From: "Daniel P. Berrangé" <berrange@redhat.com>
To: "Jörg Rödel" <jroedel@suse.de>
Cc: James Bottomley <jejb@linux.ibm.com>,
linux-coco@lists.linux.dev, amd-sev-snp@lists.suse.com
Subject: Re: SVSM initiated early attestation / guest secrets injection
Date: Mon, 16 Jan 2023 17:13:00 +0000 [thread overview]
Message-ID: <Y8WFnFAzPrFiDHNP@redhat.com> (raw)
In-Reply-To: <Y8WBmNVD8DuRQuC2@suse.de>
On Mon, Jan 16, 2023 at 05:55:52PM +0100, Jörg Rödel wrote:
> On Sat, Jan 14, 2023 at 01:22:41PM -0500, James Bottomley wrote:
> > On Sat, 2023-01-14 at 18:08 +0100, Jörg Rödel wrote:
> >
> > [...]
> > > As James also said, the measurement to unlock secrets need to include
> > > all software/data components up to the point where the encrypted disk
> > > gets mounted.
> >
> > Well, we have a prototype in IBM Research using keylime to do this
> > based on the vTPM measurements. We currently bring up a network
> > interface inside the initrd to run the keylime agent, but if you're
> > already inventing a non-network method for attestation, there's no
> > reason we couldn't transport TPM quotes over it as well.
>
> So you are unlocking the disk via keylime remote attestation. This means
> you need a measured initrd, right?
>
> We were thinking about doing disk-unlocking via TPM in Grub, but that
> has the problem that we need to securely deploy the TPM state at SVSM
> init-time.
IMHO it is undesirable to build a reliance on a specific bootloader.
My desire is that we have the stateful TPM in SVSM, such that once
the UEFI firmware starts everything functions identically to how
it would in bare metal or non-confidential VMs with a TPM. eg the
ability to use all the normal Linux tools, and especially the
standard systemd integration with LUKS and TPMs.
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2023-01-16 17:13 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-12 14:39 SVSM initiated early attestation / guest secrets injection Daniel P. Berrangé
2023-01-13 17:22 ` Jörg Rödel
2023-01-13 18:02 ` James Bottomley
2023-01-14 16:57 ` Jörg Rödel
2023-01-19 14:05 ` Christophe de Dinechin Dupont de Dinechin
2023-01-19 14:10 ` James Bottomley
2023-01-19 21:18 ` Jörg Rödel
2023-01-19 21:29 ` James Bottomley
2023-01-20 8:37 ` Jörg Rödel
2023-01-20 8:57 ` Daniel P. Berrangé
2023-01-20 12:39 ` James Bottomley
2023-01-20 12:51 ` Daniel P. Berrangé
2023-01-20 17:10 ` James Bottomley
2023-01-20 12:32 ` James Bottomley
2023-01-13 18:28 ` Daniel P. Berrangé
2023-01-13 18:52 ` Dionna Amalie Glaze
2023-01-16 9:36 ` Daniel P. Berrangé
2023-01-14 17:08 ` Jörg Rödel
2023-01-14 18:22 ` James Bottomley
2023-01-16 16:55 ` Jörg Rödel
2023-01-16 16:59 ` James Bottomley
2023-01-17 16:47 ` Jörg Rödel
2023-01-16 17:13 ` Daniel P. Berrangé [this message]
2023-01-17 16:53 ` Jörg Rödel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y8WFnFAzPrFiDHNP@redhat.com \
--to=berrange@redhat.com \
--cc=amd-sev-snp@lists.suse.com \
--cc=jejb@linux.ibm.com \
--cc=jroedel@suse.de \
--cc=linux-coco@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).