[svsm-devel] Questions about crypto support

Jörg Rödel joro at 8bytes.org
Tue Sep 26 20:36:22 CEST 2023 

Hi Claudio,

On Fri, Sep 22, 2023 at 05:04:45PM -0400, Claudio Carvalho wrote:
> Q1) FIPS 140 certification. Should we consider OpenSSL as a static or shared
> library?

We are flexible on that, we can start with statically linking OpenSSL
and then move on and support it as a shared lib. This does not touch the
SVSM core much beyond the fact that it needs support for shared
mappings. For shared we can also use a simplified approach like James
suggested in the last meeting.

> Q2) How should we handle build dependencies between CPL3 modules? E.g. the vTPM
> (Microsoft TPM impl.) build depends on the OpenSSL library.

That makes me think again about the requirements for our build system.

> Q3) What libc implementation should we use to build OpenSSL and other CPL3
> modules?

What amount of libc does openssl need? Or how much is it beyond
malloc/free? Whatever libc we chose, some porting efforts to the SVSM
syscall interface will be needed.

> Q4) Interface 1. How CPL0 code should communicate with CPL3 code?

The answer here is via a TBD IPC mechanism.

> Q5) Interface 2. CPL0 to CPL3 communication may need to carry secrets (e.g.
> VMPCK0 key), how should we do that securely?

There are various ways to do this, one is via IPC with a kernel service
and a capabilities system that restricts access to the secrets.

Another idea that was discussed is doing it via files. The filesystem
implementation in the SVSM does not have a concept of a CWD, so there
are no . and .. directories.

We can give every module a separate root directory and link the secrets
it needs to access into that directory.

But none of this is decided yet.

> Q6) Interface 3. How a CPL3 module should communicate with other CPL3 modules?
> It may also need to carry secrets such as keys.

For secrets like the VMPCK keys there should be a single owner, or do
you see a need to pass those around? Besides secrets, communication will
be done via the TBD IPC mechanism.

As it is still TBD, I am open for design ideas.

Regards,

	Joerg

More information about the Svsm-devel mailing list