Commit Graph

1856 Commits

Author SHA1 Message Date
Johannes Schlatow
bed870ead4 net: fix header_length field in Ipv4_packet
Replace size_t by uint8_t in accessors for the IPv4 header fields
'version' and 'header_length' - uint8_t is the smallest integral type
for 4 bit of information. Note, as the _internet header length_ field is
defined to reflect the number of 32-bit words the header occupies, we
also stick to the specification with our accessor.

Issue #1915
2016-05-23 15:49:57 +02:00
Christian Helmuth
abed38e8ac net: transform packet data accessor into template
Supports stronger typing of raw accesses and const correctness.

Issue #1915
2016-05-23 15:49:56 +02:00
Johannes Schlatow
3df03fbc41 base-hw: fix SCU initialization for zynq-based boards
The old implementation cleared all other bits in the SCU control
register when enabling the SCU, which broke the kernel startup on zynq-
based boards.
By only raising the enable bit, we can keep the initial/default state
e.g. as set up by uboot.

Fixes #1953
2016-05-23 15:49:56 +02:00
Norman Feske
f6dec901bb base: remove Component::name from API
It turns out that the name function does not have much use in practice
except for naming the thread of the component's initial entrypoint. For
dynamically linked components, this thread is created by the dynamic
linker. It is named "ep" in these cases. Considering that we will
eventually turn all regular components into dynamically linked
executables, the additional information provided by the
Component::name() function remains unused. So it is better to not bother
the component developers with adding boilerplate code.
2016-05-23 15:49:56 +02:00
Waylon Cude
1e95af5bab Fixed linking and memory allocation for rust
Now rlibs are actually linked to programs. Target files have been
modified to not generate code that requires compiler-rt. Added a target
for libstd-rust, but it's very broken right now. Moved alloc_system to
the libports folder because either a memory allocator needs to be
written in rust or posix_memalign needs to be implemented. Changed
liblibc to use freebsd as the OS instead of netbsd. Added a library with
unwind dummy functions.

Rust relies on atomic builtins, which are not implemented in libgcc for
ARM. One was implemented in rust, which was sufficient to get the
current rust test to run. Rust libs were added into the group of libs
for the linker so order no longer matters. The raspberry pi now uses an
armv6 target.
2016-05-23 15:49:56 +02:00
Norman Feske
ab88599682 base: document the return value of String::length 2016-05-23 15:49:56 +02:00
Norman Feske
fd401bdf53 Thread API cleanup
This patch cleans up the thread API and comes with the following
noteworthy changes:

- Introduced Cpu_session::Weight type that replaces a formerly used
  plain integer value to prevent the accidental mix-up of
  arguments.
- The enum definition of Cpu_session::DEFAULT_WEIGHT moved to
  Cpu_session::Weight::DEFAULT_WEIGHT
- New Thread constructor that takes a 'Env &' as first argument.
  The original constructors are now marked as deprecated. For the
  common use case where the default 'Weight' and 'Affinity' are
  used, a shortcut is provided. In the long term, those two
  constructors should be the only ones to remain.
- The former 'Thread<>' class template has been renamed to
  'Thread_deprecated'.
- The former 'Thread_base' class is now called 'Thread'.
- The new 'name()' accessor returns the thread's name as 'Name'
  object as centrally defined via 'Cpu_session::Name'. It is meant to
  replace the old-fashioned 'name' method that takes a buffer and size
  as arguments.
- Adaptation of the thread test to the new API

Issue #1954
2016-05-23 15:49:55 +02:00
Norman Feske
7b73d1d823 heap: add new-fashioned constructor 2016-05-09 13:25:11 +02:00
Norman Feske
1f395ae780 base: new interface for textual output
Issue #1942
2016-05-09 13:25:01 +02:00
Norman Feske
3bceefc9cf Omit superfluous use of "CAP"/"SIGNAL" services
The functionality of the former "CAP" and "SIGNAL" services is now
provided by core's "PD" service.
2016-05-09 13:24:51 +02:00
Norman Feske
dc8690ae37 Modularize base-internal headers
Issue #1952
2016-05-09 13:24:39 +02:00
Norman Feske
40a5af42eb Clean up base-library structure
This patch moves the base library from src/base to src/lib/base,
flattens the library-internal directory structure, and moves the common
parts of the library-description files to base/lib/mk/base.inc and
base/lib/mk/base-common.inc.

Furthermore, the patch fixes a few cosmetic issues (whitespace and
comments only) that I encountered while browsing the result.

Fixes #1952
2016-05-09 13:24:11 +02:00
Emery Hemingway
52cc50174f Amend File_system session with SEEK_TAIL support
Used to read or write from the end of a file when multiple packets may
be in transit.

Supported by ram_fs, rump_fs, and vfs servers.

Fixes #1775
2016-05-09 13:10:53 +02:00
Christian Helmuth
b38c5006d8 vfs: support UNLINK_ERR_NO_ENTRY in TAR file system
We report UNLINK_ERR_NO_PERM only for files in TAR archive, otherwise
UNLINK_ERR_NO_ENTRY is returned. This permits the arbitrary layering of
file systems with support for proper ENOENT reporting, for example,
when using 'rm -f non_existent_file' that aborts if EPERM is wrongly
reported.
2016-05-09 13:10:53 +02:00
Norman Feske
b8cd56cb90 Tweak slab allocators to use whole pages
Most slab allocators in core use a sliced heap as backing store. Since
sliced-heap allocations are performed at page-granularity, it is
sensible to dimension the slab blocks to fill whole pages.
2016-05-09 13:10:53 +02:00
Norman Feske
ba0545de07 Clean up 'Sliced_heap'
This patch cleans up the implementation of the sliced heap, adds a
constructor that takes references instead of pointers, and adds the
function 'meta_data_size' to determine the meta-data overhead per block.
The latter can be used to dimension slab allocators such that slab
blocks use whole pages.
2016-05-09 13:10:53 +02:00
Norman Feske
4f69772ecc Replace 'Env' interface with modern one
The original 'Env' interface as returned by 'Genode::env()' has been
renamed to 'Env_deprecated' and moved to deprecated/env.h. The new version
of base/env.h contains the interface passed to modern components that
use the component API via base/component.h.

Issue #1832
2016-05-09 13:10:52 +02:00
Norman Feske
7274ca997d Remove Genode::Process from API
This patch makes the former 'Process' class private to the 'Child'
class and changes the constructor of the 'Child' in a way that
principally enables the implementation of single-threaded runtime
environments that virtualize the CPU, PD, and RAM services. The
new interfaces has become free from side effects. I.e., instead
of implicitly using Genode::env()->rm_session(), it takes the reference
to the local region map as argument. Also, the handling of the dynamic
linker via global variables is gone. Now, the linker binary must be
provided as constructor argument.

Fixes #1949
2016-05-09 13:10:52 +02:00
Norman Feske
b49e588c1c Assign threads to PD at its creation time
This patch replaces the former 'Pd_session::bind_thread' function by a
PD-capability argument of the 'Cpu_session::create_thread' function, and
removes the ancient thread-start protocol via 'Rm_session::add_client' and
'Cpu_session::set_pager'. Threads are now bound to PDs at their creation
time and implicitly paged according to the address space of the PD.

Note the API change:

This patch changes the signature of the 'Child' and 'Process' constructors.
There is a new 'address_space' argument, which represents the region map
representing the child's address space. It is supplied separately to the
PD session capability (which principally can be invoked to obtain the
PD's address space) to allow the population of the address space
without relying on an 'Pd_session::address_space' RPC call.
Furthermore, a new (optional) env_pd argument allows the explicit
overriding of the PD capability handed out to the child as part of its
environment. It can be used to intercept the interaction of the child
with its PD session at core. This is used by Noux.

Issue #1938
2016-05-09 13:10:52 +02:00
Norman Feske
2bc8a0f76a Move XML util from os to base repository
Since the dynamic linker depends on the XML utils and we plan to replace
the ancient 'Arg_string' with XML, it is time to move the 'Xml_node' and
'Xml_generator' to base/include.
2016-05-09 13:10:52 +02:00
Norman Feske
73b463cdbb Signal_handler: remove num argument from handler
We will eventually remove the delivery of the number of occurred signals
to the recipient. There haven't been any convincing use cases for this
feature. In the contrary, it actually led to wrong design choices in the
past where the rate of signals carried information (such as the progress
of time) that should better be obtained via an explicit RPC call.

The old 'Signal_rpc_member' template retains the old interface for now.
But the new 'Signal_handler' omits the 'unsigned' argument from the
handler function.
2016-05-09 13:10:52 +02:00
Christian Helmuth
861508ad68 Always recreate library archives
GNU ar only uses a flat module (object) name space but supports multiple
instances of objects with the same name. As we use subdirectories with
source file names that may clash (e.g., signal/common.cc and
server/common.cc in the base library) some of our static library
archives have multiple object instances. This is not an issue on archive
creation but works not as expected when updating archives. To avoid
updates of library archives we delete the files before calling GNU ar.
2016-05-09 13:10:52 +02:00
Emery Hemingway
549f77eafe Catch exceptions when creating VFS
Catch exceptions at File_system_factory::create.
Print error message in Dir_file_system.

Fixes #1786
2016-05-09 13:10:51 +02:00
Emery Hemingway
4aafa882d8 XML node type and attribute name string accessors
Issue #1786
2016-05-09 13:10:51 +02:00
Christian Helmuth
d891016632 lwip: prevent warnings
Thanks to Menno Valkema for the patch.
2016-05-09 13:10:51 +02:00
Norman Feske
511acad507 Consolidate RM service into PD session
This patch integrates three region maps into each PD session to
reduce the session overhead and to simplify the PD creation procedure.
Please refer to the issue cited below for an elaborative discussion.

Note the API change:

With this patch, the semantics of core's RM service have changed. Now,
the service is merely a tool for creating and destroying managed
dataspaces, which are rarely needed. Regular components no longer need a
RM session. For this reason, the corresponding argument for the
'Process' and 'Child' constructors has been removed.

The former interface of the 'Rm_session' is not named 'Region_map'. As a
minor refinement, the 'Fault_type' enum values are now part of the
'Region_map::State' struct.

Issue #1938
2016-05-09 13:10:51 +02:00
Norman Feske
e20bbe7002 base: remove integer return codes from PD-session
The return code of assign_parent remained unused. So this patch
removes it.

The bind_thread function fails only due to platform-specific limitations
such as the exhaustion of ID name spaces, which cannot be sensibly
handled by the PD-session client. If occurred, such conditions used to
be reflected by integer return codes that were used for diagnostic
messages only. The patch removes the return codes and leaves the
diagnostic output to core.

Fixes #1842
2016-05-09 13:09:56 +02:00
Emery Hemingway
93b82c14ac libc: read sysctl info from /.sysctl/...
Fixes #1931
2016-05-09 13:09:56 +02:00
Martin Stein
19b3824bfb libav: update to version 11.6
Enables also the use of the avresample library.

Fixes #1910
2016-05-09 13:09:55 +02:00
Martin Stein
7c1235ff34 avplay.run: Remove mixer server
The mixer is not directly necessary for the avplay demo. But it implies
additional maintenance work. E.g., in the current state, it complains about
the missing Report server and mutes audio output by default.

Ref #1910
2016-05-09 13:09:55 +02:00
Alexander Boettcher
1fc707d9dc nova: fix copy-paste bug in oom code
Fixes #1944
2016-05-09 13:09:54 +02:00
Josef Söntgen
3195311b53 usb_drv: fix nullptr access in EP stop cmd
Issue #1945.
2016-05-09 13:09:54 +02:00
Josef Söntgen
2dfbfd7173 qemu-usb: handle STALL_ERROR
Issue #1945.
2016-05-09 13:09:54 +02:00
Josef Söntgen
133c46a784 usb_drv: handle EP stall in Usb_session
Fixes #1945.
2016-05-09 13:09:54 +02:00
Alexander Boettcher
463b39fc73 xml reporter: support different start node name
Currently the report name is used implicitly as first xml node name for the
report.  This is inconvenient if one component wants to generate various xml
reports under various names (e.g. to steer consumers/clients slightly
differently) but with the same xml node tree structure.

Fixes #1940
2016-05-09 13:09:54 +02:00
Martin Stein
ab9fe9cc6c tz_vmm usb_armory: update binary URIs
The binaries were moved to the genode.org webserver as free bandwidth of the
previous Github LFS was depleted.

Fixes #1902
2016-04-25 11:12:38 +02:00
Roman Iten
1ba1980727 libc, vfs: extend rename testing
Issue #1900
2016-04-25 11:02:03 +02:00
Emery Hemingway
ccd50cc9f5 Vfs::Dir_file_system: adjust rename error priority
CROSS_FS error must not propagate before NO_PERM.
New order is OK, NO_PERM, CROSS_FS, NO_ENTRY.

Fixes #1900
2016-04-25 11:02:02 +02:00
Christian Helmuth
da0c467518 Deallocation in slab backend of ported drivers 2016-04-25 10:48:03 +02:00
Adrian-Ken Rueegsegger
cd420b05ec hw_x86_64_muen: Use Bitset template for MSI address handle
Use Bitset_2 to represent MSI address handle which renders the
Msi_handle type unnecessary.
2016-04-25 10:48:03 +02:00
Adrian-Ken Rueegsegger
f5f8011d02 dde_bsd: Switch mirror of dde_bsd.port
The previous mirror has removed OpenBSD version 5.7.
2016-04-25 10:48:03 +02:00
Christian Helmuth
9cd26c4d61 Prevent compiler warnings 2016-04-25 10:48:02 +02:00
Christian Helmuth
dd90cb3bfe trace_fs: prevent compilter warning 2016-04-25 10:48:02 +02:00
Christian Helmuth
ff4033c6b0 noux: prevent compiler warning 2016-04-25 10:48:02 +02:00
Martin Stein
cba6f5f298 base: no exit handler for libc stdout log console
We don't want Genode environment objects that register their destructor
for program exit as it is mostly unnecessary and easily produces
dangling pointers. Thus, use unmanaged_singleton instead of the static
keyword.

Fixes #1941
2016-04-25 10:48:02 +02:00
Christian Helmuth
bf5df7d88d libc: qualify Plugin_context as base class
...by defining a virtual destructor.
2016-04-25 10:48:02 +02:00
Christian Helmuth
43cf789371 vfs: report zero-length read from server 2016-04-25 10:48:02 +02:00
Christian Helmuth
642ce6ca77 lxip: correct return type in send/recv socketcall
Now, error cases are reported correctly and not as gigantic ssize_t
values on 64-bit.
2016-04-25 10:48:01 +02:00
Christian Helmuth
579f4d4991 vfs: count of written bytes in Fs_file_system 2016-04-25 10:48:01 +02:00
Christian Helmuth
7a64e0bb80 ldso: dump link map of loaded shared objects
Also log the link-map information of shared objects loaded after startup
if 'ld_verbose' is configured.
2016-04-25 10:48:01 +02:00
Martin Stein
4ef2b0ed2e hw arm: avoid shared cache lines during MP init
When bringing up the kernel on multiple cores, there is a time span
where some cores already have caches enabled and some don't. Core-local
storage that may be used during this time must be aligned at least to
the maximum line size among global caches. Otherwise, a cached core may
unintentionally prefetch data of a yet uncached core into a global
cache. This may corrupt the view of the uncached core as soon as it
enables caches. However, to determine the exact alignment for every
single ARM platform isn't sensible. Instead, we can align to the minimum
page size assuming that a cache never wants to prefetch from multiple
pages at once and thus fulfills "line size <= page size".

Fixes #1937
2016-04-25 10:48:01 +02:00
Martin Stein
9508f397a2 ldso: use get_page_size_log2 instead of "12"
Ref #1941
2016-04-25 10:48:01 +02:00
Martin Stein
d5d891a227 libports: raise stack size of libc apps
Triggered by cc1plus in noux_tool_chain_auto on hw_arndale that caused
an overflow on its 64K stack.

Ref #1941
2016-04-25 10:48:01 +02:00
Martin Stein
a96130f20b base: get rid of alloc align default value
When using the Allocator interface, one can't tell which alignment
resulting allocations fulfill. However, at least on ARM, given the
architectural alignment requirements of ARM memory accesses, one wants
memory allocations (what allocators are for in most cases) to be word
aligned automatically. Previously, at least the AVL allocator simply
called alloc_aligned without defining align in its alloc implementation.
This led to unaligned access faults (the default was 0) when using the
AVL allocator as Allocator (as done in the metadata management of a SLAB
of an AVL that uses the AVL as backing store). To avoid such pitfalls
in the future, we force users of alloc_aligned to always specify align
(why use alloc_aligned without align anyway).

Ref #1941
2016-04-25 10:48:01 +02:00
Christian Prochaska
cdf57b60f9 noux: keep cap of last pager 2016-04-25 10:48:00 +02:00
Norman Feske
df272c90ec noux: keep caps of secondary threads 2016-04-25 10:48:00 +02:00
Martin Stein
e6061a794f hw: word-width sensitive kernel-stack size
Ref #1937
2016-04-25 10:48:00 +02:00
Johannes Schlatow
5b12034531 hw_zynq: refactor specs
This is a generalisation approach of the hw_zynq target. As the boards
typically use UART1 instead of UART0 (used by qemu), we have to
distinguish between those. Moreover, in general hw_zynq does not imply
zynq_qemu anymore, so that the support of particular boards can be
placed in third-party or community repositories (e.g. Genode world).

Fixes #1926
2016-04-25 10:48:00 +02:00
Norman Feske
05e09a6116 Improve warning message 2016-04-25 10:48:00 +02:00
Johannes Schlatow
0709340788 Component writing a ROM into a file-system session
Fixes #1917
2016-04-25 10:47:59 +02:00
Norman Feske
f186587cab Unify ipc_msgbuf.h across base platforms
Besides unifying the Msgbuf_base classes across all platforms, this
patch merges the Ipc_marshaller functionality into Msgbuf_base, which
leads to several further simplifications. For example, this patch
eventually moves the Native_connection_state and removes all state
from the former Ipc_server to the actual server loop, which not only
makes the flow of control and information much more obvious, but is
also more flexible. I.e., on NOVA, we don't even have the notion of
reply-and-wait. Now, we are no longer forced to pretend otherwise.

Issue #1832
2016-04-25 10:47:59 +02:00
Norman Feske
0c299c5e08 base: separate native CPU from CPU session
This patch unifies the CPU session interface across all platforms. The
former differences are moved to respective "native-CPU" interfaces.

NOVA is not covered by the patch and still relies on a custom version of
the core-internal 'cpu_session_component.h'. However, this will soon be
removed once the ongoing rework of pause/single-step on NOVA is
completed.

Fixes #1922
2016-04-25 10:47:57 +02:00
Norman Feske
e9dec93f4b base: optimized slab allocator
This patch changes the organization of the slab blocks within the slab
allocator. Originally, blocks were kept in a list sorted by the number
of free entries. However, it turned out that the maintenance of this
invariant involves a lot of overhead in the presence of a large number
of blocks. The new implementation manages blocks within a ring in no
particular order and maintains a pointer to the block where the next
allocation is attempted. This alleviates the need for sorting blocks
when allocating and deallocating.

Fixes #1908
2016-04-25 10:47:56 +02:00
Norman Feske
fbc35cb796 base: hide slab implementation details from API
Issue #1908
2016-04-25 10:47:56 +02:00
Norman Feske
db5969e6cc Stress test for the slab allocator
Issue #1908
2016-04-25 10:47:55 +02:00
Norman Feske
7cf40a0971 allocator_avl: hand back meta data when destructed
This patch ensures that the 'Allocator_avl' releases all memory obtained
from the meta-data allocator at destruction time. If allocations are
still dangling, it produces a warning, hinting at possible memory leaks.
Finally, it properly reverts all 'add_range' operations.
2016-04-25 10:47:55 +02:00
Norman Feske
ed37c2ecff core: use copy of region metadata in detach
This patch fixes a use-after-free problem raised by the recent ability of
the slab allocator to dynamically release empty slab blocks. The
Rm_session_component::detach function used to rely on the assumption
that the region metadata co-located with the allocator metadata of the
'_map' would stay intact even after a 'free' if the region.
2016-04-25 10:47:55 +02:00
Norman Feske
329ab80d1d libc: never destruct the file-descriptor allocator
This patch prevents the destruction of the fd allocator when the program
exists. Otherwise, the meta data for file descriptors that were not
manually closed would vanish, which may cause problems in subsequent
destructors.
2016-04-25 10:47:55 +02:00
Norman Feske
8971bb25ce heap: release ds pool meta data when destructed
This patch makes sure that the dataspace pool is flushed before
destructing the heap-local allocator-avl instance. With the original
destruction order, the allocator would still contain dangling
allocations on the account of the dataspace pool when destructed. In
practice, this caused no problem because the underlying backing store is
eventually freed on the destruction of the pool. But it triggers a
runtime warning of the allocator since it has become more strict with
regard to dangling allocations.
2016-04-25 10:47:55 +02:00
Norman Feske
357dbdd64b sel4: allocate vm-space meta data statically
This patch removes the dynamically growing slab allocator from the
page-table registry. This has two benefits. First, we alleviate the
corner cases where the slab allocator needed to extend its backing store
while establishing a core-local memory mapping, thereby triggering a
nested core-local mapping. Without this corner case, no reentrant lock
is needed any longer. Second, it removes the dependency from the overly
large old API of the slab allocator. So we can tighten the slab
interface.
2016-04-25 10:47:54 +02:00
Emery Hemingway
1d301e9c14 lib/vfs: consistent device and inode enumeration
Issue #1751
2016-04-25 10:47:54 +02:00
Emery Hemingway
b8e52189d5 lib/vfs: new permissions errors
New errors STAT_ERR_NO_PERM, DIRENT_ERR_NO_PERM, and READLINK_NO_PERM to
distinguish lookup errors from permissions or other errors.

Issue #1751
2016-04-25 10:47:54 +02:00
Emery Hemingway
14ca140135 lib/vfs: fix disappearing <dir><dir/></dir>
Issue #1751
2016-04-25 10:47:53 +02:00
Emery Hemingway
4a58154e07 server/vfs: refactor for client isolation
VFS handles are allocated from per-session heaps.

Fixes #1751
2016-04-25 10:47:53 +02:00
Emery Hemingway
d1dc5a9071 utility to retrieve aligned sizes from arg strings
Issue #1751
2016-04-25 10:47:52 +02:00
Emery Hemingway
e22cd98a4f File_system::Connection: session upgrading
Upgrade the File_system session RAM quota when an Out_of_metadata
exception is caught.

Issue #1751
Issue #1909
2016-04-25 10:47:52 +02:00
Emery Hemingway
cb952d2087 obscure File_system::Out_of_node_handles exception
Replace the Out_of_node_handles exception with Out_of_metadata.
Clients need to know when the server is out of internal resources,
but not why.

Cleanup and sort the errors at file_system_session.h.
Remove 'Size_limit_reached exception' from File_system, which was
internal to ram_fs.

Issue #1751
Fixes #1909
2016-04-25 10:47:52 +02:00
Emery Hemingway
58632ab8b5 lib/vfs: improve memory safety at ram file system
Reference count files to prevent dangling handles.
Catch out-of-memory conditions and throw NO_SPACE.

Issue #1751
2016-04-11 12:56:54 +02:00
Emery Hemingway
82a7799638 lib/vfs: pass handle allocator to open(...)
Opening a VFS handle previously involved allocating from the global heap
at each VFS file system. By amending open with an allocator argument,
dynamic allocation can be partitioned.

A new close method is used to deallocate open handles.

Issue #1751
Issue #1891
2016-04-11 12:56:54 +02:00
Timo Wischer
3e1fa54c61 sd_card: generalise RPi sd card driver
This enables to reuse the driver for zynq (and other platforms) in the
future.

Fixes #1925
2016-04-11 12:12:23 +02:00
Timo Wischer
036f3b5702 sd_card: add card version information to interface
Issue #1925
2016-04-11 12:06:08 +02:00
Johannes Schlatow
338cfe5a94 sd_card: return capacity in 512kByte blocks
The returned capacity had different semantics dependent on the card
type. For HIGH_CAPACITY cards, the memory capacity is specified in 512kB
blocks. So we should also return 512kB blocks for STANDARD_CAPACITY
cards.

Issue #1925
2016-04-11 12:04:34 +02:00
Johannes Schlatow
063a603948 zynq: fix NIC phy detection
Fixes #1924
2016-04-11 12:01:31 +02:00
Johannes Schlatow
44fe44e8b6 init: invalidate child-provided service on kill
When init destroys a child server with an open session, the client must
be updated as it will otherwise store a pointer to a no-more existing
service object which will be dereferenced when the child client is
destroyed.

Fixes #1912
2016-04-11 11:58:15 +02:00
Emery Hemingway
b07be42e9f noux: fix leak in pipe ring buffer
Fixes #1923
2016-04-11 11:55:01 +02:00
Christian Helmuth
14f1ac497e linux: improve exception-signal handling
First, we use an alternate stack for signal handling now. The stack is
shared among all threads of the component, which is okay as we only
handle exceptions with log output and pass on to the default handler
(that terminates the execution). The primary motivation for the
alternate stack is the detection of SIGSEGV due to stack overflows.

Also, hybrid components now handle exception signals by logging and the
support for multi-threaded applications was improved.

Fixes #1935
2016-04-11 11:53:00 +02:00
Norman Feske
051e84c4b4 Move server API concept to base framework
This commit introduces the new `Component` interface in the form of the
headers base/component.h and base/entrypoint.h. The os/server.h API
has become merely a compatibilty wrapper and will eventually be removed.
The same holds true for os/signal_rpc_dispatcher.h. The mechanism has
moved to base/signal.h and is now called 'Signal_handler'.

Since the patch shuffles headers around, please do a 'make clean' in the
build directory.

Issue #1832
2016-04-11 11:51:46 +02:00
Alexander Boettcher
4ac7127f89 nova: avoid memory leak in kernel 2016-04-11 11:51:45 +02:00
Christian Prochaska
b6afee344f Noux: upgrade RAM quota in Rm_session_component::add_client()
Fixes #1933
2016-04-11 11:51:44 +02:00
Christian Prochaska
17401d6a63 Noux: increase tool_chain_auto run script timeout for Fiasco.OC
Fixes #1932
2016-04-11 11:51:44 +02:00
Christian Prochaska
a0d08d4bd1 Noux: workaround for libtool problem
Add the prefix '-Wl,' to static library names to keep them before shared
library names after libtool's command line reorderings.

Fixes #1928
2016-04-11 11:51:44 +02:00
Alexander Boettcher
f153bc9a74 platform_drv: use server framework for device_pd
Fixes #1927
2016-04-11 11:51:44 +02:00
Christian Helmuth
0cacd41823 base: forward arguments in unmanaged_singleton
This enables the use of reference types for constructor arguments.
2016-04-11 11:51:44 +02:00
Christian Helmuth
02f84f98c3 Explicitly set Qemu disk-image format to raw
Prevents the annoying warning about

  WARNING: Image format was not specified for 'bin/test.img' and probing guessed raw.
           Automatically detecting the format is dangerous for raw images, write operations on block 0 will be restricted.
           Specify the 'raw' format explicitly to remove the restrictions.
2016-04-11 11:51:44 +02:00
Christian Helmuth
1f719dee26 Prevent warnings about unconstructed attached ROMs
If attached ROM dataspaces are not valid after update(), code that uses
these ROMs produces

  void Genode::Volatile_object< <template-parameter-1-1> >::_check_constructed() const [with MT = Genode::Attached_dataspace]: Deref_unconstructed_object
2016-04-11 11:51:43 +02:00
Christian Prochaska
146c694513 Reduce the maximum LOG session string length
The maximum possible string length is defined by the platform with the
lowest maximum IPC payload size (currently OKL4).

Fixes #1919
2016-04-11 11:51:43 +02:00
Johannes Schlatow
febb0cc13d config: deal gracefully with invalid dataspace cap
In scenarios where the config ROM is loaded from a report ROM or any
other non-static ROM, config might try to access an invalid dataspace
capability. This patch prevents the component from aborting in this
case.

Fixes #1914
2016-04-11 11:51:43 +02:00
Johannes Schlatow
07e10a04f9 tcp_terminal: disconnect socket on empty read
The tcp_terminal kept the socket open even though the client
disconnected. As a result, reconnecting to the tcp_terminal was not
working.

Fixes #1913
2016-04-11 11:51:43 +02:00
Johannes Schlatow
d32b5a54b6 base: remove duplicates from dependency list
This patch prevents duplicates in the DEPS argument to be passed to the build
stage.

Fixes #1916
2016-04-11 11:51:43 +02:00
Norman Feske
cda07b7da0 base: simplification of the IPC code
This commit replaces the stateful 'Ipc_client' type with the plain
function 'ipc_call' that takes all the needed state as arguments.
The stateful 'Ipc_server' class is retained but it moved from the public
API to the internal ipc_server.h header. The kernel-specific
implementations were cleaned up and simplified. E.g., the 'wait'
function does no longer exist. The badge and exception code are no
longer carried in the message buffers but are handled in kernel-specific
ways.

Issue #610
Issue #1832
2016-04-11 11:51:42 +02:00
Norman Feske
47878bd3e1 Remove 'Ipc_istream' and 'Ipc_ostream' from API
Fixes #610
2016-04-11 11:51:42 +02:00
Norman Feske
4cdfb9bc2f base: remove 'Native_connection_state' from API
Issue #1832
2016-04-11 11:51:42 +02:00
Norman Feske
da5d182ad3 base: remove 'Native_thread' from public API
Issue #1832
2016-04-11 11:51:42 +02:00
Norman Feske
dc0ebba1ec base-hw: clean up native_types.h 2016-03-18 22:43:05 +01:00
Norman Feske
84bfb4c04c base: remove 'Native_thread_id' type
Issue #1832
2016-03-18 22:43:01 +01:00
Emery Hemingway
da16ecc002 libc: remove trailing slash during file operations
POSIX stipulates that a trailing '/' on a path is valid for any
operation where the final path element is a directory.

Fixes #1330
2016-03-17 17:15:32 +01:00
Stefan Kalkowski
5085ad36c3 tool: remove deprecated 'make prepare' mechanism
Fix #1897
2016-03-17 17:02:04 +01:00
Christian Helmuth
c53bbfa83c noux: remove unused binary from fork test 2016-03-17 17:02:04 +01:00
Norman Feske
9b0eb720b0 base: remove 'Native_utcb' from public API
Fixes #1905
2016-03-17 17:02:04 +01:00
Waylon Cude
28117fee12 Added rust support
Rust relies on atomic builtins, which are not implemented in libgcc for
ARM. One is implemented in rust, which is sufficient to get the
current rust test to run.

Issue #1899
2016-03-17 17:02:04 +01:00
Tomasz Gajewski
611a73be36 Fixed inconsistency in XML parser
Changed Xml_node::next() to treat text between nodes in the same
manner like Xml_node::_init_end_tag which counts number of subnodes.

Issue #1424
2016-03-15 11:57:52 +01:00
Tomasz Gajewski
4a0b63431f Extended test for XML node
Added function to print tokens.
Added test for text mixed with nodes.

Issue #1424
2016-03-10 17:08:53 +01:00
Norman Feske
cf6f3f46f8 Test for the XML parser
Issue #1424
2016-03-10 17:08:52 +01:00
Norman Feske
9a3185f8ed base-linux: remove chroot support
Fixes #1903
2016-03-08 17:00:54 +01:00
Norman Feske
76db3b9c06 base: retire 'Native_config'
This commit moves the parameters of the stack area to the base-internal
header 'stack_area.h'.

Issue #1832
2016-03-08 17:00:54 +01:00
Josef Söntgen
2490e399dc ldso: check binary pointer before lookup
Check if the binary pointer is valid before attempting to lookup the
symbol. Shared objects with unresolved symbols and missing depencies,
e.g a library that references 'errno' but is not linked against libc,
will now produce an error message when they are loaded by the dynamic
linker.

Fixes #1904.
2016-03-08 17:07:36 +01:00
Emery Hemingway
f46a504bb6 use Arg_string::set_arg_string to set session labels
Issue #1861
2016-03-07 16:10:32 +01:00
Emery Hemingway
110d71c2a8 input_merger: set source label with set_arg_string
Fixes #1861
2016-03-07 16:10:32 +01:00
Emery Hemingway
723d9e7784 util/arg_string.h: set_arg_string
Convenience function to set x="y" style arguments.

Issue #1861
2016-03-07 16:10:32 +01:00
Emery Hemingway
23c1d4c66d libc, vfs: rename improvements
Perform POSIX rename checks at the libc VFS plugin.
Clarify rename at VFS fs, ram, single, and tar file systems.

Issue #1900
Fixes #1782
2016-03-07 12:40:04 +01:00
Emery Hemingway
d0735b1734 Move SQLite to genode-world
Fixes #1874
2016-03-07 12:38:30 +01:00
Christian Helmuth
688e86ab68 core: increase initial quota to 224K 2016-03-07 12:34:47 +01:00
Norman Feske
7f73e5e879 base: hide internals of the Thread API
This patch moves details about the stack allocation and organization
the base-internal headers. Thereby, I replaced the notion of "thread
contexts" by "stacks" as this term is much more intuitive. The fact that
we place thread-specific information at the bottom of the stack is not
worth introducing new terminology.

Issue #1832
2016-03-07 12:34:46 +01:00
Norman Feske
3c686fc9c6 libports: fix warning in x86emu 2016-03-07 12:34:46 +01:00
Norman Feske
8132a16137 base-linux: make linux-specific headers private
The interfaces linux_cpu_session, local_capability, linux_dataspace,
linux_native_pd are mere implementation necessities. They are meant for the
internal use by the framework only. So it is appropriate to move them to
base/internal/.

Issue #1832
2016-03-07 12:34:46 +01:00
Norman Feske
6773d631b9 fiasco: remove thread_helper.h from public API
Issue #1832
2016-03-07 12:34:46 +01:00
Norman Feske
1a19ca5f7b base-fiasco/sel4: unified cancelable_lock.h
On seL4 and L4/Fiasco, we employ a simple yielding spinlock as lock
implementation. Consequently these base platforms used to have a
simplified header. However, since the regular cancelable_lock has all
the member variables needed to implement a spinlock, we can simply use
the generic header on those two platforms too, just leaving some other
parts of the generic header unused. So at API level, the difference is
not visible.

Issue #1832
2016-03-07 12:34:45 +01:00
Norman Feske
3473955212 base-linux/nova: unify include/rm_session/client.h
By moving the stub implementation to rm_session_client.cc, we can use
the generic base/include/rm_session/client.h for base-linux and
base-nova and merely use platform-specific implementations.

Issue #1832
2016-03-07 12:34:45 +01:00
Norman Feske
6e7f7bdad4 base: move crt0.h and elf.h to base/internal
Those headers remained unused outside the internal framework. So it is
better to remove them from the public API.

Issue #1832
2016-03-07 12:34:45 +01:00
Norman Feske
2e701f9afa base: update include guards
This patch cleans up the include guards, assisted by the
tool/fix_include_ifndef script.
2016-03-07 12:34:45 +01:00
Norman Feske
6de763cb0b base-okl4: remove unmaintained porting steps 2016-03-07 12:34:45 +01:00
Norman Feske
e6729316ff base: uniform base-internal header structure
This patch establishes a common organization of header files
internal to the base framework. The internal headers are located at
'<repository>/src/include/base/internal/'. This structure has been
choosen to make the nature of those headers immediately clear when
included:

  #include <base/internal/lock_helper.h>

Issue #1832
2016-03-07 12:34:45 +01:00
Norman Feske
be496c6dc1 base: remove kernel-specific base/sleep.h
With this patch, the platform differences reside solely in the
implementation of the base library.

Issue #1832
2016-03-07 12:34:44 +01:00
Norman Feske
62b1c55399 Integrate CAP session into PD session
This patch integrates the functionality of the former CAP session into
the PD session and unifies the approch of supplementing the generic PD
session with kernel-specific functionality. The latter is achieved by
the new 'Native_pd' interface. The kernel-specific interface can be
obtained via the Pd_session::native_pd accessor function. The
kernel-specific interfaces are named Nova_native_pd, Foc_native_pd, and
Linux_native_pd.

The latter change allowed for to deduplication of the
pd_session_component code among the various base platforms.

To retain API compatibility, we keep the 'Cap_session' and
'Cap_connection' around. But those classes have become mere wrappers
around the PD session interface.

Issue #1841
2016-03-07 12:34:44 +01:00
Norman Feske
b1910cdd54 Integrate SIGNAL session into PD session
This patch removes the SIGNAL service from core and moves its
functionality to the PD session. Furthermore, it unifies the PD service
implementation and terminology across the various base platforms.

Issue #1841
2016-03-07 12:34:44 +01:00
Norman Feske
705ac74498 CLI monitor: remove unused GDB command
This patch removes the support for executing subsystems of CLI monitor
within the GDB monitor. There are multiple reasons: First, the feature
remained unused for multiple years. Second, it relied on the base/elf.h
header to determine whether the started binary is dynamically or
statically linked. This header, however, is going to be removed from the
Genode API. Third, the feature will eventually break with the upcoming
changes of how components are bootstrapped. Finally, there is the plan
to turn CLI monitor into a sole front end of a dynamically configurable
init component. Once we pursue this plan, we'd need to reconsider the
GDB support anyway.

Issue #1832
2016-03-07 12:34:44 +01:00
Norman Feske
5d559a0699 Move util/volatile_object.h from os to base 2016-03-07 12:34:44 +01:00
Alexander Boettcher
079484c5d0 Use base-hw as x86 target for noux_tool_chain_auto
The commit avoids the need to have contrib sources of the kernel
available for this run script. We actually just want to build core and
not the kernel itself, which is always required after recent changes in
the ports tool.
2016-03-07 12:34:44 +01:00
Christian Helmuth
0d6dc46bbb sel4: use O3 optimization level
This is the default optimization level in the original seL4 SDK. By
adapting to O3, we work around a bug [1] in version 2.1.0 that only
shows on low optimization levels.

[1] https://github.com/seL4/seL4/issues/20
2016-03-07 12:34:43 +01:00
Martin Stein
ff10687a6c toolchain: report missing ports at once
Previously, ports that were needed for a scenario and that were not
prepared or outdated, triggered one assertion each during the second
build stage. The commit slots a mechanism in ahead that gathers all
these ports during the first build stage and reports them in form of a
list before the second build stage is entered.  This list can be used
directly as argument for tool/ports/prepare_port to prepare respectively
update the ports. If, however, this mechanism is not available, for
example because a target is build without the first build stage, the old
assertion still prevents the target from running into troubles with a
missing port.

Fixes #1872
2016-03-07 12:34:43 +01:00
Emery Hemingway
74342ca2fc lib/lwip: fix import description
The REP_DIR variable does not remain consistent when importing from
other repositories.

Fixes #1888
2016-03-07 12:34:43 +01:00
Igor Podkopaev
b9263a7f4e ahci: routing policies based on device serial/model
Fixes #1882
2016-03-07 12:34:43 +01:00
Christian Helmuth
c17069b35e ports: update hash of gcc (with risc-v patches) 2016-03-07 12:33:14 +01:00
Norman Feske
55506f432e window layouter: small documentation fix 2016-02-26 12:20:57 +01:00
Alexander Boettcher
e5eb1000c7 nova: remove obsolete parts of documentation 2016-02-26 12:19:25 +01:00
Christian Helmuth
9b69c93736 doc: update README, components.txt 2016-02-26 12:19:25 +01:00
Christian Helmuth
66006a0313 libc: provide more net-specific header files 2016-02-26 11:36:55 +01:00
Adrian-Ken Rueegsegger
3a9e5cbd8c Relax tool checks of Muen port
The gnat and gprbuild tools are not necessarily in the PATH when
preparing the port since the effective location is specified by the
--image-muen-gnat-path RUN_OPT.
2016-02-26 11:36:55 +01:00
Norman Feske
9e6f3be806 sel4: update to version 2.1
This patch updates seL4 from the experimental branch of one year ago to
the master branch of version 2.1. The transition has the following
implications.

In contrast to the experimental branch, the master branch has no way to
manually define the allocation of kernel objects within untyped memory
ranges. Instead, the kernel maintains a built-in allocation policy. This
policy rules out the deallocation of once-used parts of untyped memory.
The only way to reuse memory is to revoke the entire untyped memory
range. Consequently, we cannot share a large untyped memory range for
kernel objects of different protection domains. In order to reuse memory
at a reasonably fine granularity, we need to split the initial untyped
memory ranges into small chunks that can be individually revoked. Those
chunks are called "untyped pages". An untyped page is a 4 KiB untyped
memory region.

The bootstrapping of core has to employ a two-stage allocation approach
now. For creating the initial kernel objects for core, which remain
static during the entire lifetime of the system, kernel objects are
created directly out of the initial untyped memory regions as reported
by the kernel. The so-called "initial untyped pool" keeps track of the
consumption of those untyped memory ranges by mimicking the kernel's
internal allocation policy. Kernel objects created this way can be of
any size. For example the phys CNode, which is used to store page-frame
capabilities is 16 MiB in size. Also, core's CSpace uses a relatively
large CNode.

After the initial setup phase, all remaining untyped memory is turned
into untyped pages. From this point on, new created kernel objects
cannot exceed 4 KiB in size because one kernel object cannot span
multiple untyped memory regions. The capability selectors for untyped
pages are organized similarly to those of page-frame capabilities. There
is a new 2nd-level CNode (UNTYPED_CORE_CNODE) that is dimensioned
according to the maximum amount of physical memory (1M entries, each
entry representing 4 KiB). The CNode is organized such that an index
into the CNode directly corresponds to the physical frame number of the
underlying memory. This way, we can easily determine a untyped page
selector for any physical addresses, i.e., for revoking the kernel
objects allocated at a specific physical page. The downside is the need
for another 16 MiB chunk of meta data. Also, we need to keep in mind
that this approach won't scale to 64-bit systems. We will eventually
need to replace the PHYS_CORE_CNODE and UNTYPED_CORE_CNODE by CNode
hierarchies to model a sparsely populated CNode.

The size constrain of kernel objects has the immediate implication that
the VM CSpaces of protection domains must be organized via several
levels of CNodes. I.e., as the top-level CNode of core has a size of
2^12, the remaining 20 PD-specific CSpace address bits are organized as
a 2nd-level 2^4 padding CNode, a 3rd-level 2^8 CNode, and several
4th-level 2^8 leaf CNodes. The latter contain the actual selectors for
the page tables and page-table entries of the respective PD.

As another slight difference from the experimental branch, the master
branch requires the explicit assignment of page directories to an ASID
pool.

Besides the adjustment to the new seL4 version, the patch introduces a
dedicated type for capability selectors. Previously, we just used to
represent them as unsigned integer values, which became increasingly
confusing. The new type 'Cap_sel' is a PD-local capability selector. The
type 'Cnode_index' is an index into a CNode (which is not generally not
the entire CSpace of the PD).

Fixes #1887
2016-02-26 11:36:55 +01:00
Christian Prochaska
2df6cd64d4 vbox: implement 'drvNicAsyncIoWakeup()'
Fixes #1893
2016-02-26 11:36:54 +01:00