guest-components: Read config from file

Hard-code reading aa_kbc_params from /etc/agent-config.toml Fixes: confidential-containers#364 Signed-off-by: stevenhorsman <[email protected]>
stevenhorsman · Sep 19, 2023 · 5480bd6 · 5480bd6
1 parent ebdfecc
commit 5480bd6
Showing 1 changed file with 40 additions and 1 deletion.
diff --git a/confidential-data-hub/kms/src/plugins/kbs/mod.rs b/confidential-data-hub/kms/src/plugins/kbs/mod.rs
@@ -32,7 +32,14 @@ enum RealClient {
 
 impl RealClient {
     async fn new() -> Result<Self> {
-        let (kbc, _kbs_host) = get_aa_params_from_cmdline().await?;
+
+         // Check for /peerpod/daemon.json to see if we are in a peer pod
+        // If so we need to read from the agent-config file, not /proc/cmdline
+        let (kbc, _kbs_host) = if Path::new("/peerpod/daemon.json").exists() {
+            get_aa_params_from_config_file().await?
+        } else {
+            get_aa_params_from_cmdline().await?
+        };
         let c = match &kbc[..] {
             #[cfg(feature = "kbs")]
             "cc_kbc" => RealClient::Cc(cc_kbc::CcKbc::new(&_kbs_host).await?),
@@ -126,3 +133,35 @@ async fn get_aa_params_from_cmdline() -> Result<(String, String)> {
 
     Ok((aa_kbc_params[0].to_string(), aa_kbc_params[1].to_string()))
 }
+
+async fn get_aa_params_from_config_file() -> Result<(String, String)> {
+    use tokio::fs;
+
+    // We only care about the aa_kbc_params value at the moment
+    #[derive(Debug, Deserialize)]
+    struct AgentConfig {
+        aa_kbc_params: Option<String>,
+    }
+
+    // Hard-code agent config path to "/etc/agent-config.toml" as a workaround
+    let agent_config_str = fs::read_to_string("/etc/agent-config.toml")
+        .expect("Failed to read /etc/agent-config.toml file");
+
+    let agent_config: AgentConfig =
+        toml::from_str(&agent_config_str).expect("Failed to deserialize /etc/agent-config.toml");
+
+    let aa_kbc_params = agent_config.aa_kbc_params
+    .ok_or(Error::KbsClientError(
+        "no `aa_kbc_params` found in /etc/agent-config.toml".into(),
+    ))?
+        .split("::")
+        .collect::<Vec<&str>>();
+
+    if aa_kbc_params.len() != 2 {
+        return Err(Error::KbsClientError(
+            "Illegal `aa_kbc_params` format provided in /etc/agent-config.toml.".to_string(),
+        ));
+    }
+
+    Ok((aa_kbc_params[0].to_string(), aa_kbc_params[1].to_string()))
+}