The strict conversion warnings were disabled during development when the
contrib code was still compiled with the wireguard lib. Now this isn't
necessary anymore as the contrib code is in the wireguard_lx_inc_dirs lib.
Ref #4520
With this commit, the WireGuard component exits with a descriptive uncaught
exception on invalid configurations or when the user attempts to re-configure
attributes that are not re-configurable (private_key, listen_port, interface).
This is particularly important when it comes to the not re-configurable private
key. If the component would just ignore the attempt to override the private
key, the user may come to believe that his old (potentially compromised)
private key is not in use anymore.
The fact that the component now exits instead shouldn't be a problem, as the
user would have to restart the component anyway in order to apply the new
attribute values.
The commit also extends the wg_reconfig run script to test that WireGuard
exits on the attempt to re-configure the private key.
Ref #4520
Support removing peers by removing them from the component configuration.
This commit also introduces the wg_reconfig run script that tests adding and
removing single peers.
Ref #4520
I used to set the peer flags to 2 when adding a peer but merely because I
observed that value in my reference Linux. I now found that the flag 1<<1 means
'WGPEER_F_REPLACE_ALLOWEDIPS' and is ignored whenever the peer is new. Anyway,
I keep setting the flag but with the clearer enum name because the wg tool is
doing it as well when adding new peers and we want to stay close to how the
original code interacts.
Ref #4520
Build description files that feature both an actual target and
CUSTOM_TARGET_DEPS happen to re-link the target each time whenever one
of the CUSTOM_TARGET_DEPS is phony, e.g., gems/src/app/menu_view/.
The re-linking of the actual target is of course not desired. By
triggering the creation of CUSTOM_TARGET_DEPS from 'all:' instead of
'$(TARGET)', the specified files do not implicitly become link
dependencies of the target.
Issue #3972
The extra definition introduced by commit:
"lx_emul & arm: define ZERO_PAGE" re-defined the macro included
by a header of the contrib sources. This commit removes the
contrib header and defines thereby missing macros.
Fixes wrong atomic_*(ptr) usage with u32 pointer introduced by
commit "lx_emul: eliminate wrong include pathes". Atomic read or
write is nt needed in our case, we always schedule cooperatively.
Since "Consolidate USB test run-scripts" usb_hid_raw.run depends on
depot archives. Therefore, '--depot-dir' and '--depot-user' must be
passed to the nested run tool to cover cases that customize the depot
(e.g., our nightly CI).
Issue #4511
Introduces the pkg/wireguard archive that depends on the new src/wireguard
archive and deploys one WireGuard component with an empty configuration (can
be configured by the user via a launcher, for instance).
Fixed#4519
Introduce an arch-specific wireguard lib that contains all code from the
former arch-specific target.mk files. This allows us to create a generic
target.mk that merely depends on the library and a dummy.cc file. The latter
ensures that building/linking of the target isn't skipped by the build system.
Ref #4519
The wireguard library's purpose is having a separate INC_DIR setting for the
files that need Linux include paths that would clash with Genode include paths.
Therefore, the name wireguard_lx_inc_dirs is more descriptive. Furthermore,
this allows us to create a new arch-specific wireguard lib in a future commit
in the course of preventing arch-specific target.mk's (a commonly used
approach in Genode).
Ref #4519
The driver wrongfully disabled all APs if it was configured with an
auto-connect list containing multiple APs when one of those was
disabled as a result of using wrong credentials.
This commit changes the way network enable- and disablement are
handled by only operating on the given access-point in question.
It also removes unused code touched by these changes.
Thanks to Peter for bringing this problem to our attention.
Fixes#4517.
There is a race between the trace subject doing the buffer
initialization and the monitor trying to iterate the buffer entries. If
the monitor tries to iterate entries of an uninitialized buffer, it will
read the very first entry twice. The monitor should therefore only start
iteration when the buffer has been initialised.
genodelabs/genode#4513
By declaring the generated menu_view_styles.tar archive as build
artifact, it is automatically picked up whenever menu_view appears as
build ingredient of sculpt.
build: app/menu_view
* Prevent page-faults when the active interface of a device got unset
during elimination of the device
* Resets devices, where a corresponding session got closed to
be re-useable when a new session gets opened
Ref #4512
* Instead of repeatedly spam the log with errors and
bring heavy load to the USB host controller driver
abort yourself when the device vanishs
Fixgenodelabs/genode#4515
With this commit, the Xoroshiro128+ PRNG in lx_emul/random.cc gets wrapped
by a new class that automatically re-seeds the PRNG with jitterentropy every
1024 * 1024 + random(0..4095) bytes of generated output.
Ref #4397
Both the Wifi driver and the WireGuard port used local implementations for
their source of randomness. Wifi used a Xoroshiro128+ PRNG for rapid generation
of random values but initialized this PRNG always with the same static seed
value. WireGuard, in contrast, requested each random byte directly from the
jitterentropy lib, which is considered to be very time intensive.
This commit removes the local variants of random.cc and introduces a new
centralized lx_emul/random.cc . The new variant combines the former approaches,
so, that jitterentropy is accessed only in order to generate a random seed for
a Xoroshiro128+ PRNG. Front-end requests for random values are then fulfilled
efficiently via the PRNG.
:Warning:
The output of the Xoroshiro128+ PRNG that is used in the new implementation of
the lx_emul randomness functions has known statistical problems (see
https://en.wikipedia.org/wiki/Xoroshiro128%2B#Statistical_Quality).
Furthermore, the integration of Xoroshir128+ with the lx_emul code was not
reviewed/audited for its security-related properties, so far, and has the
known deficiency of seeding the PRNG only once during initialization. Thus,
we strongly advise against the use of the lx_emul randomness functions for
security-critical purposes.
Ref #4397
This patch simplifies the use of the menu_view in scenarios where no
absolute motion events but only touch events occur. Previously, such
scenarios required the creation of artificial absolute motion events
via the event filter.
Issue #4514
The hover state is evaluated for the routing of input events. When
routing a touch event, the decision should be based on the most recently
observed touch position. Without this patch, however, the hover state kept
referring to the initial pointer position (screen center) in the absence
of any other motion events.
Issue #4514
A userland component that ports the Linux WireGuard kernel module (originally
from kernel version 5.14.21) and integrates it via a NIC session (public
network side) and an Uplink session (private network side). The
WireGuard-specific device configuration is done through the component
configuration. The port is done using lx_emul, lx_kit and the virt_linux
targets. The commit adds also 4 corresponding run scripts of which 3 are fully
automated of which 1 is added to the autopilot.
:Warning:
Although in principal functioning, the WireGuard port has not been exposed to a
sufficient amount of real-world testing, so far. Therefore, we strongly
recommend not to use it in any security-critical scenarios! There is no
guarantee that the port meets any of the security goals pursued by the
WireGuard protocol or other WireGuard implementations!
Ref #4397
The implementation was copied from the already existing LX-emul implementation
for x86 but the commit additionally page-aligns the array that serves as
backing store for the zero page as we assume this to be expected by the contrib
code. However, this commit doesn't apply the alignment also to the x86
implementation as we agreed, that this should be done in a separate commit.
Ref #4397
* Adds methods for copying raw data to the data field of Ethernet frames and
UDP packets. This is used in the port to wrap the higher-layer packet data
prepared by the contrib code with the additionally required headers before
sending it at a network session.
* Adds a method to cast raw data to an IPv4 packet. This is required in the
port in order to check values in stand-alone IP packets produced by the
contrib code before sending them at a network session.
* Adds methods for setting UDP ports given big endian port values without
having to convert to little endian in the app and then back to big endian in
the net lib.
Ref #4397
