ExternalVendorCode/genode
1
0
Fork 0
mirror of https://github.com/genodelabs/genode.git synced 2024-12-19 13:47:56 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
b7049b5321
genode/repos/gems/run/tresor_utils.run
Martin Stein b903ddeea7 tresor: fix and test handling of minimal trees 
* add testing of trees with minimal and maximal dimensions to tresor_tester.run
* replace tresor_init-local configuration type with simpler and more conformant
  configuration type in tresor/types.h that does also XML-parsing and
  XML-generation of configurations
* raise min degree to 2 because a degree of 1 is not practical und would
  require additional logic
* fix overflow with num_blocks=0 in Superblock_control::Read|Write_vbas
* fix off-by-one bug regarding the number of levels in Vbd_initializer
* improve sanity checks in Tree_configuration constructors
* document level indices in tresor_init/README
* fix size of some arrays in order to be able to handle the maximum number of
  tree levels

Ref #5077
2024-04-12 15:00:46 +02:00

157 lines
4.5 KiB
Plaintext
Raw Blame History

assert_spec linux
append build_components {
core init timer lib/ld lib/vfs server/lx_block server/lx_fs server/vfs app/sequence
app/tresor_init_trust_anchor app/tresor_init app/tresor_check
lib/vfs_tresor_crypto_aes_cbc lib/vfs_tresor_trust_anchor lib/vfs_jitterentropy
lib/libc lib/libcrypto }
build $build_components
create_boot_directory
append config {
<config verbose="yes">
<parent-provides>
<service name="PD"/>
<service name="ROM"/>
<service name="LOG"/>
<service name="CPU"/>
</parent-provides>
<start name="timer" caps="100">
<resource name="RAM" quantum="1M"/>
<provides><service name="Timer"/></provides>
<route>
<service name="PD"> <parent/> </service>
<service name="ROM"> <parent/> </service>
<service name="LOG"> <parent/> </service>
<service name="CPU"> <parent/> </service>
</route>
</start>
<start name="lx_fs" ld="no" caps="100">
<resource name="RAM" quantum="2M"/>
<provides> <service name="File_system"/> </provides>
<config> <default-policy root="/" writeable="yes"/> </config>
<route>
<service name="PD"> <parent/> </service>
<service name="ROM"> <parent/> </service>
<service name="LOG"> <parent/> </service>
<service name="CPU"> <parent/> </service>
</route>
</start>
<start name="vfs" caps="120">
<resource name="RAM" quantum="16M"/>
<provides><service name="File_system"/></provides>
<config>
<vfs>
<dir name="ta_storage"> <fs/> </dir>
<dir name="dev">
<jitterentropy/>
<tresor_trust_anchor name="tresor_trust_anchor" storage_dir="/ta_storage"/>
</dir>
</vfs>
<default-policy root="/dev/tresor_trust_anchor" writeable="yes"/>
</config>
<route>
<service name="File_system"> <child name="lx_fs"/> </service>
<service name="PD"> <parent/> </service>
<service name="ROM"> <parent/> </service>
<service name="LOG"> <parent/> </service>
<service name="CPU"> <parent/> </service>
</route>
</start>
<start name="sequence" caps="200">
<resource name="RAM" quantum="128M"/>
<config>
<start name="tresor_init_trust_anchor">
<resource name="RAM" quantum="4M"/>
<config passphrase="foobar" trust_anchor_dir="/trust_anchor">
<vfs> <dir name="trust_anchor"> <fs label="ta"/> </dir> </vfs>
</config>
<route>
<service name="PD"> <parent/> </service>
<service name="ROM"> <parent/> </service>
<service name="LOG"> <parent/> </service>
<service name="CPU"> <parent/> </service>
</route>
</start>
<start name="tresor_init">
<resource name="RAM" quantum="4M"/>
<config>
<block-io type="vfs" path="/tresor.img"/>
<crypto path="/crypto"/>
<trust-anchor path="/trust_anchor"/>
<vfs>
<fs buffer_size="1M"/>
<tresor_crypto_aes_cbc name="crypto"/>
<dir name="trust_anchor">
<fs label="ta"/>
</dir>
</vfs>
<virtual-block-device max_lvl="2" degree="64" num_leaves="512" />
<free-tree max_lvl="2" degree="64" num_leaves="2048" />
</config>
<route>
<service name="PD"> <parent/> </service>
<service name="ROM"> <parent/> </service>
<service name="LOG"> <parent/> </service>
<service name="CPU"> <parent/> </service>
</route>
</start>
<start name="tresor_check" caps="100">
<resource name="RAM" quantum="4M"/>
<config>
<block-io type="vfs" path="/tresor.img"/>
<crypto path="/crypto"/>
<trust-anchor path="/trust_anchor"/>
<vfs>
<fs buffer_size="1M"/>
<tresor_crypto_aes_cbc name="crypto"/>
<dir name="trust_anchor"> <fs label="ta"/> </dir>
</vfs>
</config>
<route>
<service name="PD"> <parent/> </service>
<service name="ROM"> <parent/> </service>
<service name="LOG"> <parent/> </service>
<service name="CPU"> <parent/> </service>
</route>
</start>
</config>
<route>
<service name="File_system" label_last="ta"> <child name="vfs"/> </service>
<service name="File_system"> <child name="lx_fs"/> </service>
<service name="PD"> <parent/> </service>
<service name="ROM"> <parent/> </service>
<service name="LOG"> <parent/> </service>
<service name="CPU"> <parent/> </service>
</route>
</start>
</config>
}
install_config $config
exec rm -rf bin/tresor.img
exec truncate -s 32M bin/tresor.img
append boot_modules [build_artifacts]
lappend boot_modules tresor.img
build_boot_image $boot_modules
run_genode_until {.*child "sequence" exited with exit value 0.*\n} 240
Reference in New Issue View Git Blame Copy Permalink