From 19001af1e2f0fe737cd2ca2a60f0b9c26b46a83c Mon Sep 17 00:00:00 2001
From: Xynnn007 <xynnn@linux.alibaba.com>
Date: Tue, 15 Jul 2025 09:12:47 +0800
Subject: [PATCH 1/2] deps(chore): update guest-components and trustee

to the version of pre v0.14.0

Signed-off-by: Xynnn007 <xynnn@linux.alibaba.com>
---
 versions.yaml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/versions.yaml b/versions.yaml
index 2ed069e5e3..dfa86cda46 100644
--- a/versions.yaml
+++ b/versions.yaml
@@ -233,18 +233,18 @@ externals:
   coco-guest-components:
     description: "Provides attested key unwrapping for image decryption"
     url: "https://github.com/confidential-containers/guest-components/"
-    version: "4cd62c3f8a6475a556eceb5f4538e523e9491400"
+    version: "591d0bb45cd7a2c66f3778428940c40f7eec3b7d"
     toolchain: "1.85.1"
 
   coco-trustee:
     description: "Provides attestation and secret delivery components"
     url: "https://github.com/confidential-containers/trustee"
-    version: "8462025ed2d2a94281344e63405bbe7500bd4484"
+    version: "beb4ce9346bc7f9a7ff0f686eb868472767ad8fb"
     # image / ita_image and image_tag / ita_image_tag must be in sync
     image: "ghcr.io/confidential-containers/staged-images/kbs"
-    image_tag: "8462025ed2d2a94281344e63405bbe7500bd4484"
+    image_tag: "beb4ce9346bc7f9a7ff0f686eb868472767ad8fb"
     ita_image: "ghcr.io/confidential-containers/staged-images/kbs-ita-as"
-    ita_image_tag: "8462025ed2d2a94281344e63405bbe7500bd4484-x86_64"
+    ita_image_tag: "beb4ce9346bc7f9a7ff0f686eb868472767ad8fb-x86_64"
     toolchain: "1.85.1"
 
   crio:

From 4da31bf2f99704a99ac9455eb0ffc83b8d08a6df Mon Sep 17 00:00:00 2001
From: Xynnn007 <xynnn@linux.alibaba.com>
Date: Tue, 15 Jul 2025 16:32:31 +0800
Subject: [PATCH 2/2] agent: deliver initdata toml to attestation agent

Now AA supports to receive initdata toml plaintext and deliver it in the
attestation. This patch creates a file under
'/run/confidential-containers/initdata'
to store the initdata toml and give it to AA process.

When we have a separate component to handle initdata, we will move the
logic to that component.

Signed-off-by: Xynnn007 <xynnn@linux.alibaba.com>
---
 src/agent/src/initdata.rs | 15 +++++++++++----
 src/agent/src/main.rs     | 10 +++-------
 2 files changed, 14 insertions(+), 11 deletions(-)

diff --git a/src/agent/src/initdata.rs b/src/agent/src/initdata.rs
index f7d4b7774e..cd4efa6be2 100644
--- a/src/agent/src/initdata.rs
+++ b/src/agent/src/initdata.rs
@@ -27,6 +27,9 @@ const AA_CONFIG_KEY: &str = "aa.toml";
 const CDH_CONFIG_KEY: &str = "cdh.toml";
 const POLICY_KEY: &str = "policy.rego";
 
+/// The path of initdata toml
+pub const INITDATA_TOML_PATH: &str = concatcp!(INITDATA_PATH, "/initdata.toml");
+
 /// The path of AA's config file
 pub const AA_CONFIG_PATH: &str = concatcp!(INITDATA_PATH, "/aa.toml");
 
@@ -95,7 +98,7 @@ pub async fn read_initdata(device_path: &str) -> Result<Vec<u8>> {
 }
 
 pub struct InitdataReturnValue {
-    pub digest: Vec<u8>,
+    pub _digest: Vec<u8>,
     pub _policy: Option<String>,
 }
 
@@ -122,7 +125,11 @@ pub async fn initialize_initdata(logger: &Logger) -> Result<Option<InitdataRetur
     info!(logger, "Initdata version: {}", initdata.version());
     initdata.validate()?;
 
-    let digest = match initdata.algorithm() {
+    tokio::fs::write(INITDATA_TOML_PATH, &initdata_content)
+        .await
+        .context("write initdata toml failed")?;
+
+    let _digest = match initdata.algorithm() {
         "sha256" => Sha256::digest(&initdata_content).to_vec(),
         "sha384" => Sha384::digest(&initdata_content).to_vec(),
         "sha512" => Sha512::digest(&initdata_content).to_vec(),
@@ -143,10 +150,10 @@ pub async fn initialize_initdata(logger: &Logger) -> Result<Option<InitdataRetur
         info!(logger, "write CDH config from initdata");
     }
 
-    debug!(logger, "Initdata digest: {}", STANDARD.encode(&digest));
+    debug!(logger, "Initdata digest: {}", STANDARD.encode(&_digest));
 
     let res = InitdataReturnValue {
-        digest,
+        _digest,
         _policy: initdata.get_coco_data(POLICY_KEY).cloned(),
     };
 
diff --git a/src/agent/src/main.rs b/src/agent/src/main.rs
index 82d9798d3b..288c9a0d79 100644
--- a/src/agent/src/main.rs
+++ b/src/agent/src/main.rs
@@ -19,7 +19,6 @@ extern crate scopeguard;
 extern crate slog;
 
 use anyhow::{anyhow, bail, Context, Result};
-use base64::Engine;
 use cfg_if::cfg_if;
 use clap::Parser;
 use const_format::concatcp;
@@ -485,12 +484,9 @@ async fn launch_guest_component_procs(
 
     debug!(logger, "spawning attestation-agent process {}", AA_PATH);
     let mut aa_args = vec!["--attestation_sock", AA_ATTESTATION_URI];
-    let initdata_parameter;
-    if let Some(initdata_return_value) = initdata_return_value {
-        initdata_parameter =
-            base64::engine::general_purpose::STANDARD.encode(&initdata_return_value.digest);
-        aa_args.push("--initdata");
-        aa_args.push(&initdata_parameter);
+    if initdata_return_value.is_some() {
+        aa_args.push("--initdata-toml");
+        aa_args.push(initdata::INITDATA_TOML_PATH);
     }
 
     launch_process(