Add tempfs experiment and gate mounting behind it

google / go-tpm-tools

Go packages built on go-tpm providing a high-level API for using TPMs

Apache License 2.0

231 stars 71 forks source link

Add tempfs experiment and gate mounting behind it #490

Closed JoshuaKrstic closed 1 month ago

JoshuaKrstic commented 2 months ago

--The binary still needs to be updated.-- Until then, this feature will always be off. Which is fine ofc.

The binary has been updated and the flag exists.

jkl73 commented 1 month ago

It's probably the string in printed by the launcher "Mounts:[{Destination:/tmp/sized Size:222}]", together with the "tmpfs" print by the kernel, and some number in the timestamp causing the regex to pass the grep. Maybe adding "^" and "$" to the grep pattern in the test may do the trick.

alexmwu commented 1 month ago

It's probably the string in printed by the launcher "Mounts:[{Destination:/tmp/sized Size:222}]", together with the "tmpfs" print by the kernel, and some number in the timestamp causing the regex to pass the grep. Maybe adding "^" and "$" to the grep pattern in the test may do the trick.

I think we can also try replacing .* with [[:space:]]

jkl73 commented 1 month ago

Also we may want to add the flag here instead: https://github.com/google/go-tpm-tools/blob/03c656ef7c4bf335493ea0132e3ae128312202fa/launcher/spec/launch_spec.go#L180

and https://github.com/google/go-tpm-tools/blob/03c656ef7c4bf335493ea0132e3ae128312202fa/launcher/spec/launch_spec.go#L191

JoshuaKrstic commented 1 month ago

/gcbrun

JoshuaKrstic commented 1 month ago

/gcbrun