From 13799ab77921920b5c7aefabf6d3a259e5058b48 Mon Sep 17 00:00:00 2001 From: Sam Leffler Date: Fri, 26 Aug 2022 16:57:48 -0700 Subject: [PATCH] Remove StorageManager. StorageManager (the component) did nothing useful so remove it and plumb the only user (DebugConsole) directly to the SecurityCoordinator. When the SDKRuntime is ready it likewise will talk directly to SecurityCoordinator. The only visible change in this is the "kvread" shell command displays the raw key value instead of converting it to a string. Change-Id: I5a285dc083e5f02ecbf0defc83deebb34a7b38d7 GitOrigin-RevId: 70d04d8155167f9bf3f88291363760d91c10a279 --- apps/system/CMakeLists.txt | 12 -- .../DebugConsole/DebugConsole.camkes | 3 - .../DebugConsole/kata-shell/Cargo.toml | 1 - .../DebugConsole/kata-shell/src/lib.rs | 23 +-- .../src/test_security_coordinator.rs | 63 ------- .../kata-security-component/Cargo.toml | 1 - .../kata-security-component/src/run.rs | 1 - .../kata-security-coordinator/Cargo.toml | 1 - .../src/fakeimpl/mod.rs | 1 - .../kata-security-coordinator/src/lib.rs | 2 +- .../kata-security-interface/Cargo.toml | 1 - .../kata-security-interface/src/lib.rs | 22 +-- .../components/StorageManager/Cargo.toml | 39 ----- .../StorageManager/StorageManager.camkes | 29 ---- .../kata-storage-component/Cargo.toml | 31 ---- .../kata-storage-component/src/run.rs | 89 ---------- .../kata-storage-interface/Cargo.toml | 22 --- .../kata-storage-interface/Makefile | 18 -- .../kata-storage-interface/cbindgen.toml | 25 --- .../kata-storage-interface/src/lib.rs | 158 ------------------ .../kata-storage-manager/Cargo.toml | 23 --- .../kata-storage-manager/src/lib.rs | 49 ------ .../system/interfaces/StorageInterface.camkes | 9 - apps/system/system.camkes | 6 - 24 files changed, 17 insertions(+), 612 deletions(-) delete mode 100644 apps/system/components/StorageManager/Cargo.toml delete mode 100644 apps/system/components/StorageManager/StorageManager.camkes delete mode 100644 apps/system/components/StorageManager/kata-storage-component/Cargo.toml delete mode 100644 apps/system/components/StorageManager/kata-storage-component/src/run.rs delete mode 100644 apps/system/components/StorageManager/kata-storage-interface/Cargo.toml delete mode 100644 apps/system/components/StorageManager/kata-storage-interface/Makefile delete mode 100644 apps/system/components/StorageManager/kata-storage-interface/cbindgen.toml delete mode 100644 apps/system/components/StorageManager/kata-storage-interface/src/lib.rs delete mode 100644 apps/system/components/StorageManager/kata-storage-manager/Cargo.toml delete mode 100644 apps/system/components/StorageManager/kata-storage-manager/src/lib.rs delete mode 100644 apps/system/interfaces/StorageInterface.camkes diff --git a/apps/system/CMakeLists.txt b/apps/system/CMakeLists.txt index a8f98fc..191fd11 100644 --- a/apps/system/CMakeLists.txt +++ b/apps/system/CMakeLists.txt @@ -97,18 +97,6 @@ DeclareCAmkESComponent(SecurityCoordinator $ENV{OUT}/kata/components ) -RustAddLibrary( - kata_storage_manager - SOURCE_DIR ${CMAKE_CURRENT_LIST_DIR}/components/StorageManager - LIB_FILENAME libkata_storage_manager.a -) - -DeclareCAmkESComponent(StorageManager - LIBS kata_storage_manager - INCLUDES interfaces - $ENV{OUT}/kata/components -) - RustAddLibrary( kata_timer_service SOURCE_DIR ${CMAKE_CURRENT_LIST_DIR}/components/TimerService diff --git a/apps/system/components/DebugConsole/DebugConsole.camkes b/apps/system/components/DebugConsole/DebugConsole.camkes index 72edbf0..4978eee 100644 --- a/apps/system/components/DebugConsole/DebugConsole.camkes +++ b/apps/system/components/DebugConsole/DebugConsole.camkes @@ -18,7 +18,6 @@ import ; import ; import ; import ; -import ; import ; import ; @@ -40,8 +39,6 @@ component DebugConsole { uses ProcessControlInterface proc_ctrl; // TODO(b/200707300): for debugging uses SecurityCoordinatorInterface security; - // TODO(b/200707300): for debugging - uses StorageInterface storage; uses SDKRuntimeInterface sdk_runtime; uses Timer timer; diff --git a/apps/system/components/DebugConsole/kata-shell/Cargo.toml b/apps/system/components/DebugConsole/kata-shell/Cargo.toml index 0d3077a..ff24e50 100644 --- a/apps/system/components/DebugConsole/kata-shell/Cargo.toml +++ b/apps/system/components/DebugConsole/kata-shell/Cargo.toml @@ -61,7 +61,6 @@ kata-ml-interface = { path = "../../MlCoordinator/kata-ml-interface" } kata-proc-interface = { path = "../../ProcessManager/kata-proc-interface" } kata-os-common = { path = "../../kata-os-common" } kata-security-interface = { path = "../../SecurityCoordinator/kata-security-interface" } -kata-storage-interface = { path = "../../StorageManager/kata-storage-interface" } kata-timer-interface = { path = "../../TimerService/kata-timer-interface" } kata-sdk-interface = { path = "../../SDKRuntime/kata-sdk-interface" } log = { version = "0.4", features = ["release_max_level_info"] } diff --git a/apps/system/components/DebugConsole/kata-shell/src/lib.rs b/apps/system/components/DebugConsole/kata-shell/src/lib.rs index 3712cd6..adbad73 100644 --- a/apps/system/components/DebugConsole/kata-shell/src/lib.rs +++ b/apps/system/components/DebugConsole/kata-shell/src/lib.rs @@ -32,9 +32,9 @@ use kata_proc_interface::kata_pkg_mgmt_uninstall; use kata_proc_interface::kata_proc_ctrl_get_running_bundles; use kata_proc_interface::kata_proc_ctrl_start; use kata_proc_interface::kata_proc_ctrl_stop; -use kata_storage_interface::kata_storage_delete; -use kata_storage_interface::kata_storage_read; -use kata_storage_interface::kata_storage_write; +use kata_security_interface::kata_security_delete_key; +use kata_security_interface::kata_security_read_key; +use kata_security_interface::kata_security_write_key; use sel4_sys::seL4_CNode_Delete; use sel4_sys::seL4_CPtr; @@ -295,9 +295,6 @@ fn capscan_command( Some("security") => { let _ = kata_security_interface::kata_security_capscan(); } - Some("storage") => { - let _ = kata_storage_interface::kata_storage_capscan(); - } Some("timer") => { let _ = kata_timer_interface::timer_service_capscan(); } @@ -486,8 +483,9 @@ fn kvdelete_command( output: &mut dyn io::Write, _builtin_cpio: &[u8], ) -> Result<(), CommandError> { + let bundle_id = args.next().ok_or(CommandError::BadArgs)?; let key = args.next().ok_or(CommandError::BadArgs)?; - match kata_storage_delete(key) { + match kata_security_delete_key(bundle_id, key) { Ok(_) => { writeln!(output, "Delete key \"{}\".", key)?; } @@ -504,10 +502,12 @@ fn kvread_command( output: &mut dyn io::Write, _builtin_cpio: &[u8], ) -> Result<(), CommandError> { + let bundle_id = args.next().ok_or(CommandError::BadArgs)?; let key = args.next().ok_or(CommandError::BadArgs)?; - match kata_storage_read(key) { - Ok(value) => { - writeln!(output, "Read key \"{}\" = {:?}.", key, value)?; + let mut keyval = [0u8; kata_security_interface::KEY_VALUE_DATA_SIZE]; + match kata_security_read_key(bundle_id, key, &mut keyval) { + Ok(_) => { + writeln!(output, "Read key \"{}\" = {:?}.", key, keyval)?; } Err(status) => { writeln!(output, "Read key \"{}\" failed: {:?}", key, status)?; @@ -522,9 +522,10 @@ fn kvwrite_command( output: &mut dyn io::Write, _builtin_cpio: &[u8], ) -> Result<(), CommandError> { + let bundle_id = args.next().ok_or(CommandError::BadArgs)?; let key = args.next().ok_or(CommandError::BadArgs)?; let value = args.collect::>().join(" "); - match kata_storage_write(key, value.as_bytes()) { + match kata_security_write_key(bundle_id, key, value.as_bytes()) { Ok(_) => { writeln!(output, "Write key \"{}\" = {:?}.", key, value)?; } diff --git a/apps/system/components/DebugConsole/kata-shell/src/test_security_coordinator.rs b/apps/system/components/DebugConsole/kata-shell/src/test_security_coordinator.rs index 27c9832..8813970 100644 --- a/apps/system/components/DebugConsole/kata-shell/src/test_security_coordinator.rs +++ b/apps/system/components/DebugConsole/kata-shell/src/test_security_coordinator.rs @@ -25,7 +25,6 @@ use kata_io as io; use kata_memory_interface::kata_object_free_in_cnode; use kata_os_common::cspace_slot::CSpaceSlot; use kata_security_interface::*; -use kata_storage_interface::KEY_VALUE_DATA_SIZE; pub fn add_cmds(cmds: &mut HashMap<&str, CmdFn>) { cmds.extend([ @@ -34,9 +33,6 @@ pub fn add_cmds(cmds: &mut HashMap<&str, CmdFn>) { ("get_manifest", get_manifest_command as CmdFn), ("load_application", load_application_command as CmdFn), ("load_model", load_model_command as CmdFn), - ("delete_key", delete_key_command as CmdFn), - ("read_key", read_key_command as CmdFn), - ("write_key", write_key_command as CmdFn), ("test_mailbox", test_mailbox_command as CmdFn), ]); } @@ -123,65 +119,6 @@ fn load_model_command( Ok(()) } -fn delete_key_command( - args: &mut dyn Iterator, - _input: &mut dyn io::BufRead, - output: &mut dyn io::Write, - _builtin_cpio: &[u8], -) -> Result<(), CommandError> { - let bundle_id = args.next().ok_or(CommandError::BadArgs)?; - let key = args.next().ok_or(CommandError::BadArgs)?; - match kata_security_delete_key(bundle_id, key) { - Ok(_) => { - writeln!(output, "Delete key \"{}\".", key)?; - } - Err(status) => { - writeln!(output, "Delete key \"{}\" failed: {:?}", key, status)?; - } - } - Ok(()) -} - -fn read_key_command( - args: &mut dyn Iterator, - _input: &mut dyn io::BufRead, - output: &mut dyn io::Write, - _builtin_cpio: &[u8], -) -> Result<(), CommandError> { - let bundle_id = args.next().ok_or(CommandError::BadArgs)?; - let key = args.next().ok_or(CommandError::BadArgs)?; - let mut keyval = [0u8; KEY_VALUE_DATA_SIZE]; - match kata_security_read_key(bundle_id, key, &mut keyval) { - Ok(_) => { - writeln!(output, "Read key \"{}\" = {:?}.", key, keyval)?; - } - Err(status) => { - writeln!(output, "Read key \"{}\" failed: {:?}", key, status)?; - } - } - Ok(()) -} - -fn write_key_command( - args: &mut dyn Iterator, - _input: &mut dyn io::BufRead, - output: &mut dyn io::Write, - _builtin_cpio: &[u8], -) -> Result<(), CommandError> { - let bundle_id = args.next().ok_or(CommandError::BadArgs)?; - let key = args.next().ok_or(CommandError::BadArgs)?; - let value = args.collect::>().join(" "); - match kata_security_write_key(bundle_id, key, value.as_bytes()) { - Ok(_) => { - writeln!(output, "Write key \"{}\" = {:?}.", key, value)?; - } - Err(status) => { - writeln!(output, "Write key \"{}\" failed: {:?}", key, status)?; - } - } - Ok(()) -} - fn test_mailbox_command( _args: &mut dyn Iterator, _input: &mut dyn io::BufRead, diff --git a/apps/system/components/SecurityCoordinator/kata-security-component/Cargo.toml b/apps/system/components/SecurityCoordinator/kata-security-component/Cargo.toml index c39a54f..964cf4b 100644 --- a/apps/system/components/SecurityCoordinator/kata-security-component/Cargo.toml +++ b/apps/system/components/SecurityCoordinator/kata-security-component/Cargo.toml @@ -21,7 +21,6 @@ edition = "2021" kata-os-common = { path = "../../kata-os-common" } kata-security-interface = { path = "../kata-security-interface" } kata-security-coordinator = { path = "../kata-security-coordinator" } -kata-storage-interface = { path = "../../StorageManager/kata-storage-interface" } log = { version = "0.4", features = ["release_max_level_info"] } postcard = { version = "0.7", features = ["alloc"], default-features = false } diff --git a/apps/system/components/SecurityCoordinator/kata-security-component/src/run.rs b/apps/system/components/SecurityCoordinator/kata-security-component/src/run.rs index 0bfa447..49e18b3 100644 --- a/apps/system/components/SecurityCoordinator/kata-security-component/src/run.rs +++ b/apps/system/components/SecurityCoordinator/kata-security-component/src/run.rs @@ -25,7 +25,6 @@ use kata_os_common::sel4_sys; use kata_os_common::slot_allocator::KATA_CSPACE_SLOTS; use kata_security_coordinator::KATA_SECURITY; use kata_security_interface::*; -use kata_storage_interface::KEY_VALUE_DATA_SIZE; use log::trace; use SecurityRequestError::*; diff --git a/apps/system/components/SecurityCoordinator/kata-security-coordinator/Cargo.toml b/apps/system/components/SecurityCoordinator/kata-security-coordinator/Cargo.toml index 3e4d0bb..0c8e507 100644 --- a/apps/system/components/SecurityCoordinator/kata-security-coordinator/Cargo.toml +++ b/apps/system/components/SecurityCoordinator/kata-security-coordinator/Cargo.toml @@ -27,6 +27,5 @@ hashbrown = { version = "0.11", features = ["ahash-compile-time-rng"] } kata-memory-interface = { path = "../../MemoryManager/kata-memory-interface" } kata-os-common = { path = "../../kata-os-common" } kata-security-interface = { path = "../kata-security-interface" } -kata-storage-interface = { path = "../../StorageManager/kata-storage-interface" } log = { version = "0.4", features = ["release_max_level_info"] } postcard = { version = "0.7", features = ["alloc"], default-features = false } diff --git a/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/fakeimpl/mod.rs b/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/fakeimpl/mod.rs index 2686e18..4499bd8 100644 --- a/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/fakeimpl/mod.rs +++ b/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/fakeimpl/mod.rs @@ -29,7 +29,6 @@ use kata_os_common::copyregion::CopyRegion; use kata_os_common::cspace_slot::CSpaceSlot; use kata_os_common::sel4_sys; use kata_security_interface::*; -use kata_storage_interface::KeyValueData; use log::trace; use sel4_sys::seL4_Error; diff --git a/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/lib.rs b/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/lib.rs index 262a67f..ce2dc87 100644 --- a/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/lib.rs +++ b/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/lib.rs @@ -24,7 +24,7 @@ use alloc::string::String; use kata_memory_interface::ObjDescBundle; use kata_security_interface::SecurityCoordinatorInterface; use kata_security_interface::SecurityRequestError; -use kata_storage_interface::KeyValueData; +use kata_security_interface::KeyValueData; #[cfg(all(feature = "fake", feature = "sel4"))] compile_error!("features \"fake\" and \"sel4\" are mutually exclusive"); diff --git a/apps/system/components/SecurityCoordinator/kata-security-interface/Cargo.toml b/apps/system/components/SecurityCoordinator/kata-security-interface/Cargo.toml index 8ba2275..00cc767 100644 --- a/apps/system/components/SecurityCoordinator/kata-security-interface/Cargo.toml +++ b/apps/system/components/SecurityCoordinator/kata-security-interface/Cargo.toml @@ -20,7 +20,6 @@ edition = "2021" [dependencies] kata-memory-interface = { path = "../../MemoryManager/kata-memory-interface" } kata-os-common = { path = "../../kata-os-common" } -kata-storage-interface = { path = "../../StorageManager/kata-storage-interface" } log = { version = "0.4", features = ["release_max_level_info"] } postcard = { version = "0.7", features = ["alloc"], default-features = false } serde = { version = "1.0", default-features = false, features = ["alloc", "derive"] } diff --git a/apps/system/components/SecurityCoordinator/kata-security-interface/src/lib.rs b/apps/system/components/SecurityCoordinator/kata-security-interface/src/lib.rs index a2d1aaa..ae620a6 100644 --- a/apps/system/components/SecurityCoordinator/kata-security-interface/src/lib.rs +++ b/apps/system/components/SecurityCoordinator/kata-security-interface/src/lib.rs @@ -23,8 +23,6 @@ use kata_memory_interface::ObjDescBundle; use kata_os_common::camkes::Camkes; use kata_os_common::cspace_slot::CSpaceSlot; use kata_os_common::sel4_sys; -use kata_storage_interface::KeyValueData; -use kata_storage_interface::StorageError; use log::trace; use serde::{Deserialize, Serialize}; @@ -45,6 +43,10 @@ const SECURITY_REQUEST_DATA_SIZE: usize = 2048; pub const SECURITY_REPLY_DATA_SIZE: usize = 2048; pub type SecurityReplyData = [u8; SECURITY_REPLY_DATA_SIZE]; +// TODO(sleffler): temp constraint on value part of key-value pairs +pub const KEY_VALUE_DATA_SIZE: usize = 100; +pub type KeyValueData = [u8; KEY_VALUE_DATA_SIZE]; + // NB: struct's marked repr(C) are processed by cbindgen to get a .h file // used in camkes C interfaces. @@ -224,22 +226,6 @@ pub enum SecurityRequestError { SreTestFailed, } -impl From for StorageError { - fn from(err: SecurityRequestError) -> StorageError { - match err { - SecurityRequestError::SreBundleNotFound => StorageError::BundleNotFound, - SecurityRequestError::SreKeyNotFound => StorageError::KeyNotFound, - SecurityRequestError::SreValueInvalid => StorageError::ValueInvalid, - SecurityRequestError::SreKeyInvalid => StorageError::KeyInvalid, - SecurityRequestError::SreSerializeFailed => StorageError::SerializeFailed, - SecurityRequestError::SreReadFailed => StorageError::ReadFailed, - SecurityRequestError::SreWriteFailed => StorageError::WriteFailed, - SecurityRequestError::SreDeleteFailed => StorageError::DeleteFailed, - _ => StorageError::UnknownSecurityError, // NB: cannot happen - } - } -} - #[repr(C)] #[derive(Clone, Copy, Debug, Eq, PartialEq)] pub enum SecurityRequest { diff --git a/apps/system/components/StorageManager/Cargo.toml b/apps/system/components/StorageManager/Cargo.toml deleted file mode 100644 index 5f429ae..0000000 --- a/apps/system/components/StorageManager/Cargo.toml +++ /dev/null @@ -1,39 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -[workspace] - -members = [ - "kata-storage-component", - "kata-storage-interface", - "kata-storage-manager", -] -resolver = "2" - -[profile.dev] -opt-level = 0 -debug = true -# TODO(b/223253186): workaround gdb DIE errors -lto = false -codegen-units = 1 - -[profile.release] -opt-level = "z" -lto = "fat" -codegen-units = 1 -split-debuginfo = "unpacked" - -[profile.release.build-override] -opt-level = "z" -codegen-units = 1 diff --git a/apps/system/components/StorageManager/StorageManager.camkes b/apps/system/components/StorageManager/StorageManager.camkes deleted file mode 100644 index ab203e4..0000000 --- a/apps/system/components/StorageManager/StorageManager.camkes +++ /dev/null @@ -1,29 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Kata OS StorageManager services. - -import ; -import ; -import ; - -component StorageManager { - provides StorageInterface storage; - - maybe uses LoggerInterface logger; - uses SecurityCoordinatorInterface security; - - // Enable KataOS CAmkES support. - attribute int kataos = true; -} diff --git a/apps/system/components/StorageManager/kata-storage-component/Cargo.toml b/apps/system/components/StorageManager/kata-storage-component/Cargo.toml deleted file mode 100644 index 5074737..0000000 --- a/apps/system/components/StorageManager/kata-storage-component/Cargo.toml +++ /dev/null @@ -1,31 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -[package] -name = "kata-storage-component" -version = "0.1.0" -edition = "2021" - -[dependencies] -cstr_core = { version = "0.2.3", default-features = false } -kata-os-common = { path = "../../kata-os-common" } -kata-storage-interface = { path = "../kata-storage-interface" } -kata-storage-manager = { path = "../kata-storage-manager" } -log = { version = "0.4", features = ["release_max_level_info"] } -postcard = { version = "0.7", features = ["alloc"], default-features = false } - -[lib] -name = "kata_storage_manager" -path = "src/run.rs" -crate-type = ["staticlib"] diff --git a/apps/system/components/StorageManager/kata-storage-component/src/run.rs b/apps/system/components/StorageManager/kata-storage-component/src/run.rs deleted file mode 100644 index 4ec8bd6..0000000 --- a/apps/system/components/StorageManager/kata-storage-component/src/run.rs +++ /dev/null @@ -1,89 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -//! Kata OS StorageManager component support. - -// Code here binds the camkes component to the rust code. -#![no_std] -#![allow(clippy::missing_safety_doc)] - -extern crate alloc; -use core::slice; -use cstr_core::CStr; -use kata_os_common::camkes::Camkes; -use kata_storage_interface::KeyValueData; -use kata_storage_interface::StorageManagerError; -use kata_storage_interface::StorageManagerInterface; -use kata_storage_manager::KATA_STORAGE; - -static mut CAMKES: Camkes = Camkes::new("StorageManager"); - -#[no_mangle] -pub unsafe extern "C" fn pre_init() { - static mut HEAP_MEMORY: [u8; 8 * 1024] = [0; 8 * 1024]; - CAMKES.pre_init(log::LevelFilter::Trace, &mut HEAP_MEMORY); -} - -// StorageInterface glue stubs. -#[no_mangle] -pub unsafe extern "C" fn storage_read( - c_key: *const cstr_core::c_char, - c_raw_value: *mut KeyValueData, -) -> StorageManagerError { - match CStr::from_ptr(c_key).to_str() { - Ok(key) => { - // TODO(sleffler): de-badge reply cap to get bundle_id - match KATA_STORAGE.read("fubar", key) { - Ok(value) => { - // NB: no serialization, returns raw data - (*c_raw_value).copy_from_slice(&value); - StorageManagerError::SmeSuccess - } - Err(e) => StorageManagerError::from(e), - } - } - Err(_) => StorageManagerError::SmeKeyInvalid, - } -} - -#[no_mangle] -pub unsafe extern "C" fn storage_write( - c_key: *const cstr_core::c_char, - c_raw_value_len: usize, - c_raw_value: *const u8, -) -> StorageManagerError { - match CStr::from_ptr(c_key).to_str() { - Ok(key) => { - // TODO(sleffler): de-badge reply cap to get bundle_id - KATA_STORAGE - .write("fubar", key, slice::from_raw_parts(c_raw_value, c_raw_value_len)) - .into() - } - Err(_) => StorageManagerError::SmeKeyInvalid, - } -} - -#[no_mangle] -pub unsafe extern "C" fn storage_delete(c_key: *const cstr_core::c_char) -> StorageManagerError { - match CStr::from_ptr(c_key).to_str() { - Ok(key) => { - // TODO(sleffler): de-badge reply cap to get bundle_id - KATA_STORAGE.delete("fubar", key).into() - } - Err(_) => StorageManagerError::SmeKeyInvalid, - } -} - -#[no_mangle] -pub unsafe extern "C" fn storage_capscan() { let _ = Camkes::capscan(); } diff --git a/apps/system/components/StorageManager/kata-storage-interface/Cargo.toml b/apps/system/components/StorageManager/kata-storage-interface/Cargo.toml deleted file mode 100644 index 7b6e882..0000000 --- a/apps/system/components/StorageManager/kata-storage-interface/Cargo.toml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -[package] -name = "kata-storage-interface" -version = "0.1.0" -edition = "2021" - -[dependencies] -cstr_core = "0.2.3" -postcard = { version = "0.7", features = ["alloc"], default-features = false } diff --git a/apps/system/components/StorageManager/kata-storage-interface/Makefile b/apps/system/components/StorageManager/kata-storage-interface/Makefile deleted file mode 100644 index 544851b..0000000 --- a/apps/system/components/StorageManager/kata-storage-interface/Makefile +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -INTERFACES=${OUT}/kata/components - -${INTERFACES}/StorageManagerBindings.h: src/lib.rs cbindgen.toml - cbindgen -c cbindgen.toml src/lib.rs -o $@ diff --git a/apps/system/components/StorageManager/kata-storage-interface/cbindgen.toml b/apps/system/components/StorageManager/kata-storage-interface/cbindgen.toml deleted file mode 100644 index 9c4d469..0000000 --- a/apps/system/components/StorageManager/kata-storage-interface/cbindgen.toml +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -language = "C" -include_guard = "__STORAGE_MANAGER_BINDINGS_H__" -autogen_warning = "/* Warning, this file is autogenerated by cbindgen. Don't modify this manually.\n */" -no_includes = true -includes = ["CamkesBindings.h"] - -[export] -include = [ - "KeyValueData", - "StorageManagerError", -] diff --git a/apps/system/components/StorageManager/kata-storage-interface/src/lib.rs b/apps/system/components/StorageManager/kata-storage-interface/src/lib.rs deleted file mode 100644 index 1ffb478..0000000 --- a/apps/system/components/StorageManager/kata-storage-interface/src/lib.rs +++ /dev/null @@ -1,158 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -//! Kata OS storage management support - -#![cfg_attr(not(test), no_std)] - -use core::str; -use cstr_core::CString; - -// TODO(sleffler): temp constraint on value part of key-value pairs -pub const KEY_VALUE_DATA_SIZE: usize = 100; -pub type KeyValueData = [u8; KEY_VALUE_DATA_SIZE]; - -// NB: struct's marked repr(C) are processed by cbindgen to get a .h file -// used in camkes C interfaces. - -#[derive(Debug, Eq, PartialEq)] -pub enum StorageError { - BundleNotFound = 0, - KeyNotFound, - KeyInvalid, - ValueInvalid, - SerializeFailed, - UnknownSecurityError, - // Generic errors. - ReadFailed, - WriteFailed, - DeleteFailed, -} - -impl From for StorageError { - fn from(_err: postcard::Error) -> StorageError { StorageError::SerializeFailed } -} - -pub trait StorageManagerInterface { - fn read(&self, bundle_id: &str, key: &str) -> Result; - fn write(&self, bundle_id: &str, key: &str, value: &[u8]) -> Result<(), StorageError>; - fn delete(&self, bundle_id: &str, key: &str) -> Result<(), StorageError>; -} - -// Public version of StorageError presented over rpc interface. -// This is needed because the enum is exported to C users and needs to -// be unique from other enum's. -// TODO(sleffler): switch to single generic error space ala absl::StatusCode -#[repr(C)] -#[derive(Debug, Eq, PartialEq)] -pub enum StorageManagerError { - SmeSuccess = 0, - SmeBundleIdInvalid, - SmeBundleNotFound, - SmeKeyNotFound, - SmeValueInvalid, - SmeKeyInvalid, - // Generic errors. - SmeReadFailed, - SmeWriteFailed, - SmeDeleteFailed, - SmeUnknownError, -} - -impl From for StorageManagerError { - fn from(err: StorageError) -> StorageManagerError { - match err { - StorageError::BundleNotFound => StorageManagerError::SmeBundleNotFound, - StorageError::KeyNotFound => StorageManagerError::SmeKeyNotFound, - StorageError::KeyInvalid => StorageManagerError::SmeKeyInvalid, - StorageError::ValueInvalid => StorageManagerError::SmeValueInvalid, - StorageError::ReadFailed => StorageManagerError::SmeReadFailed, - StorageError::WriteFailed => StorageManagerError::SmeWriteFailed, - StorageError::DeleteFailed => StorageManagerError::SmeDeleteFailed, - _ => StorageManagerError::SmeUnknownError, - } - } -} - -impl From> for StorageManagerError { - fn from(result: Result<(), StorageError>) -> StorageManagerError { - result.map_or_else(StorageManagerError::from, |_| StorageManagerError::SmeSuccess) - } -} - -impl From for StorageManagerError { - fn from(_err: cstr_core::NulError) -> StorageManagerError { StorageManagerError::SmeKeyInvalid } -} - -impl From for Result<(), StorageManagerError> { - fn from(err: StorageManagerError) -> Result<(), StorageManagerError> { - if err == StorageManagerError::SmeSuccess { - Ok(()) - } else { - Err(err) - } - } -} - -#[inline] -#[allow(dead_code)] -pub fn kata_storage_delete(key: &str) -> Result<(), StorageManagerError> { - // NB: this assumes the StorageManager component is named "storage". - extern "C" { - pub fn storage_delete(c_key: *const cstr_core::c_char) -> StorageManagerError; - } - let cstr = CString::new(key)?; - unsafe { storage_delete(cstr.as_ptr()) }.into() -} - -#[inline] -#[allow(dead_code)] -pub fn kata_storage_read(key: &str) -> Result { - extern "C" { - fn storage_read( - c_key: *const cstr_core::c_char, - c_raw_value: *mut KeyValueData, - ) -> StorageManagerError; - } - let cstr = CString::new(key)?; - let value = &mut [0u8; KEY_VALUE_DATA_SIZE]; - match unsafe { storage_read(cstr.as_ptr(), value as *mut _) } { - StorageManagerError::SmeSuccess => Ok(*value), - status => Err(status), - } -} - -#[inline] -#[allow(dead_code)] -pub fn kata_storage_write(key: &str, value: &[u8]) -> Result<(), StorageManagerError> { - extern "C" { - fn storage_write( - c_key: *const cstr_core::c_char, - c_raw_value_len: usize, - c_raw_value: *const u8, - ) -> StorageManagerError; - } - let cstr = CString::new(key)?; - unsafe { storage_write(cstr.as_ptr(), value.len(), value.as_ptr()) }.into() -} - -#[inline] -#[allow(dead_code)] -pub fn kata_storage_capscan() -> Result<(), StorageManagerError> { - extern "C" { - fn storage_capscan(); - } - unsafe { storage_capscan() } - Ok(()) -} diff --git a/apps/system/components/StorageManager/kata-storage-manager/Cargo.toml b/apps/system/components/StorageManager/kata-storage-manager/Cargo.toml deleted file mode 100644 index 961bcb2..0000000 --- a/apps/system/components/StorageManager/kata-storage-manager/Cargo.toml +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -[package] -name = "kata-storage-manager" -version = "0.1.0" -edition = "2021" - -[dependencies] -kata-security-interface = { path = "../../SecurityCoordinator/kata-security-interface" } -kata-storage-interface = { path = "../kata-storage-interface" } -log = { version = "0.4", features = ["release_max_level_info"] } diff --git a/apps/system/components/StorageManager/kata-storage-manager/src/lib.rs b/apps/system/components/StorageManager/kata-storage-manager/src/lib.rs deleted file mode 100644 index 5a75362..0000000 --- a/apps/system/components/StorageManager/kata-storage-manager/src/lib.rs +++ /dev/null @@ -1,49 +0,0 @@ -// Copyright 2022 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -//! Kata OS storage management support - -#![cfg_attr(not(test), no_std)] - -use kata_security_interface::kata_security_delete_key; -use kata_security_interface::kata_security_read_key; -use kata_security_interface::kata_security_write_key; -use kata_storage_interface::StorageError; -use kata_storage_interface::StorageManagerInterface; -use kata_storage_interface::{KeyValueData, KEY_VALUE_DATA_SIZE}; -use log::trace; - -#[cfg(not(test))] -pub static mut KATA_STORAGE: KataStorageManager = KataStorageManager {}; - -pub struct KataStorageManager; -impl StorageManagerInterface for KataStorageManager { - fn read(&self, bundle_id: &str, key: &str) -> Result { - trace!("read bundle_id:{} key:{}", bundle_id, key); - - // NB: must copy into KeyValueData for now - let mut keyval = [0u8; KEY_VALUE_DATA_SIZE]; - Ok(kata_security_read_key(bundle_id, key, &mut keyval).map(|_| keyval)?) - } - fn write(&self, bundle_id: &str, key: &str, value: &[u8]) -> Result<(), StorageError> { - trace!("write bundle_id:{} key:{} value:{:?}", bundle_id, key, value); - - Ok(kata_security_write_key(bundle_id, key, value)?) - } - fn delete(&self, bundle_id: &str, key: &str) -> Result<(), StorageError> { - trace!("delete bundle_id:{} key:{}", bundle_id, key); - - Ok(kata_security_delete_key(bundle_id, key)?) - } -} diff --git a/apps/system/interfaces/StorageInterface.camkes b/apps/system/interfaces/StorageInterface.camkes deleted file mode 100644 index a378081..0000000 --- a/apps/system/interfaces/StorageInterface.camkes +++ /dev/null @@ -1,9 +0,0 @@ -procedure StorageInterface { - include ; - - StorageManagerError read(in string key, out KeyValueData value); - StorageManagerError write(in string key, in char value[]); - StorageManagerError delete(in string key); - - void capscan(); -}; diff --git a/apps/system/system.camkes b/apps/system/system.camkes index 58bda50..6b17281 100644 --- a/apps/system/system.camkes +++ b/apps/system/system.camkes @@ -20,7 +20,6 @@ import "components/DebugConsole/DebugConsole.camkes"; import "components/ProcessManager/ProcessManager.camkes"; import "components/MlCoordinator/MlCoordinator.camkes"; import "components/MemoryManager/MemoryManager.camkes"; -import "components/StorageManager/StorageManager.camkes"; import "components/SecurityCoordinator/SecurityCoordinator.camkes"; import "components/TimerService/TimerService.camkes"; import "components/MailboxDriver/MailboxDriver.camkes"; @@ -81,7 +80,6 @@ assembly { component MlCoordinator ml_coordinator; component DebugConsole debug_console; component SecurityCoordinator security_coordinator; - component StorageManager storage_manager; component TimerService timer_service; component SDKRuntime sdk_runtime; @@ -142,8 +140,6 @@ assembly { to process_manager.proc_ctrl); connection seL4RPCCall shell_ml(from debug_console.mlcoord, to ml_coordinator.mlcoord); - connection seL4RPCCall shell_storage(from debug_console.storage, - to storage_manager.storage); // Hookup SDKRuntime to DebugConsole for shell commands. connection seL4RPCCall sdk_ping(from debug_console.sdk_runtime, @@ -172,7 +168,6 @@ assembly { from debug_console.security, // NB: for debug/test from process_manager.security, from ml_coordinator.security, // NB: for LoadModel - from storage_manager.security, to security_coordinator.security); // Connect the DebugConsole to the OpenTitanUARTDriver. @@ -193,7 +188,6 @@ assembly { from ml_coordinator.logger, from memory_manager.logger, from security_coordinator.logger, - from storage_manager.logger, from timer_service.logger, from mailbox_driver.logger, from sdk_runtime.logger,