Update kbs-types dependency to 0.7.0

This allows us to also update sev to the latest version, 3.2.0.

Signed-off-by: Sergio Lopez <[email protected]>

Author: slp

Cargo.lock

@@ -28,11 +28,11 @@ polly = { path = "../polly" }
 
 # Dependencies for amd-sev
 codicon = { version = "3.0.0", optional = true }
-kbs-types = { version = "0.5.1, < 0.5.3", features = ["tee-sev", "tee-snp"], optional = true }
+kbs-types = { version = "0.7.0", features = ["tee-sev", "tee-snp"], optional = true }
 procfs = { version = "0.12", optional = true }
 serde = { version = "1.0.125", optional = true }
 serde_json = { version = "1.0.64", optional = true }
-sev = { version = "1.2.0", features = ["openssl"], optional = true }
+sev = { version = "3.2.0", features = ["openssl"], optional = true }
 curl = { version = "0.4", optional = true }
 nix = "0.24.1"
 

src/vmm/Cargo.toml

@@ -290,7 +290,7 @@ impl AmdSev {
             let request = Request {
                 version: "0.0.0".to_string(),
                 tee: tee_config.tee,
-                extra_params: serde_json::json!(sev_request).to_string(),
+                extra_params: serde_json::json!(sev_request),
             };
 
             let response = curl_agent
@@ -302,7 +302,7 @@ impl AmdSev {
 
             let challenge: Challenge =
                 serde_json::from_slice(&response).map_err(Error::ParseSessionResponse)?;
-            let sev_challenge: SevChallenge = serde_json::from_str(&challenge.extra_params)
+            let sev_challenge: SevChallenge = serde_json::from_value(challenge.extra_params)
                 .map_err(Error::ParseSessionResponse)?;
 
             if sev_challenge
@@ -408,16 +408,15 @@ impl AmdSev {
         let measurement = launcher.measurement();
 
         if !self.tee_config.attestation_url.is_empty() {
-            let tee_pubkey = TeePubKey {
-                kty: "".to_string(),
+            let tee_pubkey = TeePubKey::RSA {
                 alg: "".to_string(),
                 k_mod: "".to_string(),
                 k_exp: "".to_string(),
             };
 
             let attestation = Attestation {
                 tee_pubkey,
-                tee_evidence: serde_json::json!(measurement).to_string(),
+                tee_evidence: serde_json::json!(measurement),
             };
 
             let mut curl_agent = self.curl_agent.lock().unwrap();

src/vmm/src/linux/tee/amdsev.rs

@@ -3,7 +3,7 @@ use std::os::unix::io::{AsRawFd, RawFd};
 use crate::vstate::MeasuredRegion;
 use arch::x86_64::layout::*;
 
-use sev::firmware::host::Firmware;
+use sev::firmware::{guest::GuestPolicy, host::Firmware};
 use sev::launch::snp::*;
 
 use kvm_bindings::{kvm_enc_region, CpuId, KVM_CPUID_FLAG_SIGNIFCANT_INDEX};
@@ -101,15 +101,7 @@ impl AmdSnp {
                 .map_err(|_| Error::MemoryEncryptRegion)?;
         }
 
-        let start = Start::new(
-            None,
-            Policy {
-                flags: PolicyFlags::SMT,
-                ..Default::default()
-            },
-            false,
-            [0; 16],
-        );
+        let start = Start::new(None, GuestPolicy(0), false, [0; 16]);
 
         let launcher = launcher.start(start).map_err(Error::LaunchStart)?;