Struct az_snp_vtpm::report::AttestationReport
source · #[repr(C)]pub struct AttestationReport {Show 27 fields
pub version: u32,
pub guest_svn: u32,
pub policy: GuestPolicy,
pub family_id: [u8; 16],
pub image_id: [u8; 16],
pub vmpl: u32,
pub sig_algo: u32,
pub current_tcb: TcbVersion,
pub plat_info: PlatformInfo,
pub report_data: [u8; 64],
pub measurement: [u8; 48],
pub host_data: [u8; 32],
pub id_key_digest: [u8; 48],
pub author_key_digest: [u8; 48],
pub report_id: [u8; 32],
pub report_id_ma: [u8; 32],
pub reported_tcb: TcbVersion,
pub chip_id: [u8; 64],
pub committed_tcb: TcbVersion,
pub current_build: u8,
pub current_minor: u8,
pub current_major: u8,
pub committed_build: u8,
pub committed_minor: u8,
pub committed_major: u8,
pub launch_tcb: TcbVersion,
pub signature: Signature,
/* private fields */
}
Expand description
The guest can request that the firmware construct an attestation report. External entities can use an attestation report to assure the identity and security configuration of the guest.
A guest requests an attestation report by constructing an MSGReportReq The message contains data provided by the guest in REPORT_DATA to be included into the report; the firmware does not interpret this data.
Upon receiving a request for an attestation report, the PSP creates one.
The firmware generates a report ID for each guest that persists with the guest instance throughout its lifetime. In each attestation report, the report ID is placed in REPORT_ID. If the guest has a migration agent associated with it, the REPORT_ID_MA is filled in with the report ID of the migration agent.
The firmware signs the attestation report with its VCEK. The firmware uses the system wide ReportedTcb value as the TCB version to derive the VCEK. This value is set by the hypervisor.
The firmware guarantees that the ReportedTcb value is never greater than the installed TCB version
Fields§
§version: u32
Version number of this attestation report. Set to 2h for this specification.
guest_svn: u32
The guest SVN.
policy: GuestPolicy
The guest policy.
family_id: [u8; 16]
The family ID provided at launch.
image_id: [u8; 16]
The image ID provided at launch.
vmpl: u32
The request VMPL for the attestation report.
sig_algo: u32
The signature algorithm used to sign this report.
current_tcb: TcbVersion
Current TCB. See SNPTcbVersion
plat_info: PlatformInfo
Information about the platform. See PlatformInfo
report_data: [u8; 64]
Guest-provided 512 Bits of Data
measurement: [u8; 48]
The measurement calculated at launch.
host_data: [u8; 32]
Data provided by the hypervisor at launch.
id_key_digest: [u8; 48]
SHA-384 digest of the ID public key that signed the ID block provided in SNP_LANUNCH_FINISH.
SHA-384 digest of the Author public key that certified the ID key, if provided in SNP_LAUNCH_FINSIH. Zeroes if AUTHOR_KEY_EN is 1.
report_id: [u8; 32]
Report ID of this guest.
report_id_ma: [u8; 32]
Report ID of this guest’s migration agent (if applicable).
reported_tcb: TcbVersion
Reported TCB version used to derive the VCEK that signed this report.
chip_id: [u8; 64]
If MaskChipId is set to 0, Identifier unique to the chip. Otherwise set to 0h.
committed_tcb: TcbVersion
CommittedTCB
current_build: u8
The build number of CurrentVersion
current_minor: u8
The minor number of CurrentVersion
current_major: u8
The major number of CurrentVersion
committed_build: u8
The build number of CommittedVersion
committed_minor: u8
The minor number of CommittedVersion
committed_major: u8
The major number of CommittedVersion
launch_tcb: TcbVersion
The CurrentTcb at the time the guest was launched or imported.
signature: Signature
Signature of bytes 0 to 0x29F inclusive of this report. The format of the signature is found within Signature.
Trait Implementations§
source§impl Clone for AttestationReport
impl Clone for AttestationReport
source§fn clone(&self) -> AttestationReport
fn clone(&self) -> AttestationReport
1.0.0 · source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source
. Read more