[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] libvirt/QEMU/SEV interaction
From: |
Michael S. Tsirkin |
Subject: |
Re: [Qemu-devel] libvirt/QEMU/SEV interaction |
Date: |
Thu, 19 Oct 2017 04:35:35 +0300 |
On Wed, Oct 18, 2017 at 08:18:48PM +0100, Dr. David Alan Gilbert wrote:
> * Michael S. Tsirkin (address@hidden) wrote:
> > On Fri, Sep 08, 2017 at 10:48:10AM -0500, Brijesh Singh wrote:
> > > > > > 11. GO verifies the measurement and if measurement matches
> > > > > then it may
> > > > > > give a secret blob -- which must be injected into the guest
> > > > > before
> > > > > > libvirt starts the VM. If verification failed, GO will
> > > > > request cloud
> > > > > > provider to destroy the VM.
> >
> > I realised I'm missing something here: how does GO limit the
> > secret to the specific VM? For example, what prevents hypervisor
> > from launching two VMs with the same GO's DH, getting measurement
> > from 1st one but injecting the secret into the second one?
>
> Isn't that the 'trusted channel nonce currently associated with the
> guest' in the guest context?
>
> Dave
Let me try to clarify the question. I understand that sometimes a key
is shared between VMs. If this is allowed, it seems that a hypervisor
can run any number of VMs with the same key. An unauthorised VM
will not get a measurement that guest owner authorizes, but
can the hypervisor get secret intended for an authorized VM and
then inject it into an unauthorized one sharing the same key?
> > Thanks,
> >
> > --
> > MST
> >
> --
> Dr. David Alan Gilbert / address@hidden / Manchester, UK