Simplify the rpc mechanism and make it more robust. Instead of serializing
the request token at the front of the slice assigned to request arguments,
write the token to the label field of the MessageInfo. Likewise instead
of incorporating the status in the response data return that in the
label field. This noticeably simplifies the code and properly handles
the case where the receiver fails to map the page frame associated with
rpc (previously it kinda punted, now the caller get a proper status
result). While here extend the request/reswponse enum's to give each
error a distinct value.
Note that requsst/response tokens are passed as raw numbers under the
assumption sender + receiver are on the same machine so are using the
same byte order.
NB: this adds the num_enum crate to handle enum<>primitive conversions.
Change-Id: I536a23c7bddc43c686cc4335f22524debeeedf4f
GitOrigin-RevId: 8a9fa009dc65605b8d160330edcde02dcfa2172b
Rename the cate and functions to better identify things as
application-specific.
Change-Id: Ie4c888f6b0c0b66c2d4cfb6e0fb3b5b1e0b82c48
GitOrigin-RevId: 5ea9e1204023f717bbb63dcc0cf0579c1359e2da
Setup a connection to the SDKRuntime for each application. To do this
add an SDKManager interface to the SDKRuntime for the ProcessManager to
obtain a badged endpoint and install that in each application's CNode.
SDKRuntime now rejects requests received without a registered badge.
RPC's are handled entirely in Rust (no CAmkES). ProcessManager sets up
RPC resources and delivers them to an application through registers.
The application-side SDK runtime uses the resources to marshal RPC
parameters in a page that is attached to the IPC buffer sent to the
SDKRuntime. Reply parameters are written to the shared page and decoded
on return.
Overhaul the SDKRuntime api to be like SecurityCoordinator to consolidate
parameter marhsaling/unmarshaling and to simplify adding new methods.
Rust applications use the SDKRuntime interface directly. C application
will wrap a C interface around the Rust impl (TBD).
Specific changes:
- add SDKManagerInterface
- sel4bundle now plumbs a connection to the SDKRuntime, the CNode slot
with the capability is passed to the application to future-proof CNode
setup changes (an alternative is to use a global const since we control
the application-side runtime api's)
- add kata-sdk-manager crate with SDKManager client interface support;
the only api's are get_endpoint (to get a badged endpoint to SDKRuntime),
release_endpoint (to remove a badged endpoint), and capscan (to dump
the SDKRuntime's top-level CNode)
- add "capscan sdk" in the shell to inspect the SDKRuntime service
- make SDKRuntime require a registered badge on inbound IPCs
- fill-in ping & log SDK api's
- connect ProcessManager to SDKRuntime for SDKManager api use,
everything else happens outside CAmkES
- make SDKRuntime lock against concurrent requests--the SDKManager
runs concurrently and shares SDKRuntime state
- remove kata-shell test_sdk_* commands (replaced by test applications)
Change-Id: I7810949ad0051ff8eda244e0385f662882a556e4
GitOrigin-RevId: 5fef55428e076f670cff325965047c98d84cfbca
