Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Product name is Unknown, but it is Milan #131

Open
danko-miladinovic opened this issue Jul 24, 2024 · 2 comments
Open

Product name is Unknown, but it is Milan #131

danko-miladinovic opened this issue Jul 24, 2024 · 2 comments

Comments

@danko-miladinovic
Copy link

danko-miladinovic commented Jul 24, 2024
edited
Loading

Hi,

I fetched the attestation report using the QuoteProvider method GetRawQuote (provider.GetRawQuote(reportData)). These are the last bytes of the attestation report:

000004a0: ecae 0c0f 9502 43b1 afa2 0ae2 e0d5 65b6  ......C.......e.
000004b0: 3000 0000 0800 0000 0000 0000 0000 0000  0...............
000004c0: 0000 0000 0000 0000 0000 0000 0000 0000  ................
000004d0: 0800 0000 020f 8000                      ........

When I try to verify the report, I get that the product is Unknown, but we have a Milan processor. I can see in dmesg that SNP is enabled, and I can start the SNP VM and retrieve the report. Can you kindly provide your opinion on what is the problem here? This should not be a duplicate issue, as I found this issue.

When I run cpuid I get this output:

   version information (1/eax):
      processor type  = primary processor (0)
      family          = 0xf (15)
      model           = 0x1 (1)
      stepping id     = 0x1 (1)
      extended family = 0xa (10)
      extended model  = 0x0 (0)
      (family synth)  = 0x19 (25)
      (model synth)   = 0x1 (1)
      (simple synth)  = AMD EPYC (3rd Gen) (Milan B1) [Zen 3], 7nm

Which is not a part of the attestation report.

Kind regards,
Danko
@deeglaze
Copy link
Collaborator

Apologies I didn't see this issue until now. Are you running CPUID on the host or in the guest?

Your ExtraPlatformInfo entry is odd. The size is 8 bytes, but that should be taking the first 4 bytes of the block. It's in the second 4 bytes. Your Cpu1Eax value is 0x30000000, which is also very strange, since it doesn't follow the CPUID(1) expected format at all. I don't know what your hypervisor is, but it's populating the CPUID table with a dubious value.

@danko-miladinovic
Copy link
Author

Thank you for the answer. The CPUID instruction was ran on the host.

I am using QEMU to run my VM and QEMU was built using the build.sh script from the AMDSEV/ADMSEV (snp-latest branch) repository. The QEMU version that I am using currently was built last year, so I guess there might be a bug in their fork. I will build the latest version from the same repo and check. Thank you for the help.

Kind regards,
Danko

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@deeglaze @danko-miladinovic