amd-sev: secure_virt_attest to secure_virt_measure

tylerfanelli · tylerfanelli · commit 800df7f2f412 · 2025-04-08T10:43:29.000-04:00
In the legacy AMD SEV implementation, the sev_secure_virt_attest
function performed pre-boot attestation for a VM. This implementation
was removed, and SEV-SNP uses post-boot attestation. As such, the
SEV-SNP implementation only measures each region for guests, and does
not attest anything, making the function name a bit misleading.

Signed-off-by: Tyler Fanelli &lt;tfanelli@redhat.com&gt;
diff --git a/src/vmm/src/builder.rs b/src/vmm/src/builder.rs
@@ -845,7 +845,7 @@ pub fn build_microvm(
                     .map_err(VstateError::KvmCpuId)
                     .map_err(StartMicrovmError::SecureVirtAttest)?;
                 vmm.kvm_vm()
-                    .snp_secure_virt_attest(
+                    .snp_secure_virt_measure(
                         cpuid,
                         vmm.guest_memory(),
                         measured_regions,
diff --git a/src/vmm/src/linux/vstate.rs b/src/vmm/src/linux/vstate.rs
@@ -551,7 +551,7 @@ impl Vm {
     }
 
     #[cfg(feature = "amd-sev")]
-    pub fn snp_secure_virt_attest(
+    pub fn snp_secure_virt_measure(
         &self,
         cpuid: CpuId,
         guest_mem: &GuestMemoryMmap,

Original file line number	Diff line number	Diff line change
`@@ -551,7 +551,7 @@ impl Vm {`
`551`	`551`	`}`
`552`	`552`
`553`	`553`	`#[cfg(feature = "amd-sev")]`
`554`		`- pub fn snp_secure_virt_attest(`
	`554`	`+ pub fn snp_secure_virt_measure(`
`555`	`555`	`&self,`
`556`	`556`	`cpuid: CpuId,`
`557`	`557`	`guest_mem: &GuestMemoryMmap,`