- use Job API as block connection back end
- use Request_stream API as front end
- use Mmio framework for gpt and mbr parsing
- implement sync correctly
fixes#3652
When specifying "/" or "" as rel_path to the 'Directory' constructor,
the constructed directory should refer to the same directory. The
implementation of the join utility did not consider this corner case. It
occurred during the attempt to use fs_query with "/" given as path.
This patch also adds a Directory::Entry::dir accessor that returns true
if the entry is a directory.
Fixes#3630
- Remove dated 'Block::Driver' front end and implement
'Block::Request_stream' front end
- Remove all dynamic memory allocations but DMA memory allocations
- Remove 'Platform_hba' and implement platform specific functions in
'spec/<platform>/*'
- Ata and Atapi don't inherit from 'Port' any more, but are a member of
'Port' as a protocol implementation
- Use platform driver for MMIO mappings (x86)
- Exchange stateful initialization of Ata/Atapi with a sequential
initialization using 'wait_for_any' and 'retry' patterns
- Fix Atapi initialization by setting the byte count limit
- Set FIS receive base only when Cmd::FRE is disabled and Cmd::FR is 0
- Put everything in namespaces ('Ahci', 'Ata', or 'Atapi')
- Ata decides during read/write operations to use native-command queuing
or normal DMA requests
- Remove port claiming logic (is now done via 'Constructibles')
fixes#3636
The ARP destination MAC was set to the Ethernet source MAC which is not
necessarily the MAC of the other ARP peer. Instead use the ARP source MAC of
the ARP request.
Especially the initial reset ended up with an unusable keyboard in rare
cases before. This commit disables keyboard and mouse handling of i8042
during command sequences according to a note from
https://www.win.tue.nl/~aeb/linux/kbd/scancodes-12.html
An invalid ROM dataspace can occur, for example, when requesting a ROM
from the report_rom service before the first report was posted. Such a
<rom> node can still be useful if it's dynamic. E.g., it can be watched.
Hence, the corner case of an invalid ROM dataspace should be gracefully
handled instead of causing an abort.
Issue #3606
This patch adds a special variant of a 'Content_producer' called
'Xml_producer', which allows the direct use of an 'Xml_generator'
for generating the ROM-module content.
This patch extracts the child-management functionality from the init
component into a new library called "sandbox". The library API is
located at 'os/include/os/sandbox.h'.
The sandbox API allows for the interaction of the component with the
sandboxed children by providing locally implemented services. This
mechanism is illustrated by the new test at os/src/test/sandbox.
Issue #3601
This patch extends the 'Buffered_xml' utility with a new constructor
that fills the buffer with the output of an 'Xml_generator'. It thereby
presents an easy way to generate XML to be consumed locally.
The patch also add a deprecation mark to the original 'xml' accessor
because copying 'Xml_node' objects (here as return value) is dangerous.
The new 'with_xml_node' method should instead be used to access the XML
content stored in the buffer.
Fixes#3602
`volatile` effectively prevents instruction reordering by the compiler
and fixes an issue with -O3 compiled components.
Note, this commit does not address further arguments regarding memory
barriers and volatile voiced in issue #693.
Issue #693
This patch addresses a corner case where the nitpicker focus is not
solely defined by mouse clicks or (exclusively) by a window manager, but
by a policy component that takes mouse clicks and other policy (e.g.,
a lock screen) into account. It ensures that each click that follows a
focus change (however initiated) results in a new "clicked" report even
when the report looks the same. To allow the policy component to
uniquely distiguish subsequent reports, the report features a new
'version' attribute.
Fixes#3493
This is a follow-up patch for issue #1784 that solves two
inconsistencies.
- The Vfs::Timestamp::INVALID matches File_system::Timestamp::INVALID
- The Noux libc plugin tests for Timestamp::INVALID instead of a
positive value.
The patch fixes the mtime info as shown in directory listings in
Sculpt's inspect window.
This patch let the VFS server reflect the session policy via the
writeable bit in directory entries instead of merely forwarding the bit
from the respective VFS plugin. This way, all files originating from a
read-only file-system session automatically appear in directory listings
as read-only files.
Related to issue #3507
This patch prevents the driver from translating Insufficient_ram_quota
and Insufficient_cap_quota exceptions to Service_denied exceptions at
session-creation time. This enables the client to respond to such a
condition by retrying the session creation with increased session quota.
Add a new plugin for creating pipes between pairs of VFS handles. It is
intended to replace the libc_pipe plugin, one of the last remaining libc
plugins.
In contrast to the libc_pipe plugin, this plugin defers cross-handle
notification until I/O signal handling rather than block and unblock
readers using a semaphore. This is a performance regression in the case
of multiple threads blocking on a pipe, but shall be an intermediate
mechanism pending renovations within the libc VFS and threading layers.
As a side effect, threads blocked on a pipe might not be resumed until
the main thread suspends and dispatches I/O signals.
The "test-libc_pipe" test has been adjusted to use the VFS pipe plugin
and tests both local pipes and pipes hosted remotely in the VFS server.
Merge adaptations (such as EOF handling, adjustment to VFS/libc
interface changes) by Norman Feske.
Fix#2303
This patch reworks the VFS server to become easier to understand.
- The packet-stream handling is hidden from the node types.
- Introduced the notion of a "job" as an abstraction from the raw packet
stream.
- The processing of requests is split into three phases:
(1) accepting new jobs,
(2) the execution of jobs, and
(3) the delivery of acknowledgements.
- There is no longer a global fifo of pending nodes. Instead, each
session has a fifo of "active" nodes, which are nodes that wait
for the completion of jobs.
- The Io_node type no longer uses virtual functions as hooks for
the derrived classes. Instead, it provides a number of utility
functions.
- The control flow of the 'Io_progress_handler' is now the same as
for the session-local packet-stream handler.
- Removed dependency from 'file_system/node.h', which is a relic
from the ram_fs.
While reworking the code, the following semantic changes were made
additionally.
- The handling of SEEK_TAIL no longer overwrites the file content at the
end of the file.
- Removed diagnostic message at session-creation time.
- Write loop for continuous files
Issue #3547
Issue #2303
This change allows for the conversion of directory entries in place
(i.e., in the VFS server) and anticipates the potential future merge of
both types into one.
Issue #3547
This patch equips the VFS terminal file system with the ability to
detect user interrupts in the incoming data stream, and propagate this
information via the new pseudo file '.terminal/interrupts'. Each time,
the user presses control-c in the terminal, the value stored in this
pseudo file is increased. Thereby, a VFS client can watch this file to
get notified about the occurrences of user interrupts.
Fixes#3546
The scratch buffer is now allocated from the heap and is shared
between the test as they are executed in a serial fashion. This
change saves memory as the test are constructed at start-up.
Fixes#3539.
This patch adds support for watch notifications for the
'Readonly_value_file_system', which is often used by VFS plugins to
implement pseudo files. It thereby enables VFS clients to respond to
VFS-plugin events (think of terminal resize) dynamically.
Fixes#3523
Uplink labels were stored in the uplink objects as reference. As uplink objects
may be re-used on re-configuration to avoid unnecessary closing and re-opening
of NIC sessions, the label reference could get invalid as the object that
stored the label content didn't get re-used. Thus, the label is now copied to
the uplink object.
Fixes#3529
This adds two new boolean attributes to the <report> tag of the NIC router
configuration 'link_state' and 'link_state_triggers'. The former decides
whether to report the link state of each NIC interface (downlink, uplinks) at
the NIC router. The other decides whether to trigger reporting each time the
link state of an interface changes.
Fixes#3527
If a MAC address was once allocated for a downlink and during the further
creation of the downlink an exception caused the creation to be aborted, the
NIC router didn't free the MAC address again.
Ref #3525
The handling of exceptions during session creation implies freeing and
detaching the RAM DS behind the session env and session component. But this
was done using the session env located in the same RAM DS, which must
lead to problems. Now, the session env from the RAM DS is copied to the stack
and the operations are done on this temporary instance instead.
Ref #3525
When the construction of a member of Packet_stream_*::Rpc_object after
the _cap member threw an exception, the object was not dissolved from
the entrypoint although the Rpc_object vanished at this point. This was
because the call to 'manage()' happened in the initializer list (for the
_cap member instantiation). The destruction of the _cap member then did
not dissolve the object.
This first fix moves the call to 'manage()' into the constructor body
after the instantiation of all other members. A more sophisticated fix
would use some kind of 'Managed_object' life-time guard that manages an
object on construction and dissolves on destruction.
Ref #3525
When re-configuring a domain from using a static IP config to using a dynamic
IP config, attached interfaces didn't react with doing DHCP discover. This bug
is fixed now and the nic_router_flood test was adapted in a way that it tests
the described behavior.
Fix#3518
Nowadays, we use standard command-line tools like vim to edit init
configurations dynamically, which alleviates the need for a custom CLI.
The CLI-monitor component was too limited for use cases like Sculpt
anyway.
The patch also removes the ancient (and untested for long time)
terminal_mux.run script, which used to be the only remaining user of the
CLI monitor.
Issue #3512
This driver manually checks if the RAM quota is big enough for the
Lan9118 nic session component. The problem is Root_component::_create
from which Root_component::_create_session gets called does already
check this. No need to account for it twice.
Fixes#3514
This patch extends the 'File_system::Status',
'File_system::Directory_entry', and the related 'Vfs' types with
the following additional information:
- Distinction between continuous and transactional files (Node_type)
(issue #3507)
- Readable, writeable, and executable attributes (Node_rwx),
replacing the former 'mode' bits
(issue #3030)
The types 'Node_rwx', 'Node_type' are defined twice,
once for the VFS (vfs/types.h) and once for the 'File_system'
session (file_system_session/file_system_session.h).
Similarly, there is a direct correspondance between
'Vfs::Directory_service::Dirent' and 'File_system::Directory_entry'.
This duplication of types follows the existing pattern of keeping the
VFS and file-system session independent from each other.
Moving the handling into the input-session clients enables more
sophisticated implementations (like Qt5) to apply key-symbol based
handling of those modifiers like correct CTRL-A with QWERTY and AZERTY
layouts and distinction of CTRL-J and Return.
Issue #3483
The API still exports 32-bit address and size values only, which works
as the actual MMIO resources are allocated in platform_drv internally.
Fixes#3494
Map ACPI tables entirely as one dataspaces (not page-by-page). Note, the
current approach does only merge overlapping but not consecutive I/O
memory regions, which would reduce the amount of capabilities required
even further.
Fixes#3495
This adds complete character-generator configurations for English (US),
German (Germany and Switzerland), and French (France and Switzerland).
The configs are manually amended and stripped-down versions of
xkb2ifcfg generated configs.
Issue #3483
The Press event is actually a Press_char event with a default codepoint.
The default codepoint is now
Codepoint { Codepoint::INVALID } /* value 0xfffe */
in contrast to
Codepoint { Input::Event::INVALID } /* value 0 */
Issue #3483
A client may register a signal handler to be notified whenever the
RTC value was changed, i.e., a mis-configured clock was synchronized,
by calling 'set_sigh()'.
Issue #3450
This patch enhances part_block with support for parsing the AHDI
partition scheme, and the detection of the GEMDOS variant of FAT as used
by Atari TOS. As a side effect of the implementation, the patch improves
the MBR parsing code by avoiding pointers and using const qualifiers.
Fixes#3470
The rtc_drv on x86 can now by used to also set the RTC. If the config
attribute 'allow_setting_rtc' is set to 'yes' the driver will update
the RTC from the content of the 'set-rtc' ROM module. A valid ROM must
contain a top node with the following attributes: 'year', 'month',
'day', 'hour', 'minute' and 'second'.
* Only rudimentary checking of the provided values is done.
* '12H' mode is not supported.
Fixes#3438.
When setting the config attribute 'match_labels="yes"', the clipboard
performs plausibility checks for copy and paste operations against the
nitpicker focus.
Issue #3437
The warning falsely detected cases where shared objects where loaded before
exec_static_constructors() was called as unneeded even in cases were the
binary itself contained static globals.
The commit also removes one redundant call to exec_static_constructors()
from the block tester.
If a path element cannot be watched because it does not exist yet, the next
available parent directory is watched to detect the creation of the missing
path element. If a missing path element got created just between the failed
watch request for the element and the successful watch request for its parent
directory, the creation of the path element could remain unnoticed.
With this commit, 'fs_rom' tries to watch a path element again if the watch
request for its parent directory was successful.
Fixes#3398
On some platforms (foc+pbxa9, hw+imx53_qsb_tz, hw+rpi) the default buffer size
is to much for the RAM available on the board. Thus, decrease the buffer size
and therefore the number of polls for these platforms only.
Fixes#3354
Moreover, express current requirement to hw API, which was missing until now.
Originally, in the board-specific build directory of imx53_qsb the
"KERNEL" variable was preset with "hw". Therefore, it was not perceived
that this dependency is required.
Ref #3316
When enabling the 'keep_going' config attribute, the component will
carry on in case a child exited with an error. In addition, if the
'restart' attribute is set it will start executing the children from
the beginning.
Instead of retieving the information about the underlying platform from
the configuration, check the running kernel from the platform_info. This
commit removes the undocumented "acpi" config attribute.
* Make package buildable for ARM too
* Move usb library to src targets for explicitly named targets
* adapt remaining run-scripts to use the correctly named usb drivers
Ref #2190
* Make target binaries independent of board SPECS
* Name binaries of one architecture unambigously
* Extend include path to match board specifics
* Adapt run-scripts to use the right binary
Ref #2190
Ref #3180
When there are too many PCI devices, the Expanding_reporter regenerates
the report. However, this doesn't reset the BDF counter used to iterate
over the devices. This results in starting the new report after the PCI
device that triggered the report buffer overflow. This commit fixes the
issue by putting the BDF counter initialization inside the lambda
function used to generate the report.
Fixes#3317
To enable the use of uncached DMA buffers as RX and TX communication
buffers in between driver (service) and client, introduce a cache
attribute in the constructor of Nic::Session_component
Ref #3291
This enforces the use of unsigned 64-bit values for time in the duration type,
the timeout framework, the timer session, the userland timer-drivers, and the
alarm framework on all platforms. The commit also adapts the code that uses
these tools accross all basic repositories (base, base-*, os. gems, libports,
ports, dde_*) to use unsigned 64-bit values for time as well as far as this
does not imply profound modifications.
Fixes#3208
- Added 'io_buffer' attribute, default is 4M
- Added 'batch' attribute, specifying the number of jobs used
in parallel, default is 1 (sequential)
- Removed 'synchronous' attribute (use batch of 1 instead)
- Added 'copy' attribute (default "yes")
- Print number of signals ("triggered")
Issue #3283
This patch equips the 'Block::Connection' with a framework API for the
implementation of robust block-session clients that perform block I/O in
an asynchronous fashion.
An application-defined 'JOB' type, inherited from 'Connection::Job',
encapsulates the application's context information associated with a
block operation.
The lifecycle of the jobs is implemented by the 'Connection' and driven
by the application's invokation of 'Connection::update_jobs'. The
'update_jobs' mechanism takes three hook functions as arguments, which
implement the applications-defined policy for producing and consuming
data, and for the completion of jobs.
Issue #3283
As a preparatory step for introducing the new block-client API, we have
to turn the 'Block::Connection' into a class template. The template
argument will be used to tie an application-defined job type to the
block connection.
Issue #3283
This patch adds support for manually triggering the wakeup of the packet
sink by the source. This way, a packet source becomes able to marshal
batches of submissions or unmarshal batches of acknowledgements before
yielding the control over to the sink.
Issue #3283
Track the dataspaces used by attach and add handling of flushing VM space
when dataspace gets destroyed (not triggered via the vm_session interface).
Issue #3111
This patch removes the blocking Block::Session::sync RPC function and
adds the asynchronous operations SYNC and TRIM to the block session's
packet-stream interface.
Even though the patch adjusts all block components to the interface
change, the components keep the former blocking handling of sync
internally for now because of the design of the 'Block::Driver'
interface. This old interface is not worth changing. We should instead
migrate the block servers step by step to the new
'Block::Request_stream' API.
Fixes#3274
The new request tag allows a block-session client to uniquely correlate
acknowledgements with outstanding requests. Until now, this was possible
for read and write operations by taking the value of the request's
packet-stream offset. However, SYNC and TRIM requests do not carry any
packet-stream payload and thereby lack meaningful offset values. By
introducing the notion of a 'tag', we can support multiple outstanding
requests of any type and don't need to overload the meaning of the
'offset' value.
Issue #3274
This patch splits the 'Request' definition into smaller types that are
suitable for the client-side API too.
The new 'Operation' type comprises the block operation's type (opcode)
and the operation's arguments (block number, block count).
The former 'Request::operation_defined' is now 'Operation::valid'.
The 'Request' aggregates an 'Operation', which changes its object
layout.
Note that this commit relaxes the bit-precise definition of 'Request' to
facilitate the use of 'unsigned long' where appropriate, in particular
for the request tag (which should correspond to an 'Id_space::Id'). The
originally bit-precise definition was pursued to allow the sharing of
the 'Request' type between SPARK and C++ code. However, it turns out
that defining a native type in each language and a (set of) converting
constructors is a more natural approach.
Issue #3283
When receiving a terminal signal, the uart device model has to
take all characters out of the stream. Otherwise, characters
might never arrive at the VM. This was not recognized before,
because it was used with a quite slow UART only, which obviously
never achieved to send more characters at once.
Ref #3278
A small terminal-client tool, which expects a specific line(-start),
and then sends a specified line to the other side. Optionally,
it prints all received lines to its LOG service.
Ref #3278
This patch renames 'wakeup_client' to 'wakeup_client_if_needed' to
clarify that the method triggers signals only when needed, not on every
call.
The name 'wakeup_client' is prone to misguide users to call the function
conditionally as an optimization, thereby complicating the code, but to
no effect.
Fixes#3279
This patch replaces the formerly fixed 2 KiB data alignment within the
packet-stream buffer by a server-defined alignment. This has two
benefits.
First, when using block servers that provide small block sizes like 512
bytes, we avoid fragmenting the packet-stream buffer, which occurs when
aligning 512-byte requests at 2 KiB boundaries. This reduces meta data
costs for the packet-stream allocator and also allows fitting more
requests into the buffer.
Second, block drivers with alignment constraints dictated by the
hardware can now pass those constraints to the client, thereby easing
the use of zero-copy DMA directly into the packet stream.
The alignment is determined by the Block::Session_client at construction
time and applied by the Block::Session_client::alloc_packet method.
Block-session clients should always use this method, not the 'alloc_packet'
method of the packet stream (tx source) directly. The latter merely
applies a default alignment of 2 KiB.
At the server side, the alignment is automatically checked by
block/component.h (old API) and block/request_stream.h (new API).
Issue #3274
This patch modernizes the 'Block::Session::info' interface. Instead of
using out parameters, the 'init' RPC function returns a compound 'Info'
object now. The rather complicated 'Operations' struct is replaced by
a 'writeable' attribute in the 'Info' object.
Fixes#3275
Disconnecting a client and connecting an other to the sd_card_drv
on imx6 results in a "Completion host signal timed out" error in
the newly connected client.
Fixes#3272
Replace the I/O response handler that is passed to the VFS at
construction with an object that is dynamically attached to handles.
This object shall also accept read-ready notifications, and plugins are
encouraged to keep handles awaiting ready-ready notifications separate
from handles that await I/O progress.
Replace the use of handle lists in plugins with handle queues, this
makes the code easier to understand and the ordering of notifications to
the application more explicit.
These changes replace the use of the Post_signal_hook from all VFS
plugins, applications must assume that read-ready and I/O notifications
occur during I/O signal dispatch and use an Io_progress_handler at its
entrypoints to defer response until after signal dispatching.
Fix#3257
Issue #3111
- enable vt-x in kernel configuration
Kernel patches:
- add unrestricted guest support
- avoid kernel boot failure when vt-x is not available
- avoid nullpointer in kernel when vcpu is not fully setup
- avoid vcpu scheduling bug which causes starvation on same/below prio level
- save efer register correctly from guest
The new configuration attributes <tcp-forward to_port="123" /> and
<udp-forward to_port="123" /> enable manipulating the destination port of
port-forwarded packets.
Fixes#3237
The "Vfs::Vfs_handle" type should not contain any public members that
can be initialized by the VFS internally and by the application, so
remove inheritance from the "Genode::list::Element" class. The VFS
plugins must instead use lists of "Vfs::Vfs_handle" sub-classes, the
lifetime of which are always managed by the plugin.
Ref #3036
This is a safeguard against accidentally taking the 'Ack' interface as a
value instead of a reference.
The 'Payload' interface should also not be copied (and potentially
stored) because it contains a pointer.
This patch reworks the 'Session_component::destroy' to cope become
robust against a client-provided invalid view handle. The code did not
consider that 'Handle_registry::has_handle' may throw.
Thanks to Alexander Boettcher for reporting and the initial fix.
Fixes#3232
Without this patch, a version change of an already exited child would not
trigger the restart of the child because the version is evaluated as
late as the child configuration, but only if the child has not exited
yet.
This patch evaluates the version at the earlier stage where the identity
of the child (its name) is checked against the new configuration.
Fixes#3226
The disk image contains an extended partition table now that would
have been parsed incorrectly in the past. While there remove the unused
gpt BLOB (test-part_block_gpt has its own raw archive).
Issue #3223.
The new 'transfer' function interface defines how pixel/alpha values
sampled from texture are applied to a destination pixel, similar to the
role of a fragment shader in GPU-based rendering. The transfer function
can be customized by defining custom pixel types, which may be (but
don't need to be) derived from 'Pixel_rgba'.
Issue #3221
The "schedule_post_signal_hook" method of the Genode::Entrypoint class
is problematic because the signal hook can be scheduled and replaced
multiple times during the signal dispatch cycle. Add an alternative to
this method with "register_io_progress_handler" and the "Post_signal_
hook" class with "Io_progress_handler". The difference being an
"Io_progress_handler" may be registered once during the lifetime of an
entrypoint to prevent arbitrary libraries from replacing a pending hook.
The "register_io_progress_handler" remains as a deprecated API, and is
now invoked for every I/O signal received and only for I/O signals
rather than for any signal.
Ref #3132
The zynq nic_drv also depends on hw, we therefore adapted the folder
structure for clarity. Also renamed the binary to 'zynq_nic_drv' to
prevent conflicts and to allow removing the cadence_gem spec.
Issue #3179
This commit removes APIs that were previously marked as deprecated. This
change has the following implications:
- The use of the global 'env()' accessor is not possible anymore.
- Boolean accessor methods are no longer prefixed with 'is_'. E.g.,
instead of 'is_valid()', use 'valid()'.
- The last traces of 'Ram_session' are gone now. The 'Env::ram()'
accessor returns the 'Ram_allocator' interface, which is a subset of
the 'Pd_session' interface.
- All connection constructors need the 'Env' as argument.
- The 'Reporter' constructor needs an 'Env' argument now because the
reporter creates a report connection.
- The old overload 'Child_policy::resolve_session_request' that returned
a 'Service' does not exist anymore.
- The base/printf.h header has been removed, use base/log.h instead.
- The old notion of 'Signal_dispatcher' is gone. Use 'Signal_handler'.
- Transitional headers like os/server.h, cap_session/,
volatile_object.h, os/attached*_dataspace.h, signal_rpc_dispatcher.h
have been removed.
- The distinction between 'Thread_state' and 'Thread_state_base' does
not exist anymore.
- The header cpu_thread/capability.h along with the type definition of
'Cpu_thread_capability' has been removed. Use the type
'Thread_capability' define in cpu_session/cpu_session.h instead.
- Several XML utilities (i.e., at os/include/decorator) could be removed
because their functionality is nowadays covered by util/xml_node.h.
- The 'os/ram_session_guard.h' has been removed.
Use 'Constrained_ram_allocator' provided by base/ram_allocator.h instead.
Issue #1987
Make the size of the packet buffer at the VFS File_system client
configurable. This allows larger reads to be completed in a single
packet cycle.
Example: <vfs> <fs buffer_size="512K"/> </vfs>
Fix#3167
1) A session request gets denied if there is no matching session policy.
(The <defaul-policy/> tag can be used for the former default behavior)
2) A session request gets denied if the MAC address is given through the
matching policy but this address cannot be allocated.
3) A session request gets denied if the MAC address is not given through the
matching policy and it is also not possible to allocate one.
Issue #3040
This patch enhances the packet-stream API with the principle ability to
side-step the built-in implicity data-flow signals and manage the
signals manually. This allows for a more efficient batching of packet
processing.
Issue #3092
The 'tx_cap' RPC function is only used at session-creation time. For
this reason, it was not listed in the "official" RPC interface in
'block_session.h'. However, this makes the interface more obscure than
it needs to be. So this patch promotes it to a regular RPC function.
Issue #3092
This patch adjusts the implementation of the base library and core such
that the code no longer relies on deprecated APIs except for very few
cases, mainly to keep those deprecated APIs in tact for now.
The most prominent changes are:
- Removing the use of base/printf.h
- Removing of the log backend for printf. The 'Console' with the
format-string parser is still there along with 'snprintf.h' because
the latter is still used at a few places, most prominently the
'Connection' classes.
- Removing the notion of a RAM session, which does not exist in
Genode anymore. Still the types were preserved (by typedefs to
PD session) to keep up compatibility. But this transition should
come to an end now.
- Slight rennovation of core's tracing service, e.g., the use of an
Attached_dataspace as the Argument_buffer.
- Reducing the reliance on global accessors like deprecated_env() or
core_env(). Still there is a longish way to go to eliminate all such
calls. A useful pattern (or at least a stop-gap solution) is to
pass the 'Env' to the individual compilation units via init functions.
- Avoiding the use of the old 'Child_policy::resolve_session_request'
interface that returned a 'Service' instead of a 'Route'.
Issue #1987
The notion of a RAM session does not exist anymore. Hence, we have to
adjust the name of 'init_env_ram_session'. Since this change modifies
the ABI, it comes as separate commit.
Issue #2407
Refactor the graphical terminal server to internally represent
characters as 16-bit codepoints and handle the duplex terminal stream as
UTF-8.
- Make the Codepoint class printable to the Output interface
- Decode data received at the Terminal session from UTF-8 to a 16-bit
character
- Pass 16-bit characters through terminal decoder and char-cell arrays
- Send Unicode through terminal session in a burst of UTF-8 bytes
Fix#3148
- support to create multiple vCPUs
- support to implement Vm_session methods client side within base library
- adjust muen specific virtualbox4 version to compile/link
Issue #3111
Move the allocation of the session packet buffer into a subclass that is
constructed before the File_system RPC object. This allows the buffer
allocation to be wrapped in a constructor/destructor class and clearly
accounted for.
Fix#3134
The situation where a 'Session_policy' is constructed for a label with
no matching policy is in almost all cases a configuration problem.
A diagnostic message eases pin-pointing such mistaks. By adding the
message to the 'Session_policy', servers don't need to manually handle
the exception to provide diagnostic information. This simplifies the
server code in many components.
The former 'Genode::Timed_semaphore' mechanism is moved to the private
part of the two remaining users, namely dde_rump and the libc. Note
there are now two private copies of 'timed_semaphore.h'. This should be
regarded as an interim step until the use of this mechanism is removed
from both users.
This patch also cleans up the mechanism from legacy Genode API calls and
global side effects (alarm-thread singleton). The test/timed_semaphore
is now located at the libports repository as it now tests a mechanism of
the libc. The former timed_semaphore library is no more.
Fixes#3121
Since the timer and timeout handling is part of the base library (the
dynamic linker), it belongs to the base repository.
Besides moving the timer and its related infrastructure (alarm, timeout
libs, tests) to the base repository, this patch also moves the timer
from the 'drivers' subdirectory directly to 'src' and disamibuates the
timer's build locations for the various kernels. Otherwise the different
timer implementations could interfere with each other when using one
build directory with multiple kernels.
Note that this patch changes the include paths for the former os/timer,
os/alarm.h, os/duration.h, and os/timed_semaphore.h to base/.
Issue #3101
This patch improves the window decorators in the following respects:
* Strict warnings are enabled now.
* The use of the 'List_model' makes the application of window-
layout changes more robust. This is particularly the case for
the restacking of windows.
* Display-mode changes are now supported by both decorators.
Issue #3094
Init's state reports are updated whenever an interesting part of init's
internal state changes (e.g., when sessions are established, or when
children are started/removed). However, until now, a change of a skipped
heartbeat counter was not taken as trigger for state-report updates.
In scenarios where no other intersting event happened, the last reported
state did no reflect the current heartbeat state. In particular, when
the last report was issued during the construction of a new child just
before the child became able to respond to heartbeat requests, the stale
report hinted at heartbeat problems that were just an initialization
artifact. This problem became visible on some Qemu platform where the
child startup takes a long time.
The patch tracks the observed skipped-heartbeat counter and triggers a
report whenever the counter value changes.
Issue #3079
By adding an additional synchronization point in the form of a matched
log message, this patch makes the timing behavior of the "test changing
provided services" step more deterministic. Without it, the scheduling
of OKL4 and base-hw resulted in a merge of two config updates into one.
Issue #3079
Packets whose data is stored within the Packet_descriptor itself
but not as payload, .e.g Usb::Packet_descriptor, are valid packets
after all. So loosen the packet valid check for zero-sized packets
is reasonable.
Fixes#3076.
Our overall nightly test time greatly decreases when the timeouts for
the single tests are not that over-pessimistic. Using the slowest
platforms as reference, this commit reduces the test timeouts.
Ref #3027
For reading the MAC address we try first to read it from the <policy> tag, and
when it is not defined in the <policy> tag, we allocate a MAC. But there was
no handling of the case that there is no appropriate <policy> tag. In this
case we want to create the session with an allocated MAC also.
This patch makes init robust against invalid routing rules that lack a
name attribute in the '<service>' node. This situation may occur when
interactively editing routes in Sculpt.
Some application code is dereferencing the pointer returned by
'packet_content' at packet streams without checking that it is valid.
Throw an exception rather than return a null pointer, except for
zero-length packets, which have somewhat implicit invalid content and
that we believe to be properly handled in all current cases.
The client-side of a packet stream cannot take corrective action if the
server-side is sending packets with invalid content, but the servers
that provide packet streams should catch this exception to detect
misbehaving clients.
Ref #3059
Change the root of a session request into an explicit path and apply the
label-to-path conversion using the "path_prefix" policy attribute. This
is in addition to only applying a root change with a "path" attribute.
Ref #3031Fix#3056
The bulk buffer is now 64Byte-aligned so that the allocated
packets get aligned likewise (assumed the packet allocator uses an
appropriately aligned block size). This ensures that each packet
starts at a new cache line on common platforms.
Issue #3053
This patch improves the detection of new appearing top-most windows.
Such a window should prompt the decorator to bring the corresponding
nitpicker view(s) to the front of the view stack. The original
implementation relied on hints provided by the layouter (the 'topped'
attribute). With the patch, the decorator tracks the top-most window by
itself, which improves the robustness.
As a second improvement, the patch defers the destruction of windows to
the point when all other window operations are completed. This hides
intermediate states when replacing one window by another in one step,
which is typical for console-like scenarios. Hence, this patch should
eliminate flickering artifacts when switching from one virtual console
to another.
Issue #3031
* Account all RAM/CAP quota of a session except quota for metadata used in
core. The latter is considered when asking if a session can afford to make
an operation but it does not get accounted to always be able to pay back all
quota when a session closes. The general accounting mechanism is moved from
atop of the allocators down to the level of RAM/RM session operations.
* report statistics about session objects and quota if <report stats="yes"
quota="yes"/> is configured. (default is yes if <report> is present)
Issue #2953
Like suggested by RFC 2663, reprogram the dissolve timeout of a TCP link
state to 2 times the maximum segment lifetime (by default 1 minute) when
receiving a matching packet with the FIN flag set, or with the ACK flag
set to acknowledge a FIN of the remote side.
Mark a link state as closed (no further reprogramming of the dissolve
timeout) and set the dissolve timeout to 2 times the maximum segment
lifetime when receiving a packet with the RESET flag set.
Issue #2953
If the NIC router has insufficient CAP or RAM quota for the creation of
a state object for an interface, it tries to destroy a certain amount of
existing state objects of this interface to free resources. Afterwards,
it retries handling the current packet once. If it does fail again, the
router drops the packet.
Issue #2953
Ensure that a '\0' always appears at the end of the ouput of the XML
generator. Previously, exceptions during the Node(...) constructor
might have prevented this. This commit also extends the xml_generator
test to drive a harder test on exceptions in the Xml_generator.
Issue #2953
When the functor provided to the Node constructor throws an exception,
do revert all changes in reverse order. Previously, the changes made
to the parent node were not considered by the exception handler which
caused unnecessary characters to remain in the out buffer for each
reverted node.
Issue #2953
The VFS server does not support file-system with one single-file plugin
providing the root. This is because the "leaf_path" is not universally
implemented to handle the path "/". This fix is simply to skip a
"leaf_path" check when opening the path "/".
Ref #2919
The PS/2 driver retries to get mouse-reset results for 700 ms, sleeping
after each attempt for 10 ms. So, the driver needs a Timer session now.
Fixes#2713
This patch addresses a situation where _process_packets was called as a
side effect of watch notification (that was processed during an unlink
RPC operation). This scenario (triggered by the fs_query test)
ultimately ended up in a deadlock. Io/watch reponse handlers should
never re-enter the application logic.
The new base/xsd/config.inc defines generic XSD types such as 'Boolean' or
'Session_label'. It can be included in config XSD files by using:
! <xs:include schemaLocation="file://${GENODE_CONFIG_INC}"/>
The string ${GENODE_CONFIG_INC} is replaced by the run tool with the
above mentionened file path.
Issue #2897
Seen on X250
Description from https://www.win.tue.nl/~aeb/linux/kbd/scancodes-1.html
The ten grey keys Insert, Home, PgUp, Delete, End, PgDn, Up, Left,
Down, Right are supposed to function regardless of the state of Shift
and NumLock keys. But for an old AT keyboard the keypad keys would
produce digits when Numlock was on or Shift was down. Therefore, in
order to fool old programs, fake scancodes are sent: when LShift is
down, and Insert is pressed, e0 aa e0 52 is sent; upon release of
Insert e0 d2 e0 2a is sent. In other words, a fake LShift-up and fake
LShift-down are inserted.
Fixes#2888
Add additional parsing modes to the sequence decoder to detect and
discard unhandled sequences for ECMA-48, DEC private, and Xterm.
Add new behavior for cursor movement, cursor hiding, character deletion,
and line-wrapping.
Fix#2923
When the cached_fs_rom saturates the packet stream of its File_system
session it will call the session request handler recursively as pending
transfers are completed. This is bad because the content of the XML node
currently being processed will change.
The session request handler can no longer be called directly, but the
"schedule" method will submit a signal to the request handler, and
requests will be processed after the current operation has completed.
Calling 'handle_io_response()' in a regular VFS function (in contrast to a
post-signal hook) can cause problems if the caller of the VFS function holds
a lock which prevents the io response handler from returning.
With this commit, the user of the VFS becomes responsible for unblocking
threads which might be blocking after a failed 'queue_read()', 'queue_sync()'
or 'write()' call.
Fixes#2896
This new vfs_import plugin allows a VFS instance to be populated during
construction using a sub-VFS configured in an '<import>' configuration
node. This allows the ram_fs File_system server to be replaced by the
VFS server by reimplementing the ram_fs 'content' feature. At the
moment the copying of symlinks is not enabled, and the resources
obtained by the import file-system may not be freed after the import is
finished.
Fix#2906
The ram plugin to the VFS must send notifications to watch handles on
files when they are removed. This brings the VFS server to parity with
the ram_fs server for the sake of notifications.
Move run/fs_report to gems and use the vfs server and the vfs init
plugin in the test.
Ref #2902
This patch removes the detection of statically linked executables from
the base framework. It thereby fixes the corner cases encountered with
Sculpt when obtaining the binaries of the runtime from the depot_rom
service that is hosted within the runtime.
Statically linked binaries and hybrid Linux/Genode (lx_hybrid) binaries
can still be started by relabeling the ROM-session route of "ld.lib.so"
to the binary name, pretending that the binary is the dynamic linker.
This can be achieved via init's label rewriting mechanism:
<route>
<service name="ROM" unscoped_label="ld.lib.so">
<parent label="test-platform"/> </service>
</route>
However, as this is quite cryptic and would need to be applied for all
lx_hybrid components, the patch adds a shortcut to init's configuration.
One can simply add the 'ld="no"' attribute to the <start> node of the
corresponding component:
<start name="test-platform" ld="no"/>
Fixes#2866
When mounting a ROM module with binary="no", the
vfs will detect the 0-termination to calculate the
file size instead of using the dataspace size.
Fixes#2903
Process I/O packets in batches. If a batch is processed and there are
still packets pending, send a signal locally to the packet handler and
return to the entrypoint signal dispatcher. This prevents clients from
starving each other, which happens when a client continuously submits
packets at a faster rate than the server can process.
Fix#2900
Test of File_system I/O scheduling. It appears that a client not
submitting I/O packets slower than the VFS server can process will
starve other clients.
Ref #2900
This component is contrasted with the fs_rom server that serves
independent dataspaces to each client. Using a cache was not possible
until the region map session supported the creation of read-only
attachments.
Test at run/read_only_rom.
Ref #1633Fix#2760
The verbosity mode of the NIC bridge can be toggled with the verbose attribute
(default value shown):
! <config verbose="no" />
If enabled, the NIC bridge logs sent and received packets as well as the
lifetime of interfaces connected to the bridge.
Issue #2899
The test triggers the following assertion in the kernel, which will
remain unfixed as the kernel is no longer developed:
Assertion queue_state.is_set(queue_state_t::send) failed in file
.../pistachio/kernel/src/api/v4/tcb.h, line 727
This assertion is presumably similar / related to issue #1495.
Quietly insert forward declaration of a Input::Binding class, and make
it a friend of Input::Event and Input::Session_client. This is to allow
non-C++ language bindings (Nim) to access private members by providing
their own implementation of the Binding class.
Fix#2889
The legacy PIT timer driver is too jittery for the character-repeat
test. This patch disables the test for platforms using this device as
user-level time source, which are at the moment OKL4, Pistachio, and
seL4.
Also remove 'requires_installation_of', while also checking sbin
directories in 'have_installed'. The run scripts have been adjusted
accordingly.
Fixes#2853
The 200-second timeout of the init test triggers on some test platform
(in particular on qemu) while it is overly pessimistic on others.
This patch aims at stabilizing the timing behavior of the test across
the tested kernels/machines.
This is a follow-up patch of "init: avoid too eager child restart". On
each config update of init, init re-applies child-specific configuration
changes. In the case of an already exited child, this re-evaluation
wrongly marked such a child as abandoned because the child's environment
sessions do no longer exist. Abandoning the child, in turn, triggers the
destruction and subseqent restart (because the <start> node of the
configuration still exists). The latter is bad for two reasons.
First, the exit state of the original instance becomes lost. Second, the
restart may have unexpected side effects due to sessions created by the
new instance. I.e., when resizing a partition in sculpt, init would
wrongly restart the gpt-write tool after the tool successfully exited.
This collides with a newly started instance of part_blk/resize2fs, which
now competes with the second gpt-write instance for the exclusive access
of the targeted block device.
The patch prevents init from re-applying configurations to exited
children. The accompanied test case covers the corner case.
Do not simply wait for the good ping test to finish, but for the other
flood tests to trigger the RAM exhaustion. This makes the test more
robust with slower platforms or a different timing.
Issue #2857
The log messages covered by verbose_packet_drop were previously
configured by the verbose attribute. This isn't the case anymore. Now,
you can configure them as follows:
! <config verbose_packet_drop="no" ... >
! <domain verbose_packet_drop="no" ... />
! <config/>
The new attribute determines whether to log each packet drop and the
rational behind it. The <config> value affects all domains without a
<domain> local value.
Issue #2857
The default value of each <domain> is the <config> value. However, if
a <domain> local value is set, the <config> value doesn't affect this
value at all.
Fixes#2874
The ICMP-Echo-server functionality of the router has the following
configuration attributes (default values shown):
! <config icmp_echo_server="yes">
! <domain icmp_echo_server="yes" ... />
! </config>
The icmp_echo_server attribute configures whether the router answers ICMP Echo
requests that address the router. The <config> value affects all domains
without a <domain> local value.
Issue #2874
When a domain is updated to a new component config, the two criteria for
keeping an ARP waiting state of a remote domain are whether the remote
domain still exists and whether its IP config is still the same. This
means that a domain must also dissolve all of its remote ARP waiting
states if its IP config changes (without an update of the component
config). This wasn't the case until now.
Issue #2840
The chroot server was conceived to automatically place File_system
sessions into segregated root directories by converting session labels
to paths. If multiple children needed to be grouped under the same path,
a 'merge' policy would truncate the session label before path conversion.
Now that init can rewrite session labels and thus reproduce truncation,
the chroot merge feature is redundant and can be removed.
Fix#2846
Removed the modified mark from handles that have been written to when
they are synced, otherwise a notification would be sent again when the
handle is closed.
Ref #2839
* Do not log events that are not critical (deadly) to the NIC router if not
configured to be verbose,
* Print almost all log lines with a prefix of the domain name they are
related to,
* And, do not use Genode::error and Genode::warning as they make it hard to
read the log with the domain name prefixes.
Fixes#2840
Introduce the uplink tag:
! <config>
! <uplink label="wifi" domain="uplink">
! <uplink label="wired" domain="wired_bridge">
! <uplink domain="wired_bridge">
! <config/>
For each uplink tag, the NIC router requests a NIC session with the
corresponding label or an empty label if there is no label attribute.
These NIC sessions get attached to the domain that is set in their
uplink tag as soon as the domain appears. This means their lifetime is
not bound to the domain. Uplink NIC sessions can be safely moved from
one domain to another without being closed by reconfiguring the
corresponding domain attribute.
Attention: This may render previously valid NIC router configurations
useless. A domain named "uplink" doesn't automatically request a NIC
session anymore. To fix these configurations, just add
! <uplink domain="uplink"/>
or
! <uplink label="[LABEL]" domain="uplink"/>
as direct subtag of the <config> tag.
Issue #2840
The term was used for the old configuration during the handling of a new
configuration but in other places it was already called old_config.
Issue #2840
Dissolve and destroy the invalid domain first before deinitializing all
domains for the next round. This way, the deinitialization is not done twice
for the invalid domain.
Issue #2840
Due to a bug in the deinitialization of the DHCP server of a domain (the
reference to the destroyed object was not cleared), the NIC router could
end up in a page fault caused by a double-free at the heap. This also fixes
the previously missing dissolving of the "DNS-server-from" relation to a
remote domain.
Issue #2840
Currently has three clients that continuously create new UDP/TCP/ICMP
connections through the NIC router with NAT to the outer world and they
get never closed. A fourth client does normal ping through the same
domain to the outer world that must succeed even after the RAM quota of
the other session at the router is exhausted. The test is restricted to
Qemu to not being at risk to flood real networks.
Issue #2857
This patch weakens the aggressive restart of a child with incomplete
environment sessions. The restart check is performed each time
the init configuration changes. In sculpt, this is not a rare special
case anymore but a frequent case when using the depot_rom as provider
for environment ROM sessions. In particular when starting a chain of
inter-depending children, the sculpt-manager quickly generates a
sequence of configurations with successively added start nodes.
The addition of the 'Cap_consumer' feature to app/dummy increased the
static RAM demand of the component to a point where 1 MiB no longer
suffices on sel4 (on this kernel, the base library uses a larger amount
of statically allocated data compared to the others). The tweaks enable
init.run and init_loop.run to work on sel4 on x86-64.
Selecting an alternate interface setting, even if it is the same as the
current one, apparently makes the INQUIRY command fail with USB devices
like 'SanDisk Ultra Fit' (0781:5583) and 'Corsair Flash Voyager'
(1b1c:1a03) when the USB block driver is restarted.
Fixes#2860
* Catch Quota_guard exceptions wherever we do 'new (_alloc)' in Interface
and in case drop the packet that caused the exception
* Modify Interface::handle_config_2 to not use the guarded allocator of the
NIC session quota as we cannot handle a RAM exhaustion well at this point
in time. Instead use a Constructible member in Interface so that a needed
RAM adds up to the calculation in the create_session implementation where
an exhaustion is handled via a service denial.
Issue #2857
The interface destructor called pure virtual methods at least when
cancelling ARP- waiting states. The implementations were made by the
deriving classes Session_component respectively Uplink. This led to an
abort of the NIC router as the destruction of the derived class was
already done. A similar problem already occured in the past during the
construction of Interface and was back then solved by introducing a
separate init() method. This commit, however, solved the problem by
making Interface a member of the other classes. Therefore, the init()
method could be removed again. Furthermore, the interface polica could be
moved from Session_component_base to Session_component. The commit also
had to generalize the way the link state of an interface is determined.
Fixes#2856
While a child is abandoned, we must limit the start of anothers with
the same name. Otherwise - of the child has startup problems - a number
of abandoned children with the same name may queue up. This becomes a
problem whenever the child destruction depends on an asynchronous
service that provides an env session for the children. If the service is
unable to keep up with the session requests (both create and close),
the queue of abandoned children becomes unbounded. Limiting the child
creation rate to one abandoned child per name mitigates this problem.
This patch reduces the latency of state reports when children are
removed or added, thereby, accellerating the feedback loop between a
management component and init during the staged startup or removal of
inter-dependent components.
This test monitors the RAM quota of a dynamic init and a server hosted
within the dynamic init in the presence of a repeatedly created and
destructed client.
Previously we were doing the initialization once over all domains,
remembered which of them became invalid and destroyed those afterwards.
This isn't sufficient. As soon as one domain becomes invalid we have to
dissolve/destroy this one, deinitialize all other domains again (as they
could contain references to the invalid domain) and retry to initialize
them from the beginning. We proceed with this until we have one run
without a domain becoming invalid. Then we can be sure that the last
initialization run did not create references to any invalid domain.
Issue #2840
The generic helper Avl_string_tree of the NIC router is currently only
used for finding domains via their names, but in the future it can be
used for finding uplinks by their labels also. Additionally, it enables
us to throw an exception when inserting two elements with the same
identifier.
Issue #2840
* Get rid of the base classes Rule and Leaf_rule,
* Make log output about initiated or invalid routing rules conform to the rest
of the router log, and
* Ensure that each type of routing rule when being invalid invalidates its
whole domain.
Issue #2840
On Linux, we have a tap device as NIC back end but there is no one to
ping to in the subnet of the tap device. On FOC, the tests seem to trigger
a bug in the destruction of components with parent.exit(X); .
Fixes#2848
The condition was too rigid. In the case where no motion occurred in
between the press and release events of the magic button, the delayed
press event would not be delivered. This - in turn - confused other
components (like nitpicker) down the input chain.
for such classes where it should be safe and where we have seen issues.
Disabling in general bus master DMA causes on some machines hard hangs, e.g.
because the USB handover protocol was violated.
Fixes#2835
In contrast to most information of init's state reports, which can be
monitored at a relatively low rate (like 2 seconds in Sculpt's runtime),
resource requests call for an immediate response by the consumer of the
report. Otherwise the requesting child stays unnecessarily blocked until
the next rate-limited state report is due. This patch adds a fast lane
for such low-latency state updates to init.
Do not send nor buffer packets at interfaces with link state "down". This
prevents that packets that were routed to one network (allowed to see them),
due to a sudden link down/up, are leaked to another network that is not
allowed to see them.
When updating an interface in the NIC router to a new configuration and
the domain name of the interface has not changed but the domain
disappeared, the NIC router did not detach from the old domain correctly
which led to broken remnants of interface state objects (like connection
states).
Adapt the nic_router_uplinks run script to work with the fix.
fs_report truncated the report file on construction of the report
session to mimic an "empty report". This prevented existing use cases
where the initial state was already written to the file system by other
means.
I doubt that use cases exist where the inital empty-report mimic is
needed and (if I'm wrong) there is still the race of the consumer
reading the file just before the report session is constructed.
Reporters that want to enforce an empty initial report should send it
explicitly.
Clients may wish to act on missing files. In any case the fs_rom
needs to reopen a watch handle when a file is deleted, and this
sort of change to the internal state machine is propelled by
client RPC requests.
Fix#2839
The new 'displays' report contains information about the used
framebuffer backend. It is issued when nitpicker has successfully passed
all initialization, in particular the connection to the framebuffer
driver. Hence, it can be taken as an indicator of whether the framebuffer
is available or not (e.g., caused by a faulty driver).
When re-configuring the NIC router, determine for each domain if at least one
interface stays with the domain. If a domain fullfills this and has a
dynamic IP config (received via a DHCP client), keep the IP config.
To achieve this, the following changes have been made to the existing NIC
router code:
* Split-up Interface::handle_config into three steps:
1) Determine for each interface if its domain can keep its IP config or
or if it has to mark it invalid. This must be done before (re-)attaching
any interface because during "attach" several decisions are made based on
the validity of the IP config of corresponding the domain.
(E.g. whether to participate in sending DHCP DISCOVERs {IP config
invalid} or whether to participate in sending pending ARP REQUESTs
{IP config valid} ).
2) Detach, attach, or re-attach each interface according to the
configuration. This must be done before re-considering the temporary
state objects of each interface because the latter might have effects
on the interfaces of remote domains which must then be in place already.
3) Re-consider temporary state objects of each interface. (E.g. transport
layer connection states)
* Re-work IP-config setter in a way that it works as follows:
1) If the old IP config is valid, let all local interfaces as well as remote
interfaces that depend on the IP config of the domain detach from the old
IP config.
2) Overwrite with new IP config
3) If the new IP config is valid, let all local interfaces as well as remote
interfaces that depend on the IP config of the domain attach to the new
IP config.
Issue #2815
The new attribute config.domain.label has effect only at the uplink
domain-tag. It determines which label the NIC router shall use when
requesting the NIC session for the uplink domain. If value of this
attribute changes at the uplink domain-tag, the NIC router closes and
re-requests the NIC session of the uplink with the new label.
Issue #2815
This tests the case that behind a NIC router domain there are not only
directly connected clients of the subnet but also Layer 2 indirections like
a switch or a bridge which might be interesting for example for testing the
NIC routers DHCP server implementation.
Fixes#2837
Set DHCP-DISCOVER retry timeout and DHCP-REQUEST retry timeout from 10
seconds to 2 seconds. This prevents problems with tests where the NIC
driver comes up slowly and the first packets of the DHCP client get
dropped.
Issue #2837
The Ethernet destination MAC address of a DHCP reply is not the same as the
DHCP client MAC address. The DHCP server of the NIC router did not take care
of this by now.
Issue #2837
When an environment session is provided by a async service such as a
sibling component, the session metadata must be preserved until end of
the lifetime of the session at the server has been acknowledged by the
server. Since the session meta data of env sessions are always part of
the 'Child' object, the destruction of this object must be deferred
until this point.
Merge the 'Packet_handle' into the 'Rom_root' and use an Id_space to
match File_system handles to session objects rather than a list. This
avoids the need to override 'Root_component::_destroy_session'.
Fix#2833
When exhausted of RAM quota while starting children, init used to throw
an uncaught 'Out_of_ram' exception as this condition was considered
fatal. However, this behavior is undesired when init is used in a highly
dynamic yet long-running fashion like sculpt's runtime subsystem. This
change keeps init running despite the error condition, giving the user
the chance to relieve the resource pressure.
The 'View_stack::draw_rec' method limited the redraw to parts of the
view that were explicitly marked as dirty. This does not produce the
desired result when stacking multiple transparent views. Here, the
background views must be drawn regardless of whether they are marked as
dirty or not.
The file may also be changed by other components, so a open-close cycle
for write() is more robust. For example, Vim removes the original file
and recreates with the new content.
The '_active_mode' must not be changed at any time except when the
client asks for the 'Framebuffer::mode'. Otherwise, the dimensions of
dataspace used by the client is not always consistent with the mode
information as gathered by the client.
On real hardware, the tests expect an IPv4 subnet such that UDP requests
to 10.0.0.2 port 12345 get answered with an ICMP destination port unreachable.
Issue #2775
support USB NIC
Issue #2788
Set DHCP discover timeout to 1 second because, for some reason, the first
DHCP discover attempt of the NIC router on the PandaBoard times out with the
nightly test infrastructure.
Issue #2788
Adaption to mac-address allocation changes
Normally, the NIC sessions are independent from the domain tags.
However, by now the uplink session, in contrast to the sessions of the
other domains, is still not a server but a client. This means that only
the NIC router itself can decide when to open and close uplink sessions
and how many. Thus, with this commit, we break with the pattern that
session lifetime is independent from domains by letting the NIC router
create the uplink session when the uplink domain appears and close the
session when the domain disappears.
Fixes#2795
Since the router MAC is allocated like the donwlink MACs it can't happen
anymore that these MACs clash, for instance due to nested routers. Thus,
the range of the MAC allocators of nested routers must not be exclusive
anymore which deprecates the 'mac_first' configuration attribute.
Issue #2795
Allocate a virtual MAC address at runtime that is used as router
Ethernet-identity for all downlink domains. This makes the downlink
domains independent from the uplink session.
Issue #2795
The old MAC allocator had several drawbacks:
* the address base was a public static that could and must have been written
directly from outside the class
* the in-use-flag array was based on unsigned values consuming 4 bytes each
for only one bit of information
* it was a public header that we actually don't want to expose to all
components but only to the few networking components
* it used the not-so-safe bit notation for integer members of GCC
The new version fixes all these drawbacks.
Issue #2795
Instead of handing over the maximum available size to the packet data
accessors, hand over a size guard that keeps track of the packets
boundaries.
This commit also moves the size-guard utilitiy header of Ping and NIC
Router to the include/net directory making it a part of the net library.
It applies the new approach to all net-lib users in the basic repositories.
Ping looses its configurability regarding the ICMP data size as this would
require an additional method in the size guard which would be used only by
Ping.
The size guard was also re-worked to fit the fact that a packet can
bring a tail as well as a header (Ethernet).
Issue #2788
For now it is enough to differentiate the most commonly used file
system on Genode, e.g. Ext2 for the Genode partition and FAT32 for
(U)EFI partitions.
Issue #2803.
The component will now always try to parse the MBR as well as the GPT
(in this order). It will bail out if both are considered valid, using
GPT/MBR hybrid tables is not supported.
Fixes#2803.
