firmware selection for SEV-ES

From: Laszlo Ersek <lersek@redhat.com>
To: Brijesh Singh <brijesh.singh@amd.com>,
	Tom Lendacky <thomas.lendacky@amd.com>
Cc: "Michal Privoznik" <mprivozn@redhat.com>,
	"Pavel Hrdina" <phrdina@redhat.com>,
	"Daniel P. Berrangé" <berrange@redhat.com>,
	"Dr. David Alan Gilbert" <dgilbert@redhat.com>,
	"qemu devel list" <qemu-devel@nongnu.org>
Subject: firmware selection for SEV-ES
Date: Wed, 21 Apr 2021 11:54:24 +0200	[thread overview]
Message-ID: <6af8c5c7-6166-7f83-9ff0-4c24460577e2@redhat.com> (raw)

Hi Brijesh, Tom,

in QEMU's "docs/interop/firmware.json", the @FirmwareFeature enumeration
has a constant called @amd-sev. We should introduce an @amd-sev-es
constant as well, minimally for the following reason:

AMD document #56421 ("SEV-ES Guest-Hypervisor Communication Block
Standardization") revision 1.40 says in "4.6 System Management Mode
(SMM)" that "SMM will not be supported in this version of the
specification". This is reflected in OVMF, so an OVMF binary that's
supposed to run in a SEV-ES guest must be built without "-D
SMM_REQUIRE". (As a consequence, such a binary should be built also
without "-D SECURE_BOOT_ENABLE".)

At the level of "docs/interop/firmware.json", this means that management
applications should be enabled to look for the @amd-sev-es feature (and
it also means, for OS distributors, that any firmware descriptor
exposing @amd-sev-es will currently have to lack all three of:
@requires-smm, @secure-boot, @enrolled-keys).

I have three questions:

(1) According to
<https://libvirt.org/formatdomain.html#launch-security>, SEV-ES is
explicitly requested in the domain XML via setting bit#2 in the "policy"
element.

Can this setting be used by libvirt to look for such a firmware
descriptor that exposes @amd-sev-es?

(2) "docs/interop/firmware.json" documents @amd-sev as follows:

# @amd-sev: The firmware supports running under AMD Secure Encrypted
#           Virtualization, as specified in the AMD64 Architecture
#           Programmer's Manual. QEMU command line options related to
#           this feature are documented in
#           "docs/amd-memory-encryption.txt".

Documenting the new @amd-sev-es enum constant with very slight
customizations for the same text should be possible, I reckon. However,
"docs/amd-memory-encryption.txt" (nor
"docs/confidential-guest-support.txt") seem to mention SEV-ES.

Can you guys propose a patch for "docs/amd-memory-encryption.txt"?

I guess that would be next to this snippet:

> # ${QEMU} \
>    sev-guest,id=sev0,policy=0x1...\

(3) Is the "AMD64 Architecture Programmer's Manual" the specification
that we should reference under @amd-sev-es as well (i.e., same as with
@amd-sev), or is there a more specific document?

Thanks,
Laszlo