AMD SEV-SNP Attestation Report - Key Fields
An AMD SEV-SNP Attestation Report contains several cryptographic measurements that prove the integrity of the Confidential Virtual Machine. These values are generated during the boot process and serve as a verifiable fingerprint of the system state.
Attestation Report Structure
An SEV-SNP attestation report contains measurements, policy constraints, and platform state, all covered by a cryptographic signature.
Below are the key fields and their meaning.
version
Report format version. Defines how the rest of the report should be interpreted.
guest_svn
Security Version Number - monotonically increasing version number of the guest image. Used for rollback protection.
chip_id
A unique 64-byte identifier that represents the specific AMD physical processor (CPU) chip on which the SEV-SNP guest is currently running
family_id
A string representing the SecretVM type and size (e.g. prod-small-sev)
image_id
A string showing the version of SecretVM artifacts that the machine is running (e.g. v0.0.24)
measurement
Contains measurements of all the components of the VM, hashed consecutively: firmware, kernel, kernel commandline, initial RAM FS, Root FS, the docker-compose.yaml and (optionally) the dockerfiles.tar archive. The measurement field essentially defines the identity of the SecretVM
report_data
A special field that concatenates: - The fingerprint of the TLS certificate generated on the VM - The nonce of the GPU Attestation Quote (for GPU-enabled machines only).
Last updated
Was this helpful?