Problem (WIP #1616): keypackage not verified in nodejointx / council node data #1668
Conversation
yihuang
force-pushed
the
issue1616
branch
6 times, most recently
from
c96f316 to
cfca8dc
Compare
Codecov Report
@@ Coverage Diff @@
## master #1668 +/- ##
==========================================
+ Coverage 67.23% 71.86% +4.62%
==========================================
Files 191 184 -7
Lines 23516 21908 -1608
==========================================
- Hits 15811 15744 -67
+ Misses 7705 6164 -1541
|
chain-abci/src/staking/tx.rs
Outdated
| mut recent_isv_svn: u16, | ||
| tx: &NodeJoinRequestTx, | ||
| ) -> Result<(), PublicTxError> { | ||
| ) -> Result<u16, PublicTxError> { |
There was a problem hiding this comment.
why it needs it mut when it also returns it?
There was a problem hiding this comment.
It'll get assigned if info.quote.report_body.isv_svn > recent_isv_svn, and returned at the end.
There was a problem hiding this comment.
how about
recent_isv_svn:&mut u16 ?
for readibility
changing recent_isv_svn inside this function can be error-prone,
can be refactored using tutple?
There was a problem hiding this comment.
Used a new variable to return now, it would be less confusing.
| @@ -19,7 +19,8 @@ impl<'a> EnclaveCertVerifierConfig<'a> { | |||
| pub fn new() -> Self { | |||
| Self { | |||
| signing_ca_cert_pem: IAS_CERT.into(), | |||
| valid_enclave_quote_statuses: vec!["OK".into()].into(), | |||
| // FIXME remove SW_HARDENING_NEEDED after https://github.com/rust-lang/llvm-project/pull/58 | |||
There was a problem hiding this comment.
I think SW_HARDENING_NEEDED will still appear as a response, so it may not be possible to remove it ("OK" or "UP-TO-DATE" will only appear on unaffected platforms which are only some very recent CPUs, i.e. mid-2019 and newer) -- it's more of a reminder that one should apply those software hardening measures: https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection#mitigationguidelines
Since it affects many platforms, applying the mitigations and releasing only one version with them for all platforms is ok.
There was a problem hiding this comment.
Oh, then OK, UP-TO-DATE, SW_HARDENING_NEEDED all should be considered as valid responses?
There was a problem hiding this comment.
The API docs (https://api.trustedservices.intel.com/documents/sgx-attestation-api-spec.pdf) don't mention "UP-TO-DATE" (it's only mentioned in that LVI mitigation article), so perhaps only "OK" and "SW_HARDENING_NEEDED"
chain-abci/src/staking/tx.rs
Outdated
| @@ -24,9 +24,9 @@ impl StakingTable { | |||
| heap: &mut impl StoreStaking, | |||
| block_time: Timespec, | |||
| max_evidence_age: Timespec, | |||
| ra_verifier: &EnclaveCertVerifier, | |||
| mut recent_isv_svn: u16, | |||
There was a problem hiding this comment.
some full-word comment about "isv_svn" would be useful,
or consider full word variable
There was a problem hiding this comment.
added a little bit more comment here about isv svn:
https://github.com/crypto-com/chain/pull/1668/files#diff-3cfbc20473df3695f7d44c7c3d8c1508R57
chain-abci/src/storage/mod.rs
Outdated
| NodeJoin { | ||
| address: StakedStateAddress, | ||
| council_node: CouncilNode, | ||
| /// most recent isv_svn |
There was a problem hiding this comment.
this remark for documentation?
// ?
| @@ -2,85 +2,61 @@ use crate::common::Timespec; | |||
| use crate::init::address::RedeemAddress; | |||
There was a problem hiding this comment.
just one note that genesis processing may need more thought / design: crypto-org-chain/chain-docs#141 (comment)
yihuang
force-pushed
the
issue1616
branch
2 times, most recently
from
70c427e to
44d7a67
Compare
|
bors r+ |
1668: Problem (WIP #1616): keypackage not verified in nodejointx / council node data r=tomtau a=yihuang Solution: - record most recent isv_svn, warn when a new version appears - add mock data and fix unit/integration tests temporarily. TBD: generate real keypackage when construct node-join tx, or prepare genesis. Co-authored-by: yihuang <[email protected]>
|
Build failed: |
yihuang
force-pushed
the
issue1616
branch
2 times, most recently
from
9e7c685 to
5f1020b
Compare
|
bors r+ |
1668: Problem (WIP #1616): keypackage not verified in nodejointx / council node data r=tomtau a=yihuang Solution: - record most recent isv_svn, warn when a new version appears - add mock data and fix unit/integration tests temporarily. TBD: generate real keypackage when construct node-join tx, or prepare genesis. Co-authored-by: yihuang <[email protected]>
|
Canceled. |
chain-abci/fuzz/Cargo.lock
Outdated
| @@ -0,0 +1,3908 @@ | |||
| # This file is automatically @generated by Cargo. | |||
There was a problem hiding this comment.
needed? or could this go to .gitignore?
There was a problem hiding this comment.
I think general guideline is like libraries should ignore Cargo.lock but binaries/applications should check-in Cargo.lock, I guess fuzz can be considered as application?
There was a problem hiding this comment.
Maybe we can put the fuzz crate in workspace, it'll share the same Cargo.lock file?
EDIT: oh, fuzz itself is a workspace.
There was a problem hiding this comment.
Removed the lock file.
|
A few clippy suggestions: https://travis-ci.org/github/crypto-com/chain/jobs/691601119#L1686 |
Done |
…/ council node data Solution: - record most recent isv_svn in chain state, warn when a new version appears - use mock keypackage and make unit/integration tests running tempararily
|
bors r+ |
|
Build succeeded: |
Solution:
TBD: generate real keypackage when construct node-join tx, or prepare genesis.