From 9cfb55e1f34e07eb9109bb8a0120fc15a72497c9 Mon Sep 17 00:00:00 2001
From: Mikko Ylinen <mikko.ylinen@intel.com>
Date: Thu, 22 Jun 2023 12:21:33 +0300
Subject: [PATCH] aa: attester: add Gramine support to SGX Attester

Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
---
 .../attester/src/sgx_dcap/mod.rs              | 56 +++++++++++++++----
 1 file changed, 45 insertions(+), 11 deletions(-)

diff --git a/attestation-agent/attester/src/sgx_dcap/mod.rs b/attestation-agent/attester/src/sgx_dcap/mod.rs
index 8ac46b141..9fc3dc7e6 100644
--- a/attestation-agent/attester/src/sgx_dcap/mod.rs
+++ b/attestation-agent/attester/src/sgx_dcap/mod.rs
@@ -10,8 +10,29 @@ use serde::{Deserialize, Serialize};
 
 const OCCLUM_ENV: &str = "OCCLUM";
 
+enum SgxLibOsType {
+    Invalid,
+    Occlum,
+    Gramine,
+}
+
+fn get_libos_type() -> SgxLibOsType {
+    if std::env::var(OCCLUM_ENV).is_ok() {
+        return SgxLibOsType::Occlum;
+    }
+
+    match std::fs::read_to_string("/dev/attestation/attestation_type") {
+        Ok(d) if d == "dcap" => SgxLibOsType::Gramine,
+        _ => SgxLibOsType::Invalid,
+    }
+}
+
 pub fn detect_platform() -> bool {
-    std::env::var(OCCLUM_ENV).is_ok()
+    match get_libos_type() {
+        SgxLibOsType::Invalid => false,
+        SgxLibOsType::Occlum => true,
+        SgxLibOsType::Gramine => true,
+    }
 }
 
 #[derive(Serialize, Deserialize)]
@@ -31,16 +52,29 @@ impl Attester for SgxDcapAttester {
         }
 
         report_data_bin.extend([0; 16]);
-        let mut handler = DcapQuote::new();
-        let quote_size = handler.get_quote_size() as usize;
-        let mut quote = Vec::new();
-        quote.resize(quote_size, b'\0');
-        let _ = handler
-            .generate_quote(
-                quote.as_mut_ptr(),
-                report_data_bin.as_ptr() as *const sgx_report_data_t,
-            )
-            .map_err(|e| anyhow!("generate quote: {e}"))?;
+
+        let quote = match get_libos_type() {
+            SgxLibOsType::Invalid => unimplemented!("empty quote"),
+            SgxLibOsType::Occlum => {
+                let mut handler = DcapQuote::new();
+                let quote_size = handler.get_quote_size() as usize;
+                let mut occlum_quote = Vec::new();
+
+                occlum_quote.resize(quote_size, b'\0');
+
+                match handler.generate_quote(
+                    occlum_quote.as_mut_ptr(),
+                    report_data_bin.as_ptr() as *const sgx_report_data_t,
+                ) {
+                    Ok(_) => occlum_quote,
+                    Err(e) => bail!("generate quote: {e}"),
+                }
+            }
+            SgxLibOsType::Gramine => {
+                std::fs::write("/dev/attestation/user_report_data", report_data_bin)?;
+                std::fs::read("/dev/attestation/quote")?
+            }
+        };
 
         let evidence = SgxDcapAttesterEvidence {
             quote: base64::encode(quote),