Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Rust SDK framework for CC API VM SDK [Ready to Merge] #31

Merged
merged 13 commits into from
Jan 11, 2024
Merged

Rust SDK framework for CC API VM SDK [Ready to Merge] #31

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
0743c0d
initial commit for Rust SDK framework for CC API VM SDK
hairongchen Dec 25, 2023
df34b3d
update according to comments: move type TPM to 0
hairongchen Dec 25, 2023
1716b8c
clear code and format
hairongchen Dec 25, 2023
254da52
This commit fix follows:
hairongchen Dec 28, 2023
2c013b5
Merge branch 'cc-api:main' into rust_sdk_framework
hairongchen Dec 28, 2023
3237aa3
updates according to review comments:
hairongchen Jan 11, 2024
c18b69a
rust github action: update rust toolchain
hairongchen Jan 11, 2024
ecb4b30
refine rust check github action
hairongchen Jan 11, 2024
a760f1d
refine the action
hairongchen Jan 11, 2024
4e151e6
update runner
hairongchen Jan 11, 2024
f368ead
update code format according to rust code scan report
hairongchen Jan 11, 2024
b9accb6
update cargo base work dir
hairongchen Jan 11, 2024
3f3fc3c
add check for VM SDK
hairongchen Jan 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 16 additions & 0 deletions common/rust/cctrusted_base/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
[package]
name = "cctrusted_base"
version = "0.1.0"
edition = "2021"

[lib]
name = "cctrusted_base"
path = "src/lib.rs"

[dependencies]
anyhow = "1.0"
base64 = "0.13.0"
log = "0.4.20"
sha2 = "0.10"
nix = "0.26.2"
lazy_static = "1.4.0"
59 changes: 59 additions & 0 deletions common/rust/cctrusted_base/src/binary_blob.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
use log::info;

/* dumnp raw cc report in following format:
00000000 04 00 02 00 81 00 00 00 00 00 00 00 93 9A 72 33 ..............r3
00000010 F7 9C 4C A9 94 0A 0D B3 95 7F 06 07 D5 68 59 C7 ..L..........hY.
00000020 35 FB B4 91 29 27 55 B2 E8 E8 23 B6 00 00 00 00 5...)'U...#.....
...
*/

pub fn dump_data(data: &Vec<u8>) {
let mut index: usize = 0;
let mut linestr = "".to_string();
let mut printstr = "".to_string();

let printable = vec![
' ', '\t', '\n', '\r', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm',
'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', 'A', 'B', 'C', 'D', 'E',
'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W',
'X', 'Y', 'Z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e',
'f', 'A', 'B', 'C', 'D', 'E', 'F', '#', '$', '%', '&', '\'', '(', ')', '*', '+', ',', '-',
'.', '/', ':', ';', '<', '=', '>', '?', '@', '[', '\\', ']', '^', '_', '`', '{', '|', '}',
'~', '"', '!',
];

while usize::from(index) < data.len() {
if index % 16 == 0 {
if printstr.len() != 0 {
info!("{} {}", linestr, printstr);
printstr = "".to_string();
}
linestr = format!("{:08X} ", ((index / 16) as u16) * 16);
}

let v = data[index];
linestr.push_str(format!("{:02X} ", v).as_str());
match printable.iter().position(|&c| c == (v as char)) {
Some(_) => {
if v < 0x9 || v > 0xD {
printstr.push_str(std::str::from_utf8(&[v]).unwrap());
} else {
printstr.push_str(".");
}
}
None => printstr.push_str("."),
}

index += 1;
}

if index % 16 != 0 {
let mut blank = "".to_string();
for _ in 1..=(16 - index % 16) {
blank.push_str(" ");
}
info!("{}{} {}", linestr, blank, printstr);
} else if usize::from(index) == data.len() {
info!("{} {}", linestr, printstr);
}
}
80 changes: 80 additions & 0 deletions common/rust/cctrusted_base/src/cc_type.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,80 @@
use anyhow::*;
use std::collections::HashMap;
use std::path::Path;
use std::result::Result;

use crate::tee::TEE;
use crate::tcg::TcgAlgorithmRegistry;
use crate::tdx::tdx::Tdx;

// supported TEE types
#[derive(Clone, Eq, Hash, PartialEq)]
pub enum TeeType {
PLAIN = -1,
TDX = 0,
SEV = 1,
CCA = 2,
TPM = 3,
jyao1 marked this conversation as resolved.
Show resolved Hide resolved
}

// TEE type to type name string mapping
lazy_static! {
pub static ref TEE_NAME_MAP: HashMap<TeeType, String> = {
let mut map: HashMap<TeeType, String> = HashMap::new();
map.insert(TeeType::PLAIN, "PLAIN".to_string());
map.insert(TeeType::TDX, "TDX".to_string());
map.insert(TeeType::SEV, "SEV".to_string());
map.insert(TeeType::CCA, "CCA".to_string());
map.insert(TeeType::TPM, "TPM".to_string());
map
};
}

// public known device node path
pub const TEE_TPM_PATH: &str = "/dev/tpm0";
pub const TEE_TDX_1_0_PATH: &str = "/dev/tdx-guest";
pub const TEE_TDX_1_5_PATH: &str = "/dev/tdx_guest";
pub const TEE_SEV_PATH: &str = "/dev/sev-guest";
pub const TEE_CCA_PATH: &str = "";

// holds the TEE type info
#[derive(Clone)]
pub struct CcType {
pub tee_type: TeeType,
pub tee_type_str: String,
}

// used for return of Boxed trait object in build_tee()
pub trait BuildTee: TEE + TcgAlgorithmRegistry {}

impl CcType {
// a function to detect the TEE type
pub fn new() -> CcType {
let mut tee_type = TeeType::PLAIN;
if Path::new(TEE_TPM_PATH).exists() {
tee_type = TeeType::TPM;
} else if Path::new(TEE_TDX_1_0_PATH).exists() || Path::new(TEE_TDX_1_5_PATH).exists() {
tee_type = TeeType::TDX;
} else if Path::new(TEE_SEV_PATH).exists() {
tee_type = TeeType::SEV;
} else {
// TODO add support for CCA and etc.
}

CcType {
tee_type: tee_type.clone(),
tee_type_str: TEE_NAME_MAP.get(&tee_type).unwrap().to_owned(),
}
}

pub fn build_tee() -> Result<Box<dyn BuildTee>, anyhow::Error> {
// instance a tee according to detected TEE type
match CcType::new().tee_type {
TeeType::TDX => Ok(Box::new(Tdx::new())),
TeeType::SEV => todo!(),
TeeType::CCA => todo!(),
TeeType::TPM => todo!(),
TeeType::PLAIN => return Err(anyhow!("[build_tee] Error: not in any TEE!")),
}
}
}
2 changes: 2 additions & 0 deletions common/rust/cctrusted_base/src/eventlog.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
// struct for standard TCG eventlog
pub struct TcgEventLog {}
10 changes: 10 additions & 0 deletions common/rust/cctrusted_base/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
#[macro_use]
extern crate lazy_static;

pub mod binary_blob;
pub mod cc_type;
pub mod tee;
pub mod eventlog;
pub mod tcg;
pub mod tdx;
pub mod tpm;
41 changes: 41 additions & 0 deletions common/rust/cctrusted_base/src/tcg.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
use std::collections::HashMap;

pub const TPM_ALG_ERROR: u8 = 0x0;
pub const TPM_ALG_RSA: u8 = 0x1;
hairongchen marked this conversation as resolved.
Show resolved Hide resolved
pub const TPM_ALG_TDES: u8 = 0x3;
hairongchen marked this conversation as resolved.
Show resolved Hide resolved
pub const TPM_ALG_SHA256: u8 = 0xB;
pub const TPM_ALG_SHA384: u8 = 0xC;
pub const TPM_ALG_SHA512: u8 = 0xD;

// hash algorithm ID to algorithm name string map
lazy_static! {
pub static ref ALGO_NAME_MAP: HashMap<u8, String> = {
let mut map: HashMap<u8, String> = HashMap::new();
map.insert(TPM_ALG_ERROR, "TPM_ALG_RSA".to_string());
map.insert(TPM_ALG_TDES, "TPM_ALG_TDES".to_string());
map.insert(TPM_ALG_SHA256, "TPM_ALG_SHA256".to_string());
map.insert(TPM_ALG_SHA384, "TPM_ALG_SHA384".to_string());
map.insert(TPM_ALG_SHA512, "TPM_ALG_SHA512".to_string());
map
};
}

// this trait retrieve tcg standard algorithm name in string
pub trait TcgAlgorithmRegistry {
fn get_algorithm_id(&self) -> u8;
}

// digest format: (algo id, hash value)
#[allow(dead_code)]
pub struct TcgDigest {
algo_id: u8,
hash: Vec<u8>,
}

// this trait retrieve IMR's max index of a TEE and hash value
pub trait TcgIMR {
fn max_index(&self) -> u8;
fn get_index(&self) -> u8;
fn get_hash(&self) -> Vec<&str>;
fn is_valid(&self) -> bool;
}
42 changes: 42 additions & 0 deletions common/rust/cctrusted_base/src/tdx/common.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
#![allow(non_camel_case_types)]
use crate::cc_type::*;
use std::collections::HashMap;

// TDX version ID
#[derive(Clone, Eq, Hash, PartialEq)]
pub enum TdxVersion {
TDX_1_0,
TDX_1_5,
}

// TDX version ID to version string map
lazy_static! {
pub static ref TDX_VERSION_MAP: HashMap<TdxVersion, String> = {
let mut map: HashMap<TdxVersion, String> = HashMap::new();
map.insert(TdxVersion::TDX_1_0, "1.0".to_string());
map.insert(TdxVersion::TDX_1_5, "1.5".to_string());
map
};
}

// TDX version ID to device path string map
lazy_static! {
pub static ref TDX_DEVICE_NODE_MAP: HashMap<TdxVersion, String> = {
let mut map: HashMap<TdxVersion, String> = HashMap::new();
map.insert(TdxVersion::TDX_1_0, TEE_TDX_1_0_PATH.to_string());
map.insert(TdxVersion::TDX_1_5, TEE_TDX_1_5_PATH.to_string());
map
};
}

// TDX ioctl operation code to be used for get TDX quote and TD Report
pub enum TdxOperation {
TDX_GET_TD_REPORT = 1,
TDX_1_0_GET_QUOTE = 2,
TDX_1_5_GET_QUOTE = 4,
jyao1 marked this conversation as resolved.
Show resolved Hide resolved
}

// quote and tdreport length
pub const REPORT_DATA_LEN: u32 = 64;
pub const TDX_REPORT_LEN: u32 = 1024;
pub const TDX_QUOTE_LEN: usize = 4 * 4096;
5 changes: 5 additions & 0 deletions common/rust/cctrusted_base/src/tdx/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
pub mod common;
pub mod quote;
pub mod report;
pub mod rtmr;
pub mod tdx;
Loading