Is there a plan to support the legacy SEV report handling?

google / go-sev-guest

go-sev-guest offers a library to wrap the /dev/sev-guest device in Linux, as well as a library for attestation verification of fundamental components of an attestation report.

Apache License 2.0

45 stars 19 forks source link

Is there a plan to support the legacy SEV report handling? #90

Closed cowbon closed 11 months ago

cowbon commented 11 months ago

Hi there,

In addition to SEV-SNP, the legacy SEV also produces a guest report, even though it's coming from the hypervisor. The report from the legacy SEV can be obtained from ATTESTATION ioctl from the hypervisor, and it contains a signature from PEK. Is there a plan to support the validate and verify for the legacy SEV report in this project?

deeglaze commented 11 months ago

No, legacy attestation is out of scope.