├── .github ├── .license_check.ini ├── ISSUE_TEMPLATE │ ├── bug_report.yaml │ ├── document.yaml │ └── feature_request.yaml ├── cspell.json ├── pylintrc └── workflows │ ├── contributor-list.yaml │ ├── e2e-test-k8s.yaml │ ├── pr-check-rust.yaml │ ├── pr-container-check.yaml │ ├── pr-doclint.yaml │ ├── pr-golang-check.yaml │ ├── pr-license-python.yaml │ ├── pr-pylint.yaml │ ├── pr-shell-check.yaml │ └── publish-ccnp.yaml ├── .gitignore ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── LICENSE ├── OWNERS.md ├── README.md ├── SECURITY.md ├── container ├── README.md ├── build.sh ├── cima-example │ └── Dockerfile ├── cima-perf │ ├── Dockerfile │ └── cima_perf.py ├── cima-server │ └── Dockerfile ├── cima-webhook │ └── Dockerfile ├── pccs │ ├── Dockerfile │ ├── README.md │ ├── default.json │ ├── network_setting.conf │ └── pre-build.sh └── qgs │ ├── Dockerfile │ ├── README.md │ └── sgx_default_qcnl.conf ├── deployment ├── README.md ├── docker-compose │ ├── README.md │ ├── cleanup.sh │ ├── configs │ │ ├── cima-compose.yaml.template │ │ └── cima-example.yaml.template │ ├── deploy-cima.sh │ ├── exec-cima-example.sh │ ├── prepare.sh │ ├── prerequisite.sh │ └── scripts │ │ ├── cache.sh │ │ ├── comm.sh │ │ ├── device.sh │ │ └── docker_compose.sh └── kubernetes │ ├── README.md │ ├── charts │ └── cima-server │ │ ├── Chart.yaml │ │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── daemonset.yaml │ │ ├── namespace.yaml │ │ └── serviceaccount.yaml │ │ └── values.yaml │ ├── manifests │ ├── cima-example-deployment.yaml │ ├── cima-perf-deployment.yaml │ ├── cima-server-deployment.yaml │ ├── cima-webhook-deployment.yaml │ └── namespace.yaml │ └── script │ ├── deploy-cima-example.sh │ ├── deploy-cima.sh │ ├── exec-cima-example.sh │ ├── image-manager.sh │ └── prerequisite.sh ├── docs ├── cc-full-measurement-tdreport.png ├── cc-full-meaurement-chain.png ├── cima-architecture-high-level.png ├── cima-deployment-docker.png ├── cima-deployment-k8s.png ├── cima-landing-confidential-cluster.png ├── cima_arch.png ├── container-measurement-arch.png ├── container-measurement-arch2.png ├── container-measurement-chain.png ├── container-measurement-design.md ├── cvm-customizations.png ├── cvm-image-rewriter-flow.png ├── faas-measurement-chain.png ├── ima-cgpath.png ├── ima-workflow.png ├── kubernetes-measurement-chain.png ├── sample-output-for-container-eventlog.txt └── sample-output-for-container-measurement.txt ├── sdk ├── golang │ ├── README.md │ ├── cima │ │ ├── client.go │ │ ├── go.mod │ │ ├── proto │ │ │ ├── cima-server.pb.go │ │ │ ├── cima-server.proto │ │ │ └── cima-server_grpc.pb.go │ │ └── sdk.go │ └── example │ │ ├── go-sdk-example.go │ │ └── go.mod ├── python3 │ ├── .gitignore │ ├── README.md │ ├── cima │ │ ├── __init__.py │ │ ├── cima_server_pb2.py │ │ ├── cima_server_pb2.pyi │ │ ├── cima_server_pb2_grpc.py │ │ └── sdk.py │ ├── example │ │ └── py_sdk_example.py │ ├── pyproject.toml │ ├── requirements.txt │ ├── setup.cfg │ ├── tests │ │ ├── conftest.py │ │ ├── test_eventlog.py │ │ └── test_measurement.py │ └── tox.ini └── rust │ ├── README.MD │ ├── cima │ ├── Cargo.toml │ ├── build.rs │ ├── deny.toml │ ├── proto │ │ └── cima-server.proto │ └── src │ │ ├── cima_server_pb.rs │ │ ├── client.rs │ │ ├── lib.rs │ │ └── sdk.rs │ └── example │ ├── Cargo.toml │ └── src │ └── rust-sdk-example.rs ├── service ├── cima-server │ ├── Cargo.toml │ ├── Makefile │ ├── README.md │ ├── build.rs │ ├── configs │ │ └── policy.yaml │ ├── deny.toml │ ├── proto │ │ └── cima-server.proto │ └── src │ │ ├── agent.rs │ │ ├── cima_server_pb.rs │ │ ├── container.rs │ │ ├── main.rs │ │ ├── measurement.rs │ │ ├── policy.rs │ │ └── service.rs └── cima-webhook │ ├── .gitignore │ ├── .golangci.yml │ ├── PROJECT │ ├── README.md │ ├── go.mod │ ├── go.sum │ ├── hack │ └── gen-certs.sh │ ├── main.go │ └── pod_webhook.go ├── test ├── ci-test │ ├── ci-e2e-test.sh │ └── py-test │ │ └── test_cima.py └── perf │ └── README.md └── tools └── build ├── .gitignore ├── README.md ├── build.sh └── kernel ├── patches ├── 0000-x86-tdx-Add-tdx_mcall_rtmr_extend-interface.patch ├── 0001-ima-support-for-boot-aggregate-and-runtime-measureme.patch ├── 0002-ima-initialize-fake-TPM-device-for-TDX-RTMR.patch ├── 0003-fix-remove-comparison-on-RTMR-2-measurement.patch ├── 0004-fix-fix-sha-index-issue-in-IMA.patch ├── 0005-ima-use-SHA384-hash-algorithm-for-measurement-in-ker.patch ├── 0006-x86-tdx-rtmr-extend-TDX-RTMR-interface-for-kernel-IM.patch ├── 0007-fix-fix-compile-warnings.patch ├── 0008-ima-created-new-ima-template-ima-dep-cgn-for-OCI-con.patch └── 0009-ima-created-new-ima-template-ima-cgpath-for-Kubernat.patch └── ubuntu ├── annotations └── changelog /.github/.license_check.ini: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/.github/.license_check.ini -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug_report.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/.github/ISSUE_TEMPLATE/bug_report.yaml -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/document.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/.github/ISSUE_TEMPLATE/document.yaml -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/.github/ISSUE_TEMPLATE/feature_request.yaml -------------------------------------------------------------------------------- /.github/cspell.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/.github/cspell.json -------------------------------------------------------------------------------- /.github/pylintrc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/.github/pylintrc -------------------------------------------------------------------------------- /.github/workflows/contributor-list.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/.github/workflows/contributor-list.yaml -------------------------------------------------------------------------------- /.github/workflows/e2e-test-k8s.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/.github/workflows/e2e-test-k8s.yaml -------------------------------------------------------------------------------- /.github/workflows/pr-check-rust.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/.github/workflows/pr-check-rust.yaml -------------------------------------------------------------------------------- /.github/workflows/pr-container-check.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/.github/workflows/pr-container-check.yaml -------------------------------------------------------------------------------- /.github/workflows/pr-doclint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/.github/workflows/pr-doclint.yaml -------------------------------------------------------------------------------- /.github/workflows/pr-golang-check.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/.github/workflows/pr-golang-check.yaml -------------------------------------------------------------------------------- /.github/workflows/pr-license-python.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/.github/workflows/pr-license-python.yaml -------------------------------------------------------------------------------- /.github/workflows/pr-pylint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/.github/workflows/pr-pylint.yaml -------------------------------------------------------------------------------- /.github/workflows/pr-shell-check.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/.github/workflows/pr-shell-check.yaml -------------------------------------------------------------------------------- /.github/workflows/publish-ccnp.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/.github/workflows/publish-ccnp.yaml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/.gitignore -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/CODE_OF_CONDUCT.md -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/CONTRIBUTING.md -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/LICENSE -------------------------------------------------------------------------------- /OWNERS.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/OWNERS.md -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/README.md -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/SECURITY.md -------------------------------------------------------------------------------- /container/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/container/README.md -------------------------------------------------------------------------------- /container/build.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/container/build.sh -------------------------------------------------------------------------------- /container/cima-example/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/container/cima-example/Dockerfile -------------------------------------------------------------------------------- /container/cima-perf/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/container/cima-perf/Dockerfile -------------------------------------------------------------------------------- /container/cima-perf/cima_perf.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/container/cima-perf/cima_perf.py -------------------------------------------------------------------------------- /container/cima-server/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/container/cima-server/Dockerfile -------------------------------------------------------------------------------- /container/cima-webhook/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/container/cima-webhook/Dockerfile -------------------------------------------------------------------------------- /container/pccs/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/container/pccs/Dockerfile -------------------------------------------------------------------------------- /container/pccs/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/container/pccs/README.md -------------------------------------------------------------------------------- /container/pccs/default.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/container/pccs/default.json -------------------------------------------------------------------------------- /container/pccs/network_setting.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/container/pccs/network_setting.conf -------------------------------------------------------------------------------- /container/pccs/pre-build.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/container/pccs/pre-build.sh -------------------------------------------------------------------------------- /container/qgs/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/container/qgs/Dockerfile -------------------------------------------------------------------------------- /container/qgs/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/container/qgs/README.md -------------------------------------------------------------------------------- /container/qgs/sgx_default_qcnl.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/container/qgs/sgx_default_qcnl.conf -------------------------------------------------------------------------------- /deployment/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/README.md -------------------------------------------------------------------------------- /deployment/docker-compose/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/docker-compose/README.md -------------------------------------------------------------------------------- /deployment/docker-compose/cleanup.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/docker-compose/cleanup.sh -------------------------------------------------------------------------------- /deployment/docker-compose/configs/cima-compose.yaml.template: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/docker-compose/configs/cima-compose.yaml.template -------------------------------------------------------------------------------- /deployment/docker-compose/configs/cima-example.yaml.template: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/docker-compose/configs/cima-example.yaml.template -------------------------------------------------------------------------------- /deployment/docker-compose/deploy-cima.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/docker-compose/deploy-cima.sh -------------------------------------------------------------------------------- /deployment/docker-compose/exec-cima-example.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/docker-compose/exec-cima-example.sh -------------------------------------------------------------------------------- /deployment/docker-compose/prepare.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/docker-compose/prepare.sh -------------------------------------------------------------------------------- /deployment/docker-compose/prerequisite.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/docker-compose/prerequisite.sh -------------------------------------------------------------------------------- /deployment/docker-compose/scripts/cache.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/docker-compose/scripts/cache.sh -------------------------------------------------------------------------------- /deployment/docker-compose/scripts/comm.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/docker-compose/scripts/comm.sh -------------------------------------------------------------------------------- /deployment/docker-compose/scripts/device.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/docker-compose/scripts/device.sh -------------------------------------------------------------------------------- /deployment/docker-compose/scripts/docker_compose.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/docker-compose/scripts/docker_compose.sh -------------------------------------------------------------------------------- /deployment/kubernetes/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/kubernetes/README.md -------------------------------------------------------------------------------- /deployment/kubernetes/charts/cima-server/Chart.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/kubernetes/charts/cima-server/Chart.yaml -------------------------------------------------------------------------------- /deployment/kubernetes/charts/cima-server/templates/NOTES.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/kubernetes/charts/cima-server/templates/NOTES.txt -------------------------------------------------------------------------------- /deployment/kubernetes/charts/cima-server/templates/_helpers.tpl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/kubernetes/charts/cima-server/templates/_helpers.tpl -------------------------------------------------------------------------------- /deployment/kubernetes/charts/cima-server/templates/daemonset.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/kubernetes/charts/cima-server/templates/daemonset.yaml -------------------------------------------------------------------------------- /deployment/kubernetes/charts/cima-server/templates/namespace.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/kubernetes/charts/cima-server/templates/namespace.yaml -------------------------------------------------------------------------------- /deployment/kubernetes/charts/cima-server/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/kubernetes/charts/cima-server/templates/serviceaccount.yaml -------------------------------------------------------------------------------- /deployment/kubernetes/charts/cima-server/values.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/kubernetes/charts/cima-server/values.yaml -------------------------------------------------------------------------------- /deployment/kubernetes/manifests/cima-example-deployment.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/kubernetes/manifests/cima-example-deployment.yaml -------------------------------------------------------------------------------- /deployment/kubernetes/manifests/cima-perf-deployment.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/kubernetes/manifests/cima-perf-deployment.yaml -------------------------------------------------------------------------------- /deployment/kubernetes/manifests/cima-server-deployment.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/kubernetes/manifests/cima-server-deployment.yaml -------------------------------------------------------------------------------- /deployment/kubernetes/manifests/cima-webhook-deployment.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/kubernetes/manifests/cima-webhook-deployment.yaml -------------------------------------------------------------------------------- /deployment/kubernetes/manifests/namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: cima 5 | -------------------------------------------------------------------------------- /deployment/kubernetes/script/deploy-cima-example.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/kubernetes/script/deploy-cima-example.sh -------------------------------------------------------------------------------- /deployment/kubernetes/script/deploy-cima.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/kubernetes/script/deploy-cima.sh -------------------------------------------------------------------------------- /deployment/kubernetes/script/exec-cima-example.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/kubernetes/script/exec-cima-example.sh -------------------------------------------------------------------------------- /deployment/kubernetes/script/image-manager.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/kubernetes/script/image-manager.sh -------------------------------------------------------------------------------- /deployment/kubernetes/script/prerequisite.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/deployment/kubernetes/script/prerequisite.sh -------------------------------------------------------------------------------- /docs/cc-full-measurement-tdreport.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/docs/cc-full-measurement-tdreport.png -------------------------------------------------------------------------------- /docs/cc-full-meaurement-chain.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/docs/cc-full-meaurement-chain.png -------------------------------------------------------------------------------- /docs/cima-architecture-high-level.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/docs/cima-architecture-high-level.png -------------------------------------------------------------------------------- /docs/cima-deployment-docker.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/docs/cima-deployment-docker.png -------------------------------------------------------------------------------- /docs/cima-deployment-k8s.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/docs/cima-deployment-k8s.png -------------------------------------------------------------------------------- /docs/cima-landing-confidential-cluster.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/docs/cima-landing-confidential-cluster.png -------------------------------------------------------------------------------- /docs/cima_arch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/docs/cima_arch.png -------------------------------------------------------------------------------- /docs/container-measurement-arch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/docs/container-measurement-arch.png -------------------------------------------------------------------------------- /docs/container-measurement-arch2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/docs/container-measurement-arch2.png -------------------------------------------------------------------------------- /docs/container-measurement-chain.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/docs/container-measurement-chain.png -------------------------------------------------------------------------------- /docs/container-measurement-design.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/docs/container-measurement-design.md -------------------------------------------------------------------------------- /docs/cvm-customizations.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/docs/cvm-customizations.png -------------------------------------------------------------------------------- /docs/cvm-image-rewriter-flow.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/docs/cvm-image-rewriter-flow.png -------------------------------------------------------------------------------- /docs/faas-measurement-chain.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/docs/faas-measurement-chain.png -------------------------------------------------------------------------------- /docs/ima-cgpath.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/docs/ima-cgpath.png -------------------------------------------------------------------------------- /docs/ima-workflow.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/docs/ima-workflow.png -------------------------------------------------------------------------------- /docs/kubernetes-measurement-chain.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/docs/kubernetes-measurement-chain.png -------------------------------------------------------------------------------- /docs/sample-output-for-container-eventlog.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/docs/sample-output-for-container-eventlog.txt -------------------------------------------------------------------------------- /docs/sample-output-for-container-measurement.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/docs/sample-output-for-container-measurement.txt -------------------------------------------------------------------------------- /sdk/golang/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/golang/README.md -------------------------------------------------------------------------------- /sdk/golang/cima/client.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/golang/cima/client.go -------------------------------------------------------------------------------- /sdk/golang/cima/go.mod: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/golang/cima/go.mod -------------------------------------------------------------------------------- /sdk/golang/cima/proto/cima-server.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/golang/cima/proto/cima-server.pb.go -------------------------------------------------------------------------------- /sdk/golang/cima/proto/cima-server.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/golang/cima/proto/cima-server.proto -------------------------------------------------------------------------------- /sdk/golang/cima/proto/cima-server_grpc.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/golang/cima/proto/cima-server_grpc.pb.go -------------------------------------------------------------------------------- /sdk/golang/cima/sdk.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/golang/cima/sdk.go -------------------------------------------------------------------------------- /sdk/golang/example/go-sdk-example.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/golang/example/go-sdk-example.go -------------------------------------------------------------------------------- /sdk/golang/example/go.mod: -------------------------------------------------------------------------------- 1 | module example.com/sdk 2 | 3 | go 1.20 4 | -------------------------------------------------------------------------------- /sdk/python3/.gitignore: -------------------------------------------------------------------------------- 1 | __pycache__ 2 | *.egg-info 3 | build 4 | dist 5 | -------------------------------------------------------------------------------- /sdk/python3/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/python3/README.md -------------------------------------------------------------------------------- /sdk/python3/cima/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/python3/cima/__init__.py -------------------------------------------------------------------------------- /sdk/python3/cima/cima_server_pb2.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/python3/cima/cima_server_pb2.py -------------------------------------------------------------------------------- /sdk/python3/cima/cima_server_pb2.pyi: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/python3/cima/cima_server_pb2.pyi -------------------------------------------------------------------------------- /sdk/python3/cima/cima_server_pb2_grpc.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/python3/cima/cima_server_pb2_grpc.py -------------------------------------------------------------------------------- /sdk/python3/cima/sdk.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/python3/cima/sdk.py -------------------------------------------------------------------------------- /sdk/python3/example/py_sdk_example.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/python3/example/py_sdk_example.py -------------------------------------------------------------------------------- /sdk/python3/pyproject.toml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/python3/pyproject.toml -------------------------------------------------------------------------------- /sdk/python3/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/python3/requirements.txt -------------------------------------------------------------------------------- /sdk/python3/setup.cfg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/python3/setup.cfg -------------------------------------------------------------------------------- /sdk/python3/tests/conftest.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/python3/tests/conftest.py -------------------------------------------------------------------------------- /sdk/python3/tests/test_eventlog.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/python3/tests/test_eventlog.py -------------------------------------------------------------------------------- /sdk/python3/tests/test_measurement.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/python3/tests/test_measurement.py -------------------------------------------------------------------------------- /sdk/python3/tox.ini: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/python3/tox.ini -------------------------------------------------------------------------------- /sdk/rust/README.MD: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/rust/README.MD -------------------------------------------------------------------------------- /sdk/rust/cima/Cargo.toml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/rust/cima/Cargo.toml -------------------------------------------------------------------------------- /sdk/rust/cima/build.rs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/rust/cima/build.rs -------------------------------------------------------------------------------- /sdk/rust/cima/deny.toml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/rust/cima/deny.toml -------------------------------------------------------------------------------- /sdk/rust/cima/proto/cima-server.proto: -------------------------------------------------------------------------------- 1 | ../../../../service/ccnp-server/proto/ccnp-server.proto -------------------------------------------------------------------------------- /sdk/rust/cima/src/cima_server_pb.rs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/rust/cima/src/cima_server_pb.rs -------------------------------------------------------------------------------- /sdk/rust/cima/src/client.rs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/rust/cima/src/client.rs -------------------------------------------------------------------------------- /sdk/rust/cima/src/lib.rs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/rust/cima/src/lib.rs -------------------------------------------------------------------------------- /sdk/rust/cima/src/sdk.rs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/rust/cima/src/sdk.rs -------------------------------------------------------------------------------- /sdk/rust/example/Cargo.toml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/rust/example/Cargo.toml -------------------------------------------------------------------------------- /sdk/rust/example/src/rust-sdk-example.rs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/sdk/rust/example/src/rust-sdk-example.rs -------------------------------------------------------------------------------- /service/cima-server/Cargo.toml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/service/cima-server/Cargo.toml -------------------------------------------------------------------------------- /service/cima-server/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/service/cima-server/Makefile -------------------------------------------------------------------------------- /service/cima-server/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/service/cima-server/README.md -------------------------------------------------------------------------------- /service/cima-server/build.rs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/service/cima-server/build.rs -------------------------------------------------------------------------------- /service/cima-server/configs/policy.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/service/cima-server/configs/policy.yaml -------------------------------------------------------------------------------- /service/cima-server/deny.toml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/service/cima-server/deny.toml -------------------------------------------------------------------------------- /service/cima-server/proto/cima-server.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/service/cima-server/proto/cima-server.proto -------------------------------------------------------------------------------- /service/cima-server/src/agent.rs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/service/cima-server/src/agent.rs -------------------------------------------------------------------------------- /service/cima-server/src/cima_server_pb.rs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/service/cima-server/src/cima_server_pb.rs -------------------------------------------------------------------------------- /service/cima-server/src/container.rs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/service/cima-server/src/container.rs -------------------------------------------------------------------------------- /service/cima-server/src/main.rs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/service/cima-server/src/main.rs -------------------------------------------------------------------------------- /service/cima-server/src/measurement.rs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/service/cima-server/src/measurement.rs -------------------------------------------------------------------------------- /service/cima-server/src/policy.rs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/service/cima-server/src/policy.rs -------------------------------------------------------------------------------- /service/cima-server/src/service.rs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/service/cima-server/src/service.rs -------------------------------------------------------------------------------- /service/cima-webhook/.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/service/cima-webhook/.gitignore -------------------------------------------------------------------------------- /service/cima-webhook/.golangci.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/service/cima-webhook/.golangci.yml -------------------------------------------------------------------------------- /service/cima-webhook/PROJECT: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/service/cima-webhook/PROJECT -------------------------------------------------------------------------------- /service/cima-webhook/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/service/cima-webhook/README.md -------------------------------------------------------------------------------- /service/cima-webhook/go.mod: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/service/cima-webhook/go.mod -------------------------------------------------------------------------------- /service/cima-webhook/go.sum: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/service/cima-webhook/go.sum -------------------------------------------------------------------------------- /service/cima-webhook/hack/gen-certs.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/service/cima-webhook/hack/gen-certs.sh -------------------------------------------------------------------------------- /service/cima-webhook/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/service/cima-webhook/main.go -------------------------------------------------------------------------------- /service/cima-webhook/pod_webhook.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/service/cima-webhook/pod_webhook.go -------------------------------------------------------------------------------- /test/ci-test/ci-e2e-test.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/test/ci-test/ci-e2e-test.sh -------------------------------------------------------------------------------- /test/ci-test/py-test/test_cima.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/test/ci-test/py-test/test_cima.py -------------------------------------------------------------------------------- /test/perf/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/test/perf/README.md -------------------------------------------------------------------------------- /tools/build/.gitignore: -------------------------------------------------------------------------------- 1 | output/ 2 | -------------------------------------------------------------------------------- /tools/build/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/tools/build/README.md -------------------------------------------------------------------------------- /tools/build/build.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/tools/build/build.sh -------------------------------------------------------------------------------- /tools/build/kernel/patches/0000-x86-tdx-Add-tdx_mcall_rtmr_extend-interface.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/tools/build/kernel/patches/0000-x86-tdx-Add-tdx_mcall_rtmr_extend-interface.patch -------------------------------------------------------------------------------- /tools/build/kernel/patches/0001-ima-support-for-boot-aggregate-and-runtime-measureme.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/tools/build/kernel/patches/0001-ima-support-for-boot-aggregate-and-runtime-measureme.patch -------------------------------------------------------------------------------- /tools/build/kernel/patches/0002-ima-initialize-fake-TPM-device-for-TDX-RTMR.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/tools/build/kernel/patches/0002-ima-initialize-fake-TPM-device-for-TDX-RTMR.patch -------------------------------------------------------------------------------- /tools/build/kernel/patches/0003-fix-remove-comparison-on-RTMR-2-measurement.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/tools/build/kernel/patches/0003-fix-remove-comparison-on-RTMR-2-measurement.patch -------------------------------------------------------------------------------- /tools/build/kernel/patches/0004-fix-fix-sha-index-issue-in-IMA.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/tools/build/kernel/patches/0004-fix-fix-sha-index-issue-in-IMA.patch -------------------------------------------------------------------------------- /tools/build/kernel/patches/0005-ima-use-SHA384-hash-algorithm-for-measurement-in-ker.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/tools/build/kernel/patches/0005-ima-use-SHA384-hash-algorithm-for-measurement-in-ker.patch -------------------------------------------------------------------------------- /tools/build/kernel/patches/0006-x86-tdx-rtmr-extend-TDX-RTMR-interface-for-kernel-IM.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/tools/build/kernel/patches/0006-x86-tdx-rtmr-extend-TDX-RTMR-interface-for-kernel-IM.patch -------------------------------------------------------------------------------- /tools/build/kernel/patches/0007-fix-fix-compile-warnings.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/tools/build/kernel/patches/0007-fix-fix-compile-warnings.patch -------------------------------------------------------------------------------- /tools/build/kernel/patches/0008-ima-created-new-ima-template-ima-dep-cgn-for-OCI-con.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/tools/build/kernel/patches/0008-ima-created-new-ima-template-ima-dep-cgn-for-OCI-con.patch -------------------------------------------------------------------------------- /tools/build/kernel/patches/0009-ima-created-new-ima-template-ima-cgpath-for-Kubernat.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/tools/build/kernel/patches/0009-ima-created-new-ima-template-ima-cgpath-for-Kubernat.patch -------------------------------------------------------------------------------- /tools/build/kernel/ubuntu/annotations: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/tools/build/kernel/ubuntu/annotations -------------------------------------------------------------------------------- /tools/build/kernel/ubuntu/changelog: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cc-api/container-integrity-measurement-agent/HEAD/tools/build/kernel/ubuntu/changelog --------------------------------------------------------------------------------