Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support SEV-SNP on GCP #3011

Merged
merged 30 commits into from
Apr 16, 2024
Merged

Support SEV-SNP on GCP #3011

merged 30 commits into from
Apr 16, 2024

Conversation

msanft
Copy link
Contributor

@msanft msanft commented Apr 4, 2024

Context

GCP released a public preview for AMD SEV-SNP, which means that we can now use SEV-SNP on GCP in Constellation. This PR enables support for it on our side. It does not yet replace GCP SEV-ES as the default method for GCP on Constellation, which we can do once it's GA and prove to be stable to us in Constellation.

Proposed change(s)

  • Add GCP SEV-SNP attestation logic, with most of the code being "borrowed" from our AWS SEV-SNP implementation, with some changes, e.g. as GCP provides a TPM endorsement key. A detailed description of how the attestation works can be found here. This change also affects other CSPs that rely on vTPMs, as it changes our vTPM attestation scheme to always include a hash of the InstanceInfo within the TPMs attestation report, which is necessary for GCP to bind the TEE attestation to the TPM attestation, and should not affect security on other CSPs.
  • Add GCP SEV-SNP to our CI E2E-test matrices.
  • Add auto-generated docs reference for GCP SEV-SNP. I explicitly did not mention GCP SEV-SNP in the docs so far, as I'd like to first prove stability through some weeks of unit tests.

Additional info

  • AB#3894, AB#4024
  • I tried to split up this PR into digestible chunks, so feel free to only review the sections that you can/want review, or for which you are a CODEOWNER.
  • Measurements for GCP SEV-SNP should be automatically created through the CI once the scheduled OS image build runs. For now, testing can be done with a fixed 0 PCR 15.

Checklist

@msanft msanft added the feature This introduces new functionality label Apr 4, 2024
@msanft msanft added this to the v2.17.0 milestone Apr 4, 2024
@msanft msanft requested review from malt3 and 3u13r April 4, 2024 15:11
Copy link

netlify bot commented Apr 4, 2024

Deploy Preview for constellation-docs canceled.

Name Link
🔨 Latest commit 2129781
🔍 Latest deploy log https://app.netlify.com/sites/constellation-docs/deploys/661e86f94cf17600089f1b0d

@msanft msanft force-pushed the feat/gcp-sev-snp branch 3 times, most recently from 39a3f67 to 31edeaf Compare April 5, 2024 12:07
@elchead
Copy link
Contributor

elchead commented Apr 5, 2024

Testing the provider:
https://github.com/edgelesssys/constellation/actions/runs/8569840235
-> the new cc_technology variable logic is missing in the TF provider template

Looked at the TF + config related code. Lgtm besides the open points

cli/internal/cmd/verify.go Outdated Show resolved Hide resolved
docs/docs/overview/clouds.md Outdated Show resolved Hide resolved
internal/attestation/gcp/snp/validator.go Show resolved Hide resolved
internal/config/gcp.go Show resolved Hide resolved
@msanft
Copy link
Contributor Author

msanft commented Apr 5, 2024

Testing the provider:
https://github.com/edgelesssys/constellation/actions/runs/8569840235

Won't work yet, as measurements are not yet available.

@malt3
Copy link
Contributor

malt3 commented Apr 8, 2024

I'm unable to review in the short term. I'll remove myself as a reviewer for now.

@malt3 malt3 removed their request for review April 8, 2024 09:08
@msanft msanft requested review from daniel-weisse and elchead April 8, 2024 09:35
Copy link
Contributor

@elchead elchead left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code lgtm.

I understand that firmware version verification is currently missing (values are set to 0) and that it will be added as part of
https://dev.azure.com/Edgeless/Edgeless/_workitems/edit/4024

This will also be needed to support the attestation data source in the provider.

When will the OS measurements be available?

Once they are there, we should also add SNP to the weekly TF provider example matrix.

Copy link
Member

@thomasten thomasten left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

some nits

.github/actions/constellation_create/action.yml Outdated Show resolved Hide resolved
internal/config/gcp.go Outdated Show resolved Hide resolved
internal/attestation/vtpm/attestation.go Outdated Show resolved Hide resolved
internal/attestation/gcp/gcp.go Outdated Show resolved Hide resolved
internal/attestation/gcp/es/es.go Outdated Show resolved Hide resolved
internal/attestation/gcp/snp/snp.go Outdated Show resolved Hide resolved
internal/attestation/gcp/snp/snp.go Outdated Show resolved Hide resolved
internal/attestation/gcp/snp/issuer.go Outdated Show resolved Hide resolved
internal/attestation/gcp/snp/issuer.go Outdated Show resolved Hide resolved
internal/attestation/gcp/snp/validator.go Outdated Show resolved Hide resolved
@msanft msanft requested a review from thomasten April 10, 2024 11:40
@msanft
Copy link
Contributor Author

msanft commented Apr 10, 2024

@daniel-weisse could you take a look at the attestation again?

Copy link
Member

@daniel-weisse daniel-weisse left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks mostly good to me now.
Opened a PR to address some things we talked about in person: #3025

internal/attestation/gcp/snp/issuer.go Outdated Show resolved Hide resolved
internal/attestation/gcp/snp/validator.go Outdated Show resolved Hide resolved
internal/attestation/gcp/snp/validator.go Outdated Show resolved Hide resolved
@elchead
Copy link
Contributor

elchead commented Apr 13, 2024

the gcp provider is not yet supported in the upload.go. Furthermore, we should probably trigger the workflow once with cache-window-size to put a valid version into the api.
Afterwards, the fetcher needs to be integrated in the CLI. I think it makes sense to defer this for a separate PR.

@msanft msanft force-pushed the feat/gcp-sev-snp branch 2 times, most recently from 395531e to 52dac84 Compare April 15, 2024 08:03
msanft and others added 24 commits April 16, 2024 14:02
* Make sure SNP ARK is always loaded from config, or fetched from AMD KDS
* GCP: Set validator `reportData` correctly

---------

Signed-off-by: Daniel Weiße <[email protected]>
Co-authored-by: Moritz Sanft <[email protected]>
Signed-off-by: Moritz Sanft <[email protected]>
@msanft msanft force-pushed the feat/gcp-sev-snp branch from d84d765 to 8fb087d Compare April 16, 2024 12:03
Copy link
Contributor

Coverage report

Package Old New Trend
cli/internal/cloudcmd 18.70% 19.00% ↗️
cli/internal/cmd 42.70% 41.10% ↘️
cli/internal/terraform 57.30% 56.80% ↘️
internal/api/attestationconfigapi 24.20% 24.00% ↘️
internal/api/attestationconfigapi/cli 0.00% 0.00% 🚧
internal/attestation/aws/snp 8.30% 8.20% ↘️
internal/attestation/azure/snp 8.40% 8.20% ↘️
internal/attestation/choose 8.50% 8.30% ↘️
internal/attestation/gcp 12.10% 0.00% ↘️
internal/attestation/gcp/es 0.00% 12.30% 🆕
internal/attestation/gcp/snp 0.00% 0.00% 🆕
internal/attestation/measurements 41.10% 40.70% ↘️
internal/attestation/measurements/measurement-generator 0.60% 0.60% 🚧
internal/attestation/snp 20.80% 20.30% ↘️
internal/attestation/variant 0.00% 0.00% 🚧
internal/attestation/vtpm 5.30% 5.20% ↘️
internal/config 68.60% 67.90% ↘️
internal/constellation/state 74.30% 73.30% ↘️
measurement-reader/cmd 0.00% 0.00% 🚧
terraform-provider-constellation/internal/provider 4.00% 3.60% ↘️

@msanft msanft merged commit 913b09a into main Apr 16, 2024
13 of 14 checks passed
@msanft msanft deleted the feat/gcp-sev-snp branch April 16, 2024 16:13
@daniel-weisse daniel-weisse mentioned this pull request Jun 5, 2024
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
feature This introduces new functionality
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants