On Sat, Jun 11, 2022 at 12:46:26PM -0400, Cole Robinson wrote:
Internally we already collect x86 host family + model + stepping numeric values. This exposed them in capabilities CPU output. Example:
$ sudo virsh capabilities | grep -A1 -B1 signature <microcode version='240'/> <signature family='6' model='94' stepping='3'/> <counter name='tsc' frequency='3408010000' scaling='no'/>
Users need to know these values to calculate an expected. SEV-ES/SEV-SNP launch measurement.
More specifically, the VMSA register dumps contain a field that encodes the family+model+stepping. So given a generic machine portable VMSA blob, we need to be able to update it with the family+model+stepping of the specific host executing a VM to get a machine specific VMSA blob. This is then used in the launjch measurement validation. With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|