Re: [RFC PATCH 0/6] Add AMD Secure Nested Paging (SEV-SNP) support

On 7/14/21 4:52 AM, Dr. David Alan Gilbert wrote: > * Brijesh Singh (brijesh.si...@amd.com) wrote: >> >> On 7/13/21 3:05 AM, Dov Murik wrote:> >>> Particularly confusing is the `policy` attribute which is only relevant >>> for SEV / SEV-ES, while there's a new `snp.policy` attribute for SNP... >>

Re: [RFC PATCH 0/6] Add AMD Secure Nested Paging (SEV-SNP) support

* Brijesh Singh (brijesh.si...@amd.com) wrote: > > > On 7/13/21 3:05 AM, Dov Murik wrote:> > > Particularly confusing is the `policy` attribute which is only relevant > > for SEV / SEV-ES, while there's a new `snp.policy` attribute for SNP... > > Maybe the irrelevant attributes should not be adde

Re: [RFC PATCH 0/6] Add AMD Secure Nested Paging (SEV-SNP) support

On 7/13/21 3:31 AM, Dr. David Alan Gilbert wrote: adding it to QMP as well (unles sit's purely for debug and may change). We have query-sev QMP, I will extend to add a new 'snp: bool' field. thanks

Re: [RFC PATCH 0/6] Add AMD Secure Nested Paging (SEV-SNP) support

On 7/13/21 3:05 AM, Dov Murik wrote:> Particularly confusing is the `policy` attribute which is only relevant for SEV / SEV-ES, while there's a new `snp.policy` attribute for SNP... Maybe the irrelevant attributes should not be added to the tree when not in SNP. The policy fields are also ap

Re: [RFC PATCH 0/6] Add AMD Secure Nested Paging (SEV-SNP) support

* Dov Murik (dovmu...@linux.ibm.com) wrote: > Brijesh, > > On 10/07/2021 0:55, Brijesh Singh wrote: > > SEV-SNP builds upon existing SEV and SEV-ES functionality while adding > > new hardware-based memory protections. SEV-SNP adds strong memory integrity > > protection to help prevent malicious hy

Re: [RFC PATCH 0/6] Add AMD Secure Nested Paging (SEV-SNP) support

Brijesh, On 10/07/2021 0:55, Brijesh Singh wrote: > SEV-SNP builds upon existing SEV and SEV-ES functionality while adding > new hardware-based memory protections. SEV-SNP adds strong memory integrity > protection to help prevent malicious hypervisor-based attacks like data > replay, memory re-map

Re: [RFC PATCH 0/6] Add AMD Secure Nested Paging (SEV-SNP) support

On 7/9/21 4:55 PM, Brijesh Singh wrote: > SEV-SNP builds upon existing SEV and SEV-ES functionality while adding > new hardware-based memory protections. SEV-SNP adds strong memory integrity > protection to help prevent malicious hypervisor-based attacks like data > replay, memory re-mapping and mo

[RFC PATCH 0/6] Add AMD Secure Nested Paging (SEV-SNP) support

SEV-SNP builds upon existing SEV and SEV-ES functionality while adding new hardware-based memory protections. SEV-SNP adds strong memory integrity protection to help prevent malicious hypervisor-based attacks like data replay, memory re-mapping and more in order to create an isolated memory encrypt