From 273c40889966526233c77dd4803d0822146e22b0 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Daniel=20P=2E=20Berrang=C3=A9?= Date: Thu, 6 Oct 2022 14:34:46 +0100 Subject: [PATCH] tools: load CPU count and CPU SKU from libvirt MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit When validating a SEV-ES guest, we need to know the CPU count and VMSA state. We can get the CPU count directly from libvirt's guest info. The VMSA state can be constructed automatically if we query the CPU SKU from host capabilities XML. Neither of these is secure, however, so this behaviour is restricted. Reviewed-by: Cole Robinson Reviewed-by: Ján Tomko Signed-off-by: Daniel P. Berrangé --- docs/manpages/virt-qemu-sev-validate.rst | 4 ---- tools/virt-qemu-sev-validate | 26 ++++++++++++++++++++++++ 2 files changed, 26 insertions(+), 4 deletions(-) diff --git a/docs/manpages/virt-qemu-sev-validate.rst b/docs/manpages/virt-qemu-sev-validate.rst index 34ef328fe8..eef8a0281c 100644 --- a/docs/manpages/virt-qemu-sev-validate.rst +++ b/docs/manpages/virt-qemu-sev-validate.rst @@ -358,7 +358,6 @@ Validate the measurement of a SEV-ES SMP guest booting from disk: # virt-dom-sev-validate \ --insecure \ - --num-cpus 2 \ --vmsa-cpu0 vmsa0.bin \ --vmsa-cpu1 vmsa1.bin \ --tk this-guest-tk.bin \ @@ -371,9 +370,6 @@ automatically constructed VMSA: # virt-dom-sev-validate \ --insecure \ - --cpu-family 23 \ - --cpu-model 49 \ - --cpu-stepping 0 \ --tk this-guest-tk.bin \ --domain fedora34x86_64 diff --git a/tools/virt-qemu-sev-validate b/tools/virt-qemu-sev-validate index ef8fa6fa27..37f6f65bac 100755 --- a/tools/virt-qemu-sev-validate +++ b/tools/virt-qemu-sev-validate @@ -873,6 +873,14 @@ class LibvirtConfidentialVM(ConfidentialVM): if self.policy is None: self.policy = sevinfo["sev-policy"] + if self.is_sev_es() and self.num_cpus is None: + if secure: + raise InsecureUsageException( + "Using CPU count from guest is not secure") + + info = self.dom.info() + self.num_cpus = info[3] + if self.firmware is None: if remote: raise UnsupportedUsageException( @@ -918,6 +926,24 @@ class LibvirtConfidentialVM(ConfidentialVM): "Using cmdline string from XML is not secure") self.kernel_table.load_cmdline(cmdlinenodes[0].text) + capsxml = self.conn.getCapabilities() + capsdoc = etree.fromstring(capsxml) + + if self.is_sev_es() and self.vmsa_cpu0 is None: + if secure: + raise InsecureUsageException( + "Using CPU SKU from capabilities is not secure") + + sig = capsdoc.xpath("/capabilities/host/cpu/signature") + if len(sig) != 1: + raise UnsupportedUsageException( + "Libvirt is too old to report host CPU signature") + + cpu_family = int(sig[0].get("family")) + cpu_model = int(sig[0].get("model")) + cpu_stepping = int(sig[0].get("stepping")) + self.build_vmsas(cpu_family, cpu_model, cpu_stepping) + def parse_command_line(): parser = argparse.ArgumentParser( -- 2.39.5