Description
This is an effort to bring support for running virtual machines on AMD SEV-SNP with a Secure VM Service Module (SVSM).
The SVSM packaged here includes a virtual TPM device (svsm-vtpm), from https://github.com/svsm-vtpm/linux-svsm.
The goal is to provide everything needed to run a confidential VMs on AMD SEV-SNP with the svsm-vtpm.
Current limitations:
- Host kernel, guest kernel, Qemu are still not packaged.
All of this is only useful to you on a system with an AMD EPYC cpu that supports SEV-SNP.
Installation Instructions
Install edk2-ovmf-svsm and svsm-vtpm from this repo.
This places the OVMF guest firmware with SVSM support here /usr/share/edk2/ovmf-svsm/,
and the svsm binary here /usr/share/svsm/svsm-vtpm.bin.
Then get Qemu, the host kernel (svsm-preview-hv branch), and the guest kernel (svsm-preview-guest) from https://github.com/svsm-vtpm/linux-svsm. This repository includes instructions on how to build those and contains a script to launch Qemu with SEV-SNP and svsm enabled. Just point it to the firmware and svsm binaries provided packages.
Active Releases
The following unofficial repositories are provided as-is by owner of this project. Contact the owner directly for bugs or issues (IE: not bugzilla).
| Release | Architectures | Repo Download |
|---|---|---|
Fedora 39
|
x86_64 (12)* | Fedora 39 (12 downloads) |
|
Fedora 40
|
x86_64 (0)* | Fedora 40 (3 downloads) |
|
Fedora rawhide
|
x86_64 (21)* | Fedora rawhide (23 downloads) |
* Total number of downloaded packages.