CPU attestation failure in AMD SEV SNP CVM + H100

ajannu · January 17, 2024, 11:43pm

Hello, I was trying to perform CPU and GPU attestation in a CVM on an AMD host with H100 GPU.

I’m unable to perform a CPU attestation in the CVM using the attest binary. The error I get is as follows , I’m not sure what device is not working here:

user@hccvm:~$ sudo ./attest
[sudo] password for user: 
Failed to open firmware device and get an attestation report; are you running in a CVM?
Error was FirmwareError(IoError(Os { code: 2, kind: NotFound, message: "No such file or directory" }))
user@hccvm:~$ nvidia-smi
Wed Jan 17 13:36:03 2024       
+---------------------------------------------------------------------------------------+
| NVIDIA-SMI 535.104.05             Driver Version: 535.104.05   CUDA Version: 12.2     |
|-----------------------------------------+----------------------+----------------------+
| GPU  Name                 Persistence-M | Bus-Id        Disp.A | Volatile Uncorr. ECC |
| Fan  Temp   Perf          Pwr:Usage/Cap |         Memory-Usage | GPU-Util  Compute M. |
|                                         |                      |               MIG M. |
|=========================================+======================+======================|
|   0  NVIDIA H100 PCIe               On  | 00000000:01:00.0 Off |                    0 |
| N/A   29C    P0              47W / 350W |      0MiB / 81559MiB |      0%      Default |
|                                         |                      |                  N/A |
+-----------------------------------------+----------------------+----------------------+
                                                                                         
+---------------------------------------------------------------------------------------+
| Processes:                                                                            |
|  GPU   GI   CI        PID   Type   Process name                            GPU Memory |
|        ID   ID                                                             Usage      |
|=======================================================================================|
|  No running processes found                                                           |
+---------------------------------------------------------------------------------------+
user@hccvm:~$ 
user@hccvm:~$ sudo nvidia-smi conf-compute -f
[sudo] password for user: 
CC status: ON
user@hccvm:~$ 
user@hccvm:~$ sudo dmesg | grep SEV | head
[    1.061846] Memory Encryption Features active: AMD SEV SEV-ES SEV-SNP
[    1.246441] SEV: Using SNP CPUID table, 31 entries present.
[    6.636358] SEV: SNP guest platform device initialized.
user@hccvm:~$ grep -w sev /proc/cpuinfo
user@hccvm:~$

I was however able to successfully attest the GPU:

(nvAttest) user@hccvm:~/nvtrust/guest_tools/attestation_sdk$ python3
Python 3.10.12 (main, Nov 20 2023, 15:14:05) [GCC 11.4.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from nv_attestation_sdk import attestation
>>> client = attestation.Attestation("test_node")
>>> client.add_verifier(attestation.Devices.GPU, attestation.Environment.LOCAL, "",   "")
>>> attestation_results_policy = '{"version":"1.0","authorization-rules":{"x-nv-gpu-available":true,' \
... '"x-nv-gpu-attestation-report-available":true,"x-nv-gpu-info-fetched":true,' \
... '"x-nv-gpu-arch-check":true,"x-nv-gpu-root-cert-available":true,' \
... '"x-nv-gpu-cert-chain-verified":true,"x-nv-gpu-ocsp-cert-chain-verified":true,' \
... '"x-nv-gpu-ocsp-signature-verified":true,"x-nv-gpu-cert-ocsp-nonce-match":true,' \
... '"x-nv-gpu-cert-check-complete":true,"x-nv-gpu-measurement-available":true,' \
... '"x-nv-gpu-attestation-report-parsed":true,"x-nv-gpu-nonce-match":true,' \
... '"x-nv-gpu-attestation-report-driver-version-match":true,' \
... '"x-nv-gpu-attestation-report-vbios-version-match":true,' \
... '"x-nv-gpu-attestation-report-verified":true,"x-nv-gpu-driver-rim-schema-fetched":true,' \
... '"x-nv-gpu-driver-rim-schema-validated":true,"x-nv-gpu-driver-rim-cert-extracted":true,' \
... '"x-nv-gpu-driver-rim-signature-verified":true,' \
... '"x-nv-gpu-driver-rim-driver-measurements-available":true,' \
... '"x-nv-gpu-driver-vbios-rim-fetched":true,"x-nv-gpu-vbios-rim-schema-validated":true,' \
... '"x-nv-gpu-vbios-rim-cert-extracted":true,"x-nv-gpu-vbios-rim-signature-verified":true,' \
... '"x-nv-gpu-vbios-rim-driver-measurements-available":true,' \
... '"x-nv-gpu-vbios-index-conflict":true,"x-nv-gpu-measurements-match":true}}'
>>> client.attest()
Number of GPUs available : 1
-----------------------------------
Fetching GPU 0 information from GPU driver.
Using the Nonce specified by user
VERIFYING GPU : 0
        Driver version fetched : 535.104.05
        VBIOS version fetched : 96.00.74.00.1a
        Validating GPU certificate chains.
                GPU attestation report certificate chain validation successful.
                        The certificate chain revocation status verification successful.
        Authenticating attestation report
                The nonce in the SPDM GET MEASUREMENT request message is matching with the generated nonce.
                Driver version fetched from the attestation report : 535.104.05
                VBIOS version fetched from the attestation report : 96.00.74.00.1a
                Attestation report signature verification successful.
                Attestation report verification successful.
        Authenticating the RIMs.
                Authenticating Driver RIM
                        Fetching the driver RIM from the RIM service.
                        RIM Schema validation passed.
                        driver RIM certificate chain verification successful.
                        The certificate chain revocation status verification successful.
                        driver RIM signature verification successful.
                        Driver RIM verification successful
                Authenticating VBIOS RIM.
                        Fetching the VBIOS RIM from the RIM service.
                        RIM Schema validation passed.
                        vbios RIM certificate chain verification successful.
                        The certificate chain revocation status verification successful.
                        vbios RIM signature verification successful.
                        VBIOS RIM verification successful
        Comparing measurements (runtime vs golden)
                        The runtime measurements are matching with the golden measurements.                            
                GPU is in expected state.
        GPU 0 verified successfully.
        GPU Attested Successfully
True
>>> client.validate_token(attestation_results_policy)
        [ERROR] Invalid token. Authorized claims does not match the appraisal policy:  x-nv-gpu-vbios-index-conflict
False
>>>

Any idea what is going wrong here?

rnertney · January 17, 2024, 11:51pm

Can you utilize the RemoteGPUTest.py

rather than the code you used? It appears this code is leveraging the local verifier (normally utilized in airgapped scenarios). These instructions will be updated.

ajannu · January 18, 2024, 12:02am

By airgapped scenarios, you mean without an ssh connection?
I ran the RemoteGPUTest.py, and I got a successful result.

Any idea why is the CPU attestation failing in the CVM?

rnertney · January 18, 2024, 5:12pm

By airgapped scenarios, you mean without an ssh connection?

Correct.

We don’t directly support CPU attestation. The application you’re using was provided by one of our engineers as a courtesy. I’ll reach to him to see what we can do to get it reenabled in your CVM

ajannu · January 23, 2024, 10:31am

The issue wasn’t with the cpu attestation binary provided to us. It was that the /dev/snp-guest device was not found:

user@hccvm:~$ sudo ./attest
[sudo] password for user: 
Failed to open firmware device and get an attestation report; are you running in a CVM?
Error was FirmwareError(IoError(Os { code: 2, kind: NotFound, message: "No such file or directory" }))
user@hccvm:~$

I was able to resolve this by manually inserting the kernel module needed before performing any kind of cpu attestation:

nvidia@hccvm:~$ sudo modprobe sev-guest
[sudo] password for nvidia: 
nvidia@hccvm:~$ echo $?
0
nvidia@hccvm:~$ 
nvidia@hccvm:~$ sudo ./attest 
Report data matches supplied data
Report signature verification succeeded
nvidia@hccvm:~$

Topic		Replies	Views
H100 Attestation failure in the CVM Confidential Computing	3	678	January 17, 2024
Is it possible to attest GPU in an offline environment Confidential Computing ubuntu , gpu	2	227	November 18, 2025
Secure communication with guests using AMD SEV-SNP Confidential Computing	0	982	September 21, 2023
Is attestation available to do on Jetson GPUs? Confidential Computing	1	113	March 28, 2025
AMD SEV-SNP + H100 hangs or fails during CVM launch Confidential Computing	9	900	January 17, 2024
What do "Driver" measurements from NVIDIA RIM Service actually measure? Confidential Computing	3	320	February 13, 2025
H100 SXM5: NVIDIA driver 570.133.20 installed but nvidia_ccc.ko missing, attestation fails Linux	3	285	May 23, 2025
Confidential Computing Deployment Guide (Intel TDX & KVM) attestation execution fails Confidential Computing	0	191	February 4, 2025
Broken GPU state query failure in AMD + H100 Confidential Computing	10	1408	February 15, 2024
Does AMD SEV or SEV-ES support H100 CC? Confidential Computing	8	413	August 18, 2024

CPU attestation failure in AMD SEV SNP CVM + H100

Related topics