On 05/02/21 10:51, Daniel P. Berrangé wrote:
+ if (!pc_system_ovmf_table_find(SEV_SECRET_GUID, &data, NULL)) { + error_setg(errp, "SEV: no secret area found in OVMF," + " gpa must be specified."); + return; + }IIUC, historically QEMU has gone out of its way to avoid creating a direct dependancy on specific firmware implementation details such as this, so this whole approach makes me feel really uneasy.
The problem here is that this secret must be measured and therefore cannot be extracted by the guest out of fw_cfg. Note that there's no reason why other firmware than OVMF could not adopt the same interface.
Paolo
