From 455c8d9db7bfb61714429fc57f4d4182717788f1 Mon Sep 17 00:00:00 2001 From: Jia Zhang Date: Sun, 21 Jun 2020 04:15:46 +0000 Subject: [PATCH] rune & runectl: Refector aesm service In order to involve more aesm services, prepare to place all request and response messages into the corresponding main sections. Signed-off-by: Jia Zhang --- rune/libenclave/intelsgx/aesmd.go | 18 +- .../intelsgx/proto/aesm-service.proto | 32 ++- .../runc/libenclave/intelsgx/aesmd.go | 18 +- .../intelsgx/proto/aesm-service.pb.go | 240 ++++++++++++++++++ 4 files changed, 276 insertions(+), 32 deletions(-) create mode 100644 runectl/vendor/github.com/opencontainers/runc/libenclave/intelsgx/proto/aesm-service.pb.go diff --git a/rune/libenclave/intelsgx/aesmd.go b/rune/libenclave/intelsgx/aesmd.go index 0696771..4831aaf 100644 --- a/rune/libenclave/intelsgx/aesmd.go +++ b/rune/libenclave/intelsgx/aesmd.go @@ -86,8 +86,8 @@ func GetToken(sig []byte) ([]byte, error) { } defer conn.Close() - req := pb.GetTokenRequestMessage{} - req.Req = &pb.GetTokenRequest{ + req := pb.AesmServiceRequest{} + req.GetLaunchToken = &pb.AesmServiceRequest_GetLaunchToken{ Enclavehash: mrenclave, Modulus: modulus, Attributes: attributes, @@ -133,21 +133,21 @@ func GetToken(sig []byte) ([]byte, error) { msgSizeRead, msgSize) } - resp := pb.GetTokenResponseMessage{} - resp.Resp = &pb.GetTokenResponse{} + resp := pb.AesmServiceResponse{} + resp.GetLaunchToken = &pb.AesmServiceResponse_GetLaunchToken{} if err := proto.Unmarshal(rdata, &resp); err != nil { return nil, err } - if resp.Resp.GetError() != 0 { + if resp.GetLaunchToken.GetError() != 0 { return nil, fmt.Errorf("failed to get EINITTOKEN (error code = %d)", - resp.Resp.GetError()) + resp.GetLaunchToken.GetError()) } - token := resp.Resp.GetToken() + token := resp.GetLaunchToken.GetToken() if len(token) != EinittokenLength { return nil, fmt.Errorf("invalid length of token: (returned %d, expected %d)", - len(resp.Resp.GetToken()), EinittokenLength) + len(token), EinittokenLength) } tok := &Einittoken{} @@ -179,5 +179,5 @@ func GetToken(sig []byte) ([]byte, error) { logrus.Debugf(" MAC: 0x%v\n", hex.EncodeToString(tok.Mac[:])) - return resp.Resp.GetToken(), nil + return resp.GetLaunchToken.GetToken(), nil } diff --git a/rune/libenclave/intelsgx/proto/aesm-service.proto b/rune/libenclave/intelsgx/proto/aesm-service.proto index a4d2f4b..4eb933b 100644 --- a/rune/libenclave/intelsgx/proto/aesm-service.proto +++ b/rune/libenclave/intelsgx/proto/aesm-service.proto @@ -2,22 +2,26 @@ syntax = "proto3"; package aesm_service; // import "github.com/opencontainers/runc/libenclave/intelsgx/proto" -message GetTokenRequest { - bytes enclavehash = 1; - bytes modulus = 2; - bytes attributes = 3; - uint32 timeout = 4; -} +// Refer to https://github.com/intel/linux-sgx/blob/master/psw/ae/aesm_service/source/core/ipc/messages.proto -message GetTokenRequestMessage { - GetTokenRequest req = 3; -} +message AesmServiceRequest { + + message GetLaunchToken { + bytes enclavehash = 1; + bytes modulus = 2; + bytes attributes = 3; + uint32 timeout = 9; + } -message GetTokenResponse { - int32 error = 1; - bytes token = 2; + GetLaunchToken getLaunchToken = 3; } -message GetTokenResponseMessage { - GetTokenResponse resp = 3; +message AesmServiceResponse { + + message GetLaunchToken { + uint32 error = 1; + bytes token = 2; + } + + GetLaunchToken getLaunchToken = 3; } diff --git a/runectl/vendor/github.com/opencontainers/runc/libenclave/intelsgx/aesmd.go b/runectl/vendor/github.com/opencontainers/runc/libenclave/intelsgx/aesmd.go index 0696771..4831aaf 100644 --- a/runectl/vendor/github.com/opencontainers/runc/libenclave/intelsgx/aesmd.go +++ b/runectl/vendor/github.com/opencontainers/runc/libenclave/intelsgx/aesmd.go @@ -86,8 +86,8 @@ func GetToken(sig []byte) ([]byte, error) { } defer conn.Close() - req := pb.GetTokenRequestMessage{} - req.Req = &pb.GetTokenRequest{ + req := pb.AesmServiceRequest{} + req.GetLaunchToken = &pb.AesmServiceRequest_GetLaunchToken{ Enclavehash: mrenclave, Modulus: modulus, Attributes: attributes, @@ -133,21 +133,21 @@ func GetToken(sig []byte) ([]byte, error) { msgSizeRead, msgSize) } - resp := pb.GetTokenResponseMessage{} - resp.Resp = &pb.GetTokenResponse{} + resp := pb.AesmServiceResponse{} + resp.GetLaunchToken = &pb.AesmServiceResponse_GetLaunchToken{} if err := proto.Unmarshal(rdata, &resp); err != nil { return nil, err } - if resp.Resp.GetError() != 0 { + if resp.GetLaunchToken.GetError() != 0 { return nil, fmt.Errorf("failed to get EINITTOKEN (error code = %d)", - resp.Resp.GetError()) + resp.GetLaunchToken.GetError()) } - token := resp.Resp.GetToken() + token := resp.GetLaunchToken.GetToken() if len(token) != EinittokenLength { return nil, fmt.Errorf("invalid length of token: (returned %d, expected %d)", - len(resp.Resp.GetToken()), EinittokenLength) + len(token), EinittokenLength) } tok := &Einittoken{} @@ -179,5 +179,5 @@ func GetToken(sig []byte) ([]byte, error) { logrus.Debugf(" MAC: 0x%v\n", hex.EncodeToString(tok.Mac[:])) - return resp.Resp.GetToken(), nil + return resp.GetLaunchToken.GetToken(), nil } diff --git a/runectl/vendor/github.com/opencontainers/runc/libenclave/intelsgx/proto/aesm-service.pb.go b/runectl/vendor/github.com/opencontainers/runc/libenclave/intelsgx/proto/aesm-service.pb.go new file mode 100644 index 0000000..6a8ee41 --- /dev/null +++ b/runectl/vendor/github.com/opencontainers/runc/libenclave/intelsgx/proto/aesm-service.pb.go @@ -0,0 +1,240 @@ +// Code generated by protoc-gen-go. DO NOT EDIT. +// source: aesm-service.proto + +package aesm_service + +import ( + fmt "fmt" + proto "github.com/golang/protobuf/proto" + math "math" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package + +type AesmServiceRequest struct { + GetLaunchToken *AesmServiceRequest_GetLaunchToken `protobuf:"bytes,3,opt,name=getLaunchToken,proto3" json:"getLaunchToken,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *AesmServiceRequest) Reset() { *m = AesmServiceRequest{} } +func (m *AesmServiceRequest) String() string { return proto.CompactTextString(m) } +func (*AesmServiceRequest) ProtoMessage() {} +func (*AesmServiceRequest) Descriptor() ([]byte, []int) { + return fileDescriptor_85fe23d8fdbcfe93, []int{0} +} + +func (m *AesmServiceRequest) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_AesmServiceRequest.Unmarshal(m, b) +} +func (m *AesmServiceRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_AesmServiceRequest.Marshal(b, m, deterministic) +} +func (m *AesmServiceRequest) XXX_Merge(src proto.Message) { + xxx_messageInfo_AesmServiceRequest.Merge(m, src) +} +func (m *AesmServiceRequest) XXX_Size() int { + return xxx_messageInfo_AesmServiceRequest.Size(m) +} +func (m *AesmServiceRequest) XXX_DiscardUnknown() { + xxx_messageInfo_AesmServiceRequest.DiscardUnknown(m) +} + +var xxx_messageInfo_AesmServiceRequest proto.InternalMessageInfo + +func (m *AesmServiceRequest) GetGetLaunchToken() *AesmServiceRequest_GetLaunchToken { + if m != nil { + return m.GetLaunchToken + } + return nil +} + +type AesmServiceRequest_GetLaunchToken struct { + Enclavehash []byte `protobuf:"bytes,1,opt,name=enclavehash,proto3" json:"enclavehash,omitempty"` + Modulus []byte `protobuf:"bytes,2,opt,name=modulus,proto3" json:"modulus,omitempty"` + Attributes []byte `protobuf:"bytes,3,opt,name=attributes,proto3" json:"attributes,omitempty"` + Timeout uint32 `protobuf:"varint,9,opt,name=timeout,proto3" json:"timeout,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *AesmServiceRequest_GetLaunchToken) Reset() { *m = AesmServiceRequest_GetLaunchToken{} } +func (m *AesmServiceRequest_GetLaunchToken) String() string { return proto.CompactTextString(m) } +func (*AesmServiceRequest_GetLaunchToken) ProtoMessage() {} +func (*AesmServiceRequest_GetLaunchToken) Descriptor() ([]byte, []int) { + return fileDescriptor_85fe23d8fdbcfe93, []int{0, 0} +} + +func (m *AesmServiceRequest_GetLaunchToken) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_AesmServiceRequest_GetLaunchToken.Unmarshal(m, b) +} +func (m *AesmServiceRequest_GetLaunchToken) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_AesmServiceRequest_GetLaunchToken.Marshal(b, m, deterministic) +} +func (m *AesmServiceRequest_GetLaunchToken) XXX_Merge(src proto.Message) { + xxx_messageInfo_AesmServiceRequest_GetLaunchToken.Merge(m, src) +} +func (m *AesmServiceRequest_GetLaunchToken) XXX_Size() int { + return xxx_messageInfo_AesmServiceRequest_GetLaunchToken.Size(m) +} +func (m *AesmServiceRequest_GetLaunchToken) XXX_DiscardUnknown() { + xxx_messageInfo_AesmServiceRequest_GetLaunchToken.DiscardUnknown(m) +} + +var xxx_messageInfo_AesmServiceRequest_GetLaunchToken proto.InternalMessageInfo + +func (m *AesmServiceRequest_GetLaunchToken) GetEnclavehash() []byte { + if m != nil { + return m.Enclavehash + } + return nil +} + +func (m *AesmServiceRequest_GetLaunchToken) GetModulus() []byte { + if m != nil { + return m.Modulus + } + return nil +} + +func (m *AesmServiceRequest_GetLaunchToken) GetAttributes() []byte { + if m != nil { + return m.Attributes + } + return nil +} + +func (m *AesmServiceRequest_GetLaunchToken) GetTimeout() uint32 { + if m != nil { + return m.Timeout + } + return 0 +} + +type AesmServiceResponse struct { + GetLaunchToken *AesmServiceResponse_GetLaunchToken `protobuf:"bytes,3,opt,name=getLaunchToken,proto3" json:"getLaunchToken,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *AesmServiceResponse) Reset() { *m = AesmServiceResponse{} } +func (m *AesmServiceResponse) String() string { return proto.CompactTextString(m) } +func (*AesmServiceResponse) ProtoMessage() {} +func (*AesmServiceResponse) Descriptor() ([]byte, []int) { + return fileDescriptor_85fe23d8fdbcfe93, []int{1} +} + +func (m *AesmServiceResponse) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_AesmServiceResponse.Unmarshal(m, b) +} +func (m *AesmServiceResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_AesmServiceResponse.Marshal(b, m, deterministic) +} +func (m *AesmServiceResponse) XXX_Merge(src proto.Message) { + xxx_messageInfo_AesmServiceResponse.Merge(m, src) +} +func (m *AesmServiceResponse) XXX_Size() int { + return xxx_messageInfo_AesmServiceResponse.Size(m) +} +func (m *AesmServiceResponse) XXX_DiscardUnknown() { + xxx_messageInfo_AesmServiceResponse.DiscardUnknown(m) +} + +var xxx_messageInfo_AesmServiceResponse proto.InternalMessageInfo + +func (m *AesmServiceResponse) GetGetLaunchToken() *AesmServiceResponse_GetLaunchToken { + if m != nil { + return m.GetLaunchToken + } + return nil +} + +type AesmServiceResponse_GetLaunchToken struct { + Error uint32 `protobuf:"varint,1,opt,name=error,proto3" json:"error,omitempty"` + Token []byte `protobuf:"bytes,2,opt,name=token,proto3" json:"token,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *AesmServiceResponse_GetLaunchToken) Reset() { *m = AesmServiceResponse_GetLaunchToken{} } +func (m *AesmServiceResponse_GetLaunchToken) String() string { return proto.CompactTextString(m) } +func (*AesmServiceResponse_GetLaunchToken) ProtoMessage() {} +func (*AesmServiceResponse_GetLaunchToken) Descriptor() ([]byte, []int) { + return fileDescriptor_85fe23d8fdbcfe93, []int{1, 0} +} + +func (m *AesmServiceResponse_GetLaunchToken) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_AesmServiceResponse_GetLaunchToken.Unmarshal(m, b) +} +func (m *AesmServiceResponse_GetLaunchToken) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_AesmServiceResponse_GetLaunchToken.Marshal(b, m, deterministic) +} +func (m *AesmServiceResponse_GetLaunchToken) XXX_Merge(src proto.Message) { + xxx_messageInfo_AesmServiceResponse_GetLaunchToken.Merge(m, src) +} +func (m *AesmServiceResponse_GetLaunchToken) XXX_Size() int { + return xxx_messageInfo_AesmServiceResponse_GetLaunchToken.Size(m) +} +func (m *AesmServiceResponse_GetLaunchToken) XXX_DiscardUnknown() { + xxx_messageInfo_AesmServiceResponse_GetLaunchToken.DiscardUnknown(m) +} + +var xxx_messageInfo_AesmServiceResponse_GetLaunchToken proto.InternalMessageInfo + +func (m *AesmServiceResponse_GetLaunchToken) GetError() uint32 { + if m != nil { + return m.Error + } + return 0 +} + +func (m *AesmServiceResponse_GetLaunchToken) GetToken() []byte { + if m != nil { + return m.Token + } + return nil +} + +func init() { + proto.RegisterType((*AesmServiceRequest)(nil), "aesm_service.AesmServiceRequest") + proto.RegisterType((*AesmServiceRequest_GetLaunchToken)(nil), "aesm_service.AesmServiceRequest.GetLaunchToken") + proto.RegisterType((*AesmServiceResponse)(nil), "aesm_service.AesmServiceResponse") + proto.RegisterType((*AesmServiceResponse_GetLaunchToken)(nil), "aesm_service.AesmServiceResponse.GetLaunchToken") +} + +func init() { + proto.RegisterFile("aesm-service.proto", fileDescriptor_85fe23d8fdbcfe93) +} + +var fileDescriptor_85fe23d8fdbcfe93 = []byte{ + // 250 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x84, 0x91, 0xb1, 0x4e, 0xc3, 0x30, + 0x10, 0x86, 0x65, 0x10, 0x20, 0xae, 0x69, 0x07, 0xc3, 0x60, 0x31, 0xa0, 0xa8, 0x53, 0x16, 0x02, + 0x82, 0x95, 0x85, 0x89, 0x85, 0xc9, 0x20, 0xc1, 0x86, 0xdc, 0x70, 0x22, 0x11, 0x8d, 0x5d, 0x7c, + 0xe7, 0x3e, 0x02, 0x6f, 0xc3, 0xeb, 0x31, 0xa3, 0xd8, 0x54, 0x4a, 0x88, 0xa0, 0xe3, 0xff, 0xdb, + 0x9f, 0x7d, 0x9f, 0x0e, 0xa4, 0x41, 0x6a, 0xcf, 0x08, 0xfd, 0xba, 0xa9, 0xb0, 0x5c, 0x79, 0xc7, + 0x4e, 0x66, 0x5d, 0xf7, 0xfc, 0xd3, 0xcd, 0xbf, 0x04, 0xc8, 0x1b, 0xa4, 0xf6, 0x3e, 0x65, 0x8d, + 0xef, 0x01, 0x89, 0xe5, 0x23, 0xcc, 0x5e, 0x91, 0xef, 0x4c, 0xb0, 0x55, 0xfd, 0xe0, 0xde, 0xd0, + 0xaa, 0xdd, 0x5c, 0x14, 0x93, 0xcb, 0xf3, 0xb2, 0x4f, 0x97, 0x63, 0xb2, 0xbc, 0x1d, 0x60, 0xfa, + 0xd7, 0x33, 0x27, 0x1f, 0x02, 0x66, 0xc3, 0x2b, 0x32, 0x87, 0x09, 0xda, 0x6a, 0x69, 0xd6, 0x58, + 0x1b, 0xaa, 0x95, 0xc8, 0x45, 0x91, 0xe9, 0x7e, 0x25, 0x15, 0x1c, 0xb4, 0xee, 0x25, 0x2c, 0x03, + 0xa9, 0x9d, 0x78, 0xba, 0x89, 0xf2, 0x14, 0xc0, 0x30, 0xfb, 0x66, 0x11, 0x18, 0x29, 0xce, 0x98, + 0xe9, 0x5e, 0xd3, 0x91, 0xdc, 0xb4, 0xe8, 0x02, 0xab, 0xc3, 0x5c, 0x14, 0x53, 0xbd, 0x89, 0xf3, + 0x4f, 0x01, 0x47, 0x83, 0xf1, 0x69, 0xe5, 0x2c, 0xa1, 0x7c, 0xfa, 0xc3, 0xfc, 0xe2, 0x1f, 0xf3, + 0x84, 0x6e, 0x53, 0xbf, 0x1e, 0x99, 0x1f, 0xc3, 0x1e, 0x7a, 0xef, 0x7c, 0x74, 0x9e, 0xea, 0x14, + 0xba, 0x96, 0xe3, 0xc7, 0xc9, 0x35, 0x85, 0xc5, 0x7e, 0xdc, 0xde, 0xd5, 0x77, 0x00, 0x00, 0x00, + 0xff, 0xff, 0x3d, 0x84, 0x0e, 0xe1, 0xd3, 0x01, 0x00, 0x00, +} -- GitLab