Allow multiple RoT versions in the same repository (#6586)

Author: labbott

Cargo.lock

@@ -12,4 +12,6 @@ pub struct SpComponentCaboose {
     pub board: String,
     pub name: String,
     pub version: String,
+    pub sign: Option<String>,
+    pub epoch: Option<String>,
 }

gateway-types/src/caboose.rs

@@ -217,6 +217,8 @@ impl GatewayApi for GatewayImpl {
         const CABOOSE_KEY_BOARD: [u8; 4] = *b"BORD";
         const CABOOSE_KEY_NAME: [u8; 4] = *b"NAME";
         const CABOOSE_KEY_VERSION: [u8; 4] = *b"VERS";
+        const CABOOSE_KEY_SIGN: [u8; 4] = *b"SIGN";
+        const CABOOSE_KEY_EPOC: [u8; 4] = *b"EPOC";
 
         let apictx = rqctx.context();
         let PathSpComponent { sp, component } = path.into_inner();
@@ -287,8 +289,43 @@ impl GatewayApi for GatewayImpl {
             let name = from_utf8(&CABOOSE_KEY_NAME, name)?;
             let version = from_utf8(&CABOOSE_KEY_VERSION, version)?;
 
-            let caboose =
-                SpComponentCaboose { git_commit, board, name, version };
+            // Not all images include the SIGN or EPOC in the caboose, if it's not present
+            // don't treat it as an error
+
+            let sign = match sp
+                .read_component_caboose(
+                    component,
+                    firmware_slot,
+                    CABOOSE_KEY_SIGN,
+                )
+                .await
+                .ok()
+            {
+                None => None,
+                Some(v) => Some(from_utf8(&CABOOSE_KEY_SIGN, v)?),
+            };
+
+            let epoch = match sp
+                .read_component_caboose(
+                    component,
+                    firmware_slot,
+                    CABOOSE_KEY_EPOC,
+                )
+                .await
+                .ok()
+            {
+                None => None,
+                Some(v) => Some(from_utf8(&CABOOSE_KEY_EPOC, v)?),
+            };
+
+            let caboose = SpComponentCaboose {
+                git_commit,
+                board,
+                name,
+                version,
+                sign,
+                epoch,
+            };
 
             Ok(HttpResponseOk(caboose))
         };

gateway/src/http_entrypoints.rs

@@ -1087,6 +1087,8 @@ mod test {
             git_commit: String::from("git_commit1"),
             name: String::from("name1"),
             version: String::from("version1"),
+            sign: None,
+            epoch: None,
         };
         assert!(!builder
             .found_caboose_already(&bogus_baseboard, CabooseWhich::SpSlot0));
@@ -1153,6 +1155,8 @@ mod test {
                     git_commit: String::from("git_commit2"),
                     name: String::from("name2"),
                     version: String::from("version2"),
+                    sign: None,
+                    epoch: None,
                 },
             )
             .unwrap_err();

nexus/inventory/src/builder.rs

@@ -512,6 +512,8 @@ pub fn caboose(unique: &str) -> SpComponentCaboose {
         git_commit: format!("git_commit_{}", unique),
         name: format!("name_{}", unique),
         version: format!("version_{}", unique),
+        sign: None,
+        epoch: None,
     }
 }
 

nexus/inventory/src/examples.rs

@@ -2603,12 +2603,20 @@
           "board": {
             "type": "string"
           },
+          "epoch": {
+            "nullable": true,
+            "type": "string"
+          },
           "git_commit": {
             "type": "string"
           },
           "name": {
             "type": "string"
           },
+          "sign": {
+            "nullable": true,
+            "type": "string"
+          },
           "version": {
             "type": "string"
           }

openapi/gateway.json

@@ -1661,6 +1661,15 @@
             "items": {
               "$ref": "#/components/schemas/ArtifactHashId"
             }
+          },
+          "sign": {
+            "nullable": true,
+            "type": "array",
+            "items": {
+              "type": "integer",
+              "format": "uint8",
+              "minimum": 0
+            }
           }
         },
         "required": [
@@ -3413,18 +3422,26 @@
         ]
       },
       "SpComponentCaboose": {
-        "description": "SpComponentCaboose\n\n<details><summary>JSON schema</summary>\n\n```json { \"type\": \"object\", \"required\": [ \"board\", \"git_commit\", \"name\", \"version\" ], \"properties\": { \"board\": { \"type\": \"string\" }, \"git_commit\": { \"type\": \"string\" }, \"name\": { \"type\": \"string\" }, \"version\": { \"type\": \"string\" } } } ``` </details>",
+        "description": "SpComponentCaboose\n\n<details><summary>JSON schema</summary>\n\n```json { \"type\": \"object\", \"required\": [ \"board\", \"git_commit\", \"name\", \"version\" ], \"properties\": { \"board\": { \"type\": \"string\" }, \"epoch\": { \"type\": [ \"string\", \"null\" ] }, \"git_commit\": { \"type\": \"string\" }, \"name\": { \"type\": \"string\" }, \"sign\": { \"type\": [ \"string\", \"null\" ] }, \"version\": { \"type\": \"string\" } } } ``` </details>",
         "type": "object",
         "properties": {
           "board": {
             "type": "string"
           },
+          "epoch": {
+            "nullable": true,
+            "type": "string"
+          },
           "git_commit": {
             "type": "string"
           },
           "name": {
             "type": "string"
           },
+          "sign": {
+            "nullable": true,
+            "type": "string"
+          },
           "version": {
             "type": "string"
           }

openapi/wicketd.json

@@ -1351,12 +1351,16 @@ impl SpHandler for Handler {
             (SpComponent::ROT, b"NAME", _, _) => ROT_NAME,
             (SpComponent::ROT, b"VERS", 0, _) => ROT_VERS0,
             (SpComponent::ROT, b"VERS", 1, _) => ROT_VERS1,
+            // gimlet staging/devel hash
+            (SpComponent::ROT, b"SIGN", _, _) => &"11594bb5548a757e918e6fe056e2ad9e084297c9555417a025d8788eacf55daf".as_bytes(),
             (SpComponent::STAGE0, b"GITC", 0, false) => STAGE0_GITC0,
             (SpComponent::STAGE0, b"GITC", 1, false) => STAGE0_GITC1,
             (SpComponent::STAGE0, b"BORD", _, false) => STAGE0_BORD,
             (SpComponent::STAGE0, b"NAME", _, false) => STAGE0_NAME,
             (SpComponent::STAGE0, b"VERS", 0, false) => STAGE0_VERS0,
             (SpComponent::STAGE0, b"VERS", 1, false) => STAGE0_VERS1,
+            // gimlet staging/devel hash
+            (SpComponent::STAGE0, b"SIGN", _, false) => &"11594bb5548a757e918e6fe056e2ad9e084297c9555417a025d8788eacf55daf".as_bytes(),
             _ => return Err(SpError::NoSuchCabooseKey(key)),
         };
 

sp-sim/src/gimlet.rs

@@ -1061,12 +1061,16 @@ impl SpHandler for Handler {
             (SpComponent::ROT, b"NAME", _, _) => ROT_NAME,
             (SpComponent::ROT, b"VERS", 0, _) => ROT_VERS0,
             (SpComponent::ROT, b"VERS", 1, _) => ROT_VERS1,
+            // sidecar staging/devel hash
+            (SpComponent::ROT, b"SIGN", _, _) => &"1432cc4cfe5688c51b55546fe37837c753cfbc89e8c3c6aabcf977fdf0c41e27".as_bytes(),
             (SpComponent::STAGE0, b"GITC", 0, false) => STAGE0_GITC0,
             (SpComponent::STAGE0, b"GITC", 1, false) => STAGE0_GITC1,
             (SpComponent::STAGE0, b"BORD", _, false) => STAGE0_BORD,
             (SpComponent::STAGE0, b"NAME", _, false) => STAGE0_NAME,
             (SpComponent::STAGE0, b"VERS", 0, false) => STAGE0_VERS0,
             (SpComponent::STAGE0, b"VERS", 1, false) => STAGE0_VERS1,
+            // sidecar staging/devel hash
+            (SpComponent::STAGE0, b"SIGN", _, false) => &"1432cc4cfe5688c51b55546fe37837c753cfbc89e8c3c6aabcf977fdf0c41e27".as_bytes(),
             _ => return Err(SpError::NoSuchCabooseKey(key)),
         };
 

sp-sim/src/sidecar.rs

@@ -297,11 +297,14 @@ impl<'a> FakeDataAttributes<'a> {
             KnownArtifactKind::SwitchRot => "SimRot",
         };
 
+        // For our purposes sign = board represents what we want for the RoT
+        // and we don't care about the SP at this point
         let caboose = CabooseBuilder::default()
             .git_commit("this-is-fake-data")
             .board(board)
             .version(self.version.to_string())
             .name(self.name)
+            .sign(board)
             .build();
 
         let mut builder = HubrisArchiveBuilder::with_fake_image();

tufaceous-lib/src/assemble/manifest.rs

@@ -58,6 +58,10 @@ pub struct ArtifactsWithPlan {
     // will contain two entries mapping each of the images to their data.
     by_hash: DebugIgnore<HashMap<ArtifactHashId, ExtractedArtifactDataHandle>>,
 
+    // Map from Rot artifact IDs to hash of signing information. This is
+    // used to select between different artifact versions in the same
+    // repository
+    rot_by_sign: DebugIgnore<HashMap<ArtifactId, Vec<u8>>>,
     // The plan to use to update a component within the rack.
     plan: UpdatePlan,
 }
@@ -240,8 +244,13 @@ impl ArtifactsWithPlan {
 
         // Ensure we know how to apply updates from this set of artifacts; we'll
         // remember the plan we create.
-        let UpdatePlanBuildOutput { plan, by_id, by_hash, artifacts_meta } =
-            builder.build()?;
+        let UpdatePlanBuildOutput {
+            plan,
+            by_id,
+            by_hash,
+            rot_by_sign,
+            artifacts_meta,
+        } = builder.build()?;
 
         let tuf_repository = repository.repo();
 
@@ -266,7 +275,13 @@ impl ArtifactsWithPlan {
         let description =
             TufRepoDescription { repo: repo_meta, artifacts: artifacts_meta };
 
-        Ok(Self { description, by_id, by_hash: by_hash.into(), plan })
+        Ok(Self {
+            description,
+            by_id,
+            by_hash: by_hash.into(),
+            rot_by_sign: rot_by_sign.into(),
+            plan,
+        })
     }
 
     /// Returns the `ArtifactsDocument` corresponding to this TUF repo.
@@ -289,6 +304,10 @@ impl ArtifactsWithPlan {
         &self.plan
     }
 
+    pub fn rot_by_sign(&self) -> &HashMap<ArtifactId, Vec<u8>> {
+        &self.rot_by_sign
+    }
+
     pub fn get_by_hash(
         &self,
         id: &ArtifactHashId,