more wip

Author: csegarragonz

docker/guest_components.dockerfile

@@ -1,26 +1,16 @@
-FROM ghcr.io/sc2-sys/base:0.10.0
+FROM ghcr.io/sc2-sys/base:0.12.0
 
 # ---------------------------
 # Guest Components source set-up
 # ---------------------------
 
 # Install APT dependencies
 RUN apt install -y \
-        cmake \
         musl-tools \
         pkg-config \
         protobuf-compiler \
         tss2
 
 # Fetch code and build the runtime and the agent
-ARG CODE_DIR=/usr/src/guest-components
-RUN mkdir -p ${CODE_DIR} \
-    && git clone\
-        -b sc2-main \
-        https://github.com/sc2-sys/guest-components \
-        ${CODE_DIR} \
-    && git config --global --add safe.directory ${CODE_DIR} \
-    && cd ${CODE_DIR}/image-rs \
-    && cargo build --release --features "nydus"
 
 WORKDIR ${CODE_DIR}

docker/kata.dockerfile

@@ -83,6 +83,25 @@ RUN mkdir -p ${CODE_DIR} \
 # to modify both in the same work-on container
 # ------------------------------------------------------------------------------
 
+ARG CODE_DIR_GC=/git/sc2-sys/guest-components
+ARG RUST_VERSION_GC=1.81
+RUN mkdir -p ${CODE_DIR_GC} \
+    && git clone\
+        -b sc2-main \
+        https://github.com/sc2-sys/guest-components \
+        ${CODE_DIR_GC} \
+    && git config --global --add safe.directory ${CODE_DIR_GC} \
+    && cd ${CODE_DIR_GC}/image-rs \
+    && rustup override set ${RUST_VERSION_GC} \
+    && cargo build --release --features "nydus"
+
+# ------------------------------------------------------------------------------
+# Build Guest Components
+#
+# The agent is very tightly-coupled with guest-components, so it makes sense
+# to modify both in the same work-on container
+# ------------------------------------------------------------------------------
+
 ARG CODE_DIR_GC=/git/sc2-sys/guest-components
 ARG RUST_VERSION_GC=1.81
 RUN mkdir -p ${CODE_DIR_GC} \

docs/attestation.md

@@ -1,4 +1,41 @@
-# Attestation for Knative on CoCo
+# Attestation in SC2
+
+Attestation is the process of appraising the provisioned TEE and the software
+loaded therein. In the TEEs used in SC2, AMD SEV-SNP, and Intel TDX, the
+attestation flow is relatively similar: __after__ starting the cVM, the trusted
+software in the guest will retrieve an attestation report from the hardware
+root-of-trust and will validate it with a [Trustee](
+https://github.com/confidential-containers/trustee) deployment that acts as a
+relying-party.
+
+The attestation report contains the launch measurement of the cVM, including
+the initial software components like OVMF, the initrd, and the guest kernel,
+signed to a hardware root-of-trust.
+
+## Trustee
+
+Configuring Trustee to check the launch measurement is not as straightforward
+as one may think. At a very high level, Trustee releases secrets/resources
+in response to requests iff the request passes an associated _resource policy_
+and _attestation policy_.
+
+# TODO: this paragraph may not be true?
+This policy may (or may not) demand that the request presents a valid launch
+measurement, matching a user-provided one. As a consequence: no secret/resource
+means no policy checking.
+
+To provision secrets and resources to Trustee, we can use a client tool called
+the KBC. To make matters worse, however, the attestation code in guest-components
+(which also uses the KBC) will _only_ request a very specific resource. We
+explain next how to configure Trustee to achieve three different goals:
+
+### Launch Measurement Verification
+
+### Image Signature
+
+### Image Encryption
+
+## SEV-SNP Attestation
 
 ## SEV(-ES) Attestation
 

tasks/docker.py

@@ -1,5 +1,6 @@
 from invoke import task
 from os.path import join
+from tasks.gc import build_gc_image
 from tasks.svsm import build_svsm_image, build_svsm_kernel_image, build_svsm_qemu_image
 from tasks.trustee import build_trustee_image
 from tasks.util.containerd import build_containerd_image
@@ -51,6 +52,10 @@ def build_all(ctx, nocache=False, push=False):
     build_containerd_image(nocache, push, debug=False)
     print("Success!")
 
+    print_dotted_line("Building guest-components image")
+    build_gc_image(nocache, push, debug=False)
+    print("Success!")
+
     print_dotted_line(f"Building kata image (v{KATA_VERSION})")
     build_kata_image(nocache, push, debug=False)
     print("Success!")

tasks/gc.py

@@ -1,23 +1,29 @@
 from invoke import task
 from os.path import join
 from subprocess import run
-from tasks.util.docker import is_ctr_running
+from tasks.util.docker import build_image, is_ctr_running
 from tasks.util.env import GHCR_URL, GITHUB_ORG, PROJ_ROOT
 from tasks.util.versions import COCO_VERSION
 
 GC_CTR_NAME = "guest-components-workon"
 GC_IMAGE_TAG = join(GHCR_URL, GITHUB_ORG, "guest-components") + f":{COCO_VERSION}"
 
 
+def build_gc_image(nocache, push):
+    build_image(
+        GC_IMAGE_TAG,
+        join(PROJ_ROOT, "docker", "guest_components.dockerfile"),
+        nocache=nocache,
+        push=push
+    )
+
+
 @task
-def build(ctx):
+def build(ctx, nocache=False, push=False):
     """
     Build the guest-components work-on image
     """
-    docker_cmd = "docker build -t {} -f {} .".format(
-        GC_IMAGE_TAG, join(PROJ_ROOT, "docker", "guest_components.dockerfile")
-    )
-    run(docker_cmd, shell=True, check=True, cwd=PROJ_ROOT)
+    build_gc_image(nocache, push)
 
 
 @task
@@ -31,7 +37,7 @@ def cli(ctx, mount_path=join(PROJ_ROOT, "..", "guest-components")):
             "-d -it",
             # The container path comes from the dockerfile in:
             # ./docker/guest_components.dockerfile
-            f"-v {mount_path}:/usr/src/guest-components",
+            f"-v {mount_path}:/git/sc2-sys/guest-components",
             "--name {}".format(GC_CTR_NAME),
             GC_IMAGE_TAG,
             "bash",

tasks/util/docker.py

@@ -47,10 +47,13 @@ def build_image(
     docker_cmd = "docker build {} {} -t {} -f {} .".format(
         "--no-cache" if nocache else "", build_args_cmd, image_tag, dockerfile
     )
+    run(docker_cmd, shell=True, check=True, cwd=cwd)
+    """
     result = run(docker_cmd, shell=True, capture_output=True, cwd=cwd)
     assert result.returncode == 0, print(result.stderr.decode("utf-8").strip())
     if debug:
         print(result.stdout.decode("utf-8").strip())
+    """
 
     if push:
         result = run(f"docker push {image_tag}", shell=True, capture_output=True)

tasks/util/guest_components.py

@@ -255,7 +255,7 @@ def prepare_rootfs(tmp_rootfs_base_dir, debug=False, sc2=False, hot_replace=Fals
         KATA_AGENT_SOURCE_DIR if sc2 else KATA_BASELINE_AGENT_SOURCE_DIR,
         "target",
         "x86_64-unknown-linux-musl",
-        "release",
+        "debug",  # "release",
         "kata-agent",
     )
     copy_from_kata_workon_ctr(

tasks/util/kata.py

@@ -5,10 +5,6 @@
 from subprocess import run
 from tasks.util.cosign import sign_container_image
 from tasks.util.env import CONF_FILES_DIR, K8S_CONFIG_DIR
-from tasks.util.guest_components import (
-    start_coco_keyprovider,
-    stop_coco_keyprovider,
-)
 
 # from tasks.util.trustee import create_kbs_secret
 from tasks.util.versions import SKOPEO_VERSION
@@ -58,7 +54,8 @@ def encrypt_container_image(image_tag, sign=False):
     # to encrypt the OCI image. To that extent, we need to mount the encryption
     # key somewhere that the attestation agent (in the keyprovider) can find
     # it
-    start_coco_keyprovider(SKOPEO_ENCRYPTION_KEY, AA_CTR_ENCRYPTION_KEY)
+    # TODO: this is part of trustee cluster now
+    # start_coco_keyprovider(SKOPEO_ENCRYPTION_KEY, AA_CTR_ENCRYPTION_KEY)
 
     encrypted_image_tag = image_tag.split(":")[0] + ":encrypted"
     skopeo_cmd = [
@@ -76,9 +73,6 @@ def encrypt_container_image(image_tag, sign=False):
     skopeo_cmd = " ".join(skopeo_cmd)
     run_skopeo_cmd(skopeo_cmd)
 
-    # Stop the keyprovider when we are done encrypting layers
-    stop_coco_keyprovider()
-
     # Sanity check that the image is actually encrypted
     inspect_jsonstr = run_skopeo_cmd(
         "inspect --cert-dir /certs --authfile /config.json docker://{}".format(
@@ -93,7 +87,6 @@ def encrypt_container_image(image_tag, sign=False):
     ]
     if not all(layers):
         print("Some layers in image {} are not encrypted!".format(encrypted_image_tag))
-        stop_coco_keyprovider()
         raise RuntimeError("Image encryption failed!")
 
     # Create a secret in KBS with the encryption key. Skopeo needs it as raw