Skip to content

Commit

Permalink
feat(internal): Pass 10 CSPRNG random bytes
Browse files Browse the repository at this point in the history
Depends-on: unikraft/unikraft#1496

Signed-off-by: Cezar Craciunoiu <[email protected]>
  • Loading branch information
craciunoiuc committed Sep 23, 2024
1 parent 7c2fcb6 commit e92dc44
Show file tree
Hide file tree
Showing 3 changed files with 32 additions and 0 deletions.
11 changes: 11 additions & 0 deletions internal/cli/kraft/run/runner_kraftfile_runtime.go
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ import (
"kraftkit.sh/tui/selection"
"kraftkit.sh/unikraft/app"
ukarch "kraftkit.sh/unikraft/arch"
"kraftkit.sh/unikraft/export/v0/ukrandom"
"kraftkit.sh/unikraft/target"
)

Expand Down Expand Up @@ -358,6 +359,16 @@ func (runner *runnerKraftfileRuntime) Prepare(ctx context.Context, opts *RunOpti
machine.Spec.ApplicationArgs = runtime.Command()
}

var kernelArgs []string
if !runtime.KConfig().AllNoOrUnset(
"CONFIG_LIBUKRANDOM",
"CONFIG_LIBUKRANDOM_CMDLINE_INIT",
) {
kernelArgs = append(kernelArgs, ukrandom.ParamRandomBytes.WithValue(ukrandom.NewRandomBytes()).String())
}

machine.Spec.KernelArgs = kernelArgs

// If automounting is enabled, and an initramfs is provided, set it as a
// volume if a initram has been provided.
if runtime.KConfig().AnyYes(
Expand Down
10 changes: 10 additions & 0 deletions internal/cli/kraft/run/runner_kraftfile_unikraft.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ import (
volumeapi "kraftkit.sh/api/volume/v1alpha1"
"kraftkit.sh/config"
"kraftkit.sh/unikraft/app"
"kraftkit.sh/unikraft/export/v0/ukrandom"
"kraftkit.sh/unikraft/target"
)

Expand Down Expand Up @@ -151,6 +152,11 @@ func (runner *runnerKraftfileUnikraft) Prepare(ctx context.Context, opts *RunOpt
"CONFIG_LIBVFSCORE_AUTOMOUNT_CI_EINITRD",
)

noRandom := t.KConfig().AllNoOrUnset(
"CONFIG_LIBUKRANDOM",
"CONFIG_LIBUKRANDOM_CMDLINE_INIT",
)

if runner.project.Rootfs() != "" && opts.Rootfs == "" && noEmbedded {
opts.Rootfs = runner.project.Rootfs()
}
Expand Down Expand Up @@ -184,6 +190,10 @@ func (runner *runnerKraftfileUnikraft) Prepare(ctx context.Context, opts *RunOpt
appArgs = append(appArgs, arg)
}

if !noRandom {
kernelArgs = append(kernelArgs, ukrandom.ParamRandomBytes.WithValue(ukrandom.NewRandomBytes()).String())
}

machine.Spec.KernelArgs = kernelArgs
machine.Spec.ApplicationArgs = appArgs

Expand Down
11 changes: 11 additions & 0 deletions internal/cli/kraft/run/runner_package.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ import (
"kraftkit.sh/tui/processtree"
"kraftkit.sh/tui/selection"
"kraftkit.sh/unikraft"
"kraftkit.sh/unikraft/export/v0/ukrandom"
"kraftkit.sh/unikraft/target"

ocispec "github.com/opencontainers/image-spec/specs-go/v1"
Expand Down Expand Up @@ -338,6 +339,16 @@ func (runner *runnerPackage) Prepare(ctx context.Context, opts *RunOptions, mach
})
}

var kernelArgs []string
if !targ.KConfig().AllNoOrUnset(
"CONFIG_LIBUKRANDOM",
"CONFIG_LIBUKRANDOM_CMDLINE_INIT",
) {
kernelArgs = append(kernelArgs, ukrandom.ParamRandomBytes.WithValue(ukrandom.NewRandomBytes()).String())
}

machine.Spec.KernelArgs = kernelArgs

switch v := selected.Metadata().(type) {
case *ocispec.Image:
if machine.Spec.Env == nil {
Expand Down

0 comments on commit e92dc44

Please sign in to comment.