types

package
v2.7.1-0...-5f38440 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 15, 2024 License: BSD-3-Clause Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func EqualSystemArtifacts 

func EqualSystemArtifacts(s0, s1 SystemArtifact) bool

EqualSystemArtifacts returns true if system artifacts are equal.

func GetSubSystemByTypeFromState 

func GetSubSystemByTypeFromState[SS SubSystem](
	state *State,
) (SS, error)

GetSubSystemByTypeFromState extracts a specific SubSystem given its type.

This was supposed to be a method of `*State`, but Go does not support generic methods, so it is a free function.

func GetSystemArtifactByTypeFromState 

func GetSystemArtifactByTypeFromState[SA SystemArtifact](
	state *State,
) (SA, error)

SystemArtifactExec extracts a specific SystemArtifact given its type.

This was supposed to be a method of `*State`, but Go does not support generic methods, so it is a free function.

func WithSubSystem 

func WithSubSystem[SS SubSystem](
	state *State,
	callback func(subSystem SS) error,
) error

WithSubSystem extracts a specific SubSystem given its type.

This was supposed to be a method of `*State`, but Go does not support generic methods, so it is a free function.

func WithSystemArtifact 

func WithSystemArtifact[SA SystemArtifact](
	state *State,
	callback func(systemArtifact SA) error,
) error

WithSystemArtifact extracts a specific SystemArtifact given its type.

This was supposed to be a method of `*State`, but Go does not support generic methods, so it is a free function.

Types

type Action 

type Action interface {
	// Apply applies changes to the State.
	Apply(context.Context, *State) error
}

Action describes a single event happening during some boot step.

In contrast to Step, Action implements low-level operations which mutates the State.

An example: measure a specific section in an AMD Manifest

type ActionCoordinates 

type ActionCoordinates struct {
	// Flow is the Flow where the Action is defined.
	Flow Flow `faker:"flow"`

	// StepIndex is the index of the Step within the Flow.
	StepIndex uint

	// ActionIndex is the index of the Action within the Step.
	ActionIndex uint
}

ActionCoordinates is a set of coordinates, which defines an Action within a Flow.

TODO: make serializable

func (*ActionCoordinates) IsSameStep 

func (coords *ActionCoordinates) IsSameStep(cmp ActionCoordinates) bool

IsSameStep returns true if the Flow and StepIndex are the same.

func (*ActionCoordinates) Step 

func (coords *ActionCoordinates) Step() Step

Step returns the Step.

type Actions 

type Actions []Action

Actions is a slice of Action-s

type Actor 

type Actor interface {
	// ResponsibleCode is the code which supposedly performs the actions
	// of this Actor.
	ResponsibleCode() DataSource
}

Actor defines the piece of code responsible for specific Action. This might help to validate if no Action is performed from a non-MeasuredData.

type AddressMapper 

type AddressMapper interface {
	Resolve(SystemArtifact, ...pkgbytes.Range) (pkgbytes.Ranges, error)
	Unresolve(SystemArtifact, ...pkgbytes.Range) (pkgbytes.Ranges, error)
}

AddressMapper maps an address. If is an untyped nil then address should be mapped to itself by the consumer of this interface.

type Condition 

type Condition interface {
	Check(context.Context, *State) bool
}

Condition is an abstract condition.

type ConvertedBytes 

type ConvertedBytes []byte

ConvertedBytes is the final representation of bytes (for example a digest to be extended to a PCR).

func (ConvertedBytes) String 

func (d ConvertedBytes) String() string

String implements fmt.Stringer.

type Data 

type Data struct {
	References
	Converter DataConverter `faker:"data_converter"`
}

Data is byte-data (given directly or by a reference to a SystemArtifact).

func NewData 

func NewData[T NewDataInput](in T) *Data

NewData returns a new instance of Data structure, given the actual data to be referenced to.

The returned value is always not nil.

func (*Data) ConvertedBytes 

func (d *Data) ConvertedBytes() ConvertedBytes

ConvertedBytes returns the final/converted bytes defined by Data.

func (*Data) ForcedBytes 

func (d *Data) ForcedBytes() RawBytes

ForcedBytes returns the bytes provided by SystemArtifacts of type RawBytes.

type DataConverter 

type DataConverter interface {
	Convert(RawBytes) ConvertedBytes
}

DataConverter is an abstract converter of data. For example SHA1 hasher is a data converter.

type DataConverterFactory 

type DataConverterFactory interface {
	NewDataConverter() DataConverter
}

DataConverterFactory is a factory of DataConverter.

type DataSource 

type DataSource interface {
	Data(context.Context, *State) (*Data, error)
}

DataSource is an abstract source of byte-data.

type ErrNoSubSystem 

type ErrNoSubSystem struct {
	SubSystemKey reflect.Type
}

ErrNoSubSystem means the requested SubSystem type was not included into the State.

See also `(*State).IncludeSubSystem()`.

func (ErrNoSubSystem) Error 

func (err ErrNoSubSystem) Error() string

Error implements interface `error`.

func (ErrNoSubSystem) String 

func (err ErrNoSubSystem) String() string

String implements fmt.Stringer.

func (ErrNoSubSystem) SubSystemTypeIs 

func (err ErrNoSubSystem) SubSystemTypeIs(sample SubSystem) bool

SubSystemTypeIs returns true if the underlying type of the provided sample is the same as of the requested SubSystem (which was not included to the State).

type ErrNoSystemArtifact 

type ErrNoSystemArtifact struct {
	SystemArtifactKey reflect.Type
}

ErrNoSystemArtifact means the requested SystemArtifact type was not included to the State.

See also `(*State).IncludeSystemArtifact()`.

func (ErrNoSystemArtifact) Error 

func (err ErrNoSystemArtifact) Error() string

Error implements interface `error`.

func (ErrNoSystemArtifact) String 

func (err ErrNoSystemArtifact) String() string

String implements fmt.Stringer.

func (ErrNoSystemArtifact) SystemArtifactTypeIs 

func (err ErrNoSystemArtifact) SystemArtifactTypeIs(sample SystemArtifact) bool

SystemArtifactTypeIs returns true if the underlying type of the provided sample is the same as of the requested SystemArtifact (which was not included to the State).

type Flow 

type Flow struct {
	// Name is the unique name of the Flow.
	//
	// Equivalence of Name-s between two flows should guarantee the equivalence
	// of Steps.
	Name string

	// Steps returns the list of Step-s implied by this flow.
	Steps Steps
}

Flow describes steps of the boot process.

func NewFlow 

func NewFlow(name string, steps Steps) Flow

NewFlow returns a Flow.

type MappedRanges 

type MappedRanges struct {
	AddressMapper AddressMapper `faker:"address_mapper"`
	Ranges        pkgbytes.Ranges
}

MappedRanges are ranges, which is mapped (for example ranges in virtual memory).

type MeasuredData 

type MeasuredData struct {
	Data
	DataSource DataSource `faker:"data_source"`
	Actor      Actor      `faker:"actor"`
	Step       Step       `faker:"step"`
	Action     Action     `faker:"action"`
	TrustChain TrustChain `faker:"trust_chain"`
}

MeasuredData is a piece of Data which was measured by any of TrustChain-s.

func (MeasuredData) String 

func (d MeasuredData) String() string

String implements fmt.Stringer.

type MeasuredDataSlice 

type MeasuredDataSlice []MeasuredData

MeasuredDataSlice is a slice of MeasuredData-s.

func (MeasuredDataSlice) References 

func (s MeasuredDataSlice) References() References

References returns all References.

func (MeasuredDataSlice) String 

func (s MeasuredDataSlice) String() string

String implements fmt.Stringer.

type NewDataInput 

type NewDataInput interface {
	RawBytes | *Reference | References
}

NewDataInput is just an interface for function NewData.

type NewReferenceInput 

type NewReferenceInput interface {
	RawBytes
}

NewReferenceInput is the input for NewReference function.

Currently we support only RawBytes.

type RawBytes 

type RawBytes []byte

RawBytes are the initial (not yet hashed or converted other way) bytes.

func (RawBytes) ConvertBy 

func (b RawBytes) ConvertBy(c DataConverter) ConvertedBytes

ConvertBy converts the bytes to final bytes given a DataConverter.

func (RawBytes) Equal 

func (b RawBytes) Equal(in SystemArtifact) bool

Equal implements SystemArtifactEqualer.

func (RawBytes) RawBytes 

func (b RawBytes) RawBytes() RawBytes

RawBytes implements RawBytesGetter.

func (RawBytes) ReadAt 

func (b RawBytes) ReadAt(p []byte, offset int64) (n int, err error)

ReadAt implements SystemArtifact.

func (RawBytes) Size 

func (b RawBytes) Size() uint64

Size implements SystemArtifact.

type RawBytesGetter 

type RawBytesGetter interface {
	RawBytes() RawBytes
}

RawBytesGetter is an abstract source of RawBytes.

type Reference 

type Reference struct {
	Artifact SystemArtifact `faker:"system_artifact"`
	MappedRanges
}

Reference is a reference to a bytes data in a SystemArtifact.

func NewReference 

func NewReference[T NewReferenceInput](in T) *Reference

Reference returns a Reference given a data to reference to.

The returned value is always not nil.

func (*Reference) RawBytes 

func (ref *Reference) RawBytes() RawBytes

RawBytes returns the bytes data referenced by the Reference.

func (*Reference) ResolvedRanges 

func (ref *Reference) ResolvedRanges() (pkgbytes.Ranges, error)

ResolvedRanges returns Ranges, already resolved using AddressMapper.

func (Reference) String 

func (ref Reference) String() string

String implements fmt.Stringer()

type References 

type References []Reference

References is a a slice of Reference-s.

func (References) BySystemArtifact 

func (s References) BySystemArtifact(sa SystemArtifact) References

BySystemArtifact filters references to only those, who refers to the given SystemArtifact.

func (References) Exclude 

func (s References) Exclude(exc ...Reference) References

Exclude returns the references left after subtracting regions from the provided references.

func (References) ForcedBytes 

func (s References) ForcedBytes() RawBytes

ForcedBytes returns a concatenation of data of all bytes defined by SystemArtifacts of type RawBytes.

func (References) Ranges 

func (s References) Ranges() pkgbytes.Ranges

Ranges concatenates and returns all Ranges together.

func (References) RawBytes 

func (s References) RawBytes() RawBytes

RawBytes returns a concatenation of data of all the referenced byte ranges.

func (References) Resolve 

func (s References) Resolve() error

Resolve uses AddressMapper-s to resolve addresses to final references.

On success: all AddressMappers will be nil and all Ranges will reference to the actual ranges of the data. On failure an error returned, but some References might be already resolved.

func (*References) SortAndMerge 

func (s *References) SortAndMerge()

SortAndMerge sorts References and merges those which touch or overlap.

func (References) String 

func (s References) String() string

String implements fmt.Stringer

type State 

type State struct {
	SystemArtifacts          SystemArtifacts `faker:"system_artifact_map"`
	SubSystems               SubSystems      `faker:"sub_system_map"`
	CurrentActor             Actor           `faker:"actor"`
	CurrentActionCoordinates ActionCoordinates
	CurrentAction            Action `faker:"action"`
	MeasuredData             MeasuredDataSlice
}

State describes a virtual state of a machine being booted

func NewState 

func NewState() *State

NewState returns a new instance of State.

func (*State) AddMeasuredData 

func (state *State) AddMeasuredData(
	data Data,
	trustChain TrustChain,
	dataSource DataSource,
) *MeasuredData

AddMeasuredData marks given data as protected/measured.

TrustChain defines within which TrustChain this measurement was performed (should not be nil). DataSource defines how the data source was defined in the flow, which made the measurement (should not be nil).

func (*State) GetCurrentActionCoordinates 

func (state *State) GetCurrentActionCoordinates() ActionCoordinates

GetCurrentActionCoordinates returns the Action is being performed.

func (*State) GetDataMeasuredBy 

func (state *State) GetDataMeasuredBy(trustChain TrustChain) MeasuredDataSlice

GetDataMeasuredBy returns MeasuredData which was measured within the specified TrustChain.

See also (*State).AddMeasuredData().

func (*State) IncludeSubSystem 

func (state *State) IncludeSubSystem(subSystem SubSystem)

IncludeSubSystem adds and enables a SubSystem, but each SubSystem type could be added only once.

func (*State) IncludeSystemArtifact 

func (state *State) IncludeSystemArtifact(systemArtifact SystemArtifact)

IncludeSystemArtifact adds and enables a SystemArtifact, but each SystemArtifact type could be added only once.

func (*State) Reset 

func (state *State) Reset()

Reset returns to the initial state, but tries to keep the already allocated memory.

func (*State) SetFlow 

func (state *State) SetFlow(flow Flow)

SetFlow sets the Flow and resets the execution carriage (resets to the first Step).

func (*State) String 

func (state *State) String() string

String implements fmt.Stringer.

type StaticStep 

type StaticStep Actions

StaticStep is a Step which has a predefined static list of Actions.

func (StaticStep) Actions 

func (step StaticStep) Actions(context.Context, *State) Actions

Actions implements interface Step.

func (StaticStep) String 

func (step StaticStep) String() string

String implements fmt.Stringer.

type Step 

type Step interface {
	Actions(context.Context, *State) Actions
}

Step describes a single step of a boot process, essential for the measurements. Steps of a flow may vary depending on a State.

In contrast to Action, Step just answers the question "what to do", but does not execute it.

An example: measure specific sections in an AMD Manifest

type Steps 

type Steps []Step

Steps is a slice of Step-s.

func (Steps) String 

func (s Steps) String() string

type SubSystem 

type SubSystem interface {
	IsInitialized() bool
}

SubSystem is an abstract subsystem of the imaginary/virtual machine, we imitate to boot.

Examples: TPM-backed measured boot, RDMA

type SubSystems 

type SubSystems map[reflect.Type]SubSystem

SubSystem is a collection of SubSystem-s with unique types.

func (SubSystems) String 

func (m SubSystems) String() string

String implements fmt.Stringer.

type SystemArtifact 

type SystemArtifact interface {
	io.ReaderAt // should never return an error
	Size() uint64
}

SystemArtifact is an abstract data artifact of the emulated system.

Examples: BIOS firmware image, TXT status registers, MSR registers, PRoT firmware image.

type SystemArtifactEqualer 

type SystemArtifactEqualer interface {
	Equal(SystemArtifact) bool
}

SystemArtifactEqualer is a comparer of a system artifact, semantically similar to bytes.Compare (but for artifacts, instead of bytes).

type SystemArtifacts 

type SystemArtifacts map[reflect.Type]SystemArtifact

SystemArtifacts is a collection of SystemArtifact-s with unique types.

func (SystemArtifacts) String 

func (m SystemArtifacts) String() string

String implements fmt.Stringer.

type TrustChain 

type TrustChain interface {
	SubSystem
}

TrustChain is a SubSystem responsible for maintaining a chain of trust.

Examples: TPM-backed measured boot, DICE-backed measured boot, Signatures-backed verified boot, etc.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.