[4/8] initdata-processor: support insecure platforms#2354
Conversation
msanft
force-pushed
the
split/pr-2337-initdata
branch
from
d983852 to
a96709b
Compare
msanft
changed the title
msanft
force-pushed
the
split/pr-2337-attestation
branch
from
35fd8b4 to
abcf97e
Compare
msanft
force-pushed
the
split/pr-2337-initdata
branch
from
a96709b to
61b512e
Compare
msanft
force-pushed
the
split/pr-2337-attestation
branch
from
abcf97e to
d555ab0
Compare
msanft
force-pushed
the
split/pr-2337-initdata
branch
from
61b512e to
e3d60c2
Compare
msanft
force-pushed
the
split/pr-2337-initdata
branch
from
e3d60c2 to
27c226a
Compare
msanft
force-pushed
the
split/pr-2337-initdata
branch
from
27c226a to
934583d
Compare
burgerdev
left a comment
burgerdev
left a comment
There was a problem hiding this comment.
Unfortunately, this does not work with initdata: An attacker can launch the VM with TEE support and set HOSTDATA to their desired value, but supply an initdata file that includes Insecure. HOSTDATA is now unvalidated, but still shows in reports.
The previous version was arguably safer, but safe enough? idk.
msanft
force-pushed
the
split/pr-2337-initdata
branch
from
934583d to
72898ef
Compare
msanft
changed the title
msanft
force-pushed
the
split/pr-2337-initdata
branch
from
72898ef to
f2897e6
Compare
msanft
force-pushed
the
split/pr-2337-runtime-nodeinstaller
branch
2 times, most recently
from
dda6dc2 to
d1e13e3
Compare
msanft
force-pushed
the
split/pr-2337-initdata
branch
2 times, most recently
from
91b1df7 to
db7cd22
Compare
msanft
force-pushed
the
split/pr-2337-runtime-nodeinstaller
branch
from
d1e13e3 to
70e5da4
Compare
msanft
force-pushed
the
split/pr-2337-initdata
branch
from
db7cd22 to
a8f6eb6
Compare
msanft
force-pushed
the
split/pr-2337-runtime-nodeinstaller
branch
2 times, most recently
from
056e110 to
9f047ca
Compare
msanft
force-pushed
the
split/pr-2337-initdata
branch
2 times, most recently
from
fd0d094 to
bbf67f4
Compare
msanft
force-pushed
the
split/pr-2337-runtime-nodeinstaller
branch
2 times, most recently
from
5fa6e62 to
6c99247
Compare
msanft
force-pushed
the
split/pr-2337-initdata
branch
4 times, most recently
from
4e3d618 to
c168265
Compare
charludo
left a comment
charludo
left a comment
There was a problem hiding this comment.
I just have one nit, LGTM otherwise.
msanft
force-pushed
the
split/pr-2337-initdata
branch
6 times, most recently
from
62ac3e2 to
9d6a048
Compare
burgerdev
left a comment
burgerdev
left a comment
There was a problem hiding this comment.
lgtm, just a nit and a squash
msanft
force-pushed
the
split/pr-2337-initdata
branch
from
9d6a048 to
9b08076
Compare
msanft
force-pushed
the
split/pr-2337-initdata
branch
from
9b08076 to
f13a5d2
Compare
sespiros
left a comment
sespiros
left a comment
There was a problem hiding this comment.
Thanks, an inline comment and some others that I had looking at the merged PRs so far, so feel free to incorporate as you see fit here/in one of the upcoming PRs/follow-ups:
-
I think the relevant PR is already merged by now but raising this, this line here:
contrast/cli/verifier/cpu_count_valid.go
Line 23 in 25c0a71
is not using theIsContrastPodhelper, so insecure pods bypass that CPU count check. -
The insecure validator https://github.com/edgelesssys/contrast/blob/main/internal/attestation/insecure/validator.go is not logging any message (using the logger) like the other validators. I think we would want to see in the logs at least:
- when an insecure attestation is accepted
- log on entry/exit (like the rest)
-
I noticed insecure configurations use the
. Shouldn't we rename these to something more fitting likesnpname inconfiguration-qemu-bm.toml? -
This is a readability nit but it took me a minute to parse
I would either add a comment explaining the bounds or make the range prefix-aware i.eminParts, maxParts := 4, 5; if isInsecure { minParts, maxParts = 3, 4 }
| log.Printf("hostdata server shutdown error: %v", err) | ||
| } | ||
| }() | ||
| if err := server.ListenAndServe(); err != nil && !errors.Is(err, http.ErrServerClosed) { |
There was a problem hiding this comment.
This came up during AI review, all incoming connections to the guest are disabled in:
contrast/packages/nixos/kata.nix
Line 188 in 25c0a71
so I assume connections to the service will be dropped by default when service mesh is enabled. Service mesh seems relevant for the benchmarking use case (comparing across CC vs non-CC needs the same proxy/iptables stack I assume), but not sure if that combination is actually in scope here.
It seems it is (also afaict nothing in https://github.com/edgelesssys/contrast/blob/main/internal/kuberesource/mutators.go stops you from using service mesh with an insecure pod).
So depending on what we need here we either have to have a rule that allows this connection or refuse enabling the service mesh when an insecure platform is detected during generate (by catching that in the mutators).
I explicitly opted not to do so, since we want the insecure runtimes to reflect the CC versions as closely as possible, to allow easy performance benchmarking, for example. We do want the platform-specific kernel, etc., for example. |
4 participants
Split from #2337 as part of a stacked review series.
Depends on: #2353
This PR teaches the initdata-processor how to operate on insecure platforms: