Service denied when server is updated
Stefan Thöni
stefan.thoeni at gapfruit.com
Mon Jul 9 10:57:37 CEST 2018
Hi Norman
> I guess that you hit a corner case not properly handled so far. Can you
> confirm that my understanding of the situation is correct? You already
> had a server running. Now you changed the pkg version but keep the
> server's name the same. This triggers the download of the new pkg. While
> downloading, you start a client. Unexpectedly, the client starts before
> the server's new pkg is ready. It could very well be that such an
> on-the-fly version update is the problem. To investigate, I would very
> much appreciate a simple sequence of steps (preferably using the RAM fs)
> to reproduce the behavior.
Sequence of steps to reproduce:
a) build a pkg/report_rom [1]
b) build a pkg/ram_fs_report with ram_fs and fs_report [2]
c) create a deploy config A with pkg/report_rom and any app [3] the
keeps a report connection open [4]
d) modify deploy config A to deploy config B using pkg/ram_fs_report
instead of pkg/report_rom [5]
e) make sure pkg/report_rom and the used app but _not_ pkg/ram_fs_report
are downloaded and extracted
f) start deploy config A by copying to /config/deploy
g) start deploy config B by copying to /config/deploy
h) observe the Service_denied exception
I hope, this makes my scenario sufficiently reproducible.
Regards
Stefan
[1] pkg/report_rom runtime:
<runtime ram="4M" caps="100" binary="report_rom">
<provides><report/><rom/></provides>
<config/>
<content>
<rom label="ld.lib.so"/>
<rom label="report_rom"/>
</content>
</runtime>
[2] pkg/ram_fs_report runtime:
<runtime ram="32M" caps="1000" binary="init">
<provides><report/><rom/></provides>
<content>
<rom label="ld.lib.so"/>
<rom label="ram_fs"/>
<rom label="fs_report"/>
<rom label="fs_rom"/>
<rom label="vfs.lib.so"/>
</content>
<config>
<parent-provides>
<service name="CPU"/>
<service name="LOG"/>
<service name="PD"/>
<service name="ROM"/>
</parent-provides>
<default-route><any-service>
<parent/><any-child/>
</any-service></default-route>
<default caps="100"/>
<service name="ROM"><default-policy>
<child name="fs_rom"/>
</default-policy></service>
<service name="Report"><default-policy>
<child name="fs_report"/>
</default-policy></service>
<start name="ram_fs">
<resource name="RAM" quantum="4M"/>
<provides>
<service name="File_system"/>
</provides>
<config>
<content>
</content>
<policy label_prefix="fs_report -> " root="/" writeable="yes"/>
<policy label_prefix="fs_rom -> " root="/" writeable="no"/>
</config>
</start>
<start name="fs_report">
<resource name="RAM" quantum="4M"/>
<provides> <service name="Report"/> </provides>
<config> <vfs> <fs/> </vfs> </config>
</start>
<start name="fs_rom">
<resource name="RAM" quantum="4M"/>
<provides> <service name="ROM"/> </provides>
<config/>
</start>
</config>
</runtime>
[3] pgk/report_connection runtime:
<runtime ram="4M" caps="100" binary="report_connection">
<requires><report/><timer/></requires>
<config/>
<content>
<rom label="ld.lib.so"/>
<rom label="report_connection"/>
</content>
</runtime>
[4] deploy config A
<config arch="x86_64">
<common_routes>
<service name="ROM" label_last="ld.lib.so"> <parent/> </service>
<service name="ROM" label_last="init"> <parent/> </service>
<service name="CPU"> <parent/> </service>
<service name="PD"> <parent/> </service>
<service name="LOG"> <parent/> </service>
<service name="Timer"> <parent/> </service>
</common_routes>
<start name="temp_report" pkg="throwException/pkg/report_rom/2018-07-06">
<config verbose="yes">
<policy label="brightness" report="brightness"/>
</config>
</start>
<start name="test"
pkg="throwException/pkg/report_connection/2018-07-06-l">
<route>
<service name="Report">
<child name="temp_report"/>
</service>
</route>
<config>
<vfs> <fs/> </vfs>
</config>
</start>
</config>
[5] deploy config B
<config arch="x86_64">
<common_routes>
<service name="ROM" label_last="ld.lib.so"> <parent/> </service>
<service name="ROM" label_last="init"> <parent/> </service>
<service name="CPU"> <parent/> </service>
<service name="PD"> <parent/> </service>
<service name="LOG"> <parent/> </service>
<service name="Timer"> <parent/> </service>
</common_routes>
<start name="new_report"
pkg="throwException/pkg/fs_report_server/2018-07-06-a">
</start>
<start name="test"
pkg="throwException/pkg/report_connection/2018-07-06-l">
<route>
<service name="Report">
<child name="new_report"/>
</service>
</route>
<config>
<vfs> <fs/> </vfs>
</config>
</start>
</config>
--
Freundliche Grüsse
Stefan Thöni
Senior Security Architect
+41 79 610 64 95
gapfruit AG
Baarerstrasse 135
6300 Zug
https://gapfruit.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x05D66A288F9939FF.asc
Type: application/pgp-keys
Size: 14132 bytes
Desc: not available
URL: <http://lists.genode.org/pipermail/users/attachments/20180709/777d0c57/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.genode.org/pipermail/users/attachments/20180709/777d0c57/attachment.sig>
More information about the users
mailing list