search

google / go-sev-guest

go-sev-guest offers a library to wrap the /dev/sev-guest device in Linux, as well as a library for attestation verification of fundamental components of an attestation report.
Apache License 2.0
44 stars 19 forks source link

Product name is Unknown, but it is Milan #131

Open danko-miladinovic opened 1 month ago

danko-miladinovic commented 1 month ago

Hi,

I fetched the attestation report using the QuoteProvider method GetRawQuote (provider.GetRawQuote(reportData)). These are the last bytes of the attestation report:

000004a0: ecae 0c0f 9502 43b1 afa2 0ae2 e0d5 65b6  ......C.......e.
000004b0: 3000 0000 0800 0000 0000 0000 0000 0000  0...............
000004c0: 0000 0000 0000 0000 0000 0000 0000 0000  ................
000004d0: 0800 0000 020f 8000                      ........

When I try to verify the report, I get that the product is Unknown, but we have a Milan processor. I can see in dmesg that SNP is enabled, and I can start the SNP VM and retrieve the report. Can you kindly provide your opinion on what is the problem here? This should not be a duplicate issue, as I found this issue.

When I run cpuid I get this output:

   version information (1/eax):
      processor type  = primary processor (0)
      family          = 0xf (15)
      model           = 0x1 (1)
      stepping id     = 0x1 (1)
      extended family = 0xa (10)
      extended model  = 0x0 (0)
      (family synth)  = 0x19 (25)
      (model synth)   = 0x1 (1)
      (simple synth)  = AMD EPYC (3rd Gen) (Milan B1) [Zen 3], 7nm

Which is not a part of the attestation report.

Kind regards, Danko

deeglaze commented 3 weeks ago

Apologies I didn't see this issue until now. Are you running CPUID on the host or in the guest?

Your ExtraPlatformInfo entry is odd. The size is 8 bytes, but that should be taking the first 4 bytes of the block. It's in the second 4 bytes. Your Cpu1Eax value is 0x30000000, which is also very strange, since it doesn't follow the CPUID(1) expected format at all. I don't know what your hypervisor is, but it's populating the CPUID table with a dubious value.

danko-miladinovic commented 2 weeks ago

Thank you for the answer. The CPUID instruction was ran on the host.

I am using QEMU to run my VM and QEMU was built using the build.sh script from the AMDSEV/ADMSEV (snp-latest branch) repository. The QEMU version that I am using currently was built last year, so I guess there might be a bug in their fork. I will build the latest version from the same repo and check. Thank you for the help.

Kind regards, Danko