From: "Daniel P. Berrange" <berrange@redhat.com>
To: Brijesh Singh <brijesh.singh@amd.com>
Cc: "Relph, Richard" <Richard.Relph@amd.com>,
"qemu-devel@nongnu.org" <qemu-devel@nongnu.org>,
"libvir-list@redhat.com" <libvir-list@redhat.com>,
"Lendacky, Thomas" <Thomas.Lendacky@amd.com>
Subject: Re: [Qemu-devel] libvirt/QEMU/SEV interaction
Date: Fri, 8 Sep 2017 16:51:43 +0100 [thread overview]
Message-ID: <20170908155143.GK32645@redhat.com> (raw)
In-Reply-To: <82d6b8f0-7101-1d59-5489-43b66107fbe0@amd.com>
On Fri, Sep 08, 2017 at 10:48:10AM -0500, Brijesh Singh wrote:
> > So I could see a flow like the following:
>
>
> The flow looks good
>
> >
> >
> > 1. mgmt tool calls virConnectGetCapabilities. This returns an XML
> > document that includes the following
> >
> > <host>
> > ...other bits...
> > <sev>
> > <platform-key>...hex encoded PDH key...</platform-key>
> > </sev>
> > </host>
> >
> > 2. mgmt tool requests to start a guest calling virCreateXML(),
> > passing VIR_DOMAIN_START_PAUSED. The XML would include
> >
> > <sev>
> > <owner-key>...hex encode DH key...</owner-key>
> > <session-info>..hex encode info...</session-info>
> > <policy>...int32 value..</policy>
> > </sev>
> >
> >
> > if <sev> is provided and VIR_DOMAIN_START_PAUSED is missing,
> > libvirt would report an error and refuse to start the guest
> >
>
>
> One thing which is not clear to me is, how do we know that we are asked
> to launch SEV guest? Are you thinking that <sev> tag in the XML will
> hint libvirt that GO has asked to launch a SEV guest?
Yes, the existance of the <sev> tag is the indicator that informs
libvirt that SEV *must* be used for the guest.
> > 3. Libvirt generates the QEMU cli arg to enable SEV using
> > the XML data and starts QEMU, leaving CPUs paused
> >
>
>
> I am looking at [1] to get the feel for how do we model it in the XML.
> As you can see I am using ad-hoc <qemu:args> to create the sev-guest
> object. Currently, sev-guest object accepts the following properties:
>
> dh-cert-file: <file containing the GO DH key>
> session-info-file: <file contain the GO session info>
> policy: <int32 GO policy>
>
> I believe the new XML model will influence the property input type,
> Any recommendation on how do model this part ? thank you so much.
That looks ok to me - even if QEMU wants the data provided in
files on disk, libvirt can just create the files on the fly
from the data it has in the <sev> element in the XML file.
Since they're only needed during startup, libvirt can then
easily delete the files the moment QEMU has completed its
startup.
>
> [1] https://libvirt.org/formatdomain.html#elementsCPU
>
>
> > 4. QEMU emits a SEV_MEASURE event containing the measurement
> > blob
> >
> > 5. Libvirt catches the QEMU event and emits its own
> > VIR_CONNECT_DOMAIN_EVENT_SEV_MEASURE event containing
> > the measurement blob
> >
> > 6. GO does its validation of the measurement
> >
> > 7a If validation failed, then virDomainDestroy() to stop QEMU
> >
> > 7b If validation succeeed
> >
> > Optionally call
> >
> > virDomainSetSEVSecret()
> >
> > providing the optional secret, then
> >
> > virDomainResume()
> >
> > to let QEMU continue
> >
> >
> >
> >
> > Regards,
> > Daniel
> >
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2017-09-08 15:51 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-08 11:57 [Qemu-devel] libvirt/QEMU/SEV interaction Brijesh Singh
2017-09-08 13:15 ` Daniel P. Berrange
2017-09-08 13:45 ` Relph, Richard
2017-09-08 14:52 ` Daniel P. Berrange
2017-09-08 15:48 ` Brijesh Singh
2017-09-08 15:51 ` Daniel P. Berrange [this message]
2017-09-08 16:10 ` Brijesh Singh
2017-09-08 16:11 ` Laszlo Ersek
2017-10-18 4:21 ` Michael S. Tsirkin
2017-10-18 19:18 ` Dr. David Alan Gilbert
2017-10-19 1:35 ` Michael S. Tsirkin
2017-10-20 14:26 ` Richard Relph
2017-09-18 9:43 ` [Qemu-devel] [libvirt] " Erik Skultety
2017-09-18 9:47 ` Daniel P. Berrange
2017-09-18 12:41 ` Richard Relph
2017-09-18 13:51 ` Erik Skultety
2017-09-26 14:36 ` [Qemu-devel] " Michael S. Tsirkin
2017-09-27 11:06 ` Dr. David Alan Gilbert
2017-09-27 13:39 ` Brijesh Singh
2017-09-27 16:12 ` Michael S. Tsirkin
2017-09-27 19:06 ` Richard Relph
2017-09-29 19:34 ` Michael S. Tsirkin
2017-09-29 19:48 ` Richard Relph
2017-09-29 20:07 ` Richard Relph
2017-09-29 21:35 ` Michael S. Tsirkin
2017-10-01 2:54 ` Michael S. Tsirkin
2017-10-01 2:59 ` Michael S. Tsirkin
2017-09-29 21:16 ` Michael S. Tsirkin
2017-09-29 22:15 ` Laszlo Ersek
2017-10-02 9:15 ` Daniel P. Berrange
2017-10-02 9:11 ` Daniel P. Berrange
2017-09-29 21:58 ` Laszlo Ersek
2017-10-01 0:09 ` Brijesh Singh
2017-10-01 9:17 ` Laszlo Ersek
2017-10-01 9:56 ` Laszlo Ersek
2017-10-03 16:03 ` Brijesh Singh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170908155143.GK32645@redhat.com \
--to=berrange@redhat.com \
--cc=Richard.Relph@amd.com \
--cc=Thomas.Lendacky@amd.com \
--cc=brijesh.singh@amd.com \
--cc=libvir-list@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.