[PATCH 08/14] qga: add command line to limit commands for confidential guests

Tue, 04 Jun 2024 08:33:47 -0700 

When running in a confidential guest, a very large number of QGA
commands are unsafe to permit, since they can be used to violate
the privacy of the guest.

This introduces a new command line "--confidential" / "-i" which,
if set, will run the guest in confidential mode, which should
avoid leaking information to the host, while still allowing
important VM mgmt tasks to be performed.

Signed-off-by: Daniel P. Berrangé <berra...@redhat.com>
---
 qga/main.c           | 14 ++++++++++++++
 qga/qapi-schema.json |  5 ++++-
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/qga/main.c b/qga/main.c
index 7bf5ec49ba..12b91eb713 100644
--- a/qga/main.c
+++ b/qga/main.c
@@ -86,6 +86,7 @@ struct GAConfig {
     gchar *aliststr; /* allowedrpcs may point to this string */
     GList *blockedrpcs;
     GList *allowedrpcs;
+    bool only_confidential;
     int daemonize;
     GLogLevelFlags log_level;
     int dumpconf;
@@ -415,6 +416,15 @@ static bool ga_command_is_allowed(const QmpCommand *cmd, 
GAState *state)
     /* Fallback policy is allow everything */
     bool allowed = true;
 
+    /*
+     * If running in confidential mode, block commands that
+     * would violate guest data privacy
+     */
+    if (config->only_confidential &&
+        !qmp_command_has_feature(cmd, QAPI_FEATURE_CONFIDENTIAL)) {
+        allowed = false;
+    }
+
     if (config->allowedrpcs) {
         /*
          * If an allow-list is given, this changes the fallback
@@ -1197,6 +1207,7 @@ static void config_parse(GAConfig *config, int argc, char 
**argv)
 #endif
         { "statedir", 1, NULL, 't' },
         { "retry-path", 0, NULL, 'r' },
+        { "confidential", 0, NULL, 'i' },
         { NULL, 0, NULL, 0 }
     };
 
@@ -1293,6 +1304,9 @@ static void config_parse(GAConfig *config, int argc, char 
**argv)
             }
             break;
 #endif
+        case 'i':
+            config->only_confidential = true;
+            break;
         case 'h':
             usage(argv[0]);
             exit(EXIT_SUCCESS);
diff --git a/qga/qapi-schema.json b/qga/qapi-schema.json
index 8b1eff3abc..9a213dfc06 100644
--- a/qga/qapi-schema.json
+++ b/qga/qapi-schema.json
@@ -39,7 +39,10 @@
         'GuestNVMeSmart' ],
     'command-features': [
         # Commands permitted while FS are frozen
-        'fs-frozen'
+        'fs-frozen',
+        # Commands which do not violate privacy
+        # of a confidential guest
+        'confidential'
     ] } }
 
 ##
-- 
2.45.1

Reply via email to