go-sev-guest offers a library to wrap the /dev/sev-guest device in Linux, as well as a library for attestation verification of fundamental components of an attestation report.
Apache License 2.0
52
stars
19
forks
source link
Remove self-throttling after 6.1 incorporates x86/urgent fixes #40
Liunx kernel 6.1 incorporates @pgonda's IV reuse crypto fix, which deletes the VMPCK when the host VMM returns any error. The x86/urgent follow-up to retry commands when throttled to avoid deleting the VMPCK is not in 6.1 yet.
While not a panacea, we can self-throttle in this library as a workaround until that throttling awareness fix is in.
Liunx kernel 6.1 incorporates @pgonda's IV reuse crypto fix, which deletes the VMPCK when the host VMM returns any error. The x86/urgent follow-up to retry commands when throttled to avoid deleting the VMPCK is not in 6.1 yet.
While not a panacea, we can self-throttle in this library as a workaround until that throttling awareness fix is in.