On Wed, Dec 18, 2024 at 7:23 AM Michael Roth <michael.roth@xxxxxxx> wrote: > > For SEV-SNP, the host can optionally provide a certificate table to the > guest when it issues an attestation request to firmware (see GHCB 2.0 > specification regarding "SNP Extended Guest Requests"). This certificate > table can then be used to verify the endorsement key used by firmware to > sign the attestation report. > > While it is possible for guests to obtain the certificates through other > means, handling it via the host provides more flexibility in being able > to keep the certificate data in sync with the endorsement key throughout > host-side operations that might resulting in the endorsement key > changing. > > In the case of KVM, userspace will be responsible for fetching the > certificate table and keeping it in sync with any modifications to the > endorsement key by other userspace management tools. Define a new > KVM_EXIT_SNP_REQ_CERTS event where userspace is provided with the GPA of > the buffer the guest has provided as part of the attestation request so > that userspace can write the certificate data into it while relying on > filesystem-based locking to keep the certificates up-to-date relative to > the endorsement keys installed/utilized by firmware at the time the > certificates are fetched. > > Also introduce a KVM_CAP_EXIT_SNP_REQ_CERTS capability to enable/disable > the exit for cases where userspace does not support > certificate-fetching, in which case KVM will fall back to returning an > empty certificate table if the guest provides a buffer for it. > > Signed-off-by: Michael Roth <michael.roth@xxxxxxx> Tested-by: Dionna Glaze <dionnaglaze@xxxxxxxxxx> Thanks for your patience. -- -Dionna Glaze, PhD, CISSP, CCSP (she/her)
