Skip to content

Add signature for sev-snp with hash 88e5ab69837ea9229170d78d0dd382c165f8d9cedb910bb7ee29035bda5c7804 #110

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Villain88 merged 1 commit into from
Nov 10, 2025
Merged

Add signature for sev-snp with hash 88e5ab69837ea9229170d78d0dd382c165f8d9cedb910bb7ee29035bda5c7804 #110

Villain88 merged 1 commit into from
Nov 10, 2025

Conversation

@drunkbatya
Copy link
Contributor

@drunkbatya drunkbatya commented Nov 10, 2025
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • Chores
    • Added new secure enclave attestation configuration containing verification signatures, build metadata, descriptions, and creation timestamps to the pre-release attestation records.

@coderabbitai
Copy link

coderabbitai bot commented Nov 10, 2025
edited
Loading

Caution

Review failed

The pull request is closed.

Walkthrough

This pull request adds a new SEV-SNP pre-release enclave signature metadata file. The JSON file contains the mrenclave identifier, cryptographic signature, build information, description, and creation timestamp for an enclave configuration.

Changes

Cohort / File(s) Summary
SEV-SNP Pre-Release Signatures
signatures/sev-snp/pre-release/mrenclave-88e5ab69837ea9229170d78d0dd382c165f8d9cedb910bb7ee29035bda5c7804.json		 New file adding enclave metadata with mrenclave identifier, signature, build info, description, and creation date

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

  • Single new file with static JSON configuration data
  • No logic changes or code modifications
  • File follows the established naming and structure pattern from related PRs

Possibly related PRs

Suggested reviewers

  • DmitrySmv
  • Villain88

Poem

🐇 A signature sealed with cryptographic care,
New enclave metadata floats through the air,
With mrenclave hash and timestamp divine,
The pre-release signatures perfectly align! ✨

✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch signature-sev-snp-88e5ab69837ea9229170d78d0dd382c165f8d9cedb910bb7ee29035bda5c7804-19236255313
📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

  • Jira integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between faf52ce and 21c58e1.

📒 Files selected for processing (1)
  • signatures/sev-snp/pre-release/mrenclave-88e5ab69837ea9229170d78d0dd382c165f8d9cedb910bb7ee29035bda5c7804.json (1 hunks)

Comment @coderabbitai help to get the list of available commands and usage tips.

@Villain88 Villain88 merged commit 7ef1032 into main Nov 10, 2025
1 of 2 checks passed
@Villain88 Villain88 deleted the signature-sev-snp-88e5ab69837ea9229170d78d0dd382c165f8d9cedb910bb7ee29035bda5c7804-19236255313 branch November 10, 2025 15:11
Villain88 added a commit that referenced this pull request Nov 24, 2025
@Villain88 @drunkbatya
Merge main into swarm (#116)
9a9dccf 
* Add signature for mrenclave-ae6a4d0cc13ddcba76e4758c068e1366028eb270cad4b9a58217b0201821b306 (#88)

* Add signature for mrenclave-f7011962644e7fe07444f60da66ae9c71a7b8ec9612eb13e804051ca1ebb707b (#89)

* Add signature for mrenclave-28a4fc33dc2f138b4b37c9e970a0c49a0dba0556e9fae30899224fbe0019ec15 (#90)

* Add signature for mrenclave-16c8b0d09780d9747e09c14694925ad6fd59edc5c5b1ef3c0e13e5d3e6fd67d9 (#92)

* Add signature for mrenclave-ee9954d74c8c0433b90c569fd7a5abf50011c85cd8d84ccb961faf0477a1e714 (#94)

* Add signature for mrenclave-a016eab7d21ac96e21b1b6b783604b744795b5647c0df8efa3aa006ed573c424 (#95)

* Add signature for mrenclave-421170d3df227cafb8a9c0c90e5b82774c12cdd6e3aef9165bc9f7f5136c2fee (#96)

* Add signature for mrenclave-6135687f253d6660845672fc293afc04f6719de612d959d1f9d0a71b2e573d86 (#97)

* Add signature for mrenclave-bd6b2ea5dbc4b6bae26a030a69d874d5f37f23221b620f74699ffbc30a2eb3bf (#98)

* Add signature for mrenclave-013520805788a990efd89e02d1111cea5c4c47a68a5c455df820096cee02b37d (#99)

* feature/SP-6787, local subroot launch (#64)

* Add docker boot image build

* Add iniramfs

* Add base kernel

* Add kernel config merge

* Add build kernel!

* Fix busybox sources mirror URL

* Move files, add rootfs

* Pre-restructure

* Add working mounts in chroot in Docker!11!!!11!!!11111

* Add image build step

* Continue image

* grub booting is working!

* Fix initramfs

* Fix initramfs, it's booting!

* Add gve drivers, add working state disk mount

* Add more configs

* Add rancher

* Working state and provider disk mount

* it almost works!

* Fix iscsi

* Add readme

* Fix UEFI boot

* Move kata referencies to readme

* Fix README

* Fixes and fixes

* Fix grub branch

* Add bios amd build

* Fix README

* Add bios build, add ci-cd

* Fix readme

* remove sudo from ci

* Fixes

* And fixes

* Add tdx bios build

* Add other artifacts to output

* Add upload other artifacts

* Fix k8s.yaml rewriting

* Remove debug

* Fix SP_VM_IMAGE_VERSION

* support more than 1TB memory with SEV SNP

* draft

* lxc support

* added env replacing

* read subroot env from root /sp

* increase subroot version

* update readme

* review fix

* buildx do not support from as arg

* comments for mac/ip addresses

* use build version instead of package.json version

* strict mode for bash script

* no need docker login to lxc access

* increase default timeout

* fixed bash style

* quotes

---------

Co-authored-by: DrunkBatya <drunkbatya.js@gmail.com>

* Add signature for mrenclave-8f0bff733ae3c877e707e6080a6f3503df774e679b1e71b1118268cdb8b0cb3d (#101)

* Add signature for mrenclave-b276c54e013087cdf253b484d0cbece392ea5ad0f37628eddee1e329f2852db1 (#102)

* Add signature for mrenclave-430120e4b4b6d924d28075d06a78af58cd8331686671322a19d39a34e8c2c435 (#103)

* Add signature for mrenclave-a967bce5a48ec0f350050b1e0eafc8799f5a6619ebbd8831d1a6c81fb20e16a8 (#104)

* Add signature for mrenclave-fe962727c2453ea74bd04d9e0549ef2fbc5b6b9561b730c16132bf4ada6f244d (#105)

* feature/SP-6861, token challenge implementation (#100)

* Add signature for mrenclave-ce749e194db1efcd68a4154e874fc83d252f109ce7906b3a5c59f2cb9ecf7168 (#106)

* Add signature for mrenclave-27edd65a413bbf80376d42a29c79ae2967331f4df774e5cf0c4563eeab923498 (#107)

* Add signature for mrenclave-18b3167aca0eb5c4c9836fcb50392b3dbc7a0aebad674262d3b76d20026efeed (#108)

* Add signature for mrenclave-41ed132fcfcd40be122c46f2e3f0087accee6c486cdfb45e1f546ade5be4d746 (#109)

* Add signature for mrenclave-88e5ab69837ea9229170d78d0dd382c165f8d9cedb910bb7ee29035bda5c7804 (#110)

* Add signature for mrenclave-88e5ab69837ea9229170d78d0dd382c165f8d9cedb910bb7ee29035bda5c7804 (#112)

* Add signature for mrenclave-41ed132fcfcd40be122c46f2e3f0087accee6c486cdfb45e1f546ade5be4d746 (#113)

* Add signature for mrenclave-21f3e7184ba6b989b258ebcd7c66c2341883c64543ec07d591eada4e82938c10 (#114)

---------

Co-authored-by: Max Andreev <drunkbatya.js@gmail.com>
drunkbatya added a commit that referenced this pull request Dec 17, 2025
@drunkbatya @Villain88
SP-7292 - Running / on overlayfs (#126)
9560a9d 
* Add signature for mrenclave-ae6a4d0cc13ddcba76e4758c068e1366028eb270cad4b9a58217b0201821b306 (#88)

* Add signature for mrenclave-f7011962644e7fe07444f60da66ae9c71a7b8ec9612eb13e804051ca1ebb707b (#89)

* Add signature for mrenclave-28a4fc33dc2f138b4b37c9e970a0c49a0dba0556e9fae30899224fbe0019ec15 (#90)

* Add signature for mrenclave-16c8b0d09780d9747e09c14694925ad6fd59edc5c5b1ef3c0e13e5d3e6fd67d9 (#92)

* Add signature for mrenclave-ee9954d74c8c0433b90c569fd7a5abf50011c85cd8d84ccb961faf0477a1e714 (#94)

* Add signature for mrenclave-a016eab7d21ac96e21b1b6b783604b744795b5647c0df8efa3aa006ed573c424 (#95)

* Add signature for mrenclave-421170d3df227cafb8a9c0c90e5b82774c12cdd6e3aef9165bc9f7f5136c2fee (#96)

* Add signature for mrenclave-6135687f253d6660845672fc293afc04f6719de612d959d1f9d0a71b2e573d86 (#97)

* Add signature for mrenclave-bd6b2ea5dbc4b6bae26a030a69d874d5f37f23221b620f74699ffbc30a2eb3bf (#98)

* Add signature for mrenclave-013520805788a990efd89e02d1111cea5c4c47a68a5c455df820096cee02b37d (#99)

* feature/SP-6787, local subroot launch (#64)

* Add docker boot image build

* Add iniramfs

* Add base kernel

* Add kernel config merge

* Add build kernel!

* Fix busybox sources mirror URL

* Move files, add rootfs

* Pre-restructure

* Add working mounts in chroot in Docker!11!!!11!!!11111

* Add image build step

* Continue image

* grub booting is working!

* Fix initramfs

* Fix initramfs, it's booting!

* Add gve drivers, add working state disk mount

* Add more configs

* Add rancher

* Working state and provider disk mount

* it almost works!

* Fix iscsi

* Add readme

* Fix UEFI boot

* Move kata referencies to readme

* Fix README

* Fixes and fixes

* Fix grub branch

* Add bios amd build

* Fix README

* Add bios build, add ci-cd

* Fix readme

* remove sudo from ci

* Fixes

* And fixes

* Add tdx bios build

* Add other artifacts to output

* Add upload other artifacts

* Fix k8s.yaml rewriting

* Remove debug

* Fix SP_VM_IMAGE_VERSION

* support more than 1TB memory with SEV SNP

* draft

* lxc support

* added env replacing

* read subroot env from root /sp

* increase subroot version

* update readme

* review fix

* buildx do not support from as arg

* comments for mac/ip addresses

* use build version instead of package.json version

* strict mode for bash script

* no need docker login to lxc access

* increase default timeout

* fixed bash style

* quotes

---------

Co-authored-by: DrunkBatya <drunkbatya.js@gmail.com>

* Add signature for mrenclave-8f0bff733ae3c877e707e6080a6f3503df774e679b1e71b1118268cdb8b0cb3d (#101)

* Add signature for mrenclave-b276c54e013087cdf253b484d0cbece392ea5ad0f37628eddee1e329f2852db1 (#102)

* Add signature for mrenclave-430120e4b4b6d924d28075d06a78af58cd8331686671322a19d39a34e8c2c435 (#103)

* Add signature for mrenclave-a967bce5a48ec0f350050b1e0eafc8799f5a6619ebbd8831d1a6c81fb20e16a8 (#104)

* Add signature for mrenclave-fe962727c2453ea74bd04d9e0549ef2fbc5b6b9561b730c16132bf4ada6f244d (#105)

* feature/SP-6861, token challenge implementation (#100)

* Add signature for mrenclave-ce749e194db1efcd68a4154e874fc83d252f109ce7906b3a5c59f2cb9ecf7168 (#106)

* Add signature for mrenclave-27edd65a413bbf80376d42a29c79ae2967331f4df774e5cf0c4563eeab923498 (#107)

* Add signature for mrenclave-18b3167aca0eb5c4c9836fcb50392b3dbc7a0aebad674262d3b76d20026efeed (#108)

* Add signature for mrenclave-41ed132fcfcd40be122c46f2e3f0087accee6c486cdfb45e1f546ade5be4d746 (#109)

* Add signature for mrenclave-88e5ab69837ea9229170d78d0dd382c165f8d9cedb910bb7ee29035bda5c7804 (#110)

* Add signature for mrenclave-88e5ab69837ea9229170d78d0dd382c165f8d9cedb910bb7ee29035bda5c7804 (#112)

* Add signature for mrenclave-41ed132fcfcd40be122c46f2e3f0087accee6c486cdfb45e1f546ade5be4d746 (#113)

* Add signature for mrenclave-21f3e7184ba6b989b258ebcd7c66c2341883c64543ec07d591eada4e82938c10 (#114)

* Add signature for mrenclave-d8b956e13aa5e83b4887675124d96d8e5aeed8bf9dd5949219232d49cc9038b6 (#117)

* Add mkfs.ext4

* mount overlay state

* added logs handlers and mounting RO provider config

* OverlayFS

* Remove extra code

* Remove useless flag

* make coderabbitai happy

---------

Co-authored-by: Petr Evstifeev <7293601+Villain88@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Villain88 Villain88 Villain88 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@drunkbatya @Villain88