nixos: genode.init.children.<…>.routeToNics

Allow init children to route to Nic servers.
This commit is contained in:
Emery Hemingway 2020-12-20 14:56:47 +01:00
parent 46226ebac8
commit 516736144b
4 changed files with 49 additions and 17 deletions

View File

@ -58,6 +58,16 @@ in {
attrsOf (submodule { attrsOf (submodule {
options = { options = {
inherit coreROMs inputs; inherit coreROMs inputs;
routeToNics = lib.mkOption {
type = with types; listOf str;
default = [ ];
example = [ "eth0" ];
description = ''
Grant access to these Nic interfaces.
'';
};
configFile = mkOption { configFile = mkOption {
type = types.path; type = types.path;
description = '' description = ''

View File

@ -35,8 +35,25 @@ with lib;
assertion = lessThan (length interface.ipv4.routes) 2; assertion = lessThan (length interface.ipv4.routes) 2;
message = "Genode interfaces do not support multiple routes."; message = "Genode interfaces do not support multiple routes.";
}; };
in lib.mapAttrsToList addrCheck config.networking.interfaces policyCheck = name: interface:
++ lib.mapAttrsToList routeCheck config.networking.interfaces; let
clientList = filter (x x != null) (lib.mapAttrsToList
(childName: value:
if any (nic: nic == name) value.routeToNics then
childName
else
null) config.genode.init.children);
in {
assertion =
trace clientList (clientList == [ ] || length clientList == 1);
message = "Multiple routes to Nic ${name}, ${clientList}";
};
in lib.lists.concatMap
(f: lib.mapAttrsToList f config.networking.interfaces) [
addrCheck
routeCheck
policyCheck
];
hardware.genode.platform.policies = lib.lists.imap0 (i: name: hardware.genode.platform.policies = lib.lists.imap0 (i: name:
builtins.toFile (name + ".platform-policy.dhall") '' builtins.toFile (name + ".platform-policy.dhall") ''
@ -72,15 +89,15 @@ with lib;
in { in {
inputs = [ binary ]; inputs = [ binary ];
configFile = let configFile = let
policies = if interface.genode.stack == null then policy = lib.mapAttrsToList (childName: value:
"[] : List Init.Config.Policy.Type" if any (nic: nic == name) value.routeToNics then ''
else '' Init.Config.Policy::{
[ Init.Config.Policy::{ , service = "Nic"
, service = "Nic" , label = Init.LabelSelector.prefix "${childName}"
, label = Init.LabelSelector.prefix "${name}.sockets" }
} '' else
] "") config.genode.init.children;
'';
in pkgs.writeText "${name'}.dhall" '' in pkgs.writeText "${name'}.dhall" ''
let Genode = env:DHALL_GENODE let Genode = env:DHALL_GENODE
@ -90,14 +107,13 @@ with lib;
Init.Child.Attributes::{ Init.Child.Attributes::{
, binary = "${binary.pname}" , binary = "${binary.pname}"
, provides = [ "Nic" ] , provides = [ "Nic" ]
, resources = Init.Resources::{ , resources = Init.Resources::{ caps = 128, ram = Genode.units.MiB 4 }
, caps = 128
, ram = Genode.units.MiB 4
}
, routes = [ Init.ServiceRoute.parent "IO_MEM" ] , routes = [ Init.ServiceRoute.parent "IO_MEM" ]
, config = Init.Config::{ , config = Init.Config::{
, attributes = toMap { verbose = "true" } , attributes = toMap { verbose = "true" }
, policies = ${policies} , policies = [ ${
toString policy
} ] : List Init.Config.Policy.Type
} }
} }
''; '';
@ -116,6 +132,9 @@ with lib;
lwip = [ vfs_lwip ]; lwip = [ vfs_lwip ];
lxip = [ vfs_lxip ]; lxip = [ vfs_lxip ];
}.${interface.genode.stack}; }.${interface.genode.stack};
routeToNics = [ name ];
configFile = let configFile = let
binary = "${pkgs.genodePackages.vfs}/bin/vfs"; binary = "${pkgs.genodePackages.vfs}/bin/vfs";
ram = { ram = {

View File

@ -35,7 +35,7 @@ in {
virtualisation.qemu.options = virtualisation.qemu.options =
lib.optionals (!config.virtualisation.useBootLoader) [ lib.optionals (!config.virtualisation.useBootLoader) [
"-kernel '${pkgs.genodePackages.bender}/bender'" "-kernel '${pkgs.genodePackages.bender}/share/bender/bender'"
"-initrd '${pkgs.genodePackages.NOVA}/hypervisor-x86_64 arg=iommu logmem novpid serial,${config.genode.boot.image}/image.elf'" "-initrd '${pkgs.genodePackages.NOVA}/hypervisor-x86_64 arg=iommu logmem novpid serial,${config.genode.boot.image}/image.elf'"
]; ];

View File

@ -8,6 +8,9 @@
networking.interfaces.eth1.genode.stack = null; networking.interfaces.eth1.genode.stack = null;
genode.init.children.ping = { genode.init.children.ping = {
inputs = with pkgs.genodePackages; [ ping ]; inputs = with pkgs.genodePackages; [ ping ];
routeToNics = [ "eth1" ];
configFile = let configFile = let
ipA = builtins.head config.networking.interfaces.eth1.ipv4.addresses; ipA = builtins.head config.networking.interfaces.eth1.ipv4.addresses;
ipAddrB = with builtins; ipAddrB = with builtins;