Re: [PATCH 3/3] qemu: Implement the virDomainSetLaunchSecurityState API
On Fri, Dec 03, 2021 at 05:44:24PM -0700, Jim Fehlig wrote:
On 12/3/21 08:10, Daniel P. Berrangé wrote:
> On Tue, Nov 30, 2021 at 04:52:00PM -0700, Jim Fehlig wrote:
> > Set a launch secret in guest memory using the sev-inject-launch-secret
> > QMP API. Only supported for SEV-enabled guests.
> >
> > Signed-off-by: Jim Fehlig <jfehlig(a)suse.com>
> > ---
> > src/qemu/qemu_driver.c | 78 ++++++++++++++++++++++++++++++++++++
> > src/qemu/qemu_monitor.c | 12 ++++++
> > src/qemu/qemu_monitor.h | 6 +++
> > src/qemu/qemu_monitor_json.c | 34 ++++++++++++++++
> > src/qemu/qemu_monitor_json.h | 5 +++
> > 5 files changed, 135 insertions(+)
> >
> > diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
> > index 4e680bc0a7..b6ee41b29e 100644
> > --- a/src/qemu/qemu_driver.c
> > +++ b/src/qemu/qemu_driver.c
> > @@ -20056,6 +20056,83 @@ qemuDomainGetLaunchSecurityInfo(virDomainPtr domain,
> > return ret;
> > }
> > +
> > +static int
> > +qemuDomainSetLaunchSecurityState(virDomainPtr domain,
> > + virTypedParameterPtr params,
> > + int nparams,
> > + unsigned int flags)
> > +{
> > + virQEMUDriver *driver = domain->conn->privateData;
> > + virDomainObj *vm;
> > + int ret = -1;
> > + size_t i;
> > + g_autofree char *secrethdr = NULL;
> > + g_autofree char *secret = NULL;
> > + long long setaddr = -1;
>
> unsigned, but would need to defaut to 0 then i guess.
As Peter mentioned, 0 may be a valid injection address
https://listman.redhat.com/archives/libvir-list/2021-November/msg00463.html
The address in optional in the qemu API, in which case it is retrieved from
ovmf IIUC. I used a signed variable here to distinguish between user not
providing an address and providing one, including a valid value of 0.
In terms of the API / RPC we can already distinguish the two
scenarios.
- If there is a parameter for the address with a value of 0,
then it is an explicit address
- If there is no parameter set at all, then we rely no the
ovmf magic lookup.
All we're missing is a way to distinguish the two scenarios when inside
the QEMU driver. That's doable with just a 'bool hasSetaddr' parameter,
which defaults to false, and gets set to true, if-and-only-if the
VIR_DOMAIN_LAUNCH_SECURITY_SEV_SECRET_SET_ADDRESS param is present.
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|