git.ipfire.org Git - thirdparty/qemu.git/commit

author	Roy Hopkins <roy.hopkins@randomman.co.uk>
	Thu, 3 Jul 2025 16:02:20 +0000 (17:02 +0100)
committer	Paolo Bonzini <pbonzini@redhat.com>
	Sat, 12 Jul 2025 13:28:21 +0000 (15:28 +0200)
commit	96a3088f5ebe6854dc8fb5a547c6b1d1db60f0fa
tree	6372d8c2121a303583eac305c7eb590edb2f6953	tree
parent	596c330b19cf00384ec14d0bff25758ed204b49d	commit \| diff

backends/confidential-guest-support: Add set_guest_policy() function

For confidential guests a policy can be provided that defines the
security level, debug status, expected launch measurement and other
parameters that define the configuration of the confidential platform.

This commit adds a new function named set_guest_policy() that can be
implemented by each confidential platform, such as AMD SEV to set the
policy. This will allow configuration of the policy from a
multi-platform resource such as an IGVM file without the IGVM processor
requiring specific implementation details for each platform.

Signed-off-by: Roy Hopkins <roy.hopkins@randomman.co.uk>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Reviewed-by: Ani Sinha <anisinha@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Gerd Hoffman <kraxel@redhat.com>
Link: https://lore.kernel.org/r/d3888a2eb170c8d8c85a1c4b7e99accf3a15589c.1751554099.git.roy.hopkins@randomman.co.uk
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

backends/confidential-guest-support.c		diff \| blob \| blame \| history
include/system/confidential-guest-support.h		diff \| blob \| blame \| history