KVM: TDX: Finalize VM initialization - linux-rng - Development tree for the kernel CSPRNG

diff options

author	Isaku Yamahata <isaku.yamahata@intel.com>	2024-09-03 20:07:50 -0700
committer	Paolo Bonzini <pbonzini@redhat.com>	2025-03-14 14:20:53 -0400
commit	012426d6f59cab21f4e1ab4cc2c919fd26a04ead (patch)
tree	3bb00bc2bd89e82714bfb93cff50c0dfcde4974b /scripts/lib/kdoc/kdoc_files.py
parent	KVM: TDX: Add an ioctl to create initial guest memory (diff)
download	linux-rng-012426d6f59cab21f4e1ab4cc2c919fd26a04ead.tar.xz linux-rng-012426d6f59cab21f4e1ab4cc2c919fd26a04ead.zip

KVM: TDX: Finalize VM initialization

Add a new VM-scoped KVM_MEMORY_ENCRYPT_OP IOCTL subcommand, KVM_TDX_FINALIZE_VM, to perform TD Measurement Finalization. Documentation for the API is added in another patch: "Documentation/virt/kvm: Document on Trust Domain Extensions(TDX)" For the purpose of attestation, a measurement must be made of the TDX VM initial state. This is referred to as TD Measurement Finalization, and uses SEAMCALL TDH.MR.FINALIZE, after which: 1. The VMM adding TD private pages with arbitrary content is no longer allowed 2. The TDX VM is runnable Co-developed-by: Adrian Hunter <adrian.hunter@intel.com> Signed-off-by: Adrian Hunter <adrian.hunter@intel.com> Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com> Signed-off-by: Rick Edgecombe <rick.p.edgecombe@intel.com> Message-ID: <20240904030751.117579-21-rick.p.edgecombe@intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

Diffstat (limited to 'scripts/lib/kdoc/kdoc_files.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: