Fix for SNP code_update_test (#6787)

microsoft · Jan 31, 2025 · c384f5a · c384f5a
1 parent 786e2a8
commit c384f5a
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 6 deletions.
diff --git a/.snpcc_canary b/.snpcc_canary
@@ -4,4 +4,4 @@
 /-xXx--//-----x=x--/-xXx--/---x---->>>--/
 ...
 /\/\d(-_-)b/\/\
-----vmpl--
+----vmpl---
diff --git a/src/node/rpc/node_frontend.h b/src/node/rpc/node_frontend.h
@@ -785,6 +785,7 @@ namespace ccf
             q.raw = node_info.quote_info.quote;
             q.endorsements = node_info.quote_info.endorsements;
             q.format = node_info.quote_info.format;
+            q.uvm_endorsements = node_info.quote_info.uvm_endorsements;
 
             // get_measurement attempts to re-validate the quote to extract
             // mrenclave and the Open Enclave is insufficiently flexible to

diff --git a/tests/code_update.py b/tests/code_update.py
@@ -96,7 +96,9 @@ def test_verify_quotes(network, args):
                 )
 
             # Quick API validation - confirm that all of these /quotes/self entries match the collection returned from /quotes
-            assert j in all_quotes
+            assert (
+                j in all_quotes
+            ), f"Didn't find {node.node_id}'s quote in collection\n{j}\n{json.dumps(all_quotes)}"
 
     return network
 
@@ -648,6 +650,7 @@ def format_expected_host_data(entries):
 
 
 @reqs.description("Adding a new measurement invalidates open proposals")
+@reqs.not_snp("Cannot produce alternative measurement on SNP")
 def test_proposal_invalidation(network, args):
     primary, _ = network.find_nodes()
 
@@ -724,7 +727,8 @@ def run(args):
 
         # Measurements
         test_measurements_tables(network, args)
-        test_add_node_with_untrusted_measurement(network, args)
+        if not snp.IS_SNP:
+            test_add_node_with_untrusted_measurement(network, args)
 
         # Host data/security policy
         test_host_data_tables(network, args)
@@ -740,10 +744,10 @@ def run(args):
             test_endorsements_tables(network, args)
             test_add_node_with_no_uvm_endorsements(network, args)
 
-        # NB: Assumes the current nodes are still using args.package, so must run before test_update_all_nodes
-        test_proposal_invalidation(network, args)
-
         if not snp.IS_SNP:
+            # NB: Assumes the current nodes are still using args.package, so must run before test_update_all_nodes
+            test_proposal_invalidation(network, args)
+
             # This is in practice equivalent to either "unknown measurement" or "unknown host data", but is explicitly
             # testing that (without artifically removing/corrupting those values) a replacement package differs
             # in one of these values
-Original file line number
+Diff line change
@@ Expand Up / @@ -4,4 +4,4 @@ @@
     /-xXx--//-----x=x--/-xXx--/---x---->>>--/
     ...
     /\/\d(-_-)b/\/\
-    ----vmpl--
+    ----vmpl---