Pass CWCOW UVM measurements to sidecar GCS

ambarve · ambarve · commit 8d6f82138c83 · 2025-10-29T12:31:30.000-04:00
A reference_info.cose file is usually shipped along with other UVM boot files. This file
contains signed measurements of the UVM. We need to pass the contents of this file to the
sidecar GCS so that it can make it available to the containers running inside the UVM.

Signed-off-by: Amit Barve &lt;ambarve@microsoft.com&gt;
diff --git a/internal/gcs-sidecar/host.go b/internal/gcs-sidecar/host.go
@@ -182,6 +182,7 @@ func (h *Host) SetWCOWConfidentialUVMOptions(ctx context.Context, securityPolicy
 
 	h.securityPolicyEnforcer = p
 	h.securityPolicyEnforcerSet = true
+	h.uvmReferenceInfo = securityPolicyRequest.EncodedUVMReference
 
 	return nil
 }
diff --git a/internal/oci/uvm.go b/internal/oci/uvm.go
@@ -248,6 +248,7 @@ func handleWCOWSecurityPolicy(ctx context.Context, a map[string]string, wopts *u
 	wopts.SecurityPolicyEnforcer = ParseAnnotationsString(a, annotations.WCOWSecurityPolicyEnforcer, wopts.SecurityPolicyEnforcer)
 	wopts.DisableSecureBoot = ParseAnnotationsBool(ctx, a, annotations.WCOWDisableSecureBoot, false)
 	wopts.GuestStateFilePath = ParseAnnotationsString(a, annotations.WCOWGuestStateFile, uvm.GetDefaultConfidentialVMGSPath())
+	wopts.UVMReferenceInfoFile = ParseAnnotationsString(a, annotations.WCOWReferenceInfoFile, uvm.GetDefaultReferenceInfoFilePath())
 	wopts.IsolationType = "SecureNestedPaging"
 	if noSecurityHardware := ParseAnnotationsBool(ctx, a, annotations.NoSecurityHardware, false); noSecurityHardware {
 		wopts.IsolationType = "GuestStateOnly"
diff --git a/internal/protocol/guestresource/resources.go b/internal/protocol/guestresource/resources.go
@@ -244,10 +244,5 @@ type LCOWSecurityPolicyFragment struct {
 type WCOWConfidentialOptions struct {
 	EnforcerType          string `json:"EnforcerType,omitempty"`
 	EncodedSecurityPolicy string `json:"EncodedSecurityPolicy,omitempty"`
-	// Optional security policy
-	WCOWSecurityPolicy string
-	// Set when there is a security policy to apply on actual SNP hardware, use this rathen than checking the string length
-	WCOWSecurityPolicyEnabled bool
-	// Set which security policy enforcer to use (open door or rego). This allows for better fallback mechanic.
-	WCOWSecurityPolicyEnforcer string
+	EncodedUVMReference   string `json:"EncodedUVMReference,omitempty"`
 }
diff --git a/internal/uvm/create_wcow.go b/internal/uvm/create_wcow.go
@@ -49,6 +49,7 @@ type ConfidentialWCOWOptions struct {
 	SecurityPolicyEnabled  bool   // Set when there is a security policy to apply on actual SNP hardware, use this rathen than checking the string length
 	SecurityPolicy         string // Optional security policy
 	SecurityPolicyEnforcer string // Set which security policy enforcer to use (open door or rego). This allows for better fallback mechanic.
+	UVMReferenceInfoFile   string // Path to the file that contains the signed UVM measurements
 
 	/* Below options are only included for testing/debugging purposes - shouldn't be used in regular scenarios */
 	IsolationType      string
@@ -90,6 +91,10 @@ func GetDefaultConfidentialEFIPath() string {
 	return filepath.Join(defaultConfidentialWCOWOSBootFilesPath(), "boot.vhd")
 }
 
+func GetDefaultReferenceInfoFilePath() string {
+	return filepath.Join(defaultConfidentialWCOWOSBootFilesPath(), "reference_info.cose")
+}
+
 // NewDefaultOptionsWCOW creates the default options for a bootable version of
 // WCOW. The caller `MUST` set the `BootFiles` on the returned value.
 //
diff --git a/internal/uvm/security_policy.go b/internal/uvm/security_policy.go
@@ -53,6 +53,24 @@ func WithWCOWSecurityPolicyEnforcer(enforcer string) WCOWConfidentialUVMOpt {
 	}
 }
 
+// WithUVMReferenceInfo reads UVM reference info file and base64 encodes the
+// content before setting it for the resource. This is no-op if the
+// path is empty or the file doesn't exist.
+func WithWCOWUVMReferenceInfo(path string) WCOWConfidentialUVMOpt {
+	return func(ctx context.Context, r *guestresource.WCOWConfidentialOptions) error {
+		encoded, err := base64EncodeFileContents(path)
+		if err != nil {
+			if os.IsNotExist(err) {
+				log.G(ctx).WithField("filePath", path).Debug("UVM reference info file not found")
+				return nil
+			}
+			return fmt.Errorf("failed to read UVM reference info file: %w", err)
+		}
+		r.EncodedUVMReference = encoded
+		return nil
+	}
+}
+
 func (uvm *UtilityVM) SetWCOWConfidentialUVMOptions(ctx context.Context, opts ...WCOWConfidentialUVMOpt) error {
 	if uvm.operatingSystem != "windows" {
 		return errNotSupported
diff --git a/internal/uvm/start.go b/internal/uvm/start.go
@@ -341,6 +341,7 @@ func (uvm *UtilityVM) Start(ctx context.Context) (err error) {
 		copts := []WCOWConfidentialUVMOpt{
 			WithWCOWSecurityPolicy(uvm.createOpts.(*OptionsWCOW).SecurityPolicy),
 			WithWCOWSecurityPolicyEnforcer(uvm.createOpts.(*OptionsWCOW).SecurityPolicyEnforcer),
+			WithWCOWUVMReferenceInfo(uvm.createOpts.(*OptionsWCOW).UVMReferenceInfoFile),
 		}
 		if err := uvm.SetWCOWConfidentialUVMOptions(ctx, copts...); err != nil {
 			return err

Original file line number	Diff line number	Diff line change
`@@ -182,6 +182,7 @@ func (h *Host) SetWCOWConfidentialUVMOptions(ctx context.Context, securityPolicy`
`182`	`182`
`183`	`183`	`h.securityPolicyEnforcer = p`
`184`	`184`	`h.securityPolicyEnforcerSet = true`
	`185`	`+ h.uvmReferenceInfo = securityPolicyRequest.EncodedUVMReference`
`185`	`186`
`186`	`187`	`return nil`
`187`	`188`	`}`
Original file line number	Diff line number	Diff line change
`@@ -341,6 +341,7 @@ func (uvm *UtilityVM) Start(ctx context.Context) (err error) {`
`341`	`341`	`copts := []WCOWConfidentialUVMOpt{`
`342`	`342`	`WithWCOWSecurityPolicy(uvm.createOpts.(*OptionsWCOW).SecurityPolicy),`
`343`	`343`	`WithWCOWSecurityPolicyEnforcer(uvm.createOpts.(*OptionsWCOW).SecurityPolicyEnforcer),`
	`344`	`+ WithWCOWUVMReferenceInfo(uvm.createOpts.(*OptionsWCOW).UVMReferenceInfoFile),`
`344`	`345`	`}`
`345`	`346`	`if err := uvm.SetWCOWConfidentialUVMOptions(ctx, copts...); err != nil {`
`346`	`347`	`return err`