harald/teepot
1
0
Fork 0
mirror of https://github.com/matter-labs/teepot.git synced 2025-07-21 23:23:57 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: compat code for non x86_64-linux

Browse source 
- do not build packages, which require `x86_64-linux`
- use Phala `dcap-qvl` crate for remote attestation, if possible
- nix: exclude `nixsgx` on non `x86_64-linux` platforms

Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
This commit is contained in:
Harald Hoyer 2025-03-20 10:25:24 +01:00
parent ed808efd03
commit eb39705ff1
Signed by: harald
GPG key ID: F519A1143B3FBE32
41 changed files with 1531 additions and 519 deletions
Download patch file Download diff file Expand all files Collapse all files

36
bin/tee-key-preexec/src/main.rs
View file

@ -6,21 +6,10 @@
#![deny(missing_docs)]
#![deny(clippy::all)]
use anyhow::{Context, Result};
use anyhow::Result;
use clap::Parser;
use secp256k1::{rand, Secp256k1};
use std::{ffi::OsString, os::unix::process::CommandExt, process::Command};
use teepot::{
ethereum::public_key_to_ethereum_address,
prover::reportdata::ReportDataV1,
quote::get_quote,
tdx::rtmr::{TdxRtmrEvent, UEFI_MARKER_DIGEST_BYTES},
};
use std::ffi::OsString;
use tracing::error;
use tracing_log::LogTracer;
use tracing_subscriber::{fmt, prelude::*, EnvFilter, Registry};
const TEE_QUOTE_FILE: &str = "/tmp/tee_quote";
#[derive(Parser, Debug)]
#[command(author, version, about, long_about = None)]
@ -33,7 +22,21 @@ struct Args {
cmd_args: Vec<OsString>,
}
#[cfg(all(target_os = "linux", target_arch = "x86_64"))]
fn main_with_error() -> Result<()> {
use anyhow::Context;
use secp256k1::{rand, Secp256k1};
use std::{os::unix::process::CommandExt, process::Command};
use teepot::tdx::rtmr::TdxRtmrEvent;
use teepot::{
ethereum::public_key_to_ethereum_address, prover::reportdata::ReportDataV1,
quote::get_quote,
};
use tracing_log::LogTracer;
use tracing_subscriber::{fmt, prelude::*, EnvFilter, Registry};
const TEE_QUOTE_FILE: &str = "/tmp/tee_quote";
LogTracer::init().context("Failed to set logger")?;
let subscriber = Registry::default()
@ -54,7 +57,7 @@ fn main_with_error() -> Result<()> {
// so that any breach can't generate a new attestation with the expected RTMRs
TdxRtmrEvent::default()
.with_rtmr_index(3)
.with_extend_data(UEFI_MARKER_DIGEST_BYTES)
.with_extend_data(teepot::tdx::UEFI_MARKER_DIGEST_BYTES)
.extend()?;
// save quote to file
@ -94,6 +97,11 @@ fn main_with_error() -> Result<()> {
})
}
#[cfg(not(all(target_os = "linux", target_arch = "x86_64")))]
fn main_with_error() -> Result<()> {
anyhow::bail!("OS or architecture not supported");
}
fn main() -> Result<()> {
let ret = main_with_error();
if let Err(e) = &ret {