diff --git a/repos/base-foc/include/foc/thread_state.h b/repos/base-foc/include/foc/thread_state.h index 19d25d1723..b1b7a7be25 100644 --- a/repos/base-foc/include/foc/thread_state.h +++ b/repos/base-foc/include/foc/thread_state.h @@ -26,7 +26,7 @@ namespace Genode { struct Foc_thread_state; } struct Genode::Foc_thread_state : Thread_state { Foc::l4_cap_idx_t kcap { Foc::L4_INVALID_CAP }; /* thread's gate cap in its PD */ - uint16_t id { }; /* ID of gate capability */ + uint32_t id { }; /* ID of gate capability */ addr_t utcb { }; /* thread's UTCB in its PD */ }; diff --git a/repos/base-foc/src/core/include/cap_id_alloc.h b/repos/base-foc/src/core/include/cap_id_alloc.h index 39c34ca571..6cbeaed546 100644 --- a/repos/base-foc/src/core/include/cap_id_alloc.h +++ b/repos/base-foc/src/core/include/cap_id_alloc.h @@ -30,17 +30,15 @@ class Core::Cap_id_allocator { public: - using id_t = uint16_t; - - enum { ID_MASK = 0xffff }; + using id_t = unsigned; private: enum { - CAP_ID_RANGE = ~0UL, - CAP_ID_MASK = ~3UL, - CAP_ID_NUM_MAX = CAP_ID_MASK >> 2, - CAP_ID_OFFSET = 1 << 2 + CAP_ID_OFFSET = 1 << 2, + CAP_ID_MASK = CAP_ID_OFFSET - 1, + CAP_ID_RANGE = 1u << 28, + ID_MASK = CAP_ID_RANGE - 1, }; Synced_range_allocator _id_alloc; diff --git a/repos/base-foc/src/core/platform_thread.cc b/repos/base-foc/src/core/platform_thread.cc index b06d35bdb5..378f232671 100644 --- a/repos/base-foc/src/core/platform_thread.cc +++ b/repos/base-foc/src/core/platform_thread.cc @@ -209,7 +209,7 @@ Foc_thread_state Platform_thread::state() s = _pager_obj->state.state; s.kcap = _gate.remote; - s.id = (uint16_t)_gate.local.local_name(); + s.id = Cap_index::id_t(_gate.local.local_name()); s.utcb = _utcb; return s; diff --git a/repos/base-foc/src/core/rpc_cap_factory.cc b/repos/base-foc/src/core/rpc_cap_factory.cc index 851ef114ef..caf7a226a9 100644 --- a/repos/base-foc/src/core/rpc_cap_factory.cc +++ b/repos/base-foc/src/core/rpc_cap_factory.cc @@ -190,7 +190,7 @@ Cap_id_allocator::Cap_id_allocator(Allocator &alloc) : _id_alloc(&alloc) { - _id_alloc.add_range(CAP_ID_OFFSET, CAP_ID_RANGE); + _id_alloc.add_range(CAP_ID_OFFSET, unsigned(CAP_ID_RANGE) - unsigned(CAP_ID_OFFSET)); } @@ -213,7 +213,7 @@ void Cap_id_allocator::free(id_t id) Mutex::Guard lock_guard(_mutex); if (id < CAP_ID_RANGE) - _id_alloc.free((void*)(id & CAP_ID_MASK), CAP_ID_OFFSET); + _id_alloc.free((void*)(addr_t(id & CAP_ID_MASK)), CAP_ID_OFFSET); } diff --git a/repos/base-foc/src/include/base/internal/capability_data.h b/repos/base-foc/src/include/base/internal/capability_data.h index 2f083cf190..8c8481192a 100644 --- a/repos/base-foc/src/include/base/internal/capability_data.h +++ b/repos/base-foc/src/include/base/internal/capability_data.h @@ -30,12 +30,13 @@ class Genode::Native_capability::Data : public Avl_node { public: - using id_t = uint16_t; + using id_t = unsigned; + + constexpr static id_t INVALID_ID = ~0u; private: - constexpr static uint16_t INVALID_ID = ~0; - constexpr static uint16_t UNUSED = 0; + constexpr static id_t UNUSED = 0; uint8_t _ref_cnt; /* reference counter */ id_t _id; /* global capability id */ @@ -46,8 +47,8 @@ class Genode::Native_capability::Data : public Avl_node bool valid() const { return _id != INVALID_ID; } bool used() const { return _id != UNUSED; } - uint16_t id() const { return _id; } - void id(uint16_t id) { _id = id; } + id_t id() const { return _id; } + void id(id_t id) { _id = id; } uint8_t inc(); uint8_t dec(); addr_t kcap() const; diff --git a/repos/base-foc/src/lib/base/cap_map.cc b/repos/base-foc/src/lib/base/cap_map.cc index f97b45766a..f076a9d5c5 100644 --- a/repos/base-foc/src/lib/base/cap_map.cc +++ b/repos/base-foc/src/lib/base/cap_map.cc @@ -3,11 +3,11 @@ * \author Stefan Kalkowski * \date 2010-12-06 * - * This is a Fiasco.OC-specific addition to the process enviroment. + * This is a Fiasco.OC-specific addition to the process environment. */ /* - * Copyright (C) 2010-2017 Genode Labs GmbH + * Copyright (C) 2010-2025 Genode Labs GmbH * * This file is part of the Genode OS framework, which is distributed * under the terms of the GNU Affero General Public License version 3. @@ -59,7 +59,7 @@ static volatile int _cap_index_spinlock = SPINLOCK_UNLOCKED; bool Cap_index::higher(Cap_index *n) { return n->_id > _id; } -Cap_index* Cap_index::find_by_id(uint16_t id) +Cap_index* Cap_index::find_by_id(id_t id) { if (_id == id) return this; @@ -116,8 +116,8 @@ Cap_index* Capability_map::insert(Cap_index::id_t id) { Spin_lock::Guard guard(_lock); - ASSERT(!_tree.first() || !_tree.first()->find_by_id(id), - "Double insertion in cap_map()!"); + if (_tree.first() && _tree.first()->find_by_id(id)) + return { }; Cap_index * const i = cap_idx_alloc().alloc_range(1); if (i) { @@ -184,9 +184,16 @@ Cap_index* Capability_map::insert_map(Cap_index::id_t id, addr_t kcap) _tree.insert(i); /* map the given cap to our registry entry */ - l4_task_map(L4_BASE_TASK_CAP, L4_BASE_TASK_CAP, - l4_obj_fpage(kcap, 0, L4_FPAGE_RWX), - i->kcap() | L4_ITEM_MAP | L4_MAP_ITEM_GRANT); + auto const msg = l4_task_map(L4_BASE_TASK_CAP, L4_BASE_TASK_CAP, + l4_obj_fpage(kcap, 0, L4_FPAGE_RWX), + i->kcap() | L4_ITEM_MAP | L4_MAP_ITEM_GRANT); + + if (l4_error(msg)) { + _tree.remove(i); + cap_idx_alloc().free(i, 1); + return 0; + } + return i; } diff --git a/repos/base-foc/src/lib/base/ipc.cc b/repos/base-foc/src/lib/base/ipc.cc index 1b6985d9c6..f096586385 100644 --- a/repos/base-foc/src/lib/base/ipc.cc +++ b/repos/base-foc/src/lib/base/ipc.cc @@ -55,9 +55,6 @@ static inline bool ipc_error(l4_msgtag_t tag, bool print) } -static constexpr Cap_index::id_t INVALID_BADGE = 0xffff; - - /** * Representation of a capability during UTCB marshalling/unmarshalling */ @@ -116,7 +113,7 @@ static int extract_msg_from_utcb(l4_msgtag_t tag, Cap_index::id_t const badge = (Cap_index::id_t)(*msg_words++); - if (badge == INVALID_BADGE) + if (badge == Cap_index::INVALID_ID) continue; /* received a delegated capability */ @@ -227,7 +224,7 @@ static l4_msgtag_t copy_msgbuf_to_utcb(Msgbuf_base &snd_msg, for (unsigned i = 0; i < num_caps; i++) { /* store badge as normal message word */ - *msg_words++ = caps[i].valid ? caps[i].badge : INVALID_BADGE; + *msg_words++ = caps[i].valid ? caps[i].badge : Cap_index::INVALID_ID; /* setup flexpage for valid capability to delegate */ if (caps[i].valid) {