This patch simplifies the way of how Genode's base libraries are
organized. Originally, the base API was implemented in the form of many
small libraries such as 'thread', 'env', 'server', etc. Most of them
used to consist of only a small number of files. Because those libraries
are incorporated in any build, the checking of their inter-dependencies
made the build process more verbose than desired. Also, the number of
libraries and their roles (core only, non-core only, shared by both core
and non-core) were not easy to capture.
Hereby, the base libraries have been reduced to the following few
libraries:
- startup.mk contains the startup code for normal Genode processes.
On some platform, core is able to use the library as well.
- base-common.mk contains the parts of the base library that are
identical by core and non-core processes.
- base.mk contains the complete base API implementation for non-core
processes
Consequently, the 'LIBS' declaration in 'target.mk' files becomes
simpler as well. In the most simple case, only the 'base' library must
be mentioned.
Fixes#18
This patch introduces keyboard-focus events to the 'Input::Event' class
and changes the name 'Input::Event::keycode' to 'code'. The 'code'
represents the key code for PRESS/RELEASE events, and the focus state
for FOCUS events (0 - unfocused, 1 - focused).
Furthermore, nitpicker has been adapted to deliver FOCUS events to its
clients.
Fixes#609
Implement the same semantic like L4Re for the initialization of the initramfs
dataspace. Although, it didn't lead to problems right now, this commit might
prevent future problems.
Open VCPU interrupts while the VCPU is in an IPC operation can badly influence
its state. That's why this commit fixes a whole bunch of places, where IRQs
weren't masked by now.
We have to take the block queue's spin lock before invoking the interrupt
routine, otherwise the AVL tree og Genode's block packet stream gets
corrupted.
When finishing a block request in the L4Linux block stub driver,
we#ve to hold the queue lock before using __blk_end_request_all, or
simply use blk_end_request_all instead. Moreover, this commit simplifies
the lock/unlock behaviour when the block queue has to be stopped, or resumed.
Thanks to I. Ismagilov for these suggestions.
When building the Fiasco.OC kernel, and L4Linux within the Genode build system,
forward the CC, and CXX variables. It might contain useful tools like ccache,
or distcc to speed up compilation. Moreover, don't delete the MAKEFLAGS when
building Fiasco.OC. It hinders parallel builds.
Certain symbols from the libgcc_eh library in cxx that is linked with the
L4Linux kernel were resolved by using kernel internal implementations.
This lead to errors because the complete Linux kernel is built regparm=3.
This patch prefixes the appropriate symbols in the Linux Kernel and its
modules. Moreover, it fixes some warnings introduced by the latest update
to gcc 4.7.
In Genode's paravirtualized block driver a request cache is used to find again
Linux request structures via corresponding block-session packets. To work
correctly the cache needs to have at least the same size like the
block-session's queue-size.
Print Fiasco.OC kernel debugger messages into a file instead of a pipe
in the default l4linux run-script. Thereby rarely triggered issues by the
nightly running buildbot can be analyzed after the test failed.
The memory allocation heuristics in the usb driver provided by dde_linux
changed with the recent commit 71b2b42936.
Apparently, the new variant requires a larger memory pool. Increasing
the quota is a temporary fix until the memory allocator gets revisited.
This commit comprises the following changes to enable L4Linux to use several
CPUs:
* change default configuration for x86 and ARM
* add atomic cmpxchg operation to l4re library
* implement l4_sleep (per thread)
* enable setting affinity for VCPUs and IRQs
* move "per CPU" section within linker-script (x86 only)
* introduce SMP run-script for pandaboard
* deactivate direct scheduler (Fiasco.OC syscall) access by L4Linux
This commit fixes several issues that were triggered e.g. by the
'noux_tool_chain' run-script (fix#208 in part). The following problems
are tackled:
* Don't reference count capability selectors within a task that are actually
controlled by core (all beneath 0x200000), because it's undecideable which
"version" of a capability selector we currently use, e.g. a thread gets
destroyed and a new one gets created immediately some other thread might
have a Native_capability pointing to the already destroyed thread's gate
capability-slot, that is now a new valid one (the one of the new thread)
* In core we cannot invalidate and remove a capability from the so called
Cap_map before each reference to it is destroyed, so don't do this in
Cap_session_component::free, but only reference-decrement within there,
the actual removal can only be done in Cap_map::remove. Because core also
has to invalidate a capability to be removed in all protection-domains
we have to implement a core specific Cap_map::remove method
* When a capability gets inserted into the Cap_map, and we detect an old
invalid entry with the dame id in the tree, don't just overmap that
invalid entry (as there exist remaining references to it), but just remove
it from the tree and allocate an new entry.
* Use the Cap_session_component interface to free a Pager_object when it
gets dissolved, as its also used for allocation
The additional quota is needed because of the recent performance
optimizations of the USB/networking code, e.g., to support the
increased NIC packet-stream buffer size.
Make calls using IPCs IRQ safe, handle packet exhaustion, removed
'Packet_pool', tweak TCP rmem and wmem buffer sizes to show better performance
results, use 'Net::Packet_allocator, fix 'update-patch' Makefile command
Use terminals for LOG output of L4Android scenario, as well as a terminal
session for the Linux terminal. Now everything can be used interactively
on one screen: the Linux/Android framebuffer, the Linux console, and the
LOG-output of L4Linux.
Due to recently introduces smart-pointers to Cap_index objects it's
necessary to always keep at least one reference as long as a corresponding
slot in the capability-space of a process is in use. This is especially
important for L4Linux that uses cap-slots directly without the given
abstractions of Genode.
This commit introduces a Cap_index class for Fiasco.OC's capabilities.
A Cap_index is a combination of the global capability id, that is used by Genode
to correctly identify a kernel-object, and a corresponding entry in a
protection-domain's (kernel-)capability-space. The cap-indices are non-copyable,
unique objects, that are held in a Cap_map. The Cap_map is used to re-find
capabilities already present in the protection-domain, when a capability is
received via IPC. The retrieval of capabilities effectively fixes issue #112,
meaning the waste of capability-space entries.
Because Cap_index objects are non-copyable (their address indicates the position
in the capability-space of the pd), they are inappropriate to use as
Native_capability. Therefore, Native_capability is implemented as a reference
to Cap_index objects. This design seems to be a good pre-condition to implement
smart-pointers for entries in the capability-space, and thereby closing existing
leaks (please refer to issue #32).
Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way,
that it should be relatively easy to apply the same concept to NOVA also. By now,
these classes are located in the `base-foc` repository, but they intentionally
contain no Fiasco.OC specific elements.
The previously explained changes had extensive impact on the whole Fiasco.OC
platform implementation, due to various dependencies. The following things had to
be changed:
* The Thread object's startup and destruction routine is re-arranged, to
enable another thread (that calls the Thread destructor) gaining the
capability id of the thread's gate to remove it from the Cap_map, the
thread's UTCB had to be made available to the caller, because there
is the current location of that id. After having the UTCB available
in the Thread object for that reason, the whole thread bootstrapping
could be simplified.
* In the course of changing the Native_capability's semantic, a new Cap_mapping
class was introduced in core, that facilitates the establishment and
destruction of capability mappings between core and it's client's, especially
mappings related to Platform_thread and Platform_task, that are relevant to
task and thread creation and destruction. Thereby, the destruction of
threads had to be reworked, which effectively removed a bug (issue #149)
where some threads weren't destroyed properly.
* In the quick fix for issue #112, something similar to the Cap_map was
introduced available in all processes. Moreover, some kind of a capability
map already existed in core, to handle cap-session request properly. The
introduction of the Cap_map unified both structures, so that the
cap-session component code in core had to be reworked too.
* The platform initialization code had to be changed sligthly due to the
changes in Native_capability
* The vcpu initialization in the L4Linux support library had to be adapted
according to the already mentioned changes in the Thread object's bootstrap
code.
This bug was introduced by commit c9c21ad39c, where Fiasco_capability
was removed, and enums defined in that class scope went to the namespace
Fiasco. In L4Linux some references to Fiasco_capability remained.
When introducing an avl-tree to re-find known capabilities in Fiasco.OC
(issue #112), the memory demand of apllications was slightly increased.
So we've to give the pl11x driver more memory by default. Fixes#140.
The old variant provided 8K capability slots to all processes on core,
which increased binaries by 180 KB for the static allocator. I reduced it
to 4K capabilities stay under 100 KB overhead for the allocator.
Anyway, pci_drv and pl11x_drv need more RAM quota now: 2M for pl11x_drv
and 1M for pci_drv.
This is an interim fix for issue #112. This patch extends the
'Capability_allocator' class with the ability to register the global
ID of a Genode capability so that the ID gets associated with a
process-local kernel capability. Whenever a Genode capability gets
unmarshalled from an IPC message, the capability-allocator is asked,
with the global ID as key, whether the kernel-cap already exists.
This significantly reduces the waste of kernel-capability slots.
To circumvent problems of having one and the same ID for different kernel
objects, the following problems had to be solved:
* Replace pseudo IDs with unique ones from core's badge allocator
* When freeing a session object, free the global ID _after_ unmapping
the kernel object, otherwise the global ID might get re-used in some
process and the registry will find a valid but wrong capability
for the ID
Because core aggregates all capabilities of all different processes, its
capability registry needs much more memory compared to a regular process.
By parametrizing capability allocators differently for core and non-core
processes, the global memory overhead for capability registries is kept
at a reasonable level.
