Runtime boot using random key to encrypt FS #265
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This was referenced Oct 30, 2023
Signed-off-by: piotrpalcz <[email protected]>
Signed-off-by: piotrpalcz <[email protected]>
Signed-off-by: Mikko Ylinen <[email protected]>
Signed-off-by: piotrpalcz <[email protected]>
Bumps [github.com/containerd/continuity](https://github.com/containerd/continuity) from 0.4.1 to 0.4.2. - [Release notes](https://github.com/containerd/continuity/releases) - [Commits](containerd/continuity@v0.4.1...v0.4.2) --- updated-dependencies: - dependency-name: github.com/containerd/continuity dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
the latest version makes devicemapper dependency as optional so we get to drop it from the builds. Signed-off-by: Mikko Ylinen <[email protected]>
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.11.0 to 0.12.0. - [Commits](golang/sys@v0.11.0...v0.12.0) --- updated-dependencies: - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.57.0 to 1.58.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.57.0...v1.58.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: Mikko Ylinen <[email protected]>
Bumps [smallvec](https://github.com/servo/rust-smallvec) from 1.10.0 to 1.11.0. - [Release notes](https://github.com/servo/rust-smallvec/releases) - [Commits](servo/rust-smallvec@v1.10.0...v1.11.0) --- updated-dependencies: - dependency-name: smallvec dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [schannel](https://github.com/steffengy/schannel-rs) from 0.1.21 to 0.1.22. - [Release notes](https://github.com/steffengy/schannel-rs/releases) - [Commits](steffengy/schannel-rs@v0.1.21...v0.1.22) --- updated-dependencies: - dependency-name: schannel dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [security-framework-sys](https://github.com/kornelski/rust-security-framework) from 2.8.0 to 2.9.1. - [Release notes](https://github.com/kornelski/rust-security-framework/releases) - [Commits](kornelski/rust-security-framework@v2.8.0...v2.9.1) --- updated-dependencies: - dependency-name: security-framework-sys dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [dircpy](https://github.com/woelper/dircpy) from 0.3.14 to 0.3.15. - [Commits](https://github.com/woelper/dircpy/commits) --- updated-dependencies: - dependency-name: dircpy dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [docker/login-action](https://github.com/docker/login-action) from 2 to 3. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@v2...v3) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: Mikko Ylinen <[email protected]>
Bumps [form_urlencoded](https://github.com/servo/rust-url) from 1.1.0 to 1.2.0. - [Release notes](https://github.com/servo/rust-url/releases) - [Commits](https://github.com/servo/rust-url/commits/v1.2.0) --- updated-dependencies: - dependency-name: form_urlencoded dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: Suraj Deshmukh <[email protected]>
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.58.0 to 1.58.1. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.58.0...v1.58.1) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [iana-time-zone](https://github.com/strawlab/iana-time-zone) from 0.1.53 to 0.1.57. - [Changelog](https://github.com/strawlab/iana-time-zone/blob/main/CHANGELOG.md) - [Commits](strawlab/iana-time-zone@v0.1.53...v0.1.57) --- updated-dependencies: - dependency-name: iana-time-zone dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [io-lifetimes](https://github.com/sunfishcode/io-lifetimes) from 1.0.6 to 1.0.11. - [Commits](sunfishcode/io-lifetimes@v1.0.6...v1.0.11) --- updated-dependencies: - dependency-name: io-lifetimes dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [walkdir](https://github.com/BurntSushi/walkdir) from 2.3.2 to 2.4.0. - [Commits](BurntSushi/walkdir@2.3.2...2.4.0) --- updated-dependencies: - dependency-name: walkdir dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Newer version of ebpf removes unnecessary GPL licensed tool cilium/ebpf@0f74f86 Signed-off-by: Dan Middleton <[email protected]>
Bumps [tempfile](https://github.com/Stebalien/tempfile) from 3.4.0 to 3.8.0. - [Changelog](https://github.com/Stebalien/tempfile/blob/master/CHANGELOG.md) - [Commits](Stebalien/tempfile@v3.4.0...v3.8.0) --- updated-dependencies: - dependency-name: tempfile dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [xsalsa20poly1305](https://github.com/RustCrypto/AEADs) from 0.9.0 to 0.9.1. - [Commits](RustCrypto/AEADs@xsalsa20poly1305-v0.9.0...xsalsa20poly1305/v0.9.1) --- updated-dependencies: - dependency-name: xsalsa20poly1305 dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.58.1 to 1.58.2. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.58.1...v1.58.2) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [ttrpc-codegen](https://github.com/containerd/ttrpc-rust) from 0.2.0 to 0.3.0. - [Commits](containerd/ttrpc-rust@v0.2.0...v0.3.0) --- updated-dependencies: - dependency-name: ttrpc-codegen dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [md-5](https://github.com/RustCrypto/hashes) from 0.10.5 to 0.10.6. - [Commits](RustCrypto/hashes@md-5-v0.10.5...md-5-v0.10.6) --- updated-dependencies: - dependency-name: md-5 dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [crossbeam-channel](https://github.com/crossbeam-rs/crossbeam) from 0.5.7 to 0.5.8. - [Release notes](https://github.com/crossbeam-rs/crossbeam/releases) - [Changelog](https://github.com/crossbeam-rs/crossbeam/blob/master/CHANGELOG.md) - [Commits](crossbeam-rs/crossbeam@crossbeam-channel-0.5.7...crossbeam-channel-0.5.8) --- updated-dependencies: - dependency-name: crossbeam-channel dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [memchr](https://github.com/BurntSushi/memchr) from 2.5.0 to 2.6.4. - [Commits](BurntSushi/memchr@2.5.0...2.6.4) --- updated-dependencies: - dependency-name: memchr dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [which](https://github.com/harryfei/which-rs) from 4.4.0 to 4.4.2. - [Changelog](https://github.com/harryfei/which-rs/blob/master/CHANGELOG.md) - [Commits](harryfei/which-rs@4.4.0...4.4.2) --- updated-dependencies: - dependency-name: which dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [ipnet](https://github.com/krisprice/ipnet) from 2.7.1 to 2.8.0. - [Release notes](https://github.com/krisprice/ipnet/releases) - [Changelog](https://github.com/krisprice/ipnet/blob/master/RELEASES.md) - [Commits](https://github.com/krisprice/ipnet/commits/2.8.0) --- updated-dependencies: - dependency-name: ipnet dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.105 to 1.0.107. - [Release notes](https://github.com/serde-rs/json/releases) - [Commits](serde-rs/json@v1.0.105...v1.0.107) --- updated-dependencies: - dependency-name: serde_json dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.12.0 to 0.13.0. - [Commits](golang/sys@v0.12.0...v0.13.0) --- updated-dependencies: - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [async-compression](https://github.com/Nullus157/async-compression) from 0.4.1 to 0.4.3. - [Release notes](https://github.com/Nullus157/async-compression/releases) - [Changelog](https://github.com/Nullus157/async-compression/blob/main/CHANGELOG.md) - [Commits](Nullus157/async-compression@async-compression-v0.4.1...async-compression-v0.4.3) --- updated-dependencies: - dependency-name: async-compression dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [itoa](https://github.com/dtolnay/itoa) from 1.0.6 to 1.0.9. - [Release notes](https://github.com/dtolnay/itoa/releases) - [Commits](dtolnay/itoa@1.0.6...1.0.9) --- updated-dependencies: - dependency-name: itoa dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.58.2 to 1.58.3. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.58.2...v1.58.3) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [js-sys](https://github.com/rustwasm/wasm-bindgen) from 0.3.61 to 0.3.64. - [Release notes](https://github.com/rustwasm/wasm-bindgen/releases) - [Changelog](https://github.com/rustwasm/wasm-bindgen/blob/main/CHANGELOG.md) - [Commits](https://github.com/rustwasm/wasm-bindgen/commits) --- updated-dependencies: - dependency-name: js-sys dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [termcolor](https://github.com/BurntSushi/termcolor) from 1.2.0 to 1.3.0. - [Commits](BurntSushi/termcolor@1.2.0...1.3.0) --- updated-dependencies: - dependency-name: termcolor dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [parking_lot_core](https://github.com/Amanieu/parking_lot) from 0.9.7 to 0.9.8. - [Changelog](https://github.com/Amanieu/parking_lot/blob/master/CHANGELOG.md) - [Commits](Amanieu/parking_lot@core-0.9.7...core-0.9.8) --- updated-dependencies: - dependency-name: parking_lot_core dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [picky-asn1-der](https://github.com/Devolutions/picky-rs) from 0.4.0 to 0.4.1. - [Changelog](https://github.com/Devolutions/picky-rs/blob/master/release.toml) - [Commits](https://github.com/Devolutions/picky-rs/commits) --- updated-dependencies: - dependency-name: picky-asn1-der dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
clap v2.33.3 is three years old and automated dependabot updates won't work anymore. Rework enclave-agent command line args handling to the latest Derive API from clap and move to v4.4.6. Signed-off-by: Mikko Ylinen <[email protected]>
Bumps [flagset](https://github.com/enarx/flagset) from 0.4.3 to 0.4.4. - [Commits](enarx/flagset@v0.4.3...v0.4.4) --- updated-dependencies: - dependency-name: flagset dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.58.3 to 1.59.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.58.3...v1.59.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [openssl-sys](https://github.com/sfackler/rust-openssl) from 0.9.92 to 0.9.93. - [Release notes](https://github.com/sfackler/rust-openssl/releases) - [Commits](sfackler/rust-openssl@openssl-sys-v0.9.92...openssl-sys-v0.9.93) --- updated-dependencies: - dependency-name: openssl-sys dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [github.com/containerd/continuity](https://github.com/containerd/continuity) from 0.4.2 to 0.4.3. - [Release notes](https://github.com/containerd/continuity/releases) - [Commits](containerd/continuity@v0.4.2...v0.4.3) --- updated-dependencies: - dependency-name: github.com/containerd/continuity dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [link-cplusplus](https://github.com/dtolnay/link-cplusplus) from 1.0.8 to 1.0.9. - [Release notes](https://github.com/dtolnay/link-cplusplus/releases) - [Commits](dtolnay/link-cplusplus@1.0.8...1.0.9) --- updated-dependencies: - dependency-name: link-cplusplus dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [encoding_rs](https://github.com/hsivonen/encoding_rs) from 0.8.32 to 0.8.33. - [Commits](hsivonen/encoding_rs@v0.8.32...v0.8.33) --- updated-dependencies: - dependency-name: encoding_rs dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [mio](https://github.com/tokio-rs/mio) from 0.8.6 to 0.8.8. - [Release notes](https://github.com/tokio-rs/mio/releases) - [Changelog](https://github.com/tokio-rs/mio/blob/master/CHANGELOG.md) - [Commits](tokio-rs/mio@v0.8.6...v0.8.8) --- updated-dependencies: - dependency-name: mio dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [sha3](https://github.com/RustCrypto/hashes) from 0.10.6 to 0.10.8. - [Commits](RustCrypto/hashes@sha3-v0.10.6...sha3/v0.10.8) --- updated-dependencies: - dependency-name: sha3 dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [toml_edit](https://github.com/toml-rs/toml) from 0.20.0 to 0.20.2. - [Commits](toml-rs/toml@v0.20.0...v0.20.2) --- updated-dependencies: - dependency-name: toml_edit dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [core-foundation-sys](https://github.com/servo/core-foundation-rs) from 0.8.3 to 0.8.4. - [Commits](servo/core-foundation-rs@core-foundation-sys-v0.8.3...core-foundation-sys-v0.8.4) --- updated-dependencies: - dependency-name: core-foundation-sys dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Before cutting image-rs for v0.8.0, make sure the latest image-rs works for enclave-cc Signed-off-by: Tobin Feldman-Fitzthum <[email protected]>
Bumps [unicode-ident](https://github.com/dtolnay/unicode-ident) from 1.0.8 to 1.0.12. - [Release notes](https://github.com/dtolnay/unicode-ident/releases) - [Commits](dtolnay/unicode-ident@1.0.8...1.0.12) --- updated-dependencies: - dependency-name: unicode-ident dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
piotrpalcz
force-pushed
the
random_key_usage
branch
from
8f6fbfe to
180630e
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR is related to image-rs PR confidential-containers/guest-components#385 and Shim/rune PR #256
Makes Runtime boot use key stored in file by image-rs/enclave agent.
After merging and fixes next step will be to seal/unseal the file with SGX