feat: add enarxcall get_snp_vcek()

enarx-archive / sallyport

API for the hypervisor-microkernel boundary

Apache License 2.0

7 stars 6 forks source link

feat: add enarxcall get_snp_vcek() #138

Closed haraldh closed 2 years ago

haraldh commented 2 years ago

To get the (cached) SEV-SNP VCEK, the shim needs this enarx call.

We could have used the Linux kernel GHCB mechanism to get the cert, but at the time of this commit the interface is still in alpha and has not been merged upstream.

Signed-off-by: Harald Hoyer harald@profian.com

rvolosatovs commented 2 years ago

Let's also add a simple test (just getting ENOSYS is enough)

haraldh commented 2 years ago

Let's also add a simple test (just getting ENOSYS is enough)

@rvolosatovs done