构建异构机密计算环境_云服务器 ECS(ECS)-阿里云帮助中心

本文介绍如何在阿里云异构机密计算实例（gn8v-tee）中构建异构机密计算环境，并演示如何运行示例代码以验证GPU机密计算功能。

背景信息

阿里云异构机密计算实例（gn8v-tee）在CPU TDX机密计算实例的基础上，额外将GPU引入到TEE（Trusted Execution Environment）中，可以保护CPU和GPU之间的数据传输及GPU中的数据计算。本文重点介绍GPU机密计算相关的功能验证，关于CPU TDX机密计算环境的构建及其远程证明能力验证，请参见构建TDX机密计算环境。如您希望在异构机密计算实例中部署大语言模型推理环境，请参见基于异构机密计算实例构建安全大语言模型推理环境。

重要

当前异构机密计算实例处于邀测状态，如需使用，请联系您的客户经理。

如上图所示，在异构机密计算实例上，GPU以机密计算模式启动，机密计算实例的机密性由以下几点来保证：

TDX特性保证Hypervisor/Host OS无法访问实例的敏感寄存器信息以及实例的内存数据。
PCIE防火墙可以阻止CPU访问GPU的关键寄存器和GPU中受保护的显存，Hypervisor/Host OS对GPU只能执行有限的访问和操作（比如重置GPU），而无法访问GPU中的敏感数据，保证了GPU中数据的机密性。
GPU的NVLink Firewall阻止其他GPU直接访问GPU的显存。
CPU TEE中的GPU驱动以及库函数，初始化时会通过SPDM（Security Protocol and Data Model）协议与GPU建立加密通道。密钥协商完成后，CPU与GPU间仅通过PCIe传输密文形态数据，保证了CPU与GPU之间的数据传输链路的机密性。
通过GPU的远程证明能力确认GPU是否处于安全状态。
具体而言，机密计算实例中的应用可以通过Attestation SDK调用GPU驱动，从GPU硬件获取其安全状态的密码学报告。该报告中包含由密码学签名的GPU硬件信息、VBIOS及硬件状态度量值。依赖方（Relying party）可以通过将获取到的度量值与GPU厂商提供的参考度量值进行比对，以确认GPU是否处于机密计算的安全状态。

创建异构机密计算实例（gn8v-tee）

通过控制台创建

在控制台创建具备异构机密计算特性的实例步骤与创建普通实例类似，但需要注意一些特定选项。本步骤重点介绍异构机密计算实例相关的特定配置，如果您想了解其他通用配置，请参见自定义购买实例。

访问ECS控制台-实例。
在页面左侧顶部，选择目标资源所在的资源组和地域。
单击创建实例，按照以下配置创建对应实例。
配置项
说明
地域与可用区
华北2（北京）可用区L
实例规格
仅支持ecs.gn8v-tee.4xlarge及以上实例规格。
镜像
选择Alibaba Cloud Linux 3.2104 LTS 64位镜像。
根据界面提示，完成创建实例。

通过OpenAPI或阿里云CLI创建

您可以调用RunInstances或阿里云CLI创建支持TDX安全特性的ECS实例，需要注意的参数如下表所示。

参数	说明	示例
RegionId	华北2（北京）	cn-beijing
ZoneId	可用区L	cn-beijing-l
InstanceType	选择ecs.gn8v-tee.4xlarge及以上实例规格	ecs.gn8v-tee.4xlarge
ImageId	指定支持异构机密的镜像ID，当前仅内核版本大于等于5.10.134-18.al8.x86_64的Alibaba Cloud Linux 3.2104 LTS 64位镜像支持。	aliyun_3_x64_20G_alibase_20250117.vhd

CLI示例：

aliyun ecs RunInstances \
  --Region cn-beijing \
  --ZoneId cn-beijing-l \
  --SystemDisk.Category cloud_essd \
  --ImageId 'aliyun_3_x64_20G_alibase_20250117.vhd' \
  --InstanceType 'ecs.gn8v-tee.4xlarge' \
  --SecurityGroupId 'sg-[SecurityGroupId]' \
  --VSwitchId 'vsw-[VSwitchID]' \
  --KeyPairName [KEY_PAIR_NAME] \

构建异构机密计算环境

步骤一：安装NVIDIA驱动和CUDA工具包

重要

异构机密计算实例初始化较慢，当实例状态为运行中，并且实例操作系统启动完成以后再执行以下操作。

不同实例规格的安装步骤有所不同：

单GPU卡机密实例：ecs.gn8v-tee.4xlarge和ecs.gn8v-tee.6xlarge规格
8 GPU卡机密实例：ecs.gn8v-tee-8x.16xlarge和ecs.gn8v-tee-8x.48xlarge规格

单GPU卡机密实例

远程连接机密计算实例。
具体操作，请参见使用Workbench工具以SSH协议登录Linux实例。

下载NVIDIA驱动和CUDA工具包。

wget --referer=https://www.nvidia.cn/ https://cn.download.nvidia.cn/tesla/550.144.03/NVIDIA-Linux-x86_64-550.144.03.run
wget https://developer.download.nvidia.com/compute/cuda/12.4.1/local_installers/cuda_12.4.1_550.54.15_linux.run

安装依赖并禁用cloudmonitor服务。

sudo yum install -y openssl3
sudo systemctl disable cloudmonitor
sudo systemctl stop cloudmonitor

创建并配置 nvidia-persistenced.service。

cat > nvidia-persistenced.service << EOF
[Unit]
Description=NVIDIA Persistence Daemon
Wants=syslog.target
Before=cloudmonitor.service

[Service]
Type=forking
ExecStart=/usr/bin/nvidia-persistenced --user root
ExecStartPost=/usr/bin/nvidia-smi conf-compute -srs 1
ExecStopPost=/bin/rm -rf /var/run/nvidia-persistenced

[Install]
WantedBy=multi-user.target
EOF

sudo cp nvidia-persistenced.service /usr/lib/systemd/system/nvidia-persistenced.service

安装NVIDIA驱动和CUDA Toolkit。

sudo bash NVIDIA-Linux-x86_64-550.144.03.run --ui=none --no-questions --accept-license --disable-nouveau --no-cc-version-check --install-libglvnd --kernel-module-build-directory=kernel-open --rebuild-initramfs
sudo bash cuda_12.4.1_550.54.15_linux.run --silent --toolkit

启动nvidia-persistenced和cloudmonitor服务。

sudo systemctl start nvidia-persistenced.service
sudo systemctl enable nvidia-persistenced.service
sudo systemctl start cloudmonitor
sudo systemctl enable cloudmonitor

调整内核参数。

sudo grubby --update-kernel=ALL --args="swiotlb=4194304,any"

重启实例，使以上配置生效。
具体操作，请参见重启实例。

8 GPU卡机密实例

远程连接机密计算实例。
具体操作，请参见使用Workbench工具以SSH协议登录Linux实例。
重要
机密计算实例初始化较慢，请耐心等待。

配置NVIDIA驱动程序的加载行为，并重新生成initramfs。

sudo bash -c 'cat > /etc/modprobe.d/nvidia-lkca.conf << EOF
install nvidia /sbin/modprobe ecdsa_generic; /sbin/modprobe ecdh; /sbin/modprobe --ignore-install nvidia
options nvidia NVreg_RegistryDwords="RmEnableProtectedPcie=0x1"
EOF'

sudo dracut --regenerate-all -f

重启实例，使以上配置生效。
具体操作，请参见重启实例。

下载NVIDIA驱动和CUDA工具包。

wget --referer=https://www.nvidia.cn/ https://cn.download.nvidia.cn/tesla/570.86.15/NVIDIA-Linux-x86_64-570.86.15.run
wget https://developer.download.nvidia.com/compute/cuda/12.8.0/local_installers/cuda_12.8.0_570.86.10_linux.run
wget https://developer.download.nvidia.cn/compute/cuda/repos/rhel8/x86_64/nvidia-fabric-manager-570.86.15-1.x86_64.rpm

安装依赖并禁用cloudmonitor服务。

sudo yum install -y openssl3
sudo systemctl disable cloudmonitor
sudo systemctl stop cloudmonitor

创建并配置 nvidia-persistenced.service。

cat > nvidia-persistenced.service << EOF
[Unit]
Description=NVIDIA Persistence Daemon
Wants=syslog.target
Before=cloudmonitor.service
After=nvidia-fabricmanager.service

[Service]
Type=forking
ExecStart=/usr/bin/nvidia-persistenced --user root --uvm-persistence-mode --verbose
ExecStartPost=/usr/bin/nvidia-smi conf-compute -srs 1
ExecStopPost=/bin/rm -rf /var/run/nvidia-persistenced
TimeoutStartSec=900
TimeoutStopSec=60

[Install]
WantedBy=multi-user.target
EOF

sudo cp nvidia-persistenced.service /usr/lib/systemd/system/nvidia-persistenced.service

安装FabricManager、NVIDIA驱动和CUDA Toolkit。

sudo rpm -ivh nvidia-fabric-manager-570.86.15-1.x86_64.rpm
sudo bash NVIDIA-Linux-x86_64-570.86.15.run --ui=none --no-questions --accept-license --disable-nouveau --no-cc-version-check --install-libglvnd --kernel-module-build-directory=kernel-open --rebuild-initramfs
sudo bash cuda_12.8.0_570.86.10_linux.run --silent --toolkit

启动nvidia-persistenced和cloudmonitor服务。

sudo systemctl start nvidia-fabricmanager.service
sudo systemctl enable nvidia-fabricmanager.service
sudo systemctl start nvidia-persistenced.service
sudo systemctl enable nvidia-persistenced.service
sudo systemctl start cloudmonitor
sudo systemctl enable cloudmonitor

调整内核参数。

sudo grubby --update-kernel=ALL --args="swiotlb=2097152,any"

重启实例，使以上配置生效。
具体操作，请参见重启实例。

步骤二：检查TDX使能状态

异构机密计算特性基于TDX构建，建议您先检查对应实例的TDX使能状态，以确保该实例处于安全保护中。

检查TDX使能状态。
```
lscpu |grep -i tdx_guest
```
下图所示表示TDX已经被正确使能。
检查TDX相关驱动安装情况。
```
ls -l /dev/tdx_guest
```
下图所示表示已经安装TDX相关驱动。

步骤三：检查GPU机密计算特性状态

单GPU卡机密实例：ecs.gn8v-tee.4xlarge和ecs.gn8v-tee.6xlarge规格
执行以下命令，查看机密计算特性状态。
```
nvidia-smi conf-compute -f
```
返回结果CC status: ON表示机密计算特性开启；返回结果CC status: OFF表示机密计算特性关闭，说明实例出现异常，请提交工单。
8 GPU卡机密实例：ecs.gn8v-tee-8x.16xlarge和ecs.gn8v-tee-8x.48xlarge规格
执行以下命令，查看机密计算特性状态。
```
nvidia-smi conf-compute -mgm
```
返回结果Multi-GPU Mode: Protected PCIe表示多卡机密计算特性开启；返回结果Multi-GPU Mode: None表示多卡机密计算特性关闭，说明实例出现异常，请提交工单。
说明
8 GPU卡机密实例中，nvidia-smi conf-compute -f命令返回CC status: OFF是正常结果。

步骤四：通过本地证明验证GPU/NVSwitch可信

安装GPU可信所需依赖。

sudo yum install -y python3.11 python3.11-devel python3.11-pip
sudo alternatives --install /usr/bin/python3 python3 /usr/bin/python3.11 60
sudo alternatives --set python3 /usr/bin/python3.11
sudo python3 -m ensurepip --upgrade
sudo python3 -m pip install --upgrade pip

sudo python3 -m pip install nv_attestation_sdk==2.1.2.post6393737 nv_local_gpu_verifier==2.1.1.post6393737 nv_ppcie_verifier==1.1.2.post6393737 -f https://attest-public-cn-beijing.oss-cn-beijing.aliyuncs.com/repo/pip/attest.html

（仅8 GPU卡机密实例）安装NVSwitch相关依赖组件。

wget https://developer.download.nvidia.cn/compute/cuda/repos/rhel8/x86_64/libnvidia-nscq-570-570.86.15-1.x86_64.rpm
sudo rpm -ivh libnvidia-nscq-570-570.86.15-1.x86_64.rpm

验证GPU/NVSwitch可信。

单GPU卡机密实例

创建并配置LocalGPUTest.py示例文件。

以下示例代码会在单GPU卡机密实例中验证GPU可信。

cat > LocalGPUTest.py << EOF
#!/usr/bin/env python3
# -*- coding: utf-8 -*-


from nv_attestation_sdk import attestation


att_result_policy = '''
{
  "version":"3.0",
  "authorization-rules":{
    "type": "JWT",
    "overall-claims": {
      "iss": "LOCAL_GPU_VERIFIER",
      "x-nvidia-overall-att-result": true,
      "x-nvidia-ver": "2.0"
    },
    "detached-claims":{
      "measres": "success",
      "x-nvidia-gpu-arch-check": true,
      "x-nvidia-gpu-attestation-report-cert-chain-validated": true,
      "x-nvidia-gpu-attestation-report-parsed": true,
      "x-nvidia-gpu-attestation-report-nonce-match": true,
      "x-nvidia-gpu-attestation-report-signature-verified": true,
      "x-nvidia-gpu-driver-rim-fetched": true,
      "x-nvidia-gpu-driver-rim-schema-validated": true,
      "x-nvidia-gpu-driver-rim-cert-validated": true,
      "x-nvidia-gpu-driver-rim-signature-verified": true,
      "x-nvidia-gpu-driver-rim-measurements-available": true,
      "x-nvidia-gpu-vbios-rim-fetched": true,
      "x-nvidia-gpu-vbios-rim-schema-validated": true,
      "x-nvidia-gpu-vbios-rim-cert-validated": true,
      "x-nvidia-gpu-vbios-rim-signature-verified": true,
      "x-nvidia-gpu-vbios-rim-measurements-available": true,
      "x-nvidia-gpu-vbios-index-no-conflict": true
    }
  }
}'''

client = attestation.Attestation()
client.set_name("thisNode1")
client.set_nonce("931d8dd0add203ac3d8b4fbde75e115278eefcdceac5b87671a748f32364dfcb")

print("[LocalGPUTest] node name :", client.get_name())

client.add_verifier(attestation.Devices.GPU, attestation.Environment.LOCAL, "", "")

print(client.get_verifiers())

print("[LocalGPUTest] call get_evidence()")
evidence_list = client.get_evidence()

print("[LocalGPUTest] call attest() - expecting True")
print("[LocalGPUTest] call attest() - result : ", client.attest(evidence_list))
# print("[LocalGPUTest] token : " + str(client.get_token()))
print("[LocalGPUTest] call validate_token() - expecting True")

print("[LocalGPUTest] call validate_token() - result: ", client.validate_token(att_result_policy))

client.decode_token(client.get_token())

EOF

执行以下命令，验证GPU/NVSwitch可信状态。

python3 LocalGPUTest.py

回显结果表示GPU处于机密计算状态，且Driver、VBIOS等度量值与预期相符合：

完整输出示例

[LocalGPUTest] node name : thisNode1
[['LOCAL_GPU_CLAIMS', <Devices.GPU: 2>, <Environment.LOCAL: 2>, '', '', '']]
[LocalGPUTest] call get_evidence()
Nonce generated: 931d8dd0add203ac3d8b4fbde75e115278eefcdceac5b87671a748f3236****
Number of GPUs available : 1
Fetching GPU 0 information from GPU driver.
All GPU Evidences fetched successfully
[LocalGPUTest] call attest() - expecting True
-----------------------------------
Verifying GPU: GPU-e1e94012-8c7b-f9a2-d712-fc5b014f****
        Driver version fetched : 550.144.03
        VBIOS version fetched : 96.00.bc.00.05
        Validating GPU certificate chains.
                The firmware ID in the device certificate chain is matching with the one in the attestation report.
                GPU attestation report certificate chain validation successful.
                        The certificate chain revocation status verification successful.
        Authenticating attestation report
                The nonce in the SPDM GET MEASUREMENT request message is matching with the generated nonce.
                Driver version fetched from the attestation report : 550.144.03
                VBIOS version fetched from the attestation report : 96.00.bc.00.05
                Attestation report signature verification successful.
                Attestation report verification successful.
        Authenticating the RIMs.
                Authenticating Driver RIM
                        Fetching the driver RIM from the RIM service.
                        RIM Schema validation passed.
                        driver RIM certificate chain verification successful.
                        The certificate chain revocation status verification successful.
                        driver RIM signature verification successful.
                        Driver RIM verification successful
                Authenticating VBIOS RIM.
                        Fetching the VBIOS RIM from the RIM service.
                        RIM Schema validation passed.
                        vbios RIM certificate chain verification successful.
                        The certificate chain revocation status verification successful.
                        vbios RIM signature verification successful.
                        VBIOS RIM verification successful
        Comparing measurements (runtime vs golden)
                        The runtime measurements are matching with the golden measurements.                            
                GPU is in expected state.
        GPU 0 with UUID GPU-e1e94012-8c7b-f9a2-d712-fc5b014f**** verified successfully.
GPU Attestation is Successful.
[LocalGPUTest] call attest() - result :  True
[LocalGPUTest] call validate_token() - expecting True
[LocalGPUTest] call validate_token() - result:  True

8 GPU卡机密实例

创建并配置LocalMultiGpuSwitchTest.py示例文件。

以下示例代码会在8 GPU机密实例中同时验证GPU和NVSwitch可信。

cat > LocalMultiGpuSwitchTest.py << EOF
#!/usr/bin/env python3
# -*- coding: utf-8 -*-


from nv_attestation_sdk import attestation


local_gpu_att_result_policy = '''
{
  "version":"3.0",
  "authorization-rules":{
    "type": "JWT",
    "overall-claims": {
      "iss": "LOCAL_GPU_VERIFIER",
      "x-nvidia-overall-att-result": true,
      "x-nvidia-ver": "2.0"
    },
    "detached-claims":{
      "measres": "success",
      "x-nvidia-gpu-arch-check": true,
      "x-nvidia-gpu-attestation-report-cert-chain-validated": true,
      "x-nvidia-gpu-attestation-report-parsed": true,
      "x-nvidia-gpu-attestation-report-nonce-match": true,
      "x-nvidia-gpu-attestation-report-signature-verified": true,
      "x-nvidia-gpu-driver-rim-fetched": true,
      "x-nvidia-gpu-driver-rim-schema-validated": true,
      "x-nvidia-gpu-driver-rim-cert-validated": true,
      "x-nvidia-gpu-driver-rim-signature-verified": true,
      "x-nvidia-gpu-driver-rim-measurements-available": true,
      "x-nvidia-gpu-vbios-rim-fetched": true,
      "x-nvidia-gpu-vbios-rim-schema-validated": true,
      "x-nvidia-gpu-vbios-rim-cert-validated": true,
      "x-nvidia-gpu-vbios-rim-signature-verified": true,
      "x-nvidia-gpu-vbios-rim-measurements-available": true,
      "x-nvidia-gpu-vbios-index-no-conflict": true
    }
  }
}
'''

local_nvswitch_att_result_policy = '''
{
  "version":"3.0",
  "authorization-rules":{
    "type": "JWT",
    "overall-claims": {
      "iss": "LOCAL_SWITCH_VERIFIER",
      "x-nvidia-overall-att-result": true,
      "x-nvidia-ver": "2.0"
    },
    "detached-claims":{
      "measres": "success",
      "x-nvidia-switch-arch-check": true,
      "x-nvidia-switch-bios-rim-measurements-available": true,
      "x-nvidia-switch-attestation-report-signature-verified": true,
      "x-nvidia-switch-attestation-report-parsed": true,
      "x-nvidia-switch-attestation-report-nonce-match": true,
      "x-nvidia-switch-attestation-report-cert-chain-validated": true,
      "x-nvidia-switch-bios-rim-schema-validated": true,
      "x-nvidia-switch-bios-rim-signature-verified": true,
      "x-nvidia-switch-bios-rim-cert-validated": true,
      "x-nvidia-switch-bios-rim-fetched": true
    }
  }
}
'''


client = attestation.Attestation()
client.set_name("thisNode1")
client.set_nonce("931d8dd0add203ac3d8b4fbde75e115278eefcdceac5b87671a748f32364dfcb")

print("[LocalGPUTest] node name :", client.get_name())

client.add_verifier(attestation.Devices.GPU, attestation.Environment.LOCAL, "", "")

print(client.get_verifiers())

print("[LocalGPUTest] call get_evidence()")
evidence_list = client.get_evidence(ppcie_mode=False)

print("[LocalGPUTest] call attest() - expecting True")
print("[LocalGPUTest] call attest() - result : ", client.attest(evidence_list))
# print("[LocalGPUTest] token : " + str(client.get_token()))
print("[LocalGPUTest] call validate_token() - expecting True")

print("[LocalGPUTest] call validate_token() - result: ", client.validate_token(local_gpu_att_result_policy))

client.decode_token(client.get_token())
client.clear_verifiers()

print("[LocalSwitchTest] node name :", client.get_name())

client.set_nonce("931d8dd0add203ac3d8b4fbde75e115278eefcdceac5b87671a748f32364dfcb")

client.add_verifier(attestation.Devices.SWITCH, attestation.Environment.LOCAL, "", "")

evidence_list = client.get_evidence(ppcie_mode=False)

client.attest(evidence_list)
print("[LocalSwitchTest] token : " + str(client.get_token()))

print(client.validate_token(local_nvswitch_att_result_policy))

client.decode_token(client.get_token())

EOF

执行以下命令，验证GPU/NVSwitch可信状态。

python3 LocalMultiGpuSwitchTest.py

示例代码会分别验证8个GPU和4个NVSwitch，最终输出为True表示验证成功：

完整输出示例

[LocalGPUTest] node name : thisNode1
[['LOCAL_GPU_CLAIMS', <Devices.GPU: 2>, <Environment.LOCAL: 2>, '', '', '']]
[LocalGPUTest] call get_evidence()
Nonce generated: 931d8dd0add203ac3d8b4fbde75e115278eefcdceac5b87671a748f32364****
Number of GPUs available : 8
Fetching GPU 0 information from GPU driver.
Fetching GPU 1 information from GPU driver.
Fetching GPU 2 information from GPU driver.
Fetching GPU 3 information from GPU driver.
Fetching GPU 4 information from GPU driver.
Fetching GPU 5 information from GPU driver.
Fetching GPU 6 information from GPU driver.
Fetching GPU 7 information from GPU driver.
All GPU Evidences fetched successfully
[LocalGPUTest] call attest() - expecting True
-----------------------------------
Verifying GPU: GPU-cc4587a9-3275-38cd-61ad-e22a23ae****
        Driver version fetched : 570.86.15
        VBIOS version fetched : 96.00.bc.00.05
        Validating GPU certificate chains.
                The firmware ID in the device certificate chain is matching with the one in the attestation report.
                GPU attestation report certificate chain validation successful.
                        The certificate chain revocation status verification successful.
        Authenticating attestation report
                The nonce in the SPDM GET MEASUREMENT request message is matching with the generated nonce.
                Driver version fetched from the attestation report : 570.86.15
                VBIOS version fetched from the attestation report : 96.00.bc.00.05
                Attestation report signature verification successful.
                Attestation report verification successful.
        Authenticating the RIMs.
                Authenticating Driver RIM
                        Fetching the driver RIM from the RIM service.
                        RIM Schema validation passed.
                        driver RIM certificate chain verification successful.
                        The certificate chain revocation status verification successful.
                        driver RIM signature verification successful.
                        Driver RIM verification successful
                Authenticating VBIOS RIM.
                        Fetching the VBIOS RIM from the RIM service.
                        RIM Schema validation passed.
                        vbios RIM certificate chain verification successful.
                        The certificate chain revocation status verification successful.
                        vbios RIM signature verification successful.
                        VBIOS RIM verification successful
        Comparing measurements (runtime vs golden)
                        The runtime measurements are matching with the golden measurements.                            
                GPU is in expected state.
        GPU 0 with UUID GPU-cc4587a9-3275-38cd-61ad-e22a23ae**** verified successfully.
-----------------------------------
Verifying GPU: GPU-6eee99b1-c78e-8693-9a85-d930087a****
        Driver version fetched : 570.86.15
        VBIOS version fetched : 96.00.bc.00.05
        Validating GPU certificate chains.
                The firmware ID in the device certificate chain is matching with the one in the attestation report.
                GPU attestation report certificate chain validation successful.
                        The certificate chain revocation status verification successful.
        Authenticating attestation report
                The nonce in the SPDM GET MEASUREMENT request message is matching with the generated nonce.
                Driver version fetched from the attestation report : 570.86.15
                VBIOS version fetched from the attestation report : 96.00.bc.00.05
                Attestation report signature verification successful.
                Attestation report verification successful.
        Authenticating the RIMs.
                Authenticating Driver RIM
                        Fetching the driver RIM from the RIM service.
                        RIM Schema validation passed.
                        driver RIM certificate chain verification successful.
                        The certificate chain revocation status verification successful.
                        driver RIM signature verification successful.
                        Driver RIM verification successful
                Authenticating VBIOS RIM.
                        Fetching the VBIOS RIM from the RIM service.
                        RIM Schema validation passed.
                        vbios RIM certificate chain verification successful.
                        The certificate chain revocation status verification successful.
                        vbios RIM signature verification successful.
                        VBIOS RIM verification successful
        Comparing measurements (runtime vs golden)
                        The runtime measurements are matching with the golden measurements.                            
                GPU is in expected state.
        GPU 1 with UUID GPU-6eee99b1-c78e-8693-9a85-d930087a**** verified successfully.
-----------------------------------
Verifying GPU: GPU-58b4a29e-6293-e012-518f-31005cd1****
        Driver version fetched : 570.86.15
        VBIOS version fetched : 96.00.bc.00.05
        Validating GPU certificate chains.
                The firmware ID in the device certificate chain is matching with the one in the attestation report.
                GPU attestation report certificate chain validation successful.
                        The certificate chain revocation status verification successful.
        Authenticating attestation report
                The nonce in the SPDM GET MEASUREMENT request message is matching with the generated nonce.
                Driver version fetched from the attestation report : 570.86.15
                VBIOS version fetched from the attestation report : 96.00.bc.00.05
                Attestation report signature verification successful.
                Attestation report verification successful.
        Authenticating the RIMs.
                Authenticating Driver RIM
                        Fetching the driver RIM from the RIM service.
                        RIM Schema validation passed.
                        driver RIM certificate chain verification successful.
                        The certificate chain revocation status verification successful.
                        driver RIM signature verification successful.
                        Driver RIM verification successful
                Authenticating VBIOS RIM.
                        Fetching the VBIOS RIM from the RIM service.
                        RIM Schema validation passed.
                        vbios RIM certificate chain verification successful.
                        The certificate chain revocation status verification successful.
                        vbios RIM signature verification successful.
                        VBIOS RIM verification successful
        Comparing measurements (runtime vs golden)
                        The runtime measurements are matching with the golden measurements.                            
                GPU is in expected state.
        GPU 2 with UUID GPU-58b4a29e-6293-e012-518f-31005cd1**** verified successfully.
-----------------------------------
Verifying GPU: GPU-de61fb56-31fe-52ab-ce17-d587d875****
        Driver version fetched : 570.86.15
        VBIOS version fetched : 96.00.bc.00.05
        Validating GPU certificate chains.
                The firmware ID in the device certificate chain is matching with the one in the attestation report.
                GPU attestation report certificate chain validation successful.
                        The certificate chain revocation status verification successful.
        Authenticating attestation report
                The nonce in the SPDM GET MEASUREMENT request message is matching with the generated nonce.
                Driver version fetched from the attestation report : 570.86.15
                VBIOS version fetched from the attestation report : 96.00.bc.00.05
                Attestation report signature verification successful.
                Attestation report verification successful.
        Authenticating the RIMs.
                Authenticating Driver RIM
                        Fetching the driver RIM from the RIM service.
                        RIM Schema validation passed.
                        driver RIM certificate chain verification successful.
                        The certificate chain revocation status verification successful.
                        driver RIM signature verification successful.
                        Driver RIM verification successful
                Authenticating VBIOS RIM.
                        Fetching the VBIOS RIM from the RIM service.
                        RIM Schema validation passed.
                        vbios RIM certificate chain verification successful.
                        The certificate chain revocation status verification successful.
                        vbios RIM signature verification successful.
                        VBIOS RIM verification successful
        Comparing measurements (runtime vs golden)
                        The runtime measurements are matching with the golden measurements.                            
                GPU is in expected state.
        GPU 3 with UUID GPU-de61fb56-31fe-52ab-ce17-d587d875**** verified successfully.
-----------------------------------
Verifying GPU: GPU-1481fd31-6e0d-0213-6006-2f28035e****
        Driver version fetched : 570.86.15
        VBIOS version fetched : 96.00.bc.00.05
        Validating GPU certificate chains.
                The firmware ID in the device certificate chain is matching with the one in the attestation report.
                GPU attestation report certificate chain validation successful.
                        The certificate chain revocation status verification successful.
        Authenticating attestation report
                The nonce in the SPDM GET MEASUREMENT request message is matching with the generated nonce.
                Driver version fetched from the attestation report : 570.86.15
                VBIOS version fetched from the attestation report : 96.00.bc.00.05
                Attestation report signature verification successful.
                Attestation report verification successful.
        Authenticating the RIMs.
                Authenticating Driver RIM
                        Fetching the driver RIM from the RIM service.
                        RIM Schema validation passed.
                        driver RIM certificate chain verification successful.
                        The certificate chain revocation status verification successful.
                        driver RIM signature verification successful.
                        Driver RIM verification successful
                Authenticating VBIOS RIM.
                        Fetching the VBIOS RIM from the RIM service.
                        RIM Schema validation passed.
                        vbios RIM certificate chain verification successful.
                        The certificate chain revocation status verification successful.
                        vbios RIM signature verification successful.
                        VBIOS RIM verification successful
        Comparing measurements (runtime vs golden)
                        The runtime measurements are matching with the golden measurements.                            
                GPU is in expected state.
        GPU 4 with UUID GPU-1481fd31-6e0d-0213-6006-2f28035e**** verified successfully.
-----------------------------------
Verifying GPU: GPU-28329d00-3f24-f65b-8271-d3016fc6****
        Driver version fetched : 570.86.15
        VBIOS version fetched : 96.00.bc.00.05
        Validating GPU certificate chains.
                The firmware ID in the device certificate chain is matching with the one in the attestation report.
                GPU attestation report certificate chain validation successful.
                        The certificate chain revocation status verification successful.
        Authenticating attestation report
                The nonce in the SPDM GET MEASUREMENT request message is matching with the generated nonce.
                Driver version fetched from the attestation report : 570.86.15
                VBIOS version fetched from the attestation report : 96.00.bc.00.05
                Attestation report signature verification successful.
                Attestation report verification successful.
        Authenticating the RIMs.
                Authenticating Driver RIM
                        Fetching the driver RIM from the RIM service.
                        RIM Schema validation passed.
                        driver RIM certificate chain verification successful.
                        The certificate chain revocation status verification successful.
                        driver RIM signature verification successful.
                        Driver RIM verification successful
                Authenticating VBIOS RIM.
                        Fetching the VBIOS RIM from the RIM service.
                        RIM Schema validation passed.
                        vbios RIM certificate chain verification successful.
                        The certificate chain revocation status verification successful.
                        vbios RIM signature verification successful.
                        VBIOS RIM verification successful
        Comparing measurements (runtime vs golden)
                        The runtime measurements are matching with the golden measurements.                            
                GPU is in expected state.
        GPU 5 with UUID GPU-28329d00-3f24-f65b-8271-d3016fc6**** verified successfully.
-----------------------------------
Verifying GPU: GPU-c31359f2-e89c-2f12-8569-4d1b1595****
        Driver version fetched : 570.86.15
        VBIOS version fetched : 96.00.bc.00.05
        Validating GPU certificate chains.
                The firmware ID in the device certificate chain is matching with the one in the attestation report.
                GPU attestation report certificate chain validation successful.
                        The certificate chain revocation status verification successful.
        Authenticating attestation report
                The nonce in the SPDM GET MEASUREMENT request message is matching with the generated nonce.
                Driver version fetched from the attestation report : 570.86.15
                VBIOS version fetched from the attestation report : 96.00.bc.00.05
                Attestation report signature verification successful.
                Attestation report verification successful.
        Authenticating the RIMs.
                Authenticating Driver RIM
                        Fetching the driver RIM from the RIM service.
                        RIM Schema validation passed.
                        driver RIM certificate chain verification successful.
                        The certificate chain revocation status verification successful.
                        driver RIM signature verification successful.
                        Driver RIM verification successful
                Authenticating VBIOS RIM.
                        Fetching the VBIOS RIM from the RIM service.
                        RIM Schema validation passed.
                        vbios RIM certificate chain verification successful.
                        The certificate chain revocation status verification successful.
                        vbios RIM signature verification successful.
                        VBIOS RIM verification successful
        Comparing measurements (runtime vs golden)
                        The runtime measurements are matching with the golden measurements.                            
                GPU is in expected state.
        GPU 6 with UUID GPU-c31359f2-e89c-2f12-8569-4d1b1595**** verified successfully.
-----------------------------------
Verifying GPU: GPU-2b1694dd-ba0d-5bed-c59d-7469f603****
        Driver version fetched : 570.86.15
        VBIOS version fetched : 96.00.bc.00.05
        Validating GPU certificate chains.
                The firmware ID in the device certificate chain is matching with the one in the attestation report.
                GPU attestation report certificate chain validation successful.
                        The certificate chain revocation status verification successful.
        Authenticating attestation report
                The nonce in the SPDM GET MEASUREMENT request message is matching with the generated nonce.
                Driver version fetched from the attestation report : 570.86.15
                VBIOS version fetched from the attestation report : 96.00.bc.00.05
                Attestation report signature verification successful.
                Attestation report verification successful.
        Authenticating the RIMs.
                Authenticating Driver RIM
                        Fetching the driver RIM from the RIM service.
                        RIM Schema validation passed.
                        driver RIM certificate chain verification successful.
                        The certificate chain revocation status verification successful.
                        driver RIM signature verification successful.
                        Driver RIM verification successful
                Authenticating VBIOS RIM.
                        Fetching the VBIOS RIM from the RIM service.
                        RIM Schema validation passed.
                        vbios RIM certificate chain verification successful.
                        The certificate chain revocation status verification successful.
                        vbios RIM signature verification successful.
                        VBIOS RIM verification successful
        Comparing measurements (runtime vs golden)
                        The runtime measurements are matching with the golden measurements.                            
                GPU is in expected state.
        GPU 7 with UUID GPU-2b1694dd-ba0d-5bed-c59d-7469f603**** verified successfully.
GPU Attestation is Successful.
[LocalGPUTest] call attest() - result :  True
[LocalGPUTest] call validate_token() - expecting True
[LocalGPUTest] call validate_token() - result:  True
[LocalSwitchTest] node name : thisNode1
Nonce generated: 931d8dd0add203ac3d8b4fbde75e115278eefcdceac5b87671a748f32364****
Getting evidence details for SWX-FD6AB8D6-F4B4-A2D0-CB6C-9E40D125****
Getting evidence details for SWX-8E2E87BF-8F23-BDB6-ADCC-B4A08827****
Getting evidence details for SWX-483F3A49-122A-6E30-927A-5F0707C5****
Getting evidence details for SWX-7908C2C6-6FF6-93C3-0BDE-F9FF1F2F****
All nvSwitch Evidences fetched successfully
-----------------------------------
Verifying Switch : 0
NVSwitch info fetched successfully.
        Validating Switch certificate chains.
                nvSwitch attestation report certificate chain validation successful.
                        The certificate chain revocation status verification successful.
        Authenticating attestation report
                The nonce in the SPDM GET MEASUREMENT request message is matching with the generated nonce.
                VBIOS version fetched from the attestation report : 96.10.69.00.01
VBIOS version in attestation report is matching.
                Attestation report signature verification successful.
                Attestation report verification successful.
        Authenticating the RIMs.
                Authenticating VBIOS RIM.
                        Fetching the VBIOS RIM from the RIM service.
                        RIM Schema validation passed.
                        vbios RIM certificate chain verification successful.
                        The certificate chain revocation status verification successful.
                        vbios RIM signature verification successful.
                        VBIOS RIM verification successful
        Comparing measurements (runtime vs golden)
                        The runtime measurements are matching with the golden measurements.                            
                Switch is in expected state.
        nvSwitch 0 verified successfully.
-----------------------------------
Verifying Switch : 1
NVSwitch info fetched successfully.
        Validating Switch certificate chains.
                nvSwitch attestation report certificate chain validation successful.
                        The certificate chain revocation status verification successful.
        Authenticating attestation report
                The nonce in the SPDM GET MEASUREMENT request message is matching with the generated nonce.
                VBIOS version fetched from the attestation report : 96.10.69.00.01
VBIOS version in attestation report is matching.
                Attestation report signature verification successful.
                Attestation report verification successful.
        Authenticating the RIMs.
                Authenticating VBIOS RIM.
                        Fetching the VBIOS RIM from the RIM service.
                        RIM Schema validation passed.
                        vbios RIM certificate chain verification successful.
                        The certificate chain revocation status verification successful.
                        vbios RIM signature verification successful.
                        VBIOS RIM verification successful
        Comparing measurements (runtime vs golden)
                        The runtime measurements are matching with the golden measurements.                            
                Switch is in expected state.
        nvSwitch 1 verified successfully.
-----------------------------------
Verifying Switch : 2
NVSwitch info fetched successfully.
        Validating Switch certificate chains.
                nvSwitch attestation report certificate chain validation successful.
                        The certificate chain revocation status verification successful.
        Authenticating attestation report
                The nonce in the SPDM GET MEASUREMENT request message is matching with the generated nonce.
                VBIOS version fetched from the attestation report : 96.10.69.00.01
VBIOS version in attestation report is matching.
                Attestation report signature verification successful.
                Attestation report verification successful.
        Authenticating the RIMs.
                Authenticating VBIOS RIM.
                        Fetching the VBIOS RIM from the RIM service.
                        RIM Schema validation passed.
                        vbios RIM certificate chain verification successful.
                        The certificate chain revocation status verification successful.
                        vbios RIM signature verification successful.
                        VBIOS RIM verification successful
        Comparing measurements (runtime vs golden)
                        The runtime measurements are matching with the golden measurements.                            
                Switch is in expected state.
        nvSwitch 2 verified successfully.
-----------------------------------
Verifying Switch : 3
NVSwitch info fetched successfully.
        Validating Switch certificate chains.
                nvSwitch attestation report certificate chain validation successful.
                        The certificate chain revocation status verification successful.
        Authenticating attestation report
                The nonce in the SPDM GET MEASUREMENT request message is matching with the generated nonce.
                VBIOS version fetched from the attestation report : 96.10.69.00.01
VBIOS version in attestation report is matching.
                Attestation report signature verification successful.
                Attestation report verification successful.
        Authenticating the RIMs.
                Authenticating VBIOS RIM.
                        Fetching the VBIOS RIM from the RIM service.
                        RIM Schema validation passed.
                        vbios RIM certificate chain verification successful.
                        The certificate chain revocation status verification successful.
                        vbios RIM signature verification successful.
                        VBIOS RIM verification successful
        Comparing measurements (runtime vs golden)
                        The runtime measurements are matching with the golden measurements.                            
                Switch is in expected state.
        nvSwitch 3 verified successfully.
All nvSwitches Attested Successfully
[LocalSwitchTest] token : [["JWT", "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJOVi1BdHRlc3RhdGlvbi1TREsiLCJpYXQiOjE3NDA5ODY5NTIsImV4cCI6MTc0MDk5MDU1MiwibmJmIjoxNzQwOTg2ODMyLCJqdGkiOiJhNWUwNGFkYy03OGNkLTQ2NTctYTUyZS0yMzliOGJkOTljODkifQ.c_AFgt-r5wVCk7-z0L5huBipiyqr3ry6OhEQT2lTSTw"], {"LOCAL_SWITCH_CLAIMS": [["JWT", "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJOVklESUEtUExBVEZPUk0tQVRURVNUQVRJT04iLCJuYmYiOjE3NDA5ODY4MzIsImV4cCI6MTc0MDk5MDU1MiwiaWF0IjoxNzQwOTg2OTUyLCJqdGkiOiIzMmYwYzg3Mi1lNDA2LTQ1YzktYmQxMS1jOGNlYzBhOGZhNWUiLCJ4LW52aWRpYS12ZXIiOiIyLjAiLCJpc3MiOiJMT0NBTF9TV0lUQ0hfVkVSSUZJRVIiLCJ4LW52aWRpYS1vdmVyYWxsLWF0dC1yZXN1bHQiOnRydWUsInN1Ym1vZHMiOnsiU1dJVENILTAiOlsiRElHRVNUIixbIlNIQTI1NiIsIjlkNjBkZDlkOTBiNGE5NzMzZjZkMzc5MDQ3OTc4YzdiYTNiZmU0ODQ0MDc5MWZiMTI2OWE2N2Q5ZDZjMzhjNTAiXV0sIlNXSVRDSC0xIjpbIkRJR0VTVCIsWyJTSEEyNTYiLCIzODAyYzlkZGEwN2Q4N2I0OWE4ZTk3NTE5NGNiMTQ5NTBiNDE4YjgxZTYxZmE1ZDdlNjgyN2YxYWY5YWEwMjEwIl1dLCJTV0lUQ0gtMiI6WyJESUdFU1QiLFsiU0hBMjU2IiwiOThjOGExMTkzMDU5MDEyYjM5YTNkNzI5ZDM5MzdlYjA2ZGRjMjE1YTlkM2VhNGI3Y2FkYzk2OTBjMTlmZjE3OCJdXSwiU1dJVENILTMiOlsiRElHRVNUIixbIlNIQTI1NiIsImUxMWRiYWFjYzI4YjJhYzQxOTE0MzJlZDU2NWM5MTg3MDkyZWYwZThiMzFkYTFkODVjNzZiNzVmZDdhN2EyOWIiXV19LCJlYXRfbm9uY2UiOiI5MzFkOGRkMGFkZDIwM2FjM2Q4YjRmYmRlNzVlMTE1Mjc4ZWVmY2RjZWFjNWI4NzY3MWE3NDhmMzIzNjRkZmNiIn0.oIGG7jVwg_655egUz1JhfYbiHO2LeEVRRIAbZ17ZElM"], {"SWITCH-0": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtZWFzcmVzIjoic3VjY2VzcyIsIngtbnZpZGlhLXN3aXRjaC1hcmNoLWNoZWNrIjp0cnVlLCJ4LW52aWRpYS1zd2l0Y2gtYmlvcy12ZXJzaW9uIjoiOTYuMTAuNjkuMDAuMDEiLCJ4LW52aWRpYS1zd2l0Y2gtYXR0ZXN0YXRpb24tcmVwb3J0LWNlcnQtY2hhaW4tdmFsaWRhdGVkIjp0cnVlLCJ4LW52aWRpYS1zd2l0Y2gtYXR0ZXN0YXRpb24tcmVwb3J0LXBhcnNlZCI6dHJ1ZSwieC1udmlkaWEtc3dpdGNoLWF0dGVzdGF0aW9uLXJlcG9ydC1ub25jZS1tYXRjaCI6dHJ1ZSwieC1udmlkaWEtc3dpdGNoLWF0dGVzdGF0aW9uLXJlcG9ydC1zaWduYXR1cmUtdmVyaWZpZWQiOnRydWUsIngtbnZpZGlhLXN3aXRjaC1iaW9zLXJpbS1mZXRjaGVkIjp0cnVlLCJ4LW52aWRpYS1zd2l0Y2gtYmlvcy1yaW0tc2NoZW1hLXZhbGlkYXRlZCI6dHJ1ZSwieC1udmlkaWEtc3dpdGNoLWJpb3MtcmltLWNlcnQtdmFsaWRhdGVkIjp0cnVlLCJ4LW52aWRpYS1zd2l0Y2gtYmlvcy1yaW0tc2lnbmF0dXJlLXZlcmlmaWVkIjp0cnVlLCJ4LW52aWRpYS1zd2l0Y2gtYmlvcy1yaW0tbWVhc3VyZW1lbnRzLWF2YWlsYWJsZSI6dHJ1ZSwic2VjYm9vdCI6dHJ1ZSwiZGJnc3RhdCI6ImRpc2FibGVkIiwiZWF0X25vbmNlIjoiOTMxZDhkZDBhZGQyMDNhYzNkOGI0ZmJkZTc1ZTExNTI3OGVlZmNkY2VhYzViODc2NzFhNzQ4ZjMyMzY0ZGZjYiIsImh3bW9kZWwiOiJMU18xMCBBMDEgRlNQIEJST00iLCJ1ZWlkIjoiMzk5MjE3NjM0NDc3MjE3NDU4OTQxMzM2MTQwMDU3OTMzMTM4MTQwOTU0NTE3MTkwIiwiaXNzIjoiTE9DQUxfU1dJVENIX1ZFUklGSUVSIiwibmJmIjoxNzQwOTg2ODMyLCJleHAiOjE3NDA5OTA1NTIsImlhdCI6MTc0MDk4Njk1MiwianRpIjoiNDJhY2UxMTEtY2ZiMC00NjhkLTkzMGYtY2U3NWZlYjRmOWQ5In0.7cxs1xOTkESbqBRfd2vmIXr2cd9ahP2gKgjS0CSvz9k", "SWITCH-1": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtZWFzcmVzIjoic3VjY2VzcyIsIngtbnZpZGlhLXN3aXRjaC1hcmNoLWNoZWNrIjp0cnVlLCJ4LW52aWRpYS1zd2l0Y2gtYmlvcy12ZXJzaW9uIjoiOTYuMTAuNjkuMDAuMDEiLCJ4LW52aWRpYS1zd2l0Y2gtYXR0ZXN0YXRpb24tcmVwb3J0LWNlcnQtY2hhaW4tdmFsaWRhdGVkIjp0cnVlLCJ4LW52aWRpYS1zd2l0Y2gtYXR0ZXN0YXRpb24tcmVwb3J0LXBhcnNlZCI6dHJ1ZSwieC1udmlkaWEtc3dpdGNoLWF0dGVzdGF0aW9uLXJlcG9ydC1ub25jZS1tYXRjaCI6dHJ1ZSwieC1udmlkaWEtc3dpdGNoLWF0dGVzdGF0aW9uLXJlcG9ydC1zaWduYXR1cmUtdmVyaWZpZWQiOnRydWUsIngtbnZpZGlhLXN3aXRjaC1iaW9zLXJpbS1mZXRjaGVkIjp0cnVlLCJ4LW52aWRpYS1zd2l0Y2gtYmlvcy1yaW0tc2NoZW1hLXZhbGlkYXRlZCI6dHJ1ZSwieC1udmlkaWEtc3dpdGNoLWJpb3MtcmltLWNlcnQtdmFsaWRhdGVkIjp0cnVlLCJ4LW52aWRpYS1zd2l0Y2gtYmlvcy1yaW0tc2lnbmF0dXJlLXZlcmlmaWVkIjp0cnVlLCJ4LW52aWRpYS1zd2l0Y2gtYmlvcy1yaW0tbWVhc3VyZW1lbnRzLWF2YWlsYWJsZSI6dHJ1ZSwic2VjYm9vdCI6dHJ1ZSwiZGJnc3RhdCI6ImRpc2FibGVkIiwiZWF0X25vbmNlIjoiOTMxZDhkZDBhZGQyMDNhYzNkOGI0ZmJkZTc1ZTExNTI3OGVlZmNkY2VhYzViODc2NzFhNzQ4ZjMyMzY0ZGZjYiIsImh3bW9kZWwiOiJMU18xMCBBMDEgRlNQIEJST00iLCJ1ZWlkIjoiNTc0MTYyODE0NDc0MjExNzUyMzQ4Mjk4NjY4Nzk1ODkxNjUzNzk0ODA2ODU2OTIzIiwiaXNzIjoiTE9DQUxfU1dJVENIX1ZFUklGSUVSIiwibmJmIjoxNzQwOTg2ODMyLCJleHAiOjE3NDA5OTA1NTIsImlhdCI6MTc0MDk4Njk1MiwianRpIjoiMjhhMGE1MmQtNzVmMC00ODNkLWE1YzEtZGQwNWZkYmZkYjA0In0.SNhIO3e0KcQBrPiM7q-WJY_L7tAf3FHLJdVMjHIeU7s", "SWITCH-2": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtZWFzcmVzIjoic3VjY2VzcyIsIngtbnZpZGlhLXN3aXRjaC1hcmNoLWNoZWNrIjp0cnVlLCJ4LW52aWRpYS1zd2l0Y2gtYmlvcy12ZXJzaW9uIjoiOTYuMTAuNjkuMDAuMDEiLCJ4LW52aWRpYS1zd2l0Y2gtYXR0ZXN0YXRpb24tcmVwb3J0LWNlcnQtY2hhaW4tdmFsaWRhdGVkIjp0cnVlLCJ4LW52aWRpYS1zd2l0Y2gtYXR0ZXN0YXRpb24tcmVwb3J0LXBhcnNlZCI6dHJ1ZSwieC1udmlkaWEtc3dpdGNoLWF0dGVzdGF0aW9uLXJlcG9ydC1ub25jZS1tYXRjaCI6dHJ1ZSwieC1udmlkaWEtc3dpdGNoLWF0dGVzdGF0aW9uLXJlcG9ydC1zaWduYXR1cmUtdmVyaWZpZWQiOnRydWUsIngtbnZpZGlhLXN3aXRjaC1iaW9zLXJpbS1mZXRjaGVkIjp0cnVlLCJ4LW52aWRpYS1zd2l0Y2gtYmlvcy1yaW0tc2NoZW1hLXZhbGlkYXRlZCI6dHJ1ZSwieC1udmlkaWEtc3dpdGNoLWJpb3MtcmltLWNlcnQtdmFsaWRhdGVkIjp0cnVlLCJ4LW52aWRpYS1zd2l0Y2gtYmlvcy1yaW0tc2lnbmF0dXJlLXZlcmlmaWVkIjp0cnVlLCJ4LW52aWRpYS1zd2l0Y2gtYmlvcy1yaW0tbWVhc3VyZW1lbnRzLWF2YWlsYWJsZSI6dHJ1ZSwic2VjYm9vdCI6dHJ1ZSwiZGJnc3RhdCI6ImRpc2FibGVkIiwiZWF0X25vbmNlIjoiOTMxZDhkZDBhZGQyMDNhYzNkOGI0ZmJkZTc1ZTExNTI3OGVlZmNkY2VhYzViODc2NzFhNzQ4ZjMyMzY0ZGZjYiIsImh3bW9kZWwiOiJMU18xMCBBMDEgRlNQIEJST00iLCJ1ZWlkIjoiNDk4NjkwNzE1MTM3OTIxNTg2MzcxMzExMzIzMjY4NjI5NjA4NTc1NDkyMzEwODc0IiwiaXNzIjoiTE9DQUxfU1dJVENIX1ZFUklGSUVSIiwibmJmIjoxNzQwOTg2ODMyLCJleHAiOjE3NDA5OTA1NTIsImlhdCI6MTc0MDk4Njk1MiwianRpIjoiMDM1YTI3YTctODQ4NS00N2NkLTlhOGItZWVjYzUwMzEzZWU3In0.xoWs9R2xjNxEQaflZEC5jyrDalJjqhZ8sBS5fpwWO-s", "SWITCH-3": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtZWFzcmVzIjoic3VjY2VzcyIsIngtbnZpZGlhLXN3aXRjaC1hcmNoLWNoZWNrIjp0cnVlLCJ4LW52aWRpYS1zd2l0Y2gtYmlvcy12ZXJzaW9uIjoiOTYuMTAuNjkuMDAuMDEiLCJ4LW52aWRpYS1zd2l0Y2gtYXR0ZXN0YXRpb24tcmVwb3J0LWNlcnQtY2hhaW4tdmFsaWRhdGVkIjp0cnVlLCJ4LW52aWRpYS1zd2l0Y2gtYXR0ZXN0YXRpb24tcmVwb3J0LXBhcnNlZCI6dHJ1ZSwieC1udmlkaWEtc3dpdGNoLWF0dGVzdGF0aW9uLXJlcG9ydC1ub25jZS1tYXRjaCI6dHJ1ZSwieC1udmlkaWEtc3dpdGNoLWF0dGVzdGF0aW9uLXJlcG9ydC1zaWduYXR1cmUtdmVyaWZpZWQiOnRydWUsIngtbnZpZGlhLXN3aXRjaC1iaW9zLXJpbS1mZXRjaGVkIjp0cnVlLCJ4LW52aWRpYS1zd2l0Y2gtYmlvcy1yaW0tc2NoZW1hLXZhbGlkYXRlZCI6dHJ1ZSwieC1udmlkaWEtc3dpdGNoLWJpb3MtcmltLWNlcnQtdmFsaWRhdGVkIjp0cnVlLCJ4LW52aWRpYS1zd2l0Y2gtYmlvcy1yaW0tc2lnbmF0dXJlLXZlcmlmaWVkIjp0cnVlLCJ4LW52aWRpYS1zd2l0Y2gtYmlvcy1yaW0tbWVhc3VyZW1lbnRzLWF2YWlsYWJsZSI6dHJ1ZSwic2VjYm9vdCI6dHJ1ZSwiZGJnc3RhdCI6ImRpc2FibGVkIiwiZWF0X25vbmNlIjoiOTMxZDhkZDBhZGQyMDNhYzNkOGI0ZmJkZTc1ZTExNTI3OGVlZmNkY2VhYzViODc2NzFhNzQ4ZjMyMzY0ZGZjYiIsImh3bW9kZWwiOiJMU18xMCBBMDEgRlNQIEJST00iLCJ1ZWlkIjoiNDU0MDc4MDU4MTI3MjE0Nzc1OTU3MTU3ODgwMTI5NTU4NTg0MTU3MTI5ODY3Nzc1IiwiaXNzIjoiTE9DQUxfU1dJVENIX1ZFUklGSUVSIiwibmJmIjoxNzQwOTg2ODMyLCJleHAiOjE3NDA5OTA1NTIsImlhdCI6MTc0MDk4Njk1MiwianRpIjoiYTk1YzUwOTItNzQ1MC00ZjQwLWEwNjYtZDQ5MzhiNTYyMWVhIn0.gMqGKztMUtnebJpiTl2YPbVjQu82F5U0grINPC3****"}]}]
True

已知功能限制

由于异构机密计算特性基于TDX构建，TDX机密计算实例的功能限制对异构机密计算实例均适用，更多信息，请参见TDX实例已知功能限制。
开启GPU机密计算特性后，CPU与GPU之间的数据传输需要加解密，因此GPU相关的性能相较异构非机密计算实例存在一定损失。

使用异构机密计算注意事项

单GPU卡实例使用CUDA 12.4，NVIDIA的cuBLAS库存在已知问题，运行CUDA任务或大语言模型任务的时候可能会出错，需要安装特定版本的cuBLAS。
```
pip3 install nvidia-cublas-cu12==12.4.5.8
```
GPU开启机密计算特性后，初始化比较慢（特别是8 GPU卡机密实例），Guest OS启动后，请务必确认nvidia-persistenced服务已经启动完成，再执行nvidia-smi或者其他命令使用GPU，检查nvidia-persistenced服务状态的命令为：
```
systemctl status nvidia-persistenced | grep "Active: "
```
- activating (start)表示服务正在启动。
```
Active: activating (start) since Wed 2025-02-19 10:07:54 CST; 2min 20s ago
```
- active (running)表示服务运行中。
```
Active: active (running) since Wed 2025-02-19 10:10:28 CST; 22s ago
```

任何会使用GPU的自启动服务（例如cloudmonitor.service、ollama.service），都需要在nvidia-persistenced.service之后启动。

/usr/lib/systemd/system/nvidia-persistenced.service设置示例如下：

[Unit]
Description=NVIDIA Persistence Daemon
Wants=syslog.target
Before=cloudmonitor.service ollama.service
After=nvidia-fabricmanager.service

[Service]
Type=forking
ExecStart=/usr/bin/nvidia-persistenced --user root --uvm-persistence-mode --verbose
ExecStartPost=/usr/bin/nvidia-smi conf-compute -srs 1
ExecStopPost=/bin/rm -rf /var/run/nvidia-persistenced
TimeoutStartSec=900
TimeoutStopSec=60

[Install]
WantedBy=multi-user.target

配置项	说明
地域与可用区	华北2（北京）可用区L
实例规格	仅支持ecs.gn8v-tee.4xlarge及以上实例规格。
镜像	选择Alibaba Cloud Linux 3.2104 LTS 64位镜像。