AnsweredAssumed Answered

How to share SEV keys between virtual machines?

Question asked by wooh on May 25, 2020
Latest reply on Jun 1, 2020 by mbaker_amd

As documented in the AMD SEV-KM API Specification, there is an option in guest policy named NOKS, which means "

Sharing keys with other guests is disallowed when set". If I don't set that bit, how can I share keys with other guests? I don't find any APIs related with sharing SEV keys between guests, except for that DBG_DECRYPT, which however is used for hypervisor to access encrypted memory without knowing the key.

Outcomes