Re: [PATCH v3 12/21] conf: Add Intel TDX Quote Generation Service(QGS) support

Tuesday, 8 July 2025

On Mon, Jun 30, 2025 at 02:17:23PM +0800, Zhenzhong Duan wrote:
...
 Add element "quoteGenerationSocket" to tdx launch security
type.
 It contains only an optional unix socket address attribute,
 when omitted, libvirt will use default QGS server address
 "/var/run/tdx-qgs/qgs.socket".

 UNIX sockets offer the required functionality with greater
 security than vsock, so libvirt only provides support for unix
 socket.

 XML example:

   <launchSecurity type='tdx'>
     <policy>0x0</policy>
     <mrConfigId>xxx</mrConfigId>
     <mrOwner>xxx</mrOwner>
     <mrOwnerConfig>xxx</mrOwnerConfig>
     <quoteGenerationSocket path="/var/run/tdx-qgs/qgs.socket"/> 
Minor nitpick - lets call the element 'quoteGenerationService'
still.

With regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Re: [PATCH v3 12/21] conf: Add Intel TDX Quote Generation Service(QGS) support