Merge pull request #129 from lmilleri/update-bm-install

Update helper installation script

Author: lmilleri

scripts/install-helpers/README.md

@@ -4,7 +4,7 @@ These are helper scripts to setup Trustee operator on OpenShift cluster
 
 ## Prerequisites
 
-- `oc`, `jq` and `openssl` CLI
+- `oc`, `jq`, `git` and `openssl` CLI
 
 ## How to use the installation script
 

scripts/install-helpers/attestation-policy.yaml

@@ -5,47 +5,135 @@ metadata:
   namespace: trustee-operator-system
 data:
   default.rego: |
-    package policy 
-    import future.keywords.every
+    package policy
 
-    default allow = false
+    import rego.v1
 
-    allow {
-       every k, v in input {
-           judge_field(k, v)
-       }
+    # This policy validates multiple TEE platforms
+    # The policy is meant to capture the TCB requirements
+    # for confidential containers.
+
+    # This policy is used to generate an EAR Appraisal.
+    # Specifically it generates an AR4SI result.
+    # More informatino on AR4SI can be found at
+    # <https://datatracker.ietf.org/doc/draft-ietf-rats-ar4si/>
+
+    # For the `executables` trust claim, the value 33 stands for
+    # "Runtime memory includes executables, scripts, files, and/or
+    #  objects which are not recognized."
+    default executables := 33
+
+    # For the `hardware` trust claim, the value 97 stands for
+    # "A Verifier does not recognize an Attester's hardware or
+    #  firmware, but it should be recognized."
+    default hardware := 97
+
+    # For the `configuration` trust claim the value 36 stands for
+    # "Elements of the configuration relevant to security are
+    #  unavailable to the Verifier."
+    default configuration := 36
+
+    ##### Sample
+
+    # For the `executables` trust claim, the value 3 stands for
+    # "Only a recognized genuine set of approved executables have
+    #  been loaded during the boot process."
+    executables := 3 if {
+      # The sample attester does not report any launch digest.
+      # This is an example of how a real platform might validate executables.
+      input.sample.launch_digest in data.reference.launch_digest
     }
 
-    judge_field(input_key, input_value) {
-       has_key(data.reference, input_key)
-       reference_value := data.reference[input_key]
-       match_value(reference_value, input_value)
+    # For the `hardware` trust claim, the value 2 stands for
+    # "An Attester has passed its hardware and/or firmware
+    #  verifications needed to demonstrate that these are genuine/
+    #  supported.
+    hardware := 2 if {
+      input.sample.svn in data.reference.svn
     }
 
-    judge_field(input_key, input_value) {
-       not has_key(data.reference, input_key)
+    ##### SNP
+    executables := 3 if {
+      # In the future, we might calculate this measurement here various components
+      input.snp.measurement in data.reference.snp_launch_measurement
     }
 
-    match_value(reference_value, input_value) {
-       not is_array(reference_value)
-       input_value == reference_value
+    hardware := 2 if {
+      # Check the reported TCB to validate the ASP FW
+      input.snp.reported_tcb_bootloader in data.reference.snp_bootloader
+      input.snp.reported_tcb_microcode in data.reference.snp_microcode
+      input.snp.reported_tcb_snp in data.reference.snp_snp_svn
+      input.snp.reported_tcb_tee in data.reference.snp_tee_svn
     }
 
-    match_value(reference_value, input_value) {
-       is_array(reference_value)
-       array_include(reference_value, input_value)
+    # For the 'configuration' trust claim 2 stands for
+    # "The configuration is a known and approved config."
+    #
+    # For this, we compare all the configuration fields.
+    configuration := 2 if {
+      input.snp.policy_debug_allowed == 0
+      input.snp.policy_migrate_ma == 0
+      input.snp.platform_smt_enabled in data.reference.snp_smt_enabled
+      input.snp.platform_tsme_enabled in data.reference.snp_tsme_enabled
+      input.snp.policy_abi_major in data.reference.snp_guest_abi_major
+      input.snp.policy_abi_minor in data.reference.snp_guest_abi_minor
+      input.snp.policy_single_socket in data.reference.snp_single_socket
+      input.snp.policy_smt_allowed in data.reference.snp_smt_allowed
     }
 
-    array_include(reference_value_array, input_value) {
-       reference_value_array == []
+    # For the `configuration` trust claim 3 stands for
+    # "The configuration includes or exposes no known
+    #  vulnerabilities."
+    #
+    # In this check, we do not specifically check every
+    # configuration value, but we make sure that some key
+    # configurations (like debug_allowed) are set correctly.
+    else := 3 if {
+      input.snp.policy_debug_allowed == 0
+      input.snp.policy_migrate_ma == 0
     }
 
-    array_include(reference_value_array, input_value) {
-       reference_value_array != []
-       some i
-       reference_value_array[i] == input_value
+    ##### TDX
+    executables := 3 if {
+      # Check the kernel, initrd, and cmdline (including dmverity parameters) measurements
+      # TODO: add individual CCEL measurements from input.tdx.ccel instead
+      input.tdx.quote.body.rtmr_1 in data.reference.rtmr_1
+      input.tdx.quote.body.rtmr_2 in data.reference.rtmr_2
     }
 
-    has_key(m, k) {
-       _ = m[k]
+    hardware := 2 if {
+      # Check the quote is a TDX quote signed by Intel SGX Quoting Enclave
+      input.tdx.quote.header.tee_type == "81000000"
+      input.tdx.quote.header.vendor_id == "939a7233f79c4ca9940a0db3957f0607"
+
+      # Check TDX Module version and its hash. Also check OVMF code hash.
+      input.tdx.quote.body.mr_seam in data.reference.mr_seam
+      input.tdx.quote.body.tcb_svn in data.reference.tcb_svn
+      input.tdx.quote.body.mr_td in data.reference.mr_td
+      # Check TCB status
+      # input.tdx.tcb_status == "OK"
+
+      # Check collateral expiration status
+      # input.tdx.collateral_expiration_status == "0"
+
+      # Check against allowed advisory ids
+      # allowed_advisory_ids := {"INTEL-SA-00837"}
+      # attester_advisory_ids := {id | id := input.attester_advisory_ids[_]}
+      # object.subset(allowed_advisory_ids, attester_advisory_ids)
+
+      # Check against disallowed advisory ids
+      # disallowed_advisory_ids := {"INTEL-SA-00837"}
+      # attester_advisory_ids := {id | id := input.tdx.advisory_ids[_]} # convert array to set
+      # intersection := attester_advisory_ids & disallowed_advisory_ids
+      # count(intersection) == 0
     }
+
+    configuration := 2 if {
+      # Check the TD has the expected attributes (e.g., debug not enabled) and features.
+      input.tdx.td_attributes.debug == false
+      input.tdx.quote.body.xfam in data.reference.xfam
+    }
+
+    ##### AZ SNP TODO
+    ##### AZ TDX TODO
+    ##### SE TODO

scripts/install-helpers/install.sh

@@ -10,8 +10,9 @@ ITA_KEY="${ITA_KEY:-}"
 if [ -n "$ITA_KEY" ]; then
 	TDX=true
 fi
-DEFAULT_IMAGE=quay.io/openshift_sandboxed_containers/kbs:v0.10.1
-DEFAULT_TRUSTEE_OPERATOR_CSV=trustee-operator.v0.2.0
+
+DEFAULT_IMAGE=quay.io/redhat-user-workloads/ose-osc-tenant/trustee/trustee:345aef3985efea5d4f91ffbffb597cb44087b96a
+DEFAULT_TRUSTEE_OPERATOR_CSV=trustee-operator.v0.3.0
 
 if [ -n "$ITA_KEY" ]; then
     DEFAULT_IMAGE+="-ita"
@@ -44,6 +45,14 @@ function check_openssl() {
     fi
 }
 
+# Function to check if the git command is available
+function check_git() {
+    if ! command -v git &>/dev/null; then
+        echo "git command not found. Please install git."
+        return 1
+    fi
+}
+
 # Function to wait for the operator deployment object to be ready
 function wait_for_deployment() {
     local deployment=$1
@@ -238,6 +247,29 @@ function create_trustee_artefacts() {
 
 }
 
+function set_fbc_catalog_image() {
+    latest_fbc_commit=$(git ls-remote https://github.com/openshift/trustee-fbc.git HEAD | cut -f 1)
+    ocp_version=$(oc version --output json | jq '.openshiftVersion')
+    image_prefix=quay.io/redhat-user-workloads/ose-osc-tenant
+    if [[ "$ocp_version" =~ 4\.15.* ]] ;
+    then
+        FBC_IMAGE=$image_prefix/trustee-fbc-4-15/trustee-fbc-4-15
+    elif [[ "$ocp_version" =~ 4\.16.* ]] ;
+    then
+        FBC_IMAGE=$image_prefix/trustee-fbc/trustee-fbc-4-16
+    elif [[ "$ocp_version" =~ 4\.17.* ]] ;
+    then
+        FBC_IMAGE=$image_prefix/trustee-fbc-4-17
+    elif [[ "$ocp_version" =~ 4\.18.* ]] ;
+    then
+        FBC_IMAGE=$image_prefix/trustee-fbc-4-18
+    else
+        echo "OCP version "$ocp_version" not supported yet!"
+        exit 1
+    fi
+    export FBC_IMAGE="$FBC_IMAGE:$latest_fbc_commit"
+}
+
 # Function to apply the operator manifests
 function apply_operator_manifests() {
     # Apply the manifests, error exit if any of them fail
@@ -247,7 +279,10 @@ function apply_operator_manifests() {
         oc apply -f subs-ga.yaml || return 1
 	approve_installplan_for_target_csv trustee-operator-system "$TRUSTEE_OPERATOR_CSV" || return 1
     else
+        set_fbc_catalog_image
+        envsubst < "trustee_catalog.yaml.in" > "trustee_catalog.yaml"
         oc apply -f trustee_catalog.yaml || return 1
+        rm -f trustee_catalog.yaml
         oc apply -f subs-upstream.yaml || return 1
     fi
 
@@ -260,7 +295,7 @@ function override_trustee_image() {
         oc patch -n trustee-operator-system $CSV --type=json -p="[
         {
             "op": "replace",
-            "path": "/spec/install/spec/deployments/0/spec/template/spec/containers/1/env/1/value",
+            "path": "/spec/install/spec/deployments/0/spec/template/spec/containers/0/env/1/value",
             "value": "$TRUSTEE_IMAGE"
         }
         ]"
@@ -399,6 +434,9 @@ check_oc || exit 1
 # Check if openssl command is available
 check_openssl || exit 1
 
+# Check if git command is available
+check_git || exit 1
+
 # If MIRRORING is true, then create the image mirroring config
 if [ "$MIRRORING" = true ]; then
     echo "Creating image mirroring config"

scripts/install-helpers/kbs-cm.yaml

@@ -5,33 +5,42 @@ metadata:
   name: kbs-config-cm
   namespace: trustee-operator-system
 data:
-  kbs-config.json: |
-    {
-      "insecure_http" : true,
-      "sockets": ["0.0.0.0:8080"],
-      "auth_public_key": "/etc/auth-secret/publicKey",
-      "attestation_token_config": {
-        "attestation_token_type": "CoCo"
-      },
-      "repository_config": {
-        "type": "LocalFs",
-        "dir_path": "/opt/confidential-containers/kbs/repository"
-      },
-      "as_config": {
-        "work_dir": "/opt/confidential-containers/attestation-service",
-        "policy_engine": "opa",
-        "attestation_token_broker": "Simple",
-          "attestation_token_config": {
-          "duration_min": 5
-          },
-        "rvps_config": {
-          "store_type": "LocalJson",
-          "store_config": {
-            "file_path": "/opt/confidential-containers/rvps/reference-values/reference-values.json"
-          }
-         }
-      },
-      "policy_engine_config": {
-        "policy_path": "/opt/confidential-containers/opa/policy.rego"
-      }
-    }
+  kbs-config.toml: |
+    [http_server]
+    sockets = ["0.0.0.0:8080"]
+    insecure_http = true
+
+    [admin]
+    insecure_api = true
+    auth_public_key = "/etc/auth-secret/publicKey"
+
+    [attestation_token]
+    insecure_key = true
+    attestation_token_type = "CoCo"
+
+    [attestation_service]
+    type = "coco_as_builtin"
+    work_dir = "/opt/confidential-containers/attestation-service"
+    policy_engine = "opa"
+
+      [attestation_service.attestation_token_broker]
+      type = "Ear"
+      policy_dir = "/opt/confidential-containers/attestation-service/policies"
+
+      [attestation_service.attestation_token_config]
+      duration_min = 5
+
+      [attestation_service.rvps_config]
+      type = "BuiltIn"
+
+        [attestation_service.rvps_config.storage]
+        type = "LocalJson"
+        file_path = "/opt/confidential-containers/rvps/reference-values/reference-values.json"
+
+    [[plugins]]
+    name = "resource"
+    type = "LocalFs"
+    dir_path = "/opt/confidential-containers/kbs/repository"
+
+    [policy_engine]
+    policy_path = "/opt/confidential-containers/opa/policy.rego"

scripts/install-helpers/resource-policy-cm.yaml

@@ -8,5 +8,5 @@ data:
     package policy
     default allow = false
     allow {
-            input["tee"] != "sample"
+      input["submods"]["cpu"]["ear.status"] != "contraindicated"
     }

scripts/install-helpers/subs-ga.yaml

@@ -10,4 +10,4 @@ spec:
   name: trustee-operator
   source: redhat-operators
   sourceNamespace: openshift-marketplace
-  startingCSV: trustee-operator.v0.2.0
+  startingCSV: trustee-operator.v0.3.0

…pts/install-helpers/trustee_catalog.yaml …/install-helpers/trustee_catalog.yaml.inscripts/install-helpers/trustee_catalog.yaml renamed to scripts/install-helpers/trustee_catalog.yaml.in scripts/install-helpers/trustee_catalog.yaml renamed to scripts/install-helpers/trustee_catalog.yaml.in

@@ -6,7 +6,7 @@ metadata:
 spec:
   displayName: Trustee Operator Catalog
   sourceType: grpc
-  image: quay.io/redhat-user-workloads/ose-osc-tenant/trustee-fbc/trustee-fbc-4-16@sha256:9d3414cf77b353f6345a13e47e5365ab25931ef85afbfb6d778cd9bb818af047
+  image: ${FBC_IMAGE}
   updateStrategy:
     registryPoll:
       interval: 5m