docs/interop: Extend firmware schema for SVSM

[PATCH 0/3] docs/interop: Extend firmware schema for SVSM

Oliver Steffen posted 3 patches 1 day, 23 hours ago

Download series mbox

Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20260123083204.999920-1-osteffen@redhat.com

Maintainers: "Philippe Mathieu-Daudé" <philmd@linaro.org>, "Daniel P. Berrangé" <berrange@redhat.com>, Kashyap Chamarthy <kchamart@redhat.com>

docs/interop/firmware.json | 94 ++++++++++++++++++++++++++++++++++++--
1 file changed, 91 insertions(+), 3 deletions(-)

Expand all Fold all

[PATCH 0/3] docs/interop: Extend firmware schema for SVSM

Posted by Oliver Steffen 1 day, 23 hours ago

Extend the firmware metadata JSON schema to support Secure VM Service Module
(SVSM) firmware images. Parts of these changes can be useful for describing
other (confidential) firmware types as well.

This series adds:
- An entry in the FirmwareFeature enum indicating a virtual (emulated) TPM
  devices offered by the firmware (Coconut SVSM provides one)
- An entry in the FirmwareOSInterface enum indicating support of the
  SVSM guest interface
- A new top-level array to store associated digest values
- Add structures to describe AMD SEV-SNP launch digests.

For attesting a confidential virtual machine, the verifier needs to know the
expected launch digest. This new format allows us to add this information to a
metadata file and include it in distribution packages of confidential firmware
images.

Oliver Steffen (3):
  docs/interop: Add vtpm feature firmware.json
  docs/interop: Add AMD SEV-SNP SVSM interface to firmware.json
  docs/interop: Add firmware digests to schema

 docs/interop/firmware.json | 94 ++++++++++++++++++++++++++++++++++++--
 1 file changed, 91 insertions(+), 3 deletions(-)

-- 
2.52.0