* Differentiate in between different architectures with assembler routines
for correct measures
* Automate first step measuring of 10G bogomips across different hardware
Fix#3785
base-linux uses seccomp to reduce the available system calls
to the minimum set needed to run base-linux. There are still
some syscalls that allow accessing global state which should
be further reduced.
The combination of seccomp and socket descriptor caps should
provide an intermediate level of security for base-linux
thereby enabling base-linux as a migration path from using
the Linux kernel to the use of microkernel-based Genode.
Fixes#3581
This patch adds support for booting base-hw kernel on qemu-arm virt
machines. The arm_virt machine has 2GB of RAM, 2 Cortex A15 cores and
uses GICv2 interrupt controller. The arm_64_virt machine also has 2GB of
RAM, but has 4 Cortex A53 cores and uses GICv3. Both machines use PSCI
to boot additional CPU cores.
Fixes#3673
This patch fixes a regression with run/log_core introduced by
2064ffd64b nova: support multidimensional affinity space
The run tool uses a log message 'run_boot_string' to detect successful
boot as well as to detect unexpected reboots. This message should never
be logged twice and, thus, should not be part of the core_log. The patch
mentioned above moved the former run_boot_string after the core_log
initialization.
This patch replaces the former Noux instance by a sub init that hosts
the combination of VFS + fs_rom + bash. If bash exits, the whole sub
init exits, which implicitly tears down the terminal session used by the
sub init. The latter is expected by the test sequence.
Issue #3696
From the man page of expect:
> Both expect and interact will detect when the current process exits
> and implicitly do a close. But if you kill the process by, say, "exec
> kill $pid", you will need to explicitly call close.
Fixes#3569
The check was accidentally in
66d44289e1 tool/ports: streamline hash tool usage
because $(call VAR, ...) just expands to nothing without errors if VAR
is undefined.
Introduce 'XZ_THREADS' to override the default number of threads used
for compression, which is still set to '1'. As using multiple threads
will increase the amount of memory needed during the compression and
potentially influences the size of the created archive, setting the
variable limits the impact.
Fixes#3431.
In case RUN_OPT_AUTOPILOT is changed on consecutive calls of "autopilot
--keep", the changes are now effectively propagated to the run tool.
I also documented the RUN_OPT_AUTOPILOT environment variable.
Replace the notion of board-specific platforms by clear definition
architecture and board.
Also added new command line switch for "targets"
-t <target> test target as triple of architecture-board-kernel,
e.g., arm_v7a-pbxa9-hw
Related to #3316Fixes#3417
This patch handles a few corner cases that appear in the headers of
Genode 19.05, in particular the new client-side block API in
'block_session/connection.h'.
* The extract tool determines and reports all missing ports at once.
* The extract tool automatically prepares all missing ports if PREPARE_PORTS=1.
* The missing_ports tool prints a list of missing ports for given archives.
Fixes#3353
Components like kernel, core, and bootstrap that are built for a
specific board need to reside inside the same architectural dependent
build directory. For instance there are sel4, foc, and hw kernel builds
for imx6q_sabrelite and imx7d_sabre, which have to reside inside the same
arm_v7 build directory.
This commit names those components explicitely, and adapts the run-tool to it.
Fix#3316
nullglob is needed to get an empty shell glob in case no matching binary
archive (path) exists. Otherwise, the original glob string including the
* is returned and used in the for loop.
This patch handles version collisions of binary archives. If a binary
archive for an (automatically) updated src-archive version already
exists in the depot, the extract tool removes the binary archive because
its existing content may stem from another src content (a version from a
different topic branch). This ensures that the new version is always
built, not skipped, when 'UPDATE_VERSIONS=1 REBUILD=' is specified.
Fixes#3267
Until now, Genode referenced a fork of the outdated elfloader-tool
to enable bootstrapping of sel4 on ARM platforms. Because the
elfloader is inherently dependent on the used platforms newer
ARM versions supported by the kernel could not be loaded by the
outdated elfloader. This commit uses a fresh fork of the nowadays
used sel4_tools repository.
Ref #3251
In cases where the signing failed (maybe the passphrase for the key was
not available at this time), there remained an empty .sig file, which is
newer than the to-be-signed file and, therefore, prevents subsequent
signing processes.
The input for the pkg index is located at gems/run/sculpt/index.
The sculpt.run script uses this input for generating the depot index
file at depot/<user>/index/<version>.
The tool/depot/publish tool support arguments of the form
<user>/index/<version> where <version> corresponds to the Sculpt
version.
Issue #3172
The 'run_genode_until' procedure only called 'run_power_on' to reset
the target machine. That works will with the softreset module, which
is used by all x86-based test system but falls short regarding ARM
boards. The way those boards are connected requires turning the power
off and on for a complete cycle.
This patch prevents the abi_symbols tool from generating symbols that
are known to occur in shared objects but must not be part of a library
ABI. This saves a bit of time during library-porting work.
However, to avoid the accidental use of ABI symbol definitions that lack
any form of manual curation, the abi_symbols tool outputs a special
message, which is explicitly checked-for by the check_abi tool.
Fixes#3112
The plugin was tested with ALL4176 but should support all modern Allnet
MSR devices according to the documentation
https://service.allnet.de/image-ftp/ftp/pub/allnet/MSR/JSON/JSON_MSR.zip
It works just like the existing powerplug plugins by
RUN_OPT += --include power_on/allnet --include power_off/allnet
and uses the following parameters
--power-on-allnet-host network address of device
--power-on-allnet-user user for device
--power-on-allnet-password password for device
--power-on-allnet-port target port/socket of device
--power-off-allnet-host network address of device
--power-off-allnet-user user for device
--power-off-allnet-password password for device
--power-off-allnet-port target port/socket of device
* In base-foc/recipes/src/ replace base-foc with base-foc-pc
* To base-foc/recipes/src add base-foc-arndale, base-foc-pbxa9
* Ensure that the correct base-foc recipe is choosen by the run module
'boot_dir/foc'
* To base-hw/recipes/src add base-hw-arndale, base-hw-imx53_qsb,
base-hw-imx53_qsb_tz, base-hw-odroid_xu, base-hw-panda, base-hw-rpi,
base-hw-wand_quad
* Ensure that the correct base-hw recipe is choosen by the run module
'boot_dir/hw'
Allow the gpg utility to be overridden on the command line. For
example, './tool/depot/publish GPG="ssh 10.0.1.3 gpg" ...' would invoke
a remote gpg over SSH.
Fix#2981
This patch fixes a problem in the non-const 'for_each' method of the
'Registry' data structure. If an exception was thrown from within the
functor of the 'for_each' operation, the not yet processed items of the
registry were dropped from the registry, which is not expected.
The new base/xsd/config.inc defines generic XSD types such as 'Boolean' or
'Session_label'. It can be included in config XSD files by using:
! <xs:include schemaLocation="file://${GENODE_CONFIG_INC}"/>
The string ${GENODE_CONFIG_INC} is replaced by the run tool with the
above mentionened file path.
Issue #2897
This patch reintroduces the LwIP stack to libc as a VFS plugin
implementing the socket_fs interface. Rather than use LwIP's socket
emulation layer this plugin interfaces directly to LwIP raw API and is
single threaded.
The internal TCP parameters of the stack are untuned.
Fix#2050Fix#2335
This new vfs_import plugin allows a VFS instance to be populated during
construction using a sub-VFS configured in an '<import>' configuration
node. This allows the ram_fs File_system server to be replaced by the
VFS server by reimplementing the ram_fs 'content' feature. At the
moment the copying of symlinks is not enabled, and the resources
obtained by the import file-system may not be freed after the import is
finished.
Fix#2906
Test of File_system I/O scheduling. It appears that a client not
submitting I/O packets slower than the VFS server can process will
starve other clients.
Ref #2900
Also remove 'requires_installation_of', while also checking sbin
directories in 'have_installed'. The run scripts have been adjusted
accordingly.
Fixes#2853
Currently has three clients that continuously create new UDP/TCP/ICMP
connections through the NIC router with NAT to the outer world and they
get never closed. A fourth client does normal ping through the same
domain to the outer world that must succeed even after the RAM quota of
the other session at the router is exhausted. The test is restricted to
Qemu to not being at risk to flood real networks.
Issue #2857
This test monitors the RAM quota of a dynamic init and a server hosted
within the dynamic init in the presence of a repeatedly created and
destructed client.
Newer revisions of parted require special privileges due to use of the
dmidecode tool, which logs permission errors to standard error. In these
cases parted still succeeds with its operation, so just ignore the
jabbering and prevent expect to exit.
Unfortunately, some sites do not support the HTTP/1.1 range header and
just serve the whole file, which takes it's time and may result in a
timeout.
Fixes#2819
Issue #2778
The "create_grub2" script functionality is moved to the g2fg contrib sources
and also the GRUB2 head image (tool/grub2-head.img). The head image is now
partitioned as GPT and bootable in BIOS legacy mode.
The nic_bridge test is not suitable to be executed on hardware so it should,
in case, print an appropriate message and return without doing anything else.
Issue #2788
Our nightly did not detect the current stale hashes because only updated
(in the sense of a changed hash) ports are prepared. Others were left
untouched besides the check_port_source step. Now, check_hash also
checks for missing hash file updates.
SHA1 is susceptible to collision attacks and is generally deprecated.
Source code archives are particularly vulnerable because the hash digest
can be tweaked by hiding by arbitrary data in code comments and files
not processed during build.
With this in mind the 'prepare_port' tool now attempts to verify digests
as SHA256 with a fallback to SHA1. When CHECK_HASH=no is set the tool
will refuse to verify digests as SHA1. The use of SHA1 for creating
unique port versions is retained because the hashes are produced locally
from inputs stored in a git history.
Issue #2767
This driver component provides support for using consumer NVMe storage
devices, i.e. it omits name space managment and will always use the
first name space, on Genode. For now it defaults to a reasonable low
configuration:
- 1 I/O queue (completion/submission tuple)
- 128 entries in the I/O queue
- 4096 as the only I/O transaction memory page size
Fixes#2747.
Our static okl4 system-integration configuration specifies a fixed RAM
range from 32 to 800 MiB, which must be satisfied by Qemu or strange
errors happen due to accesses beyond RAM. (Fixes current issues with
nic_router.run.)
Switch port I/O based PCI config space access to memory-mapped IO. The
base address of the PCI configuration space is acquired by mapping the
ACPI ROM and reading the first <bdf> node. An exception is thrown if the
first <bdf> node is not for PCI domain zero or if multiple <bdf> nodes
exist. This is to reduce complexity and also because multiple PCI
domains are rare.
The PCI configuration space is accessed via I/O mem dataspace which is
created in the platform_drv root and then passed on to the PCI session,
device components and finally to the actual PCI config access instances.
The memory access code is implemented in a way to make it work with Muen
subject monitor (SM) device emulation and also general x86 targets. On
Muen, the simplified device emulation code (which works also for Linux)
always returns 0xffff in EAX to indicate a non-existing device.
Therefore, EAX is enforced in the assembly templates.
Fixes#2547
When a pkg is missing, the user should create <arch>/pkg instead
of only the missing pkg. This way, all depending binaries are created in
one step. Otherwise the missing binaries are detected at the next time
the run script is executed. This patch relieves the user from iterating
manually.
This commit changes the semantic of run_boot_dir to link a core
binary with debug symbols only when the designated library is in place.
Follow-up fix refering to issues #2339 and #2700
The install_pxe_bootloader_to_run_dir procedure is required by the tftp
as well as the ipxe load script. Move it to a separate file which is
include by both.
- Use latest Muen version
- Sync VirtualBox Muen subject state
- Drop unneccessary subject IP patch
- Adapt Muen RUN_OPTs
- Update documentation
Note: the GPL 2017 toolchain is now required and as the debug output
format has changed the mulog-subject.py script must be updated on
autopilot instances.
The timestamp-based rules of make do not work well for the publish tool
because depot archives are often re-created with the same content but a
different modification time, in particular when creating archives via
'FORCE'. This way, those archives are re-published every time, which
becomes a time-consuming operation since all archives must be signed.
This patch filters the targets based on the content that is already
present in the public/ location. All existing archives are skipped.
Apply the approach to join the argument list 'args' to pass a single
list argument to _collect_from_depot. Actually, this story teaches me to
shy away from {*} because of its special semantics, which are
{*} makes each item in a list an individual argument of the current
command (https://wiki.tcl.tk/17158)
This is a direct follow up to "run: let import_from_depot accept list
variables", which broke calling import_from_depot with a number of
individual arguments.
Issue #2619
When doing something like this in a run script ...
lappend arg X
lappend arg Y
lappend arg Z
import_from_depot arg
... the internals of import_from_depot do not treat $arg as list but as one
string and interprets it as malformed depot path. We can handle this by
applying {*} to $arg inside the procedure.
Issue #2619
This patch changes the depot layout such that each archive is
represented as a directory that contains the versions of the archive as
subdirectories.
Issue #2610
The run tool now by default checks configurations with target-specific
XML schemata. Each component may define a config schema file in its
target.mk via the CONFIG_XSD variable. When the run tool has checked an
configuration of an init instance, it additionally goes through the
start nodes of the config. For each start node it checks whether there
is an XSD file that matches. If so, the run tool also checks the config
of the start node (if existant). This is done recursively. I.e., also
the child configs of a sub-init of a sub-init of the top-level init
receive a config check.
Issue #2600
In general, make the message conform to the according message of the
common build system. Adds instruction how to fix the missing/outdated
port.
Fixes#2573
If there is no debug/core-<kernel>.o library available, e.g., when
running a scenario in a fresh build directory where core is provided
via a depot package, the build_core_image step of the run tool was
canceled in the past, when trying to access the non-existing library.
This commit changes the semantic of build_core_image to link a core
binary with debug symbols only when the designated library is in place.
This fixup is related to issue #2339
* introduce new syscall (core-only) to create privileged threads
* take the privilege level of the thread into account
when doing a context switch
* map kernel segment as accessable for privileged code only
Ref #2091
* introduces central memory map for core/kernel
* on 32-bit platforms the kernel/core starts at 0x80000000
* on 64-bit platforms the kernel/core starts at 0xffffffc000000000
* mark kernel/core mappings as global ones (tagged TLB)
* move the exception vector to begin of core's binary,
thereby bootstrap knows from where to map it appropriately
* do not map boot modules into core anymore
* constrain core's virtual heap memory area
* differentiate in between user's and core's main thread's UTCB,
which now resides inside the kernel segment
Ref #2091