Commit Graph

10248 Commits

Author SHA1 Message Date
Johannes Schlatow
b793802333 sculpt: fix presence of unconfigured children
A launched child only becomes present in the runtime when it has been
configured. This must be considered when checking for missing servers.

Fixes genodelabs/genode#5226
2024-05-29 09:18:12 +02:00
Norman Feske
cfd013a01a os/include: use C++20 function template syntax
Issue #5227
2024-05-29 09:18:12 +02:00
Norman Feske
5e862b2cd3 base/include: use C++20 function template syntax
Issue #5227
2024-05-29 09:18:12 +02:00
Alexander Boettcher
48d6f0220c nova: avoid static smp code reservation
Using a segment to reserve the AP (application processor) code page does not
work if the region overlaps with other non-memory types, e.g. bender checks
for the overlapping and denies to boot on such machines.

Without bender, the system boots up fine. So, partially remove the nova commit
"Add segment to reserve AP startup page" and instead apply the idea of
Cyberus's version. Place the AP boot code later during boot and save and
restore the memory before/after SMP bootstrap.
2024-05-29 09:18:11 +02:00
Christian Helmuth
3c24715d16 Add pc_linux.run for driver tests on pc
Inspired by the excellent imx_linux.run script.
2024-05-29 09:18:11 +02:00
Sebastian Sumpf
d71b6ca305 mesa: update to version 24.0.1
Supported Gallium drivers are iris (Intel), lima (PinePhone), etnaviv
(i.MX8).

issue #5224
2024-05-29 09:18:11 +02:00
Sebastian Sumpf
dca3b12109 libdrm: update to version 2.4.120
Prerequisites for Mesa 24.0.1

* generic:
  * add patch to retrieve PCI/Platform information from Genode side of the DRM
    interface (in drmGetDevice2)
  * add generated 'fourcc' file

* iris:
  * report back-end (currently 'i915', 'xe' is unsupported)
  * add various I915_CONTEXT_PARAM* and I915_PARAM*
  * allocate 'Buffer's starting with ID 1 (0 is invalid)
  * enforce 48-bit-address limit on unmap also
  * disable I915_EXEC_FENCE_ARRAY array check, because we do not support
    sync objects right now and rendering in synchronous

* etnaviv:
  * create 'Fenceobj' only *once* for each GPU context

issue #5224
2024-05-29 09:18:11 +02:00
Benjamin Lamowski
b83b53d3b2 hw: abstract nested paging on x86
The initial SVM implementation (correctly) just used another standard
x86_64 page table for nested paging. The EPT implementation is for Intel
VMX only. Since we don't know the underlying virtualization technology
at compile time, we need to pick the correct page table implementation
at runtime.

Add add a AMD-compatible HPT page table implementation using the same
base implementation and (more importantly) allocator as the EPT
implementation. Add a Vm_page_table implementation that determines the
used virtualization technology at runtime and internally defers insert
and remove operations to the correct page table implementation.

Issue #5218
2024-05-29 09:18:11 +02:00
Benjamin Lamowski
221d0c6c48 hw: implement EPT page table
Implement a nested page table to use with x86 virtualization.

Fixes #5218
2024-05-29 09:18:11 +02:00
Benjamin Lamowski
4fc94deccb base: x86: page table base: make parameters compatible
To make the x86 page table base implementation compatible with the
function signatures used in hw, make the Intel IOMMU specific arguments
optional:

- Make the `flush` parameter default to false.
- Make the `supported_sizes` parameter default to 1GB + 2MB + 4k.

Issue #5217
2024-05-29 09:18:11 +02:00
Benjamin Lamowski
30b39d5fa3 base: generalize the page table allocator and move it to base
The Intel IOMMU page table implementation in the pc platform driver uses
a page table allocator that is adapted from the implementation in the hw
kernel.

Move the allocator to base as a first step to consolidate
implementations, fix an Array constructor and re-add the Allocator
constructor working on addresses instead of tables.

Issue #5217
2024-05-29 09:18:11 +02:00
Benjamin Lamowski
58e9856eb8 base: move page flags interface to base
On hw, `Page_flags` is used throughout architectures. At the same time,
it is used by the Intel IOMMU page table implementation in the pc
platform driver.

Consolidate the definition in base so it is available for all users.

Issue #5217
2024-05-29 09:18:11 +02:00
Johannes Schlatow
c31adb77e7 base: add shared page-table code for x86_64
Issue #5217
2024-05-29 09:18:11 +02:00
Alexander Boettcher
97544ed7a9 nova: support iommu enabling per intel/amd
separately.  The "iommu" option is now split up into "iommu_intel" and
"iommu_amd" and thereby can be disabled easily if required for one of the CPU
vendors.

Fixes #5206
2024-05-29 09:18:11 +02:00
Alexander Boettcher
b33afb24d7 nova: adjust to cmdline changes of kernel
- no need to explicitly switch off vga anymore
- use vPID for VMs which improves TLB usage if multiple vCPUs on same
  pCPU is used, which happens to happen on Sculpt.
- support for mwait by nova kernel, which is off by default

Issue #5206
2024-05-29 09:18:11 +02:00
Alexander Boettcher
d9086833ed netperf: run timer most preferred in tests 2024-05-29 08:37:08 +02:00
Alexander Boettcher
801fe272ca pit: new timer implementation
Issue #5138
2024-05-29 08:37:08 +02:00
Stefan Kalkowski
32bc1b14d4 dde_linux: add busybox port
Fix genodelabs/genode#5214
2024-05-29 08:37:08 +02:00
Benjamin Lamowski
aad80e81da hw: add support for VMX
Add support for Intel's Virtual Machine Extensions with nested paging.

Fixes #5128
2024-05-29 08:37:08 +02:00
Stefan Kalkowski
f0ec1adcd3 base: add check_tool utility to build system
Fix genodelabs/genode#5213
2024-05-29 08:37:07 +02:00
Benjamin Lamowski
dbd070b815 hw: add kernel panic function to x86_64
Add a kernel panic function to x86_64 that mirrors the functionality
available for ARM.

Issue #5128
2024-05-29 08:37:07 +02:00
Benjamin Lamowski
5049f03f5b hw: generic interface for x86 virtualization
Create a generic interface for x86 virtualization.
Split the VMCB data structure in `Vmcb_buf` to represent the physical
VMCB page and `VMCB` as a control interface.

Issue #5113
2024-05-29 08:37:07 +02:00
Benjamin Lamowski
b4fe9154b9 hw: access VMCB State Save Area via Mmio framework
So far, the VMCB data structure was generated from it's parts (most
prominently VMCB Control Area and VMCB State Save Area) with the VMCB Control
Area accessed via the Mmio framework, while the VMCB State Save Area
struct used directly defined members.

Unify the VMCB structure and uniformly use the Mmio framework to access
the VMCB. Separate the controlling structure from the VMCB page.

Issue #5113
2024-05-29 08:37:07 +02:00
Benjamin Lamowski
0d1716b07d hw: prepare SVM implementation for generic virtualization support
The SVM implementation did not lend itself to a runtime selection of the
x86 virtualization technology.

Encapsulate functionality in the VMCB class to facilitate adding support
for Intel's VMX.

Issue #5113
2024-05-29 08:37:07 +02:00
Benjamin Lamowski
3a88d133ed hw: generalize virtualization memory
The initial vCPU memory was written for AMD's SVM.

Make the vCPU memory provider virtualization technology agnostic.

Issue #5113
2024-05-29 08:37:07 +02:00
Benjamin Lamowski
e82859444e hw: clean up Intel TSC frequency deduction
The initial algorithm ported to hw seems to be correct in principle,
however it does not work with nested virtualization.

Clean up the code to make the different methods of obtaining the TSC
frequencies more clear, and add warnings if a particular
method has failed although it should be available.

Fixes #5210
2024-05-13 15:52:22 +02:00
Alexander Boettcher
59c42ffb46 lib-qemu: support to use qemu-usb w/o webcam
for other VMMs beside Virtualbox, e.g. Seoul or potentially arm/vmm. The
webcam model depends on libyuv, which uses stdcxx + full libc, which is not
desired or required for all VMM implementations.

Fixes #5208
2024-05-13 14:06:54 +02:00
Sebastian Sumpf
6c9d3326ec ldso: add support for R_<arch>_NONE relocations
We discovered this relocation, which does nothing, in pre-compiled
libraries. It is easy to implement because it has the same
relocation-type number (0) for all supported ABIs.

Also adjust error message from "Unsupported PLT relocation" to
"Unsupported translation table address format" to not confuse the
relocation type with the translation table type.

Fixes #5209
2024-05-08 08:23:39 +02:00
Christian Prochaska
a59f73f7d3 libc: remove 'Symlink_resolve_error' exception
Issue #5198
2024-05-08 00:38:45 +02:00
Alexander Boettcher
bfddf08f75 ahci: make robuster during resume
During resume the waiting for Cmd::St takes ~2s on a T460p with Intel
AHCI SSD attached. According to the Serial ATA AHCI Spec. wakeup can take
seconds, e.g. chapter 8.2 Power State Mappings of the Serial ATA AHCI spec
(1.3.1).

Issue #5203
2024-05-07 16:46:34 +02:00
Alexander Boettcher
dc4dad4608 sculpt_manager: add ahci to monitored used devices
for suspend/resume

Issue #5203
2024-05-07 16:46:21 +02:00
Christian Helmuth
79e391ba8d vbox6: diagnostic message on Region_conflict
Catch and log Vm_session::Region_conflict, but continue operation.
2024-05-07 15:21:48 +02:00
Alexander Boettcher
f0f66f8ccc nova: avoid ipi timeouts
Fixes #5204
2024-05-07 15:09:32 +02:00
Alice Domage
4bda9d9136 pc_intel_fb_drv: enforce operation on Intel's devices
This commit enforces the driver to only wait for devices with Intel's
vendors ID to be ready.

genodelabs/genode#5207
2024-05-07 14:20:44 +02:00
Christian Helmuth
8a019c9bb9 nitpicker: always update "displays" report
Restore the reporting in situations where all capture sessions are gone.
This fixes the webcam package that disables the USB webcam driver when
nitpicker report no active displays.

Issue #5187
2024-05-03 09:12:49 +02:00
Christian Prochaska
25b918052b qt5: improve tooltip visibility
Fixes #5205
2024-05-03 08:31:23 +02:00
Christian Helmuth
4b9d02fe31 depot: update recipe hashes 2024-05-02 11:19:50 +02:00
Norman Feske
101e9f5733 vfs/oss/README: oss_next -> oss
Issue #5167
2024-05-02 11:19:50 +02:00
Norman Feske
50b87957db sculpt: improve GUI smoothness on PinePhone
- Avoid geometry animation at boot time
- Assign CPU quantum to higher prioritized GUI components
- Defer touch_keyboard start to reduce boot time

Issue #5174
2024-05-02 11:19:50 +02:00
Norman Feske
b1df5d890e sculpt: update graph abbreviations to 24.04
Issue #5174
2024-05-02 11:19:49 +02:00
Stefan Kalkowski
18511770bc sculpt: add support for more than one mmc card
Instead of using one default policy when creating an mmc driver's
configuration, produce some more static policy items to support
boards with more than one card per driver (mnt_reform2).
2024-05-02 11:19:49 +02:00
Christian Helmuth
6710092bb4 sculpt_distribution: add vfs_oss 2024-05-02 11:19:49 +02:00
Christian Helmuth
c25841691f ports: build vim/vim-minial with --enable-multibyte
A first step to complete UTF-8 support in the terminal (e.g.,
system_shell).
2024-05-02 11:19:49 +02:00
Florian Delizy
1146f27c59 sculpt: add menu name for Bepo keyboard layout
issue #5202
2024-05-02 11:19:49 +02:00
Florian Delizy
593a9aefca sculpt: add fr_bepo reference into default build
issue #5202
2024-05-02 11:19:49 +02:00
Florian Delizy
b2eca7cea2 event_filter: reduce bepo chargen to 486ln
issue #5202
2024-05-02 11:19:49 +02:00
Florian Delizy
1534ba21ce event_filter: add fr_bepo chargen file
issue #5202
2024-05-02 11:19:49 +02:00
Alexander Boettcher
72bb960c2a dde_linux: update jiffies in cpu_relax on x86/pc 2024-05-02 11:19:49 +02:00
Martin Stein
e350dc27e9 internet_checksum.run: test net checksum alorithms
See repos/os/src/test/internet_checksum/README for more detail.

Ref #4636
2024-05-02 11:19:49 +02:00
Christian Helmuth
3a0ded3bdd window_layouter: calculate weighted dimension in double
The change prevents integer overflows with reasonable large values.

Thanks Peter for reporting.
2024-04-29 16:08:56 +02:00
Christian Helmuth
fc27469b97 sculpt: remap KEY_SYSRQ to KEY_PRINT
Both keys are physically the same on available keyboards (with varying
labeling). Unfortunately, PS/2 scancode sets and USB HID spec seem to
differ slightly in their interpretation. Therefore, we keep the
driver-level reporting as is but report both as KEY_PRINT in Sculpt,
which allows to use the key(s) for screenshoter rules most prominently.

Also, unify sculpt/event_filter/pc with sculpt_manager.
2024-04-29 15:31:20 +02:00
Christian Helmuth
00c776c3dd sculpt_distribution: add rom_osci and record_rom 2024-04-29 09:54:02 +02:00
Christian Helmuth
e31273a410 depot: add libiconv pkg/goa 2024-04-26 15:22:37 +02:00
Christian Helmuth
59b85cc672 depot: update recipe hashes 2024-04-26 09:59:36 +02:00
Benjamin Lamowski
820a144f6d sculpt: adjust RAM for inspect window
With the current RAM setting, opening the inspect window fails on a
display with 4K resolution.
Adjust the inspect window's RAM quota to make it work.

Issue #5174
2024-04-26 07:39:25 +02:00
Norman Feske
88f050963e sculpt: update README for version 24.04
Issue #5174
2024-04-26 07:39:25 +02:00
Johannes Schlatow
c5acfd027b depot: add goa_testbed requirements to pkg/goa
genodelabs/genode#5174
2024-04-25 15:43:03 +02:00
Stefan Kalkowski
d9420c618c hw: take over ACPI hardware from SMI
Fix #5196
2024-04-25 15:43:03 +02:00
Stefan Kalkowski
68de550090 hw: ignore stale data in fresh signal
When a new signal arrives, which means a formerly non-pending one,
we should ignore old signal numbers of that context, but only
evaluate newly received data by the last kernel-call.

Fix #5193
2024-04-25 15:43:03 +02:00
Christian Helmuth
6dd87a6ce0 sculpt: integrate preliminary touchpad support
Issue #5195
Issue #5174
2024-04-25 15:43:03 +02:00
Christian Helmuth
54cf1334e1 Permit shared access to Intel PCH GPIO device
The ported i2c_hid driver contains driver code for the "Intel
Tigerlake/Alderlake PCH pinctrl/GPIO" device. Unfortunately, acpica
driver also accesses the same device on Lid open/close via ACPI AML code
of the DSDT table to read out the state of a GPIO pin connected to the
notebook lid. This would fail as I/O memory is handed out only once and
cannot be shared. The workaround disables the region check for the
specified GPIO I/O memory regions and provides both drivers shared
access to the regions.

This is a preliminary workaround. A general solution should separate the
GPIO driver into a component (e.g., platform driver) that regulates
accesses by i2c_hid and acpica.

Issue #5195
2024-04-25 15:43:02 +02:00
Christian Helmuth
c4b5f11a38 pci_decode: report Intel PCH GPIO device
Discovered on Tigerlake (Fujitsu U7411) and Alderlake (Framework Gen12)
notebook devices.

Issue #5195
2024-04-25 15:43:02 +02:00
Christian Helmuth
10f8da4a13 pci_decode: fixup Intel LPSS (I2C) PCI BARs
Discovered on Tigerlake (Fujitsu U7411) and Alderlake (Framework Gen12)
notebook devices.

Issue #5195
2024-04-25 15:43:02 +02:00
Christian Helmuth
b085550a0c sculpt: fix menu-level check in popup dialog
Issue #5174
2024-04-25 15:43:02 +02:00
Alexander Boettcher
f9e9835449 sculpt: move nitpicker to leitzentrale affinity
During audio and video playback at a high rate by a VMM, nitpicker on the
boot CPU may interfere with the mixer clients, letting them not finish the
schedule RPC at the mixer in time. Moving nitpicker to the same CPU as
leitzentral mitigates the effect at moment.

Issue genodelabs/genode#5174
2024-04-25 15:43:02 +02:00
Martin Stein
48a5c12526 nic_router_uplinks.run: raise timeouts
At least on x86_64/x86_64/pc/hw|nova, the test used to fail because the net
setup sometimes required more than the 3 seconds that the test was giving each
step. This commit raises the step timeout to 5 seconds and the test timeout
from 70 to 90 seconds in order to be on the safe side.

Ref #5192
2024-04-25 15:43:02 +02:00
Josef Söntgen
ac3202e554 sculpt: raise volume in audio launcher
The default mixer launcher limits the volume to 50%, so raise the
driver's volume to the max to be audible on certain systems where
otherwise audio is barely recognizable.

While there, fix the wrong reporting attribute as well.

Issue #5174.
2024-04-25 15:43:02 +02:00
Norman Feske
1379661a85 sculpt/event_filter: rename touch -> touchpad
This eases the integration of a custom touchpad driver component
provided as launcher.

Issue #5174
2024-04-25 15:43:02 +02:00
Martin Stein
50fc5c6d42 file_vault: further reduce typical quota needs
Ref #5190
2024-04-25 15:43:02 +02:00
Martin Stein
d5e3f73884 file_vault: do not consider ui_config version
The version in ui_report and ui_config were merely used for making test output
more readable. However, there are other ways to achieve this goal.

Ref #5190
2024-04-25 15:43:02 +02:00
Martin Stein
2bcc85b5f5 file_vault: fix locking issue
The File Vault used to sporadically fail to complete Extend or Rekey operations
when it was locked during the operation. The cause was an insufficient state
model that has been fixed with this commit.

Ref #5190
2024-04-25 15:43:02 +02:00
Martin Stein
969469edef file_vault: clean up
Ref #5190
2024-04-25 15:43:02 +02:00
Martin Stein
a7ef2319f6 file_vault: remove need for state file
The state file is a legacy from the early days of the file vault and not really
needed anymore.

Ref #5190
2024-04-25 15:43:02 +02:00
Martin Stein
483fe18c4d file_vault_gui: dialog-based file_vault front end
* adds rekeying and resizing controls to config+report api of file vault
* moves common types of file vault to file_vault/include/file_vault/types.h
  to be included by other components
* fixes wrong type of nr_of_clients fields in file_vault
* introduces the file_vault_gui component that is a minimal graphical front end
  for the file vault based on the dialog lib and that uses the
  config+report api of the file vault as back end

Ref #5190
2024-04-25 15:43:02 +02:00
Martin Stein
9d78356885 text_area: remove unused min_width, min_height 2024-04-25 15:43:02 +02:00
Norman Feske
b75b40049d sculpt: rename suspend -> standby
Issue #5174
2024-04-25 15:43:01 +02:00
Norman Feske
d3d1e701a4 sculpt: refine scrolling boundaries
This patch addresses corner cases not considered so far. In particular,
it avoids placing the Add/Options tabs of an unscrollable popup under
the panel. This could happen in the presence of many options. The patch
includes the panel height into the calculation to rule out such
situations. It also tightens the scrolling boundaries to the visible
content.

Issue #5183
2024-04-25 15:43:01 +02:00
Josef Söntgen
a029b85d62 pc_wifi: provide generic LED related dummies
The generated dummies triggered when using a Atheros AR9462 device.

Fixes #5191.
2024-04-25 15:43:01 +02:00
Johannes Schlatow
60d97fab7e sculpt: update goa_testbed preset
genodelabs/genode#5174
2024-04-25 15:43:01 +02:00
Norman Feske
b939358c36 window_layouter: protect against mode 1 x 1
This patch handles intermediate situations where the screen mode may
become 1 x 1 (absence of any capture clients). In this case, the
decoration of a maximized window would legitimately exceed the screen
boundary.

Thanks Johannes for the investigation.

Issue #5187
Issue #5180
2024-04-25 15:43:01 +02:00
Johannes Schlatow
0f0fa5b2a2 sculpt: correct ROM names in event_filter/pc
The chargen files have been moved/renamed a while ago in the scope
of #4055.

genodelabs/genode#5174
2024-04-25 15:43:01 +02:00
Alexander Boettcher
f925680035 sculpt_manager: avoid restarting intel_gpu
during resume, which otherwise will restart all GPU clients.

Issue #5180
2024-04-25 15:43:01 +02:00
Alexander Boettcher
274a733e1a sculpt: support blanking system state
The blanking state is evaluated by the intel_fb driver, which will switch
off all connectors. When done, the intel_fb driver will exit and the
sculpt_manager will continue with the next step, stopping all drivers.

Issue #5180
2024-04-25 15:43:01 +02:00
Alexander Boettcher
9337c178c1 intel/gpu: support blanking system ROM state
Keep device resources alive, for "" and "blanking" state, so that
intel/display driver can try to switch off the connectors.

Issue #5180
2024-04-25 15:43:01 +02:00
Alexander Boettcher
2a4502b0de intel/display: support system state evaluation
When the system state "blanking" is determined, all connectors are switched
off and a parent exit is invoked.

Issue #5180
2024-04-25 15:43:01 +02:00
Stefan Kalkowski
5f67073aad sculpt: add missing pieces to support MNT reform
This commit adds missing routes to I2c for the framebuffer driver of the
MNT Reform. If build for this concrete board the Board_info::Soc variable
within the sculpt_manager is initialized according to the properties of
this device. The `update_soc` routine is called in the initialization of
the sculpt_manager, otherwise it won't be called at all, if no PCI devices
changes are detected. Missing driver binaries and device-tree-binaries are
add to the run-script.

Issue #5174
2024-04-25 15:43:01 +02:00
Stefan Kalkowski
3b83292205 sculpt: refine condition of nic support
A network card can be provided by PCI, and the SoC as well. Therefore,
add an additional state variable in the Board_info::Soc, and check it
appropriatedly.

Issue #5174
2024-04-25 15:43:01 +02:00
Christian Prochaska
47c1e45f28 ports: increase GDB resource quota limits on Sculpt
Fixes #5188
2024-04-25 15:43:01 +02:00
Norman Feske
39ccd5ab79 sculpt: refine condition of acpi features
Commit "sculpt: safeguard the offering of suspend/resume" was too lax
about the detection of acpi support. In situations where acpi support
is selected but not yet installed, the menu would offer the features
already. This patch restricts the condition such that acpi support must
be running, not merely selected.

Issue #5174
2024-04-25 15:43:01 +02:00
Norman Feske
ad722f1450 nitpicker: avoid mode switches on driver restarts
This patch retains the buffer size of the last capture client as mode as
long as no capture client exists. This avoids intermediate mode changes
in situations like suspend/resume where the display driver is restarted.

Issue #5187
2024-04-25 15:43:00 +02:00
Alexander Boettcher
02efe59cdd sculpt_manager: adjust system model state
s3_prepare should be ACPI_SUSPENDING instead of ACPI_RESUMING

Issue #5180
2024-04-25 15:43:00 +02:00
Alexander Boettcher
766060ece6 acpi_suspend: adjust to changes of #5180
Issue #5180
2024-04-25 15:43:00 +02:00
Alexander Boettcher
53230d39f4 intel/display: delay until graphic device is ready
Issue #5180
2024-04-19 13:54:16 +02:00
Alexander Boettcher
0b3cc37258 intel/gpu: provide platform device if hw resumed
If the gpu driver is resumed, delay new Device acquisition of the platform
client (intel_fb), until the gpu driver is in a working state.

Issue #5180
2024-04-19 13:54:16 +02:00
Josef Söntgen
10d7427490 sculpt: consider SoC board info for fb selection
In contrast to platforms, like the PC, where the fb driver selection
is a dynamic decision depending on the available hardware, on current
ARM-based SoC machines this configuration is part of the static board
information.

Issue #5174.
2024-04-19 13:44:36 +02:00
Norman Feske
084a14b114 record_play_mixer: make warning rate configurable
This patch disables latency warnings by default. The warnings can be
enabled by setting the 'warning_rate_ms` value to the desired
maximum rate.

Fixes #5186
Issue #5174
2024-04-19 13:42:05 +02:00
Christian Helmuth
85c99c238d depot: update recipe hashes 2024-04-19 08:54:22 +02:00
Norman Feske
e3d4f202c4 sculpt/nitpicker: assign KEY_PRINT -> screenshot
Issue #5174
2024-04-19 08:54:22 +02:00
Christian Helmuth
d90ec3775b pkg/terminal: limit initial dimension to 900x600 2024-04-19 08:54:22 +02:00
Norman Feske
9e69c7301a sculpt: safeguard the offering of suspend/resume
The USB host controller gets restarted during the suspend-resume cycle.
Hence, don't offer suspend while any USB storage device is in use, in
particular when deploying Sculpt from a USB stick.

Suspend/resume is not supposed to work with any framebuffer driver other
than intel_fb. Therefore, offer the suspend feature only when using intel_fb.

Issue #5174
2024-04-19 08:54:22 +02:00
Josef Söntgen
f2b921f380 pc_wifi: add iommu_device_unuse_default_domain dummy
Issue #5185.
2024-04-19 08:54:22 +02:00
Christian Helmuth
87ea807136 test-signal: print signals per activation in stress test 2024-04-19 08:54:22 +02:00
Alexander Boettcher
7e23b704f0 sculpt: disable serial output when LOG!=core
Issue #5180
2024-04-19 08:54:22 +02:00
Norman Feske
0a5e174d78 sculpt/usb/default: add device-assignment example
Issue #5174
2024-04-19 08:54:21 +02:00
Norman Feske
c6aa50ec56 dialog: don't scroll beyond text bounds
Issue #5174
2024-04-19 08:54:21 +02:00
Christian Helmuth
f8c420a78b file_vault_client.run: epit timer requires IO_MEM 2024-04-19 08:54:21 +02:00
Norman Feske
4a6ab846e5 sculpt: restore heartbeat watchdog for intel_fb
The automatic restart of intel_fb got lost during the transition from
the driver manager. This commit restores the heartbeat monitoring of
this driver.

Issue #5174
2024-04-19 08:54:21 +02:00
Norman Feske
f34bf0d19e sculpt: power options (suspend, reset, power off)
This patch enhances the sculpt manager to drive the system state
and manage the lifecycle of driver components during suspend-
resume cycles.

The new Power options can be found in the System menu. The suspend
and power-off controls are presented only when the acpi-support
option is activated.

Note that the USB controller is hard restarted when resuming from
suspend. Hence, all components that depend on USB are restarted
implicitely.

Issue #5180
Issue #5174
2024-04-19 08:54:21 +02:00
Johannes Schlatow
29e21bff7f platform/pc: implement IOMMU suspend/resume
genodelabs/genode#5180
2024-04-19 08:54:21 +02:00
Johannes Schlatow
7441aba6d5 platform: add suspend/resume interface to Io_mmu
genodelabs/genode#5180
2024-04-19 08:54:21 +02:00
Christian Helmuth
8cd206a050 sculpt: don't pre-populate /report/runtime/wifi_drv
Issue #5174
2024-04-19 08:54:21 +02:00
Christian Helmuth
def630c3db sculpt_manager: remove obsolete "storage" node
Issue #5174
2024-04-19 08:54:21 +02:00
Alexander Boettcher
b97e549dc4 intel/gpu: reset framebuffer part of ggtt
on display client close (intel_fb). The former code constructed a
temporary object on the stack, which sets up the scratch pages for the
closed client. However, the scratch page backing store (dma_buffer) gets
freed on destruction of the temporary stack object, which leads to DMA faults
with visual noise on the screen. Instead, use the already in use ggtt object
and add the scratch pages explicitly.

Issue #5180
2024-04-19 08:54:21 +02:00
Alexander Boettcher
d52af2ac94 os: avoid state names in system ROM
for ahci/gpu/nvme. Instead conclude from empty and non empty system state
to resume or stop driver.

Issue #5180
2024-04-19 08:54:21 +02:00
Norman Feske
7c7c4e80e1 sculpt: attach nic and wifi to hardware node
This makes the grouping of these two drivers consistent with the
other drivers.

Issue #5174
2024-04-19 08:54:21 +02:00
Josef Söntgen
e1ebcd8019 record_play_mixer: report Play and Record sessions
The state-report now contains all active Play and Record sessions
and will get updated whenever a session is created or destroyed.

Issue #5174.
2024-04-19 08:54:21 +02:00
Josef Söntgen
e0f5a2ddc5 record_play_mixer: report set version in state
Give the version in the state-report only if it is set.

Issue #5174.
2024-04-19 08:54:21 +02:00
Josef Söntgen
c822dc0f18 sculpt: default rules in audio and mixer launchers
Issue #5174.
2024-04-19 08:54:21 +02:00
Christian Prochaska
08ecddf5ca libc: limit repeating 'fcntl' error messages
Issue #5174
2024-04-19 08:54:21 +02:00
Christian Helmuth
f86bba3059 ps2: probe for working i8042
If no working controller is detected the driver just enters sleep
forever.

Issue #5174
2024-04-19 08:54:21 +02:00
Josef Söntgen
2be57e4156 fetchurl: add 'verbose' config option
This commit introduces a config option to enable verbose operations.
This can be used to ease debugging.

Issue #5184.
2024-04-19 08:54:21 +02:00
Josef Söntgen
344831ec06 curl: update to version 8.7.1
This commits updates the contrib sources to version 8.7.1.

This version requires more random entropy as it queries OpenSSL
about the current random state and will bail if it is not sufficient.
Doubling the content of the '<inline>' VFS plugin as used in static
configurations seems satisfactory.

Furthermore DNS resolving needs a configured '<pipe>' plugin to work
properly.

Fixes #5184.
2024-04-19 08:54:21 +02:00
Stefan Kalkowski
1bdff41544 genode_c_api usb: always return valid capability
Instead of returning an invalid capability whenever an interface is
requested that does not exist, create a disconnected interface component.
It is also possible that a client requests an interface that got removed
at the same time. When an invalid capability gets returned, a client
can stumble about invoking it.
Moreover, this commit marks either invalid interface or device components
as disconnected objects to optimize their handling.

Ref genodelabs/genode#5021
2024-04-19 08:54:21 +02:00
Norman Feske
fe144a6c5f sculpt: increase text-edit quota
This is an intermediate solution for accommodating overly long
text lines that can appear in report/runtime/usb/devices in the
presence of long product strings.

Issue #5174
2024-04-19 08:54:21 +02:00
Stefan Kalkowski
aefbc47c56 hw: preserve slack time, favor activated jobs
In the scheduler's implementation preserve the consumed slack-time
over periods of activation/deactivation, but instead of appending
activated jobs to the end of the slack queue, insert it as new head.
Thereby, the extreme discrimination of threads with short execution
times and frequent blocking behaviour against long running computations
gets avoided.

Fix genodelabs/genode#4796
2024-04-19 08:54:21 +02:00
Norman Feske
4e78e91bc2 sculpt: sanitize keyboard-layout choice
The check handles the case when the user clicks right of the
radio-button text, yielding an invalid "matching" id. This should not
result in any action.

Issue #5174
2024-04-19 08:54:20 +02:00
Norman Feske
e1ab69491c sculpt: fix focus between inspect and file edit
Issue #5174
2024-04-19 08:54:20 +02:00
Norman Feske
8319f047d2 sculpt: launcher for recall_fs
Issue #5174
2024-04-19 08:54:20 +02:00
Norman Feske
49f3eca476 os: recipe and launcher for pkg/waveform_player 2024-04-19 08:54:20 +02:00
Alexander Boettcher
14b3a0c794 platform/pc: support poweroff
If the support for S5 is announced via the sleep_state report, the
pc_platform_drv now issues the S5 (poweroff) via Pd::system_control.

Issue #5180
2024-04-19 08:54:20 +02:00
Alexander Boettcher
4c79f948ab platform/pc: support to suspend via system_control
When the "system" ROM state turns to "suspend",
the S3 state information of the sleep_states ROM are determined and
are used to invoke the privileged Pd::system_control call.

Issue #5180
2024-04-19 08:54:20 +02:00
Alexander Boettcher
94b3e30f90 acpica: report last completed action
triggered by the "system" ROM change. With this information the consumers
of the sleep_states report can determine, when the operation is finished.

Issue #5180
2024-04-19 08:54:20 +02:00
Alexander Boettcher
3471fce672 sculpt: add acpi_support launcher
Issue #5180
2024-04-19 08:54:20 +02:00
Josef Söntgen
75e1f1797d sculpt_manager: raise runtime_view RAM quota
Issue #5174.
2024-04-19 08:54:20 +02:00
Josef Söntgen
d858a600f7 sculpt: raise max supported display resolution
This commit raise various quota to accommodate using a display
resolution of up to '3840x2160' in the static parts, e.g. the
leitzentrale, of Sculpt.

Issue #5174.
2024-04-19 08:54:20 +02:00
Josef Söntgen
5dce61563e pc_intel_fb: configure max framebuffer memory
This commit introduces the means to configure the framebuffer memory
used by the driver for sizing its buffers.

Originally the avail memory was derived from the avail ram in the PD
session, which roughly corresponds to configured RAM quota.
However, since it is only used in a virtual capacity, we can decouple
it from the actual memory and set to a value that accommodates larger
framebuffer resolutions like 3840x2160. If the configured RAM quota
is not enough to satisfy an allocation request the client will issue
a resource request.

Issue #5174.
2024-04-19 08:54:20 +02:00
Norman Feske
b086996438 sculpt: update falkon_web_browser pkg
Issue #5174
2024-04-19 08:54:20 +02:00
Norman Feske
694eb3f40d sculpt: launcher for system clock
Issue #5174
2024-04-19 08:52:41 +02:00
Norman Feske
4c4adec5ad sculpt: reset routing dialog after add-component
Issue #5174
2024-04-19 08:52:41 +02:00
Norman Feske
22f0ab926b sculpt: adjust leitzentrale priorities 2024-04-19 08:52:05 +02:00
Norman Feske
29960db32c sculpt: provide empty usb default policy
This avoids service-denied errors of USB clients like VBox at
integration time when client-specific policy exists yet.

Issue #5174
2024-04-15 16:39:16 +02:00
Norman Feske
22a731b671 sculpt: make popup dialog scrollable
This patch complements "sculpt: make component graph scrollable" with
the ability to scroll the popup dialog, which is sometimes needed in the
presence of many services as routing options.

Fixes #5183
2024-04-12 17:44:19 +02:00
Norman Feske
7df19173af sculpt: make component graph scrollable
This patch allows the user to vertically scroll the component graph
either via the scroll wheel or via the page up/down keys.

Issue #5183
2024-04-12 17:10:55 +02:00
Christian Helmuth
c4f75f49e5 depot_autopilot: skip test-read_only_rom on linux
Fixes #3414
2024-04-12 16:48:37 +02:00
Norman Feske
a5dcb8494e sculpt: include grub.cfg in system update
Issue #5182
2024-04-12 16:26:32 +02:00
Alexander Boettcher
3af3773c60 record_play_mixer: avoid warning on halted session
Issue #5175
2024-04-12 16:14:52 +02:00
Christian Prochaska
c551b4dfb3 qt5: build qmake projects with debug infos
Fixes #5181
2024-04-12 15:51:31 +02:00
Christian Prochaska
dcf5b5052a qt5: add '.qmake.conf' to example recipes
Fixes #5179
2024-04-12 15:51:30 +02:00
Josef Söntgen
0ad6faeeaa wifi: fix using out-dated scan timer
Commit 'wifi_drv: re-arm scan timer when enabled again' allowed for
re-arming the scan timer but still uses the old timer value the first
time around. If the timer was disabled, by setting the interval to 0,
it was not enabled again.

We now check if the interval has changed beforehand and potentially
arm the scan timer afterwards.

Fixes #5178.
2024-04-12 15:48:52 +02:00
Christian Helmuth
dc0e78cdf8 depot: update recipe hashes 2024-04-12 15:08:01 +02:00
Christian Prochaska
7fca026b48 sculpt_manager: check devices ROM before fb driver start
Issue #5174
2024-04-12 15:08:01 +02:00
Josef Söntgen
24d0c18193 libc: print unknown fcntl command in hex
This skimps the manual conversion step and eases diagnostic
operations.

Issue #5167.
2024-04-12 15:08:01 +02:00
Josef Söntgen
49548fea07 libc: allow sample rate change via SNDCTL
Allow the current VFS OSS plugin to requested different sample rates.

Issue #5167.
2024-04-12 15:08:01 +02:00
Josef Söntgen
d0aa8362db vfs/oss: support different sample rates
This commit introduces support for different samples rates. For now
the range is capped to 8kHz up to 48kHz.

Issue #5167.
2024-04-12 15:08:01 +02:00
Josef Söntgen
33735d0af8 Add plugin version to VFS OSS plugins
To differentiate between the legacy and the current VFS OSS plugin both
plugins will feature a 'plugin_version' field in its info file. This
is used for enabling features provide by the current version that are
not supported in the legacy one.

Issue #5167.
2024-04-12 15:08:01 +02:00
Josef Söntgen
4a9e6a001f sculpt: add audio and mixer launcher
The audio launcher configures the 'bsd_audio_drv' component for normal
use where the micrphone selection should work on most Thinkpads.

The mixer launcher configures the 'record_play_mixer' component for
use with the 'audio' launcher and provides also examplary rules for
vbox6 launchers.
2024-04-12 15:08:01 +02:00
Josef Söntgen
798087c5ad dde_bsd: use 'mic_' prefix for Play sessions
This commit prefixes the Play sessions of the audio driver so that
these can be matched differently in the 'record_play_mixer' config.

The same could be archived with re-labling but naming the sessions
differently at the source prevents accidental mis-configuration.

Issue #5167.
2024-04-12 15:08:01 +02:00
Josef Söntgen
e27fad7c9a sculpt_distribution: replace mixer pkg
The pkg is superseded by the 'record_play_mixer'.

Issue #5167.
2024-04-12 15:08:01 +02:00
Johannes Schlatow
76176a196d Enable Intel HD Graphics 500 (found in ZimaBlade)
The IHD500 is almost a gen9 (skylake) GPU with subtle differences. Linux
maintains a separate feature set `GEN9_LP_FEATURES` for this GPU.
However, foisting the GPU as skylake on the GPU drivers seems to work
quite fine.

genodelabs/genode#5177
2024-04-12 15:08:01 +02:00
Johannes Schlatow
8b43554a27 gpu/intel: do not clflush on MMIO but on ppgtt
Executing a clflush operation on MMIO memory freezes embedded
platforms such as the Celeron N3450 used on the ZimaBlade. Looking into
the current linux code confirms that clflush is only used for ppgtt
entries and not on MMIO memory.

Fixes #5176
2024-04-12 15:08:01 +02:00
Johannes Schlatow
7a042925fc platform: catch denied IO_MEM-session
In case core denies an IO_MEM session, the platform driver should
survive and hand out an invalid capability instead.

genodelabs/genode#5174
2024-04-12 15:08:01 +02:00
Norman Feske
edaff9fb96 sculpt: adjust leitzentrale priority
Since "sculpt: adjust nitpicker priority", the nitpicker GUI server no
longer runs at the highest priority, yet the runtime_view of the
leitzentrale UI continued to operate at the highest priority.
On slower machines, this results in a visible interference of the CPU-
heavy rendering of the runtime_view with the (now) lower-prioritized
nitpicker, in particular laggy pointer movements.

This commit subordinates the leitzentrale components below the priority
of nitpicker to prevent this interference.

It also simplifies the priority scheme at the static system init: The
timer has the highest priority whereas all other components use the
priority band -1.

Issue #5174
2024-04-12 15:08:01 +02:00
Norman Feske
a1e3f9a73e sculpt: allow RAM fs to grow up to 2 GiB
The hard resource limit introduced by "sculpt: upper limit for automatic
quota upgrading" is too conservative for typical use cases of the RAM
fs. This commit makes the limit adjustable per managed component and
relaxes the limit for the RAM fs and depot_rom from 256 MiB to 2 GiB.

Issue #5174
2024-04-12 15:08:01 +02:00
Sebastian Sumpf
5d56340568 vfs_lxip: return WRITE_ERR_WOULD_BLOCK on EAGAIN
Because all operations in lxip are non-blocking, return
WRITE_ERR_WOULD_BLOCK for data writes as done by read.

Note: This was not the case in the old plugin because 'write' was blocking
operation there.

issue #5165
2024-04-12 15:08:01 +02:00
Sebastian Sumpf
309a281b14 depot_autopilot.run: adjust TEST_MODULES to build_artifacts 2024-04-12 15:08:01 +02:00
Johannes Schlatow
536048592b hw: propagate write combining to page flags
Fixes #4799
2024-04-12 15:08:01 +02:00
Christian Prochaska
039a851003 gdb: prevent use of host libgmp in configure test
Fixes #5173
2024-04-12 15:08:01 +02:00
Josef Söntgen
fd60e5a8b2 pc_wifi: provide iwlwifi LED related dummies
These generated dummies slipped in when the commit
'pc_linux: enable gpio, audio' got merged and mainly concern old devices
from the 6xxx series.

The functions are normally guarded via 'CONFIG_IWLWIFI_LEDS' but due to
the olddefconfig step when generating our pc_linux config using
LX_DISABLE has no effect.

Issue #5066.
2024-04-12 15:08:01 +02:00
Alexander Boettcher
f59883427f sculpt_manager: provide platform_info for boot_fb
Issue #5174
2024-04-12 15:08:00 +02:00
Norman Feske
8875e3b879 dialog: allow out-of-view cursor when scrolling
This patch relaxes the counter-intuitive enforcement of keeping the
text cursor always in view when using the scroll wheel.

Issue #5174
2024-04-12 15:08:00 +02:00
Norman Feske
e04336d087 sculpt: driver-policy tweaks
Allow tweaking the driver selection using the manager config:

- The new attribute 'ps2="no"' suppresses the selection of the PS/2 driver.
- The new attribute 'intel_gpu="no"'suppresses the selection of the
  Intel GPU and fb drivers, letting Sculpt fall back to VESA or boot-fb.

Note that the dynamic change of those attributes is handled in principle
but not advisable. E.g., disabling the intel driver after startup leaves
the hardware in a state that the VESA driver cannot cope with. However,
when statically defining the attributes in sculpt/manager/default, it is
now possible to build an image that uses VESA on an intel machine.

Issue #5174
2024-04-12 15:08:00 +02:00
Christian Helmuth
fd5f8c0ee1 fb_sdl: filter key-repeat events (fixes #5172) 2024-04-12 15:08:00 +02:00
Norman Feske
3f66bf25aa sculpt: restore wifi and nic restart option
Issue #5174
2024-04-12 15:08:00 +02:00
Norman Feske
594da536c7 sculpt/default-pc: add trace_logger launcher
Issue #5174
2024-04-12 15:08:00 +02:00
Martin Stein
e5fce868fb file_vault_client.run: raise lock timeout and caps
The nightly Qemu tests that don't use KVM require more time for completing the
unlock-and-access phase of the test. If the lock phase starts to early, the
file access is interrupted and the output isn't as expected.

Furthermore, on FOC, the cap quota was insufficient.

Ref #5148
2024-04-12 15:08:00 +02:00
Norman Feske
cc41a06c89 sculpt: version 24.04
Issue #5174
2024-04-12 15:08:00 +02:00
Norman Feske
1f24eb2401 wm: avoid eager reuse of window IDs
The existing allocation scheme of window IDs has the unwelcome effect
that a re-appearing window would not always result in a visible change
of the window list. In such cases, the layouter and decorator would not
be prompted to do their job. This effect could be observered with the
multi-dialog version of menu view in Sculpt OS when manually enforcing
the restart of the runtime_view. Sometimes the panel would not re-appear
after the restart.

This patch changes the allocation of window ID such that new windows get
fresh IDs instead of reusing an ID of a recently disappeared window.

Issue #5170
2024-04-12 15:08:00 +02:00
Stefan Kalkowski
4775dad26c usb_hid_raw.run: eliminate race in test metric
Rarely. it might happen that events got received shortly before the complete
set of relevant USB devices got recognized. Filter more output in test metric
to stay robust.
2024-04-12 15:08:00 +02:00
Martin Stein
047f130005 tresor_tester.run: clean up
Ref #5148
2024-04-12 15:08:00 +02:00
Martin Stein
b7049b5321 tresor_tester.run: slim down tests
This substantially slims down the test in order to reduce the number nightly
tests that fail due to timeouts. Now, the extended test steps (maximum trees
and benchmarks) are only run on Linux. The synchronous access, snapshot
management, rekeying, and resizing tests were removed.

Ref #5148
2024-04-12 15:08:00 +02:00
Martin Stein
0404cc6907 file_vault/file_vault_client: recalibrate quota
Recalibrates RAM and CAP quota in app and test in order for the
file_vault_client test to succeed on qemu/x86_64/sel4 and qemu/pbxa9/foc.

Ref #5148
2024-04-12 15:08:00 +02:00
Norman Feske
ac2d708205 sculpt: use one menu_view for all dialogs
This patch replaces the former use of one menu-view component per dialog
by a single menu view presenting all dialogs. This change reduces the
runtime config by about 20%, improves the boot time, and lowers RAM and
CPU usage at runtime.

Issue #5170
2024-04-12 15:08:00 +02:00
Norman Feske
9ce7c72c7c dialog: use one menu_view for multiple dialogs
Issue #5170
2024-04-12 15:08:00 +02:00
Norman Feske
d6cb9cf854 menu_view: make font-style updates more robust
The font pointers cached in labels can become dangling when the style
database is updated, as happens when changing the font size dynamically.
This patch orderly updates the cached pointers before removing
out-of-date font entries from the style database.

Related to issue #5170
2024-04-12 15:08:00 +02:00
Norman Feske
550dea7279 menu_view: support multiple dialogs
This patch equips the menu-view component with the ability to present
more than one dialog at a time. The dialogs must be declared in the
<config> node as follows.

  <config>
    ...
    <dialog name="settings"/>
  </config

For each dialog, menu view requests a dedicated ROM session labeled after
the dialog name. The corresponding GUI session is also labeled as such.
Note that only one hover report is generated responding to all dialogs.
The hover report can be correlated with the hovered dialog by inspecting
the the 'name' attribute of the hover report's <dialog> sub node.

The former global config attributes 'xpos', 'ypos', 'width', 'height',
'opaque', and 'background' have become attributes of the <dialog> node.

Fixes #5170
2024-04-12 15:08:00 +02:00
Johannes Schlatow
881f443bbe sculpt: only add log_kernel if used with nova
Fixes genodelabs/genode#5171
2024-04-12 15:08:00 +02:00
Norman Feske
96acb3412f gems: add missing import to dialog.run 2024-04-12 15:08:00 +02:00
Norman Feske
a3f04d2b4d sculpt: remove GPU routes to outside the runtime
GPU drivers always reside in the runtime subsystem now.
This patch eliminates the risk of requesting a GPU session at the
drivers subsystem, which never gets established.

Issue #5150
2024-04-12 15:08:00 +02:00
Josef Söntgen
b2a68211a4 black_hole: add Play and Record session
This commit introduces support for the Play and Record session to
the black hole component in the most minimal way possible.

Fixes #5157.
2024-04-12 15:08:00 +02:00
Josef Söntgen
bda86b8f15 vbox6: switch pkgs to new VFS OSS plugin
Issue genodelabs/genode#5167.
2024-04-12 15:08:00 +02:00
Josef Söntgen
5f88562263 gems: VFS OSS plugin for Record/Play session
The new VFS OSS plugin utilizes the Record and Play session. For the
time being it is a drop-in replacement for the old plugin and shares
its limitations.

In contrast to the old plugin it is possible to force a client to
use a configured fragment size. Some clients work best with larger
fragments, e.g. VBox, where raising the minimal fragment size is
beneficial.

Please look at the README file for more information.

Issue genodelabs/genode#5167.
2024-04-12 15:08:00 +02:00
Josef Söntgen
e61b804252 libports: add test/oss recipes
Add recipes that allow for using the OSS-based test component
on Sculpt.

Issue genodelabs/genode#5167.
2024-04-12 15:07:19 +02:00
Josef Söntgen
c9d70552a4 Rename vfs_oss to vfs_legacy_oss
Rename the old VFS OSS plugin using Audio_out and Audio_in sessions
and adapt users accordingly.

Issue genodelabs/genode#5167.
2024-04-12 15:05:47 +02:00
Josef Söntgen
600e5424a5 os: add pkg for record_player_mixer
Issue genodelabs/genode#5167.
2024-04-12 15:05:47 +02:00
Josef Söntgen
489d87c4b0 sculpt: add Play and Record session
Issue genodelabs/genode#5167.
2024-04-12 15:05:46 +02:00
Josef Söntgen
b9c8c8c2a5 sculpt: adjust nitpicker priority
Move nitpicker to the driver priority in the runtime to lessen
interference with high-priority runtime components.

Issue genodelabs/genode#5167.
2024-04-12 15:05:46 +02:00
Josef Söntgen
a6b8d382a9 dde_bsd: remove diagnostic depletion message
Issue genodelabs/genode#5167.
2024-04-12 15:05:46 +02:00
Josef Söntgen
22281c18ec gems: add rom_osci pkg recipe
Issue genodelabs/genode#5167.
2024-04-12 15:05:46 +02:00
Josef Söntgen
2da94bb702 os: add record_rom pkg recipe
Issue genodelabs/genode#5167.
2024-04-12 15:05:46 +02:00
Norman Feske
268a77add1 sculpt: redesigned popup dialog
The new popup dialog mirrors the concept of the software add and option
dialogs of the phone version.

Fixes #5168
2024-04-12 15:05:46 +02:00
Norman Feske
9ea99a896a sculpt: add launcher/black_hole 2024-04-12 15:05:46 +02:00
Martin Stein
fbec6ae030 file_vault_client.run: raise access timeout
On some platforms like qemu/x86_64/sel4, accessing the file system is so
slow that it used to hit the timeout of this phase in the run script.

Ref #5148
2024-04-12 15:05:46 +02:00
Martin Stein
a7ff30d5a4 file_vault_client.run: disable for riscv
Ref #5148
2024-04-12 15:05:46 +02:00
Martin Stein
0ef92baf9d tresor_tester.run: raise block_io_fs caps
On platform imx6q_sabrelite/arm_v7a/imx6q_sabrelite/sel4, the test used to
fail because of a resource request.

Ref #5148
2024-04-12 15:05:46 +02:00
Martin Stein
5cb5610906 tresor_tester.run: raise test timeout
Some platforms (especially the qemu-based ones) used to time out on
nightly tests although they would have succeeded with more time.

Ref #5148
2024-04-12 15:05:46 +02:00
Norman Feske
4a1a29b3d0 sculpt: make storage target configurable
This patch lays the selection of the used storage target into the hands
of the config/manager file. By default, Sculpt selects the target by its
built-in heuristics, probing for a Sculpt partition. However, by
specifying a <target> node, one can explicitly select a storage target.

E.g., for using the 2nd partition of the SATA disk connected to port 1
of the AHCI controller, one can now specify:

  <target driver="ahci" port="1" partition="2"/>

For selecting the ram_fs as target:

  <target driver="ram_fs"/>

The latter case is particularly useful for custom Sculpt scenarios
deployed entirely from RAM. For such scenarios, add two lines to
your .sculpt file:

  ram_fs:  depot
  manager: use_ram_fs

The first line configures the ram_fs such that the depot is mounted
as a tar archive. The second line configures the sculpt manager to
select the ram_fs as storage target. You can find this feature
exemplified in default-linux.sculpt scenario.

  build/x86_64$ make run/sculpt_test KERNEL=linux BOARD=linux

It is worth noting that the configuration can be changed at runtime.
This allows for switching between different storage targets on the fly.

Issue #5166
2024-04-12 15:05:46 +02:00
Norman Feske
508e0bdfbf sculpt: introduce config/manager
The new 'manager' config allows for the passing of configuration data the
sculpt manager without the need to modify the config/leitzentrale subsystem.

Issue #5166
2024-04-12 15:05:14 +02:00
Stefan Kalkowski
2f0fe562ec os: packet_allocator needs size for free
Unlike the previous return value of
`Genode::Packet_allocator::need_size_for_free()` indicated, it does need
the size of the object it has to free to work properly.
2024-04-12 15:05:14 +02:00
Martin Stein
84285881f3 vfs_rump: fix missing create arg in open
The plugin used to call open with the create flag set at rump without file
permissions for create leading to undefined behavior regarding the file
permissions.

Ref #5148
2024-04-12 15:05:14 +02:00
Sebastian Sumpf
65dfd2f9a8 lxip: add ECONNRESET errno
The ECONNRESET/GENODE_ECONNRESET errno was not handled in lxip.

issue #5165
related #5161
2024-04-12 15:02:45 +02:00
Sebastian Sumpf
1056c759fd vfs_lxip: propagate data file write error
All errors (as in the legacy version) are now propagated as WRITE_ERR_IO
(see Lxip_vfs_file_handle::write), which ultimately will lead to EPIPE
in libc's socket_fs. This also counts for EAGAIN leading to the fact
that partial writes are not supported for blocking sockets in libc, also
libc will not try a second time in case not all data has been written.

issue #5165
2024-04-12 15:02:45 +02:00
Sebastian Sumpf
b30bacf86e lxip: shadow asm-generic/access_ok.h
The IP stack checks "user" pointer access, for example, for iov's using
'access_ok' which in turn calls '__access_ok'. The function checks if the
pointer is below TASK_SIZE_MAX, which is usually a big value on 64 bit
systems, but 3GB on 32 bit systems. Because the IP stack is mostly used with
Genode's libc, where pointers on some kernels (base-linux) can be >3GB and we
don't want to make an additional copy of each buffer/iov interacting with the
IP stack, we short circuit the function

issue #5165
2024-04-12 15:02:45 +02:00
Norman Feske
b78b2c7ac9 sculpt_manager: use Rom_handler
This patch replaces the dynamic use of Attached_rom_dataspace by a
new Rom_handler utility, which implicitly covers the initial import of
content (safely using 'local_submit'), the registration of the signal
handler, passes the Xml_node to the handler function (no need to
manually call 'update'), and provides scoped access to the content via a
'with_xml' method. The latter reinforces a programming style that does
not need to copy Xml_node objects.

Issue #5150
2024-04-12 15:02:45 +02:00
Norman Feske
f96cea8151 sculpt: remove notion of system 'block_devices'
This patch removes the remains of the original block-device discovery as
done by the former driver manager. Block sessions are now always
provided by components hosted in the runtime subsytem. The storage node
of the graph is no more.

Issue #5150
2024-04-12 15:02:45 +02:00
Norman Feske
0cf12c6778 gems: use C++20 function template syntax 2024-04-12 15:02:45 +02:00
Norman Feske
4dc1014bfb gems: coding style (avoid superfluous '()' pairs) 2024-04-12 15:02:45 +02:00
Norman Feske
6cabc85ac8 sculpt: group driver management in 'Drivers' class
This patch harmonizes the driver management between the sculpt manager
and the phone manager by hosting the individual drivers in a new
'Drivers' class with a narrow interface towards 'Sculpt::Main'. The
patch also introduces a clean separation of the 'Board_info' between
features detected at runtime (on PC hardware), statically
known/managed features (phone hardware), and options that can be
toggled at runtime.

With common patterns for managing drivers in place now, this commit
also moves the former runtime/wifi_drv.cc and runtime/nic_drv.cc
code to driver/wifi.h and driver/nic.h. The _drv suffix of the wifi
and nic driver components have been dropped.

Issue #5150
2024-04-12 15:02:45 +02:00
Norman Feske
b7bbf8f7e4 sculpt.run: remove outdated session routes
The move of block, USB, and input drivers from the drivers subsystem to
the runtime alleviates the need for routing those sessions between the
subsystems.

Issue #5150
2024-04-12 15:02:45 +02:00
Norman Feske
d8acc3a9f4 sculpt: host MMC driver in runtime
Issue #5150
2024-04-12 15:02:45 +02:00
Norman Feske
d13b8e1937 sculpt: host soc touch and fb drivers in runtime
This patch moves SoC-specific framebuffer and touchscreen drivers
(PinePhone) to the runtime subsystem. They are enabled for the
phone_manager.

Issue #5150
2024-04-12 15:02:45 +02:00
Norman Feske
85e020b8e1 gems: remove driver_manager
The former pkg/drivers_managed-pc has been replaced by the
pkg/sculpt_drivers-pc, which is merely a collection of archives.

Issue #5150
2024-04-12 15:02:45 +02:00
Norman Feske
99da68183f sculpt: abbreviate .part_block suffix to .part
This slightly reduces the horizontal space of the component graph.
2024-04-12 15:02:45 +02:00
Norman Feske
fe596f2219 sculpt: host NVMe driver in runtime
As the NVMe driver was the last remaining driver controlled by the
driver manager, this patch removes the 'drivers -> dynamic' subsystem
along with the driver manager from sculpt/drivers/pc.

Issue #5150
2024-04-12 15:02:45 +02:00
Norman Feske
206bf856bb sculpt: host AHCI driver in runtime
This patch moves the AHCI driver from the 'drivers -> dynamic'
subsystem to the runtime, managed by the sculpt_manager. One
implication of this change is the new need to supplement a device
port number to the 'Storage_target', in addition to the existing
label and partition. Previously, each block device was addressed by
merely a label specified for a parent session. The meanings of the
'Storage_target' elements are now as follows.

- The label corresponds to the driver component providing the storage.
- The port is used as block-session label when opening the session
  at the driver.
- The partition(s) denote the partition information contained in
  the block session.

Components operating as clients of the AHCI driver (e.g., a file system)
refer to their storage target as <label>-<port>.<partition> when a port
is defined (for AHCI). For drivers w/o ports, like USB storage where
each USB-block driver correponds to only one device, the storage target
is denoted as <label>.<partition>. When no partition table is present,
the '.<partition>' part is omitted.

Issue #5150
2024-04-12 15:02:45 +02:00
Norman Feske
e3803fb861 sculpt: host PS/2 driver in runtime
Issue #5150
2024-04-12 15:02:44 +02:00
Norman Feske
556a7b8b17 sculpt: host PC USB driver in runtime
This commit moves the USB and USB HID driver from the drivers subsystem
into the runtime. The former special USB node of the graph corresponds
now to the USB host-controller driver (named "usb"). The management
options for USB storage devices are available inside this component
node now.

Issue #5150
2024-04-12 15:02:44 +02:00
Norman Feske
3580bb6e17 sculpt: move event_filter to static system
By moving the event_filter and the numlock_remap_rom from the drivers
subsystem to the static system, the filtering can be applied to drivers
hosted in the runtime and drivers hosted in the drivers subsystem.

This is a preparatory step for moving the USB host and HID drivers to
the runtime.

Issue #5150
2024-04-12 15:02:44 +02:00
Norman Feske
06c4b0248b sculpt: upper limit for automatic quota upgrading 2024-04-12 15:02:44 +02:00
Martin Stein
e53b00aafb run/file_vault_client: remove troublesome § char
Ref #5148
2024-04-12 15:02:44 +02:00
Martin Stein
5907307af6 file_vault: re-enable support for 32-bit platforms
Ref #5148
2024-04-12 15:00:46 +02:00
Christian Helmuth
f3610dc3a8 sel4: prevent stdout/stderr truncation in cmake
Remove the "excellent" idea to re-open /dev/stdout etc. for redirection as
cmake uses open(O_TRUNC) and, thus, truncates log output of outer
redirections.
2024-04-12 15:00:46 +02:00
Johannes Schlatow
9971f41f8c platform/pc: fix IOMMU fault reporting
When the kernel does interrupt remapping, we cannot get a non-remapped MSI
for fault event interrupts. We therefore let the kernel do the fault
reporting in this case.

genodelabs/genode#5066
2024-04-12 15:00:46 +02:00
Christian Helmuth
c54e8ec3e2 lx_emul: init pci_dev::error_state
pci_channel_offline() checks if this member is set to
pci_channel_io_normal (which is 1). The former value of 0 is invalid.

This change fixes pc_nic_drv link down-up in cases that require an e1000
reset.
2024-04-12 15:00:46 +02:00
Christian Helmuth
e691af4e97 pc_nic_drv: basic rtnetlink for lock/unlock and netdev_run_todo() 2024-04-12 15:00:46 +02:00
Christian Helmuth
38d2b8d46a lx_emul: function to generate trace messages
lx_emul_trace_msg() uses Genode::trace() as message function for
lightweight trace points, but also supports Linux format-string
attributes by using vsnprintf().
2024-04-12 15:00:46 +02:00
Christian Helmuth
66286d6f17 dde_linux: remove custom *printf implementation
The DDE uses Linux-internal formatted printk for a while now, thus
remove the unused code.
2024-04-12 15:00:46 +02:00
Christian Helmuth
5ff1ef82d1 lx_kit: preserve priority order in scheduler 2024-04-12 15:00:46 +02:00
Christian Helmuth
68925a6d33 pc/lx_emul: enable HIGH_RES_TIMERS
Only with high-resolution timers enabled timouts can fire between two
jiffies. The option is enabled on all relevant platforms but
unfortunately disabled by tinyconfig.

This option also permits the use of CONFIG_SND_HRTIMER.
2024-04-12 15:00:46 +02:00
Martin Stein
b903ddeea7 tresor: fix and test handling of minimal trees
* add testing of trees with minimal and maximal dimensions to tresor_tester.run
* replace tresor_init-local configuration type with simpler and more conformant
  configuration type in tresor/types.h that does also XML-parsing and
  XML-generation of configurations
* raise min degree to 2 because a degree of 1 is not practical und would
  require additional logic
* fix overflow with num_blocks=0 in Superblock_control::Read|Write_vbas
* fix off-by-one bug regarding the number of levels in Vbd_initializer
* improve sanity checks in Tree_configuration constructors
* document level indices in tresor_init/README
* fix size of some arrays in order to be able to handle the maximum number of
  tree levels

Ref #5077
2024-04-12 15:00:46 +02:00
Martin Stein
067a8a35cd tresor: fix faults on failed free-tree requests
* fixes two places, where the free tree module used to continue to process a
  request after actually having determined that the request fails
* moves the functionality of checking the hash of a read block and decoding it
  to a dedicated method in order to improve readability

Ref #5077
2024-04-12 15:00:46 +02:00
Martin Stein
81b17ba1e4 tresor_tester: check uninitialized vba data
Adds a new command attribute "uninitialized_data" to the Tresor Tester
configuration. If a <request op="read"> command has this attribute set to "yes"
it assumes the read blocks to be uninitialized and therefore contain only 0's.
Note, that a command that has "uninitialized_data" set to "yes" cannot have the
attribute "salt".

Ref #5077
2024-04-12 15:00:46 +02:00
Martin Stein
4a68f6bf75 tresor: discard snapshots only when writing the sb
Snapshots must only be removed when securing the superblock. Otherwise, the
last secured superblock might get corrupted. The Free Tree allocation algorithm
would not consider the deleted snapshots anymore although they are still active
in the secured superblock and re-use their blocks. This would render the tresor
container unusable if the superblock with the deleted snapshots is not secured
in the end (driver crash, power down, ...).

Ref #5077
2024-04-12 15:00:46 +02:00
Martin Stein
518c32e1af tresor: don't decode superblock before hash check
Superblock_control::Initialize used to decode a read superblock before checking
its hash. This is not necessary but may cause the operation to end up in a
decoding error on a superblock that is not the desired one anyway.

Ref #5077
2024-04-12 15:00:45 +02:00
Martin Stein
016a769605 tresor: check only the last secured superblock
Instead of iterating over all superblocks and checking each valid one,
check only the one whose hash matches the hash stored in the trust anchor.
I.e., the last one that was secured to the trust anchor. We must assume that
the other superblocks were corrupted in the meantime by operating the Tresor
container and, anyway, these Superblocks are not used anymore.

Ref #5077
2024-04-12 15:00:45 +02:00
Martin Stein
d2af024349 tresor: don't halt on extension beyond limits
The request of extending a tree used to halt when it found that
it could not add more levels to the tree because the maximum level index was
reached. Now, the library simply marks the request as failed, leaving it to
the user to handle the error condition.

Ref #5077
2024-04-12 15:00:45 +02:00
Martin Stein
b4c4681733 tresor: streamline design further
* differentiates request types that where merged formerly per module;
  e.g. instead of type Superblock_control::Request, there are now types
  * Superblock_control::Read_vbas
  * Superblock_control::Write_vbas
  * Superblock_control::Rekey
  * Superblock_control::Initialize
  * ...
  each holding only the state and functionality that is required for exactly
  that request

* removes all classes of the Tresor module framework and adapts all
  Tresor- and File-Vault- related libs, apps, and tests accordingly
  * the former "channel" state is merged into the new request types, meaning, a
    request manages no longer only the "call" to a functionality but
    also the execution of that functionality; every request has a lifetime
    equal to the "call" and an execute method to be driven forward
  * state that is used by a request but has a longer lifetime (e.g. VFS file
    handles in Tresor::Crypto) is managed by the top level
    of the user and handed over via the execute arguments; however, the
    synchronization of multiple requests on this state is done by the module
    (e.g. Tresor::Crypto)
  * requests are now driven explicitly as first argument of the (overloaded)
    execute method of their module; the module can, however, stall a request
    by returning false without doing anything (used for synchronization on
    resources)

* introduces Request_helper, Generated_request and Generatable_request in the
  Tresor namespace in order to avoid the redundancy of sub-request generation
  and execution

* moves access to Client-Data pointers up to Tresor::Virtual_block_device in
  order to simplify Tresor::Block_io and Tresor::Crypto

* removes Tresor::Client_data and introduces pure interface
  Client_data_interface in order to remove  Tresor::Client_data and
  move management of Client Data to the top level of a Tresor user

* introduces pure interface Crypto_files_interface in order to move management
  of Crypto files to the top level of a Tresor user

* moves management of Block-IO and Trust-Anchor files to the top level of a
  Tresor user

* adapts all execute methods, so, that they return the progress state
  instead of modifying a reference argument

* removes Tresor::Request_and Tresor:Request and instead implements
  scheduling at the top level of the Tresor user
  * the Tresor Tester uses a list as schedule that holds Command objects; this
    list ensures, that commands are started in the order of configuration
    the Command type is a merge of the state of all possible commands that can
    be configured at the Tresor Tester; the actual Tresor requests (if any) are
    then allocated on-demand only
  * the Tresor VFS plugin does not use a dynamic data structure for scheduling;
    the plugin has 5 members that each reflect a distinct type of operation:
    * initialize operation
    * deinitialize operation
    * data operation
    * extend operation
    * rekey operation
    consequently, of each type, there can be only one operation in-flight at a
    time; at the user front-end each operation (except "initialize") can be
    controlled through a dedicated VFS file; for each of these files, the VFS
    expects only one handle to be open at a time and only one file operation
    (read, write, sync) active at a time; once an operation gets started it is
    finished without preemtion (except of the interleaving at rekey and
    extend); when multiple operations are waiting to be started the plugin
    follows a static priority scheme:

      init op > deinit op > data op > extend op > rekey op

    there are some operation-specific details
    * the initialize operation is started only by the plugin itself on startup
      and will be driven as side effect by subsequent user calls to file
      operations
    * the data file is the only contiguous file in the front end and the file
      operations work as on usual data files
    * the other 3 files are transactional files and the user is expected to
      follow this scheme when operating on them
      1) stat (to determine file size)
      2) seek to offset 0
      3) read entire file once (this will be queued until there is no operation
         of this type pending anymore and return the last result:
         "none" | "failed" | "succeeded"; used primarily for synchronization)
      4) write operation parameters (this returns immediately and marks the
         operation as "requested")
      5) read entire file once (the same as above but this time in order to
         determine the operation result)
    * the rekey op and deinitialize op are requested by writing "true"
    * the extend op is requested by writing "tree=[TREE], blocks=[BLOCKS]"
      where TREE is either "vbd" or "ft" and BLOCKS is the number of physical
      4K blocks by which the physical range of the tresor container expands
      (the physical range always starts at block address 0 and is always
      expanded upwards)

* replaces the former <trust-anchor op="initialize"> command at the Tresor
  Tester with <initialize-trust-achor> as there are no other trust anchor
  operations that can be requested through the Tester config anyway

* removes the "sync" attribute from all commands at the Tresor Tester except
  from <request op="rekey">, <request "extend_ft">, <request op="extend_vbd">;
  as the Tester controls scheduling now, requests are generally synchronous;
  at the rekeying and extension commands, the "sync" attribute determines
  wether subsequent commands are interleaved with the execution of these
  commands (if possible)

* removes "debug" config attribute from Tresor VFS plugin and reworks "verbose"
  attribute to generate more sensible output

* removes NONCOPYABLE macro and instead uses Genode::Noncopyable and in-place
  Constructors deletion

* introduces types Attr and Execute_attr where a constructor or execute method
  have many arguments in order to raise readability

* renames the "hashsum" file that is provided by the Tresor Trust-Anchor VFS
  plugin to "hash" in order to become conformant with the wording in the Tresor
  lib

* makes the VFS Tresor test an automated test by merging in the functionality
  of vfs_tresor_init.run and removing the interactive front end; removes
  vfs_tresor_init.run as it is not needed anymore; adds consideration for
  autopilot file structure in the Test and adds it to autopilot.list

* removes all snapshot controls and the progress files for rekeying and
  extending from the Tresor VFS plugin; both functionalities were tested
  only rudimentary by the VFS Tresor test and are not supported with the only
  real user, the File Vault

* use /* .. */ instead of // ..
* use (..) instead of { .. } in init lists

Ref #5148
2024-04-12 15:00:45 +02:00
Martin Stein
14f4aa6e05 tresor_utils.run: use [build_artifacts]
Ref #5148
2024-04-12 15:00:45 +02:00
Martin Stein
ef0c3f9d2c tresor_tester.run: fix asynchronous rekeying test
The virtual block device module used to hand over the wrong VBA as
parameter "rekeying VBA" to the Free Tree when allocating PBAs for data
access during rekeying. In certain constellations, this caused the Free
Tree to alloc PBAs that were still in use. The Free Tree PBA selection
algorithm, however, is just fine. When fixing the call parameter, it works
as desired. This re-enables the async rekeying test.

Ref #5075
2024-04-12 15:00:45 +02:00
Martin Stein
02ef158748 gems: add autopilot test 'file_vault_client'
The script tests the use of an encrypted file system that is created and
provided via the File Vault.

Furthermore the script can be used for test-driving existing File-Vault
containers (created with potentially older File-Vault versions) under the
current File-Vault version. This is done via the "LX_FS_DIR_TEMPLATE"
env variable.

Ref #5062
2024-04-12 15:00:45 +02:00
Martin Stein
fb2d153c92 tresor: check hash of all read vba data
During one of the many re-factorization steps that were applied to the Tresor
library and its predecessor, the CBE library, one of the main features of the
project, the integrity check, accidentally received a grave regression. The
most recent version of the Tresor still used to check all hashes of meta-data
blocks but ignored the hashes of the actual data blocks.

With this commit, the hashes of all but yet uninitialized data blocks get
checked. The reason for ignoring uninitialized blocks is that they are not
actually read from disc but simply generated as an all-zeros block in the
driver in order to prevent having to initialize them all to zero in
Tresor-Init. That said, the integrity of these blocks cannot be compomised.
The according hashes in the meta data remain unset until the data block gets
written for the first time.

Ref #5062
2024-04-12 15:00:45 +02:00