[adding Daniel to CC] On Tue, Aug 05, 2025 at 05:17:14AM -0700, Andrea Bolognani wrote:
On Tue, Aug 05, 2025 at 12:56:56PM +0200, Gerd Hoffmann wrote:
Assuming that
* the need to use -bios for SEV-SNP is intended;
Yes. SEV-SNP (and TDX too) are by design incompatible with pflash emulation. Both do not allow the host change guest memory layout after launch, and pflash needs to do that to switch between reading mode and programming mode.
Thanks for providing the additional insight.
* pflash still needs to be used for SEV (-ES?);
You can use pflash with SEV + SEV-ES. It makes sense to do that if you want use a persistent variable store in pflash. Otherwise it doesn't make much of a difference whenever you use -bios or read-only pflash for the firmware.
The current descriptor uses mode=stateless so there is not going to be a persistent variable store.
then I think that we need to have the edk2 package ship two separate descriptors pointing to the same file, one containing
{ "mapping": { "device": "flash", "mode": "stateless", "executable": { "filename": "/usr/share/edk2/ovmf/OVMF.amdsev.fd", "format": "raw" } }, "features": [ "amd-sev", "amd-sev-es" ] }
for SEV(-ES) and one containing
{ "mapping": { "device": "memory", "filename": "/usr/share/edk2/ovmf/OVMF.amdsev.fd" }, "features": [ "amd-sev-snp" ] }
for SEV-SNP.
That should work. Using device=memory for all three amd-sev* variants should work too I think.
Daniel suggested that elsewhere in the thread and of course it's an appealing proposition, as it would keep complexity down and unify handling across CVM use cases.
However I wonder if changing things would break migration for existing SEV(-ES) guests. I think it would be fine since the current pflash-based configuration would be transmitted as part of the migration XML, so they will simply keep using that.
If I'm right about the above, then I agree that we should just switch the existing SEV descriptor to device=memory.
-- Andrea Bolognani / Red Hat / Virtualization