| 00 |
General |
Detect Family and Model |
❌ |
- |
This test detects which AMD family the test suite is executed on. If it can not detect the family, all other test will fail. |
| 10 |
PSB |
PSB Status Register contains zero value |
❌ |
- |
A non-zero value indicates an error. |
| 11 |
PSB |
Platform Secure Boot is enabled |
❌ |
- |
Read FUSE_PLATFORM_SECURE_BOOT_EN from PSB_STATUS. |
| 12 |
PSB |
Platform Vendor ID is not zero |
❌ |
- |
Should be non-zero |
| 13 |
PSB |
Platform Model ID is not zero |
❌ |
- |
Should be non-zero |
| 14 |
PSB |
Read BIOS Key Revision is not zero |
❌ |
- |
Should be non zero |
| 15 |
PSB |
AMD Key is disabled |
❌ |
- |
If the AMD key is not disabled, the system will still boot AMD signed firmware |
| 16 |
PSB |
Secure Debug is disabled |
❌ |
- |
- |
| 17 |
PSB |
Keys are fused |
❌ |
- |
Test checks if the customer keys have been fused by reading Customer Key Lock from the PSB_STATUS register. |
| 18 |
PSB |
PSB Policy Hash |
❌ |
- |
Check the PSB Policy Hash |
| 19 |
PSB |
Revocation Status |
❌ |
- |
Check the Revokation Status |
| 20 |
SME |
SME Support |
❌ |
- |
Test checks 0x8000001f |
| 21 |
SME |
SME Enabled |
❌ |
- |
Test checks MSR_AMD64_SYSCFG |
| 22 |
SME |
SME Kernel Option Set |
❌ |
- |
Only Informative |
| 23 |
SME |
SME Kernel Commandline |
❌ |
- |
Only Informative |
| 24 |
SME |
Verify SME Functionality |
❌ |
- |
Check if Memory Pages are marked for encryption |
| 30 |
SEV |
SEV Support |
❌ |
- |
Test checks 0x8000001f |
| 31 |
SEV |
SEV Enabled |
❌ |
- |
Test checks MSR_AMD64_SEV |
| 32 |
SEV |
SEV Firmware Version Validation |
❌ |
- |
Verify the SEV Firmware Version |
| 33 |
SEV |
SEV Guest Configuration Validation |
❌ |
- |
Verify the Guest Configuration for a VM |
| 40 |
SEV-SNP |
SEV-SNP Support |
❌ |
- |
- |
| 41 |
SEV-SNP |
SEV-SNP Enabled |
❌ |
- |
- |
| 42 |
SEV-SNP |
SEV-SNP Debug Registers disabled |
❌ |
- |
CPU Debug Registers can be enabled / disabled through SEV_FEATURES |
| 43 |
SEV-SNP |
Side-Channel Protection enabled |
❌ |
- |
Taken from 15.36.17 Side-Channel Protection (https://www.amd.com/content/dam/amd/en/documents/processor-tech-docs/programmer-references/24593.pdf) |
| 44 |
SEV-SNP |
SEV-SNP Firmware Version Validation |
❌ |
- |
Firmware Version Validation |
| 45 |
SEV-SNP |
Measurement of SNP Protected VM Boot |
❌ |
- |
Verify the integrity measurement taken during the SNP-protected VM boot process. |
| 46 |
SEV-SNP |
SNP Attestation Reporting |
❌ |
- |
Check that the attestation reports generated by SEV-SNP are accurate and verifiable. |