I am analyzing measurement entries reported in an attestation report retrieved from a confidential GPU. Each measurement entry consists of an index, type, size, and value. However, the corresponding Reference Integrity Manifest (RIM) files for my Driver and VBIOS contain generic names, such as Measurement_NUM, associated with specific indexes.
These generic names do not provide insight into what software components or configuration settings were measured. Could you provide references or documentation that maps these indexes and measurement names in the RIM files (e.g., Measurement_1, Measurement_2, … Measurement_N) to specific firmware, software, or other components?
Help will be greatly appreciated.
1 Like
I’m also in the pursuit of this information for a long time. All I ‘know’ is that some measurements are related to GSP and FSP because it’s in the name of some of them, but nothing deeper than that or official. It would be great to know where to look when something goes wrong rather than trying fix an issue on measurement X only knowing that is part of the Driver RIM.
Anything the helps shed some light on this would be awesome.
(This answer is valid as of the date of this post)
We do not post the exact measurements, as they are limited to internal states, registers, etc. wherein an evidence-policy is not valuable to a relying policy.
If any of the measurements were to fail, NVIDIA could not recommend that a relying party “policy their way around” the verification failure. Our flow is to utilize the abstracted appraisal claims that the verifiers return to perform their policy decisions.
If you ever have failures in measurements, please file an issue on the nvTrust GitHub Repo
1 Like