Created a common library for parsing and serializing CoVE TEE Attesta…

…tion Payload

Signed-off-by: Wojciech Ozga <woz@zurich.ibm.com>

.gitignore

@@ -4,6 +4,7 @@
 build/*
 target/*
 
+tools/local_attestation/target
 security-monitor/target
 
 configurations/overlay/root/harness/baremetal

Makefile

@@ -49,7 +49,7 @@ devtools: setup
 hypervisor: setup devtools
 	PATH="$(RISCV_GNU_TOOLCHAIN_WORK_DIR)/bin:$(PATH)" ACE_DIR=$(ACE_DIR) $(MAKE) -C hypervisor
 
-confidential_vms: setup devtools hypervisor
+confidential_vms: setup devtools hypervisor tools
 	BIN_DIR="$(OVERLAY_ROOT_DIR)/" RELEASE="" $(MAKE) -C $(CONFIDENTIAL_VMS_SOURCE_DIR)/baremetal/ ;\
 	PATH="$(RISCV_GNU_TOOLCHAIN_WORK_DIR)/bin:$(PATH)" ACE_DIR=$(ACE_DIR) $(MAKE) -C $(CONFIDENTIAL_VMS_SOURCE_DIR)/linux_vm/ buildroot ;\
 	PATH="$(RISCV_GNU_TOOLCHAIN_WORK_DIR)/bin:$(PATH)" ACE_DIR=$(ACE_DIR) $(MAKE) -C $(CONFIDENTIAL_VMS_SOURCE_DIR)/linux_vm/ overlay ;\
@@ -58,7 +58,7 @@ confidential_vms: setup devtools hypervisor
 hypervisor_dev: 
 	PATH="$(RISCV_GNU_TOOLCHAIN_WORK_DIR)/bin:$(PATH)" ACE_DIR=$(ACE_DIR) $(MAKE) -C hypervisor dev
 
-dev:
+dev: tools
 	$(MAKE) -C $(CONFIDENTIAL_VMS_SOURCE_DIR)/linux_vm/ dev ;\
 	$(MAKE) -C $(CONFIDENTIAL_VMS_SOURCE_DIR)/linux_vm/ overlay ;\
 	PATH="$(RISCV_GNU_TOOLCHAIN_WORK_DIR)/bin:$(PATH)" ACE_DIR=$(ACE_DIR) $(MAKE) -C hypervisor rootfs;

confidential-vms/linux_vm/Makefile

@@ -17,6 +17,7 @@ LINUX_VM_BUILDROOT_ROOTFS			?= $(LINUX_VM_BUILDROOT_WORK_DIR)/images/rootfs.ext2
 LINUX_VM_BUILDROOT_ROOTFS_SIZE		?= "256M"
 LINUX_VM_OVERLAY_SOURCE_DIR			?= $(CONFIDENTIAL_VMS_LINUX_SOURCE_DIR)/overlay
 LINUX_VM_OVERLAY_WORK_DIR			?= $(CONFIDENTIAL_VMS_LINUX_WORK_DIR)/overlay
+LINUX_VM_OVERLAY_WORK_ROOT_DIR		?= $(LINUX_VM_OVERLAY_WORK_DIR)/root
 LINUX_VM_IMAGE						?= $(LINUX_VM_BUILDROOT_WORK_DIR)/images/Image
 LINUX_VM_KERNEL_CONFIG				?= $(CONFIDENTIAL_VMS_LINUX_SOURCE_DIR)/configurations/linux64-defconfig
 LINUX_VM_BUILDROOT_CONFIG			?= $(CONFIDENTIAL_VMS_LINUX_SOURCE_DIR)/configurations/qemu_riscv64_virt_defconfig
@@ -44,15 +45,18 @@ buildroot: setup
 		echo "Building buildroot"; \
 		rm -rf $(LINUX_VM_BUILDROOT_WORK_DIR); \
 		mkdir -p $(LINUX_VM_BUILDROOT_WORK_DIR); \
-		mkdir -p $(LINUX_VM_OVERLAY_WORK_DIR); \
+		mkdir -p $(LINUX_VM_OVERLAY_WORK_ROOT_DIR); \
+		cp $(LINUX_VM_KERNEL_CONFIG) $(LINUX_VM_BUILDROOT_WORK_DIR)/linux64-config; \
 		cp $(LINUX_VM_BUILDROOT_CONFIG) $(LINUX_VM_BUILDROOT_WORK_DIR)/.config; \
 		sed "s@^BR2_ROOTFS_OVERLAY=.*@BR2_ROOTFS_OVERLAY=\"$(LINUX_VM_OVERLAY_WORK_DIR)\"@g" -i $(LINUX_VM_BUILDROOT_WORK_DIR)/.config; \
 		sed "s@^BR2_TARGET_ROOTFS_EXT2_SIZE=.*@BR2_TARGET_ROOTFS_EXT2_SIZE=\"$(LINUX_VM_BUILDROOT_ROOTFS_SIZE)\"@g" -i $(LINUX_VM_BUILDROOT_WORK_DIR)/.config; \
-		sed "s@^BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE=.*@BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE=\"$(LINUX_VM_KERNEL_CONFIG)\"@g" -i $(LINUX_VM_BUILDROOT_WORK_DIR)/.config; \
+		sed "s@^BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE=.*@BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE=\"$(LINUX_VM_BUILDROOT_WORK_DIR)/linux64-config\"@g" -i $(LINUX_VM_BUILDROOT_WORK_DIR)/.config; \
 		sed "s@^BR2_LINUX_KERNEL_PATCH=.*@BR2_LINUX_KERNEL_PATCH=\"$(LINUX_VM_PATCHES_DIR)\"@g" -i $(LINUX_VM_BUILDROOT_WORK_DIR)/.config; \
 		$(MAKE) -s -C $(LINUX_VM_BUILDROOT_SOURCE_DIR) RISCV=$(RISCV_GNU_TOOLCHAIN_WORK_DIR) PATH=$(PATH) O=$(LINUX_VM_BUILDROOT_WORK_DIR) CROSS_COMPILE=$(CROSS_COMPILE) BR2_JLEVEL=0 olddefconfig; \
 		$(MAKE) -s -C $(LINUX_VM_BUILDROOT_SOURCE_DIR) RISCV=$(RISCV_GNU_TOOLCHAIN_WORK_DIR) PATH=$(PATH) O=$(LINUX_VM_BUILDROOT_WORK_DIR) BR2_JLEVEL=0; \
 	fi
+	# 
+	# sed "s@^CONFIG_INITRAMFS_SOURCE=.*@CONFIG_INITRAMFS_SOURCE=\"$(LINUX_VM_BUILDROOT_WORK_DIR)/images/rootfs.cpio\"@g" -i $(LINUX_VM_BUILDROOT_WORK_DIR)/linux64-config; \
 
 dev:
 	echo "Rebuilding buildroot"; \
@@ -70,7 +74,9 @@ overlay: setup
 	mkdir -p $(HYPERVISOR_OVERLAY_LINUX_VM_DIR) ;\
 	cp -r $(LINUX_VM_IMAGE) $(HYPERVISOR_OVERLAY_LINUX_VM_DIR)/ ;\
 	cp -r $(LINUX_VM_BUILDROOT_ROOTFS) $(HYPERVISOR_OVERLAY_LINUX_VM_DIR) ;\
-	cp $(ACE_DIR)/tools/ace-tap $(LINUX_VM_OVERLAY_WORK_DIR)/
+	cp -r $(LINUX_VM_BUILDROOT_WORK_DIR)/images/rootfs.cpio $(HYPERVISOR_OVERLAY_LINUX_VM_DIR) ;\
+	mkdir -p $(LINUX_VM_OVERLAY_WORK_ROOT_DIR); \
+	cp $(ACE_DIR)/tools/ace-tap $(LINUX_VM_OVERLAY_WORK_ROOT_DIR)/
 
 clean:
 	rm -rf $(ACE_DIR)

confidential-vms/linux_vm/configurations/busybox.config

@@ -0,0 +1,6 @@
+CONFIG_MOUNT=y
+CONFIG_FEATURE_MOUNT_FSTAB=y
+CONFIG_UMOUNT=y
+CONFIG_FEATURE_UMOUNT_ALL=y
+CONFIG_CRYPTSETUP=y
+CONFIG_LOSETUP=y

confidential-vms/linux_vm/configurations/linux64-defconfig

@@ -186,7 +186,7 @@ CONFIG_CHECKPOINT_RESTORE=y
 # CONFIG_SYSFS_DEPRECATED is not set
 # CONFIG_RELAY is not set
 CONFIG_BLK_DEV_INITRD=y
-CONFIG_INITRAMFS_SOURCE=""
+# CONFIG_INITRAMFS_SOURCE=""
 CONFIG_RD_GZIP=y
 CONFIG_RD_BZIP2=y
 CONFIG_RD_LZMA=y
@@ -1613,6 +1613,7 @@ CONFIG_DM_BIO_PRISON=m
 CONFIG_DM_PERSISTENT_DATA=m
 # CONFIG_DM_UNSTRIPED is not set
 # CONFIG_DM_CRYPT is not set
+CONFIG_DM_CRYPT=y
 # CONFIG_DM_SNAPSHOT is not set
 CONFIG_DM_THIN_PROVISIONING=m
 # CONFIG_DM_CACHE is not set
@@ -4404,7 +4405,7 @@ CONFIG_CRYPTO_RSA=y
 #
 # Block ciphers
 #
-CONFIG_CRYPTO_AES=m
+CONFIG_CRYPTO_AES=y
 # CONFIG_CRYPTO_AES_TI is not set
 # CONFIG_CRYPTO_ANUBIS is not set
 # CONFIG_CRYPTO_ARIA is not set
@@ -4439,6 +4440,7 @@ CONFIG_CRYPTO_CTR=m
 # CONFIG_CRYPTO_OFB is not set
 # CONFIG_CRYPTO_PCBC is not set
 # CONFIG_CRYPTO_XTS is not set
+CONFIG_CRYPTO_XTS=y
 # end of Length-preserving ciphers and modes
 
 #
@@ -4466,8 +4468,8 @@ CONFIG_CRYPTO_HMAC=m
 # CONFIG_CRYPTO_POLY1305 is not set
 # CONFIG_CRYPTO_RMD160 is not set
 CONFIG_CRYPTO_SHA1=y
-CONFIG_CRYPTO_SHA256=m
-CONFIG_CRYPTO_SHA512=m
+CONFIG_CRYPTO_SHA256=y
+CONFIG_CRYPTO_SHA512=y
 # CONFIG_CRYPTO_SHA3 is not set
 # CONFIG_CRYPTO_SM3_GENERIC is not set
 # CONFIG_CRYPTO_STREEBOG is not set
@@ -4513,8 +4515,10 @@ CONFIG_CRYPTO_JITTERENTROPY=m
 #
 CONFIG_CRYPTO_USER_API=y
 CONFIG_CRYPTO_USER_API_HASH=y
+CONFIG_CRYPTO_USER_API_SKCIPHER=y
 # CONFIG_CRYPTO_USER_API_SKCIPHER is not set
 # CONFIG_CRYPTO_USER_API_RNG is not set
+CONFIG_CRYPTO_USER_API_RNG=y
 # CONFIG_CRYPTO_USER_API_AEAD is not set
 CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE=y
 # end of Userspace interface

confidential-vms/linux_vm/configurations/qemu_riscv64_virt_defconfig

@@ -1,21 +1,21 @@
-BR2_TARGET_GENERIC_HOSTNAME="cvm"
-BR2_TARGET_GENERIC_ISSUE="Welcome to Confidential VM!"
+BR2_TARGET_GENERIC_HOSTNAME="confidential_vm"
+BR2_TARGET_GENERIC_ISSUE="Welcome to ACE Confidential VM!"
 # Architecture
 BR2_riscv=y
 BR2_RISCV_64=y
 BR2_RISCV_g=y
 BR2_RISCV_ABI_LP64D=y
 BR2_GCC_TARGET_ABI="lp64d"
 #
-BR2_TOOLCHAIN_EXTERNAL=y
-BR2_TOOLCHAIN_EXTERNAL_PATH="$(RISCV)"
-BR2_TOOLCHAIN_EXTERNAL_CUSTOM_PREFIX="$(ARCH)-unknown-linux-gnu"
-BR2_TOOLCHAIN_EXTERNAL_GCC_12=y
-BR2_TOOLCHAIN_EXTERNAL_HEADERS_5_10=y
-BR2_TOOLCHAIN_EXTERNAL_CUSTOM_GLIBC=y
-#BR2_TOOLCHAIN_EXTERNAL_INET_RPC=y
-BR2_TOOLCHAIN_EXTERNAL_INET_RPC=n
-BR2_TOOLCHAIN_EXTERNAL_CXX=y
+# BR2_TOOLCHAIN_EXTERNAL=y
+# BR2_TOOLCHAIN_EXTERNAL_PATH="$(RISCV)"
+# BR2_TOOLCHAIN_EXTERNAL_CUSTOM_PREFIX="$(ARCH)-unknown-linux-gnu"
+# BR2_TOOLCHAIN_EXTERNAL_GCC_12=y
+# BR2_TOOLCHAIN_EXTERNAL_HEADERS_5_10=y
+# BR2_TOOLCHAIN_EXTERNAL_CUSTOM_GLIBC=y
+# #BR2_TOOLCHAIN_EXTERNAL_INET_RPC=y
+# BR2_TOOLCHAIN_EXTERNAL_INET_RPC=n
+# BR2_TOOLCHAIN_EXTERNAL_CXX=y
 
 # Shell
 BR2_PACKAGE_BUSYBOX_SHOW_OTHERS=y
@@ -29,15 +29,18 @@ BR2_TARGET_GENERIC_GETTY_PORT="ttyS0"
 BR2_TARGET_GENERIC_ROOT_PASSWD="passwd"
 
 # Filesystem 
-BR2_TARGET_ROOTFS_EXT2=y
 BR2_ROOTFS_OVERLAY=""
+BR2_TARGET_ROOTFS_EXT2=y
 BR2_TARGET_ROOTFS_EXT2_2=n
 BR2_TARGET_ROOTFS_EXT2_3=n
 BR2_TARGET_ROOTFS_EXT2_4=y
 BR2_TARGET_ROOTFS_EXT2_SIZE="5G"
 
 # Kernel
 BR2_LINUX_KERNEL=y
+# BR2_LINUX_KERNEL_CUSTOM_GIT=y
+# BR2_LINUX_KERNEL_CUSTOM_REPO_URL=""
+# BR2_LINUX_KERNEL_CUSTOM_REPO_VERSION=""
 BR2_LINUX_KERNEL_CUSTOM_VERSION=y
 BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE="6.3-rc4"
 BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_6_3=y
@@ -52,11 +55,6 @@ BR2_LINUX_KERNEL_PATCH=""
 # development with custom Linux kernel sources
 BR2_PACKAGE_OVERRIDE_FILE=""
 
-# Bootloader
-# BR2_TARGET_OPENSBI=y
-# BR2_TARGET_OPENSBI_USE_PLAT=y
-# BR2_TARGET_OPENSBI_PLAT="qemu/virt"
-
 # Packages
 BR2_PACKAGE_DROPBEAR=y
 
@@ -75,6 +73,37 @@ BR2_TARGET_OPENSBI_PLAT="generic"
 
 BR2_PER_PACKAGE_DIRECTORIES=y
 BR2_VERBOSE=0
+BR2_PACKAGE_NVME=y
+
+# Initramfs
+# BR2_TARGET_ROOTFS_INITRAMFS=y # possible not needed when we do not require kernel to be rebuild with initramfs
+BR2_TARGET_ROOTFS_CPIO=y
+BR2_PACKAGE_BUSYBOX=y
+BR2_INIT_BUSYBOX=y
+BR2_PACKAGE_HOST_DRACUT=y
+BR2_TARGET_ROOTFS_CPIO_DRACUT=y
+# dm-crypt
+BR2_PACKAGE_HOST_GENIMAGE=y
+BR2_PACKAGE_CRYPTSETUP=y
+BR2_PACKAGE_HOST_CRYPTSETUP=y
+BR2_PACKAGE_E2FSPROGS=y
+
+# below not needed?
+# BR2_PACKAGE_SYSTEMD=y
+# BR2_PACKAGE_SYSTEMD_BOOT=y
+# BR2_PACKAGE_SYSTEMD_INITRD=y
+# BR2_PACKAGE_SYSTEMD_KERNELINSTALL=y
+# BR2_TARGET_GRUB2_BOOT_PARTITION="cd"
+# BR2_ROOTFS_POST_IMAGE_SCRIPT=""
+# BR2_PACKAGE_PKGCONF=y
+# BR2_SYSTEM_BIN_SH_BUSYBOX=y
+
+# BR2_PACKAGE_HOST_UBOOT_TOOLS=y
+# BR2_TARGET_UBOOT=y
+
+# BR2_TARGET_GRUB2_HAS_EFI_BOOT=y
+# BR2_TARGET_GRUB2_RISCV64_EFI=y
+# BR2_TARGET_GRUB2=y
+# BR2_TARGET_GRUB2_INSTALL_TOOLS=y
 
 
-BR2_PACKAGE_NVME=y

confidential-vms/linux_vm/hypervisor_rootfs/run_linux_vm.sh

@@ -6,6 +6,7 @@
 QEMU_CMD=qemu-system-riscv64
 KERNEL=/root/linux_vm/Image
 DRIVE=/root/linux_vm/rootfs.ext2
+INITRAMFS=/root/linux_vm/rootfs.cpio
 
 HOST_PORT="$((3000 + RANDOM % 3000))"
 INTERACTIVE="-nographic"
@@ -54,8 +55,9 @@ ${QEMU_CMD} ${DEBUG_OPTIONS} \
     -machine virt -cpu rv64,f=true -smp ${SMP} -m ${MEMORY} \
     -kernel ${KERNEL} \
     -seed 0 \
+    -initrd ${INITRAMFS} \
     -global virtio-mmio.force-legacy=false \
-    -append "console=ttyS0 ro root=/dev/vda swiotlb=mmnn,force promote_to_cove_guest" \
+    -append "console=ttyS0 ro swiotlb=mmnn,force promote_to_cove_guest" \
     -device virtio-blk-pci,drive=hd0,iommu_platform=on,disable-legacy=on,disable-modern=off \
     -drive if=none,format=raw,file=${DRIVE},id=hd0 \
     -device virtio-net-pci,netdev=net0,iommu_platform=on,disable-legacy=on,disable-modern=off \

hypervisor/configurations/qemu_riscv64_virt_defconfig

@@ -7,15 +7,15 @@ BR2_RISCV_g=y
 BR2_RISCV_ABI_LP64D=y
 BR2_GCC_TARGET_ABI="lp64d"
 #
-BR2_TOOLCHAIN_EXTERNAL=y
-BR2_TOOLCHAIN_EXTERNAL_PATH="$(RISCV)"
-BR2_TOOLCHAIN_EXTERNAL_CUSTOM_PREFIX="$(ARCH)-unknown-linux-gnu"
-BR2_TOOLCHAIN_EXTERNAL_GCC_12=y
-BR2_TOOLCHAIN_EXTERNAL_HEADERS_5_10=y
-BR2_TOOLCHAIN_EXTERNAL_CUSTOM_GLIBC=y
-#BR2_TOOLCHAIN_EXTERNAL_INET_RPC=y
-BR2_TOOLCHAIN_EXTERNAL_INET_RPC=n
-BR2_TOOLCHAIN_EXTERNAL_CXX=y
+# BR2_TOOLCHAIN_EXTERNAL=y
+# BR2_TOOLCHAIN_EXTERNAL_PATH="$(RISCV)"
+# BR2_TOOLCHAIN_EXTERNAL_CUSTOM_PREFIX="$(ARCH)-unknown-linux-gnu"
+# BR2_TOOLCHAIN_EXTERNAL_GCC_12=y
+# BR2_TOOLCHAIN_EXTERNAL_HEADERS_5_10=y
+# BR2_TOOLCHAIN_EXTERNAL_CUSTOM_GLIBC=y
+# #BR2_TOOLCHAIN_EXTERNAL_INET_RPC=y
+# BR2_TOOLCHAIN_EXTERNAL_INET_RPC=n
+# BR2_TOOLCHAIN_EXTERNAL_CXX=y
 
 # Shell
 BR2_PACKAGE_BUSYBOX_SHOW_OTHERS=y

security-monitor/Cargo.toml

@@ -27,6 +27,9 @@ riscv-decode = "0.2"
 # The `spin` crate provides synchronization primitives (Mutexes etc) using spinlocks
 spin = {version="0.9", default-features = false, features = ["once", "rwlock", "spin_mutex"]}
 
+# This crates provides functionality to parse TEE attestation payload.
+tap = {path = "rust-crates/cove_tap", features = ["parser"]}
+
 # Used to measure confidential VM, required for attestation
 sha2 = { version = "0.10", default-features = false }
 

security-monitor/rust-crates/cove_tap/Cargo.toml

@@ -0,0 +1,20 @@
+[package]
+name = "tap"
+version = "0.1.0"
+authors = ["Wojciech Ozga <woz@zurich.ibm.com>"]
+description = "Library to parse the CoVE's TEE attestation payload"
+edition = "2021"
+
+[dependencies]
+#rsa = "0.9" # to create lockboxes: encrypt symetric key using public keys of target TEEs
+#rand = "0.8" # to generate symmetric key used to encrypted payload
+
+# for symmetric encryption of payload
+aes-gcm = {version="0.10.3", default-features = false, features=["aes", "alloc"]} 
+
+# provides macros that help removing boilerplate code in rust error handling
+thiserror-no-std = "2.0"  
+
+[features]
+parser = []
+serializer = []

security-monitor/rust-crates/cove_tap/src/error.rs

@@ -0,0 +1,24 @@
+// SPDX-FileCopyrightText: 2023 IBM Corporation
+// SPDX-FileContributor: Wojciech Ozga <woz@zurich.ibm.com>, IBM Research - Zurich
+// SPDX-License-Identifier: Apache-2.0
+use thiserror_no_std::Error;
+
+#[derive(Error, Debug)]
+pub enum TapError {
+    #[error("Unsupported TAP Lockbox algorithm {0}")]
+    UnsupportedTapLockboxAlgorithm(u16),
+    #[error("Unsupported TAP digest entry type {0}")]
+    UnsupportedTapDigestEntryType(u16),
+    #[error("Unsupported TAP digest algorithm {0}")]
+    UnsupportedTapDigestAlgorithm(u16),
+    #[error("Unsupported TAP payload encryption algorithm {0}")]
+    UnsupportedTapPayloadEncryptionAlgorithm(u16),
+    #[error("Invalid magic in the beginning of TAP")]
+    InvalidMagicStart(),
+    #[error("Invalid size of the TAP")]
+    InvalidSize(),
+
+    #[error("Aes error {0}")]
+    AesError(#[from] aes_gcm::Error)
+
+}

security-monitor/rust-crates/cove_tap/src/lib.rs

@@ -0,0 +1,22 @@
+// SPDX-FileCopyrightText: 2023 IBM Corporation
+// SPDX-FileContributor: Wojciech Ozga <woz@zurich.ibm.com>, IBM Research - Zurich
+// SPDX-License-Identifier: Apache-2.0
+#![no_std]
+#![no_main]
+extern crate alloc;
+
+mod error;
+#[cfg(feature = "parser")]
+mod parser;
+mod spec;
+#[cfg(feature = "serializer")]
+mod serializer;
+
+#[cfg(feature = "parser")]
+pub use parser::TeeAttestationPayloadParser;
+
+#[cfg(feature = "serializer")]
+pub use serializer::TeeAttestationPayloadSerializer;
+
+pub use spec::*;
+pub use error::*;