|
| From: | Alexander Lindner |
| Subject: | Re: SEV: Failed to query the attestation report length ret=-22 fw_err=0 () |
| Date: | Mon, 26 Sep 2022 09:33:16 +0200 |
| User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.11.0 |
Hello again,
Alternatively, can someone point me to a better place for this question?
Regards
Alex
Hello everyone,
I'm trying to attest my SEV VM, but it fails. I started the VM with this snippet:<launchSecurity type="sev"><cbitpos>47</cbitpos><reducedPhysBits>1</reducedPhysBits><policy>0x0003</policy></launchSecurity>
When I try to utilize qmp, it fails with a generic message:
echo '{ "execute": "qmp_capabilities" }\n{"execute":"query-sev-attestation-report","arguments":{"mnonce":"ZBaOEOsVmenc5q34VJb9jw=="}}' | socat - tcp:192.168.123.1:4444 | tail -1 | jq
{
"error": {
"class": "GenericError",
"desc": "SEV: Failed to query the attestation report length ret=-22 fw_err=0 ()"
}
}
No syslog or similar logs are written. Can someone give me a hint what went wrong?
Some other information:echo '{ "execute": "qmp_capabilities" }\n{ "execute": "query-sev" }' | socat - tcp:192.168.123.1:4444 | tail -1 | jq
{
"return": {
"enabled": true,
"api-minor": 22,
"handle": 1,
"state": "running",
"api-major": 0,
"build-id": 11,
"policy": 3
}
}
Inside the host:
dmesg | grep SEV
[ 0.160174] AMD Secure Encrypted Virtualization (SEV) active
Regards
Alex
| [Prev in Thread] | Current Thread | [Next in Thread] |