ehmry/genode
ehmry
/
genode
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
genode/repos/dde_rump/run/rump_cgd_ext2.run

137 lines
2.8 KiB
Plaintext
Raw Normal View History

dde_rump: block encryption server using cgd(4) The 'rump_cgd' server provides block level encryption for a block session by employing the 'cgd(4)' device provided by the rumpkernel. 'rump_cgd' uses a Block_session to get access to an existing block device and provides another Block_session to its clients. Each block written or read by the client is transperently encrypted or decrypted by the server. For now 'rump_cgd' may only _configure_ a 'cgd' device but is unable to generate a configuration. The used cipher is hardcoded to _aes-cbc_ with a keysize of 256 bit. Furthermore the server is able to serve one client only. To ease the usage, its interface is modelled after the interface of 'cgdconfig(8)'. As implications thereof the key must have the same format as used by 'cgdconfig'. That means the key is a base 64 encoded string in which the first 4 bytes denote the actual length of the key in bits (these 4 bytes are stored in big endian order). Preparing a raw (e.g. without partition table) encrypted Ext2 disk image is done by executing 'tool/rump': ! dd if=/dev/urandom of=/path/to/disk_image ! rump -c /path/to/disk_image # key is printed to stdout ! rump -c -k <key> -F ext2fs /path/to/disk_image To use this disk image the following config snippet can be used: ! <start name="rump_cgd"> ! <resource name="RAM" quantum="8M" /> ! <provides><service name="Block"/></provides> ! <config action="configure"> ! <params> ! <method>key</method>} ! <key>AAABAJhpB2Y2UvVjkFdlP4m44449Pi3A/uW211mkanSulJo8</key> ! </params> ! </config> ! <route> ! <service name="Block"> <child name="ahci"/> </service> ! <any-service> <parent/> <any-child/> </any-service> ! </route> ! </start> the Block service provided by rump_cgd may be used by a file system server in return: ! <start name="rump_fs"> ! <resource name="RAM" quantum="16M"/> ! <provides><service name="File_system"/></provides> ! <config fs="ext2fs"> ! <policy label="" root="/" writeable="yes"/> ! </config> ! <route> ! <service name="Block"> <child name="rump_cgd"/> </service> ! <any-service> <parent/> <any-child/> </any-service> ! </route> ! </start> Since 'tool/rump' just utilizes the rumpkernel running on the host system to do its duty there is a script called 'tool/cgdconf' that extracts the key from a 'cgdconfig(8)' generated configuration file and also is able to generade such a file from a given key. Thereby the interoperabilty between 'rump_cgd' and the general rumpkernel based tools is secured.
2014-04-16 15:06:27 +02:00
#
# Check used commands
#
set dd [check_installed dd]
#
# Build
#
set build_components {
core init
drivers/timer
server/ram_blk
server/rump_cgd
server/rump_fs
test/libc_vfs
}
build $build_components
#
# Prepare image
#
set disk_image "cgd.raw"
puts "preparing bin/$disk_image..."
if {![file exists $disk_image]} {
catch { exec $dd if=/dev/zero of=bin/$disk_image bs=1M count=16 }
}
set cgd_key [exec [genode_dir]/tool/rump -c bin/$disk_image]
if {[catch { exec [genode_dir]/tool/rump -c -d "/dev/rcgd0a" -f -F ext2fs -k "$cgd_key" bin/$disk_image }]} {
puts stderr "could not format crypto device."
exit 1
}
create_boot_directory
#
# Generate config
#
append config {
<config>
<parent-provides>
<service name="ROM"/>
<service name="RAM"/>
<service name="IRQ"/>
<service name="IO_MEM"/>
<service name="IO_PORT"/>
<service name="CAP"/>
<service name="PD"/>
<service name="RM"/>
<service name="CPU"/>
<service name="LOG"/>
<service name="SIGNAL" />
</parent-provides>
<default-route>
<any-service> <parent/> <any-child/> </any-service>
</default-route>
<start name="timer">
<resource name="RAM" quantum="1M"/>
<provides><service name="Timer"/></provides>
</start>
<start name="ram_blk">
<resource name="RAM" quantum="20M"/>
<provides><service name="Block"/></provides>}
append config "
<config file=\"$disk_image\" block_size=\"512\"/>"
append config {
</start>
<start name="rump_cgd">
<resource name="RAM" quantum="8M" />
<provides><service name="Block"/></provides>
<config action="configure">
<params>
<method>key</method>}
append config "
<key>$cgd_key</key>"
append config {
</params>
</config>
<route>
<service name="Block"> <child name="ram_blk"/> </service>
<any-service> <parent/> <any-child/> </any-service>
</route>
</start>
<start name="rump_fs">
<resource name="RAM" quantum="16M"/>
<provides><service name="File_system"/></provides>
<config fs="ext2fs">
<policy label="" root="/" writeable="yes"/>
</config>
<route>
<service name="Block"> <child name="rump_cgd"/> </service>
<any-service> <parent/> <any-child/> </any-service>
</route>
</start>
<start name="test-libc_vfs">
<resource name="RAM" quantum="2M"/>
<config>
<libc stdout="/dev/log">
<vfs>
<dir name="dev"> <log/> </dir>
<fs/>
</vfs>
</libc>
</config>
</start>
</config>}
install_config $config
#
# Boot modules
#
# generic modules
set boot_modules {
core init timer ram_blk rump_cgd rump_fs test-libc_vfs
ld.lib.so libc.lib.so
rump.lib.so rump_cgd.lib.so rump_fs.lib.so
}
append boot_modules "$disk_image"
build_boot_image $boot_modules
append qemu_args " -m 256 -nographic"
Log name of exiting child from Child::exit() Fixes #1243.
2014-08-22 14:43:54 +02:00
run_genode_until {.*child "test-libc_vfs" exited with exit value 0.*} 60
dde_rump: block encryption server using cgd(4) The 'rump_cgd' server provides block level encryption for a block session by employing the 'cgd(4)' device provided by the rumpkernel. 'rump_cgd' uses a Block_session to get access to an existing block device and provides another Block_session to its clients. Each block written or read by the client is transperently encrypted or decrypted by the server. For now 'rump_cgd' may only _configure_ a 'cgd' device but is unable to generate a configuration. The used cipher is hardcoded to _aes-cbc_ with a keysize of 256 bit. Furthermore the server is able to serve one client only. To ease the usage, its interface is modelled after the interface of 'cgdconfig(8)'. As implications thereof the key must have the same format as used by 'cgdconfig'. That means the key is a base 64 encoded string in which the first 4 bytes denote the actual length of the key in bits (these 4 bytes are stored in big endian order). Preparing a raw (e.g. without partition table) encrypted Ext2 disk image is done by executing 'tool/rump': ! dd if=/dev/urandom of=/path/to/disk_image ! rump -c /path/to/disk_image # key is printed to stdout ! rump -c -k <key> -F ext2fs /path/to/disk_image To use this disk image the following config snippet can be used: ! <start name="rump_cgd"> ! <resource name="RAM" quantum="8M" /> ! <provides><service name="Block"/></provides> ! <config action="configure"> ! <params> ! <method>key</method>} ! <key>AAABAJhpB2Y2UvVjkFdlP4m44449Pi3A/uW211mkanSulJo8</key> ! </params> ! </config> ! <route> ! <service name="Block"> <child name="ahci"/> </service> ! <any-service> <parent/> <any-child/> </any-service> ! </route> ! </start> the Block service provided by rump_cgd may be used by a file system server in return: ! <start name="rump_fs"> ! <resource name="RAM" quantum="16M"/> ! <provides><service name="File_system"/></provides> ! <config fs="ext2fs"> ! <policy label="" root="/" writeable="yes"/> ! </config> ! <route> ! <service name="Block"> <child name="rump_cgd"/> </service> ! <any-service> <parent/> <any-child/> </any-service> ! </route> ! </start> Since 'tool/rump' just utilizes the rumpkernel running on the host system to do its duty there is a script called 'tool/cgdconf' that extracts the key from a 'cgdconfig(8)' generated configuration file and also is able to generade such a file from a given key. Thereby the interoperabilty between 'rump_cgd' and the general rumpkernel based tools is secured.
2014-04-16 15:06:27 +02:00
exec rm -f bin/$disk_image
puts "\nTest succeeded\n"
# vi: set ft=tcl :