[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] libvirt/QEMU/SEV interaction
From: |
Michael S. Tsirkin |
Subject: |
Re: [Qemu-devel] libvirt/QEMU/SEV interaction |
Date: |
Fri, 29 Sep 2017 22:34:45 +0300 |
On Wed, Sep 27, 2017 at 02:06:10PM -0500, Richard Relph wrote:
> Whether the "BIOS" is a "static shim" as Michael suggests, or a full BIOS,
> or even a BIOS+kernel+initrd is really not too significant. What is
> significant is that the GO has a basis for trusting all code that is
> imported in to their VM by the CP. And that NONE of the code provided by the
> CP is "unknown" and unauditable by the GO. If the CP has a way to inject
> code unknown to the GO in to the guest VM, the trust model is broken and
> both GO and CP suffer the consequences.
Absolutely.
> When the CP needs to update the BIOS image, they will have to inform the GO
> and allow the GO to establish trust in the CP's new BIOS image somehow.
This GO update on every BIOS change is imho is not a workable model. You
want something like checking the BIOS signature instead. And since
hardware is all hash based, you need the shim to do it in software.
--
MST
- Re: [Qemu-devel] libvirt/QEMU/SEV interaction, (continued)
- Re: [Qemu-devel] libvirt/QEMU/SEV interaction, Laszlo Ersek, 2017/09/08
- Re: [Qemu-devel] [libvirt] libvirt/QEMU/SEV interaction, Erik Skultety, 2017/09/18
- Re: [Qemu-devel] [libvirt] libvirt/QEMU/SEV interaction, Daniel P. Berrange, 2017/09/18
- Re: [Qemu-devel] [libvirt] libvirt/QEMU/SEV interaction, Richard Relph, 2017/09/18
- Re: [Qemu-devel] [libvirt] libvirt/QEMU/SEV interaction, Erik Skultety, 2017/09/18
Re: [Qemu-devel] libvirt/QEMU/SEV interaction, Michael S. Tsirkin, 2017/09/26
- Re: [Qemu-devel] libvirt/QEMU/SEV interaction, Dr. David Alan Gilbert, 2017/09/27
- Re: [Qemu-devel] libvirt/QEMU/SEV interaction, Brijesh Singh, 2017/09/27
- Re: [Qemu-devel] libvirt/QEMU/SEV interaction, Michael S. Tsirkin, 2017/09/27
- Re: [Qemu-devel] libvirt/QEMU/SEV interaction, Richard Relph, 2017/09/27
- Re: [Qemu-devel] libvirt/QEMU/SEV interaction,
Michael S. Tsirkin <=
- Re: [Qemu-devel] libvirt/QEMU/SEV interaction, Richard Relph, 2017/09/29
- Re: [Qemu-devel] libvirt/QEMU/SEV interaction, Richard Relph, 2017/09/29
- Re: [Qemu-devel] libvirt/QEMU/SEV interaction, Michael S. Tsirkin, 2017/09/29
- Re: [Qemu-devel] libvirt/QEMU/SEV interaction, Michael S. Tsirkin, 2017/09/30
- Re: [Qemu-devel] libvirt/QEMU/SEV interaction, Michael S. Tsirkin, 2017/09/30
- Re: [Qemu-devel] libvirt/QEMU/SEV interaction, Michael S. Tsirkin, 2017/09/29
- Re: [Qemu-devel] libvirt/QEMU/SEV interaction, Laszlo Ersek, 2017/09/29
Re: [Qemu-devel] libvirt/QEMU/SEV interaction, Laszlo Ersek, 2017/09/29
Re: [Qemu-devel] libvirt/QEMU/SEV interaction, Brijesh Singh, 2017/09/30