[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v2 1/6] qapi/qom,target/i386: sev-guest: Introduce kernel-has
From: |
Markus Armbruster |
Subject: |
Re: [PATCH v2 1/6] qapi/qom,target/i386: sev-guest: Introduce kernel-hashes=on|off option |
Date: |
Mon, 08 Nov 2021 16:51:10 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) |
Dov Murik <dovmurik@linux.ibm.com> writes:
> Introduce new boolean 'kernel-hashes' option on the sev-guest object.
> It will be used to to decide whether to add the hashes of
> kernel/initrd/cmdline to SEV guest memory when booting with -kernel.
> The default value is 'off'.
>
> Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
> ---
> qapi/qom.json | 7 ++++++-
> target/i386/sev.c | 20 ++++++++++++++++++++
> qemu-options.hx | 6 +++++-
> 3 files changed, 31 insertions(+), 2 deletions(-)
>
> diff --git a/qapi/qom.json b/qapi/qom.json
> index ccd1167808..4fd5d1716b 100644
> --- a/qapi/qom.json
> +++ b/qapi/qom.json
> @@ -769,6 +769,10 @@
> # @reduced-phys-bits: number of bits in physical addresses that become
> # unavailable when SEV is enabled
> #
> +# @kernel-hashes: if true, add hashes of kernel/initrd/cmdline to a
> +# designated guest firmware page for measured boot
> +# with -kernel (default: false)
Missing: (since 7.0)
> +#
> # Since: 2.12
> ##
> { 'struct': 'SevGuestProperties',
> @@ -778,7 +782,8 @@
> '*policy': 'uint32',
> '*handle': 'uint32',
> '*cbitpos': 'uint32',
> - 'reduced-phys-bits': 'uint32' } }
> + 'reduced-phys-bits': 'uint32',
> + '*kernel-hashes': 'bool' } }
>
> ##
> # @ObjectType:
[...]
- [PATCH v2 0/6] SEV: add kernel-hashes=on for measured -kernel launch, Dov Murik, 2021/11/08
- [PATCH v2 4/6] target/i386/sev: Fail when invalid hashes table area detected, Dov Murik, 2021/11/08
- [PATCH v2 3/6] target/i386/sev: Rephrase error message when no hashes table in guest firmware, Dov Murik, 2021/11/08
- [PATCH v2 5/6] target/i386/sev: Perform padding calculations at compile-time, Dov Murik, 2021/11/08
- [PATCH v2 1/6] qapi/qom, target/i386: sev-guest: Introduce kernel-hashes=on|off option, Dov Murik, 2021/11/08
- Re: [PATCH v2 1/6] qapi/qom,target/i386: sev-guest: Introduce kernel-hashes=on|off option,
Markus Armbruster <=
- Re: [PATCH v2 1/6] qapi/qom,target/i386: sev-guest: Introduce kernel-hashes=on|off option, Daniel P . Berrangé, 2021/11/11
[PATCH v2 2/6] target/i386/sev: Add kernel hashes only if sev-guest.kernel-hashes=on, Dov Murik, 2021/11/08
[PATCH v2 6/6] target/i386/sev: Replace qemu_map_ram_ptr with address_space_map, Dov Murik, 2021/11/08
Re: [PATCH v2 0/6] SEV: add kernel-hashes=on for measured -kernel launch, Brijesh Singh, 2021/11/10
Re: [PATCH v2 0/6] SEV: add kernel-hashes=on for measured -kernel launch, Daniel P . Berrangé, 2021/11/11