From 1d5d49a9e45a6aa221a7fb75acac529b95bb0552 Mon Sep 17 00:00:00 2001 From: Jiaqi Gao Date: Tue, 10 Feb 2026 15:17:39 +0800 Subject: [PATCH] migtd: remove target TD UUID check in rebinding-new Signed-off-by: Jiaqi Gao --- src/migtd/src/migration/rebinding.rs | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-) diff --git a/src/migtd/src/migration/rebinding.rs b/src/migtd/src/migration/rebinding.rs index 73b000ab..479846e0 100644 --- a/src/migtd/src/migration/rebinding.rs +++ b/src/migtd/src/migration/rebinding.rs @@ -55,8 +55,7 @@ const MIGTD_REBIND_OP_FINALIZE: u8 = 1; #[repr(C)] pub struct RebindingToken { - pub token: [u8; 32], - pub target_td_uuid: TargetTdUuid, + token: [u8; 32], } impl RebindingToken { @@ -628,7 +627,7 @@ async fn rebinding_old_prepare( MigrationResult::SecureSessionError })?; - let rebind_token = create_rebind_token(info)?; + let rebind_token = create_rebind_token()?; tls_send_rebind_token(&mut ratls_client, &rebind_token).await?; approve_rebinding(info, &rebind_token)?; @@ -670,9 +669,6 @@ async fn rebinding_new_prepare( let servtd_ext = get_servtd_ext_from_cert(&ratls_server.peer_certs())?; let rebind_token = tls_receive_rebind_token(&mut ratls_server).await?; - if rebind_token.target_td_uuid != info.target_td_uuid { - return Err(MigrationResult::InvalidParameter); - } write_rebinding_session_token(&rebind_token.token)?; write_servtd_rebind_attr(&servtd_ext.cur_servtd_attr)?; @@ -751,16 +747,13 @@ fn get_servtd_ext_from_cert(certs: &Option>) -> Result Result { +pub fn create_rebind_token() -> Result { let mut token = [0u8; 32]; let rng = SystemRandom::new(); rng.fill(&mut token) .map_err(|_| MigrationResult::InvalidParameter)?; - Ok(RebindingToken { - token, - target_td_uuid: info.target_td_uuid, - }) + Ok(RebindingToken { token }) } async fn tls_send_rebind_token(