openhcl: tdx mrtd precomputation #2247
Description
We are working with openhcl-based TDX preview CVMs on Azure (Standard_EC2es_v6 on US East).
The MRTD hash observed on running Azure VMs is: 12bdbc1609ef066db7a9ec7b26d7509346f4ca46e846274096cb25939b1e711944061ca19a30c6743f1e599148eee451
To reproduce this value, we built openhcl locally using:
cargo xflowey build-igvm x64-cvm --releaseSo far, none of the “tdx_mrtd” values in openvmm/flowey-out/artifacts/build-igvm/ship/x64-cvm/openhcl-tdx.json from various commits match the MRTD hash measured on Azure.
Is there any documentation describing how to determine the exact openhcl version used by Azure CVMs, and how to build openhcl in a way that produces bit-for-bit identical artifacts?
The MRTD value is the only remaining TDX/vTPM measurement we cannot precompute. Being able to reproduce it would allow us to complete our set of precomputed reference values and enable fully verifiable zero-trust CVMs.
Any guidance, documentation, or build instructions would be greatly appreciated.