Pin UVM roots of trust and add snp_uvm_endorsements_file to configuration

[achamayou]

Add a new snp_uvm_endorsements_file configuration value under attestation, superseding the lookup from $UVM_SECURITY_CONTEXT_DIR. The value can contain environment variables, for example: "snp_uvm_endorsements_file": "$UVM_SECURITY_CONTEXT_DIR/reference-info-base64". This value can come from an untrusted location, like snp_security_policy_file and AMD endorsements (fetched from snp_endorsements_servers), because the CCF code contains pre-defined roots of trust.

[ghost]

pin_uvm_roots_of_trust@79488 aka 20231215.9 vs main ewma over 20 builds from 79134 to 79465

Click to see table

main

build_id	build_number	Commit latency factor	tpcc_virtual_cft^	ls_virtual_cft^	pi_ls_virtual_cft^	pi_basic_virtual_cft^	pi_basic_js_virtual_cft^	ls_jwt_virtual_cft^	pi_ls_jwt_virtual_cft^	ls_js_virtual_cft^	ls_full_js_virtual_cft^	ls_js_jwt_virtual_cft^	tlc_3node_fixed_duration_s	tlc_3node_fixed_states	tlc_atomic_reconfig_duration_s	tlc_atomic_reconfig_states	tlc_reconfig_duration_s	tlc_reconfig_states	hist_sgx_cft^	pi_basic_mt_sgx_cft^	pi_basic_mt_sgx_cft_mem	pi_basic_mt_virtual_cft^	tpcc_sgx_cft^	tpcc_sgx_cft_mem	ls_sgx_cft^	ls_sgx_cft_mem	pi_ls_sgx_cft^	pi_ls_sgx_cft_mem	pi_basic_sgx_cft^	pi_basic_sgx_cft_mem	pi_basic_js_sgx_cft^	pi_basic_js_sgx_cft_mem	ls_jwt_sgx_cft^	ls_jwt_sgx_cft_mem	pi_ls_jwt_sgx_cft^	pi_ls_jwt_sgx_cft_mem	ls_js_sgx_cft^	ls_js_sgx_cft_mem	ls_full_js_sgx_cft^	ls_full_js_sgx_cft_mem	ls_js_jwt_sgx_cft^	ls_js_jwt_sgx_cft_mem	tlc_sim_traces	tlc_sim_levelmean	RB put (/s)^	CHAMP put (/s)^	RB get (/s)^	CHAMP get (/s)^
79134	20231204.11	0.815447	17141.9	45772	48406.7	55596	4381.4	17174.3	19191.6	17496.7	14891.7	9761.62	6	86496	419	1.2541e+07	238	6.31473e+06	41803.1	28102.5	2.51822e+07	78037.6	5641.99	8.59996e+07	14020.8	1.88908e+07	14079.7	1.05021e+07	15626.3	1.46964e+07	1427.2	1.25993e+07	7228.64	1.67936e+07	6997.8	6.30784e+06	5768.48	1.67936e+07	5727.26	1.67936e+07	3996.59	1.67936e+07	2306	403	828515	1.17548e+06	8.154e+06	3.14453e+07
79141	20231204.13	0.803932	17326.7	45803.4	48363.9	54732.4	4380.2	17105.9	19712.6	17469.6	14760	9752.86	7	86496	437	1.2541e+07	236	6.31473e+06	42083.3	27783.3	2.51822e+07	68327.2	5596.8	8.59996e+07	14021.8	1.88908e+07	14166.7	1.05021e+07	15588.9	1.46964e+07	1424.7	1.25993e+07	6827.57	1.67936e+07	6930.3	6.30784e+06	5758.06	1.67936e+07	5444.11	1.67936e+07	3958.22	1.67936e+07	2347	403	837008	1.16971e+06	8.15053e+06	3.08527e+07
79155	20231205.3	0.815693	17317.4	45707.7	48471.2	55405.6	4408	17078.1	19050.9	17418.2	14930.7	10292.2	7	86496	445	1.2541e+07	245	6.31473e+06	43564.2	28082.1	2.51822e+07	62066.6	5640.34	8.59996e+07	14015.6	1.88908e+07	14121.4	1.05021e+07	15576.6	1.25993e+07	1421.7	1.25993e+07	7225.51	1.67936e+07	6929.8	6.30784e+06	5803.52	1.67936e+07	5488.73	1.67936e+07	3996.47	1.67936e+07	2148	403	828148	1.18265e+06	8.14427e+06	3.06798e+07
79174	20231205.9	0.832702	17291.4	45646.2	48780.5	54658	4392.8	17097.2	19587.1	17435.5	14830.4	10290.4	7	86496	427	1.2541e+07	247	6.31473e+06	42419.1	28158.4	2.30851e+07	59992.5	5588.32	8.59996e+07	14034.2	1.88908e+07	14128.5	1.05021e+07	15569	1.25993e+07	1437.6	1.25993e+07	7243.3	1.67936e+07	6934	6.30784e+06	5805.18	1.67936e+07	5487.13	1.67936e+07	3984.99	1.67936e+07	2348	403	818484	1.18115e+06	8.15014e+06	3.08411e+07
79191	20231206.3	0.807565	17240.9	45694.4	47829.7	55088.2	4390.5	17224.7	19225.6	17518.6	16586.7	9748.83	6	86496	425	1.2541e+07	232	6.31473e+06	44489	27937.7	2.51822e+07	80506.2	5586.2	8.59996e+07	13984	1.88908e+07	14096.6	1.05021e+07	15550.9	1.46964e+07	1433.3	1.05021e+07	6873.92	1.88908e+07	6934.2	6.30784e+06	5757.97	1.67936e+07	5477.84	1.67936e+07	3988.75	1.67936e+07	2348	403	811835	1.17162e+06	8.15462e+06	3.06807e+07
79212	20231206.9	0.787436	17165.4	45737.6	43246.8	55022.1	4400.7	17059.5	19190.5	17109.9	14889.3	9772.13	6	86496	422	1.2541e+07	237	6.31473e+06	45135.1	27757.3	2.30851e+07	76936.9	5550.7	8.59996e+07	13991.9	1.88908e+07	14088.3	1.05021e+07	15563.8	1.46964e+07	1431.7	1.25993e+07	6829.75	1.67936e+07	7031.6	6.30784e+06	5794.64	1.67936e+07	5485.33	1.67936e+07	3993.8	1.67936e+07	2341	403	836211	1.18495e+06	8.16066e+06	3.20255e+07
79229	20231207.3	0.776247	17255.2	45542.6	48633.4	53726.7	4386.5	17128.4	19449.2	17242	14480.2	10294.2	6	86496	427	1.2541e+07	240	6.31473e+06	43978.5	27926.5	2.30851e+07	75875.6	5576.6	8.59996e+07	13955.9	1.88908e+07	14087.4	1.05021e+07	15602.3	1.46964e+07	1420.3	1.25993e+07	7247.5	1.67936e+07	7153.1	6.30784e+06	5768.83	1.67936e+07	5480.6	1.67936e+07	3988.57	1.67936e+07	2349	403	807709	1.17338e+06	8.14541e+06	3.0748e+07
79234	20231207.5	0.787179	17330.6	45876.2	49246.5	53613.6	4405.8	17443.4	19927.1	17334.1	14833.1	9850.31	6	86496	421	1.2541e+07	235	6.31473e+06	42217.5	27907.2	2.30851e+07	83093.4	5559.41	8.59996e+07	14029	1.88908e+07	14143.7	1.05021e+07	15552.2	1.46964e+07	1426.4	1.25993e+07	6881.89	1.67936e+07	6972.6	6.30784e+06	5798.24	1.67936e+07	5492.31	1.88908e+07	3987.77	1.67936e+07	2368	403	834683	1.17911e+06	8.13234e+06	3.12109e+07
79265	20231207.15	0.787657	17117.4	45634.9	49763.9	53593.9	4364.3	17149.3	19160.8	17062.5	15007.2	9901.93	6	86496	418	1.2541e+07	232	6.31473e+06	45208.2	28128.3	2.51822e+07	83400.4	5571.27	8.59996e+07	14013.5	1.88908e+07	14038.2	1.05021e+07	15575	1.46964e+07	1429.5	1.25993e+07	7214.04	1.67936e+07	6968.4	6.30784e+06	5796.77	1.67936e+07	5482.18	1.67936e+07	3997.21	1.67936e+07	2369	403	844021	1.18032e+06	8.15491e+06	3.079e+07
79268	20231208.2	0.785068	17335.8	45512	48794.1	53682.9	4409.2	17151.7	19765.2	17409.1	14956.2	9763.8	6	86496	436	1.2541e+07	232	6.31473e+06	44756.5	28108.2	2.51822e+07	88746.9	5622.4	8.59996e+07	14132.8	1.67936e+07	14180.7	1.05021e+07	15657.7	1.46964e+07	1434	1.25993e+07	6845.5	1.67936e+07	6976.9	6.30784e+06	5785.97	1.67936e+07	5729.53	1.67936e+07	3991.09	1.67936e+07	2275	403	834932	1.18108e+06	8.15261e+06	3.08053e+07
79292	20231208.9	0.797384	17338.6	45729.5	48178.4	54133	4443	17002.7	19108	17651.6	14964	10050.8	6	86496	427	1.2541e+07	237	6.31473e+06	35885.4	27684.3	2.51822e+07	80975.3	5531.68	8.59996e+07	14006.4	1.88908e+07	14091.2	1.05021e+07	15504.4	1.46964e+07	1436.4	1.25993e+07	6801.38	1.67936e+07	7135.7	6.30784e+06	5797.37	1.67936e+07	5478.95	1.67936e+07	3957.99	1.67936e+07	2408	403	819873	1.17941e+06	8.13551e+06	3.12467e+07
79308	20231208.12	0.801386	17436.2	45781	49272.7	54718.5	4426.2	17304.6	19277.9	17480.2	15002.8	9762.56	7	86496	420	1.2541e+07	235	6.31473e+06	45705.6	28212	2.30851e+07	78390.1	5607.69	8.59996e+07	14051.2	1.67936e+07	14091	1.05021e+07	15501.9	1.46964e+07	1434	1.25993e+07	7256.97	1.67936e+07	7079.1	6.30784e+06	5800.38	1.67936e+07	5451.23	1.67936e+07	3992.9	1.67936e+07	2391	403	834092	1.18295e+06	8.14395e+06	3.07526e+07
79317	20231208.15	0.808619	17307.4	53155.6	56932.4	61359.2	4636.8	20997.1	21096.2	17801.8	17657.1	11585.4	6	86496	420	1.2541e+07	241	6.31473e+06	41880.6	27807.3	2.30851e+07	79114.7	5551.82	8.59996e+07	14015.7	1.88908e+07	14114.4	1.05021e+07	15543.7	1.46964e+07	1435.1	1.25993e+07	7188.29	1.67936e+07	6913.9	6.30784e+06	5771.41	1.67936e+07	5421.15	1.67936e+07	3989.04	1.67936e+07	2262	403	839369	1.18189e+06	8.15225e+06	3.04359e+07
79332	20231211.2	0.823766	17433.7	52927	56003.9	61022.8	4599.2	21051.1	21582	17445.1	17594.9	11551.9	7	86496	432	1.2541e+07	231	6.31473e+06	45474	27810	2.30851e+07	76565.5	5612.64	8.59996e+07	14003.1	1.88908e+07	14079.5	1.05021e+07	15466.3	1.25993e+07	1435.6	1.25993e+07	6811.41	1.67936e+07	6925.1	6.30784e+06	5768.4	1.67936e+07	5468.54	1.67936e+07	3978.67	1.67936e+07	2304	403	839138	1.18428e+06	8.08027e+06	3.07757e+07
79357	20231212.4	0.797083	17429.2	52984.5	56319	61280.2	4532.6	20801.4	22012.4	17643	17170	11561.7	6	86496	432	1.2541e+07	242	6.31473e+06	45359.7	27519.2	2.51822e+07	90921.5	5638.77	8.59996e+07	14115.2	1.67936e+07	14088	1.05021e+07	15713.4	1.25993e+07	1435.1	1.05021e+07	6838.13	1.67936e+07	6976.5	6.30784e+06	5804.09	1.67936e+07	5497.14	1.88908e+07	3997.04	1.67936e+07	2399	403	834796	1.18343e+06	8.15332e+06	3.14801e+07
79380	20231212.12	0.773242	17262.8	53208.5	55601.6	61170.8	4550.4	20701.5	21695.3	17743.3	17512.3	11736.7	6	86496	430	1.2541e+07	235	6.31473e+06	45417.5	27820.3	2.51822e+07	77796	5592.9	8.59996e+07	14015.4	1.88908e+07	14143.2	1.05021e+07	15551.8	1.46964e+07	1430.7	1.25993e+07	6835.22	1.67936e+07	7038.9	6.30784e+06	5795.89	1.67936e+07	5455.38	1.67936e+07	3995.96	1.67936e+07	2276	403	840421	1.1803e+06	8.14742e+06	3.0842e+07
79417	20231213.3	0.799203	17331.5	54074.6	55998.3	60854.9	4549.1	20830.3	21405.9	17583.1	17498.7	11795.5	7	86496	442	1.2541e+07	238	6.31473e+06	40941.2	27977.8	2.51822e+07	89315.5	5526.57	8.59996e+07	13978	1.88908e+07	14050.6	1.05021e+07	15412.9	1.46964e+07	1422.3	1.25993e+07	7246.14	1.88908e+07	6986.5	6.30784e+06	5779.44	1.67936e+07	5496.45	1.67936e+07	3973.3	1.67936e+07	2231	403	829829	1.18044e+06	8.14858e+06	3.06005e+07
79434	20231213.8	0.816491	17275	53213.7	57513.6	61723.7	4644.4	20960	22217.8	17470.1	17491.8	11851.5	6	86496	421	1.2541e+07	237	6.31473e+06	45577.4	27808	2.51822e+07	92614.6	5530.83	8.59996e+07	13984.3	1.88908e+07	14104.9	1.05021e+07	15480.1	1.25993e+07	1431.7	1.25993e+07	7211.96	1.67936e+07	6886.8	6.30784e+06	5788.56	1.67936e+07	5440.74	1.67936e+07	3983.96	1.67936e+07	2233	403	827161	1.18375e+06	8.14508e+06	3.08313e+07
79446	20231213.12	0.782907	23236.9	53060.2	56877	59818.1	4634.8	21298.4	21380.3	17316.3	17304.3	11684.8	6	86496	444	1.2541e+07	238	6.31473e+06	45557.5	28186.7	2.51822e+07	97090.7	5593.19	8.59996e+07	14039.6	1.88908e+07	14149	1.05021e+07	15674.5	1.25993e+07	1436.6	1.25993e+07	7242.4	1.67936e+07	6984.3	6.30784e+06	5762.91	1.67936e+07	5427.06	1.67936e+07	3973.75	1.67936e+07	2434	403	831821	1.17979e+06	8.15128e+06	3.07586e+07
79465	20231215.1	0.802551	17381.5	52770.6	48250.9	60902.4	4637.4	20733.7	21714.1	17823.5	17608.6	11850.7	6	86496	434	1.2541e+07	237	6.31473e+06	46707.8	28034.7	2.51822e+07	67952.2	5576.96	8.59996e+07	14020.3	1.67936e+07	14139.8	1.05021e+07	15670.6	1.25993e+07	1428	1.25993e+07	6830.63	1.67936e+07	6979	6.30784e+06	5760.95	1.67936e+07	5458.5	1.67936e+07	3975.21	1.67936e+07	2529	403	828628	1.17744e+06	8.15021e+06	3.07318e+07

pin_uvm_roots_of_trust

build_id	build_number	pi_basic_mt_sgx_cft^	pi_basic_mt_sgx_cft_mem	Commit latency factor	tpcc_sgx_cft^	tpcc_sgx_cft_mem	ls_sgx_cft^	ls_sgx_cft_mem	pi_basic_mt_virtual_cft^	pi_ls_sgx_cft^	pi_ls_sgx_cft_mem	pi_basic_sgx_cft^	pi_basic_sgx_cft_mem	pi_basic_js_sgx_cft^	pi_basic_js_sgx_cft_mem	ls_jwt_sgx_cft^	ls_jwt_sgx_cft_mem	pi_ls_jwt_sgx_cft^	pi_ls_jwt_sgx_cft_mem	ls_js_sgx_cft^	ls_js_sgx_cft_mem	tpcc_virtual_cft^	ls_full_js_sgx_cft^	ls_full_js_sgx_cft_mem	ls_virtual_cft^	pi_ls_virtual_cft^	pi_basic_virtual_cft^	ls_js_jwt_sgx_cft^	ls_js_jwt_sgx_cft_mem	pi_basic_js_virtual_cft^	tlc_3node_fixed_duration_s	tlc_3node_fixed_states	tlc_atomic_reconfig_duration_s	tlc_atomic_reconfig_states	tlc_reconfig_duration_s	tlc_reconfig_states	ls_jwt_virtual_cft^	pi_ls_jwt_virtual_cft^	ls_js_virtual_cft^	ls_full_js_virtual_cft^	ls_js_jwt_virtual_cft^	hist_sgx_cft^	RB put (/s)^	CHAMP put (/s)^	RB get (/s)^	CHAMP get (/s)^	tlc_sim_traces	tlc_sim_levelmean
79481	20231215.7	28103.9	2.51822e+07	0.831698	5652.9	8.59996e+07	14067.7	1.88908e+07	77757.8	14155.2	1.05021e+07	15695.4	1.46964e+07	1437.2	1.05021e+07	7254.7	1.67936e+07	7080.4	6.30784e+06	5801.49	1.67936e+07	17317.4	5491.75	1.88908e+07	52983.3	57989.5	62050.9	3997.5	1.67936e+07	4641	6	86496	436	1.2541e+07	247	6.31473e+06	20677.1	22330.4	20812.9	17579.5	11554.8	46471.6	834628	1.1823e+06	8.1673e+06	3.07905e+07	2347	403
79488	20231215.9	27939.5	2.30851e+07	0.80271	5595.35	8.59996e+07	14104.1	1.88908e+07	88680.2	14179.5	1.05021e+07	15682.8	1.25993e+07	1434.1	1.25993e+07	7210.11	1.67936e+07	7199.3	6.30784e+06	5772.39	1.67936e+07	17412.1	5490.85	1.67936e+07	53204.4	57191.2	63268.6	3996.53	1.67936e+07	4659.4	6	86496	438	1.2541e+07	241	6.31473e+06	20864.8	21896.7	17533.4	17679.3	11829.7	45404	839625	1.1824e+06	8.11629e+06	3.13442e+07	2320	403