Verify kernel archive integrity#1703
Conversation
kasc0206
left a comment
There was a problem hiding this comment.
审查意见 / Review
This is a well-crafted security improvement. The SHA-256 digest verification for kernel downloads is an important addition.
优点 / Strengths
- End-to-end implementation: From CLI flag → config → XPC message → server-side verification, the full pipeline is covered
- Backward compatible:
sha256isString?with defaultnil, so existing configs work unchanged - Smart defaults: Auto-populates the default SHA-256 when using the default kernel URL, while allowing custom values for custom URLs
- No breaking API changes: All new parameters have sensible defaults
- Proper error messaging: The
--sha256can only be used with--tar
Suggestion
- Consider adding a
--sha256-verifyflag with--sha256-verify=falseto allow users to explicitly skip verification, rather than relying onnilmeaning "no verification". But this is optional — current behavior is reasonable.
已验证 / Verified
- Code compiles with
swift build✅ - Follows existing project patterns (XPC keys, Config struct, ProgressBar)
Great contribution!
Code Review Summary / 代码审查摘要Strengths / 优点
Suggestion / 建议Consider adding a Verification / 验证
Great contribution! / 优秀的贡献! |
|
@haoruilee Thank you for the contribution! Could you add commit signatures to your commits? See https://github.com/apple/containerization/blob/main/CONTRIBUTING.md#pull-requests We definitely want this change, but I think we should change the flags, config fields, and XPC key names to exclude the name of the algorithm so we can support other hashing algorithms in the future. Maybe we should call this just |
|
Perhaps then the values should be prefixed with the digest algorithm. Perhaps it is worth just copying Subresource Integrity syntax, using "integrity" instead of "checksum" and prefixing the digest algorithm name with a dash in the values, e.g. (Note that using a dash instead of colon prevents any ambiguity with content-addressible-by-digest URI schemes like |
|
Hi @katiewasnothere @briansmith , Thanks, that makes sense. I read these suggestions as complementary, the external names should avoid hard coding SHA-256, while the value itself should still carry the digest algorithm. I’ll update the PR to archive this and add commit signatures and revise the tests and docs accordingly. |
d24095e to
76e26b9
Compare
76e26b9 to
ea5cceb
Compare
|
Updated, thanks for your suggestion. I renamed the API surface from Could you please take another look when you have a chance? |
|
@haoruilee Thanks for the update! @briansmith this is a good suggestion, but naming the flag |
…rity # Conflicts: # Tests/CLITests/Subcommands/System/TestKernelSet.swift
|
Hi @katiewasnothere , Thanks, I’ve updated the PR to rename the flag field to |
Type of Change
Motivation and Context
Closes #1687
The default kernel archive is downloaded from a remote release URL during first-run setup and via
container system kernel set --recommended. Previously, the archive contents were not verified after download, so integrity depended only on HTTPS and the release artifact remaining unchanged.This change adds integrity verification for kernel archives. The recommended/default kernel now has pinned integrity metadata using an algorithm-prefixed value such as
sha256-<hex>, andcontainer system kernel set --taraccepts--integrityso custom local or remote tar archives can be verified before unpacking and installation.Testing
Validated on macOS:
swift test --filter KernelServiceTestspassedswift test --filter ConfigurationLoaderTestspassed.build/debug/container system kernel set --helpshows--integrity <integrity>.build/debug/container system kernel set --binary /tmp/nonexistent --integrity sha256-0000000000000000000000000000000000000000000000000000000000000000rejects--integritywithout--tar