Lines Matching refs:ES

21 Secure Encrypted Virtualization - Encrypted State (SEV-ES) builds on the SEV
28 Launching (SEV and SEV-ES)
38 For a SEV-ES guest, the ``LAUNCH_UPDATE_VMSA`` command is also used to encrypt the
57 Setting the "SEV-ES required" policy bit (bit 2) will launch the guest as a
58 SEV-ES guest::
78 ``LAUNCH_UPDATE_VMSA`` encrypts all the vCPU VMSAs for a SEV-ES guest using the
83 for a SEV-ES guest, encrypted VMSAs. This measurement is a signature of the
84 memory contents and, for a SEV-ES guest, the VMSA contents, that can be sent
104 To launch a SEV-ES guest::
110 An SEV-ES guest has some restrictions as compared to a SEV guest. Because the
112 a SEV-ES guest:
156 * if SEV-ES is enabled (``policy & 0x4 != 0``), ``vmsas_blob`` is the
161 If kernel hashes are not used, or SEV-ES is disabled, use empty blobs for
264 * `Extending Secure Encrypted Virtualization With SEV-ES (2018)
265 …<https://www.linux-kvm.org/images/9/94/Extending-Secure-Encrypted-Virtualization-with-SEV-ES-Thoma…
272 * SEV-ES is section 15.35