google · daniel-weisse · Jul 28, 2025 · Jul 28, 2025
diff --git a/abi/abi.go b/abi/abi.go
@@ -76,6 +76,7 @@ const (
 	policyMemAES256XTSBit         = 22
 	policyRAPLDisBit              = 23
 	policyCipherTextHidingDRAMBit = 24
+	policyPageSwapDisableBit      = 25
 
 	maxPlatformInfoBit = 5
 
@@ -143,7 +144,7 @@ const (
 	// https://www.amd.com/system/files/TechDocs/56860.pdf
 	ReportVersion3 = 3
 	// MaxSupportedReportVersion is the highest attestation report version that this library supports.
-	MaxSupportedReportVersion = 4
+	MaxSupportedReportVersion = 5
 )
 
 // CertTableHeaderEntry defines an entry of the beginning of an extended attestation report which
@@ -229,6 +230,8 @@ type SnpPolicy struct {
 	RAPLDis bool
 	// CipherTextHidingDRAM is true if ciphertext hiding for the DRAM must be enabled.
 	CipherTextHidingDRAM bool
+	// PageSwapDisable is true if Guest access to SNP_PAGE_MOVE, SNP_SWAP_OUT and SNP_SWAP_IN commands is disabled.
+	PageSwapDisable bool
 }
 
 // ParseSnpPolicy interprets the SEV SNP API's guest policy bitmask into an SnpPolicy struct type.
@@ -237,7 +240,7 @@ func ParseSnpPolicy(guestPolicy uint64) (SnpPolicy, error) {
 	if guestPolicy&uint64(1<<policyReserved1bit) == 0 {
 		return result, fmt.Errorf("policy[%d] is reserved, must be 1, got 0", policyReserved1bit)
 	}
-	if err := mbz64(guestPolicy, "policy", 63, 25); err != nil {
+	if err := mbz64(guestPolicy, "policy", 63, 26); err != nil {
 		return result, err
 	}
 	result.ABIMinor = uint8(guestPolicy & 0xff)
@@ -250,6 +253,7 @@ func ParseSnpPolicy(guestPolicy uint64) (SnpPolicy, error) {
 	result.MemAES256XTS = (guestPolicy & (1 << policyMemAES256XTSBit)) != 0
 	result.RAPLDis = (guestPolicy & (1 << policyRAPLDisBit)) != 0
 	result.CipherTextHidingDRAM = (guestPolicy & (1 << policyCipherTextHidingDRAMBit)) != 0
+	result.PageSwapDisable = (guestPolicy & (1 << policyPageSwapDisableBit)) != 0
 	return result, nil
 }
 
@@ -558,7 +562,9 @@ func ReportToProto(data []uint8) (*pb.Report, error) {
 		return nil, err
 	}
 	r.LaunchTcb = binary.LittleEndian.Uint64(data[0x1F0:0x1F8])
-	if err := mbz(data, 0x1F8, signatureOffset); err != nil {
+	r.LaunchMitVector = binary.LittleEndian.Uint64(data[0x1F8:0x200])
+	r.CurrentMitVector = binary.LittleEndian.Uint64(data[0x200:0x208])
+	if err := mbz(data, 0x208, signatureOffset); err != nil {
 		return nil, err
 	}
 	if r.SignatureAlgo == SignEcdsaP384Sha384 {
@@ -716,6 +722,8 @@ func ReportToAbiBytes(r *pb.Report) ([]byte, error) {
 	data[0x1ED] = byte(r.CommittedMinor)
 	data[0x1EE] = byte(r.CommittedMajor)
 	binary.LittleEndian.PutUint64(data[0x1F0:0x1F8], r.LaunchTcb)
+	binary.LittleEndian.PutUint64(data[0x1F8:0x200], r.LaunchMitVector)
+	binary.LittleEndian.PutUint64(data[0x200:0x208], r.CurrentMitVector)
 
 	copy(data[signatureOffset:ReportSize], r.Signature[:])
 	return data, nil

diff --git a/proto/check/check.pb.go b/proto/check/check.pb.go
diff --git a/proto/fakekds/fakekds.pb.go b/proto/fakekds/fakekds.pb.go
diff --git a/proto/sevsnp.proto b/proto/sevsnp.proto
@@ -57,6 +57,8 @@ message Report {
   bytes signature = 28;  // Should be 512 bytes long
 
   uint32 cpuid1eax_fms = 29;  // The cpuid(1).eax & 0x0fff0fff representation of family/model/stepping
+  uint64 launch_mit_vector = 30; // The verified mitigation vector value at the time the guest was launched
+  uint64 current_mit_vector = 31; // Value of the current verified mitigation vector
 }
 
 message CertificateChain {

diff --git a/proto/sevsnp/sevsnp.pb.go b/proto/sevsnp/sevsnp.pb.go