Selecting an HSM for association to a secure guest

What is claimed is: 1 . A computer-implemented method for a policy-based association of a hardware security module (HSM) with a secure guest in a confidential computing environment, the method comprising: maintaining, by a trusted firmware, a binding between the secure guest and an HSM, wherein the binding enables the secure guest to send only non-sensitive requests to the HSM; maintaining, by the trusted firmware, for the secure guest, a pair of a secret and a secret name; submitting, by the secure guest via the trusted firmware, a query to the bound HSM for obtaining HSM configuration data; and upon determining, by the secure guest, that the obtained HSM configuration data match a policy rule available to the secure guest, wherein the policy rule associates the HSM configuration data with the secret name, requesting, by the secure guest from the trusted firmware, to associate the secret from the pair of secret and the secret name with the bound HSM, thereby triggering that the trusted firmware allows the secure guest to submit a sensitive crypto-request to the bound and associated HSM. 2 . The method according to claim 1 , further comprising: intercepting, by the trusted firmware, each request from the secure guest to an HSM for generating an HSM-protected key; and enforcing, by the trusted firmware, that the generated HSM-protected key is only to be used with the HSM associated with the secret from the secure guest. 3 . The method according to claim 1 , wherein an HSM master key verification pattern is indicative of the configuration data of the HSM. 4 . The method according to claim 1 , wherein the pair of the secret and the secret name is added to the metadata which the trusted firmware maintains for the secure guest. 5 . The method according to claim 1 , further comprising: requesting, by the secure guest from the trusted firmware, a list of secret names of the pairs of secrets and secret names maintained by the trusted firmware for the secure guest. 6 . The method according to claim 1 , further comprising: if the obtained configuration data of the HSM do not match the policy rule, submitting, by the secure guest via the trusted firmware, a new query to another HSM for obtaining other configuration data. 7 . The method according to claim 1 , further comprising: upon a change of an assignment configuration of the HSM bound to a secure guest, dissolving the binding of the HSM to the secure guest and dissolving the association of the HSM with any secret if such an association exists. 8 . The method according to claim 1 , wherein the trusted firmware denies all requests from a secure guest to an HSM that is not bound to the secure guest. 9 . The method according to claim 1 , wherein the binding between the secure guest and the HSM is established by the trusted firmware upon a request from the secure guest to the trusted firmware to bind the HSM, when the HSM is assigned to the secure guest. 10 . The method according to claim 1 , wherein a plaintext value of the secret is inaccessible by the secure guest. 11 . The method according to claim 1 , where any request to the HSM bound to the secure guest is only allowed if issued by the secure guest or the trusted firmware on behalf of the secure guest. 12 . The method according to claim 1 , where any request from a secure guest to the HSM that comprises an HSM protected key is a sensitive request, or whose response comprises an HSM protected key. 13 . A security system for a policy-based association of a HSM with a secure guest in a confidential computing environment, the security system comprising a processor and a memory operationally coupled to the processor, wherein the memory stores software program code, which, when executed by the processor, enables the processor to: maintain, using a trusted firmware, a binding between the secure guest and an HSM, wherein the binding enables the secure guest to send only non-sensitive requests to the HSM; maintain, using the trusted firmware, for the secure guest, a pair of a secret and a secret name; submit, by the secure guest via the trusted firmware, a query to the bound HSM for obtaining HSM configuration data; and upon determining, by the secure guest, that the obtained HSM configuration data match a policy rule available to the secure guest, wherein the policy rule associates the HSM configuration data to the secret name, request, by the secure guest from the trusted firmware, to associate the secret from the pair of secret and the secret name with the bound HSM, thereby triggering that the trusted firmware allows the secure guest to submit a sensitive crypto-request to the bound and associated HSM. 14 . The security system according to claim 13 , wherein the processor is further enabled to: intercept, using the trusted firmware, each request to an HSM for generating an HSM-protected key; and enforce, by the trusted firmware, that the generated HSM-protected key is only to be used with the HSM associated with the secret from the secure guest. 15 . The security system according to claim 13 , wherein an HSM master key verification pattern is indicative of the configuration data of the HSM. 16 . The security system according to claim 13 , wherein the pair of the secret and the secret name is added to the metadata which the trusted firmware maintains for the secure guest. 17 . The security system according to claim 13 , wherein the processor is further enabled to: request, using the secure guest from the trusted firmware, a list of secret names of the pairs of secrets and secret names maintained by the trusted firmware for the secure guest. 18 . The security system according to claim 13 , wherein the processor is further enabled to: if the obtained configuration data of the HSM do not match the policy rule, submit, by the secure guest via the trusted firmware, a new query to another HSM for obtaining other configuration data. 19 . The security system according to claim 13 , wherein the processor is further enabled to: upon a change of an assignment configuration of the HSM bound to a secure guest, dissolve the binding of the HSM to the secure guest and dissolve the association of the HSM with any secret if such an association exists. 20 . The security system according to claim 13 , wherein the processor is also enabled to deny, using the trusted firmware, all requests from a secure guest to an HSM that is not bound to the secure guest. 21 . The security system according to claim 13 , wherein the binding between the secure guest and the HSM is established by the trusted firmware upon a request from the secure guest to the trusted firmware to bind the HSM when if the HSM is assigned to the secure guest. 22 . The security system according to claim 13 , wherein a plaintext value of the secret is inaccessible by the secure guest. 23 . The security system according to claim 13 , where any request to the HSM bound to the secure guest is only allowed if issued by the secure guest or the trusted firmware on behalf of the secure guest. 24 . The security system according to claim 13 , where any request from a secure guest to the HSM that comprise an HSM-protected key is a sensitive request, or whose response comprises an HSM-protected key. 25 . A computer program product for a policy-based association of an HSM with a secure guest in a confidential computing environm