man: removing dependency on asciidoctor

There is some controversy around relying on a third-party application for building the projects man-pages. This introduces a heavy refactor which removes that dependency and instead relies solely on `clap` and `clap_mangen` to dynamically generate man-pages for the project. Overview: - Delete the old `build.rs` script and moves it into the `src` directory to help clean up the depenency tree inside of the build script. - Delete the legacy adoc-formatted file. - Build a pseudo-library with `cli.rs` as the main portion of the project - Refactor main.rs to simply be a driver of the pseudo-library Signed-off-by: Larry Dewey <[email protected]>
virtee · Sep 18, 2024 · 589bd1a · 589bd1a
1 parent a7ba002
commit 589bd1a
Show file tree

Hide file tree

Showing 12 changed files with 305 additions and 432 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -11,7 +11,8 @@ readme = "README.md"
 keywords = ["amd", "sev", "snp"]
 categories = ["os", "os::linux-apis", "parsing", "cryptography", "hardware-support"]
 exclude = [ ".gitignore", ".github/*" ]
-rust-version = "1.74"
+rust-version = "1.80"
+build = "src/build.rs"
 
 [badges]
 # See https://doc.rust-lang.org/cargo/reference/manifest.html#the-badges-section
@@ -32,3 +33,14 @@ colorful = "0.2.2"
 libc = "0.2.154"
 curl = "0.4"
 msru = "0.2.0"
+
+[build-dependencies]
+clap_mangen = "0.2.23"
+anyhow = "1.0.83"
+sev = { version = "4.0.0", features = ['openssl']}
+env_logger = "0.10.1"
+clap = { version = "4.5", features = [ "derive" ] }
+colorful = "0.2.2"
+libc = "0.2.154"
+curl = "0.4"
+msru = "0.2.0"
diff --git a/build.rs b/build.rs
diff --git a/docs/README.md b/docs/README.md
@@ -0,0 +1,3 @@
+# Documentation
+All of the documentation generated will end up in this directory. This is a
+placeholder to make sure the directory stays in the tree.
diff --git a/docs/snphost.1.adoc b/docs/snphost.1.adoc
diff --git a/src/build.rs b/src/build.rs
@@ -0,0 +1,28 @@
+// SPDX-License-Identifier: Apache-2.0
+
+use anyhow::{Context, Result};
+use clap::{arg, command, CommandFactory, Parser, Subcommand, ValueEnum};
+
+mod cert;
+use cert::{export, fetch, import, verify};
+use sev::firmware::host::*;
+mod cli;
+mod config;
+mod ok;
+mod processor;
+mod show;
+
+use cli::SnpHost;
+use std::path::PathBuf;
+
+fn generate_man_pages() -> std::io::Result<()> {
+    clap_mangen::generate_to(
+        SnpHost::command(),
+        PathBuf::from(env!("CARGO_MANIFEST_DIR")).join("docs/"),
+    )
+}
+
+fn main() -> std::io::Result<()> {
+    // Uses clap_mangen to generate all relevant man pages.
+    generate_man_pages()
+}
diff --git a/src/cert/fetch/vcek.rs b/src/cert/fetch/vcek.rs
@@ -8,7 +8,10 @@ use std::{
     path::PathBuf,
 };
 
-use crate::{firmware, processor::ProcessorGeneration, snp_platform_status};
+use crate::{
+    cli::{firmware, snp_platform_status},
+    processor::ProcessorGeneration,
+};
 
 use anyhow::{Context, Result};
 use curl::easy::Easy;

diff --git a/src/cli.rs b/src/cli.rs
@@ -0,0 +1,92 @@
+// SPDX-License-Identifier: Apache-2.0
+
+#![allow(dead_code)]
+
+use clap::{arg, Parser, Subcommand};
+
+use super::*;
+
+pub(crate) fn firmware() -> Result<Firmware> {
+    Firmware::open().context("unable to open /dev/sev")
+}
+
+pub(crate) fn snp_platform_status() -> anyhow::Result<SnpPlatformStatus> {
+    firmware()?
+        .snp_platform_status()
+        .map_err(|e| anyhow::anyhow!(format!("{:?}", e)))
+        .context("unable to retrieve SNP platform status")
+}
+
+pub(crate) fn sev_platform_status() -> anyhow::Result<Status> {
+    firmware()?
+        .platform_status()
+        .map_err(|e| anyhow::anyhow!(format!("{:?}", e)))
+        .context("unable to retrieve SEV platform status")
+}
+
+// Commit command
+mod commit {
+    use crate::cli::firmware;
+    pub fn cmd() -> anyhow::Result<()> {
+        firmware()?.snp_commit()?;
+        Ok(())
+    }
+}
+
+#[derive(Parser)]
+#[command(author, version, about, long_about = None)]
+pub struct SnpHost {
+    #[command(subcommand)]
+    pub cmd: SnpHostCmd,
+
+    /// Don't print anything to the console
+    #[arg(short, long, default_value_t = false)]
+    pub quiet: bool,
+}
+
+#[allow(clippy::large_enum_variant)]
+/// Utilities for managing the SEV-SNP environment
+#[derive(Subcommand)]
+pub enum SnpHostCmd {
+    /// Display information about the SEV-SNP platform
+    #[command(subcommand)]
+    Show(show::Show),
+
+    /// Export a certificate chain from a kernel format file to a given directory
+    Export(export::Export),
+
+    /// Import a certificate chain to a file
+    Import(import::Import),
+
+    /// Probe system for SEV-SNP support
+    Ok,
+
+    /// Modify the SNP configuration
+    #[command(subcommand)]
+    Config(config::ConfigCmd),
+
+    /// Verify a certificate chain
+    Verify(verify::Verify),
+
+    /// Retrieve content from the AMD Key Distribution Server (KDS)
+    #[command(subcommand)]
+    Fetch(fetch::Fetch),
+
+    /// Commit current firmware and TCB versions to PSP
+    Commit,
+}
+
+impl SnpHostCmd {
+    pub fn handle(self, quiet: bool) -> Result<()> {
+        match self {
+            Self::Show(show) => show::cmd(show),
+            Self::Export(export) => export::cmd(export),
+            Self::Import(import) => import::cmd(import),
+            Self::Ok => ok::cmd(quiet),
+            Self::Config(subcmd) => config::cmd(subcmd),
+            Self::Verify(verify) => verify::cmd(verify, quiet),
+            Self::Fetch(fetch) => fetch::cmd(fetch),
+            Self::Commit => commit::cmd(),
+        }
+    }
+}