Renew AKCert if platform-defined and vTPM blob is 32k #2316
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR changes the TpmAkCertType::TrustedPreProvisionedOnly variant from a unit variant to a tuple variant that holds a RequestAkCert helper. This enables OpenHCL to renew AK certificates for host-attested vTPMs when the existing AKCert index is platform-defined (which prevents guests from renewing it themselves).
Key changes:
- Modified
TrustedPreProvisionedOnlyto carry aRequestAkCertresource similar to other AK cert types - Added logic to detect platform-created AKCert indices and enable automatic renewal
- Introduced
always_renew_ak_certflag to handle cases where platform-defined indices require renewal from OpenHCL
Reviewed Changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| vm/devices/tpm_resources/src/lib.rs | Changed TrustedPreProvisionedOnly to hold a Resource<RequestAkCertKind> |
| vm/devices/tpm/tpm_lib/src/lib.rs | Added has_platform_akcert_index() to check if AKCert index is platform-created |
| vm/devices/tpm/tpm_device/src/resolver.rs | Updated resource resolution to handle the new TrustedPreProvisionedOnly tuple variant |
| vm/devices/tpm/tpm_device/src/lib.rs | Added always_renew_ak_cert flag and logic to enable renewal for platform-defined indices |
| vm/devices/tpm/tpm_device/src/ak_cert.rs | Changed TrustedPreProvisionedOnly to tuple variant and updated pattern matches |
| openhcl/underhill_core/src/worker.rs | Updated to pass request_ak_cert resource when creating TrustedPreProvisionedOnly |
|
Do we want to remove the command-line opt-in ( ) in vmm tests as part of this PR to get test coverage?cc @tjones60 |
Hmm probably, since that will be how it will work in production. |
| } | ||
|
|
||
| /// Check if the AKCert NV index exists and has the platform_create attribute. | ||
| pub fn has_platform_akcert_index(&mut self) -> bool { |
There was a problem hiding this comment.
change this to has_owner_akcert_index
There was a problem hiding this comment.
I revised this a bit differently to also handle the power-fail robustness. If the AKCert index doesn't exist, HCL should create it if this is a large TPM. If successful, HCL should handle renewing the AKCert.
vm/devices/tpm/tpm_device/src/lib.rs
Outdated
| // defined and this appears to be an HCL-provisioned | ||
| // vTPM, then handle AKCert renewal from OpenHCL. | ||
| let handle = | ||
| self.tpm_engine_helper.has_platform_akcert_index() && !legacy_size; |
There was a problem hiding this comment.
!has_owner_akcert_index && size >= 32k
3 participants
HCL-provisioned vTPMs have a platform-defined AKCert index and the AKCert has to be renewed by OpenHCL. We were planning on using control flags (see, e.g., PR #2036) to control whether OpenHCL will renew the AKCert, but it needs to run on older host OS versions that don't support these flags.
As an alternative, we can detect that the existing vTPM has a platform-defined AKCert index and is 32kB in size, which indicates that the vTPM was provisioned by HCL and that OpenHCL should handle renewing the AKCert.
This change also adds handling for a power-fail-robustness case, where the VM comes up without an AKCert index at all. In that case, HCL should try to create it if the vTPM is at least 32kB.