_codeenrecord_dependenciesNconfigN id_prefixhauto_id_prefixid dump_settingsNdump_internalsNdump_transformsNdump_pseudo_xmlNexpose_internalsNstrict_visitorN_disable_configN_sourceh _destinationN _config_files]7/var/lib/git/docbuild/linux/Documentation/docutils.confafile_insertion_enabled raw_enabledKline_length_limitM'pep_referencesN pep_base_urlhttps://peps.python.org/pep_file_url_templatepep-%04drfc_referencesN rfc_base_url&https://datatracker.ietf.org/doc/html/ tab_widthKtrim_footnote_reference_spacesyntax_highlightlong smart_quotessmartquotes_locales]character_level_inline_markupdoctitle_xform docinfo_xformKsectsubtitle_xform image_loadinglinkembed_stylesheetcloak_email_addressessection_self_linkenvNubreporterNindirect_targets]substitution_defs}substitution_names}refnames}( snp-fw-abi](hcitation_reference)}(h [snp-fw-abi]_h]h snp-fw-abi}hjsbah}(h]j ah ]h"]h$]h&]refidj>uh1jhj jzKubj)}(h [snp-fw-abi]_h]h snp-fw-abi}hjsbah}(h]jo ah ]h"]h$]h&]jj>uh1jhjT jzKubj)}(h [snp-fw-abi]_h]h snp-fw-abi}hjsbah}(h]j ah ]h"]h$]h&]jj>uh1jhj jzKubj)}(h [snp-fw-abi]_h]h snp-fw-abi}hjsbah}(h]j-ah ]h"]h$]h&]jj>uh1jhj jzKubeapi-spec](j)}(h [api-spec]_h]hapi-spec}hjsbah}(h]j! ah ]h"]h$]h&]jjuh1jhj jzKubj)}(h [api-spec]_h]hapi-spec}hjsbah}(h]j ah ]h"]h$]h&]jjuh1jhj jzKube white-paper]j)}(h[white-paper]_h]h white-paper}hjsbah}(h]j ah ]h"]h$]h&]jjruh1jhj jzKubaamd-apm]j)}(h [amd-apm]_h]hamd-apm}hj$sbah}(h]j ah ]h"]h$]h&]jjuh1jhj jzKuba kvm-forum]j)}(h [kvm-forum]_h]h kvm-forum}hj4sbah}(h]j ah ]h"]h$]h&]jj uh1jhj jzKubaurefids}nameids}(jQjNjaj^j" j jjjjjjjmjjjjjj jnjkjjjjj}jzjjj;j8jpjmjjj j jc j` j j j. j+ j j j j j j jz jw jIjFjujrjjjjjj jAj>u nametypes}(jQjaj" jjjjmjjjnjjj}jj;jpjj jc j j. j j j jz jIjujjjjAuh}(jNhj^hj jdjjMjjjjjjjjjpj jjkjjjqjjjzj!jjj8jjmj>jjsj jj` j j jf j+ j j jj j1 jo jj j j jj j% jw j j! jjFj} j jj jj j$j j4j-jjrjBjj{jjj jj>ju footnote_refs} citation_refs}(j](jjjjej](jjej]jaj"]j$aj2]j4au autofootnotes]autofootnote_refs]symbol_footnotes]symbol_footnote_refs] footnotes] citations](jBj{jjjeautofootnote_startKsymbol_footnote_startK id_counter collectionsCounter}jK sRparse_messages]transform_messages] transformerN include_log] decorationNhhub.