virtinst: cli: Provide a default value for the 'policy' argument

Policy is a 4-byte bitfield used to turn on/off certain behaviour within
the SEV firmware. For a detailed table of supported flags, see
https://libvirt.org/formatdomain.html#launchSecurity.
Most of the flags are related to advanced features (some of them don't
even exist at the moment), except for the first 2 bits which determine
whether debug mode should be turned on and whether the same key should
be used to encrypt memory of multiple guests respectively.

>From security POV, most users will probably want separate keys for
individual guests, thus the value 0x03 was selected as the policy
default.

Reviewed-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Erik Skultety <eskultet@redhat.com>
This commit is contained in:
Erik Skultety 2019-06-11 17:41:58 +02:00 committed by Cole Robinson
parent 45f3a47c84
commit 480a6834c2
3 changed files with 15 additions and 0 deletions

View File

@ -898,6 +898,7 @@ c.add_invalid("--disk none --location nfs:example.com/fake --nonetworks") # Usi
c = vinst.add_category("kvm-x86_64-launch-security", "--disk none --noautoconsole")
c.add_compare("--boot uefi --machine q35 --launchSecurity type=sev,reducedPhysBits=1,policy=0x0001,cbitpos=47,dhCert=BASE64CERT,session=BASE64SESSION --connect " + utils.URIs.kvm_amd_sev, "x86_64-launch-security-sev-full") # Full cmdline
c.add_valid("--boot uefi --machine q35 --launchSecurity sev,reducedPhysBits=1,cbitpos=47 --connect " + utils.URIs.kvm_amd_sev) # Default policy == 0x0003 will be used
c.add_invalid("--launchSecurity policy=0x0001 --connect " + utils.URIs.kvm_amd_sev) # Missing launchSecurity 'type'

View File

@ -23,3 +23,16 @@ class DomainLaunchSecurity(XMLBuilder):
def validate(self):
if not self.type:
raise RuntimeError(_("Missing mandatory attribute 'type'"))
def _set_defaults_sev(self):
# 'policy' is a mandatory 4-byte argument for the SEV firmware,
# if missing, let's use 0x03 which, according to the table at
# https://libvirt.org/formatdomain.html#launchSecurity:
# (bit 0) - disables the debugging mode
# (bit 1) - disables encryption key sharing across multiple guests
if self.policy is None:
self.policy = "0x03"
def set_defaults(self, guest):
if self.is_sev():
return self._set_defaults_sev()

View File

@ -684,6 +684,7 @@ class Guest(XMLBuilder):
seclabel.set_defaults(self)
self.pm.set_defaults(self)
self.os.set_defaults(self)
self.launchSecurity.set_defaults(self)
for dev in self.devices.get_all():
dev.set_defaults(self)