The repository contains the script to build the various components required to enable the SEV support on AMD Eypc Processor. Prepare Hypervisor: =================== Follow the below steps to prepare the host OS (hypervisor) for SEV support: # cd /home/user/ # git clone --single-branch -b master https://github.com/AMDESE/AMDSEV.git # cd AMDSEV # ./build.sh (this should take a while) The script is designed to produce a kernel deb packages. Install the new kernel image as shown below: # cd /home/user/AMDSEV/output/kvm # sudo dpkg -i linux-image-*.deb Reboot the host OS and select the newly built kernel image from the grub menu. On successful boot, verify that /dev/sev device is created. Prepare guest OS ================= 1) Download ubuntu iso image 2) Install Ubuntu image # cd /home/user/AMDSEV/output/qemu-output # qemu-img create -f qcow2 ubuntu-img.qcow2 30G (create empty qcow2 file) # sudo ./launch-qemu.sh -hda ubuntu-img.qcow2 -nosev -cdrom <your_iso_image> -vnc 1 The installer GUI can be accessed via vnc port 1. Follow the installation screen to complete the installation and reboot the guest with newly installed image. 3) Install SEV aware guest kernel image SEV aware guest kernel deb packages is available in /home/user/AMDSEV/output/kvm directory. a) Boot the guest image # cd /home/user/AMDSEV/output/qemu-output # sudo ./launch-qemu.sh -hda ubuntu-img.qcow2 -nosev -vnc 1 b) copy the SEV aware guest kernel deb packges from host to guest (hint use scp) c) install the kernel image # sudo dpkg -i linux-image*.deb d) reboot the guest and verify NOTE: To boot ubuntu using serial console follow the below recommendation: https://askubuntu.com/questions/924913/how-to-get-to-the-grub-menu-at-boot-time-using-serial-console Launching SEV Guest =================== To launch SEV enabled guest, use: # cd /home/user/AMDSEV/output/qemu-output # sudo ./launch-qemu.sh -hda <your disk image> NOTE: when guest is booting, CTRL-C is mapped to CTRL-], use CTRL-] to stop the guest