On Sun, Oct 18, 2020 at 11:45:41AM -0700, acsjakub@xxxxxxxxx wrote: > Dear AGL Community, Hi, > > My name is Jakub and I plan to create a intentionally vulnerable > infotainment system for demonstration purposes as my master's thesis. > I will be using Raspberry Pi4 as hardware. Let me first point out that > the vulnerabilities I plan to create and showcase will not be > AGL-specific. My plan is to take a stable AGL version, develop/modify To some extent they will be AGL-specific. We make use a framework [1] that handles application privileges and we use a LSM module [2] to handle security at a global level. > a couple of applications to make them vulnerable to the most common > automotive security threats. These applications should be graphical, > since the main purpose is demonstration. Why? There are multiple parts in (infotainment) system, you can leverage one against the other and escalate, or rather chain-load various exploits -- which I believe is common/necessary to bypass mitigations. If the purpose is to focus on the graphics system/sub-system, you need to be aware that as opposed to X11, on wayland clients can not gain access to other client's buffers. Also the demo platform/apps is a bit more lax/permissive on purpose to allow easier development to happen, or provide some functionality commonly found on other systems (for instance, screenshooting, or the allow-all policy in the compositor). > > I have spent past two weeks trying to get familiar with AGL and > associated technologies, deployed a demo image to RPi4, installed > standalone SDK and built a helloworld .wgt, which I failed to run so > far. However, I am struggling to find any documentation on how to > write, build and deploy graphical applications for AGL, how to make > them work with the homescreen and so on. There's a big chance I am Have you've taken a look some of the demo apps? Like mediaplayer/hvac/dashboard/alexa-viewer? Some of these to not need any additional 'graphical' interaction aside from what the toolkit (Qt) provides. I mean, there's nothing special needed to be done. Yes, there are cases where that might not be the case and you still some additional support. Would suggest going over [3], if you would like to find out more about that. Deployment varies depending on you build, but it is going to be something related to transferring your widget over the target board using some kind of a networking tool (scp/nfs/ndb). Also, have you taken a look at [4]? Some of that information might be obsolete at this point, but nevertheless the workflow is the same. I personally haven't used the SDK to create/builds application, rather I use yocto/OE directly and scp to transfer it (the widget). I'm not really sure, I guess the SDK should provide at least build tools (cmake/qmake/meson) support. Maybe someone else can chime in if they have more info on that matter. For system-type applications my impression is that is always better to use yocto/OE, rather than deploying packages, but that doesn't mean you can script your way through. > missing something fundamental, so in my first ask for help, I'd like > to ask you if you could point me out on the resources that I just > described I am after. [1] https://docs.automotivelinux.org/docs/en/master/devguides/reference/iotbzh2016/03-AGL-AppFW-Privileges-Management.pdf [2] https://en.wikipedia.org/wiki/Smack_(software) [3] https://gerrit.automotivelinux.org/gerrit/gitweb?p=src/agl-compositor.git;a=blob_plain;f=doc/README.md;hb=HEAD [4] https://docs.automotivelinux.org/docs/en/master/getting_started/reference/getting-started/app-workflow-intro.html > > Any help is greatly appreciated, > > Kind Regards, > Jakub Acs > > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#8730): https://lists.automotivelinux.org/g/agl-dev-community/message/8730 Mute This Topic: https://lists.automotivelinux.org/mt/77642303/2167316 Mute #automotive:https://lists.automotivelinux.org/g/agl-dev-community/mutehashtag/automotive Mute #help:https://lists.automotivelinux.org/g/agl-dev-community/mutehashtag/help Group Owner: agl-dev-community+owner@xxxxxxxxxxxxxxxxxxxxxxxxx Unsubscribe: https://lists.automotivelinux.org/g/agl-dev-community/leave/4543822/883735764/xyzzy [list-automotive-discussions82@xxxxxxxxxxx] -=-=-=-=-=-=-=-=-=-=-=-
Attachment:
signature.asc
Description: PGP signature
