2
0
Fork 0

nixos: genode.init.children.<…>.routeToNics

Allow init children to route to Nic servers.
This commit is contained in:
Emery Hemingway 2020-12-20 14:56:47 +01:00
parent 76a72a563f
commit 222ca79126
3 changed files with 51 additions and 12 deletions

View File

@ -58,6 +58,16 @@ in {
attrsOf (submodule {
options = {
inherit coreROMs inputs;
routeToNics = lib.mkOption {
type = with types; listOf str;
default = [ ];
example = [ "eth0" ];
description = ''
Grant access to these Nic interfaces.
'';
};
configFile = mkOption {
type = types.path;
description = ''

View File

@ -72,8 +72,25 @@ with lib;
assertion = lessThan (length interface.ipv4.routes) 2;
message = "Genode interfaces do not support multiple routes.";
};
in lib.mapAttrsToList addrCheck config.networking.interfaces
++ lib.mapAttrsToList routeCheck config.networking.interfaces;
policyCheck = name: interface:
let
clientList = filter (x x != null) (lib.mapAttrsToList
(childName: value:
if any (nic: nic == name) value.routeToNics then
childName
else
null) config.genode.init.children);
in {
assertion =
trace clientList (clientList == [ ] || length clientList == 1);
message = "Multiple routes to Nic ${name}, ${clientList}";
};
in lib.lists.concatMap
(f: lib.mapAttrsToList f config.networking.interfaces) [
addrCheck
routeCheck
policyCheck
];
hardware.genode.usb.storage.enable = config.genode.boot.storeBackend
== "usb";
@ -139,15 +156,15 @@ with lib;
in {
inputs = [ binary ];
configFile = let
policies = if interface.genode.stack == null then
"[] : List Init.Config.Policy.Type"
else ''
[ Init.Config.Policy::{
policy = lib.mapAttrsToList (childName: value:
if any (nic: nic == name) value.routeToNics then ''
Init.Config.Policy::{
, service = "Nic"
, label = Init.LabelSelector.prefix "${name}.sockets"
, label = Init.LabelSelector.prefix "${childName}"
}
]
'';
'' else
"") config.genode.init.children;
in pkgs.writeText "${name'}.dhall" ''
let Genode = env:DHALL_GENODE
@ -166,7 +183,9 @@ with lib;
]
, config = Init.Config::{
, attributes = toMap { verbose = "true" }
, policies = ${policies}
, policies =
[ ${toString policy} ]
: List Init.Config.Policy.Type
}
}
'';
@ -180,11 +199,15 @@ with lib;
value = if interface.genode.stack == null then
null
else {
inputs = with pkgs.genodePackages;
{
lwip = [ vfs_lwip ];
lxip = [ vfs_lxip ];
}.${interface.genode.stack};
routeToNics = [ name ];
configFile = let
binary = "${pkgs.genodePackages.vfs}/bin/vfs";
ram = {
@ -251,6 +274,7 @@ with lib;
}
}
'';
};
}) config.networking.interfaces;
@ -308,7 +332,9 @@ with lib;
, Init.ServiceRoute.parent "IO_PORT"
]
, config = Init.Config::{
, policies = [ ${toString policies} ]
, policies = [ ${
toString policies
} ] : List Init.Config.Policy.Type
}
}
'';
@ -361,7 +387,7 @@ with lib;
]
}
]
, policies = [ storagePolicy ]
, policies = [ storagePolicy ] : List Init.Config.Policy.Type
}
}
'';

View File

@ -9,6 +9,9 @@
networking.interfaces.eth1.genode.stack = null;
genode.init.children.ping = {
inputs = with pkgs.genodePackages; [ ping ];
routeToNics = [ "eth1" ];
configFile = let
ipA = builtins.head config.networking.interfaces.eth1.ipv4.addresses;
ipAddrB = with builtins;