From: James Bottomley <jejb@linux.ibm.com>
To: "Daniel P. Berrangé" <berrange@redhat.com>,
"Christophe de Dinechin" <cdupontd@redhat.com>
Cc: Dov Murik <dovmurik@linux.ibm.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
"Dr. David Alan Gilbert" <dgilbert@redhat.com>,
"amd-sev-snp@lists.suse.com" <amd-sev-snp@lists.suse.com>,
"linux-coco@lists.linux.dev" <linux-coco@lists.linux.dev>
Subject: Re: SVSM vTPM specification
Date: Wed, 19 Oct 2022 08:38:19 -0400 [thread overview]
Message-ID: <b8f0c4cc9207a516f63958c53a5a57148606cc45.camel@linux.ibm.com> (raw)
In-Reply-To: <Y0+wcWgcRFTiDTNk@redhat.com>
On Wed, 2022-10-19 at 09:08 +0100, Daniel P. Berrangé wrote:
> I'd be inclined to not rely on guest networking, and probably even
> strictly decouple what the SVSM does to communicate, from any
> specific attestation server connection protocol or details.
I think we should be clear: if you need a secret at start of day,
before the guest boots, then you need to retrieve an attestation from
the SVSM and inject a secret. If you can delay needing the secret
until after boot (say for data volumes) then you can use the cloud
standard methods we have today (which actually do mostly operate over
the guest network path) and a TPM which manufactures on boot.
However, the above mechanism is out of scope for the vTPM project.
This is simply about putting a vTPM into the SVSM which appears in the
guest as a TPM and providing a guest API to retrieve its attestation.
So the scope of the project ends there.
If we want a TPM with persistent state, then the state has to be
injected pre-boot but that is the same pre-boot problem as all secret
injection. I think there should be a separate project working on this
and we'll make sure they interlock correctly.
So I think there are three pieces
1. Ephemeral vTPM with attestation retrieved from guest
2. Attestation and injection API from SVSM to host/guest end point
3. SVSM API for saving TPM state
We'll work initially on 1. Someone else can work on 2. but we'll make
sure they fit together. 3. would be required for full TPM emulation,
but might not be required if all we want is persistence of the seeds of
the TPM, so this would be evaluated when we have 1+2.
James
next prev parent reply other threads:[~2022-10-19 12:38 UTC|newest]
Thread overview: 53+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-12 16:38 SVSM vTPM specification Tom Lendacky
2022-10-12 17:33 ` Dr. David Alan Gilbert
2022-10-12 18:44 ` James Bottomley
2022-10-13 15:14 ` Tom Lendacky
2022-10-13 15:29 ` Daniele Buono
2022-10-13 15:30 ` James Bottomley
2022-10-18 20:22 ` Dov Murik
2022-10-19 5:47 ` Christophe de Dinechin
2022-10-19 6:39 ` Dov Murik
2022-10-19 8:08 ` Daniel P. Berrangé
2022-10-19 12:09 ` Christophe de Dinechin
2022-10-19 12:38 ` James Bottomley [this message]
2022-10-19 13:05 ` Daniel P. Berrangé
2022-10-19 14:43 ` Tom Lendacky
2022-10-19 15:20 ` James Bottomley
2022-10-19 21:58 ` Tom Lendacky
2022-10-19 20:57 ` Dov Murik
2022-10-19 22:04 ` Tom Lendacky
2022-10-19 22:14 ` Dionna Amalie Glaze
2022-10-19 23:38 ` James Bottomley
2022-10-19 22:36 ` [EXTERNAL] " David Altobelli
[not found] ` <CABayD+cYCj=uOtC5h1d781jh_B6XqxmZNfR69taEex7yvkizRw@mail.gmail.com>
[not found] ` <SJ0PR21MB132378C080FFED1E283B4051E92A9@SJ0PR21MB1323.namprd21.prod.outlook.com>
2022-10-20 20:29 ` James Bottomley
2022-10-21 0:02 ` [EXTERNAL] " Jon Lange
2022-10-21 13:04 ` James Bottomley
2022-10-21 16:31 ` [EXTERNAL] " Jon Lange
2022-10-22 3:20 ` James Bottomley
2022-10-24 4:51 ` [EXTERNAL] " Jon Lange
2022-10-24 10:59 ` Dr. David Alan Gilbert
2022-10-24 11:45 ` Dov Murik
2022-10-24 19:02 ` Tom Lendacky
2022-10-24 19:18 ` Dionna Amalie Glaze
2022-10-25 8:51 ` Dov Murik
2022-10-25 9:43 ` Christophe de Dinechin
2022-10-25 14:08 ` Tom Lendacky
2022-10-25 14:13 ` James Bottomley
2022-10-29 0:25 ` Steve Rutherford
2022-10-29 13:27 ` James Bottomley
2022-10-19 11:21 ` Dr. David Alan Gilbert
2022-10-19 11:45 ` James Bottomley
2022-10-12 19:05 ` James Bottomley
2022-10-13 18:54 ` Tom Lendacky
2022-10-13 19:20 ` James Bottomley
2022-10-13 20:54 ` Daniel P. Smith
2022-10-13 21:06 ` James Bottomley
2022-10-13 21:14 ` Daniel P. Smith
2022-10-13 21:41 ` James Bottomley
2022-10-14 17:16 ` Stuart Yoder
2022-10-14 21:46 ` Tom Lendacky
2022-10-16 16:29 ` Daniel P. Smith
2022-10-16 16:44 ` James Bottomley
2022-10-21 11:54 ` Daniel P. Smith
2022-10-21 12:31 ` James Bottomley
2022-10-18 20:45 ` Dov Murik
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=b8f0c4cc9207a516f63958c53a5a57148606cc45.camel@linux.ibm.com \
--to=jejb@linux.ibm.com \
--cc=amd-sev-snp@lists.suse.com \
--cc=berrange@redhat.com \
--cc=cdupontd@redhat.com \
--cc=dgilbert@redhat.com \
--cc=dovmurik@linux.ibm.com \
--cc=linux-coco@lists.linux.dev \
--cc=thomas.lendacky@amd.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).