From: "Daniel P. Berrangé" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Markus Armbruster" <armbru@redhat.com>,
"Michael Roth" <michael.roth@amd.com>,
"Konstantin Kostiuk" <kkostiuk@redhat.com>,
"Daniel P. Berrangé" <berrange@redhat.com>
Subject: [PATCH 08/14] qga: add command line to limit commands for confidential guests
Date: Tue, 4 Jun 2024 16:32:36 +0100 [thread overview]
Message-ID: <20240604153242.251334-9-berrange@redhat.com> (raw)
In-Reply-To: <20240604153242.251334-1-berrange@redhat.com>
When running in a confidential guest, a very large number of QGA
commands are unsafe to permit, since they can be used to violate
the privacy of the guest.
This introduces a new command line "--confidential" / "-i" which,
if set, will run the guest in confidential mode, which should
avoid leaking information to the host, while still allowing
important VM mgmt tasks to be performed.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
qga/main.c | 14 ++++++++++++++
qga/qapi-schema.json | 5 ++++-
2 files changed, 18 insertions(+), 1 deletion(-)
diff --git a/qga/main.c b/qga/main.c
index 7bf5ec49ba..12b91eb713 100644
--- a/qga/main.c
+++ b/qga/main.c
@@ -86,6 +86,7 @@ struct GAConfig {
gchar *aliststr; /* allowedrpcs may point to this string */
GList *blockedrpcs;
GList *allowedrpcs;
+ bool only_confidential;
int daemonize;
GLogLevelFlags log_level;
int dumpconf;
@@ -415,6 +416,15 @@ static bool ga_command_is_allowed(const QmpCommand *cmd, GAState *state)
/* Fallback policy is allow everything */
bool allowed = true;
+ /*
+ * If running in confidential mode, block commands that
+ * would violate guest data privacy
+ */
+ if (config->only_confidential &&
+ !qmp_command_has_feature(cmd, QAPI_FEATURE_CONFIDENTIAL)) {
+ allowed = false;
+ }
+
if (config->allowedrpcs) {
/*
* If an allow-list is given, this changes the fallback
@@ -1197,6 +1207,7 @@ static void config_parse(GAConfig *config, int argc, char **argv)
#endif
{ "statedir", 1, NULL, 't' },
{ "retry-path", 0, NULL, 'r' },
+ { "confidential", 0, NULL, 'i' },
{ NULL, 0, NULL, 0 }
};
@@ -1293,6 +1304,9 @@ static void config_parse(GAConfig *config, int argc, char **argv)
}
break;
#endif
+ case 'i':
+ config->only_confidential = true;
+ break;
case 'h':
usage(argv[0]);
exit(EXIT_SUCCESS);
diff --git a/qga/qapi-schema.json b/qga/qapi-schema.json
index 8b1eff3abc..9a213dfc06 100644
--- a/qga/qapi-schema.json
+++ b/qga/qapi-schema.json
@@ -39,7 +39,10 @@
'GuestNVMeSmart' ],
'command-features': [
# Commands permitted while FS are frozen
- 'fs-frozen'
+ 'fs-frozen',
+ # Commands which do not violate privacy
+ # of a confidential guest
+ 'confidential'
] } }
##
--
2.45.1
next prev parent reply other threads:[~2024-06-04 15:34 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-04 15:32 [PATCH 00/14] Improve mechanism for configuring allowed commands Daniel P. Berrangé
2024-06-04 15:32 ` [PATCH 01/14] qapi: use "QAPI_FEATURE" as namespace for special features Daniel P. Berrangé
2024-06-04 15:32 ` [PATCH 02/14] qapi: add helper for checking if a command feature is set Daniel P. Berrangé
2024-06-04 15:32 ` [PATCH 03/14] qapi: cope with special feature names containing a '-' Daniel P. Berrangé
2024-07-12 7:54 ` Markus Armbruster
2024-06-04 15:32 ` [PATCH 04/14] qapi: add a 'command-features' pragma Daniel P. Berrangé
2024-07-12 8:07 ` Markus Armbruster
2024-07-12 8:12 ` Daniel P. Berrangé
2024-07-12 8:50 ` Markus Armbruster
2024-07-12 9:17 ` Daniel P. Berrangé
2024-07-16 18:08 ` Markus Armbruster
2024-07-17 10:46 ` Daniel P. Berrangé
2024-07-17 11:43 ` Markus Armbruster
2024-06-04 15:32 ` [PATCH 05/14] qapi: stop hardcoding list of special features Daniel P. Berrangé
2024-06-04 15:32 ` [PATCH 06/14] qapi: define enum for custom special features on commands Daniel P. Berrangé
2024-06-04 15:32 ` [PATCH 07/14] qga: use special feature to mark those that can run when FS are frozen Daniel P. Berrangé
2024-06-04 15:32 ` Daniel P. Berrangé [this message]
2024-06-04 15:32 ` [PATCH 09/14] qga: define commands which can be run in confidential mode Daniel P. Berrangé
2024-06-04 15:32 ` [PATCH 10/14] qga: add command line to block unrestricted command/file access Daniel P. Berrangé
2024-06-04 15:32 ` [PATCH 11/14] qga: mark guest-file-* commands with 'unrestricted' flag Daniel P. Berrangé
2024-06-04 15:32 ` [PATCH 12/14] qga: mark guest-exec-* " Daniel P. Berrangé
2024-06-04 15:32 ` [PATCH 13/14] qga: add command line to block user authentication commands Daniel P. Berrangé
2024-06-04 15:32 ` [PATCH 14/14] qga: mark guest-ssh-* / guest-*-password commands with 'unrestricted' flag Daniel P. Berrangé
2024-07-02 18:09 ` [PATCH 00/14] Improve mechanism for configuring allowed commands Daniel P. Berrangé
2024-07-15 9:52 ` Markus Armbruster
2024-07-15 10:56 ` Daniel P. Berrangé
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240604153242.251334-9-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=armbru@redhat.com \
--cc=kkostiuk@redhat.com \
--cc=michael.roth@amd.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).