Init Attestation agent failed on tdx

confidential-containers / guest-components

Confidential Containers Guest Tools and Components

Apache License 2.0

79 stars 87 forks source link

Init Attestation agent failed on tdx #626

Closed ChengyuZhu6 closed 1 month ago

ChengyuZhu6 commented 1 month ago

The initialization of attestation agent failed on TDX in CoCo. The AA is built from commit 0d8146321c3de023f0f7f40e47fc0f860133dfc7 , error log:

"Error: init AA"
"Caused by:"
"    0: write INIT entry"
"    1: TDX Attester: Cannot extend runtime measurement on this system"
"
"Stack backtrace:"
"   0: <unknown>"
"   1: <unknown>"
"   2: <unknown>"
"   3: <unknown>"
"   4: <unknown>"
"   5: <unknown>"
"   6: <unknown>"
"   7: <unknown>"
"   8: __libc_start_main"
"   9: <unknown>"

ChengyuZhu6 commented 1 month ago

cc @Xynnn007 @arronwy

ChengyuZhu6 commented 1 month ago

Notes: This error does not only occur on TDX. It happens on all platforms (SEV, SNP, and non-TEE in Kata CI) that do not support runtime measurement.