Workflow

Sev-snp-measure

Latest version: v0.0.11

Safety actively analyzes 682387 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 2

0.0.11

Modified
- Support OVMF section `SVSM_CAA` (fix `ValueError: 4 is not a valid
SectionType`) (by [DGonzalezVillal](https://github.com/DGonzalezVillal)).

0.0.10

Modified
- Set default of `--guest-features` back to 0x1 to align with
Linux kernel 6.8 and newer ([kernel commit 5abf6dceb066](https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5abf6dceb066f2b02b225fd561440c98a8062681)) (by
[larrydewey](https://github.com/larrydewey)).
- Update the VMSA to match latest upstream kernel; this should match
host Linux kernel 6.10 and newer; this is a **BREAKING CHANGE** for older
kernels (by [DGonzalezVillal](https://github.com/DGonzalezVillal)).
- Updated dependencies: cryptography to 42.0.4, removed unneeded
types-cryptography (by [msanft](https://github.com/msanft)).

0.0.9

Added
- Add optional `--vars-file` (besides `--vars-size`) for SNP-SVSM mode (by
[osteffenrh](https://github.com/osteffenrh)).
- Add optional `--guest-features` to set the value of the SEV features field in
the VMSA. This value is set to 0x1 by host Linux kernel older than 6.6, and
to 0x21 (the default) in later kernels. Note that this is a **BREAKING
CHANGE** for kernels older than 6.6 (run with `--guest-features=0x1` to get
the correct behaviour there).

Modified
- Updated dependencies: cryptography to 42.0.0

0.0.8

Added
- Add `--mode=snp:svsm` to calculate SNP measurements when starting with SVSM
under QEMU (by [osteffenrh](https://github.com/osteffenrh)).
- Add `--dump-vmsa` to write measured VMSAs to local files for debugging (by
[osteffenrh](https://github.com/osteffenrh)).

Modified
- Fix bad id-auth signature generation (by [shuk777](https://github.com/shuk777)).
- Verify keys given to snp-create-id-block are EC P-384 keys (by [shuk777](https://github.com/shuk777)).

0.0.7

Modified
- Github repository moved to the [VirTEE](https://github.com/virtee) organization.

0.0.6

Added
- Add `--vmm-type=ec2` to calculate SNP measurements according to the EC2 VMM,
which is slightly different than the way QEMU measures the initial VM state
(by [agraf](https://github.com/agraf)).

Modified
- Detect OVMF that doesn't support kernel hashes and exit with error.
- Exit with error if `--initrd`/`--append` are used without `--kernel`.

Page 1 of 2

Links

Releases

Has known vulnerabilities

Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.