From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: Dionna Amalie Glaze <dionnaglaze@google.com>,
Gerd Hoffmann <kraxel@redhat.com>
Cc: "Gupta, Pankaj" <pankaj.gupta@amd.com>,
devel@edk2.groups.io, James Bottomley <jejb@linux.ibm.com>,
Jiewen Yao <jiewen.yao@intel.com>,
Ard Biesheuvel <ardb@kernel.org>,
"Min M. Xu" <min.m.xu@intel.com>, Andrew Fish <afish@apple.com>,
"Michael D. Kinney" <michael.d.kinney@intel.com>,
Oliver Steffen <osteffen@redhat.com>
Subject: Re: [edk2-devel] [PATCH v10 1/4] OvmfPkg: Add memory acceptance event in AmdSevDxe
Date: Tue, 14 Feb 2023 16:44:02 -0600 [thread overview]
Message-ID: <db735984-b9ad-55a0-2bb9-53cf0a73761b@amd.com> (raw)
In-Reply-To: <CAAH4kHYDo-hQhsK91xoMZqGP9ovTiTtXymXwLG0wnybVaw8mNg@mail.gmail.com>
On 2/14/23 11:28, Dionna Amalie Glaze wrote:
>>
>> Do you have any pointers on the IVARS service? Documentation, guest
>> code, host code?
>>
>
> Agh, I thought for sure there was a public API for VM owners to view
> or change their UEFI variables, but I guess not. It's an
> instance-specific small data store for nonvolatile memory like vTPM
> and UEFI variables. It appears you can only set the variables through
> cloud API at instance creation time. But this is how instances can be
> shut down and brought back up on different machines and/or live
> migrate to other machines and still have access to UEFI variables'
> current values. Host code is all in Google's proprietary VMM,
> Vanadium, but the device backend is really rather simple. The data
> store service though, that's a matter of Cloud Scale Engineering.
>
>> Background: When moving to a SVSM-based setup where the svsm (with
>> vtpm emulation) runs in vmpl0 and the edk2 firmware in vmpl1 we might
>> likewise add a efi variable service to the svsm.
>>
>
> I thought EFI variables in Qemu were loaded and measured at launch
> (OVMF_VARS.fd). If you want the current values of all uefi variables
The variables are not encrypted and not measured at launch because they
need to be modified and stored on the host side.
You can choose to use a single vars/code file, which keeps the variables
in memory, but you then lose any changes made to them upon VM termination.
Thanks,
Tom
> in your SVSM attestation report, I think it's probably better to use
> the EFI_CC_MEASUREMENT_PROTOCOL, right? Or is it specifically going to
> be an SVSM service that attests itself with current stored variables,
> or at least variables that are considered important enough to measure?
>
> In any case, persistence in The Cloud (TM) remains a challenge in the
> CC space. Discussion about what we should do about that should remain
> on the coco mailing list. IVARS encrypts data with Google-managed
> keys, so it wouldn't be directly applicable to SVSM NVRAM.
>
>> If something usable already exists we don't need to reinvent the wheel.
>>
>
> Don't have to tell me twice. In the spirit of OSS collaboration and
> product integrity, I think any CC offering's firmware should be public
> and verifiably built. I'll keep pushing for that.
>
>> thanks & take care,
>> Gerd
>>
>
>
next prev parent reply other threads:[~2023-02-14 22:44 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-26 0:56 [PATCH v10 0/4] Add safe unaccepted memory behavior Dionna Glaze
2023-01-26 0:56 ` [PATCH v10 1/4] OvmfPkg: Add memory acceptance event in AmdSevDxe Dionna Glaze
2023-01-26 10:30 ` Ard Biesheuvel
2023-01-26 16:04 ` Dionna Glaze
2023-02-09 13:35 ` [edk2-devel] " Gupta, Pankaj
2023-02-09 16:52 ` Dionna Glaze
2023-02-09 21:27 ` Dionna Glaze
2023-02-10 8:00 ` Gupta, Pankaj
2023-02-10 11:12 ` Ard Biesheuvel
2023-02-10 11:34 ` Gupta, Pankaj
2023-02-10 13:56 ` Gupta, Pankaj
2023-02-10 17:05 ` Dionna Glaze
2023-02-13 14:38 ` Gupta, Pankaj
2023-02-13 16:53 ` Dionna Glaze
2023-02-13 17:56 ` Gupta, Pankaj
2023-02-13 18:31 ` Dionna Glaze
2023-02-13 19:33 ` Lendacky, Thomas
2023-02-13 19:33 ` Gupta, Pankaj
2023-02-13 21:44 ` Dionna Glaze
2023-02-14 12:51 ` Gupta, Pankaj
2023-02-14 12:55 ` Gupta, Pankaj
2023-02-14 20:44 ` Dionna Glaze
2023-02-14 20:46 ` Gupta, Pankaj
[not found] ` <1743B21FF9509E5F.2641@groups.io>
2023-02-14 14:00 ` Gupta, Pankaj
2023-02-14 9:12 ` Gerd Hoffmann
2023-02-14 17:28 ` Dionna Glaze
2023-02-14 22:44 ` Lendacky, Thomas [this message]
2023-02-15 9:38 ` Gerd Hoffmann
2023-01-26 0:56 ` [PATCH v10 2/4] MdePkg: Introduce the SevMemoryAcceptance protocol Dionna Glaze
2023-01-26 1:24 ` Yao, Jiewen
2023-01-26 17:04 ` Dionna Glaze
2023-01-26 17:19 ` Ard Biesheuvel
2023-01-26 0:56 ` [PATCH v10 3/4] OvmfPkg: Implement AcceptAllUnacceptedMemory in AmdSevDxe Dionna Glaze
2023-01-26 0:56 ` [PATCH v10 4/4] OvmfPkg/PlatformPei: SEV-SNP make >=4GB unaccepted Dionna Glaze
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=db735984-b9ad-55a0-2bb9-53cf0a73761b@amd.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox