runtime/nodeinstaller: add insecure platform variants

Author: msanft

internal/atls/issuer/issuer_linux.go

@@ -6,10 +6,10 @@
 package issuer
 
 import (
-	"fmt"
 	"log/slog"
 
 	"github.com/edgelesssys/contrast/internal/atls"
+	"github.com/edgelesssys/contrast/internal/attestation/insecure"
 	snpissuer "github.com/edgelesssys/contrast/internal/attestation/snp/issuer"
 	tdxissuer "github.com/edgelesssys/contrast/internal/attestation/tdx/issuer"
 	"github.com/edgelesssys/contrast/internal/logger"
@@ -29,6 +29,7 @@ func New(log *slog.Logger) (atls.Issuer, error) {
 			logger.NewWithAttrs(logger.NewNamed(log, "issuer"), map[string]string{"tee-type": "tdx"}),
 		), nil
 	default:
-		return nil, fmt.Errorf("unsupported platform: %T", cpuid.CPU)
+		log.Warn("No TEE platform detected, using insecure attestation issuer")
+		return insecure.NewIssuer(), nil
 	}
 }

internal/kuberesource/parts.go

@@ -28,6 +28,15 @@ func ContrastRuntimeClass(platform platforms.Platform) (*RuntimeClassConfig, err
 
 	// Consists of the default VM memory, 70MiB for the Kata shim and 100MiB for qemu overhead.
 	memoryOverhead := platforms.DefaultMemoryInMebiBytes(platform) + 170
+	if platforms.IsInsecure(platform) && platforms.IsGPU(platform) {
+		// On insecure (non-CC) GPU platforms, iommufd VFIO passthrough pins guest
+		// memory and allocates IOMMU page tables that are charged to the pod's
+		// cgroup. On CC platforms, TDX manages this memory outside the cgroup.
+		// (in the kernel / TDX module memory)
+		// Add extra headroom to avoid OOM kills. 512MB should suffice for VMs up
+		// to ~256GB of memory, which is our current limit on TDX as well.
+		memoryOverhead += 512
+	}
 
 	r := RuntimeClass(runtimeHandler).
 		WithHandler(runtimeHandler).

internal/manifest/runtimehandler.go

@@ -33,6 +33,11 @@ func RuntimeHandler(platform platforms.Platform) (string, error) {
 // PlatformFromHandler extracts the platform from the runtime handler name.
 func PlatformFromHandler(handler string) (platforms.Platform, error) {
 	rest, found := strings.CutPrefix(handler, "contrast-cc-")
+	isInsecure := false
+	if !found {
+		rest, found = strings.CutPrefix(handler, "contrast-insecure-")
+		isInsecure = true
+	}
 	if !found {
 		return platforms.Unknown, fmt.Errorf("invalid handler name: %s", handler)
 	}
@@ -43,6 +48,9 @@ func PlatformFromHandler(handler string) (platforms.Platform, error) {
 	}
 
 	rawPlatform := strings.Join(parts[:len(parts)-1], "-")
+	if isInsecure {
+		rawPlatform += "-insecure"
+	}
 
 	platform, err := platforms.FromString(rawPlatform)
 	if err != nil {

internal/platforms/platforms.go

@@ -24,11 +24,22 @@ const (
 	MetalQEMUSNPGPU
 	// MetalQEMUTDXGPU is the generic platform for bare-metal TDX deployments with GPU passthrough.
 	MetalQEMUTDXGPU
+	// MetalQEMUSNPInsecure is the platform for bare-metal SNP deployments with a non-CC runtime class.
+	MetalQEMUSNPInsecure
+	// MetalQEMUTDXInsecure is the platform for bare-metal TDX deployments with a non-CC runtime class.
+	MetalQEMUTDXInsecure
+	// MetalQEMUSNPGPUInsecure is the platform for bare-metal SNP deployments with GPU passthrough and a non-CC runtime class.
+	MetalQEMUSNPGPUInsecure
+	// MetalQEMUTDXGPUInsecure is the platform for bare-metal TDX deployments with GPU passthrough and a non-CC runtime class.
+	MetalQEMUTDXGPUInsecure
 )
 
 // All returns a list of all available platforms.
 func All() []Platform {
-	return []Platform{MetalQEMUSNP, MetalQEMUTDX, MetalQEMUSNPGPU, MetalQEMUTDXGPU}
+	return []Platform{
+		MetalQEMUSNP, MetalQEMUTDX, MetalQEMUSNPGPU, MetalQEMUTDXGPU,
+		MetalQEMUSNPInsecure, MetalQEMUTDXInsecure, MetalQEMUSNPGPUInsecure, MetalQEMUTDXGPUInsecure,
+	}
 }
 
 // AllStrings returns a list of all available platforms as strings.
@@ -51,11 +62,36 @@ func (p Platform) String() string {
 		return "Metal-QEMU-TDX"
 	case MetalQEMUTDXGPU:
 		return "Metal-QEMU-TDX-GPU"
+	case MetalQEMUSNPInsecure:
+		return "Metal-QEMU-SNP-Insecure"
+	case MetalQEMUTDXInsecure:
+		return "Metal-QEMU-TDX-Insecure"
+	case MetalQEMUSNPGPUInsecure:
+		return "Metal-QEMU-SNP-GPU-Insecure"
+	case MetalQEMUTDXGPUInsecure:
+		return "Metal-QEMU-TDX-GPU-Insecure"
 	default:
 		return "Unknown"
 	}
 }
 
+// InsecureVariant returns the insecure (non-CC) variant of the
+// platform, or Unknown if there is no such variant.
+func (p Platform) InsecureVariant() Platform {
+	switch p {
+	case MetalQEMUSNP:
+		return MetalQEMUSNPInsecure
+	case MetalQEMUTDX:
+		return MetalQEMUTDXInsecure
+	case MetalQEMUSNPGPU:
+		return MetalQEMUSNPGPUInsecure
+	case MetalQEMUTDXGPU:
+		return MetalQEMUTDXGPUInsecure
+	default:
+		return Unknown
+	}
+}
+
 // MarshalJSON marshals a Platform type to a JSON string.
 func (p Platform) MarshalJSON() ([]byte, error) {
 	return fmt.Appendf(nil, `"%s"`, p.String()), nil
@@ -99,6 +135,14 @@ func FromString(s string) (Platform, error) {
 		return MetalQEMUTDX, nil
 	case "metal-qemu-tdx-gpu":
 		return MetalQEMUTDXGPU, nil
+	case "metal-qemu-snp-insecure":
+		return MetalQEMUSNPInsecure, nil
+	case "metal-qemu-tdx-insecure":
+		return MetalQEMUTDXInsecure, nil
+	case "metal-qemu-snp-gpu-insecure":
+		return MetalQEMUSNPGPUInsecure, nil
+	case "metal-qemu-tdx-gpu-insecure":
+		return MetalQEMUTDXGPUInsecure, nil
 	default:
 		return Unknown, fmt.Errorf("unknown platform: %s", s)
 	}
@@ -121,10 +165,18 @@ func FromRuntimeClassString(s string) (Platform, error) {
 		return MetalQEMUSNPGPU, nil
 	case strings.HasPrefix(s, "contrast-cc-metal-qemu-snp"):
 		return MetalQEMUSNP, nil
+	case strings.HasPrefix(s, "contrast-insecure-metal-qemu-snp-gpu"):
+		return MetalQEMUSNPGPUInsecure, nil
+	case strings.HasPrefix(s, "contrast-insecure-metal-qemu-snp"):
+		return MetalQEMUSNPInsecure, nil
 	case strings.HasPrefix(s, "contrast-cc-metal-qemu-tdx-gpu"):
 		return MetalQEMUTDXGPU, nil
 	case strings.HasPrefix(s, "contrast-cc-metal-qemu-tdx"):
 		return MetalQEMUTDX, nil
+	case strings.HasPrefix(s, "contrast-insecure-metal-qemu-tdx-gpu"):
+		return MetalQEMUTDXGPUInsecure, nil
+	case strings.HasPrefix(s, "contrast-insecure-metal-qemu-tdx"):
+		return MetalQEMUTDXInsecure, nil
 	default:
 		return Unknown, fmt.Errorf("unknown platform: %s", s)
 	}
@@ -133,7 +185,7 @@ func FromRuntimeClassString(s string) (Platform, error) {
 // DefaultMemoryInMebiBytes returns the desired VM overhead for the given platform.
 func DefaultMemoryInMebiBytes(p Platform) int {
 	switch p {
-	case MetalQEMUSNPGPU, MetalQEMUTDXGPU:
+	case MetalQEMUSNPGPU, MetalQEMUTDXGPU, MetalQEMUSNPGPUInsecure, MetalQEMUTDXGPUInsecure:
 		// Guest components contribute around 600MiB with GPU enabled.
 		return 1024
 	default:
@@ -144,6 +196,16 @@ func DefaultMemoryInMebiBytes(p Platform) int {
 	}
 }
 
+// IsInsecure returns true if the platform is an insecure (non-CC) platform.
+func IsInsecure(p Platform) bool {
+	switch p {
+	case MetalQEMUSNPInsecure, MetalQEMUTDXInsecure, MetalQEMUSNPGPUInsecure, MetalQEMUTDXGPUInsecure:
+		return true
+	default:
+		return false
+	}
+}
+
 // IsSNP returns true if the platform is a SEV-SNP platform.
 func IsSNP(p Platform) bool {
 	switch p {
@@ -167,7 +229,7 @@ func IsTDX(p Platform) bool {
 // IsGPU returns true if the platform supports GPUs.
 func IsGPU(p Platform) bool {
 	switch p {
-	case MetalQEMUSNPGPU, MetalQEMUTDXGPU:
+	case MetalQEMUSNPGPU, MetalQEMUTDXGPU, MetalQEMUSNPGPUInsecure, MetalQEMUTDXGPUInsecure:
 		return true
 	default:
 		return false
@@ -177,7 +239,8 @@ func IsGPU(p Platform) bool {
 // IsQEMU returns true if the platform uses QEMU as the hypervisor.
 func IsQEMU(p Platform) bool {
 	switch p {
-	case MetalQEMUSNP, MetalQEMUSNPGPU, MetalQEMUTDX, MetalQEMUTDXGPU:
+	case MetalQEMUSNP, MetalQEMUSNPGPU, MetalQEMUTDX, MetalQEMUTDXGPU,
+		MetalQEMUSNPInsecure, MetalQEMUTDXInsecure, MetalQEMUSNPGPUInsecure, MetalQEMUTDXGPUInsecure:
 		return true
 	default:
 		return false
@@ -191,6 +254,10 @@ func (p Platform) WithGPU() Platform {
 		return MetalQEMUSNPGPU
 	case MetalQEMUTDX, MetalQEMUTDXGPU:
 		return MetalQEMUTDXGPU
+	case MetalQEMUSNPInsecure, MetalQEMUSNPGPUInsecure:
+		return MetalQEMUSNPGPUInsecure
+	case MetalQEMUTDXInsecure, MetalQEMUTDXGPUInsecure:
+		return MetalQEMUTDXGPUInsecure
 	default:
 		return Unknown
 	}

justfile

@@ -58,10 +58,10 @@ node-installer platform=default_platform:
     #!/usr/bin/env bash
     set -euo pipefail
     case {{ platform }} in
-        "Metal-QEMU-SNP"|"Metal-QEMU-TDX")
+        "Metal-QEMU-SNP"|"Metal-QEMU-TDX"|"Metal-QEMU-SNP-Insecure"|"Metal-QEMU-TDX-Insecure")
             just push "node-installer-kata"
         ;;
-        "Metal-QEMU-SNP-GPU"|"Metal-QEMU-TDX-GPU")
+        "Metal-QEMU-SNP-GPU"|"Metal-QEMU-TDX-GPU"|"Metal-QEMU-SNP-GPU-Insecure"|"Metal-QEMU-TDX-GPU-Insecure")
             just push "node-installer-kata-gpu"
         ;;
         *)
@@ -169,7 +169,7 @@ runtime target=default_deploy_target platform=default_platform set=default_set:
         --namespace {{ target }}${namespace_suffix-} \
         --node-installer-target-conf-type ${node_installer_target_conf_type} \
         --platform "$platforms" \
-        runtime >> "./{{ workspace_dir }}/runtime/runtime.yml"
+        runtime > "./{{ workspace_dir }}/runtime/runtime.yml"
 
 # Populate the workspace with a Kubernetes deployment
 populate target=default_deploy_target platform=default_platform set=default_set:

nodeinstaller/internal/containerdconfig/config.go

@@ -144,12 +144,12 @@ func ContrastRuntime(baseDir string, platform platforms.Platform) (Runtime, erro
 		PrivilegedWithoutHostDevices: true,
 	}
 
-	switch {
-	case platforms.IsTDX(platform):
+	switch platform {
+	case platforms.MetalQEMUTDX, platforms.MetalQEMUTDXGPU, platforms.MetalQEMUTDXInsecure, platforms.MetalQEMUTDXGPUInsecure:
 		cfg.Options = map[string]any{
 			"ConfigPath": filepath.Join(baseDir, "etc", "configuration-qemu-tdx.toml"),
 		}
-	case platforms.IsSNP(platform):
+	case platforms.MetalQEMUSNP, platforms.MetalQEMUSNPGPU, platforms.MetalQEMUSNPInsecure, platforms.MetalQEMUSNPGPUInsecure:
 		cfg.Options = map[string]any{
 			"ConfigPath": filepath.Join(baseDir, "etc", "configuration-qemu-snp.toml"),
 		}

nodeinstaller/internal/kataconfig/config.go

@@ -39,30 +39,39 @@ func KataRuntimeConfig(
 ) (*Config, error) {
 	var customContrastAnnotations []string
 	var config Config
-	switch {
-	case platforms.IsTDX(platform):
+	switch platform {
+	case platforms.MetalQEMUTDX, platforms.MetalQEMUTDXGPU, platforms.MetalQEMUTDXInsecure, platforms.MetalQEMUTDXGPUInsecure:
 		if err := toml.Unmarshal([]byte(kataBareMetalQEMUTDXBaseConfig), &config); err != nil {
 			return nil, fmt.Errorf("failed to unmarshal kata runtime configuration: %w", err)
 		}
 		config.Hypervisor["qemu"]["firmware"] = filepath.Join(baseDir, "tdx", "share", "OVMF.fd")
 		// We set up dm_verity in the system NixOS config.
 		// Doing so again here prevents VM boots.
 		config.Hypervisor["qemu"]["kernel_verity_params"] = ""
-	case platforms.IsSNP(platform):
+	case platforms.MetalQEMUSNP, platforms.MetalQEMUSNPGPU, platforms.MetalQEMUSNPInsecure, platforms.MetalQEMUSNPGPUInsecure:
 		if err := toml.Unmarshal([]byte(kataBareMetalQEMUSNPBaseConfig), &config); err != nil {
 			return nil, fmt.Errorf("failed to unmarshal kata runtime configuration: %w", err)
 		}
 
-		for _, productLine := range []string{"_Milan", "_Genoa"} {
-			for _, annotationType := range []string{"snp_id_block", "snp_id_auth", "snp_guest_policy"} {
-				customContrastAnnotations = append(customContrastAnnotations, annotationType+productLine)
+		if !platforms.IsInsecure(platform) {
+			for _, productLine := range []string{"_Milan", "_Genoa"} {
+				for _, annotationType := range []string{"snp_id_block", "snp_id_auth", "snp_guest_policy"} {
+					customContrastAnnotations = append(customContrastAnnotations, annotationType+productLine)
+				}
 			}
 		}
 
 		config.Hypervisor["qemu"]["firmware"] = filepath.Join(baseDir, "snp", "share", "OVMF.fd")
 	default:
 		return nil, fmt.Errorf("unsupported platform: %s", platform)
 	}
+	// Disable confidential computing features for insecure platforms.
+	if platforms.IsInsecure(platform) {
+		config.Hypervisor["qemu"]["confidential_guest"] = false
+		if platforms.IsSNP(platform) || platform == platforms.MetalQEMUSNPInsecure || platform == platforms.MetalQEMUSNPGPUInsecure {
+			config.Hypervisor["qemu"]["sev_snp_guest"] = false
+		}
+	}
 	if debug {
 		config.Agent["kata"]["enable_debug"] = true
 		config.Agent["kata"]["debug_console_enabled"] = true

nodeinstaller/internal/kataconfig/config_test.go

@@ -22,6 +22,14 @@ var (
 	expectedConfMetalQEMUSNPGPU []byte
 	//go:embed testdata/expected-configuration-qemu-tdx-gpu.toml
 	expectedConfMetalQEMUTDXGPU []byte
+	//go:embed testdata/expected-configuration-qemu-snp-insecure.toml
+	expectedConfMetalQEMUSNPInsecure []byte
+	//go:embed testdata/expected-configuration-qemu-tdx-insecure.toml
+	expectedConfMetalQEMUTDXInsecure []byte
+	//go:embed testdata/expected-configuration-qemu-snp-gpu-insecure.toml
+	expectedConfMetalQEMUSNPGPUInsecure []byte
+	//go:embed testdata/expected-configuration-qemu-tdx-gpu-insecure.toml
+	expectedConfMetalQEMUTDXGPUInsecure []byte
 )
 
 func TestKataRuntimeConfig(t *testing.T) {
@@ -45,6 +53,22 @@ func TestKataRuntimeConfig(t *testing.T) {
 			changeSnpFields: false,
 			want:            string(expectedConfMetalQEMUTDXGPU),
 		},
+		platforms.MetalQEMUSNPInsecure: {
+			changeSnpFields: true,
+			want:            string(expectedConfMetalQEMUSNPInsecure),
+		},
+		platforms.MetalQEMUTDXInsecure: {
+			changeSnpFields: false,
+			want:            string(expectedConfMetalQEMUTDXInsecure),
+		},
+		platforms.MetalQEMUSNPGPUInsecure: {
+			changeSnpFields: true,
+			want:            string(expectedConfMetalQEMUSNPGPUInsecure),
+		},
+		platforms.MetalQEMUTDXGPUInsecure: {
+			changeSnpFields: false,
+			want:            string(expectedConfMetalQEMUTDXGPUInsecure),
+		},
 	}
 	for platform, tc := range testCases {
 		t.Run(platform.String(), func(t *testing.T) {