NOISSUE - Agent Pull mode for remote resources (#575)

* feat(kbs): implement KBS client for attestation and resource retrieval

- Added KBS client implementation in pkg/kbs/client.go with methods for attestation and resource retrieval.
- Introduced necessary data structures for requests and responses.
- Implemented error handling for various scenarios.

test(kbs): add unit tests for KBS client

- Created comprehensive tests for the KBS client in pkg/kbs/client_test.go.
- Included tests for attestation success and failure cases, as well as resource retrieval.

feat(registry): introduce HTTP and S3 registry implementations

- Added HTTPRegistry for downloading resources over HTTP/HTTPS with retry logic in pkg/registry/http.go.
- Implemented S3Registry for downloading resources from AWS S3 and S3-compatible services in pkg/registry/s3.go.
- Included error handling and configuration options for both registries.

chore(registry): define registry interface and configuration

- Created registry interface and configuration struct in pkg/registry/registry.go.
- Added default configuration settings for registry clients.

docs(cvms): update README for CVMS server configuration and usage

- Enhanced documentation for CVMS server with detailed command-line flags and usage examples.
- Clarified direct upload and remote resource modes, including KBS integration.

fix(cvms): integrate KBS for remote resource handling in main.go

- Updated main.go to support remote datasets and algorithms using KBS.
- Added validation for command-line flags to ensure proper configuration.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* fix: Move ifeq conditional outside define block in attestation-service.mk

Make conditionals cannot be evaluated inside define...endef blocks
when used as recipe bodies. Restructured to define the
ATTESTATION_SERVICE_INSTALL_INIT_SYSTEMD block conditionally based
on BR2_PACKAGE_CC_ATTESTATION_AGENT configuration.

* feat: Implement remote resource downloading for algorithms and datasets using AWS S3/MinIO credentials.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* feat: Add comprehensive documentation and agent support for testing remote resource download with KBS attestation.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* feat: Improve agent logging for remote resource configuration and KBS status, and add a testing guide for remote resource downloads with KBS attestation.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* feat: Add a comprehensive guide for testing remote resource download with KBS attestation and update multiple package versions to a specific commit.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* feat: Add failure transitions for resource reception states and a comprehensive guide for testing remote resource downloads with KBS attestation.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* feat: Implement remote resource download with KBS attestation in the agent and add a comprehensive testing guide.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* test: Add comprehensive guide for testing remote resource download with KBS attestation and include a debug log in the attestation client.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* feat: Delegate KBS attestation and token retrieval to a new attestation-agent service and document remote resource testing.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* client fixes

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* raw evidence

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* fix: Build all Go files in cmd directories, not just main.go

This fixes the issue where fetch_raw_evidence.go wasn't being included
in the attestation-service build.

* fix: Wrap binary evidence in JSON for KBS compatibility

Fixes 'invalid character' error by wrapping raw binary evidence
in a JSON structure with base64 encoding, as expected by KBS.

* chore: Update buildroot packages to c28cefae

Includes fixes for:
1. attestation-service build (including fetch_raw_evidence.go)
2. Agent KBS evidence format (wrapping binary in JSON)

* fix: Implement KBS RCAR handshake with cookies

Fixes 'cookie not found' error (401) from KBS by:
1. Adding CookieJar support to KBS client
2. Implementing GetChallenge() to perform /auth handshake and capture session cookie
3. Updating Agent to get challenge, decode nonce, and use it for evidence generation
4. Regenerating mocks

* chore: Update buildroot packages to f6981ac5

Includes KBS RCAR handshake fix (cookie support + GetChallenge loop)

* fix: Update KBS client JSON tags to kebab-case

Fixes deserialization error (401) from KBS by:
1. Using kebab-case (e.g. extra-params) for JSON tags as per protocol.
2. Initializing ExtraParams as empty object {} instead of null/omitted.

* fix: Wrap attestation evidence in primary_evidence format

Updates Agent to construct 'tee-evidence' payload with:
- primary_evidence: containing the actual quote/data
- additional_evidence: empty JSON object

This matches the Confidential Containers KBS Attestation Protocol requirements.

* fix: Update KBS protocol version to 0.4.0

KBS rejected 0.1.0 with a version mismatch error. Bumping to 0.4.0 to match server expectation.

* fix: Generate ephemeral key for KBS RuntimeData

Updates RuntimeData to include a valid ephemeral EC P-256 public key in JWK format, as required by the KBS RCAR protocol.
Also fixes the KBS client struct to support TEEPubKey as an object.

* fix: Update sample attestation quote to valid JSON

The default attestation.bin was binary, but the KBS Sample Verifier expects a valid JSON quote containing 'svn' and 'report_data'.
Updated the embedded bin file to contain this JSON structure.

* fix: Generate dynamic JSON quote for Sample TEE in FetchRawEvidence

The KBS Sample Verifier expects a JSON object with 'svn' and 'report_data'.
Previously, we were returning raw binary data (reportData+nonce).
This commit updates FetchRawEvidence to return a marshaled JSON structure with:
- svn: "1"
- report_data: base64(req.ReportData)

* refactor: Delegate Sample Attestation to Provider

Refactored sample attestation logic:
- Moved JSON Quote generation into EmptyProvider (standalone mode).
- Updated FetchRawEvidence to call provider.TeeAttestation instead of manual generation.
This enables using the real CC Attestation Agent for UNSPECIFIED platform if configured.

* feat: Add comprehensive debug logging and enforce CC AA usage

Changes:
- Updated EmptyProvider to return error instead of generating mock data
  This forces proper use of CC Attestation Agent's sample attester
- Added detailed logging to attestation-service FetchRawEvidence:
  * Hex dump of evidence (first 200 bytes)
  * String preview of evidence
  * Total evidence length
- Added detailed logging to agent service:
  * Raw evidence hex and string previews
  * KBS evidence JSON preview (first 500 bytes)
  * Evidence lengths at each transformation step

This logging will help diagnose why KBS Sample Verifier is rejecting evidence.

* fix: Enable CC AA by default and add attestation-service log forwarding

Changes:
- Set USE_CC_ATTESTATION_AGENT=true by default in systemd service
- Added StandardOutput/StandardError to forward logs to /var/log/cocos/
- Updated HAL makefile to handle new default value
- This ensures attestation-service uses CC AA's sample attester
- Logs will now be visible in CVMS output for debugging

* feat: Add gRPC log forwarding to attestation-service

Implemented the same log forwarding mechanism used by the agent:
- Added ProtoHandler to write logs to both stdout and logQueue
- Connected to log client (/run/cocos/log.sock) for gRPC forwarding
- Added goroutine to forward logs to CVMS via log client
- Logs will now appear in CVMS output during computation runs

This enables visibility into attestation-service debug output including:
- CC AA connection status
- Evidence generation details (hex dumps, string previews)
- Any errors from providers

* fix: Parse sample evidence JSON instead of base64-encoding it

The attestation-service returns sample evidence as JSON:
{"svn":"1","report_data":"base64..."}

The agent was incorrectly base64-encoding this JSON string again.
KBS Sample Verifier expects the parsed JSON object directly.

Fixed by:
- Parsing the JSON evidence from attestation-service
- Passing the parsed object directly in primary_evidence.evidence
- This matches what KBS Sample Verifier expects

* debug: Increase KBS evidence logging preview to 1000 bytes

Show the complete JSON structure being sent to KBS to debug
the attestation failure.

* debug: Add comprehensive CC AA configuration logging

Added debug logs to show:
- Whether CC AA is enabled in config
- CC AA address being used
- Connection success/failure
- Which provider is ultimately selected
- Warning when falling back to EmptyProvider

This will help diagnose why EmptyProvider is being used
instead of CC Attestation Agent.

* debug: Add startup logging for log client connection

Added log message to show if log client connection succeeds
at attestation-service startup. This will help diagnose why
logs aren't appearing in CVMS output.

* feat: Add retry logic with exponential backoff to log client

Added simple retry mechanism to handle concurrent log requests:
- 3 retry attempts with exponential backoff (10ms, 20ms, 40ms)
- Applies to both SendLog and SendEvent methods
- Centralized in log client so all services benefit
- Should eliminate 'failed to send log' errors from concurrent requests

This fixes the issue where attestation-service logs weren't
appearing in CVMS output due to dropped messages.

* fix: Flatten sample evidence fields in primary_evidence for KBS

KBS Sample Verifier expects svn and report_data at the top level
of primary_evidence, not nested under an 'evidence' key.

Changed structure from:
{"primary_evidence": {"tee": "sample", "evidence": {"svn": "1", ...}}}

To:
{"primary_evidence": {"tee": "sample", "svn": "1", "report_data": "...", ...}}

This matches what KBS expects when deserializing the Quote structure.

* fix: Use sample quote directly as primary_evidence per KBS protocol

According to KBS attestation protocol spec, for sample TEE type,
primary_evidence should be the sample quote JSON directly:
{"svn": "1", "report_data": "..."}

Removed extra 'tee' and 'platform' fields that were causing KBS
to fail deserializing the Quote structure. The 'tee' field is
already sent in the Request payload during RCAR handshake.

Refs:
- https://github.com/confidential-containers/trustee/blob/main/kbs/docs/kbs_attestation_protocol.md
- https://github.com/confidential-containers/guest-components/blob/main/attestation-agent/attester/src/sample/mod.rs

* fix: Make CC AA required for sample attestation when configured

When USE_CC_ATTESTATION_AGENT=true, attestation-service now
requires AA to be available for NoCC/sample platform. This ensures
sample evidence always comes from AA with the correct KBS format.

Changes:
- Error out if AA connection fails for NoCC platform when AA is configured
- Only use EmptyProvider if AA is explicitly NOT configured
- Prevents incorrect sample evidence format from EmptyProvider

This ensures attestation-service delegates to AA for sample evidence
generation instead of creating it itself.

* fix: Implement proper RCAR protocol with tee-pubkey and runtime-data hash

Fixed KBS attestation error 'REPORT_DATA is different from that in Sample Quote'

Changes:
1. Generate ephemeral EC key pair BEFORE getting evidence from AA
2. Create runtime-data with nonce + tee-pubkey (JWK format)
3. Hash runtime-data (SHA-256) and use as report_data for AA
4. This binds the tee-pubkey to the TEE evidence per RCAR protocol

The report_data in the evidence now matches what KBS expects:
hash(runtime-data) instead of computation ID.

This completes the full RCAR protocol implementation:
- Request → Challenge → Attestation (with bound tee-pubkey) → Response

* fix(agent): use simple nonce for Sample attestation report_data

For Sample/NoCC attestation, use the raw nonce bytes directly as
report_data instead of hashing runtime-data. This avoids JSON
serialization mismatches with the KBS Sample verifier.

Real TEEs (TDX/SNP) still use runtime-data hash binding to
cryptographically bind the ephemeral tee-pubkey to the evidence.

* fix(agent): use RFC 8785 canonical JSON for runtime-data hashing

The KBS Sample attestation verifier (and likely others) expects the
report_data to be the SHA-256 hash of the *canonical* JSON serialization
(RFC 8785) of the runtime-data. Standard Go JSON marshaling does not
guarantee key ordering, leading to hash mismatches.

This change uses github.com/gowebpki/jcs to canonicalize the runtime-data
before hashing, ensuring compatibility with the KBS RCAR implementation.
Also reverted the temporary 'simple nonce' workaround.

* feat(hal): add CoCo Keyprovider and Skopeo packages

- Add coco-keyprovider buildroot package with systemd service
- Add skopeo buildroot package for OCI image handling
- Add ocicrypt_keyprovider.conf for encrypted image decryption
- Update Config.in to include new packages

This enables standard CoCo ecosystem integration for encrypted
OCI images instead of custom S3/HTTP registry clients.

* feat(oci): add OCI image handling package with Skopeo integration

- Add pkg/oci/types.go with ResourceSource and ImageManifest types
- Add pkg/oci/skopeo.go with Skopeo wrapper for pull/decrypt
- Add pkg/oci/extract.go for extracting algorithms and datasets from layers

This package provides OCI image handling using Skopeo and CoCo
Keyprovider for encrypted image decryption, replacing custom
S3/HTTP registry clients.

* chore: regenerate protobuf files for updated cvms.proto

* refactor(agent): replace S3/HTTP/KBS with OCI package

- Remove pkg/kbs and pkg/registry imports
- Add pkg/oci import for OCI image handling
- Replace downloadAndDecryptResource with OCI-based implementation
- Use Skopeo + CoCo Keyprovider for automatic decryption
- Reduce code from ~240 lines to ~70 lines

This eliminates custom KBS RCAR handshake, S3/HTTP registry clients,
and manual decryption logic. CoCo Keyprovider handles all decryption
automatically via ocicrypt protocol.

* chore: remove obsolete pkg/kbs and pkg/registry packages

- Delete pkg/kbs/ (custom KBS client, ~300 lines)
- Delete pkg/registry/ (S3/HTTP registry clients, ~400 lines)
- Remove unused imports from agent/service.go
- Run go mod tidy to clean up dependencies

These packages have been replaced by pkg/oci with Skopeo and
CoCo Keyprovider for standard CoCo ecosystem integration.

* fix(agent): update ResourceSource struct to include type and encryption fields

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* fix(hal): update CoCo Keyprovider to v0.16.0 and fix build path

- Update version from v0.11.0 to v0.16.0 (matches attestation agent)
- Fix install path: target is at repo root, not in coco_keyprovider subdir
- This fixes the build error where coco_keyprovider binary wasn't found

The cargo workspace in guest-components builds to a shared target/
directory at the repository root, not within each crate's subdirectory.

* feat: Update remote resources testing guide to use kbs-client and coco-keyprovider for key management and encryption, enable insecure TLS for Skopeo, and enhance CVMS with

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* feat: Update component versions, revise image encryption documentation, and sanitize OCI image paths for Skopeo compatibility.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* feat: Add `decompress` option to Dataset and `algo_type`/`algo_args` to Algorithm protobuf messages, updating client, test, and build configurations.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* Update multiple package versions and enhance OCI image extraction error reporting for missing algorithm files.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* chore: Bump package versions, improve OCI image extraction debugging by returning seen files, and remove unused dataset type parsing from test code.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* refactor: Migrate OCI extraction to use structured logging with `slog` and `context`, and update package versions.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* feat: Bump multiple component versions, add encrypted status for computation inputs and algorithms, and refine OCI layer extraction warnings.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* logging

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* feat: Add `Encrypted` field to algorithm and dataset resource sources and update all component versions.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* feat: update component versions, integrate coco-keyprovider service, and configure ocicrypt key provider.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* feat: add support for KBS parameters and dataset/algorithm hash calculations in CVMS

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* feat: update resource download and extraction logic to support requirements.txt and improve hash verification

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* chore: Update dependencies, improve code style, and add GetRawEvidence to attestation client mocks.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* Refactor code structure for improved readability and maintainability

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* fix: update golangci configuration to include errcheck for build path and remove unnecessary exclusions

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* fix: streamline kernel command line handling in QEMU args construction

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* feat: add attestation binary and update checksum tests and policy structure

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* Add unit tests for attestation agent, attestation, log, crypto, OCI, and Skopeo clients

- Implement tests for the attestation agent client including Unix socket and TCP address handling, token retrieval, and error scenarios.
- Enhance attestation client tests to cover fetching raw evidence for various platforms (SNP, TDX, VTPM, SNPvTPM) and validate error handling.
- Introduce log client tests to verify retry behavior for sending logs and events.
- Create comprehensive tests for crypto package focusing on AES-GCM decryption, encrypted resource parsing, and key unwrapping.
- Add tests for OCI package to validate algorithm and dataset extraction, including JSON serialization of OCILayout.
- Implement Skopeo client tests to ensure proper functionality for image pulling, inspecting, and resource source handling.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* fix: handle JSON marshal errors in test cases for decrypt and extract functions

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* test: add comprehensive tests for algorithm and dataset extraction with various scenarios

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* refactor: replace hardcoded Python script content with constant variable

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* fix: remove redundant mock expectation for SendAgentConfig in TestCreateVMWithAaKbsParams

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* test: add tests for event sending failure, dataset extraction with path traversal, and Skopeo client behavior

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* test: add tests for download and decryption of resources with various URL formats

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* refactor: Introduce OCIClient interface for agent service to improve testability of OCI image operations and enhance related tests.

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

* refactor: Change `get_uint64_from_tcb` to accept `TcbVersion` by value and use `u64::from` for type conversions.

---------

Signed-off-by: Sammy Oina <sammyoina@gmail.com>

hal/linux/Config.in

@@ -1,7 +1,7 @@
 source "$BR2_EXTERNAL_COCOS_PATH/package/agent/Config.in"
 source "$BR2_EXTERNAL_COCOS_PATH/package/attestation-service/Config.in"
 source "$BR2_EXTERNAL_COCOS_PATH/package/cc-attestation-agent/Config.in"
-source "$BR2_EXTERNAL_COCOS_PATH/package/cc-attestation-adapter/Config.in"
+source "$BR2_EXTERNAL_COCOS_PATH/package/coco-keyprovider/Config.in"
 source "$BR2_EXTERNAL_COCOS_PATH/package/wasmedge/Config.in"
 source "$BR2_EXTERNAL_COCOS_PATH/package/log-forwarder/Config.in"
 source "$BR2_EXTERNAL_COCOS_PATH/package/computation-runner/Config.in"

hal/linux/board/rootfs-overlay/etc/ocicrypt_keyprovider.conf

@@ -0,0 +1,7 @@
+{
+  "key-providers": {
+    "attestation-agent": {
+      "grpc": "127.0.0.1:50011"
+    }
+  }
+}

hal/linux/configs/cocos_defconfig

@@ -55,6 +55,12 @@ BR2_PACKAGE_CONTAINERD=y
 BR2_PACKAGE_RUNC=y
 BR2_PACKAGE_IPTABLES=y
 
+# Skopeo for OCI image handling with CoCo Keyprovider
+BR2_PACKAGE_SKOPEO=y
+BR2_PACKAGE_GPGME=y
+BR2_PACKAGE_LVM2=y
+BR2_PACKAGE_LVM2_STANDARD_INSTALL=y
+
 # Python
 BR2_PACKAGE_PYTHON3=y
 BR2_PACKAGE_PYTHON_PIP=y
@@ -72,6 +78,10 @@ BR2_PACKAGE_GCC=y
 BR2_PACKAGE_GCC_TARGET=y
 BR2_PACKAGE_LIBSTDCPP=y
 
-# Attestation Backend
-BR2_PACKAGE_ATTESTATION_BACKEND_COCOS=y
-# BR2_PACKAGE_ATTESTATION_BACKEND_CC is not set
+# Host tools
+BR2_PACKAGE_HOST_RUSTC=y
+BR2_PACKAGE_HOST_RUST_BIN=y
+
+# Cocos AI Packages
+BR2_PACKAGE_AGENT=y
+# BR2_PACKAGE_CC_ATTESTATION_AGENT is not set

hal/linux/package/agent/agent.mk

@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-AGENT_VERSION = main
-AGENT_SITE = $(call github,ultravioletrs,cocos,$(AGENT_VERSION))
+AGENT_VERSION = 913bbccf3a22053e1979da004c732007336fc890
+AGENT_SITE = $(call github,sammyoina,cocos-ai,$(AGENT_VERSION))
 
 define AGENT_BUILD_CMDS
 	$(MAKE) -C $(@D) agent EMBED_ENABLED=$(AGENT_EMBED_ENABLED)

hal/linux/package/attestation-service/Config.in

@@ -1,42 +1,11 @@
-choice
-	prompt "Attestation Backend"
-	default BR2_PACKAGE_ATTESTATION_BACKEND_COCOS
-	help
-	  Select the attestation backend to use for confidential computing.
-	  
-	  The Cocos AI attestation service is the native implementation
-	  that generates EAT (Entity Attestation Token) tokens locally.
-	  
-	  The Confidential Containers attestation-agent is an alternative
-	  implementation that supports the KBS (Key Broker Service) protocol
-	  for optional remote attestation and secret provisioning.
-
-config BR2_PACKAGE_ATTESTATION_BACKEND_COCOS
-	bool "Cocos AI Attestation Service"
-	help
-	  Native Cocos AI attestation service that generates EAT tokens
-	  locally for TEE attestation (SNP, TDX, vTPM, Azure).
-	  
-	  This is the default and recommended option for most use cases.
-	  
-	  https://github.com/ultravioletrs/cocos
-
-config BR2_PACKAGE_ATTESTATION_BACKEND_CC
-	bool "Confidential Containers Attestation Agent"
-	depends on BR2_PACKAGE_HOST_RUSTC
-	help
-	  Confidential Containers attestation-agent with optional KBS
-	  protocol support for remote attestation and secret provisioning.
-	  
-	  Can operate in local mode (without KBS) or with KBS endpoint
-	  configured per-computation for encrypted data retrieval.
-	  
-	  Requires Rust toolchain for building.
-	  
-	  https://github.com/confidential-containers/guest-components
-
-endchoice
-
 config BR2_PACKAGE_ATTESTATION_SERVICE
 	bool
-	default y if BR2_PACKAGE_ATTESTATION_BACKEND_COCOS
+	default y
+	help
+	  Cocos AI attestation service that generates EAT tokens
+	  for TEE attestation (SNP, TDX, vTPM, Azure).
+	  
+	  This service can optionally use the Confidential Containers
+	  attestation-agent as a backend provider via gRPC.
+	  
+	  https://github.com/ultravioletrs/cocos

hal/linux/package/attestation-service/attestation-service.mk

@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-ATTESTATION_SERVICE_VERSION = main
-ATTESTATION_SERVICE_SITE = $(call github,ultravioletrs,cocos,$(ATTESTATION_SERVICE_VERSION))
+ATTESTATION_SERVICE_VERSION = 913bbccf3a22053e1979da004c732007336fc890
+ATTESTATION_SERVICE_SITE = $(call github,sammyoina,cocos-ai,$(ATTESTATION_SERVICE_VERSION))
 
 define ATTESTATION_SERVICE_BUILD_CMDS
 	$(MAKE) -C $(@D) attestation-service
@@ -15,9 +15,20 @@ define ATTESTATION_SERVICE_INSTALL_TARGET_CMDS
 	$(INSTALL) -D -m 0755 $(@D)/build/cocos-attestation-service $(TARGET_DIR)/usr/bin/attestation-service
 endef
 
+ifeq ($(BR2_PACKAGE_CC_ATTESTATION_AGENT),y)
 define ATTESTATION_SERVICE_INSTALL_INIT_SYSTEMD
 	$(INSTALL) -D -m 0640 $(@D)/init/systemd/attestation-service.service $(TARGET_DIR)/usr/lib/systemd/system/attestation-service.service
 	$(INSTALL) -D -m 0750 $(@D)/init/systemd/attestation_setup.sh $(TARGET_DIR)/cocos_init/attestation_setup.sh
+	# CC attestation agent is already enabled by default
 endef
+else
+define ATTESTATION_SERVICE_INSTALL_INIT_SYSTEMD
+	$(INSTALL) -D -m 0640 $(@D)/init/systemd/attestation-service.service $(TARGET_DIR)/usr/lib/systemd/system/attestation-service.service
+	$(INSTALL) -D -m 0750 $(@D)/init/systemd/attestation_setup.sh $(TARGET_DIR)/cocos_init/attestation_setup.sh
+	# Disable CC attestation agent backend if not selected
+	sed -i 's/USE_CC_ATTESTATION_AGENT=true/USE_CC_ATTESTATION_AGENT=false/' $(TARGET_DIR)/usr/lib/systemd/system/attestation-service.service
+	sed -i '/Wants=attestation-agent.service/d' $(TARGET_DIR)/usr/lib/systemd/system/attestation-service.service
+endef
+endif
 
 $(eval $(generic-package))

hal/linux/package/cc-attestation-agent/Config.in

@@ -1,16 +1,14 @@
 config BR2_PACKAGE_CC_ATTESTATION_AGENT
-	bool
-	default y if BR2_PACKAGE_ATTESTATION_BACKEND_CC
-	depends on BR2_PACKAGE_HOST_RUSTC
+	bool "cc-attestation-agent"
 	select BR2_PACKAGE_PROTOBUF
 	select BR2_PACKAGE_OPENSSL
+	select BR2_PACKAGE_TPM2_TSS
 	help
-	  Confidential Containers attestation-agent for TEE attestation
-	  with optional KBS (Key Broker Service) protocol support.
+	  Confidential Containers attestation-agent for TEE attestation.
 	  
-	  This package provides an alternative attestation backend that
-	  can operate in local mode or connect to a KBS for remote
-	  attestation and encrypted secret provisioning.
+	  Optional backend for the Cocos AI attestation service that
+	  provides KBS protocol support for remote attestation and
+	  encrypted secret provisioning.
 	  
 	  https://github.com/confidential-containers/guest-components
 
@@ -24,7 +22,6 @@ config BR2_PACKAGE_CC_ATTESTATION_AGENT_KBS_URL
 	  attestation and secret provisioning.
 	  
 	  Leave empty to operate in local attestation mode only.
-	  Can be overridden per-computation via environment variables.
 	  
 	  Example: https://kbs.example.com:8080
 

hal/linux/package/cc-attestation-agent/cc-attestation-agent.mk

@@ -4,12 +4,12 @@
 #
 ################################################################################
 
-CC_ATTESTATION_AGENT_VERSION = v0.16.0
-CC_ATTESTATION_AGENT_SITE = $(call github,confidential-containers,guest-components,$(CC_ATTESTATION_AGENT_VERSION))
+CC_ATTESTATION_AGENT_VERSION = mvp-runner
+CC_ATTESTATION_AGENT_SITE = $(call github,rodneyosodo,guest-components,$(CC_ATTESTATION_AGENT_VERSION))
 CC_ATTESTATION_AGENT_LICENSE = Apache-2.0
 CC_ATTESTATION_AGENT_LICENSE_FILES = LICENSE
 
-CC_ATTESTATION_AGENT_DEPENDENCIES = host-rustc openssl protobuf
+CC_ATTESTATION_AGENT_DEPENDENCIES = host-rustc openssl protobuf tpm2-tss
 
 # Build the attestation-agent from the guest-components repository with gRPC support
 define CC_ATTESTATION_AGENT_BUILD_CMDS

hal/linux/package/coco-keyprovider/Config.in

@@ -0,0 +1,11 @@
+config BR2_PACKAGE_COCO_KEYPROVIDER
+	bool "coco-keyprovider"
+	depends on BR2_PACKAGE_HOST_RUSTC_ARCH_SUPPORTS
+	select BR2_PACKAGE_HOST_RUSTC
+	help
+	  CoCo Keyprovider is a keyprovider tool for generating and
+	  decrypting CoCo-compatible encrypted images. It implements
+	  the ocicrypt keyprovider protocol to decrypt OCI image layers
+	  using the Key Broker Service (KBS).
+
+	  https://github.com/confidential-containers/guest-components

hal/linux/package/coco-keyprovider/coco-keyprovider-setup.sh

@@ -0,0 +1,28 @@
+#!/bin/sh
+set -e
+
+# Read kernel command line
+CMDLINE=$(cat /proc/cmdline)
+
+# Extract agent.aa_kbc_params value
+# Format: agent.aa_kbc_params=cc_kbc::URL
+PARAMS=$(echo "$CMDLINE" | tr ' ' '\n' | grep '^agent.aa_kbc_params=' | cut -d= -f2-)
+
+if [ -n "$PARAMS" ]; then
+    # Extract URL part (after ::)
+    KBS_URL="${PARAMS#*::}"
+    if [ -n "$KBS_URL" ]; then
+        echo "[coco-keyprovider-setup] Detected KBS URL from kernel cmdline: $KBS_URL"
+        KBS_ARG="--kbs $KBS_URL"
+    fi
+else
+    echo "[coco-keyprovider-setup] No agent.aa_kbc_params found in kernel cmdline. Starting without --kbs."
+fi
+
+# COCO_KP_SOCKET is set by EnvironmentFile in .service
+if [ -z "$COCO_KP_SOCKET" ]; then
+    COCO_KP_SOCKET="127.0.0.1:50011"
+fi
+
+echo "[coco-keyprovider-setup] Starting coco_keyprovider listening on $COCO_KP_SOCKET $KBS_ARG"
+exec /usr/local/bin/coco_keyprovider --socket "$COCO_KP_SOCKET" $KBS_ARG

hal/linux/package/coco-keyprovider/coco-keyprovider.default

@@ -0,0 +1,3 @@
+# CoCo Keyprovider Environment Variables
+COCO_KP_SOCKET=127.0.0.1:50011
+RUST_LOG=info

hal/linux/package/coco-keyprovider/coco-keyprovider.mk

@@ -0,0 +1,34 @@
+################################################################################
+#
+# coco-keyprovider
+#
+################################################################################
+
+COCO_KEYPROVIDER_VERSION = mvp-runner
+COCO_KEYPROVIDER_SITE = $(call github,rodneyosodo,guest-components,$(COCO_KEYPROVIDER_VERSION))
+COCO_KEYPROVIDER_LICENSE = Apache-2.0
+COCO_KEYPROVIDER_LICENSE_FILES = LICENSE
+
+COCO_KEYPROVIDER_DEPENDENCIES = host-rustc
+
+define COCO_KEYPROVIDER_BUILD_CMDS
+	cd $(@D)/attestation-agent/coco_keyprovider && \
+	$(TARGET_MAKE_ENV) $(TARGET_CONFIGURE_OPTS) \
+	CARGO_HOME=$(HOST_DIR)/share/cargo \
+	cargo build --release --target=$(RUSTC_TARGET_NAME)
+endef
+
+define COCO_KEYPROVIDER_INSTALL_TARGET_CMDS
+	$(INSTALL) -D -m 0755 $(@D)/target/$(RUSTC_TARGET_NAME)/release/coco_keyprovider \
+		$(TARGET_DIR)/usr/local/bin/coco_keyprovider
+	$(INSTALL) -D -m 0755 $(BR2_EXTERNAL_COCOS_PATH)/package/coco-keyprovider/coco-keyprovider-setup.sh \
+		$(TARGET_DIR)/usr/local/bin/coco-keyprovider-setup.sh
+	$(INSTALL) -D -m 0644 $(BR2_EXTERNAL_COCOS_PATH)/package/coco-keyprovider/coco-keyprovider.service \
+		$(TARGET_DIR)/etc/systemd/system/coco-keyprovider.service
+	$(INSTALL) -D -m 0644 $(BR2_EXTERNAL_COCOS_PATH)/package/coco-keyprovider/coco-keyprovider.default \
+		$(TARGET_DIR)/etc/default/coco-keyprovider
+	mkdir -p $(TARGET_DIR)/etc
+	echo '{"key-providers": {"attestation-agent": {"grpc": "127.0.0.1:50011"}}}' > $(TARGET_DIR)/etc/ocicrypt_keyprovider.conf
+endef
+
+$(eval $(generic-package))

hal/linux/package/coco-keyprovider/coco-keyprovider.service

@@ -0,0 +1,25 @@
+[Unit]
+Description=CoCo Keyprovider for Confidential Containers
+Documentation=https://github.com/confidential-containers/guest-components
+After=network-online.target attestation-agent.service
+Wants=network-online.target
+Requires=attestation-agent.service
+
+[Service]
+Type=simple
+EnvironmentFile=/etc/default/coco-keyprovider
+RuntimeDirectory=coco-keyprovider
+ExecStart=/usr/local/bin/coco-keyprovider-setup.sh
+Restart=on-failure
+RestartSec=5s
+StandardOutput=journal
+StandardError=journal
+
+# Security hardening
+NoNewPrivileges=true
+PrivateTmp=true
+ProtectSystem=strict
+ProtectHome=true
+
+[Install]
+WantedBy=multi-user.target

hal/linux/package/computation-runner/computation-runner.mk

@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-COMPUTATION_RUNNER_VERSION = main
-COMPUTATION_RUNNER_SITE = $(call github,ultravioletrs,cocos,$(COMPUTATION_RUNNER_VERSION))
+COMPUTATION_RUNNER_VERSION = 913bbccf3a22053e1979da004c732007336fc890
+COMPUTATION_RUNNER_SITE = $(call github,sammyoina,cocos-ai,$(COMPUTATION_RUNNER_VERSION))
 
 define COMPUTATION_RUNNER_BUILD_CMDS
 	$(MAKE) -C $(@D) computation-runner

hal/linux/package/egress-proxy/egress-proxy.mk

@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-EGRESS_PROXY_VERSION = main
-EGRESS_PROXY_SITE = $(call github,ultravioletrs,cocos,$(EGRESS_PROXY_VERSION))
+EGRESS_PROXY_VERSION = 913bbccf3a22053e1979da004c732007336fc890
+EGRESS_PROXY_SITE = $(call github,sammyoina,cocos-ai,$(EGRESS_PROXY_VERSION))
 
 define EGRESS_PROXY_BUILD_CMDS
 	$(MAKE) -C $(@D) egress-proxy

hal/linux/package/ingress-proxy/ingress-proxy.mk

@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-INGRESS_PROXY_VERSION = main
-INGRESS_PROXY_SITE = $(call github,ultravioletrs,cocos,$(INGRESS_PROXY_VERSION))
+INGRESS_PROXY_VERSION = 913bbccf3a22053e1979da004c732007336fc890
+INGRESS_PROXY_SITE = $(call github,sammyoina,cocos-ai,$(INGRESS_PROXY_VERSION))
 
 define INGRESS_PROXY_BUILD_CMDS
 	$(MAKE) -C $(@D) ingress-proxy

hal/linux/package/log-forwarder/log-forwarder.mk

@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-LOG_FORWARDER_VERSION = main
-LOG_FORWARDER_SITE = $(call github,ultravioletrs,cocos,$(LOG_FORWARDER_VERSION))
+LOG_FORWARDER_VERSION = 913bbccf3a22053e1979da004c732007336fc890
+LOG_FORWARDER_SITE = $(call github,sammyoina,cocos-ai,$(LOG_FORWARDER_VERSION))
 
 define LOG_FORWARDER_BUILD_CMDS
 	$(MAKE) -C $(@D) log-forwarder