Virtual Machine attestation on Arm CCA

During remote attestation, besides appraising the platform that runs a Virtual Machine (VM), a verifier or relying party must also appraise claims about the initial state of the VM: code and data loaded into the VM, initial vCPU registers, and parameters. Those claims are compared against Reference Values corresponding to a given VM.

Under the Arm Confidential Computing Architecture (CCA), VMs and their workload come in all shapes and sizes, from lean containers with minimal footprint to full machine emulators running standard distributions. Calculating Reference Values for all use-cases is not obvious, and sometimes requires help from VM managers (VMM).

In this talk we discuss the challenges of calculating Reference Values of an Arm VM. We propose some options to help a Reference Value Provider come up with the VM measurements, and present the tool and library we created to experiment with remote attestation of VMs created by VMMs such as QEMU, cloud-hypervisor and kvmtool.