Hello Steve,
On Tue, Sep 26, 2017 at 11:59:17AM -0500, Steven Harp wrote:
Noticed that in 17.08 (and 17.05) these examples failed w. x86/nova
- run/libc_vfs_fs_fat
- run/libc_vfs_fat
apparently because:
[init -> ahci_drv] read-only session opened at device 0 for 'test-libc_vfs -> 0'
so e.g., mkdir fails with EPERM.
Hacking libports/run/libc_vfs_filesystem_test.inc to add writeable="yes" to the "ahci_drv" component configuration: <config> <policy label_prefix="test-libc_vfs" device="0" writeable="yes"/> <policy label_prefix="vfs" device="0" writeable="yes" /> </config> suffices, but maybe this is not appropriate. Was the default policy intended to be writeable="yes" for this driver?
The writeable policy attribute was introduced with 17.08 in
https://github.com/genodelabs/genode/commit/1fce8d0d7
and this commit also adapts the autopilot tests. Unfortunately, we missed to adapt libc_vfs_fs_fat and libc_vfs_fat, which remained undetected because those are not in tool/autopilot.list. The reason behind this is that the run scripts already use depot packages which our nightly build does not support currently.
Regarding your original question: Yes, with least privilege in mind the default setting of "writeable" is false, which can be lifted by specifying writeable="true" in the policy node (as you already did).
Thanks for reporting, I already crafted a patch for repos/libports/run/libc_vfs_filesystem_test.inc in
https://github.com/genodelabs/genode/commit/8afb9f8
Regards