go/runtime/registry: Simplify creation of provisioners

.buildkite/code.pipeline.yml

@@ -354,7 +354,7 @@ steps:
       - .buildkite/scripts/test_e2e.sh --timeout 20m --scenario e2e/runtime/runtime-encryption
     env:
       OASIS_TEE_HARDWARE: intel-sgx
-      OASIS_UNSAFE_MOCK_SGX: "1"
+      OASIS_UNSAFE_MOCK_TEE: "1"
       OASIS_UNSAFE_SKIP_AVR_VERIFY: "1"
       OASIS_E2E_COVERAGE: enable
       TEST_BASE_DIR: /tmp

.changelog/5975.cfg.md

@@ -0,0 +1,47 @@
+go/runtime/config: Support selection of TEE kind
+
+The node operator can now specify the kind of Trusted Execution Environment
+(TEE) in which the runtime component should run. If no TEE is specified,
+it is automatically selected, with TDX and SGX taking precedence over ELF.
+
+The following configuration option has been deprecated:
+
+- `runtime.environment`
+
+The following configuration options have been added:
+
+- `runtime.debug_mock_tee` to enable TEE mocking for testing,
+
+- `runtime.runtimes.components.tee` to specify the TEE for a component.
+
+These changes affect the configuration of the client node if the runtime
+bundle contains both TEE and non-TEE binaries. In such cases, the node
+operator must explicitly configure the runtime to avoid running in a TEE
+environment.
+
+Configuring non-TEE Paratime Client Node:
+
+```
+mode: client
+# ... sections not relevant are omitted ...
+runtime:
+  paths:
+    - {{ runtime_orc_path }}
+  runtimes:
+  - id: {{ runtime_id }}
+    components:
+    - id: ronl
+      tee: none # Don't run in SGX or TDX!
+```
+
+Configuring TEE Paratime Client Node:
+
+```
+mode: client
+# ... sections not relevant are omitted ...
+runtime:
+  paths:
+    - {{ runtime_orc_path }}
+  sgx_loader: /node/bin/oasis-core-runtime-loader
+  # environment: sgx # Deprecated, can be removed.
+```

.changelog/5975.internal.md

@@ -0,0 +1,3 @@
+go/oasis-test-runner: Generalize OASIS_UNSAFE_MOCK_SGX flag
+
+Flag OASIS_UNSAFE_MOCK_SGX was renamed to OASIS_UNSAFE_MOCK_TEE.

common.mk

@@ -352,8 +352,8 @@ endif
 # https://goreleaser.com/customization/build/#define-build-tag
 export GORELEASER_CURRENT_TAG := $(RELEASE_TAG)
 
-# If mock SGX is configured, define extra runtime build flags.
-ifdef OASIS_UNSAFE_MOCK_SGX
+# If mock TEE is configured, define extra runtime build flags.
+ifdef OASIS_UNSAFE_MOCK_TEE
 	OASIS_RUNTIME_NONSGX_FLAGS := --features debug-mock-sgx
 else
 	OASIS_RUNTIME_NONSGX_FLAGS :=

go/oasis-test-runner/oasis/network.go

@@ -41,7 +41,6 @@ import (
 	"github.com/oasisprotocol/oasis-core/go/oasis-test-runner/log"
 	"github.com/oasisprotocol/oasis-core/go/oasis-test-runner/oasis/cli"
 	roothash "github.com/oasisprotocol/oasis-core/go/roothash/api"
-	runtimeConfig "github.com/oasisprotocol/oasis-core/go/runtime/config"
 	scheduler "github.com/oasisprotocol/oasis-core/go/scheduler/api"
 	staking "github.com/oasisprotocol/oasis-core/go/staking/api"
 )
@@ -683,8 +682,8 @@ func (net *Network) startOasisNode(
 		if os.Getenv("OASIS_UNSAFE_LAX_AVR_VERIFY") != "" {
 			extraArgs = extraArgs.debugTCBLaxVerify()
 		}
-		if os.Getenv("OASIS_UNSAFE_MOCK_SGX") != "" {
-			cfg.Runtime.Environment = runtimeConfig.RuntimeEnvironmentSGXMock
+		if os.Getenv("OASIS_UNSAFE_MOCK_TEE") != "" {
+			cfg.Runtime.DebugMockTEE = true
 		}
 	} else {
 		baseArgs = append(baseArgs, "--"+cmdFlags.CfgGenesisFile, net.GenesisPath())

go/runtime/bundle/component.go

@@ -14,6 +14,10 @@ import (
 type ExplodedComponent struct {
 	*Component
 
+	// TEEKind specifies the kind of Trusted Execution Environment (TEE)
+	// in which the component should run.
+	TEEKind component.TEEKind
+
 	// Detached is true iff the bundle containing the component does not
 	// include a RONL component.
 	Detached bool
@@ -132,11 +136,6 @@ func (c *Component) IsNetworkAllowed() bool {
 	}
 }
 
-// IsTEERequired returns true iff the component only provides TEE executables.
-func (c *Component) IsTEERequired() bool {
-	return c.Executable == "" && c.ELF == nil && c.TEEKind() != component.TEEKindNone
-}
-
 // TEEKind returns the kind of TEE supported by the component.
 func (c *Component) TEEKind() component.TEEKind {
 	switch {

go/runtime/bundle/registry.go

@@ -17,6 +17,7 @@
 	"github.com/oasisprotocol/oasis-core/go/config"
 	cmdFlags "github.com/oasisprotocol/oasis-core/go/oasis-node/cmd/common/flags"
 	"github.com/oasisprotocol/oasis-core/go/runtime/bundle/component"
+	rtConfig "github.com/oasisprotocol/oasis-core/go/runtime/config"
 )
 
 // CfgDebugMockIDs configures mock runtime IDs for the purpose of testing.
@@ -153,6 +154,22 @@
 
 	// Add components to the registry.
 	for compID, comp := range components {
+		teeKind := comp.TEEKind()
+		if compCfg, ok := config.GlobalConfig.Runtime.GetComponent(bnd.Manifest.ID, compID); ok {
+			if kind, ok := compCfg.TEEKind(); ok {
+				teeKind = kind
+			}
+		} else {
+			// Support legacy configuration where the runtime environment determines
+			// whether the client node should run the runtime in an SGX environment.
+			isEnvAuto := config.GlobalConfig.Runtime.Environment == rtConfig.RuntimeEnvironmentAuto
+			hasSGXLoader := config.GlobalConfig.Runtime.SGXLoader != ""
+			insecureMock := config.GlobalConfig.Runtime.DebugMockTEE
+			if comp.ID().IsRONL() && config.GlobalConfig.Mode.IsClientOnly() && isEnvAuto && !hasSGXLoader && !insecureMock {
+				teeKind = component.TEEKindNone
+			}
+		}
+
 		runtimeComponents, ok := r.components[bnd.Manifest.ID]
 		if !ok {
 			runtimeComponents = make(map[component.ID]map[version.Version]*ExplodedComponent)
@@ -167,6 +184,7 @@
 
 		componentVersions[comp.Version] = &ExplodedComponent{
 			Component:       comp,
+			TEEKind:         teeKind,
 			Detached:        detached,
 			ExplodedDataDir: explodedDataDir,
 		}

go/runtime/config/config.go

@@ -61,15 +61,27 @@
 	// Use of this runtime environment is only allowed if DebugDontBlameOasis flag is set.
 	RuntimeEnvironmentSGXMock RuntimeEnvironment = "sgx-mock"
 
-	// RuntimeEnvironmentELF specifies to run the runtime in the OS address space.
-	//
-	// Use of this runtime environment is only allowed if DebugDontBlameOasis flag is set.
-	RuntimeEnvironmentELF RuntimeEnvironment = "elf"
-
 	// RuntimeEnvironmentAuto specifies to run the runtime in the most appropriate location.
 	RuntimeEnvironmentAuto RuntimeEnvironment = "auto"
 )
 
+// TEESelectMode is the selection mode for the Trusted Execution Environment (TEE).
+type TEESelectMode string
+
+const (
+	// TEESelectModeAuto specifies that the runtime should run in the most appropriate TEE.
+	TEESelectModeAuto TEESelectMode = ""
+
+	// TEESelectModeNone specifies that the runtime should run without using any TEE.
+	TEESelectModeNone TEESelectMode = "none"
+
+	// TEESelectModeSGX specifies that the runtime should run in an SGX environment.
+	TEESelectModeSGX TEESelectMode = "sgx"
+
+	// TEESelectModeTDX specifies that the runtime should run in a TDX environment.
+	TEESelectModeTDX TEESelectMode = "tdx"
+)
+
 // Config is the runtime registry configuration structure.
 type Config struct {
 	// Runtimes is the list of runtimes to configure.
@@ -84,10 +96,11 @@
 	// Path to the sandbox binary (bubblewrap).
 	SandboxBinary string `yaml:"sandbox_binary,omitempty"`
 
-	// Path to SGXS runtime loader binary (for SGX runtimes).
+	// Path to SGX runtime loader binary (for SGX runtimes).
 	SGXLoader string `yaml:"sgx_loader,omitempty"`
 
 	// The runtime environment (sgx, elf, auto).
+	// NOTE: This may go away in the future, use `DebugMockTEE` instead.
 	Environment RuntimeEnvironment `yaml:"environment,omitempty"`
 
 	// History pruner configuration.
@@ -122,6 +135,11 @@
 	//
 	// If not specified, a default value is used.
 	MaxBundleSize string `yaml:"max_bundle_size,omitempty"`
+
+	// DebugMockTEE enables mocking of the Trusted Execution Environment (TEE).
+	//
+	// This flag can only be used if the DebugDontBlameOasis flag is set.
+	DebugMockTEE bool `yaml:"debug_mock_tee,omitempty"`
 }
 
 // GetComponent returns the configuration for the given component
@@ -170,16 +188,61 @@
 	Repositories []string `yaml:"repositories,omitempty"`
 }
 
+// Validate validates the runtime configuration.
+func (c *RuntimeConfig) Validate() error {
+	for _, comp := range c.Components {
+		if err := comp.Validate(); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
 // ComponentConfig is the component configuration.
 type ComponentConfig struct {
 	// ID is the component identifier.
 	ID component.ID `yaml:"id"`
 
+	// TEE specifies the kind of Trusted Execution Environment (TEE)
+	// in which the component should run (none, sgx, tdx).
+	//
+	// If not provided, the TEE kind is selected automatically.
+	TEE TEESelectMode `yaml:"tee,omitempty"`
+
 	// Disabled specifies whether the component is disabled. If a component is specified and not
 	// disabled, it is enabled.
 	Disabled bool `yaml:"disabled,omitempty"`
 }
 
+// Validate validates the component configuration.
+func (c *ComponentConfig) Validate() error {
+	switch c.TEE {
+	case TEESelectModeAuto:
+	case TEESelectModeNone:
+	case TEESelectModeSGX:
+	case TEESelectModeTDX:
+	default:
+		return fmt.Errorf("unknown TEE select mode: %s", c.TEE)
+	}
+
+	return nil
+}
+
+// TEEKind returns the kind of Trusted Execution Environment (TEE)
+// in which the component should run, if it is specified.
+func (c *ComponentConfig) TEEKind() (component.TEEKind, bool) {
+	switch c.TEE {
+	case TEESelectModeNone:
+		return component.TEEKindNone, true
+	case TEESelectModeSGX:
+		return component.TEEKindSGX, true
+	case TEESelectModeTDX:
+		return component.TEEKindTDX, true
+	default:
+		return 0, false
+	}
+}
+
 // UnmarshalYAML implements yaml.Unmarshaler.
 func (c *ComponentConfig) UnmarshalYAML(value *yaml.Node) error {
 	switch value.ShortTag() {
@@ -231,7 +294,6 @@
 			return fmt.Errorf("sgx_loader must be set when using sgx environment")
 		}
 	case RuntimeEnvironmentSGXMock:
-	case RuntimeEnvironmentELF:
 	case RuntimeEnvironmentAuto:
 	default:
 		return fmt.Errorf("unknown runtime environment: %s", c.Environment)
@@ -251,6 +313,12 @@
 		return fmt.Errorf("cannot specify more than 128 instances for load balancing")
 	}
 
+	for _, rt := range c.Runtimes {
+		if err := rt.Validate(); err != nil {
+			return err
+		}
+	}
+
 	return nil
 }
 

go/runtime/host/composite/composite.go

@@ -203,9 +203,9 @@
 	if comp == nil {
 		return nil, fmt.Errorf("host/composite: component not available")
 	}
-	provisioner, ok := p.kinds[comp.TEEKind()]
+	provisioner, ok := p.kinds[comp.TEEKind]
 	if !ok {
-		return nil, fmt.Errorf("host/composite: provisioner for kind '%s' is not available", comp.TEEKind())
+		return nil, fmt.Errorf("host/composite: provisioner for kind '%s' is not available", comp.TEEKind)
 	}
 	return provisioner.NewRuntime(cfg)
 }

go/runtime/host/sgx/sgx.go

@@ -284,7 +284,7 @@ func (s *sgxProvisioner) getSandboxConfig(rtCfg host.Config, conn sandbox.Connec
 		return cfg, nil
 	}
 
-	if comp.TEEKind() != component.TEEKindSGX {
+	if comp.SGX == nil {
 		return process.Config{}, fmt.Errorf("component '%s' is not an SGX component", comp.ID())
 	}
 

go/runtime/host/tdx/qemu.go

@@ -109,7 +109,7 @@
 	if err != nil {
 		return process.Config{}, err
 	}
-	if comp.TEEKind() != component.TEEKindTDX {
+	if comp.TDX == nil {
 		return process.Config{}, fmt.Errorf("component '%s' is not a TDX component", comp.ID())
 	}