Commit Graph

6382 Commits

Author SHA1 Message Date
Norman Feske
f14cc2edab Replace use of ram_fs by VFS server
Issue #3734
2020-04-21 16:24:37 +02:00
Norman Feske
f0c4fc1e22 sandbox: defer requests for upcoming server
The sandbox library supports the forwarding of session requests from the
outside to one of the hosted children according to a policy. This patch
introduces the distinction between two cases, which previously triggered
the denial of the session request.

- There exists no matching policy for the requested session
- There exists a matching policy but the referred server child
  does not exist (yet)

Whereas the proper response to the first case is the denial of the
request, the second case can occur in situation where a dynamic init is
used to implement a staged startup, for example via the deploy
mechanism. In such cases, a policy may exist as a static rule while the
server has not been started yet. This patch changes the behavior such
that such requests are stalled.

The patch is accompanied with test cases for exercising both situations.

Fixes #3733
2020-04-21 14:52:29 +02:00
Alexander Boettcher
f891f4c963 vm_stress: change output message for ci scripts
so that it detect it correctly as not available instead of a failure on
normal work days

Issue #3683
2020-04-20 12:36:00 +02:00
Stefan Kalkowski
9f28f4f803 hw: avoid BASE_DIR relative path definitions
Fix #3728
2020-04-17 12:55:13 +02:00
Stefan Kalkowski
0e49336b96 Retire Exynos 5 support (fix #3725) 2020-04-17 12:53:57 +02:00
Stefan Kalkowski
941e918b46 vmm: unify armv7/v8 virtualization
Fix #3638
2020-04-17 12:52:02 +02:00
Stefan Kalkowski
74e75d7fbc hw: enable virtualization support for virt_qemu
Ref #3638
2020-04-17 12:51:53 +02:00
Stefan Kalkowski
58db6542f8 hw: check for security extension support in GICv2
Ref #3638
2020-04-17 12:51:44 +02:00
Tomasz Gajewski
fca2a05adf trace: extend test for log_output
Issue #3714
2020-04-17 12:48:17 +02:00
Tomasz Gajewski
4639978b3a trace_logger: avoid output of empty lines
It avoids output of empty lines in output buffer if traced messages end
with \n (what is common with messages logged from dde_linux).

Issue #3714
2020-04-17 12:48:13 +02:00
Tomasz Gajewski
870d348d77 trace: redirect logs to trace based on policy
If trace is enabled for component than an attempt to put message into
trace buffer is performed using log_output policy. If it succeeds than
message is not put to logs using log service.

Fixes #3714
2020-04-17 12:47:48 +02:00
Tomasz Gajewski
db8ec81e9f trace: log_output policy that redirects logs to trace
Issue #3714
2020-04-17 12:47:35 +02:00
Tomasz Gajewski
1d9a2dce94 trace: extend policy with log_output
Issue #3714
2020-04-17 12:47:19 +02:00
Roman Iten
12ea494477 vfs/File_content: fix end condition in for_each_line
Fixes #3729
2020-04-17 12:45:10 +02:00
Christian Helmuth
b60b591d06 depot: update recipe hashes 2020-04-17 12:40:13 +02:00
Christian Helmuth
9fbc68bda1 libports: icu library moved to GitHub 2020-04-17 12:40:13 +02:00
Norman Feske
132569d12b base-linux: socket descriptor caps for RPC
On Linux, Genode used to represent each RPC object by a socket
descriptor of the receiving thread (entrypoint) and a globally-unique
value that identifies the object. Because the latter was transferred as
plain message payload, clients had to be trusted to not forge the
values. For this reason, Linux could not be considered as a productive
Genode base platform but remained merely a development vehicle.

This patch changes the RPC mechanism such that each RPC object is
represented by a dedicated socket pair. Entrypoints wait on a set of
the local ends of the socket pairs of all RPC objects managed by the
respective entrypoint. The epoll kernel interface is used as the
underlying mechanism to wait for a set of socket descriptors at the
server side.

When delegating a capability, the remote end of the socket pair is
transferred to the recipient along with a plaintext copy of the
socket-descriptor value of the local end. The latter value serves as a
hint for re-identifiying a capability whenever it is delegated back to
its origin. Note that the client is not trusted to preserve this
information. The integrity of the hint value is protected by comparing
the inode values of incoming and already present capablities at the
originating site (whenever the capability is invoked or presented to the
owner of the RPC object).

The new mechanism effectively equips base-linux with Genode's capablity
model as described in the Chapter 3 of the Genode Foundations book.
That said, the sandboxing of components cannot be assumed at this point
because each component has still direct access to the Linux system-call
interface.

This patch is based on the extensive exploration work conducted by
Stefan Thoeni who strongly motivated the inclusion of this feature into
Genode.

Issue #3581
2020-04-17 12:40:13 +02:00
Alexander Boettcher
319d2be1af seoul: add vm_stress script version
Issue #3683
2020-04-17 12:40:13 +02:00
Alexander Boettcher
29911cf114 seoul: update contrib branch
- reactivate vga update, range was to small
- remove diagnostic messages
- add support to ignore machine check MSR MCG CAP

Issue #3683
2020-04-17 12:40:13 +02:00
Alexander Boettcher
8be72b0be1 vbox5: add testing VMs causing load
Issue #3683
2020-04-17 12:40:13 +02:00
Emery Hemingway
6359445a8e Add <exit propagate="…"/> to Init config schema
Fix #3724
2020-04-17 12:40:13 +02:00
Christian Helmuth
c783764d0b Region-map attach/detach stress depot_autopilot test
Issue #3715
2020-04-17 12:40:13 +02:00
Stefan Kalkowski
ff378a8c5b hw: cache maintainance on mapping removal too
Older ARM processors like ARMv6, or Cortex A8 need to write back changes
of the page-tables to physical ram because the MMU does not use the cache.
This naturally needs to be done not only when adding a mapping,
but on removal too.

Fix #3715
2020-04-17 12:40:13 +02:00
Norman Feske
03c3040a1d Remove stale documentation
The topics are either covered by the Genode Founations book for by our
tools, in particular the integration of the prepare_port mechanism with
the run tool.
2020-04-17 12:40:13 +02:00
Christian Helmuth
cc4e21e7a7 Fix some details in run scripts
- don't use 'qemu -serial mon:stdio' anymore as it no longer works as
  expected
- use "bash -l" with [terminal] to read user's profile configuration,
  e.g., PATH settings
- added missing boot modules and cap quotas
2020-04-17 12:40:13 +02:00
Norman Feske
6dfd268ef1 base/registry.h: remove misleading comment 2020-04-17 12:40:13 +02:00
Christian Helmuth
838c5ba7de ieee754: enable output check for ARM64
Issue #3723
2020-04-17 12:40:13 +02:00
Christian Helmuth
4ab990ad5b libc: provide C++ runtime symbols in ABI
This commit puts all C++ runtime/support symbols of ld.lib.so in a
dedicated section of base/lib/symbols/ld and mirrors the section to
libports/lib/symbols/libc. So, the libc ABI resolves potential C++
runtime dependencies of base-ABI-agnostic components at link time. The
runtime resolution is done by the linker by symbol lookup in ld.lib.so.

Issue #3720
2020-04-17 12:40:13 +02:00
Alexander Boettcher
13cd25e7b0 vfs/ram: avoid 2x mutex releases in guard
Issue #3612
2020-04-17 12:40:12 +02:00
Alexander Boettcher
2b41323fe6 test-* recipes: fix xmllint errors
config_0.xml.tmp:26: element config: Schemas validity error :
  Element 'config': Character content other than whitespace is
  not allowed because the content type is 'element-only'

Issue #3612
2020-04-17 12:40:12 +02:00
Norman Feske
7bf47b1982 base-linux: boost max open fds to the hard rlimit
This patch increases the default limit of the maximum number of open
file descriptors to the hard limit of the system. This is needed for
complex scenarios, which require more FDs than the default of 1024
at core.

Related to issue #3581

Fixes #3721
2020-04-17 12:40:12 +02:00
Alexander Boettcher
22d71d5a8b os: use Mutex/Blockade
Issue #3612
2020-04-17 12:40:12 +02:00
Alexander Boettcher
3956530634 base: use Mutex/Blockade
Issue #3612
2020-04-17 12:40:12 +02:00
Alexander Boettcher
e87d60ddf7 core: use Mutex/Blockade
Issue #3612
2020-04-17 12:40:12 +02:00
Norman Feske
85a1f91f59 Sanitize Framebuffer::Mode member access
Fixes #3719
2020-04-17 12:40:12 +02:00
Alexander Boettcher
dc90740549 nic_router: accept DHCP reply with missing option
The options are not always set, which throws exception. This leads to not
accepting the selected IP address.

Fixes #3716
2020-04-17 12:40:12 +02:00
Tomasz Gajewski
d111af922a trace documentation: fix reference to events definitions 2020-04-17 12:40:12 +02:00
Norman Feske
40c21b6d0f window layouter: restore screen tiling
This commit fixes a regression introduced by "window_layouter: add
dynamic screen handling", rendering the sub-division of screens in
columns and row unusable. The said commit removed a condition needed
for the correct window placement. This patch restores the condition.

Issues #3646
2020-04-17 12:40:12 +02:00
Norman Feske
4dd110ce5e Remove noux runtime
The feature set of noux is fully covered by the regular C runtime now.

Fixes #3696
2020-04-17 12:39:33 +02:00
Norman Feske
d6bdeed38f report_dump: replace noux by plain bash
This patch also introduces the use of the RTC for creating directory
names and increases the rate of snapshot creation from 10 seconds to
one minute to make sure that directories are named differently when
reading the RTC clock at granularity of minutes.

Issue #3696
2020-04-17 12:39:33 +02:00
Stefan Thöni
e8fb7ad470 report_rom: add package recipe 2020-04-17 12:39:33 +02:00
Stefan Thöni
5b68286e07 fs_report: add package recipe 2020-04-17 12:39:33 +02:00
Stefan Thöni
bb12d79ae9 vfs: add package recipe 2020-04-17 12:39:33 +02:00
Alexander Boettcher
d657b61f1b x86: support msi-x by platform driver
Fixes #3699
2020-04-17 12:39:33 +02:00
Norman Feske
42a77c531a sculpt: remove noux runtime from inspect view
Issue #3696
2020-04-17 12:39:32 +02:00
Norman Feske
5347278136 sculpt: perform prepare step without noux
Issue #3696
2020-04-17 12:39:32 +02:00
Norman Feske
ca5c25ac04 sculpt: replace log-noux instance by stdin2out
Issue #3696
2020-04-17 12:39:32 +02:00
Norman Feske
bb35b997b8 New stdin2out utility as replacement for tail -f
This little utility allows us to remove the noux instance for the log
view of Sculpt OS.

Issue #3696
2020-04-17 12:39:32 +02:00
Norman Feske
9c95e4bb4f sculpt: replace noux-based e2fsprogs by fs_utils
With this patch, Sculpt executes the e2fs file-system utilities
directly instead of hosting them within the noux runtime.

Issue #3696
2020-04-17 12:39:32 +02:00
Norman Feske
e63195a940 e2fsprogs: disable HAVE_GETMNTINFO
This patch avoids calls of '__sys_getstatfs' (indirectly via
'getmntinfo'), which does not return any meaningful values in Genode's
libc. Otherwise, the libc's dummy implementation prompts resize2fs to
back out.

Issue #3696
2020-04-17 12:39:32 +02:00
Norman Feske
0836293d1a libports: src/fs_utils depot archive
The depot archive contains the utilities of e2fsprogs that are needed
for Sculpt OS as standalone components.
2020-04-17 12:39:32 +02:00
Norman Feske
330672e030 libports: mke2fs and resize2fs as standalone apps
This patch makes the e2fsprogs 'mke2fs' and 'resize2fs' available as
standalone components that can be used by Sculpt OS directly without
a Unix emulation environment.
2020-04-17 12:39:32 +02:00
Josef Söntgen
150d143755 os: use Request_stream API in NVMe driver
As a result of the API change the memory handling could be simplified.
Since the Block session dataspace is now directly used for DMA, we
actually only have to provide the memory for setting up PRP lists for
large requests (for the moment more than 8 KiB of data).

As we limit the maximum data transfer length to 2 MiB, we get by with
just a page per request. Those memory is allocated beforehand for the
maximum number of I/O requests, which got bumbed to 512 entries. Since
not all NVMe controllers support such large a maximum data transfer
length and this many entries, especially older ones, the values are
capped according to the properties of the controller during
initialization. (The memory demands of the component are around 3 MiB
due to setting up for the common case, even if a particular controller
is only able to make use of less.)

(Although there are controllers whose maximum memory page size is more
than 4K, the driver is hardcoded to solely use 4K pages.)

In addition to those changes, the driver now supports the 'SYNC' and
'TRIM' operations of the Block session by using the NVMe 'FLUSH' and
'WRITE_ZEROS' commands.

Fixes #3702.
2020-04-17 12:39:32 +02:00
Christian Helmuth
e63c5e6c69 base: rework interplay of signal-proxy and entrypoint
The former scheme left open a race window between
_process_incoming_signals() and wait_and_dispatch_one_io_signal()
resulting in both threads calling block_for_signal() and blocking
forever with one unprocessed signal.

Fixes #3704
2020-04-17 12:39:32 +02:00
Christian Helmuth
69080014b0 depot_autopilot: test case for entrypoint
Test for entrypoint destruction and signalling.

Issue #3704
2020-04-17 12:39:32 +02:00
Stefan Kalkowski
f051065582 Retire OMAP4 support
Fix #2850
2020-04-17 12:39:32 +02:00
Piotr Tworek
585c4b8c69 hw: Add support for Qemu virt arm platforms.
This patch adds support for booting base-hw kernel on qemu-arm virt
machines. The arm_virt machine has 2GB of RAM, 2 Cortex A15 cores and
uses GICv2 interrupt controller. The arm_64_virt machine also has 2GB of
RAM, but has 4 Cortex A53 cores and uses GICv3. Both machines use PSCI
to boot additional CPU cores.

Fixes #3673
2020-04-17 12:39:32 +02:00
Piotr Tworek
dad1de1865 hw: Add interface for making basic ARM PSCI calls.
So far this only exposes two functions allowing the code to turn on
additional CPUs. There is much more functionality defined by PSCI spec
but so far its not needed by Genode.

Fixes #3672
2020-04-17 12:39:32 +02:00
Pirmin Duss
6f1357c6f8 libc: add symbol used by protobuf
Issue #3692
2020-04-17 12:39:32 +02:00
Josef Söntgen
336228f357 os: handle SYNC packet in lx_fs
Call 'fsync(2)' on files and directories.

Fixes #3711.
2020-04-17 12:39:32 +02:00
Josef Söntgen
df553e9360 os: remove catch-all from FS VFS update mtime
Only 'alloc_packet' is supposed to throw an exception, which is already
caught. The 'submit_packet' call does not need further handling.

Issue #3713.
2020-04-17 12:39:32 +02:00
Josef Söntgen
ddc0caa605 os: remove error messages from FS VFS update mtime
The update modification timestamp is implemented as one-shot where
the caller is expected to try again if the first attempt failed (see
current libc implementation). So the message is misleading as further
attempts might succeed.

Issue #3713.
2020-04-17 12:39:32 +02:00
Christian Helmuth
0df358a550 nova: early message on successful boot
This patch fixes a regression with run/log_core introduced by

  2064ffd64b nova: support multidimensional affinity space

The run tool uses a log message 'run_boot_string' to detect successful
boot as well as to detect unexpected reboots. This message should never
be logged twice and, thus, should not be part of the core_log. The patch
mentioned above moved the former run_boot_string after the core_log
initialization.
2020-04-17 12:39:31 +02:00
Pirmin Duss
9da428dccf vfs_import: implement write loop for copy_file
This is required to allow import of large file.

Fixes #3655
2020-04-17 12:37:26 +02:00
Norman Feske
46fa8197a2 depot: update recipe hashes 2020-03-26 11:39:02 +01:00
Christian Helmuth
52d798ff40 init: support heartbeat in config.xsd 2020-03-26 11:39:02 +01:00
Stefan Kalkowski
256b2fa3e1 hw: cortex a9 diagnostic register fixup
This is a follow-up fix for commit 202333c881.
It checks for the diagnostic registers being already setup correctly.
Otherwise on platforms with secure firmware, like Pandaboard it will stuck.

Ref #3639
2020-03-26 11:39:02 +01:00
Norman Feske
d8bcaa4fa4 base-linux: disable ASLR for child processes
ASLR collides with the libc's fork mechanism on 32-bit. In particular,
the tool_chain_auto.run scenario would sporadically fail while mirroring
the parent's address space.

Fixes #3710
2020-03-26 11:39:02 +01:00
Emery Hemingway
7a5841b637 ahci: driver improve diagnostic messages for empty ports
Fix #3709
2020-03-26 11:39:02 +01:00
Emery Hemingway
45a74023a7 part_block: support for up to 128 sessions
Allow sessions for each of the 128 sessions supported by GPT.

Fix #3705
2020-03-26 11:38:59 +01:00
Alexander Boettcher
6f3f46c7ba top: support affinity space height up to 4
Issue #3635
2020-03-26 11:38:59 +01:00
Alexander Boettcher
2064ffd64b nova: support multidimensional affinity space
Fixes #3635
2020-03-26 11:38:59 +01:00
Norman Feske
685bd763f9 ldso: place dynamic allocations within linker area
This is needed to execute the tool-chain scenario on base-nova.
Otherwise, the fork mechanism stumbles upon a region conflict
between ldso allocations and the application heap.

Fixes #3706
2020-03-26 11:38:59 +01:00
Norman Feske
0f3ac4cb9f base-hw: let upgrade_cap_slab reflect Out_of_caps
This patch reflects the Out_of_caps exception from core to the client,
in addition to the already covered Out_of_ram exception. It thereby
eliminates a potential abort in core, which I observed with the
tool_chain_auto.run script:

  Kernel: RPC upgrade_cap_slab
  Error: Uncaught exception of type 'Genode::Quota_guard<Genode::Cap_quota>::Limit_exceeded'
  Warning: abort called - thread: entrypoint

In addition to propagating the exception, the patch add the client-side
exception-handling code to the base library.

Fixes #3703
2020-03-26 11:38:59 +01:00
Norman Feske
208294b0d3 Turn pkg/noux-system into pkg/system_shell
The new package does no longer require noux.

Issue #3696
2020-03-26 11:38:59 +01:00
Norman Feske
cf052996d3 Remove pkg/noux-build-x86
Use-case-specific Unix runtimes should better be realized via Goa now.

Issue #3696
2020-03-26 11:38:58 +01:00
Norman Feske
4961c84f12 Remove noux from vbox_share.inc
This snippet is used by the vbox5_win7_64_share.run script.

Issue #3696
2020-03-26 11:38:58 +01:00
Norman Feske
2f598e5680 Remove noux_uname.run script
This run script is outdated and not regularly tested. In fact, the
tested mechanism (obtaining values from a '.sysctl/' directory) is
nowhere to be found, neither in noux nor the libc. The test still
returns success as it merely checks for the completion of the sequence,
not the printed results. Hence, it is not worth preserving.

Issue #3696
2020-03-26 11:38:58 +01:00
Norman Feske
951f484fad Remove noux_gdb.run script
This interactive run script is not regularly tested nor used.

Issue #3696
2020-03-26 11:38:58 +01:00
Norman Feske
c086bba71a Remove noux_fs.run
The test exercised the mounting of an ext2 file system in the noux
runtime. This feature is nowadays routinely stressed by Sculpt OS.

Issue #3696
2020-03-26 11:38:57 +01:00
Norman Feske
5a02b5fd23 Remove noux_fork.run script
This run script is superseded by pkg/test-fork.

Issue #3696
2020-03-26 11:38:57 +01:00
Norman Feske
50a1e540a0 Remove noux_bash.run script
This run script is superseded by the bash.run script.

Issue #3696
2020-03-26 11:38:57 +01:00
Norman Feske
b8738dee90 Remove noux_terminal_fs.run script
This run script tested the terminal VFS plugin as a new feature of noux.
In the meantime, the plugin remains as the only way for the interaction
of command-line-based applications with the terminal session. Hence,
the mechanism is now stressed by many other scenarios.

Issue #3696
2020-03-26 11:38:57 +01:00
Norman Feske
a7e7eeec38 Remove noux from Vim example scenario
Issue #3696
2020-03-26 11:38:57 +01:00
Norman Feske
1d480e3329 Remove noux from tool-chain test
Issue #3696
2020-03-26 11:38:57 +01:00
Norman Feske
3b427824a7 ports/make: avoid aliasing with libc symbols
This patch prefixes a few symbols in the make binary that are offered by
both the libc and the make binary. The clash of symbol names produces
confusing runtime linkage otherwise. This becomes a problem during
fork/evecve.
2020-03-26 11:38:57 +01:00
Norman Feske
923c38f7cd libc: allocate errno of main thread statically
The thread-local errno instance for the main thread must not be
allocated on the application heap because it must survive 'execve'.

Fixes #3701
2020-03-26 11:38:57 +01:00
Norman Feske
ee6d38a770 libc: prune session labels of forked processes
This patch reduces the size of session labels for all services other
than LOG, keeping only the last element. This avoids exceeding the
maximum label length in the presence of deep fork hierarchies, e.g., for
running the tool chain.

Fixes #3700
2020-03-26 11:38:57 +01:00
Christian Helmuth
dd524b56fa libc: propagate socket config to child processes
Fixes #3698
2020-03-26 11:38:57 +01:00
Norman Feske
4fe4c9aa63 vfs/pipe: trigger I/O-progress handler on EOF
When the last writer closes the pipe, we must trigger the I/O progress
handler to deliver the final EOF to the client (READ_OK with out count
of 0).

Fixes #3697
2020-03-26 11:38:56 +01:00
Norman Feske
e3bc77c386 Remove noux from SSH exec terminal
This patch replaces the former Noux instance by a sub init that hosts
the combination of VFS + fs_rom + bash. If bash exits, the whole sub
init exits, which implicitly tears down the terminal session used by the
sub init. The latter is expected by the test sequence.

Issue #3696
2020-03-26 11:38:56 +01:00
Norman Feske
cacbad1bd8 Remove noux from ssh_terminal.run
Issue #3696
2020-03-26 11:38:56 +01:00
Norman Feske
cc8552f81e Remove noux_vfs_audit.run
This run script was merely a development vehicle.

Issue #3696
2020-03-26 11:38:56 +01:00
Norman Feske
34a60b56f6 Remove noux from fs_query.run
Issue #3696
2020-03-26 11:38:56 +01:00
Norman Feske
25f7fdcb40 Remove noux from vfs_import.run
Issue #3696
2020-03-26 11:38:56 +01:00
Norman Feske
b6d3063ada Remove noux and cpu_sampler_noux from autopilot
Issue #3696
2020-03-26 11:38:56 +01:00
Norman Feske
c2cf0ae8c6 os/vfs.h: fix possible nullptr dereference
Fixes #3694
2020-03-26 11:38:56 +01:00
Norman Feske
7f5186d489 vfs/tar: return inode numbers of null records
The tar vfs plugin returns an inode value of zero and a type directory
for null records, which wrongly triggers the file-system loop detection
of the find utility. This patch returns the node pointer as inode value
instead, which is a unique value.

Fixes #3695
2020-03-26 11:38:56 +01:00
Norman Feske
e67f389da1 Add fork test to depot autopilot 2020-03-26 11:38:56 +01:00
Norman Feske
4ebc164c11 Add execve test to depot autopilot 2020-03-26 11:38:56 +01:00
Martin Stein
886d0da57c ping_nic_router.run: test dhcp renew
Ref #3681
2020-03-26 11:38:56 +01:00
Norman Feske
2912096f6e vfs: distinguish NO_PERM from NO_ENTRY in unlink
This patch changes the 'Single_file_system' to return NO_PERM only if
the to-be-unlinked file corresponds to the single file. This way, a
<rom> co-mounted with a <ram> file-system does not stand in the way of
unlinking files from the <ram>. The concrete symptom occurred the
following scenario:

  <vfs>
    <dir name="home">
      <ram/>
      <rom name="..."/>
    </dir>
  </vfs>

The following sequence of commands wrongly resulted in "Operation not
permitted":

 $ mkdir -p /home/a/b/c
 $ rm -f /home/a/b/c/d

In this case, rm should not fail (unlink should return ENOENT)

Fixes #3690
2020-03-26 11:38:55 +01:00
Martin Stein
ba55409c86 nic_router: keep dyn IP when updating domain obj
When updating the domain object of interfaces that stay with the same domain
during a reconfiguration, until now, the normal "detach raw" function was used.
This caused the old domain object to discard a dynamic IP config as all
interfaces detached. This caused interfaces also to discard network links
established with the old configuration although it wasn't necessary. Thus, now
we use a dedicated "detach" in case that an interface actually stays with its
domain. This new "detach" doesn't decrease the interface counter of the domain,
so, it'll not discard its dynamic IP config. If, however, during a
reconfiguration, there's no interface calling this function (all interfaces
move to another or no domain), the dynamic IP config is still discarded as
expected.

Fixes #3686
2020-03-26 11:38:55 +01:00
Martin Stein
f3185de7f5 nic_stress: further reduce nr of rounds on sel4
Otherwise, the limit of caps in Capability_space_sel4 in the NIC router is
reached.

Fixes #3684
2020-03-26 11:38:55 +01:00
Martin Stein
c1b6000248 nic_router: don't call DHCP client on requests
Until now, the DHCP client was called also for DHCP requests when an interface
had a domain but yet no IP config. Now, an interface distinguishes between DHCP
requests and replies first and then accordingly calls the DHCP server or the
DHCP client if they're available. This also prevents that the DHCP client has
to handle packet headers other than that of DHCP.

Fixes #3681
2020-03-26 11:38:55 +01:00
Martin Stein
0a468a07a7 nic_router: fix lifetime of DHCP clients
Let the DHCP client be a constructible member of Interface that is constructed
only as long as the interface is attached to a domain with a dynamic IP config.
This prevents DHCP client timeouts from a period with dynamic IP config to
trigger after a reconfiguration to a static IP config. Furthermore, handle
DHCP-reply packets at an interface only when the DHCP client its constructed.
Otherwise drop such packets.

Ref #3681
2020-03-26 11:38:55 +01:00
Stefan Kalkowski
6d48b5484d hw: correct the ARM cache maintainance operations
This commit fixes the following issues regarding cache maintainance
under ARM:

* read out I-, and D-cache line size at runtime and use the correct one
* remove 'update_data_region' call from unprivileged syscalls
* rename 'update_instr_region' syscall to 'cache_coherent_region' to
  reflect what it doing, namely make I-, and D-cache coherent
* restrict 'cache_coherent_region' syscall to one page at a time
* lookup the region given in a 'cache_coherent_region' syscall in the
  page-table of the PD to prevent machine exceptions in the kernel
* only clean D-cache lines, do not invalidate them when pages where
  added on Cortex-A8 and ARMv6 (MMU sees phys. memory here)
* remove unused code relicts of cache maintainance

In addition it introduces per architecture memory clearance functions
used by core, when preparing new dataspaces. Thereby, it optimizes:

* on ARMv7 using per-word assignments
* on ARMv8 using cacheline zeroing
* on x86_64 using 'rept stosq' assembler instruction

Fix #3685
2020-03-26 11:38:55 +01:00
Stefan Kalkowski
3a862334fc depot_autopilot: re-enable test-fs_packet on rpi
Fixes #3249
2020-03-26 11:38:55 +01:00
Alexander Boettcher
cd1c0aace3 nova: remove specific stack area location
and use instead the generic one of base

Fixes #3654
2020-03-26 11:38:55 +01:00
Sebastian Sumpf
6e54cad44c usb_block: switch to Request_stream API
- remove old 'Driver' interface
- implement Request stream front end
- fix some namespacing

issue #3661
2020-03-26 11:38:55 +01:00
Josef Söntgen
a71ef16423 vfs: implement 'sync' in Block VFS plugin
Fixes #3659.
2020-03-26 11:38:55 +01:00
Sebastian Sumpf
2495a86aff block_tester: add 'sync' command to replay
issue #3636
2020-03-26 11:38:55 +01:00
Sebastian Sumpf
5225d12381 ahci: add sync operation support
- implemement 'flush cache ext' for ATA
- enable sync operation for request stream

issue #3636
2020-03-26 11:38:54 +01:00
Alexander Boettcher
e096202b1f hw/x86: use PAT for write combining support
Fixes #3623
2020-03-26 11:38:54 +01:00
Alexander Boettcher
44ace04b95 hw/x86: add cpuid register macro
Issue #3623
2020-03-26 11:38:54 +01:00
Alexander Boettcher
507a34b3d0 hw/x86: implement wrmsr in macro
Issue #3623
2020-03-26 11:38:54 +01:00
Christian Helmuth
677d9abd07 rtc: system_rtc pkg for PC and Linux
This depot package is the runtime for rtc_drv and system_rtc server with
coordinated update of system and hardware RTC via reports. It replaces
drivers_rtc which was never freestanding drivers package and, therefore,
has to be accompanied with a running platform_drv etc.

Fixes #3680
2020-03-26 11:38:54 +01:00
Christian Helmuth
e66726e931 rtc: use depot archives in test
Issue #3680
2020-03-26 11:38:54 +01:00
Christian Helmuth
cda778a94d rtc: recipe for linux_rtc_drv
Issue #3680
2020-03-26 11:38:54 +01:00
Sebastian Sumpf
a799a5f978 os: adjust tests to changed output of block client
issue #3671
2020-03-26 11:38:54 +01:00
Sebastian Sumpf
f5a6d85bc2 os: expand block_tester.run
- use two disks with two partitions each
- one disk uses MBR and one GPT
- connect one 'part_block' to each disk
- run 'block_tester' and 'test-block-client' connecting to one partiion
  on each disk
- x86 uses 'ahci_drv' as disk back-end, Linux 'lx_block'
- on autopilot enable for Qemu only

issue #3671
2020-03-26 11:38:54 +01:00
Christian Prochaska
8535688605 qt5: handle Genode signals as Qt signals in QPA plugin
Fixes #3688
2020-03-26 11:38:54 +01:00
Johannes Schlatow
aee5b59c51 Backport changeset 82268 from virtualbox
Fixes #3689
2020-03-26 11:38:54 +01:00
Norman Feske
e2b9308b11 lx_hybrid_errno.run: add missing parent services 2020-03-26 11:38:54 +01:00
Alexander Boettcher
97bbad5aea nova: avoid dying thread in platform.run
Avoids timely interference by dying thread.

Fixes #3670
2020-03-26 11:38:54 +01:00
Christian Helmuth
d452094f43 Only rewind next-free pointer in Bit_allocator
Formerly, _next was always updated to the last free'd allocation, which
left large gaps on alloc/free bursts. Now, we try keep allocation
density high from the start of the array and ensure that allocations
happen at the lowest available index in the bit array.

Fixes #3679
2020-03-26 11:38:53 +01:00
Piotr Tworek
139f390317 libc: Expose timespec_get symbol.
The function is exposed in libc headers provided by Genode, the code for
the function is being compiled and actually works, but the symbol is
missing from the symbols file resulting in linking failures. Add it to
the libc symbols file.

Fixes #3676
Fixes #3677
2020-03-26 11:38:53 +01:00
Emery Hemingway
9ee1045aad Remove SVN build dependency from libc port
Fixes #3678
2020-03-26 11:38:53 +01:00
Norman Feske
25c85fab18 sculpt: version 20.03
This patch increases the Sculpt version to avoid the risk of binary
compatibility clashes with index files published for the just-released
Sculpt 20.02 version.
2020-03-26 11:38:53 +01:00
Christian Helmuth
bf36d9eb48 depot: update recipe hashes 2020-03-09 16:02:56 +01:00
Norman Feske
9d24e906a8 text_area: fix interplay of shift with selection
Without this patch, the text area would mistakenly delete the characters
types after placing the cursor with the mouse as soon as shift is used
as modifier.
2020-03-09 15:41:29 +01:00
Norman Feske
44e4d1bd6c Update Sculpt documentation for version 20.02 2020-03-09 15:41:29 +01:00
Norman Feske
ab5770c492 sculpt: improve USB hotplug handling
- Don't reset sculpt partition on USB changes whenever ram fs is
  selected for use.

- Reconfigure runtime immediately when plugging USB devices.
  This prevents the usb-block driver and part_block from
  dangling in the graph. They disappear immediately now.
2020-03-09 15:36:21 +01:00
Norman Feske
a90eab8b9a menu_view: reduce frame transparency
This makes the dialog content better readable.
2020-03-09 15:36:21 +01:00
Norman Feske
e54e4dd532 sculpt: anchor popup position at '+' button
This patch restores the anchoring of the popup menu to the original
behavior, placing the popup to the right of the '+' button. The
anchoring got lost due to the recent structural changes of the GUI,
which affect the hover XML structure.
2020-03-09 15:36:21 +01:00
Sebastian Sumpf
c856ba2a49 ahci: report ports correctly
Only use one report for devices report, not one per device

fixes #3671
2020-03-09 15:36:21 +01:00
Christian Helmuth
5affd51250 depot: update recipe hashes 2020-02-28 08:59:43 +01:00
Norman Feske
fce9cd8c22 sculpt manager: use runtime state report max of 1M
With complex scenarios, supplementing the <report> node with the
attribute 'requested' or 'provides' can easily result in a report of
more than 64K.
2020-02-27 14:47:00 +01:00
Christian Prochaska
8faa916d93 gdb_monitor.run: increase RAM quota
Fixes #3667
2020-02-27 14:47:00 +01:00
Christian Helmuth
e52802162c libc: reimplement synchronization primitives
The new implementation relieves the main entrypoint from monitor jobs
for contended lock primitives and is based on custom applicant data
structures, per-lock resp. per-semaphore applicant lists, and a
libc-internal blockade with timeouts based on libc kernel primitives.
2020-02-27 14:47:00 +01:00
Josef Söntgen
f3ec246b67 base: remove diagnostic message in destructor
The LOG message in the Signal_handler_thread's destructor is just an
diagnostic leftover.

Fixes #3666.
2020-02-27 14:46:59 +01:00
Christian Prochaska
434c9ceb5d vbox5-nova: document possible 'Blocking_canceled' exception
Fixes #3664
2020-02-27 14:46:59 +01:00
Norman Feske
c3fb81d1a1 window_layouter: improve rules formatting
This is a follow-up patch for "window_layouter: add dynamic screen
handling".

Issue #3646
2020-02-27 14:46:59 +01:00
Norman Feske
c340f57207 Xml_node: skip leading whitespace in with_raw_node
This patch makes the 'with_raw_node' method more useful in situations
where content of an Xml_node is fed into an Xml_generator, i.e., the
rules report/rom mechanism of the window layouter.
2020-02-27 14:46:59 +01:00
Norman Feske
bbe1bf9c3a fs_query.run: increase timeout
This is apparently needed for base-foc on Qemu/x86.
2020-02-27 14:46:59 +01:00
Alexander Boettcher
accda1211b mutex: reinit Applicant state in Mutex::acquire()
The applicant_to_wake_up() member must be initialized to 0 to keep the
same semantic as before the change by

"base: add mutex as derivate of lock"

Issue #3662
2020-02-27 14:46:59 +01:00
Norman Feske
daee1f4cb8 timer/nova: prevent potential division by zero
This case triggered with the leitzentrale.run script on Qemu.
The frequency value must never initialized with zero.

Fixes #3663
2020-02-27 14:46:59 +01:00
Stefan Kalkowski
87cb10c558 sculpt_manager: accept uplink from "local" network
Be less rigid when checking for available network to support
setups where the uplink or depot repositories are provided by
another source than "wired" or "wifi" NIC services,
e.g., a virtual machine with pass-through network device.
2020-02-27 14:46:59 +01:00
Norman Feske
904651ada9 sculpt: version 20.02 2020-02-27 14:46:59 +01:00
Norman Feske
1d3ce93107 sculpt: leitzentrale user-interface redesign
Issue #3650
2020-02-27 14:46:59 +01:00
Sebastian Sumpf
103dcdeea8 vmm: ARMv8 virtio improvements
net:
* increase queue size to 1024 (more stable on Linux)
* use mac address from Nic session instead of random one
* handle data that is larger than rx descriptor correctly (copy less)
* clear descriptor header (12 bytes) on rx

generic:
* always use 'avail_idx' (tx and rx)
* added barriers when reading/writing queues (TMP)

Ref #3620
2020-02-27 14:46:59 +01:00
Sebastian Sumpf
f77531138a vmm: ARMv8 virtio for network and console
Simple console and network implementation of the Virtio protocol.

Fix #3620
2020-02-27 14:46:59 +01:00
Sebastian Sumpf
c8b3b060aa vmm: ARMv8 add 'local_address' to Ram_allocator
Ref #3620
2020-02-27 14:46:59 +01:00
Stefan Kalkowski
7780ee6a34 vmm: do not lock inside VMM
We do not use the VMM with several CPUs until now.
On the other hand there is a dead-lock due to the
generic timer calling the cpu handler function explicitly,
which already holds the lock. For the time-being remove the lock.

Ref #3620
2020-02-27 14:46:59 +01:00
Stefan Kalkowski
2e2625e952 vmm: check ring-buffer capacity in pl011 model
Ref #3620
2020-02-27 14:46:58 +01:00
Stefan Kalkowski
55c3eb7c14 vmm: fix GIC interrupt register bit shifts
Ref #3620
2020-02-27 14:46:58 +01:00
Stefan Thöni
a7a9855493 base: lay groundwork for base-linux caps change
Include the necessary hooks to introduce file descriptor
based capabilities in base linux.

Issue #3581
2020-02-27 14:46:58 +01:00
Norman Feske
5eaaee0dbe text_area: a simple text viewer / editor
The new text_area component is able to view and edit files.
Internally, it employs a menu_view for the graphics output.

Only basic notepad-like text-editing functions are supported.

At the current time, it is solely meant as a companion of the Sculpt
manager.

Issue #3650
2020-02-27 14:46:58 +01:00
Norman Feske
b2bc718c1f fs_query: report 'writeable' attribute for files 2020-02-27 14:46:58 +01:00
Norman Feske
7118ad494c os/vfs.h: add Directory::Entry::rwx accessor 2020-02-27 14:46:58 +01:00
Norman Feske
582e0e718c menu_view: make texture handling more robust
This patch improves the robustness of menu_view when encounting missing
textures, which can happen during development when using styled buttons
and frames. With the patch, menu_view outputs diagnostic messages,
pinpointing the problem.

The patch also updates the texture handling to use the 'File_content'
utility and the VFS for obtaining PNG images.

Issue #3629
2020-02-27 14:46:58 +01:00
Norman Feske
1713583a19 menu_view: basic support for styling labels
This patch allows for the customization of the text color and alpha
value of the label widget by the means of a style-definition file.
The mechanism is exemplified with the new "invisible" label style
that sets the alpha value to zero.

Issue #3629
2020-02-27 14:46:57 +01:00
Norman Feske
38aef49428 menu_view: invisible button style 2020-02-27 14:46:57 +01:00
Alexander Boettcher
a9caf3fbe4 base: avoid wrong warning by Mutex::acquire
A _owner is only valid if lock is actually locked.

Issue #3612
2020-02-27 14:46:57 +01:00
Josef Söntgen
c53be5a3fb os: omit size check on payloadless Block packets
The check is already performed in 'packet_valid' where the conditions
for payloadless packets are already considered.

Fixes #3660.
2020-02-27 14:46:57 +01:00
Josef Söntgen
6addd6cf1e os: fix Node_rwx::rwx
Fixes #3658.
2020-02-27 14:46:57 +01:00
Sebastian Sumpf
3995d2f4a2 part_block: switch to Request_stream and Job APIs
- use Job API as block connection back end
- use Request_stream API as front end
- use Mmio framework for gpt and mbr parsing
- implement sync correctly

fixes #3652
2020-02-27 14:46:57 +01:00
Sebastian Sumpf
b95dc611d6 gmp: use architecture specific 'config.h'
Generated a separate 'config.h' for arm, arm_64, x86_32, x86_64 for the
current version (6.1.2) of GMP. This became necessary because
configurations differ for each architecture.

'config.h' generaton on x86_64 host in'gmp-6.1.2' directory:

for x86_64 (native):
! configure

for x86_32:
! configure --host=x86-pc-linux-gnu --build=x86_64-pc-linux-gnu

for arm:
! configure --host=arm-linux-gnu --build=x86_64-pc-linux-gnu \
!  CC=/usr/local/gcc-linaro-arm/bin/arm-linux-gnueabi-gcc ABI=32

for arm_v8:
! configure --host=aarch64-linux-gnu --build=x86_64-pc-linux-gnu \
!  CC=/usr/local/gcc-linaro/bin/aarch64-linux-gnu-gcc ABI=64

issue #3598
2020-02-27 14:46:57 +01:00
Christian Helmuth
4cccf74664 depot: update recipe hashes 2020-02-20 12:11:23 +01:00
Stefan Kalkowski
8cc48d5688 hw: be more accurate in synchronizing ASID/Pages
Fix #3651
2020-02-20 12:11:23 +01:00
Stefan Kalkowski
b76bd57ed1 window_layouter: add dynamic screen handling
This commit adds dynamic switching in between different defined
screens via keyboard shortcuts, or by editing the rules file.
In the window_layouter package it defines per default ten screens,
reachable by pressing the screen key along with numbers 0-9.

Fix #3646
2020-02-20 12:11:23 +01:00
Alexander Boettcher
2afc218767 test/registry: measure time used for iteration
Issue #3612
2020-02-20 12:11:22 +01:00
Alexander Boettcher
5bbaa30655 base: use mutex in registry
Issue #3612
2020-02-20 12:11:22 +01:00
Alexander Boettcher
5440cd4b50 base: use blockade in thread
Issue #3612
2020-02-20 12:11:22 +01:00
Alexander Boettcher
e686ff78e9 base: add blockade as derivate of lock
Issue #3612
2020-02-20 12:11:22 +01:00
Alexander Boettcher
2bd77722c7 base: use mutex in heap
Issue #3612
2020-02-20 12:11:22 +01:00
Alexander Boettcher
00f69bc70d base: add mutex as derivate of lock
The mutex class is more restrictive in usage compared to
Genode::Lock.

- At initialiation time it is ever unlocked.
- No thread is permitted to lock twice. Warn about it
  in case it happens.
- Only the lock onwer is permitted to unlock the mutex.
  Warn about it and don't unlock the mutex in case it happens.

Issue #3612
2020-02-20 12:11:22 +01:00
Stefan Kalkowski
d1609e771a pdf_view: fix typo in pkg runtime requires
Fix #3648
2020-02-20 12:11:22 +01:00
Norman Feske
89f813f113 os: add sandbox lib to api/os 2020-02-20 12:11:22 +01:00
Norman Feske
9b0fbf000e sandbox: support for local state-report handling
Fixes #3647
2020-02-20 12:11:22 +01:00
Stefan Kalkowski
725d16e18e hw: optimize ipc capability allocation
In preparation of ipc receive, by now a bunch of capabilities got
allocated to be ready iin case of capability receiption. After that
unuse slots were freed again. This overhead of senseless (de-)allocations
is replaced in this commit by just restock capability slots that got
used by the last receive.

Fix #3640
2020-02-20 12:11:22 +01:00
Martin Stein
e42a205a51 base-hw: Ada-compliant scheduler method signatures
Ref #3308
2020-02-20 12:11:22 +01:00
Martin Stein
0d5f185267 base-hw: no pointers in scheduler interface
Ref #3308
2020-02-20 12:11:22 +01:00
Martin Stein
c146a215fb base-hw: cpu scheduler without inheritance
Ref #3308
2020-02-20 12:11:21 +01:00
Martin Stein
eef7b5e168 base-hw: double list without inheritance
Ref #3308
2020-02-20 12:11:21 +01:00
Martin Stein
a753b6ce46 base-hw: fix run scripts
Ref #3308
2020-02-20 12:11:21 +01:00
Martin Stein
793e12f8f3 base-hw: no error return codes in signaling
Error return codes are used with non-const functions in the signaling modules.
This would have been impractical for the in-place translation of the module to
Ada in the context of the Spunky project. Besides, it is easy to get rid of
them and it makes the execution flow more clear.

Ref #3308
2020-02-20 12:11:21 +01:00
Martin Stein
751e6430fa base-hw: obsolete Kernel::Thread::_signal_receiver
Ref #3308
2020-02-20 12:11:21 +01:00
Martin Stein
9eb20c2be7 base-hw: no pointer arguments in signaling
Besides reducing the use of pointers in base-hw, this prepares for the in-place
translation of the signaling module to Ada in the context of the Spunky
project.

Ref #3308
2020-02-20 12:11:21 +01:00
Martin Stein
5e460394d2 base-hw: do not inherit Kernel::Object
This prevents the use of Kernel::Object as base class for the specific kernel
objects and instead makes it a member of the kernel objects. Besides
simplifying inheritance hierarchies in base-hw, this prepares for the in-place
translation of the signaling module (and others) to Ada in the context of the
Spunky project.

Ref #3308
2020-02-20 12:11:21 +01:00
Martin Stein
88043e144a base-hw: no virtual functions in signaling
Besides simplifying the execution flow in the signaling module, this prepares
for the in-place translation of the signaling module to Ada in the context of
the Spunky project.

Ref #3308
2020-02-20 12:11:21 +01:00
Martin Stein
3cc7774fe4 base-hw: Ada/SPARK-friendly Ipc_node interface
This prevents the use of C++ features in the public method interface of the
synchronous-IPC module that would be impractical for the in-place
translation of the module into Ada in the context of the Spunky project.

* Get rid of thread accessor.
* Get rid of non-const functions with return values.
* Get rid of pointer return-values.

Ref #3308
2020-02-20 12:11:21 +01:00
Martin Stein
a04243aaf4 base-hw: remove unused Ipc_node accessor methods
Ref #3308
2020-02-20 12:11:21 +01:00
Martin Stein
5a95183c3e base-hw: avoid that Ipc_node inherits
Besides simplifying inheritance hierarchies in base-hw, this prepares for the
in-place translation of the synchronous-IPC module to Ada in the context of the
Spunky project.

Ref #3308
2020-02-20 12:11:21 +01:00
Martin Stein
6a5aa18a7b base-hw: no PD code / virt methods in Ipc_node
This is a simplication of the asyncronous-IPC module of the base-hw kernel.
Besides structuring the code in a cleaner way, it prepares for the in-place
translation of the module into Ada in the context of the Spunky project.

* Get rid of virtual methods in Ipc_node.
* Move all stuff related to protection domains, capabilities, and UTCBs to
  the Thread class. this code might later be moved to a dedicated module, but
  for now it's just fine to have it done by the thread module.

Ref #3308
2020-02-20 12:11:21 +01:00
Christian Prochaska
4b3c40f35b test-tcp_bulk: increase resources
Fixes #3645
2020-02-20 12:11:21 +01:00
Stefan Kalkowski
79fba6c2ac core: add kernel-specific UTCB quota bookkeeping
Fix #859
2020-02-20 12:11:21 +01:00
Tomasz Gajewski
4f217b19a9 hw: add CPU wake up code for rpi3
Moved code waking up processors for Cortex A53 before changing privilege
level because sending events to higher privilege levels is not allowed.

Fixed enable_mmu for Cortex A53 to properly return cpu id.

Fixed starting code for secondary cores to properly initialize stacks.

Added code to wake up secondary cores on rpi3.

Ref #3573
2020-02-20 12:08:17 +01:00
Stefan Kalkowski
202333c881 hw: cortex a9 diagnostic register initialization
We cannot count on the correct initialization of the diagnostic register
of the secondary cores. But the boot core gets initialized by the bootchain,
so we can copy over those values.

Fix #3639
2020-02-20 12:08:17 +01:00
Christian Prochaska
2ce0395fd8 arora.run: fix 'focus' route
Fixes #3637
2020-02-20 12:08:17 +01:00