On 8/19/21 4:22 AM, Dr. David Alan Gilbert wrote:
* Tobin Feldman-Fitzthum (to...@linux.ibm.com) wrote:
On 8/18/21 3:04 PM, Dr. David Alan Gilbert wrote:

Are you relying on the target firmware to be *identical* or purely for
it to be *compatible* ?  It's normal for a migration to be the result of
wanting to do an upgrade; and that means the destination build of OVMF
might be newer (or older, or ...).

Dave
This is a good point. The migration handler on the source and target must
have the same memory footprint or bad things will happen. Using the same
firmware on the source and target is an easy way to guarantee this. Since
the MH in OVMF is not a contiguous region of memory, but a group of
functions scattered around OVMF, it is a bit difficult to guarantee that the
memory footprint is the same if the build is different.
Can you explain what the 'memory footprint' consists of? Can't it just
be the whole of the OVMF rom space if you have no way of nudging the MH
into it's own chunk?

The footprint is not massive. It is mainly ConfidentialMigrationDxe and the OVMF crypto support. It might be feasible to copy these components to a fixed location that would be the same across fw builds. It might also be feasible to pin these components to certain addresses. OVMF sort of supports doing this. We can raise the question in that community.

It also might work to protect the entirety of OVMF as you suggest. Currently we don't copy any of the OVMF ROM (as in flash0) over. That said, the MH doesn't run from the ROM so we would need to protect the memory used by OVMF as well. In some ways it might seem easier to protect all of the OVMF memory rather than just a couple of packages, but there are some complexities. For one thing, we would only want to protect efi runtime memory, as boot memory may be in use by the OS and would need to be migrated. The MH could check whether each page is efi runtime memory and skip any pages that are. Runtime memory won't be a contiguous blob, however, so for this approach the layout of the runtime memory would need to be the same on the source and target.

We can sidestep these issues entirely by using identical firmware images. That said, there are a number of strategies for developing compatible OVMF images and I definitely see the value of doing so.

-Tobin


I think it really does have to cope with migration to a new version of
host.

Dave

-Tobin


We start the target like a normal VM rather than
waiting for an incoming migration. The plan is to treat the target like a
normal VM for attestation as well. The guest owner will attest the target VM
just like they would any other VM that is started on their behalf. Secret
injection can be used to establish a shared key for the source and target.

-Tobin

--Steve


Reply via email to