| Message ID | 20220930091833.1648504-1-kraxel@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | docs: add firmware feature flags | expand |
On Fri, Sep 30, 2022 at 11:18:33AM +0200, Gerd Hoffmann wrote: > Add new firmware feature flags for the recently added confidential > computing operating modes by amd and intel. > > Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> > --- > docs/interop/firmware.json | 17 ++++++++++++++--- > 1 file changed, 14 insertions(+), 3 deletions(-) > > diff --git a/docs/interop/firmware.json b/docs/interop/firmware.json > index 4e049b1c7ca0..657082b78b83 100644 > --- a/docs/interop/firmware.json > +++ b/docs/interop/firmware.json > @@ -121,6 +121,15 @@ > # related to this feature are documented in > # "docs/amd-memory-encryption.txt". Nit: This is pre-existing, but the location and the file format of the above file seems to have changed; it's now at: ./system/i386/amd-memory-encryption.rst Cornelia rSTified that doc in this[1] commit. [1] 96a46def58 (docs: rstfy confidential guest documentation, 2022-02-09) > # > +# @amd-sev-snp: The firmware supports running under AMD Secure Encrypted > +# Virtualization - Secure Nested Paging, as specified in the > +# AMD64 Architecture Programmer's Manual. QEMU command line > +# options related to this feature are documented in > +# "docs/amd-memory-encryption.txt". Here too: ./system/i386/amd-memory-encryption.rst > +# > +# @intel-tdx: The firmware supports running under Intel Trust Domain > +# Extensions (TDX). > +# > # @enrolled-keys: The variable store (NVRAM) template associated with > # the firmware binary has the UEFI Secure Boot > # operational mode turned on, with certificates > @@ -185,9 +194,11 @@ > # Since: 3.0 > ## > { 'enum' : 'FirmwareFeature', > - 'data' : [ 'acpi-s3', 'acpi-s4', 'amd-sev', 'amd-sev-es', 'enrolled-keys', > - 'requires-smm', 'secure-boot', 'verbose-dynamic', > - 'verbose-static' ] } > + 'data' : [ 'acpi-s3', 'acpi-s4', > + 'amd-sev', 'amd-sev-es', 'amd-sev-snp', > + 'intel-tdx', > + 'enrolled-keys', 'requires-smm', 'secure-boot', > + 'verbose-dynamic', 'verbose-static' ] } With the above tiny nits fixed: Reviewed-by: Kashyap Chamarthy <kchamart@redhat.com> > ## > # @FirmwareFlashFile: > -- > 2.37.3 >
diff --git a/docs/interop/firmware.json b/docs/interop/firmware.json index 4e049b1c7ca0..657082b78b83 100644 --- a/docs/interop/firmware.json +++ b/docs/interop/firmware.json @@ -121,6 +121,15 @@ # related to this feature are documented in # "docs/amd-memory-encryption.txt". # +# @amd-sev-snp: The firmware supports running under AMD Secure Encrypted +# Virtualization - Secure Nested Paging, as specified in the +# AMD64 Architecture Programmer's Manual. QEMU command line +# options related to this feature are documented in +# "docs/amd-memory-encryption.txt". +# +# @intel-tdx: The firmware supports running under Intel Trust Domain +# Extensions (TDX). +# # @enrolled-keys: The variable store (NVRAM) template associated with # the firmware binary has the UEFI Secure Boot # operational mode turned on, with certificates @@ -185,9 +194,11 @@ # Since: 3.0 ## { 'enum' : 'FirmwareFeature', - 'data' : [ 'acpi-s3', 'acpi-s4', 'amd-sev', 'amd-sev-es', 'enrolled-keys', - 'requires-smm', 'secure-boot', 'verbose-dynamic', - 'verbose-static' ] } + 'data' : [ 'acpi-s3', 'acpi-s4', + 'amd-sev', 'amd-sev-es', 'amd-sev-snp', + 'intel-tdx', + 'enrolled-keys', 'requires-smm', 'secure-boot', + 'verbose-dynamic', 'verbose-static' ] } ## # @FirmwareFlashFile:
Add new firmware feature flags for the recently added confidential computing operating modes by amd and intel. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> --- docs/interop/firmware.json | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-)