`GetConfComputeGpuAttestationReport` does not accept a nonce

NVIDIA / go-nvml

Go Bindings for the NVIDIA Management Library (NVML)

Apache License 2.0

290 stars 62 forks source link

`GetConfComputeGpuAttestationReport` does not accept a nonce #128

Open derpsteb opened 3 weeks ago

derpsteb commented 3 weeks ago

Hey,

the function GetConfComputeGpuAttestationReport does currently not accept a nonce for the report generation. This is insecure for CC use cases because an attacker might record a valid report once and replay it to a victim multiple times/on different machines, potentially with a modified GPU attached.

We have implemented this in our fork here. This works fine so it seems to be supported by the runtime.

Could you update that function? Thanks, Otto

klueska commented 2 weeks ago

I checked with the NVML team and they confirmed that if you pass a nonce in the calling struct to the underlying C API, then it will be used by the driver (rather than generating one on the fly).

I'll need to think about the right API for this because we don't like to stray too far from the underlying C API (with the exception of transforming inputs meant as return values to actual return values). In this case though, the argument to the C API is both a valid input AND a place to store the return value...