jul-sh
jul-sh
There's some opportunity for refactoring our remote attestation implementation, this issue is meant to track aspects that could be improved. It's worth noting that we currently support remote attestation over...
Context: https://github.com/project-oak/oak/pull/2621#discussion_r829594646. We currently send only status codes, not error messages. It would be nice to send descriptive error messages, without leaking sensitive data.
This PR updates & renames the `grpc_unary_attestation`, now `grpc_attestation`, crate. The proto file in this crate now defines two gRPC services, one for attestation over unary messages, and one for...
# Context To remotely attest an Oak instance a client performs a remote attestation handshake. This takes place using a sequence of messages, as shown below: Messages belonging to the...
(guarded behind a feature, as we'll need to update the internal launcher as well)
the new oak_restricted_kernel_simple_io_init_rd_wrapper will exist alongside oak_restricted_kernel_simple_io_wrapper for a while. then internal dependencies will be updated, and the the former will be removed. this approach is significantly simpler than #4828....
Currently all of our no_std crates run their tests with std, by declaring no_std only when not running tests `#![cfg_attr(not(test), no_std)]`. That works fine for many cases, but some tests...
All interfaces exposed to the application are now in `proto/containers/application_interfaces.proto`. Previously they were split across multiple different proto files. Adds cpp and python build targets for them, so customer teams...
Encodes the real dice attestation into the AttestationEvidence format instead.
Currently we [always set this value to AMD SEV SNP](https://github.com/project-oak/oak/blob/7e7ee8545ac66be77db19d769041b8b8da3b4fd6/stage0/src/dice_attestation.rs#L160), regardless of whether said platform was [actually used](https://github.com/project-oak/oak/blob/7e7ee8545ac66be77db19d769041b8b8da3b4fd6/stage0/src/dice_attestation.rs#L189).