qemu-discuss
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SEV: Failed to query the attestation report length ret=-22 fw_err=0


From: Alexander Lindner
Subject: Re: SEV: Failed to query the attestation report length ret=-22 fw_err=0 ()
Date: Mon, 26 Sep 2022 09:33:16 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.11.0

Hello again,

Alternatively, can someone point me to a better place for this question?

Regards
Alex


Am 22.09.22 um 10:15 schrieb Alexander Lindner:
Hello everyone,

I'm trying to attest my SEV VM, but it fails. I started the VM with this snippet:
  <launchSecurity type="sev">
    <cbitpos>47</cbitpos>
    <reducedPhysBits>1</reducedPhysBits>
    <policy>0x0003</policy>
  </launchSecurity>

When I try to utilize qmp, it fails with a generic message:

echo '{ "execute": "qmp_capabilities" }\n{"execute":"query-sev-attestation-report","arguments":{"mnonce":"ZBaOEOsVmenc5q34VJb9jw=="}}' | socat - tcp:192.168.123.1:4444 | tail -1 | jq
{
 "error": {
   "class": "GenericError",
   "desc": "SEV: Failed to query the attestation report length ret=-22 fw_err=0 ()"
 }
}

No syslog or similar logs are written. Can someone give me a hint what went wrong?

Some other information:
echo '{ "execute": "qmp_capabilities" }\n{ "execute": "query-sev" }' | socat - tcp:192.168.123.1:4444 | tail -1 | jq                                                                   
{
 "return": {
   "enabled": true,
   "api-minor": 22,
   "handle": 1,
   "state": "running",
   "api-major": 0,
   "build-id": 11,
   "policy": 3
 }
}
Inside the host:
dmesg | grep SEV
[    0.160174] AMD Secure Encrypted Virtualization (SEV) active

Regards
Alex




reply via email to

[Prev in Thread] Current Thread [Next in Thread]