Crate sev[−][src]
The sev
crate provides an implementation of AMD Secure Encrypted
Virtualization (SEV) APIs.
The Linux kernel exposes two technically distinct AMD SEV APIs:
- An API for managing the SEV platform itself
- An API for managing SEV-enabled KVM virtual machines
This crate implements both of those APIs and offers them to client code through a flexible and type-safe high level interface.
Platform Management
Refer to the firmware
module for more information.
Guest Management
Refer to the launch
module for more information.
Remarks
Note that the Linux kernel provides access to these APIs through a set
of ioctl
s that are meant to be called on device nodes (/dev/kvm
and
/dev/sev
, to be specific). As a result, these ioctl
s form the substrate
of the sev
crate. Binaries that result from consumers of this crate are
expected to run as a process with the necessary privileges to interact
with the device nodes.
Modules
cached_chain | Utilities for adhering to a cached SEV chain convention. |
certs | Everything needed for working with AMD SEV certificate chains. |
firmware | Operations for managing the SEV platform. |
kvm | Types for interacting with the KVM-SEV guest management API. |
launch | Everything one needs to launch an AMD SEV encrypted virtual machine. |
Structs
Build | A description of the SEV platform's build information. |
Version | Information about the SEV platform version. |
Enums
Generation | A representation for EPYC generational product lines. |