Skip to content

Commit 654e22b

Browse files
SammyOinaSammyOina
authored
NOISSUE - Bump SEV version for attestation policy (#503)
* Update version in Cargo.toml and format minimum version in main.rs Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Enhance Makefile to include OUTPUT_DIR for attestation_policy and update install/clean targets Signed-off-by: Sammy Oina <sammyoina@gmail.com> --------- Signed-off-by: Sammy Oina <sammyoina@gmail.com>
1 parent 3cec8e2 commit 654e22b

File tree

4 files changed

+18
-6
lines changed

4 files changed

+18
-6
lines changed

Makefile

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -26,14 +26,14 @@ endef
2626

2727
.PHONY: all $(SERVICES) $(ATTESTATION_POLICY) install clean
2828

29-
all: $(SERVICES)
29+
all: $(SERVICES) $(ATTESTATION_POLICY)
3030

3131
$(SERVICES):
3232
$(call compile_service,$@)
3333
@if [ "$@" = "cli" ] || [ "$@" = "manager" ]; then $(MAKE) build-igvm; fi
3434

3535
$(ATTESTATION_POLICY):
36-
$(MAKE) -C ./scripts/attestation_policy
36+
$(MAKE) -C ./scripts/attestation_policy OUTPUT_DIR=../../$(BUILD_DIR)
3737

3838
protoc:
3939
protoc -I. --go_out=. --go_opt=paths=source_relative --go-grpc_out=. --go-grpc_opt=paths=source_relative agent/agent.proto
@@ -44,15 +44,17 @@ protoc:
4444
mocks:
4545
mockery --config ./mockery.yml
4646

47-
install: $(SERVICES)
47+
install: $(SERVICES) $(ATTESTATION_POLICY)
4848
install -d $(INSTALL_DIR)
4949
install $(BUILD_DIR)/cocos-cli $(INSTALL_DIR)/cocos-cli
5050
install $(BUILD_DIR)/cocos-manager $(INSTALL_DIR)/cocos-manager
51+
install $(BUILD_DIR)/attestation_policy $(INSTALL_DIR)/attestation_policy
5152
install -d $(CONFIG_DIR)
5253
install cocos-manager.env $(CONFIG_DIR)/cocos-manager.env
5354

5455
clean:
5556
rm -rf $(BUILD_DIR)
57+
$(MAKE) -C ./scripts/attestation_policy OUTPUT_DIR=../../$(BUILD_DIR) clean
5658

5759
run: install_service
5860
sudo systemctl start $(SERVICE_NAME).service

scripts/attestation_policy/Cargo.toml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
[package]
22
name = "attestation_policy"
3-
version = "0.1.0"
3+
version = "0.7.0"
44
edition = "2021"
55

66
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
@@ -9,5 +9,5 @@ edition = "2021"
99
clap = { version = "4.0", features = ["derive"] }
1010
serde = { version = "1.0", features = ["derive"] }
1111
serde_json = "1.0"
12-
sev = "5.0.0"
12+
sev = "6.2.1"
1313
base64 = "0.22.1"

scripts/attestation_policy/Makefile

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,13 +2,23 @@ CARGO = cargo
22
TARGET = target
33
BUILD_DIR = $(TARGET)/release
44
BIN_NAME = attestation_policy
5+
OUTPUT_DIR ?= $(BUILD_DIR)
56

67
all: build
78

89
build:
910
$(CARGO) build --release
11+
@if [ "$(OUTPUT_DIR)" != "$(BUILD_DIR)" ]; then \
12+
mkdir -p $(OUTPUT_DIR) && \
13+
cp $(BUILD_DIR)/$(BIN_NAME) $(OUTPUT_DIR)/$(BIN_NAME) && \
14+
echo "Copied $(BIN_NAME) to $(OUTPUT_DIR)/"; \
15+
fi
1016

1117
clean:
1218
$(CARGO) clean
19+
@if [ "$(OUTPUT_DIR)" != "$(BUILD_DIR)" ] && [ -f "$(OUTPUT_DIR)/$(BIN_NAME)" ]; then \
20+
rm -f $(OUTPUT_DIR)/$(BIN_NAME) && \
21+
echo "Removed $(BIN_NAME) from $(OUTPUT_DIR)/"; \
22+
fi
1323

1424
.PHONY: all build clean

scripts/attestation_policy/src/main.rs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -142,7 +142,7 @@ fn main() {
142142
let cpu_id: Identifier = firmware.get_identifier().unwrap();
143143
let chip_id: String = BASE64_STANDARD.encode(cpu_id.0);
144144
let minimum_build = status.build_id;
145-
let minimum_version = status.version.to_string();
145+
let minimum_version = format!("{}.{}", status.version.0, status.version.1);
146146
let permit_provisional_firmware = true;
147147
let require_id_block = false;
148148
let product = sev_product(get_sev_snp_processor());

0 commit comments

Comments
 (0)