diff --git a/tools/packaging/kernel/build-kernel.sh b/tools/packaging/kernel/build-kernel.sh index aa849a7961..5b8e880d2d 100755 --- a/tools/packaging/kernel/build-kernel.sh +++ b/tools/packaging/kernel/build-kernel.sh @@ -101,7 +101,7 @@ Options: -t : Hypervisor_target. -u : Kernel URL to be used to download the kernel tarball. -v : Kernel version to use if kernel path not provided. - -x : Confidential guest protection type, such as sev and tdx + -x : Confidential guest protection type, such as sev, snp and tdx EOF exit "$exit_code" } @@ -525,7 +525,7 @@ main() { x) conf_guest="${OPTARG}" case "$conf_guest" in - sev|tdx) ;; + sev|snp|tdx) ;; *) die "Confidential guest type '$conf_guest' not supported" ;; esac ;; diff --git a/tools/packaging/kernel/configs/fragments/x86_64/snp/snp.conf b/tools/packaging/kernel/configs/fragments/x86_64/snp/snp.conf new file mode 100644 index 0000000000..d629e31c93 --- /dev/null +++ b/tools/packaging/kernel/configs/fragments/x86_64/snp/snp.conf @@ -0,0 +1,10 @@ +# !s390x !ppc64le !arm64 +# enable sev-snp support +CONFIG_AMD_MEM_ENCRYPT=y +CONFIG_SEV_GUEST=y +CONFIG_VIRT_DRIVERS=y + +# Prepare kernel for direct boot using OVMF +CONFIG_EFI=y +CONFIG_EFI_STUB=y + diff --git a/versions.yaml b/versions.yaml index 20c040ead9..264b630ff6 100644 --- a/versions.yaml +++ b/versions.yaml @@ -102,6 +102,11 @@ assets: description: "VMM that uses KVM and supports TDX" url: "https://github.com/intel/qemu-dcp" tag: "SPR-BKC-QEMU-v2.5" + snp: + description: "VMM that uses KVM and supports AMD SEV-SNP" + url: "https://github.com/AMDESE/qemu" + branch: "snp-v3" + commit: "ffa95097ee" qemu-experimental: description: "QEMU with virtiofs support" @@ -162,6 +167,10 @@ assets: description: "Linux kernel that supports SEV" url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/" version: "v5.19.2" + snp: + description: "Linux kernel that supports AMD SEV-SNP for VMs" + url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/" + version: "v5.19.2" kernel-experimental: description: "Linux kernel with virtio-fs support"