Remove StorageManager.

StorageManager (the component) did nothing useful so remove it and plumb the only user (DebugConsole) directly to the SecurityCoordinator. When the SDKRuntime is ready it likewise will talk directly to SecurityCoordinator. The only visible change in this is the "kvread" shell command displays the raw key value instead of converting it to a string. Change-Id: I5a285dc083e5f02ecbf0defc83deebb34a7b38d7 GitOrigin-RevId: 70d04d8155167f9bf3f88291363760d91c10a279
2025-04-28 02:40:40 +00:00 · 2022-08-26 16:57:48 -07:00 · 2022-08-26 16:57:48 -07:00 · 13799ab779
commit 13799ab779
parent fb94ac248a
24 changed files with 17 additions and 612 deletions
--- a/apps/system/CMakeLists.txt
+++ b/apps/system/CMakeLists.txt
@ -97,18 +97,6 @@ DeclareCAmkESComponent(SecurityCoordinator
  $ENV{OUT}/kata/components
 )

-RustAddLibrary(
-  kata_storage_manager
-  SOURCE_DIR ${CMAKE_CURRENT_LIST_DIR}/components/StorageManager
-  LIB_FILENAME libkata_storage_manager.a
-)
-
-DeclareCAmkESComponent(StorageManager
-  LIBS kata_storage_manager
-  INCLUDES interfaces
-  $ENV{OUT}/kata/components
-)
-
 RustAddLibrary(
  kata_timer_service
  SOURCE_DIR ${CMAKE_CURRENT_LIST_DIR}/components/TimerService
--- a/apps/system/components/DebugConsole/DebugConsole.camkes
+++ b/apps/system/components/DebugConsole/DebugConsole.camkes
@ -18,7 +18,6 @@ import <PackageManagementInterface.camkes>;
 import <MlCoordinatorInterface.camkes>;
 import <MemoryInterface.camkes>;
 import <SecurityCoordinatorInterface.camkes>;
-import <StorageInterface.camkes>;
 import <TimerServiceInterface.camkes>;
 import <SDKRuntimeInterface.camkes>;

@ -40,8 +39,6 @@ component DebugConsole {
  uses ProcessControlInterface proc_ctrl;
  // TODO(b/200707300): for debugging
  uses SecurityCoordinatorInterface security;
-  // TODO(b/200707300): for debugging
-  uses StorageInterface storage;
  uses SDKRuntimeInterface sdk_runtime;

  uses Timer timer;
--- a/apps/system/components/DebugConsole/kata-shell/Cargo.toml
+++ b/apps/system/components/DebugConsole/kata-shell/Cargo.toml
@ -61,7 +61,6 @@ kata-ml-interface = { path = "../../MlCoordinator/kata-ml-interface" }
 kata-proc-interface = { path = "../../ProcessManager/kata-proc-interface" }
 kata-os-common = { path = "../../kata-os-common" }
 kata-security-interface = { path = "../../SecurityCoordinator/kata-security-interface" }
-kata-storage-interface = { path = "../../StorageManager/kata-storage-interface" }
 kata-timer-interface = { path = "../../TimerService/kata-timer-interface" }
 kata-sdk-interface = { path = "../../SDKRuntime/kata-sdk-interface" }
 log = { version = "0.4", features = ["release_max_level_info"] }
--- a/apps/system/components/DebugConsole/kata-shell/src/lib.rs
+++ b/apps/system/components/DebugConsole/kata-shell/src/lib.rs
@ -32,9 +32,9 @@ use kata_proc_interface::kata_pkg_mgmt_uninstall;
 use kata_proc_interface::kata_proc_ctrl_get_running_bundles;
 use kata_proc_interface::kata_proc_ctrl_start;
 use kata_proc_interface::kata_proc_ctrl_stop;
-use kata_storage_interface::kata_storage_delete;
-use kata_storage_interface::kata_storage_read;
-use kata_storage_interface::kata_storage_write;
+use kata_security_interface::kata_security_delete_key;
+use kata_security_interface::kata_security_read_key;
+use kata_security_interface::kata_security_write_key;

 use sel4_sys::seL4_CNode_Delete;
 use sel4_sys::seL4_CPtr;
@ -295,9 +295,6 @@ fn capscan_command(
        Some("security") => {
            let _ = kata_security_interface::kata_security_capscan();
        }
-        Some("storage") => {
-            let _ = kata_storage_interface::kata_storage_capscan();
-        }
        Some("timer") => {
            let _ = kata_timer_interface::timer_service_capscan();
        }
@ -486,8 +483,9 @@ fn kvdelete_command(
    output: &mut dyn io::Write,
    _builtin_cpio: &[u8],
 ) -> Result<(), CommandError> {
+    let bundle_id = args.next().ok_or(CommandError::BadArgs)?;
    let key = args.next().ok_or(CommandError::BadArgs)?;
-    match kata_storage_delete(key) {
+    match kata_security_delete_key(bundle_id, key) {
        Ok(_) => {
            writeln!(output, "Delete key \"{}\".", key)?;
        }
@ -504,10 +502,12 @@ fn kvread_command(
    output: &mut dyn io::Write,
    _builtin_cpio: &[u8],
 ) -> Result<(), CommandError> {
+    let bundle_id = args.next().ok_or(CommandError::BadArgs)?;
    let key = args.next().ok_or(CommandError::BadArgs)?;
-    match kata_storage_read(key) {
-        Ok(value) => {
-            writeln!(output, "Read key \"{}\" = {:?}.", key, value)?;
+    let mut keyval = [0u8; kata_security_interface::KEY_VALUE_DATA_SIZE];
+    match kata_security_read_key(bundle_id, key, &mut keyval) {
+        Ok(_) => {
+            writeln!(output, "Read key \"{}\" = {:?}.", key, keyval)?;
        }
        Err(status) => {
            writeln!(output, "Read key \"{}\" failed: {:?}", key, status)?;
@ -522,9 +522,10 @@ fn kvwrite_command(
    output: &mut dyn io::Write,
    _builtin_cpio: &[u8],
 ) -> Result<(), CommandError> {
+    let bundle_id = args.next().ok_or(CommandError::BadArgs)?;
    let key = args.next().ok_or(CommandError::BadArgs)?;
    let value = args.collect::<Vec<&str>>().join(" ");
-    match kata_storage_write(key, value.as_bytes()) {
+    match kata_security_write_key(bundle_id, key, value.as_bytes()) {
        Ok(_) => {
            writeln!(output, "Write key \"{}\" = {:?}.", key, value)?;
        }
--- a/apps/system/components/DebugConsole/kata-shell/src/test_security_coordinator.rs
+++ b/apps/system/components/DebugConsole/kata-shell/src/test_security_coordinator.rs
@ -25,7 +25,6 @@ use kata_io as io;
 use kata_memory_interface::kata_object_free_in_cnode;
 use kata_os_common::cspace_slot::CSpaceSlot;
 use kata_security_interface::*;
-use kata_storage_interface::KEY_VALUE_DATA_SIZE;

 pub fn add_cmds(cmds: &mut HashMap<&str, CmdFn>) {
    cmds.extend([
@ -34,9 +33,6 @@ pub fn add_cmds(cmds: &mut HashMap<&str, CmdFn>) {
        ("get_manifest", get_manifest_command as CmdFn),
        ("load_application", load_application_command as CmdFn),
        ("load_model", load_model_command as CmdFn),
-        ("delete_key", delete_key_command as CmdFn),
-        ("read_key", read_key_command as CmdFn),
-        ("write_key", write_key_command as CmdFn),
        ("test_mailbox", test_mailbox_command as CmdFn),
    ]);
 }
@ -123,65 +119,6 @@ fn load_model_command(
    Ok(())
 }

-fn delete_key_command(
-    args: &mut dyn Iterator<Item = &str>,
-    _input: &mut dyn io::BufRead,
-    output: &mut dyn io::Write,
-    _builtin_cpio: &[u8],
-) -> Result<(), CommandError> {
-    let bundle_id = args.next().ok_or(CommandError::BadArgs)?;
-    let key = args.next().ok_or(CommandError::BadArgs)?;
-    match kata_security_delete_key(bundle_id, key) {
-        Ok(_) => {
-            writeln!(output, "Delete key \"{}\".", key)?;
-        }
-        Err(status) => {
-            writeln!(output, "Delete key \"{}\" failed: {:?}", key, status)?;
-        }
-    }
-    Ok(())
-}
-
-fn read_key_command(
-    args: &mut dyn Iterator<Item = &str>,
-    _input: &mut dyn io::BufRead,
-    output: &mut dyn io::Write,
-    _builtin_cpio: &[u8],
-) -> Result<(), CommandError> {
-    let bundle_id = args.next().ok_or(CommandError::BadArgs)?;
-    let key = args.next().ok_or(CommandError::BadArgs)?;
-    let mut keyval = [0u8; KEY_VALUE_DATA_SIZE];
-    match kata_security_read_key(bundle_id, key, &mut keyval) {
-        Ok(_) => {
-            writeln!(output, "Read key \"{}\" = {:?}.", key, keyval)?;
-        }
-        Err(status) => {
-            writeln!(output, "Read key \"{}\" failed: {:?}", key, status)?;
-        }
-    }
-    Ok(())
-}
-
-fn write_key_command(
-    args: &mut dyn Iterator<Item = &str>,
-    _input: &mut dyn io::BufRead,
-    output: &mut dyn io::Write,
-    _builtin_cpio: &[u8],
-) -> Result<(), CommandError> {
-    let bundle_id = args.next().ok_or(CommandError::BadArgs)?;
-    let key = args.next().ok_or(CommandError::BadArgs)?;
-    let value = args.collect::<Vec<&str>>().join(" ");
-    match kata_security_write_key(bundle_id, key, value.as_bytes()) {
-        Ok(_) => {
-            writeln!(output, "Write key \"{}\" = {:?}.", key, value)?;
-        }
-        Err(status) => {
-            writeln!(output, "Write key \"{}\" failed: {:?}", key, status)?;
-        }
-    }
-    Ok(())
-}
-
 fn test_mailbox_command(
    _args: &mut dyn Iterator<Item = &str>,
    _input: &mut dyn io::BufRead,
--- a/apps/system/components/SecurityCoordinator/kata-security-component/Cargo.toml
+++ b/apps/system/components/SecurityCoordinator/kata-security-component/Cargo.toml
@ -21,7 +21,6 @@ edition = "2021"
 kata-os-common = { path = "../../kata-os-common" }
 kata-security-interface = { path = "../kata-security-interface" }
 kata-security-coordinator = { path = "../kata-security-coordinator" }
-kata-storage-interface = { path = "../../StorageManager/kata-storage-interface" }
 log = { version = "0.4", features = ["release_max_level_info"] }
 postcard = { version = "0.7", features = ["alloc"], default-features = false }

--- a/apps/system/components/SecurityCoordinator/kata-security-component/src/run.rs
+++ b/apps/system/components/SecurityCoordinator/kata-security-component/src/run.rs
@ -25,7 +25,6 @@ use kata_os_common::sel4_sys;
 use kata_os_common::slot_allocator::KATA_CSPACE_SLOTS;
 use kata_security_coordinator::KATA_SECURITY;
 use kata_security_interface::*;
-use kata_storage_interface::KEY_VALUE_DATA_SIZE;
 use log::trace;

 use SecurityRequestError::*;
--- a/apps/system/components/SecurityCoordinator/kata-security-coordinator/Cargo.toml
+++ b/apps/system/components/SecurityCoordinator/kata-security-coordinator/Cargo.toml
@ -27,6 +27,5 @@ hashbrown = { version = "0.11", features = ["ahash-compile-time-rng"] }
 kata-memory-interface = { path = "../../MemoryManager/kata-memory-interface" }
 kata-os-common = { path = "../../kata-os-common" }
 kata-security-interface = { path = "../kata-security-interface" }
-kata-storage-interface = { path = "../../StorageManager/kata-storage-interface" }
 log = { version = "0.4", features = ["release_max_level_info"] }
 postcard = { version = "0.7", features = ["alloc"], default-features = false }
--- a/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/fakeimpl/mod.rs
+++ b/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/fakeimpl/mod.rs
@ -29,7 +29,6 @@ use kata_os_common::copyregion::CopyRegion;
 use kata_os_common::cspace_slot::CSpaceSlot;
 use kata_os_common::sel4_sys;
 use kata_security_interface::*;
-use kata_storage_interface::KeyValueData;
 use log::trace;

 use sel4_sys::seL4_Error;
--- a/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/lib.rs
+++ b/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/lib.rs
@ -24,7 +24,7 @@ use alloc::string::String;
 use kata_memory_interface::ObjDescBundle;
 use kata_security_interface::SecurityCoordinatorInterface;
 use kata_security_interface::SecurityRequestError;
-use kata_storage_interface::KeyValueData;
+use kata_security_interface::KeyValueData;

 #[cfg(all(feature = "fake", feature = "sel4"))]
 compile_error!("features \"fake\" and \"sel4\" are mutually exclusive");
--- a/apps/system/components/SecurityCoordinator/kata-security-interface/Cargo.toml
+++ b/apps/system/components/SecurityCoordinator/kata-security-interface/Cargo.toml
@ -20,7 +20,6 @@ edition = "2021"
 [dependencies]
 kata-memory-interface = { path = "../../MemoryManager/kata-memory-interface" }
 kata-os-common = { path = "../../kata-os-common" }
-kata-storage-interface = { path = "../../StorageManager/kata-storage-interface" }
 log = { version = "0.4", features = ["release_max_level_info"] }
 postcard = { version = "0.7", features = ["alloc"], default-features = false }
 serde = { version = "1.0", default-features = false, features = ["alloc", "derive"] }
--- a/apps/system/components/SecurityCoordinator/kata-security-interface/src/lib.rs
+++ b/apps/system/components/SecurityCoordinator/kata-security-interface/src/lib.rs
@ -23,8 +23,6 @@ use kata_memory_interface::ObjDescBundle;
 use kata_os_common::camkes::Camkes;
 use kata_os_common::cspace_slot::CSpaceSlot;
 use kata_os_common::sel4_sys;
-use kata_storage_interface::KeyValueData;
-use kata_storage_interface::StorageError;
 use log::trace;
 use serde::{Deserialize, Serialize};

@ -45,6 +43,10 @@ const SECURITY_REQUEST_DATA_SIZE: usize = 2048;
 pub const SECURITY_REPLY_DATA_SIZE: usize = 2048;
 pub type SecurityReplyData = [u8; SECURITY_REPLY_DATA_SIZE];

+// TODO(sleffler): temp constraint on value part of key-value pairs
+pub const KEY_VALUE_DATA_SIZE: usize = 100;
+pub type KeyValueData = [u8; KEY_VALUE_DATA_SIZE];
+
 // NB: struct's marked repr(C) are processed by cbindgen to get a .h file
 //   used in camkes C interfaces.

@ -224,22 +226,6 @@ pub enum SecurityRequestError {
    SreTestFailed,
 }

-impl From<SecurityRequestError> for StorageError {
-    fn from(err: SecurityRequestError) -> StorageError {
-        match err {
-            SecurityRequestError::SreBundleNotFound => StorageError::BundleNotFound,
-            SecurityRequestError::SreKeyNotFound => StorageError::KeyNotFound,
-            SecurityRequestError::SreValueInvalid => StorageError::ValueInvalid,
-            SecurityRequestError::SreKeyInvalid => StorageError::KeyInvalid,
-            SecurityRequestError::SreSerializeFailed => StorageError::SerializeFailed,
-            SecurityRequestError::SreReadFailed => StorageError::ReadFailed,
-            SecurityRequestError::SreWriteFailed => StorageError::WriteFailed,
-            SecurityRequestError::SreDeleteFailed => StorageError::DeleteFailed,
-            _ => StorageError::UnknownSecurityError, // NB: cannot happen
-        }
-    }
-}
-
 #[repr(C)]
 #[derive(Clone, Copy, Debug, Eq, PartialEq)]
 pub enum SecurityRequest {
--- a/apps/system/components/StorageManager/Cargo.toml
+++ b/apps/system/components/StorageManager/Cargo.toml
@ -1,39 +0,0 @@
-# Copyright 2022 Google LLC
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     https://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-[workspace]
-
-members = [
-    "kata-storage-component",
-    "kata-storage-interface",
-    "kata-storage-manager",
-]
-resolver = "2"
-
-[profile.dev]
-opt-level = 0
-debug = true
-# TODO(b/223253186): workaround gdb DIE errors
-lto = false
-codegen-units = 1
-
-[profile.release]
-opt-level = "z"
-lto = "fat"
-codegen-units = 1
-split-debuginfo = "unpacked"
-
-[profile.release.build-override]
-opt-level = "z"
-codegen-units = 1
--- a/apps/system/components/StorageManager/StorageManager.camkes
+++ b/apps/system/components/StorageManager/StorageManager.camkes
@ -1,29 +0,0 @@
-// Copyright 2022 Google LLC
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     https://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-// Kata OS StorageManager services.
-
-import <LoggerInterface.camkes>;
-import <SecurityCoordinatorInterface.camkes>;
-import <StorageInterface.camkes>;
-
-component StorageManager {
-  provides StorageInterface storage;
-
-  maybe uses LoggerInterface logger;
-  uses SecurityCoordinatorInterface security;
-
-  // Enable KataOS CAmkES support.
-  attribute int kataos = true;
-}
--- a/apps/system/components/StorageManager/kata-storage-component/Cargo.toml
+++ b/apps/system/components/StorageManager/kata-storage-component/Cargo.toml
@ -1,31 +0,0 @@
-# Copyright 2022 Google LLC
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     https://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-[package]
-name = "kata-storage-component"
-version = "0.1.0"
-edition = "2021"
-
-[dependencies]
-cstr_core = { version = "0.2.3", default-features = false }
-kata-os-common = { path = "../../kata-os-common" }
-kata-storage-interface = { path = "../kata-storage-interface" }
-kata-storage-manager = { path = "../kata-storage-manager" }
-log = { version = "0.4", features = ["release_max_level_info"] }
-postcard = { version = "0.7", features = ["alloc"], default-features = false }
-
-[lib]
-name = "kata_storage_manager"
-path = "src/run.rs"
-crate-type = ["staticlib"]
--- a/apps/system/components/StorageManager/kata-storage-component/src/run.rs
+++ b/apps/system/components/StorageManager/kata-storage-component/src/run.rs
@ -1,89 +0,0 @@
-// Copyright 2022 Google LLC
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     https://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-//! Kata OS StorageManager component support.
-
-// Code here binds the camkes component to the rust code.
-#![no_std]
-#![allow(clippy::missing_safety_doc)]
-
-extern crate alloc;
-use core::slice;
-use cstr_core::CStr;
-use kata_os_common::camkes::Camkes;
-use kata_storage_interface::KeyValueData;
-use kata_storage_interface::StorageManagerError;
-use kata_storage_interface::StorageManagerInterface;
-use kata_storage_manager::KATA_STORAGE;
-
-static mut CAMKES: Camkes = Camkes::new("StorageManager");
-
-#[no_mangle]
-pub unsafe extern "C" fn pre_init() {
-    static mut HEAP_MEMORY: [u8; 8 * 1024] = [0; 8 * 1024];
-    CAMKES.pre_init(log::LevelFilter::Trace, &mut HEAP_MEMORY);
-}
-
-// StorageInterface glue stubs.
-#[no_mangle]
-pub unsafe extern "C" fn storage_read(
-    c_key: *const cstr_core::c_char,
-    c_raw_value: *mut KeyValueData,
-) -> StorageManagerError {
-    match CStr::from_ptr(c_key).to_str() {
-        Ok(key) => {
-            // TODO(sleffler): de-badge reply cap to get bundle_id
-            match KATA_STORAGE.read("fubar", key) {
-                Ok(value) => {
-                    // NB: no serialization, returns raw data
-                    (*c_raw_value).copy_from_slice(&value);
-                    StorageManagerError::SmeSuccess
-                }
-                Err(e) => StorageManagerError::from(e),
-            }
-        }
-        Err(_) => StorageManagerError::SmeKeyInvalid,
-    }
-}
-
-#[no_mangle]
-pub unsafe extern "C" fn storage_write(
-    c_key: *const cstr_core::c_char,
-    c_raw_value_len: usize,
-    c_raw_value: *const u8,
-) -> StorageManagerError {
-    match CStr::from_ptr(c_key).to_str() {
-        Ok(key) => {
-            // TODO(sleffler): de-badge reply cap to get bundle_id
-            KATA_STORAGE
-                .write("fubar", key, slice::from_raw_parts(c_raw_value, c_raw_value_len))
-                .into()
-        }
-        Err(_) => StorageManagerError::SmeKeyInvalid,
-    }
-}
-
-#[no_mangle]
-pub unsafe extern "C" fn storage_delete(c_key: *const cstr_core::c_char) -> StorageManagerError {
-    match CStr::from_ptr(c_key).to_str() {
-        Ok(key) => {
-            // TODO(sleffler): de-badge reply cap to get bundle_id
-            KATA_STORAGE.delete("fubar", key).into()
-        }
-        Err(_) => StorageManagerError::SmeKeyInvalid,
-    }
-}
-
-#[no_mangle]
-pub unsafe extern "C" fn storage_capscan() { let _ = Camkes::capscan(); }
--- a/apps/system/components/StorageManager/kata-storage-interface/Cargo.toml
+++ b/apps/system/components/StorageManager/kata-storage-interface/Cargo.toml
@ -1,22 +0,0 @@
-# Copyright 2022 Google LLC
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     https://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-[package]
-name = "kata-storage-interface"
-version = "0.1.0"
-edition = "2021"
-
-[dependencies]
-cstr_core = "0.2.3"
-postcard = { version = "0.7", features = ["alloc"], default-features = false }
--- a/apps/system/components/StorageManager/kata-storage-interface/Makefile
+++ b/apps/system/components/StorageManager/kata-storage-interface/Makefile
@ -1,18 +0,0 @@
-# Copyright 2022 Google LLC
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     https://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-INTERFACES=${OUT}/kata/components
-
-${INTERFACES}/StorageManagerBindings.h: src/lib.rs cbindgen.toml
-	cbindgen -c cbindgen.toml src/lib.rs -o $@
--- a/apps/system/components/StorageManager/kata-storage-interface/cbindgen.toml
+++ b/apps/system/components/StorageManager/kata-storage-interface/cbindgen.toml
@ -1,25 +0,0 @@
-# Copyright 2022 Google LLC
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     https://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-language = "C"
-include_guard = "__STORAGE_MANAGER_BINDINGS_H__"
-autogen_warning = "/* Warning, this file is autogenerated by cbindgen. Don't modify this manually.\n */"
-no_includes = true
-includes = ["CamkesBindings.h"]
-
-[export]
-include = [
-    "KeyValueData",
-    "StorageManagerError",
-]
--- a/apps/system/components/StorageManager/kata-storage-interface/src/lib.rs
+++ b/apps/system/components/StorageManager/kata-storage-interface/src/lib.rs
@ -1,158 +0,0 @@
-// Copyright 2022 Google LLC
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     https://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-//! Kata OS storage management support
-
-#![cfg_attr(not(test), no_std)]
-
-use core::str;
-use cstr_core::CString;
-
-// TODO(sleffler): temp constraint on value part of key-value pairs
-pub const KEY_VALUE_DATA_SIZE: usize = 100;
-pub type KeyValueData = [u8; KEY_VALUE_DATA_SIZE];
-
-// NB: struct's marked repr(C) are processed by cbindgen to get a .h file
-//   used in camkes C interfaces.
-
-#[derive(Debug, Eq, PartialEq)]
-pub enum StorageError {
-    BundleNotFound = 0,
-    KeyNotFound,
-    KeyInvalid,
-    ValueInvalid,
-    SerializeFailed,
-    UnknownSecurityError,
-    // Generic errors.
-    ReadFailed,
-    WriteFailed,
-    DeleteFailed,
-}
-
-impl From<postcard::Error> for StorageError {
-    fn from(_err: postcard::Error) -> StorageError { StorageError::SerializeFailed }
-}
-
-pub trait StorageManagerInterface {
-    fn read(&self, bundle_id: &str, key: &str) -> Result<KeyValueData, StorageError>;
-    fn write(&self, bundle_id: &str, key: &str, value: &[u8]) -> Result<(), StorageError>;
-    fn delete(&self, bundle_id: &str, key: &str) -> Result<(), StorageError>;
-}
-
-// Public version of StorageError presented over rpc interface.
-// This is needed because the enum is exported to C users and needs to
-// be unique from other enum's.
-// TODO(sleffler): switch to single generic error space ala absl::StatusCode
-#[repr(C)]
-#[derive(Debug, Eq, PartialEq)]
-pub enum StorageManagerError {
-    SmeSuccess = 0,
-    SmeBundleIdInvalid,
-    SmeBundleNotFound,
-    SmeKeyNotFound,
-    SmeValueInvalid,
-    SmeKeyInvalid,
-    // Generic errors.
-    SmeReadFailed,
-    SmeWriteFailed,
-    SmeDeleteFailed,
-    SmeUnknownError,
-}
-
-impl From<StorageError> for StorageManagerError {
-    fn from(err: StorageError) -> StorageManagerError {
-        match err {
-            StorageError::BundleNotFound => StorageManagerError::SmeBundleNotFound,
-            StorageError::KeyNotFound => StorageManagerError::SmeKeyNotFound,
-            StorageError::KeyInvalid => StorageManagerError::SmeKeyInvalid,
-            StorageError::ValueInvalid => StorageManagerError::SmeValueInvalid,
-            StorageError::ReadFailed => StorageManagerError::SmeReadFailed,
-            StorageError::WriteFailed => StorageManagerError::SmeWriteFailed,
-            StorageError::DeleteFailed => StorageManagerError::SmeDeleteFailed,
-            _ => StorageManagerError::SmeUnknownError,
-        }
-    }
-}
-
-impl From<Result<(), StorageError>> for StorageManagerError {
-    fn from(result: Result<(), StorageError>) -> StorageManagerError {
-        result.map_or_else(StorageManagerError::from, |_| StorageManagerError::SmeSuccess)
-    }
-}
-
-impl From<cstr_core::NulError> for StorageManagerError {
-    fn from(_err: cstr_core::NulError) -> StorageManagerError { StorageManagerError::SmeKeyInvalid }
-}
-
-impl From<StorageManagerError> for Result<(), StorageManagerError> {
-    fn from(err: StorageManagerError) -> Result<(), StorageManagerError> {
-        if err == StorageManagerError::SmeSuccess {
-            Ok(())
-        } else {
-            Err(err)
-        }
-    }
-}
-
-#[inline]
-#[allow(dead_code)]
-pub fn kata_storage_delete(key: &str) -> Result<(), StorageManagerError> {
-    // NB: this assumes the StorageManager component is named "storage".
-    extern "C" {
-        pub fn storage_delete(c_key: *const cstr_core::c_char) -> StorageManagerError;
-    }
-    let cstr = CString::new(key)?;
-    unsafe { storage_delete(cstr.as_ptr()) }.into()
-}
-
-#[inline]
-#[allow(dead_code)]
-pub fn kata_storage_read(key: &str) -> Result<KeyValueData, StorageManagerError> {
-    extern "C" {
-        fn storage_read(
-            c_key: *const cstr_core::c_char,
-            c_raw_value: *mut KeyValueData,
-        ) -> StorageManagerError;
-    }
-    let cstr = CString::new(key)?;
-    let value = &mut [0u8; KEY_VALUE_DATA_SIZE];
-    match unsafe { storage_read(cstr.as_ptr(), value as *mut _) } {
-        StorageManagerError::SmeSuccess => Ok(*value),
-        status => Err(status),
-    }
-}
-
-#[inline]
-#[allow(dead_code)]
-pub fn kata_storage_write(key: &str, value: &[u8]) -> Result<(), StorageManagerError> {
-    extern "C" {
-        fn storage_write(
-            c_key: *const cstr_core::c_char,
-            c_raw_value_len: usize,
-            c_raw_value: *const u8,
-        ) -> StorageManagerError;
-    }
-    let cstr = CString::new(key)?;
-    unsafe { storage_write(cstr.as_ptr(), value.len(), value.as_ptr()) }.into()
-}
-
-#[inline]
-#[allow(dead_code)]
-pub fn kata_storage_capscan() -> Result<(), StorageManagerError> {
-    extern "C" {
-        fn storage_capscan();
-    }
-    unsafe { storage_capscan() }
-    Ok(())
-}
--- a/apps/system/components/StorageManager/kata-storage-manager/Cargo.toml
+++ b/apps/system/components/StorageManager/kata-storage-manager/Cargo.toml
@ -1,23 +0,0 @@
-# Copyright 2022 Google LLC
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     https://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-[package]
-name = "kata-storage-manager"
-version = "0.1.0"
-edition = "2021"
-
-[dependencies]
-kata-security-interface = { path = "../../SecurityCoordinator/kata-security-interface" }
-kata-storage-interface = { path = "../kata-storage-interface" }
-log = { version = "0.4", features = ["release_max_level_info"] }
--- a/apps/system/components/StorageManager/kata-storage-manager/src/lib.rs
+++ b/apps/system/components/StorageManager/kata-storage-manager/src/lib.rs
@ -1,49 +0,0 @@
-// Copyright 2022 Google LLC
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     https://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-//! Kata OS storage management support
-
-#![cfg_attr(not(test), no_std)]
-
-use kata_security_interface::kata_security_delete_key;
-use kata_security_interface::kata_security_read_key;
-use kata_security_interface::kata_security_write_key;
-use kata_storage_interface::StorageError;
-use kata_storage_interface::StorageManagerInterface;
-use kata_storage_interface::{KeyValueData, KEY_VALUE_DATA_SIZE};
-use log::trace;
-
-#[cfg(not(test))]
-pub static mut KATA_STORAGE: KataStorageManager = KataStorageManager {};
-
-pub struct KataStorageManager;
-impl StorageManagerInterface for KataStorageManager {
-    fn read(&self, bundle_id: &str, key: &str) -> Result<KeyValueData, StorageError> {
-        trace!("read bundle_id:{} key:{}", bundle_id, key);
-
-        // NB: must copy into KeyValueData for now
-        let mut keyval = [0u8; KEY_VALUE_DATA_SIZE];
-        Ok(kata_security_read_key(bundle_id, key, &mut keyval).map(|_| keyval)?)
-    }
-    fn write(&self, bundle_id: &str, key: &str, value: &[u8]) -> Result<(), StorageError> {
-        trace!("write bundle_id:{} key:{} value:{:?}", bundle_id, key, value);
-
-        Ok(kata_security_write_key(bundle_id, key, value)?)
-    }
-    fn delete(&self, bundle_id: &str, key: &str) -> Result<(), StorageError> {
-        trace!("delete bundle_id:{} key:{}", bundle_id, key);
-
-        Ok(kata_security_delete_key(bundle_id, key)?)
-    }
-}
--- a/apps/system/interfaces/StorageInterface.camkes
+++ b/apps/system/interfaces/StorageInterface.camkes
@ -1,9 +0,0 @@
-procedure StorageInterface {
-  include <StorageManagerBindings.h>;
-
-  StorageManagerError read(in string key, out KeyValueData value);
-  StorageManagerError write(in string key, in char value[]);
-  StorageManagerError delete(in string key);
-
-  void capscan();
-};
--- a/apps/system/system.camkes
+++ b/apps/system/system.camkes
@ -20,7 +20,6 @@ import "components/DebugConsole/DebugConsole.camkes";
 import "components/ProcessManager/ProcessManager.camkes";
 import "components/MlCoordinator/MlCoordinator.camkes";
 import "components/MemoryManager/MemoryManager.camkes";
-import "components/StorageManager/StorageManager.camkes";
 import "components/SecurityCoordinator/SecurityCoordinator.camkes"; 
 import "components/TimerService/TimerService.camkes";
 import "components/MailboxDriver/MailboxDriver.camkes";
@ -81,7 +80,6 @@ assembly {
        component MlCoordinator ml_coordinator;
        component DebugConsole debug_console;
        component SecurityCoordinator security_coordinator;
-        component StorageManager storage_manager;
        component TimerService timer_service;

        component SDKRuntime sdk_runtime;
@ -142,8 +140,6 @@ assembly {
                                             to process_manager.proc_ctrl);
        connection seL4RPCCall shell_ml(from debug_console.mlcoord,
                                        to ml_coordinator.mlcoord);
-        connection seL4RPCCall shell_storage(from debug_console.storage,
-                                             to storage_manager.storage);

        // Hookup SDKRuntime to DebugConsole for shell commands.
        connection seL4RPCCall sdk_ping(from debug_console.sdk_runtime,
@ -172,7 +168,6 @@ assembly {
            from debug_console.security,   // NB: for debug/test
            from process_manager.security,
            from ml_coordinator.security,  // NB: for LoadModel
-            from storage_manager.security,
            to security_coordinator.security);

        // Connect the DebugConsole to the OpenTitanUARTDriver.
@ -193,7 +188,6 @@ assembly {
            from ml_coordinator.logger,
            from memory_manager.logger,
            from security_coordinator.logger,
-            from storage_manager.logger,
            from timer_service.logger,
            from mailbox_driver.logger,
            from sdk_runtime.logger,