A userland component that ports the Linux WireGuard kernel module (originally
from kernel version 5.14.21) and integrates it via a NIC session (public
network side) and an Uplink session (private network side). The
WireGuard-specific device configuration is done through the component
configuration. The port is done using lx_emul, lx_kit and the virt_linux
targets. The commit adds also 4 corresponding run scripts of which 3 are fully
automated of which 1 is added to the autopilot.
:Warning:
Although in principal functioning, the WireGuard port has not been exposed to a
sufficient amount of real-world testing, so far. Therefore, we strongly
recommend not to use it in any security-critical scenarios! There is no
guarantee that the port meets any of the security goals pursued by the
WireGuard protocol or other WireGuard implementations!
Ref #4397
The implementation was copied from the already existing LX-emul implementation
for x86 but the commit additionally page-aligns the array that serves as
backing store for the zero page as we assume this to be expected by the contrib
code. However, this commit doesn't apply the alignment also to the x86
implementation as we agreed, that this should be done in a separate commit.
Ref #4397
* Adds methods for copying raw data to the data field of Ethernet frames and
UDP packets. This is used in the port to wrap the higher-layer packet data
prepared by the contrib code with the additionally required headers before
sending it at a network session.
* Adds a method to cast raw data to an IPv4 packet. This is required in the
port in order to check values in stand-alone IP packets produced by the
contrib code before sending them at a network session.
* Adds methods for setting UDP ports given big endian port values without
having to convert to little endian in the app and then back to big endian in
the net lib.
Ref #4397
The driver did not allow for setting module parameters and so far
no one complained. Remove the option to prevent the misleading of
users.
Issue #4506.
Since Linux does not use the arch-independent spinlock structs for ARM,
we must use different members when accessing the lock value.
genodelabs/genode#4499
to work again. The drivers interactive package does not provide a Platform
service anymore, so remove the audio driver. A lot more mesa related libraries
are required now.
This commit de-duplicates the redundant dummy implementations and
to some degree also the 'lx_emul.c' implementations while also
decluttering the various 'dep.list' files.
The code is moved into 'src/lib/pc/lx_emul' where it becomes part
of the 'pc_lx_emul' library.
Fixes#4500.
Instead of each driver providing its own header file use a central
header as the initcall order header should cover _all_ provided
initcalls resulting from the used 'pc_linux' kernel config.
Note that the 'pc_linux' configuration was extended with the
'USB_USBNET' option because the module's initcall is needed for the
Genode C API for USB glue-code and the 'PACKET' option needed by
the wireless lan driver.
The lack of theses options was not noticed as each driver used its
own initcall header so far that stemmed from the initial porting
effort.
Issue #4500.
* Some fixups for the README
* Make config ROM const when used for the session policies
* Turn Reporter into Expanding_reporter
* Always first register ROM signal handler before parsing it the first time
Outsource parts of the Main object into a common compound object,
common parts of the Makefile description and depot source package.
Fixgenodelabs/genode#4503
* Parse PCI specific information from devices ROM
* Enable DMA, I/O memory and I/O port access dependent on BARs in config space
* Introduce device PD for Nova + IOMMU support
* Enable MSIs if available
* Add PCI specific policy rules
Fixesgenodelabs/genode#4502
Instead of returning an invalid device capability when a device
is (not yet) available, e.g. a PCI device is requested before the
PCI bus got parsed accordingly, we check the device capability
within the Platform::Connection utilities, and register temporarily
an Io_signal_handler to wait for changes of the devices ROM, and
try the device aquisition again. Thereby, simple drivers so not have
to take the burden to do so.
To enable this feature for all drivers, we always have to export a
devices ROM, but limit the information about physical resources
(I/O memory addresses, IRQ numbers, I/O port ranges) to clients with
'info=yes' in their policy description.
Fixgenodelabs/genode#4496
By adding a 'report' node to the platform driver's configuration
one can enable either devices or config reports. The devices
report contains all devices and their detailed state, as well as
whether it is already in use or not. The config report contains
one by one the current configuration of the platform driver.
Moreover, this commit adds a README file describing the facilities
of the platform driver.
Fixgenodelabs/genode#4386
If PCI devices happen to miss complete configuration after boot, the
platform driver supports <pci-fixup> nodes for concrete devices
(specified by bus-device-functions tuples). The
<bar> node instructs the platform driver to remap BAR id 0 to address
0x4017002000, which amends the BIOS configuration and is stringently
required for BARs with address 0.
! <pci-fixup bus="0" device="0x15" function="3">
! <bar id="0" address="0x4017002000"/>
! </pci-fixup>
The issue was discovered with Intel LPSS devices in Fujitsu notebooks.
Fixes#4501
This patch changes the libc to query the stack size from the
config attribute <libc> <stack size=""/> </libc> for regular
components, not only cloned processes.
To discharge the generic platform driver from certain PCI bus scanning,
and ACPI + kernel specifics, this commit introduces a new component,
which consumes the acpi drivers report and the platform_info from core
to prepare a devices ROM for the platform driver that contains all
PCI devices and its resources.
Fixgenodelabs/genode#4495
USB Attached SCSI devices might expose a bulk-only interface
as fall-back at interface 0 and alternate setting 0. This commit
allows for probing all alternate settings of the active interface
to be able to use such devices.
The configuration was extended so that in case the device interface
is known beforehand the driver can be configured accordingly.
Fixes#4494.
Deploying an overly large meta-pkg in Sculpt leads to an
'Xml_generator::Buffer_exceeded' exception. Using the expanding
reporter solves this problem.
Fixes#4493.
In case we are instructed to reauthenticate and were already
authenticated we ignore the request in the management layer
and let 'wpa_supplicant' deal with that.
Fixes#4488.
The vanilla NOVA kernel solely supports tracking and exporting of execution
times per SC kernel object, but not per thread (EC object). The commit extends
to track execution times per EC in the NOVA kernel, exporting it to Genode's
'core' roottask and populating Genode's Trace::Subject_info structure.
Fixes#4481
Remove handling of ACPI (SCI) interrupt from kernel and thereby let the
handling of the ACPI irq exclusively to an Genode driver. On Genode the ACPICA
library+app handles the ACPI irq, where we can now remove the contrib patches
related to the synchronization between NOVA kernel and ACPICA library.
Fixes#4479
When using the framebuffer driver on this machine the
'cpu_latency_qos_request_active' dummy is triggered. Removing the
trace-and-stop call makes the driver usable.
In addition, 'cpu_latency_qos_remove_request' is changed as well
although it is guarded by 'cpu_latency_qos_request_active'.
Fixes#4489.
This patch fixes rare freezes of menu view instances, which could happen boot
time whenever the leitzentale GUI happens to get initialized before the display
driver finished setting up a reasonable mode. In this case, the resolution-
dependent font size can temporarily get almost zero, tripping up the glyph
renderer.
Since the driver relies on all requests being Nvme::MPS_LOG2 aligned
as advertised in its Block::Info the added check will reject any
misaligned requests (using 'gpt_write' led to an IOMMU write fault).
Issue #4486.
2560x1440 resolutions require more RAM resources. Additionally, make
sure that the decorator 'init' receives enough CAPs to service the
decorator configuration.
fixes#4485
* Claim and release USB interfaces
* Collect URBs in flight in anchor list
* When releasing interfaces, wait until all
anchored URBs finally got killed successfully
Fixgenodelabs/genode#4483
In rare cases it is necessary to execute Linux contributed code
until certain work is finished, e.g. when in a synchronous RPC call,
a session construction or destruction a result is needed. Therefore,
we introduce a new lx_emul function called lx_emul_execute_kernel_until.
Ref genodelabs/genode#4483
To signal that a device gets used and released by a session
introduce claim, release, and release all callbacks in the
USB interface of the C-API.
Ref genodelabs/genode#4483
In case multiple devices shared the same memory-mapped I/O page
we have to take the offset into account. This commit fixes the
'pc_usb_host_drv' on the Thinkpad X201 where the two EHCI host
controller share the some I/O memory page.
Fixes#4477.
With the new usb driver #4399 and usage of the updated dde_linux lx_eml/lx_kit
approach a much higher rate of IRQ session construction/destruction and signal
handler assignment (irq->sigh) are caused. This trickles down to the kernel,
which causes an hang of the AMD IOMMUs due to not setting reserved bits
adequately. The commit fixes the root cause in the kernel and add a guard
into core's to limit such driver behaviour.
Fixes#4482
The file listed only enabled="false" in the audio adapter tag. However,
setting only this option to true isn't sufficient for guest audio to work.
One has to set also enabledIn respectively enabledOut in the same tag. The
new default vbox6 file reflects this.
Fixes#4476
This patch fixes a potential data corruption issue that could occur when
issuing large I/O requests to vfs/rump, which don't fit into the default
block I/O buffer of 128 KiB. Note that we haven't observed the problem
in practice (Sculpt hosts vfs/rump in a dedicated vfs server, which
fragments requests) but spotted the issue while reviewing the code. We
could trigger problem by explicitly changing the I/O buffer size to 32
KiB.
Issue #4474
This patch changes the meaning of the 'offset' parameter of the
'produce_write_content' and 'consume_read_result' hook functions.
The value used to reflect the absolute byte position but in practice,
a job-relative byte offset is desired.
Issue #4474
Before this commit, the block-request handler was implemented as
Io_signal_handler and, additionally, the USB driver called the
block-request handler on request completion directly on I/O level. This
is generally a bad idea because I/O handlers should avoid to have direct
global side effects. In contrast, application logic should be
implemented in way that it consumes atomic state changes after I/O
completed. Now USB I/O completion locally submits a signal to the
block-request Signal_handler.
This patch reduces the response time of supposedly stuck situations like
an unresponsive part_block component. First, it reduces the heartbeat
rate from 1 to 2 seconds to make it consistent with the frequency of
state reports. Second, it allows up to four skipped heartbeats until
regarding the situation as stuck. With those changes, the prolonged
initialization sequence of a USB ZIP drive succeeds with Sculpt.
The Uplink_test used to end in an uncaucht exception about a failed packet
allocation on several x86_32 platforms.
* Destruct and re-construct the corresponding TX packet allocator during a
link-down-up step in the Uplink test. Fixes the exceptions but results in a
never ending test.
* Decouple the link-down-up steps from the handling of packet stream signals
by simply triggering it with a local periodic timeout of 1 sec period.
This prevents that the Uplink_test never finishes because it destructs the
Uplink connection too often.
* The test finishes not before at least 3 link-down-up steps were executed.
* Replace the Allocator_avl's used for the TX packet allocators of the Nic
and Uplink Connection with the better suited Nic::Packet_allocator.
Ref #4419
The error message
"Command buffer creation failed" in intel_dsb.c repeatedly appears
during connector hotplug. Since the driver works also without this DMA offload
optimization, disable the functionality.
Issue #4450
The service is merely announced but trying to request a session always causes a
Service_denied exception. This helps in scenarios where the client is
won't open a session anyway but expects the service to be available. This is
considered a temporary solution.
Ref #4419
This patch handles the corner case of switching virtual desktops while
child views are visible. Examples of such child views are tool tips,
pull-down menus, or the graph of the top-view utility. The switch to
another virtual desktop would implicitely turn the child views into
top-level views of the root nitpicker GUI server until switching back
to the original virtual desktop.
The patch implements the expected behavior of hiding all child views
that belong to a disappearing top-level view.
As it stands, the implementation requires minimal reflection measures to
implement correct cleanup procedure. static_cast<> cannot be used as it
does not implement runtime type casting as dynamic_cast<> does.
This patch reverts the vfs-watch-handle creation whenever the subsequent
allocation of the VFS server's 'Watch' object fails. This can happen
when the session RAM or cap quota is depleted.
Fixes#4472
The issue came apparent with Windows Guests and USB passthrough of
smart-card readers. If the VM is powered off, PDMR3Term cleans up all
devices incl. (first) acpi and (later) devxhci. The latter used a
dangling reference to ACPI structs in a indirect call to
apicIsLogicalDest() from xhciR3Destruct().
VMMR3_INT_DECL(int) PDMR3Term(PVM pVM)
virtualbox6/src/VBox/VMM/VMMR3/PDM.cpp:817
"apic" (pDevIns->pReg->szName)
static void apicR3TermState(PVM pVM)
virtualbox6/src/VBox/VMM/VMMR3/APIC.cpp:1235
"qemu-xhci" (pDevIns->pReg->szName)
static DECLCALLBACK(int) xhciR3Destruct(PPDMDEVINS pDevIns)
repos/ports/src/virtualbox6/devxhci.cc:431
void usb_detach(USBPort *port)
<qemu-usb>/src/lib/qemu/hw/usb/core.c:70
static void xhci_port_notify(XHCIPort *port, uint32_t bits)
<qemu-usb>/src/lib/qemu/hw/usb/hcd-xhci.c:2592
static DECLCALLBACK(void) pciSetIrq(PPDMDEVINS pDevIns, PPDMPCIDEV pPciDev, int iIrq, int iLevel, uint32_t uTagSrc)
virtualbox6/src/VBox/Devices/Bus/DevPCI.cpp:398
static bool apicIsLogicalDest(PVMCPUCC pVCpu, uint32_t fDest)
virtualbox6/src/VBox/VMM/VMMAll/APICAll.cpp:797
The fix removes our Qemu library reset from xhciR3Destruct() and
registers xhciR3Reset() as PowerOff hook.
Thanks to Raphael for the thorough investigation.
The quota adjustments prevent the leitzentrale's decorator from running
out of RAM, and allow the nitpicker GUI server to preserve buffer
content during resize (reducing flickering artifacts) when using a
screen resolution up to 2560x1440.
This fixes the following warning when building the binary archive:
Library-description file vfs_capture.mk is missing
Library-description file vfs_tap.mk is missing
'Platform::Device_pd::attach_dma_mem' may lead to insufficient resources
for meta data, which is reflected to the client via 'Out_of_caps' or
'Out_of_ram'. In case the client upgrades its session the quotas need to
be passed to core as done by
'Platform::Device_pd::Expanding_region_map_client::attach'.
issue #4451
Use 'avail_caps' and 'avail_ram' for resource guards because 'used_caps'
and 'used_ram' do not account for resources given to the platform
driver. This lead to incorrect resource accounting by the GPU
multiplexer.
issue #4451
The calculations of packet_size and packet_count in the block_io() did
not consider rounding errors. This resulted in diverging values over
several bisecting operations (/= 2) and wrongly-size packet allocations
as well as memcpy operations.
Related to #2263 (comments about partial block accesses and
_block_io()).
Fixes#4471
The NIC router used to handle each type of packet-stream signal with a distinct
method in the Interface class. However, merging those methods has advantages.
It ensures that sent packets that were already acknowledged by the counter side
are always released before handling received packets. This frees packet stream
memory which facilitates the potential allocation of response packets while
handling received packets. Furthermore, it simplifies the code and reduces the
number of entry points into the router.
This commit also removes the installation of signal handlers at packet streams
for events that are of no interest for the router (TX-ready-to-ack /
RX-ready-to-submit at NIC sessions and RX-ready-to-ack / TX-ready-to-submit at
Uplink sessions).
Fixes#4470
The driver falls in line with the previous 'legacy_wifi_drv' component
where the ported wireless LAN stack and device driver is encapsulated
in a library. This library in return is used by the 'Libc::Component'
providing the necessary environment for the 'wpa_supplicant'.
In constrast to the old driver a 'wifi' VFS plugin is in charge of
initalizing the 'Lx_kit::Env' prior to executing any static
constructors.
Fixes#4455.
Move 'linux-firmware' portion from 'dde_linux' into its own port,
while it is used by the upcoming new WLAN driver keep it in place
for the legacy one.
Issue #4455.
Various libraries, like libnl and wpa_driver_nl80211, used hardcoded
values for the interface index (ifindex) and name (ifname).
To accomdate the legacy as well as the upcoming new driver we add
functions to query these information where at least the index differs.
Issue #4455.
The location of the used 'source.list' file is hard-coded and will not
work when the ported driver is implemented as a shared library. For
this use-case provide means to set the location differently.
Issue #4455.
In case where the ported driver or protocol stack is executed from
an already managed environment, e.g. the libc, the execution
of the static constructors will be performed at the appropriate
time.
Issue #4455.
Whenever the nic_router encounters ARP requests on an interface
that does not have a valid IP config it will ignore them. However,
When increasing the verbosity of the component for diagnostic
purposes the resulting 'Bad network protocol' message is misleading.
Issue #4455.
* Test DHCP RENEW by the test client in the unmanaged variant.
* Add event IDs to log output of test client in order to prevent false positive
result in the managed variant.
* Let managed and unmanaged variant have separate string patterns for
'run_genode_until' because they already had different output and it will
differ even more as we don't want to test DHCP RENEW with the managed
variant.
* Delay first test client DHCP in order to fix unexpected sporadic initial IP
config.
* Remove some unnecessary code from the run script
Fixes#4460
The NIC router did update the IP config of a domain on a completed DHCP
REQUEST but not on completed DHCP RENEW or DHCP REBIND. Thus, it didn't adapt
to "real" DHCP servers (not NIC router servers) that got restarted with a
changed configuration by the means of RENEW/REBIND. The commit fixes this.
Note, that testing this is complicated as we don't have the necessary
infrastructure (we cannot simply use the DHCP server of the NIC router as this
would apply a link down/up sequence in order to let the client restart DHCP)
Ref #4460
After reverting unused ranges during allocator destruction
'_meta_data.free_empty_blocks' may lead to more unused ranges because
meta data blocks maybe freed where the meta data for the blocks is
managed by other meta data blocks. This leads to dangling allocation
warnings which are caused by meta data. Therefore, we call
'_revert_unused_ranges' and 'free_empty_blocks' until no more ranges
can be freed.
issue #4466
by using the io_mem RPC of the platform session instead of parsing the
bar resources manually. This commits avoids and breakage on systems where
the Intel graphic cards just uses 64bits with addresses above 4G.
Issue #4450
Compared to the bytewise memset, a wordwise memset (or even multi-word)
achieves a speedup of ~6.
On Zynq-7000/Cortex-A9:
317 MiB/s -> 2040 MiB/s
On base-linux x86_64:
3580 MiB/s -> 23700 MiB/s
genodelabs/genode#4456
Preloading a few cache lines ahead brings a significant speedup in
memcpy throughput. Note, the particular (optimal) value was empirically
determined on a Cortex-A9 (Zynq-7000) SoC @ 666Mhz. It is best combined
with L2 prefetching enabled (including double linefills and prefetch
offset 7). Yet, even without L2 prefetching this seems to be the sweet
spot.
genodelabs/genode#4456
The implementation is not in use any more. Furthermore, on typical ARM
cores such as the Cortex-A9, the cached read appears to be the
bottleneck rather than instruction density. On a Zynq-7000 SoC, the vfp
implementation performed significantly worse than the standard load/store
multiple implementation with preloading.
genodelabs/genode#4456
When executed on Linux, the test was impaired by the copy-on-write
optimisation since the source buffer was never initialised. By default,
Linux only maps a zeroed page until the first write access to the page
occurs. Since the source buffer was never written, the corresponding
page was always present in the physically-indexed data cache. In
consequence, the test merely measured write performance (similar to memset).
genodelabs/genode#4454
Send usb ctrl transfers with one second timeout as some devices (e.g.,
smartcard readers) do not response to certain control transfers.
Thanks to Peter for the investigation.
The i2c code has a busy loop (see commit for the location), which expects that
the jiffies advances without a cooperative scheduling decision.
Issue #4450
Our usb_host driver supports UHCI, OHCI, EHCI, and XHCI host
controllers. The USB4 host interface / Thunderbolt is currently not
supported and must therefore not be passed to the USB host driver.
If any PCI device reports 0 as interrupt PIN, drivers may try to force
MSI setup (e.g., xhci). So, we clamp the interrupt PIN to 1 to let
drivers finish initialization and don't bother the platform driver.
Encountered on the Fuji5 where for reasons currently unknown the
first xHCI HC (0:0d.0) could not be initialize due to incomplete
interupt informations. The other HCs appear to work fine (tested
with a USB low-speed mouse).
This commit removes all physical notions from the information given
to the Linux kernel regarding PCI BARs.
With the exception for the host bridge that needs to be located at
'0:00.0' as required by the Intel FB driver, all other devices are
announced at the PCI BUS in an ascending order.
Additionally the MMIO regions start at 1 GiB and are capped at 32 bit
to prevent unnecessary access to 64 bit addresses.
With this fix, the driver no longer aborts on the Tigerlake notebook and
just skips the out-of-region ACPI table. Issue #4452 is not fixed by
this commit, but in this specific case the table is not used anyway.
Upgrade to the well known worst cases by the GPU multiplexer. Do not
keep track of resources locally, in case resources are exceeded the
remain so anyway.
issue #4451
Check if there are a least 4 caps + 2MB (heap) + possible buffer size
available before any resource allocation. Only account resources that are
actually used.
issue #4451
The former implementation relied on the behaviour of how the old
intel fb driver requested the pci devices. The new lxkit however actually
really want to have all available pci devices.
Issue #4450
required by the upcoming update of the intel display driver. Make this addition
explicit, because it triggers adjustment also on the new pc_usb_host_drv.
Issue #4450
If size is zero, the platform goes out of service by:
[init -> platform_drv] Error: Uncaught exception of type 'Genode::Ram_allocator::Denied'
[init -> platform_drv] Warning: abort called - thread: e
Issue #4450
Also, the repository URL was adapted to the permanent redirect to github
to prevent the following warning.
dde_ipxe download http://git.ipxe.org/ipxe.git
dde_ipxe git Cloning into 'src/lib/dde_ipxe'...
dde_ipxe git warning: redirecting to https://github.com/ipxe/ipxe/
dde_ipxe update src/lib/dde_ipxe
This patch adds the trace-logger utility to the default set of packages
along with an optional launcher. With this change, only two steps are
needed to use Genode's tracing mechanism with Sculpt:
- Add 'trace_logger' to the 'launcher:' list of the .sculpt file
- Either manually select the 'trace_logger' from the '+' menu,
or add the following entry to the deploy configuration:
<start name="trace_logger"/>
By default, the trace logger is configured to trace all threads
executed in the runtime subsystem and to print a report every 10
seconds. This default policy can be refined in the launcher's <config>
node. Note that the trace logger does not respond to configuration
changes during runtime. Changes come into effect not before restarting
the component.
Issue #4448
This patch changes the output format of the trace logger to become
better suitable for human consumption. For example, when instrumenting
the VFS server in Sculpt using the GENODE_TRACE_TSC utility, the
trace logger now generates tabular output as follows.
Report 4
PD "init -> runtime -> arch_vbox6 -> vbox -> " ----------------
Thread "vCPU" at (0,0) total:12909024 recent:989229
Thread "vCPU" at (1,0) total:5643234 recent:786437
PD "init -> runtime -> ahci-0.fs" -----------------------------
Thread "ahci-0.fs" at (0,0) total:910497 recent:6335
Thread "ep" at (0,0) total:0 recent:0
71919692932: TSC process_packets: 8005M (4998 calls, last 4932K)
71921558516: TSC process_packets: 8006M (4999 calls, last 1596K)
71922760220: TSC process_packets: 8007M (5000 calls, last 1006K)
71929853586: TSC process_packets: 8009M (5001 calls, last 1840K)
71931315246: TSC process_packets: 8011M (5002 calls, last 1253K)
72127999920: TSC process_packets: 8016M (5003 calls, last 5606K)
72129568198: TSC process_packets: 8018M (5004 calls, last 1345K)
77161908178: TSC process_packets: 8029M (5005 calls, last 11349K)
77643225736: TSC process_packets: 8029M (5006 calls, last 217K)
89422100594: TSC process_packets: 8035M (5007 calls, last 5656K)
89422123632: TSC process_packets: 8035M (5008 calls, last 1342)
Thread "signal handler" at (0,0) total:36329 recent:3001
Thread "signal_proxy" at (0,0) total:51838 recent:13099
Thread "pdaemon" at (0,0) total:97184 recent:332
Thread "vdrain" at (0,0) total:1266 recent:286
Thread "vrele" at (0,0) total:1904 recent:516
PD "init -> runtime -> nic_drv" -------------------------------
Thread "nic_drv" at (0,0) total:34044 recent:897
Thread "signal handler" at (0,0) total:369 recent:142
...
Subjects that belong to the same PD are grouped together. The formerly
optional affinity and activity options have been removed. Those
information are now unconditionally displayed. The trace entries
belonging to a thread appear as slightly indented.
The patch also updates the coding style, avoiding excessively long
lines.
Issue #4448
This patch reduces repetitive log output by omitting inactive trace
subjects from the log output. The information about all subjects can
still be dumped by setting 'verbose="yes"'.
Issue #4448
This patch splits the creation and updating of monitor objects into two
stages. The creation of a monitor object changes the state of the
associated trace subject. The patch ensures that the new state is
captured by the update of the monitor object.
Issue #4448
