Merge pull request #12124 from zvonkok/nvidia-measured-rootfs

gpu: Measured rootfs

src/runtime/Makefile

@@ -154,6 +154,8 @@ FIRMWARETDVFVOLUMEPATH :=
 FIRMWARESNPPATH := $(PREFIXDEPS)/share/ovmf/AMDSEV.fd
 
 ROOTMEASURECONFIG ?= ""
+ROOTMEASURECONFIG_NV ?= ""
+
 KERNELTDXPARAMS += $(ROOTMEASURECONFIG)
 KERNELQEMUCOCODEVPARAMS += $(ROOTMEASURECONFIG)
 
@@ -478,6 +480,7 @@ ifneq (,$(QEMUCMD))
 
     KERNELPARAMS_NV =  "agent.hotplug_timeout=20"
     KERNELPARAMS_NV += "cgroup_no_v1=all"
+    KERNELPARAMS_NV += $(ROOTMEASURECONFIG_NV)
 
     KERNELTDXPARAMS_NV = $(KERNELPARAMS_NV)
     KERNELTDXPARAMS_NV += "authorize_allow_devs=pci:ALL"

tools/osbuilder/image-builder/image_builder.sh

@@ -23,6 +23,7 @@ ARCH=${ARCH:-$(uname -m)}
 [ "${TARGET_ARCH}" == "aarch64" ] && TARGET_ARCH=arm64
 TARGET_OS=${TARGET_OS:-linux}
 [ "${CROSS_BUILD}" == "true" ] && BUILDX=buildx && PLATFORM="--platform=${TARGET_OS}/${TARGET_ARCH}"
+VARIANT=${VARIANT:-}
 
 readonly script_name="${0##*/}"
 readonly script_dir=$(dirname "$(readlink -f "$0")")
@@ -177,6 +178,7 @@ build_with_container() {
 		   --env USER="$(id -u)" \
 		   --env GROUP="$(id -g)" \
 		   --env IMAGE_SIZE_ALIGNMENT_MB="${IMAGE_SIZE_ALIGNMENT_MB}" \
+		   --env VARIANT="${VARIANT}" \
 		   -v /dev:/dev \
 		   -v "${script_dir}":"/osbuilder" \
 		   -v "${script_dir}/../scripts":"/scripts" \
@@ -487,7 +489,8 @@ create_rootfs_image() {
 	if [ "${MEASURED_ROOTFS}" == "yes" ] && [ -b "${device}p2" ]; then
 		info "veritysetup format rootfs device: ${device}p1, hash device: ${device}p2"
 		local image_dir=$(dirname "${image}")
-		veritysetup format "${device}p1" "${device}p2" > "${image_dir}"/root_hash.txt 2>&1
+		veritysetup format "${device}p1" "${device}p2" > "${image_dir}"/root_hash_${VARIANT}.txt 2>&1
+		OK "Root hash file created for variant: ${VARIANT}"
 	fi
 
 	losetup -d "${device}"

tools/packaging/guest-image/build_image.sh

@@ -86,8 +86,9 @@ build_image() {
 	fi
 
 	mv -f "kata-containers.img" "${install_dir}/${artifact_name}"
-	if [ -e "root_hash.txt" ]; then
-	    cp root_hash.txt "${install_dir}/"
+	info "Copying root hash file for variant: ${image_initrd_suffix} $PWD"
+	if [ -e "root_hash_${image_initrd_suffix}.txt" ]; then
+		cp "root_hash_${image_initrd_suffix}.txt" "${install_dir}/"
 	fi
 	(
 		cd "${install_dir}"

tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh

@@ -195,7 +195,10 @@ get_kernel_modules_dir() {
 }
 
 cleanup_and_fail_shim_v2_specifics() {
-	rm -f "${repo_root_dir}/tools/packaging/kata-deploy/local-build/build/shim-v2-root_hash.txt"
+	for variant in confidential nvidia-gpu-confidential; do
+		local root_hash_file="${repo_root_dir}/tools/packaging/kata-deploy/local-build/build/shim-v2-root_hash_${variant}.txt"
+		[ -f "${root_hash_file}" ] && rm -f "${root_hash_file}"
+	done
 
 	return $(cleanup_and_fail "${1:-}" "${2:-}")
 }
@@ -224,12 +227,22 @@ install_cached_shim_v2_tarball_get_root_hash() {
 	fi
 
 	local tarball_dir="${repo_root_dir}/tools/packaging/kata-deploy/local-build/build"
-	local image_conf_tarball="kata-static-rootfs-image-confidential.tar.zst"
-
 	local root_hash_basedir="./opt/kata/share/kata-containers/"
+	local found_any=""
 
-	tar --zstd -xvf "${tarball_dir}/${image_conf_tarball}" ${root_hash_basedir}root_hash.txt --transform s,${root_hash_basedir},,
-	mv root_hash.txt "${tarball_dir}/root_hash.txt"
+	for variant in confidential nvidia-gpu-confidential; do
+		local image_conf_tarball="kata-static-rootfs-image-${variant}.tar.zst"
+		local tarball_path="${tarball_dir}/${image_conf_tarball}"
+
+		# If variant does not exist we skip the current iteration
+		[ ! -f "${tarball_path}" ] && continue
+
+		tar --zstd -xvf "${tarball_path}" "${root_hash_basedir}root_hash_${variant}.txt" --transform s,"${root_hash_basedir}",, || die "Failed to extract root hash from ${tarball_path}"
+		mv "root_hash_${variant}.txt" "${tarball_dir}/"
+		found_any="yes"
+	done
+
+	[ -z "${found_any}" ] && die "No files to copy for shim-v2 with MEASURED_ROOTFS support"
 
 	return 0
 }
@@ -239,11 +252,17 @@ install_cached_shim_v2_tarball_compare_root_hashes() {
 		return 0
 	fi
 
+	local found_any=""
 	local tarball_dir="${repo_root_dir}/tools/packaging/kata-deploy/local-build/build"
 
-	[ -f shim-v2-root_hash.txt ] || return 1
+	for variant in confidential nvidia-gpu-confidential; do
+		# skip if one or the other does not exist
+		[ ! -f "${tarball_dir}/root_hash_${variant}.txt" ] && continue
 
-	diff "${tarball_dir}/root_hash.txt" shim-v2-root_hash.txt || return 1
+		diff "${tarball_dir}/root_hash_${variant}.txt" "shim-v2-root_hash_${variant}.txt" || return 1
+		found_any="yes"
+	done
+	[ -z "${found_any}" ] && die "No root_hash_variant.txt files found for diff with MEASURED_ROOTFS support"
 
 	return 0
 }
@@ -605,8 +624,8 @@ install_initrd_nvidia_gpu() {
 # Instal NVIDIA GPU confidential image
 install_image_nvidia_gpu_confidential() {
 	export AGENT_POLICY
+	export MEASURED_ROOTFS=yes
 	EXTRA_PKGS="apt curl ${EXTRA_PKGS}"
-	# TODO: export MEASURED_ROOTFS=yes
 	NVIDIA_GPU_STACK=${NVIDIA_GPU_STACK:-"latest,compute,dcgm"}
 	install_image "nvidia-gpu-confidential"
 }
@@ -754,6 +773,7 @@ install_kernel_nvidia_gpu() {
 
 #Install GPU and TEE enabled kernel asset
 install_kernel_nvidia_gpu_confidential() {
+	export MEASURED_ROOTFS=yes
 	install_kernel_helper \
 		"assets.kernel.confidential" \
 		"kernel-nvidia-gpu-confidential" \
@@ -987,17 +1007,22 @@ install_shimv2() {
 	export RUNTIME_CHOICE
 
 	if [ "${MEASURED_ROOTFS}" = "yes" ]; then
-		local image_conf_tarball="${workdir}/kata-static-rootfs-image-confidential.tar.zst"
-		if [ ! -f "${image_conf_tarball}" ]; then
-			die "Building the shim-v2 with MEASURED_ROOTFS support requires a rootfs confidential image tarball"
-		fi
+		local found_any=""
+		for variant in confidential nvidia-gpu-confidential; do
+			local image_conf_tarball="$(find "${workdir}" -name "kata-static-rootfs-image-${variant}.tar.zst" 2>/dev/null | head -n 1)"
+			# only one variant may be built at a time so we need to
+			# skip one or the other if not available
+			[ -f "${image_conf_tarball}" ] || continue
 
-		local root_hash_basedir="./opt/kata/share/kata-containers/"
-		if ! tar --zstd -xvf ${image_conf_tarball} --transform s,${root_hash_basedir},, ${root_hash_basedir}root_hash.txt; then
-			die "Building the shim-v2 with MEASURED_ROOTFS support requires a rootfs confidential image tarball built with MEASURED_ROOTFS support"
-		fi
+			local root_hash_basedir="./opt/kata/share/kata-containers/"
+			if ! tar --zstd -xvf "${image_conf_tarball}" --transform s,"${root_hash_basedir}",, "${root_hash_basedir}root_hash_${variant}.txt"; then
+				die "Cannot extract root hash from ${image_conf_tarball} for shim-v2 with MEASURED_ROOTFS support, needs a rootfs with MEASURED_ROOTFS support"
+			fi
 
-		mv root_hash.txt ${workdir}/root_hash.txt
+			mv "root_hash_${variant}.txt" "${workdir}/root_hash_${variant}.txt"
+			found_any="yes"
+		done
+		[ -z "${found_any}" ] && die "No root_hash_variant.txt files found for shim-v2 with MEASURED_ROOTFS support, needs a rootfs with MEASURED_ROOTFS support"
 	fi
 
 	DESTDIR="${destdir}" PREFIX="${prefix}" "${shimv2_builder}"
@@ -1440,7 +1465,9 @@ handle_build() {
 			;;
 		shim-v2)
 			if [ "${MEASURED_ROOTFS}" = "yes" ]; then
-				mv ${workdir}/root_hash.txt ${workdir}/shim-v2-root_hash.txt
+				for variant in confidential nvidia-gpu-confidential; do
+					[ -f "${workdir}/root_hash_${variant}.txt" ] && mv "${workdir}/root_hash_${variant}.txt" "${workdir}/shim-v2-root_hash_${variant}.txt"
+				done
 			fi
 			;;
 	esac
@@ -1510,9 +1537,14 @@ handle_build() {
 				;;
 			shim-v2)
 				if [ "${MEASURED_ROOTFS}" = "yes" ]; then
-					files_to_push+=(
-						"shim-v2-root_hash.txt"
-					)
+					local found_any=""
+					for variant in confidential nvidia-gpu-confidential; do
+						# The variants could be built independently we need to check if
+						# they exist and then push them to the registry
+						[ -f "${workdir}/shim-v2-root_hash_${variant}.txt" ] && files_to_push+=("shim-v2-root_hash_${variant}.txt")
+						found_any="yes"
+					done
+					[ -z "${found_any}" ] && die "No files to push for shim-v2 with MEASURED_ROOTFS support"
 				fi
 				;;
 			*)

tools/packaging/static-build/shim-v2/build.sh

@@ -39,14 +39,26 @@ esac
 if [ "${MEASURED_ROOTFS}" == "yes" ]; then
 	info "Enable rootfs measurement config"
 
-	root_hash_file="${repo_root_dir}/tools/packaging/kata-deploy/local-build/build/root_hash.txt"
+	# Two VARIANTS (targets) that build a measured rootfs as of now are:
+	# - rootfs-image-confidential
+	# - rootfs-image-nvidia-gpu-confidential
+	#
+	found_any=""
+	for variant in confidential nvidia-gpu-confidential; do
+		root_hash_file="${repo_root_dir}/tools/packaging/kata-deploy/local-build/build/root_hash_${variant}.txt"
+		[ -f "$root_hash_file" ] || \
+			die "Root hash file for measured rootfs ${variant} not found at ${root_hash_file}"
 
-	[ -f "$root_hash_file" ] || \
-		die "Root hash file for measured rootfs not found at ${root_hash_file}"
+		found_any="yes"
 
-	root_hash=$(sed -e 's/Root hash:\s*//g;t;d' "${root_hash_file}")
-	root_measure_config="rootfs_verity.scheme=dm-verity rootfs_verity.hash=${root_hash}"
-	EXTRA_OPTS+=" ROOTMEASURECONFIG=\"${root_measure_config}\""
+		root_hash=$(sed -e 's/Root hash:\s*//g;t;d' "${root_hash_file}")
+		root_measure_config="rootfs_verity.scheme=dm-verity rootfs_verity.hash=${root_hash}"
+
+		[ "${variant}" == "confidential" ] && EXTRA_OPTS+=" ROOTMEASURECONFIG=\"${root_measure_config}\""
+		[ "${variant}" == "nvidia-gpu-confidential" ] && EXTRA_OPTS+=" ROOTMEASURECONFIG_NV=\"${root_measure_config}\""
+
+	done
+	[ -z "${found_any}" ] && die "No root hash files found for shim-v2 with MEASURED_ROOTFS support, needs a rootfs with MEASURED_ROOTFS support"
 fi
 
 docker pull ${container_image} || \