Add task named 'attest' that acts as the root of trust for reporting.

oxidecomputer · May 25, 2023 · 556defa · 556defa
1 parent c77dd7e
commit 556defa
Show file tree

Hide file tree

Showing 13 changed files with 388 additions and 11 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/app/rot-carrier/app.toml b/app/rot-carrier/app.toml
@@ -201,6 +201,14 @@ stacksize = 2048
 [tasks.sp_measure.config]
 binary_path = "../../target/gemini-bu/dist/final.bin"
 
+[tasks.attest]
+name = "task-attest"
+priority = 5
+max-sizes = {flash = 12000, ram = 8192, dice_alias = 2048, dice_certs = 2560}
+stacksize = 7000
+start = true
+sections = {dice_alias = "dice_alias", dice_certs = "dice_certs"}
+
 [signing]
 enable-secure-boot = true
 enable-dice = true

diff --git a/chips/lpc55/chip.toml b/chips/lpc55/chip.toml
@@ -53,14 +53,6 @@ size = 4096
 
 # this is the start of the USB SRAM AHB peripheral (0x4000 bytes total)
 # we appropriate this SRAM for passing DICE artifacts
-[dice_certs]
-address = 0x40100000
-size = 0xa00
-
-[dice_alias]
-address = 0x40100a00
-size = 0x800
-
 [dice_spmeasure]
 address = 0x40101200
 size = 0x800

diff --git a/chips/lpc55/memory.toml b/chips/lpc55/memory.toml
@@ -107,3 +107,37 @@ write = false
 execute = false
 dma = true
 
+# RAM region used to hand common part of DICE certificate chain forward to
+# Hubris tasks
+[[dice_certs]]
+name = "a"
+address = 0x40100000
+size = 0xa00
+read = true
+write = false
+execute = false
+
+[[dice_certs]]
+name = "b"
+address = 0x40100000
+size = 0xa00
+read = true
+write = false
+execute = false
+
+# RAM region used to hand DICE artifacts forward to the attestation responder
+[[dice_alias]]
+name = "a"
+address = 0x40100a00
+size = 0x800
+read = true
+write = true
+execute = false
+
+[[dice_alias]]
+name = "b"
+address = 0x40100a00
+size = 0x800
+read = true
+write = true
+execute = false
diff --git a/idl/attest.idol b/idl/attest.idol
@@ -0,0 +1,39 @@
+// Interface to Root of Trust for Reporting (ROT-R) task.
+
+Interface(
+    name: "Attest",
+    ops: {
+        "cert_chain_len": (
+            doc: "Get the number of certs in the attestation cert chain",
+            args: {},
+            reply: Result(
+                ok: "u32",
+                err: CLike("AttestError"),
+            ),
+        ),
+        "cert": (
+            doc: "Get a cert from the RoT-R",
+            args: {
+				"index" : "u32",
+                "offset" : "usize",
+            },
+            leases: {
+                "dest": (type: "[u8]", write: true),
+            },
+            reply: Result(
+                ok: "()",
+                err: CLike("AttestError"),
+            ),
+        ),
+        "cert_len": (
+            doc: "Get length of a cert in the cert chain",
+            args: {
+                "index" : "u32",
+            },
+            reply: Result(
+                ok: "usize",
+                err: CLike("AttestError"),
+            ),
+        )
+    }
+)
diff --git a/lib/dice/src/cert.rs b/lib/dice/src/cert.rs
@@ -173,7 +173,7 @@ pub trait SubjectCnCertBuilder: CertBuilder {
 // Several functions in this module return arrays with the following lengths.
 // These consts are a work around to keep from having to enable an unstable
 // feature: generic_const_exprs.
-const FWID_LENGTH: usize =
+pub const FWID_LENGTH: usize =
     alias_cert_tmpl::FWID_RANGE.end - alias_cert_tmpl::FWID_RANGE.start;
 
 /// Trait for Certs with the TCG DICE TcbInfo structure w/ the FWID member.

diff --git a/lib/dice/src/lib.rs b/lib/dice/src/lib.rs
@@ -23,6 +23,7 @@ pub use crate::cert::{
     AliasCert, AliasCertBuilder, Cert, CertError, DeviceIdCert,
     DeviceIdCertBuilder, FwidCert, PersistIdSelfCertBuilder, SpMeasureCert,
     SpMeasureCertBuilder, TrustQuorumDheCert, TrustQuorumDheCertBuilder,
+    FWID_LENGTH,
 };
 mod csr;
 pub use crate::csr::PersistIdCsrBuilder;
@@ -297,7 +298,7 @@ impl RngSeed {
 }
 
 #[derive(Deserialize, Serialize, SerializedSize)]
-pub struct PersistIdCert(SizedBlob);
+pub struct PersistIdCert(pub SizedBlob);
 
 #[derive(Deserialize, Serialize, SerializedSize)]
-pub struct IntermediateCert(SizedBlob);
+pub struct IntermediateCert(pub SizedBlob);
diff --git a/task/attest-api/Cargo.toml b/task/attest-api/Cargo.toml
@@ -0,0 +1,18 @@
+[package]
+name = "attest-api"
+version = "0.1.0"
+edition = "2021"
+
+[dependencies]
+derive-idol-err = { path = "../../lib/derive-idol-err" }
+idol-runtime = { workspace = true }
+num-traits = { workspace = true }
+userlib = {  path = "../../sys/userlib", features = ["panic-messages"]  }
+zerocopy = { workspace = true }
+
+[build-dependencies]
+idol = { workspace = true }
+
+[lib]
+test = false
+bench = false
diff --git a/task/attest-api/build.rs b/task/attest-api/build.rs
@@ -0,0 +1,11 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at https://mozilla.org/MPL/2.0/.
+
+use idol::client;
+use std::error::Error;
+
+fn main() -> Result<(), Box<dyn Error + Send + Sync>> {
+    client::build_client_stub("../../idl/attest.idol", "client_stub.rs")?;
+    Ok(())
+}
diff --git a/task/attest-api/src/lib.rs b/task/attest-api/src/lib.rs
@@ -0,0 +1,23 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at https://mozilla.org/MPL/2.0/.
+
+//! API crate for the root of trust for reporting (RoT-R).
+
+#![no_std]
+
+use derive_idol_err::IdolError;
+use userlib::{sys_send, FromPrimitive};
+
+#[repr(u32)]
+#[derive(Copy, Clone, Debug, FromPrimitive, Eq, PartialEq, IdolError)]
+pub enum AttestError {
+    InvalidCertIndex = 1,
+    OutOfRange = 2,
+
+    #[idol(server_death)]
+    ServerRestarted,
+}
+
+// struct Rotr is defined in the code generated by the IDL.
+include!(concat!(env!("OUT_DIR"), "/client_stub.rs"));
diff --git a/task/attest/Cargo.toml b/task/attest/Cargo.toml
@@ -0,0 +1,23 @@
+[package]
+name = "task-attest"
+version = "0.1.0"
+edition = "2021"
+
+[dependencies]
+dice = { path = "../../lib/dice" }
+idol-runtime = { workspace = true }
+num-traits = { workspace = true }
+ringbuf = { path = "../../lib/ringbuf" }
+stage0-handoff = { path = "../../lib/stage0-handoff" }
+attest-api = { path = "../attest-api" }
+unwrap-lite = { path = "../../lib/unwrap-lite" }
+userlib = { path = "../../sys/userlib", features = ["panic-messages"] }
+zerocopy = { workspace = true }
+
+[build-dependencies]
+idol = { workspace = true }
+
+[[bin]]
+name = "task-attest"
+test = false
+bench = false
diff --git a/task/attest/build.rs b/task/attest/build.rs
@@ -0,0 +1,15 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at https://mozilla.org/MPL/2.0/.
+
+use idol::server::{self, ServerStyle};
+use std::error::Error;
+
+fn main() -> Result<(), Box<dyn Error + Send + Sync>> {
+    server::build_server_support(
+        "../../idl/attest.idol",
+        "server_stub.rs",
+        ServerStyle::InOrder,
+    )?;
+    Ok(())
+}