On 11/7/22 7:28 AM, Daniel P. Berrangé wrote:
> On Sun, Nov 06, 2022 at 04:03:15PM -0500, Cole Robinson wrote:
>> On 11/2/22 7:58 AM, Daniel P. Berrangé wrote:
>>> When doing direct kernel boot we need to include the kernel, initrd and
>>> cmdline in the measurement.
>>>
>>> Signed-off-by: Daniel P. Berrangé <berrange@xxxxxxxxxx>
>>> ---
>>> docs/manpages/virt-qemu-sev-validate.rst | 43 +++++++++
>>> tools/virt-qemu-sev-validate | 108 ++++++++++++++++++++++-
>>> 2 files changed, 150 insertions(+), 1 deletion(-)
>>>
>>
>> ...
>>
>>> +
>>> +class KernelTable(GUIDTable):
>>> +
>>> + TABLE_GUID = UUID('{9438d606-4f22-4cc9-b479-a793-d411fd21}').bytes_le
>>> + KERNEL_GUID = UUID('{4de79437-abd2-427f-b835-d5b1-72d2045b}').bytes_le
>>> + INITRD_GUID = UUID('{44baf731-3a2f-4bd7-9af1-41e2-9169781d}').bytes_le
>>> + CMDLINE_GUID = UUID('{97d02dd8-bd20-4c94-aa78-e771-4d36ab2a}').bytes_le
>>> +
>>> + def __init__(self):
>>> + super().__init__(guid=self.TABLE_GUID,
>>> + lenlen=2)
>>> +
>>> + self.kernel = None
>>> + self.initrd = sha256(bytes([])).digest()
>>> + self.cmdline = sha256(bytes([0])).digest()
>>> +
>>
>> This bit here caused a regression from v2. self.initrd and self.cmdline
>> should be initialized to None. Otherwise the code that triggers
>> load_kernel and load_initrd never runs.
>
> I'm not seeing any regression. The call to load_kernel/load_intrd
> is conditioned on args.initrd != None, not self.initrd != None.
Sorry, I should have been more clear. It's the load_initrd call
triggered from XML code path, not the cli --initrd code path.
- Cole
