diff --git a/Cargo.lock b/Cargo.lock
index baf7a8124..57a608a65 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -210,22 +210,23 @@ dependencies = [
 
 [[package]]
 name = "dirs"
-version = "4.0.0"
+version = "5.0.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ca3aa72a6f96ea37bbc5aa912f6788242832f75369bdfdadcb0e38423f100059"
+checksum = "44c45a9d03d6676652bcb5e724c7e988de1acad23a711b5217ab9cbecbec2225"
 dependencies = [
  "dirs-sys",
 ]
 
 [[package]]
 name = "dirs-sys"
-version = "0.3.6"
+version = "0.4.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "03d86534ed367a67548dc68113a0f5db55432fdfbb6e6f9d77704397d95d5780"
+checksum = "520f05a5cbd335fae5a99ff7a6ab8627577660ee5cfd6a94a6a929b52ff0321c"
 dependencies = [
  "libc",
+ "option-ext",
  "redox_users",
- "winapi",
+ "windows-sys 0.48.0",
 ]
 
 [[package]]
@@ -331,9 +332,9 @@ checksum = "b71991ff56294aa922b450139ee08b3bfc70982c6b2c7562771375cf73542dd4"
 
 [[package]]
 name = "kbs-types"
-version = "0.2.0"
+version = "0.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "cf54492d453c6c287fd130112e58a7588ddb3f28b4dea44daf32000f99e13077"
+checksum = "9844a35cb1eaa52d9527f7eb062ce0be35a46080655997c3357db7231ded9b7c"
 dependencies = [
  "serde",
  "serde_json",
@@ -519,6 +520,12 @@ dependencies = [
  "vcpkg",
 ]
 
+[[package]]
+name = "option-ext"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "04744f49eae99ab78e0d5c0b603ab218f515ea8cfe5a456d7629ad883a3b6e7d"
+
 [[package]]
 name = "pkg-config"
 version = "0.3.19"
@@ -651,7 +658,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "88d6731146462ea25d9244b2ed5fd1d716d25c52e4d54aa4fb0f3c4e9854dbe2"
 dependencies = [
  "lazy_static",
- "windows-sys",
+ "windows-sys 0.36.1",
 ]
 
 [[package]]
@@ -665,9 +672,9 @@ dependencies = [
 
 [[package]]
 name = "serde-big-array"
-version = "0.4.1"
+version = "0.5.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3323f09a748af288c3dc2474ea6803ee81f118321775bffa3ac8f7e65c5e90e7"
+checksum = "11fc7cc2c76d73e0f27ee52abbd64eec84d46f370c88371120433196934e4b7f"
 dependencies = [
  "serde",
 ]
@@ -705,15 +712,16 @@ dependencies = [
 
 [[package]]
 name = "sev"
-version = "1.1.0"
+version = "1.2.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a8c8ec2a5131be61bba9ffad92aead45bd27805c9701d265b7196d4914299b98"
+checksum = "7fd749a01c88a51ac718b59fe571177b31e478dfe059267977042477a0531224"
 dependencies = [
  "bincode",
  "bitfield",
  "bitflags",
  "codicon",
  "dirs",
+ "hex",
  "iocuddle",
  "kvm-ioctls",
  "openssl",
@@ -792,6 +800,9 @@ name = "uuid"
 version = "1.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1674845326ee10d37ca60470760d4288a6f80f304007d92e5c53bab78c9cfd79"
+dependencies = [
+ "serde",
+]
 
 [[package]]
 name = "vcpkg"
@@ -908,39 +919,105 @@ version = "0.36.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "ea04155a16a59f9eab786fe12a4a450e75cdb175f9e0d80da1e17db09f55b8d2"
 dependencies = [
- "windows_aarch64_msvc",
- "windows_i686_gnu",
- "windows_i686_msvc",
- "windows_x86_64_gnu",
- "windows_x86_64_msvc",
+ "windows_aarch64_msvc 0.36.1",
+ "windows_i686_gnu 0.36.1",
+ "windows_i686_msvc 0.36.1",
+ "windows_x86_64_gnu 0.36.1",
+ "windows_x86_64_msvc 0.36.1",
+]
+
+[[package]]
+name = "windows-sys"
+version = "0.48.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9"
+dependencies = [
+ "windows-targets",
+]
+
+[[package]]
+name = "windows-targets"
+version = "0.48.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9a2fa6e2155d7247be68c096456083145c183cbbbc2764150dda45a87197940c"
+dependencies = [
+ "windows_aarch64_gnullvm",
+ "windows_aarch64_msvc 0.48.5",
+ "windows_i686_gnu 0.48.5",
+ "windows_i686_msvc 0.48.5",
+ "windows_x86_64_gnu 0.48.5",
+ "windows_x86_64_gnullvm",
+ "windows_x86_64_msvc 0.48.5",
 ]
 
+[[package]]
+name = "windows_aarch64_gnullvm"
+version = "0.48.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8"
+
 [[package]]
 name = "windows_aarch64_msvc"
 version = "0.36.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "9bb8c3fd39ade2d67e9874ac4f3db21f0d710bee00fe7cab16949ec184eeaa47"
 
+[[package]]
+name = "windows_aarch64_msvc"
+version = "0.48.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc"
+
 [[package]]
 name = "windows_i686_gnu"
 version = "0.36.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "180e6ccf01daf4c426b846dfc66db1fc518f074baa793aa7d9b9aaeffad6a3b6"
 
+[[package]]
+name = "windows_i686_gnu"
+version = "0.48.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e"
+
 [[package]]
 name = "windows_i686_msvc"
 version = "0.36.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "e2e7917148b2812d1eeafaeb22a97e4813dfa60a3f8f78ebe204bcc88f12f024"
 
+[[package]]
+name = "windows_i686_msvc"
+version = "0.48.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406"
+
 [[package]]
 name = "windows_x86_64_gnu"
 version = "0.36.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "4dcd171b8776c41b97521e5da127a2d86ad280114807d0b2ab1e462bc764d9e1"
 
+[[package]]
+name = "windows_x86_64_gnu"
+version = "0.48.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e"
+
+[[package]]
+name = "windows_x86_64_gnullvm"
+version = "0.48.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc"
+
 [[package]]
 name = "windows_x86_64_msvc"
 version = "0.36.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c811ca4a8c853ef420abd8592ba53ddbbac90410fab6903b3e79972a631f7680"
+
+[[package]]
+name = "windows_x86_64_msvc"
+version = "0.48.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538"
diff --git a/src/devices/src/bus.rs b/src/devices/src/bus.rs
index 968957325..a1dd4d061 100644
--- a/src/devices/src/bus.rs
+++ b/src/devices/src/bus.rs
@@ -69,7 +69,7 @@ impl Ord for BusRange {
 
 impl PartialOrd for BusRange {
     fn partial_cmp(&self, other: &BusRange) -> Option<Ordering> {
-        self.0.partial_cmp(&other.0)
+        Some(self.cmp(other))
     }
 }
 
diff --git a/src/libkrun/src/lib.rs b/src/libkrun/src/lib.rs
index d9e10ebb3..6fe0e9e1a 100644
--- a/src/libkrun/src/lib.rs
+++ b/src/libkrun/src/lib.rs
@@ -638,6 +638,7 @@ unsafe fn collapse_str_array(array: &[*const c_char]) -> Result<String, std::str
     Ok(strvec.join(" "))
 }
 
+#[allow(clippy::format_collect)]
 #[allow(clippy::missing_safety_doc)]
 #[no_mangle]
 pub unsafe extern "C" fn krun_set_exec(
@@ -695,6 +696,7 @@ pub unsafe extern "C" fn krun_set_exec(
     KRUN_SUCCESS
 }
 
+#[allow(clippy::format_collect)]
 #[allow(clippy::missing_safety_doc)]
 #[no_mangle]
 pub unsafe extern "C" fn krun_set_env(ctx_id: u32, c_envp: *const *const c_char) -> i32 {
diff --git a/src/vmm/Cargo.toml b/src/vmm/Cargo.toml
index 4ab17bac6..7122eedf4 100644
--- a/src/vmm/Cargo.toml
+++ b/src/vmm/Cargo.toml
@@ -24,11 +24,11 @@ polly = { path = "../polly" }
 
 # Dependencies for amd-sev
 codicon = { version = "3.0.0", optional = true }
-kbs-types = { version = "0.2.0", features = ["tee-sev", "tee-snp"], optional = true }
+kbs-types = { version = "0.4.0", features = ["tee-sev", "tee-snp"], optional = true }
 procfs = { version = "0.12", optional = true }
 serde = { version = "1.0.125", optional = true }
 serde_json = { version = "1.0.64", optional = true }
-sev = { version = "1.0.0", features = ["openssl"], optional = true }
+sev = { version = "1.2.0", features = ["openssl"], optional = true }
 curl = { version = "0.4", optional = true }
 
 [target.'cfg(target_arch = "x86_64")'.dependencies]
diff --git a/src/vmm/src/builder.rs b/src/vmm/src/builder.rs
index 8b6f1cc53..9a6e9143b 100644
--- a/src/vmm/src/builder.rs
+++ b/src/vmm/src/builder.rs
@@ -353,7 +353,7 @@ pub fn build_microvm(
     };
 
     #[cfg(not(feature = "tee"))]
-    let mut vm = setup_vm(&guest_memory)?;
+    let vm = setup_vm(&guest_memory)?;
 
     #[cfg(feature = "tee")]
     let (kvm, mut vm) = {
@@ -482,7 +482,7 @@ pub fn build_microvm(
     // while on aarch64 we need to do it the other way around.
     #[cfg(target_arch = "x86_64")]
     {
-        setup_interrupt_controller(&mut vm)?;
+        setup_interrupt_controller(&vm)?;
         attach_legacy_devices(&vm, &mut pio_device_manager)?;
 
         vcpus = create_vcpus_x86_64(
@@ -795,7 +795,7 @@ pub(crate) fn setup_vm(
 
 /// Sets up the irqchip for a x86_64 microVM.
 #[cfg(target_arch = "x86_64")]
-pub fn setup_interrupt_controller(vm: &mut Vm) -> std::result::Result<(), StartMicrovmError> {
+pub fn setup_interrupt_controller(vm: &Vm) -> std::result::Result<(), StartMicrovmError> {
     vm.setup_irqchip()
         .map_err(Error::Vm)
         .map_err(StartMicrovmError::Internal)
diff --git a/src/vmm/src/linux/tee/amdsev.rs b/src/vmm/src/linux/tee/amdsev.rs
index 5db09e3d1..0bbdf121d 100644
--- a/src/vmm/src/linux/tee/amdsev.rs
+++ b/src/vmm/src/linux/tee/amdsev.rs
@@ -189,7 +189,7 @@ fn find_cpu_model() -> Result<CpuModel, Error> {
     }
 }
 
-fn fetch_chain(fw: &mut Firmware, curl_agent: &mut CurlAgent) -> Result<certs::Chain, Error> {
+fn fetch_chain(fw: &mut Firmware, curl_agent: &mut CurlAgent) -> Result<certs::sev::Chain, Error> {
     const CEK_SVC: &str = "https://kdsintf.amd.com/cek/id";
     const ASK_ARK_SVC: &str = "https://developer.amd.com/wp-content/resources/";
 
@@ -203,8 +203,8 @@ fn fetch_chain(fw: &mut Firmware, curl_agent: &mut CurlAgent) -> Result<certs::C
         .get(&format!("{}/{}", CEK_SVC, id))
         .map_err(Error::DownloadCek)?;
 
-    chain.cek =
-        (certs::sev::Certificate::decode(&mut rsp.as_slice(), ())).map_err(|_| Error::DecodeCek)?;
+    chain.cek = (certs::sev::sev::Certificate::decode(&mut rsp.as_slice(), ()))
+        .map_err(|_| Error::DecodeCek)?;
 
     let cpu_model = find_cpu_model()?;
 
@@ -212,8 +212,9 @@ fn fetch_chain(fw: &mut Firmware, curl_agent: &mut CurlAgent) -> Result<certs::C
         .get(&format!("{}/ask_ark_{}.cert", ASK_ARK_SVC, cpu_model))
         .map_err(Error::DownloadCek)?;
 
-    Ok(certs::Chain {
-        ca: certs::ca::Chain::decode(&mut rsp.as_slice(), ()).map_err(|_| Error::DecodeAskArk)?,
+    Ok(certs::sev::Chain {
+        ca: certs::sev::ca::Chain::decode(&mut rsp.as_slice(), ())
+            .map_err(|_| Error::DecodeAskArk)?,
         sev: chain,
     })
 }
@@ -228,14 +229,14 @@ fn get_and_store_chain(
     fw: &mut Firmware,
     tee_config: &TeeConfig,
     curl_agent: &mut CurlAgent,
-) -> Result<certs::Chain, Error> {
+) -> Result<certs::sev::Chain, Error> {
     let cert_config: SevCertConfig =
         serde_json::from_str(&tee_config.tee_data).map_err(Error::ParseSevCertConfig)?;
 
     if !cert_config.vendor_chain.is_empty() {
         let filepath = Path::new(&cert_config.vendor_chain);
         let mut file = File::open(filepath).map_err(Error::OpenChainFile)?;
-        Ok(certs::Chain::decode(&mut file, ()).map_err(|_| Error::DecodeChain)?)
+        Ok(certs::sev::Chain::decode(&mut file, ()).map_err(|_| Error::DecodeChain)?)
     } else {
         let chain = fetch_chain(fw, curl_agent)?;
         let mut file = File::create("/tmp/libkrun-sev.chain").map_err(|_| Error::OpenTmpFile)?;
@@ -250,7 +251,7 @@ fn get_and_store_chain(
 #[derive(Serialize, Deserialize)]
 struct SessionRequest {
     build: sev::Build,
-    chain: sev::certs::Chain,
+    chain: sev::certs::sev::Chain,
 }
 
 /// Payload received from the attestation server on session request.
@@ -408,6 +409,7 @@ impl AmdSev {
 
         if !self.tee_config.attestation_url.is_empty() {
             let tee_pubkey = TeePubKey {
+                kty: "".to_string(),
                 alg: "".to_string(),
                 k_mod: "".to_string(),
                 k_exp: "".to_string(),