מאגר מידע

For extra security, some users might want to measure and attest their boot kernel and initrd image.

This is a custom setup that requires manual intervention, and as such the account requesting it must be spending at least 20 USD/month.

Open a ticket and provide us the download links to your vmlinuz, initird and command line arguments. We will provide you OVMF firmware file.

After setup your VM will skip UEFI and boot straight into the linux kernel.

To validate the attestation, you must run sev-snp-measure using the same vmlinuz, initrd, and command line arguments you will provide us, and with the OVMF amdsev image we will provide you. This tool runs on any WSL2 or Linux environment.

In this example a 1 vCPU vm is used:

$ sev-snp-measure --mode snp --vcpus=1 --vcpu-family 25 --vcpu-model 1 --vcpu-stepping 1 --ovmf=OVMF.amdsev.fd --kernel=vmlinuz --initrd=initrd --append="root=UUID=99bf1bf0-97c8-472e-9e64-fc4fee387b2b ro console=tty0 console=ttyS0,115200n8 no_timer_check biosdevname=0 net.ifnames=0" --guest-features 0x1 --output-format hex
74aa0cb2230d496d91395f86b480146dc13c19e77e6d2ccfa32d975f876d207768e32c99594a67d812ad8a81e70364c3

After booting, you can attest the integrity of your kernel and initrd inside the guest using the snpguest tool:

# snpguest report attestation-report.bin request-data.bin --random
# snpguest display report attestation-report.bin

Attestation Report (1184 bytes):
Version: 5
Guest SVN: 0

Guest Policy (0x30000):
ABI Major: 0
ABI Minor: 0
SMT Allowed: 1
Migrate MA: 0
Debug Allowed: 0
Single Socket: 0
Family ID:
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Image ID:
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

VMPL: 1
Signature Algorithm: 1
Current TCB:

TCB Version:
Microcode: 222
SNP: 28
TEE: 0
Boot Loader: 4

Platform Info (39):
SMT Enabled: 1
TSME Enabled: 1
ECC Enabled: 1
RAPL Disabled: 0
Ciphertext Hiding Enabled: 0

Author Key Encryption: false
Report Data:
27 b9 81 17 a7 0a e9 5a 81 6f a1 a9 53 9d 1e 79
d5 d9 3e 6f 64 f4 95 57 21 d2 35 64 28 69 c5 e3
ea 81 27 a3 cb f3 0b 47 1c 62 77 22 88 1b a9 f3
25 6f e7 38 d3 07 03 64 2a 63 58 4b df a2 ff f8

Measurement:
74 aa 0c b2 23 0d 49 6d 91 39 5f 86 b4 80 14 6d
c1 3c 19 e7 7e 6d 2c cf a3 2d 97 5f 87 6d 20 77
68 e3 2c 99 59 4a 67 d8 12 ad 8a 81 e7 03 64 c3

Host Data:
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

ID Key Digest:
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Author Key Digest:
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Report ID:
8c 15 f5 91 26 fb ec 54 9c ec a8 ad 6f 24 c8 fa
5f 1d bb 36 20 51 ab fb 6e 8d ec 37 fd 65 63 62

Report ID Migration Agent:
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff

Reported TCB:
TCB Version:
Microcode: 222
SNP: 28
TEE: 0
Boot Loader: 4

Chip ID:
89 68 7b 7e 39 3a d5 d0 8c ba cf 0e 46 c1 ba bb
64 cb 19 1a b0 ca 1b 30 37 2c 82 1a 25 fa 3e 7a
a3 72 80 23 14 6b db ed 17 7c d4 6b 68 26 f8 5c
fc 02 39 8a 03 d5 05 75 fd 8c 1f 4d cb a7 28 9f

Committed TCB:

TCB Version:
Microcode: 222
SNP: 28
TEE: 0
Boot Loader: 4

Current Build: 0
Current Minor: 58
Current Major: 1
Committed Build: 0
Committed Minor: 58
Committed Major: 1
Launch TCB:

TCB Version:
Microcode: 222
SNP: 28
TEE: 0
Boot Loader: 4

Signature:
R:
18 ea ae c7 96 19 9b 90 49 44 d6 b5 11 34 51 b2
50 01 d7 db 05 cb 6c 7a db 14 18 da d6 ef 8e da
ce b5 f1 87 61 d1 ce fb 87 03 34 6d ac 26 5c 2c
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00

S:
ce 10 d5 2e f6 af b6 08 9f ed 65 b1 ce a4 a3 4f
b5 b9 78 d0 d2 0b b3 4e 03 30 71 d8 98 d8 65 5e
9e 0d 2b ee d7 97 de 6c 80 04 63 f8 25 1f 20 f4
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00

If the measurements match congratulations, your kernel and initrd integrity have been attested.