Integration of go-tpm-tools with go-tdx-guest #347
Conversation
|
Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). View this failed invocation of the CLA check for more information. For the most up to date status, view the checks section at the bottom of the pull request. |
| case pb.GCEConfidentialTechnology_AMD_SEV: // Not verifiable on GCE | ||
| return nil | ||
| case pb.GCEConfidentialTechnology_AMD_SEV_ES: // Not verifiable on GCE | ||
| return nil |
There was a problem hiding this comment.
return an error if opts is non-nil for all NONE, SEV, and SEV_ES cases. Add a test case for that expecting to verify SEV-SNP on SEV is an error.
There was a problem hiding this comment.
I have implemented the changes for NONE, SEV and SEV-ES.
For test :
It tries to parse the Eventlog to get the value for state.Platform.GetTechnology().
for testing we need to modify this. Is it possible?
BTW I have already added a test when --tee_technology flag is set to sev, instead of sev-snp in cmd/attest_test.go .
Error in this case would be tee-technology should be either empty or should have values sev-snp or tdx
There was a problem hiding this comment.
I don't know what possibility you're asking for. I'll defer to Alex.
There was a problem hiding this comment.
IIUC, it will detect the hardware technology enabled on the cvm by itself only.
client/attest.go
Outdated
| func (d *TdxDevice) AddAttestation(attestation *pb.Attestation, opts AttestOpts) error { | ||
| var tdxNonce [tabi.TdReportDataSize]byte | ||
| if len(opts.TEENonce) == 0 { | ||
| copy(tdxNonce[:], opts.Nonce[:]) |
There was a problem hiding this comment.
opts.Nonce is already a slice, so I think [:] is not needed
Also do we care about the size of opts.Nonce (what if it's zero)?
There was a problem hiding this comment.
Nonce can not be zero. Check for this is already there
if len(opts.Nonce) == 0 {
return nil, fmt.Errorf("provided nonce must not be empty")
}
nonce can be of any size. For teenonce the size is fixed.
There was a problem hiding this comment.
Yes, slicing is not required. I have changed it.
There was a problem hiding this comment.
I have tested the implementation and it is working fine.
And for copy(tdxNonce[:], opts.Nonce[:]) , if length of nonce is less that 64 then it will concatenate zeros at the end.
There was a problem hiding this comment.
If the user does not provide a teenonce, then the nonce will be used as the teenonce, either concatenated with zeroes or truncated to make it 64 bytes long.
But If teenonce is present, then it must be 64 bytes in length.
proto/gen_attest.sh
Outdated
| #!/bin/bash | ||
|
|
||
| protoc -I. -I`go list -m -f "{{.Dir}}" github.com/google/go-sev-guest` --go_out=. --go_opt=module=github.com/google/go-tpm-tools/proto attest.proto | ||
| protoc -I. -I`go list -m -f "{{.Dir}}" github.com/google/go-sev-guest` -I`go list -m -f "{{.Dir}}" github.com/google/go-tdx-guest` --go_out=. --go_opt=module=github.com/google/go-tpm-tools/proto attest.proto |
There was a problem hiding this comment.
There is no new line at the EOF.
Do you want me to add a blank line?
There was a problem hiding this comment.
yes, because I think the original file has a new line at the end
proto/gen_attest.sh
Outdated
| #!/bin/bash | ||
|
|
||
| protoc -I. -I`go list -m -f "{{.Dir}}" github.com/google/go-sev-guest` --go_out=. --go_opt=module=github.com/google/go-tpm-tools/proto attest.proto | ||
| protoc -I. -I`go list -m -f "{{.Dir}}" github.com/google/go-sev-guest` -I`go list -m -f "{{.Dir}}" github.com/google/go-tdx-guest` --go_out=. --go_opt=module=github.com/google/go-tpm-tools/proto attest.proto |
There was a problem hiding this comment.
yes, because I think the original file has a new line at the end
client/attest.go
Outdated
| func (d *TdxDevice) AddAttestation(attestation *pb.Attestation, opts AttestOpts) error { | ||
| var tdxNonce [tabi.TdReportDataSize]byte | ||
| if len(opts.TEENonce) == 0 { | ||
| copy(tdxNonce[:], opts.Nonce[:]) |
New Features: [launcher] Verify FS and mount before launch google#311 Integration of go-tpm-tools with go-tdx-guest google#347 Intra-version Breaking Changes: Add launcherfile package for path and file consts google#356 breaks google#333 Bug Fixes: [launcher] Update the token refresh logic google#325 [launcher] Fix logging blocking issue google#338 Other Changes: [launcher] Add a new metadata flag of signedImageRepos google#320 Update go-sev-guest to v0.7.0 google#329 [launcher] Add SSH test for image. google#314 Add supported architectures to ci.yml google#330 Fix the go version number error google#326 [launcher] Signature discovery: fetch a signed image manifest at for parsing google#324 [launcher] Export attestation token filepath and filename google#333 [launcher] Increase the max file descriptor google#339 [launcher] Add a signature interface and a library to parse signature from image manifest google#328 Rename TdxVerify function to TdxQuote in server package. google#353 [launcher] Use V1 SDK in launcher verifier client google#305 Update and tidy dependencies google#344
New Features: [launcher] Verify FS and mount before launch #311 Integration of go-tpm-tools with go-tdx-guest #347 Intra-version Breaking Changes: Add launcherfile package for path and file consts #356 breaks #333 Bug Fixes: [launcher] Update the token refresh logic #325 [launcher] Fix logging blocking issue #338 Other Changes: [launcher] Add a new metadata flag of signedImageRepos #320 Update go-sev-guest to v0.7.0 #329 [launcher] Add SSH test for image. #314 Add supported architectures to ci.yml #330 Fix the go version number error #326 [launcher] Signature discovery: fetch a signed image manifest at for parsing #324 [launcher] Export attestation token filepath and filename #333 [launcher] Increase the max file descriptor #339 [launcher] Add a signature interface and a library to parse signature from image manifest #328 Rename TdxVerify function to TdxQuote in server package. #353 [launcher] Use V1 SDK in launcher verifier client #305 Update and tidy dependencies #344
When getting a vTPM quote within a TDX VM, the attestation service will utilize go-tdx-guest to generate and verify Intel's TDX hardware based attestation quote.
Add TDX attestation protobuf in the go-tpm-tools attestation message.
Update client changes for TDX device-related attestation quote generation.
Update server changes for TDX quote verification using go-tdx-guest.
Enhance CLI tool for TDX functionality updates.