kvm.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: David Gibson <david@gibson.dropbear.id.au>
To: Cornelia Huck <cohuck@redhat.com>
Cc: brijesh.singh@amd.com, pair@us.ibm.com, dgilbert@redhat.com,
	pasic@linux.ibm.com, qemu-devel@nongnu.org,
	Richard Henderson <richard.henderson@linaro.org>,
	Marcelo Tosatti <mtosatti@redhat.com>,
	David Hildenbrand <david@redhat.com>,
	borntraeger@de.ibm.com,
	Marcel Apfelbaum <marcel.apfelbaum@gmail.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	mst@redhat.com, jun.nakajima@intel.com, thuth@redhat.com,
	pragyansri.pathi@intel.com, kvm@vger.kernel.org,
	Eduardo Habkost <ehabkost@redhat.com>,
	qemu-s390x@nongnu.org, qemu-ppc@nongnu.org,
	frankja@linux.ibm.com, Greg Kurz <groug@kaod.org>,
	mdroth@linux.vnet.ibm.com, berrange@redhat.com,
	andi.kleen@intel.com
Subject: Re: [PATCH v7 09/13] confidential guest support: Update documentation
Date: Fri, 29 Jan 2021 13:36:31 +1100	[thread overview]
Message-ID: <20210129023631.GI6951@yekko.fritz.box> (raw)
In-Reply-To: <20210115163646.2ecdc329.cohuck@redhat.com>

[-- Attachment #1: Type: text/plain, Size: 3983 bytes --]

On Fri, Jan 15, 2021 at 04:36:46PM +0100, Cornelia Huck wrote:
> On Thu, 14 Jan 2021 10:58:07 +1100
> David Gibson <david@gibson.dropbear.id.au> wrote:
> 
> > Now that we've implemented a generic machine option for configuring various
> > confidential guest support mechanisms:
> >   1. Update docs/amd-memory-encryption.txt to reference this rather than
> >      the earlier SEV specific option
> >   2. Add a docs/confidential-guest-support.txt to cover the generalities of
> >      the confidential guest support scheme
> > 
> > Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
> > ---
> >  docs/amd-memory-encryption.txt      |  2 +-
> >  docs/confidential-guest-support.txt | 43 +++++++++++++++++++++++++++++
> >  2 files changed, 44 insertions(+), 1 deletion(-)
> >  create mode 100644 docs/confidential-guest-support.txt
> > 
> > diff --git a/docs/amd-memory-encryption.txt b/docs/amd-memory-encryption.txt
> > index 80b8eb00e9..145896aec7 100644
> > --- a/docs/amd-memory-encryption.txt
> > +++ b/docs/amd-memory-encryption.txt
> > @@ -73,7 +73,7 @@ complete flow chart.
> >  To launch a SEV guest
> >  
> >  # ${QEMU} \
> > -    -machine ...,memory-encryption=sev0 \
> > +    -machine ...,confidential-guest-support=sev0 \
> >      -object sev-guest,id=sev0,cbitpos=47,reduced-phys-bits=1
> >  
> >  Debugging
> > diff --git a/docs/confidential-guest-support.txt b/docs/confidential-guest-support.txt
> > new file mode 100644
> > index 0000000000..2790425b38
> > --- /dev/null
> > +++ b/docs/confidential-guest-support.txt
> 
> Maybe make this a proper .rst from the start and hook this up into the
> system guide? It is already almost there.

Hrm.  I considered it, but didn't really want to spend the time
integrating it into the overall structure of the system guide.  I kind
of want to get this dang thing wrapped up.

> 
> > @@ -0,0 +1,43 @@
> > +Confidential Guest Support
> > +==========================
> > +
> > +Traditionally, hypervisors such as qemu have complete access to a
> 
> s/qemu/QEMU/ ?

Fixed.

> 
> > +guest's memory and other state, meaning that a compromised hypervisor
> > +can compromise any of its guests.  A number of platforms have added
> > +mechanisms in hardware and/or firmware which give guests at least some
> > +protection from a compromised hypervisor.  This is obviously
> > +especially desirable for public cloud environments.
> > +
> > +These mechanisms have different names and different modes of
> > +operation, but are often referred to as Secure Guests or Confidential
> > +Guests.  We use the term "Confidential Guest Support" to distinguish
> > +this from other aspects of guest security (such as security against
> > +attacks from other guests, or from network sources).
> > +
> > +Running a Confidential Guest
> > +----------------------------
> > +
> > +To run a confidential guest you need to add two command line parameters:
> > +
> > +1. Use "-object" to create a "confidential guest support" object.  The
> > +   type and parameters will vary with the specific mechanism to be
> > +   used
> > +2. Set the "confidential-guest-support" machine parameter to the ID of
> > +   the object from (1).
> > +
> > +Example (for AMD SEV)::
> > +
> > +    qemu-system-x86_64 \
> > +        <other parameters> \
> > +        -machine ...,confidential-guest-support=sev0 \
> > +        -object sev-guest,id=sev0,cbitpos=47,reduced-phys-bits=1
> > +
> > +Supported mechanisms
> > +--------------------
> > +
> > +Currently supported confidential guest mechanisms are:
> > +
> > +AMD Secure Encrypted Virtualization (SEV)
> > +    docs/amd-memory-encryption.txt
> > +
> > +Other mechanisms may be supported in future.
> 
> LGTM.
> 

-- 
David Gibson			| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you.  NOT _the_ _other_
				| _way_ _around_!
http://www.ozlabs.org/~dgibson

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

  reply	other threads:[~2021-01-29  5:09 UTC|newest]

Thread overview: 45+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-01-13 23:57 [PATCH v7 00/13] Generalize memory encryption models David Gibson
2021-01-13 23:57 ` [PATCH v7 01/13] qom: Allow optional sugar props David Gibson
2021-01-13 23:58 ` [PATCH v7 02/13] confidential guest support: Introduce new confidential guest support class David Gibson
2021-01-14  9:34   ` Daniel P. Berrangé
2021-01-14 10:42     ` David Gibson
2021-01-18 18:51   ` Dr. David Alan Gilbert
2021-01-21  1:06     ` David Gibson
2021-01-21  9:08       ` Dr. David Alan Gilbert
2021-01-29  2:32         ` David Gibson
2021-01-13 23:58 ` [PATCH v7 03/13] sev: Remove false abstraction of flash encryption David Gibson
2021-01-15 12:54   ` Cornelia Huck
2021-01-18  2:59     ` David Gibson
2021-01-13 23:58 ` [PATCH v7 04/13] confidential guest support: Move side effect out of machine_set_memory_encryption() David Gibson
2021-01-15 12:56   ` Cornelia Huck
2021-01-13 23:58 ` [PATCH v7 05/13] confidential guest support: Rework the "memory-encryption" property David Gibson
2021-01-15 13:06   ` Cornelia Huck
2021-01-13 23:58 ` [PATCH v7 06/13] sev: Add Error ** to sev_kvm_init() David Gibson
2021-01-13 23:58 ` [PATCH v7 07/13] confidential guest support: Introduce cgs "ready" flag David Gibson
2021-01-14  8:55   ` Greg Kurz
2021-01-15 13:12   ` Cornelia Huck
2021-01-18 19:47   ` Dr. David Alan Gilbert
2021-01-19  8:16     ` Cornelia Huck
2021-02-02  1:41       ` David Gibson
2021-01-13 23:58 ` [PATCH v7 08/13] confidential guest support: Move SEV initialization into arch specific code David Gibson
2021-01-15 13:24   ` Cornelia Huck
2021-01-18  3:03     ` David Gibson
2021-01-18  8:03       ` Cornelia Huck
2021-01-29  3:12         ` David Gibson
2021-01-13 23:58 ` [PATCH v7 09/13] confidential guest support: Update documentation David Gibson
2021-01-14 10:07   ` Greg Kurz
2021-01-15 15:36   ` Cornelia Huck
2021-01-29  2:36     ` David Gibson [this message]
2021-01-13 23:58 ` [PATCH v7 10/13] spapr: Add PEF based confidential guest support David Gibson
2021-01-15 15:41   ` Cornelia Huck
2021-01-29  2:43     ` David Gibson
2021-01-13 23:58 ` [PATCH v7 11/13] spapr: PEF: prevent migration David Gibson
2021-01-13 23:58 ` [PATCH v7 12/13] confidential guest support: Alter virtio default properties for protected guests David Gibson
2021-01-13 23:58 ` [PATCH v7 13/13] s390: Recognize confidential-guest-support option David Gibson
2021-01-14  9:10   ` Christian Borntraeger
2021-01-14  9:19     ` Christian Borntraeger
2021-01-14  9:24       ` Christian Borntraeger
2021-01-15  0:13         ` David Gibson
2021-01-14 11:45     ` David Gibson
2021-01-15 16:36   ` Cornelia Huck
2021-01-18 17:06     ` Christian Borntraeger

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210129023631.GI6951@yekko.fritz.box \
    --to=david@gibson.dropbear.id.au \
    --cc=andi.kleen@intel.com \
    --cc=berrange@redhat.com \
    --cc=borntraeger@de.ibm.com \
    --cc=brijesh.singh@amd.com \
    --cc=cohuck@redhat.com \
    --cc=david@redhat.com \
    --cc=dgilbert@redhat.com \
    --cc=ehabkost@redhat.com \
    --cc=frankja@linux.ibm.com \
    --cc=groug@kaod.org \
    --cc=jun.nakajima@intel.com \
    --cc=kvm@vger.kernel.org \
    --cc=marcel.apfelbaum@gmail.com \
    --cc=mdroth@linux.vnet.ibm.com \
    --cc=mst@redhat.com \
    --cc=mtosatti@redhat.com \
    --cc=pair@us.ibm.com \
    --cc=pasic@linux.ibm.com \
    --cc=pbonzini@redhat.com \
    --cc=pragyansri.pathi@intel.com \
    --cc=qemu-devel@nongnu.org \
    --cc=qemu-ppc@nongnu.org \
    --cc=qemu-s390x@nongnu.org \
    --cc=richard.henderson@linaro.org \
    --cc=thuth@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).