From b8089d925f03c6ebba90463cf313446e6092b74b Mon Sep 17 00:00:00 2001 From: Sammy Oina Date: Tue, 19 Nov 2024 16:18:15 +0300 Subject: [PATCH] attestation policy field Signed-off-by: Sammy Oina --- .github/dependabot.yaml | 2 +- .github/workflows/rust.yaml | 6 +- Makefile | 8 +- agent/agent_grpc.pb.go | 235 +++++++++--- ...{backend_info.go => attestation_policy.go} | 38 +- ...nfo_test.go => attestation_policy_test.go} | 20 +- cli/cache.go | 2 +- cmd/cli/main.go | 10 +- cmd/manager/main.go | 18 +- cocos-manager.env | 2 +- go.mod | 5 +- manager/README.md | 2 +- manager/api/grpc/client.go | 19 +- manager/api/grpc/client_test.go | 34 +- manager/api/logging.go | 6 +- manager/api/metrics.go | 8 +- ...{backend_info.go => attestation_policy.go} | 16 +- manager/attestation_policy_embed.go | 17 + ...nfo_test.go => attestation_policy_test.go} | 26 +- manager/backend_info_embed.go | 17 - manager/manager.pb.go | 342 ++++++++++-------- manager/manager.proto | 20 +- manager/manager_grpc.pb.go | 83 +++-- manager/mocks/service.go | 6 +- manager/service.go | 48 +-- manager/tracing/tracing.go | 6 +- pkg/attestation/quoteprovider/sev.go | 2 +- pkg/attestation/quoteprovider/sev_test.go | 4 +- pkg/clients/grpc/agent/agent_test.go | 4 +- pkg/clients/grpc/connect.go | 32 +- pkg/clients/grpc/connect_test.go | 10 +- pkg/clients/grpc/manager/manager_test.go | 4 +- .../Cargo.toml | 2 +- .../Makefile | 2 +- .../README.md | 8 +- .../attestation_policy.go} | 6 +- .../attestation_policy.json} | 0 .../src/main.rs | 8 +- test/computations/main.go | 10 - test/manual/README.md | 22 +- 40 files changed, 636 insertions(+), 474 deletions(-) rename cli/{backend_info.go => attestation_policy.go} (68%) rename cli/{backend_info_test.go => attestation_policy_test.go} (80%) rename manager/{backend_info.go => attestation_policy.go} (77%) create mode 100644 manager/attestation_policy_embed.go rename manager/{backend_info_test.go => attestation_policy_test.go} (80%) delete mode 100644 manager/backend_info_embed.go rename scripts/{backend_info => attestation_policy}/Cargo.toml (91%) rename scripts/{backend_info => attestation_policy}/Makefile (83%) rename scripts/{backend_info => attestation_policy}/README.md (79%) rename scripts/{backend_info/backend_info.go => attestation_policy/attestation_policy.go} (58%) rename scripts/{backend_info/backend_info.json => attestation_policy/attestation_policy.json} (100%) rename scripts/{backend_info => attestation_policy}/src/main.rs (94%) diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml index 28b3d1c7..9942fdce 100644 --- a/.github/dependabot.yaml +++ b/.github/dependabot.yaml @@ -1,7 +1,7 @@ version: 2 updates: - package-ecosystem: "cargo" - directory: "/scripts/backend_info" + directory: "/scripts/attestation_policy" schedule: interval: "weekly" day: "monday" diff --git a/.github/workflows/rust.yaml b/.github/workflows/rust.yaml index 19d358d4..a1c73c10 100644 --- a/.github/workflows/rust.yaml +++ b/.github/workflows/rust.yaml @@ -5,13 +5,13 @@ on: branches: - main paths: - - "scripts/backend_info/**" + - "scripts/attestation_policy/**" - ".github/workflows/rust.yaml" pull_request: branches: - main paths: - - "scripts/backend_info/**" + - "scripts/attestation_policy/**" - ".github/workflows/rust.yaml" env: @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest defaults: run: - working-directory: ./scripts/backend_info + working-directory: ./scripts/attestation_policy steps: - name: Checkout Code diff --git a/Makefile b/Makefile index 1c1bc193..e6364aac 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ BUILD_DIR = build SERVICES = manager agent cli -BACKEND_INFO = backend_info +ATTESTATION_POLICY = attestation_policy CGO_ENABLED ?= 1 GOARCH ?= amd64 VERSION ?= $(shell git describe --abbrev=0 --tags --always) @@ -23,15 +23,15 @@ define compile_service -o ${BUILD_DIR}/cocos-$(1) cmd/$(1)/main.go endef -.PHONY: all $(SERVICES) $(BACKEND_INFO) install clean +.PHONY: all $(SERVICES) $(ATTESTATION_POLICY) install clean all: $(SERVICES) $(SERVICES): $(call compile_service,$@) -$(BACKEND_INFO): - $(MAKE) -C ./scripts/backend_info +$(ATTESTATION_POLICY): + $(MAKE) -C ./scripts/attestation_policy protoc: protoc -I. --go_out=. --go_opt=paths=source_relative --go-grpc_out=. --go-grpc_opt=paths=source_relative agent/agent.proto diff --git a/agent/agent_grpc.pb.go b/agent/agent_grpc.pb.go index c366fc83..63d3c6d4 100644 --- a/agent/agent_grpc.pb.go +++ b/agent/agent_grpc.pb.go @@ -3,7 +3,7 @@ // Code generated by protoc-gen-go-grpc. DO NOT EDIT. // versions: -// - protoc-gen-go-grpc v1.5.1 +// - protoc-gen-go-grpc v1.4.0 // - protoc v5.28.1 // source: agent/agent.proto @@ -18,8 +18,8 @@ import ( // This is a compile-time assertion to ensure that this generated file // is compatible with the grpc package it is being compiled against. -// Requires gRPC-Go v1.64.0 or later. -const _ = grpc.SupportPackageIsVersion9 +// Requires gRPC-Go v1.62.0 or later. +const _ = grpc.SupportPackageIsVersion8 const ( AgentService_Algo_FullMethodName = "/agent.AgentService/Algo" @@ -32,10 +32,10 @@ const ( // // For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. type AgentServiceClient interface { - Algo(ctx context.Context, opts ...grpc.CallOption) (grpc.ClientStreamingClient[AlgoRequest, AlgoResponse], error) - Data(ctx context.Context, opts ...grpc.CallOption) (grpc.ClientStreamingClient[DataRequest, DataResponse], error) - Result(ctx context.Context, in *ResultRequest, opts ...grpc.CallOption) (grpc.ServerStreamingClient[ResultResponse], error) - Attestation(ctx context.Context, in *AttestationRequest, opts ...grpc.CallOption) (grpc.ServerStreamingClient[AttestationResponse], error) + Algo(ctx context.Context, opts ...grpc.CallOption) (AgentService_AlgoClient, error) + Data(ctx context.Context, opts ...grpc.CallOption) (AgentService_DataClient, error) + Result(ctx context.Context, in *ResultRequest, opts ...grpc.CallOption) (AgentService_ResultClient, error) + Attestation(ctx context.Context, in *AttestationRequest, opts ...grpc.CallOption) (AgentService_AttestationClient, error) } type agentServiceClient struct { @@ -46,39 +46,83 @@ func NewAgentServiceClient(cc grpc.ClientConnInterface) AgentServiceClient { return &agentServiceClient{cc} } -func (c *agentServiceClient) Algo(ctx context.Context, opts ...grpc.CallOption) (grpc.ClientStreamingClient[AlgoRequest, AlgoResponse], error) { +func (c *agentServiceClient) Algo(ctx context.Context, opts ...grpc.CallOption) (AgentService_AlgoClient, error) { cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) stream, err := c.cc.NewStream(ctx, &AgentService_ServiceDesc.Streams[0], AgentService_Algo_FullMethodName, cOpts...) if err != nil { return nil, err } - x := &grpc.GenericClientStream[AlgoRequest, AlgoResponse]{ClientStream: stream} + x := &agentServiceAlgoClient{ClientStream: stream} return x, nil } -// This type alias is provided for backwards compatibility with existing code that references the prior non-generic stream type by name. -type AgentService_AlgoClient = grpc.ClientStreamingClient[AlgoRequest, AlgoResponse] +type AgentService_AlgoClient interface { + Send(*AlgoRequest) error + CloseAndRecv() (*AlgoResponse, error) + grpc.ClientStream +} + +type agentServiceAlgoClient struct { + grpc.ClientStream +} + +func (x *agentServiceAlgoClient) Send(m *AlgoRequest) error { + return x.ClientStream.SendMsg(m) +} + +func (x *agentServiceAlgoClient) CloseAndRecv() (*AlgoResponse, error) { + if err := x.ClientStream.CloseSend(); err != nil { + return nil, err + } + m := new(AlgoResponse) + if err := x.ClientStream.RecvMsg(m); err != nil { + return nil, err + } + return m, nil +} -func (c *agentServiceClient) Data(ctx context.Context, opts ...grpc.CallOption) (grpc.ClientStreamingClient[DataRequest, DataResponse], error) { +func (c *agentServiceClient) Data(ctx context.Context, opts ...grpc.CallOption) (AgentService_DataClient, error) { cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) stream, err := c.cc.NewStream(ctx, &AgentService_ServiceDesc.Streams[1], AgentService_Data_FullMethodName, cOpts...) if err != nil { return nil, err } - x := &grpc.GenericClientStream[DataRequest, DataResponse]{ClientStream: stream} + x := &agentServiceDataClient{ClientStream: stream} return x, nil } -// This type alias is provided for backwards compatibility with existing code that references the prior non-generic stream type by name. -type AgentService_DataClient = grpc.ClientStreamingClient[DataRequest, DataResponse] +type AgentService_DataClient interface { + Send(*DataRequest) error + CloseAndRecv() (*DataResponse, error) + grpc.ClientStream +} -func (c *agentServiceClient) Result(ctx context.Context, in *ResultRequest, opts ...grpc.CallOption) (grpc.ServerStreamingClient[ResultResponse], error) { +type agentServiceDataClient struct { + grpc.ClientStream +} + +func (x *agentServiceDataClient) Send(m *DataRequest) error { + return x.ClientStream.SendMsg(m) +} + +func (x *agentServiceDataClient) CloseAndRecv() (*DataResponse, error) { + if err := x.ClientStream.CloseSend(); err != nil { + return nil, err + } + m := new(DataResponse) + if err := x.ClientStream.RecvMsg(m); err != nil { + return nil, err + } + return m, nil +} + +func (c *agentServiceClient) Result(ctx context.Context, in *ResultRequest, opts ...grpc.CallOption) (AgentService_ResultClient, error) { cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) stream, err := c.cc.NewStream(ctx, &AgentService_ServiceDesc.Streams[2], AgentService_Result_FullMethodName, cOpts...) if err != nil { return nil, err } - x := &grpc.GenericClientStream[ResultRequest, ResultResponse]{ClientStream: stream} + x := &agentServiceResultClient{ClientStream: stream} if err := x.ClientStream.SendMsg(in); err != nil { return nil, err } @@ -88,16 +132,30 @@ func (c *agentServiceClient) Result(ctx context.Context, in *ResultRequest, opts return x, nil } -// This type alias is provided for backwards compatibility with existing code that references the prior non-generic stream type by name. -type AgentService_ResultClient = grpc.ServerStreamingClient[ResultResponse] +type AgentService_ResultClient interface { + Recv() (*ResultResponse, error) + grpc.ClientStream +} + +type agentServiceResultClient struct { + grpc.ClientStream +} -func (c *agentServiceClient) Attestation(ctx context.Context, in *AttestationRequest, opts ...grpc.CallOption) (grpc.ServerStreamingClient[AttestationResponse], error) { +func (x *agentServiceResultClient) Recv() (*ResultResponse, error) { + m := new(ResultResponse) + if err := x.ClientStream.RecvMsg(m); err != nil { + return nil, err + } + return m, nil +} + +func (c *agentServiceClient) Attestation(ctx context.Context, in *AttestationRequest, opts ...grpc.CallOption) (AgentService_AttestationClient, error) { cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) stream, err := c.cc.NewStream(ctx, &AgentService_ServiceDesc.Streams[3], AgentService_Attestation_FullMethodName, cOpts...) if err != nil { return nil, err } - x := &grpc.GenericClientStream[AttestationRequest, AttestationResponse]{ClientStream: stream} + x := &agentServiceAttestationClient{ClientStream: stream} if err := x.ClientStream.SendMsg(in); err != nil { return nil, err } @@ -107,41 +165,51 @@ func (c *agentServiceClient) Attestation(ctx context.Context, in *AttestationReq return x, nil } -// This type alias is provided for backwards compatibility with existing code that references the prior non-generic stream type by name. -type AgentService_AttestationClient = grpc.ServerStreamingClient[AttestationResponse] +type AgentService_AttestationClient interface { + Recv() (*AttestationResponse, error) + grpc.ClientStream +} + +type agentServiceAttestationClient struct { + grpc.ClientStream +} + +func (x *agentServiceAttestationClient) Recv() (*AttestationResponse, error) { + m := new(AttestationResponse) + if err := x.ClientStream.RecvMsg(m); err != nil { + return nil, err + } + return m, nil +} // AgentServiceServer is the server API for AgentService service. // All implementations must embed UnimplementedAgentServiceServer -// for forward compatibility. +// for forward compatibility type AgentServiceServer interface { - Algo(grpc.ClientStreamingServer[AlgoRequest, AlgoResponse]) error - Data(grpc.ClientStreamingServer[DataRequest, DataResponse]) error - Result(*ResultRequest, grpc.ServerStreamingServer[ResultResponse]) error - Attestation(*AttestationRequest, grpc.ServerStreamingServer[AttestationResponse]) error + Algo(AgentService_AlgoServer) error + Data(AgentService_DataServer) error + Result(*ResultRequest, AgentService_ResultServer) error + Attestation(*AttestationRequest, AgentService_AttestationServer) error mustEmbedUnimplementedAgentServiceServer() } -// UnimplementedAgentServiceServer must be embedded to have -// forward compatible implementations. -// -// NOTE: this should be embedded by value instead of pointer to avoid a nil -// pointer dereference when methods are called. -type UnimplementedAgentServiceServer struct{} +// UnimplementedAgentServiceServer must be embedded to have forward compatible implementations. +type UnimplementedAgentServiceServer struct { +} -func (UnimplementedAgentServiceServer) Algo(grpc.ClientStreamingServer[AlgoRequest, AlgoResponse]) error { +func (UnimplementedAgentServiceServer) Algo(AgentService_AlgoServer) error { return status.Errorf(codes.Unimplemented, "method Algo not implemented") } -func (UnimplementedAgentServiceServer) Data(grpc.ClientStreamingServer[DataRequest, DataResponse]) error { +func (UnimplementedAgentServiceServer) Data(AgentService_DataServer) error { return status.Errorf(codes.Unimplemented, "method Data not implemented") } -func (UnimplementedAgentServiceServer) Result(*ResultRequest, grpc.ServerStreamingServer[ResultResponse]) error { +func (UnimplementedAgentServiceServer) Result(*ResultRequest, AgentService_ResultServer) error { return status.Errorf(codes.Unimplemented, "method Result not implemented") } -func (UnimplementedAgentServiceServer) Attestation(*AttestationRequest, grpc.ServerStreamingServer[AttestationResponse]) error { +func (UnimplementedAgentServiceServer) Attestation(*AttestationRequest, AgentService_AttestationServer) error { return status.Errorf(codes.Unimplemented, "method Attestation not implemented") } func (UnimplementedAgentServiceServer) mustEmbedUnimplementedAgentServiceServer() {} -func (UnimplementedAgentServiceServer) testEmbeddedByValue() {} // UnsafeAgentServiceServer may be embedded to opt out of forward compatibility for this service. // Use of this interface is not recommended, as added methods to AgentServiceServer will @@ -151,51 +219,102 @@ type UnsafeAgentServiceServer interface { } func RegisterAgentServiceServer(s grpc.ServiceRegistrar, srv AgentServiceServer) { - // If the following call pancis, it indicates UnimplementedAgentServiceServer was - // embedded by pointer and is nil. This will cause panics if an - // unimplemented method is ever invoked, so we test this at initialization - // time to prevent it from happening at runtime later due to I/O. - if t, ok := srv.(interface{ testEmbeddedByValue() }); ok { - t.testEmbeddedByValue() - } s.RegisterService(&AgentService_ServiceDesc, srv) } func _AgentService_Algo_Handler(srv interface{}, stream grpc.ServerStream) error { - return srv.(AgentServiceServer).Algo(&grpc.GenericServerStream[AlgoRequest, AlgoResponse]{ServerStream: stream}) + return srv.(AgentServiceServer).Algo(&agentServiceAlgoServer{ServerStream: stream}) +} + +type AgentService_AlgoServer interface { + SendAndClose(*AlgoResponse) error + Recv() (*AlgoRequest, error) + grpc.ServerStream } -// This type alias is provided for backwards compatibility with existing code that references the prior non-generic stream type by name. -type AgentService_AlgoServer = grpc.ClientStreamingServer[AlgoRequest, AlgoResponse] +type agentServiceAlgoServer struct { + grpc.ServerStream +} + +func (x *agentServiceAlgoServer) SendAndClose(m *AlgoResponse) error { + return x.ServerStream.SendMsg(m) +} + +func (x *agentServiceAlgoServer) Recv() (*AlgoRequest, error) { + m := new(AlgoRequest) + if err := x.ServerStream.RecvMsg(m); err != nil { + return nil, err + } + return m, nil +} func _AgentService_Data_Handler(srv interface{}, stream grpc.ServerStream) error { - return srv.(AgentServiceServer).Data(&grpc.GenericServerStream[DataRequest, DataResponse]{ServerStream: stream}) + return srv.(AgentServiceServer).Data(&agentServiceDataServer{ServerStream: stream}) +} + +type AgentService_DataServer interface { + SendAndClose(*DataResponse) error + Recv() (*DataRequest, error) + grpc.ServerStream } -// This type alias is provided for backwards compatibility with existing code that references the prior non-generic stream type by name. -type AgentService_DataServer = grpc.ClientStreamingServer[DataRequest, DataResponse] +type agentServiceDataServer struct { + grpc.ServerStream +} + +func (x *agentServiceDataServer) SendAndClose(m *DataResponse) error { + return x.ServerStream.SendMsg(m) +} + +func (x *agentServiceDataServer) Recv() (*DataRequest, error) { + m := new(DataRequest) + if err := x.ServerStream.RecvMsg(m); err != nil { + return nil, err + } + return m, nil +} func _AgentService_Result_Handler(srv interface{}, stream grpc.ServerStream) error { m := new(ResultRequest) if err := stream.RecvMsg(m); err != nil { return err } - return srv.(AgentServiceServer).Result(m, &grpc.GenericServerStream[ResultRequest, ResultResponse]{ServerStream: stream}) + return srv.(AgentServiceServer).Result(m, &agentServiceResultServer{ServerStream: stream}) } -// This type alias is provided for backwards compatibility with existing code that references the prior non-generic stream type by name. -type AgentService_ResultServer = grpc.ServerStreamingServer[ResultResponse] +type AgentService_ResultServer interface { + Send(*ResultResponse) error + grpc.ServerStream +} + +type agentServiceResultServer struct { + grpc.ServerStream +} + +func (x *agentServiceResultServer) Send(m *ResultResponse) error { + return x.ServerStream.SendMsg(m) +} func _AgentService_Attestation_Handler(srv interface{}, stream grpc.ServerStream) error { m := new(AttestationRequest) if err := stream.RecvMsg(m); err != nil { return err } - return srv.(AgentServiceServer).Attestation(m, &grpc.GenericServerStream[AttestationRequest, AttestationResponse]{ServerStream: stream}) + return srv.(AgentServiceServer).Attestation(m, &agentServiceAttestationServer{ServerStream: stream}) +} + +type AgentService_AttestationServer interface { + Send(*AttestationResponse) error + grpc.ServerStream +} + +type agentServiceAttestationServer struct { + grpc.ServerStream } -// This type alias is provided for backwards compatibility with existing code that references the prior non-generic stream type by name. -type AgentService_AttestationServer = grpc.ServerStreamingServer[AttestationResponse] +func (x *agentServiceAttestationServer) Send(m *AttestationResponse) error { + return x.ServerStream.SendMsg(m) +} // AgentService_ServiceDesc is the grpc.ServiceDesc for AgentService service. // It's only intended for direct use with grpc.RegisterService, diff --git a/cli/backend_info.go b/cli/attestation_policy.go similarity index 68% rename from cli/backend_info.go rename to cli/attestation_policy.go index c5d72a9f..b42fac1e 100644 --- a/cli/backend_info.go +++ b/cli/attestation_policy.go @@ -30,21 +30,21 @@ const ( ) var ( - errDecode = errors.New("base64 string could not be decoded") - errDataLength = errors.New("data does not have an adequate length") - errReadingBackendInfoFile = errors.New("error while reading the backend information file") - errUnmarshalJSON = errors.New("failed to unmarshal json") - errMarshalJSON = errors.New("failed to marshal json") - errWriteFile = errors.New("failed to write to file") - errBackendField = errors.New("the specified field type does not exist in the backend information") + errDecode = errors.New("base64 string could not be decoded") + errDataLength = errors.New("data does not have an adequate length") + errReadingAttestationPolicyFile = errors.New("error while reading the attestation policy file") + errUnmarshalJSON = errors.New("failed to unmarshal json") + errMarshalJSON = errors.New("failed to marshal json") + errWriteFile = errors.New("failed to write to file") + errAttestationPolicyField = errors.New("the specified field type does not exist in the attestation policy") ) -func (cli *CLI) NewBackendCmd() *cobra.Command { +func (cli *CLI) NewAttestationPolicyCmd() *cobra.Command { return &cobra.Command{ - Use: "backend [command]", - Short: "Change backend information", + Use: "policy [command]", + Short: "Change attestation policy", Run: func(cmd *cobra.Command, args []string) { - fmt.Printf("Change backend information\n\n") + fmt.Printf("Change attestation policy\n\n") fmt.Printf("Usage:\n %s [command]\n\n", cmd.CommandPath()) fmt.Printf("Available Commands:\n") @@ -72,8 +72,8 @@ func (cli *CLI) NewBackendCmd() *cobra.Command { func (cli *CLI) NewAddMeasurementCmd() *cobra.Command { return &cobra.Command{ Use: "measurement", - Short: "Add measurement to the backend info file. The value should be in base64. The second parameter is backend_info.json file", - Example: "measurement ", + Short: "Add measurement to the attestation policy file. The value should be in base64. The second parameter is attestation_policy.json file", + Example: "measurement ", Args: cobra.ExactArgs(2), Run: func(cmd *cobra.Command, args []string) { if err := changeAttestationConfiguration(args[1], args[0], measurementLength, measurementField); err != nil { @@ -87,8 +87,8 @@ func (cli *CLI) NewAddMeasurementCmd() *cobra.Command { func (cli *CLI) NewAddHostDataCmd() *cobra.Command { return &cobra.Command{ Use: "hostdata", - Short: "Add host data to the backend info file. The value should be in base64. The second parameter is backend_info.json file", - Example: "hostdata ", + Short: "Add host data to the attestation policy file. The value should be in base64. The second parameter is attestation_policy.json file", + Example: "hostdata ", Args: cobra.ExactArgs(2), Run: func(cmd *cobra.Command, args []string) { if err := changeAttestationConfiguration(args[1], args[0], hostDataLength, hostDataField); err != nil { @@ -111,12 +111,12 @@ func changeAttestationConfiguration(fileName, base64Data string, expectedLength ac := check.Config{Policy: &check.Policy{}, RootOfTrust: &check.RootOfTrust{}} - backendInfo, err := os.ReadFile(fileName) + attestationPolicy, err := os.ReadFile(fileName) if err != nil { - return errors.Wrap(errReadingBackendInfoFile, err) + return errors.Wrap(errReadingAttestationPolicyFile, err) } - if err = protojson.Unmarshal(backendInfo, &ac); err != nil { + if err = protojson.Unmarshal(attestationPolicy, &ac); err != nil { return errors.Wrap(errUnmarshalJSON, err) } @@ -126,7 +126,7 @@ func changeAttestationConfiguration(fileName, base64Data string, expectedLength case hostDataField: ac.Policy.HostData = data default: - return errBackendField + return errAttestationPolicyField } fileJson, err := protojson.Marshal(&ac) diff --git a/cli/backend_info_test.go b/cli/attestation_policy_test.go similarity index 80% rename from cli/backend_info_test.go rename to cli/attestation_policy_test.go index b7913ab2..0727efc7 100644 --- a/cli/backend_info_test.go +++ b/cli/attestation_policy_test.go @@ -14,7 +14,7 @@ import ( ) func TestChangeAttestationConfiguration(t *testing.T) { - tmpfile, err := os.CreateTemp("", "backend_info.json") + tmpfile, err := os.CreateTemp("", "attestation_policy.json") require.NoError(t, err) defer os.Remove(tmpfile.Name()) @@ -69,7 +69,7 @@ func TestChangeAttestationConfiguration(t *testing.T) { expectedLength: measurementLength, field: fieldType(999), expectError: true, - errorType: errBackendField, + errorType: errAttestationPolicyField, }, } @@ -101,12 +101,12 @@ func TestChangeAttestationConfiguration(t *testing.T) { } } -func TestNewBackendCmd(t *testing.T) { +func TestNewAttestationPolicyCmd(t *testing.T) { cli := &CLI{} - cmd := cli.NewBackendCmd() + cmd := cli.NewAttestationPolicyCmd() - assert.Equal(t, "backend [command]", cmd.Use) - assert.Equal(t, "Change backend information", cmd.Short) + assert.Equal(t, "policy [command]", cmd.Use) + assert.Equal(t, "Change attestation policy information", cmd.Short) assert.NotNil(t, cmd.Run) } @@ -115,8 +115,8 @@ func TestNewAddMeasurementCmd(t *testing.T) { cmd := cli.NewAddMeasurementCmd() assert.Equal(t, "measurement", cmd.Use) - assert.Equal(t, "Add measurement to the backend info file. The value should be in base64. The second parameter is backend_info.json file", cmd.Short) - assert.Equal(t, "measurement ", cmd.Example) + assert.Equal(t, "Add measurement to the attestation policy file. The value should be in base64. The second parameter is attestation_policy.json file", cmd.Short) + assert.Equal(t, "measurement ", cmd.Example) assert.NotNil(t, cmd.Run) } @@ -125,7 +125,7 @@ func TestNewAddHostDataCmd(t *testing.T) { cmd := cli.NewAddHostDataCmd() assert.Equal(t, "hostdata", cmd.Use) - assert.Equal(t, "Add host data to the backend info file. The value should be in base64. The second parameter is backend_info.json file", cmd.Short) - assert.Equal(t, "hostdata ", cmd.Example) + assert.Equal(t, "Add host data to the attestation policy file. The value should be in base64. The second parameter is attestation_policy.json file", cmd.Short) + assert.Equal(t, "hostdata ", cmd.Example) assert.NotNil(t, cmd.Run) } diff --git a/cli/cache.go b/cli/cache.go index 1e1045ff..dfe5dfd0 100644 --- a/cli/cache.go +++ b/cli/cache.go @@ -28,7 +28,7 @@ func (cli *CLI) NewCABundleCmd(fileSavePath string) *cobra.Command { Args: cobra.ExactArgs(1), Run: func(cmd *cobra.Command, args []string) { attestationConfiguration := check.Config{Policy: &check.Policy{}, RootOfTrust: &check.RootOfTrust{}} - err := grpc.ReadBackendInfo(args[0], &attestationConfiguration) + err := grpc.ReadAttestationPolicy(args[0], &attestationConfiguration) if err != nil { printError(cmd, "Error while reading manifest: %v ❌ ", err) return diff --git a/cmd/cli/main.go b/cmd/cli/main.go index abdc37ab..c67ca252 100644 --- a/cmd/cli/main.go +++ b/cmd/cli/main.go @@ -108,7 +108,7 @@ func main() { keysCmd := cliSVC.NewKeysCmd() attestationCmd := cliSVC.NewAttestationCmd() - backendCmd := cliSVC.NewBackendCmd() + attestationPolicyCmd := cliSVC.NewAttestationPolicyCmd() // Agent Commands rootCmd.AddCommand(cliSVC.NewAlgorithmCmd()) @@ -116,7 +116,7 @@ func main() { rootCmd.AddCommand(cliSVC.NewResultsCmd()) rootCmd.AddCommand(attestationCmd) rootCmd.AddCommand(cliSVC.NewFileHashCmd()) - rootCmd.AddCommand(backendCmd) + rootCmd.AddCommand(attestationPolicyCmd) rootCmd.AddCommand(keysCmd) rootCmd.AddCommand(cliSVC.NewCABundleCmd(directoryCachePath)) @@ -136,9 +136,9 @@ func main() { "User Key type", ) - // Backend information commands - backendCmd.AddCommand(cliSVC.NewAddMeasurementCmd()) - backendCmd.AddCommand(cliSVC.NewAddHostDataCmd()) + // Attestation Policy commands + attestationPolicyCmd.AddCommand(cliSVC.NewAddMeasurementCmd()) + attestationPolicyCmd.AddCommand(cliSVC.NewAddHostDataCmd()) if err := rootCmd.Execute(); err != nil { logErrorCmd(*rootCmd, err) diff --git a/cmd/manager/main.go b/cmd/manager/main.go index 3c0d71a0..226607f9 100644 --- a/cmd/manager/main.go +++ b/cmd/manager/main.go @@ -39,12 +39,12 @@ const ( ) type config struct { - LogLevel string `env:"MANAGER_LOG_LEVEL" envDefault:"info"` - JaegerURL url.URL `env:"COCOS_JAEGER_URL" envDefault:"http://localhost:4318"` - TraceRatio float64 `env:"COCOS_JAEGER_TRACE_RATIO" envDefault:"1.0"` - InstanceID string `env:"MANAGER_INSTANCE_ID" envDefault:""` - BackendMeasurementBinary string `env:"MANAGER_BACKEND_MEASUREMENT_BINARY" envDefault:"../../build"` - EosVersion string `env:"MANAGER_EOS_VERSION" envDefault:""` + LogLevel string `env:"MANAGER_LOG_LEVEL" envDefault:"info"` + JaegerURL url.URL `env:"COCOS_JAEGER_URL" envDefault:"http://localhost:4318"` + TraceRatio float64 `env:"COCOS_JAEGER_TRACE_RATIO" envDefault:"1.0"` + InstanceID string `env:"MANAGER_INSTANCE_ID" envDefault:""` + AttestationPolicyBinary string `env:"MANAGER_ATTESTATION_POLICY_BINARY" envDefault:"../../build"` + EosVersion string `env:"MANAGER_EOS_VERSION" envDefault:""` } func main() { @@ -115,7 +115,7 @@ func main() { } eventsChan := make(chan *manager.ClientStreamMessage, clientBufferSize) - svc, err := newService(logger, tracer, qemuCfg, eventsChan, cfg.BackendMeasurementBinary, cfg.EosVersion) + svc, err := newService(logger, tracer, qemuCfg, eventsChan, cfg.AttestationPolicyBinary, cfg.EosVersion) if err != nil { logger.Error(err.Error()) exitCode = 1 @@ -157,8 +157,8 @@ func main() { } } -func newService(logger *slog.Logger, tracer trace.Tracer, qemuCfg qemu.Config, eventsChan chan *manager.ClientStreamMessage, backendMeasurementPath string, eosVersion string) (manager.Service, error) { - svc, err := manager.New(qemuCfg, backendMeasurementPath, logger, eventsChan, qemu.NewVM, eosVersion) +func newService(logger *slog.Logger, tracer trace.Tracer, qemuCfg qemu.Config, eventsChan chan *manager.ClientStreamMessage, attestationPolicyPath string, eosVersion string) (manager.Service, error) { + svc, err := manager.New(qemuCfg, attestationPolicyPath, logger, eventsChan, qemu.NewVM, eosVersion) if err != nil { return nil, err } diff --git a/cocos-manager.env b/cocos-manager.env index 759a8289..a2622336 100644 --- a/cocos-manager.env +++ b/cocos-manager.env @@ -6,7 +6,7 @@ COCOS_JAEGER_TRACE_RATIO=1.0 # Manager Service Configuration MANAGER_INSTANCE_ID= -MANAGER_BACKEND_MEASUREMENT_BINARY=../../build +MANAGER_ATTESTATION_POLICY_BINARY=../../build MANAGER_GRPC_CLIENT_CERT= MANAGER_GRPC_CLIENT_KEY= MANAGER_GRPC_SERVER_CA_CERTS= diff --git a/go.mod b/go.mod index 3a5c4eb6..8fbd0b15 100644 --- a/go.mod +++ b/go.mod @@ -1,7 +1,8 @@ module github.com/ultravioletrs/cocos -go 1.22.5 -toolchain go1.22.9 +go 1.22.7 + +toolchain go1.23.1 require ( github.com/absmach/magistrala v0.14.1-0.20240709113739-04c359462746 diff --git a/manager/README.md b/manager/README.md index 3c78a4e5..65b52ce6 100644 --- a/manager/README.md +++ b/manager/README.md @@ -11,7 +11,7 @@ The service is configured using the environment variables from the following tab | COCOS_JAEGER_URL | The URL for the Jaeger tracing endpoint. | http://localhost:4318 | | COCOS_JAEGER_TRACE_RATIO | The ratio of traces to sample. | 1.0 | | MANAGER_INSTANCE_ID | The instance ID for the manager service. | | -| MANAGER_BACKEND_MEASUREMENT_BINARY | The file path for the backend measurement binary. | ../../build | +| MANAGER_ATTESTATION_POLICY_BINARY | The file path for the attestation policy binary. | ../../build | | MANAGER_GRPC_CLIENT_CERT | The file path for the client certificate. | | | MANAGER_GRPC_CLIENT_KEY | The file path for the client private key. | | | MANAGER_GRPC_SERVER_CA_CERTS | The file path for the server CA certificate(s). | | diff --git a/manager/api/grpc/client.go b/manager/api/grpc/client.go index 13c4fd8a..389ffca9 100644 --- a/manager/api/grpc/client.go +++ b/manager/api/grpc/client.go @@ -79,10 +79,10 @@ func (client ManagerClient) processIncomingMessage(ctx context.Context, req *man return client.handleTerminateReq(mes) case *manager.ServerStreamMessage_StopComputation: go client.handleStopComputation(ctx, mes) - case *manager.ServerStreamMessage_BackendInfoReq: - go client.handleBackendInfoReq(ctx, mes) + case *manager.ServerStreamMessage_AttestationPolicyReq: + go client.handleAttestationPolicyReq(ctx, mes) case *manager.ServerStreamMessage_SvmInfoReq: - go client.handleSVMInfoReq(ctx) + go client.handleSVMInfoReq(ctx, mes) default: return errors.New("unknown message type") } @@ -135,22 +135,22 @@ func (client ManagerClient) handleStopComputation(ctx context.Context, mes *mana client.sendMessage(&manager.ClientStreamMessage{Message: msg}) } -func (client ManagerClient) handleBackendInfoReq(ctx context.Context, mes *manager.ServerStreamMessage_BackendInfoReq) { - res, err := client.svc.FetchBackendInfo(ctx, mes.BackendInfoReq.Id) +func (client ManagerClient) handleAttestationPolicyReq(ctx context.Context, mes *manager.ServerStreamMessage_AttestationPolicyReq) { + res, err := client.svc.FetchAttestationPolicy(ctx, mes.AttestationPolicyReq.Id) if err != nil { client.logger.Warn(err.Error()) return } - info := &manager.ClientStreamMessage_BackendInfo{ - BackendInfo: &manager.BackendInfo{ + info := &manager.ClientStreamMessage_AttestationPolicy{ + AttestationPolicy: &manager.AttestationPolicy{ Info: res, - Id: mes.BackendInfoReq.Id, + Id: mes.AttestationPolicyReq.Id, }, } client.sendMessage(&manager.ClientStreamMessage{Message: info}) } -func (client ManagerClient) handleSVMInfoReq(ctx context.Context) { +func (client ManagerClient) handleSVMInfoReq(ctx context.Context, mes *manager.ServerStreamMessage_SvmInfoReq) { ovmfVersion, cpuNum, cpuType, eosVersion := client.svc.ReturnSVMInfo(ctx) info := &manager.ClientStreamMessage_SvmInfo{ SvmInfo: &manager.SVMInfo{ @@ -159,6 +159,7 @@ func (client ManagerClient) handleSVMInfoReq(ctx context.Context) { CpuType: cpuType, KernelCmd: qemu.KernelCommandLine, EosVersion: eosVersion, + Id: mes.SvmInfoReq.Id, }, } client.sendMessage(&manager.ClientStreamMessage{Message: info}) diff --git a/manager/api/grpc/client_test.go b/manager/api/grpc/client_test.go index e2a15a7f..f8dc61d0 100644 --- a/manager/api/grpc/client_test.go +++ b/manager/api/grpc/client_test.go @@ -67,15 +67,15 @@ func TestManagerClient_Process1(t *testing.T) { errorMsg: errTerminationFromServer.Error(), }, { - name: "Backend info request", + name: "Attestation Policy request", setupMocks: func(mockStream *mockStream, mockSvc *mocks.Service) { mockStream.On("Recv").Return(&manager.ServerStreamMessage{ - Message: &manager.ServerStreamMessage_BackendInfoReq{ - BackendInfoReq: &manager.BackendInfoReq{}, + Message: &manager.ServerStreamMessage_AttestationPolicyReq{ + AttestationPolicyReq: &manager.AttestationPolicyReq{}, }, }, nil) mockStream.On("Send", mock.Anything).Return(nil).Once() - mockSvc.On("FetchBackendInfo", mock.Anything, mock.Anything).Return(nil, assert.AnError) + mockSvc.On("FetchAttestationPolicy", mock.Anything, mock.Anything).Return(nil, assert.AnError) }, expectError: true, }, @@ -224,7 +224,7 @@ func TestManagerClient_handleStopComputation(t *testing.T) { assert.Empty(t, stopRes.StopComputationRes.Message) } -func TestManagerClient_handleBackendInfoReq(t *testing.T) { +func TestManagerClient_handleAttestationPolicyReq(t *testing.T) { t.Run("success", func(t *testing.T) { mockStream := new(mockStream) mockSvc := new(mocks.Service) @@ -233,15 +233,15 @@ func TestManagerClient_handleBackendInfoReq(t *testing.T) { client := NewClient(mockStream, mockSvc, messageQueue, logger) - infoReq := &manager.ServerStreamMessage_BackendInfoReq{ - BackendInfoReq: &manager.BackendInfoReq{ + infoReq := &manager.ServerStreamMessage_AttestationPolicyReq{ + AttestationPolicyReq: &manager.AttestationPolicyReq{ Id: "test-info-id", }, } - mockSvc.On("FetchBackendInfo", context.Background(), infoReq.BackendInfoReq.Id).Return([]byte("test-backend-info"), nil) + mockSvc.On("FetchAttestationPolicy", context.Background(), infoReq.AttestationPolicyReq.Id).Return([]byte("test-attestation-policy"), nil) - client.handleBackendInfoReq(context.Background(), infoReq) + client.handleAttestationPolicyReq(context.Background(), infoReq) // Wait for the goroutine to finish time.Sleep(50 * time.Millisecond) @@ -250,10 +250,10 @@ func TestManagerClient_handleBackendInfoReq(t *testing.T) { assert.Len(t, messageQueue, 1) msg := <-messageQueue - infoRes, ok := msg.Message.(*manager.ClientStreamMessage_BackendInfo) + infoRes, ok := msg.Message.(*manager.ClientStreamMessage_AttestationPolicy) assert.True(t, ok) - assert.Equal(t, "test-info-id", infoRes.BackendInfo.Id) - assert.Equal(t, []byte("test-backend-info"), infoRes.BackendInfo.Info) + assert.Equal(t, "test-info-id", infoRes.AttestationPolicy.Id) + assert.Equal(t, []byte("test-attestation-policy"), infoRes.AttestationPolicy.Info) }) t.Run("error", func(t *testing.T) { mockStream := new(mockStream) @@ -263,15 +263,15 @@ func TestManagerClient_handleBackendInfoReq(t *testing.T) { client := NewClient(mockStream, mockSvc, messageQueue, logger) - infoReq := &manager.ServerStreamMessage_BackendInfoReq{ - BackendInfoReq: &manager.BackendInfoReq{ + infoReq := &manager.ServerStreamMessage_AttestationPolicyReq{ + AttestationPolicyReq: &manager.AttestationPolicyReq{ Id: "test-info-id", }, } - mockSvc.On("FetchBackendInfo", context.Background(), infoReq.BackendInfoReq.Id).Return(nil, assert.AnError) + mockSvc.On("FetchAttestationPolicy", context.Background(), infoReq.AttestationPolicyReq.Id).Return(nil, assert.AnError) - client.handleBackendInfoReq(context.Background(), infoReq) + client.handleAttestationPolicyReq(context.Background(), infoReq) time.Sleep(50 * time.Millisecond) @@ -290,7 +290,7 @@ func TestManagerClient_handleSVMInfoReq(t *testing.T) { mockSvc.On("ReturnSVMInfo", context.Background()).Return("edk2-stable202408", 4, "EPYC", "") - client.handleSVMInfoReq(context.Background()) + client.handleSVMInfoReq(context.Background(), &manager.ServerStreamMessage_SvmInfoReq{SvmInfoReq: &manager.SVMInfoReq{Id: "test-svm-info-id"}}) // Wait for the goroutine to finish time.Sleep(50 * time.Millisecond) diff --git a/manager/api/logging.go b/manager/api/logging.go index 61c212e9..7f3a0c42 100644 --- a/manager/api/logging.go +++ b/manager/api/logging.go @@ -53,9 +53,9 @@ func (lm *loggingMiddleware) Stop(ctx context.Context, computationID string) (er return lm.svc.Stop(ctx, computationID) } -func (lm *loggingMiddleware) FetchBackendInfo(ctx context.Context, cmpId string) (body []byte, err error) { +func (lm *loggingMiddleware) FetchAttestationPolicy(ctx context.Context, cmpId string) (body []byte, err error) { defer func(begin time.Time) { - message := fmt.Sprintf("Method FetchBackendInfo for computation %s took %s to complete", cmpId, time.Since(begin)) + message := fmt.Sprintf("Method FetchAttestation for computation %s took %s to complete", cmpId, time.Since(begin)) if err != nil { lm.logger.Warn(fmt.Sprintf("%s with error: %s.", message, err)) return @@ -64,7 +64,7 @@ func (lm *loggingMiddleware) FetchBackendInfo(ctx context.Context, cmpId string) lm.logger.Info(message) }(time.Now()) - return lm.svc.FetchBackendInfo(ctx, cmpId) + return lm.svc.FetchAttestationPolicy(ctx, cmpId) } func (lm *loggingMiddleware) ReportBrokenConnection(addr string) { diff --git a/manager/api/metrics.go b/manager/api/metrics.go index 385c7095..64b5dff9 100644 --- a/manager/api/metrics.go +++ b/manager/api/metrics.go @@ -50,13 +50,13 @@ func (ms *metricsMiddleware) Stop(ctx context.Context, computationID string) err return ms.svc.Stop(ctx, computationID) } -func (ms *metricsMiddleware) FetchBackendInfo(ctx context.Context, cmpId string) ([]byte, error) { +func (ms *metricsMiddleware) FetchAttestationPolicy(ctx context.Context, cmpId string) ([]byte, error) { defer func(begin time.Time) { - ms.counter.With("method", "FetchBackendInfo").Add(1) - ms.latency.With("method", "FetchBackendInfo").Observe(time.Since(begin).Seconds()) + ms.counter.With("method", "FetchAttestationPolicy").Add(1) + ms.latency.With("method", "FetchAttestationPolicy").Observe(time.Since(begin).Seconds()) }(time.Now()) - return ms.svc.FetchBackendInfo(ctx, cmpId) + return ms.svc.FetchAttestationPolicy(ctx, cmpId) } func (ms *metricsMiddleware) ReportBrokenConnection(addr string) { diff --git a/manager/backend_info.go b/manager/attestation_policy.go similarity index 77% rename from manager/backend_info.go rename to manager/attestation_policy.go index e624d530..de04e91a 100644 --- a/manager/backend_info.go +++ b/manager/attestation_policy.go @@ -23,8 +23,8 @@ import ( const defGuestFeatures = 0x1 -func (ms *managerService) FetchBackendInfo(_ context.Context, computationId string) ([]byte, error) { - cmd := exec.Command("sudo", fmt.Sprintf("%s/backend_info", ms.backendMeasurementBinaryPath), "--policy", "196608") +func (ms *managerService) FetchAttestationPolicy(_ context.Context, computationId string) ([]byte, error) { + cmd := exec.Command("sudo", fmt.Sprintf("%s/attestation_policy", ms.attestationPolicyBinaryPath), "--policy", "196608") ms.mu.Lock() vm, exists := ms.vms[computationId] @@ -43,14 +43,14 @@ func (ms *managerService) FetchBackendInfo(_ context.Context, computationId stri return nil, err } - f, err := os.ReadFile("./backend_info.json") + f, err := os.ReadFile("./attestation_policy.json") if err != nil { return nil, err } - var backendInfo check.Config + var attestationPolicy check.Config - if err = protojson.Unmarshal(f, &backendInfo); err != nil { + if err = protojson.Unmarshal(f, &attestationPolicy); err != nil { return nil, err } @@ -68,7 +68,7 @@ func (ms *managerService) FetchBackendInfo(_ context.Context, computationId stri } } if measurement == nil { - backendInfo.Policy.Measurement = measurement + attestationPolicy.Policy.Measurement = measurement } if config.HostData != "" { @@ -76,10 +76,10 @@ func (ms *managerService) FetchBackendInfo(_ context.Context, computationId stri if err != nil { return nil, err } - backendInfo.Policy.HostData = hostData + attestationPolicy.Policy.HostData = hostData } - f, err = protojson.Marshal(&backendInfo) + f, err = protojson.Marshal(&attestationPolicy) if err != nil { return nil, err } diff --git a/manager/attestation_policy_embed.go b/manager/attestation_policy_embed.go new file mode 100644 index 00000000..4d811496 --- /dev/null +++ b/manager/attestation_policy_embed.go @@ -0,0 +1,17 @@ +// Copyright (c) Ultraviolet +// SPDX-License-Identifier: Apache-2.0 + +//go:build embed +// +build embed + +package manager + +import ( + "context" + + attestationPolicy "github.com/ultravioletrs/cocos/scripts/attestation_policy" +) + +func (ms *managerService) FetchAttestationPolicy(_ context.Context, _ string) ([]byte, error) { + return attestationPolicy.AttestationPolicy, nil +} diff --git a/manager/backend_info_test.go b/manager/attestation_policy_test.go similarity index 80% rename from manager/backend_info_test.go rename to manager/attestation_policy_test.go index e33ba45f..a934593d 100644 --- a/manager/backend_info_test.go +++ b/manager/attestation_policy_test.go @@ -15,16 +15,16 @@ import ( "github.com/ultravioletrs/cocos/manager/vm/mocks" ) -func createDummyBackendInfoBinary(t *testing.T, behavior string) string { +func createDummyAttestationPolicyBinary(t *testing.T, behavior string) string { var content []byte switch behavior { case "success": content = []byte(`#!/bin/sh -echo '{"policy": {"measurement": null, "host_data": null}}' > backend_info.json +echo '{"policy": {"measurement": null, "host_data": null}}' > attestation_policy.json `) case "fail": content = []byte(`#!/bin/sh -echo "Error: Failed to execute backend_info" >&2 +echo "Error: Failed to execute attestation policy" >&2 exit 1 `) case "no_json": @@ -36,13 +36,13 @@ echo 'No JSON file created' } tempDir := t.TempDir() - binaryPath := filepath.Join(tempDir, "backend_info") + binaryPath := filepath.Join(tempDir, "attestation_policy") err := os.WriteFile(binaryPath, content, 0o755) assert.NoError(t, err) return tempDir } -func TestFetchBackendInfo(t *testing.T) { +func TestFetchAttestationPolicy(t *testing.T) { testCases := []struct { name string computationId string @@ -115,12 +115,12 @@ func TestFetchBackendInfo(t *testing.T) { for _, tc := range testCases { t.Run(tc.name, func(t *testing.T) { - tempDir := createDummyBackendInfoBinary(t, tc.binaryBehavior) + tempDir := createDummyAttestationPolicyBinary(t, tc.binaryBehavior) defer os.RemoveAll(tempDir) ms := &managerService{ - vms: make(map[string]vm.VM), - backendMeasurementBinaryPath: tempDir, + vms: make(map[string]vm.VM), + attestationPolicyBinaryPath: tempDir, qemuCfg: qemu.Config{ CPU: "EPYC", }, @@ -133,7 +133,7 @@ func TestFetchBackendInfo(t *testing.T) { ms.vms[tc.computationId] = mockVM } - result, err := ms.FetchBackendInfo(context.Background(), tc.computationId) + result, err := ms.FetchAttestationPolicy(context.Background(), tc.computationId) if tc.expectedError != "" { assert.Error(t, err) @@ -142,15 +142,15 @@ func TestFetchBackendInfo(t *testing.T) { assert.NoError(t, err) assert.NotNil(t, result) - var backendInfo map[string]interface{} - err = json.Unmarshal(result, &backendInfo) + var attestationPolicy map[string]interface{} + err = json.Unmarshal(result, &attestationPolicy) assert.NoError(t, err) - assert.Equal(t, tc.expectedResult, backendInfo) + assert.Equal(t, tc.expectedResult, attestationPolicy) } if tc.binaryBehavior == "success" { - os.Remove("backend_info.json") + os.Remove("attestation_policy.json") } }) } diff --git a/manager/backend_info_embed.go b/manager/backend_info_embed.go deleted file mode 100644 index a2412c91..00000000 --- a/manager/backend_info_embed.go +++ /dev/null @@ -1,17 +0,0 @@ -// Copyright (c) Ultraviolet -// SPDX-License-Identifier: Apache-2.0 - -//go:build embed -// +build embed - -package manager - -import ( - "context" - - backendinfo "github.com/ultravioletrs/cocos/scripts/backend_info" -) - -func (ms *managerService) FetchBackendInfo(_ context.Context, _ string) ([]byte, error) { - return backendinfo.BackendInfo, nil -} diff --git a/manager/manager.pb.go b/manager/manager.pb.go index 7c9ad016..0f78d84c 100644 --- a/manager/manager.pb.go +++ b/manager/manager.pb.go @@ -228,7 +228,7 @@ func (x *RunResponse) GetComputationId() string { return "" } -type BackendInfo struct { +type AttestationPolicy struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields @@ -237,8 +237,8 @@ type BackendInfo struct { Id string `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"` } -func (x *BackendInfo) Reset() { - *x = BackendInfo{} +func (x *AttestationPolicy) Reset() { + *x = AttestationPolicy{} if protoimpl.UnsafeEnabled { mi := &file_manager_manager_proto_msgTypes[4] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) @@ -246,13 +246,13 @@ func (x *BackendInfo) Reset() { } } -func (x *BackendInfo) String() string { +func (x *AttestationPolicy) String() string { return protoimpl.X.MessageStringOf(x) } -func (*BackendInfo) ProtoMessage() {} +func (*AttestationPolicy) ProtoMessage() {} -func (x *BackendInfo) ProtoReflect() protoreflect.Message { +func (x *AttestationPolicy) ProtoReflect() protoreflect.Message { mi := &file_manager_manager_proto_msgTypes[4] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) @@ -264,19 +264,19 @@ func (x *BackendInfo) ProtoReflect() protoreflect.Message { return mi.MessageOf(x) } -// Deprecated: Use BackendInfo.ProtoReflect.Descriptor instead. -func (*BackendInfo) Descriptor() ([]byte, []int) { +// Deprecated: Use AttestationPolicy.ProtoReflect.Descriptor instead. +func (*AttestationPolicy) Descriptor() ([]byte, []int) { return file_manager_manager_proto_rawDescGZIP(), []int{4} } -func (x *BackendInfo) GetInfo() []byte { +func (x *AttestationPolicy) GetInfo() []byte { if x != nil { return x.Info } return nil } -func (x *BackendInfo) GetId() string { +func (x *AttestationPolicy) GetId() string { if x != nil { return x.Id } @@ -288,11 +288,12 @@ type SVMInfo struct { sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - OvmfVersion string `protobuf:"bytes,1,opt,name=ovmf_version,json=ovmfVersion,proto3" json:"ovmf_version,omitempty"` - CpuNum int32 `protobuf:"varint,2,opt,name=cpu_num,json=cpuNum,proto3" json:"cpu_num,omitempty"` - CpuType string `protobuf:"bytes,3,opt,name=cpu_type,json=cpuType,proto3" json:"cpu_type,omitempty"` - KernelCmd string `protobuf:"bytes,4,opt,name=kernel_cmd,json=kernelCmd,proto3" json:"kernel_cmd,omitempty"` - EosVersion string `protobuf:"bytes,5,opt,name=eos_version,json=eosVersion,proto3" json:"eos_version,omitempty"` + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + OvmfVersion string `protobuf:"bytes,2,opt,name=ovmf_version,json=ovmfVersion,proto3" json:"ovmf_version,omitempty"` + CpuNum int32 `protobuf:"varint,3,opt,name=cpu_num,json=cpuNum,proto3" json:"cpu_num,omitempty"` + CpuType string `protobuf:"bytes,4,opt,name=cpu_type,json=cpuType,proto3" json:"cpu_type,omitempty"` + KernelCmd string `protobuf:"bytes,5,opt,name=kernel_cmd,json=kernelCmd,proto3" json:"kernel_cmd,omitempty"` + EosVersion string `protobuf:"bytes,6,opt,name=eos_version,json=eosVersion,proto3" json:"eos_version,omitempty"` } func (x *SVMInfo) Reset() { @@ -327,6 +328,13 @@ func (*SVMInfo) Descriptor() ([]byte, []int) { return file_manager_manager_proto_rawDescGZIP(), []int{5} } +func (x *SVMInfo) GetId() string { + if x != nil { + return x.Id + } + return "" +} + func (x *SVMInfo) GetOvmfVersion() string { if x != nil { return x.OvmfVersion @@ -530,7 +538,7 @@ type ClientStreamMessage struct { // *ClientStreamMessage_AgentLog // *ClientStreamMessage_AgentEvent // *ClientStreamMessage_RunRes - // *ClientStreamMessage_BackendInfo + // *ClientStreamMessage_AttestationPolicy // *ClientStreamMessage_StopComputationRes // *ClientStreamMessage_SvmInfo Message isClientStreamMessage_Message `protobuf_oneof:"message"` @@ -596,9 +604,9 @@ func (x *ClientStreamMessage) GetRunRes() *RunResponse { return nil } -func (x *ClientStreamMessage) GetBackendInfo() *BackendInfo { - if x, ok := x.GetMessage().(*ClientStreamMessage_BackendInfo); ok { - return x.BackendInfo +func (x *ClientStreamMessage) GetAttestationPolicy() *AttestationPolicy { + if x, ok := x.GetMessage().(*ClientStreamMessage_AttestationPolicy); ok { + return x.AttestationPolicy } return nil } @@ -633,8 +641,8 @@ type ClientStreamMessage_RunRes struct { RunRes *RunResponse `protobuf:"bytes,3,opt,name=run_res,json=runRes,proto3,oneof"` } -type ClientStreamMessage_BackendInfo struct { - BackendInfo *BackendInfo `protobuf:"bytes,4,opt,name=backendInfo,proto3,oneof"` +type ClientStreamMessage_AttestationPolicy struct { + AttestationPolicy *AttestationPolicy `protobuf:"bytes,4,opt,name=attestationPolicy,proto3,oneof"` } type ClientStreamMessage_StopComputationRes struct { @@ -651,7 +659,7 @@ func (*ClientStreamMessage_AgentEvent) isClientStreamMessage_Message() {} func (*ClientStreamMessage_RunRes) isClientStreamMessage_Message() {} -func (*ClientStreamMessage_BackendInfo) isClientStreamMessage_Message() {} +func (*ClientStreamMessage_AttestationPolicy) isClientStreamMessage_Message() {} func (*ClientStreamMessage_StopComputationRes) isClientStreamMessage_Message() {} @@ -668,7 +676,7 @@ type ServerStreamMessage struct { // *ServerStreamMessage_RunReq // *ServerStreamMessage_TerminateReq // *ServerStreamMessage_StopComputation - // *ServerStreamMessage_BackendInfoReq + // *ServerStreamMessage_AttestationPolicyReq // *ServerStreamMessage_SvmInfoReq Message isServerStreamMessage_Message `protobuf_oneof:"message"` } @@ -740,9 +748,9 @@ func (x *ServerStreamMessage) GetStopComputation() *StopComputation { return nil } -func (x *ServerStreamMessage) GetBackendInfoReq() *BackendInfoReq { - if x, ok := x.GetMessage().(*ServerStreamMessage_BackendInfoReq); ok { - return x.BackendInfoReq +func (x *ServerStreamMessage) GetAttestationPolicyReq() *AttestationPolicyReq { + if x, ok := x.GetMessage().(*ServerStreamMessage_AttestationPolicyReq); ok { + return x.AttestationPolicyReq } return nil } @@ -774,8 +782,8 @@ type ServerStreamMessage_StopComputation struct { StopComputation *StopComputation `protobuf:"bytes,4,opt,name=stopComputation,proto3,oneof"` } -type ServerStreamMessage_BackendInfoReq struct { - BackendInfoReq *BackendInfoReq `protobuf:"bytes,5,opt,name=backendInfoReq,proto3,oneof"` +type ServerStreamMessage_AttestationPolicyReq struct { + AttestationPolicyReq *AttestationPolicyReq `protobuf:"bytes,5,opt,name=attestationPolicyReq,proto3,oneof"` } type ServerStreamMessage_SvmInfoReq struct { @@ -790,7 +798,7 @@ func (*ServerStreamMessage_TerminateReq) isServerStreamMessage_Message() {} func (*ServerStreamMessage_StopComputation) isServerStreamMessage_Message() {} -func (*ServerStreamMessage_BackendInfoReq) isServerStreamMessage_Message() {} +func (*ServerStreamMessage_AttestationPolicyReq) isServerStreamMessage_Message() {} func (*ServerStreamMessage_SvmInfoReq) isServerStreamMessage_Message() {} @@ -952,7 +960,7 @@ func (x *ComputationRunReq) GetAgentConfig() *AgentConfig { return nil } -type BackendInfoReq struct { +type AttestationPolicyReq struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields @@ -960,8 +968,8 @@ type BackendInfoReq struct { Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` } -func (x *BackendInfoReq) Reset() { - *x = BackendInfoReq{} +func (x *AttestationPolicyReq) Reset() { + *x = AttestationPolicyReq{} if protoimpl.UnsafeEnabled { mi := &file_manager_manager_proto_msgTypes[12] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) @@ -969,13 +977,13 @@ func (x *BackendInfoReq) Reset() { } } -func (x *BackendInfoReq) String() string { +func (x *AttestationPolicyReq) String() string { return protoimpl.X.MessageStringOf(x) } -func (*BackendInfoReq) ProtoMessage() {} +func (*AttestationPolicyReq) ProtoMessage() {} -func (x *BackendInfoReq) ProtoReflect() protoreflect.Message { +func (x *AttestationPolicyReq) ProtoReflect() protoreflect.Message { mi := &file_manager_manager_proto_msgTypes[12] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) @@ -987,12 +995,12 @@ func (x *BackendInfoReq) ProtoReflect() protoreflect.Message { return mi.MessageOf(x) } -// Deprecated: Use BackendInfoReq.ProtoReflect.Descriptor instead. -func (*BackendInfoReq) Descriptor() ([]byte, []int) { +// Deprecated: Use AttestationPolicyReq.ProtoReflect.Descriptor instead. +func (*AttestationPolicyReq) Descriptor() ([]byte, []int) { return file_manager_manager_proto_rawDescGZIP(), []int{12} } -func (x *BackendInfoReq) GetId() string { +func (x *AttestationPolicyReq) GetId() string { if x != nil { return x.Id } @@ -1003,6 +1011,8 @@ type SVMInfoReq struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields + + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` } func (x *SVMInfoReq) Reset() { @@ -1037,6 +1047,13 @@ func (*SVMInfoReq) Descriptor() ([]byte, []int) { return file_manager_manager_proto_rawDescGZIP(), []int{13} } +func (x *SVMInfoReq) GetId() string { + if x != nil { + return x.Id + } + return "" +} + type ResultConsumer struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -1329,120 +1346,125 @@ var file_manager_manager_proto_rawDesc = []byte{ 0x09, 0x52, 0x09, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x50, 0x6f, 0x72, 0x74, 0x12, 0x25, 0x0a, 0x0e, 0x63, 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x63, 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, - 0x6e, 0x49, 0x64, 0x22, 0x31, 0x0a, 0x0b, 0x42, 0x61, 0x63, 0x6b, 0x65, 0x6e, 0x64, 0x49, 0x6e, - 0x66, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, - 0x52, 0x04, 0x69, 0x6e, 0x66, 0x6f, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x22, 0xa0, 0x01, 0x0a, 0x07, 0x53, 0x56, 0x4d, 0x49, 0x6e, - 0x66, 0x6f, 0x12, 0x21, 0x0a, 0x0c, 0x6f, 0x76, 0x6d, 0x66, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, - 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x6f, 0x76, 0x6d, 0x66, 0x56, 0x65, - 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x17, 0x0a, 0x07, 0x63, 0x70, 0x75, 0x5f, 0x6e, 0x75, 0x6d, - 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, 0x06, 0x63, 0x70, 0x75, 0x4e, 0x75, 0x6d, 0x12, 0x19, - 0x0a, 0x08, 0x63, 0x70, 0x75, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x07, 0x63, 0x70, 0x75, 0x54, 0x79, 0x70, 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x6b, 0x65, 0x72, - 0x6e, 0x65, 0x6c, 0x5f, 0x63, 0x6d, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x6b, - 0x65, 0x72, 0x6e, 0x65, 0x6c, 0x43, 0x6d, 0x64, 0x12, 0x1f, 0x0a, 0x0b, 0x65, 0x6f, 0x73, 0x5f, - 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x65, - 0x6f, 0x73, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x22, 0xde, 0x01, 0x0a, 0x0a, 0x41, 0x67, - 0x65, 0x6e, 0x74, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x1d, 0x0a, 0x0a, 0x65, 0x76, 0x65, 0x6e, - 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x65, 0x76, - 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x38, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, - 0x74, 0x61, 0x6d, 0x70, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, - 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, - 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, - 0x70, 0x12, 0x25, 0x0a, 0x0e, 0x63, 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, - 0x5f, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x63, 0x6f, 0x6d, 0x70, 0x75, - 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x64, 0x12, 0x18, 0x0a, 0x07, 0x64, 0x65, 0x74, 0x61, - 0x69, 0x6c, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x07, 0x64, 0x65, 0x74, 0x61, 0x69, - 0x6c, 0x73, 0x12, 0x1e, 0x0a, 0x0a, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x6f, 0x72, - 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, 0x61, 0x74, - 0x6f, 0x72, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x06, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x22, 0x9b, 0x01, 0x0a, 0x08, 0x41, - 0x67, 0x65, 0x6e, 0x74, 0x4c, 0x6f, 0x67, 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, - 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, - 0x65, 0x12, 0x25, 0x0a, 0x0e, 0x63, 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, - 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x63, 0x6f, 0x6d, 0x70, 0x75, - 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x64, 0x12, 0x14, 0x0a, 0x05, 0x6c, 0x65, 0x76, 0x65, - 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x12, 0x38, - 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x04, 0x20, 0x01, 0x28, - 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, - 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x74, - 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x22, 0xf8, 0x02, 0x0a, 0x13, 0x43, 0x6c, 0x69, - 0x65, 0x6e, 0x74, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, - 0x12, 0x30, 0x0a, 0x09, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x5f, 0x6c, 0x6f, 0x67, 0x18, 0x01, 0x20, - 0x01, 0x28, 0x0b, 0x32, 0x11, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x41, 0x67, - 0x65, 0x6e, 0x74, 0x4c, 0x6f, 0x67, 0x48, 0x00, 0x52, 0x08, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x4c, - 0x6f, 0x67, 0x12, 0x36, 0x0a, 0x0b, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x5f, 0x65, 0x76, 0x65, 0x6e, - 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, - 0x72, 0x2e, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x48, 0x00, 0x52, 0x0a, - 0x61, 0x67, 0x65, 0x6e, 0x74, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x2f, 0x0a, 0x07, 0x72, 0x75, - 0x6e, 0x5f, 0x72, 0x65, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x6d, 0x61, - 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x52, 0x75, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, - 0x65, 0x48, 0x00, 0x52, 0x06, 0x72, 0x75, 0x6e, 0x52, 0x65, 0x73, 0x12, 0x38, 0x0a, 0x0b, 0x62, - 0x61, 0x63, 0x6b, 0x65, 0x6e, 0x64, 0x49, 0x6e, 0x66, 0x6f, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, - 0x32, 0x14, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x42, 0x61, 0x63, 0x6b, 0x65, - 0x6e, 0x64, 0x49, 0x6e, 0x66, 0x6f, 0x48, 0x00, 0x52, 0x0b, 0x62, 0x61, 0x63, 0x6b, 0x65, 0x6e, - 0x64, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x52, 0x0a, 0x12, 0x73, 0x74, 0x6f, 0x70, 0x43, 0x6f, 0x6d, - 0x70, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, - 0x0b, 0x32, 0x20, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x53, 0x74, 0x6f, 0x70, - 0x43, 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, - 0x6e, 0x73, 0x65, 0x48, 0x00, 0x52, 0x12, 0x73, 0x74, 0x6f, 0x70, 0x43, 0x6f, 0x6d, 0x70, 0x75, - 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x12, 0x2d, 0x0a, 0x08, 0x73, 0x76, 0x6d, - 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x6d, 0x61, - 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x53, 0x56, 0x4d, 0x49, 0x6e, 0x66, 0x6f, 0x48, 0x00, 0x52, - 0x07, 0x73, 0x76, 0x6d, 0x49, 0x6e, 0x66, 0x6f, 0x42, 0x09, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, - 0x61, 0x67, 0x65, 0x22, 0x8d, 0x03, 0x0a, 0x13, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x53, 0x74, - 0x72, 0x65, 0x61, 0x6d, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x3b, 0x0a, 0x0c, 0x72, - 0x75, 0x6e, 0x52, 0x65, 0x71, 0x43, 0x68, 0x75, 0x6e, 0x6b, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, - 0x0b, 0x32, 0x15, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x52, 0x75, 0x6e, 0x52, - 0x65, 0x71, 0x43, 0x68, 0x75, 0x6e, 0x6b, 0x73, 0x48, 0x00, 0x52, 0x0c, 0x72, 0x75, 0x6e, 0x52, - 0x65, 0x71, 0x43, 0x68, 0x75, 0x6e, 0x6b, 0x73, 0x12, 0x34, 0x0a, 0x06, 0x72, 0x75, 0x6e, 0x52, - 0x65, 0x71, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, - 0x65, 0x72, 0x2e, 0x43, 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x75, - 0x6e, 0x52, 0x65, 0x71, 0x48, 0x00, 0x52, 0x06, 0x72, 0x75, 0x6e, 0x52, 0x65, 0x71, 0x12, 0x38, - 0x0a, 0x0c, 0x74, 0x65, 0x72, 0x6d, 0x69, 0x6e, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x18, 0x03, - 0x20, 0x01, 0x28, 0x0b, 0x32, 0x12, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x54, - 0x65, 0x72, 0x6d, 0x69, 0x6e, 0x61, 0x74, 0x65, 0x48, 0x00, 0x52, 0x0c, 0x74, 0x65, 0x72, 0x6d, - 0x69, 0x6e, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x12, 0x44, 0x0a, 0x0f, 0x73, 0x74, 0x6f, 0x70, - 0x43, 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, - 0x0b, 0x32, 0x18, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x53, 0x74, 0x6f, 0x70, - 0x43, 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x00, 0x52, 0x0f, 0x73, - 0x74, 0x6f, 0x70, 0x43, 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x41, - 0x0a, 0x0e, 0x62, 0x61, 0x63, 0x6b, 0x65, 0x6e, 0x64, 0x49, 0x6e, 0x66, 0x6f, 0x52, 0x65, 0x71, - 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, - 0x2e, 0x42, 0x61, 0x63, 0x6b, 0x65, 0x6e, 0x64, 0x49, 0x6e, 0x66, 0x6f, 0x52, 0x65, 0x71, 0x48, - 0x00, 0x52, 0x0e, 0x62, 0x61, 0x63, 0x6b, 0x65, 0x6e, 0x64, 0x49, 0x6e, 0x66, 0x6f, 0x52, 0x65, - 0x71, 0x12, 0x35, 0x0a, 0x0a, 0x73, 0x76, 0x6d, 0x49, 0x6e, 0x66, 0x6f, 0x52, 0x65, 0x71, 0x18, - 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, - 0x53, 0x56, 0x4d, 0x49, 0x6e, 0x66, 0x6f, 0x52, 0x65, 0x71, 0x48, 0x00, 0x52, 0x0a, 0x73, 0x76, - 0x6d, 0x49, 0x6e, 0x66, 0x6f, 0x52, 0x65, 0x71, 0x42, 0x09, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, - 0x61, 0x67, 0x65, 0x22, 0x4b, 0x0a, 0x0c, 0x52, 0x75, 0x6e, 0x52, 0x65, 0x71, 0x43, 0x68, 0x75, - 0x6e, 0x6b, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x64, 0x61, 0x74, 0x61, 0x18, 0x01, 0x20, 0x01, 0x28, - 0x0c, 0x52, 0x04, 0x64, 0x61, 0x74, 0x61, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x02, 0x20, - 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x17, 0x0a, 0x07, 0x69, 0x73, 0x5f, 0x6c, 0x61, - 0x73, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x06, 0x69, 0x73, 0x4c, 0x61, 0x73, 0x74, - 0x22, 0xb6, 0x02, 0x0a, 0x11, 0x43, 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, - 0x52, 0x75, 0x6e, 0x52, 0x65, 0x71, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x20, 0x0a, 0x0b, 0x64, 0x65, - 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x2c, 0x0a, 0x08, - 0x64, 0x61, 0x74, 0x61, 0x73, 0x65, 0x74, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x10, - 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x73, 0x65, 0x74, - 0x52, 0x08, 0x64, 0x61, 0x74, 0x61, 0x73, 0x65, 0x74, 0x73, 0x12, 0x30, 0x0a, 0x09, 0x61, 0x6c, - 0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x12, 0x2e, - 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x41, 0x6c, 0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, - 0x6d, 0x52, 0x09, 0x61, 0x6c, 0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d, 0x12, 0x42, 0x0a, 0x10, - 0x72, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6d, 0x65, 0x72, 0x73, - 0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, - 0x2e, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x43, 0x6f, 0x6e, 0x73, 0x75, 0x6d, 0x65, 0x72, 0x52, - 0x0f, 0x72, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x43, 0x6f, 0x6e, 0x73, 0x75, 0x6d, 0x65, 0x72, 0x73, - 0x12, 0x37, 0x0a, 0x0c, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, - 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, - 0x2e, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0b, 0x61, 0x67, - 0x65, 0x6e, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x22, 0x20, 0x0a, 0x0e, 0x42, 0x61, 0x63, - 0x6b, 0x65, 0x6e, 0x64, 0x49, 0x6e, 0x66, 0x6f, 0x52, 0x65, 0x71, 0x12, 0x0e, 0x0a, 0x02, 0x69, - 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x22, 0x0c, 0x0a, 0x0a, 0x53, - 0x56, 0x4d, 0x49, 0x6e, 0x66, 0x6f, 0x52, 0x65, 0x71, 0x22, 0x2a, 0x0a, 0x0e, 0x52, 0x65, 0x73, + 0x6e, 0x49, 0x64, 0x22, 0x37, 0x0a, 0x11, 0x41, 0x74, 0x74, 0x65, 0x73, 0x74, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x12, 0x0a, 0x04, 0x69, 0x6e, 0x66, 0x6f, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x04, 0x69, 0x6e, 0x66, 0x6f, 0x12, 0x0e, 0x0a, 0x02, + 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x22, 0xb0, 0x01, 0x0a, + 0x07, 0x53, 0x56, 0x4d, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x21, 0x0a, 0x0c, 0x6f, 0x76, 0x6d, 0x66, + 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, + 0x6f, 0x76, 0x6d, 0x66, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x17, 0x0a, 0x07, 0x63, + 0x70, 0x75, 0x5f, 0x6e, 0x75, 0x6d, 0x18, 0x03, 0x20, 0x01, 0x28, 0x05, 0x52, 0x06, 0x63, 0x70, + 0x75, 0x4e, 0x75, 0x6d, 0x12, 0x19, 0x0a, 0x08, 0x63, 0x70, 0x75, 0x5f, 0x74, 0x79, 0x70, 0x65, + 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x63, 0x70, 0x75, 0x54, 0x79, 0x70, 0x65, 0x12, + 0x1d, 0x0a, 0x0a, 0x6b, 0x65, 0x72, 0x6e, 0x65, 0x6c, 0x5f, 0x63, 0x6d, 0x64, 0x18, 0x05, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x09, 0x6b, 0x65, 0x72, 0x6e, 0x65, 0x6c, 0x43, 0x6d, 0x64, 0x12, 0x1f, + 0x0a, 0x0b, 0x65, 0x6f, 0x73, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x06, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x0a, 0x65, 0x6f, 0x73, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x22, + 0xde, 0x01, 0x0a, 0x0a, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x1d, + 0x0a, 0x0a, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x09, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x38, 0x0a, + 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, + 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, + 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x74, 0x69, + 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x12, 0x25, 0x0a, 0x0e, 0x63, 0x6f, 0x6d, 0x70, 0x75, + 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x0d, 0x63, 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x64, 0x12, 0x18, + 0x0a, 0x07, 0x64, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0c, 0x52, + 0x07, 0x64, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x12, 0x1e, 0x0a, 0x0a, 0x6f, 0x72, 0x69, 0x67, + 0x69, 0x6e, 0x61, 0x74, 0x6f, 0x72, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x6f, 0x72, + 0x69, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x6f, 0x72, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, + 0x75, 0x73, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, + 0x22, 0x9b, 0x01, 0x0a, 0x08, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x4c, 0x6f, 0x67, 0x12, 0x18, 0x0a, + 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, + 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x25, 0x0a, 0x0e, 0x63, 0x6f, 0x6d, 0x70, 0x75, + 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x0d, 0x63, 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x64, 0x12, 0x14, + 0x0a, 0x05, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6c, + 0x65, 0x76, 0x65, 0x6c, 0x12, 0x38, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, + 0x70, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, + 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, + 0x61, 0x6d, 0x70, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x22, 0x8a, + 0x03, 0x0a, 0x13, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x4d, + 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x30, 0x0a, 0x09, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x5f, + 0x6c, 0x6f, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x11, 0x2e, 0x6d, 0x61, 0x6e, 0x61, + 0x67, 0x65, 0x72, 0x2e, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x4c, 0x6f, 0x67, 0x48, 0x00, 0x52, 0x08, + 0x61, 0x67, 0x65, 0x6e, 0x74, 0x4c, 0x6f, 0x67, 0x12, 0x36, 0x0a, 0x0b, 0x61, 0x67, 0x65, 0x6e, + 0x74, 0x5f, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, + 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x45, 0x76, 0x65, + 0x6e, 0x74, 0x48, 0x00, 0x52, 0x0a, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x45, 0x76, 0x65, 0x6e, 0x74, + 0x12, 0x2f, 0x0a, 0x07, 0x72, 0x75, 0x6e, 0x5f, 0x72, 0x65, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, + 0x0b, 0x32, 0x14, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x52, 0x75, 0x6e, 0x52, + 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x48, 0x00, 0x52, 0x06, 0x72, 0x75, 0x6e, 0x52, 0x65, + 0x73, 0x12, 0x4a, 0x0a, 0x11, 0x61, 0x74, 0x74, 0x65, 0x73, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x6d, + 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x41, 0x74, 0x74, 0x65, 0x73, 0x74, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x48, 0x00, 0x52, 0x11, 0x61, 0x74, 0x74, 0x65, + 0x73, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x52, 0x0a, + 0x12, 0x73, 0x74, 0x6f, 0x70, 0x43, 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x52, 0x65, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x6d, 0x61, 0x6e, 0x61, + 0x67, 0x65, 0x72, 0x2e, 0x53, 0x74, 0x6f, 0x70, 0x43, 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x48, 0x00, 0x52, 0x12, 0x73, + 0x74, 0x6f, 0x70, 0x43, 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, + 0x73, 0x12, 0x2d, 0x0a, 0x08, 0x73, 0x76, 0x6d, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0x06, 0x20, + 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x53, 0x56, + 0x4d, 0x49, 0x6e, 0x66, 0x6f, 0x48, 0x00, 0x52, 0x07, 0x73, 0x76, 0x6d, 0x49, 0x6e, 0x66, 0x6f, + 0x42, 0x09, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0x9f, 0x03, 0x0a, 0x13, + 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x4d, 0x65, 0x73, 0x73, + 0x61, 0x67, 0x65, 0x12, 0x3b, 0x0a, 0x0c, 0x72, 0x75, 0x6e, 0x52, 0x65, 0x71, 0x43, 0x68, 0x75, + 0x6e, 0x6b, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x15, 0x2e, 0x6d, 0x61, 0x6e, 0x61, + 0x67, 0x65, 0x72, 0x2e, 0x52, 0x75, 0x6e, 0x52, 0x65, 0x71, 0x43, 0x68, 0x75, 0x6e, 0x6b, 0x73, + 0x48, 0x00, 0x52, 0x0c, 0x72, 0x75, 0x6e, 0x52, 0x65, 0x71, 0x43, 0x68, 0x75, 0x6e, 0x6b, 0x73, + 0x12, 0x34, 0x0a, 0x06, 0x72, 0x75, 0x6e, 0x52, 0x65, 0x71, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, + 0x32, 0x1a, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x43, 0x6f, 0x6d, 0x70, 0x75, + 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x75, 0x6e, 0x52, 0x65, 0x71, 0x48, 0x00, 0x52, 0x06, + 0x72, 0x75, 0x6e, 0x52, 0x65, 0x71, 0x12, 0x38, 0x0a, 0x0c, 0x74, 0x65, 0x72, 0x6d, 0x69, 0x6e, + 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x12, 0x2e, 0x6d, + 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x54, 0x65, 0x72, 0x6d, 0x69, 0x6e, 0x61, 0x74, 0x65, + 0x48, 0x00, 0x52, 0x0c, 0x74, 0x65, 0x72, 0x6d, 0x69, 0x6e, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, + 0x12, 0x44, 0x0a, 0x0f, 0x73, 0x74, 0x6f, 0x70, 0x43, 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x18, 0x2e, 0x6d, 0x61, 0x6e, 0x61, + 0x67, 0x65, 0x72, 0x2e, 0x53, 0x74, 0x6f, 0x70, 0x43, 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x48, 0x00, 0x52, 0x0f, 0x73, 0x74, 0x6f, 0x70, 0x43, 0x6f, 0x6d, 0x70, 0x75, + 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x53, 0x0a, 0x14, 0x61, 0x74, 0x74, 0x65, 0x73, 0x74, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65, 0x71, 0x18, 0x05, + 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x41, + 0x74, 0x74, 0x65, 0x73, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, + 0x52, 0x65, 0x71, 0x48, 0x00, 0x52, 0x14, 0x61, 0x74, 0x74, 0x65, 0x73, 0x74, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65, 0x71, 0x12, 0x35, 0x0a, 0x0a, 0x73, + 0x76, 0x6d, 0x49, 0x6e, 0x66, 0x6f, 0x52, 0x65, 0x71, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x13, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x53, 0x56, 0x4d, 0x49, 0x6e, 0x66, + 0x6f, 0x52, 0x65, 0x71, 0x48, 0x00, 0x52, 0x0a, 0x73, 0x76, 0x6d, 0x49, 0x6e, 0x66, 0x6f, 0x52, + 0x65, 0x71, 0x42, 0x09, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0x4b, 0x0a, + 0x0c, 0x52, 0x75, 0x6e, 0x52, 0x65, 0x71, 0x43, 0x68, 0x75, 0x6e, 0x6b, 0x73, 0x12, 0x12, 0x0a, + 0x04, 0x64, 0x61, 0x74, 0x61, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x04, 0x64, 0x61, 0x74, + 0x61, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, + 0x64, 0x12, 0x17, 0x0a, 0x07, 0x69, 0x73, 0x5f, 0x6c, 0x61, 0x73, 0x74, 0x18, 0x03, 0x20, 0x01, + 0x28, 0x08, 0x52, 0x06, 0x69, 0x73, 0x4c, 0x61, 0x73, 0x74, 0x22, 0xb6, 0x02, 0x0a, 0x11, 0x43, + 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x75, 0x6e, 0x52, 0x65, 0x71, + 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, + 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, + 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x20, 0x0a, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, + 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, + 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x2c, 0x0a, 0x08, 0x64, 0x61, 0x74, 0x61, 0x73, 0x65, + 0x74, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, + 0x65, 0x72, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x73, 0x65, 0x74, 0x52, 0x08, 0x64, 0x61, 0x74, 0x61, + 0x73, 0x65, 0x74, 0x73, 0x12, 0x30, 0x0a, 0x09, 0x61, 0x6c, 0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, + 0x6d, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x12, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, + 0x72, 0x2e, 0x41, 0x6c, 0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d, 0x52, 0x09, 0x61, 0x6c, 0x67, + 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d, 0x12, 0x42, 0x0a, 0x10, 0x72, 0x65, 0x73, 0x75, 0x6c, 0x74, + 0x5f, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6d, 0x65, 0x72, 0x73, 0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, + 0x32, 0x17, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x52, 0x65, 0x73, 0x75, 0x6c, + 0x74, 0x43, 0x6f, 0x6e, 0x73, 0x75, 0x6d, 0x65, 0x72, 0x52, 0x0f, 0x72, 0x65, 0x73, 0x75, 0x6c, + 0x74, 0x43, 0x6f, 0x6e, 0x73, 0x75, 0x6d, 0x65, 0x72, 0x73, 0x12, 0x37, 0x0a, 0x0c, 0x61, 0x67, + 0x65, 0x6e, 0x74, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, + 0x32, 0x14, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x41, 0x67, 0x65, 0x6e, 0x74, + 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x0b, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x43, 0x6f, 0x6e, + 0x66, 0x69, 0x67, 0x22, 0x26, 0x0a, 0x14, 0x41, 0x74, 0x74, 0x65, 0x73, 0x74, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65, 0x71, 0x12, 0x0e, 0x0a, 0x02, 0x69, + 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x22, 0x1c, 0x0a, 0x0a, 0x53, + 0x56, 0x4d, 0x49, 0x6e, 0x66, 0x6f, 0x52, 0x65, 0x71, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x22, 0x2a, 0x0a, 0x0e, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x43, 0x6f, 0x6e, 0x73, 0x75, 0x6d, 0x65, 0x72, 0x12, 0x18, 0x0a, 0x07, 0x75, 0x73, 0x65, 0x72, 0x4b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x07, 0x75, 0x73, 0x65, 0x72, 0x4b, 0x65, 0x79, 0x22, 0x53, 0x0a, 0x07, 0x44, 0x61, 0x74, 0x61, 0x73, 0x65, 0x74, @@ -1498,7 +1520,7 @@ var file_manager_manager_proto_goTypes = []any{ (*StopComputation)(nil), // 1: manager.StopComputation (*StopComputationResponse)(nil), // 2: manager.StopComputationResponse (*RunResponse)(nil), // 3: manager.RunResponse - (*BackendInfo)(nil), // 4: manager.BackendInfo + (*AttestationPolicy)(nil), // 4: manager.AttestationPolicy (*SVMInfo)(nil), // 5: manager.SVMInfo (*AgentEvent)(nil), // 6: manager.AgentEvent (*AgentLog)(nil), // 7: manager.AgentLog @@ -1506,7 +1528,7 @@ var file_manager_manager_proto_goTypes = []any{ (*ServerStreamMessage)(nil), // 9: manager.ServerStreamMessage (*RunReqChunks)(nil), // 10: manager.RunReqChunks (*ComputationRunReq)(nil), // 11: manager.ComputationRunReq - (*BackendInfoReq)(nil), // 12: manager.BackendInfoReq + (*AttestationPolicyReq)(nil), // 12: manager.AttestationPolicyReq (*SVMInfoReq)(nil), // 13: manager.SVMInfoReq (*ResultConsumer)(nil), // 14: manager.ResultConsumer (*Dataset)(nil), // 15: manager.Dataset @@ -1520,14 +1542,14 @@ var file_manager_manager_proto_depIdxs = []int32{ 7, // 2: manager.ClientStreamMessage.agent_log:type_name -> manager.AgentLog 6, // 3: manager.ClientStreamMessage.agent_event:type_name -> manager.AgentEvent 3, // 4: manager.ClientStreamMessage.run_res:type_name -> manager.RunResponse - 4, // 5: manager.ClientStreamMessage.backendInfo:type_name -> manager.BackendInfo + 4, // 5: manager.ClientStreamMessage.attestationPolicy:type_name -> manager.AttestationPolicy 2, // 6: manager.ClientStreamMessage.stopComputationRes:type_name -> manager.StopComputationResponse 5, // 7: manager.ClientStreamMessage.svm_info:type_name -> manager.SVMInfo 10, // 8: manager.ServerStreamMessage.runReqChunks:type_name -> manager.RunReqChunks 11, // 9: manager.ServerStreamMessage.runReq:type_name -> manager.ComputationRunReq 0, // 10: manager.ServerStreamMessage.terminateReq:type_name -> manager.Terminate 1, // 11: manager.ServerStreamMessage.stopComputation:type_name -> manager.StopComputation - 12, // 12: manager.ServerStreamMessage.backendInfoReq:type_name -> manager.BackendInfoReq + 12, // 12: manager.ServerStreamMessage.attestationPolicyReq:type_name -> manager.AttestationPolicyReq 13, // 13: manager.ServerStreamMessage.svmInfoReq:type_name -> manager.SVMInfoReq 15, // 14: manager.ComputationRunReq.datasets:type_name -> manager.Dataset 16, // 15: manager.ComputationRunReq.algorithm:type_name -> manager.Algorithm @@ -1597,7 +1619,7 @@ func file_manager_manager_proto_init() { } } file_manager_manager_proto_msgTypes[4].Exporter = func(v any, i int) any { - switch v := v.(*BackendInfo); i { + switch v := v.(*AttestationPolicy); i { case 0: return &v.state case 1: @@ -1693,7 +1715,7 @@ func file_manager_manager_proto_init() { } } file_manager_manager_proto_msgTypes[12].Exporter = func(v any, i int) any { - switch v := v.(*BackendInfoReq); i { + switch v := v.(*AttestationPolicyReq); i { case 0: return &v.state case 1: @@ -1769,7 +1791,7 @@ func file_manager_manager_proto_init() { (*ClientStreamMessage_AgentLog)(nil), (*ClientStreamMessage_AgentEvent)(nil), (*ClientStreamMessage_RunRes)(nil), - (*ClientStreamMessage_BackendInfo)(nil), + (*ClientStreamMessage_AttestationPolicy)(nil), (*ClientStreamMessage_StopComputationRes)(nil), (*ClientStreamMessage_SvmInfo)(nil), } @@ -1778,7 +1800,7 @@ func file_manager_manager_proto_init() { (*ServerStreamMessage_RunReq)(nil), (*ServerStreamMessage_TerminateReq)(nil), (*ServerStreamMessage_StopComputation)(nil), - (*ServerStreamMessage_BackendInfoReq)(nil), + (*ServerStreamMessage_AttestationPolicyReq)(nil), (*ServerStreamMessage_SvmInfoReq)(nil), } type x struct{} diff --git a/manager/manager.proto b/manager/manager.proto index 32d5c3a7..dbe5885b 100644 --- a/manager/manager.proto +++ b/manager/manager.proto @@ -31,17 +31,18 @@ message RunResponse{ string computation_id = 2; } -message BackendInfo{ +message AttestationPolicy{ bytes info = 1; string id = 2; } message SVMInfo{ - string ovmf_version = 1; - int32 cpu_num = 2; - string cpu_type = 3; - string kernel_cmd = 4; - string eos_version = 5; + string id = 1; + string ovmf_version = 2; + int32 cpu_num = 3; + string cpu_type = 4; + string kernel_cmd = 5; + string eos_version = 6; } message AgentEvent { @@ -65,7 +66,7 @@ message ClientStreamMessage { AgentLog agent_log = 1; AgentEvent agent_event = 2; RunResponse run_res = 3; - BackendInfo backendInfo = 4; + AttestationPolicy attestationPolicy = 4; StopComputationResponse stopComputationRes = 5; SVMInfo svm_info = 6; } @@ -77,7 +78,7 @@ message ServerStreamMessage { ComputationRunReq runReq = 2; Terminate terminateReq = 3; StopComputation stopComputation = 4; - BackendInfoReq backendInfoReq = 5; + AttestationPolicyReq attestationPolicyReq = 5; SVMInfoReq svmInfoReq = 6; } } @@ -98,11 +99,12 @@ message ComputationRunReq { AgentConfig agent_config = 7; } -message BackendInfoReq { +message AttestationPolicyReq { string id = 1; } message SVMInfoReq { + string id = 1; } message ResultConsumer { diff --git a/manager/manager_grpc.pb.go b/manager/manager_grpc.pb.go index 3ec9e6b9..f76ff6f5 100644 --- a/manager/manager_grpc.pb.go +++ b/manager/manager_grpc.pb.go @@ -3,7 +3,7 @@ // Code generated by protoc-gen-go-grpc. DO NOT EDIT. // versions: -// - protoc-gen-go-grpc v1.5.1 +// - protoc-gen-go-grpc v1.4.0 // - protoc v5.28.1 // source: manager/manager.proto @@ -18,8 +18,8 @@ import ( // This is a compile-time assertion to ensure that this generated file // is compatible with the grpc package it is being compiled against. -// Requires gRPC-Go v1.64.0 or later. -const _ = grpc.SupportPackageIsVersion9 +// Requires gRPC-Go v1.62.0 or later. +const _ = grpc.SupportPackageIsVersion8 const ( ManagerService_Process_FullMethodName = "/manager.ManagerService/Process" @@ -29,7 +29,7 @@ const ( // // For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. type ManagerServiceClient interface { - Process(ctx context.Context, opts ...grpc.CallOption) (grpc.BidiStreamingClient[ClientStreamMessage, ServerStreamMessage], error) + Process(ctx context.Context, opts ...grpc.CallOption) (ManagerService_ProcessClient, error) } type managerServiceClient struct { @@ -40,39 +40,54 @@ func NewManagerServiceClient(cc grpc.ClientConnInterface) ManagerServiceClient { return &managerServiceClient{cc} } -func (c *managerServiceClient) Process(ctx context.Context, opts ...grpc.CallOption) (grpc.BidiStreamingClient[ClientStreamMessage, ServerStreamMessage], error) { +func (c *managerServiceClient) Process(ctx context.Context, opts ...grpc.CallOption) (ManagerService_ProcessClient, error) { cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) stream, err := c.cc.NewStream(ctx, &ManagerService_ServiceDesc.Streams[0], ManagerService_Process_FullMethodName, cOpts...) if err != nil { return nil, err } - x := &grpc.GenericClientStream[ClientStreamMessage, ServerStreamMessage]{ClientStream: stream} + x := &managerServiceProcessClient{ClientStream: stream} return x, nil } -// This type alias is provided for backwards compatibility with existing code that references the prior non-generic stream type by name. -type ManagerService_ProcessClient = grpc.BidiStreamingClient[ClientStreamMessage, ServerStreamMessage] +type ManagerService_ProcessClient interface { + Send(*ClientStreamMessage) error + Recv() (*ServerStreamMessage, error) + grpc.ClientStream +} + +type managerServiceProcessClient struct { + grpc.ClientStream +} + +func (x *managerServiceProcessClient) Send(m *ClientStreamMessage) error { + return x.ClientStream.SendMsg(m) +} + +func (x *managerServiceProcessClient) Recv() (*ServerStreamMessage, error) { + m := new(ServerStreamMessage) + if err := x.ClientStream.RecvMsg(m); err != nil { + return nil, err + } + return m, nil +} // ManagerServiceServer is the server API for ManagerService service. // All implementations must embed UnimplementedManagerServiceServer -// for forward compatibility. +// for forward compatibility type ManagerServiceServer interface { - Process(grpc.BidiStreamingServer[ClientStreamMessage, ServerStreamMessage]) error + Process(ManagerService_ProcessServer) error mustEmbedUnimplementedManagerServiceServer() } -// UnimplementedManagerServiceServer must be embedded to have -// forward compatible implementations. -// -// NOTE: this should be embedded by value instead of pointer to avoid a nil -// pointer dereference when methods are called. -type UnimplementedManagerServiceServer struct{} +// UnimplementedManagerServiceServer must be embedded to have forward compatible implementations. +type UnimplementedManagerServiceServer struct { +} -func (UnimplementedManagerServiceServer) Process(grpc.BidiStreamingServer[ClientStreamMessage, ServerStreamMessage]) error { +func (UnimplementedManagerServiceServer) Process(ManagerService_ProcessServer) error { return status.Errorf(codes.Unimplemented, "method Process not implemented") } func (UnimplementedManagerServiceServer) mustEmbedUnimplementedManagerServiceServer() {} -func (UnimplementedManagerServiceServer) testEmbeddedByValue() {} // UnsafeManagerServiceServer may be embedded to opt out of forward compatibility for this service. // Use of this interface is not recommended, as added methods to ManagerServiceServer will @@ -82,22 +97,34 @@ type UnsafeManagerServiceServer interface { } func RegisterManagerServiceServer(s grpc.ServiceRegistrar, srv ManagerServiceServer) { - // If the following call pancis, it indicates UnimplementedManagerServiceServer was - // embedded by pointer and is nil. This will cause panics if an - // unimplemented method is ever invoked, so we test this at initialization - // time to prevent it from happening at runtime later due to I/O. - if t, ok := srv.(interface{ testEmbeddedByValue() }); ok { - t.testEmbeddedByValue() - } s.RegisterService(&ManagerService_ServiceDesc, srv) } func _ManagerService_Process_Handler(srv interface{}, stream grpc.ServerStream) error { - return srv.(ManagerServiceServer).Process(&grpc.GenericServerStream[ClientStreamMessage, ServerStreamMessage]{ServerStream: stream}) + return srv.(ManagerServiceServer).Process(&managerServiceProcessServer{ServerStream: stream}) +} + +type ManagerService_ProcessServer interface { + Send(*ServerStreamMessage) error + Recv() (*ClientStreamMessage, error) + grpc.ServerStream +} + +type managerServiceProcessServer struct { + grpc.ServerStream } -// This type alias is provided for backwards compatibility with existing code that references the prior non-generic stream type by name. -type ManagerService_ProcessServer = grpc.BidiStreamingServer[ClientStreamMessage, ServerStreamMessage] +func (x *managerServiceProcessServer) Send(m *ServerStreamMessage) error { + return x.ServerStream.SendMsg(m) +} + +func (x *managerServiceProcessServer) Recv() (*ClientStreamMessage, error) { + m := new(ClientStreamMessage) + if err := x.ServerStream.RecvMsg(m); err != nil { + return nil, err + } + return m, nil +} // ManagerService_ServiceDesc is the grpc.ServiceDesc for ManagerService service. // It's only intended for direct use with grpc.RegisterService, diff --git a/manager/mocks/service.go b/manager/mocks/service.go index cc6b73cc..6a65b256 100644 --- a/manager/mocks/service.go +++ b/manager/mocks/service.go @@ -17,12 +17,12 @@ type Service struct { mock.Mock } -// FetchBackendInfo provides a mock function with given fields: ctx, computationID -func (_m *Service) FetchBackendInfo(ctx context.Context, computationID string) ([]byte, error) { +// FetchAttestationPolicy provides a mock function with given fields: ctx, computationID +func (_m *Service) FetchAttestationPolicy(ctx context.Context, computationID string) ([]byte, error) { ret := _m.Called(ctx, computationID) if len(ret) == 0 { - panic("no return value specified for FetchBackendInfo") + panic("no return value specified for FetchAttestationPolicy") } var r0 []byte diff --git a/manager/service.go b/manager/service.go index 0a0866c0..dc25c21d 100644 --- a/manager/service.go +++ b/manager/service.go @@ -60,8 +60,8 @@ type Service interface { Run(ctx context.Context, c *ComputationRunReq) (string, error) // Stop stops a computation. Stop(ctx context.Context, computationID string) error - // FetchBackendInfo measures and fetches the backend information. - FetchBackendInfo(ctx context.Context, computationID string) ([]byte, error) + // FetchAttestationPolicy measures and fetches the attestation policy. + FetchAttestationPolicy(ctx context.Context, computationID string) ([]byte, error) // ReportBrokenConnection reports a broken connection. ReportBrokenConnection(addr string) // ReturnSVMInfo returns SVM information needed for attestation verification and validation. @@ -69,23 +69,23 @@ type Service interface { } type managerService struct { - mu sync.Mutex - qemuCfg qemu.Config - backendMeasurementBinaryPath string - logger *slog.Logger - eventsChan chan *ClientStreamMessage - vms map[string]vm.VM - vmFactory vm.Provider - portRangeMin int - portRangeMax int - persistence qemu.Persistence - eosVersion string + mu sync.Mutex + qemuCfg qemu.Config + attestationPolicyBinaryPath string + logger *slog.Logger + eventsChan chan *ClientStreamMessage + vms map[string]vm.VM + vmFactory vm.Provider + portRangeMin int + portRangeMax int + persistence qemu.Persistence + eosVersion string } var _ Service = (*managerService)(nil) // New instantiates the manager service implementation. -func New(cfg qemu.Config, backendMeasurementBinPath string, logger *slog.Logger, eventsChan chan *ClientStreamMessage, vmFactory vm.Provider, eosVersion string) (Service, error) { +func New(cfg qemu.Config, attestationPolicyBinPath string, logger *slog.Logger, eventsChan chan *ClientStreamMessage, vmFactory vm.Provider, eosVersion string) (Service, error) { start, end, err := decodeRange(cfg.HostFwdRange) if err != nil { return nil, err @@ -97,16 +97,16 @@ func New(cfg qemu.Config, backendMeasurementBinPath string, logger *slog.Logger, } ms := &managerService{ - qemuCfg: cfg, - logger: logger, - vms: make(map[string]vm.VM), - eventsChan: eventsChan, - vmFactory: vmFactory, - backendMeasurementBinaryPath: backendMeasurementBinPath, - portRangeMin: start, - portRangeMax: end, - persistence: persistence, - eosVersion: eosVersion, + qemuCfg: cfg, + logger: logger, + vms: make(map[string]vm.VM), + eventsChan: eventsChan, + vmFactory: vmFactory, + attestationPolicyBinaryPath: attestationPolicyBinPath, + portRangeMin: start, + portRangeMax: end, + persistence: persistence, + eosVersion: eosVersion, } if err := ms.restoreVMs(); err != nil { diff --git a/manager/tracing/tracing.go b/manager/tracing/tracing.go index a4887d55..322d1767 100644 --- a/manager/tracing/tracing.go +++ b/manager/tracing/tracing.go @@ -35,11 +35,11 @@ func (tm *tracingMiddleware) Stop(ctx context.Context, computationID string) err return tm.svc.Stop(ctx, computationID) } -func (tm *tracingMiddleware) FetchBackendInfo(ctx context.Context, computationId string) ([]byte, error) { - _, span := tm.tracer.Start(ctx, "fetch_backend_info") +func (tm *tracingMiddleware) FetchAttestationPolicy(ctx context.Context, computationId string) ([]byte, error) { + _, span := tm.tracer.Start(ctx, "fetch_attestation_policy") defer span.End() - return tm.svc.FetchBackendInfo(ctx, computationId) + return tm.svc.FetchAttestationPolicy(ctx, computationId) } func (tm *tracingMiddleware) ReportBrokenConnection(addr string) { diff --git a/pkg/attestation/quoteprovider/sev.go b/pkg/attestation/quoteprovider/sev.go index a2ef7650..fc8bf482 100644 --- a/pkg/attestation/quoteprovider/sev.go +++ b/pkg/attestation/quoteprovider/sev.go @@ -145,7 +145,7 @@ func GetQuoteProvider() (client.QuoteProvider, error) { func VerifyAttestationReportTLS(attestationBytes []byte, reportData []byte) error { config, err := copyConfig(&AttConfigurationSEVSNP) if err != nil { - return fmt.Errorf("failed to create a copy of backend configuration") + return errors.Wrap(fmt.Errorf("failed to create a copy of attestation policy"), err) } config.Policy.ReportData = reportData[:] diff --git a/pkg/attestation/quoteprovider/sev_test.go b/pkg/attestation/quoteprovider/sev_test.go index c8917cd4..6f2e4250 100644 --- a/pkg/attestation/quoteprovider/sev_test.go +++ b/pkg/attestation/quoteprovider/sev_test.go @@ -198,10 +198,10 @@ func prepareForTestVerifyAttestationReport(t *testing.T) ([]byte, []byte) { AttConfigurationSEVSNP = check.Config{Policy: &check.Policy{}, RootOfTrust: &check.RootOfTrust{}} - backendinfoFile, err := os.ReadFile("../../../scripts/backend_info/backend_info.json") + attestationPolicyFile, err := os.ReadFile("../../../scripts/attestation_policy/attestation_policy.json") require.NoError(t, err) - err = protojson.Unmarshal(backendinfoFile, &AttConfigurationSEVSNP) + err = protojson.Unmarshal(attestationPolicyFile, &AttConfigurationSEVSNP) require.NoError(t, err) AttConfigurationSEVSNP.Policy.Product = &sevsnp.SevProduct{Name: sevsnp.SevProduct_SEV_PRODUCT_MILAN} diff --git a/pkg/clients/grpc/agent/agent_test.go b/pkg/clients/grpc/agent/agent_test.go index a8307c3d..539e474d 100644 --- a/pkg/clients/grpc/agent/agent_test.go +++ b/pkg/clients/grpc/agent/agent_test.go @@ -100,13 +100,13 @@ func TestAgentClientIntegration(t *testing.T) { err: ErrAgentServiceUnavailable, }, { - name: "invalid config, missing BackendInfo with aTLS", + name: "invalid config, missing AttestationPolicy with aTLS", config: pkggrpc.Config{ URL: testServer.listenAddr, Timeout: 1, AttestedTLS: true, }, - err: pkggrpc.ErrBackendInfoMissing, + err: pkggrpc.ErrAttestationPolicyMissing, }, } diff --git a/pkg/clients/grpc/connect.go b/pkg/clients/grpc/connect.go index 0105baa0..7dd4cd8b 100644 --- a/pkg/clients/grpc/connect.go +++ b/pkg/clients/grpc/connect.go @@ -40,9 +40,9 @@ const ( var ( errGrpcConnect = errors.New("failed to connect to grpc server") errGrpcClose = errors.New("failed to close grpc connection") - errBackendInfoOpen = errors.New("failed to open Backend Info file") - ErrBackendInfoMissing = errors.New("failed due to missing backend info file") - ErrBackendInfoDecode = errors.New("failed to decode backend info file") + errAttestationPolicyOpen = errors.New("failed to open Attestation Policy file") + ErrAttestationPolicyMissing = errors.New("failed due to missing Attestation Policy file") + ErrAttestationPolicyDecode = errors.New("failed to decode Attestation Policy file") errCertificateParse = errors.New("failed to parse x509 certificate") errAttVerification = errors.New("certificat is not sefl signed") errFailedToLoadClientCertKey = errors.New("failed to load client certificate and key") @@ -50,13 +50,13 @@ var ( ) type Config struct { - ClientCert string `env:"CLIENT_CERT" envDefault:""` - ClientKey string `env:"CLIENT_KEY" envDefault:""` - ServerCAFile string `env:"SERVER_CA_CERTS" envDefault:""` - URL string `env:"URL" envDefault:"localhost:7001"` - Timeout time.Duration `env:"TIMEOUT" envDefault:"60s"` - AttestedTLS bool `env:"ATTESTED_TLS" envDefault:"false"` - BackendInfo string `env:"BACKEND_INFO" envDefault:""` + ClientCert string `env:"CLIENT_CERT" envDefault:""` + ClientKey string `env:"CLIENT_KEY" envDefault:""` + ServerCAFile string `env:"SERVER_CA_CERTS" envDefault:""` + URL string `env:"URL" envDefault:"localhost:7001"` + Timeout time.Duration `env:"TIMEOUT" envDefault:"60s"` + AttestedTLS bool `env:"ATTESTED_TLS" envDefault:"false"` + AttestationPolicy string `env:"ATTESTATION_POLICY" envDefault:""` } type Client interface { @@ -127,9 +127,9 @@ func connect(cfg Config) (*grpc.ClientConn, security, error) { tc := insecure.NewCredentials() if cfg.AttestedTLS { - err := ReadBackendInfo(cfg.BackendInfo, "eprovider.AttConfigurationSEVSNP) + err := ReadAttestationPolicy(cfg.AttestationPolicy, "eprovider.AttConfigurationSEVSNP) if err != nil { - return nil, secure, errors.Wrap(fmt.Errorf("failed to read Backend Info"), err) + return nil, secure, errors.Wrap(fmt.Errorf("failed to read Attestation Policy"), err) } tlsConfig := &tls.Config{ @@ -180,21 +180,21 @@ func connect(cfg Config) (*grpc.ClientConn, security, error) { return conn, secure, nil } -func ReadBackendInfo(manifestPath string, attestationConfiguration *check.Config) error { +func ReadAttestationPolicy(manifestPath string, attestationConfiguration *check.Config) error { if manifestPath != "" { manifest, err := os.ReadFile(manifestPath) if err != nil { - return errors.Wrap(errBackendInfoOpen, err) + return errors.Wrap(errAttestationPolicyOpen, err) } if err := protojson.Unmarshal(manifest, attestationConfiguration); err != nil { - return errors.Wrap(ErrBackendInfoDecode, err) + return errors.Wrap(ErrAttestationPolicyDecode, err) } return nil } - return ErrBackendInfoMissing + return ErrAttestationPolicyMissing } func CustomDialer(ctx context.Context, addr string) (net.Conn, error) { diff --git a/pkg/clients/grpc/connect_test.go b/pkg/clients/grpc/connect_test.go index 6fc91dab..fd3ed29e 100644 --- a/pkg/clients/grpc/connect_test.go +++ b/pkg/clients/grpc/connect_test.go @@ -149,7 +149,7 @@ func TestClientSecure(t *testing.T) { } } -func TestReadBackendInfo(t *testing.T) { +func TestReadAttestationPolicy(t *testing.T) { validJSON := `{"policy":{"report_data":"AAAA"},"root_of_trust":{"product_line":"Milan"}}` invalidJSON := `{"invalid_json"` @@ -169,19 +169,19 @@ func TestReadBackendInfo(t *testing.T) { name: "Invalid JSON", manifestPath: "invalid_manifest.json", fileContent: invalidJSON, - err: ErrBackendInfoDecode, + err: ErrAttestationPolicyDecode, }, { name: "Non-existent file", manifestPath: "nonexistent.json", fileContent: "", - err: errBackendInfoOpen, + err: errAttestationPolicyOpen, }, { name: "Empty manifest path", manifestPath: "", fileContent: "", - err: ErrBackendInfoMissing, + err: ErrAttestationPolicyMissing, }, } @@ -194,7 +194,7 @@ func TestReadBackendInfo(t *testing.T) { } config := check.Config{} - err := ReadBackendInfo(tt.manifestPath, &config) + err := ReadAttestationPolicy(tt.manifestPath, &config) assert.True(t, errors.Contains(err, tt.err), fmt.Sprintf("expected error %v, got %v", tt.err, err)) if tt.err == nil { diff --git a/pkg/clients/grpc/manager/manager_test.go b/pkg/clients/grpc/manager/manager_test.go index 8dff7a6e..2ee2592f 100644 --- a/pkg/clients/grpc/manager/manager_test.go +++ b/pkg/clients/grpc/manager/manager_test.go @@ -24,9 +24,9 @@ func TestNewManagerClient(t *testing.T) { err: nil, }, { - name: "invalid config, missing BackendInfo with aTLS", + name: "invalid config, missing AttestationPolicy with aTLS", cfg: grpc.Config{AttestedTLS: true}, - err: grpc.ErrBackendInfoMissing, + err: grpc.ErrAttestationPolicyMissing, }, } diff --git a/scripts/backend_info/Cargo.toml b/scripts/attestation_policy/Cargo.toml similarity index 91% rename from scripts/backend_info/Cargo.toml rename to scripts/attestation_policy/Cargo.toml index 9973bc0a..1562358d 100644 --- a/scripts/backend_info/Cargo.toml +++ b/scripts/attestation_policy/Cargo.toml @@ -1,5 +1,5 @@ [package] -name = "backend_info" +name = "attestation_policy" version = "0.1.0" edition = "2021" diff --git a/scripts/backend_info/Makefile b/scripts/attestation_policy/Makefile similarity index 83% rename from scripts/backend_info/Makefile rename to scripts/attestation_policy/Makefile index fdabf9ab..24a17349 100644 --- a/scripts/backend_info/Makefile +++ b/scripts/attestation_policy/Makefile @@ -1,7 +1,7 @@ CARGO = cargo TARGET = target BUILD_DIR = $(TARGET)/release -BIN_NAME = backend_info +BIN_NAME = attestation_policy all: build diff --git a/scripts/backend_info/README.md b/scripts/attestation_policy/README.md similarity index 79% rename from scripts/backend_info/README.md rename to scripts/attestation_policy/README.md index f1647025..f2053349 100644 --- a/scripts/backend_info/README.md +++ b/scripts/attestation_policy/README.md @@ -1,4 +1,4 @@ -# Rust project for fetching backend info +# Rust project for fetching Attestation Policy This rust project fetches information from the host system needed for validation of the attestation report. It outputs a JSON file that contains the said information. The JSON file is in a format that can be used with the [go-sev-guest](https://github.com/google/go-sev-guest) library. @@ -6,14 +6,14 @@ The JSON file is in a format that can be used with the [go-sev-guest](https://gi Clone `cocos` repository: ```bash git clone git@github.com:ultravioletrs/cocos.git -cd ./cocos/scripts/backend_info +cd ./cocos/scripts/attestation_policy make ``` Then run the binary. Keep in mind that you have to specify the policy of the Guest VM: ```bash -cd ./target/releas +cd ./target/release # Run with option --policy (policy is 64 bit number) -./backend_info --policy 196608 +./attestation_policy --policy 196608 ``` \ No newline at end of file diff --git a/scripts/backend_info/backend_info.go b/scripts/attestation_policy/attestation_policy.go similarity index 58% rename from scripts/backend_info/backend_info.go rename to scripts/attestation_policy/attestation_policy.go index 612dd9af..c4ed8ac9 100644 --- a/scripts/backend_info/backend_info.go +++ b/scripts/attestation_policy/attestation_policy.go @@ -4,11 +4,11 @@ //go:build embed // +build embed -package backendinfo +package attestationpolicy import ( _ "embed" ) -//go:embed backend_info.json -var BackendInfo []byte +//go:embed attestation_policy.json +var AttestationPolicy []byte diff --git a/scripts/backend_info/backend_info.json b/scripts/attestation_policy/attestation_policy.json similarity index 100% rename from scripts/backend_info/backend_info.json rename to scripts/attestation_policy/attestation_policy.json diff --git a/scripts/backend_info/src/main.rs b/scripts/attestation_policy/src/main.rs similarity index 94% rename from scripts/backend_info/src/main.rs rename to scripts/attestation_policy/src/main.rs index d24d5d0e..150c30e6 100644 --- a/scripts/backend_info/src/main.rs +++ b/scripts/attestation_policy/src/main.rs @@ -6,7 +6,7 @@ use std::arch::x86_64::__cpuid; use std::fs::File; use std::io::Write; -const BACKEND_INFO_JSON: &str = "backend_info.json"; +const ATTESTATION_POLICY_JSON: &str = "attestation_policy.json"; const EXTENDED_FAMILY_SHIFT: u32 = 20; const EXTENDED_MODEL_SHIFT: u32 = 16; const FAMILY_SHIFT: u32 = 8; @@ -103,7 +103,7 @@ fn sev_product(eax: u32) -> SevProduct { } fn main() { - let matches = Command::new("Backend info") + let matches = Command::new("Attestation Policy") .about( "Processes command line options and outputs a JSON file for Attestation verification", ) @@ -170,9 +170,9 @@ fn main() { }; let json = serde_json::to_string_pretty(&computation).expect("Failed to serialize to JSON"); - let mut file = File::create(BACKEND_INFO_JSON).expect("Failed to create file"); + let mut file = File::create(ATTESTATION_POLICY_JSON).expect("Failed to create file"); file.write_all(json.as_bytes()) .expect("Failed to write to file"); - println!("Computation JSON has been written to {}", BACKEND_INFO_JSON); + println!("Computation JSON has been written to {}", ATTESTATION_POLICY_JSON); } diff --git a/test/computations/main.go b/test/computations/main.go index e2482db9..b2e3dda2 100644 --- a/test/computations/main.go +++ b/test/computations/main.go @@ -122,16 +122,6 @@ func main() { go func() { for incoming := range incomingChan { - switch incoming.Message.(type) { - case *manager.ClientStreamMessage_RunRes: - fmt.Println("received runRes") - case *manager.ClientStreamMessage_AgentEvent: - fmt.Println("received agent event") - case *manager.ClientStreamMessage_AgentLog: - fmt.Println("received agent log") - case *manager.ClientStreamMessage_BackendInfo: - fmt.Println("received backend info measurement request") - } fmt.Println(incoming.Message) } }() diff --git a/test/manual/README.md b/test/manual/README.md index bcf62fdb..74b661b5 100644 --- a/test/manual/README.md +++ b/test/manual/README.md @@ -19,7 +19,7 @@ All assets/datasets the algorithm uses are stored in the `datasets` directory. T Agent is started automatically in the VM when launched but requires configuration and manifest to be passed by manager. Alternatively you can pass configuration using this [simplified script](./agent-config/main.go) -For attested TLS, you will have to calculate the VM's measurement, which can be done using cli. This information is also contained in the backend info file. +For attested TLS, you will have to calculate the VM's measurement, which can be done using cli. This information is also contained in the Attestation Policy file. ```bash # Define the path to the OVMF, KERNEL, INITRD and CMD Kernel line arguments. @@ -44,26 +44,26 @@ export AGENT_GRPC_URL=localhost:7002 # For attested TLS, the CLI needs a file containing the necessary information # about the SEV-SNP capable backend. This information will be used to verify # the attestation report received from the agent. -# The backend_info.json file can be generated using Rust by running: -cd scripts/backend_info +# The attestation_policy.json file can be generated using Rust by running: +cd scripts/attestation_policy make -sudo ./target/release/backend_info --policy 196608 # Default value of the policy should be 196608 -# The output file backend_info.json will be generated in the directory from which the executable has been called. +sudo ./target/release/attestation_policy --policy 196608 # Default value of the policy should be 196608 +# The output file attestation_policy.json will be generated in the directory from which the executable has been called. cd ../.. # The CLI should also be aware of the VM measurement. To add the measurement # to the .json file that contains the information about the platform, run CLI -# with the measurement in base64 format and the path of the backend_info.json file.: -./build/cocos-cli backend measurement '' '' +# with the measurement in base64 format and the path of the attestation_policy.json file.: +./build/cocos-cli policy measurement '' '' # If the VM is booted with the QEMU host data option, the CLI should also know # the host data information. To add the host data to the .json file that contains # the information about the platform, run CLI with the host data in base64 format -# and the path of the backend_info.json file.: -./build/cocos-cli backend hostdata '' '' +# and the path of the attestation_policy.json file.: +./build/cocos-cli policy hostdata '' '' -# For attested TLS, also define the path to the backend_info.json that contains reference values for the fields of the attestation report -export AGENT_GRPC_BACKEND_INFO=./scripts/backend_info/backend_info.json +# For attested TLS, also define the path to the attestation_policy.json that contains reference values for the fields of the attestation report +export AGENT_GRPC_ATTESTATION_POLICY=./scripts/attestation_policy/attestation_policy.json export AGENT_GRPC_ATTESTED_TLS=true # Retieve Attestation