SNP-VM fails to start with kernel measurement enabled - QEMU report that firmware hashes table area is invalid

[salzg]

Hi,

I am trying to integrate kernel hashing into the Launch Measurements done by SEV-SNP. Unfortunately, the VM does not boot when enabling kernel hashing.

Description:
When launching a VM with SEV support and measured boot enabled (using the kernel-hashes=on option), QEMU fails with the following error message:

qemu-system-x86_64: SEV: guest firmware hashes table area is invalid (base=0x0 size=0x0)

My conjecture is that this error indicates that QEMU was unable to find a valid hash table metadata entry in the guest firmware (OVMF). It is receiving a descriptor with a base address and size of zero.

Steps to Reproduce:

1. Build QEMU via build.sh qemu (using snp-latest)
2. Build OVMF via build.sh ovmf (using snp-latest, changing -p to -p OvmfPkg/AmdSev/AmdSevX64.dsc in common.sh and running touch OvmfPkg/AmdSev/Grub/grub.efi.)
3. Start a SNP-enabled VM with adding kernel-hashes=on at the appropriate line in launch-qemu.sh.
4. Observe that the VM fails to launch, and the error message appears in the logs.

Expected Behavior:
QEMU should locate a valid hash table descriptor in the OVMF firmware, allowing the hashes for the kernel, initrd, and command line to be stored and used for measured boot.

Actual Behavior:
The VM refuses to launch and QEMU reports the error:

SEV: guest firmware hashes table area is invalid (base=0x0 size=0x0)

This suggests that the OVMF firmware in use does not provide the necessary SEV hash table metadata.

Environment Details:

• QEMU: snp-latest

• OVMF: snp-latest

• Host OS: Ubuntu 24.04, stable 6.13.1 or 6.11.0-rc3-snp-host-85ef1ac03941 (tried both just in case)

• SEV: 1.55 (SVNs: 219, 24, 0, 4 (uCode, SNP, TEE, Boot Loader))

• CPU: AMD EPYC 7R13

• QEMU Command Line

  Command Line

  
  

  /home/ubuntu/src/AMDSEV/usr/local/bin/qemu-system-x86_64 \
  -enable-kvm \
  -cpu EPYC-v4 \
  -machine q35 \
  -smp 4,maxcpus=255 \
  -m 2048M,slots=5,maxmem=10240M \
  -no-reboot \
  -bios /home/ubuntu/src/AMDSEV/usr/local/share/qemu/OVMF.fd \
  -drive file=/home/ubuntu/src/AMDSEV/img-ubuntu-2404.qcow2,if=none,id=disk0,format=qcow2 \
  -device virtio-scsi-pci,id=scsi0,disable-legacy=on,iommu_platform=true \
  -device scsi-hd,drive=disk0 \
  -machine memory-encryption=sev0,vmport=off \
  -object memory-backend-memfd,id=ram1,size=2048M,share=true,prealloc=false \
  -machine memory-backend=ram1 \
  -object sev-snp-guest,id=sev0,policy=0x30000,cbitpos=51,reduced-phys-bits=1,kernel-hashes=on \
  -kernel /home/ubuntu/vm-content/vmlinuz-6.8.0-52-generic \
  -append "root=/dev/mapper/ubuntu--vg-ubuntu--lv ro console=tty0 console=ttyS0,115200n8" \
  -initrd /home/ubuntu/vm-content/initrd.img-6.8.0-52-generic \
  -nographic -monitor pty -monitor unix:monitor,server,nowait 
    
  

• launch-qemu.sh call + log (rather short)

  Command Line

  
  

  sudo ./launch-qemu.sh -hda img-ubuntu-2404.qcow2 -sev-snp -kernel ~/vm-content/vmlinuz-6.8.0-52-generic -initrd ~/vm-content/initrd.img-6.8.0-52-generic -append "root=/dev/mapper/ubuntu--vg-ubuntu--lv ro console=tty0 console=ttyS0,115200n8"
  32+0 records in
  1+0 records out
  512 bytes copied, 0.000256664 s, 2.0 MB/s
  /home/ubuntu/src/AMDSEV/usr/local/bin/qemu-system-x86_64 -enable-kvm -cpu EPYC-v4 -machine q35 -smp 4,maxcpus=255 -m 2048M,slots=5,maxmem=10240M -no-reboot -bios /home/ubuntu/src/AMDSEV/usr/local/share/qemu/OVMF.fd -drive file=/home/ubuntu/src/AMDSEV/img-ubuntu-2404.qcow2,if=none,id=disk0,format=qcow2 -device virtio-scsi-pci,id=scsi0,disable-legacy=on,iommu_platform=true -device scsi-hd,drive=disk0 -machine memory-encryption=sev0,vmport=off -object memory-backend-memfd,id=ram1,size=2048M,share=true,prealloc=false -machine memory-backend=ram1 -object sev-snp-guest,id=sev0,policy=0x30000,cbitpos=51,reduced-phys-bits=1,kernel-hashes=on -kernel /home/ubuntu/vm-content/vmlinuz-6.8.0-52-generic -append "root=/dev/mapper/ubuntu--vg-ubuntu--lv ro console=tty0 console=ttyS0,115200n8" -initrd /home/ubuntu/vm-content/initrd.img-6.8.0-52-generic -nographic -monitor pty -monitor unix:monitor,server,nowait 
  Mapping CTRL-C to CTRL-]
  Launching VM ...
    /tmp/cmdline.8189
  char device redirected to /dev/pts/2 (label compat_monitor0)
  qemu-system-x86_64: warning: Number of hotpluggable cpus requested (255) exceeds the recommended cpus supported by KVM (192)
  qemu-system-x86_64: SEV: guest firmware hashes table area is invalid (base=0x0 size=0x0)
  

Additional Notes:

• I am able to boot the VM with kernel-hashes=off.
• The VM is yet another Ubuntu 24.04 system (6.8.0-52-generic).
• As far as I understand, this is not hashes being incorrect.
• The error is thrown in qemu/target/i386/sev.c

Is this an OVMF issue? Is this an issue with my build of OVMF? Or is this an issue due to me missing some required OVMF config step to accomodate kernel hashing?

Any guidance on the correct OVMF build/configuration for SNP in combination with kernel hashing would be greatly appreciated.

[tlendacky]

Try using the latest OVMF/EDK2 tree, e.g. modify stable-commits to be:

OVMF_GIT_URL="https://github.com/tianocore/edk2.git"
OVMF_BRANCH="master"

and build the AmdSev package from there and see if that resolves the issue.

[salzg]

I have tried using the latest OVMF/EDK2 tree and I am still encountering the same issue.
FWIW, the VM boots with kernel-hashes=off.