1. Patchew
  2. Libvirt
  3. View series

RE: [libvirt][PATCH v9 0/5] Support query and use SGX

Huang, Haibin posted 5 patches 2 years, 3 months ago
Only 0 patches received!
There is a newer version of this series
RE: [libvirt][PATCH v9 0/5] Support query and use SGX
Posted by Huang, Haibin 2 years, 3 months ago 
Thank you very much! I will see it.

> -----Original Message-----
> From: Michal Prívozník <mprivozn@redhat.com>
> Sent: Friday, January 7, 2022 11:06 PM
> To: Huang, Haibin <haibin.huang@intel.com>; libvir-list@redhat.com; Ding,
> Jian-feng <jian-feng.ding@intel.com>; Yang, Lin A <lin.a.yang@intel.com>; Lu,
> Lianhao <lianhao.lu@intel.com>; Zhong, Yang <yang.zhong@intel.com>
> Subject: Re: [libvirt][PATCH v9 0/5] Support query and use SGX
> 
> On 12/15/21 04:40, Haibin Huang wrote:
> > This patch series provides support for enabling Intel's Software Guard
> > Extensions (SGX) feature in guest VM.
> > Giving the SGX support in QEMU be accepted and will be merged in two
> > days Intel SGX is a set of instructions that increases the security of
> > application code and data, giving them more protection from disclosure
> > or modification.
> > Developers can partition sensitive information into enclaves, which
> > are areas of execution in memory with more security protection.
> >
> > The typical flow looks below at very high level:
> >
> > 1. Calls virConnectGetDomainCapabilities API to domain capabilities
> > that includes the following SGX information.
> >
> > <feature>
> > ...
> >   <sgx supported='yes'>
> >     <epc_size unit='KiB'>N</epc_size>
> >   </sgx>
> > </feature>
> >
> > 2. User requests to start a guest calling virCreateXML() with SGX
> requirement.
> > It should contain
> >
> >  <devices>
> >       ...
> >       <memory model='sgx-epc'>
> >         <target>
> >           <size unit='KiB'>N</size>
> >         </target>
> >       </memory>
> >       ...
> >   </devices>
> >
> > Haibin Huang (2):
> >   Get SGX Capabilities from QEMU
> >   Transfer Qemu SGX Capabilities to XML
> >
> > Lin Yang (3):
> >   conf: Introduce SGX EPC element into device memory xml
> >   qemu: Add command-line to generate SGX EPC memory backend
> >   Add unit tests for guest VM creation command with SGX EPC
> 
> Next time please make sure that any patch you send is rebased onto the
> master branch that's at least somewhat current. I had to go all the way down
> to 7.8.0 to apply these (somewhere mid October). I believe libvirt is not the
> only project that mandates this.
> 
> I've uploaded these patches to my gitlab:
> 
> https://gitlab.com/MichalPrivoznik/libvirt/-/tree/sgx
> 
> You'll find 'fixup' commits there which cover some of the points I am raising.
> Might be worth looking at it. I'll keep the branch there for a while.
> 
> Michal

Patchew 2.1-devel-0870f84

© 2016 - 2024 Red Hat, Inc.