On Fri, Sep 30, 2022 at 11:18:33AM +0200, Gerd Hoffmann wrote:
Add new firmware feature flags for the recently added confidential
computing operating modes by amd and intel.
Signed-off-by: Gerd Hoffmann <kraxel(a)redhat.com>
---
docs/interop/firmware.json | 17 ++++++++++++++---
1 file changed, 14 insertions(+), 3 deletions(-)
diff --git a/docs/interop/firmware.json b/docs/interop/firmware.json
index 4e049b1c7ca0..657082b78b83 100644
--- a/docs/interop/firmware.json
+++ b/docs/interop/firmware.json
@@ -121,6 +121,15 @@
# related to this feature are documented in
# "docs/amd-memory-encryption.txt".
Nit: This is pre-existing, but the location and the file format of the
above file seems to have changed; it's now at:
./system/i386/amd-memory-encryption.rst
Cornelia rSTified that doc in this[1] commit.
[1] 96a46def58 (docs: rstfy confidential guest documentation, 2022-02-09)
#
+# @amd-sev-snp: The firmware supports running under AMD Secure Encrypted
+# Virtualization - Secure Nested Paging, as specified in the
+# AMD64 Architecture Programmer's Manual. QEMU command line
+# options related to this feature are documented in
+# "docs/amd-memory-encryption.txt".
Here too: ./system/i386/amd-memory-encryption.rst
+#
+# @intel-tdx: The firmware supports running under Intel Trust Domain
+# Extensions (TDX).
+#
# @enrolled-keys: The variable store (NVRAM) template associated with
# the firmware binary has the UEFI Secure Boot
# operational mode turned on, with certificates
@@ -185,9 +194,11 @@
# Since: 3.0
##
{ 'enum' : 'FirmwareFeature',
- 'data' : [ 'acpi-s3', 'acpi-s4', 'amd-sev',
'amd-sev-es', 'enrolled-keys',
- 'requires-smm', 'secure-boot', 'verbose-dynamic',
- 'verbose-static' ] }
+ 'data' : [ 'acpi-s3', 'acpi-s4',
+ 'amd-sev', 'amd-sev-es', 'amd-sev-snp',
+ 'intel-tdx',
+ 'enrolled-keys', 'requires-smm', 'secure-boot',
+ 'verbose-dynamic', 'verbose-static' ] }
With the above tiny nits fixed:
Reviewed-by: Kashyap Chamarthy <kchamart(a)redhat.com>
##
# @FirmwareFlashFile:
--
2.37.3
--
/kashyap