qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [RFC PATCH v1 09/22] sev: add SEV launch finish command

From: Eduardo Habkost
Subject: Re: [Qemu-devel] [RFC PATCH v1 09/22] sev: add SEV launch finish command
Date: Tue, 13 Sep 2016 19:15:28 -0300
User-agent: Mutt/1.7.0 (2016-08-17) 
On Tue, Sep 13, 2016 at 10:48:18AM -0400, Brijesh Singh wrote:
> The SEV LAUNCH_FINISH command is used for finalizing the guest launch
> process. The commad returned a measurement value that can be handed to
> the guest owner to validate the guest before vmrun.
> 
> For more information see [1], section 6.3
> 
> [1] http://support.amd.com/TechDocs/55766_SEV-KM%20API_Spec.pdf
> 
> The following KVM RFC patches defines and implements this command
> http://marc.info/?l=kvm&m=147190852423972&w=2
> http://marc.info/?l=kvm&m=147190856623987&w=2
> 
> Signed-off-by: Brijesh Singh <address@hidden>
[...]
> +int kvm_sev_guest_measurement(uint8_t *out)

I don't see any code calling this function yet. Do you have any
plans on how exactly this will be handed back to the guest owner?
A QMP command?

> +{
> +    SEVInfo *s = sev_info;
> +    struct kvm_sev_launch_finish *finish = s->launch_finish;
> +
> +    if (!s) {
> +        return 1;
> +    }
> +
> +    if (s->type == UNENCRYPTED_GUEST &&
> +            s->state == SEV_LAUNCH_FINISH) {
> +        memcpy(out, finish->measurement, 32);
> +    } else {
> +        return 1;

Probably it would be more appropriate to use Error** to report
errors in most of the code in this series.

> +    }
> +
> +    return 0;
> +}
> 

-- 
Eduardo
reply via email to
[Prev in Thread] Current Thread [Next in Thread]