Expand description
The module helps preparing requests and parsing responses that are
sent to and received from the IGVm agent runs on the host via GET
IGVM_ATTEST host request.
Modules§
- runtime_
claims - Definition of the runt-time claims, which will be appended to the
IgvmAttestRequestBasein raw bytes.
Structs§
- Igvm
Attest AkCert Response Header - The response header for
AK_CERT_REQUEST(C-style struct) - Igvm
Attest Common Response Header - The common response header that comply with both V1 and V2 Igvm attest response
- Igvm
Attest Hash Type - Hash algorithm used for content of report data (C-style enum)
- Igvm
Attest KeyRelease Response Header - The response header for
KEY_RELEASE_REQUEST(C-style struct) - Igvm
Attest Report Type - TEE attestation report type (C-style enum)
- Igvm
Attest Request Base - Request base structure (C-style)
The struct (includes the appended
runtime_claims::RuntimeClaims) also serves as the attestation report in vTPM guest attestation. - Igvm
Attest Request Data - Unmeasured user data, used for host attestation requests (C-style struct)
- Igvm
Attest Request Data Ext - Unmeasured user data appended to
IgvmAttestRequestDatafor version 2+, used for host attestation requests (C-style struct). - Igvm
Attest Request Header - Unmeasured data used to provide transport sanity and versioning (C-style struct)
- Igvm
Attest Request Type - Request type (C-style enum)
- Igvm
Attest Request Version - IGVM Attest request header versions.
- Igvm
Attest Response Version - IGVM Attest response header versions.
- Igvm
Attest Wrapped KeyResponse Header - The response header for
WRAPPED_KEY_REQUEST(C-style struct) Currently the definition is the same asIgvmAttestKeyReleaseResponseHeader. - Igvm
Capability BitMap - Bitmap of additional Igvm request attributes. 0 - error_code: Requesting IGVM Agent Error code 1 - retry: Retry preference 2 - skip_hw_unsealing: Skip hardware unsealing in case key release request fails
- Igvm
Error Info - The response header for
IGVM_ERROR_INFO(C-style struct) - Igvm
Signal - Bitmap indicates a signal to requestor 0 - IGVM_SIGNAL_RETRY_RECOMMENDED_BIT: Retry recommendation 1 - IGVM_SIGNAL_SKIP_HW_UNSEALING_RECOMMENDED_BIT: Skip hardware unsealing
Constants§
- AK_
CERT_ RESPONSE_ BUFFER_ SIZE - Number of pages required by the response buffer of AK_CERT request Currently the AK cert request only requires 1 page.
- IGVM_
ATTEST_ REQUEST_ CURRENT_ VERSION - Current IGVM Attest request header version.
- IGVM_
ATTEST_ RESPONSE_ CURRENT_ VERSION - Current IGVM Attest response header version.
- KEY_
RELEASE_ RESPONSE_ BUFFER_ SIZE - Number of pages required by the response buffer of KEY_RELEASE request
Currently the number matches the maximum value defined by
get_protocol - SNP_
VM_ REPORT_ SIZE - TDX_
VM_ REPORT_ SIZE - TVM_
REPORT_ SIZE - No TEE attestation report for TVM
- VBS_
VM_ REPORT_ SIZE - WRAPPED_
KEY_ RESPONSE_ BUFFER_ SIZE - Number of pages required by the response buffer of WRAPPED_KEY request
Currently the number matches the maximum value defined by
get_protocol