kata-containers · danmihai1 · Jan 9, 2024 · Xynnn007 · Jan 10, 2024 · danmihai1
diff --git a/src/agent/Cargo.lock b/src/agent/Cargo.lock
diff --git a/src/agent/Cargo.toml b/src/agent/Cargo.toml
@@ -73,6 +73,11 @@ reqwest = { version = "0.11.14", optional = true }
 # The "vendored" feature for openssl is required for musl build
 openssl = { version = "0.10.54", features = ["vendored"], optional = true }
 
+# Policy validation
+sha2 = { version = "0.10.6", optional = true }
+sev = { version = "2.0.2", default-features = false, features = ["snp"], optional = true }
+vmm-sys-util = { version = "0.11.0", optional = true }
+
 [dev-dependencies]
 tempfile = "3.1.0"
 test-utils = { path = "../libs/test-utils" }
@@ -89,7 +94,7 @@ lto = true
 [features]
 seccomp = ["rustjail/seccomp"]
 standard-oci-runtime = ["rustjail/standard-oci-runtime"]
-agent-policy = ["http", "openssl", "reqwest"]
+agent-policy = ["http", "openssl", "reqwest", "sev", "sha2", "vmm-sys-util"]
 
 [[bin]]
 name = "kata-agent"

diff --git a/src/agent/src/main.rs b/src/agent/src/main.rs
@@ -76,6 +76,10 @@ mod tracer;
 
 #[cfg(feature = "agent-policy")]
 mod policy;
+#[cfg(feature = "agent-policy")]
+mod sev;
+#[cfg(feature = "agent-policy")]
+mod tdx;
 
 cfg_if! {
     if #[cfg(target_arch = "s390x")] {

diff --git a/src/agent/src/policy.rs b/src/agent/src/policy.rs
@@ -6,11 +6,14 @@
 use anyhow::{bail, Result};
 use protobuf::MessageDyn;
 use serde::{Deserialize, Serialize};
+use sha2::{Digest, Sha256, Sha384};
 use slog::Drain;
 use tokio::io::AsyncWriteExt;
 use tokio::time::{sleep, Duration};
 
 use crate::rpc::ttrpc_error;
+use crate::sev::get_snp_host_data;
+use crate::tdx::get_tdx_mrconfigid;
 use crate::AGENT_POLICY;
 
 static EMPTY_JSON_INPUT: &str = "{\"input\":{}}";
@@ -176,6 +179,8 @@ impl AgentPolicy {
 
     /// Replace the Policy in OPA.
     pub async fn set_policy(&mut self, policy: &str) -> Result<()> {
+        verify_policy_digest(policy)?;
+
         if let Some(opa_client) = &mut self.opa_client {
             // Delete the old rules.
             opa_client.delete(&self.policy_path).send().await?;
@@ -297,3 +302,65 @@ fn start_opa(opa_addr: &str) -> Result<()> {
     }
     bail!("OPA binary not found in {:?}", &bin_dirs);
 }
+
+fn verify_policy_digest(policy: &str) -> Result<()> {
+    // TODO: check if the user configured this Guest VM as using either SNP or TDX,
+    // and if that's the case return an error if the TEE attestation report didn't
+    // provide a policy digest value.
+
+    if let Ok(expected_digest) = get_tdx_mrconfigid() {
+        info!(sl!(), "policy: TDX expected digest ({:?})", expected_digest);
+        verify_sha_384(policy, expected_digest.as_slice())
+    } else if let Ok(expected_digest) = get_snp_host_data() {
+        info!(sl!(), "policy: SNP expected digest ({:?})", expected_digest);
+        // TODO: fix the SNP CI machines and then don't ignore zeroes anymore.
+        let ignore_zero_digest = true;
+        verify_sha_256(policy, expected_digest.as_slice(), ignore_zero_digest)
+    } else {
+        warn!(sl!(), "policy: integrity has not been verified!");
+        Ok(())
+    }
+}
+
+fn verify_sha_384(policy: &str, expected_digest: &[u8]) -> Result<()> {
+    let mut hasher = Sha384::new();
+    hasher.update(policy.as_bytes());
+    let digest = hasher.finalize();
+    info!(sl!(), "policy: calculated digest ({:?})", digest);
+
+    if expected_digest != digest.as_slice() {
+        bail!(
+            "policy: rejecting unexpected digest ({:?}), expected ({:?})",
+            digest.as_slice(),
+            expected_digest
+        );
+    }
+
+    Ok(())
+}
+
+pub fn verify_sha_256(
+    policy: &str,
+    expected_digest: &[u8],
+    ignore_zero_digest: bool,
+) -> Result<()> {
+    let mut hasher = Sha256::new();
+    hasher.update(policy.as_bytes());
+    let digest = hasher.finalize();
+    info!(sl!(), "policy: calculated digest ({:?})", digest);
+
+    if expected_digest != digest.as_slice() {
+        if ignore_zero_digest && !expected_digest.iter().any(|&x| x != 0) {
+            error!(sl!(), "Temporarily ignoring incorrect SNP Host Data field");
+            return Ok(());
+        }
+
+        bail!(
+            "policy: rejecting unexpected digest ({:?}), expected ({:?})",
+            digest,
+            expected_digest
+        );
+    }
+
+    Ok(())
+}
diff --git a/src/agent/src/sev.rs b/src/agent/src/sev.rs
@@ -0,0 +1,19 @@
+// Copyright (c) 2023 Microsoft Corporation
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+use anyhow::Result;
+
+pub fn get_snp_host_data() -> Result<Vec<u8>> {
+    match sev::firmware::guest::Firmware::open() {
+        Ok(mut firmware) => {
+            let report_data: [u8; 64] = [0; 64];
+            match firmware.get_report(None, Some(report_data), Some(0)) {
+                Ok(report) => Ok(report.host_data.to_vec()),
+                Err(e) => Err(e.into()),
+            }
+        }
+        Err(e) => Err(e.into()),
+    }
+}