#!/bin/bash

echo_blue() {
  echo -e "\033[34m$1\033[0m"
}

echo_red() {
  echo -e "\033[0;31m$1\033[0m"
}

load_modules() {
  cat /load_modules.sh | bash
}

create_mounts() {
    mount -t proc proc /proc -o nosuid,noexec,nodev
    mount -t sysfs sys /sys -o nosuid,noexec,nodev
    mount -t devtmpfs dev /dev -o mode=0755,nosuid
    mount -t tmpfs run /run -o nosuid,nodev,mode=0755
    mkdir -m755 /run/initramfs

    if [ -e /sys/firmware/efi ]; then
        mount -t efivarfs efivarfs /sys/firmware/efi/efivars -o nosuid,nodev,noexec
    fi

    # Setup /dev symlinks
    if [ -e /proc/kcore ]; then
        ln -sfT /proc/kcore /dev/core
    fi
    ln -sfT /proc/self/fd /dev/fd
    ln -sfT /proc/self/fd/0 /dev/stdin
    ln -sfT /proc/self/fd/1 /dev/stdout
    ln -sfT /proc/self/fd/2 /dev/stderr
}

create_certs() {
  cert_dir="/tmp/certs"
  key="$cert_dir/guest_api.key"
  cert="$cert_dir/guest_api.crt"
  subject="/C=W3/O=DeTEE/OU=COCO/CN=guest-api"
  mkdir -p "$cert_dir"
  openssl genpkey -algorithm RSA -out "$key" \
    -pkeyopt rsa_keygen_bits:4096 2>/dev/null
  openssl req -x509 -new \
    -key "$key" -out "$cert" \
    -days 365 -subj "$subject" 2>/dev/null
}

# expects kernel param in this format: detee_net=192.168.122.140_24_192.168.122.1_1.1.1.1
setup_network() {
  local settings='' ip_addr='' mask='' cidr='' gateway='' nameserver=''
  settings=$(cat /proc/cmdline | grep -oE 'detee_net=[0-9a-z\_\:\.]+' | cut -d '=' -f2)
  # TODO: replace with exit 0 when you are ready to force a kernel panic
  [[ -z "$settings" ]] && return 0
  settings="${settings#detee_net=}"
  ip_addr="$( echo ${settings} | cut -d'_' -f1 )"
  mask="$( echo ${settings} | cut -d'_' -f2 )"
  cidr="${ip_addr}/${mask}"
  gateway="$( echo ${settings} | cut -d'_' -f4 )"
  nameserver="$( echo ${settings} | cut -d'_' -f5 )"

  ip addr add $cidr dev eth0
  ip link set eth0 up
  ip route add default via $gateway
  echo nameserver $nameserver > /etc/resolv.conf
}

mount_root() {
  mkdir /mnt
  mount /dev/vda3 /mnt
}