From c06786e14a0de0dc89815c9cc6341efc79e3f34f Mon Sep 17 00:00:00 2001 From: Matthew Brooks Date: Thu, 24 Jul 2025 04:14:10 -0700 Subject: [PATCH] bump kernel to v6.12.33 hash lock aws-nitro-enclaves-nsm-api dep various fixes --- Containerfile | 76 +++---- Makefile | 2 +- src/aws/Cargo.lock | 513 ++++++++++++++++++++++++++++++++++++++++++ src/aws/Cargo.toml | 4 +- src/aws/src/lib.rs | 28 +-- src/init/Cargo.lock | 387 ++++++++++++++++++++++--------- src/init/init.rs | 21 +- src/system/Cargo.lock | 16 ++ src/system/src/lib.rs | 91 ++++---- 9 files changed, 916 insertions(+), 222 deletions(-) create mode 100644 src/aws/Cargo.lock create mode 100644 src/system/Cargo.lock diff --git a/Containerfile b/Containerfile index da25c80..700517a 100644 --- a/Containerfile +++ b/Containerfile @@ -1,45 +1,46 @@ -FROM stagex/binutils:sx2024.09.0@sha256:30a1bd110273894fe91c3a4a2103894f53eaac43cf12a035008a6982cb0e6908 AS binutils -FROM stagex/ca-certificates:sx2024.09.0@sha256:33787f1feb634be4232a6dfe77578c1a9b890ad82a2cf18c11dd44507b358803 AS ca-certificates -FROM stagex/gcc:sx2024.09.0@sha256:439bf36289ef036a934129d69dd6b4c196427e4f8e28bc1a3de5b9aab6e062f0 AS gcc -FROM stagex/zlib:sx2024.09.0@sha256:96b4100550760026065dac57148d99e20a03d17e5ee20d6b32cbacd61125dbb6 AS zlib -FROM stagex/llvm:sx2024.09.0@sha256:30517a41af648305afe6398af5b8c527d25545037df9d977018c657ba1b1708f AS llvm -FROM stagex/openssl:sx2024.09.0@sha256:2c1a9d8fcc6f52cb11a206f380b17d74c1079f04cbb08071a4176648b4df52c1 AS openssl -FROM stagex/eif_build:sx2024.09.0@sha256:291653f1ca528af48fd05858749c443300f6b24d2ffefa7f5a3a06c27c774566 AS eif_build -FROM stagex/gen_initramfs:sx2024.09.0@sha256:f5b9271cca6003e952cbbb9ef041ffa92ba328894f563d1d77942e6b5cdeac1a AS gen_initramfs -FROM stagex/libunwind:sx2024.09.0@sha256:97ee6068a8e8c9f1c74409f80681069c8051abb31f9559dedf0d0d562d3bfc82 AS libunwind -FROM stagex/rust:sx2024.09.0@sha256:b7c834268a81bfcc473246995c55b47fe18414cc553e3293b6294fde4e579163 AS rust -FROM stagex/musl:sx2024.09.0@sha256:ad351b875f26294562d21740a3ee51c23609f15e6f9f0310e0994179c4231e1d AS musl -FROM stagex/git:sx2024.09.0@sha256:29a02c423a4b55fa72cf2fce89f3bbabd1defea86d251bb2aea84c056340ab22 AS git -FROM stagex/pkgconf:sx2024.09.0@sha256:ba7fce4108b721e8bf1a0d993a5f9be9b65eceda8ba073fe7e8ebca2a31b1494 AS pkgconf -FROM stagex/busybox:sx2024.09.0@sha256:d34bfa56566aa72d605d6cbdc154de8330cf426cfea1bc4ba8013abcac594395 AS busybox -FROM stagex/linux-nitro:sx2024.03.0@sha256:073c4603686e3bdc0ed6755fee3203f6f6f1512e0ded09eaea8866b002b04264 AS linux-nitro +FROM stagex/core-binutils:sx2025.06.1@sha256:f989b48a168f38563b74718b0568118f6a4107916b22bd2457c974ca5bf4c7f4 AS core-binutils +FROM stagex/core-ca-certificates:sx2025.06.1@sha256:4d76a4864f241727b2ba20bd7dc9fe32ce049bb9a056e75c51f851187974e399 AS core-ca-certificates +FROM stagex/core-gcc:sx2025.06.1@sha256:ea69941739b0aa5bfb6b1dff8bb4bd7f5117f9cc26e3d9d1f830f35b2fc04c5c AS core-gcc +FROM stagex/core-zlib:sx2025.06.1@sha256:a143ed84d0aef7012d556df95904017e442c221117a07e5affc395440a2dae88 AS core-zlib +FROM stagex/core-llvm:sx2025.06.1@sha256:b836e00c49b752ceb324a018a8436d40b265ffe1f4e9e852751081add5ed4940 AS core-llvm +FROM stagex/core-openssl:sx2025.06.1@sha256:65bf9dc8676437ebc279f516c8d696936d620f3f53c81c2a35bd05e1360c6d99 AS core-openssl +FROM stagex/user-eif_build:sx2025.06.1@sha256:70c62f75d64cce6aa5d983057c591a798f82944156ed613c1172c3b7ef7aa31e AS user-eif_build +FROM stagex/user-gen_initramfs:sx2025.06.1@sha256:aff0791ee9ccdeed1304b5bb4edb7fc5b7f485e11bccf5e61668001243ada815 AS user-gen_initramfs +FROM stagex/core-libunwind:sx2025.06.1@sha256:cd88506914270f72ec82398390cb8e4c9cfb8173afbc4ad570bf319ee870400b AS core-libunwind +FROM stagex/core-rust:sx2025.06.1@sha256:4fd4c70535a4b951e08e7b50e2bf625320928c08cf83c37f57eb3fbcb204cfcd AS core-rust +FROM stagex/core-libzstd:sx2025.06.1@sha256:35ae8f0433cf1472f8fb25e74dc631723e9f458ca3e9544976beb724690adea8 AS core-libzstd +FROM stagex/core-musl:sx2025.06.1@sha256:79400dfed7fd30ff939bbd5b1fb2cb114910865891d1bd75e2067a394c3fb4f1 AS core-musl +FROM stagex/core-git:sx2025.06.1@sha256:1504bfc60913bbb1fac41488cc16188fce46e038f5ec5cc9e295e6f4984cab44 AS core-git +FROM stagex/core-pkgconf:sx2025.06.1@sha256:608b378949cedc86df6350e5ec428b0e114bb7bc46bc33330b51215cc8ac4a68 AS core-pkgconf +FROM stagex/core-busybox:sx2025.06.1@sha256:17e496211470fbd77057692619295e32c841e90312e48bce56a171fdb041b0c9 AS core-busybox +FROM stagex/user-linux-nitro:sx2025.06.1@sha256:655924404a008c6c70c3411e7b32d6558ac388bcc3a5a02431029e63c93d1985 AS user-linux-nitro -FROM scratch as base +FROM scratch AS base ENV TARGET=x86_64-unknown-linux-musl ENV RUSTFLAGS="-C target-feature=+crt-static" ENV CARGOFLAGS="--locked --no-default-features --release --target ${TARGET}" ENV OPENSSL_STATIC=true -COPY --from=busybox . / -COPY --from=musl . / -COPY --from=libunwind . / -COPY --from=openssl . / -COPY --from=zlib . / -COPY --from=ca-certificates . / -COPY --from=binutils . / -COPY --from=pkgconf . / -COPY --from=git . / -COPY --from=rust . / -COPY --from=gen_initramfs . / -COPY --from=eif_build . / -COPY --from=llvm . / -COPY --from=gcc . / -COPY --from=linux-nitro /bzImage . -COPY --from=linux-nitro /nsm.ko . -COPY --from=linux-nitro /linux.config . +COPY --from=core-busybox . / +COPY --from=core-musl . / +COPY --from=core-libunwind . / +COPY --from=core-openssl . / +COPY --from=core-zlib . / +COPY --from=core-ca-certificates . / +COPY --from=core-binutils . / +COPY --from=core-pkgconf . / +COPY --from=core-git . / +COPY --from=core-rust . / +COPY --from=core-libzstd . / +COPY --from=user-gen_initramfs . / +COPY --from=user-eif_build . / +COPY --from=core-llvm . / +COPY --from=core-gcc . / +COPY --from=user-linux-nitro /bzImage . +COPY --from=user-linux-nitro /linux.config . ADD . /src -FROM base as build +FROM base AS build WORKDIR /src/init RUN cargo build ${CARGOFLAGS} WORKDIR /build_cpio @@ -47,7 +48,6 @@ RUN cp /src/init/target/${TARGET}/release/init init ENV KBUILD_BUILD_TIMESTAMP=1 COPY <<-EOF initramfs.list file /init init 0755 0 0 - file /nsm.ko /nsm.ko 0755 0 0 dir /run 0755 0 0 dir /tmp 0755 0 0 dir /etc 0755 0 0 @@ -75,12 +75,12 @@ RUN eif_build \ --ramdisk /build_cpio/rootfs.cpio \ --pcrs_output /nitro.pcrs \ --output /nitro.eif \ - --cmdline 'reboot=k initrd=0x2000000,3228672 root=/dev/ram0 panic=1 pci=off nomodules console=ttyS0 i8042.noaux i8042.nomux i8042.nopnp i8042.dumbkbd' + --cmdline 'reboot=k initrd=0x2000000,3228672 root=/dev/ram0 panic=1 pci=off nomodules console=ttyS0 earlyprintk=ttyS0 debug i8042.noaux i8042.nomux i8042.nopnp i8042.dumbkbd dyndbg="file nsm.c +p"' -FROM base as install +FROM base AS install WORKDIR /rootfs COPY --from=build /nitro.eif . COPY --from=build /nitro.pcrs . -FROM scratch as package +FROM scratch AS package COPY --from=install /rootfs . \ No newline at end of file diff --git a/Makefile b/Makefile index e84ec93..90eb261 100644 --- a/Makefile +++ b/Makefile @@ -11,7 +11,7 @@ out/enclaveos.tar: out \ src/init \ src/aws \ ) - docker build \ + DOCKER_BUILDKIT=1 docker build \ --tag $(REGISTRY)/enclaveos \ --progress=plain \ --output type=local,rewrite-timestamp=true,dest=out\ diff --git a/src/aws/Cargo.lock b/src/aws/Cargo.lock new file mode 100644 index 0000000..3741c9f --- /dev/null +++ b/src/aws/Cargo.lock @@ -0,0 +1,513 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 4 + +[[package]] +name = "autocfg" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c08606f8c3cbf4ce6ec8e28fb0014a2c086708fe954eaa885384a6165172e7e8" + +[[package]] +name = "aws" +version = "0.1.0" +dependencies = [ + "aws-nitro-enclaves-nsm-api", + "libc", + "nsm-lib", + "system", +] + +[[package]] +name = "aws-nitro-enclaves-nsm-api" +version = "0.4.0" +source = "git+https://github.com/aws/aws-nitro-enclaves-nsm-api.git/?rev=8ec7eac72bbb2097f1058ee32c13e1ff232f13e8#8ec7eac72bbb2097f1058ee32c13e1ff232f13e8" +dependencies = [ + "libc", + "log", + "nix", + "serde", + "serde_bytes", + "serde_cbor", +] + +[[package]] +name = "bitflags" +version = "1.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" + +[[package]] +name = "bitflags" +version = "2.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1b8e56985ec62d17e9c1001dc89c88ecd7dc08e47eba5ec7c29c7b5eeecde967" + +[[package]] +name = "cbindgen" +version = "0.24.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4b922faaf31122819ec80c4047cc684c6979a087366c069611e33649bf98e18d" +dependencies = [ + "heck", + "indexmap", + "log", + "proc-macro2", + "quote", + "serde", + "serde_json", + "syn 1.0.109", + "tempfile", + "toml", +] + +[[package]] +name = "cfg-if" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9555578bc9e57714c812a1f84e4fc5b4d21fcb063490c624de019f7464c91268" + +[[package]] +name = "errno" +version = "0.3.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "778e2ac28f6c47af28e4907f13ffd1e1ddbd400980a9abd7c8df189bf578a5ad" +dependencies = [ + "libc", + "windows-sys 0.60.2", +] + +[[package]] +name = "fastrand" +version = "2.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "37909eebbb50d72f9059c3b6d82c0463f2ff062c9e95845c43a6c9c0355411be" + +[[package]] +name = "getrandom" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "26145e563e54f2cadc477553f1ec5ee650b00862f0a58bcd12cbdc5f0ea2d2f4" +dependencies = [ + "cfg-if", + "libc", + "r-efi", + "wasi", +] + +[[package]] +name = "half" +version = "1.8.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1b43ede17f21864e81be2fa654110bf1e793774238d86ef8555c37e6519c0403" + +[[package]] +name = "hashbrown" +version = "0.12.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" + +[[package]] +name = "heck" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "95505c38b4572b2d910cecb0281560f54b440a19336cbbcb27bf6ce6adc6f5a8" + +[[package]] +name = "indexmap" +version = "1.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bd070e393353796e801d209ad339e89596eb4c8d430d18ede6a1cced8fafbd99" +dependencies = [ + "autocfg", + "hashbrown", +] + +[[package]] +name = "itoa" +version = "1.0.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4a5f13b858c8d314ee3e8f639011f7ccefe71f97f96e50151fb991f267928e2c" + +[[package]] +name = "libc" +version = "0.2.174" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1171693293099992e19cddea4e8b849964e9846f4acee11b3948bcc337be8776" + +[[package]] +name = "linux-raw-sys" +version = "0.9.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cd945864f07fe9f5371a27ad7b52a172b4b499999f1d97574c9fa68373937e12" + +[[package]] +name = "log" +version = "0.4.27" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "13dc2df351e3202783a1fe0d44375f7295ffb4049267b0f3018346dc122a1d94" + +[[package]] +name = "memchr" +version = "2.7.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "32a282da65faaf38286cf3be983213fcf1d2e2a58700e808f83f4ea9a4804bc0" + +[[package]] +name = "memoffset" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5de893c32cde5f383baa4c04c5d6dbdd735cfd4a794b0debdb2bb1b421da5ff4" +dependencies = [ + "autocfg", +] + +[[package]] +name = "nix" +version = "0.26.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "598beaf3cc6fdd9a5dfb1630c2800c7acd31df7aaf0f565796fba2b53ca1af1b" +dependencies = [ + "bitflags 1.3.2", + "cfg-if", + "libc", + "memoffset", + "pin-utils", +] + +[[package]] +name = "nsm-lib" +version = "0.4.0" +source = "git+https://github.com/aws/aws-nitro-enclaves-nsm-api.git/?rev=8ec7eac72bbb2097f1058ee32c13e1ff232f13e8#8ec7eac72bbb2097f1058ee32c13e1ff232f13e8" +dependencies = [ + "aws-nitro-enclaves-nsm-api", + "cbindgen", + "serde_bytes", +] + +[[package]] +name = "once_cell" +version = "1.21.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "42f5e15c9953c5e4ccceeb2e7382a716482c34515315f7b03532b8b4e8393d2d" + +[[package]] +name = "pin-utils" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" + +[[package]] +name = "proc-macro2" +version = "1.0.95" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "02b3e5e68a3a1a02aad3ec490a98007cbc13c37cbe84a3cd7b8e406d76e7f778" +dependencies = [ + "unicode-ident", +] + +[[package]] +name = "quote" +version = "1.0.40" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1885c039570dc00dcb4ff087a89e185fd56bae234ddc7f056a945bf36467248d" +dependencies = [ + "proc-macro2", +] + +[[package]] +name = "r-efi" +version = "5.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "69cdb34c158ceb288df11e18b4bd39de994f6657d83847bdffdbd7f346754b0f" + +[[package]] +name = "rustix" +version = "1.0.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "11181fbabf243db407ef8df94a6ce0b2f9a733bd8be4ad02b4eda9602296cac8" +dependencies = [ + "bitflags 2.9.1", + "errno", + "libc", + "linux-raw-sys", + "windows-sys 0.60.2", +] + +[[package]] +name = "ryu" +version = "1.0.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "28d3b2b1366ec20994f1fd18c3c594f05c5dd4bc44d8bb0c1c632c8d6829481f" + +[[package]] +name = "serde" +version = "1.0.219" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5f0e2c6ed6606019b4e29e69dbaba95b11854410e5347d525002456dbbb786b6" +dependencies = [ + "serde_derive", +] + +[[package]] +name = "serde_bytes" +version = "0.11.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8437fd221bde2d4ca316d61b90e337e9e702b3820b87d63caa9ba6c02bd06d96" +dependencies = [ + "serde", +] + +[[package]] +name = "serde_cbor" +version = "0.11.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2bef2ebfde456fb76bbcf9f59315333decc4fda0b2b44b420243c11e0f5ec1f5" +dependencies = [ + "half", + "serde", +] + +[[package]] +name = "serde_derive" +version = "1.0.219" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5b0276cf7f2c73365f7157c8123c21cd9a50fbbd844757af28ca1f5925fc2a00" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.104", +] + +[[package]] +name = "serde_json" +version = "1.0.141" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "30b9eff21ebe718216c6ec64e1d9ac57087aad11efc64e32002bce4a0d4c03d3" +dependencies = [ + "itoa", + "memchr", + "ryu", + "serde", +] + +[[package]] +name = "syn" +version = "1.0.109" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "72b64191b275b66ffe2469e8af2c1cfe3bafa67b529ead792a6d0160888b4237" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "syn" +version = "2.0.104" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "17b6f705963418cdb9927482fa304bc562ece2fdd4f616084c50b7023b435a40" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "system" +version = "0.1.0" +dependencies = [ + "libc", +] + +[[package]] +name = "tempfile" +version = "3.20.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e8a64e3985349f2441a1a9ef0b853f869006c3855f2cda6862a94d26ebb9d6a1" +dependencies = [ + "fastrand", + "getrandom", + "once_cell", + "rustix", + "windows-sys 0.59.0", +] + +[[package]] +name = "toml" +version = "0.5.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f4f7f0dd8d50a853a531c426359045b1998f04219d88799810762cd4ad314234" +dependencies = [ + "serde", +] + +[[package]] +name = "unicode-ident" +version = "1.0.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5a5f39404a5da50712a4c1eecf25e90dd62b613502b7e925fd4e4d19b5c96512" + +[[package]] +name = "wasi" +version = "0.14.2+wasi-0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9683f9a5a998d873c0d21fcbe3c083009670149a8fab228644b8bd36b2c48cb3" +dependencies = [ + "wit-bindgen-rt", +] + +[[package]] +name = "windows-sys" +version = "0.59.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e38bc4d79ed67fd075bcc251a1c39b32a1776bbe92e5bef1f0bf1f8c531853b" +dependencies = [ + "windows-targets 0.52.6", +] + +[[package]] +name = "windows-sys" +version = "0.60.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f2f500e4d28234f72040990ec9d39e3a6b950f9f22d3dba18416c35882612bcb" +dependencies = [ + "windows-targets 0.53.2", +] + +[[package]] +name = "windows-targets" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9b724f72796e036ab90c1021d4780d4d3d648aca59e491e6b98e725b84e99973" +dependencies = [ + "windows_aarch64_gnullvm 0.52.6", + "windows_aarch64_msvc 0.52.6", + "windows_i686_gnu 0.52.6", + "windows_i686_gnullvm 0.52.6", + "windows_i686_msvc 0.52.6", + "windows_x86_64_gnu 0.52.6", + "windows_x86_64_gnullvm 0.52.6", + "windows_x86_64_msvc 0.52.6", +] + +[[package]] +name = "windows-targets" +version = "0.53.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c66f69fcc9ce11da9966ddb31a40968cad001c5bedeb5c2b82ede4253ab48aef" +dependencies = [ + "windows_aarch64_gnullvm 0.53.0", + "windows_aarch64_msvc 0.53.0", + "windows_i686_gnu 0.53.0", + "windows_i686_gnullvm 0.53.0", + "windows_i686_msvc 0.53.0", + "windows_x86_64_gnu 0.53.0", + "windows_x86_64_gnullvm 0.53.0", + "windows_x86_64_msvc 0.53.0", +] + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3" + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "86b8d5f90ddd19cb4a147a5fa63ca848db3df085e25fee3cc10b39b6eebae764" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c7651a1f62a11b8cbd5e0d42526e55f2c99886c77e007179efff86c2b137e66c" + +[[package]] +name = "windows_i686_gnu" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e9b5ad5ab802e97eb8e295ac6720e509ee4c243f69d781394014ebfe8bbfa0b" + +[[package]] +name = "windows_i686_gnu" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c1dc67659d35f387f5f6c479dc4e28f1d4bb90ddd1a5d3da2e5d97b42d6272c3" + +[[package]] +name = "windows_i686_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66" + +[[package]] +name = "windows_i686_gnullvm" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9ce6ccbdedbf6d6354471319e781c0dfef054c81fbc7cf83f338a4296c0cae11" + +[[package]] +name = "windows_i686_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66" + +[[package]] +name = "windows_i686_msvc" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "581fee95406bb13382d2f65cd4a908ca7b1e4c2f1917f143ba16efe98a589b5d" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2e55b5ac9ea33f2fc1716d1742db15574fd6fc8dadc51caab1c16a3d3b4190ba" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0a6e035dd0599267ce1ee132e51c27dd29437f63325753051e71dd9e42406c57" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "271414315aff87387382ec3d271b52d7ae78726f5d44ac98b4f4030c91880486" + +[[package]] +name = "wit-bindgen-rt" +version = "0.39.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6f42320e61fe2cfd34354ecb597f86f413484a798ba44a8ca1165c58d42da6c1" +dependencies = [ + "bitflags 2.9.1", +] diff --git a/src/aws/Cargo.toml b/src/aws/Cargo.toml index 27a9f06..36649a7 100644 --- a/src/aws/Cargo.toml +++ b/src/aws/Cargo.toml @@ -7,6 +7,6 @@ edition = "2021" [dependencies] libc = "0.2.134" -nsm_lib = { git = "https://github.com/aws/aws-nitro-enclaves-nsm-api.git/", branch = "main", package="nsm-lib", optional = false } -nsm_api = { git = "https://github.com/aws/aws-nitro-enclaves-nsm-api.git/", branch = "main", package="aws-nitro-enclaves-nsm-api", optional = false } +nsm_lib = { git = "https://github.com/aws/aws-nitro-enclaves-nsm-api.git/", rev = "8ec7eac72bbb2097f1058ee32c13e1ff232f13e8", package="nsm-lib", optional = false } +nsm_api = { git = "https://github.com/aws/aws-nitro-enclaves-nsm-api.git/", rev = "8ec7eac72bbb2097f1058ee32c13e1ff232f13e8", package="aws-nitro-enclaves-nsm-api", optional = false } system = { path = "../system"} diff --git a/src/aws/src/lib.rs b/src/aws/src/lib.rs index 14acfe2..c887747 100644 --- a/src/aws/src/lib.rs +++ b/src/aws/src/lib.rs @@ -2,16 +2,16 @@ use system::{dmesg, SystemError}; // Signal to Nitro hypervisor that booting was successful fn nitro_heartbeat() { + use libc::{close, read, write, AF_VSOCK}; use system::socket_connect; - use libc::{write, read, close, AF_VSOCK}; let mut buf: [u8; 1] = [0; 1]; buf[0] = 0xB7; // AWS Nitro heartbeat value let fd = match socket_connect(AF_VSOCK, 9000, 3) { - Ok(f)=> f, - Err(e)=> { + Ok(f) => f, + Err(e) => { eprintln!("{}", e); - return - }, + return; + } }; unsafe { write(fd, buf.as_ptr() as _, 1); @@ -28,23 +28,21 @@ pub fn get_entropy(size: usize) -> Result, SystemError> { let nsm_fd = nsm_lib_init(); if nsm_fd < 0 { return Err(SystemError { - message: String::from("Failed to connect to NSM device") + message: String::from("Failed to connect to NSM device"), }); }; let mut dest = Vec::with_capacity(size); while dest.len() < size { let mut buf = [0u8; 256]; let mut buf_len = buf.len(); - let status = unsafe { - nsm_get_random(nsm_fd, buf.as_mut_ptr(), &mut buf_len) - }; + let status = unsafe { nsm_get_random(nsm_fd, buf.as_mut_ptr(), &mut buf_len) }; match status { ErrorCode::Success => { dest.extend_from_slice(&buf); - }, + } _ => { return Err(SystemError { - message: String::from("Failed to get entropy from NSM device") + message: String::from("Failed to get entropy from NSM device"), }); } }; @@ -53,13 +51,7 @@ pub fn get_entropy(size: usize) -> Result, SystemError> { } // Initialize nitro device -pub fn init_platform(){ - use system::insmod; +pub fn init_platform() { // TODO: error handling nitro_heartbeat(); - - match insmod("/nsm.ko") { - Ok(())=> dmesg(format!("Loaded nsm.ko")), - Err(e)=> eprintln!("{}", e) - }; } diff --git a/src/init/Cargo.lock b/src/init/Cargo.lock index 95bbb4a..73acef7 100644 --- a/src/init/Cargo.lock +++ b/src/init/Cargo.lock @@ -1,12 +1,12 @@ # This file is automatically @generated by Cargo. # It is not intended for manual editing. -version = 3 +version = 4 [[package]] name = "autocfg" -version = "1.1.0" +version = "1.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" +checksum = "c08606f8c3cbf4ce6ec8e28fb0014a2c086708fe954eaa885384a6165172e7e8" [[package]] name = "aws" @@ -20,8 +20,8 @@ dependencies = [ [[package]] name = "aws-nitro-enclaves-nsm-api" -version = "0.2.1" -source = "git+https://github.com/aws/aws-nitro-enclaves-nsm-api.git/?branch=main#16eebf7838fa6f399cfffda0049912b936c3a895" +version = "0.4.0" +source = "git+https://github.com/aws/aws-nitro-enclaves-nsm-api.git/?rev=8ec7eac72bbb2097f1058ee32c13e1ff232f13e8#8ec7eac72bbb2097f1058ee32c13e1ff232f13e8" dependencies = [ "libc", "log", @@ -33,15 +33,21 @@ dependencies = [ [[package]] name = "bitflags" -version = "1.2.1" +version = "1.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693" +checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" + +[[package]] +name = "bitflags" +version = "2.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1b8e56985ec62d17e9c1001dc89c88ecd7dc08e47eba5ec7c29c7b5eeecde967" [[package]] name = "cbindgen" -version = "0.21.0" +version = "0.24.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "485ede05a56152367a6ec586a7425b475d6c3d3838581ff651d2a6e3730a62ef" +checksum = "4b922faaf31122819ec80c4047cc684c6979a087366c069611e33649bf98e18d" dependencies = [ "heck", "indexmap", @@ -50,37 +56,50 @@ dependencies = [ "quote", "serde", "serde_json", - "syn", + "syn 1.0.109", "tempfile", "toml", ] [[package]] -name = "cc" -version = "1.0.73" +name = "cfg-if" +version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2fff2a6927b3bb87f9595d67196a70493f627687a71d87a0d692242c33f58c11" +checksum = "9555578bc9e57714c812a1f84e4fc5b4d21fcb063490c624de019f7464c91268" [[package]] -name = "cfg-if" -version = "1.0.0" +name = "errno" +version = "0.3.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" +checksum = "778e2ac28f6c47af28e4907f13ffd1e1ddbd400980a9abd7c8df189bf578a5ad" +dependencies = [ + "libc", + "windows-sys 0.60.2", +] [[package]] name = "fastrand" -version = "1.8.0" +version = "2.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a7a407cfaa3385c4ae6b23e84623d48c2798d06e3e6a1878f7f59f17b3f86499" +checksum = "37909eebbb50d72f9059c3b6d82c0463f2ff062c9e95845c43a6c9c0355411be" + +[[package]] +name = "getrandom" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "26145e563e54f2cadc477553f1ec5ee650b00862f0a58bcd12cbdc5f0ea2d2f4" dependencies = [ - "instant", + "cfg-if", + "libc", + "r-efi", + "wasi", ] [[package]] name = "half" -version = "1.8.2" +version = "1.8.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eabb4a44450da02c90444cf74558da904edde8fb4e9035a9a6a4e15445af0bd7" +checksum = "1b43ede17f21864e81be2fa654110bf1e793774238d86ef8555c37e6519c0403" [[package]] name = "hashbrown" @@ -90,15 +109,15 @@ checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" [[package]] name = "heck" -version = "0.4.0" +version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2540771e65fc8cb83cd6e8a237f70c319bd5c29f78ed1084ba5d50eeac86f7f9" +checksum = "95505c38b4572b2d910cecb0281560f54b440a19336cbbcb27bf6ce6adc6f5a8" [[package]] name = "indexmap" -version = "1.9.1" +version = "1.9.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "10a35a97730320ffe8e2d410b5d3b69279b98d2c14bdb8b70ea89ecf7888d41e" +checksum = "bd070e393353796e801d209ad339e89596eb4c8d430d18ede6a1cced8fafbd99" dependencies = [ "autocfg", "hashbrown", @@ -113,62 +132,62 @@ dependencies = [ "system", ] -[[package]] -name = "instant" -version = "0.1.12" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a5bbe824c507c5da5956355e86a746d82e0e1464f65d862cc5e71da70e94b2c" -dependencies = [ - "cfg-if", -] - [[package]] name = "itoa" -version = "1.0.4" +version = "1.0.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4217ad341ebadf8d8e724e264f13e593e0648f5b3e94b3896a5df283be015ecc" +checksum = "4a5f13b858c8d314ee3e8f639011f7ccefe71f97f96e50151fb991f267928e2c" [[package]] name = "libc" -version = "0.2.134" +version = "0.2.174" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "329c933548736bc49fd575ee68c89e8be4d260064184389a5b77517cddd99ffb" +checksum = "1171693293099992e19cddea4e8b849964e9846f4acee11b3948bcc337be8776" + +[[package]] +name = "linux-raw-sys" +version = "0.9.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cd945864f07fe9f5371a27ad7b52a172b4b499999f1d97574c9fa68373937e12" [[package]] name = "log" -version = "0.4.17" +version = "0.4.27" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "abb12e687cfb44aa40f41fc3978ef76448f9b6038cad6aef4259d3c095a2382e" -dependencies = [ - "cfg-if", -] +checksum = "13dc2df351e3202783a1fe0d44375f7295ffb4049267b0f3018346dc122a1d94" + +[[package]] +name = "memchr" +version = "2.7.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "32a282da65faaf38286cf3be983213fcf1d2e2a58700e808f83f4ea9a4804bc0" [[package]] name = "memoffset" -version = "0.6.5" +version = "0.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5aa361d4faea93603064a027415f07bd8e1d5c88c9fbf68bf56a285428fd79ce" +checksum = "5de893c32cde5f383baa4c04c5d6dbdd735cfd4a794b0debdb2bb1b421da5ff4" dependencies = [ "autocfg", ] [[package]] name = "nix" -version = "0.20.2" +version = "0.26.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f5e06129fb611568ef4e868c14b326274959aa70ff7776e9d55323531c374945" +checksum = "598beaf3cc6fdd9a5dfb1630c2800c7acd31df7aaf0f565796fba2b53ca1af1b" dependencies = [ - "bitflags", - "cc", + "bitflags 1.3.2", "cfg-if", "libc", "memoffset", + "pin-utils", ] [[package]] name = "nsm-lib" -version = "0.2.1" -source = "git+https://github.com/aws/aws-nitro-enclaves-nsm-api.git/?branch=main#16eebf7838fa6f399cfffda0049912b936c3a895" +version = "0.4.0" +source = "git+https://github.com/aws/aws-nitro-enclaves-nsm-api.git/?rev=8ec7eac72bbb2097f1058ee32c13e1ff232f13e8#8ec7eac72bbb2097f1058ee32c13e1ff232f13e8" dependencies = [ "aws-nitro-enclaves-nsm-api", "cbindgen", @@ -176,61 +195,74 @@ dependencies = [ ] [[package]] -name = "proc-macro2" -version = "1.0.46" +name = "once_cell" +version = "1.21.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "94e2ef8dbfc347b10c094890f778ee2e36ca9bb4262e86dc99cd217e35f3470b" +checksum = "42f5e15c9953c5e4ccceeb2e7382a716482c34515315f7b03532b8b4e8393d2d" + +[[package]] +name = "pin-utils" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" + +[[package]] +name = "proc-macro2" +version = "1.0.95" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "02b3e5e68a3a1a02aad3ec490a98007cbc13c37cbe84a3cd7b8e406d76e7f778" dependencies = [ "unicode-ident", ] [[package]] name = "quote" -version = "1.0.21" +version = "1.0.40" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bbe448f377a7d6961e30f5955f9b8d106c3f5e449d493ee1b125c1d43c2b5179" +checksum = "1885c039570dc00dcb4ff087a89e185fd56bae234ddc7f056a945bf36467248d" dependencies = [ "proc-macro2", ] [[package]] -name = "redox_syscall" -version = "0.2.16" +name = "r-efi" +version = "5.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fb5a58c1855b4b6819d59012155603f0b22ad30cad752600aadfcb695265519a" -dependencies = [ - "bitflags", -] +checksum = "69cdb34c158ceb288df11e18b4bd39de994f6657d83847bdffdbd7f346754b0f" [[package]] -name = "remove_dir_all" -version = "0.5.3" +name = "rustix" +version = "1.0.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3acd125665422973a33ac9d3dd2df85edad0f4ae9b00dafb1a05e43a9f5ef8e7" +checksum = "11181fbabf243db407ef8df94a6ce0b2f9a733bd8be4ad02b4eda9602296cac8" dependencies = [ - "winapi", + "bitflags 2.9.1", + "errno", + "libc", + "linux-raw-sys", + "windows-sys 0.60.2", ] [[package]] name = "ryu" -version = "1.0.11" +version = "1.0.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4501abdff3ae82a1c1b477a17252eb69cee9e66eb915c1abaa4f44d873df9f09" +checksum = "28d3b2b1366ec20994f1fd18c3c594f05c5dd4bc44d8bb0c1c632c8d6829481f" [[package]] name = "serde" -version = "1.0.145" +version = "1.0.219" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "728eb6351430bccb993660dfffc5a72f91ccc1295abaa8ce19b27ebe4f75568b" +checksum = "5f0e2c6ed6606019b4e29e69dbaba95b11854410e5347d525002456dbbb786b6" dependencies = [ "serde_derive", ] [[package]] name = "serde_bytes" -version = "0.11.7" +version = "0.11.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cfc50e8183eeeb6178dcb167ae34a8051d63535023ae38b5d8d12beae193d37b" +checksum = "8437fd221bde2d4ca316d61b90e337e9e702b3820b87d63caa9ba6c02bd06d96" dependencies = [ "serde", ] @@ -247,31 +279,43 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.145" +version = "1.0.219" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "81fa1584d3d1bcacd84c277a0dfe21f5b0f6accf4a23d04d4c6d61f1af522b4c" +checksum = "5b0276cf7f2c73365f7157c8123c21cd9a50fbbd844757af28ca1f5925fc2a00" dependencies = [ "proc-macro2", "quote", - "syn", + "syn 2.0.104", ] [[package]] name = "serde_json" -version = "1.0.86" +version = "1.0.141" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "41feea4228a6f1cd09ec7a3593a682276702cd67b5273544757dae23c096f074" +checksum = "30b9eff21ebe718216c6ec64e1d9ac57087aad11efc64e32002bce4a0d4c03d3" dependencies = [ "itoa", + "memchr", "ryu", "serde", ] [[package]] name = "syn" -version = "1.0.102" +version = "1.0.109" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3fcd952facd492f9be3ef0d0b7032a6e442ee9b361d4acc2b1d0c4aaa5f613a1" +checksum = "72b64191b275b66ffe2469e8af2c1cfe3bafa67b529ead792a6d0160888b4237" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "syn" +version = "2.0.104" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "17b6f705963418cdb9927482fa304bc562ece2fdd4f616084c50b7023b435a40" dependencies = [ "proc-macro2", "quote", @@ -287,51 +331,192 @@ dependencies = [ [[package]] name = "tempfile" -version = "3.3.0" +version = "3.20.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5cdb1ef4eaeeaddc8fbd371e5017057064af0911902ef36b39801f67cc6d79e4" +checksum = "e8a64e3985349f2441a1a9ef0b853f869006c3855f2cda6862a94d26ebb9d6a1" dependencies = [ - "cfg-if", "fastrand", - "libc", - "redox_syscall", - "remove_dir_all", - "winapi", + "getrandom", + "once_cell", + "rustix", + "windows-sys 0.59.0", ] [[package]] name = "toml" -version = "0.5.9" +version = "0.5.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8d82e1a7758622a465f8cee077614c73484dac5b836c02ff6a40d5d1010324d7" +checksum = "f4f7f0dd8d50a853a531c426359045b1998f04219d88799810762cd4ad314234" dependencies = [ "serde", ] [[package]] name = "unicode-ident" -version = "1.0.5" +version = "1.0.18" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6ceab39d59e4c9499d4e5a8ee0e2735b891bb7308ac83dfb4e80cad195c9f6f3" +checksum = "5a5f39404a5da50712a4c1eecf25e90dd62b613502b7e925fd4e4d19b5c96512" [[package]] -name = "winapi" -version = "0.3.9" +name = "wasi" +version = "0.14.2+wasi-0.2.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" +checksum = "9683f9a5a998d873c0d21fcbe3c083009670149a8fab228644b8bd36b2c48cb3" dependencies = [ - "winapi-i686-pc-windows-gnu", - "winapi-x86_64-pc-windows-gnu", + "wit-bindgen-rt", ] [[package]] -name = "winapi-i686-pc-windows-gnu" -version = "0.4.0" +name = "windows-sys" +version = "0.59.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" +checksum = "1e38bc4d79ed67fd075bcc251a1c39b32a1776bbe92e5bef1f0bf1f8c531853b" +dependencies = [ + "windows-targets 0.52.6", +] [[package]] -name = "winapi-x86_64-pc-windows-gnu" -version = "0.4.0" +name = "windows-sys" +version = "0.60.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" +checksum = "f2f500e4d28234f72040990ec9d39e3a6b950f9f22d3dba18416c35882612bcb" +dependencies = [ + "windows-targets 0.53.2", +] + +[[package]] +name = "windows-targets" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9b724f72796e036ab90c1021d4780d4d3d648aca59e491e6b98e725b84e99973" +dependencies = [ + "windows_aarch64_gnullvm 0.52.6", + "windows_aarch64_msvc 0.52.6", + "windows_i686_gnu 0.52.6", + "windows_i686_gnullvm 0.52.6", + "windows_i686_msvc 0.52.6", + "windows_x86_64_gnu 0.52.6", + "windows_x86_64_gnullvm 0.52.6", + "windows_x86_64_msvc 0.52.6", +] + +[[package]] +name = "windows-targets" +version = "0.53.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c66f69fcc9ce11da9966ddb31a40968cad001c5bedeb5c2b82ede4253ab48aef" +dependencies = [ + "windows_aarch64_gnullvm 0.53.0", + "windows_aarch64_msvc 0.53.0", + "windows_i686_gnu 0.53.0", + "windows_i686_gnullvm 0.53.0", + "windows_i686_msvc 0.53.0", + "windows_x86_64_gnu 0.53.0", + "windows_x86_64_gnullvm 0.53.0", + "windows_x86_64_msvc 0.53.0", +] + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3" + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "86b8d5f90ddd19cb4a147a5fa63ca848db3df085e25fee3cc10b39b6eebae764" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c7651a1f62a11b8cbd5e0d42526e55f2c99886c77e007179efff86c2b137e66c" + +[[package]] +name = "windows_i686_gnu" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e9b5ad5ab802e97eb8e295ac6720e509ee4c243f69d781394014ebfe8bbfa0b" + +[[package]] +name = "windows_i686_gnu" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c1dc67659d35f387f5f6c479dc4e28f1d4bb90ddd1a5d3da2e5d97b42d6272c3" + +[[package]] +name = "windows_i686_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66" + +[[package]] +name = "windows_i686_gnullvm" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9ce6ccbdedbf6d6354471319e781c0dfef054c81fbc7cf83f338a4296c0cae11" + +[[package]] +name = "windows_i686_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66" + +[[package]] +name = "windows_i686_msvc" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "581fee95406bb13382d2f65cd4a908ca7b1e4c2f1917f143ba16efe98a589b5d" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2e55b5ac9ea33f2fc1716d1742db15574fd6fc8dadc51caab1c16a3d3b4190ba" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0a6e035dd0599267ce1ee132e51c27dd29437f63325753051e71dd9e42406c57" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.53.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "271414315aff87387382ec3d271b52d7ae78726f5d44ac98b4f4030c91880486" + +[[package]] +name = "wit-bindgen-rt" +version = "0.39.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6f42320e61fe2cfd34354ecb597f86f413484a798ba44a8ca1165c58d42da6c1" +dependencies = [ + "bitflags 2.9.1", +] diff --git a/src/init/init.rs b/src/init/init.rs index 01ce125..d1ccbee 100644 --- a/src/init/init.rs +++ b/src/init/init.rs @@ -1,15 +1,14 @@ -use system::{seed_entropy, reboot, freopen, mount, dmesg}; +use system::{dmesg, freopen, mount, reboot, seed_entropy}; //TODO: Feature flag -use aws::{init_platform, get_entropy}; +use aws::{get_entropy, init_platform}; // Mount common filesystems with conservative permissions fn init_rootfs() { - use libc::{MS_NOSUID, MS_NOEXEC, MS_NODEV }; + use libc::{MS_NODEV, MS_NOEXEC, MS_NOSUID}; let no_dse = MS_NODEV | MS_NOSUID | MS_NOEXEC; let no_se = MS_NOSUID | MS_NOEXEC; let args = [ - ("devtmpfs", "/dev", "devtmpfs", no_se, "mode=0755"), ("devtmpfs", "/dev", "devtmpfs", no_se, "mode=0755"), ("devpts", "/dev/pts", "devpts", no_se, ""), ("shm", "/dev/shm", "tmpfs", no_dse, "mode=0755"), @@ -21,8 +20,8 @@ fn init_rootfs() { ]; for (src, target, fstype, flags, data) in args { match mount(src, target, fstype, flags, data) { - Ok(())=> dmesg(format!("Mounted {}", target)), - Err(e)=> eprintln!("{}", e), + Ok(()) => dmesg(format!("Mounted {}", target)), + Err(e) => eprintln!("{}", e), } } } @@ -36,19 +35,19 @@ fn init_console() { ]; for (filename, mode, file) in args { match freopen(filename, mode, file) { - Ok(())=> {}, - Err(e)=> eprintln!("{}", e), + Ok(()) => {} + Err(e) => eprintln!("{}", e), } } } -fn boot(){ +fn boot() { init_rootfs(); init_console(); init_platform(); match seed_entropy(4096, get_entropy) { - Ok(size)=> dmesg(format!("Seeded kernel with entropy: {}", size)), - Err(e)=> eprintln!("{}", e) + Ok(size) => dmesg(format!("Seeded kernel with entropy: {}", size)), + Err(e) => eprintln!("{}", e), }; } diff --git a/src/system/Cargo.lock b/src/system/Cargo.lock new file mode 100644 index 0000000..4d7cbe3 --- /dev/null +++ b/src/system/Cargo.lock @@ -0,0 +1,16 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 4 + +[[package]] +name = "libc" +version = "0.2.174" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1171693293099992e19cddea4e8b849964e9846f4acee11b3948bcc337be8776" + +[[package]] +name = "system" +version = "0.1.0" +dependencies = [ + "libc", +] diff --git a/src/system/src/lib.rs b/src/system/src/lib.rs index 3d90f68..6d70a97 100644 --- a/src/system/src/lib.rs +++ b/src/system/src/lib.rs @@ -1,10 +1,8 @@ -use libc::{ c_ulong, c_int, c_void }; +use libc::{c_int, c_ulong, c_void}; use std::{ - mem::{zeroed, size_of}, ffi::CString, - fs::File, - os::unix::io::AsRawFd, fmt, + mem::{size_of, zeroed}, }; pub struct SystemError { @@ -17,20 +15,25 @@ impl fmt::Display for SystemError { } // Log dmesg formatted log to console -pub fn dmesg(message: String){ +pub fn dmesg(message: String) { println!("{} {}", boot_time(), message); } // Dmesg formatted seconds since boot pub fn boot_time() -> String { use libc::{clock_gettime, timespec, CLOCK_BOOTTIME}; - let mut t = timespec { tv_sec: 0, tv_nsec: 0 }; - unsafe { clock_gettime(CLOCK_BOOTTIME, &mut t as *mut timespec); } + let mut t = timespec { + tv_sec: 0, + tv_nsec: 0, + }; + unsafe { + clock_gettime(CLOCK_BOOTTIME, &mut t as *mut timespec); + } format!("[ {: >4}.{}]", t.tv_sec, t.tv_nsec / 1000).to_string() } // Unconditionally reboot the system now -pub fn reboot(){ +pub fn reboot() { use libc::{reboot, RB_AUTOBOOT}; unsafe { reboot(RB_AUTOBOOT); @@ -56,45 +59,34 @@ pub fn mount( target_cs.as_ptr(), fstype_cs.as_ptr(), flags, - data_cs.as_ptr() as *const c_void + data_cs.as_ptr() as *const c_void, ) - } != 0 { - Err(SystemError { message: format!("Failed to mount: {}", target) }) + } != 0 + { + Err(SystemError { + message: format!("Failed to mount: {}", target), + }) } else { Ok(()) } } // libc::freopen casting/error wrapper -pub fn freopen( - filename: &str, - mode: &str, - file: c_int, -) -> Result<(), SystemError> { - use libc::{freopen, fdopen}; +pub fn freopen(filename: &str, mode: &str, file: c_int) -> Result<(), SystemError> { + use libc::{fdopen, freopen}; let filename_cs = CString::new(filename).unwrap(); let mode_cs = CString::new(mode).unwrap(); if unsafe { freopen( filename_cs.as_ptr(), mode_cs.as_ptr(), - fdopen(file, mode_cs.as_ptr() as *const i8) + fdopen(file, mode_cs.as_ptr() as *const i8), ) - }.is_null() { - Err(SystemError { message: format!("Failed to freopen: {}", filename) }) - } else { - Ok(()) } -} - -// Insert kernel module into memory -pub fn insmod(path: &str) -> Result<(), SystemError> { - use libc::{syscall, SYS_finit_module}; - let file = File::open(path).unwrap(); - let fd = file.as_raw_fd(); - if unsafe { syscall(SYS_finit_module, fd, &[0u8; 1], 0) } < 0 { + .is_null() + { Err(SystemError { - message: format!("Failed to insert kernel module: {}", path) + message: format!("Failed to freopen: {}", filename), }) } else { Ok(()) @@ -102,12 +94,8 @@ pub fn insmod(path: &str) -> Result<(), SystemError> { } // Instantiate a socket -pub fn socket_connect( - family: c_int, - port: u32, - cid: u32, -) -> Result { - use libc::{connect, socket, sockaddr, sockaddr_vm, SOCK_STREAM}; +pub fn socket_connect(family: c_int, port: u32, cid: u32) -> Result { + use libc::{connect, sockaddr, sockaddr_vm, socket, SOCK_STREAM}; let fd = unsafe { socket(family, SOCK_STREAM, 0) }; if unsafe { let mut sa: sockaddr_vm = zeroed(); @@ -119,9 +107,10 @@ pub fn socket_connect( &sa as *const _ as *mut sockaddr, size_of::() as _, ) - } < 0 { + } < 0 + { Err(SystemError { - message: format!("Failed to connect to socket: {}", family) + message: format!("Failed to connect to socket: {}", family), }) } else { Ok(fd) @@ -135,12 +124,12 @@ pub fn seed_entropy( ) -> Result { use std::io::Write; - let entropy_sample = match source(size) { - Ok(sample)=> sample, - Err(e)=> { return Err(e) }, + let entropy_sample = match source(size) { + Ok(sample) => sample, + Err(e) => return Err(e), }; - use std::fs::OpenOptions; + use std::fs::OpenOptions; let mut random_fd = match OpenOptions::new() .read(true) .write(true) @@ -149,21 +138,21 @@ pub fn seed_entropy( Ok(file) => file, Err(_) => { return Err(SystemError { - message: String::from("Failed to open /dev/urandom"), - }); - }, + message: String::from("Failed to open /dev/urandom"), + }); + } }; // 5.10+ kernel entropy pools are made of BLAKE2 hashes fixed at 256 bit // The RNDADDENTROPY crediting system is now complexity with no gain. // We just simply write samples to /dev/urandom now. // See: https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.119 - match random_fd.write_all(&entropy_sample) { + match random_fd.write_all(&entropy_sample) { Ok(()) => Ok(entropy_sample.len()), Err(_) => { - return Err(SystemError { - message: String::from("Failed to write to /dev/urandom"), - }); + return Err(SystemError { + message: String::from("Failed to write to /dev/urandom"), + }); } - } + } } -- 2.40.1