Both the Wifi driver and the WireGuard port used local implementations for
their source of randomness. Wifi used a Xoroshiro128+ PRNG for rapid generation
of random values but initialized this PRNG always with the same static seed
value. WireGuard, in contrast, requested each random byte directly from the
jitterentropy lib, which is considered to be very time intensive.
This commit removes the local variants of random.cc and introduces a new
centralized lx_emul/random.cc . The new variant combines the former approaches,
so, that jitterentropy is accessed only in order to generate a random seed for
a Xoroshiro128+ PRNG. Front-end requests for random values are then fulfilled
efficiently via the PRNG.
:Warning:
The output of the Xoroshiro128+ PRNG that is used in the new implementation of
the lx_emul randomness functions has known statistical problems (see
https://en.wikipedia.org/wiki/Xoroshiro128%2B#Statistical_Quality).
Furthermore, the integration of Xoroshir128+ with the lx_emul code was not
reviewed/audited for its security-related properties, so far, and has the
known deficiency of seeding the PRNG only once during initialization. Thus,
we strongly advise against the use of the lx_emul randomness functions for
security-critical purposes.
Ref #4397
This patch simplifies the use of the menu_view in scenarios where no
absolute motion events but only touch events occur. Previously, such
scenarios required the creation of artificial absolute motion events
via the event filter.
Issue #4514
The hover state is evaluated for the routing of input events. When
routing a touch event, the decision should be based on the most recently
observed touch position. Without this patch, however, the hover state kept
referring to the initial pointer position (screen center) in the absence
of any other motion events.
Issue #4514
A userland component that ports the Linux WireGuard kernel module (originally
from kernel version 5.14.21) and integrates it via a NIC session (public
network side) and an Uplink session (private network side). The
WireGuard-specific device configuration is done through the component
configuration. The port is done using lx_emul, lx_kit and the virt_linux
targets. The commit adds also 4 corresponding run scripts of which 3 are fully
automated of which 1 is added to the autopilot.
:Warning:
Although in principal functioning, the WireGuard port has not been exposed to a
sufficient amount of real-world testing, so far. Therefore, we strongly
recommend not to use it in any security-critical scenarios! There is no
guarantee that the port meets any of the security goals pursued by the
WireGuard protocol or other WireGuard implementations!
Ref #4397
The implementation was copied from the already existing LX-emul implementation
for x86 but the commit additionally page-aligns the array that serves as
backing store for the zero page as we assume this to be expected by the contrib
code. However, this commit doesn't apply the alignment also to the x86
implementation as we agreed, that this should be done in a separate commit.
Ref #4397
* Adds methods for copying raw data to the data field of Ethernet frames and
UDP packets. This is used in the port to wrap the higher-layer packet data
prepared by the contrib code with the additionally required headers before
sending it at a network session.
* Adds a method to cast raw data to an IPv4 packet. This is required in the
port in order to check values in stand-alone IP packets produced by the
contrib code before sending them at a network session.
* Adds methods for setting UDP ports given big endian port values without
having to convert to little endian in the app and then back to big endian in
the net lib.
Ref #4397
The driver did not allow for setting module parameters and so far
no one complained. Remove the option to prevent the misleading of
users.
Issue #4506.
Normally, the APIs listed in 'used_apis' files do not carry a version
but implictly refer to the current version. This patch allows for
specifiying an concrete version. This is a useful feature in the context
of the Goa tool.
By replacing the formerly hard-coded $(GENODE_DIR)/tool/depot/ by the
variable DEPOT_TOOL_DIR, the depot tools can be hosted outside the
Genode source tree, i.e., as part of the Goa tool.
Since Linux does not use the arch-independent spinlock structs for ARM,
we must use different members when accessing the lock value.
genodelabs/genode#4499
to work again. The drivers interactive package does not provide a Platform
service anymore, so remove the audio driver. A lot more mesa related libraries
are required now.
This commit de-duplicates the redundant dummy implementations and
to some degree also the 'lx_emul.c' implementations while also
decluttering the various 'dep.list' files.
The code is moved into 'src/lib/pc/lx_emul' where it becomes part
of the 'pc_lx_emul' library.
Fixes#4500.
Instead of each driver providing its own header file use a central
header as the initcall order header should cover _all_ provided
initcalls resulting from the used 'pc_linux' kernel config.
Note that the 'pc_linux' configuration was extended with the
'USB_USBNET' option because the module's initcall is needed for the
Genode C API for USB glue-code and the 'PACKET' option needed by
the wireless lan driver.
The lack of theses options was not noticed as each driver used its
own initcall header so far that stemmed from the initial porting
effort.
Issue #4500.
* Some fixups for the README
* Make config ROM const when used for the session policies
* Turn Reporter into Expanding_reporter
* Always first register ROM signal handler before parsing it the first time
Outsource parts of the Main object into a common compound object,
common parts of the Makefile description and depot source package.
Fixgenodelabs/genode#4503
* Parse PCI specific information from devices ROM
* Enable DMA, I/O memory and I/O port access dependent on BARs in config space
* Introduce device PD for Nova + IOMMU support
* Enable MSIs if available
* Add PCI specific policy rules
Fixesgenodelabs/genode#4502
Instead of returning an invalid device capability when a device
is (not yet) available, e.g. a PCI device is requested before the
PCI bus got parsed accordingly, we check the device capability
within the Platform::Connection utilities, and register temporarily
an Io_signal_handler to wait for changes of the devices ROM, and
try the device aquisition again. Thereby, simple drivers so not have
to take the burden to do so.
To enable this feature for all drivers, we always have to export a
devices ROM, but limit the information about physical resources
(I/O memory addresses, IRQ numbers, I/O port ranges) to clients with
'info=yes' in their policy description.
Fixgenodelabs/genode#4496