From bcd82b7e7539a3d1a59b0733e2c99db813b8be8e Mon Sep 17 00:00:00 2001
From: Martin Stein <martin.stein@genode-labs.com>
Date: Thu, 23 Nov 2023 06:02:55 +0100
Subject: [PATCH] tresor: revive and test app/tresor_check

The tresor_check tool became outdated back when the Tresor project was created
by re-writing its predecessor, the CBE, in C++. At this time, the check tool
was merely renamed but not updated. As there was also no autopilot test for the
tool, the tool remained outdated.

This commit rewrites the tool for the most recent Tresor version and adds an
autopilot test.

Ref #5062
---
 repos/gems/run/tresor_utils.run           | 160 ++++++++++++++
 repos/gems/src/app/tresor_check/main.cc   | 249 ++++++----------------
 repos/gems/src/app/tresor_check/target.mk |   4 +-
 tool/autopilot.list                       |   1 +
 4 files changed, 231 insertions(+), 183 deletions(-)
 create mode 100644 repos/gems/run/tresor_utils.run

diff --git a/repos/gems/run/tresor_utils.run b/repos/gems/run/tresor_utils.run
new file mode 100644
index 0000000000..0b03aaf3ea
--- /dev/null
+++ b/repos/gems/run/tresor_utils.run
@@ -0,0 +1,160 @@
+assert_spec linux
+
+proc tresor_img_file { } { return "tresor.img" }
+
+append build_components {
+	core init timer server/lx_block server/lx_fs server/vfs app/sequence
+	app/tresor_init_trust_anchor app/tresor_init app/tresor_check
+	lib/vfs_tresor_crypto_aes_cbc lib/vfs_tresor_trust_anchor lib/vfs_jitterentropy
+	lib/libc lib/libcrypto }
+
+build $build_components
+
+create_boot_directory
+
+append config {
+
+	<config verbose="yes">
+		<parent-provides>
+			<service name="PD"/>
+			<service name="ROM"/>
+			<service name="LOG"/>
+			<service name="CPU"/>
+		</parent-provides>
+
+		<start name="timer" caps="100">
+			<resource name="RAM" quantum="1M"/>
+			<provides><service name="Timer"/></provides>
+			<route>
+				<service name="PD">  <parent/> </service>
+				<service name="ROM"> <parent/> </service>
+				<service name="LOG"> <parent/> </service>
+				<service name="CPU"> <parent/> </service>
+			</route>
+		</start>
+
+		<start name="lx_fs" ld="no" caps="100">
+			<resource name="RAM" quantum="2M"/>
+			<provides> <service name="File_system"/> </provides>
+			<config> <default-policy root="/" writeable="yes"/> </config>
+			<route>
+				<service name="PD">  <parent/> </service>
+				<service name="ROM"> <parent/> </service>
+				<service name="LOG"> <parent/> </service>
+				<service name="CPU"> <parent/> </service>
+			</route>
+		</start>
+
+		<start name="vfs" caps="120">
+			<resource name="RAM" quantum="16M"/>
+			<provides><service name="File_system"/></provides>
+			<config>
+				<vfs>
+					<dir name="ta_storage"> <fs/> </dir>
+					<dir name="dev">
+						<jitterentropy/>
+						<tresor_trust_anchor name="tresor_trust_anchor" storage_dir="/ta_storage"/>
+					</dir>
+				</vfs>
+				<default-policy root="/dev/tresor_trust_anchor" writeable="yes"/>
+			</config>
+			<route>
+				<service name="File_system"> <child name="lx_fs"/> </service>
+				<service name="PD">  <parent/> </service>
+				<service name="ROM"> <parent/> </service>
+				<service name="LOG"> <parent/> </service>
+				<service name="CPU"> <parent/> </service>
+			</route>
+		</start>
+
+		<start name="sequence" caps="200">
+			<resource name="RAM" quantum="128M"/>
+			<config>
+
+				<start name="tresor_init_trust_anchor">
+					<resource name="RAM" quantum="4M"/>
+					<config passphrase="foobar" trust_anchor_dir="/trust_anchor">
+						<vfs> <dir name="trust_anchor"> <fs label="ta"/> </dir> </vfs>
+					</config>
+					<route>
+						<service name="PD">  <parent/> </service>
+						<service name="ROM"> <parent/> </service>
+						<service name="LOG"> <parent/> </service>
+						<service name="CPU"> <parent/> </service>
+					</route>
+				</start>
+
+				<start name="tresor_init">
+					<resource name="RAM" quantum="4M"/>
+					<config>
+
+						<block-io type="vfs" path="/tresor.img"/>
+						<crypto path="/crypto"/>
+						<trust-anchor path="/trust_anchor"/>
+
+						<vfs>
+							<fs buffer_size="1M"/>
+							<tresor_crypto_aes_cbc name="crypto"/>
+							<dir name="trust_anchor">
+								<fs label="ta"/>
+							</dir>
+						</vfs>
+
+						<virtual-block-device nr_of_levels="3" nr_of_children="64" nr_of_leafs="512" />
+						<free-tree nr_of_levels="3" nr_of_children="64" nr_of_leafs="2048" />
+
+					</config>
+					<route>
+						<service name="PD">  <parent/> </service>
+						<service name="ROM"> <parent/> </service>
+						<service name="LOG"> <parent/> </service>
+						<service name="CPU"> <parent/> </service>
+					</route>
+				</start>
+
+				<start name="tresor_check" caps="100">
+					<resource name="RAM" quantum="4M"/>
+					<config>
+						<block-io type="vfs" path="/tresor.img"/>
+						<crypto path="/crypto"/>
+						<trust-anchor path="/trust_anchor"/>
+						<vfs>
+							<fs buffer_size="1M"/>
+							<tresor_crypto_aes_cbc name="crypto"/>
+							<dir name="trust_anchor"> <fs label="ta"/> </dir>
+						</vfs>
+					</config>
+					<route>
+						<service name="PD">  <parent/> </service>
+						<service name="ROM"> <parent/> </service>
+						<service name="LOG"> <parent/> </service>
+						<service name="CPU"> <parent/> </service>
+					</route>
+				</start>
+
+			</config>
+			<route>
+				<service name="File_system" label_last="ta"> <child name="vfs"/> </service>
+				<service name="File_system"> <child name="lx_fs"/> </service>
+				<service name="PD">  <parent/> </service>
+				<service name="ROM"> <parent/> </service>
+				<service name="LOG"> <parent/> </service>
+				<service name="CPU"> <parent/> </service>
+			</route>
+		</start>
+	</config>
+}
+
+install_config $config
+
+exec rm -rf bin/tresor.img
+exec truncate -s 32M bin/tresor.img
+
+append boot_modules {
+	core init timer lx_block lx_fs sequence vfs vfs.lib.so vfs_jitterentropy.lib.so
+	ld.lib.so libcrypto.lib.so libc.lib.so tresor_init_trust_anchor tresor_init
+	tresor_check vfs_tresor_trust_anchor.lib.so tresor.img vfs_tresor_crypto_aes_cbc.lib.so }
+
+build_boot_image $boot_modules
+
+run_genode_until {.*child "sequence" exited with exit value 0.*\n} 240
diff --git a/repos/gems/src/app/tresor_check/main.cc b/repos/gems/src/app/tresor_check/main.cc
index 9cbb0a4838..2e00c3939a 100644
--- a/repos/gems/src/app/tresor_check/main.cc
+++ b/repos/gems/src/app/tresor_check/main.cc
@@ -16,208 +16,97 @@
 #include <base/attached_rom_dataspace.h>
 #include <base/component.h>
 #include <base/heap.h>
-#include <block_session/connection.h>
+#include <vfs/simple_env.h>
 
-#include <timer_session/connection.h>
-
-/* gems includes */
-#include <tresor/check/library.h>
+/* tresor includes */
+#include <tresor/block_io.h>
+#include <tresor/crypto.h>
+#include <tresor/trust_anchor.h>
+#include <tresor/ft_check.h>
+#include <tresor/sb_check.h>
+#include <tresor/vbd_check.h>
 
 using namespace Genode;
+using namespace Tresor;
 
-namespace Tresor {
+namespace Tresor_check { class Main; }
 
-	char const *module_name(unsigned long)
-	{
-		return "?";
-	}
-}
-
-class Main
+class Tresor_check::Main : private Vfs::Env::User, private Tresor::Module_composition, public  Tresor::Module, public Module_channel
 {
 	private:
 
-		enum { TX_BUF_SIZE = Block::Session::TX_QUEUE_SIZE * Tresor::BLOCK_SIZE };
+		enum State { INIT, REQ_GENERATED, CHECK_SBS_SUCCEEDED };
 
-		Env                  &_env;
-		Heap                  _heap        { _env.ram(), _env.rm() };
-		Allocator_avl         _blk_alloc   { &_heap };
-		Block::Connection<>   _blk         { _env, &_blk_alloc, TX_BUF_SIZE };
-		Signal_handler<Main>  _blk_handler { _env.ep(), *this, &Main::_execute };
-		Tresor::Request          _blk_req     { };
-		Tresor::Io_buffer        _blk_buf     { };
-		Tresor_check::Library    _tresor_check    { };
+		Env  &_env;
+		Heap  _heap { _env.ram(), _env.rm() };
+		Attached_rom_dataspace _config_rom { _env, "config" };
+		Vfs::Simple_env _vfs_env { _env, _heap, _config_rom.xml().sub_node("vfs"), *this };
+		Signal_handler<Main> _sigh { _env.ep(), *this, &Main::_handle_signal };
+		Trust_anchor _trust_anchor { _vfs_env, _config_rom.xml().sub_node("trust-anchor") };
+		Crypto _crypto { _vfs_env, _config_rom.xml().sub_node("crypto") };
+		Block_io _block_io { _vfs_env, _config_rom.xml().sub_node("block-io") };
+		Vbd_check _vbd_check { };
+		Ft_check _ft_check { };
+		Sb_check _sb_check { };
+		bool _generated_req_success { };
+		State _state { INIT };
 
-		Genode::size_t        _blk_ratio   {
-			Tresor::BLOCK_SIZE / _blk.info().block_size };
+		NONCOPYABLE(Main);
 
-		void _execute()
+		void _generated_req_completed(State_uint state_uint) override
 		{
-			for (bool progress { true }; progress; ) {
-
-				progress = false;
-
-				_tresor_check.execute(_blk_buf);
-				if (_tresor_check.execute_progress()) {
-					progress = true;
-				}
-
-				Tresor::Request const req {
-					_tresor_check.peek_completed_client_request() };
-
-				if (req.valid()) {
-					_tresor_check.drop_completed_client_request(req);
-					if (req.success()) {
-						_env.parent().exit(0);
-					} else {
-						error("request was not successful");;
-						_env.parent().exit(-1);
-					}
-				}
-
-				struct Invalid_io_request : Exception { };
-
-				while (_blk.tx()->ready_to_submit()) {
-
-					Tresor::Io_buffer::Index data_index { 0 };
-					Tresor::Request request { };
-					_tresor_check.has_io_request(request, data_index);
-
-					if (!request.valid()) {
-						break;
-					}
-					if (_blk_req.valid()) {
-						break;
-					}
-					try {
-						request.tag(data_index.value);
-						Block::Packet_descriptor::Opcode op;
-						switch (request.operation()) {
-						case Tresor::Request::Operation::READ:
-							op = Block::Packet_descriptor::READ;
-							break;
-						case Tresor::Request::Operation::WRITE:
-							op = Block::Packet_descriptor::WRITE;
-							break;
-						default:
-							throw Invalid_io_request();
-						}
-						Block::Packet_descriptor packet {
-							_blk.alloc_packet(Tresor::BLOCK_SIZE), op,
-							request.block_number() * _blk_ratio,
-							request.count() * _blk_ratio };
-
-						if (request.operation() == Tresor::Request::Operation::WRITE) {
-							*reinterpret_cast<Tresor::Block*>(
-								_blk.tx()->packet_content(packet)) =
-									_blk_buf.item(data_index);
-						}
-						_blk.tx()->try_submit_packet(packet);
-						_blk_req = request;
-						_tresor_check.io_request_in_progress(data_index);
-						progress = true;
-					}
-					catch (Block::Session::Tx::Source::Packet_alloc_failed) {
-						break;
-					}
-				}
-
-				while (_blk.tx()->ack_avail()) {
-
-					Block::Packet_descriptor packet =
-						_blk.tx()->try_get_acked_packet();
-
-					if (!_blk_req.valid()) {
-						break;
-					}
-
-					bool const read  =
-						packet.operation() == Block::Packet_descriptor::READ;
-
-					bool const write =
-						packet.operation() == Block::Packet_descriptor::WRITE;
-
-					bool const op_match =
-						(read && _blk_req.read()) ||
-						(write && _blk_req.write());
-
-					bool const bn_match =
-						packet.block_number() / _blk_ratio == _blk_req.block_number();
-
-					if (!bn_match || !op_match) {
-						break;
-					}
-
-					_blk_req.success(packet.succeeded());
-
-					Tresor::Io_buffer::Index const data_index { _blk_req.tag() };
-					bool                  const success    { _blk_req.success() };
-
-					if (read && success) {
-						_blk_buf.item(data_index) =
-							*reinterpret_cast<Tresor::Block*>(
-								_blk.tx()->packet_content(packet));
-					}
-					_tresor_check.io_request_completed(data_index, success);
-					_blk.tx()->release_packet(packet);
-					_blk_req = Tresor::Request();
-					progress = true;
-				}
+			if (!_generated_req_success) {
+				error("command pool: request failed because generated request failed)");
+				_env.parent().exit(-1);
+				return;
 			}
-			_blk.tx()->wakeup();
+			_state = (State)state_uint;
+		}
+
+		void wakeup_vfs_user() override { _sigh.local_submit(); }
+
+		void _wakeup_back_end_services() { _vfs_env.io().commit(); }
+
+		void _handle_signal()
+		{
+			execute_modules();
+			_wakeup_back_end_services();
 		}
 
 	public:
 
-		Main(Env &env)
-		:
-			_env { env }
+		Main(Env &env) : Module_channel { COMMAND_POOL, 0 }, _env { env }
 		{
-			if (_blk_ratio == 0) {
-				error("backend block size not supported");
-				_env.parent().exit(-1);
-				return;
-			}
-
-			if (!_tresor_check.client_request_acceptable()) {
-				error("failed to submit request");
-				_env.parent().exit(-1);
-			}
-			_tresor_check.submit_client_request(
-				Tresor::Request(
-					Tresor::Request::Operation::READ,
-					false, 0, 0, 0, 0, 0));
-
-			_blk.tx_channel()->sigh_ack_avail(_blk_handler);
-			_blk.tx_channel()->sigh_ready_to_submit(_blk_handler);
-
-			_execute();
+			add_module(COMMAND_POOL, *this);
+			add_module(CRYPTO, _crypto);
+			add_module(TRUST_ANCHOR, _trust_anchor);
+			add_module(BLOCK_IO, _block_io);
+			add_module(VBD_CHECK, _vbd_check);
+			add_module(FT_CHECK, _ft_check);
+			add_module(SB_CHECK, _sb_check);
+			add_channel(*this);
+			_handle_signal();
 		}
 
-		~Main()
+		void execute(bool &progress) override
 		{
-			_blk.tx_channel()->sigh_ack_avail(Signal_context_capability());
-			_blk.tx_channel()->sigh_ready_to_submit(Signal_context_capability());
+			switch(_state) {
+			case INIT:
+
+				generate_req<Sb_check_request>(CHECK_SBS_SUCCEEDED, progress, _generated_req_success);
+				_state = REQ_GENERATED;
+				break;
+
+			case CHECK_SBS_SUCCEEDED: _env.parent().exit(0); break;
+			default: break;
+			}
 		}
 };
 
-extern "C" int memcmp(const void *p0, const void *p1, Genode::size_t size)
-{
-	return Genode::memcmp(p0, p1, size);
-}
-
-extern "C" void adainit();
-
-void Component::construct(Genode::Env &env)
-{
-	env.exec_static_constructors();
-	Timer::Connection timer { env };
-	timer.msleep(3000);
-	Genode::log("start checking");
-
-	Tresor::assert_valid_object_size<Tresor_check::Library>();
-
-	tresor_check_cxx_init();
-
-	static Main main(env);
+void Component::construct(Genode::Env &env) { static Tresor_check::Main main { env }; }
+
+namespace Libc {
+
+	struct Env;
+	struct Component { void construct(Libc::Env &) { } };
 }
diff --git a/repos/gems/src/app/tresor_check/target.mk b/repos/gems/src/app/tresor_check/target.mk
index 7a02b65167..d9689ae5f9 100644
--- a/repos/gems/src/app/tresor_check/target.mk
+++ b/repos/gems/src/app/tresor_check/target.mk
@@ -1,9 +1,7 @@
-REQUIRES += x86_64
-
 TARGET  := tresor_check
 
 SRC_CC  += main.cc
 INC_DIR += $(PRG_DIR)
-LIBS    += base tresor_check_cxx
+LIBS    += base tresor
 
 CONFIG_XSD = config.xsd
diff --git a/tool/autopilot.list b/tool/autopilot.list
index fb6d64fa0a..2bfc2f13d6 100644
--- a/tool/autopilot.list
+++ b/tool/autopilot.list
@@ -79,6 +79,7 @@ timeout_smp
 timer_accuracy
 tool_chain_auto
 tresor_tester
+tresor_utils
 tz_vmm
 usb_block
 usb_hid_raw