1. fix ancient bug in message_reader

2. gpu kill
YongBinnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn · Dec 16, 2023 · bd97b31 · bd97b31
1 parent e1604d5
commit bd97b31
Show file tree

Hide file tree

Showing 7 changed files with 65 additions and 21 deletions.
diff --git a/init_pi.sh b/init_pi.sh
@@ -20,10 +20,12 @@ exit
 sudo sed -i "s/dtoverlay=vc4-kms-v3d/dtoverlay=vc4-fkms-v3d/g" /boot/firmware/config.txt
 sudo sed -i "s/.*udp dport {6.*//g" /etc/NetworkManager/dispatcher.d/02-hood-dispatcher
 
-sudo tee /etc/modprobe.d/bin-y-blacklist.conf <<EOF
-blacklist bluetooth
+if ! grep -q framebuffer_width /boot/firmware/config.txt; then
+  sudo tee -a /boot/firmware/config.txt <<EOF
+#framebuffer_width=1920
+#framebuffer_height=1080
 EOF
-
+fi
 #apt-key export 7FA3303E| gpg --dearmor|sudo tee /etc/apt/trusted.gpg.d/raspberrypi-raspbian.gpg|sha256sum |grep e3669c0d6e5a887c668b6c27a57ce47272aeb77373937ffb9939d020c5c16137
 #apt-key export 9165938D90FDDD2E| gpg --dearmor|sudo tee /etc/apt/trusted.gpg.d/raspberrypi-raspbian.gpg|sha256sum |grep e3669c0d6e5a887c668b6c27a57ce47272aeb77373937ffb9939d020c5c16137
 #sudo sed -i "s|deb \[ arch=armhf \]|deb \[ arch=armhf signed-by=/etc/apt/trusted.gpg.d/raspberrypi-raspbian.gpg \]|g" /etc/apt/sources.list

diff --git a/proxy/CMakeLists.txt b/proxy/CMakeLists.txt
@@ -34,7 +34,7 @@ add_executable(hood_proxy
 if(MSVC)
   target_compile_options(hood_proxy PRIVATE /W4 /WX)
 else()
-  target_compile_options(hood_proxy PRIVATE -Wall -Wextra -Werror)
+  target_compile_options(hood_proxy PRIVATE -Wall -Wextra -Werror -fstack-protector)
 endif()
 
 target_link_libraries( hood_proxy ${Boost_LIBRARIES} pthread ssl crypto )
diff --git a/proxy/src/message_reader.hpp b/proxy/src/message_reader.hpp
@@ -3,20 +3,37 @@
 #include <boost/asio.hpp>
 #include <boost/asio/ssl.hpp>
 #include <boost/endian/conversion.hpp>
+#include <cassert>
 #include <string>
+#include <type_traits>
 #include <vector>
 
 #include "logging.hpp"
 
 namespace hood_proxy {
 
+template <typename T>
+static constexpr size_t MaxValueOfType(size_t current = 256, size_t iteration = sizeof(T)) {
+  static_assert(std::is_integral_v<T>);
+  if (iteration == 1) {    
+    if (std::is_signed_v<T>) {
+      return current / 2 - 1;
+    }
+    return current -1;
+  }
+  return MaxValueOfType<T>(current * 256, iteration - 1);
+}
+static_assert(MaxValueOfType<int16_t>() == 32767);
+static_assert(MaxValueOfType<uint16_t>() == 65535);
+
 template <typename RawMessageType>
 class MessageReader {
  public:
   enum class Reason {
     NEW_MESSAGE,
     IO_ERROR,
     MANUALLY_STOPPED,
+    CONNECTION_CLOSED,
   };
 
   enum class NextStep {
@@ -66,7 +83,7 @@ class MessageReader {
   enum class Status { STOP, RUNNING } status_ = Status::STOP;
   size_t data_offset_ = 0;
   size_t data_size_ = 0;
-  uint16_t tcp_message_size_ = 0;
+  size_t tcp_message_size_ = 0;
   boost::asio::ip::udp::endpoint udp_endpoint_;
 
   std::vector<uint8_t> buffer_;
@@ -80,7 +97,7 @@ class MessageReader {
       return;
     }
     if (!stream_pointer->lowest_layer().is_open()) {
-      handler(Reason::MANUALLY_STOPPED, nullptr, 0);
+      handler(Reason::CONNECTION_CLOSED, nullptr, 0);
       status_ = Status::STOP;
       LOG_TRACE("connection closed");
       return;
@@ -119,10 +136,12 @@ class MessageReader {
       data_offset_ = 0;
     }
     auto available_size = buffer_.size() - data_offset_ - data_size_;
-    auto read_size = tcp_message_size_ - data_size_;
-    if (!read_size) {
-      read_size = sizeof(RawMessageType);
+    size_t read_size = sizeof(RawMessageType);;
+
+    if (tcp_message_size_) {
+      read_size = tcp_message_size_ - data_size_;
     }
+    assert(read_size < MaxValueOfType<decltype(RawMessageType::message_length)>());
     if (available_size < read_size) {
       if (data_offset_ + available_size > read_size) {
         memmove(buffer_.data(), buffer_.data() + data_offset_, data_size_);

diff --git a/proxy/src/tls_context.cpp b/proxy/src/tls_context.cpp
@@ -58,10 +58,8 @@ Context::TlsMessageReader::NextStep Context::HandleUserMessage(
     TlsMessageReader::Reason reason, const uint8_t* data, uint16_t data_size) {
   auto next_step = TlsMessageReader::NextStep::Read;
   if (reason != TlsMessageReader::Reason::NEW_MESSAGE) {
-    LOG_TRACE("ignore reason:" << static_cast<int>(reason));
-    if (reason == TlsMessageReader::Reason::IO_ERROR) {
-      Stop();
-    }
+    LOG_TRACE("Error reason:" << static_cast<int>(reason));
+    Stop();
     return next_step;
   }
   if (!data || !data_size) {
@@ -296,7 +294,8 @@ void Context::DoWrite() {
                   socket](error_code error, size_t) {
     if (error) {
       LOG_ERROR(<< error.message());
-      LOG_ERROR(<< error.message());
+      Stop();
+      return;
     }
     writing_ = false;
     DoWrite();
@@ -306,7 +305,7 @@ void Context::DoWrite() {
 }
 
 Context::~Context() {
-  message_reader_.Stop();
+  Stop();
   active_instance_counter_--;
 }
 

diff --git a/scripts/hood_proxy_arm64 b/scripts/hood_proxy_arm64
diff --git a/scripts/install.sh b/scripts/install.sh
@@ -13,6 +13,7 @@ fi
 
 harden_only=0
 rfkill=1
+gpukill=1
 target_instrument_set="arm64"
 usb_tether=1
 
@@ -22,6 +23,7 @@ for arg in "$@"; do
     no_usb_tether) usb_tether=0;;
     harden_only) harden_only=1;;
     no_rfkill) rfkill=0;;
+    no_gpukll) gpukill=0;;
     prefix=*) prefix=$(echo $arg|sed "s/.*=//g");;
   esac
 done
@@ -128,6 +130,25 @@ EOF
   find $prefix/usr/lib/modules/ -name bluetooth |xargs -I {} find {} -type f|xargs sudo rm
 fi
 
+if [ $gpukill -eq 1 ]; then
+  if grep -q kms-v3d $prefix/boot/firmware/config.txt; then
+    sudosedi "s/dtoverlay=vc4-f?kms-v3d//g" $prefix/boot/firmware/config.txt
+  fi
+  if test -f $prefix/etc/systemd/system/display-manager.service; then
+    sudo rm $prefix/etc/systemd/system/display-manager.service
+    echo "GPU is disabled."
+    echo "Default lightdm stopped working."
+    echo "Please use startx command instead."
+    echo "You may also need config.txt to set the resolution of HDMI."
+    echo "Example:"
+    echo "framebuffer_width=1920"
+    echo "framebuffer_height=1080"
+  fi
+  sudo tee $prefix/etc/modprobe.d/bin-y-rfkill-blacklist.conf > /dev/null <<EOF
+blacklist v3d
+EOF
+fi
+
 sudocpcontent ./rc.local $prefix/etc/
 sudocpcontent ./hosts $prefix/etc/
 sudocpcontent ./sysctl.conf $prefix/etc/
@@ -163,6 +184,8 @@ fi
 
 sudo chmod -x  $prefix/etc/*.conf
 sudocpcontent ./dhclient.conf $prefix/etc/dhcp/
+# This will also diable the hooks of dhclient
+echo "deny /{,usr/}bin/bash mr," | sudo tee $prefix/etc/apparmor.d/local/sbin.dhclient > /dev/null
 sudocpcontent ./dnsmasq.conf $prefix/etc/NetworkManager/dnsmasq.d/dnsmasq.conf
 sudo chmod -x  $prefix/etc/NetworkManager/dnsmasq.d/dnsmasq.conf
 sudo ln -s /etc/NetworkManager/dnsmasq.d/dnsmasq.conf $prefix/etc/NetworkManager/dnsmasq-shared.d/dnsmasq.conf
@@ -202,14 +225,15 @@ sudo ln -sf /lib/systemd/system/NetworkManager.service $prefix/etc/systemd/syste
 sudo ln -sf /lib/systemd/system/NetworkManager-wait-online.service $prefix/etc/systemd/system/network-online.target.wants/NetworkManager-wait-online.service
 sudo ln -sf /lib/systemd/system/NetworkManager-dispatcher.service $prefix/etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service
 
-if test -f $prefix/etc/systemd/system/dbus-org.freedesktop.timesync1.service; then
+if test -f $prefix/etc/systemd/system/sysinit.target.wants/systemd-timesyncd.service; then
   sudo rm $prefix/etc/systemd/system/multi-user.target.wants/avahi-daemon.service
   sudo rm $prefix/etc/systemd/system/multi-user.target.wants/cups.path
   sudo rm $prefix/etc/systemd/system/multi-user.target.wants/cups.service
   sudo rm $prefix/etc/systemd/system/multi-user.target.wants/cups-browsed.service
   sudo rm $prefix/etc/systemd/system/multi-user.target.wants/dhcpcd.service
   sudo rm $prefix/etc/systemd/system/dbus-org.freedesktop.Avahi.service
   sudo rm $prefix/etc/systemd/system/dbus-org.freedesktop.timesync1.service
+  sudo rm $prefix/etc/systemd/system/sysinit.target.wants/systemd-timesyncd.service
 fi
 
 sudo cp 02-hood-dispatcher $prefix/etc/NetworkManager/dispatcher.d/

diff --git a/scripts/mntinstall.sh b/scripts/mntinstall.sh
@@ -3,16 +3,16 @@ mkdir -p /tmp/hood-install/mnt
 machine=$(uname -s)
 
 if [ $machine = "FreeBSD" ]; then
-  sudo lklfuse -o allow_other,type=ext4 /dev/da1s2 /tmp/hood-install/mnt
+  sudo lklfuse -o allow_other,type=ext4 /dev/${1}s2 /tmp/hood-install/mnt
   sudo mkdir -p /tmp/hood-install/mnt/boot/firmware
-  sudo mount -t msdos /dev/da1s1 /tmp/hood-install/mnt/boot/firmware
+  sudo mount -t msdos /dev/${1}s1 /tmp/hood-install/mnt/boot/firmware
 elif [ $machine = "Linux" ]; then
-  sudo mount /dev/sdb2 /tmp/hood-install/mnt
+  sudo mount /dev/${1}2 /tmp/hood-install/mnt
   sudo mkdir -p /tmp/hood-install/mnt/boot/firmware
-  sudo mount /dev/sdb1 /tmp/hood-install/mnt/boot/firmware
+  sudo mount /dev/${1}1 /tmp/hood-install/mnt/boot/firmware
 fi
 
 
-./install.sh "$@" prefix=/tmp/hood-install/mnt/
+./install.sh "$@:2" prefix=/tmp/hood-install/mnt/
 sudo umount /tmp/hood-install/mnt/boot/firmware
 sudo umount /tmp/hood-install/mnt