On Sun, Jul 04, 2021 at 09:16:59AM +0300, Dov Murik wrote: > Hi Michael, > > [+cc Connor, Dave] > > On 03/07/2021 19:42, Michael S. Tsirkin wrote: > > On Tue, May 25, 2021 at 06:59:31AM +0000, Dov Murik wrote: > >> From: James Bottomley <j...@linux.ibm.com> > >> > >> If the VM is using memory encryption and also specifies a kernel/initrd > >> or appended command line, calculate the hashes and add them to the > >> encrypted data. For this to work, OVMF must support an encrypted area > >> to place the data which is advertised via a special GUID in the OVMF > >> reset table (if the GUID doesn't exist, the user isn't allowed to pass > >> in the kernel/initrd/cmdline via the fw_cfg interface). > > > > Sorry about asking basic questions so late in the game. > > No worries. Please noice there's a newer version: > > https://lore.kernel.org/qemu-devel/20210624102040.2015280-1-dovmu...@linux.ibm.com/ > > > > I'm a bit curious why this feature makes sense. If someone can play > > with a Linux kernel command line isn't it pretty much game over security > > wise? What protections does Linux have against malicious actors > > manipulating the command line? > > > > You're right -- if the host can modify the kernel command-line it's a game > over. > > This is why this patch (together with the corresponding OVMF patches; still > under review) measures and verifies the content of the kernel blob and > the initrd blob *and* the command-line blob. > > Any modification/omission of any of them by the host will make the expected > SEV PSP measurement invalid, which should then indicate to the Guest Owner > that > something is wrong with this guest. At that point the Guest Owner should > refuse to inject secrets into the guest (and also complain to the Cloud > Service Provider). > > -Dov
Got it, thanks! -- MST