This addresses a few issues in the AMD SEV support
- Neither host or domain level SEV metadata is
exposed in virsh commands
- The domain launch security parameters don't expose
enough info to validate the measurement
The second point was the real purpose of my work. Per the
SEV API guide to calculate the measurement we need
measurement = HMAC(0x04 || API_MAJOR || API_MINOR || BUILD ||
GCTX.POLICY || GCTX.LD || MNONCE; GCTX.TIK)
The API_MINOR, API_MAJOR, BUILD values are things that are
available from 'query-sev' QMP command and libvirt does
not expose this info. This patch series adds them to
virDomainGetLaunchSecurityParams alongside the measurement
that we already report.
So now the client can fetch this info and calculate an expected
measurement to compare with the actual measurement they got.
They will thus know if the guest is safe to inject secrets into,
which is where Jim's recent patches come into play.
Daniel P. Berrangé (6):
include: add new launch security parameters
qemu: report error querying launch params for inactive guest
qemu: add monitor APIs for query-sev
qemu: report new launch security parameters
tools: add 'domlaunchsecinfo' virsh command
tools: add 'nodesevinfo' virsh command
include/libvirt/libvirt-domain.h | 32 +++++++++++++++++++
src/qemu/qemu_driver.c | 47 ++++++++++++++++++++++++----
src/qemu/qemu_monitor.c | 13 ++++++++
src/qemu/qemu_monitor.h | 9 ++++++
src/qemu/qemu_monitor_json.c | 45 +++++++++++++++++++++++++++
src/qemu/qemu_monitor_json.h | 8 +++++
tools/virsh-domain.c | 53 ++++++++++++++++++++++++++++++++
tools/virsh-host.c | 45 +++++++++++++++++++++++++++
8 files changed, 246 insertions(+), 6 deletions(-)
--
2.33.1
