Re: [RFC PATCH v2 31/44] target/i386/tdx: Allows mrconfigid/mrowner/mrow

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RFC PATCH v2 31/44] target/i386/tdx: Allows mrconfigid/mrowner/mrow

From:	Eric Blake
Subject:	Re: [RFC PATCH v2 31/44] target/i386/tdx: Allows mrconfigid/mrowner/mrownerconfig for TDX_INIT_VM
Date:	Thu, 26 Aug 2021 10:13:58 -0500
User-agent:	NeoMutt/20210205-739-420e15

On Wed, Jul 07, 2021 at 05:55:01PM -0700, isaku.yamahata@gmail.com wrote:
> From: Isaku Yamahata <isaku.yamahata@intel.com>
> 
> When creating VM with TDX_INIT_VM, three sha384 hash values are accepted
> for TDX attestation.
> So far they were hard coded as 0. Now allow user to specify those values
> via property mrconfigid, mrowner and mrownerconfig.
> string for those property are hex string of 48 * 2 length.
> 
> example
> -device tdx-guest, \
>   
> mrconfigid=0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef,
>  \
>   
> mrowner=fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210,
>  \
>   
> mrownerconfig=0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
> 
> Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
> ---
>  qapi/qom.json         | 11 ++++++++++-
>  target/i386/kvm/tdx.c | 17 +++++++++++++++++
>  target/i386/kvm/tdx.h |  3 +++
>  3 files changed, 30 insertions(+), 1 deletion(-)
> 
> diff --git a/qapi/qom.json b/qapi/qom.json
> index 70c70e3efe..8f8b7828b3 100644
> --- a/qapi/qom.json
> +++ b/qapi/qom.json
> @@ -767,10 +767,19 @@
>  #
>  # @debug: enable debug mode (default: off)
>  #
> +# @mrconfigid: MRCONFIGID SHA384 hex string of 48 * 2 length (default: 0)
> +#
> +# @mrowner: MROWNER SHA384 hex string of 48 * 2 length (default: 0)
> +#
> +# @mrownerconfig: MROWNERCONFIG SHA384 hex string of 48 * 2 length (default: 
> 0)
> +#
>  # Since: 6.0

As these are additions in a later release, they'll need a '(since 6.2)' tag.

>  ##
>  { 'struct': 'TdxGuestProperties',
> -  'data': { '*debug': 'bool' } }
> +  'data': { '*debug': 'bool',
> +            '*mrconfigid': 'str',
> +            '*mrowner': 'str',
> +            '*mrownerconfig': 'str' } }

Do we really want hex-encoded strings?  Elsewhere in QMP, we've
favored the more compact base64 encoding; if you have a strong
argument why hex representation is worth the break in consistency,
it's worth calling out in the commit message.

-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [RFC PATCH v2 31/44] target/i386/tdx: Allows mrconfigid/mrowner/mrownerconfig for TDX_INIT_VM, Eric Blake <=

Prev by Date: Re: [RFC PATCH v2 10/44] hw/i386: Initialize TDX via KVM ioctl() when kvm_type is TDX
Next by Date: Re: [PATCH] monitor/qmp: fix race with clients disconnecting early
Previous by thread: [PATCH v3 0/2] target/ppc: Fix vector registers access in gdbstub for little-endian
Next by thread: [RFC PATCH 0/2] riscv: Adding custom CSR related Kconfig options
Index(es):
- Date
- Thread