diff --git a/.gitignore b/.gitignore index 2c38f4e..e7b4035 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,9 @@ cache/ coreos.key* fcos-cvm.tar* +coreos/*.qcow2 *.ign *.ociarchive +secret tmp/ +trustee/keys diff --git a/README.md b/README.md index 4d42f2f..14a5cf0 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,11 @@ Work in progress documents about Confidential Clusters. +## Generate a key +```bash +ssh-keygen -f coreos.key +``` + ## Start fcos VM ```bash scripts/install_vm.sh -b config.bu -k "$(cat coreos.key.pub)" @@ -12,7 +17,7 @@ scripts/install_vm.sh -b config.bu -k "$(cat coreos.key.pub)" scripts/uninstall_vm.sh -n " ``` -## Example with local VMs, attestation and disk encryption +## Example with a local VM, attestation and disk encryption Currently, ignition does not support encrypting the disk using trustee (see this [RFC](https://github.com/coreos/ignition/issues/2099) for more details). Therefore, we need to build a custom initramfs @@ -27,25 +32,6 @@ just os=scos build oci-archive osbuild-qemu just build oci-archive osbuild-qemu ``` -In this example, we use 2 VMs, the first for running the trustee server while the second VM has been attested and its -root disk is encrypted using the secret stored in Trustee. - -As already mentioned, the information are hardcoded in the initial script since we lack ignition support. Hence, if the -entire setup feels rigid and manual, it will improve in the future with the ignition extension. - -Both VMs are created from the same image in order to retrieve the PCR registers from the TPM. This step and the VM can -be avoided once we are able to pre-calculate the PCRs. - -The script `create_vms.sh`: - 1. launches the first VM with Trustee - 2. waits until Trustee is reachable at port `8080` - 3. populates the KBS with the reference values, the attestation policy for register 4, 7, and 14, and the secret - 4. creates the second VM which will perform the attestation in order to encrypt its root disk - -```bash -scripts/create-vms.sh coreos.key.pub -``` - ### Create local Trustee deployment Generate the key pair for Trustee: @@ -70,25 +56,5 @@ scripts/populate-local-kbs.sh You can now launch the VM by exposing the trustee IP (for example, using the IP of `virbr0`). ```bash export TRUSTEE_ADDR=192.168.122.1 -scripts/install_vm.sh -k -b configs/ak.bu -i $(pwd)/coreos/fcos-qemu.x86_64.qcow2 -n -``` - - -### Example with the Confidential Clusters operator and a local VM - -If you have deployed Confidential Clusters with Trustee, and its KBS and register server are available at ports `8080` and `8000`, and the VM PCR values are configured with Trustee, you can instead run - -```bash -scripts/create-existing-trustee.sh coreos.key.pub -``` - -to only create the test VM, not the Trustee VM. -This assumes that libvirt's bridge to connect to your host is `virbr0`. -This bridge may not exist on your system yet, in which case you can simply run the script again. -If you are using `firewalld`, this may require allowing the respective ports: - -```bash -firewall-cmd --zone=libvirt --add-port=8080/tcp --permanent -firewall-cmd --zone=libvirt --add-port=8000/tcp --permanent -firewall-cmd --reload +scripts/install_vm.sh -k coreos.key.pub -b configs/ak.bu -i $(pwd)/coreos/fcos-qemu.x86_64.qcow2 -n ``` diff --git a/configs/luks.bu b/configs/luks.bu deleted file mode 100644 index 1b57acd..0000000 --- a/configs/luks.bu +++ /dev/null @@ -1,36 +0,0 @@ -variant: fcos -version: 1.6.0 - -ignition: - config: - merge: - - source: http://:8000/pin-trustee.ign - -passwd: - users: - - name: core - ssh_authorized_keys: - - - -storage: - files: - - path: /etc/profile.d/systemd-pager.sh - mode: 0644 - contents: - inline: | - # Tell systemd to not use a pager when printing information - export SYSTEMD_PAGER=cat - -systemd: - units: - - name: zincati.service - enabled: false - - name: serial-getty@ttyS0.service - dropins: - - name: autologin-core.conf - contents: | - [Service] - # Override Execstart in main unit - ExecStart= - # Add new Execstart with `-` prefix to ignore failure` - ExecStart=-/usr/sbin/agetty --autologin core --noclear %I $TERM diff --git a/configs/remote-ign/pin-trustee.bu b/configs/remote-ign/pin-trustee.bu index 53b8d61..aec58d0 100644 --- a/configs/remote-ign/pin-trustee.bu +++ b/configs/remote-ign/pin-trustee.bu @@ -10,7 +10,12 @@ storage: custom: needs_network: true pin: trustee - config: '{"servers":[{"url":"http://:8080","cert":""}],"path":"default/machine/root"}' + config: > + { + "servers":[{"url":"http://:8080","cert":""}], + "path":"default/machine/root", + "initdata":"{\"uuid\":\"machine\"}" + } wipe_volume: true filesystems: - device: /dev/mapper/root diff --git a/configs/trustee.bu b/configs/trustee.bu deleted file mode 100644 index b8b29eb..0000000 --- a/configs/trustee.bu +++ /dev/null @@ -1,36 +0,0 @@ -variant: fcos -version: 1.6.0 -passwd: - users: - - name: core - ssh_authorized_keys: - - - -systemd: - units: - - name: zincati.service - enabled: false - - name: serial-getty@ttyS0.service - dropins: - - name: autologin-core.conf - contents: | - [Service] - # Override Execstart in main unit - ExecStart= - # Add new Execstart with `-` prefix to ignore failure` - ExecStart=-/usr/sbin/agetty --autologin core --noclear %I $TERM - -storage: - trees: - - local: "." - path: "/" - directories: - - path: /var/srv/www - overwrite: true - files: - - path: /etc/profile.d/systemd-pager.sh - mode: 0644 - contents: - inline: | - # Tell systemd to not use a pager when printing information - export SYSTEMD_PAGER=cat diff --git a/configs/trustee/etc/containers/systemd/as-grpc.container b/configs/trustee/etc/containers/systemd/as-grpc.container deleted file mode 100644 index 2c87f35..0000000 --- a/configs/trustee/etc/containers/systemd/as-grpc.container +++ /dev/null @@ -1,20 +0,0 @@ -[Unit] -Description=Trustee GRPC Attestation Server -Wants=network-online.target -After=network-online.target -After=rvps.container -Requires=rvps.container - -[Container] -ContainerName=as -Image=quay.io/afrosi_rh/coco-as-grpc:latest -Network=trustee.network -Entrypoint=/usr/local/bin/grpc-as -PublishPort=50004:50004 -Volume=attestation-server-vol:/opt/confidential-containers/attestation-service -Volume=/var/as/as-config.json:/etc/as-config.json:z -Volume=/var/as/sgx_default_qcnl.conf:/etc/sgx_default_qcnl.conf:z -Exec=--socket 0.0.0.0:50004 --config-file /etc/as-config.json - -[Install] -WantedBy=default.target diff --git a/configs/trustee/etc/containers/systemd/kbc.container b/configs/trustee/etc/containers/systemd/kbc.container deleted file mode 100644 index 7b37674..0000000 --- a/configs/trustee/etc/containers/systemd/kbc.container +++ /dev/null @@ -1,13 +0,0 @@ -[Unit] -Description=Trustee KBS client container -After=key-generation.container - -[Container] -ContainerName=kbs-client -Image=quay.io/afrosi_rh/kbs-client-image:latest -Network=trustee.network -Volume=user-keys:/opt/confidential-containers/kbs/user-keys -Exec=tail -f /dev/null - -[Install] -WantedBy=default.target diff --git a/configs/trustee/etc/containers/systemd/kbs.container b/configs/trustee/etc/containers/systemd/kbs.container deleted file mode 100644 index 9ca1525..0000000 --- a/configs/trustee/etc/containers/systemd/kbs.container +++ /dev/null @@ -1,20 +0,0 @@ -[Unit] -Description=Trustee KBS container -After=key-generation.container - -[Container] -ContainerName=kbs -Image=quay.io/afrosi_rh/kbs-grpc-as:latest -Network=trustee.network -Entrypoint=/usr/local/bin/kbs -PublishPort=8080:8080 -Environment=RUST_LOG=debug -Volume=/var/kbs/config/kbs-config.toml:/opt/confidential-containers/kbs/config/kbs-config.toml:z -Volume=kbs-storage:/opt/confidential-containers/kbs/repository -Volume=nebula-ca:/opt/confidential-containers/kbs/nebula-ca -Volume=user-keys:/opt/confidential-containers/kbs/user-keys -Exec=--config-file \ - /opt/confidential-containers/kbs/config/kbs-config.toml - -[Install] -WantedBy=default.target diff --git a/configs/trustee/etc/containers/systemd/key-generation.container b/configs/trustee/etc/containers/systemd/key-generation.container deleted file mode 100644 index d190eff..0000000 --- a/configs/trustee/etc/containers/systemd/key-generation.container +++ /dev/null @@ -1,17 +0,0 @@ -[Unit] -Description=Trustee Key Generator -Wants=network-online.target -After=network-online.target - -[Container] -ContainerName=keyprovider -Image=docker.io/alpine/openssl:latest -Entrypoint=/bin/ash -Volume=user-keys:/opt/confidential-containers/kbs/user-keys -Exec=-c "if [ ! -s /opt/confidential-containers/kbs/user-keys/private.key ]; then \ - /usr/bin/openssl genpkey -algorithm ed25519 > /opt/confidential-containers/kbs/user-keys/private.key && \ - /usr/bin/openssl pkey -in /opt/confidential-containers/kbs/user-keys/private.key -pubout \ - -out /opt/confidential-containers/kbs/user-keys/public.pub; else exit 0; fi;" - -[Install] -WantedBy=default.target diff --git a/configs/trustee/etc/containers/systemd/keyprovider.container b/configs/trustee/etc/containers/systemd/keyprovider.container deleted file mode 100644 index 22c6fbb..0000000 --- a/configs/trustee/etc/containers/systemd/keyprovider.container +++ /dev/null @@ -1,17 +0,0 @@ -[Unit] -Description=Trustee Key Provider -Wants=network-online.target -After=key-generation.container - -[Container] -ContainerName=keyprovider -Image=ghcr.io/confidential-containers/coco-keyprovider:latest -Network=trustee.network -Entrypoint=/usr/local/bin/coco_keyprovider -PublishPort=50000:50000 -Volume=user-keys:/opt/confidential-containers/kbs/user-keys -Exec=--socket 0.0.0.0:50000 --kbs http://kbs:8080 \ - --auth-private-key /opt/confidential-containers/kbs/user-keys/private.key" - -[Install] -WantedBy=default.target diff --git a/configs/trustee/etc/containers/systemd/nginx.container b/configs/trustee/etc/containers/systemd/nginx.container deleted file mode 100644 index 6225d9d..0000000 --- a/configs/trustee/etc/containers/systemd/nginx.container +++ /dev/null @@ -1,14 +0,0 @@ -[Unit] -Description=nginx HTTP server emulating registration server -Wants=network-online.target -After=network-online.target - -[Container] -ContainerName=nginx -Image=quay.io/fedora/nginx-126:latest -PublishPort=8000:8080 -Volume=/srv/www:/opt/app-root/src:z -Exec=nginx -g "daemon off;" - -[Install] -WantedBy=default.target diff --git a/configs/trustee/etc/containers/systemd/rvps.container b/configs/trustee/etc/containers/systemd/rvps.container deleted file mode 100644 index b664c06..0000000 --- a/configs/trustee/etc/containers/systemd/rvps.container +++ /dev/null @@ -1,20 +0,0 @@ -[Unit] -Description=Trustee Reference Values Provider Service -Wants=network-online.target -After=network-online.target - -[Container] -ContainerName=rvps -Image=ghcr.io/confidential-containers/staged-images/rvps:latest -Network=trustee.network -Entrypoint=/usr/local/bin/rvps -PublishPort=50003:50003 -Volume=reference-values:/opt/confidential-containers/attestation-service/reference_values -Volume=/var/rvps/rvps.json:/etc/rvps.json:z -Exec=--address 0.0.0.0:50003 - -[Service] -Restart=always - -[Install] -WantedBy=default.target diff --git a/configs/trustee/etc/containers/systemd/trustee.network b/configs/trustee/etc/containers/systemd/trustee.network deleted file mode 100644 index 2174872..0000000 --- a/configs/trustee/etc/containers/systemd/trustee.network +++ /dev/null @@ -1,5 +0,0 @@ -[Network] -Driver=bridge -Subnet=10.89.0.0/24 -Gateway=10.89.0.1 - diff --git a/configs/trustee/opt/policy.rego b/configs/trustee/opt/policy.rego deleted file mode 100755 index 7f9ba66..0000000 --- a/configs/trustee/opt/policy.rego +++ /dev/null @@ -1,24 +0,0 @@ -package policy -import rego.v1 -default hardware := 97 -default configuration := 36 - -##### TPM -hardware := 2 if { - input.tpm.svn in data.reference.tpm_svn -} - -tpm_pcrs_valid if { - input.tpm.pcrs[4] in data.reference.tpm_pcr4 - input.tpm.pcrs[7] in data.reference.tpm_pcr7 -} - -executables := 3 if tpm_pcrs_valid -configuration := 2 if tpm_pcrs_valid - -##### Final decision -allow if { - hardware == 2 - executables == 3 - configuration == 2 -} diff --git a/configs/trustee/usr/local/bin/kbs-client b/configs/trustee/usr/local/bin/kbs-client deleted file mode 100755 index 53dd7d7..0000000 --- a/configs/trustee/usr/local/bin/kbs-client +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash - -set -euo pipefail -# set -x - -KBS="${KBS:-kbs:8080}" -KEY="${KEY:=/opt/confidential-containers/kbs/user-keys/private.key}" - -sudo podman exec -ti \ - kbs-client \ - kbs-client \ - --url "http://${KBS}" \ - config \ - --auth-private-key "${KEY}" \ - "${@}" diff --git a/configs/trustee/usr/local/bin/populate_kbs.sh b/configs/trustee/usr/local/bin/populate_kbs.sh deleted file mode 100755 index f31e083..0000000 --- a/configs/trustee/usr/local/bin/populate_kbs.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash - -set -euxo pipefail - -SECRET_PATH="${SECRET_PATH:=default/machine/root}" - -# Setup attestation policy -podman cp /opt/policy.rego kbs-client:/policy.rego -kbs-client set-attestation-policy --policy-file policy.rego --type rego --id default_cpu - -# Set ressource access policy -kbs-client set-resource-policy --affirming - -# Upload resource: LUKS root key -cat > secret << EOF -{ "key_type": "oct", "key": "2b442dd5db4478367729ef8bbf2e7480" } -EOF -podman cp secret kbs-client:/secret -kbs-client set-resource --resource-file /secret --path "${SECRET_PATH}" - -# Setup reference values -kbs-client set-sample-reference-value tpm_svn "1" - -# Use PCR values from the current host as reference values -# Skip PCR 14 for now -for i in {4,7}; do - value=$(sudo tpm2_pcrread sha256:${i} | awk -F: '/0x/ {sub(/.*0x/, "", $2); gsub(/[^0-9A-Fa-f]/, "", $2); print tolower($2)}') - kbs-client set-sample-reference-value "tpm_pcr${i}" "${value}" -done - -# Check reference values -kbs-client get-reference-values diff --git a/configs/trustee/var/as/as-config.json b/configs/trustee/var/as/as-config.json deleted file mode 100644 index 5918f54..0000000 --- a/configs/trustee/var/as/as-config.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "work_dir": "/opt/confidential-containers/attestation-service", - "policy_engine": "opa", - "rvps_config": { - "type": "GrpcRemote", - "address": "http://rvps:50003" - }, - "attestation_token_broker": { - "type": "Ear", - "duration_min": 5 - } -} diff --git a/configs/trustee/var/as/sgx_default_qcnl.conf b/configs/trustee/var/as/sgx_default_qcnl.conf deleted file mode 100644 index 45e98d6..0000000 --- a/configs/trustee/var/as/sgx_default_qcnl.conf +++ /dev/null @@ -1,63 +0,0 @@ -i{ - // *** ATTENTION : This file is in JSON format so the keys are case sensitive. Don't change them. - - //PCCS server address - //"pccs_url": "https://localhost:8081/sgx/certification/v4/" - - // To accept insecure HTTPS certificate, set this option to false - "use_secure_cert": true - - // You can use the Intel PCS or another PCCS to get quote verification collateral. Retrieval of PCK - // Certificates will always use the PCCS described in pccs_url. When collateral_service is not defined, both - // PCK Certs and verification collateral will be retrieved using pccs_url - ,"collateral_service": "https://api.trustedservices.intel.com/sgx/certification/v4/" - - // If you use a PCCS service to get the quote verification collateral, you can specify which PCCS API version is to be used. - // The legacy 3.0 API will return CRLs in HEX encoded DER format and the sgx_ql_qve_collateral_t.version will be set to 3.0, while - // the new 3.1 API will return raw DER format and the sgx_ql_qve_collateral_t.version will be set to 3.1. The pccs_api_version - // setting is ignored if collateral_service is set to the Intel PCS. In this case, the pccs_api_version is forced to be 3.1 - // internally. Currently, only values of 3.0 and 3.1 are valid. Note, if you set this to 3.1, the PCCS use to retrieve - // verification collateral must support the new 3.1 APIs. - //,"pccs_api_version": "3.1" - - // Maximum retry times for QCNL. If RETRY is not defined or set to 0, no retry will be performed. - // It will first wait one second and then for all forthcoming retries it will double the waiting time. - // By using retry_delay you disable this exponential backoff algorithm - ,"retry_times": 6 - - // Sleep this amount of seconds before each retry when a transfer has failed with a transient error - ,"retry_delay": 10 - - // If local_pck_url is defined, the QCNL will try to retrieve PCK cert chain from local_pck_url first, - // and failover to pccs_url as in legacy mode. - //,"local_pck_url": "http://localhost:8081/sgx/certification/v4/" - - // If local_pck_url is not defined, set pck_cache_expire_hours to a none-zero value will enable local cache. - // The PCK certificates will be cached in memory and then to the disk drive. - // ===== Important: Once the local cache files are created, currently there is no other way to clean them other - // than to delete them manually, or wait for them to expire after "pck_cache_expire_hours" hours. - // To delete the cache files manually, go to these foders: - // Linux : $AZDCAP_CACHE, $XDG_CACHE_HOME, $HOME, $TMPDIR, /tmp/ - // Windows : $AZDCAP_CACHE, $LOCALAPPDATA\..\..\LocalLow - // If there is a folder called .dcap-qcnl, delete it. Restart the service after all cache - // folders were deleted. The same method applies to "verify_collateral_cache_expire_hours" - ,"pck_cache_expire_hours": 168 - - // To set cache expire time for quote verification collateral in hours - // See the above comment for pck_cache_expire_hours for more information on the local cache. - ,"verify_collateral_cache_expire_hours": 168 - - // You can add custom request headers and parameters to the get certificate API. - // But the default PCCS implementation just ignores them. - //,"custom_request_options" : { - // "get_cert" : { - // "headers": { - // "head1": "value1" - // }, - // "params": { - // "param1": "value1", - // "param2": "value2" - // } - // } - //} -} diff --git a/configs/trustee/var/kbs/config/kbs-config.toml b/configs/trustee/var/kbs/config/kbs-config.toml deleted file mode 100644 index bf9b615..0000000 --- a/configs/trustee/var/kbs/config/kbs-config.toml +++ /dev/null @@ -1,18 +0,0 @@ -[http_server] -sockets = ["0.0.0.0:8080"] -insecure_http = true - -[attestation_token] -insecure_key = true - -[attestation_service] -type = "coco_as_grpc" -as_addr = "http://as:50004" - -[admin] -auth_public_key = "/opt/confidential-containers/kbs/user-keys/public.pub" - -[[plugins]] -name = "resource" -type = "LocalFs" -dir_path = "/opt/confidential-containers/kbs/repository" diff --git a/configs/trustee/var/rvps/rvps.json b/configs/trustee/var/rvps/rvps.json deleted file mode 100644 index 13e8441..0000000 --- a/configs/trustee/var/rvps/rvps.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "storage": { - "type":"LocalFs", - "file_path": "/opt/confidential-containers/attestation-service/reference_values" - } -} diff --git a/containerfiles/trustee.container b/containerfiles/trustee.container index ee349fa..5438da6 100644 --- a/containerfiles/trustee.container +++ b/containerfiles/trustee.container @@ -2,7 +2,7 @@ FROM fedora:rawhide AS builder # default is 'main' but can be e.g. COMMIT=v0.11.0 (with --build-arg COMMIT=v0.11.0) -ARG COMMIT=main +ARG COMMIT=skip-verify-initdata RUN dnf install -y perl clang make git \ tss2-devel tpm2-tss-devel \ @@ -11,7 +11,7 @@ RUN dnf install -y perl clang make git \ && dnf clean all RUN cd /usr/src/ && \ - git clone https://github.com/confidential-containers/trustee.git && \ + git clone https://github.com/trusted-execution-clusters/trustee.git && \ cd trustee && git checkout ${COMMIT} RUN cd /usr/src/trustee/kbs && \ diff --git a/coreos/Containerfile b/coreos/Containerfile index e6e09e9..3c31701 100644 --- a/coreos/Containerfile +++ b/coreos/Containerfile @@ -1,5 +1,5 @@ ARG BASE -FROM quay.io/trusted-execution-clusters/trustee-attester:2025-10-21 as kbc +FROM quay.io/trusted-execution-clusters/trustee-attester:2025-11-12 as kbc FROM quay.io/trusted-execution-clusters/clevis-pin-trustee as clevis FROM quay.io/trusted-execution-clusters/ignition:attestation as ignition FROM $BASE diff --git a/scripts/common.sh b/scripts/common.sh deleted file mode 100644 index 29b8c99..0000000 --- a/scripts/common.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash - -create_remote_ign_config () -{ - IP=$1 - # Setup remote ignition config - BUTANE=pin-trustee.bu - IGNITION="${BUTANE%.bu}.ign" - - sed "s//$IP/" configs/remote-ign/${BUTANE} > tmp/${BUTANE} - - podman run --interactive --rm --security-opt label=disable \ - --volume "$(pwd)/tmp:/pwd" \ - --workdir /pwd \ - quay.io/trusted-execution-clusters/butane:clevis-pin-trustee \ - --pretty --strict /pwd/$BUTANE --output "/pwd/$IGNITION" - echo "$IGNITION" -} diff --git a/scripts/create-existing-trustee-vm.sh b/scripts/create-existing-trustee-vm.sh deleted file mode 100755 index 5c7a62f..0000000 --- a/scripts/create-existing-trustee-vm.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash - -set -euo pipefail - -if [[ "${#}" -ne 1 ]]; then - echo "Usage: $0 " - exit 1 -fi - -KEY=$1 -CUSTOM_IMAGE="$(pwd)/fcos-cvm-qemu.x86_64.qcow2" - -scripts/install_vm.sh \ - -n existing-trustee \ - -b configs/luks.bu \ - -k "$(cat "$KEY")" \ - -f \ - -i "${CUSTOM_IMAGE}" diff --git a/scripts/create-test-vm.sh b/scripts/create-test-vm.sh deleted file mode 100755 index b19e7df..0000000 --- a/scripts/create-test-vm.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash - -set -euo pipefail -# set -x - -if [[ "${#}" -ne 1 ]]; then - echo "Usage: $0 " - exit 1 -fi - -KEY=$1 -CUSTOM_IMAGE="$(pwd)/fcos-cvm-qemu.x86_64.qcow2" - -scripts/install_vm.sh \ - -n vm \ - -b configs/luks.bu \ - -k "$(cat "$KEY")" \ - -f \ - -i "${CUSTOM_IMAGE}" \ - -m 4096 diff --git a/scripts/create-trustee-vm.sh b/scripts/create-trustee-vm.sh deleted file mode 100755 index 88bfee2..0000000 --- a/scripts/create-trustee-vm.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash - -set -euo pipefail -# set -x - -if [[ "${#}" -ne 1 ]]; then - echo "Usage: $0 " - exit 1 -fi - -KEY=$1 -STABLE_IMAGE="$(pwd)/fedora-coreos-42.20250705.3.0-qemu.x86_64.qcow2" - -if [[ ! -f "${STABLE_IMAGE}" ]]; then - # Download a fixed stable image that matches the one used for the container build with trustee - wget "https://builds.coreos.fedoraproject.org/prod/streams/stable/builds/42.20250705.3.0/x86_64/fedora-coreos-42.20250705.3.0-qemu.x86_64.qcow2.xz" - unxz "fedora-coreos-42.20250705.3.0-qemu.x86_64.qcow2.xz" -fi - -scripts/install_vm.sh \ - -n trustee \ - -b configs/trustee.bu \ - -k "$(cat $KEY)" \ - -f \ - -i "${STABLE_IMAGE}" diff --git a/scripts/create-vms.sh b/scripts/create-vms.sh deleted file mode 100755 index ebb5d1c..0000000 --- a/scripts/create-vms.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash - -set -euo pipefail -# set -x - -if [[ "${#}" -ne 1 ]]; then - echo "Usage: $0 " - exit 1 -fi - -KEY=$1 - -./scripts/create-trustee-vm.sh "$KEY" - -./scripts/populate-trustee-kbs.sh "$KEY" - -./scripts/create-test-vm.sh "$KEY" diff --git a/scripts/get-ip.sh b/scripts/get-ip.sh deleted file mode 100755 index 89c95c5..0000000 --- a/scripts/get-ip.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash - -set -euo pipefail -# set -x - -if [[ "${#}" -ne 1 ]]; then - echo "Usage: $0 " - exit 1 -fi - -vm=$1 -URL="--connect=qemu:///system" - -mac="$(virsh "${URL}" --quiet domiflist "${vm}" | awk '{ print $5 }')" -virsh "${URL}" --quiet net-dhcp-leases default --mac "${mac}" | awk '{ print $5 }' | sed 's|/24||' diff --git a/scripts/install_vm.sh b/scripts/install_vm.sh index db082d0..7a91070 100755 --- a/scripts/install_vm.sh +++ b/scripts/install_vm.sh @@ -3,7 +3,22 @@ set -euo pipefail # set -x -source scripts/common.sh +create_remote_ign_config () +{ + IP=$1 + # Setup remote ignition config + BUTANE=pin-trustee.bu + IGNITION="${BUTANE%.bu}.ign" + + sed "s//$IP/" configs/remote-ign/${BUTANE} > tmp/${BUTANE} + + podman run --interactive --rm --security-opt label=disable \ + --volume "$(pwd)/tmp:/pwd" \ + --workdir /pwd \ + quay.io/confidential-clusters/butane:clevis-pin-trustee \ + --pretty --strict /pwd/$BUTANE --output "/pwd/$IGNITION" + echo "$IGNITION" +} force=false while getopts "k:b:n:fi:m:" opt; do @@ -62,20 +77,9 @@ butane_name="$(basename ${butane})" IGNITION_FILE="tmp/${butane_name%.bu}.ign" IGNITION_CONFIG="$(pwd)/${IGNITION_FILE}" bufile="./tmp/${butane_name}" -if [[ "$VM_NAME" == "vm" ]]; then - IP="$(./scripts/get-ip.sh trustee)" - sed "s||$key|g" $butane | sed "s//$IP/" > ${bufile} -elif [[ "$VM_NAME" == "existing-trustee" ]]; then - sed "s||key|g; - s||$(ip route | grep virbr0 | cut -d' ' -f9)|g; - s|pin-trustee.ign|ignition-clevis-pin-trustee|g" "$butane" > "$bufile" -elif [ ! -z "$TRUSTEE_ADDR" ]; then - sed "s||key|g; - s||$TRUSTEE_ADDR|g;" "$butane" > "$bufile" - create_remote_ign_config $TRUSTEE_ADDR -else - sed "s||$key|g" $butane > ${bufile} -fi +sed "s||$key|g; + s||$TRUSTEE_ADDR|g;" "$butane" > "$bufile" +create_remote_ign_config $TRUSTEE_ADDR butane_args=() diff --git a/scripts/populate-local-kbs.sh b/scripts/populate-local-kbs.sh index b035af3..76cd768 100755 --- a/scripts/populate-local-kbs.sh +++ b/scripts/populate-local-kbs.sh @@ -15,12 +15,24 @@ $KBC --url $URL config \ set-resource --path default/machine/root \ --resource-file $(pwd)/secret +cat < tmp/resource-policy.rego +package policy +import rego.v1 + +default allow := false + +allow if { + input.submods.cpu0["ear.status"] == "affirming" + input.submods.cpu0["ear.veraison.annotated-evidence"].init_data_claims.uuid == split(data["resource-path"], "/")[2] +} +EOF + $KBC --url http://localhost:8080 config \ --auth-private-key $KEY \ - set-resource-policy --allow-all + set-resource-policy --policy-file tmp/resource-policy.rego -cat <attestation-policy.rego +cat < tmp/attestation-policy.rego package policy import rego.v1 default hardware := 97 @@ -69,4 +81,4 @@ $KBC --url $URL config \ get-reference-values $KBC --url $URL config \ --auth-private-key $KEY \ - set-attestation-policy --policy-file attestation-policy.rego --id default_cpu --type rego + set-attestation-policy --policy-file tmp/attestation-policy.rego --id default_cpu --type rego diff --git a/scripts/populate-trustee-kbs.sh b/scripts/populate-trustee-kbs.sh deleted file mode 100755 index f55cb7d..0000000 --- a/scripts/populate-trustee-kbs.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/bash - -set -euo pipefail -# set -x -source common.sh - -if [[ "${#}" -ne 1 ]]; then - echo "Usage: $0 " - exit 1 -fi - -KEY=$1 -TRUSTEE_PORT=8080 - -# Setup reference values, policies and secrets -until IP="$(./scripts/get-ip.sh trustee)" && [ -n "$IP" ] && curl "http://${IP}:${TRUSTEE_PORT}" >/dev/null 2>&1; do - echo "Waiting for KBS to be available..." - sleep 1 -done -until ssh core@$IP \ - -i "${KEY%.*}" \ - -o StrictHostKeyChecking=no \ - -o UserKnownHostsFile=/dev/null \ - 'sudo /usr/local/bin/populate_kbs.sh'; do - echo "Waiting for KBS to be populated..." - sleep 1 -done - -# Setup remote ignition config -IGNITION=$(create_remote_ign_config) - -scp -i "${KEY%.*}" \ - -o StrictHostKeyChecking=no \ - -o UserKnownHostsFile=/dev/null \ - tmp/${IGNITION} core@$IP: - -ssh core@$IP \ - -i "${KEY%.*}" \ - -o StrictHostKeyChecking=no \ - -o UserKnownHostsFile=/dev/null \ - "sudo mv $IGNITION /srv/www && sudo systemctl restart nginx.service" diff --git a/trustee.yaml b/trustee.yaml index 69a0a2d..e96a20b 100644 --- a/trustee.yaml +++ b/trustee.yaml @@ -25,7 +25,7 @@ spec: mountPath: /data - name: kbs - image: quay.io/trusted-execution-clusters/key-broker-service:latest + image: quay.io/trusted-execution-clusters/key-broker-service:skip-verify-initdata-20251031 command: ["kbs", "--config-file", "/config/kbs-config.toml"] ports: - containerPort: 8080