nixos: genode.init.children.<…>.routeToNics
Allow init children to route to Nic servers.
This commit is contained in:
parent
46226ebac8
commit
516736144b
|
@ -58,6 +58,16 @@ in {
|
||||||
attrsOf (submodule {
|
attrsOf (submodule {
|
||||||
options = {
|
options = {
|
||||||
inherit coreROMs inputs;
|
inherit coreROMs inputs;
|
||||||
|
|
||||||
|
routeToNics = lib.mkOption {
|
||||||
|
type = with types; listOf str;
|
||||||
|
default = [ ];
|
||||||
|
example = [ "eth0" ];
|
||||||
|
description = ''
|
||||||
|
Grant access to these Nic interfaces.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
configFile = mkOption {
|
configFile = mkOption {
|
||||||
type = types.path;
|
type = types.path;
|
||||||
description = ''
|
description = ''
|
||||||
|
|
|
@ -35,8 +35,25 @@ with lib;
|
||||||
assertion = lessThan (length interface.ipv4.routes) 2;
|
assertion = lessThan (length interface.ipv4.routes) 2;
|
||||||
message = "Genode interfaces do not support multiple routes.";
|
message = "Genode interfaces do not support multiple routes.";
|
||||||
};
|
};
|
||||||
in lib.mapAttrsToList addrCheck config.networking.interfaces
|
policyCheck = name: interface:
|
||||||
++ lib.mapAttrsToList routeCheck config.networking.interfaces;
|
let
|
||||||
|
clientList = filter (x x != null) (lib.mapAttrsToList
|
||||||
|
(childName: value:
|
||||||
|
if any (nic: nic == name) value.routeToNics then
|
||||||
|
childName
|
||||||
|
else
|
||||||
|
null) config.genode.init.children);
|
||||||
|
in {
|
||||||
|
assertion =
|
||||||
|
trace clientList (clientList == [ ] || length clientList == 1);
|
||||||
|
message = "Multiple routes to Nic ${name}, ${clientList}";
|
||||||
|
};
|
||||||
|
in lib.lists.concatMap
|
||||||
|
(f: lib.mapAttrsToList f config.networking.interfaces) [
|
||||||
|
addrCheck
|
||||||
|
routeCheck
|
||||||
|
policyCheck
|
||||||
|
];
|
||||||
|
|
||||||
hardware.genode.platform.policies = lib.lists.imap0 (i: name:
|
hardware.genode.platform.policies = lib.lists.imap0 (i: name:
|
||||||
builtins.toFile (name + ".platform-policy.dhall") ''
|
builtins.toFile (name + ".platform-policy.dhall") ''
|
||||||
|
@ -72,15 +89,15 @@ with lib;
|
||||||
in {
|
in {
|
||||||
inputs = [ binary ];
|
inputs = [ binary ];
|
||||||
configFile = let
|
configFile = let
|
||||||
policies = if interface.genode.stack == null then
|
policy = lib.mapAttrsToList (childName: value:
|
||||||
"[] : List Init.Config.Policy.Type"
|
if any (nic: nic == name) value.routeToNics then ''
|
||||||
else ''
|
Init.Config.Policy::{
|
||||||
[ Init.Config.Policy::{
|
, service = "Nic"
|
||||||
, service = "Nic"
|
, label = Init.LabelSelector.prefix "${childName}"
|
||||||
, label = Init.LabelSelector.prefix "${name}.sockets"
|
}
|
||||||
}
|
'' else
|
||||||
]
|
"") config.genode.init.children;
|
||||||
'';
|
|
||||||
in pkgs.writeText "${name'}.dhall" ''
|
in pkgs.writeText "${name'}.dhall" ''
|
||||||
let Genode = env:DHALL_GENODE
|
let Genode = env:DHALL_GENODE
|
||||||
|
|
||||||
|
@ -90,14 +107,13 @@ with lib;
|
||||||
Init.Child.Attributes::{
|
Init.Child.Attributes::{
|
||||||
, binary = "${binary.pname}"
|
, binary = "${binary.pname}"
|
||||||
, provides = [ "Nic" ]
|
, provides = [ "Nic" ]
|
||||||
, resources = Init.Resources::{
|
, resources = Init.Resources::{ caps = 128, ram = Genode.units.MiB 4 }
|
||||||
, caps = 128
|
|
||||||
, ram = Genode.units.MiB 4
|
|
||||||
}
|
|
||||||
, routes = [ Init.ServiceRoute.parent "IO_MEM" ]
|
, routes = [ Init.ServiceRoute.parent "IO_MEM" ]
|
||||||
, config = Init.Config::{
|
, config = Init.Config::{
|
||||||
, attributes = toMap { verbose = "true" }
|
, attributes = toMap { verbose = "true" }
|
||||||
, policies = ${policies}
|
, policies = [ ${
|
||||||
|
toString policy
|
||||||
|
} ] : List Init.Config.Policy.Type
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
'';
|
'';
|
||||||
|
@ -116,6 +132,9 @@ with lib;
|
||||||
lwip = [ vfs_lwip ];
|
lwip = [ vfs_lwip ];
|
||||||
lxip = [ vfs_lxip ];
|
lxip = [ vfs_lxip ];
|
||||||
}.${interface.genode.stack};
|
}.${interface.genode.stack};
|
||||||
|
|
||||||
|
routeToNics = [ name ];
|
||||||
|
|
||||||
configFile = let
|
configFile = let
|
||||||
binary = "${pkgs.genodePackages.vfs}/bin/vfs";
|
binary = "${pkgs.genodePackages.vfs}/bin/vfs";
|
||||||
ram = {
|
ram = {
|
||||||
|
|
|
@ -35,7 +35,7 @@ in {
|
||||||
|
|
||||||
virtualisation.qemu.options =
|
virtualisation.qemu.options =
|
||||||
lib.optionals (!config.virtualisation.useBootLoader) [
|
lib.optionals (!config.virtualisation.useBootLoader) [
|
||||||
"-kernel '${pkgs.genodePackages.bender}/bender'"
|
"-kernel '${pkgs.genodePackages.bender}/share/bender/bender'"
|
||||||
"-initrd '${pkgs.genodePackages.NOVA}/hypervisor-x86_64 arg=iommu logmem novpid serial,${config.genode.boot.image}/image.elf'"
|
"-initrd '${pkgs.genodePackages.NOVA}/hypervisor-x86_64 arg=iommu logmem novpid serial,${config.genode.boot.image}/image.elf'"
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
|
@ -8,6 +8,9 @@
|
||||||
networking.interfaces.eth1.genode.stack = null;
|
networking.interfaces.eth1.genode.stack = null;
|
||||||
genode.init.children.ping = {
|
genode.init.children.ping = {
|
||||||
inputs = with pkgs.genodePackages; [ ping ];
|
inputs = with pkgs.genodePackages; [ ping ];
|
||||||
|
|
||||||
|
routeToNics = [ "eth1" ];
|
||||||
|
|
||||||
configFile = let
|
configFile = let
|
||||||
ipA = builtins.head config.networking.interfaces.eth1.ipv4.addresses;
|
ipA = builtins.head config.networking.interfaces.eth1.ipv4.addresses;
|
||||||
ipAddrB = with builtins;
|
ipAddrB = with builtins;
|
||||||
|
|
Loading…
Reference in New Issue