Merge pull request #434 from snir911/agent_policyB

podvm: allow setting custom agent-policy

Author: snir911

config/peerpods/podvm/agent-policy/README.md

@@ -0,0 +1,53 @@
+# Kata Agent Policy
+
+Agent Policy is a Kata Containers feature that enables the Guest VM to perform additional validation
+for each agent API request. A custom agent policy can be set either by a policy file provided at
+image creation time or through pod annotations.
+
+## Set Policy At Image Creation
+
+By default Openshift Sandboxed Container sets preconfigured policy, Peer-Pods images will be set with an
+allow-all policy while CoCo images will be set with an allow-all exept for the `ReadStreamRequest` and
+`ExecProcessRequest` calls.
+
+To set custom policy at image creation time, make sure to encode the policy file (e.g.,
+[allow-all-except-exec-process.rego](allow-all-except-exec-process.rego)) in base64 format and set it as
+the value for the AGENT_POLICY key in your `<azure/aws-podvm>-image-cm` ConfigMap.
+
+```sh
+ENCODED_POLICY=$(cat allow-all-except-exec-process.rego | base64 -w 0)
+kubectl patch cm aws-podvm-image-cm -p "{\"data\":{\"AGENT_POLICY\":\"${ENCODED_POLICY}\"}}" -n openshift-sandboxed-containers-operator
+```
+
+## Set Policy Via Pod Annotation
+
+As long as the `SetPolicyRequest` call was not disabled at image creation time, users set custom
+policy through annotation at pod creation time. To set policy through annotation, encode your policy
+file (e.g., [allow-all-except-exec-process.rego](allow-all-except-exec-process.rego)) in base64 format
+and set it to the `io.katacontainers.config.agent.policy` annotation.
+
+**note:** annotation policy will override any previous policy (as long as `SetPolicyRequest` is allowed)
+
+```sh
+ENCODED_POLICY=$(cat allow-all-except-exec-process.rego | base64 -w 0)
+cat <<-EOF | kubectl apply -f -
+apiVersion: v1
+kind: Pod
+metadata:
+  name: sleep
+  annotations:
+    io.containerd.cri.runtime-handler: kata-remote
+    io.katacontainers.config.agent.policy: ${ENCODED_POLICY}
+spec:
+  runtimeClassName: kata-remote
+  containers:
+    - name: sleeping
+      image: fedora
+      command: ["sleep"]
+      args: ["infinity"]
+EOF
+```
+
+## Example Policies
+- [allow-all.rego](allow-all.rego)
+- [allow-all-except-exec-process.rego](allow-all-except-exec-process.rego)

config/peerpods/podvm/agent-policy/allow-all-except-exec-process.rego

@@ -0,0 +1,39 @@
+package agent_policy
+
+default AddARPNeighborsRequest := true
+default AddSwapRequest := true
+default CloseStdinRequest := true
+default CopyFileRequest := true
+default CreateContainerRequest := true
+default CreateSandboxRequest := true
+default DestroySandboxRequest := true
+default GetMetricsRequest := true
+default GetOOMEventRequest := true
+default GuestDetailsRequest := true
+default ListInterfacesRequest := true
+default ListRoutesRequest := true
+default MemHotplugByProbeRequest := true
+default OnlineCPUMemRequest := true
+default PauseContainerRequest := true
+default PullImageRequest := true
+default ReadStreamRequest := true
+default RemoveContainerRequest := true
+default RemoveStaleVirtiofsShareMountsRequest := true
+default ReseedRandomDevRequest := true
+default ResumeContainerRequest := true
+default SetGuestDateTimeRequest := true
+default SetPolicyRequest := true
+default SignalProcessRequest := true
+default StartContainerRequest := true
+default StartTracingRequest := true
+default StatsContainerRequest := true
+default StopTracingRequest := true
+default TtyWinResizeRequest := true
+default UpdateContainerRequest := true
+default UpdateEphemeralMountsRequest := true
+default UpdateInterfaceRequest := true
+default UpdateRoutesRequest := true
+default WaitProcessRequest := true
+default WriteStreamRequest := true
+
+default ExecProcessRequest := false

config/peerpods/podvm/agent-policy/allow-all.rego

@@ -0,0 +1,38 @@
+package agent_policy
+
+default AddARPNeighborsRequest := true
+default AddSwapRequest := true
+default CloseStdinRequest := true
+default CopyFileRequest := true
+default CreateContainerRequest := true
+default CreateSandboxRequest := true
+default DestroySandboxRequest := true
+default ExecProcessRequest := true
+default GetMetricsRequest := true
+default GetOOMEventRequest := true
+default GuestDetailsRequest := true
+default ListInterfacesRequest := true
+default ListRoutesRequest := true
+default MemHotplugByProbeRequest := true
+default OnlineCPUMemRequest := true
+default PauseContainerRequest := true
+default PullImageRequest := true
+default ReadStreamRequest := true
+default RemoveContainerRequest := true
+default RemoveStaleVirtiofsShareMountsRequest := true
+default ReseedRandomDevRequest := true
+default ResumeContainerRequest := true
+default SetGuestDateTimeRequest := true
+default SetPolicyRequest := true
+default SignalProcessRequest := true
+default StartContainerRequest := true
+default StartTracingRequest := true
+default StatsContainerRequest := true
+default StopTracingRequest := true
+default TtyWinResizeRequest := true
+default UpdateContainerRequest := true
+default UpdateEphemeralMountsRequest := true
+default UpdateInterfaceRequest := true
+default UpdateRoutesRequest := true
+default WaitProcessRequest := true
+default WriteStreamRequest := true

config/peerpods/podvm/aws-podvm-image-cm.yaml

@@ -33,3 +33,6 @@ data:
   # NVIDIA GPU vars
   NVIDIA_DRIVER_VERSION: "535"
   NVIDIA_USERSPACE_VERSION: "1.13.5-1"
+
+  # Custom Agent Policy
+  #AGENT_POLICY: "" # set to base64 encoded agent policy

config/peerpods/podvm/aws-podvm-image-handler.sh

@@ -8,7 +8,8 @@
 # Create image (-c)
 # Delete image (-C)
 
-set -x
+[[ "$DEBUG" == "true" ]] && set -x
+
 # include common functions from lib.sh
 # shellcheck source=/dev/null
 # The directory is where aws-podvm-image-handler.sh is located

config/peerpods/podvm/azure-podvm-image-cm.yaml

@@ -56,3 +56,6 @@ data:
   # NVIDIA GPU vars
   NVIDIA_DRIVER_VERSION: "535"
   NVIDIA_USERSPACE_VERSION: "1.13.5-1"
+
+  # Custom Agent Policy
+  #AGENT_POLICY: "" # set to base64 encoded agent policy

config/peerpods/podvm/azure-podvm-image-handler.sh

@@ -19,7 +19,7 @@
 # Create image version (-i)
 # Delete image version (-I)
 
-set -x
+[[ "$DEBUG" == "true" ]] && set -x
 
 # include common functions from lib.sh
 # shellcheck source=/dev/null

config/peerpods/podvm/lib.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
 # Contains common functions used by the scripts
 
-set -x
+[[ "$DEBUG" == "true" ]] && set -x
 
 # Defaults for pause image
 # This pause image is multi-arch
@@ -205,11 +205,23 @@ function prepare_source_code() {
             error_exit "Failed to enable fips mode"
     fi
 
-    if [[ "$CONFIDENTIAL_COMPUTE_ENABLED" == "yes" ]]; then
-        sed 's/default SetPolicyRequest := true/default SetPolicyRequest := false/; s/default ExecProcessRequest := true/default ExecProcessRequest := false/' \
+    # links must be relative
+    if [[ "${AGENT_POLICY}" ]]; then
+        echo "Custom agent policy is being set through the AGENT_POLICY value"
+        echo ${AGENT_POLICY} | base64 -d > "${podvm_dir}"/files/etc/kata-opa/custom.rego
+        if [[ $? == 0 ]] && grep -q "agent_policy" "${podvm_dir}"/files/etc/kata-opa/custom.rego; then # checks policy validity
+            ln -sf custom.rego  "${podvm_dir}"/files/etc/kata-opa/default-policy.rego
+        else
+            error_exit "Invalid AGENT_POLICY value set, expected base64 encoded valid agent policy, got: \"${AGENT_POLICY}\""
+	fi
+    elif [[ "$CONFIDENTIAL_COMPUTE_ENABLED" == "yes" ]]; then
+        echo "Setting custom agent policy to CoCo's recommended policy"
+        sed 's/default ReadStreamRequest := true/default ReadStreamRequest := false/;
+            s/default ExecProcessRequest := true/default ExecProcessRequest := false/' \
             "${podvm_dir}"/files/etc/kata-opa/default-policy.rego > "${podvm_dir}"/files/etc/kata-opa/coco-default-policy.rego
-        ln -sf "${podvm_dir}"/files/etc/kata-opa/coco-default-policy.rego  "${podvm_dir}"/files/etc/kata-opa/default-policy.rego
+        ln -sf coco-default-policy.rego "${podvm_dir}"/files/etc/kata-opa/default-policy.rego
     fi
+    echo "~~~ Current Agent Policy ~~~" && cat "${podvm_dir}"/files/etc/kata-opa/default-policy.rego
 }
 
 # Download and extract pause container image