diff --git a/apps/system/CMakeLists.txt b/apps/system/CMakeLists.txt index a8f98fc..191fd11 100644 --- a/apps/system/CMakeLists.txt +++ b/apps/system/CMakeLists.txt @@ -97,18 +97,6 @@ DeclareCAmkESComponent(SecurityCoordinator $ENV{OUT}/kata/components ) -RustAddLibrary( - kata_storage_manager - SOURCE_DIR ${CMAKE_CURRENT_LIST_DIR}/components/StorageManager - LIB_FILENAME libkata_storage_manager.a -) - -DeclareCAmkESComponent(StorageManager - LIBS kata_storage_manager - INCLUDES interfaces - $ENV{OUT}/kata/components -) - RustAddLibrary( kata_timer_service SOURCE_DIR ${CMAKE_CURRENT_LIST_DIR}/components/TimerService diff --git a/apps/system/components/DebugConsole/DebugConsole.camkes b/apps/system/components/DebugConsole/DebugConsole.camkes index 72edbf0..4978eee 100644 --- a/apps/system/components/DebugConsole/DebugConsole.camkes +++ b/apps/system/components/DebugConsole/DebugConsole.camkes @@ -18,7 +18,6 @@ import ; import ; import ; import ; -import ; import ; import ; @@ -40,8 +39,6 @@ component DebugConsole { uses ProcessControlInterface proc_ctrl; // TODO(b/200707300): for debugging uses SecurityCoordinatorInterface security; - // TODO(b/200707300): for debugging - uses StorageInterface storage; uses SDKRuntimeInterface sdk_runtime; uses Timer timer; diff --git a/apps/system/components/DebugConsole/kata-shell/Cargo.toml b/apps/system/components/DebugConsole/kata-shell/Cargo.toml index 0d3077a..ff24e50 100644 --- a/apps/system/components/DebugConsole/kata-shell/Cargo.toml +++ b/apps/system/components/DebugConsole/kata-shell/Cargo.toml @@ -61,7 +61,6 @@ kata-ml-interface = { path = "../../MlCoordinator/kata-ml-interface" } kata-proc-interface = { path = "../../ProcessManager/kata-proc-interface" } kata-os-common = { path = "../../kata-os-common" } kata-security-interface = { path = "../../SecurityCoordinator/kata-security-interface" } -kata-storage-interface = { path = "../../StorageManager/kata-storage-interface" } kata-timer-interface = { path = "../../TimerService/kata-timer-interface" } kata-sdk-interface = { path = "../../SDKRuntime/kata-sdk-interface" } log = { version = "0.4", features = ["release_max_level_info"] } diff --git a/apps/system/components/DebugConsole/kata-shell/src/lib.rs b/apps/system/components/DebugConsole/kata-shell/src/lib.rs index 3712cd6..adbad73 100644 --- a/apps/system/components/DebugConsole/kata-shell/src/lib.rs +++ b/apps/system/components/DebugConsole/kata-shell/src/lib.rs @@ -32,9 +32,9 @@ use kata_proc_interface::kata_pkg_mgmt_uninstall; use kata_proc_interface::kata_proc_ctrl_get_running_bundles; use kata_proc_interface::kata_proc_ctrl_start; use kata_proc_interface::kata_proc_ctrl_stop; -use kata_storage_interface::kata_storage_delete; -use kata_storage_interface::kata_storage_read; -use kata_storage_interface::kata_storage_write; +use kata_security_interface::kata_security_delete_key; +use kata_security_interface::kata_security_read_key; +use kata_security_interface::kata_security_write_key; use sel4_sys::seL4_CNode_Delete; use sel4_sys::seL4_CPtr; @@ -295,9 +295,6 @@ fn capscan_command( Some("security") => { let _ = kata_security_interface::kata_security_capscan(); } - Some("storage") => { - let _ = kata_storage_interface::kata_storage_capscan(); - } Some("timer") => { let _ = kata_timer_interface::timer_service_capscan(); } @@ -486,8 +483,9 @@ fn kvdelete_command( output: &mut dyn io::Write, _builtin_cpio: &[u8], ) -> Result<(), CommandError> { + let bundle_id = args.next().ok_or(CommandError::BadArgs)?; let key = args.next().ok_or(CommandError::BadArgs)?; - match kata_storage_delete(key) { + match kata_security_delete_key(bundle_id, key) { Ok(_) => { writeln!(output, "Delete key \"{}\".", key)?; } @@ -504,10 +502,12 @@ fn kvread_command( output: &mut dyn io::Write, _builtin_cpio: &[u8], ) -> Result<(), CommandError> { + let bundle_id = args.next().ok_or(CommandError::BadArgs)?; let key = args.next().ok_or(CommandError::BadArgs)?; - match kata_storage_read(key) { - Ok(value) => { - writeln!(output, "Read key \"{}\" = {:?}.", key, value)?; + let mut keyval = [0u8; kata_security_interface::KEY_VALUE_DATA_SIZE]; + match kata_security_read_key(bundle_id, key, &mut keyval) { + Ok(_) => { + writeln!(output, "Read key \"{}\" = {:?}.", key, keyval)?; } Err(status) => { writeln!(output, "Read key \"{}\" failed: {:?}", key, status)?; @@ -522,9 +522,10 @@ fn kvwrite_command( output: &mut dyn io::Write, _builtin_cpio: &[u8], ) -> Result<(), CommandError> { + let bundle_id = args.next().ok_or(CommandError::BadArgs)?; let key = args.next().ok_or(CommandError::BadArgs)?; let value = args.collect::>().join(" "); - match kata_storage_write(key, value.as_bytes()) { + match kata_security_write_key(bundle_id, key, value.as_bytes()) { Ok(_) => { writeln!(output, "Write key \"{}\" = {:?}.", key, value)?; } diff --git a/apps/system/components/DebugConsole/kata-shell/src/test_security_coordinator.rs b/apps/system/components/DebugConsole/kata-shell/src/test_security_coordinator.rs index 27c9832..8813970 100644 --- a/apps/system/components/DebugConsole/kata-shell/src/test_security_coordinator.rs +++ b/apps/system/components/DebugConsole/kata-shell/src/test_security_coordinator.rs @@ -25,7 +25,6 @@ use kata_io as io; use kata_memory_interface::kata_object_free_in_cnode; use kata_os_common::cspace_slot::CSpaceSlot; use kata_security_interface::*; -use kata_storage_interface::KEY_VALUE_DATA_SIZE; pub fn add_cmds(cmds: &mut HashMap<&str, CmdFn>) { cmds.extend([ @@ -34,9 +33,6 @@ pub fn add_cmds(cmds: &mut HashMap<&str, CmdFn>) { ("get_manifest", get_manifest_command as CmdFn), ("load_application", load_application_command as CmdFn), ("load_model", load_model_command as CmdFn), - ("delete_key", delete_key_command as CmdFn), - ("read_key", read_key_command as CmdFn), - ("write_key", write_key_command as CmdFn), ("test_mailbox", test_mailbox_command as CmdFn), ]); } @@ -123,65 +119,6 @@ fn load_model_command( Ok(()) } -fn delete_key_command( - args: &mut dyn Iterator, - _input: &mut dyn io::BufRead, - output: &mut dyn io::Write, - _builtin_cpio: &[u8], -) -> Result<(), CommandError> { - let bundle_id = args.next().ok_or(CommandError::BadArgs)?; - let key = args.next().ok_or(CommandError::BadArgs)?; - match kata_security_delete_key(bundle_id, key) { - Ok(_) => { - writeln!(output, "Delete key \"{}\".", key)?; - } - Err(status) => { - writeln!(output, "Delete key \"{}\" failed: {:?}", key, status)?; - } - } - Ok(()) -} - -fn read_key_command( - args: &mut dyn Iterator, - _input: &mut dyn io::BufRead, - output: &mut dyn io::Write, - _builtin_cpio: &[u8], -) -> Result<(), CommandError> { - let bundle_id = args.next().ok_or(CommandError::BadArgs)?; - let key = args.next().ok_or(CommandError::BadArgs)?; - let mut keyval = [0u8; KEY_VALUE_DATA_SIZE]; - match kata_security_read_key(bundle_id, key, &mut keyval) { - Ok(_) => { - writeln!(output, "Read key \"{}\" = {:?}.", key, keyval)?; - } - Err(status) => { - writeln!(output, "Read key \"{}\" failed: {:?}", key, status)?; - } - } - Ok(()) -} - -fn write_key_command( - args: &mut dyn Iterator, - _input: &mut dyn io::BufRead, - output: &mut dyn io::Write, - _builtin_cpio: &[u8], -) -> Result<(), CommandError> { - let bundle_id = args.next().ok_or(CommandError::BadArgs)?; - let key = args.next().ok_or(CommandError::BadArgs)?; - let value = args.collect::>().join(" "); - match kata_security_write_key(bundle_id, key, value.as_bytes()) { - Ok(_) => { - writeln!(output, "Write key \"{}\" = {:?}.", key, value)?; - } - Err(status) => { - writeln!(output, "Write key \"{}\" failed: {:?}", key, status)?; - } - } - Ok(()) -} - fn test_mailbox_command( _args: &mut dyn Iterator, _input: &mut dyn io::BufRead, diff --git a/apps/system/components/SecurityCoordinator/kata-security-component/Cargo.toml b/apps/system/components/SecurityCoordinator/kata-security-component/Cargo.toml index c39a54f..964cf4b 100644 --- a/apps/system/components/SecurityCoordinator/kata-security-component/Cargo.toml +++ b/apps/system/components/SecurityCoordinator/kata-security-component/Cargo.toml @@ -21,7 +21,6 @@ edition = "2021" kata-os-common = { path = "../../kata-os-common" } kata-security-interface = { path = "../kata-security-interface" } kata-security-coordinator = { path = "../kata-security-coordinator" } -kata-storage-interface = { path = "../../StorageManager/kata-storage-interface" } log = { version = "0.4", features = ["release_max_level_info"] } postcard = { version = "0.7", features = ["alloc"], default-features = false } diff --git a/apps/system/components/SecurityCoordinator/kata-security-component/src/run.rs b/apps/system/components/SecurityCoordinator/kata-security-component/src/run.rs index 0bfa447..49e18b3 100644 --- a/apps/system/components/SecurityCoordinator/kata-security-component/src/run.rs +++ b/apps/system/components/SecurityCoordinator/kata-security-component/src/run.rs @@ -25,7 +25,6 @@ use kata_os_common::sel4_sys; use kata_os_common::slot_allocator::KATA_CSPACE_SLOTS; use kata_security_coordinator::KATA_SECURITY; use kata_security_interface::*; -use kata_storage_interface::KEY_VALUE_DATA_SIZE; use log::trace; use SecurityRequestError::*; diff --git a/apps/system/components/SecurityCoordinator/kata-security-coordinator/Cargo.toml b/apps/system/components/SecurityCoordinator/kata-security-coordinator/Cargo.toml index 3e4d0bb..0c8e507 100644 --- a/apps/system/components/SecurityCoordinator/kata-security-coordinator/Cargo.toml +++ b/apps/system/components/SecurityCoordinator/kata-security-coordinator/Cargo.toml @@ -27,6 +27,5 @@ hashbrown = { version = "0.11", features = ["ahash-compile-time-rng"] } kata-memory-interface = { path = "../../MemoryManager/kata-memory-interface" } kata-os-common = { path = "../../kata-os-common" } kata-security-interface = { path = "../kata-security-interface" } -kata-storage-interface = { path = "../../StorageManager/kata-storage-interface" } log = { version = "0.4", features = ["release_max_level_info"] } postcard = { version = "0.7", features = ["alloc"], default-features = false } diff --git a/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/fakeimpl/mod.rs b/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/fakeimpl/mod.rs index 2686e18..4499bd8 100644 --- a/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/fakeimpl/mod.rs +++ b/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/fakeimpl/mod.rs @@ -29,7 +29,6 @@ use kata_os_common::copyregion::CopyRegion; use kata_os_common::cspace_slot::CSpaceSlot; use kata_os_common::sel4_sys; use kata_security_interface::*; -use kata_storage_interface::KeyValueData; use log::trace; use sel4_sys::seL4_Error; diff --git a/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/lib.rs b/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/lib.rs index 262a67f..ce2dc87 100644 --- a/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/lib.rs +++ b/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/lib.rs @@ -24,7 +24,7 @@ use alloc::string::String; use kata_memory_interface::ObjDescBundle; use kata_security_interface::SecurityCoordinatorInterface; use kata_security_interface::SecurityRequestError; -use kata_storage_interface::KeyValueData; +use kata_security_interface::KeyValueData; #[cfg(all(feature = "fake", feature = "sel4"))] compile_error!("features \"fake\" and \"sel4\" are mutually exclusive"); diff --git a/apps/system/components/SecurityCoordinator/kata-security-interface/Cargo.toml b/apps/system/components/SecurityCoordinator/kata-security-interface/Cargo.toml index 8ba2275..00cc767 100644 --- a/apps/system/components/SecurityCoordinator/kata-security-interface/Cargo.toml +++ b/apps/system/components/SecurityCoordinator/kata-security-interface/Cargo.toml @@ -20,7 +20,6 @@ edition = "2021" [dependencies] kata-memory-interface = { path = "../../MemoryManager/kata-memory-interface" } kata-os-common = { path = "../../kata-os-common" } -kata-storage-interface = { path = "../../StorageManager/kata-storage-interface" } log = { version = "0.4", features = ["release_max_level_info"] } postcard = { version = "0.7", features = ["alloc"], default-features = false } serde = { version = "1.0", default-features = false, features = ["alloc", "derive"] } diff --git a/apps/system/components/SecurityCoordinator/kata-security-interface/src/lib.rs b/apps/system/components/SecurityCoordinator/kata-security-interface/src/lib.rs index a2d1aaa..ae620a6 100644 --- a/apps/system/components/SecurityCoordinator/kata-security-interface/src/lib.rs +++ b/apps/system/components/SecurityCoordinator/kata-security-interface/src/lib.rs @@ -23,8 +23,6 @@ use kata_memory_interface::ObjDescBundle; use kata_os_common::camkes::Camkes; use kata_os_common::cspace_slot::CSpaceSlot; use kata_os_common::sel4_sys; -use kata_storage_interface::KeyValueData; -use kata_storage_interface::StorageError; use log::trace; use serde::{Deserialize, Serialize}; @@ -45,6 +43,10 @@ const SECURITY_REQUEST_DATA_SIZE: usize = 2048; pub const SECURITY_REPLY_DATA_SIZE: usize = 2048; pub type SecurityReplyData = [u8; SECURITY_REPLY_DATA_SIZE]; +// TODO(sleffler): temp constraint on value part of key-value pairs +pub const KEY_VALUE_DATA_SIZE: usize = 100; +pub type KeyValueData = [u8; KEY_VALUE_DATA_SIZE]; + // NB: struct's marked repr(C) are processed by cbindgen to get a .h file // used in camkes C interfaces. @@ -224,22 +226,6 @@ pub enum SecurityRequestError { SreTestFailed, } -impl From for StorageError { - fn from(err: SecurityRequestError) -> StorageError { - match err { - SecurityRequestError::SreBundleNotFound => StorageError::BundleNotFound, - SecurityRequestError::SreKeyNotFound => StorageError::KeyNotFound, - SecurityRequestError::SreValueInvalid => StorageError::ValueInvalid, - SecurityRequestError::SreKeyInvalid => StorageError::KeyInvalid, - SecurityRequestError::SreSerializeFailed => StorageError::SerializeFailed, - SecurityRequestError::SreReadFailed => StorageError::ReadFailed, - SecurityRequestError::SreWriteFailed => StorageError::WriteFailed, - SecurityRequestError::SreDeleteFailed => StorageError::DeleteFailed, - _ => StorageError::UnknownSecurityError, // NB: cannot happen - } - } -} - #[repr(C)] #[derive(Clone, Copy, Debug, Eq, PartialEq)] pub enum SecurityRequest { diff --git a/apps/system/components/StorageManager/Cargo.toml b/apps/system/components/StorageManager/Cargo.toml deleted file mode 100644 index 5f429ae..0000000 --- a/apps/system/components/StorageManager/Cargo.toml +++ /dev/null @@ -1,39 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -[workspace] - -members = [ - "kata-storage-component", - "kata-storage-interface", - "kata-storage-manager", -] -resolver = "2" - -[profile.dev] -opt-level = 0 -debug = true -# TODO(b/223253186): workaround gdb DIE errors -lto = false -codegen-units = 1 - -[profile.release] -opt-level = "z" -lto = "fat" -codegen-units = 1 -split-debuginfo = "unpacked" - -[profile.release.build-override] -opt-level = "z" -codegen-units = 1 diff --git a/apps/system/components/StorageManager/StorageManager.camkes b/apps/system/components/StorageManager/StorageManager.camkes deleted file mode 100644 index ab203e4..0000000 --- a/apps/system/components/StorageManager/StorageManager.camkes +++ /dev/null @@ -1,29 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Kata OS StorageManager services. - -import ; -import ; -import ; - -component StorageManager { - provides StorageInterface storage; - - maybe uses LoggerInterface logger; - uses SecurityCoordinatorInterface security; - - // Enable KataOS CAmkES support. - attribute int kataos = true; -} diff --git a/apps/system/components/StorageManager/kata-storage-component/Cargo.toml b/apps/system/components/StorageManager/kata-storage-component/Cargo.toml deleted file mode 100644 index 5074737..0000000 --- a/apps/system/components/StorageManager/kata-storage-component/Cargo.toml +++ /dev/null @@ -1,31 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -[package] -name = "kata-storage-component" -version = "0.1.0" -edition = "2021" - -[dependencies] -cstr_core = { version = "0.2.3", default-features = false } -kata-os-common = { path = "../../kata-os-common" } -kata-storage-interface = { path = "../kata-storage-interface" } -kata-storage-manager = { path = "../kata-storage-manager" } -log = { version = "0.4", features = ["release_max_level_info"] } -postcard = { version = "0.7", features = ["alloc"], default-features = false } - -[lib] -name = "kata_storage_manager" -path = "src/run.rs" -crate-type = ["staticlib"] diff --git a/apps/system/components/StorageManager/kata-storage-component/src/run.rs b/apps/system/components/StorageManager/kata-storage-component/src/run.rs deleted file mode 100644 index 4ec8bd6..0000000 --- a/apps/system/components/StorageManager/kata-storage-component/src/run.rs +++ /dev/null @@ -1,89 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -//! Kata OS StorageManager component support. - -// Code here binds the camkes component to the rust code. -#![no_std] -#![allow(clippy::missing_safety_doc)] - -extern crate alloc; -use core::slice; -use cstr_core::CStr; -use kata_os_common::camkes::Camkes; -use kata_storage_interface::KeyValueData; -use kata_storage_interface::StorageManagerError; -use kata_storage_interface::StorageManagerInterface; -use kata_storage_manager::KATA_STORAGE; - -static mut CAMKES: Camkes = Camkes::new("StorageManager"); - -#[no_mangle] -pub unsafe extern "C" fn pre_init() { - static mut HEAP_MEMORY: [u8; 8 * 1024] = [0; 8 * 1024]; - CAMKES.pre_init(log::LevelFilter::Trace, &mut HEAP_MEMORY); -} - -// StorageInterface glue stubs. -#[no_mangle] -pub unsafe extern "C" fn storage_read( - c_key: *const cstr_core::c_char, - c_raw_value: *mut KeyValueData, -) -> StorageManagerError { - match CStr::from_ptr(c_key).to_str() { - Ok(key) => { - // TODO(sleffler): de-badge reply cap to get bundle_id - match KATA_STORAGE.read("fubar", key) { - Ok(value) => { - // NB: no serialization, returns raw data - (*c_raw_value).copy_from_slice(&value); - StorageManagerError::SmeSuccess - } - Err(e) => StorageManagerError::from(e), - } - } - Err(_) => StorageManagerError::SmeKeyInvalid, - } -} - -#[no_mangle] -pub unsafe extern "C" fn storage_write( - c_key: *const cstr_core::c_char, - c_raw_value_len: usize, - c_raw_value: *const u8, -) -> StorageManagerError { - match CStr::from_ptr(c_key).to_str() { - Ok(key) => { - // TODO(sleffler): de-badge reply cap to get bundle_id - KATA_STORAGE - .write("fubar", key, slice::from_raw_parts(c_raw_value, c_raw_value_len)) - .into() - } - Err(_) => StorageManagerError::SmeKeyInvalid, - } -} - -#[no_mangle] -pub unsafe extern "C" fn storage_delete(c_key: *const cstr_core::c_char) -> StorageManagerError { - match CStr::from_ptr(c_key).to_str() { - Ok(key) => { - // TODO(sleffler): de-badge reply cap to get bundle_id - KATA_STORAGE.delete("fubar", key).into() - } - Err(_) => StorageManagerError::SmeKeyInvalid, - } -} - -#[no_mangle] -pub unsafe extern "C" fn storage_capscan() { let _ = Camkes::capscan(); } diff --git a/apps/system/components/StorageManager/kata-storage-interface/Cargo.toml b/apps/system/components/StorageManager/kata-storage-interface/Cargo.toml deleted file mode 100644 index 7b6e882..0000000 --- a/apps/system/components/StorageManager/kata-storage-interface/Cargo.toml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -[package] -name = "kata-storage-interface" -version = "0.1.0" -edition = "2021" - -[dependencies] -cstr_core = "0.2.3" -postcard = { version = "0.7", features = ["alloc"], default-features = false } diff --git a/apps/system/components/StorageManager/kata-storage-interface/Makefile b/apps/system/components/StorageManager/kata-storage-interface/Makefile deleted file mode 100644 index 544851b..0000000 --- a/apps/system/components/StorageManager/kata-storage-interface/Makefile +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -INTERFACES=${OUT}/kata/components - -${INTERFACES}/StorageManagerBindings.h: src/lib.rs cbindgen.toml - cbindgen -c cbindgen.toml src/lib.rs -o $@ diff --git a/apps/system/components/StorageManager/kata-storage-interface/cbindgen.toml b/apps/system/components/StorageManager/kata-storage-interface/cbindgen.toml deleted file mode 100644 index 9c4d469..0000000 --- a/apps/system/components/StorageManager/kata-storage-interface/cbindgen.toml +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -language = "C" -include_guard = "__STORAGE_MANAGER_BINDINGS_H__" -autogen_warning = "/* Warning, this file is autogenerated by cbindgen. Don't modify this manually.\n */" -no_includes = true -includes = ["CamkesBindings.h"] - -[export] -include = [ - "KeyValueData", - "StorageManagerError", -] diff --git a/apps/system/components/StorageManager/kata-storage-interface/src/lib.rs b/apps/system/components/StorageManager/kata-storage-interface/src/lib.rs deleted file mode 100644 index 1ffb478..0000000 --- a/apps/system/components/StorageManager/kata-storage-interface/src/lib.rs +++ /dev/null @@ -1,158 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -//! Kata OS storage management support - -#![cfg_attr(not(test), no_std)] - -use core::str; -use cstr_core::CString; - -// TODO(sleffler): temp constraint on value part of key-value pairs -pub const KEY_VALUE_DATA_SIZE: usize = 100; -pub type KeyValueData = [u8; KEY_VALUE_DATA_SIZE]; - -// NB: struct's marked repr(C) are processed by cbindgen to get a .h file -// used in camkes C interfaces. - -#[derive(Debug, Eq, PartialEq)] -pub enum StorageError { - BundleNotFound = 0, - KeyNotFound, - KeyInvalid, - ValueInvalid, - SerializeFailed, - UnknownSecurityError, - // Generic errors. - ReadFailed, - WriteFailed, - DeleteFailed, -} - -impl From for StorageError { - fn from(_err: postcard::Error) -> StorageError { StorageError::SerializeFailed } -} - -pub trait StorageManagerInterface { - fn read(&self, bundle_id: &str, key: &str) -> Result; - fn write(&self, bundle_id: &str, key: &str, value: &[u8]) -> Result<(), StorageError>; - fn delete(&self, bundle_id: &str, key: &str) -> Result<(), StorageError>; -} - -// Public version of StorageError presented over rpc interface. -// This is needed because the enum is exported to C users and needs to -// be unique from other enum's. -// TODO(sleffler): switch to single generic error space ala absl::StatusCode -#[repr(C)] -#[derive(Debug, Eq, PartialEq)] -pub enum StorageManagerError { - SmeSuccess = 0, - SmeBundleIdInvalid, - SmeBundleNotFound, - SmeKeyNotFound, - SmeValueInvalid, - SmeKeyInvalid, - // Generic errors. - SmeReadFailed, - SmeWriteFailed, - SmeDeleteFailed, - SmeUnknownError, -} - -impl From for StorageManagerError { - fn from(err: StorageError) -> StorageManagerError { - match err { - StorageError::BundleNotFound => StorageManagerError::SmeBundleNotFound, - StorageError::KeyNotFound => StorageManagerError::SmeKeyNotFound, - StorageError::KeyInvalid => StorageManagerError::SmeKeyInvalid, - StorageError::ValueInvalid => StorageManagerError::SmeValueInvalid, - StorageError::ReadFailed => StorageManagerError::SmeReadFailed, - StorageError::WriteFailed => StorageManagerError::SmeWriteFailed, - StorageError::DeleteFailed => StorageManagerError::SmeDeleteFailed, - _ => StorageManagerError::SmeUnknownError, - } - } -} - -impl From> for StorageManagerError { - fn from(result: Result<(), StorageError>) -> StorageManagerError { - result.map_or_else(StorageManagerError::from, |_| StorageManagerError::SmeSuccess) - } -} - -impl From for StorageManagerError { - fn from(_err: cstr_core::NulError) -> StorageManagerError { StorageManagerError::SmeKeyInvalid } -} - -impl From for Result<(), StorageManagerError> { - fn from(err: StorageManagerError) -> Result<(), StorageManagerError> { - if err == StorageManagerError::SmeSuccess { - Ok(()) - } else { - Err(err) - } - } -} - -#[inline] -#[allow(dead_code)] -pub fn kata_storage_delete(key: &str) -> Result<(), StorageManagerError> { - // NB: this assumes the StorageManager component is named "storage". - extern "C" { - pub fn storage_delete(c_key: *const cstr_core::c_char) -> StorageManagerError; - } - let cstr = CString::new(key)?; - unsafe { storage_delete(cstr.as_ptr()) }.into() -} - -#[inline] -#[allow(dead_code)] -pub fn kata_storage_read(key: &str) -> Result { - extern "C" { - fn storage_read( - c_key: *const cstr_core::c_char, - c_raw_value: *mut KeyValueData, - ) -> StorageManagerError; - } - let cstr = CString::new(key)?; - let value = &mut [0u8; KEY_VALUE_DATA_SIZE]; - match unsafe { storage_read(cstr.as_ptr(), value as *mut _) } { - StorageManagerError::SmeSuccess => Ok(*value), - status => Err(status), - } -} - -#[inline] -#[allow(dead_code)] -pub fn kata_storage_write(key: &str, value: &[u8]) -> Result<(), StorageManagerError> { - extern "C" { - fn storage_write( - c_key: *const cstr_core::c_char, - c_raw_value_len: usize, - c_raw_value: *const u8, - ) -> StorageManagerError; - } - let cstr = CString::new(key)?; - unsafe { storage_write(cstr.as_ptr(), value.len(), value.as_ptr()) }.into() -} - -#[inline] -#[allow(dead_code)] -pub fn kata_storage_capscan() -> Result<(), StorageManagerError> { - extern "C" { - fn storage_capscan(); - } - unsafe { storage_capscan() } - Ok(()) -} diff --git a/apps/system/components/StorageManager/kata-storage-manager/Cargo.toml b/apps/system/components/StorageManager/kata-storage-manager/Cargo.toml deleted file mode 100644 index 961bcb2..0000000 --- a/apps/system/components/StorageManager/kata-storage-manager/Cargo.toml +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -[package] -name = "kata-storage-manager" -version = "0.1.0" -edition = "2021" - -[dependencies] -kata-security-interface = { path = "../../SecurityCoordinator/kata-security-interface" } -kata-storage-interface = { path = "../kata-storage-interface" } -log = { version = "0.4", features = ["release_max_level_info"] } diff --git a/apps/system/components/StorageManager/kata-storage-manager/src/lib.rs b/apps/system/components/StorageManager/kata-storage-manager/src/lib.rs deleted file mode 100644 index 5a75362..0000000 --- a/apps/system/components/StorageManager/kata-storage-manager/src/lib.rs +++ /dev/null @@ -1,49 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -//! Kata OS storage management support - -#![cfg_attr(not(test), no_std)] - -use kata_security_interface::kata_security_delete_key; -use kata_security_interface::kata_security_read_key; -use kata_security_interface::kata_security_write_key; -use kata_storage_interface::StorageError; -use kata_storage_interface::StorageManagerInterface; -use kata_storage_interface::{KeyValueData, KEY_VALUE_DATA_SIZE}; -use log::trace; - -#[cfg(not(test))] -pub static mut KATA_STORAGE: KataStorageManager = KataStorageManager {}; - -pub struct KataStorageManager; -impl StorageManagerInterface for KataStorageManager { - fn read(&self, bundle_id: &str, key: &str) -> Result { - trace!("read bundle_id:{} key:{}", bundle_id, key); - - // NB: must copy into KeyValueData for now - let mut keyval = [0u8; KEY_VALUE_DATA_SIZE]; - Ok(kata_security_read_key(bundle_id, key, &mut keyval).map(|_| keyval)?) - } - fn write(&self, bundle_id: &str, key: &str, value: &[u8]) -> Result<(), StorageError> { - trace!("write bundle_id:{} key:{} value:{:?}", bundle_id, key, value); - - Ok(kata_security_write_key(bundle_id, key, value)?) - } - fn delete(&self, bundle_id: &str, key: &str) -> Result<(), StorageError> { - trace!("delete bundle_id:{} key:{}", bundle_id, key); - - Ok(kata_security_delete_key(bundle_id, key)?) - } -} diff --git a/apps/system/interfaces/StorageInterface.camkes b/apps/system/interfaces/StorageInterface.camkes deleted file mode 100644 index a378081..0000000 --- a/apps/system/interfaces/StorageInterface.camkes +++ /dev/null @@ -1,9 +0,0 @@ -procedure StorageInterface { - include ; - - StorageManagerError read(in string key, out KeyValueData value); - StorageManagerError write(in string key, in char value[]); - StorageManagerError delete(in string key); - - void capscan(); -}; diff --git a/apps/system/system.camkes b/apps/system/system.camkes index 58bda50..6b17281 100644 --- a/apps/system/system.camkes +++ b/apps/system/system.camkes @@ -20,7 +20,6 @@ import "components/DebugConsole/DebugConsole.camkes"; import "components/ProcessManager/ProcessManager.camkes"; import "components/MlCoordinator/MlCoordinator.camkes"; import "components/MemoryManager/MemoryManager.camkes"; -import "components/StorageManager/StorageManager.camkes"; import "components/SecurityCoordinator/SecurityCoordinator.camkes"; import "components/TimerService/TimerService.camkes"; import "components/MailboxDriver/MailboxDriver.camkes"; @@ -81,7 +80,6 @@ assembly { component MlCoordinator ml_coordinator; component DebugConsole debug_console; component SecurityCoordinator security_coordinator; - component StorageManager storage_manager; component TimerService timer_service; component SDKRuntime sdk_runtime; @@ -142,8 +140,6 @@ assembly { to process_manager.proc_ctrl); connection seL4RPCCall shell_ml(from debug_console.mlcoord, to ml_coordinator.mlcoord); - connection seL4RPCCall shell_storage(from debug_console.storage, - to storage_manager.storage); // Hookup SDKRuntime to DebugConsole for shell commands. connection seL4RPCCall sdk_ping(from debug_console.sdk_runtime, @@ -172,7 +168,6 @@ assembly { from debug_console.security, // NB: for debug/test from process_manager.security, from ml_coordinator.security, // NB: for LoadModel - from storage_manager.security, to security_coordinator.security); // Connect the DebugConsole to the OpenTitanUARTDriver. @@ -193,7 +188,6 @@ assembly { from ml_coordinator.logger, from memory_manager.logger, from security_coordinator.logger, - from storage_manager.logger, from timer_service.logger, from mailbox_driver.logger, from sdk_runtime.logger,