Merge pull request fortanix#771 from fortanix/jb/eval-nums-select-best

[PROD-10366] Add feature to select best TCB eval num given specific TCB level

Author: Taowyoo

intel-sgx/pcs/src/io.rs

@@ -45,11 +45,66 @@ fn write_to_path<T: serde::ser::Serialize>(path: &PathBuf, obj: &T) -> Result<()
         .map_err(|e| Error::IoError(e))
 }
 
-pub fn read_from_file<T: DeserializeOwned>(dir: &str, filename: &str) -> Result<T, Error> {
+pub fn read_from_file<T: DeserializeOwned>(dir: &str, filename: impl AsRef<Path>) -> Result<T, Error> {
     let path = Path::new(dir);
     let path = path.join(filename);
     let file = File::open(path)?;
     let reader = BufReader::new(file);
     let obj = serde_json::from_reader(reader)?;
     Ok(obj)
 }
+
+pub(crate) fn compose_filename(prefix: &str, extension: &str, evaluation_data_number: Option<u64>) -> String {
+    if let Some(evaluation_data_number) = evaluation_data_number {
+        format!("{}-{evaluation_data_number}{}", prefix, extension)
+    } else {
+        format!("{}{}", prefix, extension)
+    }
+}
+
+pub(crate) fn all_files<'a>(input_dir: &str, prefix: impl AsRef<str> + 'a, extension: &'a str) -> impl Iterator<Item = Result<std::fs::DirEntry, Error>> + 'a {
+    // Construct an iterator where if read_dir() returns an error, that is the
+    // first and only item. If it returns success, the directory entries are
+    // the items.
+    let (first, second) = match std::fs::read_dir(input_dir) {
+        Ok(it) => (Some(it), None),
+        Err(e) => (None, Some(Err(e))),
+    };
+    let entries = first.into_iter().flat_map(|it| it).chain(second.into_iter());
+
+    // match filenames that are generated by compose_filename() above
+    entries.filter_map(move |item| {
+            let prefix = prefix.as_ref();
+            match item {
+                Ok(entry) => {
+                    let fname = entry.file_name();
+                    let fname = fname.to_str()?;
+                    if !(fname.starts_with(prefix) && fname.ends_with(extension)) {
+                        return None;
+                    }
+                    if fname.len() != prefix.len() + extension.len() {
+                        let middle = &fname[(prefix.len())..(fname.len() - extension.len())];
+                        if !middle.starts_with("-") {
+                            return None;
+                        }
+                        let _: u64 = middle[1..].parse().ok()?;
+                    }
+                    Some(Ok(entry))
+                },
+                Err(e) => Some(Err(e.into()))
+            }
+        })
+}
+
+#[cfg(test)]
+mod tests {
+    #[cfg(not(target_env = "sgx"))]
+    #[test]
+    fn test_all_files() {
+        use std::{collections::HashSet, ffi::OsString};
+        
+        let a: HashSet<_> = Result::unwrap(super::all_files("./tests/data/read-dir-test", "prefix", ".ext").map(|i| i.map(|entry| entry.file_name()) ).collect());
+        let b: HashSet<_> = <_>::into_iter(["prefix-1.ext", "prefix-2.ext", "prefix-3.ext", "prefix.ext"]).map(|i| OsString::from(i)).collect();
+        assert_eq!(a, b);
+    }
+}

intel-sgx/pcs/src/lib.rs

@@ -295,6 +295,16 @@ pub enum TcbStatus {
     Revoked,
 }
 
+impl TcbStatus {
+    pub(crate) fn drop_sw_hardening_needed(self) -> Self {
+        match self {
+            Self::SWHardeningNeeded => Self::UpToDate,
+            Self::ConfigurationAndSWHardeningNeeded => Self::ConfigurationNeeded,
+            v => v,
+        }
+    }
+}
+
 impl fmt::Display for TcbStatus {
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
         match self {

intel-sgx/pcs/src/qe_identity.rs

@@ -73,16 +73,16 @@ impl Display for EnclaveIdentity {
 }
 
 #[derive(Clone, Serialize, Deserialize, Debug)]
-struct Tcb {
-    isvsvn: u16,
+pub(crate) struct Tcb {
+    pub(crate) isvsvn: u16,
 }
 
 #[derive(Clone, Serialize, Deserialize, Debug)]
 #[serde(rename_all = "camelCase")]
 pub struct TcbLevel {
-    tcb: Tcb,
+    pub(crate) tcb: Tcb,
     tcb_date: String,
-    tcb_status: TcbStatus,
+    pub(crate) tcb_status: TcbStatus,
     #[serde(default, rename = "advisoryIDs", skip_serializing_if = "Vec::is_empty")]
     advisory_ids: Vec<String>,
 }
@@ -224,10 +224,16 @@ impl QeIdentity {
     pub fn miscselect_mask(&self) -> Miscselect {
         Miscselect::from_bits_truncate(self.miscselect_mask)
     }
+}
 
+impl<V: VerificationType> QeIdentity<V> {
     pub fn tcb_evaluation_data_number(&self) -> u64 {
         self.tcb_evaluation_data_number
     }
+
+    pub(crate) fn tcb_levels(&self) -> &[TcbLevel] {
+        &self.tcb_levels
+    }
 }
 
 impl TryFrom<&QeIdentitySigned> for QeIdentity<Unverified> {
@@ -303,7 +309,8 @@ pub struct QeIdentitySigned {
 }
 
 impl QeIdentitySigned {
-    const DEFAULT_FILENAME: &'static str = "qe3_identity.id";
+    const FILENAME_PREFIX: &'static str = "qe3_identity";
+    const FILENAME_EXTENSION: &'static str = ".id";
 
     pub fn parse(body: &String, ca_chain: Vec<String>) -> Result<Self, Error> {
         #[derive(Deserialize)]
@@ -330,11 +337,7 @@ impl QeIdentitySigned {
     }
 
     pub fn create_filename(evaluation_data_number: Option<u64>) -> String {
-        if let Some(evaluation_data_number) = evaluation_data_number {
-            format!("qe3_identity-{evaluation_data_number}.id")
-        } else {
-            Self::DEFAULT_FILENAME.into()
-        }
+        io::compose_filename(Self::FILENAME_PREFIX, Self::FILENAME_EXTENSION, evaluation_data_number)
     }
 
     pub fn write_to_file(&self, output_dir: &str) -> Result<String, Error> {
@@ -356,6 +359,11 @@ impl QeIdentitySigned {
         Ok(identity)
     }
 
+    pub fn read_all<'a>(input_dir: &'a str) -> impl Iterator<Item = Result<Self, Error>> + 'a {
+        io::all_files(input_dir, Self::FILENAME_PREFIX, Self::FILENAME_EXTENSION)
+            .map(move |i| i.and_then(|entry| io::read_from_file(input_dir, entry.file_name())) )
+    }
+
     pub fn raw_qe_identity(&self) -> &String {
         &self.raw_enclave_identity
     }

intel-sgx/pcs/src/tcb_evaluation_data_numbers.rs

@@ -1,5 +1,5 @@
 use chrono::{DateTime, Duration, Utc};
-use crate::{io, Error, Platform, Unverified, VerificationType, Verified};
+use crate::{io, Error, Fmspc, Platform, pckcrt::TcbComponents, QeIdentity, QeIdentitySigned, TcbData, TcbInfo, TcbStatus, Unverified, VerificationType, Verified};
 use serde::{Deserialize, Deserializer, Serialize};
 use serde_json::value::RawValue;
 use std::marker::PhantomData;
@@ -71,6 +71,84 @@ impl<V: VerificationType> TcbEvaluationDataNumbers<V> {
     }
 }
 
+impl TcbEvaluationDataNumbers<Unverified> {
+    /// Given a particular TCB level, select the best available TCB eval number.
+    /// That is the one that gives the most favorable TCB status, and the higher
+    /// one if there's a tie.
+    pub fn select_best(input_dir: &str, fmspc: &Fmspc, tcb_components: &TcbComponents, qesvn: u16) -> Result<TcbEvalNumber, Error> {
+        let evalnums = RawTcbEvaluationDataNumbers::read_from_file(input_dir)?.evaluation_data_numbers()?;
+        let mut tcb_levels: std::collections::HashMap<_, _> = evalnums.numbers().map(|num| (num.number as u64, (num, None, None))).collect();
+
+        for tcbinfo in TcbInfo::read_all(input_dir, fmspc) {
+            let tcb_data = TcbData::parse(tcbinfo?.raw_tcb_info())?;
+            if let Some(level) = tcb_data.tcb_levels()
+                .iter()
+                .find(|level| level.tcb <= *tcb_components)
+            {
+                if let Some(entry) = tcb_levels.get_mut(&tcb_data.tcb_evaluation_data_number()) {
+                    entry.1 = Some(level.tcb_status);
+                }
+            }
+        };
+
+        for qeid in QeIdentitySigned::read_all(input_dir) {
+            let qeid: QeIdentity::<Unverified> = serde_json::from_str(&qeid?.raw_qe_identity()).map_err(|e| Error::ParseError(e))?;
+            if let Some(level) = qeid.tcb_levels()
+                .iter()
+                .find(|level| level.tcb.isvsvn <= qesvn)
+            {
+                if let Some(entry) = tcb_levels.get_mut(&qeid.tcb_evaluation_data_number()) {
+                    entry.2 = Some(level.tcb_status);
+                }
+            }
+        };
+
+        // NB: QE Identity TCB status can only be UpToDate, OutOfDate, or Revoked
+        fn tcb_total_order(platform_status: Option<TcbStatus>, qe_status: Option<TcbStatus>) -> i8 {
+            use std::ops::Neg;
+            use self::TcbStatus::*;
+            // Since we don't have any information here to judge the enclave
+            // has the needed SW hardening, we assume that it does and we
+            // upgrade SWHardeningNeeded to the next level
+            match (platform_status.map(TcbStatus::drop_sw_hardening_needed), qe_status) {
+                (Some(UpToDate),                          Some(UpToDate))  => 0i8,
+                (Some(UpToDate),                          Some(OutOfDate)) => 1,
+                (Some(UpToDate),                          Some(Revoked))   => 1,
+                (Some(ConfigurationNeeded),               Some(UpToDate))  => 2,
+                (Some(ConfigurationNeeded),               Some(OutOfDate)) => 3,
+                (Some(ConfigurationNeeded),               Some(Revoked))   => 3,
+                (Some(OutOfDate),                         Some(UpToDate))  => 4,
+                (Some(OutOfDateConfigurationNeeded),      Some(UpToDate))  => 4,
+                (Some(Revoked),                           Some(UpToDate))  => 4,
+                (Some(OutOfDate),                         Some(OutOfDate)) => 5,
+                (Some(OutOfDate),                         Some(Revoked))   => 5,
+                (Some(Revoked),                           Some(OutOfDate)) => 5,
+                (Some(Revoked),                           Some(Revoked))   => 5,
+                (Some(OutOfDateConfigurationNeeded),      Some(OutOfDate)) => 5,
+                (Some(OutOfDateConfigurationNeeded),      Some(Revoked))   => 5,
+                (Some(UpToDate),                          None)            => 6,
+                (Some(ConfigurationNeeded),               None)            => 7,
+                (Some(OutOfDate),                         None)            => 8,
+                (Some(OutOfDateConfigurationNeeded),      None)            => 8,
+                (Some(Revoked),                           None)            => 8,
+                (None,                                    Some(UpToDate))  => 9,
+                (None,                                    Some(OutOfDate)) => 10,
+                (None,                                    Some(Revoked))   => 10,
+                _                                                          => 11,
+            }.neg()
+        }
+
+        tcb_levels.into_iter()
+            .max_by(|&(a_num, (_, a_platform_status, a_qe_status)), &(b_num, (_, b_platform_status, b_qe_status))| {
+                tcb_total_order(a_platform_status, a_qe_status)
+                    .cmp(&tcb_total_order(b_platform_status, b_qe_status))
+                    .then_with(|| a_num.cmp(&b_num) )
+            })
+            .map(|(_, (num, _, _))| num.clone())
+            .ok_or(Error::InvalidTcbEvaluationDataNumbers("Empty TCB evaluation data numbers".into()))
+    }
+}
+
 #[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
 #[serde(rename_all = "camelCase")]
 pub struct TcbEvalNumber {
@@ -282,13 +360,21 @@ impl TcbPolicy {
     }
 }
 
-#[cfg(all(not(target_env = "sgx"), feature = "verify"))]
 #[cfg(test)]
 mod tests {
-    use super::{RawTcbEvaluationDataNumbers, TcbEvaluationDataNumbers, TcbEvalNumber, TcbPolicy};
-    use crate::{Error, Platform, Unverified};
+    #[cfg(not(target_env = "sgx"))]
+    use {
+        super::TcbEvaluationDataNumbers,
+        crate::{Error, Unverified}
+    };
+    #[cfg(all(not(target_env = "sgx"), feature = "verify"))]
+    use super::{RawTcbEvaluationDataNumbers, TcbPolicy, TcbEvalNumber};
+    #[cfg(all(not(target_env = "sgx"), feature = "verify"))]
+    use crate::Platform;
+    #[cfg(all(not(target_env = "sgx"), feature = "verify"))]
     use chrono::{Duration, TimeZone, Utc};
 
+    #[cfg(all(not(target_env = "sgx"), feature = "verify"))]
     #[test]
     fn parse_tcb_evaluation_data_numbers() {
         let numbers = RawTcbEvaluationDataNumbers::read_from_file("./tests/data").unwrap();
@@ -297,6 +383,7 @@ mod tests {
         numbers.verify_ex(&root_certificates, Platform::SGX, &Utc.with_ymd_and_hms(2025, 6, 4, 12, 0, 0).unwrap()).unwrap();
     }
 
+    #[cfg(all(not(target_env = "sgx"), feature = "verify"))]
     #[test]
     fn parse_tcb_evaluation_data_numbers_incorrect_signature() {
         let numbers = RawTcbEvaluationDataNumbers::read_from_file("./tests/data").unwrap();
@@ -313,6 +400,7 @@ mod tests {
         }
     }
 
+    #[cfg(all(not(target_env = "sgx"), feature = "verify"))]
     #[test]
     fn tcb_eval_number() {
         let april_8_2025 = Utc.with_ymd_and_hms(2025, 4, 8, 14, 55, 0).unwrap();
@@ -334,6 +422,7 @@ mod tests {
         assert!(policy.needs_to_be_enforced(&number, &april_17_2025));
     }
 
+    #[cfg(all(not(target_env = "sgx"), feature = "verify"))]
     #[test]
     fn minimum_tcb_evaluation_data_number() {
         let numbers = RawTcbEvaluationDataNumbers::read_from_file("./tests/data").unwrap();
@@ -363,4 +452,35 @@ mod tests {
         assert_eq!(policy.minimum_tcb_evaluation_data_number_ex(&numbers, &november_20_2024),
             Some(number_17));
     }
+
+    #[cfg(not(target_env = "sgx"))]
+    #[test]
+    fn select_best() {
+        use crate::pckcrt::TcbComponents;
+        fn select(tcb_components: &TcbComponents, qesvn: u16) -> Result<u16, Error> {
+            use std::convert::TryInto;
+            TcbEvaluationDataNumbers::<Unverified>::select_best("./tests/data/eval-num-select-best", &"00606a000000".try_into().unwrap(), tcb_components, qesvn)
+                .map(|num| num.number)
+        }
+        // platform and QE are nonsensical: just choose highest
+        assert_eq!(select(&TcbComponents::from_raw([0; 16], 0), 0).unwrap(), 19);
+        // platform is nonsensical: choose eval nums based on QE up-to-date
+        assert_eq!(select(&TcbComponents::from_raw([0; 16], 0), 8).unwrap(), 19);
+        assert_eq!(select(&TcbComponents::from_raw([0; 16], 0), 6).unwrap(), 8);
+        // QE is nonsensical: choose eval nums based on platform up-to-date
+        assert_eq!(select(&TcbComponents::from_raw([16, 16, 3, 3, 255, 255, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0], 13), 0).unwrap(), 19);
+        assert_eq!(select(&TcbComponents::from_raw([15, 16, 3, 3, 255, 255, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0], 13), 0).unwrap(), 18);
+        assert_eq!(select(&TcbComponents::from_raw([14, 16, 3, 3, 255, 255, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0], 13), 0).unwrap(), 17);
+        assert_eq!(select(&TcbComponents::from_raw([7, 16, 3, 3, 255, 255, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0], 13), 0).unwrap(), 14);
+        // platform and QE are fully up to date: choose highest
+        assert_eq!(select(&TcbComponents::from_raw([16, 16, 3, 3, 255, 255, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0], 13), 8).unwrap(), 19);
+        // QE is up to date: choose up-to-date eval nums based on platform
+        assert_eq!(select(&TcbComponents::from_raw([15, 16, 3, 3, 255, 255, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0], 13), 8).unwrap(), 18);
+        assert_eq!(select(&TcbComponents::from_raw([14, 16, 3, 3, 255, 255, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0], 13), 8).unwrap(), 17);
+        assert_eq!(select(&TcbComponents::from_raw([7, 16, 3, 3, 255, 255, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0], 13), 8).unwrap(), 8);
+        // platform is up to date: choose up-to-date eval nums based on QE
+        assert_eq!(select(&TcbComponents::from_raw([16, 16, 3, 3, 255, 255, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0], 13), 6).unwrap(), 8);
+        // neither platform and QE are up to date: choose highest eval nums where they were both up to date
+        assert_eq!(select(&TcbComponents::from_raw([4, 16, 3, 3, 255, 255, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0], 13), 5).unwrap(), 8);
+    }
 }