Missing support for adding certificate chains to the hypervisor memory #111
Comments
|
Yes, it's supported, but is hypervisor-specific. I believe the documentation you're pointing to is showing how hypervisors importing this crate can easily store certificate chains in their memory using the API. What hypervisor are you using? |
|
This functionality was deprecated in most recent kernels, the workflow was changed to creating a ghcb file and then passing it to the VM through QEMU, although that was not up streamed on kernel 6.11. The functionality is still in development and the behavior is expected to change. I could provide further instructions on how to do it with the more current workflow if you are interested. |
|
Closing as its not a snphost bug/feature. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
I'm currently looking for an option to add a certificate-chain to the hypervisor memory to be able to perform the extended attestation workflow on an SNP host.
Is there already a method in this project to do this?
I already had a look at the respective AMD Documentation and it seems that this feature is supported by AMD under section 2.2.2.
Thanks in advance!
The text was updated successfully, but these errors were encountered: