Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add IsHardened in launch spec #244

Merged
merged 2 commits into from
Sep 20, 2022
Merged

Add IsHardened in launch spec #244

merged 2 commits into from
Sep 20, 2022

Conversation

jkl73
Copy link
Contributor

@jkl73 jkl73 commented Sep 9, 2022
edited
Loading

* COS eventlog now can measure to a resettable PCR (in the debug image)
* Debug PCR will reset every time before launcher run in the debug image

  • Added a kernel cmdline arg confidential-space.hardened=true to indicate hardened image
  • Change LauncherSpec to LaunchSpec
  • Add cgo flag to silence deprecate warning in openssl for ms-tpm-20-ref

Signed-off-by: Jiankun Lu jiankun@google.com

@jkl73
Copy link
Contributor Author

jkl73 commented Sep 9, 2022
edited
Loading

I'm not sure why git didn't recognize the move launcher_spec_test.go -> launch_spec_test.go, the only meaningful change in this file is the new function at the end TestIsHardened

@jkl73 jkl73 requested review from josephlr and alexmwu September 9, 2022 22:54
@jkl73 jkl73 force-pushed the checkhardenedminorfix branch 3 times, most recently from b47020d to 96e6808 Compare September 10, 2022 01:23
@josephlr
Copy link
Member

We will need to see what we do here after #246 is merged.

My preference would probably be to just have PCR 13 used unconditionally, but have the server side be capable of understanding multiple container launches.

I'm not sure why git didn't recognize the move launcher_spec_test.go -> launch_spec_test.go, the only meaningful change in this file is the new function at the end TestIsHardened

For future reference, you can get Git to pay attention to this stuff by having one commit that just moves the file (with git mv) and another that actually makes the change.

@jkl73 jkl73 force-pushed the checkhardenedminorfix branch from 96e6808 to 0613ad6 Compare September 16, 2022 01:18
@jkl73
Copy link
Contributor Author

jkl73 commented Sep 16, 2022

We will need to see what we do here after #246 is merged.

My preference would probably be to just have PCR 13 used unconditionally, but have the server side be capable of understanding multiple container launches.

I'm not sure why git didn't recognize the move launcher_spec_test.go -> launch_spec_test.go, the only meaningful change in this file is the new function at the end TestIsHardened

For future reference, you can get Git to pay attention to this stuff by having one commit that just moves the file (with git mv) and another that actually makes the change.

Updated, removed resettable PCR change. I split the commit so now I think git can recognize the file rename.

@josephlr
Copy link
Member

Maybe I'm missing something, but what is the future purpose of the IsHardened value in the launch spec? Is this so we can entirely control the machine restart behavior inside the container launcher? or something else?

@jkl73
Copy link
Contributor Author

jkl73 commented Sep 16, 2022
edited
Loading

Maybe I'm missing something, but what is the future purpose of the IsHardened value in the launch spec? Is this so we can entirely control the machine restart behavior inside the container launcher? or something else?

They are not entirely defined yet, controlling the restart behavior is one potential use case. Another is controlling the default logging behavior.

josephlr
josephlr approved these changes Sep 20, 2022
View reviewed changes
launcher/spec/launch_spec.go Outdated Show resolved Hide resolved
simulator/internal/internal_cgo.go Show resolved Hide resolved
@jkl73
Launcher: Add isHardened to LaunchSpec
cbfc524 
Add kernel cmd through image building to indicate if this is hardened
image. LaunchSpec will have a new field to indicate the current env
is hardened or not.

* Rename LauncherSpec to LaunchSpec
* HostTokenPath -> hostTokenPath
* Silence openssl deprecation warnings for ms-tpm-20-ref

Signed-off-by: Jiankun Lu <jiankun@google.com>
@jkl73
Add isHardened test
aa2f168 
Signed-off-by: Jiankun Lu <jiankun@google.com>
@jkl73 jkl73 force-pushed the checkhardenedminorfix branch from 0613ad6 to aa2f168 Compare September 20, 2022 22:50
@jkl73 jkl73 merged commit f599e6c into google:master Sep 20, 2022
This was referenced Nov 16, 2022
Closed
Closed
alexmwu added a commit to alexmwu/go-tpm-tools that referenced this pull request Dec 16, 2022
@alexmwu
Release v0.3.10
8eeb1db 
Breaking Changes:

New Features:
Add IsHardened in launch spec: google#244
Add container logging redirect policy: google#249
Add SEV-SNP attestation support: google#240
Integrity-protect stateful partition on CS image: google#251
Retry launcher OIDC token refresh with backoff: google#261
Change restart policy behavior to reboot: google#260
Add ability to GetGCEInstanceInfo from a certificate: google#267

Bug Fixes:
COS event log: require CEL events to use PCR13, add a launch separator, and don't skip unknown events: google#246
Measure LaunchSeparator event: google#247
Skip unallocated PCR selections when reading all PCRs: google#258
Remove gRPC client and use of insecure credentials: google#262
Fix server.VerifyAttestation proto merging(google#263) and defer of os.Exit(google#264): google#265

Other Changes:
Add fake verifier client: google#234
Update CI Go Version to 1.19: google#241
Add launcher integration testing support: google#255
Test multi-writer PD creation disabled: google#256
Update go-sev-guest dependency to v0.2.6: google#259
Change OIDC retry policy to hourly and add jitter to refresh time: google#266
Add wrapper cloudbuild workflow to trigger image build and testing: google#269
@alexmwu alexmwu mentioned this pull request Dec 16, 2022
Merged
alexmwu added a commit that referenced this pull request Dec 16, 2022
@alexmwu
Release v0.3.10 (#272)
9a316dd 
Breaking Changes:

New Features:
Add IsHardened in launch spec: #244
Add container logging redirect policy: #249
Add SEV-SNP attestation support: #240
Integrity-protect stateful partition on CS image: #251
Retry launcher OIDC token refresh with backoff: #261
Change restart policy behavior to reboot: #260
Add ability to GetGCEInstanceInfo from a certificate: #267

Bug Fixes:
COS event log: require CEL events to use PCR13, add a launch separator, and don't skip unknown events: #246
Measure LaunchSeparator event: #247
Skip unallocated PCR selections when reading all PCRs: #258
Remove gRPC client and use of insecure credentials: #262
Fix server.VerifyAttestation proto merging(#263) and defer of os.Exit(#264): #265

Other Changes:
Add fake verifier client: #234
Update CI Go Version to 1.19: #241
Add launcher integration testing support: #255
Test multi-writer PD creation disabled: #256
Update go-sev-guest dependency to v0.2.6: #259
Change OIDC retry policy to hourly and add jitter to refresh time: #266
Add wrapper cloudbuild workflow to trigger image build and testing: #269
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@josephlr josephlr josephlr approved these changes

@alexmwu alexmwu Awaiting requested review from alexmwu

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jkl73 @josephlr