Commit Graph

6144 Commits

Author SHA1 Message Date
Martin Stein
5f65791962 nic_router: bad-protocol message only if verbose
This was an error output-line for each affected packet previously but it
is pretty normal for the router to receive packets whose network layer
protocol it doesn't know . In the default case, these packets shall be
ignored silently.

Ref #2490
2017-10-19 13:31:15 +02:00
Martin Stein
30a96706cb nic_router: dhcp server functionality
One can configure the NIC router to act as DHCP server at interfaces of a
domain by adding the <dhcp> tag to the configuration of the domain like
this:

<domain name="vbox" interface="10.0.1.1/24">
    <dhcp-server ip_first="10.0.1.80"
                 ip_last="10.0.1.100"
                 ip_lease_time_sec="3600"
                 dns_server="10.0.0.2"/>
    ...
</domain>

The attributes ip_first and ip_last define the available IPv4 address
range while ip_lease_time_sec defines the lifetime of an IPv4 address
assignment in seconds. The IPv4 address range must be in the subnet
defined by the interface attribute of the domain tag and must not cover
the IPv4 address in this attribute. The dns_server attribute gives the
IPv4 address of the DNS server that might also be in another subnet.
The lifetime of an offered assignment is the configured round trip time of
the router while the ip_lease_time_sec is applied only if the offer is
requested by the client in time.

The ports/run/virtualbox_nic_router.run script is an example of how to
use the new DHCP server functionality.

Ref #2490
2017-10-19 13:31:15 +02:00
Martin Stein
03144093b3 nic_router: do link garbage collect on each packet
Previously, garbage collect was only done when an incoming packet passed the
Ethernet checks. Now it is really done first when receiving a packet at an
interface.

Ref #2490
2017-10-19 13:29:45 +02:00
Martin Stein
215937ff0f nic_router: handle ARP requests for foreign IPs
If the router has no gateway attribute for a domain (means that the router
itself is the gateway), and it gets an ARP request for a foreign IP, it shall
answer with its own IP.

Ref #2490
2017-10-19 13:29:45 +02:00
Martin Stein
ee88d4d2d5 nic_router: use same packet log-format as nic_dump
Ref #2490
2017-10-19 13:29:45 +02:00
Martin Stein
e5b9a6cc8b nic_router: rework round-trip-time handling
Do not use two times the RTT for the lifetime of links but use it as
it is configured to simplify the usage of the router. Internally, use
Microseconds/Duration type instead of plain integers.

Ref #2490
2017-10-19 13:29:45 +02:00
Martin Stein
71bd9a1f10 nic_dump: configurable packet print
The nic_dump uses a wrapper for all supported protocols that
takes a packet and a verbosity configuration. The wrapper object can
than be used as argument for a Genode log function and prints the
packet's contents according to the given configuration. The
configuration is a distinct class to enable the reuse of one instance
for different packets.

There are currently 4 possible configurations for each protocol:
* NONE          (no output for this protocol)
* SHORT         (only the protocol name)
* COMPACT       (the most important information densely packed)
* COMPREHENSIVE (all header information of this protocol)

Ref #2490
2017-10-19 13:29:45 +02:00
Martin Stein
d63c40af3e dhcp: extend options utilities
Provide utilities for appending new options to an existing DHCP packet
and a utility for finding existing options that returns a typed option
object. Remove old version that return untyped options.

Ref #2490
2017-10-19 13:29:44 +02:00
Martin Stein
791fd9806f ipv4 address: conversion from and to integer
Ref #2490
2017-10-19 13:29:43 +02:00
Martin Stein
d0f5838c61 net: clean up header fields and accessors
Apply the style rule that an accessor is named similar to the the underlying
value. Provide read and write accessors for each mandatory header attribute.
Fix some incorrect structure in the headers like with the flags field
in Ipv4_packet.

Ref #2490
2017-10-19 13:29:43 +02:00
Martin Stein
7b55d4d5d9 ethernet: rework type for ethernet type value
Encapsulate the enum into a struct so that it is named
Ethernet_frame::Type::Enum, give it the correct storage type
uint16_t, and remove those values that are (AFAIK) not used by
now (genode, world).

Ref #2490
2017-10-19 13:29:43 +02:00
Martin Stein
3f269b773d nic_dump: use Duration instead of unsigned
Ref #2490
2017-10-19 13:29:42 +02:00
Martin Stein
97b1a22a8a nic_dump: measure time only if needed
Ref #2490
2017-10-19 13:29:42 +02:00
Martin Stein
6b4b662357 nic_router: fix for unknown transport protocols
Do not stop routing if the transport layer protocol is unknown but
continue with trying IP routing instead. The latter was already
done when no transport routing could be applied but for unknown transport
protocols we caught the exception at the wrong place.

Ref #2490
2017-10-19 13:29:42 +02:00
Martin Stein
642254134e timer test: rate limiting and no starvation
No starvation of timeout signals
--------------------------------

Add several timeouts < 1ms to the stress test and check that timeout
handling doesn't become significantly unfair (starvation) in this situation
where some timeouts trigger nmuch faster than they get handled.

Rate limiting for timeout handling in timer
-------------------------------------------

Ensure that the timer does not handle timeouts again within 1000
microseconds after the last handling of timeouts. This makes denial of
service attacks harder. This commit does not limit the rate of timeout
signals handled inside the timer but it causes the timer to do it less
often. If a client continuously installs a very small timeout at the
timer it still causes a signal to be submitted to the timer each time
and some extra CPU time to be spent in the internal handling method. But
only every 1000 microseconds this internal handling causes user timeouts
to trigger.

If we would want to limit also the call of the internal handling method
to ensure that CPU time is spent beside the RPCs only every 1000
microseconds, things would get more complex. For instance, on NOVA
Time_source::schedule_timeout(0) must be called each time a new timeout
gets installed and becomes head of the scheduling queue. We cannot
simply overwrite the already running timeout with the new one.

Ref #2490
2017-10-19 13:29:42 +02:00
Martin Stein
b811ef4331 signal: fix starvation by fast signal contexts
In the past, a signal context, that was chosen for handling by
'Signal_receiver::pending_signal and always triggered again before
the next call of 'pending_signal', caused all other contexts behind
in the list to starve. This was the case because 'pending_signal'
always took the first pending context in its context list.

We avoid this problem now by handling pending signals in a round-robin
fashion instead.

Ref #2532
2017-10-19 13:29:42 +02:00
Emery Hemingway
cd21074201 server/tcp_terminal: wrap RPC functions in 'with_libc' 2017-10-19 13:29:41 +02:00
Christian Helmuth
f9b3c6d2cf Remove unused os/alarm.h include from loader 2017-10-19 13:29:41 +02:00
Martin Stein
df71e02ef6 alarm: fix bug in _setup_alarm
We did not set the correct now_period previously but it wasn't conspicuous
because the bug triggered not before a full period had passed which on most
platforms is a pretty long time.

Ref #2490
2017-10-19 13:29:41 +02:00
Alexander Boettcher
9705c90d87 nova: update kernel to fix sporadic hangs 2017-10-19 13:29:41 +02:00
Sebastian Sumpf
7a359f95a3 wifi: use with libc in config update 2017-10-05 17:40:05 +02:00
Christian Helmuth
28004bc9e6 timer: limit rate of handling timeouts
Ensure that the timer does not handle timeouts again within 1000
microseconds after the last handling of timeouts. This makes denial of
service attacks harder. This commit does not limit the rate of timeout
signals handled inside the timer but it causes the timer to do it less
often. If a client continuously installs a very small timeout at the
timer it still causes a signal to be submitted to the timer each time
and some extra CPU time to be spent in the internal handling method. But
only every 1000 microseconds this internal handling causes user timeouts
to trigger.

If we would want to limit also the call of the internal handling method
to ensure that CPU time is spent beside the RPCs only every 1000
microseconds, things would get more complex. For instance, on NOVA
Time_source::schedule_timeout(0) must be called each time a new timeout
gets installed and becomes head of the scheduling queue. We cannot
simply overwrite the already running timeout with the new one.

Ref #2490
2017-10-05 17:40:05 +02:00
Christian Helmuth
23f65803fa libc: update recipe for resolv integration 2017-10-05 17:40:05 +02:00
Emery Hemingway
226fcbc02f Remove remote shell support from libc
The remote shell facilities are past deprecation and there is an
obligation to prevent their use rather than to support them. This patch
removes the related function definitions from 'unistd.h', which have not
been been included in the Genode libc ABI regardless.

Fix #2530
2017-10-05 17:40:05 +02:00
Emery Hemingway
8ca63d4a6e libc: reintegrate libc_resolv library
Remove getaddrinfo and freeaddrinfo from the Libc::Plugin and get rid of
the extra libc_resolv library. Remove getaddrinfo/freeaddrinfo symbol
hiding patch for FreeBSD sources. Remove libc_resolv from Makefiles and
run scenarios.

Fix #2273
2017-10-05 17:40:04 +02:00
Christian Helmuth
170b532892 Support read-only data symbols in ABI
This also adapts existing symbol files
2017-10-05 17:40:04 +02:00
Emery Hemingway
a67d24e509 import chroot from world repository
Fix #2529
2017-10-05 17:40:04 +02:00
Christian Helmuth
82d20f94cd Enable writeable in ahci_drv for libc vfs tests
Thanks to Steven Harp for reporting.
2017-10-05 17:40:04 +02:00
Sebastian Sumpf
754d1bd4a3 usb_report_filter: check device ds
Make sure we actually can report devices on USB driver device updates.

related to #2527
2017-10-05 17:40:04 +02:00
Sebastian Sumpf
7c269cb933 qemu-usb: Handle failing packet allocations gracefully
* catch failed allocations
* if a packet allocation fails, return NAK USB packet state
* increase packet stream size to 6 MiB

fixes #2527
2017-10-05 17:40:04 +02:00
Christian Helmuth
b3f620436c dde_linux: fix timer deletion and modification (lx_kit) 2017-10-05 17:40:03 +02:00
Christian Helmuth
7b9edcf90c lxip: fix timer deletion and modification
Linux del_timer() and mod_timer() return if the timer was pending before
the modification. Additionally, these functions are potentially called
from handler function of the timer to modify and, therefore, checking
for timeout != INVALID_TIMEOUT is not sufficient as the timeout is
indeed valid when the handler is executed.
2017-10-05 17:40:03 +02:00
Christian Helmuth
9ff82d76c0 lxip: fix timer handling and jiffies update 2017-10-05 17:40:03 +02:00
Alexander Boettcher
be753ee863 tool: add genode xml schema to xmllint check
Fixes #2513
2017-10-05 17:40:03 +02:00
Norman Feske
f04ef8ed40 run: align data after last boot module
In the image.elf file, the very last boot module is followed
by arbitrary other core-local data. Since those boot modules are
exported as page-granular dataspace to the outside of core via core's
ROM service, we need to ensure that the last page is padded with zeros.
2017-10-05 17:40:03 +02:00
Norman Feske
6d361b337b input/root.h: support re-opening of sessions
This patch fixes an aliasing problem of the 'close' method signature
that prevented the Input::Root_component::close method to be called.
This way, the event-queue state was not reset at session-close time,
which prevented a subsequent session-creation request to succeed. With
the patch, input servers like ps2_drv, usb_drv that rely on the
Input::Root_component support the dynamic re-opening of sessions. This
happens in particular when using a dynamically configured input filter.
2017-10-05 17:40:03 +02:00
Norman Feske
86656517e3 nitpicker: reset background if backdrop vanishes
Fixes #3
2017-10-05 17:40:03 +02:00
Christian Helmuth
ad49fba42a Fix syntax in lxip_udp_echo run script
Thanks to Steven Harp for reporting.
2017-10-05 17:40:02 +02:00
Norman Feske
ab0b0ac3a0 run: compress image.elf in NOVA boot dir 2017-10-05 17:40:02 +02:00
Josef Söntgen
e1ada57bfa vfs: use unsigned 64bit for media size ioctl
Fixes #2523.
2017-10-05 17:40:02 +02:00
Martin Stein
3f37a12e2d timer connection: fix mixing of time sources
We update the alarm-scheduler time with results of
Timer::Connection::curr_time when we schedule new timeouts but when
handling the signal from the Timer server we updated the alarm-scheduler
time with the result of Timer::Connection::elapsed_us.  Mixing times
like this could cause a non-monotone time value in the alarm scheduler.
The alarm scheduler then thought that the time value wrapped and
triggered all timeouts immediately. The problem was fixed by always
using Timer::Connection::curr_time as time source.

Ref #2490
2017-10-05 17:40:02 +02:00
Norman Feske
dae563725b drivers_interactive-pc: increase key-repeat rate 2017-10-05 17:40:02 +02:00
Norman Feske
ef9435b9ed depot: recipe for src/vbox5-nova 2017-10-05 17:40:02 +02:00
Norman Feske
4835da0f4d depot: add posix lib to api/libc archive 2017-10-05 17:40:01 +02:00
Norman Feske
15606dfc49 depot: recipe for api/stdcxx
This recipe copies the entire stdcxx library into the API archive, which
is an interim solution until we introduce a proper ABI for stdcxx. With
this current version, every user of the stdcxx ABI will implicitly build
the stdcxx library.
2017-10-05 17:40:01 +02:00
Norman Feske
40b12bb83c vbox5: extract license info from 3rd-party archive
This information is needed to create a matching LICENSE file for the
vbox5 src archive.
2017-10-05 17:40:01 +02:00
Norman Feske
ace5400953 depot: recipe for src/libiconv 2017-10-05 17:40:01 +02:00
Norman Feske
2ad57d3850 libports: libiconv ABI 2017-10-05 17:40:01 +02:00
Norman Feske
26d4d227ea ports: define cap quota in vbox_pointer.run 2017-10-05 17:40:01 +02:00
Norman Feske
bea305aec5 depot: avoid rule aliaing in api/base content.mk
This patch merges two similar rules, which create content at 'include'
into a single rule. This prevents a possible race condition when
creating archives in parallel.
2017-10-05 17:40:01 +02:00