From nobody Mon Feb  9 09:09:13 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 170.10.129.124 as permitted sender) client-ip=170.10.129.124;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=fail(p=quarantine dis=quarantine)  header.from=suse.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com
	with SMTPS id 1640057174662258.8136724737449;
 Mon, 20 Dec 2021 19:26:14 -0800 (PST)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-441-fOzpSPtHOempQTEPJ5z6Pw-1; Mon, 20 Dec 2021 22:26:08 -0500
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
 [10.5.11.15])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 2F33918460F0;
	Tue, 21 Dec 2021 03:26:03 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 0A08472434;
	Tue, 21 Dec 2021 03:26:03 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id CAC214A7CA;
	Tue, 21 Dec 2021 03:26:02 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com
	[10.11.54.10])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id 1BL3Nkgk024240 for <libvir-list@listman.util.phx.redhat.com>;
	Mon, 20 Dec 2021 22:23:46 -0500
Received: by smtp.corp.redhat.com (Postfix)
	id 2B1EE401411; Tue, 21 Dec 2021 03:23:46 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
	(mimecast03.extmail.prod.ext.rdu2.redhat.com [10.11.55.19])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 26336401E22
	for <libvir-list@redhat.com>; Tue, 21 Dec 2021 03:23:46 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [207.211.31.81])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 085F4811E76
	for <libvir-list@redhat.com>; Tue, 21 Dec 2021 03:23:46 +0000 (UTC)
Received: from de-smtp-delivery-102.mimecast.com
	(de-smtp-delivery-102.mimecast.com [194.104.111.102]) by
	relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2,
	cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
	us-mta-211-zSurGj5KPlyhYWOf6pmE7w-1; Mon, 20 Dec 2021 22:23:44 -0500
Received: from EUR01-HE1-obe.outbound.protection.outlook.com
	(mail-he1eur01lp2051.outbound.protection.outlook.com [104.47.0.51]) by
	relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2,
	cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
	de-mta-30-K3BJXJCGMrGCr9pytV2vCw-2; Tue, 21 Dec 2021 04:23:41 +0100
Received: from AM0PR04MB4899.eurprd04.prod.outlook.com (2603:10a6:208:c5::16)
	by AM9PR04MB7490.eurprd04.prod.outlook.com (2603:10a6:20b:2d9::21)
	with Microsoft SMTP Server (version=TLS1_2,
	cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4801.14;
	Tue, 21 Dec 2021 03:23:41 +0000
Received: from AM0PR04MB4899.eurprd04.prod.outlook.com
	([fe80::2491:2b2f:154a:acf3]) by
	AM0PR04MB4899.eurprd04.prod.outlook.com
	([fe80::2491:2b2f:154a:acf3%6]) with mapi id 15.20.4801.020;
	Tue, 21 Dec 2021 03:23:40 +0000
X-MC-Unique: fOzpSPtHOempQTEPJ5z6Pw-1
X-MC-Unique: zSurGj5KPlyhYWOf6pmE7w-1
X-MC-Unique: K3BJXJCGMrGCr9pytV2vCw-2
From: Jim Fehlig <jfehlig@suse.com>
To: libvir-list@redhat.com
Subject: [PATCH V4 5/6] tools: Add domsetlaunchsecstate virsh command
Date: Mon, 20 Dec 2021 20:23:19 -0700
Message-ID: <20211221032320.3601-6-jfehlig@suse.com>
In-Reply-To: <20211221032320.3601-1-jfehlig@suse.com>
References: <20211221032320.3601-1-jfehlig@suse.com>
X-ClientProxiedBy: AM5PR0502CA0005.eurprd05.prod.outlook.com
	(2603:10a6:203:91::15) To AM0PR04MB4899.eurprd04.prod.outlook.com
	(2603:10a6:208:c5::16)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 68836e60-2d91-43c9-a55c-08d9c43148f6
X-MS-TrafficTypeDiagnostic: AM9PR04MB7490:EE_
X-Microsoft-Antispam-PRVS: 
 <AM9PR04MB7490792680C0F81312176127C67C9@AM9PR04MB7490.eurprd04.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:7691
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0
X-Microsoft-Antispam-Message-Info: 
 lqGbSNAk/jYb33P1RyT9IWekdoXc1twPyasgs9+KXQG6KzzN3Qjbq1V0dCPcIOijZ4BbPMnGwcP3IskYPA3A7y4gM5jwdqLrVBn2Ft5AtGzWN2KBcq3nF8YdbKE7V66c1l29fyG3kGxnGvCMUmWkzhZZb4j9jB5QW1bvqhmXTkl4eCZSToY5zq3FvgM+Q+ETWpxENETdFcAqcmrXTJONZqWhks3NrY4rLZKV0QIeLEusnGMTamI9TtCq9ilJaFTILS/dXnZgMB7dObg7pQoyhjqGdFspS26At/835nX9WKQqR1VpiokoLAGqcP39j+5B3RUqh/4oFFiujASAJeUwIe6c74W210nrY7Vu4qJa/b51WEltrP4ZfmPk/o9X+9IZ3ljBl4D8FnlXgIUO0cQTWfoR5SWQGhDmKQRZLZMEwndX9aSmcQUUdWswmDQXJ91/9j3fbnR8pS72KdwDmosKf9bm1SSalkcukv6WNZJnVm3g/ATg9Rhcag1m0C+2UId9RCY3l9XQKo7zvQ/8F9yqOe235FT+LZnSGUzK6cUfJbwMDCr5xdSvSKNKtzFlNBANwMMES9bbQ+QzGd/Nbbib7jVcsR+/Hx9GLUUFy45mPy1oIZhzWQewvz3iJj1rGkDQR3/BH6l6CeZbYoIqWq+7EQ==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:;
	IPV:NLI; SFV:NSPM; H:AM0PR04MB4899.eurprd04.prod.outlook.com;
	PTR:; CAT:NONE;
	SFS:(366004)(6666004)(6486002)(450100002)(66946007)(26005)(66556008)(186003)(66476007)(316002)(4326008)(86362001)(8676002)(2616005)(83380400001)(8936002)(6512007)(1076003)(5660300002)(6506007)(508600001)(6916009)(2906002)(36756003)(38100700002);
	DIR:OUT; SFP:1101
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 
 =?us-ascii?Q?POTp/GYMlK+D/BHvN14lXreCQylgbw+ktVCd2VSXO1FS3A1dNtnje9LCmK0N?=
	=?us-ascii?Q?bLgMcTHAZErNDhWbYPoC0qwsvZ8cBF3x38dHYNdF5IcyuUIAF5360/1DUOyk?=
	=?us-ascii?Q?eRiOEUihpgXrpXZrmfyay2mCRMDfqBYx4UbY3gFJODCGl/ReAXQi7m3AVxoG?=
	=?us-ascii?Q?GksHko5frNMrh7LZccHOfrNrpFdhADVVGOYuW0KqPeUCz6OHbiFyo29s0XGn?=
	=?us-ascii?Q?aTVsQPd6riPS5kh6prsAy9PGXLPFTjRDIO/+GX48ng5K7f0FB3B0XwCbcO74?=
	=?us-ascii?Q?km671xzrgDlxx3TiPeG+gJLS4hND5keCjeQ7iKEddMZ/Yvqry+BMoFbj+4rF?=
	=?us-ascii?Q?yLmI9NOfTxlcSoxweh/CIkagCZUwFFBLXxqh/tLw6gb2dOxmYJxN6Opn186f?=
	=?us-ascii?Q?KQj1abCBITQo7stzMe+mNlkPts59TcXuOzVVtb6sC7EBFCpMroMJaGYDvQFL?=
	=?us-ascii?Q?XM5USDGH0d2xgo/AeYSOnHP0ztXd5adbW6DK/XIs2dCWLVB8fBuT2IEJf7IG?=
	=?us-ascii?Q?8yTDLUL/tg6DA7wef4DhoGtuqHO5ZOXa2CLtbJjyAiD1T2rbu7vriUao2t3y?=
	=?us-ascii?Q?bdmIZG5oMBbS00oUoT2WQH89CcwmzSlTkdl14nOpk4UkKO3jYrbwst/tnE2r?=
	=?us-ascii?Q?zBXabwStcv3Yk8tzn5rJFo6XvDnslLCYK+t13bVyRaNuJl0xQpuNem6Wa8vE?=
	=?us-ascii?Q?8wTybKA/55I2MLRuOVjTvxNho9IxyQfDsIKrckYcsIXdUxl+0Yb0Pr/l+s7L?=
	=?us-ascii?Q?T3+4XgysGRjqJ1IP3SHssjuPabc+DH+uwANTus9WQuvZ/WACmhWflafd5myP?=
	=?us-ascii?Q?bSLqlJewjyhZPtrovklHxMxaR5dBV0Kxu/39A32tmRBF37Chngz6y93ayQC8?=
	=?us-ascii?Q?8jy6zIFmVnRfe04XL+UVdahrtRP6nVV7YQgmrINfEe0RU576V/v7kn9DAi5z?=
	=?us-ascii?Q?8y0gSyN7WvWIOzEXdXcxP6Xf5q+9anm6a5vUinWzOibUkLeU9CRjUfK8HEYQ?=
	=?us-ascii?Q?WNhjzeZS70Ysf0fBH0giADWa4iau7i/xtez8e2M6MYRYo5dyijMNBxUJQi9d?=
	=?us-ascii?Q?DmyqP+0uTGJXMCaC6MFpEgcQ8WEvTyi6JRb7XzfWghSzTOZft+sZnX8PXrsC?=
	=?us-ascii?Q?2v7JzcxD+eTfEFvcJgL5kEcYkgV/+mCUatwEloGB/psP2FuaH57K8KCxK9wO?=
	=?us-ascii?Q?YA5CudI2oCQMOSYShK3xr4NnptGXAgor+81kGt1fE05egsK524EI9buMx04c?=
	=?us-ascii?Q?mWkklmq3zGwKGquDy4radxXJq0OS5exDLiabcJ5P72oj0rHIfN8QicaaCNaI?=
	=?us-ascii?Q?JRZiL1VvpbpmPFD7vjzUYP20dh8GwxeOFIf8NfYVcBuEwGJeevnPGEcIzn5e?=
	=?us-ascii?Q?LIn1zTj98uJ0CyNlnXwJZoaJBWuC6yDPB/1iaXosyyTH06z7JCi9nxt0wwyc?=
	=?us-ascii?Q?verKev1R9E2ndtVHfLwuocwDEkgoZalgNEhhwhnOgAJaC9iwT7f58Dle2kNv?=
	=?us-ascii?Q?yS0Bfd8SUTTsnWoJxtsN+Jp+h4pBYj2iRdNP0mCxERn6SrJLIWqoiU+qKhGj?=
	=?us-ascii?Q?GOIShj1AZPBmtDldqkJglqBQjYPGT416tuqHms1KZhXUgfAS7eRVHq/n/VH6?=
	=?us-ascii?Q?+ae7DARN7bOig0uh+i2O4tY=3D?=
X-OriginatorOrg: suse.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 68836e60-2d91-43c9-a55c-08d9c43148f6
X-MS-Exchange-CrossTenant-AuthSource: AM0PR04MB4899.eurprd04.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Dec 2021 03:23:40.8857 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: f7a17af6-1c5c-4a36-aa8b-f5be247aa4ba
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 3CrDOeL9gvG12ACq9Nyd94kFTQEmrScH2PWkzVI0VnIX5STJ6KcjvPGnyzGZpulMhfOqOcbWAr3Ok17dxEjLZA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9PR04MB7490
X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection
	Definition; Similar Internal Domain=false;
	Similar Monitored External Domain=false;
	Custom External Domain=false; Mimecast External Domain=false;
	Newly Observed Domain=false; Internal User Name=false;
	Custom Display Name List=false; Reply-to Address Mismatch=false;
	Targeted Threat Dictionary=false;
	Mimecast Threat Dictionary=false; Custom Threat Dictionary=false
X-Scanned-By: MIMEDefang 2.85 on 10.11.54.10
X-MIME-Autoconverted: from quoted-printable to 8bit by
	lists01.pubmisc.prod.ext.phx2.redhat.com id 1BL3Nkgk024240
X-loop: libvir-list@redhat.com
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://listman.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://listman.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://listman.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-ZM-MESSAGEID: 1640057176123100001

After attesting a domain with the help of domlaunchsecinfo,
domsetlaunchsecstate can be used to set a secret in the guest
domain's memory prior to running the vcpus.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 docs/manpages/virsh.rst |  25 ++++++++++
 tools/virsh-domain.c    | 107 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 132 insertions(+)

diff --git a/docs/manpages/virsh.rst b/docs/manpages/virsh.rst
index 9decdee925..dd534c10cb 100644
--- a/docs/manpages/virsh.rst
+++ b/docs/manpages/virsh.rst
@@ -2088,6 +2088,31 @@ launch security protection is active. If none is act=
ive, no parameters
 will be reported.
=20
=20
+domsetlaunchsecstate
+--------------------
+
+**Syntax:**
+
+::
+
+   domsetlaunchsecstate domain --secrethdr hdr-filename
+       --secret secret-filename [--set-address address]
+
+Set a launch security secret in the guest's memory. The guest must have a
+launchSecurity type enabled in its configuration and be in a paused state.
+On success, the guest can be transitioned to a running state. On failure,
+the guest should be destroyed.
+
+*--secrethdr* specifies a filename containing the base64-encoded secret he=
ader.
+The header includes artifacts needed by the hypervisor firmware to recover=
 the
+plain text of the launch secret. *--secret* specifies the filename contain=
ing
+the base64-encoded encrypted launch secret.
+
+The *--set-address* option can be used to specify a physical address within
+the guest's memory to set the secret. If not specified, the address will be
+determined by the hypervisor.
+
+
 dommemstat
 ----------
=20
diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c
index f086c2dd4b..b56f6a90f5 100644
--- a/tools/virsh-domain.c
+++ b/tools/virsh-domain.c
@@ -9571,6 +9571,107 @@ cmdDomLaunchSecInfo(vshControl * ctl, const vshCmd =
* cmd)
     return ret;
 }
=20
+/*
+ * "domsetlaunchsecstate" command
+ */
+static const vshCmdInfo info_domsetlaunchsecstate[] =3D {
+    {.name =3D "help",
+     .data =3D N_("Set domain launch security state")
+    },
+    {.name =3D "desc",
+     .data =3D N_("Set a secret in the guest domain's memory")
+    },
+    {.name =3D NULL}
+};
+
+static const vshCmdOptDef opts_domsetlaunchsecstate[] =3D {
+    VIRSH_COMMON_OPT_DOMAIN_FULL(0),
+    {.name =3D "secrethdr",
+     .type =3D VSH_OT_STRING,
+     .flags =3D VSH_OFLAG_REQ_OPT,
+     .help =3D N_("path to file containing the secret header"),
+    },
+    {.name =3D "secret",
+     .type =3D VSH_OT_STRING,
+     .flags =3D VSH_OFLAG_REQ_OPT,
+     .help =3D N_("path to file containing the secret"),
+    },
+    {.name =3D "set-address",
+     .type =3D VSH_OT_INT,
+     .help =3D N_("physical address within the guest domain's memory to se=
t the secret"),
+    },
+    {.name =3D NULL}
+};
+
+static bool
+cmdDomSetLaunchSecState(vshControl * ctl, const vshCmd * cmd)
+{
+    g_autoptr(virshDomain) dom =3D NULL;
+    const char *sechdrfile =3D NULL;
+    const char *secfile =3D NULL;
+    g_autofree char *sechdr =3D NULL;
+    g_autofree char *sec =3D NULL;
+    unsigned long long setaddr;
+    virTypedParameterPtr params =3D NULL;
+    int nparams =3D 0;
+    int maxparams =3D 0;
+    int rv;
+    bool ret =3D false;
+
+    if (!(dom =3D virshCommandOptDomain(ctl, cmd, NULL)))
+        return false;
+
+    if (vshCommandOptStringReq(ctl, cmd, "secrethdr", &sechdrfile) < 0)
+        return false;
+
+    if (vshCommandOptStringReq(ctl, cmd, "secret", &secfile) < 0)
+        return false;
+
+    if (sechdrfile =3D=3D NULL || secfile =3D=3D NULL)
+        return false;
+
+    if (virFileReadAll(sechdrfile, 1024*64, &sechdr) < 0) {
+        vshSaveLibvirtError();
+        return false;
+    }
+
+    if (virFileReadAll(secfile, 1024*64, &sec) < 0) {
+        vshSaveLibvirtError();
+        return false;
+    }
+
+    if (virTypedParamsAddString(&params, &nparams, &maxparams,
+                                VIR_DOMAIN_LAUNCH_SECURITY_SEV_SECRET_HEAD=
ER,
+                                sechdr) < 0)
+        return false;
+
+    if (virTypedParamsAddString(&params, &nparams, &maxparams,
+                                VIR_DOMAIN_LAUNCH_SECURITY_SEV_SECRET,
+                                sec) < 0)
+        return false;
+
+
+    if ((rv =3D vshCommandOptULongLong(ctl, cmd, "set-address", &setaddr))=
 < 0) {
+        return false;
+    } else if (rv > 0) {
+        if (virTypedParamsAddULLong(&params, &nparams, &maxparams,
+                                    VIR_DOMAIN_LAUNCH_SECURITY_SEV_SECRET_=
SET_ADDRESS,
+                                    setaddr) < 0)
+            return false;
+    }
+
+    if (virDomainSetLaunchSecurityState(dom, params, nparams, 0) !=3D 0) {
+        vshError(ctl, "%s", _("Unable to set launch security state"));
+        goto cleanup;
+    }
+
+    ret =3D true;
+
+ cleanup:
+    virTypedParamsFree(params, nparams);
+    return ret;
+}
+
 /*
  * "qemu-monitor-command" command
  */
@@ -14596,6 +14697,12 @@ const vshCmdDef domManagementCmds[] =3D {
      .info =3D info_domlaunchsecinfo,
      .flags =3D 0
     },
+    {.name =3D "domsetlaunchsecstate",
+     .handler =3D cmdDomSetLaunchSecState,
+     .opts =3D opts_domsetlaunchsecstate,
+     .info =3D info_domsetlaunchsecstate,
+     .flags =3D 0
+    },
     {.name =3D "domname",
      .handler =3D cmdDomname,
      .opts =3D opts_domname,
--=20
2.34.1