Am 22.02.2021 um 16:39 hat Daniel P. Berrangé geschrieben:
> On Mon, Feb 22, 2021 at 12:40:07PM +0100, Kevin Wolf wrote:
> > Am 10.02.2021 um 19:01 hat Connor Kuehl geschrieben:
> > > Hello,
> > > 
> > > Does QEMU have an internal API which would allow VM construction to wait 
> > > at
> > > a *very specific point* until specific data/QMP message(s) are supplied 
> > > via
> > > the QMP socket?
> > > 
> > > For some additional context: QEMU supports launching AMD SEV-protected
> > > guests; in short: encrypted virtual machines. Guest owners may participate
> > > in attestation to cryptographically verify their assumptions about the
> > > guest's initial state, the host's platform, and the host platform owner's
> > > identity. If the guest owner is satisfied with the attestation process, a
> > > secret can be safely injected into the guest's address space over a secure
> > > channel.
> > > 
> > > Attestation is an unavoidably interactive process.
> > > 
> > > It appears that QEMU already exposes most of the API required to perform
> > > this attestation remotely with a guest owner over QMP, with only one
> > > exception: starting the attestation session. It looks like the session
> > > components (policy, session-file, and dh-cert-file) are supplied via 
> > > command
> > > line arguments to QEMU and don't have a message type in the QMP spec:
> > > 
> > >   -object 
> > > sev-guest,id=sev0,cbitpos=47,reduced-phys-bits=1,policy=0x1,session-file=blah.session,dh-cert-file=guest_owner.cert
> > > 
> > > I would like to add a message type to QMP which allows guest owners to
> > > supply this data over a socket and _not_ require these components a priori
> > > via command line arguments.
> > 
> > I don't think you need a new QMP command for this. If you would use
> > -object on the command line, you can use QMP object-add at runtime.
> 
> If the object were standalone that'd true, but 'sev-guest' object you
> create needs to be given to the '-machine' arg's 'memory-encryption'
> parameter. So there's a dependancy that means 'sev-guest' can only
> be used with -object in reality and not QMP object-add.

I see. But an additional QMP command can't change much about this
either.

Maybe the most realistic option today would be making some properties
optional initally so the object can be created and referenced in
-machine, and then you would use qom-set to provide the information
before you actually start using the object.

> This will eventually be solved when we make it possible to fully
> configure QEMU exclusively via QMP.

Yes, once -machine can actually be done via QMP, that would be solved.

Kevin


Reply via email to