base: use 'Ram_quota' in 'Ram_session' args

This patch replaces the former use of size_t with the use of the
'Ram_quota' type to improve type safety (in particular to avoid
accidentally mixing up RAM quotas with cap quotas).

Issue #2398

repos/base/src/lib/base/child.cc

@@ -37,7 +37,7 @@ namespace {
 		class Transfer {
 
 			bool                   _ack;
-			size_t                 _quantum;
+			Ram_quota              _quantum;
 			Ram_session_capability _from;
 			Ram_session_capability _to;
 
@@ -54,7 +54,7 @@ namespace {
 				 *
 				 * \throw Quota_exceeded
 				 */
-				Transfer(size_t quantum,
+				Transfer(Ram_quota quantum,
 				         Ram_session_capability from,
 				         Ram_session_capability to)
 				: _ack(false), _quantum(quantum), _from(from), _to(to)
@@ -240,28 +240,27 @@ Session_capability Child::session(Parent::Client::Id id,
 	/* filter session affinity */
 	Affinity const filtered_affinity = _policy.filter_session_affinity(affinity);
 
-	size_t const ram_quota = Arg_string::find_arg(argbuf, "ram_quota").ulong_value(0);
+	Ram_quota const ram_quota = ram_quota_from_args(argbuf);
 
 	/* portion of quota to keep for ourself to maintain the session meta data */
 	size_t const keep_ram_quota = _session_factory.session_costs();
 
-	if (ram_quota < keep_ram_quota)
+	if (ram_quota.value < keep_ram_quota)
 		throw Parent::Quota_exceeded();
 
 	/* ram quota to be forwarded to the server */
-	size_t const forward_ram_quota = ram_quota - keep_ram_quota;
+	Ram_quota const forward_ram_quota { ram_quota.value - keep_ram_quota };
 
 	/* adjust the session information as presented to the server */
-	Arg_string::set_arg(argbuf, sizeof(argbuf), "ram_quota",
-	                    forward_ram_quota);
+	Arg_string::set_arg(argbuf, sizeof(argbuf), "ram_quota", forward_ram_quota.value);
 
 	/* may throw a 'Parent::Service_denied' exception */
 	Child_policy::Route route = _resolve_session_request(_policy, name.string(), argbuf);
 	Service &service = route.service;
 
 	Session_state &session =
-		create_session(_policy.name(), service, route.label, _session_factory,
-		               _id_space, id, argbuf, filtered_affinity);
+		create_session(_policy.name(), service, route.label,
+		               _session_factory, _id_space, id, argbuf, filtered_affinity);
 
 	_policy.session_state_changed();
 
@@ -380,8 +379,8 @@ Parent::Upgrade_result Child::upgrade(Client::Id id, Parent::Upgrade_args const
 			return;
 		}
 
-		size_t const ram_quota =
-			Arg_string::find_arg(args.string(), "ram_quota").ulong_value(0);
+		Ram_quota const ram_quota {
+			Arg_string::find_arg(args.string(), "ram_quota").ulong_value(0) };
 
 		try {
 			/* transfer quota from client to ourself */
@@ -431,8 +430,8 @@ void Child::_revert_quota_and_destroy(Session_state &session)
 		 * quota that we preserved for locally storing the session meta data
 		 * ('session_costs').
 		 */
-		Transfer donation_to_client(session.donated_ram_quota() +
-		                            _session_factory.session_costs(),
+		Transfer donation_to_client(Ram_quota{session.donated_ram_quota().value +
+		                                      _session_factory.session_costs()},
 		                            _policy.ref_ram_cap(), ram_session_cap());
 		/* finish transaction */
 		donation_from_service.acknowledge();

repos/base/src/lib/base/component.cc

@@ -133,23 +133,24 @@ namespace {
 			/* extract session quota as specified by the 'Connection' */
 			char argbuf[Parent::Session_args::MAX_SIZE];
 			strncpy(argbuf, args.string(), sizeof(argbuf));
-			size_t ram_quota = Arg_string::find_arg(argbuf, "ram_quota").ulong_value(0);
+			Ram_quota ram_quota = ram_quota_from_args(argbuf);
 
-			return retry<Parent::Quota_exceeded>([&] () {
+			return retry<Parent::Quota_exceeded>(
+				[&] () {
 
-				Arg_string::set_arg(argbuf, sizeof(argbuf), "ram_quota",
-				                    String<32>(Number_of_bytes(ram_quota)).string());
+					Arg_string::set_arg(argbuf, sizeof(argbuf), "ram_quota",
+					                    String<32>(ram_quota).string());
 
-				Session_capability cap =
-					_parent.session(id, name, Parent::Session_args(argbuf), affinity);
+					Session_capability cap =
+						_parent.session(id, name, Parent::Session_args(argbuf), affinity);
 
-				if (cap.valid())
-					return cap;
+					if (cap.valid())
+						return cap;
 
-				_block_for_session();
-				return _parent.session_cap(id);
-			},
-			[&] () {
+					_block_for_session();
+					return _parent.session_cap(id);
+				},
+				[&] () {
 					/*
 					 * If our RAM session has less quota available than the
 					 * session quota, the session-quota transfer failed. In
@@ -159,18 +160,14 @@ namespace {
 					 * Otherwise, the session-quota transfer succeeded but
 					 * the request was denied by the server.
 					 */
-					if (ram_quota > ram().avail()) {
-
-						/* issue resource request */
-						char buf[128];
-						snprintf(buf, sizeof(buf), "ram_quota=%lu", ram_quota);
-
-						_parent.resource_request(Parent::Resource_args(buf));
+					if (ram_quota.value > ram().avail_ram().value) {
+						Parent::Resource_args args(String<64>("ram_quota=", ram_quota));
+						_parent.resource_request(args);
 					} else {
-						ram_quota += 4096;
+						ram_quota = Ram_quota { ram_quota.value + 4096 };
 					}
-
-			}, NUM_ATTEMPTS);
+				},
+				NUM_ATTEMPTS);
 
 			warning("giving up to increase session quota for ", name.string(), " session "
 			        "after ", (int)NUM_ATTEMPTS, " attempts");

repos/base/src/lib/base/root_proxy.cc

@@ -195,13 +195,11 @@ void Root_proxy::_handle_session_request(Xml_node request)
 
 		_id_space.apply<Session>(id, [&] (Session &session) {
 
-			size_t ram_quota = request.attribute_value("ram_quota", 0UL);
+			Ram_quota const ram_quota { request.attribute_value("ram_quota", 0UL) };
 
-			char buf[64];
-			snprintf(buf, sizeof(buf), "ram_quota=%ld", ram_quota);
+			String<80> const args("ram_quota=", ram_quota);
 
-			// XXX handle Root::Invalid_args
-			Root_client(session.service.root).upgrade(session.cap, buf);
+			Root_client(session.service.root).upgrade(session.cap, args.string());
 
 			_env.parent().session_response(id, Parent::SESSION_OK);
 		});

repos/base/src/lib/base/session_state.cc

@@ -76,7 +76,7 @@ void Session_state::generate_session_request(Xml_generator &xml) const
 
 		xml.node("upgrade", [&] () {
 			xml.attribute("id", id_at_server->id().value);
-			xml.attribute("ram_quota", ram_upgrade);
+			xml.attribute("ram_quota", ram_upgrade.value);
 		});
 		break;
 
@@ -101,7 +101,7 @@ void Session_state::generate_client_side_info(Xml_generator &xml, Detail detail)
 	xml.attribute("service", _service.name());
 	xml.attribute("label", _label);
 	xml.attribute("state", String<32>(Formatted_phase(phase)));
-	xml.attribute("ram", String<32>(Number_of_bytes(_donated_ram_quota)));
+	xml.attribute("ram", String<32>(_donated_ram_quota));
 
 	if (detail.args == Detail::ARGS)
 		xml.node("args", [&] () { xml.append_sanitized(_args.string()); });
@@ -160,7 +160,7 @@ Session_state::Session_state(Service                  &service,
                              Affinity           const &affinity)
 :
 	_service(service),
-	_donated_ram_quota(Arg_string::find_arg(args.string(), "ram_quota").ulong_value(0)),
+	_donated_ram_quota(ram_quota_from_args(args.string())),
 	_id_at_client(*this, client_id_space, client_id),
 	_label(label), _args(args), _affinity(affinity)
 { }