migrate models.NvidiaAttestation to attestation proto library (google#691)

Author: yawangwang

go.work.sum

@@ -2153,6 +2153,7 @@ github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG
 github.com/tchap/go-patricia v2.2.6+incompatible/go.mod h1:bmLyhP68RS6kStMGxByiQ23RP/odRBOTVjwp2cDyi6I=
 github.com/tchap/go-patricia/v2 v2.3.1 h1:6rQp39lgIYZ+MHmdEq4xzuk1t7OdC35z/xm0BGhTkes=
 github.com/tchap/go-patricia/v2 v2.3.1/go.mod h1:VZRHKAb53DLaG+nA9EaYYiaEx6YztwDlLElMsnSHD4k=
+github.com/tink-crypto/tink-go/v2 v2.2.1-0.20241120130117-c41ea0ed393b/go.mod h1:8qt2du2JzY6pUCRZ4cVz/f+gEmznKkvzd1KScaN5Zqk=
 github.com/tj/assert v0.0.0-20171129193455-018094318fb0 h1:Rw8kxzWo1mr6FSaYXjQELRe88y2KdfynXdnK72rdjtA=
 github.com/tj/go-elastic v0.0.0-20171221160941-36157cbbebc2 h1:eGaGNxrtoZf/mBURsnNQKDR7u50Klgcf2eFDQEnc8Bc=
 github.com/tj/go-kinesis v0.0.0-20171128231115-08b17f58cb1b h1:m74UWYy+HBs+jMFR9mdZU6shPewugMyH5+GV6LNgW8w=

launcher/agent/agent.go

@@ -460,14 +460,14 @@ func (t *tdxAttestRoot) Attest(nonce []byte) (any, error) {
 		return nil, err
 	}
 
-	var nvAtt *models.NvidiaAttestation
+	var nvAtt *attestationpb.NvidiaAttestationReport
 	for _, deviceRoT := range t.deviceROTs {
 		att, err := deviceRoT.Attest(nonce)
 		if err != nil {
 			return nil, err
 		}
 		switch v := att.(type) {
-		case *models.NvidiaAttestation:
+		case *attestationpb.NvidiaAttestationReport:
 			nvAtt = v
 		default:
 			return nil, fmt.Errorf("unknown device attestation type: %T", v)

launcher/agent/agent_test.go

@@ -33,7 +33,6 @@ import (
 	tpmpb "github.com/google/go-tpm-tools/proto/tpm"
 	"github.com/google/go-tpm-tools/verifier"
 	"github.com/google/go-tpm-tools/verifier/fake"
-	"github.com/google/go-tpm-tools/verifier/models"
 	"github.com/google/go-tpm-tools/verifier/oci"
 	"github.com/google/go-tpm-tools/verifier/oci/cosign"
 	"google.golang.org/protobuf/encoding/protojson"
@@ -668,14 +667,14 @@ func (f *fakeTdxAttestRoot) GetCEL() gecel.CEL {
 
 func (f *fakeTdxAttestRoot) Attest(nonce []byte) (any, error) {
 	f.receivedNonce = nonce
-	var nvAtt *models.NvidiaAttestation
+	var nvAtt *attestationpb.NvidiaAttestationReport
 	for _, deviceRoT := range f.deviceRoTS {
 		att, err := deviceRoT.Attest(nonce)
 		if err != nil {
 			return nil, err
 		}
 		switch v := att.(type) {
-		case *models.NvidiaAttestation:
+		case *attestationpb.NvidiaAttestationReport:
 			nvAtt = v
 		default:
 			return nil, fmt.Errorf("unknown device attestation type: %T", v)
@@ -709,9 +708,11 @@ func (f *fakeGPURoT) Attest(nonce []byte) (any, error) {
 	if len(nonce) == 0 {
 		return nil, fmt.Errorf("fake GPU attestation failed")
 	}
-	return &models.NvidiaAttestation{
-		CCFeature: &models.NvidiaSinglePassthroughAttestation{
-			GPUInfo: models.GPUInfo{UUID: "fake-gpu-uuid"},
+	return &attestationpb.NvidiaAttestationReport{
+		CcFeature: &attestationpb.NvidiaAttestationReport_Spt{
+			Spt: &attestationpb.NvidiaAttestationReport_SinglePassthroughAttestation{
+				GpuQuote: &attestationpb.GpuInfo{Uuid: "fake-gpu-uuid"},
+			},
 		},
 	}, nil
 }

launcher/internal/gpu/attestation.go

@@ -9,7 +9,8 @@ import (
 	"cos.googlesource.com/cos/tools.git/src/cmd/cos_gpu_installer/deviceinfo"
 	"github.com/NVIDIA/go-nvml/pkg/nvml"
 	"github.com/confidentsecurity/go-nvtrust/pkg/gonvtrust/gpu"
-	"github.com/google/go-tpm-tools/verifier/models"
+
+	attestationpb "github.com/GoogleCloudPlatform/confidential-space/server/proto/gen/attestation"
 )
 
 type attestationType int
@@ -40,7 +41,7 @@ func (a *NvidiaAttester) Attest(nonce []byte) (any, error) {
 
 // collectAttestationEvidence assumes CC GPU devices are in place w/ driver support
 // and will try to collect raw attestation evidence and convert it to known data models.
-func (a *NvidiaAttester) collectAttestationEvidence(handler gpu.NvmlHandler, nonce []byte) (*models.NvidiaAttestation, error) {
+func (a *NvidiaAttester) collectAttestationEvidence(handler gpu.NvmlHandler, nonce []byte) (*attestationpb.NvidiaAttestationReport, error) {
 	gpuAdmin, err := gpu.NewNvmlGPUAdmin(handler)
 	if err != nil {
 		return nil, fmt.Errorf("failed to create GPU admin: %v", err)
@@ -53,7 +54,7 @@ func (a *NvidiaAttester) collectAttestationEvidence(handler gpu.NvmlHandler, non
 		return nil, fmt.Errorf("failed to collect GPU evidence: %v", err)
 	}
 
-	var gpuInfos []models.GPUInfo
+	var gpuInfos []*attestationpb.GpuInfo
 	for i, deviceInfo := range deviceInfos {
 		device, ret := handler.DeviceGetHandleByIndex(i)
 		if ret != nvml.SUCCESS {
@@ -84,11 +85,11 @@ func (a *NvidiaAttester) collectAttestationEvidence(handler gpu.NvmlHandler, non
 			return nil, fmt.Errorf("failed to decode GPU certificate chain: %v", err)
 		}
 
-		gpuInfo := models.GPUInfo{
-			UUID:                        uuid,
+		gpuInfo := &attestationpb.GpuInfo{
+			Uuid:                        uuid,
 			DriverVersion:               driverVersion,
-			VBIOSVersion:                vbiosVersion,
-			GPUArchitectureType:         deviceInfo.Arch(),
+			VbiosVersion:                vbiosVersion,
+			GpuArchitectureType:         convertGPUArchToPB(deviceInfo.Arch()),
 			AttestationReport:           deviceInfo.AttestationReport(),
 			AttestationCertificateChain: attestationCertChainData,
 		}
@@ -97,15 +98,19 @@ func (a *NvidiaAttester) collectAttestationEvidence(handler gpu.NvmlHandler, non
 
 	switch determineAttestationType(gpuInfos) {
 	case SPT:
-		return &models.NvidiaAttestation{
-			CCFeature: &models.NvidiaSinglePassthroughAttestation{
-				GPUInfo: gpuInfos[0],
+		return &attestationpb.NvidiaAttestationReport{
+			CcFeature: &attestationpb.NvidiaAttestationReport_Spt{
+				Spt: &attestationpb.NvidiaAttestationReport_SinglePassthroughAttestation{
+					GpuQuote: gpuInfos[0],
+				},
 			},
 		}, nil
 	case MPT:
-		return &models.NvidiaAttestation{
-			CCFeature: &models.NvidiaMultiGpuSecurePassthroughAttestation{
-				GPUInfos: gpuInfos,
+		return &attestationpb.NvidiaAttestationReport{
+			CcFeature: &attestationpb.NvidiaAttestationReport_Mpt{
+				Mpt: &attestationpb.NvidiaAttestationReport_MultiGpuSecurePassthroughAttestation{
+					GpuQuotes: gpuInfos,
+				},
 			},
 		}, nil
 	default:
@@ -116,7 +121,7 @@ func (a *NvidiaAttester) collectAttestationEvidence(handler gpu.NvmlHandler, non
 // determineAttesationType auto-detects the GPU attestation type.
 // The current implementations "guess" the attestation type.
 // Further improvement should be made to parse GPU attesation report to get the actual attestation type.
-func determineAttestationType(gpuInfos []models.GPUInfo) attestationType {
+func determineAttestationType(gpuInfos []*attestationpb.GpuInfo) attestationType {
 	gpuType, _ := getGpuTypeInfo()
 	if gpuType != deviceinfo.H100 && gpuType != deviceinfo.B200 {
 		return UNSUPPORTED
@@ -126,3 +131,14 @@ func determineAttestationType(gpuInfos []models.GPUInfo) attestationType {
 	}
 	return SPT
 }
+
+func convertGPUArchToPB(arch string) attestationpb.GpuArchitectureType {
+	switch arch {
+	case "HOPPER":
+		return attestationpb.GpuArchitectureType_GPU_ARCHITECTURE_TYPE_HOPPER
+	case "BLACKWELL":
+		return attestationpb.GpuArchitectureType_GPU_ARCHITECTURE_TYPE_BLACKWELL
+	default:
+		return attestationpb.GpuArchitectureType_GPU_ARCHITECTURE_TYPE_UNSPECIFIED
+	}
+}

launcher/internal/gpu/attestation_test.go

@@ -5,7 +5,8 @@ import (
 
 	"cos.googlesource.com/cos/tools.git/src/cmd/cos_gpu_installer/deviceinfo"
 	"github.com/confidentsecurity/go-nvtrust/pkg/gonvtrust/gpu"
-	"github.com/google/go-tpm-tools/verifier/models"
+
+	attestationpb "github.com/GoogleCloudPlatform/confidential-space/server/proto/gen/attestation"
 )
 
 func TestCollectAttestationEvidence(t *testing.T) {
@@ -59,8 +60,8 @@ func TestCollectAttestationEvidence(t *testing.T) {
 			}
 			if tc.wantPass {
 				if tc.wantSPT {
-					if _, ok := attesation.CCFeature.(*models.NvidiaSinglePassthroughAttestation); !ok {
-						t.Errorf("CollectAttestationEvidence() = %v, want %v", attesation.CCFeature, &models.NvidiaSinglePassthroughAttestation{})
+					if _, ok := attesation.CcFeature.(*attestationpb.NvidiaAttestationReport_Spt); !ok {
+						t.Errorf("CollectAttestationEvidence() = %v, want %v", attesation.CcFeature, &attestationpb.NvidiaAttestationReport_Spt{})
 					}
 				}
 			}
@@ -71,39 +72,39 @@ func TestCollectAttestationEvidence(t *testing.T) {
 func TestDetermineAttestationType(t *testing.T) {
 	testCases := []struct {
 		name     string
-		gpuInfos []models.GPUInfo
+		gpuInfos []*attestationpb.GpuInfo
 		gpuType  deviceinfo.GPUType
 		want     attestationType
 	}{
 		{
 			name: "UNSUPPORTED GPU type",
-			gpuInfos: []models.GPUInfo{
-				{UUID: "gpu-0"},
+			gpuInfos: []*attestationpb.GpuInfo{
+				{Uuid: "gpu-0"},
 			},
 			gpuType: deviceinfo.Others,
 			want:    UNSUPPORTED,
 		},
 		{
 			name: "SPT attestation type (H100)",
-			gpuInfos: []models.GPUInfo{
-				{UUID: "gpu-0"},
+			gpuInfos: []*attestationpb.GpuInfo{
+				{Uuid: "gpu-0"},
 			},
 			gpuType: deviceinfo.H100,
 			want:    SPT,
 		},
 		{
 			name: "SPT attestation type (B200 with single GPU)",
-			gpuInfos: []models.GPUInfo{
-				{UUID: "gpu-0"},
+			gpuInfos: []*attestationpb.GpuInfo{
+				{Uuid: "gpu-0"},
 			},
 			gpuType: deviceinfo.B200,
 			want:    SPT,
 		},
 		{
 			name: "MPT attestation type (B200 with multiple GPUs)",
-			gpuInfos: []models.GPUInfo{
-				{UUID: "gpu-0"},
-				{UUID: "gpu-1"},
+			gpuInfos: []*attestationpb.GpuInfo{
+				{Uuid: "gpu-0"},
+				{Uuid: "gpu-1"},
 			},
 			gpuType: deviceinfo.B200,
 			want:    MPT,
@@ -124,5 +125,33 @@ func TestDetermineAttestationType(t *testing.T) {
 			}
 		})
 	}
+}
+
+func TestConvertGPUArchToPB(t *testing.T) {
+	testCases := []struct {
+		arch     string
+		wantArch attestationpb.GpuArchitectureType
+	}{
+		{
+			arch:     "HOPPER",
+			wantArch: attestationpb.GpuArchitectureType_GPU_ARCHITECTURE_TYPE_HOPPER,
+		},
+		{
+			arch:     "BLACKWELL",
+			wantArch: attestationpb.GpuArchitectureType_GPU_ARCHITECTURE_TYPE_BLACKWELL,
+		},
+		{
+			arch:     "UNSPECIFIED",
+			wantArch: attestationpb.GpuArchitectureType_GPU_ARCHITECTURE_TYPE_UNSPECIFIED,
+		},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.arch, func(t *testing.T) {
+			if got := convertGPUArchToPB(tc.arch); got != tc.wantArch {
+				t.Errorf("convertGPUArchToPB() = %v, want %v", got, tc.wantArch)
+			}
+		})
+	}
 
 }

verifier/client.go

@@ -5,6 +5,7 @@ package verifier
 import (
 	"context"
 
+	csattestpb "github.com/GoogleCloudPlatform/confidential-space/server/proto/gen/attestation"
 	attestpb "github.com/google/go-tpm-tools/proto/attest"
 	"github.com/google/go-tpm-tools/verifier/models"
 	"google.golang.org/genproto/googleapis/rpc/status"
@@ -58,7 +59,7 @@ type TDCCELAttestation struct {
 	// still needs following two for GCE info
 	AkCert            []byte
 	IntermediateCerts [][]byte
-	NvidiaAttestation *models.NvidiaAttestation
+	NvidiaAttestation *csattestpb.NvidiaAttestationReport
 }
 
 // VerifyAttestationResponse is the response from a successful