- assert kata_security_install is really sending a CNode
- have kata_security_request clear any unexpected capability associated
with the ipcbuffer; this mostly guards against a received badge being
treated as a cap if the ipcbuffer is turned around from recv to send
Change-Id: I8ac6634809aa11f0f249a7be296b43807d56dff8
GitOrigin-RevId: 21930c5f7a5e809460348da0d0b617004e77e065
StorageManager (the component) did nothing useful so remove it and plumb
the only user (DebugConsole) directly to the SecurityCoordinator. When
the SDKRuntime is ready it likewise will talk directly to
SecurityCoordinator. The only visible change in this is the "kvread" shell
command displays the raw key value instead of converting it to a string.
Change-Id: I5a285dc083e5f02ecbf0defc83deebb34a7b38d7
GitOrigin-RevId: 70d04d8155167f9bf3f88291363760d91c10a279
This includes adding it to TOML files and CAmkES assembly files.
Change-Id: I263e7a566df91fccc04f9b2186edab13331290c5
GitOrigin-RevId: 48a35b06ca868a0a4d379f881068cc4dad491669
* changes:
kata: LSC: rustfmt with global rustfmt.toml
kata: update global rustfmt flags
kata: Promote rustfmt.toml to all kata crates
GitOrigin-RevId: 452e66fa7231f39cff81dc2fbe37ad1a1fc62fb9
Add support to output the contents of the top-level CNode of a CAmkES
service or KataOS application to the serial console. This is dependent
on kernel support that is enabled with CONFIG_PRINTING. Applications
must be running; otherwise there is no CSpace to dump.
Specific changes:
- add a "capscan" shell command
- add capscan method to each CAmkES interface
- add capscan_bundle method to the ProcessControlInterface
- add Camkes::capscan() to dump the top-level CNode
- add ProcessManager support to dump the CNode for a bundle
TODO: fix syscall wrapper error return
Change-Id: If6ca222decdb4c40a1d3a63e69792eb3feb30f6a
GitOrigin-RevId: 504c0182ccccf287b5d58cd8e33981c11d7539d7
Add Camkes::set_request_cap to attach an seL4 capability to an outbound
ipc message. The return value is an RAII wrapper that cleans up state
and must be held until after the CAmkES rpc call completes
Change-Id: I0672c59e0b5e43e39c9ea3fb16809270a33f51ef
GitOrigin-RevId: 56be13a2c05fcc1b4a1aa5c8e0eab47bcd0f2345
In particular this exports the CAP_RELEASE flag so there is a single
source for it's definition and KataOS-specific support in the CAmkES
templates is enabled only for KataOS components.
Specific changes:
- adds cbindgen-generated CamkesBindings.h
- adds include of CamkesBindings.h in component cbindgen files
- add a dep on cbindgen.toml in all Makefiles
- update generated interface files
Change-Id: Ib6239d3ac0036b7a04bb36afccf25a05737b0e56
GitOrigin-RevId: af10117fa253f0c7c67969a5852ced9d992c6274
- fix size_buffer & get_manifest requests to marshal responses
- fix size_buffer marshaling (was always returning zero)
- format fakeimpl manifest string
- add shell test commands that exercise the api's (including the
key api's that were only reachable via the StorageManager)
Change-Id: Ia36906d975fb497e6de81e81fdaf2ff04c7a1e9a
GitOrigin-RevId: cad976c55c99724c2b7c5186b2864f7c44edef13
Having CSpaceSlot be a submodule of kata-slot-allocator caused an sel-4sys
dependency that broke unit tests. Split it out to it's own crate.
Change-Id: Iea531e36284b58e932eb0cbd84f90abc81823fe3
GitOrigin-RevId: 39abb4510f66cfe026b12fcacf78b429ddd8f0b5
- hide marshalling details in kata_security_* wrappers
- replace the placeholder opaque memory representation in rpc's with
MemoryManager integration
- uses proper struct's for all Request/Response msgs (except for Echo):
this mostly eases the way for switching away from postcard + CAmkES
to comething like flatbuffers
- extend SecurityRequest structs with SecurityCapability traits to
support passing capabilities (specifically CNode's holding dynamically
allocated objects)
- new error codes: SreDeleteFirst, SreCapAllocFailed, SreCapMoveFailed,
and SreObjCapInvalid
- shuffle integration with StorageManager to resolve a dependency loop
- redo SecurityCoordinatorInterface to enable server-side changes (in
a separate cl)
- add headroom to the component CNode for the fake impl to hold package
contents
Change-Id: Ief6931d451023b511dbe1bdc3ffba4bf18070962
GitOrigin-RevId: 066f6cfa72f47fb8b4f8edc861dd9e3759ec6054
- add Makefile's to re-generate CAmkES interface defs
- move cbindgen.toml files into the interface crate(s)
Note: still need to integrate running make with the build
Change-Id: I16b3e3b831b66ad1c976402e38df6be4a126d923
GitOrigin-RevId: 78b8b9024e4acb89590410a439f121fcb1fdc996
This fixes a build break that happened without any intervening commit in
our repo. How that could happen is not yet pinpointed, and there has
been no increment in the minor version number of postcard for 2 months.
It appears that postcard was somehow triggering serde to use std, which
is a default feature for serde.
Change-Id: I7ed989976aa1bf75cb440c4070565452571d7306
GitOrigin-RevId: f35b7677e995e5e8245c583ca2c355a04306aea2
- low serialize of request parameters into kata_security_request
- add InstallRequest that passes the package buffer as an opaque ptr
- add EchoRequest for SecurityRequestEcho
- purge (now) unused SecurityRequestData type alias and hide
SECURITY_REQUEST_DATA_SIZE (only used in crate)
- use &str instead of String in serialize requests (from mattharvey@)
- add SreSerializeFailed
Change-Id: Iac1930c0b2fead0f96b87da5d116280865031be2
GitOrigin-RevId: 37df6cd1969b3be2628e2e34f3de8fd129fdbc1b
