[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] spapr: Add capability for Secure (PEF) VMs
|
From: |
Ram Pai |
|
Subject: |
Re: [PATCH] spapr: Add capability for Secure (PEF) VMs |
|
Date: |
Tue, 5 May 2020 15:41:55 -0700 |
|
User-agent: |
Mutt/1.5.21 (2010-09-15) |
resending my reply using my other emailid.
----- Original message -----
From: Greg Kurz <address@hidden>
To: "Dr. David Alan Gilbert" <address@hidden>
Cc: David Gibson <address@hidden>, address@hidden,
address@hidden, address@hidden, address@hidden, address@hidden
Subject: [EXTERNAL] Re: [PATCH] spapr: Add capability for Secure (PEF) VMs
Date: Tue, May 5, 2020 2:11 AM
On Tue, 5 May 2020 09:17:19 +0100
"Dr. David Alan Gilbert" <address@hidden> wrote:
>
>> * David Gibson (address@hidden) wrote:
>> > On Fri, May 01, 2020 at 04:02:49PM +1000, David Gibson wrote:
>> > > Recent POWER9 machines have a system called PEF (Protected
Execution
..snip....
>> > >
>> > > Signed-off-by: David Gibson <address@hidden>
>> >
>> > Hm, so. I'm reconsidering this. I'm thinking I should probably try
>> > to make this configuration more like what AMD SEV does, since this is
>> > a very similar functionality.
>>
>> Other than setting the 'we support PEF' flag, is there anything else
>> you're going to have to do - for example with SEV there's stuff to pass
>> a block of data and to do attestations and .... it's not just setting a
>> flag; but my understanding of PEF it's more driven from the guest.
>>
>
>Yeah, PEF is controlled by a small FW called ultravisor and driven by
>the guest. Here's a high level view:
>
>[1]https://santoshs.github.io/images/ultra.png
>
>QEMU doesn't interact directly with the ultravisor, but KVM HV does.
>It has a KVM_CAP_PPC_SECURE_GUEST capability which can be used by
>QEMU to authorize/forbid the VM to be secure. Also when the VM is
>reset, QEMU needs to invoke a KVM_PPC_SVM_OFF ioctl for housekeeping
>purposes.
Correct.
And to elaborate Dr David's point on the attestation piece --
In the case of PEF, unlike SEV, the attestation is driven
from within the VM on PEF systems. When the VM decides to switch from
normal VM to secureVM, the attestation
of the VM is triggered. Only on successful attestation, the VM is switched
to SecureVM mode.
Qemu/KVM has no active role to play in the attestation.
RP
>
> --
> Dr. David Alan Gilbert / address@hidden / Manchester, UK
>
- Re: [PATCH] spapr: Add capability for Secure (PEF) VMs, (continued)
- Re: [PATCH] spapr: Add capability for Secure (PEF) VMs, Alexey Kardashevskiy, 2020/05/03
- Re: [PATCH] spapr: Add capability for Secure (PEF) VMs, Cédric Le Goater, 2020/05/04
- Re: [PATCH] spapr: Add capability for Secure (PEF) VMs, Greg Kurz, 2020/05/04
- Re: [PATCH] spapr: Add capability for Secure (PEF) VMs, Fabiano Rosas, 2020/05/04
- Re: [PATCH] spapr: Add capability for Secure (PEF) VMs, David Gibson, 2020/05/05