Skip to content
This repository has been archived by the owner on Apr 15, 2024. It is now read-only.

intel/confidential-cloud-native-primitives

PROJECT NOT UNDER ACTIVE MANAGEMENT

This project will no longer be maintained by Intel.

Intel has ceased development and contributions including, but not limited to, maintenance, bug fixes, new releases, or updates, to this project.

Intel no longer accepts patches to this project.

If you have an ongoing need to use this project, are interested in independently developing it, or would like to maintain patches for the open source software community, please create your own fork of this project.

Contact: webadmin@linux.intel.com

Note

The project has been moved to CC-API organization. Go to https://github.com/cc-api/confidential-cloud-native-primitives for more information.

Confidential Cloud-Native Primitives (CCNP)

CI Check License CI Check Spelling CI Check Python CI Check Shell CI Check Rust CI Check Golang CI Check Container CC Foundation Image Customize OpenSSF Best Practices

1. Introduction

Confidential Computing technologies like Intel® TDX provides an isolated encryption runtime environment to protect data-in-use based on hardware Trusted Execution Environment (TEE). It requires a full chain integrity measurement on the launch-time or runtime environment to guarantee "consistent behavior in an expected way" of confidential computing environment for tenant's zero-trust use case.

This project is designed to provide cloud native measurement for the full measurement chain from TEE TCB -> Firmware TCB -> Guest OS TCB -> Cloud Native TCB as follows:

NOTE: Different from traditional trusted computing on non-confidential environment, the measurement chain is not only started with Guest's SRTM (Static Root Of Measurement) but it also needs to include the TEE TCB because the CC VM environment is created by TEE via DRTM (Dynamic Root of Measurement) like Intel® TXT on the host.

From the perspective of a tenant's workload, CCNP will expose the CC Trusted API as the unified interfaces across diverse trusted foundations like RTMR+MRTD+CCEL and PCR+TPM2. Learn more details of CCNP design at CCNP documentation.

Finally, the full trusted chain will be measured into a CC report as follows using Intel TDX as an example:

NOTE:

  • The measurement of TEE, Guest's boot, OS is per CC VM, but cluster/container measurement might be per cluster/namespace/container for cloud native architecture.
  • Please refer to structure TDREPORT.
  • The CCNP project collects container level primitives by implementing unified APIs defined in CC Trusted API. The project will be moved to CC Trusted API in the near future.

2. Installation

2.1 Configuration for Host and Guest for Host and Guest

CCNP collects primitives of confidential cloud native environments running in confidential VMs (CVM), such as Intel TDX guest. The primitives are not only from the TEE + CVM boot process + CVM OS but also from the environments running workloads, e.g. Kubernetes cluster or Docker containers. Thus, you need to check below configuration for both hosts and guests.

You can setup an Intel TDX enlightened host and then boot a TD guest on it. The feasible configurations are as below.

CPU Host OS Host packages Guest OS Guest packages Attestation packages
Intel® Emerald Rapids Ubuntu 22.04 Build packages referring to here Ubuntu 22.04 Build packages referring to here You can either use containerized PCCS, QGS or install packages from here
Intel® Emerald Rapids Ubuntu 23.10 Setup TDX host referring to here Ubuntu 22.04 Build packages referring to here Setup containerized PCCS and QGS on the host

NOTE: The Platform certificate caching service (PCCS) is used to retrieve and cache PCK certificates locally to your cluster from Intel's Platform Certificate Service. This is necessary to attest the authenticity of a TD guest before a workload is started in it. The Quote Generate Service (QGS) runs on the host in a specialized enclave to generate and use TD quotes. For convenient setup these can run inside a Docker container. Learn more at https://download.01.org/intel-sgx/sgx-dcap/1.17/linux/docs/Intel_TDX_DCAP_Quoting_Library_API.pdf. The PCCS and QGS are used to get Quote for a TD guest. They need to be installed on TDX hosts.

2.2 Deploy CCNP Services in Confidential VM

NOTE: the following installation will be performed in a confidential VM. Make sure you have confidential VM booted before moving forward.

It supports to deploy CCNP services as DaemonSets in Kubernetes cluster or docker containers on a single confidential VM. Please refer to below guides for different deployment environments.

2.3 Install SDK

CCNP SDK can be used by a workload for cloud native primitives collecting. It needs to be installed within the workload container image and called whenever the primitives are required. For example, in your workload written in Python, you can install the SDK from PyPI using the command:

pip install ccnp

Alternatively, the CCNP can be installed from source code with the following command. Make sure to clone the repository into your confidential VM and then run the following command:

cd sdk/python3
pip install -e .

2.4 Install CCNP Device Plugin

Follow the CCNP device plugin Installation Guide.

3. Contributing

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, contact the maintainers of the project.

When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.

See CONTRIBUTING.md for details on building, testing, and contributing to these libraries.

4. Provide Feedback

If you encounter any bugs or have suggestions, please file an issue in the Issues section of the project.

Note: This is pre-production software and, as such, it may be substantially modified as updated versions are made available.

5. Reference

Trusted Computing

TCG PC Client Platform TPM Profile Specification

TCG PC Client Platform Firmware Profile Specification

6. Contributors

Ruoyu-y
Ruoyu Ying
hairongchen
Hairongchen
kenplusplus
Lu Ken
hjh189
Jiahao Huang
ruomengh
Ruomeng Hao
HaokunX-intel
Haokun Xing
hwang37
Wang, Hongbo
dongx1x
Xiaocheng Dong
LeiZhou-97
LeiZhou
Yanbo0101
Yanbo Xu
jialeif
Jialei Feng
jiere
Jie Ren
rdower
Robert Dower
zhlsunshine
Steve Zhang
wenhuizhang
Wenhui Zhang