Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

snap-bootstrap: load partition information from a manifest file for cloudimg-rootfs mode #14713

Open
wants to merge 20 commits into
base: master
Choose a base branch
from
Open

snap-bootstrap: load partition information from a manifest file for cloudimg-rootfs mode #14713

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
20 commits
Select commit Hold shift + click to select a range
6e0520c
c/snap-bootstrap: refactor CVM mode
sespiros Jun 6, 2024
3a626ed
c/snap-bootstrap: support mount overlays in CVM mode
sespiros Jun 12, 2024
979f766
c/snap-bootstrap: use partition label to auto-discover the rootfs dm-…
sespiros Jul 8, 2024
7c04d9e
c/snap-bootstrap: refactor manifest parsing code for CVM mode
sespiros Jul 17, 2024
e8727c7
c/snap-bootstrap: rename FsLabel field to GptLabel
sespiros Aug 4, 2024
375d3ee
c/snap-bootstrap: change path name of writable tmpfs partition
sespiros Aug 5, 2024
0d15271
c/snap-bootstrap: make comment more generic
sespiros Aug 5, 2024
ab25063
c/snap-bootstrap: limit upper overlay folder creation to the tmpfs case
sespiros Aug 5, 2024
fe99781
c/snap-bootstrap: revert comment for secbootProvisionForCVM
sespiros Aug 5, 2024
54a9460
c/snap-bootstrap: fix test for CVM mode
sespiros Aug 5, 2024
7543b7e
c/snap-bootstrap: remove redundant disk check
sespiros Oct 10, 2024
c4ab893
c/snap-bootstrap: add test for CVM ephemeral mode with manifest
sespiros Nov 12, 2024
0d0e20f
c/snap-bootstrap: make cvm structures private
sespiros Dec 16, 2024
66a6022
c/snap-bootstrap: create a manifest file in test instead of mocking t…
sespiros Dec 17, 2024
81e0cbe
c/snap-bootstrap: simplify manifest and add extra tests
sespiros Dec 17, 2024
88b9b4e
c/snap-bootstrap: minor comment changes in test cases for cvm
sespiros Dec 17, 2024
7fd84a6
c/snap-bootstrap: address comment wrt to manifest handling in cvm mode
sespiros Dec 17, 2024
74993cc
c/snap-bootstrap: add tests for createOverlayDirs
sespiros Dec 17, 2024
c493ddc
cmd/snap-bootstrap: add TODO notice for manifest measurement
sespiros Dec 17, 2024
08d5943
c/snap-bootstrap: address comments for cvm mode
sespiros Dec 17, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
265 changes: 235 additions & 30 deletions cmd/snap-bootstrap/cmd_initramfs_mounts_cvm.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,10 @@
package main

import (
"encoding/json"
"errors"
"fmt"
"os"
"path/filepath"

"github.com/snapcore/snapd/asserts"
Expand All @@ -44,9 +47,170 @@
return "signed"
}

type partitionMount struct {
GptLabel string
Where string
Opts *systemdMountOptions
}

type imageManifestPartition struct {
// GptLabel is the GPT partition label. It is used to identify the partition on the disk.
GptLabel string `json:"label"`
// RootHash is the expected dm-verity root hash of the partition. In CVM mode, no further
// options are passed to veritysetup so this is expected to be a sha256 hash which is
// veritysetup's default.
RootHash string `json:"root_hash"`
// ReadOnly marks the partition as read only. Partitions marked as read only can only be used
// as lowerdir overlay fs partitions.
ReadOnly bool `json:"read_only"`
}

type imageManifest struct {
// Partitions is a list of partitions with their associated dm-verity root hashes and
// intended overlayfs use.
Partitions []imageManifestPartition `json:"partitions"`
}

type manifestError struct{}

func (e *manifestError) Error() string {
return fmt.Sprintf("")
}

func parseImageManifest(imageManifestFile []byte) (imageManifest, error) {
var im imageManifest
err := json.Unmarshal(imageManifestFile, &im)
if err != nil {
return imageManifest{}, err
}

return im, nil
}

// generateMountsFromManifest performs various sanity checks to partition information coming from an

Check failure on line 90 in cmd/snap-bootstrap/cmd_initramfs_mounts_cvm.go

View workflow job for this annotation

GitHub Actions / Inclusive-naming-check 

[woke] reported by reviewdog 🐶
[error] `sanity` may be insensitive, use `confidence`, `quick check`, `coherence check` instead

Raw Output:
cmd/snap-bootstrap/cmd_initramfs_mounts_cvm.go:90:47: [error] `sanity` may be insensitive, use `confidence`, `quick check`, `coherence check` instead
// imageManifest struct and then creates the necessary overlay fs partitions in the format expected by
// doSystemdMount.
//
// Only a single read-only partition is allowed which will be used as the lowerdir parameter in the final
// overlay fs. This partition needs to have an associated dm-verity partition with the same GPT label followed
// by "-verity". A root hash is also required but not enforced here.
//
// Only a single writable partition is allowed which will be used to host the upperdir and workdir paths in the
// final overlay fs. This can be encrypted as in CVMv1. If a writable partition is not specified, a tmpfs-based
// one will host the upperdir and workdir paths of the overlayfs. This is relevant in ephemeral confidential VM
// scenarios where the confidentiality of the writable data is achieved through hardware memory encryption and
// not disk encryption (the writable data/system state should never touch the disk).
func generateMountsFromManifest(im imageManifest, disk disks.Disk) ([]partitionMount, error) {
foundReadOnlyPartition := ""
foundWritablePartition := ""

partitionMounts := []partitionMount{}

// Configure the overlay filesystems mounts from the manifest.
for _, p := range im.Partitions {
pm := partitionMount{
Opts: &systemdMountOptions{},
}

pm.GptLabel = p.GptLabel

// All detected partitions are mounted by default under /run/mnt/<GptLabel of partition>
pm.Where = filepath.Join(boot.InitramfsRunMntDir, p.GptLabel)

if p.ReadOnly {
// XXX: currently only a single read-only partition/overlay fs lowerdir is permitted.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this something expected to change in the future? Maybe the comment should clarify this.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have discussed about having support for multiple lowerdirs in the future to support varying degrees of customization. I clarified this in my comment.

// Support for multiple lowerdirs could be supported in the future.
if foundReadOnlyPartition != "" {
return nil, errors.New("manifest contains multiple partitions marked as read-only")

}
foundReadOnlyPartition = pm.GptLabel

// systemd-mount will run fsck by default when attempting to mount the partition and potentially corrupt it.
// This will cause dm-verity to fail when attempting to set up the dm-verity mount.
// fsck should be/is run by the encrypt-cloud-image tool prior to generating dm-verity data.
pm.Opts.NeedsFsck = false
pm.Opts.VerityRootHash = p.RootHash

// Auto-discover verity device from disk.
verityPartition, err := disk.FindMatchingPartitionWithPartLabel(p.GptLabel + "-verity")
if err != nil {
return []partitionMount{}, err
}
pm.Opts.VerityHashDevice = verityPartition.KernelDeviceNode
} else {
// Only one writable partition is permitted.
if foundWritablePartition != "" {
return nil, errors.New("manifest contains multiple writable partitions")
}
// Manifest contains a partition meant to be used as a writable overlay for the non-ephemeral vm case.
// If it is encrypted, its key will be autodiscovered based on its FsLabel later.
foundWritablePartition = p.GptLabel
pm.Opts.NeedsFsck = true
}

partitionMounts = append(partitionMounts, pm)
}

if foundReadOnlyPartition == "" {
return nil, errors.New("manifest doesn't contain any partition marked as read-only")
}

// If no writable partitions were found in the manifest, Configure a tmpfs filesystem for the upper and workdir layers
// of the final rootfs mount.
if foundWritablePartition == "" {
foundWritablePartition = "writable-tmp"

pm := partitionMount{
Where: filepath.Join(boot.InitramfsRunMntDir, "writable-tmp"),
GptLabel: "writable-tmp",
Opts: &systemdMountOptions{
Tmpfs: true,
},
}

partitionMounts = append(partitionMounts, pm)
}

// Configure the merged overlay filesystem mount.
pm := partitionMount{
Where: boot.InitramfsDataDir,
GptLabel: "cloudimg-rootfs",
Opts: &systemdMountOptions{
Overlayfs: true,
LowerDirs: []string{filepath.Join(boot.InitramfsRunMntDir, foundReadOnlyPartition)},
UpperDir: filepath.Join(boot.InitramfsRunMntDir, foundWritablePartition, "upper"),
WorkDir: filepath.Join(boot.InitramfsRunMntDir, foundWritablePartition, "work"),
},
}

partitionMounts = append(partitionMounts, pm)

return partitionMounts, nil
}

var createOverlayDirs = func(path string) error {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is not tested

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added several test cases.

if err := os.Mkdir(path, 0755); err != nil && !os.IsExist(err) {
return err
}
if err := os.Mkdir(filepath.Join(path, "upper"), 0755); err != nil && !os.IsExist(err) {
return err
}
if err := os.Mkdir(filepath.Join(path, "work"), 0755); err != nil && !os.IsExist(err) {
return err
}

return nil
}

// generateMountsModeRunCVM is used to generate mounts for the special "cloudimg-rootfs" mode which
// mounts the rootfs from a partition on the disk rather than a base snap. It supports TPM-backed FDE
// for the rootfs partition using a sealed key from the seed partition.
//
// It also supports retrieving partition information using a manifest from the seed partition. If a
// manifest file is found under the specified path, it will parse the manifest for mount information,
// otherwise it will follow the default behaviour of auto-discovering a disk with the "cloudimg-rootfs"
// label.
func generateMountsModeRunCVM(mst *initramfsMountsState) error {
// Mount ESP as UbuntuSeedDir which has UEFI label
if err := mountNonDataPartitionMatchingKernelDisk(boot.InitramfsUbuntuSeedDir, "UEFI"); err != nil {
Expand All @@ -60,42 +224,83 @@
return err
}

// Mount rootfs
if err := secbootProvisionForCVM(boot.InitramfsUbuntuSeedDir); err != nil {
return err
}
runModeCVMKey := filepath.Join(boot.InitramfsSeedEncryptionKeyDir, "cloudimg-rootfs.sealed-key")
opts := &secboot.UnlockVolumeUsingSealedKeyOptions{
AllowRecoveryKey: true,
}
unlockRes, err := secbootUnlockVolumeUsingSealedKeyIfEncrypted(disk, "cloudimg-rootfs", runModeCVMKey, opts)
var partitionMounts []partitionMount

// try searching for a manifest that contains mount information
imageManifestFile, err := os.ReadFile(filepath.Join(boot.InitramfsUbuntuSeedDir, "EFI/ubuntu", "manifest.json"))
if err != nil {
return err
}
fsckSystemdOpts := &systemdMountOptions{
NeedsFsck: true,
Ephemeral: true,
}
if err := doSystemdMount(unlockRes.FsDevice, boot.InitramfsDataDir, fsckSystemdOpts); err != nil {
return err
}
if !errors.Is(err, os.ErrNotExist) {
return err
}

// If a manifest file is not found fall-back to CVM v1 behaviour
partitionMounts = []partitionMount{
{
Where: boot.InitramfsDataDir,
GptLabel: "cloudimg-rootfs",
Opts: &systemdMountOptions{
NeedsFsck: true,
},
},
}
} else {
im, err := parseImageManifest(imageManifestFile)
if err != nil {
return err
} else {

// Verify that cloudimg-rootfs comes from where we expect it to
diskOpts := &disks.Options{}
if unlockRes.IsEncrypted {
// then we need to specify that the data mountpoint is
// expected to be a decrypted device
diskOpts.IsDecryptedDevice = true
// TODO: the manifest will be also accompanied by a public key and a signature.
// Here we will also need to validate the signature of the manifest against
// the public key and then measure a digest of the public key to the TPM.
// A later remote attestation step will be able to verify that the public
// key that was measured is an expected one.

partitionMounts, err = generateMountsFromManifest(im, disk)
if err != nil {
return err
}
}
}

matches, err := disk.MountPointIsFromDisk(boot.InitramfsDataDir, diskOpts)
if err != nil {
// Provision TPM
if err := secbootProvisionForCVM(boot.InitramfsUbuntuSeedDir); err != nil {
return err
}
if !matches {
// failed to verify that cloudimg-rootfs mountpoint
// comes from the same disk as ESP
return fmt.Errorf("cannot validate boot: cloudimg-rootfs mountpoint is expected to be from disk %s but is not", disk.Dev())

// Mount partitions. In case a manifest is used, generateMountsFromManifest will return
// the partitions in specific order 1) ro 2) rw 3) overlay fs.
for _, pm := range partitionMounts {
var what string
var unlockRes secboot.UnlockResult

if !pm.Opts.Tmpfs {
runModeCVMKey := filepath.Join(boot.InitramfsSeedEncryptionKeyDir, pm.GptLabel+".sealed-key")
opts := &secboot.UnlockVolumeUsingSealedKeyOptions{
AllowRecoveryKey: true,
}
// UnlovkVolumeUsingSealedKeyIfEncrypted is searching for partitions based on their filesystem label and
// not the GPT label. Images that are created for CVM mode set both to the same label. The GPT label
// is used for partition discovery and the filesystem label for auto-discovery of a potentially encrypted
// partition.
unlockRes, err = secbootUnlockVolumeUsingSealedKeyIfEncrypted(disk, pm.GptLabel, runModeCVMKey, opts)
if err != nil {
return err
}

what = unlockRes.FsDevice
}

if err := doSystemdMount(what, pm.Where, pm.Opts); err != nil {
return err
}

// Create overlayfs' upperdir and workdir in the writable tmpfs layer. In case there is a writable layer,
// these directories should have been created during the image creation process.
if pm.Opts.Tmpfs {
if err := createOverlayDirs(pm.Where); err != nil {
return err
}
}
}

// Unmount ESP because otherwise unmounting is racy and results in booted systems without ESP
Expand Down
Loading
Loading