On 7/20/21 3:04 AM, Dov Murik wrote:
> In the AmdSevX64 build, use BlobVerifierLibSevHashes to enforce
> verification of hashes of the kernel/initrd/cmdline blobs fetched from
> firmware config.
>
> This allows for secure (measured) boot of SEV guests with QEMU's
> -kernel/-initrd/-append
In the AmdSevX64 build, use BlobVerifierLibSevHashes to enforce
verification of hashes of the kernel/initrd/cmdline blobs fetched from
firmware config.
This allows for secure (measured) boot of SEV guests with QEMU's
-kernel/-initrd/-append switches (with the corresponding QEMU support
for