Documentation
¶
Overview ¶
Package endorse defines functions for producing and signing golden measurements of a UEFI.
Index ¶
- Variables
- func GoldenMeasurement(ctx context.Context) (*epb.VMGoldenMeasurement, error)
- func NewContext(ctx context.Context, ec *Context) context.Context
- func Ovmf(ctx context.Context) error
- func SignDoc(ctx context.Context, doc *epb.VMGoldenMeasurement) (*epb.VMLaunchEndorsement, error)
- type ChangeOps
- type CommitFinalizer
- type Context
- type File
- type VersionControl
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // ErrNoRetries is returned when submit fails too many times to continue attempting submission. // The retry amount is settable through Options. ErrNoRetries = errors.New("ran out of submit retries") // ErrNoEndorseContext is returned when the context.Context object does not contain the // EndorseContext. ErrNoEndorseContext = errors.New("no EndorseContext found") // ManifestFile is the basename of the VMEndorsementMap signature manifest. ManifestFile = "manifest.textproto" // DefaultEndorsementBasename is used for the file basename (minus file extension) of the signed // UEFI golden measurement, AKA the UEFI endorsement. DefaultEndorsementBasename = "endorsement" )
View Source
var ErrNoContext = errors.New("no endorse context found")
ErrNoContext is returned when a function requires an endorse.Context is needed but is missing from the context.
Functions ¶
func GoldenMeasurement ¶
func GoldenMeasurement(ctx context.Context) (*epb.VMGoldenMeasurement, error)
GoldenMeasurement produces the unsigned GoldenMeasurement for a given request and all GCE-supported vCPU counts.
func NewContext ¶
NewContext returns the context extended with the given endorse.Context
func Ovmf ¶
Ovmf calculates the golden measurement of the given OVMF image, signs a document with the measurement and associated metadata, submits it, and performs finalization.
func SignDoc ¶
func SignDoc(ctx context.Context, doc *epb.VMGoldenMeasurement) (*epb.VMLaunchEndorsement, error)
SignDoc returns a signed endorsement of a given golden measurement.
Types ¶
type ChangeOps ¶
type ChangeOps interface {
// WriteOrCreateFiles creates or overwrites all given files with their paired contents, or returns
// an error.
WriteOrCreateFiles(ctx context.Context, files ...*File) error
// ReadFile returns the content of the given file, or an error.
ReadFile(ctx context.Context, path string) ([]byte, error)
// SetBinaryWritable sets the metadata of the given file to denote it as binary and writable, and
// returns nil on success.
SetBinaryWritable(ctx context.Context, path string) error
// IsNotFound returns if any errors returned by the implementation should be interpreted as file
// not found.
IsNotFound(err error) bool
// Destroy reclaims any resources this object is using.
Destroy()
// TryCommit returns a representation of the successful commit or an error.
TryCommit(ctx context.Context) (any, error)
}
ChangeOps abstracts file IO for reading, writing, querying files, and committing to the EndorseInterface.
type CommitFinalizer ¶
type CommitFinalizer interface {
// Finalize performs any final actions with the VersionControl Result value.
Finalize(ctx context.Context, result any) error
}
CommitFinalizer performs any final actions with the commit result of the endorsement signatures.
type Context ¶
type Context struct {
// SevSnp is an optional request for endorsing SEV-SNP-specific information for the image.
SevSnp *sev.SnpEndorsementRequest
// Image is the full contents of the UEFI binary to endorse.
Image []byte
ClSpec uint64
// Commit is the git commit hash that corresponds to the ClSpec.
Commit []byte
// CandidateName is the name of the candidate from which the image was built.
CandidateName string
// ReleaseBranch is the name of the piper branch on which the image was build.
ReleaseBranch string
// Timestamp is what time will be reported in the golden measurement document.
Timestamp time.Time
VCS VersionControl
CommitFinalizer CommitFinalizer
// Fields used by VCS when committing an endorsement.
CommitRetries int
// OutDir is the VCS-root-relative location in which to write the endorsement files.
OutDir string
// DryRun true means that no endorsements will get written to version control or finalized.
DryRun bool
MeasurementOnly bool
// SnapshotDir is the VCS-root-relative location in which to write the snapshot files.
// Snapshotting is a different VCS commitment method that submits the firmware and its signature
// to the VCS with related paths. This is in addition to the manifest method to allow for older
// releases to still get signatures in a way the VMM can parse.
SnapshotDir string
// SnapshotToHead is true if the snapshot should be written to HEAD instead of the release branch.
// This is an interim solution until the firmware is entirely in its own separately released
// package.
SnapshotToHead bool
// ImageName is the path under SnapshotDir to write the firmware and its endorsement.
ImageName string
}
Context encapsulates all information needed to generate an endorsement for a UEFI binary.
type VersionControl ¶
type VersionControl interface {
// GetChangeOps returns a filesystem abstraction within the context of a commit attempt.
GetChangeOps(ctx context.Context) (ChangeOps, error)
// RetriableError returns true if TryCommit's provided error is retriable.
RetriableError(err error) bool
// Result returns a successful commit's representation given a successful TryCommit's result and
// the path to the created endorsement.
Result(commit any, endorsementPath string) any
// ReleasePath translates a path to its expected full path for WriteOrCreateFiles/ReadFile.
ReleasePath(ctx context.Context, certPath string) string
}
VersionControl abstracts the necessary operations for transacting signature files into a version control system.
Source Files
Click to show internal directories.
Click to hide internal directories.