Skip to content

Google Compute Engine (AMD SEV‐SNP)

Jump to bottom
Andrea Barisani edited this page Jan 14, 2026 · 9 revisions

The TamaGo sev package in combination with go-boot UEFI context allows execution under AMD Secure Encrypted Virtualization.

The sev command allows to inspect features availability:

> sev
SEV ................: true
SEV-ES .............: true
SEV-SNP ............: true
Encryption bit .....: 51
SNP Version ........: 1

Secrets Page .......: 0x80d000 (4096 bytes)
Secrets Version ....: 4
TSC Factor .........: 0xc8
Launch Mitigations .: 0xb
VMPCK0 .............: 0x07 -- 0x24
VMPCK1 .............: 0x94 -- 0x7e
VMPCK2 .............: 0xf6 -- 0x6f
VMPCK3 .............: 0xfb -- 0x6c

The sev-report commands requests a signed attestation report from the AMD Platform Security Processor (PSP):

> sev-report
Version ............: 5
VMPL ...............: 0
SignatureAlgo ......: 1
CurrentTCB .........: de1c000000000004
Measurement ........: 14195fde36852b69f2ac17166ebf3223351b1c34814f110339412652819073e061ed7c47e6e00d02a817aeb4992ce20d
ReportedTCB ........: de1c000000000004
CommittedTCB .......: de1c000000000004
Launch  Mitigations : 0xb
Current Mitigations : 0xb
SignatureR .........: 4ca6022926946fcc5434d511c67174f942dae57f1027288ac87cc6c90bf7e6bd16f3e324292ad3a1896048fa83a71cdb
SignatureS .........: 4d93c6d2cfceb8374b9b915f15e84a727e509c61845829598e08e38054ae6a02bb388e94faf0e85ea69aa7138e697634

The sev-report-raw returns a raw report suitable for verification with go-sev-guest.

The following example demonstrates how to create a UEFI-bootable image for a Confidential VM (AMD SEV-SNP) under Google Compute Engine and deploy it using the Google Cloud CLI.

Set the following environment variables:

# /dev/loopX device for disk.raw
export LOOP_DEV=/dev/loop0

# mount point for disk.raw
export MNT_POINT=/tmp/go-boot-disk/

# unique gcloud bucket name
export BUCKET=go-boot-$(date +%s)-bucket

Creation of the raw image:

git clone https://github.com/usbarmory/go-boot && cd go-boot
make efi CONSOLE=com1

dd if=/dev/zero of=disk.raw bs=1M count=100
sudo losetup -f disk.raw
sudo mkfs.vfat -F 32 $LOOP_DEV
sudo mount $LOOP_DEV $MNT_POINT
sudo mkdir -p $MNT_POINT/EFI/BOOT
sudo cp go-boot.efi $MNT_POINT/EFI/BOOT/BOOTX64.EFI
# confidential VMs are always loading the EFI image from shimx64.efi
# regardless of Secure Boot configuration
sudo cp go-boot.efi $MNT_POINT/EFI/BOOT/shimx64.efi
sudo sync
sudo umount -l $MNT_POINT
sudo losetup -d $LOOP_DEV
tar -cvzf go-boot-disk.raw.tar.gz disk.raw

Upload of the raw image to a Google Cloud bucket and creation of a confidential instance:

gcloud storage buckets create gs://$BUCKET
gcloud storage cp go-boot-disk.raw.tar.gz gs://$BUCKET
gcloud compute images create go-boot-image \
    --source-uri gs://$BUCKET/go-boot-disk.raw.tar.gz \
    --architecture=X86_64 \
    --guest-os-features=UEFI_COMPATIBLE,SEV_SNP_CAPABLE

gcloud compute instances create go-boot-instance \
    --machine-type=n2d-standard-4 \
    --confidential-compute-type=SEV_SNP \
    --min-cpu-platform="AMD Milan" \
    --maintenance-policy=TERMINATE \
    --zone=europe-west3-a \
    --metadata="serial-port-enable=1" \
    --private-network-ip 10.156.0.2 \
    --image=go-boot-image

Connect to go-boot serial console:

gcloud compute connect-to-serial-port go-boot-instance --zone=europe-west3-a --port=1

Stop and delete instance:

gcloud storage rm gs://$BUCKET/go-boot-disk.raw.tar.gz
gcloud storage buckets delete gs://$BUCKET
gcloud compute instances stop go-boot-instance --zone europe-west3-a
gcloud compute instances delete go-boot-instance --zone europe-west3-a
gcloud compute images delete go-boot-image

Clone this wiki locally