sevctl
is a command line utility for managing the AMD Secure Encrypted Virtualization (SEV) platform.
It currently supports the entire management API for the Naples generation of processors.
In order to provision a new server using a self-signed Owner's Certificate Authority (OCA), you would typically perform a sequence similar to:
$ sevctl generate oca.cert oca.key
$ sevctl provision oca.cert oca.key
$ sevctl export --full /opt/sev/cert_chain.cert
After these steps, running the sevctl verify
subcommand should show the whole
certificate chain, and sevctl show flags
should indicate that the platform is
owned
. Note that you can only provision once. Should you need to re-provision,
you will need to use sevctl reset
first.
Every sevctl
(sub)command comes with a quick --help
option for a reference on its use. For example:
$ sevctl --help
or
$ sevctl show --help
Exports the SEV certificate chain to the provided file path.
$ sevctl export /path/to/where/you/want/the-certificate
Generates a new (self-signed) OCA certificate and key.
$ sevctl generate ~/my-cert ~/my-key
Build measurement value from its component parts. The output is a full measurement blob of measurement+nonce, similar to what qemu and libvirt report.
$ sevctl measurement build \
--api-major 01 --api-minor 40 --build-id 40 \
--policy 0x05 \
--tik /path/to/VM_tik.bin \
--launch-measure-blob /o0nzDKE5XgtVnUZWPhUea/WZYrTKLExR7KCwuMdbActvpWfXTFk21KMZIAAhQny \
--firmware /usr/share/edk2/ovmf/OVMF.amdsev.fd \
--kernel /path/to/kernel \
--initrd /path/to/initrd \
--cmdline "my kernel cmdline" \
--vmsa-cpu0 /path/to/vmsa0.bin \
--vmsa-cpu1 /path/to/vmsa1.bin \
--num-cpus 4
Probes processor, sysfs, and KVM for AMD SEV, SEV-ES, and SEV-SNP related features on the host and emits the results.
$ sevctl ok {sev, es, snp} // Probes support for the generation specified.
$ sevctl ok // Probes support for the host hardware's generation.
Installs the operator-provided OCA certificate to take ownership of the platform.
$ sevctl provision ~/owners-cert ~/owners-private-key
Resets the SEV platform. This will clear all persistent data managed by the platform.
$ sevctl reset
Rotates the Platform Diffie-Hellman (PDH).
$ sevctl rotate
Generate secret header and payload binary content, and write to specified
output paths. Secrets are passed as --secret UUID:FILENAME
pairs
$ sevctl secret build \
--tik /path/to/VM_tik.bin \
--tek /path/to/VM_tek.bin \
--launch-measure-blob /o0nzDKE5XgtVnUZWPhUea/WZYrTKLExR7KCwuMdbActvpWfXTFk21KMZIAAhQny \
--secret 736869e5-84f0-4973-92ec-06879ce3da0b:/path/to/secret.txt \
/path/to/secret_header.bin \
/path/to/secret_payload.bin
Given a certificate chain file and 32-bit policy, generates base64-encoded GODH and launch session files; as well as encoded (not base64) TIK and TEK files.
$ sevctl session --name {name} {/pdh/cert/path} {policy}
Describes the state of the SEV platform.
$ sevctl show flags
$ sevctl show guests
Verifies the full SEV/CA certificate chain. File paths to these certificates can be supplied as command line arguments if they are stored on the local filesystem. If they are not supplied, the well-known public components will be downloaded from their remote locations.
$ sevctl verify
Build a VMSA binary blob and save to the specified filename.
$ sevctl vmsa build NEW-VMSA0.bin --userspace qemu --family 25 --stepping 1 --model 1 --firmware /path/to/OVMF.amdsev.fd --cpu 0
Update an existing VMSA binary file in place, with the passed options.
$ sevctl vmsa build EXISTING-VMSA0.bin --userspace qemu --family 25 --stepping 1 --model 1 --firmware /path/to/OVMF.amdsev.fd --cpu 0
Print an existing VMSA binary file as JSON
$ sevctl vmsa show EXISTING-VMSA0.bin
License: Apache-2.0