feat(report,hyperv)!: functionality to get fresh reports on Azure CVMs

[hyperfinitism]

Background

This pull request aims to implement the attestation flow described in Issue #116.

Currently, on Azure Confidential VMs, snpguest (with the hyperv feature) only retrieves the boot-time SNP report that the paravisor writes into vTPM NV index 0x01400001.

To request a fresh SNP report bound to arbitrary 64-byte data, the following attestation flow is required:

1. The guest writes 64 bytes of data (referred to as user-data) to NV index 0x01400002
2. The paraviser detects the NV write, constructs a JSON object called Runtime Claims containing the user-data, the vTPM attestation public key, VM configuration, etc., and passes the hash value of this JSON as REPORT_DATA to the ASP
3. The ASP issues the SNP Report
4. The paraviser writes the SNP Report, Runtime Claims, and other metadata (e.g. the hash algorithm) to NV index 0x01400001
5. The guest reads these from 0x01400001 to obtain the SNP Report

This PR implements this flow.

What's changed

Flag name (breaking change)

• snpguest report: -p, --platform → -a, --azure-cvm

CLI behavior (breaking change)

Command	Previous behavior	New behavior
snpguest report report.bin report-data.bin -a	Read existing SNP report from NV 0x01400001 → write both files	Write supplied report-data.bin to NV 0x01400002 → trigger ASP → read fresh SNP report from NV 0x01400001 (no overwrite to report-data.bin)
snpguest report report.bin report-data.bin -a -r	-a (formerly -p) conflicts with -r	Generate random 64-byte nonce into report-data.bin → trigger fresh report as above

With these semantics, the REPORT_DATA field in the report will no longer match the raw report-data.bin, since the paravisor computes user-data → Runtime Claims → SHA hash digest → REPORT_DATA.

Code Structure

• the hyperv module splits into separate submodules for clarity

Resolved issues & related PRs

Item	Status
Issue #134	Resolved by this PR
PR #136	Can be closed as obsolete if this PR is accepted
Issue #116	Remains open because handling of Runtime Claims JSON is not implemented yet

Test

Test procedure

# Build
git clone https://github.com/hyperfinitism/snpguest -b feature/fresh-azcvm-report
cd snpguest
cargo build -r --features hyperv

# Request SNP report via vTPM using random nonce
sudo ./target/release/snpguest report report.bin report-data.bin -r -a -v 0

# Display SNP report
./target/release/snpguest display report report.bin

# Fetch VCEK cert chain
./target/release/snpguest fetch ca pem . -r report.bin
./target/release/snpguest fetch vcek pem . report.bin

# Verify VCEK cert chain and report signature
./target/release/snpguest verify certs .
./target/release/snpguest verify attestation . report.bin

Test Environment

• VM: Microsoft Azure Standard DC2as v5
• Processor: AMD 3rd Gen EPYC
• OS Image: Ubuntu Pro 24.04 LTS (Confidential VM) - x64 Gen 2
  • Kernel: 6.14.0-1014-azure-fde
• Security
  • Security type: Confidential
  • Enable secure boot: Enabled
  • Enable vTPM: Enabled
  • Integrity monitoring: Enabled