attestation: tdx issuer/validator (#1265)

* Add TDX validator * Add TDX issuer --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2025-08-01 19:46:07 -04:00 · 2023-03-08 14:13:57 +01:00 · 2023-03-08 14:13:57 +01:00 · dd2da25ebe
commit dd2da25ebe
parent d104af6e51
53 changed files with 808 additions and 229 deletions
--- a/bootstrapper/cmd/bootstrapper/BUILD.bazel
+++ b/bootstrapper/cmd/bootstrapper/BUILD.bazel
@ -23,7 +23,9 @@ go_library(
        "//bootstrapper/internal/nodelock",
        "//internal/atls",
        "//internal/attestation/choose",
+        "//internal/attestation/initialize",
        "//internal/attestation/simulator",
+        "//internal/attestation/tdx",
        "//internal/attestation/vtpm",
        "//internal/cloud/aws",
        "//internal/cloud/azure",
--- a/bootstrapper/cmd/bootstrapper/main.go
+++ b/bootstrapper/cmd/bootstrapper/main.go
@ -23,6 +23,7 @@ import (
 	"github.com/edgelesssys/constellation/v2/bootstrapper/internal/logging"
 	"github.com/edgelesssys/constellation/v2/internal/attestation/choose"
 	"github.com/edgelesssys/constellation/v2/internal/attestation/simulator"
+	"github.com/edgelesssys/constellation/v2/internal/attestation/tdx"
 	"github.com/edgelesssys/constellation/v2/internal/attestation/vtpm"
 	awscloud "github.com/edgelesssys/constellation/v2/internal/cloud/aws"
 	azurecloud "github.com/edgelesssys/constellation/v2/internal/cloud/azure"
@ -63,7 +64,7 @@ func main() {
 	var clusterInitJoiner clusterInitJoiner
 	var metadataAPI metadataAPI
 	var cloudLogger logging.CloudLogger
-	var openTPM vtpm.TPMOpenFunc
+	var openDevice vtpm.TPMOpenFunc
 	var fs afero.Fs

 	helmClient, err := helm.New(log)
@ -97,7 +98,7 @@ func main() {
 			"aws", k8sapi.NewKubernetesUtil(), &k8sapi.KubdeadmConfiguration{}, kubectl.New(),
 			metadata, helmClient, &kubewaiter.CloudKubeAPIWaiter{},
 		)
-		openTPM = vtpm.OpenVTPM
+		openDevice = vtpm.OpenVTPM
 		fs = afero.NewOsFs()

 	case cloudprovider.GCP:
@ -117,7 +118,7 @@ func main() {
 			"gcp", k8sapi.NewKubernetesUtil(), &k8sapi.KubdeadmConfiguration{}, kubectl.New(),
 			metadata, helmClient, &kubewaiter.CloudKubeAPIWaiter{},
 		)
-		openTPM = vtpm.OpenVTPM
+		openDevice = vtpm.OpenVTPM
 		fs = afero.NewOsFs()
 		log.Infof("Added load balancer IP to routing table")

@ -136,7 +137,7 @@ func main() {
 			metadata, helmClient, &kubewaiter.CloudKubeAPIWaiter{},
 		)

-		openTPM = vtpm.OpenVTPM
+		openDevice = vtpm.OpenVTPM
 		fs = afero.NewOsFs()

 	case cloudprovider.QEMU:
@ -148,7 +149,16 @@ func main() {
 		)
 		metadataAPI = metadata

-		openTPM = vtpm.OpenVTPM
+		switch attestVariant {
+		case variant.QEMUVTPM{}:
+			openDevice = vtpm.OpenVTPM
+		case variant.QEMUTDX{}:
+			openDevice = func() (io.ReadWriteCloser, error) {
+				return tdx.Open()
+			}
+		default:
+			log.Fatalf("Unsupported attestation variant: %s", attestVariant)
+		}
 		fs = afero.NewOsFs()
 	case cloudprovider.OpenStack:
 		cloudLogger = &logging.NopLogger{}
@ -162,19 +172,18 @@ func main() {
 		)
 		metadataAPI = metadata

-		openTPM = vtpm.OpenVTPM
 		fs = afero.NewOsFs()
 	default:
 		clusterInitJoiner = &clusterFake{}
 		metadataAPI = &providerMetadataFake{}
 		cloudLogger = &logging.NopLogger{}
 		var simulatedTPMCloser io.Closer
-		openTPM, simulatedTPMCloser = simulator.NewSimulatedTPMOpenFunc()
+		openDevice, simulatedTPMCloser = simulator.NewSimulatedTPMOpenFunc()
 		defer simulatedTPMCloser.Close()
 		fs = afero.NewMemMapFs()
 	}

 	fileHandler := file.NewHandler(fs)

-	run(issuer, openTPM, fileHandler, clusterInitJoiner, metadataAPI, bindIP, bindPort, log, cloudLogger)
+	run(issuer, openDevice, fileHandler, clusterInitJoiner, metadataAPI, bindIP, bindPort, log, cloudLogger)
 }
--- a/bootstrapper/cmd/bootstrapper/run.go
+++ b/bootstrapper/cmd/bootstrapper/run.go
@ -17,6 +17,7 @@ import (
 	"github.com/edgelesssys/constellation/v2/bootstrapper/internal/logging"
 	"github.com/edgelesssys/constellation/v2/bootstrapper/internal/nodelock"
 	"github.com/edgelesssys/constellation/v2/internal/atls"
+	"github.com/edgelesssys/constellation/v2/internal/attestation/initialize"
 	"github.com/edgelesssys/constellation/v2/internal/attestation/vtpm"
 	"github.com/edgelesssys/constellation/v2/internal/constants"
 	"github.com/edgelesssys/constellation/v2/internal/file"
@ -25,7 +26,7 @@ import (
 	"go.uber.org/zap"
 )

-func run(issuer atls.Issuer, tpm vtpm.TPMOpenFunc, fileHandler file.Handler,
+func run(issuer atls.Issuer, openDevice vtpm.TPMOpenFunc, fileHandler file.Handler,
 	kube clusterInitJoiner, metadata metadataAPI,
 	bindIP, bindPort string, log *logger.Logger,
 	cloudLogger logging.CloudLogger,
@ -44,7 +45,7 @@ func run(issuer atls.Issuer, tpm vtpm.TPMOpenFunc, fileHandler file.Handler,
 		cloudLogger.Disclose("Disk UUID: " + uuid)
 	}

-	nodeBootstrapped, err := vtpm.IsNodeBootstrapped(tpm)
+	nodeBootstrapped, err := initialize.IsNodeBootstrapped(openDevice)
 	if err != nil {
 		log.With(zap.Error(err)).Fatalf("Failed to check if node was previously bootstrapped")
 	}
@ -56,7 +57,7 @@ func run(issuer atls.Issuer, tpm vtpm.TPMOpenFunc, fileHandler file.Handler,
 		return
 	}

-	nodeLock := nodelock.New(tpm)
+	nodeLock := nodelock.New(openDevice)
 	initServer, err := initserver.New(context.Background(), nodeLock, kube, issuer, fileHandler, metadata, log)
 	if err != nil {
 		log.With(zap.Error(err)).Fatalf("Failed to create init server")