diff --git a/mkimage.sh b/mkimage.sh index b83c5c1..0e8b005 100755 --- a/mkimage.sh +++ b/mkimage.sh @@ -300,6 +300,31 @@ sha256sum ovmf.fd bzImage initramfs.cpio.gz metadata.json > sha256sum.txt sha256sum sha256sum.txt | awk '{print $1}' > digest.txt popd +# digest.sev.txt: the AMD SEV-SNP os_image_hash. Unlike the TDX digest.txt +# (a content hash that includes the TDX firmware), this is computed by the +# `dstack-mr` tool from the SEV firmware (ovmf-sev.fd) + kernel/initrd/cmdline/ +# rootfs and matches the os_image_hash the KMS verifier derives from a launch +# measurement. The VMM reads this file at deploy time instead of recomputing it, +# so it is required (not best-effort): if `dstack-mr` is not prebuilt, build it. +HAVE_DIGEST_SEV=0 +if [ "$HAVE_OVMF_SEV" = "1" ]; then + DSTACK_SRC="${DSTACK_SRC:-$SCRIPT_DIR/dstack}" + if [ -z "${DSTACK_MR_BIN:-}" ]; then + for c in "$SCRIPT_DIR/dstack-mr" "$SCRIPT_DIR/rust-target/release/dstack-mr" \ + "$DSTACK_SRC/target/release/dstack-mr"; do + [ -x "$c" ] && DSTACK_MR_BIN="$c" && break + done + fi + if [ -z "${DSTACK_MR_BIN:-}" ]; then + echo "Building dstack-mr to compute digest.sev.txt" + ( cd "$DSTACK_SRC" && cargo build --release -p dstack-mr ) + DSTACK_MR_BIN="$DSTACK_SRC/target/release/dstack-mr" + fi + echo "Generating digest.sev.txt via ${DSTACK_MR_BIN}" + "${DSTACK_MR_BIN}" sev-os-image-hash "${OUTPUT_DIR}" > "${OUTPUT_DIR}/digest.sev.txt" + HAVE_DIGEST_SEV=1 +fi + # Create UKI artifacts (disk.raw and auth_hash.txt) in OUTPUT_DIR UKI_CREATED=0 if [ "$ENABLE_UKI_IMAGE" = "1" ]; then @@ -331,6 +356,9 @@ if [ x$DSTACK_TAR_RELEASE = x1 ]; then if [ "$HAVE_OVMF_SEV" = "1" ]; then BARE_METAL_FILES="$BARE_METAL_FILES ovmf-sev.fd" fi + if [ "$HAVE_DIGEST_SEV" = "1" ]; then + BARE_METAL_FILES="$BARE_METAL_FILES digest.sev.txt" + fi (cd "$PARENT_DIR" && tar -czvf ${IMAGE_TAR} $(for f in $BARE_METAL_FILES; do echo "$TAR_DIR_NAME/$f"; done)) echo