- [Verifier](#verifier)
- [System Requirements:](#system-requirements)
- [Pre-requisites:](#pre-requisites)
- [Install](#install)
- [Step 1: Elevate to Root User Privileges (Optional)](#step-1-elevate-to-root-user-privileges-optional)
- [Step 2: Create a new Python Virtual Environment](#step-2-create-a-new-python-virtual-environment)
- [Installation](#installation)
- [Method 1: Installation from Source](#method-1-installation-from-source)
- [Method 2: From PyPI](#method-2-from-pypi)
- [Troubleshooting Installation Issues](#troubleshooting-installation-issues)
- [Usage](#usage)
- [Module details:](#module-details)
- [rim](#rim)
- [attestation](#attestation)
- [nvmlHandler](#nvmlhandler)
- [verifier](#verifier-1)
- [cc\_admin](#cc_admin)
- [Claims and Troubleshooting information](#claims-and-troubleshooting-information)
# Verifier
The Verifier is a Python-based tool that validates GPU measurements by comparing an authenticated attestation report containing runtime measurements with authenticated golden measurements. Its purpose is to verify if the software and hardware state of the GPU are in accordance with the intended state.
The Verifier tool is compatible with both single-GPU and multi-GPU systems.
## System Requirements:
- NVIDIA Hopper H100 GPU or newer
- GPU SKU with Confidential Compute(CC)
- NVIDIA GPU driver installed
## Pre-requisites:
Requires Python 3.8 or later.
## Install
### Step 1: Elevate to Root User Privileges (Optional)
If you want the verifier to set the GPU Ready State based on the Attestation results, you will need to elevate the user privileges to root before you execute the rest of the instructions. For use cases where the user does not intend to set the GPU Ready State (e.g., when using the Attestation SDK), you can install and run the Verifier tool without requiring sudo privileges.
sudo -i
### Step 2: Create a new Python Virtual Environment
python3 -m venv ./prodtest
source ./prodtest/bin/activate
### Installation
#### Method 1: Installation from Source
git clone https://github.com/NVIDIA/nvtrust.git
cd nvtrust/guest_tools/gpu_verifiers/local_gpu_verifier
pip3 install .
python3 -m verifier.cc_admin
#### Method 2: From PyPI
pip3 install nv-local-gpu-verifier
python3 -m verifier.cc_admin
### Troubleshooting Installation Issues
- If you encounter any pip related issues while building the package, please execute the following commands to update to the latest versions of setuptools and pip
python3 -m pip install --upgrade setuptools
pip install -U pip
- If you encounter any permission issues while building the package, please execute the following commands and then build the package again
cd local_gpu_verifier
rm -r build
- If you encounter subprocess-related issues while installing the package similar to the below:
Installing build dependencies ... done
Getting requirements to build wheel ... error
error: subprocess-exited-with-error
× Getting requirements to build wheel did not run successfully.
│ exit code: 1
╰─> [2 lines of output]
running egg_info
error: Cannot update time stamp of directory 'src/nv_local_gpu_verifier.egg-info'
[end of output]
note: This error originates from a subprocess and is likely not a problem with pip.
error: subprocess-exited-with-error
× Getting requirements to build wheel did not run successfully.
│ exit code: 1
╰─> See above for output.
Kindly follow the below steps and then re-try the installation:
rm -rf src/nv_local_gpu_verifier.egg-info
rm -rf /build
- If you encounter warning and installation issues similar to the below while installing the package:
`WARNING: Ignoring invalid distribution ~v-local-gpu-verifier <site-package-directory>`
Please execute the following commands to clean up packages that were not installed properly and then re-try the installation:
rm -rf $(ls -l <site-packages-directory> | grep '~' | awk '{print $9}')
## Usage
To run the cc_admin module, use the following command:
python3 -m verifier.cc_admin [-h] [-v] [--test_no_gpu] [--driver_rim DRIVER_RIM] [--vbios_rim VBIOS_RIM] [--user_mode] [--nonce] [--allow_hold_cert]
| Option | Description |
|---------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `-h, --help` | Show this help message and exit |
| `-v, --verbose` | Print more detailed output |
| `--test_no_gpu` | If there is no GPU and we need to test the verifier, no NVML APIs will be available, so the verifier will use hardcoded GPU info |
| `--driver_rim DRIVER_RIM` | The path to the driver RIM. If not provided, it will use the default file: `/usr/share/nvidia/rim/RIM_GH100PROD.swidtag` |
| `--vbios_rim VBIOS_RIM` | The path to the VBIOS RIM. If not provided, it will try to find the appropriate file in `verifier_cc/samples/` directory for the VBIOS ROM flashed onto the GPU |
| `--user_mode` | Runs the GPU attestation in user mode |
| `--allow_hold_cert` | Continue attestation if the OCSP revocation status of the certificate in the RIM files is 'certificate_hold' |
| `--nonce` | Specify a Nonce for Attestation Report |
| `--rim_root_cert RIM_ROOT_CERT` | The absolute path to the root certificate is to be used for verifying the certificate chain of the driver and VBIOS RIM certificate chain |
| `--rim_service_url RIM_SERVICE_URL` | The URL to be used for fetching driver and VBIOS RIM files (e.g., `https://rim.nvidia.com/rims/`) |
If you need information about any function, use
help(function_name)
For example:
e.g. help(verify_measurement_signature)
## Module details:
### rim
The RIM (Reference Integrity Manifest) is a manifest containing golden measurements for the GPU. You can find the TCG RIM specification at the following link: [TCG RIM Specification](https://trustedcomputinggroup.org/wp-content/uploads/TCG_RIM_Model_v1p01_r0p16_pub.pdf). The RIM module performs the parsing and schema validation of the base RIM against the SWID tag schema and XML signature schema. It then performs the signature verification of the base RIM.
### attestation
The Attestation module is capable of extracting the measurements and the measurement signature. It then performs signature verification. DMTF's SPDM 1.1 MEASUREMENT response message is used as the attestation report. You can find the SPDM 1.1 specification at the following link: [SPDM 1.1 Specification](https://www.dmtf.org/sites/default/files/standards/documents/DSP0274_1.1.3.pdf).
### nvmlHandler
The nvmlHandler module uses the NVML API calls to retrieve GPU information, including the driver version, GPU certificates, attestation report, and more.
### verifier
The verifier module uses the RIM attestation module for parsing the attestation report and performing a runtime comparison of the measurements in the attestation report against the golden measurements stored in RIM.
### cc_admin
The cc_admin module retrieves the GPU information, attestation report, and the driver RIM associated with the driver version. It then proceeds with the authentication of the driver RIM and the attestation report. Afterward, it executes the verifier tool to compare the runtime measurements in the attestation report with the golden measurements stored in the driver RIM.
## Compatibility Matrix
Local GPU Verifier Version | Driver version |
--------------- |---------------------------|
v1.1.0 | r550TRD1
v1.2.0 | r550TRD2
v1.3.0 | r550TRD3
v1.4.0 | r550TRD4
v1.5.0 | r550TRD5
v2.0.0 | r550TRD6
v2.1.0 | r550TRD7, r550TRD6, r550TRD5
## Claims and Troubleshooting information
For local and remote verifier claims information for NVIDIA GPUs, switches, and related troubleshooting information, please refer to the [Attestation Troubleshooting documentation](../../attestation_troubleshooting_guide.md).
Raw data
{
"_id": null,
"home_page": null,
"name": "nv-local-gpu-verifier",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.7",
"maintainer_email": null,
"keywords": "confidential-computing, local-gpu-verifier, attestation, NVIDIA, verifier",
"author": "NVIDIA",
"author_email": null,
"download_url": null,
"platform": null,
"description": "- [Verifier](#verifier)\n - [System Requirements:](#system-requirements)\n - [Pre-requisites:](#pre-requisites)\n - [Install](#install)\n - [Step 1: Elevate to Root User Privileges (Optional)](#step-1-elevate-to-root-user-privileges-optional)\n - [Step 2: Create a new Python Virtual Environment](#step-2-create-a-new-python-virtual-environment)\n - [Installation](#installation)\n - [Method 1: Installation from Source](#method-1-installation-from-source)\n - [Method 2: From PyPI](#method-2-from-pypi)\n - [Troubleshooting Installation Issues](#troubleshooting-installation-issues)\n - [Usage](#usage)\n - [Module details:](#module-details)\n - [rim](#rim)\n - [attestation](#attestation)\n - [nvmlHandler](#nvmlhandler)\n - [verifier](#verifier-1)\n - [cc\\_admin](#cc_admin)\n - [Claims and Troubleshooting information](#claims-and-troubleshooting-information)\n\n\n# Verifier\n\nThe Verifier is a Python-based tool that validates GPU measurements by comparing an authenticated attestation report containing runtime measurements with authenticated golden measurements. Its purpose is to verify if the software and hardware state of the GPU are in accordance with the intended state.\nThe Verifier tool is compatible with both single-GPU and multi-GPU systems.\n\n## System Requirements:\n- NVIDIA Hopper H100 GPU or newer\n- GPU SKU with Confidential Compute(CC)\n- NVIDIA GPU driver installed\n\n\n## Pre-requisites:\n Requires Python 3.8 or later.\n\n## Install\n\n### Step 1: Elevate to Root User Privileges (Optional)\n\nIf you want the verifier to set the GPU Ready State based on the Attestation results, you will need to elevate the user privileges to root before you execute the rest of the instructions. For use cases where the user does not intend to set the GPU Ready State (e.g., when using the Attestation SDK), you can install and run the Verifier tool without requiring sudo privileges.\n\n sudo -i\n\n### Step 2: Create a new Python Virtual Environment\n\n python3 -m venv ./prodtest\n source ./prodtest/bin/activate\n\n### Installation \n#### Method 1: Installation from Source\n\n git clone https://github.com/NVIDIA/nvtrust.git\n cd nvtrust/guest_tools/gpu_verifiers/local_gpu_verifier\n pip3 install .\n python3 -m verifier.cc_admin\n\n#### Method 2: From PyPI\n\n pip3 install nv-local-gpu-verifier\n python3 -m verifier.cc_admin\n\n### Troubleshooting Installation Issues\n\n- If you encounter any pip related issues while building the package, please execute the following commands to update to the latest versions of setuptools and pip\n\n python3 -m pip install --upgrade setuptools\n pip install -U pip\n\n- If you encounter any permission issues while building the package, please execute the following commands and then build the package again\n\n cd local_gpu_verifier\n rm -r build\n- If you encounter subprocess-related issues while installing the package similar to the below:\n\n Installing build dependencies ... done\n Getting requirements to build wheel ... error\n error: subprocess-exited-with-error\n \u00d7 Getting requirements to build wheel did not run successfully.\n \u2502 exit code: 1\n \u2570\u2500> [2 lines of output]\n running egg_info\n error: Cannot update time stamp of directory 'src/nv_local_gpu_verifier.egg-info'\n [end of output]\n note: This error originates from a subprocess and is likely not a problem with pip.\n error: subprocess-exited-with-error\n \u00d7 Getting requirements to build wheel did not run successfully.\n \u2502 exit code: 1\n \u2570\u2500> See above for output.\n Kindly follow the below steps and then re-try the installation:\n\n rm -rf src/nv_local_gpu_verifier.egg-info \n rm -rf /build\n- If you encounter warning and installation issues similar to the below while installing the package:\n `WARNING: Ignoring invalid distribution ~v-local-gpu-verifier <site-package-directory>`\n Please execute the following commands to clean up packages that were not installed properly and then re-try the installation:\n \n rm -rf $(ls -l <site-packages-directory> | grep '~' | awk '{print $9}')\n\n\n## Usage\nTo run the cc_admin module, use the following command:\n\n python3 -m verifier.cc_admin [-h] [-v] [--test_no_gpu] [--driver_rim DRIVER_RIM] [--vbios_rim VBIOS_RIM] [--user_mode] [--nonce] [--allow_hold_cert]\n\n| Option | Description |\n|---------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| `-h, --help` | Show this help message and exit |\n| `-v, --verbose` | Print more detailed output |\n| `--test_no_gpu` | If there is no GPU and we need to test the verifier, no NVML APIs will be available, so the verifier will use hardcoded GPU info |\n| `--driver_rim DRIVER_RIM` | The path to the driver RIM. If not provided, it will use the default file: `/usr/share/nvidia/rim/RIM_GH100PROD.swidtag` |\n| `--vbios_rim VBIOS_RIM` | The path to the VBIOS RIM. If not provided, it will try to find the appropriate file in `verifier_cc/samples/` directory for the VBIOS ROM flashed onto the GPU |\n| `--user_mode` | Runs the GPU attestation in user mode |\n| `--allow_hold_cert` | Continue attestation if the OCSP revocation status of the certificate in the RIM files is 'certificate_hold' |\n| `--nonce` | Specify a Nonce for Attestation Report |\n| `--rim_root_cert RIM_ROOT_CERT` | The absolute path to the root certificate is to be used for verifying the certificate chain of the driver and VBIOS RIM certificate chain |\n| `--rim_service_url RIM_SERVICE_URL` | The URL to be used for fetching driver and VBIOS RIM files (e.g., `https://rim.nvidia.com/rims/`) |\n\n\nIf you need information about any function, use\n \n help(function_name)\n\nFor example:\n\n e.g. help(verify_measurement_signature)\n\n\n## Module details:\n### rim \nThe RIM (Reference Integrity Manifest) is a manifest containing golden measurements for the GPU. You can find the TCG RIM specification at the following link: [TCG RIM Specification](https://trustedcomputinggroup.org/wp-content/uploads/TCG_RIM_Model_v1p01_r0p16_pub.pdf). The RIM module performs the parsing and schema validation of the base RIM against the SWID tag schema and XML signature schema. It then performs the signature verification of the base RIM.\n\n### attestation\nThe Attestation module is capable of extracting the measurements and the measurement signature. It then performs signature verification. DMTF's SPDM 1.1 MEASUREMENT response message is used as the attestation report. You can find the SPDM 1.1 specification at the following link: [SPDM 1.1 Specification](https://www.dmtf.org/sites/default/files/standards/documents/DSP0274_1.1.3.pdf).\n\n### nvmlHandler\nThe nvmlHandler module uses the NVML API calls to retrieve GPU information, including the driver version, GPU certificates, attestation report, and more.\n\n### verifier\nThe verifier module uses the RIM attestation module for parsing the attestation report and performing a runtime comparison of the measurements in the attestation report against the golden measurements stored in RIM.\n\n### cc_admin\nThe cc_admin module retrieves the GPU information, attestation report, and the driver RIM associated with the driver version. It then proceeds with the authentication of the driver RIM and the attestation report. Afterward, it executes the verifier tool to compare the runtime measurements in the attestation report with the golden measurements stored in the driver RIM.\n\n## Compatibility Matrix\n\nLocal GPU Verifier Version | Driver version | \n--------------- |---------------------------|\nv1.1.0 | r550TRD1\nv1.2.0 | r550TRD2\nv1.3.0 | r550TRD3\nv1.4.0 | r550TRD4\nv1.5.0 | r550TRD5\nv2.0.0 | r550TRD6\nv2.1.0 | r550TRD7, r550TRD6, r550TRD5\n## Claims and Troubleshooting information\nFor local and remote verifier claims information for NVIDIA GPUs, switches, and related troubleshooting information, please refer to the [Attestation Troubleshooting documentation](../../attestation_troubleshooting_guide.md).\n",
"bugtrack_url": null,
"license": "BSD-3-Clause",
"summary": "A Python-based tool that validates GPU measurements by comparing GPU runtime measurements with authenticated golden measurements",
"version": "2.1.0",
"project_urls": null,
"split_keywords": [
"confidential-computing",
" local-gpu-verifier",
" attestation",
" nvidia",
" verifier"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "147a24e0625e602f5263d5c27a82b985978ea3f665365d41bababceb2315a0b9",
"md5": "9225a6933807ef20afa5422bf2e0a3c4",
"sha256": "dbaf0294fd3ab4a9f51bf7c81cc1048fbd00316b0518375079ee3280ff826f67"
},
"downloads": -1,
"filename": "nv_local_gpu_verifier-2.1.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "9225a6933807ef20afa5422bf2e0a3c4",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.7",
"size": 206607,
"upload_time": "2024-11-22T23:46:08",
"upload_time_iso_8601": "2024-11-22T23:46:08.887118Z",
"url": "https://files.pythonhosted.org/packages/14/7a/24e0625e602f5263d5c27a82b985978ea3f665365d41bababceb2315a0b9/nv_local_gpu_verifier-2.1.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-11-22 23:46:08",
"github": false,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"lcname": "nv-local-gpu-verifier"
}