Re: REST service for libvirt to simplify SEV(ES) launch measurement

2022-03-14 Thread James Bottomley
On Wed, 2022-03-09 at 16:42 +, Dr. David Alan Gilbert wrote: > * Tobin Feldman-Fitzthum (to...@linux.ibm.com) wrote: > > > > On 3/3/22 12:20 PM, Daniel P. Berrangé wrote: > > > On Fri, Feb 25, 2022 at 03:10:35PM -0500, Tobin Feldman-Fitzthum > > > wrote: > > > > > > > > On 2/24/22 7:26 AM,

Re: REST service for libvirt to simplify SEV(ES) launch measurement

2022-03-14 Thread Dr. David Alan Gilbert
* James Bottomley (j...@linux.ibm.com) wrote: > On Wed, 2022-03-09 at 16:42 +, Dr. David Alan Gilbert wrote: > > * Tobin Feldman-Fitzthum (to...@linux.ibm.com) wrote: > > > > > > On 3/3/22 12:20 PM, Daniel P. Berrangé wrote: > > > > On Fri, Feb 25, 2022 at 03:10:35PM -0500, Tobin

Re: REST service for libvirt to simplify SEV(ES) launch measurement

2022-03-09 Thread Dr. David Alan Gilbert
* Tobin Feldman-Fitzthum (to...@linux.ibm.com) wrote: > > > On 3/3/22 12:20 PM, Daniel P. Berrangé wrote: > > On Fri, Feb 25, 2022 at 03:10:35PM -0500, Tobin Feldman-Fitzthum wrote: > >> > >> > >> On 2/24/22 7:26 AM, Daniel P. Berrangé wrote: > >>> On Wed, Feb 23, 2022 at 03:33:22PM -0500, Tobin

Re: REST service for libvirt to simplify SEV(ES) launch measurement

2022-03-08 Thread Tobin Feldman-Fitzthum
On 3/3/22 12:40 PM, Daniel P. Berrangé wrote: > On Fri, Feb 25, 2022 at 04:11:27PM -0500, Tobin Feldman-Fitzthum wrote: >> Some comments on the example protocol stuff >> >> On 2/23/22 1:38 PM, Dov Murik wrote: >>> +cc Tobin, James >>> >>> On 23/02/2022 19:28, Daniel P. Berrangé wrote:

Re: REST service for libvirt to simplify SEV(ES) launch measurement

2022-03-08 Thread Tobin Feldman-Fitzthum
On 3/3/22 12:20 PM, Daniel P. Berrangé wrote: > On Fri, Feb 25, 2022 at 03:10:35PM -0500, Tobin Feldman-Fitzthum wrote: >> >> >> On 2/24/22 7:26 AM, Daniel P. Berrangé wrote: >>> On Wed, Feb 23, 2022 at 03:33:22PM -0500, Tobin Feldman-Fitzthum wrote: On 2/23/22 1:38 PM, Dov Murik

Re: REST service for libvirt to simplify SEV(ES) launch measurement

2022-03-03 Thread Daniel P . Berrangé
On Fri, Feb 25, 2022 at 04:11:27PM -0500, Tobin Feldman-Fitzthum wrote: > Some comments on the example protocol stuff > > On 2/23/22 1:38 PM, Dov Murik wrote: > > +cc Tobin, James > > > > On 23/02/2022 19:28, Daniel P. Berrangé wrote: > >> > >> > >> What could this look like from POV of an

Re: REST service for libvirt to simplify SEV(ES) launch measurement

2022-03-03 Thread Daniel P . Berrangé
On Fri, Feb 25, 2022 at 03:10:35PM -0500, Tobin Feldman-Fitzthum wrote: > > > On 2/24/22 7:26 AM, Daniel P. Berrangé wrote: > > On Wed, Feb 23, 2022 at 03:33:22PM -0500, Tobin Feldman-Fitzthum wrote: > >> > >> > >> On 2/23/22 1:38 PM, Dov Murik wrote: > >>> +cc Tobin, James > >>> > >>> On

Re: REST service for libvirt to simplify SEV(ES) launch measurement

2022-02-25 Thread Tobin Feldman-Fitzthum
Some comments on the example protocol stuff On 2/23/22 1:38 PM, Dov Murik wrote: > +cc Tobin, James > > On 23/02/2022 19:28, Daniel P. Berrangé wrote: >> >> >> What could this look like from POV of an attestation server API, if >> we assume HTTPS REST service with a simple JSON payload .>> >> >>

Re: REST service for libvirt to simplify SEV(ES) launch measurement

2022-02-25 Thread Tobin Feldman-Fitzthum
On 2/24/22 7:26 AM, Daniel P. Berrangé wrote: > On Wed, Feb 23, 2022 at 03:33:22PM -0500, Tobin Feldman-Fitzthum wrote: >> >> >> On 2/23/22 1:38 PM, Dov Murik wrote: >>> +cc Tobin, James >>> >>> On 23/02/2022 19:28, Daniel P. Berrangé wrote: Extending management apps using libvirt to

Re: REST service for libvirt to simplify SEV(ES) launch measurement

2022-02-24 Thread Tobin Feldman-Fitzthum
On 2/23/22 1:38 PM, Dov Murik wrote: > +cc Tobin, James > > On 23/02/2022 19:28, Daniel P. Berrangé wrote: >> Extending management apps using libvirt to support measured launch of >> QEMU guests with SEV/SEV-ES is unreasonably complicated today, both for >> the guest owner and for the cloud

Re: REST service for libvirt to simplify SEV(ES) launch measurement

2022-02-24 Thread Dov Murik
+cc Tobin, James On 23/02/2022 19:28, Daniel P. Berrangé wrote: > Extending management apps using libvirt to support measured launch of > QEMU guests with SEV/SEV-ES is unreasonably complicated today, both for > the guest owner and for the cloud management apps. We have APIs for > exposing info

Re: REST service for libvirt to simplify SEV(ES) launch measurement

2022-02-24 Thread Daniel P . Berrangé
On Wed, Feb 23, 2022 at 03:33:22PM -0500, Tobin Feldman-Fitzthum wrote: > > > On 2/23/22 1:38 PM, Dov Murik wrote: > > +cc Tobin, James > > > > On 23/02/2022 19:28, Daniel P. Berrangé wrote: > >> Extending management apps using libvirt to support measured launch of > >> QEMU guests with

REST service for libvirt to simplify SEV(ES) launch measurement

2022-02-23 Thread Daniel P . Berrangé
Extending management apps using libvirt to support measured launch of QEMU guests with SEV/SEV-ES is unreasonably complicated today, both for the guest owner and for the cloud management apps. We have APIs for exposing info about the SEV host, the SEV guest, guest measurements and secret