On 4/3/18 9:32 AM, Erik Skultety wrote:
> On Mon, Apr 02, 2018 at 09:18:55AM -0500, Brijesh Singh wrote:
>> Add new 'launch-security' command, the command can be used to get or set
>> the launch security information when booting encrypted VMs.
>>
>> Signed-off-by: Brijesh Singh <brijesh.singh@xxxxxxx>
>> ---
>> tools/virsh-domain.c | 84 ++++++++++++++++++++++++++++++++++++++++++++++++++++
>> 1 file changed, 84 insertions(+)
>>
>> diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c
>> index 2b775fc..4dca191 100644
>> --- a/tools/virsh-domain.c
>> +++ b/tools/virsh-domain.c
>> @@ -13877,6 +13877,84 @@ cmdDomFSInfo(vshControl *ctl, const vshCmd *cmd)
>> return ret >= 0;
>> }
>>
>> +/*
>> + * "launch-security" command
>> + */
>> +static const vshCmdInfo info_launch_security[] = {
>> + {.name = "help",
>> + .data = N_("Get or set launch-security information")
>> + },
>> + {.name = "desc",
>> + .data = N_("Get or set the current launch-security information for a guest"
>> + " domain.\n"
>> + " To get the launch-security information use following command: \n\n"
>> + " virsh # launch-security <domain>")
> As John has pointed out, you might want to shorten ^these 2 lines, however, I
> think it makes sense to make it obvious that running without any
> arguments/options this behaves like a getter, otherwise it's going to behave
> like a setter, right? (it's a common practice in libvirt, so nothing against
> conceptually).
>
Yes, without any command line it should be getter otherwise settter.
Currently, we don't have anything in setter yet.
>> + },
>> + {.name = NULL}
>> +};
>> +
>> +static const vshCmdOptDef opts_launch_security[] = {
>> + VIRSH_COMMON_OPT_DOMAIN_FULL(0),
>> + {.name = "get",
>> + .type = VSH_OT_STRING,
>> + .help = N_("Show the launch-security info")
>> + },
>> + VIRSH_COMMON_OPT_DOMAIN_CONFIG,
>> + VIRSH_COMMON_OPT_DOMAIN_LIVE,
>> + VIRSH_COMMON_OPT_DOMAIN_CURRENT,
>> + {.name = NULL}
>> +};
> Sorry if I missed the obvious, but what exactly is the --get <string> supposed
> to do?
The command will return a measurement of encrypted image. The
measurement value can be used by guest owner to validate the image
before it launches the VM. In a typical scenario we may have something
like this:
# virsh create guest.xml --paused
# virsh launch-security --domain guest
// validate the measurement obtained through above command
if measurement is wrong then;
destory the guest
else
// optionally inject secret in guest using virsh launch-security set <....>
resume the guest
> Erik
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
