On Thu, Apr 21, 2022 at 12:35:27PM -0400, Tyler Fanelli wrote: > On 4/20/22 5:45 AM, Daniel P. Berrangé wrote: > > > > But as is it's not clear what this buys us over the launch measurement > > > > we already report with virDomainGetLaunchSecurityInfo > > > > > > > > > > > > If we figure out what the point of this is, IMO we can more easily > > > > reason about whether it makes sense to add a Sev specific libvirt API, > > > > and whether we need virTypedParams for both input and output. For > > > > example if the API really is specific to this one and only KVM ioctl/QMP > > > > command, we could hardcode the parameters and skip the virTypedParams > > > > question entirely. > > > Interesting, although wouldn't hardcoding an nonce basically render it > > > useless? User-specified nonce would allow a user to verify that their call > > > was propagated to firmware at that instance. If they can't supply the nonce, > > > they can't verify it's an attestation report from that specific call. > > The launch blob contains a unique TIK/TEK pair, so if the launch > > measurement validates, the guest owner knows it is associated with > > a running VM that was created with their designated launch blob. > > > > A nonce is usually needed to avoid replay attacks, but I'm not seeing > > what attack vector is actually present in the SEV/SEV-ES scenario, > > since AFAIK, the attestation report content never changes once the > > VM is running. > > > > Overall I'm not seeing the need for this API with SEV/SEV-ES at least, > > and with SEV-SNP IIUC the attestation report is not available to the > > host, only to the guest ? > > Realizing that my assumption of LAUNCH_MEASURE needing to be called while VM > is paused is false, I tend to agree. With that in mind, what is the point of > "query-sev-attestation-report" in QEMU? What was it's original purpose if it > offers no real benefits compared to "query-sev-launch-measure"? I'm thinking the author didn't rememeber that we cached LAUNCH_MEASURE in QEMU. With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
