amd-sev: secure_virt_attest to secure_virt_measure

tylerfanelli · tylerfanelli · commit 7c02c969f82c · 2025-04-04T15:35:28.000-04:00
In the legacy AMD SEV implementation, the sev_secure_virt_attest
function performed pre-boot attestation for a VM. This implementation
was removed, and SEV-SNP uses post-boot attestation. As such, the
SEV-SNP implementation only measures each region for guests, and does
not attest anything, making the function name a bit misleading.

Signed-off-by: Tyler Fanelli &lt;tfanelli@redhat.com&gt;
diff --git a/src/vmm/src/builder.rs b/src/vmm/src/builder.rs
@@ -845,7 +845,7 @@ pub fn build_microvm(
                     .map_err(VstateError::KvmCpuId)
                     .map_err(StartMicrovmError::SecureVirtAttest)?;
                 vmm.kvm_vm()
-                    .snp_secure_virt_attest(
+                    .snp_secure_virt_measure(
                         cpuid,
                         vmm.guest_memory(),
                         measured_regions,
diff --git a/src/vmm/src/linux/vstate.rs b/src/vmm/src/linux/vstate.rs
@@ -549,7 +549,7 @@ impl Vm {
     }
 
     #[cfg(feature = "amd-sev")]
-    pub fn snp_secure_virt_attest(
+    pub fn snp_secure_virt_measure(
         &self,
         cpuid: CpuId,
         guest_mem: &GuestMemoryMmap,

Original file line number	Diff line number	Diff line change
`@@ -549,7 +549,7 @@ impl Vm {`
`549`	`549`	`}`
`550`	`550`
`551`	`551`	`#[cfg(feature = "amd-sev")]`
`552`		`- pub fn snp_secure_virt_attest(`
	`552`	`+ pub fn snp_secure_virt_measure(`
`553`	`553`	`&self,`
`554`	`554`	`cpuid: CpuId,`
`555`	`555`	`guest_mem: &GuestMemoryMmap,`