On Thu, Apr 21, 2022 at 12:35:27PM -0400, Tyler Fanelli wrote:
> On 4/20/22 5:45 AM, Daniel P. Berrangé wrote:
> > > > But as is it's not clear what this buys us over the launch measurement
> > > > we already report with virDomainGetLaunchSecurityInfo
> > > >
> > > >
> > > > If we figure out
On 4/20/22 5:45 AM, Daniel P. Berrangé wrote:
On Thu, Apr 14, 2022 at 02:46:38PM -0400, Tyler Fanelli wrote:
On 4/11/22 10:57 AM, Cole Robinson wrote:
Maybe the extra key signing is a security fix or something. I haven't
figured it out.
Signing with the PEK also allows a user to verify the
On Thu, Apr 14, 2022 at 02:46:38PM -0400, Tyler Fanelli wrote:
> On 4/11/22 10:57 AM, Cole Robinson wrote:
> > On 3/23/22 3:36 PM, Tyler Fanelli wrote:
> > > This an RFC discussing a new API, virDomainGetSevAttestationReport (along
> > > with a
> > > virsh command "domgetsevreport"), with initial
On 4/14/22 2:46 PM, Tyler Fanelli wrote:
> On 4/11/22 10:57 AM, Cole Robinson wrote:
>> On 3/23/22 3:36 PM, Tyler Fanelli wrote:
>>> This an RFC discussing a new API, virDomainGetSevAttestationReport
>>> (along with a
>>> virsh command "domgetsevreport"), with initial QEMU support via the
>>>
On 4/11/22 10:57 AM, Cole Robinson wrote:
On 3/23/22 3:36 PM, Tyler Fanelli wrote:
This an RFC discussing a new API, virDomainGetSevAttestationReport (along with a
virsh command "domgetsevreport"), with initial QEMU support via the
"query-sev-attestation-report" QAPI mechanism.
On 3/23/22 3:36 PM, Tyler Fanelli wrote:
> This an RFC discussing a new API, virDomainGetSevAttestationReport (along
> with a
> virsh command "domgetsevreport"), with initial QEMU support via the
> "query-sev-attestation-report" QAPI mechanism. "query-sev-attestation-report"
> is
> supplied a
Just a quick ping so this patchset doesn't get lost in the list -- may I
receive a review on this?
On 3/23/22 3:36 PM, Tyler Fanelli wrote:
This an RFC discussing a new API, virDomainGetSevAttestationReport (along with a
virsh command "domgetsevreport"), with initial QEMU support via the
This an RFC discussing a new API, virDomainGetSevAttestationReport (along with a
virsh command "domgetsevreport"), with initial QEMU support via the
"query-sev-attestation-report" QAPI mechanism. "query-sev-attestation-report" is
supplied a base64-encoded 16 byte "mnonce" string as input, with a