Commit Graph

2961 Commits

Author SHA1 Message Date
Norman Feske
e44f65f3b2 core: RAM service based on 'Session_object'
This patch reworks the implementation of core's RAM service to make use
of the 'Session_object' and to remove the distinction between the
"metadata" quota and the managed RAM quota. With the new implementation,
the session implicitly allocates its metadata from its own account. So
there is not need to handle 'Out_of_metadata' and 'Quota_exceeded' via
different exceptions. Instead, the new version solely uses the
'Out_of_ram' exception.

Furthermore, the 'Allocator::Out_of_memory' exception has become an alias
for 'Out_of_ram', which simplifies the error handling.

Issue #2398
2017-05-31 13:16:06 +02:00
Norman Feske
028e633af4 base: add 'Session_object' class
The 'Session_object' unifies several aspects of server-component
implementations:

* It keeps track of session quotas and is equipped with standardized
  interfaces (Quota_guard) to upgrade (and in the future potentially
  downgrade) session quotas in a uniform way.

* It follows the pattern of modern RPC objects / signal handlers that
  manage/dissolve themselves at the entrypoint given as constructor
  argument. Thereby, the relationship with its entrypoint is always
  coupled with the lifetime of the session-component object.

* It stores the session label, which was previously done manually by
  most but not all server-component implementations.

* It stores the session 'diag' flag.

* It is equipped with output methods 'diag', 'error', and 'warning'.
  All messages printed from the context of a session component is
  automatically prefixed with the session type and client label.
  Messages passed via 'diag' are only printed if the 'diag' flag of
  the session is set.

Issue #2398
2017-05-31 13:16:06 +02:00
Norman Feske
aea5d03691 base: add Child_policy::Route::Diag flag
The 'diag' flag can be defined by a target node of a route in init's
configuration. It is propagated as session argument to the server, which
may evaluate the flag to enable diagnostic output for the corresponding
session.

Issue #2398
2017-05-31 13:16:06 +02:00
Norman Feske
3670f7735d base: use 'Quota_transfer::Account' for 'Service'
This patch makes use of the new 'Quota_transfer::Account' by the service
types in base/service.h and uses 'Quota_transfer' objects in
base/child.cc and init/server.cc.

Furthermore, it decouples the notion of an 'Async_service' from
'Child_service'. Init's 'Routed_service' is no longer a 'Child_service'
but is based on the new 'Async_service' instead.

With this patch in place, quota transfers do no longer implicitly use
'Ram_session_client' objects. So transfers can in principle originate
from component-local 'Ram_session_component' objects, e.g., as used by
noux. Therefore, this patch removes a strumbling block for turning noux
into a single threaded component in the future.

Issue #2398
2017-05-31 13:16:06 +02:00
Norman Feske
5c43074bc6 core: simplify core_env.h
Issue #2398
2017-05-31 13:16:05 +02:00
Norman Feske
f69937deb1 base: new base/quota_transfer.h helper
The 'Quota_transfer' helper facilitated the implementation of quota
transfers between components in a transactional manner. It is designated
for framework-internal use (replacing the 'Transfer' class in child.h).
However, since it is also useful for init, we make it publicly
available.

The 'Quota_transfer::Account' class serves as an interface representing
the donor or receiver of quotas (parent, service, client).

Issue #2398
2017-05-31 13:16:05 +02:00
Norman Feske
f02c8328db init: access Ram_session as const
This is now possible because the new 'used_ram' and 'ram_quota' RPC
functions are declared as const.

Issue #2398
2017-05-31 13:16:05 +02:00
Norman Feske
6609aafb05 Replace Quota_exceeded by Insufficient_ram_quota
This patch replaces the 'Parent::Quota_exceeded',
'Service::Quota_exceeded', and 'Root::Quota_exceeded' exceptions
by the single 'Insufficient_ram_quota' exception type.

Furthermore, the 'Parent' interface distinguished now between
'Out_of_ram' (the child's RAM is exhausted) from
'Insufficient_ram_quota' (the child's RAM donation does not suffice to
establish the session).

This eliminates ambiguities and removes the need to convert exception
types along the path of the session creation.

Issue #2398
2017-05-31 13:16:05 +02:00
Norman Feske
eea493a8ca base: safeguard entrypoint against double manage
This patch adds sanity checks to the RPC entrypoint that detect attempts
to manage or dissolve the same RPC object twice. This is not always a
bug. I.e., if RPC objects are implemented in the modern way where the
object manages/dissolves itself. As the generic framework code (in
particular root/component.h) cannot rely on this pattern, it has to
call manage/dissolve for session objects anyway. For modern session
objects, this double attempt would result in a serious error (double
insertion into the object pool's AVL tree).

Issue #2398
2017-05-31 13:16:05 +02:00
Norman Feske
843dd179d7 base: remove int return types from 'Ram_session'
This patch replaces the existing C-style error codes with C++
exceptions.

Fixes #895
2017-05-31 13:16:04 +02:00
Norman Feske
58f44d39c5 base: use 'Ram_quota' in 'Ram_session' args
This patch replaces the former use of size_t with the use of the
'Ram_quota' type to improve type safety (in particular to avoid
accidentally mixing up RAM quotas with cap quotas).

Issue #2398
2017-05-31 13:16:04 +02:00
Norman Feske
ff68d77c7d base: new 'Ram_allocator' interface
The 'Ram_allocator' interface contains the subset of the RAM session
interface that is needed to satisfy the needs of the 'Heap' and
'Sliced_heap'. Its small size makes it ideal for intercepting memory
allocations as done by the new 'Constrained_ram_allocator' wrapper
class, which is meant to replace the existing 'base/allocator_guard.h'
and 'os/ram_session_guard.h'.

Issue #2398
2017-05-31 13:16:04 +02:00
Norman Feske
5a468919bb base: new session-creation helper types
This patch augments the existing session/session.h with useful types for
the session creation:

* The new 'Insufficient_ram_quota' and 'Insufficient_cap_quota'
  exceptions are meant to supersede the old 'Quota_exceeded' exception
  of the 'Parent' and 'Root' interfaces.

* The 'Session::Resources' struct subsumes the information about the
  session quota provided by the client.

* The boolean 'Session::Diag' type will allow sessions to operate in a
  diagnostic mode.

* The existing 'Session_label' is not also available under the alias
  'Session::Label'.

* A few helper functions ease the extraction of typed session arguments
  from the session-argument string.

Issue #2398
2017-05-31 13:16:04 +02:00
Norman Feske
220890534a base: 'Quota_guard' utility for tracking quotas
* Introduces 'Cap_quota' and 'Ram_quota' types
* Introduces 'Out_of_caps' and 'Out_of_ram' exceptions

Issue #2398
2017-05-31 13:16:04 +02:00
Norman Feske
c1b981ede4 Annotate session interfaces with CAP_QUOTA
The new 'CAP_QUOTA' enum value denotes the capability quota to be
transferred from the client to the server at session-creation time.

Issue #2398
2017-05-31 13:16:04 +02:00
Norman Feske
bc82cce72b core: add Platform::max_caps()
This method returns the kernel-specific system-global limit of the total
number of capabilities.

Issue #2398
2017-05-31 13:16:03 +02:00
Norman Feske
82a98065a0 base-hw: upgrade cap-space slab less eagerly
This patch upgrades the cap-space slab only if the kernel runs out of
entries, instead of consuming as much PD-session quota as possible.
Until now, the behavior worked well because the cap-space slab was the
only consumer of PD-session quota. However, once we start accounting all
PD session meta data - and eventually merging the PD and RAM services -
the aggressive scheme stands in the way.

Issue #2398
2017-05-31 13:16:03 +02:00
Norman Feske
5b1e3466be base: construct 'Tslab' with allocator reference
The new constructor avoids the use of a pointer.
2017-05-31 13:16:03 +02:00
Norman Feske
f5bdab4518 base: add Slab::avail_entries accessor
This accessor is useful to eagerly expand the slab with new slab blocks,
side stepping the slab's built-in policy for the allocation of new slab
blocks.

This is particularly important when using the slab for allocating the
cap space meta-data for the base-hw kernel. To guarantee that the slab
gets never exhausted in the kernel, it is expanded before entering the
kernel.
2017-05-31 13:16:03 +02:00
Norman Feske
67481fdfc3 base: support exceptions during _new_slab_block
With the introduction of the 'Out_of_caps' exception type, the slab
needs to consider exceptions during the call of '_new_slab_block' by
reverting the 'nested' state.
2017-05-31 13:16:03 +02:00
Christian Helmuth
c79155fd7b libc_ffat: zero-init 'struct tm' on stack
This prevents the following runtime error.

  Error: mktime() returned -1, the file modification time reported by stat() will be incorrect
2017-05-31 13:16:03 +02:00
Christian Helmuth
e9b42a127b dde_linux: download libnl from github.com/thom311
The old download location is very shaky resp. currently unavailable and
also other projects (e.g., Gentoo and Linux From Scratch) use this
location. Note, the archive hash does _not_ change.
2017-05-31 13:16:02 +02:00
Alexander Boettcher
106a0db664 vbox5: update to 5.1.22
Issue #2338
2017-05-31 13:16:02 +02:00
Emery Hemingway
f7d80a9bf9 drivers/ahci: clean exit when no controllers are found
Fix #2402
2017-05-31 13:16:02 +02:00
Johannes Kliemann
aac0ac7c63 dde_linux: kernel-version independent file lists
Replace the version dependent file lists with generic ones to simplify
kernel version changes.

Fixes #2368
2017-05-31 13:16:02 +02:00
Norman Feske
03d7208386 Turn posix lib into shared library
By building the posix library as shared object with an ABI, we
effectively decouple posix-using programs from the library
implementation (which happens to depend on several os-level APIs such as
the VFS).
2017-05-31 13:16:02 +02:00
Christian Helmuth
1828f70037 Fix deprecated warnings in servers
Issue #1987
2017-05-31 13:16:02 +02:00
Christian Helmuth
f41d8d6b14 core: fix compiler warnings 2017-05-31 13:16:01 +02:00
Emery Hemingway
01e8f7ea3d libc: do not open stdio descriptors unless configured to do so
Fix #2396
2017-05-31 13:16:01 +02:00
Emery Hemingway
24a9537a27 File_system: replace per-handle signals with notification packets
Replace registration and signaling of per-handle signal capabilities
with CONTENT_CHANGED notification packets.

Fix #2397
2017-05-31 13:16:01 +02:00
Emery Hemingway
29b3fff5eb app/rom_to_file: catch Node_already_exists and overwrite files
Ref #1934
2017-05-31 13:16:01 +02:00
Stefan Kalkowski
6106e64aac base: remove include/spec/* other than ISA
This commit moves the headers residing in `repos/base/include/spec/*/drivers`
to `repos/base/include/drivers/defs` or repos/base/include/drivers/uart`
respectively. The first one contains definitions about board-specific MMIO
iand RAM addresses, or IRQ lines. While the latter contains device driver
code for UART devices. Those definitions are used by driver implementations
in `repos/base-hw`, `repos/os`, and `repos/dde-linux`, which now need to
include them more explicitely.

This work is a step in the direction of reducing 'SPEC' identifiers overall.

Ref #2403
2017-05-31 13:16:01 +02:00
Alexander Boettcher
80eddd8731 usb: add OHCI support
Fixes #2357
2017-05-31 13:16:00 +02:00
Alexander Boettcher
74b790f70b vbox5: add multiple VM test case 2017-05-31 13:16:00 +02:00
Alexander Boettcher
b403bd9d3e vbox5: fix memory allocation by VMM
This is a fixup of c782966 "vbox5: track memory allocation by VMM".

Issue #2338
2017-05-31 13:16:00 +02:00
Alexander Boettcher
0cf18081f9 virtualbox.run: extension to run multiple VMs
set use_gui to get 2 VMs

Issue #2338
2017-05-31 13:16:00 +02:00
Alexander Boettcher
33ab53e42a vbox5: update to 5.1.20
Issue #2338
2017-05-31 13:16:00 +02:00
Alexander Boettcher
1a18c6b727 vbox4/5: enable key/value store for guest addition
required for enable vbox 5 guest additions, which otherwise deny to work

Issue #2338
2017-05-31 13:16:00 +02:00
Alexander Boettcher
b1d35570df vbox5: add shared folder test
Issue #2338
2017-05-31 13:15:59 +02:00
Alexander Boettcher
0d4f4f70d2 vbox5: enable audio support
Issue #2338
2017-05-31 13:15:59 +02:00
Alexander Boettcher
d7f0cb5463 vbox5: use gip thread also for timer watchdog
causes the rem timer callback pending check to run more often (every 1 ms
instead 10 ms). This is essential to met the timeout requirements of the
audio backend, which must be checked&run every 5ms.
2017-05-31 13:15:59 +02:00
Alexander Boettcher
800f9d1e44 vbox5: enable xhci model
Issue #2338
2017-05-31 13:15:59 +02:00
Alexander Boettcher
ecc98c293e qemu-usb: avoid operating on stale memory
during for loop in garbage_collect

Issue #2362
2017-05-31 13:15:59 +02:00
Alexander Boettcher
760c04c53a qemu-usb: respect size of assignment
fixes vbox4 and vbox5 xhci support

Issue #2362
2017-05-31 13:15:59 +02:00
Christian Helmuth
e3d8b6098f netty: do UDP and TCP tests
This commit replaces echo_udp with the netty_udp test. TCP can be tested
via netty_tcp.
2017-05-31 13:15:58 +02:00
Christian Helmuth
4ab2b85437 lxip: support large sendmsg (like recvmsg)
Add missing socket wait-queue head on demand.
2017-05-31 13:15:58 +02:00
Christian Helmuth
9802ae83e0 libc: rework socket fs for O_NONBLOCK 2017-05-31 13:15:58 +02:00
Christian Helmuth
3b5c16e307 lxip: poll/read_ready for all socket fs files 2017-05-31 13:15:58 +02:00
Christian Helmuth
1d99e7ede9 base: classify signals as I/O and application level
Fixes #2363
2017-05-31 13:15:58 +02:00
Christian Helmuth
e33d65aea0 libc: test nested signal handling and RPC
Issue #2363
2017-05-31 13:15:58 +02:00
Christian Helmuth
a65a4c8621 netty: non-blocking server test 2017-05-31 13:15:57 +02:00
Christian Helmuth
b3819f30dc libc: support for O_NONBLOCK in read() 2017-05-31 13:15:57 +02:00
Christian Helmuth
f7313e841d vfs_lxip: always allow broadcast packets for UDP 2017-05-31 13:15:57 +02:00
Alexander Boettcher
3f5c1b3626 top: fix replacement strategy
Issue #2307
2017-05-31 13:15:57 +02:00
Christian Prochaska
623e0be0e1 fiasco: fix compilation with GCC 6
Issue #2372
2017-05-31 13:15:57 +02:00
Norman Feske
9a6c194432 init: fix constness-related warnings by gcc 6.3
Fixes #2374
2017-05-31 13:15:57 +02:00
Norman Feske
4f19e4b6af gems: import run-script ingredients from depot
This patch adjusts the interactive scenarios of the gems repository to
use the depot. This has three immediate benefits. First, once the depot
is populated with binary archives, the start time of the scenarios
becomes very quick because most dependency checks and build steps are
side-stepped. Second, the run scripts become more versatile. In
particular, run scripts that were formerly supported on base-linux only
(nit_fader, decorator, menu_view) have become usable on all base
platforms that have a 'drivers_interactive' package defined. Finally,
the run scripts have become much shorter.

Issue #2339
2017-05-31 13:15:57 +02:00
Norman Feske
b58fbe5ba5 Depot-archive recipes
Issue #2339
2017-05-31 13:15:56 +02:00
Norman Feske
1ed5110d55 wm.run: host window-manager components in sub init 2017-05-31 13:15:56 +02:00
Norman Feske
962c853e67 hw: rename bootstrap.o to bootstrap-hw.o
In order to deliver base-hw as a binary archive, we need to install the
bootstap.o file to bin/. Since bin/ is a global name space shared by all
kernels, this patch renames the object file to bootstap-hw.o and thereby
clarifies the association of the file with base-hw.
2017-05-31 13:15:56 +02:00
Christian Helmuth
f59a5ef258 foc, fiasco: ensure build fails if port build fails 2017-05-31 13:15:55 +02:00
Norman Feske
cd5a03758f base: fix bool retval check in heap
Thanks to gcc 6.3 for reporting!
2017-05-31 13:15:55 +02:00
Norman Feske
11aadd4ce8 base: fix gcc-6.3 warning (check null ref)
The check that triggers the warning was solely in place for diagnostic
purposes. We can remove it.
2017-05-31 13:15:55 +02:00
Alexander Boettcher
1220a06c3b platform_drv: avoid gcc 6 warnings 2017-05-31 13:15:55 +02:00
Alexander Boettcher
d8f60a8ea1 vbox: increase initial static memory buffer
due to changes in #1987 pthread/malloc the initial allocations are done
via malloc
2017-05-31 13:15:55 +02:00
Alexander Boettcher
f52eec5af7 intel_fb: avoid deprecated warnings
Issue #1987
2017-05-31 13:15:55 +02:00
Alexander Boettcher
de20d9010b liquid_framebuffer: avoid narrow warning
Issue #1987
2017-05-31 13:15:54 +02:00
Alexander Boettcher
480c42d424 pthread: fix deprecated warnings
Issue #1987
2017-05-31 13:15:54 +02:00
Norman Feske
7729398105 ps2_drv: reset mouse at startup
This patch replaces the set-defaults command by a reset command, which
is needed to use the Lenovo x250 trackpoint. (original patch by
Christian Prochaska)
2017-05-31 13:15:54 +02:00
Norman Feske
61551e4d76 pistachio,fiasco: don't rely on BASE_DIR for vpath
This patch corresponds to the patch "okl4: don't rely on BASE_DIR for
vpath", addressing the L4/Fiasco and L4ka::Pistachio kernels.
2017-05-31 13:15:54 +02:00
Norman Feske
50c53a23eb foc,fiasco: symlink kernel files to bin/ 2017-05-31 13:15:54 +02:00
Christian Helmuth
7680d20686 Re-enable usb_block test 2017-05-31 13:15:54 +02:00
Christian Helmuth
df81d7a374 demo: adapt to GCC 6
Issue #2372
2017-05-31 13:15:54 +02:00
Christian Helmuth
6b2d8a740d dde_linux: explicitly build C89 with GNU extensions
Issue #2372
2017-05-31 13:15:53 +02:00
Alexander Boettcher
6513d0ce0f nova: build fixes with GCC 6 of kernel
Fixes #2379
Fixes #2380
2017-05-31 13:15:53 +02:00
Christian Helmuth
9af8e27d31 foc: fix port build with GCC 6
Fixes #2390
2017-05-31 13:15:53 +02:00
Stefan Kalkowski
b9549e58d0 hw: cleanup core code (Ref #2394) 2017-05-31 13:15:53 +02:00
Alexander Boettcher
bc2ef2b1b2 seoul: avoid gcc6 warnings 2017-05-31 13:15:53 +02:00
Alexander Boettcher
7005e54de2 nova: fix syscall bindings with GCC 6
Fixes #2377
2017-05-31 13:15:52 +02:00
Norman Feske
8e7aa54493 base: drop session states of vanished clients
For asynchronously provided sessions, the parent has to maintain the
session state as long as the server hasn't explicitly responded to a
close request. For this reason, the lifetime of such session states is
bound to the server, not the client.

When the server responds to a close request, the session state gets
freed. The 'session_response' implementation does not immediately
destroy the session state but delegates the destruction to a client-side
callback, which thereby also notifies the client. However, the code did
not consider the case where the client has completely vanished at
session-response time. In this case, we need to drop the session state
immediately.

Fixes #2391
2017-05-31 13:15:52 +02:00
Stefan Kalkowski
76bc2b9e89 hw: remove core internal header directories
Fix #2393
2017-05-31 13:15:52 +02:00
Christian Helmuth
117a533828 rom_filter: fix compilation with GCC 6
Issue #2372
2017-05-31 13:15:52 +02:00
Stefan Kalkowski
67ba7b89a7 hw: separate bootstrap and core strictly
* Introduce Hw namespace and library files under src/lib/hw
* Introduce Bootstrap namespace
* Move all initialization logic into Bootstrap namespace

Ref #2388
2017-05-31 13:15:52 +02:00
Christian Prochaska
52411c9017 terminal: add support for 'ESC[m' sequence
Fixes #2392
2017-05-31 13:15:51 +02:00
Christian Prochaska
739acd8b41 qt5: fix build errors with GCC 6
Fixes #2389
2017-05-31 13:15:51 +02:00
Christian Prochaska
d0a53781b9 gdb: fix compile error with GCC 6
Fixes #2387
2017-05-31 13:15:51 +02:00
Christian Prochaska
d1bd39cebb openssh: add '--without-stackprotect' configure option
The configure ckeck for the stack protection feature succeeds with GCC 6,
even though the required runtime functions are missing.

Issue #2386
2017-05-31 13:15:51 +02:00
Christian Prochaska
e317eca9a5 fuse_ext2: build with '-std=gnu89'
GCC 6 defaults to '-std=gnu11' for the C language, which has different
semantics for inline functions and triggers build errors.

Fixes #2385
2017-05-31 13:15:51 +02:00
Martin Stein
64fb2865b0 nic_router: fix compile error "flexible array ..."
Fixes #2384
2017-05-31 13:15:51 +02:00
Christian Prochaska
742293ab87 Genode::Fifo_element: workaround for compiling with GCC 6
Issue #2383
2017-05-31 13:15:51 +02:00
Christian Prochaska
767d86e6dc base-hw: workaround for compiling with GCC 6
Issue #2382
2017-05-31 13:15:50 +02:00
Christian Prochaska
f90a4a85e0 base-nova: workaround for compiling with GCC 6
Issue #2378
2017-05-31 13:15:50 +02:00
Christian Prochaska
bf83c07923 Genode::retry(): fix compile error with GCC 6
Fixes #2376
2017-05-31 13:15:50 +02:00
Christian Prochaska
d23dd0cdb4 init: workaround for GCC 6 compile errors
Issue #2374
2017-05-31 13:15:50 +02:00
Christian Prochaska
78a9cbf82d Trace::Logger: workaround for compiling with GCC 6
Issue #2375
2017-05-31 13:15:50 +02:00
Christian Prochaska
661a3100b1 stdcxx: update to version 6.3.0
Issue #2372
2017-05-31 13:15:50 +02:00
Christian Prochaska
58f2088d3e gcc: update to version 6.3.0
Issue #2372
2017-05-31 13:15:49 +02:00
Christian Prochaska
9f9271783e binutils: update to version 2.28
Fixes #2401
Issue #2372
2017-05-31 13:15:49 +02:00
Norman Feske
0e06042f81 base/mk: include sub specs from BASE_DIR
Originally, the spec files for less specific SPEC values were include
via the 'select_from_repositories' function. This implies that BASE_DIR
must always be present in the list of 'REPOSITORIES'. Otherwise the
spec files won't be found. By explicitly including sub specs from
'$(BASE_DIR)/mk', we lift this restriction.
2017-05-02 15:29:04 +02:00
Norman Feske
8aebfd9b26 libc: enhance quirk for building libc-gen on ARM
This patch enables the building of the libc from a source archive
for ARM.
2017-05-02 15:29:04 +02:00