go/runtime/host: Improve common.GetQuotePolicy function#6531
go/runtime/host: Improve common.GetQuotePolicy function#6531martintomazic wants to merge 2 commits into
Conversation
✅ Deploy Preview for oasisprotocol-oasis-core canceled.
|
|
|
||
| // Prepare the quote policy for local verification. In case a policy is not available or it | ||
| // indicates that TDX is not supported, use the fallback policy so we can provision something. | ||
| // Use the fallback policy for ROFL components and RONL components with no TDX policy so that provisioning can proceed. |
There was a problem hiding this comment.
RONL components with no TDX policy
Or RONL policy with no deployments for given version. RONL tdx is anyways not supported (for now), still raises a question why even pass such things as runtime verifier inside the enclave would then reject anyways.
For ROFL we currently pass because we don't do pre-validation on the host side, and nil tdx policy is not valid (no default override like we have for the nil sgx).
martintomazic
force-pushed
the
martin/trivial/simplify-get-quote-policy
branch
from
d85eb0c to
b7140f0
Compare
| // GetRONLQuotePolicy fetches the quote policy for the specified RONL deployment. | ||
| // | ||
| // Returns nil if the policy is not available. | ||
| func GetRONLQuotePolicy( |
There was a problem hiding this comment.
I would rename this back to GetQuotePolicy as the parameter runtimeID already says that this is for RONL only. But what I really wanted in that comment is to get rid of the parameter cs, by creating a struct like QuotePolicyProvider (or something better) and calling provider.Get(ctx, runtimeID, version).
| var pcsQuotePolicy *pcs.QuotePolicy | ||
| if quotePolicy != nil { | ||
| pcsQuotePolicy = quotePolicy.PCS | ||
| if ec.cfg.Component.Kind == component.RONL { |
There was a problem hiding this comment.
I would replace all these ifs with switch for better readability, and in the default section add a comment // No policy.
2 participants
Trivial, semantics should be preserved.
Tackles #6474 (comment).
For now only Next step:1 is implemented.
Also open to implementing Next step:2 here, to avoid scope creeping key manager access policy PR. Not 100% convinced about this direction though (feels better but more complex).