Commit Graph

2003 Commits

Author SHA1 Message Date
Martin Stein
9b619e95b2 nic_router: fix log when updating ARP waiters
Give the correct reason why an ARP waiter was dismissed.

Issue #2840
2018-06-29 10:44:58 +02:00
Norman Feske
a9adc67421 os: improve robustness of init_loop test 2018-06-29 10:44:57 +02:00
Emery Hemingway
96112ec66d test/fs_report: delay Report/ROM file removal
Ref #2839
2018-06-29 10:44:56 +02:00
Christian Helmuth
3161daacd7 platform_drv: use Expanding_reporter for pci report
If the number of PCI buses grows (seen with VMware player) the default
report size is exhausted quickly.
2018-06-29 10:44:56 +02:00
Emery Hemingway
9d8bf1373e Chroot: remove merge policies
The chroot server was conceived to automatically place File_system
sessions into segregated root directories by converting session labels
to paths. If multiple children needed to be grouped under the same path,
a 'merge' policy would truncate the session label before path conversion.
Now that init can rewrite session labels and thus reproduce truncation,
the chroot merge feature is redundant and can be removed.

Fix #2846
2018-06-29 10:44:54 +02:00
Emery Hemingway
366913c146 ram_fs: unmark modification from nodes that have been synced
Removed the modified mark from handles that have been written to when
they are synced, otherwise a notification would be sent again when the
handle is closed.

Ref #2839
2018-06-29 10:44:54 +02:00
Martin Stein
90fcba79c6 nic_router: non-critical logs only when verbose
* Do not log events that are not critical (deadly) to the NIC router if not
  configured to be verbose,
* Print almost all log lines with a prefix of the domain name they are
  related to,
* And, do not use Genode::error and Genode::warning as they make it hard to
  read the log with the domain name prefixes.

Fixes #2840
2018-06-29 10:44:53 +02:00
Martin Stein
49a3a0e0d0 nic_router: multiple uplinks
Introduce the uplink tag:

! <config>
!    <uplink label="wifi"  domain="uplink">
!    <uplink label="wired" domain="wired_bridge">
!    <uplink               domain="wired_bridge">
! <config/>

For each uplink tag, the NIC router requests a NIC session with the
corresponding label or an empty label if there is no label attribute.
These NIC sessions get attached to the domain that is set in their
uplink tag as soon as the domain appears. This means their lifetime is
not bound to the domain. Uplink NIC sessions can be safely moved from
one domain to another without being closed by reconfiguring the
corresponding domain attribute.

Attention: This may render previously valid NIC router configurations
useless. A domain named "uplink" doesn't automatically request a NIC
session anymore. To fix these configurations, just add

! <uplink domain="uplink"/>

or

! <uplink label="[LABEL]" domain="uplink"/>

as direct subtag of the <config> tag.

Issue #2840
2018-06-29 10:44:53 +02:00
Martin Stein
d4f08b5a71 nic_router: get rid of the term "legacy"
The term was used for the old configuration during the handling of a new
configuration but in other places it was already called old_config.

Issue #2840
2018-06-29 10:40:14 +02:00
Martin Stein
ff7bc0ac6c nic_router: optimize handling of invalid domains
Dissolve and destroy the invalid domain first before deinitializing all
domains for the next round. This way, the deinitialization is not done twice
for the invalid domain.

Issue #2840
2018-06-29 10:40:14 +02:00
Martin Stein
27155a507f nic_router: fix DHCP-server deinitialization
Due to a bug in the deinitialization of the DHCP server of a domain (the
reference to the destroyed object was not cleared), the NIC router could
end up in a page fault caused by a double-free at the heap. This also fixes
the previously missing dissolving of the "DNS-server-from" relation to a
remote domain.

Issue #2840
2018-06-29 10:40:14 +02:00
Martin Stein
14357b0b44 nic_router_flood.run: test DoS against router
Currently has three clients that continuously create new UDP/TCP/ICMP
connections through the NIC router with NAT to the outer world and they
get never closed.  A fourth client does normal ping through the same
domain to the outer world that must succeed even after the RAM quota of
the other session at the router is exhausted. The test is restricted to
Qemu to not being at risk to flood real networks.

Issue #2857
2018-06-29 10:40:13 +02:00
Christian Helmuth
246bacd9da depot: update recipe hashes 2018-06-13 13:52:12 +02:00
Norman Feske
78d83ebda8 utf8.run: increase timeout, needed for sel4 2018-06-13 13:52:11 +02:00
Emery Hemingway
8f1eecdc29 fs_rom: read dataspace during session request
Fix #2863
2018-06-13 13:52:11 +02:00
Norman Feske
6491ba0589 init: avoid too eager child restart
This patch weakens the aggressive restart of a child with incomplete
environment sessions. The restart check is performed each time
the init configuration changes. In sculpt, this is not a rare special
case anymore but a frequent case when using the depot_rom as provider
for environment ROM sessions. In particular when starting a chain of
inter-depending children, the sculpt-manager quickly generates a
sequence of configurations with successively added start nodes.
2018-06-13 13:52:10 +02:00
Norman Feske
648539a513 init: don't report abandoned children
This is a fixup of "base: fix destruction of async env sessions".
2018-06-13 13:50:35 +02:00
Alexander Boettcher
ef482513c4 base: reset unfinished xml nodes in xml_generator
Fixes #2855
2018-06-13 13:50:35 +02:00
Norman Feske
d4c22654e1 init test: reduce RAM demand of app/dummy
The addition of the 'Cap_consumer' feature to app/dummy increased the
static RAM demand of the component to a point where 1 MiB no longer
suffices on sel4 (on this kernel, the base library uses a larger amount
of statically allocated data compared to the others). The tweaks enable
init.run and init_loop.run to work on sel4 on x86-64.
2018-06-12 12:11:51 +02:00
Christian Prochaska
d1524ba0b8 usb_block_drv: don't select alternate interface setting
Selecting an alternate interface setting, even if it is the same as the
current one, apparently makes the INQUIRY command fail with USB devices
like 'SanDisk Ultra Fit' (0781:5583) and 'Corsair Flash Voyager'
(1b1c:1a03) when the USB block driver is restarted.

Fixes #2860
2018-06-12 12:11:51 +02:00
Norman Feske
37be984d34 fs_rom: workaround for possible livelock
Thanks to Alexander Boettcher for investigating!
2018-06-12 12:11:50 +02:00
Martin Stein
bf055e2cb4 nic_router: fix uncaught interface RAM exhaustion
* Catch Quota_guard exceptions wherever we do 'new (_alloc)' in Interface
  and in case drop the packet that caused the exception
* Modify Interface::handle_config_2 to not use the guarded allocator of the
  NIC session quota as we cannot handle a RAM exhaustion well at this point
  in time. Instead use a Constructible member in Interface so that a needed
  RAM adds up to the calculation in the create_session implementation where
  an exhaustion is handled via a service denial.

Issue #2857
2018-06-12 12:11:50 +02:00
Martin Stein
97ea513122 nic_router: fix pure virtual call in ~Interface()
The interface destructor called pure virtual methods at least when
cancelling ARP- waiting states. The implementations were made by the
deriving classes Session_component respectively Uplink. This led to an
abort of the NIC router as the destruction of the derived class was
already done. A similar problem already occured in the past during the
construction of Interface and was back then solved by introducing a
separate init() method. This commit, however, solved the problem by
making Interface a member of the other classes. Therefore, the init()
method could be removed again. Furthermore, the interface polica could be
moved from Session_component_base to Session_component. The commit also
had to generalize the way the link state of an interface is determined.

Fixes #2856
2018-06-12 12:11:49 +02:00
Norman Feske
b96f0fa2df init: defer immediate restart of abandoned child
While a child is abandoned, we must limit the start of anothers with
the same name. Otherwise - of the child has startup problems - a number
of abandoned children with the same name may queue up. This becomes a
problem whenever the child destruction depends on an asynchronous
service that provides an env session for the children. If the service is
unable to keep up with the session requests (both create and close),
the queue of abandoned children becomes unbounded. Limiting the child
creation rate to one abandoned child per name mitigates this problem.
2018-06-12 12:11:47 +02:00
Norman Feske
6ab259d642 init: update state report on new/killed children
This patch reduces the latency of state reports when children are
removed or added, thereby, accellerating the feedback loop between a
management component and init during the staged startup or removal of
inter-dependent components.
2018-06-12 12:11:47 +02:00
Norman Feske
7088e4faaa os: add init_loop test
This test monitors the RAM quota of a dynamic init and a server hosted
within the dynamic init in the presence of a repeatedly created and
destructed client.
2018-06-12 12:11:46 +02:00
Martin Stein
4630c4b9ff nic_router: fix domain invalidation during init
Previously we were doing the initialization once over all domains,
remembered which of them became invalid and destroyed those afterwards.
This isn't sufficient. As soon as one domain becomes invalid we have to
dissolve/destroy this one, deinitialize all other domains again (as they
could contain references to the invalid domain) and retry to initialize
them from the beginning. We proceed with this until we have one run
without a domain becoming invalid. Then we can be sure that the last
initialization run did not create references to any invalid domain.

Issue #2840
2018-06-12 12:11:45 +02:00
Martin Stein
410652d42a nic_router: invalidate domains with same name
If two domains have the same name, invalidate (dissolve, destroy) them both.

Issue #2840
2018-06-12 12:11:45 +02:00
Martin Stein
8004d8757f nic_router: generic Avl_string_tree
The generic helper Avl_string_tree of the NIC router is currently only
used for finding domains via their names, but in the future it can be
used for finding uplinks by their labels also. Additionally, it enables
us to throw an exception when inserting two elements with the same
identifier.

Issue #2840
2018-06-12 12:11:44 +02:00
Martin Stein
bf1428be18 nic_router: simplify routing rule classes
* Get rid of the base classes Rule and Leaf_rule,
* Make log output about initiated or invalid routing rules conform to the rest
  of the router log, and
* Ensure that each type of routing rule when being invalid invalidates its
  whole domain.

Issue #2840
2018-06-12 12:11:44 +02:00
Martin Stein
1330c27ac6 ping.run: mark as "not supported" on Linux & FOC
On Linux, we have a tap device as NIC back end but there is no one to
ping to in the subnet of the tap device. On FOC, the tests seem to trigger
a bug in the destruction of components with parent.exit(X); .

Fixes #2848
2018-06-12 12:11:44 +02:00
Norman Feske
950b270e74 init: support dynamic cap-quota adjustment
This patch makes init's dynamic quota balancing mechanism available for
capability quotas.

Fixes #2852
2018-06-12 12:11:42 +02:00
Norman Feske
d2bd8f70f6 input_filter: fix condition for delayed press
The condition was too rigid. In the case where no motion occurred in
between the press and release events of the magic button, the delayed
press event would not be delivered. This - in turn - confused other
components (like nitpicker) down the input chain.
2018-06-12 12:11:41 +02:00
Alexander Boettcher
5ca30b0318 platform_drv: disable PCI DMA class specific
for such classes where it should be safe and where we have seen issues.
Disabling in general bus master DMA causes on some machines hard hangs, e.g.
because the USB handover protocol was violated.

Fixes #2835
2018-06-12 12:11:40 +02:00
Norman Feske
7791937e84 init: reduce report latency for resource requests
In contrast to most information of init's state reports, which can be
monitored at a relatively low rate (like 2 seconds in Sculpt's runtime),
resource requests call for an immediate response by the consumer of the
report. Otherwise the requesting child stays unnecessarily blocked until
the next rate-limited state report is due. This patch adds a fast lane
for such low-latency state updates to init.
2018-06-12 12:11:38 +02:00
Alexander Boettcher
70028f8445 nova: export kernel messages via memory
Fixes #2207
2018-06-12 12:11:37 +02:00
Christian Helmuth
bd86efe5fe depot: update recipe hashes 2018-05-31 14:02:21 +02:00
Josef Söntgen
9760210c77 fs_rom: revert notification changes 2018-05-31 13:51:23 +02:00
Martin Stein
a3905fcf87 nic_router: do not leak packets on link down/up
Do not send nor buffer packets at interfaces with link state "down". This
prevents that packets that were routed to one network (allowed to see them),
due to a sudden link down/up, are leaked to another network that is not
allowed to see them.
2018-05-31 12:28:15 +02:00
Martin Stein
1306892fbf nic_router: fix interface update on missing domain
When updating an interface in the NIC router to a new configuration and
the domain name of the interface has not changed but the domain
disappeared, the NIC router did not detach from the old domain correctly
which led to broken remnants of interface state objects (like connection
states).

Adapt the nic_router_uplinks run script to work with the fix.
2018-05-31 12:28:15 +02:00
Christian Helmuth
e2559a822b server/fs_report: don't truncate file initially
fs_report truncated the report file on construction of the report
session to mimic an "empty report". This prevented existing use cases
where the initial state was already written to the file system by other
means.

I doubt that use cases exist where the inital empty-report mimic is
needed and (if I'm wrong) there is still the race of the consumer
reading the file just before the report session is constructed.
Reporters that want to enforce an empty initial report should send it
explicitly.
2018-05-31 12:28:15 +02:00
Emery Hemingway
1af6bd1454 Fs_rom: send signals on file removal
Clients may wish to act on missing files. In any case the fs_rom
needs to reopen a watch handle when a file is deleted, and this
sort of change to the internal state machine is propelled by
client RPC requests.

Fix #2839
2018-05-31 12:28:12 +02:00
Norman Feske
87be50c542 os: add Expanding_reporter::generate(Xml_node)
This method allows for the verbatim reporting of an existing XML node.
2018-05-30 13:36:40 +02:00
Norman Feske
fc6e3c6b09 nitpicker: report boot-time motion activity 2018-05-30 13:36:40 +02:00
Norman Feske
b541379037 nitpicker: option to report display information
The new 'displays' report contains information about the used
framebuffer backend. It is issued when nitpicker has successfully passed
all initialization, in particular the connection to the framebuffer
driver. Hence, it can be taken as an indicator of whether the framebuffer
is available or not (e.g., caused by a faulty driver).
2018-05-30 13:36:40 +02:00
Martin Stein
22a69efafa nic_router: report DNS server 2018-05-30 13:36:40 +02:00
Martin Stein
3cac7e878d nic_router: invalid rules render domain invalid 2018-05-30 13:36:39 +02:00
Martin Stein
0592ac56c9 nic_router: handle invalid DHCP server 2018-05-30 13:36:39 +02:00
Martin Stein
49dc2b264f nic_router: point to point IP config 2018-05-30 13:36:39 +02:00
Martin Stein
44d97986a2 nic_router: attribute report.config_triggers 2018-05-30 13:36:39 +02:00
Martin Stein
c32c584f65 nic_router: fix uncaught exception on re-configure 2018-05-30 13:36:38 +02:00
Martin Stein
4802d22527 nic_router: reset uplink IP on link state change 2018-05-30 13:36:38 +02:00
Martin Stein
fe21ab48e0 nic_router: fix link-state for uplink interface 2018-05-30 13:36:37 +02:00
Martin Stein
19816bcd31 nic_router: when freeing a link log it beforehand
So, it can be located more easily when something goes wrong while
freeing a link.

Fixes #2815
2018-05-30 13:36:36 +02:00
Martin Stein
734d174f33 net: get rid of unused mac_from_string method
Issue #2815
2018-05-30 13:36:36 +02:00
Martin Stein
cea22866a8 config.xsd: adapt Boolean type to ascii_to(bool)
Harmonize the set of allowed values with the implementation of ascii_to for
bool.

Issue #2815
2018-05-30 13:36:35 +02:00
Martin Stein
ba348b73e2 nic_router: re-use dynamic IPv4 config if possible
When re-configuring the NIC router, determine for each domain if at least one
interface stays with the domain. If a domain fullfills this and has a
dynamic IP config (received via a DHCP client), keep the IP config.

To achieve this, the following changes have been made to the existing NIC
router code:

* Split-up Interface::handle_config into three steps:

  1) Determine for each interface if its domain can keep its IP config or
     or if it has to mark it invalid. This must be done before (re-)attaching
     any interface because during "attach" several decisions are made based on
     the validity of the IP config of corresponding the domain.
     (E.g. whether to participate in sending DHCP DISCOVERs {IP config
     invalid} or whether to participate in sending pending ARP REQUESTs
     {IP config valid} ).

  2) Detach, attach, or re-attach each interface according to the
     configuration. This must be done before re-considering the temporary
     state objects of each interface because the latter might have effects
     on the interfaces of remote domains which must then be in place already.

  3) Re-consider temporary state objects of each interface. (E.g. transport
     layer connection states)

* Re-work IP-config setter in a way that it works as follows:

  1) If the old IP config is valid, let all local interfaces as well as remote
     interfaces that depend on the IP config of the domain detach from the old
     IP config.

  2) Overwrite with new IP config

  3) If the new IP config is valid, let all local interfaces as well as remote
     interfaces that depend on the IP config of the domain attach to the new
     IP config.

Issue #2815
2018-05-30 13:36:34 +02:00
Martin Stein
ed69c11b01 nic_router: label attribute for uplink domain
The new attribute config.domain.label has effect only at the uplink
domain-tag. It determines which label the NIC router shall use when
requesting the NIC session for the uplink domain. If value of this
attribute changes at the uplink domain-tag, the NIC router closes and
re-requests the NIC session of the uplink with the new label.

Issue #2815
2018-05-30 13:36:34 +02:00
Martin Stein
1cfcab536c nic_router: Ipv4_config::print method
Issue #2815
2018-05-30 13:36:34 +02:00
Martin Stein
6de79ad703 ping_nic_router.run: add nic_bridge behind router
This tests the case that behind a NIC router domain there are not only
directly connected clients of the subnet but also Layer 2 indirections like
a switch or a bridge which might be interesting for example for testing the
NIC routers DHCP server implementation.

Fixes #2837
2018-05-30 13:36:33 +02:00
Martin Stein
0996954abb ping tests: fix for linux and hw + arm
Some platforms need more caps in some components and more time to finish the
test.

Issue #2837
2018-05-30 13:36:33 +02:00
Martin Stein
75ff599a91 ping: shorter retry timeouts in DHCP client
Set DHCP-DISCOVER retry timeout and DHCP-REQUEST retry timeout from 10
seconds to 2 seconds. This prevents problems with tests where the NIC
driver comes up slowly and the first packets of the DHCP client get
dropped.

Issue #2837
2018-05-30 13:36:33 +02:00
Martin Stein
0d5ed994e2 nic_router: fix dst and client MAC in DHCP replies
The Ethernet destination MAC address of a DHCP reply is not the same as the
DHCP client MAC address. The DHCP server of the NIC router did not take care
of this by now.

Issue #2837
2018-05-30 13:36:33 +02:00
Martin Stein
cee0c86c3c nic_bridge: fix reading of 'mac' attribute
Read as full MAC address and not as decimal uint8_t.

Issue #2837
2018-05-30 13:36:32 +02:00
Martin Stein
342bdaf4a2 net: generic ascii_to for Netaddress template
Issue #2837
2018-05-30 13:36:32 +02:00
Christian Prochaska
230ed1de37 usb_block_drv: make device reset optional
Fixes #2836
2018-05-30 13:36:31 +02:00
Alexander Boettcher
0ef7e58ef9 platform_drv.inc: support acpi_drv and acpica
Issue #2816
2018-05-30 13:36:31 +02:00
Norman Feske
7b6b3a4535 base: fix destruction of async env sessions
When an environment session is provided by a async service such as a
sibling component, the session metadata must be preserved until end of
the lifetime of the session at the server has been acknowledged by the
server. Since the session meta data of env sessions are always part of
the 'Child' object, the destruction of this object must be deferred
until this point.
2018-05-30 13:36:30 +02:00
Emery Hemingway
6d5393dd31 Simplify fs_rom internals
Merge the 'Packet_handle' into the 'Rom_root' and use an Id_space to
match File_system handles to session objects rather than a list. This
avoids the need to override 'Root_component::_destroy_session'.

Fix #2833
2018-05-30 13:36:29 +02:00
Norman Feske
0c26f33819 init: keep running even when RAM is exhausted
When exhausted of RAM quota while starting children, init used to throw
an uncaught 'Out_of_ram' exception as this condition was considered
fatal. However, this behavior is undesired when init is used in a highly
dynamic yet long-running fashion like sculpt's runtime subsystem. This
change keeps init running despite the error condition, giving the user
the chance to relieve the resource pressure.
2018-05-30 13:36:28 +02:00
Alexander Boettcher
e6d20aba93 base: support to attach RAM dataspaces readonly
Fixes #1633
2018-05-30 13:36:27 +02:00
Christian Helmuth
bba5a61ef9 Don't run ping test on unsupported platforms 2018-05-30 13:36:24 +02:00
Norman Feske
d3626bd84f nitpicker: fix transparency artifacts
The 'View_stack::draw_rec' method limited the redraw to parts of the
view that were explicitly marked as dirty. This does not produce the
desired result when stacking multiple transparent views. Here, the
background views must be drawn regardless of whether they are marked as
dirty or not.
2018-05-30 13:36:23 +02:00
Christian Prochaska
c5f1ac615c Usb::Packet_handler: avoid completion handler recursion
Fixes #2828
2018-05-30 13:36:20 +02:00
Christian Prochaska
c6e4f5914e usb_block_drv: release packet after device reset
Fixes #2827
2018-05-30 13:36:20 +02:00
Christian Prochaska
68ec33b0d3 usb_block_drv: use 10-byte SCSI commands by default
Fixes #2826
2018-05-30 13:36:20 +02:00
Christian Prochaska
5ac56be748 usb_block_drv: set inquiry response length to 36 bytes
Fixes #2825
2018-05-30 13:36:20 +02:00
Christian Prochaska
cecd461f38 usb_block_drv: look up endpoints at runtime
Fixes #2824
2018-05-30 13:36:19 +02:00
Christian Prochaska
106a5f1d4d usb_block_drv: calculate block count correctly
Fixes #2823
2018-05-30 13:36:19 +02:00
Martin Stein
3d480ec947 nic_router: fix config update of ICMP links
Previously, the update of ICMP links on a new router configuration lead to an
uncaught exception.

Issue #2795
2018-05-30 13:36:19 +02:00
Alexander Boettcher
501d82b99f platform_drv: skip assign device if iommu missing
Avoid red messages in the log on machines with no IOMMU, which recurring
confuse people.

Issue #2801
2018-05-30 13:36:18 +02:00
Christian Helmuth
8f102264d3 server/fs_report: open/close file for each write
The file may also be changed by other components, so a open-close cycle
for write() is more robust. For example, Vim removes the original file
and recreates with the new content.
2018-05-30 13:36:17 +02:00
Norman Feske
7d55adf01c nit_fb: defer mode change to client response
The '_active_mode' must not be changed at any time except when the
client asks for the 'Framebuffer::mode'. Otherwise, the dimensions of
dataspace used by the client is not always consistent with the mode
information as gathered by the client.
2018-05-30 13:36:15 +02:00
Christian Helmuth
cb3556877d pointer: show default pointer on empty shape report 2018-05-30 13:36:15 +02:00
Emery Hemingway
29c08d4751 Fix types for VFS error printing
Ref #2793
2018-05-30 13:36:14 +02:00
Christian Prochaska
2b75445ac1 usb_block_drv: keep driver instance between sessions
Fixes #2813
2018-05-30 13:36:13 +02:00
Martin Stein
505d30cc42 Update ping tests
On real hardware, the tests expect an IPv4 subnet such that UDP requests
to 10.0.0.2 port 12345 get answered with an ICMP destination port unreachable.

Issue #2775

support USB NIC

Issue #2788

Set DHCP discover timeout to 1 second because, for some reason, the first
DHCP discover attempt of the NIC router on the PandaBoard times out with the
nightly test infrastructure.

Issue #2788

Adaption to mac-address allocation changes
2018-05-30 13:36:13 +02:00
Martin Stein
2d229a2b72 ping: support UDP
Ping via specific UDP port instead of ICMP Echo with the two new configuration
attributes 'protocol' and 'dst_port'.

Issue #2775
2018-05-30 13:36:12 +02:00
Martin Stein
d93fda594a ping: dynamic IP configuration
Use DHCP to obtain and maintain an IP configuration if no static
configuration is given.

Issue #2775
2018-05-30 13:36:12 +02:00
Martin Stein
ce57319e4b nic_router: bind uplink session lifetime to domain
Normally, the NIC sessions are independent from the domain tags.
However, by now the uplink session, in contrast to the sessions of the
other domains, is still not a server but a client. This means that only
the NIC router itself can decide when to open and close uplink sessions
and how many. Thus, with this commit, we break with the pattern that
session lifetime is independent from domains by letting the NIC router
create the uplink session when the uplink domain appears and close the
session when the domain disappears.

Fixes #2795
2018-05-30 13:36:12 +02:00
Martin Stein
7085640f05 nic_router: remove 'mac_first' attribute
Since the router MAC is allocated like the donwlink MACs it can't happen
anymore that these MACs clash, for instance due to nested routers. Thus,
the range of the MAC allocators of nested routers must not be exclusive
anymore which deprecates the 'mac_first' configuration attribute.

Issue #2795
2018-05-30 13:36:12 +02:00
Martin Stein
e83f095fd2 nic_router: downlinks use own router MAC address
Allocate a virtual MAC address at runtime that is used as router
Ethernet-identity for all downlink domains. This makes the downlink
domains independent from the uplink session.

Issue #2795
2018-05-30 13:36:11 +02:00
Martin Stein
41dbad13e4 nic_router/nic_bridge: re-work Mac_allocator
The old MAC allocator had several drawbacks:

* the address base was a public static that could and must have been written
  directly from outside the class
* the in-use-flag array was based on unsigned values consuming 4 bytes each
  for only one bit of information
* it was a public header that we actually don't want to expose to all
  components but only to the few networking components
* it used the not-so-safe bit notation for integer members of GCC

The new version fixes all these drawbacks.

Issue #2795
2018-05-30 13:36:11 +02:00
Martin Stein
980f3e9c5c net: use Size_guard for packet-data accessors
Instead of handing over the maximum available size to the packet data
accessors, hand over a size guard that keeps track of the packets
boundaries.

This commit also moves the size-guard utilitiy header of Ping and NIC
Router to the include/net directory making it a part of the net library.
It applies the new approach to all net-lib users in the basic repositories.

Ping looses its configurability regarding the ICMP data size as this would
require an additional method in the size guard which would be used only by
Ping.

The size guard was also re-worked to fit the fact that a packet can
bring a tail as well as a header (Ethernet).

Issue #2788
2018-05-30 13:36:11 +02:00
Josef Söntgen
7f285bb074 part_blk: add reporting of expandable GPT entries
Issue #2803.
2018-05-30 13:36:10 +02:00
Josef Söntgen
45743ce884 part_blk: probe whole disk if no valid MBR found
Report the whole disk as partition 0 and probe file system. The
partitions type is set to 'disk'.

Issue #2803.
2018-05-30 13:36:10 +02:00
Josef Söntgen
90360674ed part_blk: report block size 2018-05-30 13:36:10 +02:00
Josef Söntgen
40a0fe9349 part_blk: add minimal file system probing
For now it is enough to differentiate the most commonly used file
system on Genode, e.g. Ext2 for the Genode partition and FAT32 for
(U)EFI partitions.

Issue #2803.
2018-05-30 13:36:09 +02:00
Josef Söntgen
9f8369c01e part_blk: change behaviour regarding GPT usage
The component will now always try to parse the MBR as well as the GPT
(in this order). It will bail out if both are considered valid, using
GPT/MBR hybrid tables is not supported.

Fixes #2803.
2018-05-30 13:36:09 +02:00
Norman Feske
cfe6e0f15b drivers_interactive-pc: increase caps for acpi
This is needed to use the pkg on a Thinkpad x250.
2018-05-30 13:36:09 +02:00
Alexander Boettcher
0de62717f9 x86: detect root bridge properly
Beforehand the root bridge was expected to be at 0:0.0.

Fixes #2801
2018-05-30 13:36:07 +02:00
Sebastian Sumpf
abe76e0d93 vfs rom: return 0555 file permissions
issue #2791
2018-05-30 13:36:06 +02:00
Emery Hemingway
e005d966b4 Ram_fs: immediate directory notifications
Do not mark and defer notification for directories when a file is
created or removed, mark and immediately queue a notification.

Fix #2808
2018-05-30 12:26:19 +02:00
Emery Hemingway
e2661c58dc Convert static VFS library to dynamic library
Fix #2759
2018-05-30 12:26:19 +02:00
Christian Helmuth
3b7d6394d7 depot: update recipe hashes 2018-05-03 15:32:01 +02:00
Stefan Kalkowski
68015a6e9d base: remove cortex* compiler flags (fix #2787) 2018-05-03 15:32:01 +02:00
Emery Hemingway
483d005350 VFS: detect root dir based on config node type
Ref #2782
2018-05-03 15:32:00 +02:00
Norman Feske
b748c4186d nitpicker: deliver pointer pos on hover change
This way, a client is able to respond to the initial movement into the
view area.
2018-05-03 15:32:00 +02:00
Norman Feske
8e0cc44e24 terminal: preserve content during resize
This patch eliminates the flickering of the terminal during resize.
2018-05-03 15:31:59 +02:00
Emery Hemingway
0b980073c1 VFS: close handles via handle method
The using pattern 'handle->close' is less error prone than attempting
'handle->ds().close(handle)' or 'fs.close(handle)'.

Ref #2782
2018-05-03 15:31:57 +02:00
Martin Stein
11a297b557 net: consider tail of Ethernet frame
The Ethernet payload may be followed by padding of variable length and
the FCS (Frame Check Sequence). Thus, we should consider the value
"Ethernet-frame size minus Ethernet-header size" to be only the maximum
size of the encapsulated IP packet. But until now, we considered it to
be also the actual size of the encapsulated IP packet. This commit fixes
the problem for all affected components of the Genode base-repository.

Fixes #2775
2018-05-03 15:31:57 +02:00
Martin Stein
841d583678 net: implement Udp_packet::checksum_error
For checking the checksum of a UDP packet.

Issue #2775
2018-05-03 15:31:56 +02:00
Martin Stein
6b55790e73 net: use generic internet checksum
This reduces the redundant implementations of checksum calculation to
one generic implementation, makes the checksum interface conform over
all protocols, and brings performance optimizations. For instance,
the checksum is now calculated directly in big endian which saves us
most of the previously done byte-re-ordering.

Issue #2775
2018-05-03 15:31:56 +02:00
Martin Stein
836df90f6b nic_router: fix typo in Nat_rule::print
Issue #2775
2018-05-03 15:31:56 +02:00
Martin Stein
bb17e7cf01 nic_router-nat: ICMP NAPT and DNS info forward
Downlink uses DNS server info from Uplink and routes ICMP to Uplink while
applying NAT to it.

Issue #2775
2018-05-03 15:31:56 +02:00
Martin Stein
7adc7bc01a nic_router: more descriptive errors in DHCP server
Instead of telling the user merely that his/her DHCP server config
is invalid, tell him/her why exactly it is invalid.

Issue #2751
2018-05-03 15:31:55 +02:00
Johannes Schlatow
48aa50b97c test/trace_logger: fully automate test
Issue #2735

Co-authored-by: Martin Stein <martin.stein@genode-labs.com>
2018-05-03 15:31:55 +02:00
Johannes Schlatow
b47bf81b73 trace_logger: be aware of trace-buffer wraps
Issue #2735

Co-authored-by: Martin Stein <martin.stein@genode-labs.com>
2018-05-03 15:31:55 +02:00
Martin Stein
373134c4e7 net: safer access to packet data
Replace packet method 'T *data' by the new methods 'T &reinterpret_data'
for parsing or modifying existing sub-protocol packets and 'T
&construct_at_data' for composing a new sub-protocol packet. This has
the advantage that, when composing a new packet, the default constructor
that zero-fills the packet is always called first.

Fixes #2751
2018-05-03 15:31:54 +02:00
Norman Feske
afcad2a968 os: new Input::Event representation
This commit changes the 'Input::Event' type to be more safe and to
deliver symbolic character information along with press events.

Issue #2761
Fixes #2786
2018-05-03 15:31:25 +02:00
Martin Stein
5ef56395f0 test/timeout: raise polling round time
On the Raspberry PI, the 2 seconds of round time in the polling test
were not sufficient to reach the goal of at least 1000 successful polls.
Thus, the commit sets the round time to 2.5 seconds which doesn't hurt to
much but allows the RPI to just make it.

Fixes #2779
2018-05-03 15:31:21 +02:00
Christian Prochaska
b8def5a3c2 depot: gpu_session recipe
Fixes #2770
2018-05-03 15:31:20 +02:00
Norman Feske
6389434222 input_filter: rm input selection in output node
This patch largely reverts the feature of selecting parts of input nodes
from within the output node (as originally introduced by commit
7263cae5a18b4f1f2293d031f9bafcf05ba51146). The selection of content
should be consistently performed by input nodes instead. The principle
ability of copying input nodes verbatim into the output stays available.

Issue #2691
2018-05-03 15:31:19 +02:00
Norman Feske
afadbbbb04 rom_filter: add attribute matching for input nodes
The new 'attribute' and 'value' attributes of input nodes
can be used to select input sub nodes that match the presence and value
of the specified attribute.

Issue #2691
2018-05-03 15:31:18 +02:00
Boris Mulder
4b4760ce8e rom_filter: initially try to parse input ROM
Issue #2691
2018-05-03 15:31:18 +02:00
Norman Feske
1f1302e185 terminal: use VFS-based font handling
This patch replaces the terminal's formerly built-in fonts with the new
VFS-based font handling.

To avoid the copying of the terminal's font configuration across run
scripts, this patch adds the new terminal/pkg runtime package, which
includes everything needed for instantiating a terminal: the actual
terminal component, the library dependencies (vfs_ttf, which in turn
depends on the libc), a font (bitstream-vera), and a reasonable default
configuration.

Fixes #2758
2018-05-03 15:31:17 +02:00
Norman Feske
0011dd1623 terminal: remove built-in keyboard layout handling
Fixes #2757
2018-04-19 13:38:34 +02:00
Norman Feske
8bcf540915 os: add Text_painter::Font::height method
Issue #2716
2018-04-19 13:38:33 +02:00
Norman Feske
6a12a6b4ba vfs: reduce ROM-update rate Rom_file_system::stat
The 'stat' method is called for all paths, not just the specific file
system node of the ROM module. The ROM update is needed only in the
latter case.

Otherwise, when always updating the ROM on stat, stat calls on the VFS
become very expensive in the presence of a mounted ROM module if the ROM
is obtained from fs_rom (which re-watches the file and all its
individual path elements whenever the 'update' RPC function is called).
2018-04-19 13:38:33 +02:00
Norman Feske
0a72b37363 vfs: Simple::env::apply_config 2018-04-19 13:38:33 +02:00
Christian Helmuth
47569458d4 depot: update recipe hashes 2018-04-19 12:39:20 +02:00
Josef Söntgen
505ff0bb11 ping: exit run script on not supported platforms
Fixes #2756.
2018-04-19 12:39:19 +02:00
Norman Feske
cb78516bf1 os: add tests to autopilot
Since the autopilot has become able to use the depot, futher tests can
be enabled by default.
2018-04-19 12:38:53 +02:00
Emery Hemingway
3c07860aad VFS: watch result is ERR_UNACCESSIBLE by default
Ref #2745
2018-04-19 12:38:50 +02:00
Emery Hemingway
97f50e8e15 VFS: dir fs Opendir must open at least one directory to succeed
Ref #2745
2018-04-19 12:38:50 +02:00
Emery Hemingway
82a683eccc VFS: construct file-systems using Vfs::Env object
Reduce the size and forward compatibility of VFS file-system
constructors by passing an object holding accessors for 'Genode::Env',
'Genode::Allocator', response handlers, and the root file-system.

Fix #2742
2018-04-19 12:38:27 +02:00
Stefan Kalkowski
7949c194e9 gpio_drv: mask IRQ until it is acknowledged
When working with GPIO interrupts on i.MX6SX for Ethernet PHYs
it became obvious that the GPIO driver repeatedly receives interrupts
for the same event, because it acknowledges the interrupt before a
client has handled the event.

Ref #2750
2018-04-19 12:38:24 +02:00
Stefan Kalkowski
f653be1ebc gpio_drv: add support for i.MX6
Fix #2750
2018-04-19 12:38:24 +02:00
Josef Söntgen
04516a0d39 nvme_drv: add driver for NVMe storage devices
This driver component provides support for using consumer NVMe storage
devices, i.e. it omits name space managment and will always use the
first name space, on Genode. For now it defaults to a reasonable low
configuration:

  -    1 I/O queue (completion/submission tuple)
  -  128 entries in the I/O queue
  - 4096 as the only I/O transaction memory page size

Fixes #2747.
2018-04-19 12:38:22 +02:00
Josef Söntgen
372e426ec7 platform_drv: recognize PCIe NVMe controller
Issue #2747.
2018-04-10 13:56:22 +02:00
Josef Söntgen
ce93e47e89 os: add Block session tester component
Issue #2747.
2018-04-10 13:56:04 +02:00
Christian Helmuth
d54f95d497 depot: update recipe hashes 2018-04-10 13:03:26 +02:00
Norman Feske
10c9b8a221 sculpt: change DNS server to 1.1.1.1
The previously used nameserver 213.73.91.35 of the CCC seems to be no
longer available.
2018-04-10 13:03:26 +02:00
Martin Stein
f9af0e6f0c net: packed attribute for Icmp_packet 2018-04-10 13:03:26 +02:00
Martin Stein
fa59dc0a5b nic_router: use DHCP parameter request list
Send a list of the expected options with the DHCP DISCOVER and REQUEST
when acting as DHCP client.

Fixes #2738
2018-04-10 13:03:19 +02:00
Martin Stein
ca1751528d net: utilities for DHCP parameter-request lists
Issue #2738
2018-04-10 11:20:49 +02:00
Martin Stein
77e968a5e3 nic_dump: add config XML schema file
Issue #2738
2018-04-10 11:20:49 +02:00
Martin Stein
d6e1c462cc nic_dump: default attribute
The 'default' attribute is useful to change the default value for those
protocol attributes that are not explicitely set in the configuration of
the component.

Issue #2738
2018-04-10 11:20:49 +02:00
Martin Stein
ed13a0a262 nic_dump: make protocols configurable
Each supported protocol now has an attribute with the name of the protocol in
the config tag. Each of these attributes accepts one of four possible values:

* no      - do not print out this protocol
* name    - print only the protocol name
* default - print a short summary of the most important header values
* all     - print all available header values

Example:

! <config eth="name"
!         arp="all"
!         ipv4="default"
!         dhcp="no"
!         icmp="all"
!         udp="no"
!         tcp="default"
!         ... />

Corresponding output example:

! ETH IPV4 10.0.2.212 > 10.0.2.55   time 7158 ms (Δ 11 ms)
! ETH IPV4 10.0.2.55 > 10.0.2.201  TCP 80 > 49154 flags ' time 6976 ms (Δ 5 ms)
! ETH ARP hw 1 prot 2048 hwsz 6 protsz 4 op 1 srcmac 02:02:02:02:02:01 srcip 10.0.2.212 dstmac 00:00:00:00:00:00 dstip 10.0.2.55 time 7074 ms (Δ 98 ms)

Issue #2738
2018-04-10 11:20:49 +02:00
Norman Feske
14180d60be nitpicker: center initial pointer position 2018-04-10 11:20:48 +02:00
Norman Feske
fcae056c84 depot: runtime pkg for rom_reporter 2018-04-10 11:20:47 +02:00
Norman Feske
9d233b73a3 nitpicker: improve 'Session::focus' handling
Nitpicker's 'Session:focus' call used to trigger a one-off focus change
at call time. This focus change did not pass the same code paths as a
focus change triggered by a "focus" ROM update, which led to
inconsistencies.

This patch changes the implementation of 'Session::focus' such that the
relationship of the caller and the focused session is preserved after
call time. Whenever the calling session is focused in the future, the
specified session will receive the focus instead. So 'Session::focus'
represents no longer a single operation but propagates the information
about the inter-session relationship. This information is taken into
account whenever the focus is evaluated regardless of how the change is
triggered.

This makes the focus handling in scenarios like the window manager more
robust.

Issue #2746
2018-04-10 11:20:47 +02:00
Norman Feske
23696760c3 fb_sdl: drop spurious motion events without motion
Relative motion events with a motion vector of (0,0) should not exists.
They cause jittery movements of nitpicker's pointer position. This
patch filters out such events.
2018-04-10 11:20:47 +02:00
Martin Stein
0bd73e440d nic_router: do DHCP requests without source IP
Issue #2738
2018-04-10 11:20:47 +02:00
Martin Stein
db3250f6ee nic_dump: adapt to new README scheme 2018-04-10 11:20:46 +02:00
Martin Stein
d67484bb87 trace_logger/README: add examples subsection 2018-04-10 11:20:46 +02:00
Martin Stein
4aa7057e68 trace_logger: adapt to new README scheme 2018-04-10 11:20:46 +02:00
Martin Stein
f68a719f4c ping/README: add examples subsection 2018-04-10 11:20:46 +02:00
Martin Stein
0fc3202160 ping: adapt to new README scheme 2018-04-10 11:20:45 +02:00
Martin Stein
cf32243822 ping_nic_router.run: add icmp_idle_timeout_sec 2018-04-10 11:20:45 +02:00
Martin Stein
b70fa7b0c1 nic_router: adapt to new README scheme 2018-04-10 11:20:45 +02:00
Martin Stein
38e50a5b4f nic_router/README: adapt to new ICMP features 2018-04-10 11:20:45 +02:00
Martin Stein
ce9a0cbc19 nic_router/config.xsd: add icmp_idle_timeout_sec 2018-04-10 11:20:45 +02:00
Martin Stein
d35d946adf ping_nic_router.run: ICMP through a nic_router
This tests ping with simple IP forwarding, ping with NAPT as well as
forwarding of ICMP "Destination Unreachable" messages through the NIC
router.

Issue #2732
2018-04-10 11:20:44 +02:00
Martin Stein
6edf9ccf5a net: get rid of static constructors 2018-04-10 11:20:44 +02:00
Martin Stein
84a3fbd239 app/ping: perform ICMP Echo to another IP host
The 'ping' component continuously sends ICMP Echo requests to a given IP host
and waits for the corresponding ICMP Echo replies. For each successfull ICMP
Echo handshake it prints a short statistic. By now, it can be used only with a
static IP configuration. The size of the ICMP data field can be configured. It
gets filled with the letters of the alphabet ('a' to 'z') repeatedly.

Issue #2732
2018-04-10 11:20:44 +02:00
Norman Feske
97317b0c95 terminal: change term caps from linux to screen
Fixes #2743
2018-04-10 11:20:43 +02:00
Christian Helmuth
92edcb17e5 Warn on redundant call to exec_static_constructors() 2018-04-10 11:20:43 +02:00
Martin Stein
b3791fabc2 test/timeout: test locks in handlers
Originally, the timeout framework caused deadlocks when acquiring the same
lock from different timeout handlers. This use case is now tested in the
timeout test.

Fixes #2704
2018-04-10 11:20:43 +02:00
Martin Stein
f681f9e844 test/timeout: fix typo
Issue #2704
2018-04-10 11:20:43 +02:00
Martin Stein
93a0c66589 timeout: do not handle timeouts while scheduling
To handle all pending timeouts in the context of scheduling a timeout
was only necessary because the Timeout framework once made use of the
Alarm framework. The method Alarm_scheduler::schedule_absolute took an
absolute deadline as argument and we couldn't change this beause the
Alarm framework was also used without the Timeout framework. We had to
calculate this absolute deadline with the now time of the Timeout
framework but the Alarm framework has its own now time that is always a
bit behind the one of the Timeout framework. This lead to bad decisisons
when finding the right position for the new timeout. Now, we can call
schedule_absolute with a relative duration and thereby fix the problem.

When we schedule an absolute timeout without considering the small time
difference, the end-time for the timeout that is calculated using the
local time value is also smaller than the expected end-time. This can
also lead to directly triggering timeouts that should have triggered
with a certain delay.

As it is not trivial to update the local time value while scheduling a
timeout _without_ calling other timeout handlers, we simply raise the
duration of the new timeout by the age of the local time value.

Issue #2704
2018-04-10 11:18:18 +02:00
Martin Stein
f152e3e9d0 timeout: dequeue all pending alarms before reschedule
This fixes the problem that large timeouts, when rescheduled, are interpreted
to be from the last now_period instead of, what would be right, the next
now_period. This occured if there were multiple pending alarms at the head of
the queue and the reschedule of the first one was done with the other outdated
deadlines still in place.

Issue #2704
2018-04-10 11:11:55 +02:00
Martin Stein
bfb96536da timeout: _setup_alarm calculates deadline itself
Instead of taking the absolute deadline of a timeout as argument from
outside (where it is calculated with a freshly requested now time), we
now take a relative duration as argument and calculate the deadline with
the scheduler-internal now time (which can be a little bit outdated).
This enables us to schedule timeouts without updating the internal now time
and thereby handle all pending timeouts.

Issue #2704
2018-04-10 11:11:55 +02:00
Martin Stein
38dbd59d8a timeout: become independent of the Alarm framework
Integrate the code of the Alarm framework directly into the Timeout
framework.  The former Alarm-framework methods are all private to the
corresponding classes of the Timeout framework and get prefixed with
'_alarm__'. The latter avoids name clashes and makes it easier to
simplify the code later.

Issue #2704
2018-04-10 11:11:54 +02:00
Martin Stein
8c7bbdecdf nic_router: conform log in Domain
In the domain class there were several places where output was generated
not conforming to the typical output format of the router ("[domain]
event: parameters").

Issue #2670
2018-04-10 11:11:54 +02:00
Martin Stein
87eb23f562 nic_router: fix uncaught Domain_tree::No_match
When having an interface that yet is not attached to a domain, then a new
configuration comes in and the interface receives a domain name (via the
policy tag) but the corresponding domain doesn't exist, an exception
Domain_tree::No_match is thrown but was not caught and handled until now.

Issue #2670
2018-04-10 11:11:54 +02:00
Martin Stein
54b10b1b38 nic_router: forward ICMP dst unreachable messages
This follows the guidelines in RFC 5508 to enable forwarding of ICMP
"Destination Unreachable" that correspond to an existing link state in
the NIC router. It also serves as blueprint for forwarding ICMP error
messages in general (They are merely not enabled because we don't test
them).

Issue #2732
2018-04-10 11:11:54 +02:00
Martin Stein
6a988749a1 nic_router: print packet info before sending it
By now, the 'verbose packets' output when sending packets was printed after
finish sending the packet. This makes following the packet flow harder if you
have multiple components that print such information.

Issue #2732
2018-04-10 11:11:54 +02:00
Martin Stein
168407a40a nic_router: config attribute 'mac_first'
The mac_first attribute tells the MAC-address allocator of the router
from which MAC address to start allocating. This is useful, for
instance, if you have nested nic_routers. In this case, identical
MAC-allocator settings have led to name clashes in the past, so, you
want to be able to configure them differently.

Issue #2732
2018-04-10 11:11:53 +02:00
Martin Stein
7b3343c2dc nic_router: NAPT for ICMP echo messages
This follows the guidelines in RFC 5508 to enable ICMP echo through a NAPT
channel of the NIC router. It serves also as blueprint for ICMP queries in
general (they are merely not enabled because we don't test them by now).

Issue #2732
2018-04-10 11:11:53 +02:00
Martin Stein
d2adce7ba6 nic_router: fix bug in Link::handle_config
We updated UDP link states with the wrong idle-timeout value.

Issue #2732
2018-04-10 11:11:53 +02:00
Martin Stein
8981d3baf5 nic_router: conform log in Interface::_handle_eth
Prefix "Drop Packet" messages always with "[<DOMAIN>]".

Issue #2732
2018-04-10 11:11:53 +02:00
Martin Stein
9b936dd120 nic_router: packet verbose at detached interfaces
The 'verbose packets' output previously was not generated for Interfaces
without a domain. But this is desirable as the router nonetheless
receives packets at such interfaces. This is now fixed and such output
is simply prefixed with a "[?]" denoting that the interface has no
domain.

Issue #2732
2018-04-10 11:11:53 +02:00
Martin Stein
98617432c3 nic_router: send ICMP error on unroutable packet
Send an ICMP "Destination Network Unreachable" as response to packets that
are not routable by the NIC router.

Issue #2732
2018-04-10 11:11:52 +02:00
Martin Stein
4dc8f6dca4 nic_router: fix missing IPv4.ECN initialization
We missed to zero-out the ECN field in IPv4 packets. We don't use the ECN
field but there might be old data left in the packet RAM allocated by the
NIC packet streams. If we don't zero-out ECN it might leak old data.

Issue #2732
2018-04-10 11:11:52 +02:00
Martin Stein
009330ab4c nic_dump: support ICMP
Print out common header information of the Internet Control Message
Protocol.

Issue #2732
2018-04-10 11:11:52 +02:00
Martin Stein
365bd347a6 net: ICMP protocol
Packet format and common utilities for the Internet Control Message
Protocol.

Issue #2732
2018-04-10 11:11:52 +02:00
Emery Hemingway
9c6b720ec1 Notification support for the VFS library
Add a new 'Vfs_watch_handle' type to the VFS interface. This handle type
will pass a handle context up through the I/O handler to the application
when a notification event occurs.

Watch support implemented for RAM and File_system plugins, all other
file-systems return WATCH_ERR_STATIC by default.

Test at run/fs_rom_update_ram and run/fs_rom_update_fs.

Fix #1934
2018-04-10 11:11:51 +02:00
Emery Hemingway
344d46ce78 Comparision operators for Genode::Path
Ref #1934
2018-04-10 11:11:51 +02:00
Emery Hemingway
8310a94843 os/path: const 'string' accessor
Ref #2160
2018-04-10 11:11:50 +02:00
Norman Feske
3778558608 os: reworked nitpicker_gfx/text_painter.h
This patch improves the `Text_painter` utility that is commonly used by
native Genode components to render text:

- Support for subpixel positioning
- Generic interface for accessing font data
- Basic UTF-8 support

Since the change decouples the font format from the 'Text_painter' and
changes the API to use the sub-pixel accurate 'Text_painter::Position'
type, all users of the utility require an adaptation.

Fixes #2716
2018-04-10 11:09:18 +02:00
Norman Feske
07cd0d5809 vfs: add 'Readonly_value_file_system'
This file system is meant as a building block for pseudo file systems
that host a directory of several small files where each corresponds to
an attribute of the pseudo file system.
2018-04-10 11:09:18 +02:00
Norman Feske
48c5707a0c vfs: relax root_dir argument of 'Dir_file_system'
By letting the 'Dir_file_system' accept an arbitrary 'File_system'
as root directory, we can use the 'Dir_file_system' as a building
block for creating other file-system types.
2018-04-10 11:09:18 +02:00
Norman Feske
b0b92e4ee2 vfs: pass root directory to plugins
This patch enables the use of the VFS from VFS plugins by passing a
reference of the root directory to the constructors of file-system
instances. Since it changes the signature of 'Vfs::Dir_file_system',
any code that uses the VFS directly requires an adaptation.

Fixes #2701
2018-04-10 11:09:17 +02:00
Alexander Boettcher
a347be2222 sel4: enable wandboard sd card bench test
Issue #2665
2018-04-10 11:09:16 +02:00
Martin Stein
e213b9046d nic_router: inform clients on DNS server change
If the remote DNS server address value of a DHCP server changes, the affected
interfaces do a link down/up to inform all DHCP clients that they should
re-request their DHCP info.

Issue #2730
2018-04-10 11:06:00 +02:00
Martin Stein
4bee38ea62 nic_router: DHCP server considers dns_server_from
The dns_server_from attribute of the dhcp-server tag has effect only if
the dns_server attribute of the same tag is not set. If this is the
case, the dns_server_from attribute states the domain from whose IP
config to take the DNS server address. This is useful, for instance, if
the stated domain receives the address of a local DNS server via DHCP.
Whenever the IP config of the stated domain becomes invalid, the DHCP
server switches to a mode where it drops all requests unanswered until
the IP config becomes valid again.

Issue #2730
2018-04-10 11:06:00 +02:00
Martin Stein
fec53690d7 nic_router: get DNS server from dynamic IP config
If available, read and remember DNS server address from DHCP replies per
domain.

Issue #2730
2018-03-29 16:13:22 +02:00
Martin Stein
04c3ae56ed nic_router: read DHCP-server config only once
Until now, the DHCP server of a domain was re-constructed each time the
IP config changed. This is not necessary as a domain that acts as DHCP
server must have a static IP config as it would be senseless to act as
DHCP server and client at the same time. Now, a configured DHCP server
is constructed only when the Domain gets constructed and stays alive
until the domain gets destructed. Furthermore, we now throw Domain::Invalid
if there is no static IP config plus a DHCP server configured. However, by
now, this exception is not caught as it is not trivial to destruct the
domain at this point.

Issue #2730
2018-03-29 16:12:05 +02:00
Martin Stein
7d50219902 nic_router: add missing 'override' declarations
Issue #2730
2018-03-29 16:10:13 +02:00
Martin Stein
b344f2bc39 nic_router: fix pure virtual call in Interface
The Interface constructor previously tried to attach to a domain.  This
might include sending a DHCP request to get the domain a valid IP config.
But in order to achieve this, the constructor used a pure virtual method
of Interface which crashes due to the unfinished vtable. To fix this bug,
the attach attempt was moved to a new Interface::init method.

Issue #2730
2018-03-29 16:09:52 +02:00
Martin Stein
1044c2fcab nic_router: simplify the pointer utility
Instead of Pointer<T>::set use assignment operator with implicit constructor
from T-reference. Instead of Pointer<T>::unset use assignment operator with
Pointer<T>(). Instead of Pointer<T>::deref provide () operator.

Issue #2730
2018-03-29 16:03:28 +02:00
Martin Stein
92a30e0953 nic_router: handle configuration changes
The router reacts as follows to a configuration change:

1) Construct new internal configuration representation (the old one stays
   in place to be able to do comparisons in the following steps)
2) Iterate through all user-dependent objects (interfaces, link states, ARP
   information, DHCP information) and re-check which remain valid with the
   new configuration and which must be dismissed.
3) Adapt the objects that remain valid to the new configuration (re-write
   references) and remove or detach the dismissed objects.
4) Do a link state DOWN at each interface and a link state UP at each
   interface that remains attached to a domain.
5) Replace the old internal configuration representation with the new one

This way, the router keeps as much user dependent states as possible
while going through a configuration change. Thus, overwriting the old
configuration with an exact copy of itself is (almost) transparent to
clients of the router. Almost, because there are things the router must
do on every configuration handling, like re-scheduling the expiration
timeouts of links.

Ref #2670
2018-03-29 15:39:44 +02:00
Martin Stein
4e8453b7bf nic_router: destroy list items during for_each
The for_each method of the List wrapper remembers the next list item
before calling the functor on the current one, so, the current one can
be destroyed during the functor.

Ref #2670
2018-03-29 15:39:44 +02:00
Martin Stein
930c29a50c nic_router: != operator for IP config
Ref #2670
2018-03-29 15:39:36 +02:00
Martin Stein
ec240a64d9 nic_router: != operator for IP address prefix
Ref #2670
2018-03-29 15:39:36 +02:00
Martin Stein
709afcd945 nic_router: overwritable reference wrapper
While references are const and always valid, this wrapper is like a reference
that is only always valid and can be overwritten.

Ref #2670
2018-03-29 15:32:39 +02:00
Martin Stein
119b9f9c2c nic_router: alloc specific bits at bit allocator
Method to allocate specific bits at a Bit_allocator_dynamic

Ref #2670
2018-03-29 15:32:39 +02:00
Martin Stein
03062b83b6 nic_router: alloc specific port at port allocators
Methods to allocate a specific port at Port_allocator and
Port_allocator_guard.

Ref #2670
2018-03-29 15:30:20 +02:00
Martin Stein
e0081cfc29 nic_router: safe pointer class for const objects
Const_pointer class that enables the use of the pointer wrapper for
const ojects.

Ref #2670
2018-03-29 15:30:03 +02:00
Martin Stein
5926261e08 nic_router: Avl_tree wrapper with destroy_each
AVL tree wrapper with method to destruct and deallocate each item of the
tree.

Ref #2670
2018-03-29 15:30:03 +02:00
Martin Stein
44dd55a268 nic_router: destroy_each for domain tree
List method to destruct and deallocate each item of a domain tree.

Ref #2670
2018-03-29 15:24:02 +02:00
Martin Stein
d5f645ee69 nic_router: destroy_each for list wrapper
List method to destruct and deallocate each item of a list.

Ref #2670
2018-03-29 15:23:31 +02:00
Martin Stein
8fff7df438 nic_router: safe pointers that are valid and const
Add safe pointer constructor that takes a reference as argument to enable the
use of the safe pointer wrapper as const object.

Ref #2670
2018-03-29 15:22:52 +02:00
Martin Stein
2c2037952d nic_router: support interfaces without a domain
Clients can connect at any time to the NIC router. The interfaces (sessions)
get attached to the appropriate domain as soon as it appears. This implies
that interfaces can also be detached from a domain without beeing destructed
when the domain disappears. All user dependent states of an interface such as
the link states, DHCP allocations and ARP information get lost when the
interface gets detached.

Ref #2670
2018-03-29 15:22:34 +02:00
Martin Stein
63de13b50e nic_router: conform domain labeling in log
Adapt domain labeling of packet receive/send messages in log to other domain
specific log messages.

Ref #2670
2018-03-29 15:21:07 +02:00
Martin Stein
2a77976164 nic_router: add verbose_packets per domain
A domain logs its packets if one of the global 'verbose_packets' or its local
'verbose_packets' is switched on.

Ref #2670
2018-03-29 15:20:20 +02:00
Martin Stein
bd16f89617 nic_router: add verbose_packets attribute
This separates the decision wether to log the received and sent packets
from the 'verbose' attribute. This information is now only logged if
'verbose_packets' is switched on. If 'verbose' is switched on, only
routing decisions and optional hints are printed.

Ref #2670
2018-03-29 15:20:15 +02:00
Christian Helmuth
b07d6eced8 depot: update recipe hashes 2018-03-29 14:59:07 +02:00
Alexander Boettcher
bc2a998261 demo: test demo scenario bootup by autopilot 2018-03-29 14:59:06 +02:00
Christian Helmuth
9242b4278c Remove ATAPI from ahci_drv config in test
ATAPI does not work reliably on QEMU and is not tested by the run script
anyway.
2018-03-29 14:59:05 +02:00
Reto Buerki
47724c68c2 platform_drv/x86: Switch to ECAM/MMCONF
Switch port I/O based PCI config space access to memory-mapped IO.  The
base address of the PCI configuration space is acquired by mapping the
ACPI ROM and reading the first <bdf> node. An exception is thrown if the
first <bdf> node is not for PCI domain zero or if multiple <bdf> nodes
exist. This is to reduce complexity and also because multiple PCI
domains are rare.

The PCI configuration space is accessed via I/O mem dataspace which is
created in the platform_drv root and then passed on to the PCI session,
device components and finally to the actual PCI config access instances.

The memory access code is implemented in a way to make it work with Muen
subject monitor (SM) device emulation and also general x86 targets. On
Muen, the simplified device emulation code (which works also for Linux)
always returns 0xffff in EAX to indicate a non-existing device.
Therefore, EAX is enforced in the assembly templates.

Fixes #2547
2018-03-29 14:59:04 +02:00
Norman Feske
d59d07b5e3 os: util/utf8.h for UTF-8 string handling
This patch adds a simple UTF-8 decoder at 'os/include/util/utf8.h'
along with a test at 'os/run/utf8.run'.

Fixes #2717, related to issue #2716
2018-03-27 13:44:27 +02:00
Norman Feske
579ca1063c os: support non-int coordinates in 'Point<>' 2018-03-27 13:43:09 +02:00
Alexander Boettcher
80e1dce1b0 nova: abandon hypervisor_info_page ROM
replace by platform_info ROM supposed to exist on all supported
kernels.

Fixes #2710
2018-03-08 14:24:05 +01:00
Christian Helmuth
1f7b5e75bf depot: update recipe hashes 2018-03-08 12:05:10 +01:00
Alexander Boettcher
8e9390e964 apci_drv: ignore invalid ACPI tables 2018-03-08 12:05:10 +01:00
Christian Helmuth
a8f186c7d4 depot: update recipe hashes 2018-02-28 11:05:05 +01:00
Alexander Boettcher
a322fbf822 os: avoid warning in vfs server
[init -> depot_download -> dynamic -> fetchurl] Error: packet operation=3 failed

Issue #2672
2018-02-28 11:05:03 +01:00
Josef Söntgen
2e9a19d5b0 chroot: enforce writeable policy decision
The writeable decision given in the policy will always override the
decision made by the client.

Fixes #2643
2018-02-19 20:50:48 +01:00
Norman Feske
e79ce5a036 depot: update recipe hashes 2018-02-16 08:42:31 +01:00
Norman Feske
fc902b797e depot: runtime definitions for sculpt installation
This patch supplements 'runtime' files to several pkg archives,
which thereby become deployable by the depot_deploy tool.

Issue #2676
2018-02-15 10:22:10 +01:00
Norman Feske
69ac68ca98 nit_fb: prevent enlarging mode when out of RAM
This patch adds a safety check to nit_fb to ensures that nit_fb never
runs out of RAM. Should the available RAM not suffice for resizing the
virtual framebuffer to a new mode, it keeps the current mode.
2018-02-15 10:22:10 +01:00
Emery Hemingway
013eb506a8 Vfs::Dir_file_system: do not use Vfs_handle for opening directories as files
The Dir_file_system uses static cast to convert handles from the
application to a plugin local type. For this reason, only the local
handle type may be returned from 'opendir' or 'open'. This fixes the
unexpected behavior when opening directories as files.

Fix #2533
2018-02-15 10:22:09 +01:00
Alexander Boettcher
e05a708024 os: reset packet_allocator members
Fixes #2632
2018-02-15 10:22:09 +01:00
Alexander Boettcher
accc7e7521 fs servers: handle result propagation better
This patch removes the notion of partial writes from the file-system
servers. Since write operations are asynchronously submitted, they are
expected to succeed completely, except for I/O errors. I/O errors are
propagated with the write acknowledgement but those are usually handled
out of band at the client side. Partial writes must never occur because
they would go undetected by clients, which usually don't wait for the
completion of each single write operation.

Until now, most file-system servers returned the number of written bytes
in the acknowledgement packet. If a server managed to write a part of
the request only, it issued the acknowledgement immediately where it
should have cared about writing the remaining part first.

The patch detects such misbehaving server-side code. If partial writes
unexpectedly occur, it prints a message and leaves the corresponding
request unacknowdleged.

Issue #2672
2018-02-15 10:22:08 +01:00
Alexander Boettcher
f4e9c94bf2 vfs lib: complain about unsuccessful fs packets
Issue #2672
2018-02-15 10:22:08 +01:00
Alexander Boettcher
bfd24de4ad vfs: notify all blockers in fs adapter
if requested so ( by _post_signal_hook.arm(nullptr) )

Issue #2664
2018-02-14 20:41:10 +01:00
Alexander Boettcher
f05c4df36a vfs: handle submit_ready signal in fs adapter
to avoid starvation.

Issue #2664
2018-02-14 20:41:09 +01:00
Emery Hemingway
4a3fc21ada New watch handle mechanism for File_system session
File_system clients may now watch files and directories for changes by
opening a 'Watch_handle' rather than submitting a 'CONTENT_CHANGED'
packet to the server. When a change happens at a node with an open
Watch_handle a CONTENT_CHANGED packet will be sent from the server to
the client. This serializes registration with other handle operations
and separates I/O handle state from notification handle state.

Test at run/fs_rom_update.

Ref #1934
2018-02-14 20:41:09 +01:00
Emery Hemingway
c7d0accac0 VFS: catch Out_of_ram and Out_of_cap exceptions
Catch out of RAM and capability exceptions and return error values.
Abort opening a composite directory at Dir_file_system where an
opendir call on any child file-system returns an OUT_OF_RAM or
OUT_OF_CAPS error.

Ref #2642
2018-02-14 20:41:07 +01:00
Norman Feske
cd7e3425ee nit_fb: allow screen-relative initial_width/height
This change enables the use of negative values for the 'initial_width'
and 'initial_height' attributes to specify values that are relative to
the screen size. This is consistent with the meaning of the 'width' and
'height' attributes.
2018-02-14 20:41:04 +01:00
Norman Feske
3149506963 depot_query: refined <runtime> node structure
This patch introduces the subnodes <provides>, <requires>, and
<content> to the <runtime> node. All <rom> sessions that are
expected from the depot appear within the <content> node, which
sets them nicely apart from <rom> sessions that may be required
as runtime arguments.

Note that the <requires> and <provides> nodes do not appear in the
patch because the existing depot_deploy tool does not interpret this
information (the pkg/test-fs_report runtime does not provide any
service, and the timer session is provided as a common route).
2018-02-14 20:41:03 +01:00
Norman Feske
8aa1e349fc terminal session: propagate resize events
The new 'Terminal_session::size_changed_sigh' RPC function registers a
signal handler that is triggered each time when the terminal size
changes. It enables the client to adjust itself to the new size by
subsequently calling the 'size' RPC function. Of all terminal servers,
only the graphical terminal triggers this signal.
2018-02-14 20:41:03 +01:00
Norman Feske
96a068f90a terminal: improve internal structure
This patch reorganizes the terminal's source code to become easier to
extend. It also enables the strict warning level.
2018-02-09 14:04:32 +01:00
Christian Prochaska
12c8e51071 terminal fixes
- handle line wraps in 'ech()'
- take (1,1) origin into account in 'hpa()' and 'vpa()'
- unify handling of SGR escape sequences of different lengths
- accept the '[?2004h' and '[?2004l' escape sequences (used by midnight commander)

Fixes #2671
2018-02-09 14:04:25 +01:00
Norman Feske
66a93d9199 os: add 'Expanding_reporter' to os/reporter.h
The 'Expanding_reporter' wrapper for the 'Reporter' eliminates
the burden of handling 'Xml_generator::Buffer_exceeded' exceptions
from components that generate reports.

Fixes #2655
2018-02-09 14:04:06 +01:00
Norman Feske
8d09d02b85 depot: update recipe hashes 2018-02-09 13:34:24 +01:00
Martin Stein
abf9557bb5 AVL node/tree: make non-copyable
AVL trees can't be copied with the default copy constructor as the
parent pointer of the first item of both of the resulting trees would
point to the original tree. Copying an AVL node, however, generally
violates the integrity of the corresponding tree. The copy constructor
of Avl_tree is used in some places but in those places it can be
replaced easily. So, this commit deletes the copy constructor of
Avl_node_base which makes Avl_node and Avl_tree non-copyable.

Issue #2654
2018-02-09 13:34:23 +01:00
Martin Stein
4e9ff5ad7b trace_subject_reporter: fix missing include
Issue #2654
2018-02-09 13:34:23 +01:00
Stefan Kalkowski
e9a8d83eb5 depot: recipe for clipboard
Ref #2446
2018-02-09 13:34:22 +01:00
Stefan Kalkowski
7ba6297988 clipboard: handle focus at startup
Fixes #2667
2018-02-09 13:34:22 +01:00
Martin Stein
ccc67d6f68 trace_logger: convenient tracing frontend
The 'trace_logger' component can be used to easily gather, process and export
different types of tracing data. Which subjects to select is configurable via
session label policies and thread names. Which data to collect from the
selected subjects can be configured for each subject individually, for groups
of subjects, or for all subjects. The gathered data can be exported as log
output.

This is an example configuration of the 'trace_logger' component which shows
the default value for each attribute except the policy.thread and
policy.label:

! <config verbose="no"
!         session_ram="10M"
!         session_arg_buffer="4K"
!         session_parent_levels="0"
!         period_sec="5"
!         activity="no"
!         affinity="no"
!         default_policy="null"
!         default_buffer="4K">
!
!    <policy label="init -> timer" />
!    <policy label_suffix=" -> ram_fs" />
!    <policy label_prefix="init -> encryption -> "
!            thread="worker"
!            buffer="4K"
!            policy="null" />
! </config>

For more details see os/src/app/trace_logger/README.

Fixes #2654
2018-02-09 13:34:20 +01:00
Martin Stein
3e6d1b96e7 trace/policy/rpc_name: enable building again
Building this policy was disabled by a REQUIRES = riscv_toolchain_bugfix
to prevent compiler crashes on nightly test builds. Since the latest
RISCV toolchain update, test builds for RISCV crash at much more places
which makes this single work-around senseless.

Issue #2654
2018-02-09 13:34:20 +01:00
Martin Stein
ef1dee8bc6 init config.xsd: add ld_verbose attribute
Issue #2654
2018-02-09 13:34:19 +01:00
Alexander Boettcher
666f6c9ac4 ahci: enable pci config command memory access
Issue #2620
2018-02-09 13:34:18 +01:00
Alexander Boettcher
fcadbc9023 platform_drv: try enabling msi independent of gsi
value written in pci config space.

Issue #2620
2018-02-09 13:34:18 +01:00
Alexander Boettcher
336140c5f1 platform_drv: enable full access for pci bridges
Issue #2620
2018-02-09 13:34:18 +01:00
Norman Feske
cde8163770 os: make 'Buffered_xml' util publicly available
The 'Buffered_xml' utility is used by three components and a fourth is
on the way. To avoid another duplication of the code, this patch makes
it publicly available at 'os/buffered_xml.h'.
2018-02-09 13:34:17 +01:00
Norman Feske
faea43906f init test: conserve RAM in dummy app
This patch replaces the 'Heap' by a 'Sliced_heap' to avoid the
allocation of a 16 KiB memory block when 'dummy' acts as a server. On
seL4, such an allocation would exceed the 1M quota as assigned by the
init.run script.
2018-02-09 13:34:17 +01:00
Josef Söntgen
fe6f616cf1 nit_fb: add attribute for initial dimensions
The 'initial_width' and 'initial_height' attributes were added to
accomodate the use-case to set the initial dimensions whenever 'nit_fb'
is used in a dynamic fashion, e.g, in combination with a window manager.
These attributes may not be mixed with the 'width' and 'height'
attributes, which are mostly used when a static size configuration is
desired.
2018-02-09 13:34:16 +01:00
Martin Stein
6575df84c5 nic_router: fix use of outdated ARP-cache entries
When a NIC session is destructed at the router, we have to remove all ARP
cache entries that match the MAC address of that session. Otherwise the
outdated entries might be re-applied later, leading to wrong destination
MAC addresses in routed packets.

Fixes #2637
2018-02-09 13:34:16 +01:00
Norman Feske
e9b9f684ef os: reduce log noise by trace-info apps 2018-02-09 13:34:16 +01:00
Norman Feske
4619e2e84c init: new label_last attribute for session routes
Fixes #2647
2018-02-09 13:34:15 +01:00
Norman Feske
5641ebcd1b depot_query: 'binary' and 'config' as attributes
By specifying the 'config' of a '<runtime>' as an attribute, we can
distinguish the case where the config is obtained from a ROM session
from the case where the config is specified inline as a '<config>' node.
2018-02-09 13:34:15 +01:00
Norman Feske
8fca8a9a04 nitpicker: refresh when focused client disappears
This fix handles the case where the focused domain loses its focus
because the currently focused client vanishes. In this case, the focus
will be undefined and the non-focused views of the domain become
tinted again. The refresh should take effect immediately as soon as the
client vanishes.
2018-02-09 13:34:13 +01:00
Norman Feske
e0e9b3b32e init: close all sessions of exited children
With this patch, init responds to the exit of a child by closing all
sessions of the child. E.g., if a child is a GUI application, its
nitpicker session is closed at the time of exit, not at the time when
the start node disappears from init's configuration.

Since this change requires a modification of the 'Genode::Child' class,
it takes the chance to make the child-destruction less brutal. The
new version ensures that all threads of the destructed subsystem are
destructed before other sessions, in particular PD sessions. This
eliminates spurious page-fault warnings during the child destruction.

On Fiasco.OC, closing the CPU session of a thread while being called by
the thread causes a deadlock. Hence, we skip the eager destruction of
CPU sessions on this kernel.

Related to issue #2659
2018-02-09 13:31:27 +01:00
Alexander Boettcher
df26dc07e9 trace_subject_reporter: adjust ram usage
to trace connection

Issue #2638
2018-02-09 13:26:02 +01:00
Alexander Boettcher
7c0894159f top: consider dead thread with execution time
which executed in the current measurement period but are now dead.
Keep the Entry object up to next period, where the recent_execution_time will
become 0 since it will not execute definitely.

Issue #2638
2018-02-09 13:26:02 +01:00
Alexander Boettcher
2a0f940bd7 top: adapt to ram usage of trace connection
Issue #2638
2018-02-09 13:26:02 +01:00
Martin Stein
1936667a53 test/xml_node: test Xml_node::decoded_content
Issue #2644
2018-02-09 13:26:01 +01:00
Christian Helmuth
6013889028 depot: update recipe hashes 2018-01-17 12:14:44 +01:00
Josef Söntgen
4009239328 vfs: skip synced file systems in complete_sync
Fixes #2606.
2018-01-17 12:14:43 +01:00
Josef Söntgen
fb1c504568 gpu: the Intel multiplexer is only for x86_64
Require x86_64 because memory/adress space limitations on x86_32
restrict the use-cases on such a platform anyway. Doing that,
we can also assume that memory adresses are always 64bit long and
do not have to handle 32bit adresses.
2018-01-17 12:14:43 +01:00
Martin Stein
8844c57254 net-stat: remove as it is not used and outdated
According to the creator of the net-stat lib, this lib was a mere debugging
tool that is not used anymore nor worth the work of updating the it to
modern Genode coding paradigms. Also, there exist no tests for the lib.
2018-01-17 12:14:42 +01:00
Martin Stein
fbd545ae70 net: remove unused enums
Issue #465
2018-01-17 12:14:41 +01:00
Martin Stein
4f1d43ce21 net: remove placement new operators
They are not used any more.

Issue #465
2018-01-17 12:14:41 +01:00
Martin Stein
f4a2d932e3 net: check packet data size in accessor
Instead of having a method validate_size in each packet class, check
sizes in the data accessor of the surrounding packet class. This packet
accessor is the one that casts the data pointer to the desired data type
so it is sensible that it also checks whether the desired type would
exceed the available RAM before doing the cast. This also fits nicely
the fact that for the top-level packet-class of a packet, the size must
not be checked (which was previously done).

Issue #465
2018-01-17 12:14:41 +01:00
Sebastian Sumpf
89a9e88a7e vfs: GNU long file name support for tar 2018-01-17 12:14:41 +01:00
Christian Helmuth
2b711f59ed nit_fb: fix resizing on framebuffer-mode change
Respect relative width/height configuration if the underlying
framebuffer dimensions change.
2018-01-17 12:14:40 +01:00
Norman Feske
95a2fc7167 os: component to reflect ROMs as reports 2018-01-17 12:14:37 +01:00
Norman Feske
366bba0227 Exclude higher-level repos from strict warnings
This is a follow-up commit to "Increase default warning level", which
overrides Genode's new default warning level for targets contained in
higher-level repositories. By explicitly whitelisting all those targets,
we can selectively adjust them to the new strictness over time - by
looking out for 'CC_CXX_WARN_STRICT' in the target description files.

Issue #465
2018-01-17 12:14:36 +01:00
Norman Feske
eba9c15746 Follow practices suggested by "Effective C++"
The patch adjust the code of the base, base-<kernel>, and os repository.
To adapt existing components to fix violations of the best practices
suggested by "Effective C++" as reported by the -Weffc++ compiler
argument. The changes follow the patterns outlined below:

* A class with virtual functions can no longer publicly inherit base
  classed without a vtable. The inherited object may either be moved
  to a member variable, or inherited privately. The latter would be
  used for classes that inherit 'List::Element' or 'Avl_node'. In order
  to enable the 'List' and 'Avl_tree' to access the meta data, the
  'List' must become a friend.

* Instead of adding a virtual destructor to abstract base classes,
  we inherit the new 'Interface' class, which contains a virtual
  destructor. This way, single-line abstract base classes can stay
  as compact as they are now. The 'Interface' utility resides in
  base/include/util/interface.h.

* With the new warnings enabled, all member variables must be explicitly
  initialized. Basic types may be initialized with '='. All other types
  are initialized with braces '{ ... }' or as class initializers. If
  basic types and non-basic types appear in a row, it is nice to only
  use the brace syntax (also for basic types) and align the braces.

* If a class contains pointers as members, it must now also provide a
  copy constructor and assignment operator. In the most cases, one
  would make them private, effectively disallowing the objects to be
  copied. Unfortunately, this warning cannot be fixed be inheriting
  our existing 'Noncopyable' class (the compiler fails to detect that
  the inheriting class cannot be copied and still gives the error).
  For now, we have to manually add declarations for both the copy
  constructor and assignment operator as private class members. Those
  declarations should be prepended with a comment like this:

        /*
         * Noncopyable
         */
        Thread(Thread const &);
        Thread &operator = (Thread const &);

  In the future, we should revisit these places and try to replace
  the pointers with references. In the presence of at least one
  reference member, the compiler would no longer implicitly generate
  a copy constructor. So we could remove the manual declaration.

Issue #465
2018-01-17 12:14:35 +01:00
Stefan Kalkowski
6611c38184 depot: recipe for log_terminal
issue #2447 prequisite for #2621
2018-01-17 12:14:34 +01:00
Martin Stein
226c4a475b nic_router: do not warn on sending to empty domain
The warning "no interface connected to domain" was introduced when only one NIC
session at a time could be connected to a domain. It should help to track
packet drops that were caused by startup timing issues between servers and
clients. However, a user should watch the "NIC sessions" value of a domain
(verbose_domain_state) instead when debugging packet loss. With support for
multiple sessions per domain, even a non-empty domain may still miss the
session that connects the desired server.

Fix #2629
2018-01-17 12:14:33 +01:00
Martin Stein
57bfd09328 nic_router: no memcpy on self-written packets
Previously, all packets that the router wanted to sent were first prepared to
their final state and then copied at once into the packet stream RAM. This is
fine for packets that the router only passes through with modifying merely
a few values. But for packets that the router writes from scratch on its own,
it is better to compose the packet directly in the packet stream RAM.

Fix #2626
2017-12-22 11:43:39 +01:00
Martin Stein
b6991f9c03 nic_router: send with individual composing functor
Normally, Interface::send always takes the base and size of the RAM region
where a packet was composed and copies this finished packet at once into the
packet stream RAM. But we want to be able to also compose packets directly in
the packet stream RAM, so that no memcpy is needed. Thus, Interface::send now
takes a functor that describes how to compose the packet, then allocates the
packet stream RAM and applies the functor to this RAM. there is also a version
of Interface::send that provides the old behavior but with the new back end.
This way, we stay backwards-compatible.

Issue #2626
2017-12-22 11:43:39 +01:00
Martin Stein
4c76a87fec nic_router: explanatory comment about link objects
Issue #2609
2017-12-22 11:43:39 +01:00
Christian Helmuth
553cf556af depot: update recipe hashes 2017-12-21 15:01:56 +01:00
Stefan Kalkowski
7499379862 depot: recipe for part_blk 2017-12-21 15:01:55 +01:00
Martin Stein
b0e155d316 nic_router: fix available IP count in DHCP server 2017-12-21 15:01:55 +01:00
Martin Stein
d6d0bcd960 nic_router: no Arp_packet constructor when sending
When composing an ARP packet for sending, it's pointless to use the Arp_packet
constructor as the constructor only checks whether the packet is malformed.

Issue #2618
2017-12-21 15:01:55 +01:00
Martin Stein
1cae5ec8f6 nic_router: handle all "No_X_packet" exceptions
Issue #2618
2017-12-21 15:01:55 +01:00
Martin Stein
edf1f9d849 nic_router: report some useful information
The NIC router can now be configured to periodically send reports.
Configuration example (shows default values):

<config>
	<report interval_sec="5" bytes="yes" config="yes">
</config>

If the 'report' tag is not available, no reports are send.
The attributes of the 'report' tag:

'bytes'        : Boolean : Whether to report sent bytes and received bytes per
                           domain
'config'       : Boolean : Whether to report ipv4 interface and gateway per
                           domain
'interval_sec' : 1..3600 : Interval of sending reports in seconds

Issue #2614
2017-12-21 15:01:54 +01:00
Martin Stein
869297a672 nic_router: avoid "close" where we mean "dissolve"
In the context of link state objects we often used the term "close" were we
actually meant "dissolve". The term "close" originated from the TCP connection
state and is still used in TCP links in the correct manner.

Issue #2609
2017-12-21 15:01:54 +01:00
Martin Stein
859a5fd208 nic_router: simplify Interface::_new_link
Issue #2609
2017-12-21 15:01:53 +01:00
Martin Stein
4927a6f679 nic_router: multiple interfaces at one domain
Act as hub for the interfaces at a domain. This also changes the roles of the
Domain and Interface classes. By now the Interface held the data structures for
the ARP cache, foreign ARP waiters, and the searchtrees for layer 3 links. All
these structures have moved to the Domain while the memory allocations and
lifetime management for the contents of these structures still come from from
the according Interface object. The mentioned data structures were also adapted
to fit the fact that they now may maintain objects of different interfaces.

Issue #2609
2017-12-21 15:01:53 +01:00
Martin Stein
f524fb8e61 nic_router: support domain-local IPv4
If an IPv4 packet targets an IP local to the domain it comes from and doesn't
target the routers IP of that domain, forward it to all other interfaces of
the domain without considering any other routing.

Issue #2609
2017-12-21 15:01:53 +01:00
Martin Stein
b63d83e6a3 nic_router: get rid of Interface::print
Actually interfaces have no own human-readable identifier. They shall instead
use the print functionality of their domain.

Issue #2609
2017-12-21 15:01:52 +01:00
Martin Stein
0a77987778 nic_router: support domain-local ARP
Improve ARP handling code in general:
Make the several cases and their handling more clear by using a more
readable if/else statement structure. Drop gratuitous ARP requests.

Domain-local ARP:
Handle ARP packets that target local IPs other than the routers IP
(forward them to all other interfaces of the domain).

Issue #2609
2017-12-21 15:01:52 +01:00
Martin Stein
bfddad17a3 nic_router: avoid use of old term "IP allocation"
IP allocations were renamed DHCP allocations without fixing the according
places in log messages and comments. This commit rectifies this omission.

Issue #2609
2017-12-21 15:01:52 +01:00
Martin Stein
54532b99f9 nic_router: don't use color codes in log
Issue #2609
2017-12-21 15:01:51 +01:00
Emery Hemingway
ed89f2f7f0 Add millisecond accessor to Genode::Duration value object
Add a 'trunc_to_plain_ms' method to Gende::Duration to make
millisecond-accurate timing safer and more convenient.

Ref #2335
2017-12-21 15:01:51 +01:00
Josef Söntgen
6b89eaaf79 mixer: handle config verbosity update 2017-12-21 15:01:49 +01:00
Norman Feske
e23fc5a1fc init: refine verbosity handling
This patch makes service-announce messages depend on the configured
verbosity. It also omits "parent provides" title messages if no new
parent services are added during a config update.
2017-12-21 15:01:48 +01:00
Norman Feske
30f96657f1 rom_filter: make verbosity configurable 2017-12-21 15:01:48 +01:00
Norman Feske
48132c9ca3 fs_rom: remove debug message 2017-12-21 15:01:48 +01:00
Norman Feske
e4bb85b4de fs_rom: style (avoid Genode:: prefix) 2017-12-21 15:01:48 +01:00
Alexander Boettcher
892f51ab1c os: add app to transform kernel/core output to LOG
Issue #2207
2017-12-21 15:01:48 +01:00
Norman Feske
9f140ab843 chroot: adjust license header to AGPLv3 2017-12-21 15:01:46 +01:00
Emery Hemingway
4d9037d112 Hard-link loop detection for VFS tar file-system
Detect loops by walking hard-links at two different speeds and checking
for lapping. Tar link walking is no longer a recursive procedure.

Caught a loop created by GNU tar 1.29.

Fix #2611
2017-12-21 15:01:45 +01:00
Martin Stein
4dd69b1d5a nic_router: do not warn when using default values
Issue  #2590
2017-12-21 15:01:44 +01:00
Alexander Boettcher
c5f59ddfb1 signal.run: avoid deadlock during test destruction 2017-12-21 15:01:40 +01:00
Christian Prochaska
58cbd11f6a drivers_interactive-pbxa9: add input_filter
Fixes #2604
2017-12-21 15:01:38 +01:00
Martin Stein
9c0bd03363 nic_router: no DHCP fail on unexpected DISCOVER
If a client decides to spontaneously send a DHCP DISCOVER again, even though
he has received a still valid IP config from the router, we don't want to
discard the DISCOVER like it was done before but discard the IP config
assignment and offer a new one.

Issue #2534
2017-12-21 15:01:38 +01:00
Martin Stein
70c5c31ec9 nic_router: better warnings on bad DHCP requests
Be more descriptive about why the NIC router thinks that a DHCP request
sent to him is bad.

Issue #2534
2017-12-21 15:01:38 +01:00
Sebastian Sumpf
8808b99cc5 vfs: remove session ram quota checks
The first client that creates a session, has to pay for possibly large
vfs plugin allocations (e.g., rump), which should be payed for by the
server.
2017-12-21 15:01:37 +01:00
Martin Stein
c3853494c8 nic_router: domain-state-verbose flag
When this flag is set in the config tag, the NIC router will print a
short information to the log for each general state change of a domain.
This includes currently the IP-configuration state and the number of
connected NIC sessions. This a useful addition as the normal verbose
flag's purpose is a very deep insight into almost every activity in the
router, which is cool for debugging sophisticated problems but normally
floods the log and therefore discards this option for, e.g., desktop
systems. In such systems, the new verbosity is pretty discreet but
already gives a good hint on why packets may get dropped by the router
although the routing rules are correct.

Issue #2534
2017-12-21 15:01:37 +01:00
Martin Stein
fc7999a62a nic_router: add config schema
Fix #2600
2017-12-21 15:01:37 +01:00
Martin Stein
b8d8bc3142 nic_router: do not route to domains w/o IP config
Ref #2534
2017-12-21 15:01:37 +01:00
Martin Stein
fb2398dbf2 run: target-specific config schemata
The run tool now by default checks configurations with target-specific
XML schemata. Each component may define a config schema file in its
target.mk via the CONFIG_XSD variable. When the run tool has checked an
configuration of an init instance, it additionally goes through the
start nodes of the config. For each start node it checks whether there
is an XSD file that matches. If so, the run tool also checks the config
of the start node (if existant). This is done recursively. I.e., also
the child configs of a sub-init of a sub-init of the top-level init
receive a config check.

Issue #2600
2017-12-21 15:01:36 +01:00
Christian Prochaska
d8b1159cbd drivers_interactive-linux: add input filter
Fixes #2603
2017-12-21 15:01:34 +01:00
Martijn Verschoor
8fe0a7514f Nic::Session_component: pass entrypoint in constructor
Added a new constructor that takes the entrypoint as constructor
argument. The original constructor retrieves the entrypoint from the
Genode environment. This does not allow to use a different entrypoint.
2017-12-21 15:01:33 +01:00
Martin Stein
3cdcb528ff nic_router: advanced timeout configuration
Replace former rtt_sec attribute of the <config> tag by more specific
(and still optional) attributes for timeouts used in the NIC router
(these are also the default values):

<config dhcp_discover_timeout_sec="10"
        dhcp_request_timeout_sec="10"
        dhcp_offer_timeout_sec="10"
        udp_idle_timeout_sec="30"
        tcp_idle_timeout_sec="600"
        tcp_max_segm_lifetime_sec="30">

Details about the new attributes can be found in the README of the router.

Issue #2590
2017-12-21 15:01:32 +01:00
Martin Stein
564e6a6885 nic_router: read seconds attributes generic
Issue #2590
2017-11-30 16:58:49 +01:00
Christian Helmuth
25ca29002e depot: update recipe hashes 2017-11-30 11:24:49 +01:00
Christian Prochaska
425d18e866 pointer: strip the last label element when matching labels
Issue #2585
2017-11-30 11:23:22 +01:00
Christian Prochaska
72dec21d8f pointer: fix visibility flag handling
Issue #2585
2017-11-30 11:23:22 +01:00
Christian Prochaska
dd98bd67a0 pointer: custom pointer shape support
Make the revised 'vbox_pointer' component the new 'pointer' component.

Fixes #2585
2017-11-30 11:23:22 +01:00
Christian Helmuth
f710e10206 fs_rom: log permission-denied errors 2017-11-30 11:23:21 +01:00
Christian Helmuth
1556300ea6 vfs: close directory handle in node destructor 2017-11-30 11:23:21 +01:00
Martin Stein
3d12e7b242 timeout x86_64 sel4: do not expect a precise time
On x86 64 bit with SeL4, the test needs around 80MB that must be
completely composed of 4KB-pages due to current limitations of the SeL4
port. Thus, Core must flush the page table caches pretty often during
the test which is an expensive high-prior operation and makes it
impossible to provide a highly precise time.
2017-11-30 11:23:20 +01:00
Martin Stein
99ddaaa9d7 timer epit: fix multi-wraps and bug in rate limit
Multi-wraps
-----------

Previously, on every new timeout, we programmed registers LR=timeout and
CMP=0. The counter than counted from LR down to 0, triggered the IRQ,
jumped back to LR, and counted down again. If one installed small
timeouts (< 1000 us), it was likely that the counter wrapped multiple
times before we were able to read it out. Initially, this was not a big
issue as the additional wraps were simply ignored and the amount of time
lost through this was not big. But when we want to do correct rate
limitation, multiple wraps cause an overflow in the additional
calculations, and this has a big effect on the resulting time value.

Thus, we now program the counter to start from ~0 and count down to 0.
We set CMP=~0-timeout so that the timer still triggers the IRQ at the right
time. The counter continues counting down after the IRQ has triggered until
we install a new timeout. We do not consider anymore that the counter wraps.
The maximum timeout is set to half the maximum counter value, so, we should
be able to install a new timeout before the counter wraps.

Rate limit for time updates
---------------------------

In the time span between two interrupts we have to remember how many ticks
we have already added to the time value. This is because at each call of
curr_time we can only see how many ticks have passed since the last call of
schedule_timeout and not since the last call of curr_time. But we want to
limit the rate of time updates in curr_time. With the member for ticks that
were already added since the last call to schedule_timeout we can then
calculate how many are yet to be added.
2017-11-30 11:23:20 +01:00
Alexander Boettcher
057749a3a9 timeout.run: avoid variation caused by log message 2017-11-30 11:23:18 +01:00
Martin Stein
96fa3ef28c cpu_quota.run: be more tolerant on QEMU in general
As we may run several tests on the same CPU in paralell,
we have to consider more inconsistency in timing.
2017-11-30 11:23:18 +01:00
Martin Stein
adfb1a77e2 timer/epit: remove unused code
* use correct/more modern types
* get rid of old code that was for the public use of the EPIT backend
* merge Epit_base into Time_source
2017-11-30 11:23:18 +01:00
Alexander Boettcher
c9bcce57e8 timer/epit: limit timeout rate
Limit rate to 1000 per second as it raises the throughput under stress
significantly without having an effect on the tested accuracy.

Issue #2579
2017-11-30 11:23:18 +01:00
Norman Feske
3ea960932e input_filter: support <include> in <remap> nodes 2017-11-30 11:23:15 +01:00
Norman Feske
e204b9532b rom_filter: allow use of input as attribute value 2017-11-30 11:23:15 +01:00
Norman Feske
1514667b42 demo.run: showcase the use of 'nit_focus' 2017-11-30 11:23:15 +01:00
Norman Feske
f94f96c3ee nit_focus component that implements click-to-focus 2017-11-30 11:23:15 +01:00
Norman Feske
b05ad847b9 nitpicker: equip hover report with 'active' info
This patch supplements the existing 'hover' report with the information
whether or not the user has recently moved the pointer. This works
analogously to how the 'focus' report features the information about
recent button/keyboard activity.

Together, the 'hover' and 'focus' reports may be combined to observe
prolonged user inactivity, e.g. to activate a lock screen.
2017-11-30 11:23:14 +01:00
Norman Feske
544274feb9 nitpicker: respond to external focus policy
This patch enables nitpicker to use an external focus policy instead of
the traditional builtin click-to-focus policy. The external focus policy
is obtained from a 'focus' ROM. The focus ROM is expected to have a
'label' attribute with the value set to the label of the to-be focused
client.
2017-11-30 11:23:14 +01:00
Norman Feske
7ca56a62fd nitpicker: report last clicked-on client
The new report can be activated via the 'clicked' attribute of the
'<report>' configuration node.
2017-11-30 11:23:14 +01:00
Norman Feske
82e2900aa7 nitpicker: re-organize implementation
This patch revises the implementation of nitpicker in the following
respects:

- Split the implementation into smaller files,
- Consistently use the 'Nitpicker' namespace,
- Avoid the use of format strings,
- Retire old (and hackish) debug mode,
- Removal of unused timer connection,
- Merging 'Session' into 'Session_component',
- Merging 'Mode' into 'User_state',
- Adding the notions of 'View_owner' and 'Focus' as interfaces,
- Untangle 'User_state' and 'View_stack'
2017-11-30 11:23:14 +01:00
Norman Feske
40c9226bb9 os: add Color::print, enhance ascii_to<Color>
This patch adds a 'Color::print' method as counterpart to the 'ascii_to'
function. If the color is opaque (alpha is 255), its output has the form
"#rrggbb". If the color has a distinct alpha value, the output has the
form "#rrggbbaa". The new version of the 'ascii_to' overload for 'Color'
is able to deal with both forms.
2017-11-30 11:23:14 +01:00
Alexander Boettcher
0a5dcc86ed platform_drv: separate acpi and system feature 2017-11-30 11:23:14 +01:00
Norman Feske
72f2ea349d init: forward RAM/cap quota session errors
This patch supplements init's service-forwarding mechanism to propagate
the insufficient RAM/cap quota conditions from the server to the client.
Without it, the client's session request stays pending infinitely.
2017-11-30 11:23:13 +01:00
Norman Feske
cda71e198f init: limit rate of periodic reports by 'delay_ms'
This is a follow-up patch to "init: periodic state updates if sensible".
In situations where the report rate is deliberately limited via the
'delay_ms' attribute while also reporting child-resource stats, we don't
want generate reports at a fixed rate of one second. This patch limits
the rate according to the 'delay_ms' value.
2017-11-30 11:23:12 +01:00
Norman Feske
d2c7cfa5fa input_filter: avoid closing input sessions
The input filter used to temporarily close all input sessions upon its
reconfiguration. In most cases, the same set of sessions is
re-established immediately afterwards. However, at the server (driver)
side, the closing of the session implicitly disables the input-event
queue. Hence events generated by the hardware while the session is
closed are dropped. This becomes a noticeable problem when using the
recently added <rom> modifier feature for handling capslock. The change
of the ROM always triggers the re-configuration of the input filter.
When pressing capslock and other keys at a high rate, press/release
events may get lost.

This patch solves this problem by maintaining all input sessions that
are defined in both the old and new configuration. It thereby removes
the short duration where the input event queues are temporarily disabled
at the drivers.
2017-11-30 11:23:12 +01:00
Christian Helmuth
12461291b8 Draw frame in framebuffer test
Issue #2555
2017-11-30 11:23:11 +01:00
Alexander Boettcher
5e4b523357 top: increase number of supported trace subjects
and print error if it may not be enough.
2017-11-30 11:23:10 +01:00
Sebastian Sumpf
9c852c750a vfs: handle root directory explicitly
This makes '/' and the actual root of VFS distinguishable. A VFS root
may contain one ore more '/' entries for each file system. 'opendir' for
the VFS root opens all file systems via 'open_composite_dir', while
'opendir' for '/' only returns a VFS handle.

Fixes #2569
2017-11-30 11:23:10 +01:00
Christian Helmuth
66d5954fc5 Adapt stack size of threads in signal test
This fixes the warning "small stack of 3996 bytes [...] may break Linux
signal handling" on 32-bit base-linux.
2017-11-30 11:23:10 +01:00
Martin Stein
e87f63944f timeout: replace Duration operators by methods
void += (Microseconds) -> void add(Microseconds)
void += (Milliseconds) -> void add(Milliseconds)
bool < (Duration)      -> bool less_than(Duration)

Issue #2581
2017-11-30 11:23:09 +01:00
Martin Stein
26bcd439f7 timeout: fix bug in duration + duration testing
The += operator contained bugs. We now also do some tests on the Duration
type at the beginning of the timeout test.

Fixes #2581
2017-11-30 11:23:09 +01:00
Martin Stein
5d39acd3c3 timer: clamp one-shot timeouts to avoid overflow
Issue #2579
2017-11-30 11:23:08 +01:00
Alexander Boettcher
f3dafbf5a6 nova: limit timeout rate in nova_timer_drv
Issue #2579
2017-11-30 11:23:08 +01:00
Alexander Boettcher
59f97802a9 timer.run: provide more information if test fails
Issue #2579
2017-11-30 11:23:08 +01:00
Alexander Boettcher
80778b267d timer: read PIT timer solely after interrupt
Stop gap solution until #2579 gets resolved.
2017-11-30 11:23:08 +01:00
Alexander Boettcher
2ba5f8f4f3 timer framework: use Time_source::curr_time()
Issue #2579
2017-11-30 11:23:08 +01:00
Norman Feske
a255ffaee9 input: disarm obnoxious press/release events
This patch adds a sanity check to the Event::type accessor. If the key
code of a given PRESS or RELEASE event is out of the valid range, it
reports an INVALID event. This way, client side code does not need to
deal with such edge cases. E.g., on Lenovo notebooks, the ps2 driver
reports strange key events when pressing shift-pageup/pagedown,
violating the general assumption that there is a release event for each
press event. By flagging these events as INVALID, the client-side logic
stays intact.
2017-11-30 11:23:07 +01:00
Norman Feske
f2a5648deb ps2_drv: respond to dynamic reconfiguration 2017-11-30 11:23:07 +01:00
Josef Söntgen
987ec9d371 os: create recipe for mixer 2017-11-30 11:23:06 +01:00
Christian Prochaska
41b3d3abc1 init: make 'Server' class usable by external components
Issue #2574
2017-11-30 11:23:05 +01:00
Josef Söntgen
adb00d329f rom_filter: copy input node content to output node
Add suppport for copying the content of an 'input' node to the 'output'
node.

Issue #2558.
2017-11-30 11:23:04 +01:00
Josef Söntgen
f9c2e0e21c lx_block: add file based Block driver for Linux
Issue #2558.
2017-11-30 11:23:04 +01:00
Emery Hemingway
de5c0603f1 platform_drv: account session capabilities with a Cap_quota_guard
The platform driver is a critical component and must not allow sessions
to deplete its own resource quotas.

Fix #2576
2017-11-30 11:23:04 +01:00
Emery Hemingway
07b36573ea Restrict VFS Dir_filesystem allocations to 'opendir' only
Allocations made at the client-side of the VFS must be contained within
functions that may return errors indicating resource exhaustion.

Fix #2569
2017-11-30 11:23:02 +01:00
Emery Hemingway
a0c0f3d7c9 Print support for VFS errors
Ref #2569
2017-11-30 11:23:02 +01:00
Emery Hemingway
ca0c86e7af Enforce cap quotas at VFS server, increase initial File_system cap donation
Check at the VFS server that the capability cost of sessions do not
exceed the session quota donation. Raise the default initial capability
donation for File_system connections.

Fix #2553
2017-11-30 11:23:02 +01:00
Alexander Boettcher
9672329772 fb_boot_drv: evaluate fb pitch
Fixes #2555
2017-11-24 09:02:04 +01:00
Martin Stein
411601ebd1 input_filter: add missing virtual Source::~Source
Previously the destructors of classes derived from Source were not
called when destructing a Source because Source missed the declaration
of a virtual destructor. This caused at least problems when
reconstructing a Chargen_source with its Chargen_repeater that includes
a One_shot_timeout. In this case, the members of the Alarm behind the
timeout were not reset and the next time beeing used the Alarm appeared
to be still active which wasn't true.

Fixes #2570
2017-11-24 09:02:03 +01:00
Christian Helmuth
491be000ca depot: update recipe hashes 2017-11-09 12:19:59 +01:00
Norman Feske
3b0899aae1 drivers_interactive-pc: apply mouse acceleration 2017-11-09 12:18:43 +01:00
Norman Feske
26d4753a3c input_filter: accelerate relative motion events 2017-11-09 12:18:43 +01:00
Norman Feske
55dc3abf00 Move gems/bezier.h to util/bezier.h (in repos/os)
This way, os components (i.e., input_filter) can use it for nonlinear
interpolation.
2017-11-09 12:18:43 +01:00
Norman Feske
ece48d7df5 drivers_interactive-pc: emulate scroll wheel 2017-11-09 12:18:42 +01:00
Norman Feske
a6b29530e8 input_filter: scroll-wheel emulation
The new '<button-scroll>' filter generates artificial wheel events from
relative motion events when the user holds a magic button.
2017-11-09 12:18:42 +01:00
Norman Feske
7b4ef66d91 nitpicker: update focus report after reconfig
A new configuration may implicitly change the domain color of the
currently focused session. We need to refresh the report to trigger an
update of the status bar.
2017-11-09 12:18:42 +01:00
Norman Feske
27c9e5c6e8 os: generalize xray trigger component
This commit replaces the old xray_trigger component by a new component
called global_keys_handler. For details, please refer to the issue text
and the accompanied README file.

Fixes #2554
2017-11-09 12:18:42 +01:00
Alexander Boettcher
13690ec898 package boot_fb_drv 2017-11-09 12:18:41 +01:00
Alexander Boettcher
804fb4e10d update recipe drivers_interactive-pc for hardware
fails on native hardware because of missing caps and missing configuration
of the drivers subinit
2017-11-09 12:18:41 +01:00
Emery Hemingway
97c5e21ed6 server/vfs: do not append '/' to directory paths
Fix #2544
2017-11-09 12:18:05 +01:00
Alexander Boettcher
c1493b2ed2 usb: avoid pagefault during session destruction
due to pointer to object allocated in context of the session object.

Fixes #2565
2017-11-09 12:18:05 +01:00
Alexander Boettcher
03ae78173b platform_drv: free up dataspaces on session close
Fixes #2564
2017-11-09 12:18:05 +01:00
Norman Feske
4eebd140b0 nitpicker: report current key state
Fixes #2552
2017-11-09 12:18:05 +01:00
Christian Prochaska
547cc06976 ram_fs: throw exception when unlinked node gets accessed
Fixes #2536
2017-11-09 12:18:05 +01:00
Christian Helmuth
30948a4b0d depot: update recipe hashes 2017-11-06 13:57:25 +01:00
Josef Söntgen
eae0445cd8 init: generate a state report when children exit
Whenever a childs is terminated the exit value is propagate through a
new state report. Thereby it becomes possibly for a managing component
to react upon the terminating condition of a child.

Issue #2558.
2017-11-06 13:57:24 +01:00
Martin Stein
94f4e2a276 os/recipes: nic_router
Fixes #2560
2017-11-06 13:57:24 +01:00
Martin Stein
b2ea164c76 nic_router: fix bugs in DHCP client functionality
Ref #2560
2017-11-06 13:57:24 +01:00
Martin Stein
db6a2419f2 nic_dump: fix bug in packet log
Ref #2560
2017-11-06 13:57:24 +01:00
Christian Helmuth
b0683a5acf Increase test RAM quotas for sel4 64-bit 2017-11-06 13:57:23 +01:00
Christian Helmuth
d67db5cd74 Increase timeouts for some tests on Qemu 2017-11-06 13:57:23 +01:00
Martin Stein
9d84d8b3bd nic_router: rename and move Ip_allocation
Rename Ip_allocation Dhcp_allocation and move it to dhcp_server.* .

Ref #2534
2017-11-06 13:57:22 +01:00
Martin Stein
127ceaccb5 nic_router: move Dhcp_server to extra header/unit
Ref #2534
2017-11-06 13:57:22 +01:00
Martin Stein
5e227f9ff1 nic_router: minor style fixes
Ref #2534
2017-11-06 13:57:22 +01:00
Martin Stein
db9d4d3a3c nic_router: DHCP client functionality
If the attribute 'interface' is not set in a 'domain' tag, the router tries to
dynamically receive and maintain an IP configuration for that domain by using
DHCP in the client role at all interfaces that connect to the domain. In the
DHCP discover phase, the router simply chooses the first DHCP offer that
arrives. So, no comparison of different DHCP offers is done. In the DHCP
request phase, the server is expected to provide an IP address, a gateway, a
subnet mask, and an IP lease time to the router. If anything substantial goes
wrong during a DHCP exchange, the router discards the outcome of the exchange
and goes back to the DHCP discover phase. At any time where there is no valid
IP configuration present at a domain, the domain does only act as DHCP client
and all other router functionality is disabled for the domain. A domain cannot
act as DHCP client and DHCP server at once. So, a 'domain' tag must either
have an 'interface' attribute or must not contain a 'dhcp-server' tag.

Ref #2534
2017-11-06 13:57:21 +01:00
Martin Stein
3560555acc nic_router: encapsulate IPv4 peer config in class
An IPv4 config (for a domain/interface of the router) consists of
an IPv4 address, a subnet prefix specifier, an optional gateway
IPv4 address, and some flags that declare whether these fields and
the config as a whole are valid. To make the handling of those
tightly connected values easier and less error prone, we encapsulate
them in a new class.

Ref #2534
2017-11-06 13:57:21 +01:00
Martin Stein
0ca248551a net: move Ipv4_address_prefix to nic_router
As this tool is not used by any other component make it local to the
NIC router to keep the net-lib interface small.

Ref #2534
2017-11-06 13:57:21 +01:00
Martin Stein
50aba6f21b dhcp: support reading of some further option types
Client ID, maximum message size, IP lease time, and requested address.
All needed for the upcoming DHCP client.

Ref #2534
2017-11-06 13:57:21 +01:00
Martin Stein
615878bb05 init: periodic state updates if sensible
Under certain circumstances we don't want inits state report to become too
outdated even if there is no change to its config or the sessions of its
children. This is the case if init is requested to provide a capability or RAM
info of it's children via its state report. Now, init automatically updates
the state report with each 1000 ms if the attribute 'child_caps' or
'child_ram' is positively set in the 'report' tag.
2017-11-06 13:57:21 +01:00
Norman Feske
189c5fa628 input_filter: improve capslock handling
Furthermore, the patch reduces the noise in the log produced by
false-positive error messages that are actually warnings.

Fixes #2548
2017-11-06 13:57:20 +01:00
Norman Feske
a0a7d5d165 ps2_drv: drive mode indicator LEDs
The new feature is demonstrated by the input.run script. It uses a
dynamic ROM service to toggle the keyboard LEDs at different intervals.

Fixes #2546
2017-11-06 13:57:20 +01:00
Christian Helmuth
73f1fa9a1f ahci: log vendor/device IDs as hex 2017-11-06 13:57:19 +01:00
Alexander Boettcher
5e5c705fbc init_smp.run: limit spawned init's for x86_32 2017-11-06 13:57:19 +01:00
Martin Stein
2eef27fca4 timer test: raise tolerance at max trigger count
Timing itself costs time. Thus, the stressfull timeout phase of the
test is not exactly as long as set but a little bit longer. This is why the
fast timeouts are able to trigger more often than they are expected to
(the timer has a static timeout-rate limit). Normally we consider this effect
through an error tolerance of 10%. But at least on foc x86_32 (PIT with very
low max timeout), timing is so expensive that 10% is not enough. We have to
raise it to 11%.
2017-11-06 13:57:19 +01:00
Martin Stein
d4920eade4 timer.run: end test on uncaught exceptions 2017-11-06 13:57:18 +01:00
Norman Feske
3a350b65a3 init: handle Service_denied for forwarded sessions
This patch propages the 'Service_denied' condition of forwarded sessions
to the parent. Without it, the invalid session request stays pending
infinitely, which leads to the problem described in issue #2542. It
turns out that suggested solution given in the issue text is actually
not needed when applying this fix.

Fixes #2542
2017-11-06 13:57:18 +01:00
Norman Feske
1ccd9a2fdb rom_filter: expand target buffer on demand
The ROM filter did not handle the situation where the generated content
exceeds the size of the initially allocated dataspace for the target
buffer. This patch wraps the XML generation in a retry loop that
expands the buffer as needed.
2017-11-06 13:57:18 +01:00
Norman Feske
f3988a27d4 nit_fb: support 'origin' attribute
This patch makes the specification of screen coordinates more flexible.
First, the 'origin' attribute allows one to refer to either of the four
screen corners without knowing the screen size. Second, the 'width'
and 'height' values now accept negative values, which are relative to
the screen size.
2017-11-06 13:57:18 +01:00
Norman Feske
dd5b03671d os: don't limit file-systems-session upgrades
The 'File_system::Connection' already performs an on-demand session
upgrade should the server report an 'Out_of_caps' or 'Out_of_ram'
condition. So file-system clients are normally relieved from handling
those exceptions. However, the upgrade was limited to two attempts per
operation (which amounts to 16 KiB). When using the Rump VFS plugin in
the VFS server, this amount does not always suffice. So the exception is
reflected to the client. I observed this problem as a message "unhandled
error" printed by fs_rom. This patch removes the upgrade limit such that
a greedy file-system server becomes iteratively upgraded until it stops
arguing or the client's RAM is exhausted.
2017-11-06 13:57:18 +01:00
Christian Helmuth
ee4ee6a8ac depot: update recipe hashes 2017-10-19 13:31:18 +02:00
Christian Prochaska
e4fa8e8fcf vfs server: remove special case of rootdir handles
With this patch, the VFS server returns distinguishable IDs when opening
the root directory multiple times.
2017-10-19 13:31:15 +02:00
Martin Stein
5f65791962 nic_router: bad-protocol message only if verbose
This was an error output-line for each affected packet previously but it
is pretty normal for the router to receive packets whose network layer
protocol it doesn't know . In the default case, these packets shall be
ignored silently.

Ref #2490
2017-10-19 13:31:15 +02:00
Martin Stein
30a96706cb nic_router: dhcp server functionality
One can configure the NIC router to act as DHCP server at interfaces of a
domain by adding the <dhcp> tag to the configuration of the domain like
this:

<domain name="vbox" interface="10.0.1.1/24">
    <dhcp-server ip_first="10.0.1.80"
                 ip_last="10.0.1.100"
                 ip_lease_time_sec="3600"
                 dns_server="10.0.0.2"/>
    ...
</domain>

The attributes ip_first and ip_last define the available IPv4 address
range while ip_lease_time_sec defines the lifetime of an IPv4 address
assignment in seconds. The IPv4 address range must be in the subnet
defined by the interface attribute of the domain tag and must not cover
the IPv4 address in this attribute. The dns_server attribute gives the
IPv4 address of the DNS server that might also be in another subnet.
The lifetime of an offered assignment is the configured round trip time of
the router while the ip_lease_time_sec is applied only if the offer is
requested by the client in time.

The ports/run/virtualbox_nic_router.run script is an example of how to
use the new DHCP server functionality.

Ref #2490
2017-10-19 13:31:15 +02:00
Martin Stein
03144093b3 nic_router: do link garbage collect on each packet
Previously, garbage collect was only done when an incoming packet passed the
Ethernet checks. Now it is really done first when receiving a packet at an
interface.

Ref #2490
2017-10-19 13:29:45 +02:00
Martin Stein
215937ff0f nic_router: handle ARP requests for foreign IPs
If the router has no gateway attribute for a domain (means that the router
itself is the gateway), and it gets an ARP request for a foreign IP, it shall
answer with its own IP.

Ref #2490
2017-10-19 13:29:45 +02:00
Martin Stein
ee88d4d2d5 nic_router: use same packet log-format as nic_dump
Ref #2490
2017-10-19 13:29:45 +02:00
Martin Stein
e5b9a6cc8b nic_router: rework round-trip-time handling
Do not use two times the RTT for the lifetime of links but use it as
it is configured to simplify the usage of the router. Internally, use
Microseconds/Duration type instead of plain integers.

Ref #2490
2017-10-19 13:29:45 +02:00
Martin Stein
71bd9a1f10 nic_dump: configurable packet print
The nic_dump uses a wrapper for all supported protocols that
takes a packet and a verbosity configuration. The wrapper object can
than be used as argument for a Genode log function and prints the
packet's contents according to the given configuration. The
configuration is a distinct class to enable the reuse of one instance
for different packets.

There are currently 4 possible configurations for each protocol:
* NONE          (no output for this protocol)
* SHORT         (only the protocol name)
* COMPACT       (the most important information densely packed)
* COMPREHENSIVE (all header information of this protocol)

Ref #2490
2017-10-19 13:29:45 +02:00
Martin Stein
d63c40af3e dhcp: extend options utilities
Provide utilities for appending new options to an existing DHCP packet
and a utility for finding existing options that returns a typed option
object. Remove old version that return untyped options.

Ref #2490
2017-10-19 13:29:44 +02:00
Martin Stein
791fd9806f ipv4 address: conversion from and to integer
Ref #2490
2017-10-19 13:29:43 +02:00
Martin Stein
d0f5838c61 net: clean up header fields and accessors
Apply the style rule that an accessor is named similar to the the underlying
value. Provide read and write accessors for each mandatory header attribute.
Fix some incorrect structure in the headers like with the flags field
in Ipv4_packet.

Ref #2490
2017-10-19 13:29:43 +02:00
Martin Stein
7b55d4d5d9 ethernet: rework type for ethernet type value
Encapsulate the enum into a struct so that it is named
Ethernet_frame::Type::Enum, give it the correct storage type
uint16_t, and remove those values that are (AFAIK) not used by
now (genode, world).

Ref #2490
2017-10-19 13:29:43 +02:00
Martin Stein
3f269b773d nic_dump: use Duration instead of unsigned
Ref #2490
2017-10-19 13:29:42 +02:00
Martin Stein
97b1a22a8a nic_dump: measure time only if needed
Ref #2490
2017-10-19 13:29:42 +02:00
Martin Stein
6b4b662357 nic_router: fix for unknown transport protocols
Do not stop routing if the transport layer protocol is unknown but
continue with trying IP routing instead. The latter was already
done when no transport routing could be applied but for unknown transport
protocols we caught the exception at the wrong place.

Ref #2490
2017-10-19 13:29:42 +02:00
Martin Stein
642254134e timer test: rate limiting and no starvation
No starvation of timeout signals
--------------------------------

Add several timeouts < 1ms to the stress test and check that timeout
handling doesn't become significantly unfair (starvation) in this situation
where some timeouts trigger nmuch faster than they get handled.

Rate limiting for timeout handling in timer
-------------------------------------------

Ensure that the timer does not handle timeouts again within 1000
microseconds after the last handling of timeouts. This makes denial of
service attacks harder. This commit does not limit the rate of timeout
signals handled inside the timer but it causes the timer to do it less
often. If a client continuously installs a very small timeout at the
timer it still causes a signal to be submitted to the timer each time
and some extra CPU time to be spent in the internal handling method. But
only every 1000 microseconds this internal handling causes user timeouts
to trigger.

If we would want to limit also the call of the internal handling method
to ensure that CPU time is spent beside the RPCs only every 1000
microseconds, things would get more complex. For instance, on NOVA
Time_source::schedule_timeout(0) must be called each time a new timeout
gets installed and becomes head of the scheduling queue. We cannot
simply overwrite the already running timeout with the new one.

Ref #2490
2017-10-19 13:29:42 +02:00
Christian Helmuth
f9b3c6d2cf Remove unused os/alarm.h include from loader 2017-10-19 13:29:41 +02:00
Martin Stein
df71e02ef6 alarm: fix bug in _setup_alarm
We did not set the correct now_period previously but it wasn't conspicuous
because the bug triggered not before a full period had passed which on most
platforms is a pretty long time.

Ref #2490
2017-10-19 13:29:41 +02:00
Christian Helmuth
28004bc9e6 timer: limit rate of handling timeouts
Ensure that the timer does not handle timeouts again within 1000
microseconds after the last handling of timeouts. This makes denial of
service attacks harder. This commit does not limit the rate of timeout
signals handled inside the timer but it causes the timer to do it less
often. If a client continuously installs a very small timeout at the
timer it still causes a signal to be submitted to the timer each time
and some extra CPU time to be spent in the internal handling method. But
only every 1000 microseconds this internal handling causes user timeouts
to trigger.

If we would want to limit also the call of the internal handling method
to ensure that CPU time is spent beside the RPCs only every 1000
microseconds, things would get more complex. For instance, on NOVA
Time_source::schedule_timeout(0) must be called each time a new timeout
gets installed and becomes head of the scheduling queue. We cannot
simply overwrite the already running timeout with the new one.

Ref #2490
2017-10-05 17:40:05 +02:00
Emery Hemingway
a67d24e509 import chroot from world repository
Fix #2529
2017-10-05 17:40:04 +02:00
Sebastian Sumpf
754d1bd4a3 usb_report_filter: check device ds
Make sure we actually can report devices on USB driver device updates.

related to #2527
2017-10-05 17:40:04 +02:00
Norman Feske
6d361b337b input/root.h: support re-opening of sessions
This patch fixes an aliasing problem of the 'close' method signature
that prevented the Input::Root_component::close method to be called.
This way, the event-queue state was not reset at session-close time,
which prevented a subsequent session-creation request to succeed. With
the patch, input servers like ps2_drv, usb_drv that rely on the
Input::Root_component support the dynamic re-opening of sessions. This
happens in particular when using a dynamically configured input filter.
2017-10-05 17:40:03 +02:00
Norman Feske
86656517e3 nitpicker: reset background if backdrop vanishes
Fixes #3
2017-10-05 17:40:03 +02:00
Josef Söntgen
e1ada57bfa vfs: use unsigned 64bit for media size ioctl
Fixes #2523.
2017-10-05 17:40:02 +02:00
Martin Stein
3f37a12e2d timer connection: fix mixing of time sources
We update the alarm-scheduler time with results of
Timer::Connection::curr_time when we schedule new timeouts but when
handling the signal from the Timer server we updated the alarm-scheduler
time with the result of Timer::Connection::elapsed_us.  Mixing times
like this could cause a non-monotone time value in the alarm scheduler.
The alarm scheduler then thought that the time value wrapped and
triggered all timeouts immediately. The problem was fixed by always
using Timer::Connection::curr_time as time source.

Ref #2490
2017-10-05 17:40:02 +02:00
Norman Feske
dae563725b drivers_interactive-pc: increase key-repeat rate 2017-10-05 17:40:02 +02:00
Alexander Boettcher
1cc09ac786 platform_drv: transfer of quota to device_pd
Issue #2507
2017-10-05 17:40:00 +02:00
Sebastian Sumpf
ff800af820 ahci: make port enumeration independent from port count
fixes #2522
2017-10-05 17:40:00 +02:00
Norman Feske
6fcf95d536 terminal: cursor-key handling w/o set key layout
This patch applies the handling of cursor keys, function keys, and page
up/down keys even if no keymap is defined. This is the case when using
the terminal with character events produced by the input filter.
2017-10-05 17:39:59 +02:00
Norman Feske
47b7ce5149 depot: recipe for rtc_drv,top 2017-10-05 17:39:58 +02:00
Norman Feske
d8861262b2 depot: recipe for cpu_load_display 2017-10-05 17:39:58 +02:00
Norman Feske
f10af1cc57 depot: recipe for src/xray_trigger 2017-10-05 17:39:58 +02:00
Norman Feske
070aa62f92 depot: recipes for file_terminal, terminal_log 2017-10-05 17:39:58 +02:00
Norman Feske
d9d32847b1 xray_trigger: make initial state configurable 2017-10-05 17:39:57 +02:00
Martin Stein
d62c3117de run/timeout: test if maximum timeouts trigger bugs
Create periodic and one-shot timeouts with the maximum duration
to see if triggers any corner-case bugs. They must not trigger during
the test.

Ref #2490
2017-10-05 17:39:57 +02:00
Martin Stein
8fd914c6ab timeout: fix outdated time in alarm scheduler
If we add an absolute timeout to the back-end alarm-scheduler we must first
call 'handle' at the scheduler to update its internal time value.
Otherwise, it might happen that we add a timeout who's deadline is so big that
it normally belongs to the next time-counter period but the scheduler thinks
that it belongs to the current period as its time is older than the one used
to calculate the deadline.

Ref #2490
2017-10-05 17:39:56 +02:00
Martin Stein
2633ff8661 alarm: fix information loss due to int-cast
When we have two time values of an unsigned integer type and we create
the difference and want to know wether it is positive or negative within
the same value we loose at least one half of the value range for casting
to signed integers. This was the case in the alarm scheduler when
checking wether an alarm already triggered. Even worse, we casted from
'unsigned long' to 'signed int' which caused further loss on at least
x86_64. Thus, big timeouts like ~0UL falsely triggered directly.

Now, we use an extra boolean value to remember in which period of the
time counter we are and to which period of the time counter the deadline
of an alarm belongs. This boolean switches its value each time the time
counter wraps. This way, we can avoid any casting by checking wether the
current time is of the same period as the deadline of the alarm that we
inspect. If so, the alarm is pending if "current time >= alarm
deadline", otherwise it is pending if "current time < alarm deadline".

Ref #2490
2017-10-05 17:39:56 +02:00
Sebastian Sumpf
a932fc2e5a depot: recipe for rump/file_system
Ref #2446
2017-10-05 17:39:56 +02:00
Martin Stein
4fa0cb5c29 timer pit: handle and display bad latency
If the PIT timer driver gets activated too slow (e.g. because of a bad priority
configuration), it might miss counter wraps and would than produce sudden time
jumps. The driver now detects this problem dynamically, warns about it and
adapts the affected values to avoid time jumps.

Ref #2400
2017-10-05 17:39:55 +02:00
Emery Hemingway
488396e78b server/vfs: status completes or throw Invalid_handle
The 'status' RPC method of the File_system session must complete
successfully or throw 'Invalid_handle' for any error.

Ref #2512
2017-10-05 17:39:55 +02:00
Martin Stein
82c763fe75 nic_router: provide link state
The NIC router always reports the link state "Up" (true) because
the effective link state depends on the targeted remote interface
and thus on the individual routing for each packet. Consequently,
also the signal handler for state changes gets ignored.

Ref #2490
2017-09-07 11:47:15 +02:00
Martin Stein
a1e32a3ad9 nic_router: use local but individual MAC addresses
IP stacks may treat a network interface as "down" when it states a MAC
address with the I/G bit (bit 40) set to "Group" (value 0) instead of
"Individual" (value 1). This was observed with a TinyCore 8 inside a
Virtualbox VM. Thus, the previously choosen 03:03:03:03:03:00 as base
for the MAC address allocator is bad. Now we use the 02:02:02:02:02:00
instead. This also ensures that the MAC addresses are not marked as
"Universal" but as "Local" (bit 41, value 1) which is correct in general
as the router allocates MAC addresses only for virtual networks.

Ref #2490
2017-09-07 11:47:15 +02:00
Martin Stein
68cd5e8004 nic_router & timer* tests: prioritize timer driver
The timer driver should always be of the highest priority to avoid
problem with timers that have low max-counter values like the PIT
with only 53 ms.

Ref #2400
2017-09-07 11:47:15 +02:00
Christian Helmuth
2ed904faab depot: update recipe hashes 2017-08-30 12:41:43 +02:00
Martin Stein
b531a862bb nic_dump: link state and mac address
The NIC dump component didn't support forwarding of link states and link-state
signals until now. Furthermore, it now prints MAC address and link state
on session creation and on every link state change.

Ref #2490
2017-08-30 10:01:36 +02:00
Martin Stein
84ad50b527 nic_dump: synchronize down/uplink creation
Previously, the uplink session was created on component startup while the
creation of the downlink session is timed by the client component. This
created a time span in which packets from the uplink were dropped at the
nic_dump. Now the uplink session-request is done by the session component
of the downlink.

Ref #2490
2017-08-30 10:01:35 +02:00
Alexander Boettcher
4c382d85b2 sel4: adjust cap ram quota of fault_detection.run 2017-08-30 10:00:01 +02:00
Martin Stein
12eb7a44d0 x86 timeout test: consider instable tsc (quickfix)
This is a quickfix to avoid testing microseconds precise time on older x86
machines that have no invariant TSC as interpolation source.

Ref #2400
2017-08-30 10:00:01 +02:00
Christian Helmuth
ae0c9e7692 Increase cap quota for usb_drv 2017-08-30 10:00:00 +02:00
Josef Söntgen
198019edca os: add Gpu driver for Intel Gen8 HD graphics
This commit introduces a experimental 3D driver for Intel Gen8 HD
graphics devices as well as the corresponding Gpu session.

Fixes #2507.
2017-08-30 09:59:57 +02:00
Alexander Boettcher
830f6934f9 base: add support to unconstrain virtual space
Issue #2507.
2017-08-30 09:59:57 +02:00
Emery Hemingway
1fce8d0d74 default ahci_drv and part_blk Block sessions to read-only
Add a "writeable" policy option to the ahci_drv and part_blk Block
servers and default from writeable to ready-only. Should a policy
permit write acesss the session request argument "writeable" may still
downgrade a session to ready-only.

Fix #2469
2017-08-28 16:49:51 +02:00
Martin Stein
d9073a1848 timer/util: generic TIMER_MIN_TICKS_PER_MS
Ref #2400
2017-08-28 16:49:50 +02:00
Martin Stein
ffaf99ae86 timeout test: remove error-limit exception for PIT
The problems with the PIT timer drivers were fixed so it is not necessary
anymore to treat them special.

Ref #2400
2017-08-28 16:49:49 +02:00
Martin Stein
399e1586be timer: generic timer_ticks_to_us implementation
There are hardware timers whose frequency can't be expressed as
ticks-per-microsecond integer-value because only a ticks-per-millisecond
integer-value is precise enough. We don't want to use expensive
floating-point values here but nonetheless want to translate from ticks
to time with microseconds precision. Thus, we split the input in two and
translate both parts separately. This way, we can raise precision by
shifting the values to their optimal bit position. Afterwards, the results
are shifted back and merged together again.

As this algorithm is not so trivial anymore and used by at least three
timer drivers (base-hw/x86_64, base-hw/cortex_a9, timer/pit), move it to a
generic header to avoid redundancy.

Ref #2400
2017-08-28 16:49:49 +02:00
Martin Stein
652187b25e timer pit: fix precision reduction to milliseconds
Due to the simplicity of the algorithm that translated from timer ticks
to time, we lost microseconds precision although the timer allows for it.

Ref #2400
2017-08-28 16:49:49 +02:00
Martin Stein
02bbb2efaf test/timeout: use elapsed_us instead of elapsed_ms
Ref #2400
2017-08-28 16:49:49 +02:00
Martin Stein
22294d3b18 timer connection: fix division by null
When synchronizing with the remote time source, we have to take care that the
measured time difference cannot become null because its real value is smaller
than the measurement granularity. Since the granularity is one microsecond, we
simply go on polling timestamp and time until the microsecond has passed.
This busy waiting should be no problem for the system for two reasons. First,
it is limited to a relatively small amount of time and second, a busy lock
does not happen because the time source that is responsible for the limiting
factor is explicitely called on each poll.

Ref #2400
2017-08-28 16:49:49 +02:00
Alexander Boettcher
7a006ccf50 uefi: adjust framebuffer.run to use fb_boot_drv
Issue #2242
2017-08-28 16:49:47 +02:00
Johannes Kliemann
c509cabdba os: fix fb_boot_drv framebuffer padding
Fixes #2486
2017-08-28 16:49:45 +02:00
Emery Hemingway
90eaad6cc2 depot recipe for blk_cache
Ref #2460
2017-08-28 16:49:44 +02:00
Sebastian Sumpf
66db2ee54e libports: Mesa 11.2.2
OpenGL 4.5 with software and i965 rendering back ends.

issue #2488
2017-08-28 16:49:43 +02:00
Norman Feske
cb72784717 os: add template specialization for alpha pixel
The specialization is needed for applying anti-aliased drawing
operations on alpha channels.
2017-08-28 16:49:39 +02:00
Christian Prochaska
b0935ef9b2 VFS: nonblocking interface
The VFS library can be used in single-threaded or multi-threaded
environments and depending on that, signals are handled by the same thread
which uses the VFS library or possibly by a different thread. If a VFS
plugin needs to block to wait for a signal, there is currently no way
which works reliably in both environments.

For this reason, this commit makes the interface of the VFS library
nonblocking, similar to the File_system session interface.

The most important changes are:

- Directories are created and opened with the 'opendir()' function and the
  directory entries are read with the recently introduced 'queue_read()'
  and 'complete_read()' functions.

- Symbolic links are created and opened with the 'openlink()' function and
  the link target is read with the 'queue_read()' and 'complete_read()'
  functions and written with the 'write()' function.

- The 'write()' function does not wait for signals anymore. This can have
  the effect that data written by a VFS library user has not been
  processed by a file system server yet when the library user asks for the
  size of the file or closes it (both done with RPC functions at the file
  system server). For this reason, a user of the VFS library should
  request synchronization before calling 'stat()' or 'close()'. To make
  sure that a file system server has processed all write request packets
  which a client submitted before the synchronization request,
  synchronization is now requested at the file system server with a
  synchronization packet instead of an RPC function. Because of this
  change, the synchronization interface of the VFS library is now split
  into 'queue_sync()' and 'complete_sync()' functions.

Fixes #2399
2017-08-28 16:49:38 +02:00
Norman Feske
8312950e2f gems: app/depot_query 2017-08-28 16:49:38 +02:00
Norman Feske
c8b2222485 depot: add pkg/test-fs_report 2017-08-28 16:49:38 +02:00
Norman Feske
a4b543bc80 init: avoid repeated config XML parsing 2017-08-28 16:49:37 +02:00
Norman Feske
bfbe5128cd tar_rom: minor documentation fix 2017-08-28 16:49:37 +02:00
Norman Feske
6184a27619 init: defer forwarded session requests when needed
This patch changes init's service forwarding such that pending requests
are kept unanswered as long as the requested service is not present
(yet). In dynamic-init scenarios, this is needed in situtions where the
dynamic init is known to eventually provide the service but the internal
subsystem is not ready yet. Previously, a client that attempted to
request a session in this early phase would get a 'Service_denied'
exception. By deferring the forwarding in this situation, the behaviour
becomes deterministic.

If a matching '<service>' exists but there is no matching policy sub
node, the request is answered with 'Service_denied' - as expected.
2017-08-28 16:49:37 +02:00
Martin Stein
c0c0d8c600 nic_router: error if uplink domain not configured
Ref #2490
2017-08-28 16:49:36 +02:00
Martin Stein
96c7f8d53f init: be aware of abandoned any-child routes
Previously, init did not test if a service is abandoned on a new
configuration if the service was routed via an any-child route.

Fixes #2483
2017-08-28 16:49:35 +02:00
Martin Stein
9476f3f645 run/init: test abandoned any-child routes
Currently, init does not test wether a service is abandoned on a new
configuration if the service was routed via an any-child route. Trigger
this behaviour in the init test.

Ref #2483
2017-08-28 16:49:35 +02:00
Martin Stein
b6efa7f6f9 timer connection: fast initial calibration
The calibration of the interpolation parameters was previously only done
periodically every 500 ms. Together with the fact that the parameters
had to be stable for at least 3 calibration steps to enable
interpolation, it took at least 1.5 seconds after establishing a
connection to get microseconds-precise time values.

This is a problem for some drivers that directly start to poll time.
Thus, the timer connection now does a calibration burst as soon as it
switches to the modern mode (the mode with microseconds precision).
During this phase it does several (currently 9) calibration steps
without a delay inbetween. It is assumed that this is fast enough to not
get interrupted by scheduling. Thus, despite being small, the measured
values should be very stable which is why the burst should in most cases
be sufficient to get the interpolation initialized.

Ref #2400
2017-08-23 14:08:37 +02:00
Martin Stein
adaad64fbb timer connection: relax factor shifting
When in modern mode (with local time interpolation), the timer
connection used to maximize the left shifting of its
timestamp-to-microseconds factor. The higher the shift the more precise
is the translation from timestamps to microseconds. If the timestamp
values used for determining the best shift were small - i.e.  the delay
between the calibration steps were small - we may got a pretty big
shift.  If we then used the shift with bigger timestamp values - i.e.
called curr_time seldom or raised calibration delays - the big shift
value became a problem. The framework had to scale down all measured
timestamps and time values temporarily to stay operative until the next
calibration step.

Thus, we now raise the shift only that much that the resulting factor
fullfills a given minimum. This keeps it as low as possible according
to the precision requirement. Currently, this requirement is set to 8
meaning that the shifted factor shall be at least 2^8 = 256.

Ref #2400
2017-08-23 14:08:37 +02:00
Martin Stein
6dfb903bd0 timer connection: always work with microseconds
As the timer session now provides a method 'elapsed_us', there is no more need
for doing any internal calculations with values of milliseconds.

Ref #2400
2017-08-23 14:08:36 +02:00
Martin Stein
8750e373a0 timer session: add elapsed_us method
As timer sessions are not expected to be microseconds precise (because
of RPC latency and scheduling), the session interface provided only a
method 'elapsed_ms' although the back end of this method in the timer
driver works with microseconds.

However, in some cases it makes sense to have a method 'elapsed_us'. The
values it returns might be milliseconds away from the "real" time but it
allows you to work with delays smaller than a millisecond without
getting a zero delta value.

This commit is motivated by the need for fast bursts of calibration
steps for the time interpolation in the new timer connection.

Ref #2400
2017-08-23 14:08:36 +02:00
Christian Helmuth
8b073f46df depot: update recipe hashes 2017-08-18 10:25:28 +02:00
Alexander Boettcher
4020766105 sel4: adapt timeouts of run scripts
Issue #2451
2017-08-18 10:24:47 +02:00
Alexander Boettcher
69e71147ef platform_drv: replace nova specific device_pd
by using generic Pd_session::map instead for eager memory mappings of DMA
memory.

Issue #2209
2017-08-18 10:24:47 +02:00
Emery Hemingway
5f35175644 app/sequence: execute components in sequence
Fix #2476
2017-08-18 10:24:46 +02:00
Emery Hemingway
ad6c94bb09 input_filter character mapping rules for the Workman layout
http://workmanlayout.org/

Fix #2473
2017-08-17 11:04:23 +02:00
Emery Hemingway
2deddf1e6d Check for symlink target length errors
Check for symlink length errors at the VFS library and the ram_fs and
vfs servers.

Fix #2462
2017-08-17 11:04:21 +02:00
Emery Hemingway
cfdac3f4c3 ram_fs: check symlink writes for termination bytes
Ref #2461
2017-08-17 11:04:21 +02:00
Alexander Boettcher
da5441292a sel4: add Wandboard Quad (iMX6) support
Issue #2451
2017-08-17 11:04:21 +02:00
Alexander Boettcher
782b457476 wand_quad: re-enable i.MX6 EPIT user level timer
Issue #2451
2017-08-17 11:04:21 +02:00
Alexander Boettcher
66c0c7b6f1 sel4: add x86_64 support
Issue #2451
2017-08-17 11:04:20 +02:00
Norman Feske
e31806d4e6 dde_rump: fix rump_iso test
The run script did not consider the routing for the environment ROM
sessions for the test-iso component. It routed all ROM sessions -
including the ones for the executable and the dynamic linker - to
fs_rom. The patch also adds the cap quota definitions required since
version 17.05 and fixes a whitespace inconsistency between the test
program and the run script.

Thanks to Steven Harp for reporting!
2017-08-17 11:04:20 +02:00
Christian Helmuth
e5f0dae598 terminal_log: carriage-return on newline
This is expected by hardware terminals, ie., terminal programs connected
to null-modem serial connections. Otherwise, the next line starts at the
column right after the last line.
2017-08-17 11:04:20 +02:00
Emery Hemingway
e2c1ea04ea depot: recipes for src/ram_blk, src/vfs
Ref #2446
2017-08-17 11:04:19 +02:00
Alexander Boettcher
95329c82e2 sel4: update to 5.2.0
Issue #2451
2017-08-17 11:04:19 +02:00
Christian Helmuth
145011b420 sd_card_drv: prevent deprecated warnings 2017-08-17 11:04:18 +02:00
Norman Feske
18cea099f0 depot: recipes for ahci, fs_rom, ram_fs, usb_block 2017-08-17 10:59:44 +02:00
Alexander Boettcher
24875c0ea8 platform_drv: add report about available pci devices
Issue #1359
2017-08-17 10:59:44 +02:00
Norman Feske
7d12d7a78f fs_report.run: replace test with dedicated program
The new version of the test exercises the combination of fs_report with
ram_fs and fs_rom as a more flexible alternative to report_rom.

It covers two corner cases that remained unaddressed by fs_rom and
ram_fs so far: First, the late installation of a ROM-update signal
handler at fs_rom right before the content of the file is modified.
Second, the case where the requested file is not present on the file
system at the creation time of the ROM session. Here, the ram_fs missed
to inform listeners for the compound directory about the later created
file.
2017-08-17 10:59:43 +02:00
Norman Feske
d649451c3d fs_rom: trigger deferred ROM-update signal
This patch ensures that fs_rom delivers a ROM-update notification in the
case where the underlying file was changed in-between requesting the
initial ROM content and registering the signal handler.
2017-08-17 10:59:43 +02:00
Norman Feske
bfcdab6079 fs_rom: make read-packet handling more robust
With the introduction of the CONTENT_CHANGED notifications delivered via
the packet stream, the assumption that no more than one READ packet is
in flight at all times does no longer hold. If the fs server responds
to a CONTENT_CHANGED packet while the fs_rom expects the completion of a
read request, the '_update_dataspace' method would prematurely return,
leaving the dataspace unpopulated. This patch solves the problem by
specifically waiting for the completion of the read request.
2017-08-17 10:59:43 +02:00
Norman Feske
0b580628cf file system: track content via version counter
This makes the delivery of CONTENT_CHANGED responses more robust.
2017-08-17 10:59:43 +02:00
Christian Prochaska
6a43f3c11a file system: use Id_space instead of Node_handle_registry
Fixes #2436
2017-08-17 10:59:43 +02:00
Norman Feske
0d1be4abe2 depot: update recipe hashes 2017-06-29 12:00:04 +02:00
Christian Helmuth
78f1fd29f7 Translate buffer-exceeded exception in Session_requester
Session_requester inherits from Dynamic_rom_session::Content_producer
which specifies the Buffer_capacity_exceeded exception which is thrown
on insufficient buffer space.
2017-06-29 12:00:03 +02:00
Norman Feske
a9da97bc4a init.run: lower timing sensitivity
Instead of relying on init's delayed reporting, we explicitly force init
to produce a new report with the up-to-date child-RAM information.
2017-06-29 12:00:03 +02:00
Norman Feske
ce01fd5321 depot: update drivers_interactive-pbxa9 to 17.05
With this commit, the wm.run script works for the pbxa9 platform when
using the base-hw kernel.
2017-06-29 12:00:02 +02:00
Norman Feske
4b862cb047 depot: fix src/pbxa9_drivers recipe
This is a follow-up commit to "os: move private declarations to driver
target".
2017-06-29 12:00:02 +02:00
Martin Stein
67fc1ec42b timeout test: prioritize timer driver over test
Ref #2400
2017-06-29 12:00:00 +02:00
Martin Stein
8d2ee6d040 timer okl4: remove deprecated const_cast
Ref #2400
2017-06-29 12:00:00 +02:00
Martin Stein
61f59818d3 pit/fiasco timeout: raise time error tolerance
On platforms that use the PIT timer driver, 'elapsed_ms' is pretty
inprecise/unsteady (up to 3 ms deviation) for a reason that is not
clearly determined yet. On Fiasco and Fiasco.OC, that use kernel timing,
it is the same. So, on these platforms, our locally interpolated time
seems to be fine but the reference time is bad. Until this is fixed, we
raise the error tolerance for these platforms in the run script.

Ref #2400
2017-06-29 11:59:59 +02:00
Christian Helmuth
82af06a42a sd_card: enable wand_quad/imx6 again 2017-06-29 11:59:58 +02:00
Christian Helmuth
ad824cea11 sd_card: cleanup driver library structure
Now both, the sd_card_drv and sd_card_bench use LIBS=sd_card_drv.
2017-06-29 11:59:58 +02:00
Emery Hemingway
73eb7a52a0 server/fs_report: do not append '.report to file names
Appending a suffix to report filenames was behavior inherited from
fs_log, it prevents creating files where directories need to be created
later. But unlike logs, only a subset of the hierarchy will report and
those that do append a component-local label, so the risk of collision
is low.

By removing the suffix fs_rom can serve reports back as ROM just as
report_rom does.

Ref #2422
2017-06-29 11:59:56 +02:00
Christian Prochaska
04f82721b1 fs_rom_update.run: add capability quota
Fixes #2453
2017-06-29 11:59:54 +02:00
Martin Stein
9b1c26ab7f timeout lib: dynamic interpolation-factor shift
In the timeout framework, we maintain a translation factor value to
translate between time and timestamps. To raise precision we scale-up
the factor when we calculate it and scale-down the result of its
appliance later again. This up and down scaling is achieved through
left and right shifting. Until now, the shift width was statically
choosen. However, some platforms need a big shift width and others a
smaller one. The one static shift width couldn't cover all platforms
which caused overflows or precision problems.

Now, the shift width is choosen optimally for the actual translation
factor each time it gets re-calculated. This way, we can take care that
the shift always renders the best precision level without the risk for
overflows.

Ref #2400
2017-06-29 11:59:54 +02:00
Martin Stein
99d971f348 timeout test: result buffer as struct
The result-buffer related members of the fast polling test are
the same for each buffered result type. Thus, we can make the
code easier by providing them through a struct.

Ref #2400
2017-06-29 11:59:53 +02:00
Norman Feske
c7b739cc61 bomb.run: define resource preservation for init
This patch increases init's preserved RAM and capability quota to
account for a current limitation of init with respect to the creation of
sessions to parent services:

In contrast to regular routed services, sessions to parent services are
created via 'Env::session'. The implementation of 'Env::session'
automatically upgrades session quotas on demand, which is the desired
behavior for regular 'Connection' objects. However, for sessions
established on the behalf of init's children, we would need to reflect
the error condition to the child instead of resolving it locally within
init (by subsidizing the session with init's quota). This patch leaves
this issue unresolved but fixes the symptom for the bomb test. It is
meant as an interim solution until the handling of parent sessions is
revised.
2017-06-29 11:59:53 +02:00
Norman Feske
5566aa0f94 bomb test: consider preserved PD session quota
This is an adaptation to the commit "core: prevent transfer of static PD
session quota".
2017-06-29 11:59:52 +02:00
Johannes Kliemann
1205607e78 os: add framebuffer based on platform_info of core
Issue #2242
2017-06-29 11:59:51 +02:00
Alexander Boettcher
04b2919a1a acpi_drv: use platform_info for rsdt/xsdt lookup
Issue #2242
2017-06-29 11:59:50 +02:00
Martin Stein
5fec4a2166 timeout test: raise error tolerance on nova + qemu
On QEMU, NOVA uses the pretty unstable TSC emulation as primary time
source. Thus, timeouts do not trigger with the common precision (< 50
ms). Use an error tolerance of 200 ms for this platform constellation.

Ref #2400
2017-06-29 11:59:49 +02:00
Josef Söntgen
8f577e9d25 usb: use if-else in packet_handler
Apparently this construct leads to a compiler errors like

  error: second operand to the conditional operator is of type ‘void’, but
  the third operand is neither a throw-expression nor of type ‘void’
2017-06-19 12:35:57 +02:00
Martin Stein
745fa4fd67 timeout test: improve documentation
Ref #2400
2017-06-19 12:35:56 +02:00
Martin Stein
71fd2b4cde timeout test: consider time shift between sessions
The fast polling test uses one timer session for raw 'elapsed_ms' calls
and another one for potentially interpolated 'curr_time' calls. It then
compares the two results against each other. However, until now, the
test did not consider that the duration of the session construction may
create a remarkable shift between the local times of the two sessions.
This shift is now determined and compensated before doing any
comparison.

Ref #2400
2017-06-19 12:35:56 +02:00
Christian Helmuth
ba9ef7fdee foc: use slab for meta-data in RPC cap factory 2017-06-19 12:35:56 +02:00
Christian Helmuth
c16288bcde timer/foc: use current KIP-clock API
This prevents L4_DEPRECATED warnings.
2017-06-19 12:35:55 +02:00
Martin Stein
1ea745ca2e signal test: do not test multiple handlers
The multiple-handlers test was checking if handlers at one signal were
activated in a fair manner. But on Qemu, the error tolerance of one was
too small in rare cases (2 of 100 runs). However, having multiple
handlers for the same signal context can be considered deprecated
anyway. With the recommended Signal_handler wrapper for signal sessions,
you can't use this feature. Thus, we removed the multiple-handlers test.

Fixes #2450
2017-06-19 12:35:55 +02:00
Christian Prochaska
a1b1525ec1 lx_fs: handle errors on mkdir correctly
Fixes #2444
2017-06-19 12:35:55 +02:00
Emery Hemingway
47c616ab94 server/fs_report: write reports to file-systems
Fix #2422
2017-06-19 12:35:54 +02:00
Emery Hemingway
1eb37fbe22 VFS: move 'sync' from 'File_system' to 'Directory_service'
The the parent 'Directory_service' interface is reachable from
'Vfs_handle', whereas the 'File_system' interface is not.

Fix #2437
Ref #2422
2017-06-12 14:32:07 +02:00
Emery Hemingway
1838fb4773 vfs/ram: check parent directory on file creation
Fix #2443
2017-06-12 12:44:23 +02:00
Alexander Boettcher
0523736ce4 acpi: limit device scope paths
Fixes #2371
2017-06-08 11:32:39 +02:00
Martin Stein
b8e2253e5f timeout: fix bug in interpolation
We incorrectly used 'unsigned long' (which is 32 or 64 bit depending on
the CPU architecture) for a timestamp (which is always 64 bit) in the
timer-connection implementation.

Ref #2435
2017-06-06 13:01:43 +02:00
Martin Stein
23337eb6e7 run/timeout: run also on arm w/o hw and qemu
On platforms were we do not have local time interpolation we can simply
skip the first test stage in the timeout test. This way, we can at least
test the rest.

Fixes #2435
2017-05-31 17:50:28 +02:00
Martin Stein
685f509a43 timer connection: no interpolation on arm w/o hw
On ARM, we do not have a component-local hardware time-source. The ARM
performance counter has no reliable frequency as the ARM idle command
halts the counter. Thus, we do not do local time interpolation on ARM.
Except we're on the HW kernel. In this case we can read out the kernel
time instead.

Ref #2435
2017-05-31 17:50:28 +02:00
Christian Helmuth
892ede515f depot: update recipe hashes 2017-05-31 16:18:01 +02:00
Christian Helmuth
67e33d3948 depot: adjust cap quotas in drivers_interactive_pc (64-bit) 2017-05-31 16:18:01 +02:00
Norman Feske
1e8689bafe depot: adjust cap quotas in drivers_interactive_pc 2017-05-31 13:16:25 +02:00
Norman Feske
7bb8e332a9 depot: adjust base recipe to removed headers
This patch updates the recipes for the base-<kernel> archives to the
recently removed os/config.h and os/timeout.h headers.
2017-05-31 13:16:25 +02:00
Sebastian Sumpf
c3cf7f3c3a riscv: ISA-1.9.1 and GCC-6.3.0 adaptions
Adds 1.9.1 support to base-hw

Note:
* the kernel timer is not working
* dynamic linking is currently not supported
2017-05-31 13:16:24 +02:00