[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SEV guest attestation
|
From: |
Dr. David Alan Gilbert |
|
Subject: |
Re: SEV guest attestation |
|
Date: |
Thu, 25 Nov 2021 16:08:48 +0000 |
|
User-agent: |
Mutt/2.1.3 (2021-09-10) |
* Daniel P. Berrangé (berrange@redhat.com) wrote:
> On Thu, Nov 25, 2021 at 03:40:36PM +0000, Dr. David Alan Gilbert wrote:
> > * Sergio Lopez (slp@redhat.com) wrote:
> > > On Thu, Nov 25, 2021 at 02:44:51PM +0200, Dov Murik wrote:
> > > >
> > > > SEV-ES has pre-launch measurement and secret injection, just like SEV
> > > > (except that the measurement includes the initial states of all vcpus,
> > > > that is, their VMSAs. BTW that means that in order to calculate the
> > > > measurement the Attestation Server must know exactly how many vcpus are
> > > > in the VM).
> > >
> > > You need the number of vCPUs and an idea of what their initial state
> > > is going to be, to be able to reproduce the same VMSA struct in the
> > > Attestation Server.
> > >
> > > This may tie the Attestation Server with a particular version of both
> > > QEMU and KVM. I haven't checked if configuration changes in QEMU may
> > > also have an impact on it.
> >
> > That's all OK; I'm expecting the attestation server to be given a whole
> > pile of information about the apparent environment to check.
>
> Generally though we try not to let a VM to tied to a specific
> version of software. eg use machine types to ensure that the
> guest can run on any QEMU version, and get the same environment.
> This lets host admin upgrade the host software for bug/security
> fixes without negatively impacting users. It'd be nice not to
> loose that feature with SEV if possible.
>
> IOW, if there are aspects of the vCPU initial state that might
> vary over time with different QEMU versions, should we be looking
> to tie that variance into the machine type version.
It's not tied to a particular version; but you may need to let the
attesting server know what version it's using so that it can check
everything adds up.
Dave
> For KVM changes, this might again come back to the idea fo a
> "host type version".
>
> Regards,
> Daniel
> --
> |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
> |: https://libvirt.org -o- https://fstop138.berrange.com :|
> |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
>
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
- Re: SEV guest attestation, (continued)
- Re: SEV guest attestation, Daniel P . Berrangé, 2021/11/24
- Re: SEV guest attestation, Dr. David Alan Gilbert, 2021/11/24
- Re: SEV guest attestation, Sergio Lopez, 2021/11/25
- Re: SEV guest attestation, Dr. David Alan Gilbert, 2021/11/25
- Re: SEV guest attestation, Daniel P . Berrangé, 2021/11/25
- Re: SEV guest attestation,
Dr. David Alan Gilbert <=
- Re: SEV guest attestation, Dov Murik, 2021/11/29
- Re: SEV guest attestation, Dr. David Alan Gilbert, 2021/11/25
- Re: SEV guest attestation, Daniel P . Berrangé, 2021/11/25
- Re: SEV guest attestation, Daniel P . Berrangé, 2021/11/25
- Re: SEV guest attestation, Dov Murik, 2021/11/25
- Re: SEV guest attestation, Dr. David Alan Gilbert, 2021/11/25
- Re: SEV guest attestation, Daniel P . Berrangé, 2021/11/25
- Re: SEV guest attestation, Dov Murik, 2021/11/25
- Re: SEV guest attestation, Daniel P . Berrangé, 2021/11/25
- Re: SEV guest attestation, Dr. David Alan Gilbert, 2021/11/25