78 lines (59 loc) · 2.73 KB

Confidential Compute (CoCo)

Alioth supports booting confidential guests on the following platforms:

AMD SEV ¹
Intel TDX ²

The implementation of both takes QEMU ³⁴ as a reference.

Important

Alioth confidential VMs should be used in testing environments only since the code base has not gone through any serious security reviews.

Confidential Guest with Oak/stage0 Firmware

Project Oak provides a minimal firmware (called stage0) for confidential computing. To use it with Alioth:

Clone the Project Oak repository and build the stage0 firmware:
```
# In the Project Oak source tree
# for AMD-SEV
bazel build //stage0_bin:stage0_bin
# for Intel-TDX
bazel build //stage0_bin_tdx:stage0_bin_tdx
```
The resulting firmware for SEV and TDX are at bazel-bin/stage0_bin/stage0_bin and bazel-bin/stage0_bin_tdx/stage0_bin_tdx respectively.
Prepare the guest Linux kernel and the initramfs.
Use the appropriate firmware and the following values for flag --coco to start a confidential VM:

Type Flag values

SEV sev,policy=0x01

SEV-ES sev,policy=0x05

SEV-SNP snp,policy=0x30000

TDX tdx,attr=0x10000000

For example, to launch an AMD-SNP guest:
```
./alioth boot \
    --memory size=1G \
    --cpu count=2 \
    --kernel /path/to/vmlinuz \
    --cmdline "console=ttyS0" \
    --initramfs /path/to/initramfs \
    --coco snp,policy=0x30000 \
    --firmware /path/to/stage0_bin
```

Note:

An SEV-SNP guest requires host Linux kernel 6.11 or above.
An Intel-TDX guest requires host Linux kernel 6.16 or above.
It is recommended to use the latest stable host kernel for the best compatibility and security.
The stage0 firmware appends extra arguments (-- --oak-dice=... --oak-event-log=... --oak-dice-length=...) to the guest kernel command line. The init process in your initramfs must be able to handle these arguments, or it may fail and cause a kernel panic.

Confidential Guest with UEFI-compatible Firmware

Work in progress.