attestation: use a null binding for test

Attestation library includes libc that finally relies on migtd to allocate heap memory. However, migtd's global allocator is disabled during tests, causing allocation errors when running `cargo test`. Previously, we used the `main` feature in migtd to distinguish between tests and the migtd binary, which resulted in many unused type warnings. Therefore, using the `test` feature in the attestation crate is a cleaner approach. Signed-off-by: Jiaqi Gao <jiaqi.gao@intel.com>
intel · Mar 3, 2025 · 5924612 · 5924612
1 parent c253a90
commit 5924612
Show file tree

Hide file tree

Showing 8 changed files with 221 additions and 177 deletions.
diff --git a/src/attestation/src/attest.rs b/src/attestation/src/attest.rs
@@ -4,7 +4,7 @@
 
 use crate::{
     binding::get_quote as get_quote_inner, binding::init_heap, binding::verify_quote_integrity,
-    binding::AttestLibError, root_ca::ROOT_CA, Error,
+    binding::AttestLibError, root_ca::ROOT_CA, Error, TD_VERIFIED_REPORT_SIZE,
 };
 use alloc::{vec, vec::Vec};
 use core::{alloc::Layout, ffi::c_void, ops::Range};
@@ -13,7 +13,6 @@ use tdx_tdcall::tdreport::*;
 const TD_QUOTE_SIZE: usize = 0x2000;
 const TD_REPORT_VERIFY_SIZE: usize = 1024;
 const ATTEST_HEAP_SIZE: usize = 0x80000;
-const TD_VERIFIED_REPORT_SIZE: usize = 734;
 
 pub fn attest_init_heap() -> Option<usize> {
     unsafe {

diff --git a/src/attestation/src/binding.rs b/src/attestation/src/binding.rs
@@ -2,6 +2,11 @@
 //
 // SPDX-License-Identifier: BSD-2-Clause-Patent
 
+#[cfg(not(feature = "test"))]
+pub(crate) use attest_lib_binding::*;
+#[cfg(feature = "test")]
+pub(crate) use null_binding::*;
+
 #[allow(unused)]
 #[repr(C)]
 #[derive(Debug, PartialEq)]
@@ -32,64 +37,102 @@ pub(crate) enum AttestLibError {
     InvalidRtmrIndex = 0x000b,
 }
 
-extern "C" {
-    /// Get MigTD's Quote by passing tdx_report.
-    /// Note: all IN/OUT memory should be managed by Caller
-    ///
-    /// @param p_tdx_report [in] pointer to the input buffer for tdx_report. Must not be NULL.
-    /// @param tdx_report_size [in] length of p_tdx_report(in bytes), should be = TDX_REPORT_SIZE.
-    /// @param p_quote [in, out] pointer to the quote buffer. Must not be NULL.
-    /// @param p_quote_size [in, out] This function will place the size of the Quote, in
-    ///                           bytes, in the uint32_t pointed to by the
-    ///                           p_quote_size parameter. Must not be NULL.
-    /// @return Status code of the operation, one of:
-    ///      - MIGTD_ATTEST_SUCCESS: Successfully generate the Quote
-    ///      - MIGTD_ATTEST_ERROR_UNEXPECTED: An unexpected internal error occurred. E.g.
-    ///          the parameter is incorrect, failed to get quote from QGS, heap memory allocation error,
-    ///          the input (*p_quote_size) is not enough to place the real Quote, etc.
-    pub(crate) fn get_quote(
-        p_tdx_report: *const ::core::ffi::c_void,
-        tdx_report_size: u32,
-        p_quote: *mut ::core::ffi::c_void,
-        p_quote_size: *mut u32,
-    ) -> AttestLibError;
-}
+#[cfg(not(feature = "test"))]
+mod attest_lib_binding {
+    use super::*;
+
+    extern "C" {
+        /// Get MigTD's Quote by passing tdx_report.
+        /// Note: all IN/OUT memory should be managed by Caller
+        ///
+        /// @param p_tdx_report [in] pointer to the input buffer for tdx_report. Must not be NULL.
+        /// @param tdx_report_size [in] length of p_tdx_report(in bytes), should be = TDX_REPORT_SIZE.
+        /// @param p_quote [in, out] pointer to the quote buffer. Must not be NULL.
+        /// @param p_quote_size [in, out] This function will place the size of the Quote, in
+        ///                           bytes, in the uint32_t pointed to by the
+        ///                           p_quote_size parameter. Must not be NULL.
+        /// @return Status code of the operation, one of:
+        ///      - MIGTD_ATTEST_SUCCESS: Successfully generate the Quote
+        ///      - MIGTD_ATTEST_ERROR_UNEXPECTED: An unexpected internal error occurred. E.g.
+        ///          the parameter is incorrect, failed to get quote from QGS, heap memory allocation error,
+        ///          the input (*p_quote_size) is not enough to place the real Quote, etc.
+        pub fn get_quote(
+            p_tdx_report: *const ::core::ffi::c_void,
+            tdx_report_size: u32,
+            p_quote: *mut ::core::ffi::c_void,
+            p_quote_size: *mut u32,
+        ) -> AttestLibError;
+
+        /// Verify the integrity of MigTD's Quote and return td report of MigTD
+        /// Note: all IN/OUT memory should be managed by Caller
+        /// @param p_quote [in] pointer to the input buffer for td_quote
+        /// @param quote_size [in] length of p_quote(in bytes), should be the real size of MigTD td quote
+        /// @param p_quote_collateral [in] quote collateral that get from PCS by get_collateral
+        /// @param root_pub_key [in] pointer to Intel Root Public Key
+        /// @param root_pub_key_size [in] length of Intel Root Public Key(in bytes)
+        /// @param p_tdx_report_verify [in, out] pointer to the output buffer for tdx_report
+        /// @param p_tdx_report_verify_size [in, out], out_size should be = TDX_REPORT_SIZE
+        ///
+        /// @return Status code of the operation, one of:
+        ///      - MIGTD_ATTEST_SUCCESS
+        ///      - MIGTD_ATTEST_ERROR_UNEXPECTED
+        pub fn verify_quote_integrity(
+            p_quote: *const ::core::ffi::c_void,
+            quote_size: u32,
+            root_pub_key: *const ::core::ffi::c_void,
+            root_pub_key_size: u32,
+            p_tdx_report_verify: *mut ::core::ffi::c_void,
+            p_tdx_report_verify_size: *mut u32,
+        ) -> AttestLibError;
 
-extern "C" {
-    /// Verify the integrity of MigTD's Quote and return td report of MigTD
-    /// Note: all IN/OUT memory should be managed by Caller
-    /// @param p_quote [in] pointer to the input buffer for td_quote
-    /// @param quote_size [in] length of p_quote(in bytes), should be the real size of MigTD td quote
-    /// @param p_quote_collateral [in] quote collateral that get from PCS by get_collateral
-    /// @param root_pub_key [in] pointer to Intel Root Public Key
-    /// @param root_pub_key_size [in] length of Intel Root Public Key(in bytes)
-    /// @param p_tdx_report_verify [in, out] pointer to the output buffer for tdx_report
-    /// @param p_tdx_report_verify_size [in, out], out_size should be = TDX_REPORT_SIZE
-    ///
-    /// @return Status code of the operation, one of:
-    ///      - MIGTD_ATTEST_SUCCESS
-    ///      - MIGTD_ATTEST_ERROR_UNEXPECTED
-    pub(crate) fn verify_quote_integrity(
-        p_quote: *const ::core::ffi::c_void,
-        quote_size: u32,
-        root_pub_key: *const ::core::ffi::c_void,
-        root_pub_key_size: u32,
-        p_tdx_report_verify: *mut ::core::ffi::c_void,
-        p_tdx_report_verify_size: *mut u32,
-    ) -> AttestLibError;
+        /// Allocate heap space for MigTD Attestation library internal use,
+        /// Must be called only once by MigTD before other attestation lib APIs
+        ///
+        /// @param p_td_heap_base [in] the heap base address allocated by MigTD, the address should be aligned(0x1000).
+        /// @param td_heap_size [in] the capacity of the heap, should be multiples of 0x1000 (in bytes)
+        ///
+        /// @return true: Successfully init heap for internal use.
+        /// @return false: Failed to init heap for internal use. E.g. the parameter is incorrect, etc.
+        pub fn init_heap(
+            p_td_heap_base: *const ::core::ffi::c_void,
+            td_heap_size: u32,
+        ) -> AttestLibError;
+    }
 }
 
-extern "C" {
-    /// Allocate heap space for MigTD Attestation library internal use,
-    /// Must be called only once by MigTD before other attestation lib APIs
-    ///
-    /// @param p_td_heap_base [in] the heap base address allocated by MigTD, the address should be aligned(0x1000).
-    /// @param td_heap_size [in] the capacity of the heap, should be multiples of 0x1000 (in bytes)
-    ///
-    /// @return true: Successfully init heap for internal use.
-    /// @return false: Failed to init heap for internal use. E.g. the parameter is incorrect, etc.
-    pub(crate) fn init_heap(
-        p_td_heap_base: *const ::core::ffi::c_void,
-        td_heap_size: u32,
-    ) -> AttestLibError;
+#[cfg(feature = "test")]
+mod null_binding {
+    use super::*;
+    use crate::TD_VERIFIED_REPORT_SIZE;
+
+    #[no_mangle]
+    pub unsafe extern "C" fn get_quote(
+        _p_tdx_report: *const ::core::ffi::c_void,
+        _tdx_report_size: u32,
+        _p_quote: *mut ::core::ffi::c_void,
+        _p_quote_size: *mut u32,
+    ) -> AttestLibError {
+        *_p_quote_size = TD_VERIFIED_REPORT_SIZE as u32;
+        AttestLibError::Success
+    }
+
+    #[no_mangle]
+    pub unsafe extern "C" fn verify_quote_integrity(
+        _p_quote: *const ::core::ffi::c_void,
+        _quote_size: u32,
+        _root_pub_key: *const ::core::ffi::c_void,
+        _root_pub_key_size: u32,
+        _p_tdx_report_verify: *mut ::core::ffi::c_void,
+        _p_tdx_report_verify_size: *mut u32,
+    ) -> AttestLibError {
+        AttestLibError::Success
+    }
+
+    #[no_mangle]
+    pub unsafe extern "C" fn init_heap(
+        _p_td_heap_base: *const ::core::ffi::c_void,
+        _td_heap_size: u32,
+    ) -> AttestLibError {
+        AttestLibError::Success
+    }
 }
diff --git a/src/attestation/src/lib.rs b/src/attestation/src/lib.rs
@@ -6,18 +6,15 @@
 
 extern crate alloc;
 
-#[cfg(not(test))]
-mod ghci;
-
-#[cfg(not(test))]
+mod attest;
 mod binding;
+mod ghci;
+mod root_ca;
 
-#[cfg(not(test))]
-mod attest;
-#[cfg(not(test))]
 pub use attest::*;
+pub use root_ca::set_ca;
 
-pub mod root_ca;
+pub const TD_VERIFIED_REPORT_SIZE: usize = 734;
 
 #[derive(Debug)]
 pub enum Error {

diff --git a/src/migtd/Cargo.toml b/src/migtd/Cargo.toml
@@ -8,6 +8,9 @@ edition = "2021"
 name = "migtd"
 required-features = ["main"]
 
+[dev-dependencies]
+attestation = { path = "../attestation", features = ["test"] }
+
 [dependencies]
 bitfield = "0.13.2"
 anyhow = { version = "1.0.68", default-features = false }

diff --git a/src/migtd/src/lib.rs b/src/migtd/src/lib.rs
@@ -5,7 +5,7 @@
 #![cfg_attr(not(test), no_std)]
 #![cfg_attr(not(test), no_main)]
 
-#[cfg_attr(feature = "main", macro_use)]
+#[macro_use]
 extern crate alloc;
 
 pub mod config;

diff --git a/src/migtd/src/migration/session.rs b/src/migtd/src/migration/session.rs
@@ -236,7 +236,6 @@ impl MigrationSession {
         }
     }
 
-    #[cfg(feature = "main")]
     pub fn op(&mut self) -> Result<()> {
         match &self.state {
             MigrationState::Operate(operation) => match operation {
@@ -324,7 +323,6 @@ impl MigrationSession {
         Ok(())
     }
 
-    #[cfg(feature = "main")]
     fn migrate(info: &MigrationInformation) -> Result<()> {
         let mut msk = MigrationSessionKey::new();
 

diff --git a/src/migtd/src/ratls/mod.rs b/src/migtd/src/ratls/mod.rs
@@ -8,9 +8,7 @@ use crypto::{
 };
 use tdx_tdcall::TdCallError;
 
-#[cfg(feature = "main")]
 mod server_client;
-#[cfg(feature = "main")]
 pub use server_client::*;
 
 pub enum RatlsError {