manifest: add ProductName field

edgelesssys · Aug 19, 2024 · cb4e329 · cb4e329
1 parent 3568fe4
commit cb4e329
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 2 deletions.
diff --git a/internal/manifest/manifest.go b/internal/manifest/manifest.go
@@ -99,6 +99,12 @@ func (r SNPReferenceValues) Validate() error {
 		return fmt.Errorf("field MicrocodeVersion in manifest cannot be empty")
 	}
 
+	switch r.ProductName {
+	case Milan, Genoa:
+	default:
+		return fmt.Errorf("unknown product name: %s", r.ProductName)
+	}
+
 	if len(r.TrustedMeasurement) != abi.MeasurementSize*2 {
 		return fmt.Errorf("trusted measurement has invalid length: %d (expected %d)", len(r.TrustedMeasurement), abi.MeasurementSize*2)
 	}

diff --git a/internal/manifest/referencevalues.go b/internal/manifest/referencevalues.go
@@ -34,6 +34,7 @@ type EmbeddedReferenceValues map[string]ReferenceValues
 // SNPReferenceValues contains reference values for SEV-SNP.
 type SNPReferenceValues struct {
 	MinimumTCB         SNPTCB
+	ProductName        ProductName
 	TrustedMeasurement HexString
 }
 
@@ -78,6 +79,16 @@ func (s *SVN) UnmarshalJSON(data []byte) error {
 	return nil
 }
 
+// ProductName is the name mentioned in the VCEK/ASK/ARK.
+type ProductName string
+
+const (
+	// Milan is the product name for 3rd generation EPYC CPUs.
+	Milan ProductName = "Milan"
+	// Genoa is the product name for 4th generation EPYC CPUs.
+	Genoa ProductName = "Genoa"
+)
+
 // HexString is a hex encoded string.
 type HexString string
 

diff --git a/packages/by-name/contrast/package.nix b/packages/by-name/contrast/package.nix
@@ -68,6 +68,7 @@ let
                   microsoft.kata-igvm.launch-digest
               )
             );
+            productName = "Milan";
           }
         ];
       };
@@ -82,8 +83,14 @@ let
                 kata.snp-launch-digest;
           in
           [
-            { trustedMeasurement = lib.removeSuffix "\n" (builtins.readFile "${launch-digest}/milan.hex"); }
-            { trustedMeasurement = lib.removeSuffix "\n" (builtins.readFile "${launch-digest}/genoa.hex"); }
+            {
+              trustedMeasurement = lib.removeSuffix "\n" (builtins.readFile "${launch-digest}/milan.hex");
+              productName = "Milan";
+            }
+            {
+              trustedMeasurement = lib.removeSuffix "\n" (builtins.readFile "${launch-digest}/genoa.hex");
+              productName = "Genoa";
+            }
           ];
       };