📃
Confidential Computing 101
HomeTechnologyTry CC!
  • Welcome
  • Confidential Computing
    • What is Confidential Computing
    • What problems Confidential Computing solves
      • Bare Metal
      • Docker
      • Kubernetes
      • Knative
    • Why Confidential Computing
    • How Confidential Computing works
      • Memory Encryption
      • Workload Attestation
      • Confidential Boot
      • Sealing / Binding
      • Secret Provisioning
    • Technology Overview
    • Cloud Service Providers
  • Technology in depth
    • Intel SGX
      • Getting Started
        • Bare Metal Server Installation
        • Enclave Development Environment
        • Intel SGX SDK Setup
      • Technology
        • 🎭Features
        • 💂Threat Model
        • 🆚Versions
        • 🟦Concepts
          • 🏦Memory Encryption
          • 👮Local and Remote Attestation
          • 🖼️DCAP-Attestation Framework
          • 🔑Secret Key Provisioning
      • enclaive Development Kit
        • 🏢Architecture
        • 🌪️Workflow
        • 🌍Tutorials
          • Azure DCdsv3, DCsv2, or DCsv3 Setup
          • Redis in cK8s
          • MongoDB in cK8s
          • K8s + HashiCorp Vault on Azure DCsv3
      • Vault Remote Attestation Plug-In
        • 🏃‍♂️Initialization
        • 👮Attestation
        • ⚙️Configuration
    • Intel TDX
      • Getting Started
        • Azure
        • AWS
        • GCP
      • Technology
        • History
          • VT
          • TME/MKTME
          • SGX
        • Features
        • Threat Model
        • Concepts
          • Architecture
            • TDX Module
          • Memory Encryption
            • Confidentiality and Integrity
            • Keys and Key Management
          • TD Partitioning
          • DCAP-Attestation
            • Overview
            • Platform Registration
            • Attestation Report
    • AMD SEV
      • Getting Started
        • Azure
        • AWS
        • GCP
      • Technology
        • History
        • Threat Model
        • SME Concepts
          • Use Models
        • SEV-SNP Concepts
          • Features
            • Integrity Threats
            • Reverse Map Table
            • Page Validation
            • Page States
            • Virtual Machine Privilege Levels
            • Interrupt/Exception Protection
            • Trusted Platform Information
            • TCB Versioning
            • VM Launch & Attestation
            • VM Migration
            • Side Channels
          • Use Cases
          • Architecture
            • Encrypted Memory
            • Key Management
          • Software Implications
    • ARM CC
      • Technology
        • Introduction
        • Threat Model
        • Design
        • Comparison
    • Attestation Methods
      • Raw Attestation
      • Raw Attestation with Secure-Boot
      • Raw Attestation with a vTPM
        • AMD Secure VM Service Module and vTPMs
      • Raw Attestation with paravirtualized TPM
  • Resources
    • Youtube
    • Github
    • Products
Powered by GitBook
On this page

Was this helpful?

  1. Technology in depth
  2. AMD SEV
  3. Technology
  4. SEV-SNP Concepts
  5. Features

Trusted Platform Information

Traditionally, platform features and capabilities are discovered using the CPUID instruction. Hypervisors often trap and emulate this instruction for various purposes, such as restricting guest access to certain features to facilitate migration. However, when a malicious hypervisor provides incorrect CPUID information, it can potentially lead to security issues.

For example, if a hypervisor lies about the size of the x86 Extended Save Area (used with the XSAVE/XRSTOR CPU instructions), it may cause a guest to allocate insufficient memory and experience a buffer overflow when executing the hardware XSAVE instruction. Although guest VMs can attempt to validate the CPUID information they receive, this validation process can be challenging, especially during the boot process.

To simplify the validation task for guests, SEV-SNP introduces an optional capability called CPUID filtering, which involves the participation of the AMD Secure Processor (AMD-SP). The AMD-SP verifies that the CPUID results reported by the hypervisor do not exceed the platform's capabilities and ensures the accuracy of security-sensitive information, such as the x86 Extended Save Area size.

CPUID filtering can be performed either on-the-fly or during guest boot. In the on-the-fly filtering approach, after receiving CPUID information, the guest can request verification from the AMD-SP to validate security-sensitive data. Alternatively, during VM launch, a dedicated 'CPUID page' can be created, containing pre-vetted CPUID information from the AMD-SP. This enables the guest to access trusted CPUID information from the early stages of booting. Besides enhancing security, this special page facilitates quicker access to CPUID information, thus accelerating the VM boot process.

Last updated 12 months ago

Was this helpful?