1. Patchew
  2. Libvirt
  3. View series

RE: [libvirt][PATCH v4 0/4] Support query and use SGX

Huang, Haibin posted 4 patches 2 years, 9 months ago
Only 0 patches received!
There is a newer version of this series
RE: [libvirt][PATCH v4 0/4] Support query and use SGX
Posted by Huang, Haibin 2 years, 9 months ago 

> -----Original Message-----
> From: Pavel Hrdina <phrdina@redhat.com>
> Sent: Wednesday, July 7, 2021 5:48 PM
> To: Huang, Haibin <haibin.huang@intel.com>
> Cc: libvir-list@redhat.com; Ding, Jian-feng <jian-feng.ding@intel.com>; Yang,
> Lin A <lin.a.yang@intel.com>; Lu, Lianhao <lianhao.lu@intel.com>
> Subject: Re: [libvirt][PATCH v4 0/4] Support query and use SGX
> 
> On Thu, Jul 01, 2021 at 08:10:25PM +0800, Haibin Huang wrote:
> > This patch series provides support for enabling Intel's Software Guard
> Extensions (SGX) feature in guest VM.
> >
> > Giving the SGX support in QEMU is still pending for reviewing, this
> > patch series is not submmited for code review, but only describe the
> > SGX enabling solution design that contains changes to
> virConnectGetDomainCapabilities API response and domain definition. All
> comments/suggestions would be highly appreciated.
> >
> > Intel Software Guard Extensions (Intel® SGX) is a set of instructions
> > that increases the security of application code and data, giving them
> > more protection from disclosure or modification. Developers can partition
> sensitive information into enclaves, which are areas of execution in memory
> with more security protection.
> >
> > The typical flow looks below at very high level:
> >
> > 1. Calls virConnectGetDomainCapabilities API to domain capabilities that
> includes the following SGX information.
> >
> > <feature>
> > ...
> >   <sgx supported='yes'>
> >     <epc_size unit=’KiB’>N</epc_size>
> >   </sgx>
> > </feature>
> >
> > 2. User requests to start a guest calling virCreateXML() with SGX requirement.
> > It should contain
> >
> > <launchSecurity type='sgx'>
> >   <epc_size unit='KiB'>N</epc_size>
> > </launchSecurity>
> 
> I don't think that Intel SGX belongs into <launchSecurity> in libvirt.
> Similar feature to AMD SEV is Intel TDX which would be implement using
> <launchSecurity> as it offers isolation between host and VM.
> 
> Looking at the patches this doesn't even use confidential-guest-support machine
> option, it adds a new memory backend and enables CPU features only if libvirt
> uses <cpu mode='custom'> so it would not work with any other CPU mode.
> 
> To me this sounds like we should split the feature into two components where
> one would add support for the new memory backend into correct XML part [1]
> and the other component would be support for CPU features related to Intel
> SGX [2].
[Haibin] ok, those specific CPU features we added have been deleted and let user to specify it in [2].
Do we need to add new element in memory backend for SGX EPC memory?
> 
> Pavel
> 
> [1] <https://libvirt.org/formatdomain.html#memory-backing>
> [2] <https://libvirt.org/formatdomain.html#cpu-model-and-topology>
> 
> > Haibin Huang (1):
> >   Support to query SGX capability
> >
> > Lin Yang (3):
> >   conf: Introduce SGX related element into domain xml
> >   qemu: Add command-line to generate SGX EPC memory backend
> >   qemu: Add command-line to enable SGX
> >
> >  src/conf/domain_capabilities.c                |  29 ++++
> >  src/conf/domain_capabilities.h                |  13 ++
> >  src/conf/domain_conf.c                        | 106 +++++++++----
> >  src/conf/domain_conf.h                        |  10 ++
> >  src/conf/virconftypes.h                       |   3 +
> >  src/libvirt_private.syms                      |   2 +-
> >  src/qemu/qemu_capabilities.c                  | 146 ++++++++++++++++++
> >  src/qemu/qemu_capabilities.h                  |   6 +
> >  src/qemu/qemu_command.c                       |  30 ++++
> >  src/qemu/qemu_monitor.c                       |  10 ++
> >  src/qemu/qemu_monitor.h                       |   3 +
> >  src/qemu/qemu_monitor_json.c                  |  91 +++++++++++
> >  src/qemu/qemu_monitor_json.h                  |   3 +
> >  tests/domaincapsdata/bhyve_basic.x86_64.xml   |   1 +
> >  tests/domaincapsdata/bhyve_fbuf.x86_64.xml    |   1 +
> >  tests/domaincapsdata/bhyve_uefi.x86_64.xml    |   1 +
> >  tests/domaincapsdata/empty.xml                |   1 +
> >  tests/domaincapsdata/libxl-xenfv.xml          |   1 +
> >  tests/domaincapsdata/libxl-xenpv.xml          |   1 +
> >  .../domaincapsdata/qemu_1.5.3-q35.x86_64.xml  |   1 +
> >  .../domaincapsdata/qemu_1.5.3-tcg.x86_64.xml  |   1 +
> >  tests/domaincapsdata/qemu_1.5.3.x86_64.xml    |   1 +
> >  .../domaincapsdata/qemu_1.6.0-q35.x86_64.xml  |   1 +
> >  .../domaincapsdata/qemu_1.6.0-tcg.x86_64.xml  |   1 +
> >  tests/domaincapsdata/qemu_1.6.0.x86_64.xml    |   1 +
> >  .../domaincapsdata/qemu_1.7.0-q35.x86_64.xml  |   1 +
> >  .../domaincapsdata/qemu_1.7.0-tcg.x86_64.xml  |   1 +
> >  tests/domaincapsdata/qemu_1.7.0.x86_64.xml    |   1 +
> >  .../domaincapsdata/qemu_2.1.1-q35.x86_64.xml  |   1 +
> >  .../domaincapsdata/qemu_2.1.1-tcg.x86_64.xml  |   1 +
> >  tests/domaincapsdata/qemu_2.1.1.x86_64.xml    |   1 +
> >  .../domaincapsdata/qemu_2.10.0-q35.x86_64.xml |   1 +
> >  .../domaincapsdata/qemu_2.10.0-tcg.x86_64.xml |   1 +
> >  .../qemu_2.10.0-virt.aarch64.xml              |   1 +
> >  tests/domaincapsdata/qemu_2.10.0.aarch64.xml  |   1 +
> >  tests/domaincapsdata/qemu_2.10.0.ppc64.xml    |   1 +
> >  tests/domaincapsdata/qemu_2.10.0.s390x.xml    |   1 +
> >  tests/domaincapsdata/qemu_2.10.0.x86_64.xml   |   1 +
> >  .../domaincapsdata/qemu_2.11.0-q35.x86_64.xml |   1 +
> >  .../domaincapsdata/qemu_2.11.0-tcg.x86_64.xml |   1 +
> >  tests/domaincapsdata/qemu_2.11.0.s390x.xml    |   1 +
> >  tests/domaincapsdata/qemu_2.11.0.x86_64.xml   |   1 +
> >  .../domaincapsdata/qemu_2.12.0-q35.x86_64.xml |   1 +
> >  .../domaincapsdata/qemu_2.12.0-tcg.x86_64.xml |   1 +
> >  .../qemu_2.12.0-virt.aarch64.xml              |   1 +
> >  tests/domaincapsdata/qemu_2.12.0.aarch64.xml  |   1 +
> >  tests/domaincapsdata/qemu_2.12.0.ppc64.xml    |   1 +
> >  tests/domaincapsdata/qemu_2.12.0.s390x.xml    |   1 +
> >  tests/domaincapsdata/qemu_2.12.0.x86_64.xml   |   1 +
> >  .../domaincapsdata/qemu_2.4.0-q35.x86_64.xml  |   1 +
> >  .../domaincapsdata/qemu_2.4.0-tcg.x86_64.xml  |   1 +
> >  tests/domaincapsdata/qemu_2.4.0.x86_64.xml    |   1 +
> >  .../domaincapsdata/qemu_2.5.0-q35.x86_64.xml  |   1 +
> >  .../domaincapsdata/qemu_2.5.0-tcg.x86_64.xml  |   1 +
> >  tests/domaincapsdata/qemu_2.5.0.x86_64.xml    |   1 +
> >  .../domaincapsdata/qemu_2.6.0-q35.x86_64.xml  |   1 +
> >  .../domaincapsdata/qemu_2.6.0-tcg.x86_64.xml  |   1 +
> >  .../qemu_2.6.0-virt.aarch64.xml               |   1 +
> >  tests/domaincapsdata/qemu_2.6.0.aarch64.xml   |   1 +
> >  tests/domaincapsdata/qemu_2.6.0.ppc64.xml     |   1 +
> >  tests/domaincapsdata/qemu_2.6.0.x86_64.xml    |   1 +
> >  .../domaincapsdata/qemu_2.7.0-q35.x86_64.xml  |   1 +
> >  .../domaincapsdata/qemu_2.7.0-tcg.x86_64.xml  |   1 +
> >  tests/domaincapsdata/qemu_2.7.0.s390x.xml     |   1 +
> >  tests/domaincapsdata/qemu_2.7.0.x86_64.xml    |   1 +
> >  .../domaincapsdata/qemu_2.8.0-q35.x86_64.xml  |   1 +
> >  .../domaincapsdata/qemu_2.8.0-tcg.x86_64.xml  |   1 +
> >  tests/domaincapsdata/qemu_2.8.0.s390x.xml     |   1 +
> >  tests/domaincapsdata/qemu_2.8.0.x86_64.xml    |   1 +
> >  .../domaincapsdata/qemu_2.9.0-q35.x86_64.xml  |   1 +
> >  .../domaincapsdata/qemu_2.9.0-tcg.x86_64.xml  |   1 +
> >  tests/domaincapsdata/qemu_2.9.0.ppc64.xml     |   1 +
> >  tests/domaincapsdata/qemu_2.9.0.s390x.xml     |   1 +
> >  tests/domaincapsdata/qemu_2.9.0.x86_64.xml    |   1 +
> >  .../domaincapsdata/qemu_3.0.0-q35.x86_64.xml  |   1 +
> >  .../domaincapsdata/qemu_3.0.0-tcg.x86_64.xml  |   1 +
> >  tests/domaincapsdata/qemu_3.0.0.ppc64.xml     |   1 +
> >  tests/domaincapsdata/qemu_3.0.0.s390x.xml     |   1 +
> >  tests/domaincapsdata/qemu_3.0.0.x86_64.xml    |   1 +
> >  .../domaincapsdata/qemu_3.1.0-q35.x86_64.xml  |   1 +
> >  .../domaincapsdata/qemu_3.1.0-tcg.x86_64.xml  |   1 +
> >  tests/domaincapsdata/qemu_3.1.0.ppc64.xml     |   1 +
> >  tests/domaincapsdata/qemu_3.1.0.x86_64.xml    |   1 +
> >  .../domaincapsdata/qemu_4.0.0-q35.x86_64.xml  |   1 +
> >  .../domaincapsdata/qemu_4.0.0-tcg.x86_64.xml  |   1 +
> >  .../qemu_4.0.0-virt.aarch64.xml               |   1 +
> >  tests/domaincapsdata/qemu_4.0.0.aarch64.xml   |   1 +
> >  tests/domaincapsdata/qemu_4.0.0.ppc64.xml     |   1 +
> >  tests/domaincapsdata/qemu_4.0.0.s390x.xml     |   1 +
> >  tests/domaincapsdata/qemu_4.0.0.x86_64.xml    |   1 +
> >  .../domaincapsdata/qemu_4.1.0-q35.x86_64.xml  |   1 +
> >  .../domaincapsdata/qemu_4.1.0-tcg.x86_64.xml  |   1 +
> >  tests/domaincapsdata/qemu_4.1.0.x86_64.xml    |   1 +
> >  .../domaincapsdata/qemu_4.2.0-q35.x86_64.xml  |   1 +
> >  .../domaincapsdata/qemu_4.2.0-tcg.x86_64.xml  |   1 +
> >  .../qemu_4.2.0-virt.aarch64.xml               |   1 +
> >  tests/domaincapsdata/qemu_4.2.0.aarch64.xml   |   1 +
> >  tests/domaincapsdata/qemu_4.2.0.ppc64.xml     |   1 +
> >  tests/domaincapsdata/qemu_4.2.0.s390x.xml     |   1 +
> >  tests/domaincapsdata/qemu_4.2.0.x86_64.xml    |   1 +
> >  .../domaincapsdata/qemu_5.0.0-q35.x86_64.xml  |   1 +
> >  .../domaincapsdata/qemu_5.0.0-tcg.x86_64.xml  |   1 +
> >  .../qemu_5.0.0-virt.aarch64.xml               |   1 +
> >  tests/domaincapsdata/qemu_5.0.0.aarch64.xml   |   1 +
> >  tests/domaincapsdata/qemu_5.0.0.ppc64.xml     |   1 +
> >  tests/domaincapsdata/qemu_5.0.0.x86_64.xml    |   1 +
> >  .../domaincapsdata/qemu_5.1.0-q35.x86_64.xml  |   1 +
> >  .../domaincapsdata/qemu_5.1.0-tcg.x86_64.xml  |   1 +
> >  tests/domaincapsdata/qemu_5.1.0.x86_64.xml    |   1 +
> >  109 files changed, 519 insertions(+), 29 deletions(-)
> >
> > --
> > 2.17.1
> >

Patchew 2.1-devel-0870f84

© 2016 - 2024 Red Hat, Inc.