AMD SEV-SNP Launch Measurement Verification

Google Cloud Compute Infrastructure
,
1

Hi, everyone!

How can I manually verify the launch measurement for AMD SEV-SNP? I can download the UEFI binary from gs://gce_tcb_integrity/ovmf_x64_csm/ and obtain to compute the measurement, but available tools like those from virtee only support QEMU and EC2 VMs, while Google uses its own VMM. Are there any existing projects or methods for manual verification of the Launch Measurement of CVM from GCP?

2

Hi @staaason ,

Welcome to Google Cloud Community!

Here’s a step-by-step guide to help you establish that your Confidential VM instance is running on genuine Google-managed firmware by performing the tasks outlined below.

  1. Retrieve the Attestation Report from the CVM:

The attestation report, which includes the launch measurement, can be retrieved directly from the AMD Secure Processor within your Confidential VM. This can be done using tools like go-sev-guest.

  • To obtain the attestation report, first install the go-sev-guest tool within your Confidential VM. Then, run the appropriate command inside the CVM to fetch the report, which includes the measurement field.

go-sev-guest report

  1. Obtain the Corresponding Launch Endorsement from GCP:

Google Cloud provides precomputed, and signed launch endorsements for its Confidential VMs, including expected measurements for verification.

  • Extract the 384-bit measurement from the attestation report, then use it to download the corresponding launch endorsement from GCP’s Cloud Storage. This retrieves the serialized reference launch endorsement for your Confidential VM.

MEASUREMENT=<your_extracted_measurement>

gsutil cp gs://gce_tcb_integrity/ovmf_x64_csm/sevsnp/${MEASUREMENT}.binarypb launch_endorsement.binarypb

  1. Verify the Launch Measurement:

With both the attestation report and the launch endorsement:​

  • Compare the Measurements: Ensure that the measurement from the attestation report matches the value in the launch endorsement to confirm integrity.
  • Validate the Endorsement’s Authenticity: Ensure the launch endorsement is signed by Google’s trusted authority to validate its authenticity and integrity.

If you need further assistance, you can reach out to Google Cloud Support at any time.

Was this helpful? If so, please accept this answer as “Solution”. If you need additional assistance, reply here within 2 business days and I’ll be happy to help.