Commit Graph

341 Commits

Author SHA1 Message Date
Christian Helmuth
93ab972ddc tool/seccomp: allow sigreturn on x86
Fixes #3799
2020-07-03 11:15:33 +02:00
Norman Feske
4450b37ff5 depot: update recipe hashes 2020-06-29 14:25:28 +02:00
Norman Feske
eb3a81a874 depot: update recipe hashes 2020-06-22 09:39:41 +02:00
Christian Helmuth
6006051fb9 depot: update recipe hashes 2020-05-27 11:56:47 +02:00
Stefan Thöni
78497c03ca base-linux: enabled seccomp
base-linux uses seccomp to reduce the available system calls
to the minimum set needed to run base-linux. There are still
some syscalls that allow accessing global state which should
be further reduced.

The combination of seccomp and socket descriptor caps should
provide an intermediate level of security for base-linux
thereby enabling base-linux as a migration path from using
the Linux kernel to the use of microkernel-based Genode.

Fixes #3581
2020-05-27 11:56:46 +02:00
Pirmin Duss
7f6b6d7e13 core-linux: make RAM quota configurable
Add the option to configure the RAM quota for core on base-linux.
The environment variable GENODE_RAM_QUOTA if it exists is interpreted
as number of bytes to provide to the first init.

Issue #3762
2020-05-27 11:56:46 +02:00
Norman Feske
b078224753 Replace Genode::strncpy by Genode::copy_cstring
- Since Genode::strncpy is not 100% compatible with the POSIX
  strncpy function, better use a distinct name.

- Remove bogus return value from the function, easing the potential
  enforcement of mandatory return-value checks later.

Fixes #3752
2020-05-27 11:56:45 +02:00
Norman Feske
0f27d139bd depot: update recipe hashes 2020-05-18 10:16:59 +02:00
Christian Helmuth
c11d9b7b5c Remove false API dependencies from libc/posix components
Fixes #3720
2020-05-18 10:16:13 +02:00
Christian Helmuth
236e02a2dd linux: remove initramfs from base-linux src archive 2020-05-18 10:16:13 +02:00
Norman Feske
dd899fde29 depot: update recipe hashes 2020-04-24 14:37:57 +02:00
Norman Feske
6f6340644b Hide binary_ready_hook_for_platform from public
The hook is meant to be internal to the framework. So better keep its
declaration in the framework-internal globals.h header.

Issue #3581
2020-04-24 14:37:47 +02:00
Norman Feske
b134867f31 Remove Rpc_entrypoint::Native_context
This patch largely reverts the commit "base: lay groundwork for
base-linux caps change" because the use of 'epoll' instead of 'select'
alleviated the need to allocate large FD sets, which motivated the
introduction of the 'Native_context' hook.

Related to issue #3581
2020-04-21 16:50:37 +02:00
Christian Helmuth
b60b591d06 depot: update recipe hashes 2020-04-17 12:40:13 +02:00
Norman Feske
132569d12b base-linux: socket descriptor caps for RPC
On Linux, Genode used to represent each RPC object by a socket
descriptor of the receiving thread (entrypoint) and a globally-unique
value that identifies the object. Because the latter was transferred as
plain message payload, clients had to be trusted to not forge the
values. For this reason, Linux could not be considered as a productive
Genode base platform but remained merely a development vehicle.

This patch changes the RPC mechanism such that each RPC object is
represented by a dedicated socket pair. Entrypoints wait on a set of
the local ends of the socket pairs of all RPC objects managed by the
respective entrypoint. The epoll kernel interface is used as the
underlying mechanism to wait for a set of socket descriptors at the
server side.

When delegating a capability, the remote end of the socket pair is
transferred to the recipient along with a plaintext copy of the
socket-descriptor value of the local end. The latter value serves as a
hint for re-identifiying a capability whenever it is delegated back to
its origin. Note that the client is not trusted to preserve this
information. The integrity of the hint value is protected by comparing
the inode values of incoming and already present capablities at the
originating site (whenever the capability is invoked or presented to the
owner of the RPC object).

The new mechanism effectively equips base-linux with Genode's capablity
model as described in the Chapter 3 of the Genode Foundations book.
That said, the sandboxing of components cannot be assumed at this point
because each component has still direct access to the Linux system-call
interface.

This patch is based on the extensive exploration work conducted by
Stefan Thoeni who strongly motivated the inclusion of this feature into
Genode.

Issue #3581
2020-04-17 12:40:13 +02:00
Norman Feske
7bf47b1982 base-linux: boost max open fds to the hard rlimit
This patch increases the default limit of the maximum number of open
file descriptors to the hard limit of the system. This is needed for
complex scenarios, which require more FDs than the default of 1024
at core.

Related to issue #3581

Fixes #3721
2020-04-17 12:40:12 +02:00
Alexander Boettcher
e87d60ddf7 core: use Mutex/Blockade
Issue #3612
2020-04-17 12:40:12 +02:00
Norman Feske
46fa8197a2 depot: update recipe hashes 2020-03-26 11:39:02 +01:00
Norman Feske
d8bcaa4fa4 base-linux: disable ASLR for child processes
ASLR collides with the libc's fork mechanism on 32-bit. In particular,
the tool_chain_auto.run scenario would sporadically fail while mirroring
the parent's address space.

Fixes #3710
2020-03-26 11:39:02 +01:00
Norman Feske
e2b9308b11 lx_hybrid_errno.run: add missing parent services 2020-03-26 11:38:54 +01:00
Christian Helmuth
5affd51250 depot: update recipe hashes 2020-02-28 08:59:43 +01:00
Stefan Thöni
a7a9855493 base: lay groundwork for base-linux caps change
Include the necessary hooks to introduce file descriptor
based capabilities in base linux.

Issue #3581
2020-02-27 14:46:58 +01:00
Christian Helmuth
4cccf74664 depot: update recipe hashes 2020-02-20 12:11:23 +01:00
Alexander Boettcher
5440cd4b50 base: use blockade in thread
Issue #3612
2020-02-20 12:11:22 +01:00
Alexander Boettcher
00f69bc70d base: add mutex as derivate of lock
The mutex class is more restrictive in usage compared to
Genode::Lock.

- At initialiation time it is ever unlocked.
- No thread is permitted to lock twice. Warn about it
  in case it happens.
- Only the lock onwer is permitted to unlock the mutex.
  Warn about it and don't unlock the mutex in case it happens.

Issue #3612
2020-02-20 12:11:22 +01:00
Norman Feske
57ea1dbdd3 depot: update recipe hashes 2020-02-10 14:29:06 +01:00
Christian Helmuth
90535a1401 depot: update recipe hashes 2020-02-04 15:51:10 +01:00
Stefan Kalkowski
fe899eecc7 base-linux: fix configurable host toolchain
With the '-x' argument of the 'g++' tool the language gets specified,
therefore it has to be 'c++' furthermore, not CUSTOM_HOST_CXX. Moreover,
when import-lx_hybrid.mk gets evaluated first, global.mk is not included
yet, therefore we cannot eagerly evaluate the CXX_LINK_OPT_NO_PIE variable.

Issue #3466
2020-02-04 15:47:27 +01:00
Christian Helmuth
b931b67cba depot: update recipe hashes 2019-12-19 17:01:43 +01:00
Christian Helmuth
23ed5d3936 base-linux: configurable host toolchain
This commit uses CUSTOM_HOST_CC/CUSTOM_HOST_CXX instead of hardcoded
commands and introduces HOST_DEV_PREFIX.

Original patch by Roman Iten and Pirmin Duss.

Issue #3466
2019-12-19 17:01:42 +01:00
Christian Helmuth
4299b85cdb base-linux: support invalid dataspace for RM client
This restores behavior introduced in

  commit cb232891bf
  Author: Norman Feske <norman.feske@genode-labs.com>
  Date:   Tue May 10 11:55:25 2016 +0200

    Fix noux.run on base-linux

but removed by issue #2829.

Related to issue #1938
2019-12-19 17:00:47 +01:00
Johannes Kliemann
93639532f0 base-linux: core session support (IO_PORT, IO_MEM, IRQ) 2019-12-19 16:59:02 +01:00
Christian Helmuth
11ef8e1ff2 depot: update recipe hashes 2019-11-28 09:06:39 +01:00
Christian Helmuth
7ed1d7f11d depot: update recipe hashes 2019-11-19 14:54:14 +01:00
Christian Helmuth
4a7b0e99a6 depot: update recipe hashes 2019-09-20 14:14:16 +02:00
Christian Helmuth
b2c59576ae depot: update recipe hashes 2019-08-28 14:36:56 +02:00
Christian Helmuth
312f801f8a depot: update recipe hashes 2019-08-21 13:25:26 +02:00
Sebastian Sumpf
2fc6cedcc0 ld: load dynamic linker at static address on Linux
* move stack area to static address at beginning of binary
* set ELF type of linker from shared to executable

fixes #3479
2019-08-21 13:25:25 +02:00
Christian Helmuth
17d32b3e15 depot: update recipe hashes 2019-07-09 09:06:54 +02:00
Christian Helmuth
3c4c460f82 depot: update recipe hashes 2019-06-13 13:40:37 +02:00
Christian Helmuth
2b183f9497 depot: update recipe hashes 2019-05-29 10:20:52 +02:00
Christian Helmuth
e60b597af5 linux: 32-bit compatibility with GCC versions before 7
GCC version 7 and above generate calls to __divmoddi for 64bit integer
division on 32-bit. Unfortunately, libgcc liberaries of older compilers
lack this symbol and are still in use by Debian/Ubuntu LTS at least.
2019-05-27 14:52:52 +02:00
Christian Helmuth
ba51800b31 depot: update recipe hashes 2019-05-06 16:15:27 +02:00
Martin Stein
181c78d482 timeout: use uint64_t for all plain time values
This enforces the use of unsigned 64-bit values for time in the duration type,
the timeout framework, the timer session, the userland timer-drivers, and the
alarm framework on all platforms. The commit also adapts the code that uses
these tools accross all basic repositories (base, base-*, os. gems, libports,
ports, dde_*) to use unsigned 64-bit values for time as well as far as this
does not imply profound modifications.

Fixes #3208
2019-05-06 16:15:26 +02:00
Christian Helmuth
6ea1179145 depot: update recipe hashes 2019-04-09 12:30:35 +02:00
Alexander Boettcher
ae16edf1d6 trace: support more facets of execution time
- execution time per thread context
- execution time per scheduling context
- quantum and priority

Issue #3192
2019-04-09 12:30:34 +02:00
Norman Feske
d027f12764 depot: update recipe hashes 2019-04-02 09:36:39 +02:00
Christian Helmuth
ebe71a12ed depot: update recipe hashes 2019-03-19 11:12:36 +01:00
Christian Helmuth
46a29532a9 depot: update recipe hashes 2019-02-26 14:47:02 +01:00
Norman Feske
5ed5fddb7c base/os: remove deprecated APIs
This commit removes APIs that were previously marked as deprecated. This
change has the following implications:

- The use of the global 'env()' accessor is not possible anymore.
- Boolean accessor methods are no longer prefixed with 'is_'. E.g.,
  instead of 'is_valid()', use 'valid()'.
- The last traces of 'Ram_session' are gone now. The 'Env::ram()'
  accessor returns the 'Ram_allocator' interface, which is a subset of
  the 'Pd_session' interface.
- All connection constructors need the 'Env' as argument.
- The 'Reporter' constructor needs an 'Env' argument now because the
  reporter creates a report connection.
- The old overload 'Child_policy::resolve_session_request' that returned
  a 'Service' does not exist anymore.
- The base/printf.h header has been removed, use base/log.h instead.
- The old notion of 'Signal_dispatcher' is gone. Use 'Signal_handler'.
- Transitional headers like os/server.h, cap_session/,
  volatile_object.h, os/attached*_dataspace.h, signal_rpc_dispatcher.h
  have been removed.
- The distinction between 'Thread_state' and 'Thread_state_base' does
  not exist anymore.
- The header cpu_thread/capability.h along with the type definition of
  'Cpu_thread_capability' has been removed. Use the type
  'Thread_capability' define in cpu_session/cpu_session.h instead.
- Several XML utilities (i.e., at os/include/decorator) could be removed
  because their functionality is nowadays covered by util/xml_node.h.
- The 'os/ram_session_guard.h' has been removed.
  Use 'Constrained_ram_allocator' provided by base/ram_allocator.h instead.

Issue #1987
2019-02-26 14:44:15 +01:00
Norman Feske
0e0b6bdde7 depot: update recipe hashes 2019-02-19 11:13:56 +01:00
Norman Feske
b3727a9b46 Add missing override annotations
Issue #3159
2019-02-19 11:12:11 +01:00
Norman Feske
aa66b5d62f base: remove dependency from deprecated APIs
This patch adjusts the implementation of the base library and core such
that the code no longer relies on deprecated APIs except for very few
cases, mainly to keep those deprecated APIs in tact for now.

The most prominent changes are:

- Removing the use of base/printf.h

- Removing of the log backend for printf. The 'Console' with the
  format-string parser is still there along with 'snprintf.h' because
  the latter is still used at a few places, most prominently the
  'Connection' classes.

- Removing the notion of a RAM session, which does not exist in
  Genode anymore. Still the types were preserved (by typedefs to
  PD session) to keep up compatibility. But this transition should
  come to an end now.

- Slight rennovation of core's tracing service, e.g., the use of an
  Attached_dataspace as the Argument_buffer.

- Reducing the reliance on global accessors like deprecated_env() or
  core_env(). Still there is a longish way to go to eliminate all such
  calls. A useful pattern (or at least a stop-gap solution) is to
  pass the 'Env' to the individual compilation units via init functions.

- Avoiding the use of the old 'Child_policy::resolve_session_request'
  interface that returned a 'Service' instead of a 'Route'.

Issue #1987
2019-02-19 11:08:17 +01:00
Christian Helmuth
271e2398f9 depot: update recipe hashes 2019-02-12 14:24:12 +01:00
Norman Feske
bcb24e316c base: fix warnings reported by LLVM analyzer
The warnings were false positives though.
2019-02-12 10:33:14 +01:00
Norman Feske
6b289a1423 base/core: use references instead of pointers
This patch replaces the former prominent use of pointers by references
wherever feasible. This has the following benefits:

* The contract between caller and callee becomes more obvious. When
  passing a reference, the contract says that the argument cannot be
  a null pointer. The caller is responsible to ensure that. Therefore,
  the use of reference eliminates the need to add defensive null-pointer
  checks at the callee site, which sometimes merely exist to be on the
  safe side. The bottom line is that the code becomes easier to follow.

* Reference members must be initialized via an object initializer,
  which promotes a programming style that avoids intermediate object-
  construction states. Within core, there are still a few pointers
  as member variables left though. E.g., caused by the late association
  of 'Platform_thread' objects with their 'Platform_pd' objects.

* If no pointers are present as member variables, we don't need to
  manually provide declarations of a private copy constructor and
  an assignment operator to avoid -Weffc++ errors "class ... has
  pointer data members [-Werror=effc++]".

This patch also changes a few system bindings on NOVA and Fiasco.OC,
e.g., the return value of the global 'cap_map' accessor has become a
reference. Hence, the patch touches a few places outside of core.

Fixes #3135
2019-02-12 10:33:13 +01:00
Norman Feske
3a169d3a78 depot: update recipe hashes 2019-01-30 13:55:20 +01:00
Norman Feske
ed65267bc5 depot: update recipe hashes 2019-01-14 12:34:41 +01:00
Norman Feske
bf62d6b896 Move timer from os to base repository
Since the timer and timeout handling is part of the base library (the
dynamic linker), it belongs to the base repository.

Besides moving the timer and its related infrastructure (alarm, timeout
libs, tests) to the base repository, this patch also moves the timer
from the 'drivers' subdirectory directly to 'src' and disamibuates the
timer's build locations for the various kernels. Otherwise the different
timer implementations could interfere with each other when using one
build directory with multiple kernels.

Note that this patch changes the include paths for the former os/timer,
os/alarm.h, os/duration.h, and os/timed_semaphore.h to base/.

Issue #3101
2019-01-14 12:33:57 +01:00
Christian Helmuth
21a61cd583 depot: update recipe hashes 2019-01-07 12:43:37 +01:00
Martin Stein
a79bfad08e base-linux: init trace control 2019-01-07 12:25:46 +01:00
Christian Helmuth
11eecdc7bd depot: update recipe hashes 2018-11-29 11:54:31 +01:00
Norman Feske
19d7a488de init: health monitoring of child components
Fixes #3039
2018-11-27 11:36:34 +01:00
Christian Helmuth
70e7499e48 depot: update recipe hashes 2018-11-16 15:07:53 +01:00
Norman Feske
f93294975b base-linux: avoid double define of __always_inline
This patch fixes the following build problem that occurs on recent
GNU/Linux systems:

  /usr/include/x86_64-linux-gnu/sys/cdefs.h:307:0: error: "__always_inline" redefined
  ...
  /usr/include/linux/stddef.h:5:0: note: this is the location of the previous definition

The code in 'cdefs.h' does not check if the '__always_inline' is already
defined. The patch works around the problem by including the 'sys/cdefs.h'
first.
2018-11-16 14:37:20 +01:00
Christian Helmuth
0867da28a2 depot: update recipe hashes 2018-10-29 09:36:23 +01:00
Christian Helmuth
e88081a454 depot: update recipe hashes 2018-10-01 11:25:03 +02:00
Christian Helmuth
5dcf06d208 depot: update recipe hashes 2018-09-13 15:21:26 +02:00
Christian Helmuth
c2e0d0ae20 depot: update recipe hashes 2018-08-30 09:25:10 +02:00
Christian Helmuth
f4ea50c6ff depot: update recipe hashes 2018-08-08 10:59:04 +02:00
Norman Feske
4b46abf813 base: rm first-class support for static binaries
This patch removes the detection of statically linked executables from
the base framework. It thereby fixes the corner cases encountered with
Sculpt when obtaining the binaries of the runtime from the depot_rom
service that is hosted within the runtime.

Statically linked binaries and hybrid Linux/Genode (lx_hybrid) binaries
can still be started by relabeling the ROM-session route of "ld.lib.so"
to the binary name, pretending that the binary is the dynamic linker.
This can be achieved via init's label rewriting mechanism:

  <route>
    <service name="ROM" unscoped_label="ld.lib.so">
      <parent label="test-platform"/> </service>
  </route>

However, as this is quite cryptic and would need to be applied for all
lx_hybrid components, the patch adds a shortcut to init's configuration.
One can simply add the 'ld="no"' attribute to the <start> node of the
corresponding component:

  <start name="test-platform" ld="no"/>

Fixes #2866
2018-08-02 14:36:38 +02:00
Christian Helmuth
b485caf33c depot: update recipe hashes 2018-07-03 09:40:11 +02:00
Christian Prochaska
2f7e421eed linux: destroy native CPU client after thread start
The native CPU client holds a capability reference and the reference
counter of the capability can reach its limit when many threads are
successively created and destroyed (destroyed by the Linux kernel).

Fixes #2886
2018-07-03 09:39:34 +02:00
Christian Prochaska
25b47758b7 linux: new slots for non-existent capabilities only
Prevent allocation of new cap-space slots each time a capability is
received by checking if the received capability already exists.

Fixes #2885
2018-07-03 09:39:33 +02:00
Christian Helmuth
246bacd9da depot: update recipe hashes 2018-06-13 13:52:12 +02:00
Christian Helmuth
bd86efe5fe depot: update recipe hashes 2018-05-31 14:02:21 +02:00
Alexander Boettcher
e6d20aba93 base: support to attach RAM dataspaces readonly
Fixes #1633
2018-05-30 13:36:27 +02:00
Emery Hemingway
e2661c58dc Convert static VFS library to dynamic library
Fix #2759
2018-05-30 12:26:19 +02:00
Christian Helmuth
3b7d6394d7 depot: update recipe hashes 2018-05-03 15:32:01 +02:00
Christian Helmuth
47569458d4 depot: update recipe hashes 2018-04-19 12:39:20 +02:00
Christian Helmuth
d54f95d497 depot: update recipe hashes 2018-04-10 13:03:26 +02:00
Christian Helmuth
1f7b5e75bf depot: update recipe hashes 2018-03-08 12:05:10 +01:00
Christian Helmuth
a8f186c7d4 depot: update recipe hashes 2018-02-28 11:05:05 +01:00
Norman Feske
8d09d02b85 depot: update recipe hashes 2018-02-09 13:34:24 +01:00
Christian Helmuth
6013889028 depot: update recipe hashes 2018-01-17 12:14:44 +01:00
Norman Feske
eba9c15746 Follow practices suggested by "Effective C++"
The patch adjust the code of the base, base-<kernel>, and os repository.
To adapt existing components to fix violations of the best practices
suggested by "Effective C++" as reported by the -Weffc++ compiler
argument. The changes follow the patterns outlined below:

* A class with virtual functions can no longer publicly inherit base
  classed without a vtable. The inherited object may either be moved
  to a member variable, or inherited privately. The latter would be
  used for classes that inherit 'List::Element' or 'Avl_node'. In order
  to enable the 'List' and 'Avl_tree' to access the meta data, the
  'List' must become a friend.

* Instead of adding a virtual destructor to abstract base classes,
  we inherit the new 'Interface' class, which contains a virtual
  destructor. This way, single-line abstract base classes can stay
  as compact as they are now. The 'Interface' utility resides in
  base/include/util/interface.h.

* With the new warnings enabled, all member variables must be explicitly
  initialized. Basic types may be initialized with '='. All other types
  are initialized with braces '{ ... }' or as class initializers. If
  basic types and non-basic types appear in a row, it is nice to only
  use the brace syntax (also for basic types) and align the braces.

* If a class contains pointers as members, it must now also provide a
  copy constructor and assignment operator. In the most cases, one
  would make them private, effectively disallowing the objects to be
  copied. Unfortunately, this warning cannot be fixed be inheriting
  our existing 'Noncopyable' class (the compiler fails to detect that
  the inheriting class cannot be copied and still gives the error).
  For now, we have to manually add declarations for both the copy
  constructor and assignment operator as private class members. Those
  declarations should be prepended with a comment like this:

        /*
         * Noncopyable
         */
        Thread(Thread const &);
        Thread &operator = (Thread const &);

  In the future, we should revisit these places and try to replace
  the pointers with references. In the presence of at least one
  reference member, the compiler would no longer implicitly generate
  a copy constructor. So we could remove the manual declaration.

Issue #465
2018-01-17 12:14:35 +01:00
Christian Helmuth
553cf556af depot: update recipe hashes 2017-12-21 15:01:56 +01:00
Johannes Schlatow
684052df5e base-linux: implement lx_sigmask/lx_sigword explicitly
In newer glibc versions, the '__sigword' and '__sigmask' macros are only
available in sigsetops.h which is not installed. These macros are not
system-specific, hence we implement them explicitly ourselves.

Fixes #2616
2017-12-21 15:01:51 +01:00
Norman Feske
7e3334ca02 core: make region-map verbosity configurable
With this patch, diagnostic messages generated by core's region-map
handling are printed only if the PD session is created with 'diag'
mode enabled.
2017-12-21 15:01:50 +01:00
Alexander Boettcher
15cc6d688f core: add support to export log output as ROM
Issue #2207
2017-12-21 15:01:46 +01:00
Alexander Boettcher
2cb635c3e3 base-*: rename core_log.cc to core_log_out.cc
Issue #2207
2017-12-21 15:01:46 +01:00
Christian Helmuth
25ca29002e depot: update recipe hashes 2017-11-30 11:24:49 +01:00
Christian Helmuth
491be000ca depot: update recipe hashes 2017-11-09 12:19:59 +01:00
Christian Helmuth
30948a4b0d depot: update recipe hashes 2017-11-06 13:57:25 +01:00
Christian Helmuth
b0683a5acf Increase test RAM quotas for sel4 64-bit 2017-11-06 13:57:23 +01:00
Christian Helmuth
ee4ee6a8ac depot: update recipe hashes 2017-10-19 13:31:18 +02:00
Christian Helmuth
ddfd3c0d7e linux: stack-area handling with recent Linux kernels
We moved the stack-area segment 128 MiB behind text and data to comply
with assumptions in the kernel ELF loader.

This commit also reenables static binaries on linux and removes the
unused stack_area.stdlib.ld script.

Fixes #2521
2017-10-05 17:40:00 +02:00
Christian Prochaska
8a6ad5f94b Linux_dataspace: increase file name length
Fixes #2508
2017-09-07 11:47:15 +02:00
Christian Helmuth
2ed904faab depot: update recipe hashes 2017-08-30 12:41:43 +02:00
Alexander Boettcher
430bde3636 core: remove unmap from rm_client
The flush/unmap of memory is tied to an address space and not to a thread.
Move the handling from the Rm_client to the Adress_space class.

Issue #2209
2017-08-28 16:49:44 +02:00
Christian Helmuth
8b073f46df depot: update recipe hashes 2017-08-18 10:25:28 +02:00
Alexander Senier
ee40d29b91 base-linux: Log error message for too long files
The filename buffer of a dataspace in base-linux is limited to
40 bytes. When using file names longer than this, the remainder
gets dropped silently. Add an error message to aid debugging this
case.
2017-08-18 10:24:48 +02:00
Alexander Boettcher
5aab244ce3 sub_rm.run: use config rom for steering test
instead of compile time config enums.
2017-08-18 10:24:47 +02:00
Alexander Boettcher
58e4f6cf9d core: add map method to pd_session interface
The method can be used to trigger the eager insertion of page frames into
page tables. Intention: to be used for memory used for DMA.

Issue #2209
2017-08-18 10:24:46 +02:00
Norman Feske
0d1be4abe2 depot: update recipe hashes 2017-06-29 12:00:04 +02:00
Stefan Kalkowski
a004462096 hw: fix capability accounting of kernel/core
The recently implemented capability resource trading scheme unfortunately
broke the automated capability memory upgrade mechanism needed by base-hw
kernel/core. This commit splits the capability memory upgrade mechanism
from the PD session ram_quota upgrade, and moves that functionality
into a separate Pd_session::Native_pd interface.

Ref #2398
2017-06-19 12:35:55 +02:00
Stefan Kalkowski
6f8dc9054a base: setup parent upgrade mechanism eagerly
Fix #2447
2017-06-19 12:35:55 +02:00
Christian Prochaska
a1b1525ec1 lx_fs: handle errors on mkdir correctly
Fixes #2444
2017-06-19 12:35:55 +02:00
Martin Stein
685f509a43 timer connection: no interpolation on arm w/o hw
On ARM, we do not have a component-local hardware time-source. The ARM
performance counter has no reliable frequency as the ARM idle command
halts the counter. Thus, we do not do local time interpolation on ARM.
Except we're on the HW kernel. In this case we can read out the kernel
time instead.

Ref #2435
2017-05-31 17:50:28 +02:00
Christian Helmuth
892ede515f depot: update recipe hashes 2017-05-31 16:18:01 +02:00
Christian Helmuth
8bd0efced6 Remove obsolete RAM/CAP services from run scripts
Adapted launchpad and also the rm_fault and resource_request tests.

Issue #2407
2017-05-31 13:16:22 +02:00
Norman Feske
0167d5af50 Integrate core's RAM service into the PD service
Fixes #2407
2017-05-31 13:16:14 +02:00
Norman Feske
5a3a1c704b base: use 'Ram_allocator' as stack-area back end
The 'Stack_area_ram_session' is now a 'Stack_area_ram_allocator', which
simplifies the code and remove a dependency from the 'Ram_session'
interface, which we want to remove after all.

Issue #2407
2017-05-31 13:16:13 +02:00
Norman Feske
a96919632e core: unify Pd_session_component across kernels
Issue #2407
2017-05-31 13:16:13 +02:00
Norman Feske
4773707495 core: split RAM dataspace factory from RAM service
By separating the session-interface concerns from the mechanics of the
dataspace creation, the code becomes simpler to follow, and the RAM
session can be more easily merged with the PD session in a subsequent
step.

Issue #2407
2017-05-31 13:16:12 +02:00
Norman Feske
65225a94b1 core: simplify initialization
This patch removes the 'Core_parent' and 'Core_pd_session', and reduces
the 'Core_env'.
2017-05-31 13:16:12 +02:00
Norman Feske
a1df4fee44 base: restructure signal-submit initialization
This patch allows core's 'Signal_transmitter' implementation to sidestep
the 'Env::Pd' interface and thereby adhere to a stricter layering within
core. The 'Signal_transmitter' now uses - on kernels that depend on it -
a dedicated (and fairly freestanding) RPC proxy mechanism for signal
deliver, instead of channeling signals through the 'Pd_session::submit'
RPC function.
2017-05-31 13:16:12 +02:00
Martin Stein
c70fed29f7 os/timer: interpolate time via timestamps
Previously, the Genode::Timer::curr_time always used the
Timer_session::elapsed_ms RPC as back end.  Now, Genode::Timer reads
this remote time only in a periodic fashion independently from the calls
to Genode::Timer::curr_time. If now one calls Genode::Timer::curr_time,
the function takes the last read remote time value and adapts it using
the timestamp difference since the remote-time read. The conversion
factor from timestamps to time is estimated on every remote-time read
using the last read remote-time value and the timestamp difference since
the last remote time read.

This commit also re-works the timeout test. The test now has two stages.
In the first stage, it tests fast polling of the
Genode::Timer::curr_time. This stage checks the error between locally
interpolated and timer-driver time as well as wether the locally
interpolated time is monotone and sufficiently homogeneous. In the
second stage several periodic and one-shot timeouts are scheduled at
once. This stage checks if the timeouts trigger sufficiently precise.

This commit adds the new Kernel::time syscall to base-hw. The syscall is
solely used by the Genode::Timer on base-hw as substitute for the
timestamp. This is because on ARM, the timestamp function uses the ARM
performance counter that stops counting when the WFI (wait for
interrupt) instruction is active. This instruction, however is used by
the base-hw idle contexts that get active when no user thread needs to
be scheduled.  Thus, the ARM performance counter is not a good choice for
time interpolation and we use the kernel internal time instead.

With this commit, the timeout library becomes a basic library. That means
that it is linked against the LDSO which then provides it to the program it
serves. Furthermore, you can't use the timeout library anymore without the
LDSO because through the kernel-dependent LDSO make-files we can achieve a
kernel-dependent timeout implementation.

This commit introduces a structured Duration type that shall successively
replace the use of Microseconds, Milliseconds, and integer types for duration
values.

Open issues:

* The timeout test fails on Raspberry PI because of precision errors in the
  first stage. However, this does not render the framework unusable in general
  on the RPI but merely is an issue when speaking of microseconds precision.

* If we run on ARM with another Kernel than HW the timestamp speed may
  continuously vary from almost 0 up to CPU speed. The Timer, however,
  only uses interpolation if the timestamp speed remained stable (12.5%
  tolerance) for at least 3 observation periods. Currently, one period is
  100ms, so its 300ms. As long as this is not the case,
  Timer_session::elapsed_ms is called instead.

  Anyway, it might happen that the CPU load was stable for some time so
  interpolation becomes active and now the timestamp speed drops. In the
  worst case, we would now have 100ms of slowed down time. The bad thing
  about it would be, that this also affects the timeout of the period.
  Thus, it might "freeze" the local time for more than 100ms.

  On the other hand, if the timestamp speed suddenly raises after some
  stable time, interpolated time can get too fast. This would shorten the
  period but nonetheless may result in drifting away into the far future.
  Now we would have the problem that we can't deliver the real time
  anymore until it has caught up because the output of Timer::curr_time
  shall be monotone. So, effectively local time might "freeze" again for
  more than 100ms.

  It would be a solution to not use the Trace::timestamp on ARM w/o HW but
  a function whose return value causes the Timer to never use
  interpolation because of its stability policy.

Fixes #2400
2017-05-31 13:16:11 +02:00
Norman Feske
4d442bca30 Streamline exception types
This patch reduces the number of exception types by facilitating
globally defined exceptions for common usage patterns shared by most
services. In particular, RPC functions that demand a session-resource
upgrade not longer reflect this condition via a session-specific
exception but via the 'Out_of_ram' or 'Out_of_caps' types.

Furthermore, the 'Parent::Service_denied', 'Parent::Unavailable',
'Root::Invalid_args', 'Root::Unavailable', 'Service::Invalid_args',
'Service::Unavailable', and 'Local_service::Factory::Denied' types have
been replaced by the single 'Service_denied' exception type defined in
'session/session.h'.

This consolidation eases the error handling (there are fewer exceptions
to handle), alleviates the need to convert exceptions along the
session-creation call chain, and avoids possible aliasing problems
(catching the wrong type with the same name but living in a different
scope).
2017-05-31 13:16:07 +02:00
Norman Feske
1f4f119b1e Capability quota accounting and trading
This patch mirrors the accounting and trading scheme that Genode employs
for physical memory to the accounting of capability allocations.

Capability quotas must now be explicitly assigned to subsystems by
specifying a 'caps=<amount>' attribute to init's start nodes.
Analogously to RAM quotas, cap quotas can be traded between clients and
servers as part of the session protocol. The capability budget of each
component is maintained by the component's corresponding PD session at
core.

At the current stage, the accounting is applied to RPC capabilities,
signal-context capabilities, and dataspace capabilities. Capabilities
that are dynamically allocated via core's CPU and TRACE service are not
yet covered. Also, the capabilities allocated by resource multiplexers
outside of core (like nitpicker) must be accounted by the respective
servers, which is not covered yet.

If a component runs out of capabilities, core's PD service prints a
warning to the log. To observe the consumption of capabilities per
component in detail, the PD service is equipped with a diagnostic
mode, which can be enabled via the 'diag' attribute in the target
node of init's routing rules. E.g., the following route enables the
diagnostic mode for the PD session of the "timer" component:

  <default-route>
    <service name="PD" unscoped_label="timer">
      <parent diag="yes"/>
    </service>
    ...
  </default-route>

For subsystems based on a sub-init instance, init can be configured
to report the capability-quota information of its subsystems by
adding the attribute 'child_caps="yes"' to init's '<report>'
config node. Init's own capability quota can be reported by adding
the attribute 'init_caps="yes"'.

Fixes #2398
2017-05-31 13:16:06 +02:00
Norman Feske
773e08976d Assign cap quotas in run scripts and recipes
Issue #2398
2017-05-31 13:16:06 +02:00
Norman Feske
e44f65f3b2 core: RAM service based on 'Session_object'
This patch reworks the implementation of core's RAM service to make use
of the 'Session_object' and to remove the distinction between the
"metadata" quota and the managed RAM quota. With the new implementation,
the session implicitly allocates its metadata from its own account. So
there is not need to handle 'Out_of_metadata' and 'Quota_exceeded' via
different exceptions. Instead, the new version solely uses the
'Out_of_ram' exception.

Furthermore, the 'Allocator::Out_of_memory' exception has become an alias
for 'Out_of_ram', which simplifies the error handling.

Issue #2398
2017-05-31 13:16:06 +02:00
Norman Feske
5c43074bc6 core: simplify core_env.h
Issue #2398
2017-05-31 13:16:05 +02:00
Norman Feske
843dd179d7 base: remove int return types from 'Ram_session'
This patch replaces the existing C-style error codes with C++
exceptions.

Fixes #895
2017-05-31 13:16:04 +02:00
Norman Feske
58f44d39c5 base: use 'Ram_quota' in 'Ram_session' args
This patch replaces the former use of size_t with the use of the
'Ram_quota' type to improve type safety (in particular to avoid
accidentally mixing up RAM quotas with cap quotas).

Issue #2398
2017-05-31 13:16:04 +02:00
Norman Feske
ff68d77c7d base: new 'Ram_allocator' interface
The 'Ram_allocator' interface contains the subset of the RAM session
interface that is needed to satisfy the needs of the 'Heap' and
'Sliced_heap'. Its small size makes it ideal for intercepting memory
allocations as done by the new 'Constrained_ram_allocator' wrapper
class, which is meant to replace the existing 'base/allocator_guard.h'
and 'os/ram_session_guard.h'.

Issue #2398
2017-05-31 13:16:04 +02:00
Norman Feske
bc82cce72b core: add Platform::max_caps()
This method returns the kernel-specific system-global limit of the total
number of capabilities.

Issue #2398
2017-05-31 13:16:03 +02:00
Norman Feske
b58fbe5ba5 Depot-archive recipes
Issue #2339
2017-05-31 13:15:56 +02:00
Norman Feske
da294cb02a mk: obtain 'genode.ld' always form BASE_DIR
This way, the base repository does not need to be present in the
'REPOSITORIES' list when building static executables.
2017-05-02 15:28:54 +02:00
Martin Stein
daaddbd584 base*, os: get rid of all env() calls
Issue #1987
2017-02-28 13:00:42 +01:00
Norman Feske
29b8d609c9 Adjust file headers to refer to the AGPLv3 2017-02-28 12:59:29 +01:00
Norman Feske
cd3a5852d6 Warn about the use of deprecated headers
This commit enables compile-time warnings displayed whenever a deprecated
API header is included, and adjusts the existing #include directives
accordingly.

Issue #1987
2017-01-31 12:01:18 +01:00
Norman Feske
02d5efcf3f init: apply routing to environment sessions
The init component used to create the CPU/RAM/PD/ROM sessions (the child
environment) for its children by issuing session requests to its parent,
which is typically core. This policy was hard-wired. This patch enables
the routing of the environment sessions of the children of init
according to the configured routing policy.

Because there is no hard-wired policy regarding the environment sessions
anymore, routes to respective services must be explicitly declared in
the init configuration. For this reason, the patch adjusts several run
scripts in this respect.

This patch removes the outdated '<if-args>' special handling of session
labels. The '<if-args>' feature will eventually be removed completely
(ref #2250)

Issue #2197
Issue #2215
Issue #2233
Issue #2250
2017-01-31 12:01:11 +01:00
Norman Feske
4bfdfbb42a lx_hybrid: API transition
Issue #1987
2017-01-13 13:07:14 +01:00
Norman Feske
a7f40b24ca Warn about the use of deprecated env() function
This patch enables warnings if one of the deprecate functions that rely
in the implicit use of the global Genode::env() accessor are called.

For the time being, some places within the base framework continue
to rely on the global function while omitting the warning by calling
'env_deprecated' instead of 'env'.

Issue #1987
2017-01-13 13:07:13 +01:00
Norman Feske
3d7b92ea50 Generalize ABI mechanism to shared objects
This patch make the ABI mechanism available to shared libraries other
than Genode's dynamic linker. It thereby allows us to introduce
intermediate ABIs at the granularity of shared libraries. This is useful
for slow-moving ABIs such as the libc's interface but it will also
become handy for the package management.

To implement the feature, the build system had to be streamlined a bit.
In particular, archive dependencies and shared-lib dependencies are now
handled separately, and the global list of 'SHARED_LIBS' is no more.
Now, the variable with the same name holds the per-target list of shared
libraries used by the target.
2017-01-13 13:06:54 +01:00
Dr. Florian M. Grätz
b2934c7aec Fix build on Ubuntu 16.10 for x86_64
Ubuntu provides position independent shared objects for libraries, e.g.,
libsdl1.2-dev. To appropriatly link it to Genode, the linker flag
'-no-pie' has to be added to the make file.
2017-01-13 13:06:52 +01:00
Norman Feske
4da52517c1 Simpify startup of dynamically linked binaries
This patch removes the component_entry_point library, which used to
proved a hook for the libc to intercept the call of the
'Component::construct' function. The mechansim has several shortcomings
(see the discussion in the associated issue) and was complex. So we
eventually discarded the approach in favor of the explicit handling of
the startup.

A regular Genode component provides a 'Component::construct' function,
which is determined by the dynamic linker via a symbol lookup.
For the time being, the dynamic linker falls back to looking up a 'main'
function if no 'Component::construct' function could be found.

The libc provides an implementation of 'Component::construct', which
sets up the libc's task handling and finally call the function
'Libc::Component::construct' from the context of the appllication task.
This function is expected to be provided by the libc-using application.
Consequently, Genode components that use the libc have to implement the
'Libc::Component::construct' function.

The new 'posix' library provides an implementation of
'Libc::Component::construct' that calls a main function. Hence, POSIX
programs that merely use the POSIX API merely have to add 'posix' to the
'LIBS' declaration in their 'target.mk' file. Their execution starts at
'main'.

Issue #2199
2017-01-13 13:06:52 +01:00
Norman Feske
253097314c Add unified build directories to create_builddir
This patch makes the benefit of the recently introduced unified Genode
ABI available to developers by enabling the use of multiple kernels from
within a single build directory. The create_builddir tool has gained a
new set of kernel-agnostic platform arguments such as x86_32, or panda.
Most build targets within directories are in principle compatible with
all kernels that support the selected hardware platform. To execute a
scenario via the run tool, one has to select the kernel to use by
setting the 'KERNEL' argument in the build configuration
(etc/build.conf). Alternatively, the 'KERNEL' can be specified as
command-line argument of the Genode build system, e.g.:

  make run/log KERNEL=nova

This allows us to easily switch from one kernel to another without
rebuilding any Genode component except for the very few kernel-specific
ones.

The new version of the 'create_builddir' tool is still compatible with
the old version. The old kernel-specific build directories can still be
created. However, those variants will eventually be removed.

Note that the commit removes the 'ports-foc' repository from the
generated 'build.conf' files. As this is only meaningful for 'foc',
I did not want to include it in the list of regular repositories (as
visible in a 'x86_32' build directory). Hence, the repository must
now be manually added in order to use L4Linux.

Issue #2190
2017-01-13 13:05:44 +01:00
Norman Feske
0d295f75a1 base: apply routing policy to environment sessions
This patch changes the child-construction procedure to allow the routing
of environment sessions to arbitrary servers, not only to the parent.
In particular, it restores the ability to route the LOG session of the
child to a LOG service provided by a child of init. In principle, it
becomes possible to also route the immediate child's PD, CPU, and RAM
environment sessions in arbitrary ways, which simplifies scenarios that
intercept those sessions, e.g., the CPU sampler.

Note that the latter ability should be used with great caution because
init needs to interact with these sessions to create/destruct the child.
Normally, the sessions are provided by the parent. So init is safe at
all times. If they are routed to a child however, init will naturally
become dependent on this particular child. For the LOG session, this is
actually not a problem because even though the parent creates the LOG
session as part of the child's environment, it never interacts with the
session directly.

Fixes #2197
2016-12-23 16:52:08 +01:00
Norman Feske
c450ddcb3d Disambiguate kernel-specific file names
This patch removes possible ambiguities with respect to the naming of
kernel-dependent binaries and libraries. It also removes the use of
kernel-specific global side effects from the build system. The reach of
kernel-specific peculiarities has thereby become limited to the actual
users of the respective 'syscall-<kernel>' libraries.

Kernel-specific build artifacts are no longer generated at magic places
within the build directory (like okl4's includes, or the L4 build
directories of L4/Fiasco and Fiasco.OC, or the build directories of
various kernels). Instead, such artifacts have been largely moved to the
libcache. E.g., the former '<build-dir>/l4/' build directory for the L4
build system resides at '<build-dir>/var/libcache/syscall-foc/build/'.
This way, the location is unique to the kernel. Note that various tools
are still generated somewhat arbitrarily under '<build-dir>/tool/' as
there is no proper formalism for building host tools yet.

As the result of this work, it has become possible to use a joint Genode
build directory that is usable with all kernels of a given hardware
platform. E.g., on x86_32, one can now seamlessly switch between linux,
nova, sel4, okl4, fiasco, foc, and pistachio without rebuilding any
components except for core, the kernel, the dynamic linker, and the timer
driver. At the current stage, such a build directory must still be
created manually. A change of the 'create_builddir' tool will follow to
make this feature easily available.

This patch also simplifies various 'run/boot_dir' plugins by removing
the option for an externally hosted kernel. This option remained unused
for many years now.

Issue #2190
2016-12-23 16:51:32 +01:00
Norman Feske
f54c85e045 Genode application binary interface (ABI)
This patch decouples the kernel-specific implementation of the dynamic
linker from its kernel-agnostic binary interface. The name of the
kernel-specific dynamic linker binary now corresponds to the kernel,
e.g., 'ld-linux.lib.so' or 'ld-nova.lib.so'. Applications are no longer
linked directly against a concrete instance of the dynamic linker but
against a shallow stub called 'ld.lib.so'. This stub contains nothing
but the symbols provided by the dynamic linker. It thereby represents
the Genode ABI.

At system-integration time, the kernel-specific run/boot_dir back ends
integrate the matching the kernel-specific variant of the dynamic linker
as 'ld.lib.so' into the boot image.

The ABI symbol file for the dynamic linker is located at
'base/lib/symbols/ld'. It contains the joint ABI of all supported
architectures. The new utility 'tool/abi_symbols' eases the creation of
such an ABI symbol file for a given shared library. Its result should be
manually inspected and edited as needed.

The patch removes the 'syscall' library from 'base_libs.mk' to avoid
polluting the kernel-agnostic ABI with kernel-specific interfaces.

Issue #2190
Issue #2195
2016-12-23 16:50:28 +01:00
Norman Feske
ccffbb0dfc Build dynamically linked executables by default
Fixes #2184
2016-12-14 11:22:27 +01:00
Norman Feske
5a1cef6381 Make label prefixing more strict
This patch unconditionally applies the labeling of sessions and thereby
removes the most common use case of 'Child_policy::filter_session_args'.
Furthermore, the patch removes an ambiguity of the session labels of
sessions created by the parent of behalf of its child, e.g., the PD
session created as part of 'Child' now has the label "<child-name>"
whereas an unlabeled PD-session request originating from the child
has the label "<child-name> -> ". This way, the routing-policy of
'Child_policy::resolve_session_request' can differentiate both cases.

As a consequence, the stricter labeling must now be considered wherever
a precise label was specified as a key for a session route or a server-
side policy selection. The simplest way to adapt those cases is to use a
'label_prefix' instead of the 'label' attribute. Alternatively, the
'label' attribute may used by appending " -> " (note the whitespace).

Fixes #2171
2016-11-30 13:37:07 +01:00
Norman Feske
8bafb9d41b Adapt low-level components to new parent interface
This patch adjusts the components of the os repository as well as device
drivers to the new parent interface.

Issue #2120
2016-11-25 16:06:42 +01:00
Norman Feske
cfdbccc5c2 Remove blocking calls from root and parent RPCs
This is a redesign of the root and parent interfaces to eliminate
blocking RPC calls.

- New session representation at the parent (base/session_state.h)
- base-internal root proxy mechanism as migration path
- Redesign of base/service.h
- Removes ancient 'Connection::KEEP_OPEN' feature
- Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy'
- New 'Slave::Connection'
- Changed child-construction procedure to be compatible with the
  non-blocking parent interface and to be easier to use
- The child's initial LOG session, its binary ROM session, and the
  linker ROM session have become part of the child's envirenment.
- Session upgrading must now be performed via 'env.upgrade' instead
  of performing a sole RPC call the parent. To make RAM upgrades
  easier, the 'Connection' provides a new 'upgrade_ram' method.

Issue #2120
2016-11-25 16:06:42 +01:00
Norman Feske
784e728727 Clean ldso from using deprecated APIs
Issue #1987
2016-11-08 15:26:32 +01:00
Norman Feske
b9280678fb base-linux: fix race in region_map_mmap
This patch fixes a race condition triggered by the thread test running
on Linux inside VirtualBox. The 'test_stack_alloc' sporadically produced
one of two errors: A segfault in the 'Thread::deinit_platform_thread' on
the attempt to access the 'native_thread' of the to-be-destructed thread
(this data structure is located on the thread's stack). Or, an error
message about a region conflict within the stack area.

The problem was that two instances of 'Region_map_mmap' issued a
sequence of munmap and mmap each. Even though each instance locked the
attach/detach operations, the lock was held per instance. In a situation
where two instances performed attach/detach operations in parallel, the
syscall sequences could interfere with each other.

In the test scenario, the two region-map instances are the test's
address space and the stack area. When creating a thread, the thread's
trace-control dataspace is attached at an arbitrary place (picked by
the Linux kernel) within the address space whereas the stack is attached
at the stack area. The problem is the following sequence:

Thread A wants to destruct a thread:
1. Remove stack from stack area
   (issue unmap syscall)
2. Preserve virtual address range that was occupied from the stack
   so that Linux won't use it
   (issue mmap syscall)

Thread B wants to construct a thread:
1. Request trace-control dataspace from CPU session
2. Attach trace-control dataspace to address space at a location
   picked by the Linux kernel
   (issue mmap syscall)

The problem occurs when thread B's second step is executed in between
the steps 1 and 2 of thread A and the Linux kernel picks the
just-unmapped address as the location for the new trace-control mapping.
Now, the trace control dataspace is mapped at the virtual address that
was designated for the stack of the to-be-created thread, and the
attempt to map the real stack fails.

The patch fixes the problem by replacing the former region-map-local
locks by a component-global lock.

Furthermore, it cleans up core's implementation of the support function
for the region-map-mmap implementation, eliminating the temporary
unlocking of the region-map lock during RPC.
2016-11-08 15:26:30 +01:00
Stefan Kalkowski
7e1692d997 core: unify handling of boot modules
Instead of solving the problem to deliver ROM modules to core while booting
differently for the several kernels (multi-boot, elfweaver, core re-linking),
this commit unifies the approaches. It always builds core as a library, and
after all binaries are built from a run-script, the run-tool will link an
ELF image out of the core-library and all boot modules. Thereby, core can
access its ROM modules directly.

This approach now works for all kernels except Linux.

With this solution, there is no [build_dir]/bin/core binary available anymore.
For debugging purposes you will find a core binary without boot modules, but
with debug symbols under [run_dir].core.

Fix #2095
2016-11-08 15:26:27 +01:00
Stefan Kalkowski
2a2e5c2df4 base-*: remove usage of printf
base generic code:
  * Remove unused verbosity code from mmio framework
  * Remove escape sequence end heuristic from LOG
  * replace Core_console with Core_log (no format specifiers)
  * move test/printf to test/log
  * remove `printf()` tests from the log test
  * check for exact match of the log test output
base-fiasco:
  * remove unused Fiasco::print_l4_threadid function
base-nova:
  * remove unused hexdump utility from core
base-hw:
  * remove unused Kernel::Thread::_print_* debug utilities
  * always print resource summary of core during startup
  * remove Kernel::Ipc_node::pd_label (not used anymore)
base*:
  * Turn `printf`,`PWRN`, etc. calls into their log equivalents

Ref #1987
Fix #2119
2016-10-21 12:39:36 +02:00