Lines Matching full:secret

7 This document describes how Confidential Computing secret injection is handled
18 secret injection is performed early in the VM launch process, before the
25 Secret data flow
28 The guest firmware may reserve a designated memory area for secret injection,
35 During the VM's launch, the virtual machine manager may inject a secret to that
38 Guest Owner secret data should be a GUIDed table of secret values; the binary
40 "Structure of the EFI secret area".
42 On kernel start, the kernel's EFI driver saves the location of the secret area
44 Later it checks if the secret area is populated: it maps the area and checks
46 (``1e74f542-71dd-4d66-963e-ef4287ff173b``).  If the secret area is populated,
56 provides the decryption key (= secret) using the secret injection mechanism.
57 The guest application reads the secret from the efi_secret filesystem and
63 it is passed using the secret injection mechanism (= secure channel).
68 to which an EFI secret area with 4 secrets was injected during launch::