Merge pull request #5665 from jimcadden/online_sev_kbc

CC | runtime: Add online-kbs to kernel params

docs/how-to/how-to-set-sandbox-config-kata.md

@@ -94,6 +94,16 @@ There are several kinds of Kata configurations and they are listed below.
 | `io.katacontainers.config.hypervisor.enable_guest_swap` | `boolean` | enable swap in the guest |
 | `io.katacontainers.config.hypervisor.use_legacy_serial` | `boolean` | uses legacy serial device for guest's console (QEMU) |
 
+## Confidential Computing Options
+| Key | Value Type | Comments |
+|-------| ----- | ----- |
+| `io.katacontainers.config.pre_attestation.enabled"` | `bool` |
+determines if SEV/-ES attestation is enabled |
+| `io.katacontainers.config.pre_attestation.uri"` | `string` |
+specify the location of the attestation server |
+| `io.katacontainers.config.sev.policy"` | `uint32` |
+specify the SEV guest policy |
+
 ## Container Options
 | Key | Value Type | Comments |
 |-------| ----- | ----- |

src/runtime/Makefile

@@ -258,14 +258,13 @@ DEFBINDMOUNTS := []
 # Image Service Offload
 DEFSERVICEOFFLOAD ?= false
 
-# SEV Guest Pre-Attestation
+# SEV & SEV-ES Guest Pre-Attestation
 DEFGUESTPREATTESTATION ?= false
 DEFGUESTPREATTESTATIONPROXY ?= localhost:44444
+DEFGUESTPREATTESTATIONMODE ?= online
 DEFGUESTPREATTESTATIONKEYSET ?= KEYSET-1
-DEFGUESTPREATTESTATIONSECRETGUID ?= 1ee27366-0c87-43a6-af48-28543eaf7cb0
-DEFGUESTPREATTESTATIONSECRETTYPE ?= connection
 DEFSEVCERTCHAIN ?= /opt/sev/cert_chain.cert
-DEFSEVGUESTPOLICY ?= 0
+DEFSEVGUESTPOLICY ?= 3
 
 SED = sed
 
@@ -614,9 +613,8 @@ USER_VARS += BUILDFLAGS
 USER_VARS += DEFSERVICEOFFLOAD
 USER_VARS += DEFGUESTPREATTESTATION
 USER_VARS += DEFGUESTPREATTESTATIONPROXY
+USER_VARS += DEFGUESTPREATTESTATIONMODE
 USER_VARS += DEFGUESTPREATTESTATIONKEYSET
-USER_VARS += DEFGUESTPREATTESTATIONSECRETGUID
-USER_VARS += DEFGUESTPREATTESTATIONSECRETTYPE
 USER_VARS += DEFSEVCERTCHAIN
 USER_VARS += DEFSEVGUESTPOLICY
 

src/runtime/config/configuration-qemu-sev.toml.in

@@ -32,24 +32,21 @@ machine_type = "@MACHINETYPE@"
 # Default false
 confidential_guest = true
 
-# Enable pre-attestation AMD SEV and SEV-ES confidential guests.
+# Enable pre-attestation for AMD SEV and SEV-ES guests.
 # Applies only if confidential_guest is true.
 # (default: false)
 guest_pre_attestation = true
 
-# Guest owner proxy that handles remote attestation
+# A remote key broker server (KBS) is required to validate the attestation
-guest_pre_attestation_proxy = "@DEFGUESTPREATTESTATIONPROXY@"
+# measurement and inject a secret key.  
-
-# Keyset ID for injected secrets
-guest_pre_attestation_keyset = "@DEFGUESTPREATTESTATIONKEYSET@"
-
-# GUID of injected secret
-# Key Broker Server for SEV(-ES) expects secrets with this guid
 # See https://github.com/confidential-containers/simple-kbs
-guest_pre_attestation_secret_guid = "@DEFGUESTPREATTESTATIONSECRETGUID@"
+guest_pre_attestation_kbs_uri = "@DEFGUESTPREATTESTATIONPROXY@"
 
-# Type of injected secret
+# The simple-kbs can be run in "online" and "offline" modes
-guest_pre_attestation_secret_type = "@DEFGUESTPREATTESTATIONSECRETTYPE@"
+guest_pre_attestation_kbs_mode="@DEFGUESTPREATTESTATIONMODE@" 
+
+# Keyset ID for injected secrets (offline kbs)
+guest_pre_attestation_keyset = "@DEFGUESTPREATTESTATIONKEYSET@"
 
 # SEV guest policy
 sev_guest_policy = @DEFSEVGUESTPOLICY@

src/runtime/config/configuration-qemu.toml.in

@@ -40,27 +40,24 @@ rootfs_type=@DEFROOTFSTYPE@
 # Default false
 # confidential_guest = true
 
-# Enable pre-attestation AMD SEV and SEV-ES confidential guests.
+# Enable pre-attestation for AMD SEV and SEV-ES guests.
 # Applies only if confidential_guest is true.
 # (default: false)
 #guest_pre_attestation = true
 #
-# Guest owner proxy that handles remote attestation
+# A remote key broker server (KBS) is required to validate the attestation
-#guest_pre_attestation_proxy="localhost:50051"
+# measurement and inject a secret key.  
-#
-# Keyset ID for injected secrets
-#guest_pre_attestation_keyset="KEYSET-1"
-#
-# GUID of injected secret
-# Key Broker Server for SEV(-ES) expects secrets with this guid
 # See https://github.com/confidential-containers/simple-kbs
-#guest_pre_attestation_secret_guid = "@DEFGUESTPREATTESTATIONSECRETGUID@"
+#guest_pre_attestation_kbs_uri = "@DEFGUESTPREATTESTATIONPROXY@"
 #
-# Type of injected secret
+# The simple-kbs can be run in "online" and "offline" modes
-#guest_pre_attestation_secret_type = "@DEFGUESTPREATTESTATIONSECRETTYPE@"
+#guest_pre_attestation_kbs_mode="@DEFGUESTPREATTESTATIONMODE@" 
+#
+# Keyset ID of the injected secret (offline kbs)
+#guest_pre_attestation_keyset = "@DEFGUESTPREATTESTATIONKEYSET@"
 #
 # SEV guest policy
-#sev_guest_policy=0
+#sev_guest_policy = @DEFSEVGUESTPOLICY@
 
 # SEV certificate chain path 
 #sev_cert_chain="@DEFSEVCERTCHAIN@"

src/runtime/pkg/katautils/config-settings.go.in

@@ -96,10 +96,9 @@ const defaultDisableGuestSeLinux = true
 const defaultVfioMode = "guest-kernel"
 const defaultLegacySerial = false
 const defaultGuestPreAttestation = false
-const defaultGuestPreAttestationProxy string = ""
+const defaultGuestPreAttestationURI string = ""
+const defaultGuestPreAttestationMode string = ""
 const defaultGuestPreAttestationKeyset string = ""
-const defaultGuestPreAttestationSecretGuid string = ""
-const defaultGuestPreAttestationSecretType string = ""
 const defaultSEVCertChainPath string = ""
 const defaultSEVGuestPolicy uint32 = 0
 const defaultSNPGuestPolicy uint64 = 0x30000

src/runtime/pkg/katautils/config.go

@@ -101,10 +101,9 @@ type hypervisor struct {
 	GuestHookPath                  string   `toml:"guest_hook_path"`
 	GuestMemoryDumpPath            string   `toml:"guest_memory_dump_path"`
 	SeccompSandbox                 string   `toml:"seccompsandbox"`
-	GuestPreAttestationProxy       string   `toml:"guest_pre_attestation_proxy"`
+	GuestPreAttestationURI         string   `toml:"guest_pre_attestation_kbs_uri"`
+	GuestPreAttestationMode        string   `toml:"guest_pre_attestation_kbs_mode"`
 	GuestPreAttestationKeyset      string   `toml:"guest_pre_attestation_keyset"`
-	GuestPreAttestationSecretGuid  string   `toml:"guest_pre_attestation_secret_guid"`
-	GuestPreAttestationSecretType  string   `toml:"guest_pre_attestation_secret_type"`
 	SEVCertChainPath               string   `toml:"sev_cert_chain"`
 	BlockDeviceAIO                 string   `toml:"block_device_aio"`
 	RemoteHypervisorSocket         string   `toml:"remote_hypervisor_socket"`
@@ -815,81 +814,80 @@ func newQemuHypervisorConfig(h hypervisor) (vc.HypervisorConfig, error) {
 	txRateLimiterMaxRate := h.getTxRateLimiterCfg()
 
 	return vc.HypervisorConfig{
-		HypervisorPath:                hypervisor,
+		HypervisorPath:            hypervisor,
-		HypervisorPathList:            h.HypervisorPathList,
+		HypervisorPathList:        h.HypervisorPathList,
-		KernelPath:                    kernel,
+		KernelPath:                kernel,
-		InitrdPath:                    initrd,
+		InitrdPath:                initrd,
-		ImagePath:                     image,
+		ImagePath:                 image,
-		FirmwarePath:                  firmware,
+		FirmwarePath:              firmware,
-		FirmwareVolumePath:            firmwareVolume,
+		FirmwareVolumePath:        firmwareVolume,
-		PFlash:                        pflashes,
+		PFlash:                    pflashes,
-		MachineAccelerators:           machineAccelerators,
+		MachineAccelerators:       machineAccelerators,
-		CPUFeatures:                   cpuFeatures,
+		CPUFeatures:               cpuFeatures,
-		KernelParams:                  vc.DeserializeParams(strings.Fields(kernelParams)),
+		KernelParams:              vc.DeserializeParams(strings.Fields(kernelParams)),
-		HypervisorMachineType:         machineType,
+		HypervisorMachineType:     machineType,
-		NumVCPUs:                      h.defaultVCPUs(),
+		NumVCPUs:                  h.defaultVCPUs(),
-		DefaultMaxVCPUs:               h.defaultMaxVCPUs(),
+		DefaultMaxVCPUs:           h.defaultMaxVCPUs(),
-		MemorySize:                    h.defaultMemSz(),
+		MemorySize:                h.defaultMemSz(),
-		MemSlots:                      h.defaultMemSlots(),
+		MemSlots:                  h.defaultMemSlots(),
-		MemOffset:                     h.defaultMemOffset(),
+		MemOffset:                 h.defaultMemOffset(),
-		DefaultMaxMemorySize:          h.defaultMaxMemSz(),
+		DefaultMaxMemorySize:      h.defaultMaxMemSz(),
-		VirtioMem:                     h.VirtioMem,
+		VirtioMem:                 h.VirtioMem,
-		EntropySource:                 h.GetEntropySource(),
+		EntropySource:             h.GetEntropySource(),
-		EntropySourceList:             h.EntropySourceList,
+		EntropySourceList:         h.EntropySourceList,
-		DefaultBridges:                h.defaultBridges(),
+		DefaultBridges:            h.defaultBridges(),
-		DisableBlockDeviceUse:         h.DisableBlockDeviceUse,
+		DisableBlockDeviceUse:     h.DisableBlockDeviceUse,
-		SharedFS:                      sharedFS,
+		SharedFS:                  sharedFS,
-		VirtioFSDaemon:                h.VirtioFSDaemon,
+		VirtioFSDaemon:            h.VirtioFSDaemon,
-		VirtioFSDaemonList:            h.VirtioFSDaemonList,
+		VirtioFSDaemonList:        h.VirtioFSDaemonList,
-		VirtioFSCacheSize:             h.VirtioFSCacheSize,
+		VirtioFSCacheSize:         h.VirtioFSCacheSize,
-		VirtioFSCache:                 h.defaultVirtioFSCache(),
+		VirtioFSCache:             h.defaultVirtioFSCache(),
-		VirtioFSQueueSize:             h.VirtioFSQueueSize,
+		VirtioFSQueueSize:         h.VirtioFSQueueSize,
-		VirtioFSExtraArgs:             h.VirtioFSExtraArgs,
+		VirtioFSExtraArgs:         h.VirtioFSExtraArgs,
-		MemPrealloc:                   h.MemPrealloc,
+		MemPrealloc:               h.MemPrealloc,
-		HugePages:                     h.HugePages,
+		HugePages:                 h.HugePages,
-		IOMMU:                         h.IOMMU,
+		IOMMU:                     h.IOMMU,
-		IOMMUPlatform:                 h.getIOMMUPlatform(),
+		IOMMUPlatform:             h.getIOMMUPlatform(),
-		FileBackedMemRootDir:          h.FileBackedMemRootDir,
+		FileBackedMemRootDir:      h.FileBackedMemRootDir,
-		FileBackedMemRootList:         h.FileBackedMemRootList,
+		FileBackedMemRootList:     h.FileBackedMemRootList,
-		Debug:                         h.Debug,
+		Debug:                     h.Debug,
-		DisableNestingChecks:          h.DisableNestingChecks,
+		DisableNestingChecks:      h.DisableNestingChecks,
-		BlockDeviceDriver:             blockDriver,
+		BlockDeviceDriver:         blockDriver,
-		BlockDeviceAIO:                blockAIO,
+		BlockDeviceAIO:            blockAIO,
-		BlockDeviceCacheSet:           h.BlockDeviceCacheSet,
+		BlockDeviceCacheSet:       h.BlockDeviceCacheSet,
-		BlockDeviceCacheDirect:        h.BlockDeviceCacheDirect,
+		BlockDeviceCacheDirect:    h.BlockDeviceCacheDirect,
-		BlockDeviceCacheNoflush:       h.BlockDeviceCacheNoflush,
+		BlockDeviceCacheNoflush:   h.BlockDeviceCacheNoflush,
-		EnableIOThreads:               h.EnableIOThreads,
+		EnableIOThreads:           h.EnableIOThreads,
-		Msize9p:                       h.msize9p(),
+		Msize9p:                   h.msize9p(),
-		DisableImageNvdimm:            h.DisableImageNvdimm,
+		DisableImageNvdimm:        h.DisableImageNvdimm,
-		HotplugVFIOOnRootBus:          h.HotplugVFIOOnRootBus,
+		HotplugVFIOOnRootBus:      h.HotplugVFIOOnRootBus,
-		PCIeRootPort:                  h.PCIeRootPort,
+		PCIeRootPort:              h.PCIeRootPort,
-		DisableVhostNet:               h.DisableVhostNet,
+		DisableVhostNet:           h.DisableVhostNet,
-		EnableVhostUserStore:          h.EnableVhostUserStore,
+		EnableVhostUserStore:      h.EnableVhostUserStore,
-		VhostUserStorePath:            h.vhostUserStorePath(),
+		VhostUserStorePath:        h.vhostUserStorePath(),
-		VhostUserStorePathList:        h.VhostUserStorePathList,
+		VhostUserStorePathList:    h.VhostUserStorePathList,
-		SeccompSandbox:                h.SeccompSandbox,
+		SeccompSandbox:            h.SeccompSandbox,
-		GuestHookPath:                 h.guestHookPath(),
+		GuestHookPath:             h.guestHookPath(),
-		RxRateLimiterMaxRate:          rxRateLimiterMaxRate,
+		RxRateLimiterMaxRate:      rxRateLimiterMaxRate,
-		TxRateLimiterMaxRate:          txRateLimiterMaxRate,
+		TxRateLimiterMaxRate:      txRateLimiterMaxRate,
-		EnableAnnotations:             h.EnableAnnotations,
+		EnableAnnotations:         h.EnableAnnotations,
-		GuestMemoryDumpPath:           h.GuestMemoryDumpPath,
+		GuestMemoryDumpPath:       h.GuestMemoryDumpPath,
-		GuestMemoryDumpPaging:         h.GuestMemoryDumpPaging,
+		GuestMemoryDumpPaging:     h.GuestMemoryDumpPaging,
-		ConfidentialGuest:             h.ConfidentialGuest,
+		ConfidentialGuest:         h.ConfidentialGuest,
-		SevSnpGuest:                   h.SevSnpGuest,
+		SevSnpGuest:               h.SevSnpGuest,
-		GuestSwap:                     h.GuestSwap,
+		GuestSwap:                 h.GuestSwap,
-		Rootless:                      h.Rootless,
+		Rootless:                  h.Rootless,
-		LegacySerial:                  h.LegacySerial,
+		LegacySerial:              h.LegacySerial,
-		DisableSeLinux:                h.DisableSeLinux,
+		DisableSeLinux:            h.DisableSeLinux,
-		GuestPreAttestation:           h.GuestPreAttestation,
+		GuestPreAttestation:       h.GuestPreAttestation,
-		GuestPreAttestationProxy:      h.GuestPreAttestationProxy,
+		GuestPreAttestationURI:    h.GuestPreAttestationURI,
-		GuestPreAttestationKeyset:     h.GuestPreAttestationKeyset,
+		GuestPreAttestationMode:   h.GuestPreAttestationMode,
-		GuestPreAttestationSecretGuid: h.GuestPreAttestationSecretGuid,
+		GuestPreAttestationKeyset: h.GuestPreAttestationKeyset,
-		GuestPreAttestationSecretType: h.GuestPreAttestationSecretType,
+		SEVGuestPolicy:            h.SEVGuestPolicy,
-		SEVGuestPolicy:                h.SEVGuestPolicy,
+		SNPGuestPolicy:            h.getSnpGuestPolicy(),
-		SNPGuestPolicy:                h.getSnpGuestPolicy(),
+		SEVCertChainPath:          h.SEVCertChainPath,
-		SEVCertChainPath:              h.SEVCertChainPath,
+		DisableGuestSeLinux:       h.DisableGuestSeLinux,
-		DisableGuestSeLinux:           h.DisableGuestSeLinux,
+		RootfsType:                rootfsType,
-		RootfsType:                    rootfsType,
 	}, nil
 }
 
@@ -1276,63 +1274,62 @@ func updateRuntimeConfig(configPath string, tomlConf tomlConfig, config *oci.Run
 
 func GetDefaultHypervisorConfig() vc.HypervisorConfig {
 	return vc.HypervisorConfig{
-		HypervisorPath:                defaultHypervisorPath,
+		HypervisorPath:            defaultHypervisorPath,
-		JailerPath:                    defaultJailerPath,
+		JailerPath:                defaultJailerPath,
-		KernelPath:                    defaultKernelPath,
+		KernelPath:                defaultKernelPath,
-		ImagePath:                     defaultImagePath,
+		ImagePath:                 defaultImagePath,
-		InitrdPath:                    defaultInitrdPath,
+		InitrdPath:                defaultInitrdPath,
-		FirmwarePath:                  defaultFirmwarePath,
+		FirmwarePath:              defaultFirmwarePath,
-		FirmwareVolumePath:            defaultFirmwareVolumePath,
+		FirmwareVolumePath:        defaultFirmwareVolumePath,
-		MachineAccelerators:           defaultMachineAccelerators,
+		MachineAccelerators:       defaultMachineAccelerators,
-		CPUFeatures:                   defaultCPUFeatures,
+		CPUFeatures:               defaultCPUFeatures,
-		HypervisorMachineType:         defaultMachineType,
+		HypervisorMachineType:     defaultMachineType,
-		NumVCPUs:                      defaultVCPUCount,
+		NumVCPUs:                  defaultVCPUCount,
-		DefaultMaxVCPUs:               defaultMaxVCPUCount,
+		DefaultMaxVCPUs:           defaultMaxVCPUCount,
-		MemorySize:                    defaultMemSize,
+		MemorySize:                defaultMemSize,
-		MemOffset:                     defaultMemOffset,
+		MemOffset:                 defaultMemOffset,
-		VirtioMem:                     defaultVirtioMem,
+		VirtioMem:                 defaultVirtioMem,
-		DisableBlockDeviceUse:         defaultDisableBlockDeviceUse,
+		DisableBlockDeviceUse:     defaultDisableBlockDeviceUse,
-		DefaultBridges:                defaultBridgesCount,
+		DefaultBridges:            defaultBridgesCount,
-		MemPrealloc:                   defaultEnableMemPrealloc,
+		MemPrealloc:               defaultEnableMemPrealloc,
-		HugePages:                     defaultEnableHugePages,
+		HugePages:                 defaultEnableHugePages,
-		IOMMU:                         defaultEnableIOMMU,
+		IOMMU:                     defaultEnableIOMMU,
-		IOMMUPlatform:                 defaultEnableIOMMUPlatform,
+		IOMMUPlatform:             defaultEnableIOMMUPlatform,
-		FileBackedMemRootDir:          defaultFileBackedMemRootDir,
+		FileBackedMemRootDir:      defaultFileBackedMemRootDir,
-		Debug:                         defaultEnableDebug,
+		Debug:                     defaultEnableDebug,
-		DisableNestingChecks:          defaultDisableNestingChecks,
+		DisableNestingChecks:      defaultDisableNestingChecks,
-		BlockDeviceDriver:             defaultBlockDeviceDriver,
+		BlockDeviceDriver:         defaultBlockDeviceDriver,
-		BlockDeviceAIO:                defaultBlockDeviceAIO,
+		BlockDeviceAIO:            defaultBlockDeviceAIO,
-		BlockDeviceCacheSet:           defaultBlockDeviceCacheSet,
+		BlockDeviceCacheSet:       defaultBlockDeviceCacheSet,
-		BlockDeviceCacheDirect:        defaultBlockDeviceCacheDirect,
+		BlockDeviceCacheDirect:    defaultBlockDeviceCacheDirect,
-		BlockDeviceCacheNoflush:       defaultBlockDeviceCacheNoflush,
+		BlockDeviceCacheNoflush:   defaultBlockDeviceCacheNoflush,
-		EnableIOThreads:               defaultEnableIOThreads,
+		EnableIOThreads:           defaultEnableIOThreads,
-		Msize9p:                       defaultMsize9p,
+		Msize9p:                   defaultMsize9p,
-		HotplugVFIOOnRootBus:          defaultHotplugVFIOOnRootBus,
+		HotplugVFIOOnRootBus:      defaultHotplugVFIOOnRootBus,
-		PCIeRootPort:                  defaultPCIeRootPort,
+		PCIeRootPort:              defaultPCIeRootPort,
-		GuestHookPath:                 defaultGuestHookPath,
+		GuestHookPath:             defaultGuestHookPath,
-		VhostUserStorePath:            defaultVhostUserStorePath,
+		VhostUserStorePath:        defaultVhostUserStorePath,
-		VirtioFSCache:                 defaultVirtioFSCacheMode,
+		VirtioFSCache:             defaultVirtioFSCacheMode,
-		DisableImageNvdimm:            defaultDisableImageNvdimm,
+		DisableImageNvdimm:        defaultDisableImageNvdimm,
-		RxRateLimiterMaxRate:          defaultRxRateLimiterMaxRate,
+		RxRateLimiterMaxRate:      defaultRxRateLimiterMaxRate,
-		TxRateLimiterMaxRate:          defaultTxRateLimiterMaxRate,
+		TxRateLimiterMaxRate:      defaultTxRateLimiterMaxRate,
-		SGXEPCSize:                    defaultSGXEPCSize,
+		SGXEPCSize:                defaultSGXEPCSize,
-		ConfidentialGuest:             defaultConfidentialGuest,
+		ConfidentialGuest:         defaultConfidentialGuest,
-		SevSnpGuest:                   defaultSevSnpGuest,
+		SevSnpGuest:               defaultSevSnpGuest,
-		GuestSwap:                     defaultGuestSwap,
+		GuestSwap:                 defaultGuestSwap,
-		Rootless:                      defaultRootlessHypervisor,
+		Rootless:                  defaultRootlessHypervisor,
-		DisableSeccomp:                defaultDisableSeccomp,
+		DisableSeccomp:            defaultDisableSeccomp,
-		DisableGuestSeLinux:           defaultDisableGuestSeLinux,
+		DisableGuestSeLinux:       defaultDisableGuestSeLinux,
-		LegacySerial:                  defaultLegacySerial,
+		LegacySerial:              defaultLegacySerial,
-		GuestPreAttestation:           defaultGuestPreAttestation,
+		GuestPreAttestation:       defaultGuestPreAttestation,
-		GuestPreAttestationProxy:      defaultGuestPreAttestationProxy,
+		GuestPreAttestationURI:    defaultGuestPreAttestationURI,
-		GuestPreAttestationKeyset:     defaultGuestPreAttestationKeyset,
+		GuestPreAttestationMode:   defaultGuestPreAttestationMode,
-		GuestPreAttestationSecretGuid: defaultGuestPreAttestationSecretGuid,
+		GuestPreAttestationKeyset: defaultGuestPreAttestationKeyset,
-		GuestPreAttestationSecretType: defaultGuestPreAttestationSecretType,
+		SEVGuestPolicy:            defaultSEVGuestPolicy,
-		SEVGuestPolicy:                defaultSEVGuestPolicy,
+		SNPGuestPolicy:            defaultSNPGuestPolicy,
-		SNPGuestPolicy:                defaultSNPGuestPolicy,
+		SEVCertChainPath:          defaultSEVCertChainPath,
-		SEVCertChainPath:              defaultSEVCertChainPath,
+		VhostUserDeviceReconnect:  defaultVhostUserDeviceReconnect,
-		VhostUserDeviceReconnect:      defaultVhostUserDeviceReconnect,
+		RootfsType:                defaultRootfsType,
-		RootfsType:                    defaultRootfsType,
 	}
 }
 

src/runtime/pkg/oci/utils.go

@@ -456,6 +456,10 @@ func addHypervisorConfigOverrides(ocispec specs.Spec, config *vc.SandboxConfig,
 		return err
 	}
 
+	if err := addConfidentialComputingOverrides(ocispec, config); err != nil {
+		return err
+	}
+
 	if value, ok := ocispec.Annotations[vcAnnotations.MachineType]; ok {
 		if value != "" {
 			config.HypervisorConfig.HypervisorMachineType = value
@@ -912,6 +916,29 @@ func addAgentConfigOverrides(ocispec specs.Spec, config *vc.SandboxConfig) error
 	return nil
 }
 
+func addConfidentialComputingOverrides(ocispec specs.Spec, sbConfig *vc.SandboxConfig) error {
+
+	if err := newAnnotationConfiguration(ocispec, vcAnnotations.GuestPreAttestation).setBool(func(guestPreAttestation bool) {
+		sbConfig.HypervisorConfig.GuestPreAttestation = guestPreAttestation
+	}); err != nil {
+		return err
+	}
+
+	if value, ok := ocispec.Annotations[vcAnnotations.GuestPreAttestationURI]; ok {
+		if value != "" {
+			sbConfig.HypervisorConfig.GuestPreAttestationURI = value
+		}
+	}
+
+	if err := newAnnotationConfiguration(ocispec, vcAnnotations.SEVGuestPolicy).setUint(func(sevGuestPolicy uint64) {
+		sbConfig.HypervisorConfig.SEVGuestPolicy = uint32(sevGuestPolicy)
+	}); err != nil {
+		return err
+	}
+
+	return nil
+}
+
 // SandboxConfig converts an OCI compatible runtime configuration file
 // to a virtcontainers sandbox configuration structure.
 func SandboxConfig(ocispec specs.Spec, runtime RuntimeConfig, bundlePath, cid string, detach, systemdCgroup bool) (vc.SandboxConfig, error) {

src/runtime/pkg/sev/kbs/kbs.go

@@ -0,0 +1,33 @@
+// Copyright contributors to AMD SEV/-ES in Go
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+// Package kbs can be used interact with simple-kbs, the key broker
+// server for SEV and SEV-ES pre-attestation
+
+package kbs
+
+const (
+	Offline           = "offline"
+	OfflineSecretType = "bundle"
+	OfflineSecretGuid = "e6f5a162-d67f-4750-a67c-5d065f2a9910"
+	Online            = "online"
+	OnlineBootParam   = "online_sev_kbc"
+	OnlineSecretType  = "connection"
+	OnlineSecretGuid  = "1ee27366-0c87-43a6-af48-28543eaf7cb0"
+)
+
+type GuestPreAttestationConfig struct {
+	Proxy            string
+	Keyset           string
+	LaunchId         string
+	KernelPath       string
+	InitrdPath       string
+	FwPath           string
+	KernelParameters string
+	CertChainPath    string
+	SecretType       string
+	SecretGuid       string
+	Policy           uint32
+}

src/runtime/pkg/sev/sev.go

@@ -15,20 +15,6 @@ import (
 	"os"
 )
 
-type GuestPreAttestationConfig struct {
-	Proxy               string
-	Keyset              string
-	LaunchId            string
-	KernelPath          string
-	InitrdPath          string
-	FwPath              string
-	KernelParameters    string
-	CertChainPath       string
-	KeyBrokerSecretType string
-	KeyBrokerSecretGuid string
-	Policy              uint32
-}
-
 type guidLE [16]byte
 
 // The following definitions must be identical to those in QEMU target/i386/sev.c

src/runtime/virtcontainers/hypervisor.go

@@ -326,7 +326,8 @@ type HypervisorConfig struct {
 	GuestPreAttestationKeyset      string
 	BlockDeviceDriver              string
 	HypervisorMachineType          string
-	GuestPreAttestationProxy       string
+	GuestPreAttestationURI         string
+	GuestPreAttestationMode        string
 	DevicesStatePath               string
 	EntropySource                  string
 	SharedFS                       string
@@ -343,8 +344,6 @@ type HypervisorConfig struct {
 	SELinuxProcessLabel            string
 	JailerPath                     string
 	MemoryPath                     string
-	GuestPreAttestationSecretGuid  string
-	GuestPreAttestationSecretType  string
 	SEVCertChainPath               string
 	BlockDeviceAIO                 string
 	User                           string

src/runtime/virtcontainers/pkg/annotations/annotations.go

@@ -6,10 +6,12 @@
 package annotations
 
 const (
-	kataAnnotationsPrefix     = "io.katacontainers."
+	kataAnnotationsPrefix         = "io.katacontainers."
-	kataConfAnnotationsPrefix = kataAnnotationsPrefix + "config."
+	kataConfAnnotationsPrefix     = kataAnnotationsPrefix + "config."
-	kataAnnotHypervisorPrefix = kataConfAnnotationsPrefix + "hypervisor."
+	kataAnnotHypervisorPrefix     = kataConfAnnotationsPrefix + "hypervisor."
-	kataAnnotContainerPrefix  = kataAnnotationsPrefix + "container."
+	kataAnnotPreAttestationPrefix = kataConfAnnotationsPrefix + "pre_attestation."
+	kataAnnotSevPrefix            = kataConfAnnotationsPrefix + "sev."
+	kataAnnotContainerPrefix      = kataAnnotationsPrefix + "container."
 
 	//
 	// OCI
@@ -24,6 +26,21 @@ const (
 	SandboxConfigPathKey = kataAnnotationsPrefix + "config_path"
 )
 
+// Annotations related to Confidential Containers (CoCo)
+const (
+	//
+	// Assets
+	//
+	// GuestPreAttestation toggled pre_attestation functionality on/off
+	GuestPreAttestation = kataAnnotPreAttestationPrefix + "enabled"
+
+	// GuestPreAttestationURI set the remote URL for online-kbs
+	GuestPreAttestationURI = kataAnnotPreAttestationPrefix + "uri"
+
+	// SEVGuestPolicy set the AMD SEV guest policy
+	SEVGuestPolicy = kataAnnotSevPrefix + "policy"
+)
+
 // Annotations related to Hypervisor configuration
 const (
 	//

src/runtime/virtcontainers/qemu.go

@@ -41,7 +41,7 @@ import (
 	"github.com/kata-containers/kata-containers/src/runtime/pkg/device/drivers"
 	hv "github.com/kata-containers/kata-containers/src/runtime/pkg/hypervisors"
 	"github.com/kata-containers/kata-containers/src/runtime/pkg/katautils/katatrace"
-	"github.com/kata-containers/kata-containers/src/runtime/pkg/sev"
+	"github.com/kata-containers/kata-containers/src/runtime/pkg/sev/kbs"
 	pkgUtils "github.com/kata-containers/kata-containers/src/runtime/pkg/utils"
 	"github.com/kata-containers/kata-containers/src/runtime/pkg/uuid"
 	"github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types"
@@ -184,6 +184,13 @@ func (q *qemu) kernelParameters() string {
 		params = append(params, Param{"selinux", "1"})
 	}
 
+	// set the location of the online-kbs for SEV(-ES) guest attestation
+	if q.arch.guestProtection() == sevProtection &&
+		q.config.GuestPreAttestation &&
+		q.config.GuestPreAttestationMode == kbs.Online {
+		params = append(params, Param{"agent.aa_kbc_params", kbs.OnlineBootParam + "::" + q.config.GuestPreAttestationURI})
+	}
+
 	// add the params specified by the provided config. As the kernel
 	// honours the last parameter value set and since the config-provided
 	// params are added here, they will take priority over the defaults.
@@ -667,8 +674,8 @@ func (q *qemu) CreateVM(ctx context.Context, id string, network Network, hypervi
 		PidFile:        filepath.Join(q.config.VMStorePath, q.id, "pid"),
 	}
 	if q.arch.guestProtection() == sevProtection {
-		sevConfig := sev.GuestPreAttestationConfig{
+		sevConfig := kbs.GuestPreAttestationConfig{
-			Proxy:         q.config.GuestPreAttestationProxy,
+			Proxy:         q.config.GuestPreAttestationURI,
 			Policy:        q.config.SEVGuestPolicy,
 			CertChainPath: q.config.SEVCertChainPath,
 		}
@@ -883,18 +890,27 @@ func (q *qemu) AttestVM(ctx context.Context) error {
 
 	// Guest must be paused so that secrets can be injected.
 	// Guest will be continued by the Attestation function
-	sevConfig := sev.GuestPreAttestationConfig{
+	sevConfig := kbs.GuestPreAttestationConfig{
-		Proxy:               q.config.GuestPreAttestationProxy,
+		Proxy:            q.config.GuestPreAttestationURI,
-		Policy:              q.config.SEVGuestPolicy,
+		Policy:           q.config.SEVGuestPolicy,
-		Keyset:              q.config.GuestPreAttestationKeyset,
+		Keyset:           q.config.GuestPreAttestationKeyset,
-		KeyBrokerSecretGuid: q.config.GuestPreAttestationSecretGuid,
+		LaunchId:         launchId,
-		KeyBrokerSecretType: q.config.GuestPreAttestationSecretType,
+		KernelPath:       kernelPath,
-		LaunchId:            launchId,
+		InitrdPath:       initrdPath,
-		KernelPath:          kernelPath,
+		FwPath:           firmwarePath,
-		InitrdPath:          initrdPath,
+		KernelParameters: kernelParameters,
-		FwPath:              firmwarePath,
-		KernelParameters:    kernelParameters,
 	}
+
+	if q.config.GuestPreAttestationMode == kbs.Online {
+		sevConfig.SecretGuid = kbs.OnlineSecretGuid
+		sevConfig.SecretType = kbs.OnlineSecretType
+	} else if q.config.GuestPreAttestationMode == kbs.Offline {
+		sevConfig.SecretGuid = kbs.OfflineSecretGuid
+		sevConfig.SecretType = kbs.OfflineSecretType
+	} else {
+		return fmt.Errorf("Unsupported pre-attestation mode: %s", q.config.GuestPreAttestationMode)
+	}
+
 	if err := q.arch.sevGuestPreAttestation(
 		q.qmpMonitorCh.ctx,
 		q.qmpMonitorCh.qmp,

src/runtime/virtcontainers/qemu_amd64.go

@@ -18,6 +18,7 @@ import (
 	"time"
 
 	"github.com/kata-containers/kata-containers/src/runtime/pkg/sev"
+	sevKbs "github.com/kata-containers/kata-containers/src/runtime/pkg/sev/kbs"
 	pb "github.com/kata-containers/kata-containers/src/runtime/protocols/simple-kbs"
 	"github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types"
 	"github.com/sirupsen/logrus"
@@ -330,7 +331,7 @@ func (q *qemuAmd64) appendProtectionDevice(devices []govmmQemu.Device, firmware,
 }
 
 // Add the SEV Object qemu parameters for sev guest protection
-func (q *qemuAmd64) appendSEVObject(devices []govmmQemu.Device, firmware, firmwareVolume string, config sev.GuestPreAttestationConfig) ([]govmmQemu.Device, string, error) {
+func (q *qemuAmd64) appendSEVObject(devices []govmmQemu.Device, firmware, firmwareVolume string, config sevKbs.GuestPreAttestationConfig) ([]govmmQemu.Device, string, error) {
 	attestationDataPath := filepath.Join(os.TempDir(), sevAttestationTempDir, config.LaunchId)
 	sevGodhPath := filepath.Join(attestationDataPath, sevAttestationGodhName)
 	sevSessionFilePath := filepath.Join(attestationDataPath, sevAttestationSessionFileName)
@@ -367,7 +368,7 @@ func (q *qemuAmd64) appendSEVObject(devices []govmmQemu.Device, firmware, firmwa
 }
 
 // setup prelaunch attestation for AMD SEV guests
-func (q *qemuAmd64) setupSEVGuestPreAttestation(ctx context.Context, config sev.GuestPreAttestationConfig) (string, error) {
+func (q *qemuAmd64) setupSEVGuestPreAttestation(ctx context.Context, config sevKbs.GuestPreAttestationConfig) (string, error) {
 
 	logger := virtLog.WithField("subsystem", "SEV attestation")
 	logger.Info("Set up prelaunch attestation")
@@ -430,7 +431,7 @@ func getCPUSig(cpuModel string) sev.VCPUSig {
 	return sev.NewVCPUSig(cpuid.DisplayFamily, cpuid.DisplayModel, cpuid.SteppingId)
 }
 
-func calculateGuestLaunchDigest(config sev.GuestPreAttestationConfig, numVCPUs int, cpuModel string) ([sha256.Size]byte, error) {
+func calculateGuestLaunchDigest(config sevKbs.GuestPreAttestationConfig, numVCPUs int, cpuModel string) ([sha256.Size]byte, error) {
 	if config.Policy&sevPolicyBitSevEs != 0 {
 		// SEV-ES guest
 		return sev.CalculateSEVESLaunchDigest(
@@ -452,7 +453,7 @@ func calculateGuestLaunchDigest(config sev.GuestPreAttestationConfig, numVCPUs i
 
 // wait for prelaunch attestation to complete
 func (q *qemuAmd64) sevGuestPreAttestation(ctx context.Context,
-	qmp *govmmQemu.QMP, config sev.GuestPreAttestationConfig) error {
+	qmp *govmmQemu.QMP, config sevKbs.GuestPreAttestationConfig) error {
 
 	logger := virtLog.WithField("subsystem", "SEV attestation")
 	logger.Info("Processing prelaunch attestation")
@@ -480,9 +481,9 @@ func (q *qemuAmd64) sevGuestPreAttestation(ctx context.Context,
 	defer cancel()
 
 	requestDetails := pb.RequestDetails{
-		Guid:       config.KeyBrokerSecretGuid,
+		Guid:       config.SecretGuid,
 		Format:     "JSON",
-		SecretType: config.KeyBrokerSecretType,
+		SecretType: config.SecretType,
 		Id:         config.Keyset,
 	}
 

src/runtime/virtcontainers/qemu_arch_base.go

@@ -20,7 +20,7 @@ import (
 	"gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci"
 
 	"github.com/kata-containers/kata-containers/src/runtime/pkg/device/config"
-	"github.com/kata-containers/kata-containers/src/runtime/pkg/sev"
+	sevKbs "github.com/kata-containers/kata-containers/src/runtime/pkg/sev/kbs"
 	"github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types"
 	"github.com/kata-containers/kata-containers/src/runtime/virtcontainers/utils"
 )
@@ -167,14 +167,14 @@ type qemuArch interface {
 	getBARsMaxAddressableMemory() (uint64, uint64)
 
 	// append SEV object type to the VM definition
-	appendSEVObject(devices []govmmQemu.Device, firmware, firmwareVolume string, config sev.GuestPreAttestationConfig) ([]govmmQemu.Device, string, error)
+	appendSEVObject(devices []govmmQemu.Device, firmware, firmwareVolume string, config sevKbs.GuestPreAttestationConfig) ([]govmmQemu.Device, string, error)
 
 	// setup SEV guest prelaunch attestation
-	setupSEVGuestPreAttestation(ctx context.Context, config sev.GuestPreAttestationConfig) (string, error)
+	setupSEVGuestPreAttestation(ctx context.Context, config sevKbs.GuestPreAttestationConfig) (string, error)
 
 	// wait for prelaunch attestation to complete
 	sevGuestPreAttestation(ctx context.Context,
-		qmp *govmmQemu.QMP, config sev.GuestPreAttestationConfig) error
+		qmp *govmmQemu.QMP, config sevKbs.GuestPreAttestationConfig) error
 }
 
 type qemuArchBase struct {
@@ -902,20 +902,20 @@ func (q *qemuArchBase) appendProtectionDevice(devices []govmmQemu.Device, firmwa
 }
 
 // AMD SEV methods
-func (q *qemuArchBase) appendSEVObject(devices []govmmQemu.Device, firmware, firmwareVolume string, config sev.GuestPreAttestationConfig) ([]govmmQemu.Device, string, error) {
+func (q *qemuArchBase) appendSEVObject(devices []govmmQemu.Device, firmware, firmwareVolume string, config sevKbs.GuestPreAttestationConfig) ([]govmmQemu.Device, string, error) {
 	hvLogger.WithField("arch", runtime.GOARCH).Warnf("Confidential Computing has not been implemented for this architecture")
 	return devices, firmware, nil
 }
 
 // Setup SEV guest attestation
-func (q *qemuArchBase) setupSEVGuestPreAttestation(ctx context.Context, config sev.GuestPreAttestationConfig) (string, error) {
+func (q *qemuArchBase) setupSEVGuestPreAttestation(ctx context.Context, config sevKbs.GuestPreAttestationConfig) (string, error) {
 	hvLogger.WithField("arch", runtime.GOARCH).Warnf("Confidential Computing has not been implemented for this architecture")
 	return "", nil
 }
 
 // Wait for SEV prelaunch attestation to complete
 func (q *qemuArchBase) sevGuestPreAttestation(ctx context.Context,
-	qmp *govmmQemu.QMP, config sev.GuestPreAttestationConfig) error {
+	qmp *govmmQemu.QMP, config sevKbs.GuestPreAttestationConfig) error {
 	hvLogger.WithField("arch", runtime.GOARCH).Warnf("Confidential Computing has not been implemented for this architecture")
 	return nil
 }

src/runtime/virtcontainers/sandbox.go

@@ -17,6 +17,7 @@ import (
 	"os"
 	"os/exec"
 	"path/filepath"
+	//"strconv"
 	"sync"
 	"syscall"