Module kernel::process_checker::basic
source · Expand description
Sample implementations of application credentials checkers, used to decide whether an application can be loaded. See
Structs§
- A sample Credentials Checking Policy that loads and runs Userspace Binaries that have RSA3072 or RSA4096 credentials. It uses the public key stored in the credentials as the Application Identifier, and the bottom 31 bits of the public key as the ShortId. WARNING: this policy does not actually check the RSA signature: it always blindly assumes it is correct. This checker exists to test that the Tock boot sequence correctly handles ID collisions and version numbers.
- A Credentials Checking Policy that only runs Userspace Binaries which have a unique SHA256 credential. A Userspace Binary without a SHA256 credential fails checking, and only one Userspace Binary with a particular SHA256 hash runs at any time.
- A sample Credentials Checking Policy that loads and runs Userspace Binaries with unique process names; if it encounters a Userspace Binary with the same process name as an existing one it fails the uniqueness check and is not run.
- A sample AppID Assignment tool that assigns pseudo-unique AppIDs and ShortIds based on the process name.