make attestor use dynamic msr

keystone-enclave · Apr 5, 2024 · 3191a8f · 3191a8f
1 parent 6e022b3
commit 3191a8f
Show file tree

Hide file tree

Showing 6 changed files with 130 additions and 48 deletions.
diff --git a/examples/attestation/host/host.cpp b/examples/attestation/host/host.cpp
@@ -234,9 +234,7 @@ Host::dispatch_ocall(RunData& run_data) {
 
 Report
 Host::run(const std::string& nonce) {
-  Keystone::Enclave enclave;
-  enclave.finalize(eapp_file_.c_str(), rt_file_.c_str(), ld_file_.c_str(), params_);
-
+  enclave.finalize();
   RunData run_data{
       SharedBuffer{enclave.getSharedBuffer(), enclave.getSharedBufferSize()},
       nonce, nullptr};

diff --git a/examples/attestation/host/host.h b/examples/attestation/host/host.h
@@ -56,31 +56,31 @@ class SharedBuffer {
 // and the remote verifier.
 class Host {
 public:
-Host(
+  Host(
     const Keystone::Params& params, const std::string& eapp_file,
-    const std::string& rt_file, const std::string& ld_file)
-    : params_(params), eapp_file_(eapp_file), rt_file_(rt_file),
-      ld_file_(ld_file) {}
-    // Given a random nonce from the remote verifier, this method leaves
-    // it for the enclave to fetch, and returns the attestation report
-    // from the enclave to the verifier.
-    Report run(const std::string& nonce);
+    const std::string& rt_file, const std::string& ld_file) {
+      enclave = Keystone::Enclave(params);
+      enclave.addStandard(
+        eapp_file.c_str(), rt_file.c_str(), ld_file.c_str());
+    }
+  // Given a random nonce from the remote verifier, this method leaves
+  // it for the enclave to fetch, and returns the attestation report
+  // from the enclave to the verifier.
+  Report run(const std::string& nonce);
+  Keystone::Enclave& getEnclave() { return enclave; }
 
 private:
- struct RunData {
-   SharedBuffer shared_buffer;
-   const std::string& nonce;
-   std::unique_ptr<Report> report;
- };
- static void dispatch_ocall(RunData& run_data);
- static void print_buffer_wrapper(RunData& run_data);
- static void print_value_wrapper(RunData& run_data);
- static void copy_report_wrapper(RunData& run_data);
- static void get_host_string_wrapper(RunData& run_data);
- const Keystone::Params params_;
- const std::string eapp_file_;
- const std::string rt_file_;
- const std::string ld_file_;
+  struct RunData {
+    SharedBuffer shared_buffer;
+    const std::string& nonce;
+    std::unique_ptr<Report> report;
+  };
+  static void dispatch_ocall(RunData& run_data);
+  static void print_buffer_wrapper(RunData& run_data);
+  static void print_value_wrapper(RunData& run_data);
+  static void copy_report_wrapper(RunData& run_data);
+  static void get_host_string_wrapper(RunData& run_data);
+  Keystone::Enclave enclave;
 };
 
 #endif /* _ATTESTATION_HOST_H_ */
diff --git a/examples/attestation/host/verifier.cpp b/examples/attestation/host/verifier.cpp
@@ -23,17 +23,49 @@
 void
 Verifier::run() {
   const std::string nonce = std::to_string(random() % 0x100000000);
-  Host host(params_, eapp_file_, rt_file_, ld_file_);
+  Host host(params, eapp_file, rt_file, ld_file);
+  Keystone::Enclave::Checkpoint checkpoint_additions;
+  {
+    // create a random file, not used by enclave
+    const std::string extra_filename = "extra_file.txt";
+    // random contents
+    std::string extra_contents;
+    int extra_contents_length = 10;
+    extra_contents.reserve(extra_contents_length);
+    for (int i = 0; i < extra_contents_length; i++) {
+      extra_contents += (char) (random() % 128);
+    }
+    // write to file
+    FILE* extra_file = fopen(extra_filename.c_str(), "w");
+    if (!extra_file)
+      throw std::runtime_error(
+          "Error opening extra_file: " + extra_filename + ", " +
+          std::strerror(errno));
+    if (fwrite(extra_contents.data(), 1, extra_contents.size(), extra_file)
+        != extra_contents.size()) {
+      throw std::runtime_error(
+          "Error writing extra_file: " + extra_filename + ", " +
+          std::strerror(errno));
+      }
+    fclose(extra_file);
+    // use Keystone::Enclave to create the delta, and add to existing enclave
+    Keystone::Enclave& enclave = host.getEnclave();
+    enclave.startDelta();
+    enclave.addResidentResource(extra_filename.c_str(), 0,
+      extra_filename.c_str(), 1);
+    checkpoint_additions = enclave.makeDeltaCheckpoint();
+  }
   Report report = host.run(nonce);
-  verify_report(report, nonce);
+  verify_report(report, nonce, checkpoint_additions);
 }
 
 void
-Verifier::verify_report(Report& report, const std::string& nonce) {
+Verifier::verify_report(Report& report, const std::string& nonce,
+    Keystone::Enclave::Checkpoint checkpoint_additions) {
   debug_verify(report, _sanctum_dev_public_key);
 
   byte expected_enclave_hash[MDSIZE];
-  compute_expected_enclave_hash(expected_enclave_hash);
+  compute_expected_enclave_hash(expected_enclave_hash, checkpoint_additions);
 
   byte expected_sm_hash[MDSIZE];
   compute_expected_sm_hash(expected_sm_hash);
@@ -77,8 +109,17 @@ Verifier::verify_data(Report& report, const std::string& nonce) {
 }
 
 void
-Verifier::compute_expected_enclave_hash(byte* expected_enclave_hash) {
-  Keystone::Enclave::measure((char*) expected_enclave_hash, eapp_file_.c_str(), rt_file_.c_str(), ld_file_.c_str(), params_);
+Verifier::compute_expected_enclave_hash(byte* expected_enclave_hash,
+    Keystone::Enclave::Checkpoint checkpoint_additions) {
+  // create base
+  Keystone::Enclave enclave(params);
+  enclave.addStandard(
+    eapp_file.c_str(), rt_file.c_str(), ld_file.c_str());
+  Keystone::Enclave::Checkpoint checkpoint = enclave.makeCheckpoint();
+  // add additions & calculate hash
+  // in reality, would also validate checkpoint_additions is allowed
+  checkpoint.addFromCheckpoint(checkpoint_additions);
+  checkpoint.measurement((char *) expected_enclave_hash);
 }
 
 void
@@ -92,14 +133,14 @@ Verifier::compute_expected_sm_hash(byte* expected_sm_hash) {
 
   {
     // Reading SM content from file.
-    FILE* sm_bin = fopen(sm_bin_file_.c_str(), "rb");
+    FILE* sm_bin = fopen(sm_bin_file.c_str(), "rb");
     if (!sm_bin)
       throw std::runtime_error(
-          "Error opening sm_bin_file_: " + sm_bin_file_ + ", " +
+          "Error opening sm_bin_file: " + sm_bin_file + ", " +
           std::strerror(errno));
     if (fread(sm_content.data(), 1, sm_content.size(), sm_bin) <= 0)
       throw std::runtime_error(
-          "Error reading sm_bin_file_: " + sm_bin_file_ + ", " +
+          "Error reading sm_bin_file: " + sm_bin_file + ", " +
           std::strerror(errno));
     fclose(sm_bin);
   }

diff --git a/examples/attestation/host/verifier.h b/examples/attestation/host/verifier.h
@@ -22,12 +22,13 @@ class Verifier {
  public:
   Verifier(
       const Keystone::Params& params, const std::string& eapp_file,
-      const std::string& rt_file, const std::string& ld_file, const std::string& sm_bin_file)
-      : params_(params),
-        eapp_file_(eapp_file),
-        rt_file_(rt_file),
-        ld_file_(ld_file),
-        sm_bin_file_(sm_bin_file) {}
+      const std::string& rt_file, const std::string& ld_file,
+      const std::string& sm_bin_file)
+      : params(params),
+        eapp_file(eapp_file),
+        rt_file(rt_file),
+        ld_file(ld_file),
+        sm_bin_file(sm_bin_file) {}
   // This method generates a random nonce, invokes the run() method
   // of the Host, and verifies that the returned attestation report
   // is valid.
@@ -49,17 +50,19 @@ class Verifier {
   static void verify_data(Report& report, const std::string& nonce);
 
   // Verifies the hashes and the nonce in the attestation report.
-  void verify_report(Report& report, const std::string& nonce);
+  void verify_report(Report& report, const std::string& nonce,
+      Keystone::Enclave::Checkpoint checkpoint_additions);
 
   // Computes the hash of the expected EApp running in the enclave.
-  void compute_expected_enclave_hash(byte* expected_enclave_hash);
+  void compute_expected_enclave_hash(byte* expected_enclave_hash,
+      Keystone::Enclave::Checkpoint checkpoint_additions);
 
   // Computes the hash of the expected Security Monitor (SM).
   void compute_expected_sm_hash(byte* expected_sm_hash);
 
-  const Keystone::Params params_;
-  const std::string eapp_file_;
-  const std::string rt_file_;
-  const std::string ld_file_;
-  const std::string sm_bin_file_;
+  const Keystone::Params params;
+  const std::string eapp_file;
+  const std::string rt_file;
+  const std::string ld_file;
+  const std::string sm_bin_file;
 };
diff --git a/sdk/include/host/Enclave.hpp b/sdk/include/host/Enclave.hpp
@@ -36,6 +36,7 @@ class Enclave {
   Params params;
   KeystoneDevice pDevice;
   OcallFunc oFuncDispatch;
+  Enclave* deltaEnclave = nullptr;
 
   // track added resources
   typedef struct {
@@ -85,20 +86,24 @@ class Enclave {
 
   class Checkpoint {
    public:
+    Checkpoint() {}
     Checkpoint(Params& params, std::vector<resource_hash_t>& identityResident,
       std::vector<resource_hash_t>& identityAbsent, std::vector<resource_hash_t>& resident,
       std::vector<resource_hash_t>& absent) : params(params), identityResident(identityResident),
-      resident(resident), absent(absent) {};
+      resident(resident), absent(absent) {}
     Params params;
     std::vector<resource_hash_t> identityResident;
     std::vector<resource_hash_t> identityAbsent;
     std::vector<resource_hash_t> resident;
     std::vector<resource_hash_t> absent;
     void measurement(char* hash);
     void sortAllResources();
+    void addFromCheckpoint(Checkpoint other);
    private:
     void assertSorted();
   };
+  void startDelta();
+  Checkpoint makeDeltaCheckpoint();
   Checkpoint makeCheckpoint();
 };
 

diff --git a/sdk/src/host/Enclave.cpp b/sdk/src/host/Enclave.cpp
@@ -86,6 +86,18 @@ Enclave::makeCheckpoint() {
   return checkpoint;
 }
 
+void
+Enclave::startDelta() {
+  assert(deltaEnclave == nullptr);
+  deltaEnclave = new Enclave();
+}
+
+Enclave::Checkpoint
+Enclave::makeDeltaCheckpoint() {
+  assert(deltaEnclave);
+  return deltaEnclave->makeCheckpoint();
+}
+
 Error
 Enclave::measureSelf(char* hash) {
   makeCheckpoint().measurement(hash);
@@ -109,6 +121,9 @@ Enclave::addResidentResource(const char* name, uintptr_t type, const char* filep
   if (strlen(name) >= MSR_NAME_LEN) {
     return Error::BadArgument;
   }
+  if (deltaEnclave) {
+    deltaEnclave->addResidentResource(name, type, filepath, identity);
+  }
   resource_info_t* resInfo = 0;
   if (identity) {
     identityResident.push_back({});
@@ -128,6 +143,9 @@ Enclave::addAbsentResource(const char* name, uintptr_t type, const char* hash, b
   if (strlen(name) >= MSR_NAME_LEN) {
     return Error::BadArgument;
   }
+  if (deltaEnclave) {
+    deltaEnclave->addAbsentResource(name, type, hash, identity);
+  }
   resource_hash_t* resHash = 0;
   if (identity) {
     identityAbsent.push_back({});
@@ -322,6 +340,10 @@ Enclave::destroy() {
     delete elfFile;
   }
   allElfFiles.clear();
+  if (deltaEnclave) {
+    delete deltaEnclave;
+    deltaEnclave = nullptr;
+  }
   return pDevice.destroy();
 }
 
@@ -403,4 +425,17 @@ Enclave::Checkpoint::assertSorted() {
   }
 }
 
+void
+Enclave::Checkpoint::addFromCheckpoint(Checkpoint other) {
+  auto add_resources = [](std::vector<resource_hash_t>& base,
+    std::vector<resource_hash_t>& additions) -> void {
+      base.insert(base.end(), additions.begin(), additions.end());
+  };
+  add_resources(identityResident, other.identityResident);
+  add_resources(identityAbsent, other.identityAbsent);
+  add_resources(resident, other.resident);
+  add_resources(absent, other.absent);
+  sortAllResources();
+}
+
 }  // namespace Keystone