i don't think the information that unprivilleged VMs can obtain from that is necessarily reliable. for example with Xen as hypervisor only dom0 is privilleged (as management console for the system) and still it needs to call dedicated tooling in order to read or manage CPU features like clock speed or frequency scaling
Yes, it is. You do have to have some infrastructure you trust somewhere to validate an attestation report from the confidential VM.
The SEV-SNP attestation includes the microcode version. https://www.amd.com/content/dam/amd/en/documents/developer/l...
/proc/cpuinfo shows the current microcode version
i don't think the information that unprivilleged VMs can obtain from that is necessarily reliable. for example with Xen as hypervisor only dom0 is privilleged (as management console for the system) and still it needs to call dedicated tooling in order to read or manage CPU features like clock speed or frequency scaling