|
From: | Brijesh Singh |
Subject: | Re: [Qemu-devel] [RFC PATCH v2 06/16] sev: add Secure Encrypted Virtulization (SEV) support |
Date: | Thu, 22 Sep 2016 16:12:04 -0500 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.3.0 |
Hi, On 09/22/2016 10:12 AM, Paolo Bonzini wrote:
to use encrypted guest launch # $QEMU \ -object sev-receive-info,id=launch0 \ -object sev-send-info,id=send0 \ -object sev-guest-info,id=sev0,launch=launch0,send=send0 \ .....References to other objects should be implemented as link properties (e.g. with type 'link<sev-guest-info>'). Then QOM takes care of filling in a QSEVGuestInfo* with the pointer to an object with the right id. There is some redundancy (e.g. "flags.ks" in launch/receive vs. "ks" in policy). Can you document the full model in docs/amd-memory-encryption.txt? It's not necessary to include the kernel API documentation.
The flags.ks means that hypervisor requested the key-sharing. The policy.ks means that key-sharing is allowed by guest owner. The values in sev-policy should be provided by the guest owner. The content of policy field is used during the measurement calculation. If hypervisor changes anything into policy field without guest owners permission then measurement value will not match.
I can think of one case where flag.ks may be used.e.g lets say guest policy allows key sharing and this is first SEV guest in the system then hypervisor will set flags.ks=0. In next guest launch it can set flags.ks=1 and use the SEV handle from previous guest.
I will add some more text to clarify it in doc and property description.
Paolo
[Prev in Thread] | Current Thread | [Next in Thread] |