Skip to content

KMS Release v0.5.11

Choose a tag to compare

View all tags
@github-actions github-actions released this 12 May 03:39
· 264 commits to master since this release
kms-v0.5.11
40eaf35

Highlights

This release fixes a verification regression that prevented KMS from validating CVMs running dstack OS 0.5.10 under the new OVMF (edk2-stable202505).

What broke

OVMF was upgraded from an untagged 2024-09 snapshot to edk2-stable202505 in meta-dstack@f9f11f3. The new firmware emits 17 RTMR[0] events instead of the legacy 13 under the standard -kernel boot path, so quote replay against the cached "expected" measurements failed with errors like:

MRs do not match: RTMR0 mismatch:
  expected=f8438db3…a6640
  actual  =a6d1a5ef…fbed

What changed

  • dstack-types exposes a typed OvmfVariant enum (pre202505 / stable202505); VmConfig.ovmf_variant and ImageInfo.ovmf_variant carry it through the image bundle and into measurements.
  • dstack-mr dispatches on the variant for RTMR[0]. The Stable202505 arm models the 4 new events plus reshaped BootOrder / Boot0000, with Boot0000 / Boot0001 / BootOrder digests derived from first principles (OVMF FV+file GUIDs, descriptions, attributes — synthesised on the fly, not hardcoded) and the bootorder fw_cfg digest derived from QEMU's linuxboot_dma.bin ROM path.
  • dstack-verifier prefers vm_config.ovmf_variant; falls back to parsing the OS version suffix out of vm_config.image for legacy CVMs that pre-date the field (so already-deployed 0.5.9 / 0.5.10 instances validate without any image rebuild).
  • MEASUREMENT_CACHE_VERSION bumped to v2 — stale on-disk cache entries written by the broken verifier are auto-invalidated on first request.
  • dstack-mr CLI: --dstack-os-version for explicit override; also auto-detects from metadata.json's ovmf_variant (preferred) or version field (fallback).

Backward compatibility

  • VmConfig adds Option<OvmfVariant> with #[serde(default, skip_serializing_if = "Option::is_none")] — old wire formats decode cleanly; old KMS instances ignore the new field.
  • Verifier and CLI both fall back to image-name parsing when the field is absent — 0.5.9 / 0.5.10 CVMs already deployed continue to verify against this KMS without needing a new image build.

Verification

Re-verified end-to-end against a running 0.5.10 CVM: MRTD + RTMR[0..3] all match the on-chain quote byte-for-byte.

PR: #678

Docker Image Information

Image: docker.io/dstacktee/dstack-kms:0.5.11

Digest (SHA256): sha256:84b793feed825a5b5e70d04386e931e0e110461492793f17ab2128e39808d989

Verification: Verify on Sigstore

Contract ABIs

This release includes the compiled contract ABIs:

  • DstackKms.json - Main KMS contract ABI
  • DstackApp.json - Application contract ABI
Assets 4
Loading