Commit Graph

4195 Commits

Author SHA1 Message Date
Emery Hemingway
6cb0f3bb71 VFS ram: remove quota
Fixes #1780
2015-11-29 18:17:05 +01:00
Christian Prochaska
25643fa00a init: fix uninitialized variables
Fixes #1753
2015-11-29 18:17:04 +01:00
Christian Helmuth
d46ad98434 clipboard: check validity of import rom before usage
The attached ROM dataspace may be not yet valid on the first update (or
at any time beyond this explicit test case).
2015-11-29 18:17:04 +01:00
Josef Söntgen
e13971fcf0 xml_generator: add attribute String<N> method
Make it possible to directly pass on a Genode::String<N> object instead
of using Genode::String<N>.string() by hand.

Fixes #1783.
2015-11-29 18:17:04 +01:00
Martin Stein
59d2a83f30 TZ VMM & USB Armory: Demo
* Provide paravirtualized block API for accessing the second partition
  of the block device that is provided by the ESDHC driver.

* Provide paravirtualized serial API for sending log-output over Genodes
  serial port.

* Use the latest Linux suggested in the USB Armory Wiki [1] when on USB Armory
  while still using the older vendor Linux when on i.MX53 QSB. I.e.,
  provide a device tree through RAM and a rootfs through the paravirtualized
  block device when on USB Armory while providing ATAGs and Initrd when on
  i.MX53 QSB.

* Switch on the LED on the USB Armory when the VMM catches a VM-exception
  and switch it off again when as soon as the exception is handled. This
  merely show-cases the ability to instrument the LED for such purposes. In an
  ideal world, the LED is switched on as long as we're on the "Secure Side"
  and switched off as long as we're not.

* For further information see repos/os/run/tz_vmm.run

[1] https://github.com/inversepath/usbarmory/wiki/Preparing-a-bootable-microSD-image

Fixes #1497
2015-11-29 18:17:04 +01:00
Martin Stein
bed04f1f16 hw & imx53: kernel Trustzone config for USB armory
On the USB Armory, we want to secure different devices than on other i.MX53
implementations. Thus, add a board specific configuration that is interpreted
by the kernel Trustzone initialization.

Ref #1497
2015-11-29 18:17:04 +01:00
Martin Stein
85ba3259f8 hw & imx53: IRQ injection via Vm::proceed
Enhance the VM state, that can be accessed by a VMM, by a member
'unsigned irq_injection'. In Kernel::Vm::proceed check, whether
irq_injection is set.  If so, check whether irq_injection is a
non-secure IRQ.  If so, let the PIC raise this IRQ in the VM and reset
irq_injection.

Ref #1497
2015-11-29 18:17:04 +01:00
Martin Stein
0b39b22e14 create_uboot: support for hw_usb_armory
The platform name 'hw_usb_armory' targets Genode scenarios with base-hw
as kernel and the Inversepath USB-Armory as target hardware.

Ref #1497
2015-11-29 18:17:03 +01:00
Martin Stein
640b73f5ec create_uboot: spare out first 1K of target medium
This enables installation of the bootloader image without wiping the
partition table which is needed at least for the tz_vmm tutorial with
hw_usb_armory.

Ref #1497
2015-11-29 18:17:03 +01:00
Martin Stein
8c22e5d535 sd_card & imx53: refactor and clean-up
Move ADMA2 stuff to extra header and unit. Move ESDHCv2 implementations to
extra unit. Use exceptions instead of error codes. Clean-up documentation.

Ref #1497
2015-11-29 18:17:03 +01:00
Martin Stein
9da422696b sd_card & imx53: set ADMA entry size more clean
Less heuristics.

Ref #1497
2015-11-29 18:17:03 +01:00
Martin Stein
a08358dce9 sd_card & imx53: fix multiblock write termination
The manual termination of multi-block writes via "Stop Transmission" commands
seems to leave the card in a busy state sometimes. This causes errors on
subsequent commands. Thus, we have to synchronize manually with the
card-internal state via "Send State" commands. Additionally, the method
for issuing the manual "Stop Transmission" commands was refined.

Ref #1497
2015-11-29 18:17:03 +01:00
Martin Stein
2b021ec54b sd_card & imx53: simplify IRQ handler
Less switch cases.

Ref #1497
2015-11-29 18:17:03 +01:00
Martin Stein
48e7d29686 sd_card & imx53: flush ADMA2 writes via DSB
We have to issue a data synchronization barrier after writing a ADMA2
table to ensure that the corresponding write commands were actually
executed before issuing the SD command.

Ref #1497
2015-11-29 18:17:03 +01:00
Martin Stein
bd7fe4160d sd_card & imx53: fix initialization problem on QSB
On i.MX53 QSB, a "Send Op Cond" command during the driver initialization
returns another response value than on the USB Armory. As the check for
this response seems to have no relevance for the driver functionality (Linux
reads the value from MMIO but I can't find a place in the source code where
it is used), we simply remove it.

Ref #1497
2015-11-29 18:17:02 +01:00
Martin Stein
d8e91908a2 sd_card & imx53: install IRQ signal handler
Previously, it was not necessary to acknowledge an IRQ initially before using
it. However, since the IRQ framework changed lately it is. Adapt to this.

Ref #1497
2015-11-29 18:17:02 +01:00
Alexander Boettcher
92cb9eb06d x86: support dynamic upgrades for platform driver
and, especially, for the device_pd. Account all resources per platform session
separately.

Fixes #1539
2015-11-29 18:17:02 +01:00
Alexander Boettcher
4c4e7c64d0 x86: start per platform session separate device_pd
Issue #1539
2015-11-27 12:18:54 +01:00
Alexander Boettcher
b902f42482 os: support reference ram cap for slaves
Issue #1539
2015-11-27 12:18:54 +01:00
Alexander Boettcher
e49a5ee19f base: make reference ram cap part of child policy
Issue #1539
2015-11-27 12:18:54 +01:00
Christian Helmuth
50dd0dda38 Notify report-rom client on signal-handler registration
Notify client initially to enforce a client-side ROM update. Otherwise,
a server-side ROM update between session creation and signal-handler
registration would go unnoticed.

Issue #1788
2015-11-27 12:18:54 +01:00
Norman Feske
4b9e1f1060 Window decorator that can be styled 2015-11-27 12:18:54 +01:00
Norman Feske
2dde77f62c gems: add Nitpicker_buffer and Dither_painter
The two utilities gems/nitpicker_buffer.h and gems/dither_painter.h were
formerly private to the menu_view component.
2015-11-27 12:18:54 +01:00
Norman Feske
c63bea825d decorator: fix warning 2015-11-27 12:18:54 +01:00
Norman Feske
f9d0e57b0e decorator: fix hover detection 2015-11-27 12:18:53 +01:00
Norman Feske
e4678a4dc1 decorator: do not defer stacking changes
This patch changes the decorator to always apply stacking-order changes
immediately instead of deferring the re-stacking of the nitpicker views
to the next call of 'update_nitpicker_views'. The deferred application
did not always work when more then one windows changed their stacking
position at once because the cached '_neighbor' values interfered with
each other.

The eager re-stacking should not have negative effects on the user
experience because, in contrast to re-positioning, re-stacking a rare
operation.
2015-11-27 12:18:53 +01:00
Norman Feske
c26d30dffc decorator: use server API 2015-11-27 12:18:53 +01:00
Norman Feske
acb0ddd9ef decorator: generalize include/decorator/window.h
This change makes it possible to reuse the generic window decorator
classes in include/decorator/ for decorators of a different structure.
E.g., instead of painting decorations on a single nitpicker session,
each window may paint its decorations into additional window-specific
nitpicker sessions.
2015-11-27 12:18:53 +01:00
Norman Feske
493386ed27 wm: prevent superfluous session upgrades
For each session upgrade performed by a wm client as part of the
Nitpicker::Connection::buffer function, the window manager wrongly
upgraded the wrapped nitpicker session twice: Once by handling the
Root::upgrade, and again by handling of the server-side 'buffer'
operation. Here, the 'buffer' operation was implemented by not merely
forwarding the RPC request to the wrapped nitpicker session but by
calling the 'buffer' method on the wrapped session's connection
object, which implictly issues session upgrades. Consequently,
the window manager would transfer twice the amount of the session
upgrades it received by its clients to nitpicker and eventually ran
out of memory.

The patch fixes the problem by eliminating the call of the
Nitpicker::Connection::buffer method and instead merely forward the RPC
requests to the wrapped nitpicker sessions.
2015-11-27 12:18:53 +01:00
Norman Feske
461776a29c wm: support multiple decorator sessions 2015-11-27 12:18:53 +01:00
Norman Feske
ed774253b6 demo: fix corner case in scout_gfx/icon_painter.h
The original version of the icon painter would reach beyong the
texture boundaries for textures of even width and height, and when
painting an icon with the width or height of the texture.

In this case, p3 would be set to the same value as p2. However, the code
expects p3 to lie within the middle rectangle. However, in this corner
case, the middle rectangle is actually empty. So no pixel can lie within
it. Hence, p3 is positioned by one pixel to the left outside the middle
rectangle, which violates the assumptions when calculating the clipping
and texture offsets. The patch fixes the problem by reducing the size of
the right column by one pixel. This ensures that exists always a
non-zero middle rectangle.
2015-11-27 12:18:53 +01:00
Norman Feske
6177424fa6 demo: make Lazy_value::dst() const 2015-11-27 12:18:53 +01:00
Norman Feske
0ab49dff3a nitpicker: reflect Handle_registry::Out_of_memory
In the event where a nitpicker session's quota was depleted by the
allocation of view handles, nitpicker would abort. The patch prevents
the abort by reflecting this condition as an Out_of_metadata exception
to the client. This way, the client can upgrade its session as needed.

The problem was triggered by running the decorator_stress test (changed
to generate 40 windows) with the themed_decorator.
2015-11-27 12:18:52 +01:00
Norman Feske
a1c0c99045 nitpicker: fix corner case in view stack operation
This patch addresses the corner case that the specified neighbor view
is the first view of the view stack. If this is the case when inserting
the view in front of the neighbor (behind == false), the target position
within the view stack must be a null pointer, not the first view.

Because the conditions have become rather complicated, both cases
of 'behind' are handled separately now.
2015-11-27 12:18:52 +01:00
Norman Feske
909c4c9ffc os: define storage type of rgb888 as 32-bit value
The original version used unsigned long as storage type, which wasted
memory on 64-bit machines.
2015-11-27 12:18:52 +01:00
Norman Feske
f655ac31f7 vbox: don't fault if NIC is unavailable
This patch prevents vbox from faulting in the (unexpected) case where
the VM has a network adaptor configured but the NIC session cannot be
opened.
2015-11-27 12:18:52 +01:00
Norman Feske
853378960c init: prevent division by zero
During the reconfiguration of init, the CPU-quota computation caused
init to produce a division-by-zero exception.
2015-11-27 12:18:52 +01:00
Christian Prochaska
a2bb96723a vbox: respond to zero-resized framebuffer 2015-11-27 12:18:52 +01:00
Norman Feske
331225dfcb Increase TRACE quota of trace subject reporter
This change is needed to accommodate the turmvilla scenario.
2015-11-27 12:18:52 +01:00
Norman Feske
23aac2954b rom_filter: respond to dynamic config updates 2015-11-27 12:18:51 +01:00
Josef Söntgen
3859e83a78 dde_bsd: requires pci
Prevent building the driver on linux.

Fixes #1785.
2015-11-27 12:18:51 +01:00
Alexander Boettcher
84dfb668d3 noux: handle rom_connection_failed gracefully
Fixes #1040
2015-11-27 12:18:51 +01:00
Christian Helmuth
638fdeb2f5 vbox: fix nitpicker config in win auto tests 2015-11-27 12:18:51 +01:00
Alexander Boettcher
2b6795df78 ps2: support verbose config parameter
Fixes #7
2015-11-27 12:18:51 +01:00
Sebastian Sumpf
0c3dfbad65 base-hw: use signal context list for pending signals
'block_for_signal' and 'pending_signal' now set pending flag in signal context
in order to determine pending signal. The context list is also used by the
'Signal_receiver' during destruction.

Fixes #1738
2015-11-27 12:18:50 +01:00
Alexander Boettcher
18d24eec7b add missing .so files to noux_tool_chain.inc
required by grep

Issue #1040
2015-11-18 12:22:09 +01:00
Alexander Boettcher
e9525f49fd noux: reflect -no memory- case during process setup
Instead of just red messages in the log and a hanging caller, the issuer
may respond to it - e.g. a noux bash shell will show an error and is
afterwards still usable.

Fixes #1778
2015-11-18 12:22:09 +01:00
Alexander Boettcher
c7df65e1da base: invalidate thread cap if task creation fails
Issue #1778
2015-11-18 12:22:09 +01:00
Alexander Boettcher
9ada3d3178 nova: sanity check parent pd assignments
Issue #1778
2015-11-18 12:22:09 +01:00
Alexander Boettcher
4b6b759739 nova: handle dissolve of not-activated entrypoints
Dissolve calls on not-yet-activated entrypoints will block forever in the
portal cleanup call without this commit.

Issue #1778
2015-11-18 12:22:08 +01:00