Struct az_snp_vtpm::report::AttestationReport

source · 
#[repr(C)]
pub struct AttestationReport {
Show 27 fields
    pub version: u32,
    pub guest_svn: u32,
    pub policy: GuestPolicy,
    pub family_id: [u8; 16],
    pub image_id: [u8; 16],
    pub vmpl: u32,
    pub sig_algo: u32,
    pub current_tcb: TcbVersion,
    pub plat_info: PlatformInfo,
    pub report_data: [u8; 64],
    pub measurement: [u8; 48],
    pub host_data: [u8; 32],
    pub id_key_digest: [u8; 48],
    pub author_key_digest: [u8; 48],
    pub report_id: [u8; 32],
    pub report_id_ma: [u8; 32],
    pub reported_tcb: TcbVersion,
    pub chip_id: [u8; 64],
    pub committed_tcb: TcbVersion,
    pub current_build: u8,
    pub current_minor: u8,
    pub current_major: u8,
    pub committed_build: u8,
    pub committed_minor: u8,
    pub committed_major: u8,
    pub launch_tcb: TcbVersion,
    pub signature: Signature,
    /* private fields */

}
Expand description

The guest can request that the firmware construct an attestation report. External entities can use an attestation report to assure the identity and security configuration of the guest.

A guest requests an attestation report by constructing an MSGReportReq The message contains data provided by the guest in REPORT_DATA to be included into the report; the firmware does not interpret this data.

Upon receiving a request for an attestation report, the PSP creates one.

The firmware generates a report ID for each guest that persists with the guest instance throughout its lifetime. In each attestation report, the report ID is placed in REPORT_ID. If the guest has a migration agent associated with it, the REPORT_ID_MA is filled in with the report ID of the migration agent.

The firmware signs the attestation report with its VCEK. The firmware uses the system wide ReportedTcb value as the TCB version to derive the VCEK. This value is set by the hypervisor.

The firmware guarantees that the ReportedTcb value is never greater than the installed TCB version

Fields§

§version: u32

Version number of this attestation report. Set to 2h for this specification.

§guest_svn: u32

The guest SVN.

§policy: GuestPolicy

The guest policy.

§family_id: [u8; 16]

The family ID provided at launch.

§image_id: [u8; 16]

The image ID provided at launch.

§vmpl: u32

The request VMPL for the attestation report.

§sig_algo: u32

The signature algorithm used to sign this report.

§current_tcb: TcbVersion

Current TCB. See SNPTcbVersion

§plat_info: PlatformInfo

Information about the platform. See PlatformInfo

§report_data: [u8; 64]

Guest-provided 512 Bits of Data

§measurement: [u8; 48]

The measurement calculated at launch.

§host_data: [u8; 32]

Data provided by the hypervisor at launch.

§id_key_digest: [u8; 48]

SHA-384 digest of the ID public key that signed the ID block provided in SNP_LANUNCH_FINISH.

§author_key_digest: [u8; 48]

SHA-384 digest of the Author public key that certified the ID key, if provided in SNP_LAUNCH_FINSIH. Zeroes if AUTHOR_KEY_EN is 1.

§report_id: [u8; 32]

Report ID of this guest.

§report_id_ma: [u8; 32]

Report ID of this guest’s migration agent (if applicable).

§reported_tcb: TcbVersion

Reported TCB version used to derive the VCEK that signed this report.

§chip_id: [u8; 64]

If MaskChipId is set to 0, Identifier unique to the chip. Otherwise set to 0h.

§committed_tcb: TcbVersion

CommittedTCB

§current_build: u8

The build number of CurrentVersion

§current_minor: u8

The minor number of CurrentVersion

§current_major: u8

The major number of CurrentVersion

§committed_build: u8

The build number of CommittedVersion

§committed_minor: u8

The minor number of CommittedVersion

§committed_major: u8

The major number of CommittedVersion

§launch_tcb: TcbVersion

The CurrentTcb at the time the guest was launched or imported.

§signature: Signature

Signature of bytes 0 to 0x29F inclusive of this report. The format of the signature is found within Signature.

Trait Implementations§

source§

impl Clone for AttestationReport

source§

fn clone(&self) -> AttestationReport

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for AttestationReport

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
source§

impl Default for AttestationReport

source§

fn default() -> AttestationReport

Returns the “default value” for a type. Read more
source§

impl<'de> Deserialize<'de> for AttestationReport

source§

fn deserialize<__D>( __deserializer: __D ) -> Result<AttestationReport, <__D as Deserializer<'de>>::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
source§

impl Display for AttestationReport

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
source§

impl Serialize for AttestationReport

source§

fn serialize<__S>( &self, __serializer: __S ) -> Result<<__S as Serializer>::Ok, <__S as Serializer>::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more
source§

impl TryFrom<&HclReport> for AttestationReport

§

type Error = HclError

The type returned in the event of a conversion error.
source§

fn try_from( hcl_report: &HclReport ) -> Result<AttestationReport, <AttestationReport as TryFrom<&HclReport>>::Error>

Performs the conversion.
source§

impl TryFrom<HclReport> for AttestationReport

§

type Error = HclError

The type returned in the event of a conversion error.
source§

fn try_from( hcl_report: HclReport ) -> Result<AttestationReport, <AttestationReport as TryFrom<HclReport>>::Error>

Performs the conversion.
source§

impl Validateable for AttestationReport

source§

fn validate(&self, vcek: &Vcek) -> Result<(), ValidateError>

source§

impl Copy for AttestationReport

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
§

impl<T> Free for T

§

default unsafe fn free(ptr_ref: NonNull<T>)

Drops the content pointed by this pointer and frees it. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> Same for T

§

type Output = T

Should always be Self
source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T> ToString for T
where T: Display + ?Sized,

source§

default fn to_string(&self) -> String

Converts the given value to a String. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,