Stoltz/rhai fault injection #401
Draft
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Rust code changes:
- add Rhai scripting as a feature (--features=rhaiscript)
- add ArchiveInspector for access to RawHubrisArchive
- add "system(argv) -> #{exit_code, stdout, stderr}" from std::process::Command
- export faux-mgs paramsters to Rhai main.
- run any faux-mgs command with "let result = faux_mgs(["arg0", .. "argN"]);
- faux-mgs results are passed back to the script as a map even if they are simpler JSON.
- ChronoPackage for time handling.
- FilesystemPackage for file access.
- EnvironmentPackage for env var access.
- export "scriptdir" so that script can get other files relative to itself.
- "verify_rot_image()" to verify a RoT image vs CFPA, CMPA.
- vars available to main():
- "argv" - script main's scope passing all remaining CLI args.
- "rbi_default" - expose faux-mgs default "rot_boot_info" version
- "interface" - pass the "--interface INTERFACE" value.
- "reset_watchdog_timeout_ms" - pass that value to the script.
- Route Rhai's debug function to the faux-mgs log.
- The `debug("message")` function is routed to the faux-mgs slog logging.
Prefixing a message with "crit|", "trace|", "error|", "warn|", "error|", or "debug|"
will log at that corresponding level. Leaving off the prefix or using some other
prefix will log at the debug level.
- Rhai's `print()` still goes to stdout.
Rhai scripts:
scripts/util.rhai contains common script and faux-mgs support.
- getops()
- to_hexstring()
- cstring_to_string(a)
- array_to_mac(a)
- ab_to_01(v)
- env_expand(s, override)
- rot_boot_info()
- state()
- caboose_value(component, slot, key)
- get_device_cabooses()
- rkth_to_key_name(rkth)
- array_to_blob(a)
- get_cmpa()
- get_cfpa()
- get_rot_keyset()
scripts/update-rollback.rhai
- Only use MGS messages for testing, no humility or other APIs
- perform happy path update and rollback from baseline to under-test images.
scripts/targets.json
- an example configuration script for scripts/update-rollback.rhai
Fix `json_to_map()` so that JSON errors are reported properly.
Some calls to `print()` change to logging to debug or info.
Add configuration for `faux-ipcc`.
- since system() needs to be used to run faux-ipcc, should there
be a regex to parse or are Rhai's existing string functions
sufficient to pull out certs and measurements? Since faux-ipcc
doesn't handle attestations yet, we'll wait a bit.
Move RawHubrisArchive knowledge to a separate source file.
Also work around baseline not implementing transient boot preference
Also error handling in to_hexstring.
Positional baseline and UT args become options. Remove dead code. Add docs and tests for getopts
Power control is needed to test recovery from failed RoT updates when using transient boot preference and fault insertion.
Added fault insertion tests to simulate recovery from previous failed updates. Fixed bug: `faux_mgs()` now returns complete `Err` message to Rhai scripts. Added a test plan document Added the scripts/FMR helper script to reduce typing for common test commands.
lzrd
force-pushed
the
stoltz/rhai-fault-injection
branch
from
e9bc67e to
89bdd1b
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.