On Mon, Jul 12, 2021 at 10:56:40AM -0500, Brijesh Singh wrote: > > > On 7/12/21 9:43 AM, Daniel P. Berrangé wrote: > > On Fri, Jul 09, 2021 at 04:55:46PM -0500, Brijesh Singh wrote: > > > To launch the SEV-SNP guest, a user can specify up to 8 parameters. > > > Passing all parameters through command line can be difficult. > > > > This sentence applies to pretty much everything in QEMU and the > > SEV-SNP example is nowhere near an extreme example IMHO. > > > > > To simplify > > > the launch parameter passing, introduce a .ini-like config file that can be > > > used for passing the parameters to the launch flow. > > > > Inventing a new config file format for usage by just one specific > > niche feature in QEMU is something I'd say we do not want. > > > > Our long term goal in QEMU is to move to a world where 100% of > > QEMU configuration is provided in JSON format, using the QAPI > > schema to define the accepted input set. > > > > I am open to all suggestions. I was trying to avoid passing all these > parameters through the command line because some of them can be huge (up to > a page size) > > > > > > > > The contents of the config file will look like this: > > > > > > $ cat snp-launch.init > > > > > > # SNP launch parameters > > > [SEV-SNP] > > > init_flags = 0 > > > policy = 0x1000 > > > id_block = "YWFhYWFhYWFhYWFhYWFhCg==" > > > > These parameters are really tiny and trivial to provide on the command > > line, so I'm not finding this config file compelling. > > > > I have only included 3 small parameters. Other parameters can be up to a > page size. The breakdown looks like this: > > policy: 8 bytes > flags: 8 bytes > id_block: 96 bytes > id_auth: 4096 bytes > host_data: 32 bytes > gosvw: 16 bytes Only the id_auth parameter is really considered large here. When you say "up to a page size", that implies that the size is actually variable. Is that correct, and if so, what is a real world common size going to be ? Is the common size much smaller than this upper limit ? If so I'd just ignore the issue entirely. If not, then, 4k on the command line is certainly ugly, but isn't technically impossible. It would be similarly ugly to have this value stuffed into a libvirt XML configuration for that matter. One option is to supply only that one parameter via an external file, with the file being an opaque blob whose context is the parameter value thus avoiding inventing a custom file format parser. When "id_auth" is described as "authentication data", are there any secrecy requirements around this ? QEMU does have the '-object secret' framework for passing blobs of sensitive data to QEMU and can allow passing via a file: https://qemu-project.gitlab.io/qemu/system/secrets.html Even if this doesn't actually need to be kept private, we could decide to simply (ab)use the 'secret' object anyway as a way to let it be passed in out of band via a file. Libvirt also has a 'secret' concept for passing blobs of sensitive data out of band from the main XML config, which could again be leveraged. It does feel a little dirty to be using 'secrets' in libvirt and QEMU for data that doesn't actually need to be secret, just as a way to avoid huge config files. So we could just ignore the secrets and directly have 'id_auth_file' as a parameter and directly reference a file. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|