Commit Graph

7256 Commits

Author SHA1 Message Date
Norman Feske
3bbeacad20 init: preserve final state of exited children
This is a follow-up patch of "init: avoid too eager child restart". On
each config update of init, init re-applies child-specific configuration
changes. In the case of an already exited child, this re-evaluation
wrongly marked such a child as abandoned because the child's environment
sessions do no longer exist. Abandoning the child, in turn, triggers the
destruction and subseqent restart (because the <start> node of the
configuration still exists). The latter is bad for two reasons.

First, the exit state of the original instance becomes lost. Second, the
restart may have unexpected side effects due to sessions created by the
new instance. I.e., when resizing a partition in sculpt, init would
wrongly restart the gpt-write tool after the tool successfully exited.
This collides with a newly started instance of part_blk/resize2fs, which
now competes with the second gpt-write instance for the exclusive access
of the targeted block device.

The patch prevents init from re-applying configurations to exited
children. The accompanied test case covers the corner case.
2018-07-03 09:39:30 +02:00
Martin Stein
2af9cb7952 nic_router_flood.run: be more flexible
Do not simply wait for the good ping test to finish, but for the other
flood tests to trigger the RAM exhaustion. This makes the test more
robust with slower platforms or a different timing.

Issue #2857
2018-06-29 10:44:59 +02:00
Martin Stein
2733d3fea5 nic_router: verbose_packet_drop attribute
The log messages covered by verbose_packet_drop were previously
configured by the verbose attribute. This isn't the case anymore. Now,
you can configure them as follows:

! <config verbose_packet_drop="no" ... >
!     <domain verbose_packet_drop="no" ... />
! <config/>

The new attribute determines whether to log each packet drop and the
rational behind it. The <config> value affects all domains without a
<domain> local value.

Issue #2857
2018-06-29 10:44:59 +02:00
Martin Stein
e139c52262 nic_router: fix verbose_packets attribute
The default value of each <domain> is the <config> value. However, if
a <domain> local value is set, the <config> value doesn't affect this
value at all.

Fixes #2874
2018-06-29 10:44:58 +02:00
Martin Stein
0b8520a208 nic_router: act as ICMP Echo server
The ICMP-Echo-server functionality of the router has the following
configuration attributes (default values shown):

! <config icmp_echo_server="yes">
!    <domain icmp_echo_server="yes" ... />
! </config>

The icmp_echo_server attribute configures whether the router answers ICMP Echo
requests that address the router. The <config> value affects all domains
without a <domain> local value.

Issue #2874
2018-06-29 10:44:58 +02:00
Norman Feske
a9183da87b base: create-after-close session-request order
This patch ensures that session-create requests are handled after close
requests, which solves the corner case where one single-session server
receives a close and create request at the same time. E.g., when
expanding a partition with Sculpt, the gpt-write tool is removed and
part_blk is started (to execute resize2fs on top) in one step. Both
interact with the USB-block driver, which is a single-session server.

Fixes #2877
2018-06-29 10:44:58 +02:00
Alexander Boettcher
3148b67288 nova: use kernel branch r10
- Reordering and cleanup of commits to form a common branch shared by others
- Add right bit to deny portal usage for cross-core IPC
- avoid GP when switching on AMD SVM if disabled by UEFI/BIOS

Issue #2854
2018-06-29 10:44:58 +02:00
Martin Stein
055862c0eb nic_router: cancel remote ARP on new IP config
When a domain is updated to a new component config, the two criteria for
keeping an ARP waiting state of a remote domain are whether the remote
domain still exists and whether its IP config is still the same. This
means that a domain must also dissolve all of its remote ARP waiting
states if its IP config changes (without an update of the component
config). This wasn't the case until now.

Issue #2840
2018-06-29 10:44:58 +02:00
Martin Stein
9b619e95b2 nic_router: fix log when updating ARP waiters
Give the correct reason why an ARP waiter was dismissed.

Issue #2840
2018-06-29 10:44:58 +02:00
Emery Hemingway
fec223016f Sculpt: route input_filter chargen requests to config_fs_rom
The top-level Sculpt configuration is routing ROM requests for chargen
files from the input_filter to the parent, and this prevents new chargen
files to specified, for instance the German or Workman layout. Route ROM
requests with a combination of label_prefix and label_suffix patterns to
the config_fs_rom component, allowing the input_filter to be dynamically
reconfigurable.

Fix #2872
2018-06-29 10:44:57 +02:00
Emery Hemingway
745926d588 Convert pdf_view to a Nitpicker client
A native Nitpicker client uses less resources than a Framebuffer client
wrapped in a sub-init with nit_fb.

Fix #2871
2018-06-29 10:44:57 +02:00
Norman Feske
a9adc67421 os: improve robustness of init_loop test 2018-06-29 10:44:57 +02:00
Christian Prochaska
042ff27366 libc: remove VFS header dependency in 'component.h'
Fixes #2870
2018-06-29 10:44:57 +02:00
Christian Prochaska
38ae718509 usb_drv: wait for keyboard LED registry in 'led_connect()'
It can happen that a keyboard gets plugged in and 'led_connect()' is
called while the keyboard LED of another keyboard is just being updated
(and the registry is locked).

Fixes #2869
2018-06-29 10:44:56 +02:00
Emery Hemingway
96112ec66d test/fs_report: delay Report/ROM file removal
Ref #2839
2018-06-29 10:44:56 +02:00
Johannes Schlatow
4ae47c3f38 libc: add clock_getres (required by python 3) 2018-06-29 10:44:56 +02:00
Christian Helmuth
3161daacd7 platform_drv: use Expanding_reporter for pci report
If the number of PCI buses grows (seen with VMware player) the default
report size is exhausted quickly.
2018-06-29 10:44:56 +02:00
Christian Prochaska
6616b0efe7 pthread: improve stack attribute handling
- initialize the stack size attribute with `Libc::Component::stack_size()`
  as default value
- remove the possibly uninitialized `pthread` member from the attribute
  structure and obtain current attribute values in the
 `pthread_attr_get_np()` function, where the `pthread` object reference
  is given as argument
- let each thread obtain its stack address and actual stack size at thread
  start to have the information available for other threads

Fixes #2865
2018-06-29 10:44:56 +02:00
Christian Helmuth
b630bd8d6a dde_ipxe: enable flavor of I210 in apu2c4 boards
The apu2c4 boards have 3 i210 PCI devices (one for each LAN port). Other
apu2 boards use i211 device IDs according to https://www.pcengines.ch/apu2.htm
but could not be tested.

This commit also incorporates an upstream MAC address handling fix.
2018-06-29 10:44:55 +02:00
Josef Söntgen
cefd2e22fa dde_ipxe: support more flavors of I218V/I219LM
Fixes #2864.
2018-06-29 10:44:55 +02:00
Josef Söntgen
74dcc7a3d5 libc: use socket fs for DNS information
The libc will now use the file given by the 'nameserver_file' attribute
to get the DNS nameserver address instead of reading '/etc/resolv.conf'.
It defaults to '/socket/nameserver' which is the common location when
using the lxip VFS plugin. As a constraint the libc will read the first
line and expects the nameserver address without any keywords in front of
it.

Fixes #2861.
2018-06-29 10:44:55 +02:00
Emery Hemingway
a7a160eebc Package pdf_view to read from file-system
Merge the configuration from raw/pdf_view into the pkg/pdf_view runtime
file. Request a File_system session and load files from there, rather
than by ROM.

Ref #2859
2018-06-29 10:44:55 +02:00
Emery Hemingway
fb0a50c71c Pdf_view: load arbitrary *.pdf files, input improvements
The component is no longer loads from '/test.pdf', the first PDF file
found in the root directory of the file-system is loaded automatically.
The behavior cannot be overridden by configuration.

Feed MuPDF with characters from input events to MuPDF rather than
translate raw key codes to ASCII. This enables almost all MuPDF key
bindings without the need to maintain a lookup table. Mouse navigation
has been enabled as well. To print the key-bindings to log, press '?'.

Fix #2859
2018-06-29 10:44:55 +02:00
Emery Hemingway
9d8bf1373e Chroot: remove merge policies
The chroot server was conceived to automatically place File_system
sessions into segregated root directories by converting session labels
to paths. If multiple children needed to be grouped under the same path,
a 'merge' policy would truncate the session label before path conversion.
Now that init can rewrite session labels and thus reproduce truncation,
the chroot merge feature is redundant and can be removed.

Fix #2846
2018-06-29 10:44:54 +02:00
Emery Hemingway
98f1d83194 Automatic session quota upgrades for RM connections
Fix #2838
2018-06-29 10:44:54 +02:00
Emery Hemingway
366913c146 ram_fs: unmark modification from nodes that have been synced
Removed the modified mark from handles that have been written to when
they are synced, otherwise a notification would be sent again when the
handle is closed.

Ref #2839
2018-06-29 10:44:54 +02:00
Roman Iten
7e126f7fb6 run: use sgdisk instead of parted in image/uefi
Issue #2862
2018-06-29 10:44:54 +02:00
Roman Iten
4067cc7962 run: use sgdisk instead of parted in image/disk
Issue #2862
2018-06-29 10:44:54 +02:00
Martin Stein
90fcba79c6 nic_router: non-critical logs only when verbose
* Do not log events that are not critical (deadly) to the NIC router if not
  configured to be verbose,
* Print almost all log lines with a prefix of the domain name they are
  related to,
* And, do not use Genode::error and Genode::warning as they make it hard to
  read the log with the domain name prefixes.

Fixes #2840
2018-06-29 10:44:53 +02:00
Martin Stein
49a3a0e0d0 nic_router: multiple uplinks
Introduce the uplink tag:

! <config>
!    <uplink label="wifi"  domain="uplink">
!    <uplink label="wired" domain="wired_bridge">
!    <uplink               domain="wired_bridge">
! <config/>

For each uplink tag, the NIC router requests a NIC session with the
corresponding label or an empty label if there is no label attribute.
These NIC sessions get attached to the domain that is set in their
uplink tag as soon as the domain appears. This means their lifetime is
not bound to the domain. Uplink NIC sessions can be safely moved from
one domain to another without being closed by reconfiguring the
corresponding domain attribute.

Attention: This may render previously valid NIC router configurations
useless. A domain named "uplink" doesn't automatically request a NIC
session anymore. To fix these configurations, just add

! <uplink domain="uplink"/>

or

! <uplink label="[LABEL]" domain="uplink"/>

as direct subtag of the <config> tag.

Issue #2840
2018-06-29 10:44:53 +02:00
Martin Stein
d4f08b5a71 nic_router: get rid of the term "legacy"
The term was used for the old configuration during the handling of a new
configuration but in other places it was already called old_config.

Issue #2840
2018-06-29 10:40:14 +02:00
Martin Stein
ff7bc0ac6c nic_router: optimize handling of invalid domains
Dissolve and destroy the invalid domain first before deinitializing all
domains for the next round. This way, the deinitialization is not done twice
for the invalid domain.

Issue #2840
2018-06-29 10:40:14 +02:00
Martin Stein
27155a507f nic_router: fix DHCP-server deinitialization
Due to a bug in the deinitialization of the DHCP server of a domain (the
reference to the destroyed object was not cleared), the NIC router could
end up in a page fault caused by a double-free at the heap. This also fixes
the previously missing dissolving of the "DNS-server-from" relation to a
remote domain.

Issue #2840
2018-06-29 10:40:14 +02:00
Martin Stein
fc90c5f8f0 session_label: make typedef String public
Internally, Genode::Session_label has a typedef from String<capacity()> to
String. To have this typedef public is especially useful when reading a
label from an XML node. This can then be written as

! Session_label label = node.attribute_value("label", Session_label::String());

instead of

! Session_label label = node.attribute_value("label", String<160>());

which would be less generic (Session_label cannot be used directly as there
is no appropriate ascii_to implementation).

Issue #2840
2018-06-29 10:40:14 +02:00
Martin Stein
14357b0b44 nic_router_flood.run: test DoS against router
Currently has three clients that continuously create new UDP/TCP/ICMP
connections through the NIC router with NAT to the outer world and they
get never closed.  A fourth client does normal ping through the same
domain to the outer world that must succeed even after the RAM quota of
the other session at the router is exhausted. The test is restricted to
Qemu to not being at risk to flood real networks.

Issue #2857
2018-06-29 10:40:13 +02:00
Christian Helmuth
e3fd554026 qt5: fix file metadata when creating tar archives
This supports stable package hashes in all combinations of user, umask,
and creation time.

Related to #2842
2018-06-14 15:08:46 +02:00
Stefan Kalkowski
ebb7df8cbf init: set all child policies to eager destruction (INTERIM-TEST) 2018-06-14 11:49:16 +02:00
Stefan Kalkowski
dae9f9e164 foc: fix reply_and_wait ipc method
Currently, if the target of a reply capability gets destroyed, the
ipc syscall reply/wait returns with an error. Although we detect
the error condition we continue with reply/wait, which leads to
an endless loop. This commit introduces a condition analoque to
the base-library for pistachio and fiasco to do an open wait if an
error occured during a reply.
2018-06-14 11:48:54 +02:00
Norman Feske
30114e214b sculpt: update pkg versions in README 2018-06-14 11:47:52 +02:00
Norman Feske
ba326a7ec8 News item for Sculpt TC 2018-06-13 15:29:52 +02:00
Christian Helmuth
246bacd9da depot: update recipe hashes 2018-06-13 13:52:12 +02:00
Christian Helmuth
b178777c3e sculpt: prepare TC release
- version is 18.06
- update download_debian and qt5_textedit
2018-06-13 13:52:12 +02:00
Christian Helmuth
33f55d84eb Remove init from runtime for qt5_textedit pkg 2018-06-13 13:52:11 +02:00
Norman Feske
78d83ebda8 utf8.run: increase timeout, needed for sel4 2018-06-13 13:52:11 +02:00
Emery Hemingway
8f1eecdc29 fs_rom: read dataspace during session request
Fix #2863
2018-06-13 13:52:11 +02:00
Norman Feske
6491ba0589 init: avoid too eager child restart
This patch weakens the aggressive restart of a child with incomplete
environment sessions. The restart check is performed each time
the init configuration changes. In sculpt, this is not a rare special
case anymore but a frequent case when using the depot_rom as provider
for environment ROM sessions. In particular when starting a chain of
inter-depending children, the sculpt-manager quickly generates a
sequence of configurations with successively added start nodes.
2018-06-13 13:52:10 +02:00
Norman Feske
648539a513 init: don't report abandoned children
This is a fixup of "base: fix destruction of async env sessions".
2018-06-13 13:50:35 +02:00
Alexander Boettcher
ef482513c4 base: reset unfinished xml nodes in xml_generator
Fixes #2855
2018-06-13 13:50:35 +02:00
Alexander Boettcher
7243fe74e4 sculpt: use package with Tinycore Firefox 60.0.2 2018-06-12 12:11:51 +02:00
Norman Feske
d4c22654e1 init test: reduce RAM demand of app/dummy
The addition of the 'Cap_consumer' feature to app/dummy increased the
static RAM demand of the component to a point where 1 MiB no longer
suffices on sel4 (on this kernel, the base library uses a larger amount
of statically allocated data compared to the others). The tweaks enable
init.run and init_loop.run to work on sel4 on x86-64.
2018-06-12 12:11:51 +02:00