From 589bd1a41dae04ea222395dfa76292a23a87a1ce Mon Sep 17 00:00:00 2001 From: Larry Dewey Date: Wed, 18 Sep 2024 09:47:30 -0500 Subject: [PATCH 1/2] man: removing dependency on asciidoctor There is some controversy around relying on a third-party application for building the projects man-pages. This introduces a heavy refactor which removes that dependency and instead relies solely on `clap` and `clap_mangen` to dynamically generate man-pages for the project. Overview: - Delete the old `build.rs` script and moves it into the `src` directory to help clean up the depenency tree inside of the build script. - Delete the legacy adoc-formatted file. - Build a pseudo-library with `cli.rs` as the main portion of the project - Refactor main.rs to simply be a driver of the pseudo-library Signed-off-by: Larry Dewey --- Cargo.lock | 258 ++++++++++++++++++++++++----------------- Cargo.toml | 14 ++- build.rs | 54 --------- docs/README.md | 3 + docs/snphost.1.adoc | 180 ---------------------------- src/build.rs | 28 +++++ src/cert/fetch/vcek.rs | 5 +- src/cli.rs | 92 +++++++++++++++ src/config.rs | 2 + src/main.rs | 98 ++-------------- src/ok.rs | 2 + src/show.rs | 1 + 12 files changed, 305 insertions(+), 432 deletions(-) delete mode 100644 build.rs create mode 100644 docs/README.md delete mode 100644 docs/snphost.1.adoc create mode 100644 src/build.rs create mode 100644 src/cli.rs diff --git a/Cargo.lock b/Cargo.lock index b5f0a54..8854909 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -13,15 +13,16 @@ dependencies = [ [[package]] name = "anstream" -version = "0.6.13" +version = "0.6.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d96bd03f33fe50a863e394ee9718a706f988b9079b20c3784fb726e7678b62fb" +checksum = "64e15c1ab1f89faffbf04a634d5e1962e9074f2741eef6d97f3c4e322426d526" dependencies = [ "anstyle", "anstyle-parse", "anstyle-query", "anstyle-wincon", "colorchoice", + "is_terminal_polyfill", "utf8parse", ] @@ -33,27 +34,27 @@ checksum = "1bec1de6f59aedf83baf9ff929c98f2ad654b97c9510f4e70cf6f661d49fd5b1" [[package]] name = "anstyle-parse" -version = "0.2.3" +version = "0.2.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c75ac65da39e5fe5ab759307499ddad880d724eed2f6ce5b5e8a26f4f387928c" +checksum = "eb47de1e80c2b463c735db5b217a0ddc39d612e7ac9e2e96a5aed1f57616c1cb" dependencies = [ "utf8parse", ] [[package]] name = "anstyle-query" -version = "1.0.2" +version = "1.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e28923312444cdd728e4738b3f9c9cac739500909bb3d3c94b43551b16517648" +checksum = "6d36fc52c7f6c869915e99412912f22093507da8d9e942ceaf66fe4b7c14422a" dependencies = [ "windows-sys 0.52.0", ] [[package]] name = "anstyle-wincon" -version = "3.0.2" +version = "3.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1cd54b81ec8d6180e24654d0b371ad22fc3dd083b6ff8ba325b72e00c87660a7" +checksum = "5bf74e1b6e971609db8ca7a9ce79fd5768ab6ae46441c572e46cf596f59e57f8" dependencies = [ "anstyle", "windows-sys 0.52.0", @@ -61,9 +62,9 @@ dependencies = [ [[package]] name = "anyhow" -version = "1.0.83" +version = "1.0.89" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "25bdb32cbbdce2b519a9cd7df3a678443100e265d5e25ca763b7572a5104f5f3" +checksum = "86fdf8605db99b54d3cd748a44c6d04df638eb5dafb219b135d0149bd0db01f6" [[package]] name = "base64" @@ -94,9 +95,9 @@ checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" [[package]] name = "bitflags" -version = "2.5.0" +version = "2.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cf4b9d6a944f767f8e5e0db018570623c85f3d925ac718db4e06d0187adb21c1" +checksum = "b048fb63fd8b5923fc5aa7b340d8e156aec7ec02f0c78fa8a6ddc2613f6f71de" [[package]] name = "byteorder" @@ -106,9 +107,12 @@ checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b" [[package]] name = "cc" -version = "1.0.95" +version = "1.1.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d32a725bc159af97c3e629873bb9f88fb8cf8a4867175f76dc987815ea07c83b" +checksum = "07b1695e2c7e8fc85310cde85aeaab7e3097f593c91d209d3f9df76c928100f0" +dependencies = [ + "shlex", +] [[package]] name = "cfg-if" @@ -118,9 +122,9 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" [[package]] name = "clap" -version = "4.5.16" +version = "4.5.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed6719fffa43d0d87e5fd8caeab59be1554fb028cd30edc88fc4369b17971019" +checksum = "3e5a21b8495e732f1b3c364c9949b201ca7bae518c502c80256c96ad79eaf6ac" dependencies = [ "clap_builder", "clap_derive", @@ -128,9 +132,9 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.5.15" +version = "4.5.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "216aec2b177652e3846684cbfe25c9964d18ec45234f0f5da5157b207ed1aab6" +checksum = "8cf2dd12af7a047ad9d6da2b6b249759a22a7abc0f474c1dae1777afa4b21a73" dependencies = [ "anstream", "anstyle", @@ -156,6 +160,16 @@ version = "0.7.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1462739cb27611015575c0c11df5df7601141071f07518d56fcc1be504cbec97" +[[package]] +name = "clap_mangen" +version = "0.2.23" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f17415fd4dfbea46e3274fcd8d368284519b358654772afb700dc2e8d2b24eeb" +dependencies = [ + "clap", + "roff", +] + [[package]] name = "codicon" version = "3.0.0" @@ -164,9 +178,9 @@ checksum = "12170080f3533d6f09a19f81596f836854d0fa4867dc32c8172b8474b4e9de61" [[package]] name = "colorchoice" -version = "1.0.0" +version = "1.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "acbf1af155f9b9ef647e42cdc158db4b64a1b61f743629225fde6f3e0be2a7c7" +checksum = "d3fd119d74b830634cea2a0f58bbd0d54540518a14397557951e79340abc28c0" [[package]] name = "colorful" @@ -191,9 +205,9 @@ dependencies = [ [[package]] name = "curl-sys" -version = "0.4.72+curl-8.6.0" +version = "0.4.75+curl-8.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "29cbdc8314c447d11e8fd156dcdd031d9e02a7a976163e396b548c03153bc9ea" +checksum = "2a4fd752d337342e4314717c0d9b6586b059a120c80029ebe4d49b11fec7875e" dependencies = [ "cc", "libc", @@ -255,9 +269,9 @@ checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b" [[package]] name = "getrandom" -version = "0.2.14" +version = "0.2.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "94b22e06ecb0110981051723910cbf0b5f5e09a2062dd7663334ee79a9d1286c" +checksum = "c4567c8db10ae91089c99af84c68c38da3ec2f087c3f82960bcdbf3656b6f4d7" dependencies = [ "cfg-if", "libc", @@ -272,9 +286,9 @@ checksum = "2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea" [[package]] name = "hermit-abi" -version = "0.3.9" +version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d231dfb89cfffdbc30e7fc41579ed6066ad03abda9e567ccafae602b97ec5024" +checksum = "fbf6a919d6cf397374f7dfeeea91d974c7c0a7221d0d0f4f20d859d329e53fcc" [[package]] name = "hex" @@ -296,26 +310,32 @@ checksum = "d8972d5be69940353d5347a1344cb375d9b457d6809b428b05bb1ca2fb9ce007" [[package]] name = "is-terminal" -version = "0.4.12" +version = "0.4.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f23ff5ef2b80d608d61efee834934d862cd92461afc0560dedf493e4c033738b" +checksum = "261f68e344040fbd0edea105bef17c66edf46f984ddb1115b775ce31be948f4b" dependencies = [ "hermit-abi", "libc", "windows-sys 0.52.0", ] +[[package]] +name = "is_terminal_polyfill" +version = "1.70.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7943c866cc5cd64cbc25b2e01621d07fa8eb2a1a23160ee81ce38704e97b8ecf" + [[package]] name = "lazy_static" -version = "1.4.0" +version = "1.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" +checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe" [[package]] name = "libc" -version = "0.2.154" +version = "0.2.158" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ae743338b92ff9146ce83992f766a31066a91a8c84a45e0e9f21e7cf6de6d346" +checksum = "d8adc4bb1803a324070e64a98ae98f38934d91957a99cfb3a43dcbc01bc56439" [[package]] name = "libredox" @@ -323,15 +343,15 @@ version = "0.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c0ff37bd590ca25063e35af745c343cb7a0271906fb7b37e4813e8f79f00268d" dependencies = [ - "bitflags 2.5.0", + "bitflags 2.6.0", "libc", ] [[package]] name = "libz-sys" -version = "1.1.16" +version = "1.1.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5e143b5e666b2695d28f6bca6497720813f699c9602dd7f5cac91008b8ada7f9" +checksum = "d2d16453e800a8cf6dd2fc3eb4bc99b786a9b90c663b8559a5b1a041bf89e472" dependencies = [ "cc", "libc", @@ -341,15 +361,15 @@ dependencies = [ [[package]] name = "log" -version = "0.4.21" +version = "0.4.22" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "90ed8c1e510134f979dbc4f070f87d4313098b704861a105fe34231c70a3901c" +checksum = "a7a70ba024b9dc04c27ea2f0c0548feb474ec5c54bba33a7f72f873a39d07b24" [[package]] name = "memchr" -version = "2.7.2" +version = "2.7.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6c8640c5d730cb13ebd907d8d04b52f55ac9a2eec55b440c8892f40d56c76c1d" +checksum = "78ca9ab1a0babb1e7d5695e3530886289c18cf2f87ec19a575a0abdce112e3a3" [[package]] name = "msru" @@ -365,11 +385,11 @@ checksum = "3fdb12b2476b595f9358c5161aa467c2438859caa136dec86c26fdd2efe17b92" [[package]] name = "openssl" -version = "0.10.64" +version = "0.10.66" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "95a0481286a310808298130d22dd1fef0fa571e05a8f44ec801801e84b216b1f" +checksum = "9529f4786b70a3e8c61e11179af17ab6188ad8d0ded78c5529441ed39d4bd9c1" dependencies = [ - "bitflags 2.5.0", + "bitflags 2.6.0", "cfg-if", "foreign-types", "libc", @@ -397,9 +417,9 @@ checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" [[package]] name = "openssl-sys" -version = "0.9.102" +version = "0.9.103" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c597637d56fbc83893a35eb0dd04b2b8e7a50c91e64e9493e398b5df4fb45fa2" +checksum = "7f9e8deee91df40a943c71b917e5874b951d32a802526c85721ce3b776c929d6" dependencies = [ "cc", "libc", @@ -421,18 +441,18 @@ checksum = "d231b230927b5e4ad203db57bbcbee2802f6bce620b1e4a9024a07d94e2907ec" [[package]] name = "proc-macro2" -version = "1.0.81" +version = "1.0.86" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3d1597b0c024618f09a9c3b8655b7e430397a36d23fdafec26d6965e9eec3eba" +checksum = "5e719e8df665df0d1c8fbfd238015744736151d4445ec0836b8e628aae103b77" dependencies = [ "unicode-ident", ] [[package]] name = "quote" -version = "1.0.36" +version = "1.0.37" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0fa76aaf39101c457836aec0ce2316dbdc3ab723cdda1c6bd4e6ad4208acaca7" +checksum = "b5b9d34b8991d19d98081b46eacdd8eb58c6f2b201139f7c5f643cc155a633af" dependencies = [ "proc-macro2", ] @@ -457,9 +477,9 @@ dependencies = [ [[package]] name = "redox_users" -version = "0.4.5" +version = "0.4.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bd283d9651eeda4b2a83a43c1c91b266c40fd76ecd39a50a8c630ae69dc72891" +checksum = "ba009ff324d1fc1b900bd1fdb31564febe58a8ccc8a6fdbb93b543d33b13ca43" dependencies = [ "getrandom", "libredox", @@ -468,9 +488,9 @@ dependencies = [ [[package]] name = "regex" -version = "1.10.4" +version = "1.10.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c117dbdfde9c8308975b6a18d71f3f385c89461f7b3fb054288ecf2a2058ba4c" +checksum = "4219d74c6b67a3654a9fbebc4b419e22126d13d2f3c4a07ee0cb61ff79a79619" dependencies = [ "aho-corasick", "memchr", @@ -480,9 +500,9 @@ dependencies = [ [[package]] name = "regex-automata" -version = "0.4.6" +version = "0.4.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "86b83b8b9847f9bf95ef68afb0b8e6cdb80f498442f5179a29fad448fcc1eaea" +checksum = "38caf58cc5ef2fed281f89292ef23f6365465ed9a41b7a7754eb4e26496c92df" dependencies = [ "aho-corasick", "memchr", @@ -491,24 +511,30 @@ dependencies = [ [[package]] name = "regex-syntax" -version = "0.8.3" +version = "0.8.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7a66a03ae7c801facd77a29370b4faec201768915ac14a721ba36f20bc9c209b" + +[[package]] +name = "roff" +version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "adad44e29e4c806119491a7f06f03de4d1af22c3a680dd47f1e6e179439d1f56" +checksum = "88f8660c1ff60292143c98d08fc6e2f654d722db50410e3f3797d40baaf9d8f3" [[package]] name = "schannel" -version = "0.1.23" +version = "0.1.24" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fbc91545643bcf3a0bbb6569265615222618bdf33ce4ffbbd13c4bbd4c093534" +checksum = "e9aaafd5a2b6e3d657ff009d82fbd630b6bd54dd4eb06f21693925cdf80f9b8b" dependencies = [ - "windows-sys 0.52.0", + "windows-sys 0.59.0", ] [[package]] name = "serde" -version = "1.0.198" +version = "1.0.210" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9846a40c979031340571da2545a4e5b7c4163bdae79b301d5f86d03979451fcc" +checksum = "c8e3592472072e6e22e0a54d5904d9febf8508f65fb8552499a1abc7d1078c3a" dependencies = [ "serde_derive", ] @@ -524,18 +550,18 @@ dependencies = [ [[package]] name = "serde_bytes" -version = "0.11.14" +version = "0.11.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8b8497c313fd43ab992087548117643f6fcd935cbf36f176ffda0aacf9591734" +checksum = "387cc504cb06bb40a96c8e04e951fe01854cf6bc921053c954e4a606d9675c6a" dependencies = [ "serde", ] [[package]] name = "serde_derive" -version = "1.0.198" +version = "1.0.210" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e88edab869b01783ba905e7d0153f9fc1a6505a96e4ad3018011eedb838566d9" +checksum = "243902eda00fad750862fc144cea25caca5e20d615af0a81bee94ca738f1df1f" dependencies = [ "proc-macro2", "quote", @@ -568,12 +594,19 @@ dependencies = [ "uuid", ] +[[package]] +name = "shlex" +version = "1.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64" + [[package]] name = "snphost" version = "0.5.0" dependencies = [ "anyhow", "clap", + "clap_mangen", "colorful", "curl", "env_logger", @@ -584,9 +617,9 @@ dependencies = [ [[package]] name = "socket2" -version = "0.5.6" +version = "0.5.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "05ffd9c0a93b7543e062e759284fcf5f5e3b098501104bfbdde4d404db792871" +checksum = "ce305eb0b4296696835b71df73eb912e0f1ffd2556a501fcede6e0c50349191c" dependencies = [ "libc", "windows-sys 0.52.0", @@ -606,9 +639,9 @@ checksum = "7da8b5736845d9f2fcb837ea5d9e2628564b3b043a70948a3f0b778838c5fb4f" [[package]] name = "syn" -version = "2.0.60" +version = "2.0.77" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "909518bc7b1c9b779f1bbf07f2929d35af9f0f37e47c6e9ef7f9dddc1e1821f3" +checksum = "9f35bcdf61fd8e7be6caf75f429fdca8beb3ed76584befb503b1569faee373ed" dependencies = [ "proc-macro2", "quote", @@ -626,18 +659,18 @@ dependencies = [ [[package]] name = "thiserror" -version = "1.0.59" +version = "1.0.63" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f0126ad08bff79f29fc3ae6a55cc72352056dfff61e3ff8bb7129476d44b23aa" +checksum = "c0342370b38b6a11b6cc11d6a805569958d54cfa061a29969c3b5ce2ea405724" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.59" +version = "1.0.63" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d1cd413b5d558b4c5bf3680e324a6fa5014e7b7c067a51e69dbdf47eb7148b66" +checksum = "a4558b58466b9ad7ca0f102865eccc95938dca1a74a856f2b57b6629050da261" dependencies = [ "proc-macro2", "quote", @@ -646,21 +679,21 @@ dependencies = [ [[package]] name = "unicode-ident" -version = "1.0.12" +version = "1.0.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3354b9ac3fae1ff6755cb6db53683adb661634f67557942dea4facebec0fee4b" +checksum = "e91b56cd4cadaeb79bbf1a5645f6b4f8dc5bde8834ad5894a8db35fda9efa1fe" [[package]] name = "utf8parse" -version = "0.2.1" +version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "711b9620af191e0cdc7468a8d14e709c3dcdb115b36f838e601583af800a370a" +checksum = "06abde3611657adf66d383f00b093d7faecc7fa57071cce2578660c9f1010821" [[package]] name = "uuid" -version = "1.8.0" +version = "1.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a183cf7feeba97b4dd1c0d46788634f6221d87fa961b305bed08c851829efcc0" +checksum = "81dfa00651efa65069b0b6b651f4aaa31ba9e3c3ce0137aaad053604ee7e0314" dependencies = [ "serde", ] @@ -679,11 +712,11 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" [[package]] name = "winapi-util" -version = "0.1.8" +version = "0.1.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4d4cc384e1e73b93bafa6fb4f1df8c41695c8a91cf9c4c64358067d15a7b6c6b" +checksum = "cf221c93e13a30d793f7645a0e7762c55d169dbb0a49671918a2319d289b10bb" dependencies = [ - "windows-sys 0.52.0", + "windows-sys 0.59.0", ] [[package]] @@ -701,7 +734,16 @@ version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" dependencies = [ - "windows-targets 0.52.5", + "windows-targets 0.52.6", +] + +[[package]] +name = "windows-sys" +version = "0.59.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e38bc4d79ed67fd075bcc251a1c39b32a1776bbe92e5bef1f0bf1f8c531853b" +dependencies = [ + "windows-targets 0.52.6", ] [[package]] @@ -721,18 +763,18 @@ dependencies = [ [[package]] name = "windows-targets" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6f0713a46559409d202e70e28227288446bf7841d3211583a4b53e3f6d96e7eb" +checksum = "9b724f72796e036ab90c1021d4780d4d3d648aca59e491e6b98e725b84e99973" dependencies = [ - "windows_aarch64_gnullvm 0.52.5", - "windows_aarch64_msvc 0.52.5", - "windows_i686_gnu 0.52.5", + "windows_aarch64_gnullvm 0.52.6", + "windows_aarch64_msvc 0.52.6", + "windows_i686_gnu 0.52.6", "windows_i686_gnullvm", - "windows_i686_msvc 0.52.5", - "windows_x86_64_gnu 0.52.5", - "windows_x86_64_gnullvm 0.52.5", - "windows_x86_64_msvc 0.52.5", + "windows_i686_msvc 0.52.6", + "windows_x86_64_gnu 0.52.6", + "windows_x86_64_gnullvm 0.52.6", + "windows_x86_64_msvc 0.52.6", ] [[package]] @@ -743,9 +785,9 @@ checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8" [[package]] name = "windows_aarch64_gnullvm" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7088eed71e8b8dda258ecc8bac5fb1153c5cffaf2578fc8ff5d61e23578d3263" +checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3" [[package]] name = "windows_aarch64_msvc" @@ -755,9 +797,9 @@ checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc" [[package]] name = "windows_aarch64_msvc" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9985fd1504e250c615ca5f281c3f7a6da76213ebd5ccc9561496568a2752afb6" +checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469" [[package]] name = "windows_i686_gnu" @@ -767,15 +809,15 @@ checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e" [[package]] name = "windows_i686_gnu" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "88ba073cf16d5372720ec942a8ccbf61626074c6d4dd2e745299726ce8b89670" +checksum = "8e9b5ad5ab802e97eb8e295ac6720e509ee4c243f69d781394014ebfe8bbfa0b" [[package]] name = "windows_i686_gnullvm" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "87f4261229030a858f36b459e748ae97545d6f1ec60e5e0d6a3d32e0dc232ee9" +checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66" [[package]] name = "windows_i686_msvc" @@ -785,9 +827,9 @@ checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406" [[package]] name = "windows_i686_msvc" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "db3c2bf3d13d5b658be73463284eaf12830ac9a26a90c717b7f771dfe97487bf" +checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66" [[package]] name = "windows_x86_64_gnu" @@ -797,9 +839,9 @@ checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e" [[package]] name = "windows_x86_64_gnu" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4e4246f76bdeff09eb48875a0fd3e2af6aada79d409d33011886d3e1581517d9" +checksum = "147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78" [[package]] name = "windows_x86_64_gnullvm" @@ -809,9 +851,9 @@ checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc" [[package]] name = "windows_x86_64_gnullvm" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "852298e482cd67c356ddd9570386e2862b5673c85bd5f88df9ab6802b334c596" +checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d" [[package]] name = "windows_x86_64_msvc" @@ -821,6 +863,6 @@ checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538" [[package]] name = "windows_x86_64_msvc" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bec47e5bfd1bff0eeaf6d8b485cc1074891a197ab4225d504cb7a1ab88b02bf0" +checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec" diff --git a/Cargo.toml b/Cargo.toml index f09f99c..eee6713 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -11,7 +11,8 @@ readme = "README.md" keywords = ["amd", "sev", "snp"] categories = ["os", "os::linux-apis", "parsing", "cryptography", "hardware-support"] exclude = [ ".gitignore", ".github/*" ] -rust-version = "1.74" +rust-version = "1.80" +build = "src/build.rs" [badges] # See https://doc.rust-lang.org/cargo/reference/manifest.html#the-badges-section @@ -32,3 +33,14 @@ colorful = "0.2.2" libc = "0.2.154" curl = "0.4" msru = "0.2.0" + +[build-dependencies] +clap_mangen = "0.2.23" +anyhow = "1.0.83" +sev = { version = "4.0.0", features = ['openssl']} +env_logger = "0.10.1" +clap = { version = "4.5", features = [ "derive" ] } +colorful = "0.2.2" +libc = "0.2.154" +curl = "0.4" +msru = "0.2.0" diff --git a/build.rs b/build.rs deleted file mode 100644 index 6acde4d..0000000 --- a/build.rs +++ /dev/null @@ -1,54 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 - -use std::path::Path; -use std::{env, fs, io, process}; - -const COMMANDS: [&str; 1] = ["snphost"]; - -fn main() { - let outdir = match env::var_os("OUT_DIR") { - Some(outdir) => outdir, - None => { - panic!("OUT_DIR environment variable not defined."); - } - }; - fs::create_dir_all(&outdir).unwrap(); - - for command in COMMANDS { - if let Err(err) = generate_man_page(&outdir, command) { - println!( - "failed to generate man page: {} (is asciidoctor installed?)", - err - ); - } - } -} - -fn generate_man_page>(outdir: P, command: &str) -> io::Result<()> { - // If asciidoctor isn't installed, fallback to asciidoc. - if let Err(err) = process::Command::new("asciidoctor").output() { - eprintln!("Error from running 'asciidoctor': {}", err); - return Err(err); - } - - let outdir = outdir.as_ref(); - let outfile = outdir.join(format!("{}.1", command)); - let cwd = env::current_dir()?; - let txt_path = cwd.join("docs").join(format!("{}.1.adoc", command)); - - let result = process::Command::new("asciidoctor") - .arg("--doctype") - .arg("manpage") - .arg("--backend") - .arg("manpage") - .arg("--out-file") - .arg(&outfile) - .arg(&txt_path) - .spawn()? - .wait()?; - if !result.success() { - let msg = format!("'asciidoctor' failed with exit code {:?}", result.code()); - return Err(io::Error::new(io::ErrorKind::Other, msg)); - } - Ok(()) -} diff --git a/docs/README.md b/docs/README.md new file mode 100644 index 0000000..8907f34 --- /dev/null +++ b/docs/README.md @@ -0,0 +1,3 @@ +# Documentation +All of the documentation generated will end up in this directory. This is a +placeholder to make sure the directory stays in the tree. diff --git a/docs/snphost.1.adoc b/docs/snphost.1.adoc deleted file mode 100644 index 560dc0b..0000000 --- a/docs/snphost.1.adoc +++ /dev/null @@ -1,180 +0,0 @@ -snphost(1) -========== - -NAME ----- -snphost - Command line tool for managing the AMD SEV-SNP environment. - - -SYNOPSIS --------- -*snphost* [GLOBAL_OPTIONS] [_COMMAND_] [_COMMAND_ARGS_] + -*snphost* [_-h, --help_] + -*snphost* *command* *--help* - - -DESCRIPTION ------------ -snphost is a CLI utility for managing and interacting with the AMD SEV-SNP -firmware device of a host system. - - -GLOBAL OPTIONS --------------- -*-q, --quiet*:: Don't print any output to the console. - - -COMMANDS --------- -*snphost export*:: - usage: snphost export [der, pem] CERT-FILE DIR-PATH - - This command exports the SEV-SNP certificate chain to the directory - provided by DIR-PATH. User has to provide the CERT-FILE where the certs - are currently stored in (in GHCB format). The user must also specify if - they want the certs to be exported in PEM or DER certificate format. These are the only - two encoding formats supported in this tool. Currently only AMD chain certificates (ARK, ASK, VCEK and VLEK) - are supported for export. - - options: - -h, --help Show a help message. - -*snphost import*:: - usage: snphost import DIR-PATH CERT-FILE - - This command imports serialized SEV-SNP certificates to the specified CERT-FILE. - This CERT-FILE can then be provided to QEMU to perform extended attestation on guest. - Currently, only the ASK, ARK, VCEK and VLEK are supported to serialize in the tool. - Note that there are a few user requirements for this command to work as intended. - - All certificates must be located in the same directory with specific - names: - ARK certificate => ark.{pem, der} - ASK certificate => ask.{pem, der} - VCEK certificate => vcek.{pem, der} - VLEK certificate => vlek.{pem, der} - - Not all certificates are needed in the directory, only the ones that a - user is looking to import to the CERT-FILE. - - options: - -h, --help Show a help message - -*snphost ok*:: - usage: snphost ok - - This command probes the processor, sysfs, and KVM for AMD SEV-SNP - related capabilities on the host and emits the results. - - options: - -h, --help Show a help message - -*snphost commit*:: - usage: snphost commit - - This command commits the current firmware and SNP platform config versions to the PSP. - This can't be undone and will not allow rollbacks to older versions. - - options: - -h, --help Show a help message. - -*snphost config set*:: - usage: snphost config set BOOTLOADER TEE SNP-FW MICROCODE MASK-CHIP - - This command allows the user to change the config of the SNP platform. The user can - provide the desired versions of the different TCB paramerters they would like to modify. - The command will change the reported values by the PSP. In order to have this changes commited, the - user would have to use snphost commit. The user can also provide a new mask-chip value that - will change the mask chip bit field values in the config. - - Explanation of the different parmeters: - BOOTLOADER: Desired reported bootloader version - TEE: Desired reported PSP OS version - SNP-FW: Desired reported SNP Firmware level - MICROCODE: Desired reported patch level of all the cores - MASK-CHIP: Change the CHIP ID and CHIP KEY settings by changing the MASK-CHIP bits. - Valid values range from 0-3 depending on what bits the user wants enabled. - - Bit[0] -> CHIP ID: Indicates that the CHIP_ID field in the attestation report - will always be 0. - Bit[1] -> MASK KEY: Indicates that the VCEK is not used in attestation and guest - key derivation. - - For example, if the user would like MASK KEY to be enabled and CHIP ID disabled, - then the they would pass in a 2. - - options: - -h, --help Show a help message. - -*snphost config reset*:: - usage: snphost config reset - - This command resets the SEV-SNP platform. This will clear all - persistent data managed by the platform and reset the platform configuration - to its last committed version. - - options: - -h, --help Show a help message. - -*snphost show*:: - usage: snphost show [guests, identifier, tcb, vcek-url, version ] - - This command describes the state of the SEV-SNP platform. There are - several platform details to describe: - - Guest count: snphost show guests - Platform identifier: snphost show identifier - TCB version: snphost show tcb - VCEK URL: snphost show vcek-url - Firmware version: snphost show version - - options: - -h, --help Show a help message - -*snphost verify*:: - usage: snphost verify DIR-PATH - - This command verifies the full SEV-SNP/CA certificate chain. - It will use the ask,ark, and vek (vcek or vlek) certificates that are - stored in the provided directory. If both the vlek and vcek are present, - then the tool will use the vlek by default. - - options: - -h, --help Show a help message - -*snphost fetch ca*:: - usage: snphost fetch ca [ der, pem ] DIR-PATH - - This command fetches the host system's CA certificate chain and writes - the encoded certificates to the directory at path DIR-PATH. Users must - specify which format they would like the certificate to be encoded - in (DER or PEM). - - options: - -h, --help Show a help message - -*snphost fetch vcek*:: - usage: snphost fetch vcek [ der, pem ] DIR-PATH - - This command fetches the host system's versioned chip endorsement - key (VCEK) and writes the encoded certificate to the directory at path - DIR-PATH. Users must specify which format they would like the - certificate to be encoded in (DER or PEM). - - options: - -h, --help Show a help message - -*snphost fetch crl*:: - usage: snphost fetch crl DIR-PATH - - This command fetches the host system's certificate revokation list - (CRL) and writes the encoded list to the directory at path DIR-PATH. - - options: - -h, --help Show a help message - - -REPORTING BUGS --------------- - -Please report all bugs to diff --git a/src/build.rs b/src/build.rs new file mode 100644 index 0000000..689962d --- /dev/null +++ b/src/build.rs @@ -0,0 +1,28 @@ +// SPDX-License-Identifier: Apache-2.0 + +use anyhow::{Context, Result}; +use clap::{arg, command, CommandFactory, Parser, Subcommand, ValueEnum}; + +mod cert; +use cert::{export, fetch, import, verify}; +use sev::firmware::host::*; +mod cli; +mod config; +mod ok; +mod processor; +mod show; + +use cli::SnpHost; +use std::path::PathBuf; + +fn generate_man_pages() -> std::io::Result<()> { + clap_mangen::generate_to( + SnpHost::command(), + PathBuf::from(env!("CARGO_MANIFEST_DIR")).join("docs/"), + ) +} + +fn main() -> std::io::Result<()> { + // Uses clap_mangen to generate all relevant man pages. + generate_man_pages() +} diff --git a/src/cert/fetch/vcek.rs b/src/cert/fetch/vcek.rs index be74c43..9aeeacf 100644 --- a/src/cert/fetch/vcek.rs +++ b/src/cert/fetch/vcek.rs @@ -8,7 +8,10 @@ use std::{ path::PathBuf, }; -use crate::{firmware, processor::ProcessorGeneration, snp_platform_status}; +use crate::{ + cli::{firmware, snp_platform_status}, + processor::ProcessorGeneration, +}; use anyhow::{Context, Result}; use curl::easy::Easy; diff --git a/src/cli.rs b/src/cli.rs new file mode 100644 index 0000000..3357ca2 --- /dev/null +++ b/src/cli.rs @@ -0,0 +1,92 @@ +// SPDX-License-Identifier: Apache-2.0 + +#![allow(dead_code)] + +use clap::{arg, Parser, Subcommand}; + +use super::*; + +pub(crate) fn firmware() -> Result { + Firmware::open().context("unable to open /dev/sev") +} + +pub(crate) fn snp_platform_status() -> anyhow::Result { + firmware()? + .snp_platform_status() + .map_err(|e| anyhow::anyhow!(format!("{:?}", e))) + .context("unable to retrieve SNP platform status") +} + +pub(crate) fn sev_platform_status() -> anyhow::Result { + firmware()? + .platform_status() + .map_err(|e| anyhow::anyhow!(format!("{:?}", e))) + .context("unable to retrieve SEV platform status") +} + +// Commit command +mod commit { + use crate::cli::firmware; + pub fn cmd() -> anyhow::Result<()> { + firmware()?.snp_commit()?; + Ok(()) + } +} + +#[derive(Parser)] +#[command(author, version, about, long_about = None)] +pub struct SnpHost { + #[command(subcommand)] + pub cmd: SnpHostCmd, + + /// Don't print anything to the console + #[arg(short, long, default_value_t = false)] + pub quiet: bool, +} + +#[allow(clippy::large_enum_variant)] +/// Utilities for managing the SEV-SNP environment +#[derive(Subcommand)] +pub enum SnpHostCmd { + /// Display information about the SEV-SNP platform + #[command(subcommand)] + Show(show::Show), + + /// Export a certificate chain from a kernel format file to a given directory + Export(export::Export), + + /// Import a certificate chain to a file + Import(import::Import), + + /// Probe system for SEV-SNP support + Ok, + + /// Modify the SNP configuration + #[command(subcommand)] + Config(config::ConfigCmd), + + /// Verify a certificate chain + Verify(verify::Verify), + + /// Retrieve content from the AMD Key Distribution Server (KDS) + #[command(subcommand)] + Fetch(fetch::Fetch), + + /// Commit current firmware and TCB versions to PSP + Commit, +} + +impl SnpHostCmd { + pub fn handle(self, quiet: bool) -> Result<()> { + match self { + Self::Show(show) => show::cmd(show), + Self::Export(export) => export::cmd(export), + Self::Import(import) => import::cmd(import), + Self::Ok => ok::cmd(quiet), + Self::Config(subcmd) => config::cmd(subcmd), + Self::Verify(verify) => verify::cmd(verify, quiet), + Self::Fetch(fetch) => fetch::cmd(fetch), + Self::Commit => commit::cmd(), + } + } +} diff --git a/src/config.rs b/src/config.rs index b4b1c1d..54b62f3 100644 --- a/src/config.rs +++ b/src/config.rs @@ -2,6 +2,8 @@ use super::*; +use cli::firmware; + // Different config commands #[derive(Subcommand)] pub enum ConfigCmd { diff --git a/src/main.rs b/src/main.rs index d1f79bc..d03df20 100644 --- a/src/main.rs +++ b/src/main.rs @@ -1,104 +1,26 @@ // SPDX-License-Identifier: Apache-2.0 #![deny(clippy::all)] +mod cli; +use anyhow::Context; +use clap::{arg, command, Parser, Subcommand, ValueEnum}; +use cli::SnpHost; +use sev::firmware::host::*; mod cert; +use cert::{export, fetch, import, verify}; mod config; +mod ok; mod processor; mod show; -mod ok; - -use cert::{export, fetch, import, verify}; - -use anyhow::{Context, Result}; -use clap::{arg, Parser, Subcommand, ValueEnum}; -use sev::firmware::host::*; - -#[derive(Parser)] -#[command(author, version, about, long_about = None)] -struct SnpHost { - #[command(subcommand)] - pub cmd: SnpHostCmd, - - /// Don't print anything to the console - #[arg(short, long, default_value_t = false)] - pub quiet: bool, -} - -#[allow(clippy::large_enum_variant)] -/// Utilities for managing the SEV-SNP environment -#[derive(Subcommand)] -enum SnpHostCmd { - /// Display information about the SEV-SNP platform - #[command(subcommand)] - Show(show::Show), - - /// Export a certificate chain from a kernel format file to a given directory - Export(export::Export), - - /// Import a certificate chain to a file - Import(import::Import), - - /// Probe system for SEV-SNP support - Ok, - - /// Modify the SNP configuration - #[command(subcommand)] - Config(config::ConfigCmd), - - /// Verify a certificate chain - Verify(verify::Verify), - - /// Retrieve content from the AMD Key Distribution Server (KDS) - #[command(subcommand)] - Fetch(fetch::Fetch), - - /// Commit current firmware and TCB versions to PSP - Commit, -} - -// Commit command -mod commit { - use super::*; - pub fn cmd() -> Result<()> { - firmware()?.snp_commit()?; - Ok(()) - } -} - -fn firmware() -> Result { - Firmware::open().context("unable to open /dev/sev") -} - -fn snp_platform_status() -> Result { - firmware()? - .snp_platform_status() - .map_err(|e| anyhow::anyhow!(format!("{:?}", e))) - .context("unable to retrieve SNP platform status") -} - -fn sev_platform_status() -> Result { - firmware()? - .platform_status() - .map_err(|e| anyhow::anyhow!(format!("{:?}", e))) - .context("unable to retrieve SEV platform status") -} - +use anyhow::Result; fn main() -> Result<()> { env_logger::init(); let snphost = SnpHost::parse(); - let result = match snphost.cmd { - SnpHostCmd::Show(show) => show::cmd(show), - SnpHostCmd::Export(export) => export::cmd(export), - SnpHostCmd::Import(import) => import::cmd(import), - SnpHostCmd::Ok => ok::cmd(snphost.quiet), - SnpHostCmd::Config(subcmd) => config::cmd(subcmd), - SnpHostCmd::Verify(verify) => verify::cmd(verify, snphost.quiet), - SnpHostCmd::Fetch(fetch) => fetch::cmd(fetch), - SnpHostCmd::Commit => commit::cmd(), - }; + + let result = snphost.cmd.handle(snphost.quiet); if !snphost.quiet { if let Err(ref e) = result { diff --git a/src/ok.rs b/src/ok.rs index 209404c..45c99fe 100644 --- a/src/ok.rs +++ b/src/ok.rs @@ -2,6 +2,8 @@ use super::*; +use cli::{sev_platform_status, snp_platform_status}; + use std::{ arch::x86_64, fmt, diff --git a/src/show.rs b/src/show.rs index bb69208..02f0d50 100644 --- a/src/show.rs +++ b/src/show.rs @@ -3,6 +3,7 @@ use super::*; use cert::fetch::vcek::vcek_url; +use cli::{firmware, snp_platform_status}; #[derive(Subcommand)] pub enum Show { From 197298b6bfe4e46f63aa82ca5e70c92b1b788d9a Mon Sep 17 00:00:00 2001 From: Larry Dewey Date: Wed, 18 Sep 2024 09:57:38 -0500 Subject: [PATCH 2/2] Rust minimum version bump Updating to 1.80.0 Signed-off-by: Larry Dewey --- .github/workflows/lint.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 5cf4bd4..36ce92c 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -26,7 +26,7 @@ jobs: - uses: actions-rs/toolchain@v1 with: components: clippy - toolchain: 1.80 + toolchain: 1.80.0 profile: minimal override: true - uses: actions-rs/cargo@v1