snp: add init_data to TCB Claims

Since the SNP verifier also checks the init data, include the init_data field in the tcb claims. This will allow EAR tokens to contain the init_data_claims. Signed-off-by: Tobin Feldman-Fitzthum <[email protected]>
confidential-containers · Jan 12, 2025 · 68e2a8d · 68e2a8d
1 parent 7dc980c
commit 68e2a8d
Showing 1 changed file with 2 additions and 3 deletions.
diff --git a/deps/verifier/src/snp/mod.rs b/deps/verifier/src/snp/mod.rs
@@ -317,11 +317,10 @@ pub(crate) fn parse_tee_evidence(report: &AttestationReport) -> TeeEvidenceParse
         "platform_tsme_enabled": format!("{}", report.plat_info.tsme_enabled()),
         "platform_smt_enabled": format!("{}", report.plat_info.smt_enabled()),
 
-        // measurement
+        // measurements
         "measurement": format!("{}", STANDARD.encode(report.measurement)),
-
-        // report data
         "report_data": format!("{}", STANDARD.encode(report.report_data)),
+        "init_data": format!("{}", STANDARD.encode(report.host_data)),
     });
 
     claims_map as TeeEvidenceParsedClaim