mirror of
https://github.com/genodelabs/genode.git
synced 2025-01-11 23:43:15 +00:00
b903ddeea7
* add testing of trees with minimal and maximal dimensions to tresor_tester.run * replace tresor_init-local configuration type with simpler and more conformant configuration type in tresor/types.h that does also XML-parsing and XML-generation of configurations * raise min degree to 2 because a degree of 1 is not practical und would require additional logic * fix overflow with num_blocks=0 in Superblock_control::Read|Write_vbas * fix off-by-one bug regarding the number of levels in Vbd_initializer * improve sanity checks in Tree_configuration constructors * document level indices in tresor_init/README * fix size of some arrays in order to be able to handle the maximum number of tree levels Ref #5077
305 lines
8.1 KiB
Plaintext
305 lines
8.1 KiB
Plaintext
assert_spec linux
|
|
|
|
set dd [installed_command dd]
|
|
|
|
create_boot_directory
|
|
|
|
proc tresor_image_name { } { return "vfs_tresor_block.img" }
|
|
|
|
proc tresor_image_size_mb { } { return 4 }
|
|
|
|
proc local_tresor_image { } { return bin/[tresor_image_name] }
|
|
|
|
proc autopilot_tresor_image { } { return /tmp/[tresor_image_name].[exec id -un] }
|
|
|
|
import_from_depot [depot_user]/src/ncurses \
|
|
[depot_user]/src/bash \
|
|
[depot_user]/src/coreutils
|
|
|
|
build {
|
|
core
|
|
timer
|
|
init
|
|
lib/ld
|
|
lib/vfs_tresor
|
|
lib/vfs_tresor_crypto_aes_cbc
|
|
lib/vfs_tresor_crypto_memcopy
|
|
lib/vfs_tresor_trust_anchor
|
|
lib/vfs_import
|
|
lib/vfs_jitterentropy
|
|
lib/vfs_pipe
|
|
lib/vfs
|
|
lib/libc
|
|
lib/libm
|
|
lib/posix
|
|
lib/libcrypto
|
|
test/vfs_stress
|
|
test/libc
|
|
server/log_terminal
|
|
server/report_rom
|
|
server/fs_rom
|
|
server/lx_fs
|
|
server/vfs
|
|
app/tresor_init_trust_anchor
|
|
app/tresor_init
|
|
app/sequence
|
|
}
|
|
|
|
append config {
|
|
<config verbose="yes">
|
|
<parent-provides>
|
|
<service name="ROM"/>
|
|
<service name="IRQ"/>
|
|
<service name="IO_MEM"/>
|
|
<service name="IO_PORT"/>
|
|
<service name="PD"/>
|
|
<service name="RM"/>
|
|
<service name="CPU"/>
|
|
<service name="LOG"/>
|
|
</parent-provides>
|
|
|
|
<default-route>
|
|
<any-service> <parent/> <any-child/> </any-service>
|
|
</default-route>
|
|
|
|
<default caps="100"/>
|
|
|
|
<start name="timer">
|
|
<resource name="RAM" quantum="1M"/>
|
|
<provides><service name="Timer"/></provides>
|
|
</start>
|
|
|
|
<start name="log_terminal" caps="110">
|
|
<resource name="RAM" quantum="2M"/>
|
|
<provides><service name="Terminal"/></provides>
|
|
<route>
|
|
<any-service> <parent/> <any-child/> </any-service>
|
|
</route>
|
|
</start>
|
|
|
|
<start name="lx_fs" ld="no">
|
|
<resource name="RAM" quantum="4M"/>
|
|
<provides> <service name="File_system"/> </provides>
|
|
<config>
|
|
<default-policy root="/" writeable="yes"/>
|
|
</config>
|
|
</start>
|
|
|
|
<start name="vfs_tresor_trust_anchor" caps="120">
|
|
<binary name="vfs"/>
|
|
<resource name="RAM" quantum="16M"/>
|
|
<provides><service name="File_system"/></provides>
|
|
<config>
|
|
<vfs>
|
|
<ram/>
|
|
<dir name="dev">
|
|
<jitterentropy/>
|
|
<tresor_trust_anchor name="tresor_trust_anchor" storage_dir="/"/>
|
|
</dir>
|
|
</vfs>
|
|
|
|
<default-policy root="/dev/tresor_trust_anchor" writeable="yes"/>
|
|
</config>
|
|
<route>
|
|
<any-service> <parent/> </any-service>
|
|
</route>
|
|
</start>
|
|
|
|
<start name="sequence" caps="3000">
|
|
<resource name="RAM" quantum="300M"/>
|
|
<config>
|
|
|
|
<start name="tresor_init_trust_anchor">
|
|
<resource name="RAM" quantum="4M"/>
|
|
<config passphrase="foobar" trust_anchor_dir="/trust_anchor">
|
|
<vfs>
|
|
<dir name="trust_anchor">
|
|
<fs label="tresor_trust_anchor"/>
|
|
</dir>
|
|
</vfs>
|
|
</config>
|
|
</start>
|
|
|
|
<start name="tresor_init">
|
|
<resource name="RAM" quantum="4M"/>
|
|
<config>
|
|
|
|
<block-io type="vfs" path="/} [tresor_image_name] {"/>
|
|
<crypto path="/crypto"/>
|
|
<trust-anchor path="/trust_anchor"/>
|
|
|
|
<vfs>
|
|
<fs label="tresor_block_io" buffer_size="1M"/>
|
|
<tresor_crypto_aes_cbc name="crypto"/>
|
|
<dir name="trust_anchor">
|
|
<fs label="tresor_trust_anchor"/>
|
|
</dir>
|
|
</vfs>
|
|
|
|
<virtual-block-device max_lvl="2" degree="64" num_leaves="512" />
|
|
<free-tree max_lvl="2" degree="64" num_leaves="2048" />
|
|
|
|
</config>
|
|
<route>
|
|
<any-service> <parent/> </any-service>
|
|
</route>
|
|
</start>
|
|
|
|
<start name="init" caps="1600">
|
|
<resource name="RAM" quantum="256M"/>
|
|
<config verbose="yes">
|
|
|
|
<parent-provides>
|
|
<service name="ROM"/>
|
|
<service name="PD"/>
|
|
<service name="RM"/>
|
|
<service name="CPU"/>
|
|
<service name="LOG"/>
|
|
<service name="Nic"/>
|
|
<service name="Timer"/>
|
|
<service name="File_system"/>
|
|
<service name="Terminal"/>
|
|
</parent-provides>
|
|
|
|
<default-route> <any-service> <parent/> </any-service> </default-route>
|
|
|
|
<default caps="100"/>
|
|
|
|
<start name="vfs_tresor" caps="200">
|
|
<binary name="vfs"/>
|
|
<resource name="RAM" quantum="16M"/>
|
|
<provides><service name="File_system"/></provides>
|
|
<config>
|
|
<vfs>
|
|
<fs buffer_size="1M" label="tresor_block_io"/>
|
|
<tresor_crypto_aes_cbc name="tresor_crypto"/>
|
|
<dir name="ta"> <fs buffer_size="1M" label="tresor_trust_anchor"/> </dir>
|
|
<dir name="dev">
|
|
<tresor name="tresor" debug="no" verbose="yes"
|
|
block="/} [tresor_image_name] {"
|
|
crypto="/tresor_crypto"
|
|
trust_anchor="/ta"/>
|
|
</dir>
|
|
</vfs>
|
|
|
|
<default-policy root="/dev" writeable="yes"/>
|
|
</config>
|
|
<route>
|
|
<any-service> <parent/> </any-service>
|
|
</route>
|
|
</start>
|
|
|
|
<start name="vfs" caps="120">
|
|
<resource name="RAM" quantum="30M"/>
|
|
<provides><service name="File_system"/></provides>
|
|
<config>
|
|
<vfs>
|
|
<tar name="coreutils.tar"/>
|
|
<tar name="bash.tar"/>
|
|
|
|
<dir name="home"> <ram/> </dir>
|
|
<dir name="share"> </dir>
|
|
<dir name="tmp"> <ram/> </dir>
|
|
<dir name="dev">
|
|
<zero/> <null/> <terminal/>
|
|
<dir name="pipe"> <pipe/> </dir>
|
|
<inline name="rtc">2018-01-01 00:01</inline>
|
|
</dir>
|
|
</vfs>
|
|
|
|
<policy label_prefix="vfs_rom" root="/"/>
|
|
<default-policy root="/" writeable="yes"/>
|
|
</config>
|
|
<route>
|
|
<service name="Terminal"> <parent label="log_terminal"/> </service>
|
|
<service name="Timer"> <child name="timer"/> </service>
|
|
<any-service> <parent/> </any-service>
|
|
</route>
|
|
</start>
|
|
|
|
<start name="vfs_rom">
|
|
<resource name="RAM" quantum="30M"/>
|
|
<binary name="fs_rom"/>
|
|
<provides> <service name="ROM"/> </provides>
|
|
<config/>
|
|
<route>
|
|
<service name="File_system"> <child name="vfs"/> </service>
|
|
<any-service> <parent/> </any-service>
|
|
</route>
|
|
</start>
|
|
|
|
<start name="/bin/bash" caps="1000">
|
|
<resource name="RAM" quantum="64M"/>
|
|
<config ld_verbose="yes">
|
|
<libc stdin="/dev/terminal" stdout="/dev/terminal"
|
|
stderr="/dev/terminal" rtc="/dev/rtc" pipe="/dev/pipe"/>
|
|
<vfs>
|
|
<fs label="shell" buffer_size="1M"/>
|
|
<dir name="dev">
|
|
<fs label="tresor" buffer_size="1M"/>
|
|
</dir>
|
|
<rom name=".profile" label="vfs_tresor.sh"/>
|
|
</vfs>
|
|
<arg value="bash"/>
|
|
<arg value="--login"/>
|
|
<env key="TERM" value="screen"/>
|
|
<env key="HOME" value="/"/>
|
|
<env key="PATH" value="/bin"/>
|
|
</config>
|
|
<route>
|
|
<service name="File_system" label="shell"> <child name="vfs"/> </service>
|
|
<service name="File_system" label="tresor"> <child name="vfs_tresor"/> </service>
|
|
<service name="ROM" label_suffix=".lib.so"> <parent/> </service>
|
|
<service name="ROM" label_last="/bin/bash"> <child name="vfs_rom"/> </service>
|
|
<service name="ROM" label_prefix="/bin"> <child name="vfs_rom"/> </service>
|
|
<any-service> <parent/> <any-child/> </any-service>
|
|
</route>
|
|
</start>
|
|
|
|
</config>
|
|
</start>
|
|
|
|
</config>
|
|
<route>
|
|
<service name="Terminal"> <child name="log_terminal"/> </service>
|
|
<service name="File_system" label_suffix="tresor_block_io"> <child name="lx_fs"/> </service>
|
|
<service name="File_system" label_suffix="tresor_trust_anchor"> <child name="vfs_tresor_trust_anchor"/> </service>
|
|
<service name="Timer"> <child name="timer"/> </service>
|
|
<any-service> <parent/> </any-service>
|
|
</route>
|
|
</start>
|
|
|
|
</config>}
|
|
|
|
install_config $config
|
|
|
|
set shell_script "run/vfs_tresor.sh"
|
|
set repo "[repository_contains $shell_script]"
|
|
exec cp $repo/$shell_script bin/
|
|
|
|
exec rm -rf [local_tresor_image]
|
|
if { [get_cmd_switch --autopilot] } {
|
|
|
|
exec rm -rf [autopilot_tresor_image]
|
|
catch { exec $dd if=/dev/urandom of=[autopilot_tresor_image] bs=1M count=[tresor_image_size_mb] }
|
|
exec ln -sf -T [autopilot_tresor_image] [local_tresor_image]
|
|
|
|
} else {
|
|
|
|
catch { exec $dd if=/dev/urandom of=[local_tresor_image] bs=1M count=[tresor_image_size_mb] }
|
|
}
|
|
|
|
set boot_modules [build_artifacts]
|
|
append boot_modules { vfs_tresor.sh }
|
|
lappend boot_modules [tresor_image_name]
|
|
|
|
build_boot_image $boot_modules
|
|
|
|
run_genode_until {.*"/bin/bash".* exited with exit value 0.*\n} 120
|
|
|
|
if { [get_cmd_switch --autopilot] } {
|
|
|
|
exec rm -rf [local_tresor_image]
|
|
exec rm -rf [autopilot_tresor_image]
|
|
}
|