Skip to content
This repository has been archived by the owner on Jul 2, 2023. It is now read-only.

Commit

Permalink
Add simple SNP attester
Browse files Browse the repository at this point in the history
An attester for SEV-SNP that retrieves the attestation report
directly using virtee/sev crate.

On its own this attester does not cover the full CoCo TCB.
Extension to the launch digest (such as with kernel hashes)
is required.

Signed-off-by: Tobin Feldman-Fitzthum <tobin@ibm.com>
  • Loading branch information
fitzthum authored and jialez0 committed May 31, 2023
1 parent 3531788 commit 441998d
Show file tree
Hide file tree
Showing 8 changed files with 71 additions and 3 deletions.
1 change: 1 addition & 0 deletions .github/workflows/cc_kbc.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ jobs:
- cc_kbc_tdx
- cc_kbc_occlum
- cc_kbc_az_snp_vtpm
- cc_kbc_snp
steps:
- name: Code checkout
uses: actions/checkout@v2
Expand Down
1 change: 1 addition & 0 deletions app/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@ cc_kbc = ["attestation_agent/cc_kbc", "attestation_agent/all-attesters"]
cc_kbc_tdx = ["attestation_agent/cc_kbc", "attestation_agent/tdx-attester"]
cc_kbc_occlum = ["attestation_agent/cc_kbc","attestation_agent/occlum-attester"]
cc_kbc_az_snp_vtpm = ["attestation_agent/cc_kbc", "attestation_agent/az-snp-vtpm-attester"]
cc_kbc_snp = ["attestation_agent/cc_kbc", "attestation_agent/snp-attester"]

eaa_kbc = ["attestation_agent/eaa_kbc"]
offline_fs_kbc = ["attestation_agent/offline_fs_kbc"]
Expand Down
4 changes: 3 additions & 1 deletion attester/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -13,13 +13,15 @@ log.workspace = true
occlum_dcap = { git = "https://github.com/occlum/occlum", rev = "dbe404f", optional = true }
serde.workspace = true
serde_json.workspace = true
sev = { git = "https://github.com/virtee/sev", rev = "3dca05d2c93388cb00534ad18f5928fd812e99cc", optional = true }
strum.workspace = true
tdx-attest-rs = { git = "https://github.com/intel/SGXDataCenterAttestationPrimitives", rev = "cc582e8be0c9010295c66fb58c59f74744017600", optional = true }

[features]
default = ["all-attesters"]
all-attesters = ["tdx-attester", "occlum-attester", "az-snp-vtpm-attester"]
all-attesters = ["tdx-attester", "occlum-attester", "az-snp-vtpm-attester", "snp-attester"]

tdx-attester = ["tdx-attest-rs"]
occlum-attester = ["occlum_dcap"]
az-snp-vtpm-attester = ["az-snp-vtpm"]
snp-attester = ["sev"]
14 changes: 12 additions & 2 deletions attester/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -12,26 +12,30 @@ pub mod sample;

#[cfg(feature = "az-snp-vtpm-attester")]
pub mod az_snp_vtpm;

#[cfg(feature = "tdx-attester")]
pub mod tdx;

#[cfg(feature = "occlum-attester")]
pub mod sgx_occlum;

#[cfg(feature = "snp-attester")]
pub mod snp;

/// The supported TEE types:
/// - Tdx: TDX TEE.
/// - SgxOcclum: SGX TEE with Occlum Libos.
/// - AzSnpVtpm: SEV-SNP TEE for Azure CVMs.
/// - Sevsnp: SEV-SNP TEE.
/// - Snp: SEV-SNP TEE.
/// - Sample: A dummy TEE that used to test/demo the KBC functionalities.
#[derive(Debug, EnumString, Display)]
#[strum(ascii_case_insensitive, serialize_all = "lowercase")]
pub enum Tee {
Tdx,
#[strum(serialize = "sgx")]
SgxOcclum,
Sevsnp,
AzSnpVtpm,
Snp,
Sample,
Unknown,
}
Expand All @@ -46,6 +50,8 @@ impl Tee {
Tee::SgxOcclum => Ok(Box::<sgx_occlum::SgxOcclumAttester>::default()),
#[cfg(feature = "az-snp-vtpm-attester")]
Tee::AzSnpVtpm => Ok(Box::<az_snp_vtpm::AzSnpVtpmAttester>::default()),
#[cfg(feature = "snp-attester")]
Tee::Snp => Ok(Box::<snp::SnpAttester>::default()),
_ => bail!("TEE is not supported!"),
}
}
Expand Down Expand Up @@ -76,5 +82,9 @@ pub fn detect_tee_type() -> Tee {
return Tee::AzSnpVtpm;
}

#[cfg(feature = "snp-attester")]
if snp::detect_platform() {
return Tee::Snp;
}
Tee::Unknown
}
51 changes: 51 additions & 0 deletions attester/src/snp/mod.rs
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
// Copyright (c) 2022 IBM
//
// SPDX-License-Identifier: Apache-2.0
//

use super::Attester;
use anyhow::*;
use serde::{Deserialize, Serialize};
use sev::firmware::guest::types::{AttestationReport, SnpReportReq};
use sev::firmware::guest::Firmware;
use sev::firmware::host::types::CertTableEntry;
use std::path::Path;

pub fn detect_platform() -> bool {
Path::new("/sys/devices/platform/sev-guest").exists()
}

#[derive(Serialize, Deserialize)]
struct SnpEvidence {
attestation_report: AttestationReport,
cert_chain: Vec<CertTableEntry>,
}

#[derive(Debug, Default)]
pub struct SnpAttester {}

impl Attester for SnpAttester {
fn get_evidence(&self, report_data: String) -> Result<String> {
let mut report_data_bin = base64::decode(report_data)?;

if report_data_bin.len() != 48 {
bail!("Malformed SNP Evidence");
}

report_data_bin.extend([0; 16]);

let mut firmware = Firmware::open()?;
let report_request = SnpReportReq::new(Some(report_data_bin.as_slice().try_into()?), 0);

let (report, certs) = firmware
.snp_get_ext_report(None, report_request)
.context("Failed to get attestation report")?;

let evidence = SnpEvidence {
attestation_report: report,
cert_chain: certs,
};

serde_json::to_string(&evidence).context("Serialize SNP evidence failed")
}
}
1 change: 1 addition & 0 deletions kbc/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@ all-attesters = ["kbs_protocol/all-attesters"]
tdx-attester = ["kbs_protocol/tdx-attester"]
occlum-attester = ["kbs_protocol/occlum-attester"]
az-snp-vtpm-attester= ["kbs_protocol/az-snp-vtpm-attester"]
snp-attester = ["kbs_protocol/snp-attester"]

sample_kbc = []
eaa_kbc = ["foreign-types"]
Expand Down
1 change: 1 addition & 0 deletions kbs_protocol/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ all-attesters = ["attester/all-attesters"]
tdx-attester = ["attester/tdx-attester"]
occlum-attester = ["attester/occlum-attester"]
az-snp-vtpm-attester = ["attester/az-snp-vtpm-attester"]
snp-attester = ["attester/snp-attester"]

rust-crypto = ["reqwest", "reqwest?/rustls-tls", "crypto/rust-crypto"]
openssl = ["reqwest", "reqwest?/native-tls-vendored", "crypto/openssl"]
1 change: 1 addition & 0 deletions lib/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ all-attesters = ["kbc/all-attesters"]
tdx-attester = ["kbc/tdx-attester"]
occlum-attester = ["kbc/occlum-attester"]
az-snp-vtpm-attester= ["kbc/az-snp-vtpm-attester"]
snp-attester = ["kbc/snp-attester"]

sample_kbc = ["kbc/sample_kbc"]
eaa_kbc = ["kbc/eaa_kbc"]
Expand Down

0 comments on commit 441998d

Please sign in to comment.