git.ipfire.org Git - thirdparty/libvirt.git/commit

author	Brijesh Singh <brijesh.singh@amd.com>
	Fri, 8 Jun 2018 14:40:56 +0000 (09:40 -0500)
committer	Erik Skultety <eskultet@redhat.com>
	Tue, 12 Jun 2018 08:00:49 +0000 (10:00 +0200)
commit	e5791a0306db65073a3edec094eab9fbae728a89
tree	299bcb474e0585f6622e7ddef0a7f0d591063051	tree
parent	6596ac4235638d5d6d49ea850b8e7f980c98a273	commit \| diff

conf: Introduce launch-security element in domain

The launch-security element can be used to define the security
model to use when launching a domain. Currently we support 'sev'.

When 'sev' is used, the VM will be launched with AMD SEV feature enabled.
SEV feature supports running encrypted VM under the control of KVM.
Encrypted VMs have their pages (code and data) secured such that only the
guest itself has access to the unencrypted version. Each encrypted VM is
associated with a unique encryption key; if its data is accessed to a
different entity using a different key the encrypted guests data will be
incorrectly decrypted, leading to unintelligible data.

Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>

docs/formatdomain.html.in		diff \| blob \| blame \| history
docs/schemas/domaincommon.rng		diff \| blob \| blame \| history
src/conf/domain_conf.c		diff \| blob \| blame \| history
src/conf/domain_conf.h		diff \| blob \| blame \| history
tests/genericxml2xmlindata/launch-security-sev.xml	[new file with mode: 0644]	blob
tests/genericxml2xmltest.c		diff \| blob \| blame \| history