Add option to hide tcbinfo from 8090 port

Author: kvinwang

dstack-types/src/lib.rs

@@ -17,6 +17,8 @@ pub struct AppCompose {
     pub public_logs: bool,
     #[serde(default)]
     pub public_sysinfo: bool,
+    #[serde(default = "default_true")]
+    pub public_tcbinfo: bool,
     #[serde(default)]
     pub kms_enabled: bool,
     #[serde(deserialize_with = "deserialize_gateway_enabled", flatten)]

dstack-util/src/system_setup.rs

@@ -773,9 +773,6 @@ impl Stage1<'_> {
         let config = serde_json::json!({
             "default": {
                 "core": {
-                    "app_name": self.shared.app_compose.name,
-                    "public_logs": self.shared.app_compose.public_logs,
-                    "public_sysinfo": self.shared.app_compose.public_sysinfo,
                     "pccs_url": self.shared.sys_config.pccs_url,
                     "data_disks": data_disks,
                 }

guest-agent/dstack.toml

@@ -7,12 +7,9 @@ keep_alive = 10
 log_level = "debug"
 
 [default.core]
-app_name = ""
 keys_file = "/dstack/.host-shared/.appkeys.json"
 compose_file = "/dstack/.host-shared/app-compose.json"
 sys_config_file = "/dstack/.host-shared/.sys-config.json"
-public_logs = true
-public_sysinfo = true
 data_disks = ["/"]
 
 [default.core.simulator]

guest-agent/rpc/proto/agent_rpc.proto

@@ -23,8 +23,8 @@ service Tappd {
   // identifier in the report_data to avoid Quote Repurposing Attacks.
   rpc RawQuote(RawQuoteArgs) returns (TdxQuoteResponse) {}
 
-  // Get worker info
-  rpc Info(google.protobuf.Empty) returns (WorkerInfo) {}
+  // Get app info
+  rpc Info(google.protobuf.Empty) returns (AppInfo) {}
 }
 
 // The service for the dstack guest agent
@@ -42,8 +42,8 @@ service DstackGuest {
   // Emit an event. This extends the event to RTMR3 on TDX platform.
   rpc EmitEvent(EmitEventArgs) returns (google.protobuf.Empty) {}
 
-  // Get worker info
-  rpc Info(google.protobuf.Empty) returns (WorkerInfo) {}
+  // Get app info
+  rpc Info(google.protobuf.Empty) returns (AppInfo) {}
 }
 
 // The request to derive a key
@@ -172,7 +172,7 @@ message EmitEventArgs {
 }
 
 // The request to derive a key
-message WorkerInfo {
+message AppInfo {
   // App ID
   bytes app_id = 1;
   // App Instance ID
@@ -183,10 +183,6 @@ message WorkerInfo {
   string tcb_info = 4;
   // App name
   string app_name = 5;
-  // Whether the app logs are public
-  bool public_logs = 6;
-  // Whether the app sysinfo is public
-  bool public_sysinfo = 7;
   // Device ID
   bytes device_id = 8;
   // MR Aggregated
@@ -203,7 +199,7 @@ message WorkerInfo {
   string vm_config = 14;
 }
 
-// The response to a WorkerInfo request
+// The response to a Version request
 message WorkerVersion {
   // Dstack version
   string version = 1;
@@ -212,8 +208,8 @@ message WorkerVersion {
 }
 
 service Worker {
-  // Get worker info
-  rpc Info(google.protobuf.Empty) returns (WorkerInfo) {}
+  // Get app info
+  rpc Info(google.protobuf.Empty) returns (AppInfo) {}
   // Get the guest agent version
   rpc Version(google.protobuf.Empty) returns (WorkerVersion) {}
 }

guest-agent/src/config.rs

@@ -1,8 +1,10 @@
-use std::{collections::HashSet, path::PathBuf};
+use std::{collections::HashSet, ops::Deref, path::PathBuf};
 
+use dstack_types::AppCompose;
 use figment::Figment;
+use fs_err as fs;
 use load_config::load_config;
-use serde::Deserialize;
+use serde::{de::Error, Deserialize};
 
 pub const DEFAULT_CONFIG: &str = include_str!("../dstack.toml");
 
@@ -15,13 +17,25 @@ pub struct BindAddr {
     pub port: u16,
 }
 
+#[derive(Debug, Clone)]
+pub struct AppComposeWrapper {
+    pub app_compose: AppCompose,
+    pub raw: String,
+}
+
+impl Deref for AppComposeWrapper {
+    type Target = AppCompose;
+
+    fn deref(&self) -> &Self::Target {
+        &self.app_compose
+    }
+}
+
 #[derive(Debug, Clone, Deserialize)]
 pub struct Config {
-    pub app_name: String,
     pub keys_file: String,
-    pub public_logs: bool,
-    pub public_sysinfo: bool,
-    pub compose_file: String,
+    #[serde(deserialize_with = "deserialize_app_compose", flatten)]
+    pub app_compose: AppComposeWrapper,
     pub sys_config_file: PathBuf,
     #[serde(default)]
     pub pccs_url: Option<String>,
@@ -30,6 +44,26 @@ pub struct Config {
     pub data_disks: HashSet<PathBuf>,
 }
 
+fn deserialize_app_compose<'de, D>(deserializer: D) -> Result<AppComposeWrapper, D::Error>
+where
+    D: serde::Deserializer<'de>,
+{
+    #[derive(Debug, Clone, Deserialize)]
+    struct Config {
+        compose_file: String,
+    }
+
+    let config = Config::deserialize(deserializer)?;
+    let content = fs::read_to_string(&config.compose_file)
+        .map_err(|e| D::Error::custom(format!("Failed to read compose file: {e}")))?;
+    let app_compose = serde_json::from_str(&content)
+        .map_err(|e| D::Error::custom(format!("Failed to parse compose file: {e}")))?;
+    Ok(AppComposeWrapper {
+        app_compose,
+        raw: content,
+    })
+}
+
 #[derive(Debug, Clone, Deserialize)]
 pub struct Simulator {
     pub enabled: bool,

guest-agent/src/http_routes.rs

@@ -5,7 +5,7 @@ use crate::guest_api_service::{list_containers, GuestApiHandler};
 use crate::rpc_service::{AppState, ExternalRpcHandler};
 use anyhow::Result;
 use docker_logs::parse_duration;
-use dstack_guest_agent_rpc::{worker_server::WorkerRpc, WorkerInfo};
+use dstack_guest_agent_rpc::{worker_server::WorkerRpc, AppInfo};
 use guest_api::guest_api_server::GuestApiRpc;
 use ra_rpc::{CallContext, RpcCall};
 use rinja::Template;
@@ -15,18 +15,24 @@ use rocket::{get, response::content::RawHtml, routes, Route, State};
 
 pub fn external_routes(config: &Config) -> Vec<Route> {
     let mut routes = routes![index];
-    if config.public_logs {
-        routes.extend(routes![get_logs, metrics]);
+    if config.app_compose.public_logs {
+        routes.extend(routes![get_logs]);
+    }
+    if config.app_compose.public_sysinfo {
+        routes.extend(routes![metrics]);
     }
     routes
 }
 
 #[get("/")]
 async fn index(state: &State<AppState>) -> Result<RawHtml<String>, String> {
+    let public_logs = state.config().app_compose.public_logs;
+    let public_sysinfo = state.config().app_compose.public_sysinfo;
+    let public_tcbinfo = state.config().app_compose.public_tcbinfo;
     let context = CallContext::builder().state(&**state).build();
     let handler = ExternalRpcHandler::construct(context.clone())
         .map_err(|e| format!("Failed to construct RPC handler: {}", e))?;
-    let WorkerInfo {
+    let AppInfo {
         app_name,
         app_id,
         instance_id,
@@ -38,8 +44,6 @@ async fn index(state: &State<AppState>) -> Result<RawHtml<String>, String> {
         compose_hash: _,
         tcb_info,
         app_cert: _,
-        public_logs,
-        public_sysinfo,
         vm_config: _,
     } = handler
         .info()
@@ -62,6 +66,7 @@ async fn index(state: &State<AppState>) -> Result<RawHtml<String>, String> {
         system_info,
         public_sysinfo,
         public_logs,
+        public_tcbinfo,
     };
     match model.render() {
         Ok(html) => Ok(RawHtml(html)),
@@ -72,7 +77,7 @@ async fn index(state: &State<AppState>) -> Result<RawHtml<String>, String> {
 // Returns metrics about the guest in prometheus format if public_sysinfo is enabled
 #[get("/metrics")]
 async fn metrics(state: &State<AppState>) -> Result<String, String> {
-    let public_sysinfo = state.config().public_sysinfo;
+    let public_sysinfo = state.config().app_compose.public_sysinfo;
     if !public_sysinfo {
         return Err("Sysinfo API is disabled".to_string());
     }

guest-agent/src/models.rs

@@ -43,6 +43,7 @@ pub struct Dashboard {
     pub system_info: SystemInfo,
     pub public_sysinfo: bool,
     pub public_logs: bool,
+    pub public_tcbinfo: bool,
 }
 
 #[derive(Template)]

guest-agent/src/rpc_service.rs

@@ -6,9 +6,9 @@ use dstack_guest_agent_rpc::{
     dstack_guest_server::{DstackGuestRpc, DstackGuestServer},
     tappd_server::{TappdRpc, TappdServer},
     worker_server::{WorkerRpc, WorkerServer},
-    DeriveK256KeyResponse, DeriveKeyArgs, EmitEventArgs, GetKeyArgs, GetKeyResponse,
+    AppInfo, DeriveK256KeyResponse, DeriveKeyArgs, EmitEventArgs, GetKeyArgs, GetKeyResponse,
     GetQuoteResponse, GetTlsKeyArgs, GetTlsKeyResponse, RawQuoteArgs, TdxQuoteArgs,
-    TdxQuoteResponse, WorkerInfo, WorkerVersion,
+    TdxQuoteResponse, WorkerVersion,
 };
 use dstack_types::{AppKeys, SysConfig};
 use fs_err as fs;
@@ -89,6 +89,66 @@ pub struct InternalRpcHandler {
     state: AppState,
 }
 
+pub async fn get_info(state: &AppState, external: bool) -> Result<AppInfo> {
+    let hide_tcb_info = external && !state.config().app_compose.public_tcbinfo;
+    let response = InternalRpcHandler {
+        state: state.clone(),
+    }
+    .get_quote(RawQuoteArgs {
+        report_data: [0; 64].to_vec(),
+    })
+    .await;
+    let Ok(response) = response else {
+        return Ok(AppInfo::default());
+    };
+    let Ok(attestation) = Attestation::new(response.quote, response.event_log.into()) else {
+        return Ok(AppInfo::default());
+    };
+    let app_info = attestation
+        .decode_app_info(false)
+        .context("Failed to decode app info")?;
+    let event_log = &attestation.event_log;
+    let tcb_info = if hide_tcb_info {
+        "".to_string()
+    } else {
+        let app_compose = state.config().app_compose.raw.clone();
+        serde_json::to_string_pretty(&json!({
+            "mrtd": hex::encode(app_info.mrtd),
+            "rtmr0": hex::encode(app_info.rtmr0),
+            "rtmr1": hex::encode(app_info.rtmr1),
+            "rtmr2": hex::encode(app_info.rtmr2),
+            "rtmr3": hex::encode(app_info.rtmr3),
+            "mr_aggregated": hex::encode(app_info.mr_aggregated),
+            "os_image_hash": hex::encode(&app_info.os_image_hash),
+            "mr_key_provider": hex::encode(app_info.mr_key_provider),
+            "compose_hash": hex::encode(&app_info.compose_hash),
+            "device_id": hex::encode(&app_info.device_id),
+            "event_log": event_log,
+            "app_compose": app_compose,
+        }))
+        .unwrap_or_default()
+    };
+    let vm_config = if hide_tcb_info {
+        "".to_string()
+    } else {
+        state.inner.vm_config.clone()
+    };
+    Ok(AppInfo {
+        app_name: state.config().app_compose.name.clone(),
+        app_id: app_info.app_id,
+        instance_id: app_info.instance_id,
+        device_id: app_info.device_id,
+        mr_aggregated: app_info.mr_aggregated.to_vec(),
+        os_image_hash: app_info.os_image_hash.clone(),
+        mr_key_provider: app_info.mr_key_provider.to_vec(),
+        key_provider_info: String::from_utf8(app_info.key_provider_info).unwrap_or_default(),
+        compose_hash: app_info.compose_hash.clone(),
+        app_cert: state.inner.demo_cert.clone(),
+        tcb_info,
+        vm_config,
+    })
+}
+
 impl DstackGuestRpc for InternalRpcHandler {
     async fn get_tls_key(self, request: GetTlsKeyArgs) -> anyhow::Result<GetTlsKeyResponse> {
         let mut seed = [0u8; 32];
@@ -175,8 +235,8 @@ impl DstackGuestRpc for InternalRpcHandler {
         tdx_attest::extend_rtmr3(&request.event, &request.payload)
     }
 
-    async fn info(self) -> Result<WorkerInfo> {
-        ExternalRpcHandler { state: self.state }.info().await
+    async fn info(self) -> Result<AppInfo> {
+        get_info(&self.state, false).await
     }
 }
 
@@ -304,8 +364,8 @@ impl TappdRpc for InternalRpcHandlerV0 {
         .await
     }
 
-    async fn info(self) -> Result<WorkerInfo> {
-        ExternalRpcHandler { state: self.state }.info().await
+    async fn info(self) -> Result<AppInfo> {
+        get_info(&self.state, false).await
     }
 }
 
@@ -330,56 +390,8 @@ impl ExternalRpcHandler {
 }
 
 impl WorkerRpc for ExternalRpcHandler {
-    async fn info(self) -> Result<WorkerInfo> {
-        let response = InternalRpcHandler {
-            state: self.state.clone(),
-        }
-        .get_quote(RawQuoteArgs {
-            report_data: [0; 64].to_vec(),
-        })
-        .await;
-        let Ok(response) = response else {
-            return Ok(WorkerInfo::default());
-        };
-        let Ok(attestation) = Attestation::new(response.quote, response.event_log.into()) else {
-            return Ok(WorkerInfo::default());
-        };
-        let app_info = attestation
-            .decode_app_info(false)
-            .context("Failed to decode app info")?;
-        let event_log = &attestation.event_log;
-        let app_compose = fs::read_to_string(&self.state.config().compose_file).unwrap_or_default();
-        let tcb_info = serde_json::to_string_pretty(&json!({
-            "mrtd": hex::encode(app_info.mrtd),
-            "rtmr0": hex::encode(app_info.rtmr0),
-            "rtmr1": hex::encode(app_info.rtmr1),
-            "rtmr2": hex::encode(app_info.rtmr2),
-            "rtmr3": hex::encode(app_info.rtmr3),
-            "mr_aggregated": hex::encode(app_info.mr_aggregated),
-            "os_image_hash": hex::encode(&app_info.os_image_hash),
-            "mr_key_provider": hex::encode(app_info.mr_key_provider),
-            "compose_hash": hex::encode(&app_info.compose_hash),
-            "device_id": hex::encode(&app_info.device_id),
-            "event_log": event_log,
-            "app_compose": app_compose,
-        }))
-        .unwrap_or_default();
-        Ok(WorkerInfo {
-            app_name: self.state.config().app_name.clone(),
-            app_id: app_info.app_id,
-            instance_id: app_info.instance_id,
-            device_id: app_info.device_id,
-            mr_aggregated: app_info.mr_aggregated.to_vec(),
-            os_image_hash: app_info.os_image_hash.clone(),
-            mr_key_provider: app_info.mr_key_provider.to_vec(),
-            key_provider_info: String::from_utf8(app_info.key_provider_info).unwrap_or_default(),
-            compose_hash: app_info.compose_hash.clone(),
-            app_cert: self.state.inner.demo_cert.clone(),
-            tcb_info,
-            public_logs: self.state.config().public_logs,
-            public_sysinfo: self.state.config().public_sysinfo,
-            vm_config: self.state.inner.vm_config.clone(),
-        })
+    async fn info(self) -> Result<AppInfo> {
+        get_info(&self.state, true).await
     }
 
     async fn version(self) -> Result<WorkerVersion> {