Re: [PATCH 0/1] Expose availability of SEV-ES

Monday, 19 February 2024

My understanding is that these numbers retrieves number from CPU and
do not actually represent whether SEV-ES is actually enabled in KVM.
Because libvirt checks whether SEV is actually enabled in KVM, it makes
it makes better sense to check the same for SEV-ES, IMO.

Also, this "model" approach is likely needed for SEV-SNP, which shares
the same ASID pool with SEV-ES by default. (though the implementation
is still actively updated by AMD and is not yet merged into kernel or
qemu now).

On 2/19/24 18:58, Daniel P. Berrangé wrote:
> On Mon, Feb 19, 2024 at 02:54:59PM +0900, Takashi Kajinami wrote:
>> This introduces the new "model" field in sev elements so that clients
can
>> check whether SEV-ES, the 2nd generation of AMD SEV, is available in
>> the taget hyprvisor.
> 
> Err, isn't this is already possible...
> 
>     https://libvirt.org/formatdomaincaps.html#sev-capabilities
> 
> you'll see 'maxESGuests' give a non-zero number of SEV-ES is possible
> on a host.
> 
> With regards,
> Daniel

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Re: [PATCH 0/1] Expose availability of SEV-ES