ehmry/sigil
ehmry
/
sigil
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

nixos: genode.init.children.<…>.routeToNics 

Allow init children to route to Nic servers.
This commit is contained in:
Ehmry - 2020-12-20 14:56:47 +01:00
parent 46226ebac8
commit 516736144b
4 changed files with 49 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
nixos-modules/genode-init.nix
View File

@ -58,6 +58,16 @@ in {
attrsOf (submodule {
options = {
inherit coreROMs inputs;
routeToNics = lib.mkOption {
type = with types; listOf str;
default = [ ];
example = [ "eth0" ];
description = ''
Grant access to these Nic interfaces.
'';
};
configFile = mkOption {
type = types.path;
description = ''

51
nixos-modules/hardware/nic.nix
View File

@ -35,8 +35,25 @@ with lib;
assertion = lessThan (length interface.ipv4.routes) 2;
message = "Genode interfaces do not support multiple routes.";
};
in lib.mapAttrsToList addrCheck config.networking.interfaces
++ lib.mapAttrsToList routeCheck config.networking.interfaces;
policyCheck = name: interface:
let
clientList = filter (x x != null) (lib.mapAttrsToList
(childName: value:
if any (nic: nic == name) value.routeToNics then
childName
else
null) config.genode.init.children);
in {
assertion =
trace clientList (clientList == [ ] || length clientList == 1);
message = "Multiple routes to Nic ${name}, ${clientList}";
};
in lib.lists.concatMap
(f: lib.mapAttrsToList f config.networking.interfaces) [
addrCheck
routeCheck
policyCheck
];
hardware.genode.platform.policies = lib.lists.imap0 (i: name:
builtins.toFile (name + ".platform-policy.dhall") ''
@ -72,15 +89,15 @@ with lib;
in {
inputs = [ binary ];
configFile = let
policies = if interface.genode.stack == null then
"[] : List Init.Config.Policy.Type"
else ''
[ Init.Config.Policy::{
, service = "Nic"
, label = Init.LabelSelector.prefix "${name}.sockets"
}
]
'';
policy = lib.mapAttrsToList (childName: value:
if any (nic: nic == name) value.routeToNics then ''
Init.Config.Policy::{
, service = "Nic"
, label = Init.LabelSelector.prefix "${childName}"
}
'' else
"") config.genode.init.children;
in pkgs.writeText "${name'}.dhall" ''
let Genode = env:DHALL_GENODE
@ -90,14 +107,13 @@ with lib;
Init.Child.Attributes::{
, binary = "${binary.pname}"
, provides = [ "Nic" ]
, resources = Init.Resources::{
, caps = 128
, ram = Genode.units.MiB 4
}
, resources = Init.Resources::{ caps = 128, ram = Genode.units.MiB 4 }
, routes = [ Init.ServiceRoute.parent "IO_MEM" ]
, config = Init.Config::{
, attributes = toMap { verbose = "true" }
, policies = ${policies}
, policies = [ ${
toString policy
} ] : List Init.Config.Policy.Type
}
}
'';
@ -116,6 +132,9 @@ with lib;
lwip = [ vfs_lwip ];
lxip = [ vfs_lxip ];
}.${interface.genode.stack};
routeToNics = [ name ];
configFile = let
binary = "${pkgs.genodePackages.vfs}/bin/vfs";
ram = {

2
nixos-modules/nova.nix
View File

@ -35,7 +35,7 @@ in {
virtualisation.qemu.options =
lib.optionals (!config.virtualisation.useBootLoader) [
"-kernel '${pkgs.genodePackages.bender}/bender'"
"-kernel '${pkgs.genodePackages.bender}/share/bender/bender'"
"-initrd '${pkgs.genodePackages.NOVA}/hypervisor-x86_64 arg=iommu logmem novpid serial,${config.genode.boot.image}/image.elf'"
];

3
tests/networking.nix
View File

@ -8,6 +8,9 @@
networking.interfaces.eth1.genode.stack = null;
genode.init.children.ping = {
inputs = with pkgs.genodePackages; [ ping ];
routeToNics = [ "eth1" ];
configFile = let
ipA = builtins.head config.networking.interfaces.eth1.ipv4.addresses;
ipAddrB = with builtins;