From: "Daniel P. Berrangé" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Markus Armbruster" <armbru@redhat.com>,
"Michael Roth" <michael.roth@amd.com>,
"Konstantin Kostiuk" <kkostiuk@redhat.com>,
"Daniel P. Berrangé" <berrange@redhat.com>
Subject: [PATCH 08/14] qga: add command line to limit commands for confidential guests
Date: Tue, 4 Jun 2024 16:32:36 +0100 [thread overview]
Message-ID: <20240604153242.251334-9-berrange@redhat.com> (raw)
In-Reply-To: <20240604153242.251334-1-berrange@redhat.com>
When running in a confidential guest, a very large number of QGA
commands are unsafe to permit, since they can be used to violate
the privacy of the guest.
This introduces a new command line "--confidential" / "-i" which,
if set, will run the guest in confidential mode, which should
avoid leaking information to the host, while still allowing
important VM mgmt tasks to be performed.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
qga/main.c | 14 ++++++++++++++
qga/qapi-schema.json | 5 ++++-
2 files changed, 18 insertions(+), 1 deletion(-)
diff --git a/qga/main.c b/qga/main.c
index 7bf5ec49ba..12b91eb713 100644
--- a/qga/main.c
+++ b/qga/main.c
@@ -86,6 +86,7 @@ struct GAConfig {
gchar *aliststr; /* allowedrpcs may point to this string */
GList *blockedrpcs;
GList *allowedrpcs;
+ bool only_confidential;
int daemonize;
GLogLevelFlags log_level;
int dumpconf;
@@ -415,6 +416,15 @@ static bool ga_command_is_allowed(const QmpCommand *cmd, GAState *state)
/* Fallback policy is allow everything */
bool allowed = true;
+ /*
+ * If running in confidential mode, block commands that
+ * would violate guest data privacy
+ */
+ if (config->only_confidential &&
+ !qmp_command_has_feature(cmd, QAPI_FEATURE_CONFIDENTIAL)) {
+ allowed = false;
+ }
+
if (config->allowedrpcs) {
/*
* If an allow-list is given, this changes the fallback
@@ -1197,6 +1207,7 @@ static void config_parse(GAConfig *config, int argc, char **argv)
#endif
{ "statedir", 1, NULL, 't' },
{ "retry-path", 0, NULL, 'r' },
+ { "confidential", 0, NULL, 'i' },
{ NULL, 0, NULL, 0 }
};
@@ -1293,6 +1304,9 @@ static void config_parse(GAConfig *config, int argc, char **argv)
}
break;
#endif
+ case 'i':
+ config->only_confidential = true;
+ break;
case 'h':
usage(argv[0]);
exit(EXIT_SUCCESS);
diff --git a/qga/qapi-schema.json b/qga/qapi-schema.json
index 8b1eff3abc..9a213dfc06 100644
--- a/qga/qapi-schema.json
+++ b/qga/qapi-schema.json
@@ -39,7 +39,10 @@
'GuestNVMeSmart' ],
'command-features': [
# Commands permitted while FS are frozen
- 'fs-frozen'
+ 'fs-frozen',
+ # Commands which do not violate privacy
+ # of a confidential guest
+ 'confidential'
] } }
##
--
2.45.1
next prev parent reply other threads:[~2024-06-04 15:34 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-04 15:32 [PATCH 00/14] Improve mechanism for configuring allowed commands Daniel P. Berrangé
2024-06-04 15:32 ` [PATCH 01/14] qapi: use "QAPI_FEATURE" as namespace for special features Daniel P. Berrangé
2024-06-04 15:32 ` [PATCH 02/14] qapi: add helper for checking if a command feature is set Daniel P. Berrangé
2024-06-04 15:32 ` [PATCH 03/14] qapi: cope with special feature names containing a '-' Daniel P. Berrangé
2024-07-12 7:54 ` Markus Armbruster
2024-06-04 15:32 ` [PATCH 04/14] qapi: add a 'command-features' pragma Daniel P. Berrangé
2024-07-12 8:07 ` Markus Armbruster
2024-07-12 8:12 ` Daniel P. Berrangé
2024-07-12 8:50 ` Markus Armbruster
2024-07-12 9:17 ` Daniel P. Berrangé
2024-07-16 18:08 ` Markus Armbruster
2024-07-17 10:46 ` Daniel P. Berrangé
2024-07-17 11:43 ` Markus Armbruster
2024-06-04 15:32 ` [PATCH 05/14] qapi: stop hardcoding list of special features Daniel P. Berrangé
2024-06-04 15:32 ` [PATCH 06/14] qapi: define enum for custom special features on commands Daniel P. Berrangé
2024-06-04 15:32 ` [PATCH 07/14] qga: use special feature to mark those that can run when FS are frozen Daniel P. Berrangé
2024-06-04 15:32 ` Daniel P. Berrangé [this message]
2024-06-04 15:32 ` [PATCH 09/14] qga: define commands which can be run in confidential mode Daniel P. Berrangé
2024-06-04 15:32 ` [PATCH 10/14] qga: add command line to block unrestricted command/file access Daniel P. Berrangé
2024-06-04 15:32 ` [PATCH 11/14] qga: mark guest-file-* commands with 'unrestricted' flag Daniel P. Berrangé
2024-06-04 15:32 ` [PATCH 12/14] qga: mark guest-exec-* " Daniel P. Berrangé
2024-06-04 15:32 ` [PATCH 13/14] qga: add command line to block user authentication commands Daniel P. Berrangé
2024-06-04 15:32 ` [PATCH 14/14] qga: mark guest-ssh-* / guest-*-password commands with 'unrestricted' flag Daniel P. Berrangé
2024-07-02 18:09 ` [PATCH 00/14] Improve mechanism for configuring allowed commands Daniel P. Berrangé
2024-07-15 9:52 ` Markus Armbruster
2024-07-15 10:56 ` Daniel P. Berrangé
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240604153242.251334-9-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=armbru@redhat.com \
--cc=kkostiuk@redhat.com \
--cc=michael.roth@amd.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.