Introduce API endpoints for SEV attestation

[vasiliy-ul]

What this PR does / why we need it:

The PR introduces new API endpoints for SEV attestation. It is based on the initial design proposal. It allows to perform the necessary pre-launch attestation steps:

• retrieving platform certificates for verification sev/fetchcertchain: the API call is routed to the node where the VM is scheduled and it is processed by virt-handler. The certificates are fetched from libvirt by node-labeller in the init-container context (thus ATM the support of certificates rotation is limited); UPD: the call is routed to the virt-launcher pod where the corresponding libvirt API is invoked;
• setting session parameters sev/setupsession: the call is routed to the virt-launcher pod where the corresponding libvirt API is invoked;
• querying launch measurement sev/querylaunchmeasurement: the call is routed to the virt-launcher pod where the corresponding libvirt API is invoked. The measurement is returned to the caller;
• injecting launch secret sev/injectsecret: the call is routed to the virt-launcher pod where the corresponding libvirt API is invoked.

The attestation process can be run either manually by calling the corresponding endpoints (e.g. using virtctl) or in an automated way by leveraging an attestation server and a controller that will monitor the VMI state and perform the required actions. The E2E functional test in tests/launchsecurity/sev.go demonstrates the general flow.

Attestation can be requested via VMI spec yaml:

spec:
  startStrategy: "Paused"
  domain:
    firmware:
      bootloader:
        efi:
          secureBoot: false
    launchSecurity:
      sev:
        attestation: {}

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes #

Special notes for your reviewer:

• The implementation of the new virtctl commands mapped to the SEV endpoints is not in the scope of this PR and will be added later in a follow-up (same applies to the attestation controller: not in the scope ATM). UPD: Extend virtctl to Support Interactive SEV Attestation #7595
• The PR requires libvirt >= 8.0.0: rpm: Update virtualization packages #7277
• There is a proposal to generalize the attestation flow in libvirt: https://listman.redhat.com/archives/libvir-list/2022-February/msg00857.html. Any thoughts on that are welcome.

Release note:

Experimantal support of SEV attestation via the new API endpoints

[vasiliy-ul]

/test pull-kubevirt-e2e-k8s-1.26-sev

[vasiliy-ul]

/test pull-kubevirt-e2e-k8s-1.26-sig-storage

[vasiliy-ul]

Hi @alicefr, @iholder101. Previously, you reviewed the code here. Could you please re-lgtm/approve the PR (as you see fit)? I now rebased it and fixed all the conflicts (mostly with the generated code). There are no functional changes. The only thing is that I've moved the addition of sevctl tool to the test image into a separate PR (which is already merged #9892). Thanks!

@alicefr, @iholder101, a gentle ping :) Would appreciate it if you could re-lgtm or approve the PR. Thanks!

[alicefr]

Shouldn't we skip all the SEV suite if this isn't amd64?

[vasiliy-ul]

I am not sure about skipping, since it may hide potential issues. If the code is expected to error-out on non-amd64, IMHO, better to have a test in place to ensure it. In this particular case, manager.GetLaunchMeasurement fails due to missing ovmf code binary with sev support.

[alicefr]

Ok, fine to me!

[alicefr]

This might be a good function to move to a shared file for utils. It can be done in a following PR

[vasiliy-ul]

Agree, this is a good candidate for common utils. Though, on the other hand, I think it makes sense to move it when there are several users of that function. Otherwise, the utils tend to grow.

[alicefr]

Same as above we could move it to a common shared file

[alicefr]

/approve
/hold
Let's give some time to @iholder101 if he wants to have another look, but to me, it looks good
@vasiliy-ul great work and thanks for the perseverance!

[kubevirt-bot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: alicefr

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [alicefr]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[vasiliy-ul]

Thanks a lot @alicefr for the review and valuable input!

[iholder101]

Sorry for the delay @vasiliy-ul!

Thanks very much for this PR! Appreciate your contributions a lot, I know it wasn't easy :)

/lgtm
/unhold

[kubevirt-commenter-bot]

/retest-required
This bot automatically retries required jobs that failed/flaked on approved PRs.
Silence the bot with an /lgtm cancel or /hold comment for consistent failures.

[kubevirt-bot]

@vasiliy-ul: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
pull-kubevirt-e2e-k8s-1.23-sig-compute	460fdec	link	true	/test pull-kubevirt-e2e-k8s-1.23-sig-compute
pull-kubevirt-fossa	3528f6a	link	false	/test pull-kubevirt-fossa

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[vasiliy-ul]

Thank you for the review, @iholder101!

/test pull-kubevirt-unit-test

[dbasunag]

Looks like this PR broke https://github.com/openshift/openshift-restclient-python/blob/master/openshift/dynamic/discovery.py#L133, which expects VMInstancesSEVFetchCertChain/VMInstancesSEVQueryLaunchMeasurement/VMInstancesSEVSetupSession/VMInstancesSEVInjectLaunchSecret to be of the format 'a/b' not a/b/c

cc: @myakove