diff options
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/confidential-guest-support.txt | 3 | ||||
| -rw-r--r-- | docs/papr-pef.txt | 30 |
2 files changed, 33 insertions, 0 deletions
diff --git a/docs/confidential-guest-support.txt b/docs/confidential-guest-support.txt index bd439ac800..4da4c91bd3 100644 --- a/docs/confidential-guest-support.txt +++ b/docs/confidential-guest-support.txt @@ -40,4 +40,7 @@ Currently supported confidential guest mechanisms are: AMD Secure Encrypted Virtualization (SEV) docs/amd-memory-encryption.txt +POWER Protected Execution Facility (PEF) + docs/papr-pef.txt + Other mechanisms may be supported in future. diff --git a/docs/papr-pef.txt b/docs/papr-pef.txt new file mode 100644 index 0000000000..72550e9bf8 --- /dev/null +++ b/docs/papr-pef.txt @@ -0,0 +1,30 @@ +POWER (PAPR) Protected Execution Facility (PEF) +=============================================== + +Protected Execution Facility (PEF), also known as Secure Guest support +is a feature found on IBM POWER9 and POWER10 processors. + +If a suitable firmware including an Ultravisor is installed, it adds +an extra memory protection mode to the CPU. The ultravisor manages a +pool of secure memory which cannot be accessed by the hypervisor. + +When this feature is enabled in QEMU, a guest can use ultracalls to +enter "secure mode". This transfers most of its memory to secure +memory, where it cannot be eavesdropped by a compromised hypervisor. + +Launching +--------- + +To launch a guest which will be permitted to enter PEF secure mode: + +# ${QEMU} \ + -object pef-guest,id=pef0 \ + -machine confidential-guest-support=pef0 \ + ... + +Live Migration +---------------- + +Live migration is not yet implemented for PEF guests. For +consistency, we currently prevent migration if the PEF feature is +enabled, whether or not the guest has actually entered secure mode. |