Bottomley: Deploying Encrypted Images for Confidential Computing

James Bottomley has posted adetailed description of what it takes to get an encrypted image runningsecurely with AMD's SEV mechanism. "In this post I'll discuss howyou actually bring up a confidential VM from an encrypted image whilepreserving secrecy. However, first a warning: This post represents thestate of the art and includes patches that are certainly not deployed indistributions and may not even be upstream, so if you want to follow alongat home you'll need to patch things like qemu, grub and OVMF."