qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [RFC PATCH v1 22/22] loader: reload bios image on ROM r


From: Brijesh Singh
Subject: Re: [Qemu-devel] [RFC PATCH v1 22/22] loader: reload bios image on ROM reset in SEV-enabled guest
Date: Wed, 14 Sep 2016 15:29:35 -0500
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0



On 09/13/2016 05:59 PM, Paolo Bonzini wrote:


On 13/09/2016 16:50, Brijesh Singh wrote:
In SEV-enabled mode we need to reload the BIOS image on loader reset, this
will ensure that BIOS image gets encrypted and included as part of launch
meausrement on guest reset.

Just to check if I understand correctly, the secure processor cannot
split the encryption and measuring, which is why you need to redo the
copy on every reset.


That is right, after LAUNCH_FINISH is called the secure processor cleanup the LAUNCH_START context so that hypervisor can not call LAUNCH_UPDATE to inject a new data into guest memory. After LAUNCH_FINISH only thing we can call is SEV_DEBUG_* or SEV_RECEIVE_* commands.

Does the guest have to check the measured data (e.g. with a hash) too,
to check that it hasn't been tampered with outside the secure
processor's control?  Of course this would result in garbage written to
the modified page, but that might be a valid attack vector.


Guest does not need to check the measurement.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]