Hi Joey,
Thank you for your patience while we were reviewing your question. The issue needed deeper investigation. I have checked with the internal team, and they have given the solution. as below:
You can suggest the customer to run below command to check the status
cpuid -l 0x4000000C -1 | awk '$4 ~ /^ebx=.2$/ { print "AMD SEV-SNP is enabled"}'
The -l flag specifies the leaf to query, where 0x4000000C is a leaf specific to querying AMD SEV-SNP features.
The -1 flag means to print the result of the CPUID instruction for this specific leaf.
~ /^ebx=.*2$/ is a pattern matching condition that checks if ebx contains a value ending with 2. The value of ebx here could indicate SEV-SNP feature.
In short, above command checks if AMD SEV-SNP is enabled on the system by querying the CPU features. If the condition is met, it prints the message “AMD SEV-SNP is enabled".
Beyond what is mentioned above, recently Azure has published one blog about openHCL.
Azure confidential VMs use the concept of a paravisor to implement enlightenment on behalf of the guest OS so that the guest OS can run mostly unmodified inside a CVM across various hardware providers. With the paravisor, the guest OS does not need to be fully enlightened to run confidential in Azure, meaning that we can support older OS versions on Azure confidential VMs.
OpenHCL is an implementation of the paravisor for Confidential VMs in Azure, that will soon be available in the Azure fleet. The OpenHCL VTL2 partition is used to securely host the guest paravisor firmware layer for confidential VM support. As mentioned above, OpenHCL will effectively allow guest VMs to run as confidential VMs in Azure, adding support across a wide variety of guest OS’s and confidential hardware providers.
Because of Azure implementation methodology of confidential VM leveraging paravisor, the tool sevctl released by AMD does not work. We also recommend customers to leverage CVM guest attestation to attest it is truly confidential VM with security feature turned on.
If you have any further queries, do let us know.
If the answer is helpful, please click "Accept Answer" and "Upvote it."