add nvidia driver runfile hash verification

meetrajvala · meetrajvala · commit d70061446897 · 2025-04-23T11:36:13.000Z
diff --git a/go.work.sum b/go.work.sum
@@ -706,6 +706,7 @@ github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo
 github.com/andygrunwald/go-gerrit v0.0.0-20201231163137-46815e48bfe0/go.mod h1:soxaYLbAFToS0OelBriItCts/mtUZOuLBkCk1Xv4ZSo=
 github.com/apache/arrow/go/v15 v15.0.2/go.mod h1:DGXsR3ajT524njufqf95822i+KTh+yea1jass9YXgjA=
 github.com/aws/aws-sdk-go v1.43.16/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo=
+github.com/beevik/etree v1.1.0/go.mod h1:r8Aw8JqVegEf0w2fDnATrX9VpkMcyFeM0FhwO62wh+A=
 github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ=
 github.com/bshuster-repo/logrus-logstash-hook v1.0.0/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk=
 github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx27UK13J/0=
@@ -954,6 +955,7 @@ github.com/safchain/ethtool v0.0.0-20210803160452-9aa261dae9b1/go.mod h1:Z0q5wiB
 github.com/sclevine/agouti v3.0.0+incompatible/go.mod h1:b4WX9W9L1sfQKXeJf1mUTLZKJ48R1S7H23Ji7oFO5Bw=
 github.com/seccomp/libseccomp-golang v0.9.2-0.20210429002308-3879420cc921/go.mod h1:JA8cRccbGaA1s33RQf7Y1+q9gHmZX1yB/z9WDN1C6fg=
 github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
+github.com/smartystreets/assertions v1.1.1/go.mod h1:tcbTF8ujkAEcZ8TElKY+i30BzYlVhC/LOxJk7iOWnoo=
 github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
 github.com/spdx/tools-golang v0.5.3/go.mod h1:/ETOahiAo96Ob0/RAIBmFZw6XN0yTnyr/uFZm2NTMhI=
 github.com/spf13/afero v1.10.0/go.mod h1:UBogFpq8E9Hx+xc5CNTTEpTnuHVmXDwZcZcE1eb/UhQ=
@@ -984,6 +986,7 @@ github.com/yashtewari/glob-intersection v0.1.0/go.mod h1:LK7pIC3piUjovexikBbJ26Y
 github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
 github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
 github.com/zeebo/xxh3 v1.0.2/go.mod h1:5NWz9Sef7zIDm2JHfFlcQvNekmcEl9ekUZQQKCYaDcA=
+go.chromium.org/luci v0.0.0-20200722211809-bab0c30be68b/go.mod h1:MIQewVTLvOvc0UioV0JNqTNO/RspKFS0XEeoKrOxsdM=
 go.einride.tech/aip v0.67.1/go.mod h1:ZGX4/zKw8dcgzdLsrvpOOGxfxI2QSk12SlP7d6c0/XI=
 go.einride.tech/aip v0.68.0/go.mod h1:7y9FF8VtPWqpxuAxl0KQWqaULxW4zFIesD6zF5RIHHg=
 go.etcd.io/bbolt v1.3.7/go.mod h1:N9Mkw9X8x5fupy0IKsmuqVtoGDyxsaDlbk4Rd05IAQw=
diff --git a/launcher/image/preload.sh b/launcher/image/preload.sh
@@ -6,6 +6,8 @@ readonly EXPERIMENTS_BINARY="confidential_space_experiments"
 readonly GPU_REF_VALUES_PATH="${CS_PATH}/gpu"
 readonly COS_GPU_INSTALLER_IMAGE_REF="${GPU_REF_VALUES_PATH}/cos_gpu_installer_image_ref"
 readonly COS_GPU_INSTALLER_IMAGE_DIGEST="${GPU_REF_VALUES_PATH}/cos_gpu_installer_image_digest"
+readonly DRIVER_DIGEST_SHA256SUM="${GPU_REF_VALUES_PATH}/driver_digest_sha256sum"
+readonly DRIVERS_GCS_BUCKET="cos-nvidia-gpu-drivers"
 
 copy_launcher() {
   cp launcher "${CS_PATH}/cs_container_launcher"
@@ -126,6 +128,26 @@ get_cos_gpu_installer_image_digest() {
   echo "${image_digest}"
 }
 
+set_reference_driver_digest() {
+  local driver_version
+  local driver_digest_gcs_url
+
+  # Fetching the default driver version for H100 GPU.
+  driver_version=$(cos-extensions list -- --target-gpu NVIDIA_H100_80GB | grep DEFAULT | cut -d" " -f 1)
+  driver_digest_gcs_url="https://storage.googleapis.com/${DRIVERS_GCS_BUCKET}/sha256/NVIDIA-Linux-x86_64-${driver_version}.run.sha256"
+  if ! curl -sSL ${driver_digest_gcs_url} -o ${DRIVER_DIGEST_SHA256SUM}; then
+    echo "Error: failed to download the driver digest file from ${driver_digest_gcs_url}." >&2
+    return 1
+  fi
+  
+  driver_digest=$(cat ${DRIVER_DIGEST_SHA256SUM} | cut -d " " -f 1)
+  # Check for the expected length of the SHA256 digest (64 hex characters)
+  if [ ${#driver_digest} -ne 64 ]; then
+    echo "Error: driver digest has an unexpected length: ${#driver_digest}, Expected 64." >&2
+    return 1
+  fi
+}
+
 
 set_gpu_driver_ref_values() {
   local cos_gpu_installer_image_ref
@@ -153,6 +175,7 @@ set_gpu_driver_ref_values() {
   
   echo ${cos_gpu_installer_image_ref} > ${COS_GPU_INSTALLER_IMAGE_REF}
   echo ${cos_gpu_installer_image_digest} > ${COS_GPU_INSTALLER_IMAGE_DIGEST}
+  set_reference_driver_digest
 }
 
 main() {
diff --git a/launcher/internal/gpu/config.go b/launcher/internal/gpu/config.go
@@ -9,4 +9,6 @@ const (
 	InstallerImageRefFile = "/usr/share/oem/confidential_space/gpu/cos_gpu_installer_image_ref"
 	// InstallerImageDigestFile is a filename which has the container image digest of cos_gpu_installer.
 	InstallerImageDigestFile = "/usr/share/oem/confidential_space/gpu/cos_gpu_installer_image_digest"
+	// ReferenceDriverDigestFile is a filename which has the reference digest of nvidia driver installer.
+	ReferenceDriverDigestFile = "/usr/share/oem/confidential_space/gpu/driver_digest_sha256sum"
 )
diff --git a/launcher/internal/gpu/driverinstaller.go b/launcher/internal/gpu/driverinstaller.go
@@ -3,6 +3,8 @@ package gpu
 
 import (
 	"context"
+	"crypto/sha256"
+	"encoding/hex"
 	"fmt"
 	"os"
 	"os/exec"
@@ -150,6 +152,15 @@ func (di *DriverInstaller) InstallGPUDrivers(ctx context.Context) error {
 		return fmt.Errorf("GPU driver installation task ended with non-zero status code %d", code)
 	}
 
+	referenceDigest, runFilename, err := parseDriverDigestFile(ReferenceDriverDigestFile)
+	if err != nil {
+		return fmt.Errorf("failed to get driver filename, got error: %v", err)
+	}
+	runFile := fmt.Sprintf("%s/%s", InstallationHostDir, runFilename)
+	if err = verifyDriverDigest(runFile, referenceDigest); err != nil {
+		return fmt.Errorf("failed to verify GPU driver digest: %v", err)
+	}
+
 	if err = launchNvidiaPersistencedProcess(di.logger); err != nil {
 		return fmt.Errorf("failed to start nvidia-persistenced process: %v", err)
 	}
@@ -203,6 +214,17 @@ func verifyInstallerImageDigest(image containerd.Image, referenceDigestFile stri
 	return nil
 }
 
+func verifyDriverDigest(driverFile, referenceHash string) error {
+	calculatedHash, err := calculateSHA256Hash(driverFile)
+	if err != nil {
+		return err
+	}
+	if calculatedHash != referenceHash {
+		return fmt.Errorf("gpu driver digest verification failed - expected : %s, got : %s", referenceHash, calculatedHash)
+	}
+	return nil
+}
+
 func remountAsExecutable(dir string) error {
 	if err := os.MkdirAll(dir, 0755); err != nil {
 		return fmt.Errorf("failed to create dir %q: %v", dir, err)
@@ -288,3 +310,29 @@ func nvidiaSmiRunFunc(args ...string) nvidiaSmiCmdRun {
 	cmd := fmt.Sprintf("%s/bin/nvidia-smi", InstallationHostDir)
 	return func() error { return exec.Command(cmd, args...).Run() }
 }
+
+func calculateSHA256Hash(filePath string) (string, error) {
+	contentBytes, err := os.ReadFile(filePath)
+	if err != nil {
+		return "", fmt.Errorf("failed to read the file %s, got error %v", filePath, err)
+	}
+	hashBytes := sha256.Sum256(contentBytes)
+	return hex.EncodeToString(hashBytes[:]), nil
+}
+
+// Reference driver digest file contains driver digest along with driver .Run filename.
+// parseDriverDigestFile() gets reference digest file and returns the run file's digest and the run filename.
+// Sample reference driver digest file content:
+//
+//	65fe3e2236c1ddab26eaf8e1b3f3b2b0951b8824d7c4a5022552579288ff7fea  NVIDIA-Linux-aarch64-570.124.06.run
+func parseDriverDigestFile(digestFile string) (string, string, error) {
+	contentBytes, err := os.ReadFile(digestFile)
+	if err != nil {
+		return "", "", fmt.Errorf("failed to read the file %s, got error %v", digestFile, err)
+	}
+	fields := strings.Fields(string(contentBytes))
+	if len(fields) != 2 {
+		return "", "", fmt.Errorf("unexpected content length in reference file %s", digestFile)
+	}
+	return fields[0], fields[1], nil
+}
diff --git a/launcher/internal/gpu/driverinstaller_test.go b/launcher/internal/gpu/driverinstaller_test.go
@@ -271,3 +271,139 @@ func TestIsConfidentialComputeSupported(t *testing.T) {
 		})
 	}
 }
+
+func TestVerifyDriverDigest(t *testing.T) {
+	tests := []struct {
+		name            string
+		driverDigest    string
+		refDriverDigest string
+		wantErr         bool
+		errSubstr       string
+	}{
+		{
+			name:            "Driver digest matches",
+			driverDigest:    "test-digest",
+			refDriverDigest: "8edf273aa28919d86f9f0ab68b1f267280821a3251c281d19748f940c180d27f",
+			wantErr:         false,
+		},
+		{
+			name:            "Driver digest mismatch",
+			driverDigest:    "test-digest",
+			refDriverDigest: "8edf273aa28919d86f9f0ab68b1f267280821a3251c281d19748f940c180d27a",
+			wantErr:         true,
+			errSubstr:       "gpu driver digest verification failed",
+		},
+		{
+			name:            "Empty reference driver digest",
+			driverDigest:    "test-digest",
+			refDriverDigest: "",
+			wantErr:         true,
+			errSubstr:       "gpu driver digest verification failed",
+		},
+		{
+			name:            "Installed driver file does not exist",
+			driverDigest:    "",
+			refDriverDigest: "8edf273aa28919d86f9f0ab68b1f267280821a3251c281d19748f940c180d27f",
+			wantErr:         true,
+			errSubstr:       "failed to read the file",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+
+			tempDir := t.TempDir()
+			installedFile := fmt.Sprintf("%s/installed_driver_digest", tempDir)
+
+			if tt.name != "Installed driver file does not exist" {
+				err := os.WriteFile(installedFile, []byte(tt.driverDigest), 0644)
+				if err != nil {
+					t.Fatalf("failed to write to the driver digest testfile %s: %v", installedFile, err)
+				}
+			}
+			err := verifyDriverDigest(installedFile, tt.refDriverDigest)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("VerifyDriverDigest() error = %v, wantErr %v", err, tt.wantErr)
+			}
+			if tt.wantErr && !strings.Contains(err.Error(), tt.errSubstr) {
+				t.Errorf("VerifyDriverDigest() error message %s is expected to contain %s", err.Error(), tt.errSubstr)
+			}
+		})
+	}
+}
+
+func TestParseDriverDigestFile(t *testing.T) {
+	tests := []struct {
+		name             string
+		refFileContent   string
+		expectedFilename string
+		expectedDigest   string
+		wantErr          bool
+		errSubstr        string
+	}{
+		{
+			name:             "Valid content in reference digest file",
+			refFileContent:   "8edf273aa28919d86f9f0ab68b1f267280821a3251c281d19748f940c180d27f test-driver-file",
+			expectedDigest:   "8edf273aa28919d86f9f0ab68b1f267280821a3251c281d19748f940c180d27f",
+			expectedFilename: "test-driver-file",
+			wantErr:          false,
+		},
+		{
+			name:             "Valid content in reference digest file extra whitespaces",
+			refFileContent:   "8edf273aa28919d86f9f0ab68b1f267280821a3251c281d19748f940c180d27f   test-driver-file",
+			expectedDigest:   "8edf273aa28919d86f9f0ab68b1f267280821a3251c281d19748f940c180d27f",
+			expectedFilename: "test-driver-file",
+			wantErr:          false,
+		},
+		{
+			name:             "Malformed content in reference digest file",
+			refFileContent:   "8edf273aa28919d86f9f0ab68b1f267280821a3251c281d19748f940c180d27a test-driver-file some-more-data",
+			expectedFilename: "",
+			wantErr:          true,
+			errSubstr:        "unexpected content length in reference file",
+		},
+		{
+			name:             "Empty reference digest file",
+			refFileContent:   "",
+			expectedFilename: "",
+			wantErr:          true,
+			errSubstr:        "unexpected content length in reference file",
+		},
+		{
+			name:             "Reference file does not exist",
+			refFileContent:   "",
+			expectedFilename: "",
+			wantErr:          true,
+			errSubstr:        "failed to read the file",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+
+			tempDir := t.TempDir()
+			refFile := fmt.Sprintf("%s/reference_driver_digest", tempDir)
+
+			if tt.name != "Reference file does not exist" {
+				err := os.WriteFile(refFile, []byte(tt.refFileContent), 0644)
+				if err != nil {
+					t.Fatalf("failed to write to the reference digest testfile %s: %v", refFile, err)
+				}
+			}
+
+			digest, filename, err := parseDriverDigestFile(refFile)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("parseDriverDigestFile() error = %v, wantErr %v", err, tt.wantErr)
+			}
+			if tt.wantErr && !strings.Contains(err.Error(), tt.errSubstr) {
+				t.Errorf("parseDriverDigestFile() error message %s is expected to contain %s", err.Error(), tt.errSubstr)
+			}
+			if filename != tt.expectedFilename {
+				t.Errorf("parseDriverDigestFile() returned unexpected filename, got = %v, want %v", filename, tt.expectedFilename)
+			}
+			if digest != tt.expectedDigest {
+				t.Errorf("parseDriverDigestFile() returned unexpected digest, got = %v, want %v", digest, tt.expectedDigest)
+			}
+		})
+	}
+}

Original file line number	Diff line number	Diff line change
`@@ -9,4 +9,6 @@ const (`
`9`	`9`	`InstallerImageRefFile = "/usr/share/oem/confidential_space/gpu/cos_gpu_installer_image_ref"`
`10`	`10`	`// InstallerImageDigestFile is a filename which has the container image digest of cos_gpu_installer.`
`11`	`11`	`InstallerImageDigestFile = "/usr/share/oem/confidential_space/gpu/cos_gpu_installer_image_digest"`
	`12`	`+ // ReferenceDriverDigestFile is a filename which has the reference digest of nvidia driver installer.`
	`13`	`+ ReferenceDriverDigestFile = "/usr/share/oem/confidential_space/gpu/driver_digest_sha256sum"`
`12`	`14`	`)`