Clients can connect at any time to the NIC router. The interfaces (sessions)
get attached to the appropriate domain as soon as it appears. This implies
that interfaces can also be detached from a domain without beeing destructed
when the domain disappears. All user dependent states of an interface such as
the link states, DHCP allocations and ARP information get lost when the
interface gets detached.
Ref #2670
This separates the decision wether to log the received and sent packets
from the 'verbose' attribute. This information is now only logged if
'verbose_packets' is switched on. If 'verbose' is switched on, only
routing decisions and optional hints are printed.
Ref #2670
We disable super-page I/O mappings because our unmap code does not flush
local mappings from core and, thus, breaks later re-mappings of
different page size.
Issue #2547
Switch port I/O based PCI config space access to memory-mapped IO. The
base address of the PCI configuration space is acquired by mapping the
ACPI ROM and reading the first <bdf> node. An exception is thrown if the
first <bdf> node is not for PCI domain zero or if multiple <bdf> nodes
exist. This is to reduce complexity and also because multiple PCI
domains are rare.
The PCI configuration space is accessed via I/O mem dataspace which is
created in the platform_drv root and then passed on to the PCI session,
device components and finally to the actual PCI config access instances.
The memory access code is implemented in a way to make it work with Muen
subject monitor (SM) device emulation and also general x86 targets. On
Muen, the simplified device emulation code (which works also for Linux)
always returns 0xffff in EAX to indicate a non-existing device.
Therefore, EAX is enforced in the assembly templates.
Fixes#2547
The KIP address range resides in virtual memory while io_mem alloc
manages physical-address ranges.
The patch enables the use of ECAM/MMCONF for PCI configuration.
Issue #2547
Link the EGL library with Mesa. SDL's `GL_GetProcAddress` now calls
`eglGetProcAddress` rather than lookup procedures directly in the Mesa
library.
Components may still wish to list 'mesa_api' in LIBS to access OpenGL
headers.
Fix#2711
Adjust managed dataspace (== max memory provided to rump kernel) based
on 32/64 bit architecture. On 32bit is it 256M, on 64bit is 4G.
Additionally limit the actual announced memory to rump by the available RAM and
by the maximum size of the managed dataspace.
Fixes#2709
The visibility of the client's view is re-evaluated at each animation
step. However, when the client appears long after the initial
fade-in/out animation is completed, the initial visibility state
remaines unchanged. This happens when booting the Sculpt scenario in
Qemu where the the nit_fb instances of the leitzentrale could not be
started in time. This patch fixes the issue by re-evaluating the view
visibility also at the view-creation time.
This prevents diagnostic messages like
Error: partial write detected 0 vs 31
for writes into already released socket directories due to a still-open
handle to the socket data file.
We need to update the blueprint pkg path as well in case the start node
is changed. Otherwise the query tool will keep using the initially
configured pkg path.
In case the signature file is corrupt, e.g. it could not be downloaded
successfully, the gnupg code just prints an error message but will not
return the error to the user. So we patch the code to return the error
and check the value in the calling code.
The sinfo API now also exports PCI devices without logical IRQs.
Therefore, explicitly check interrupt count in get_msi_params() function
and ignore such devices.
- Use latest Muen version
- Sync VirtualBox Muen subject state
- Drop unneccessary subject IP patch
- Adapt Muen RUN_OPTs
- Update documentation
Note: the GPL 2017 toolchain is now required and as the debug output
format has changed the mulog-subject.py script must be updated on
autopilot instances.
Remove the dependency on the deprecated LwIP libary.
Remove the progress logging callback. Should a progress indicator be
desired, a progress report would be more appropriate.
Fix#2684
This patch improves the error handling for the case where the depot
lacks the content of the to-be-deployed pkg. Instead of infinitely
reattempting to obtain blueprints for such content, the deploy tool
prints a single message.
This patch adds two key remappings for the magic keys of the sculpt
scenario. KEY_DASHBOARD toggles the leitzentrale. KEY_RESTART resets
the noux-control subsystem of the leitzentrale.
Issue #2676
If only a single AHCI device is present, the block service provided by
the drivers subsystem allows the client to refer to this block device
via the label 'default'.
Issue #2676
This patch adds a safety check to nit_fb to ensures that nit_fb never
runs out of RAM. Should the available RAM not suffice for resizing the
virtual framebuffer to a new mode, it keeps the current mode.
The Dir_file_system uses static cast to convert handles from the
application to a plugin local type. For this reason, only the local
handle type may be returned from 'opendir' or 'open'. This fixes the
unexpected behavior when opening directories as files.
Fix#2533
This patch removes the notion of partial writes from the file-system
servers. Since write operations are asynchronously submitted, they are
expected to succeed completely, except for I/O errors. I/O errors are
propagated with the write acknowledgement but those are usually handled
out of band at the client side. Partial writes must never occur because
they would go undetected by clients, which usually don't wait for the
completion of each single write operation.
Until now, most file-system servers returned the number of written bytes
in the acknowledgement packet. If a server managed to write a part of
the request only, it issued the acknowledgement immediately where it
should have cared about writing the remaining part first.
The patch detects such misbehaving server-side code. If partial writes
unexpectedly occur, it prints a message and leaves the corresponding
request unacknowdleged.
Issue #2672
File_system clients may now watch files and directories for changes by
opening a 'Watch_handle' rather than submitting a 'CONTENT_CHANGED'
packet to the server. When a change happens at a node with an open
Watch_handle a CONTENT_CHANGED packet will be sent from the server to
the client. This serializes registration with other handle operations
and separates I/O handle state from notification handle state.
Test at run/fs_rom_update.
Ref #1934
Catch out of RAM and capability exceptions and return error values.
Abort opening a composite directory at Dir_file_system where an
opendir call on any child file-system returns an OUT_OF_RAM or
OUT_OF_CAPS error.
Ref #2642
This change enables the use of negative values for the 'initial_width'
and 'initial_height' attributes to specify values that are relative to
the screen size. This is consistent with the meaning of the 'width' and
'height' attributes.
This patch changes the 'depot_deploy' tool to spawn any number of
runtimes. In contrast to the original version, which merely consumed a
blueprint generated by a pre-configured 'depot_query' instance, the new
version actively generates queries as needed. So there is a feedback
loop between 'depot_deploy' and 'depot_query'. The instantiation of
subsystems is controlled by the '<start>' nodes of the 'depot_deploy'
configuration. For each start node, the tool tries to determine the
ingredients (provided by the depot) by asking the 'depot_query' tool.
Once the information is complete, a corresponding start node of the
dynamic init instance is generated.
This patch introduces the subnodes <provides>, <requires>, and
<content> to the <runtime> node. All <rom> sessions that are
expected from the depot appear within the <content> node, which
sets them nicely apart from <rom> sessions that may be required
as runtime arguments.
Note that the <requires> and <provides> nodes do not appear in the
patch because the existing depot_deploy tool does not interpret this
information (the pkg/test-fs_report runtime does not provide any
service, and the timer session is provided as a common route).
This patch adds the config attribute 'query'. If set to the value "rom",
the query information is obtained from a ROM session labeled "query".
Otherwise, the query information is expected to be part of the config.
This enables us to use the component in two different scenarios. In
one scenario, 'depot_query' is embedded in a managed dynamic init.
Here, taking the query from the config is easy. In the other scenario,
'depot_query' is running as a daemon with a once-configured VFS but
varying queries. The queries originate from a component that does not
control the 'depot_query' config.
The new 'Terminal_session::size_changed_sigh' RPC function registers a
signal handler that is triggered each time when the terminal size
changes. It enables the client to adjust itself to the new size by
subsequently calling the 'size' RPC function. Of all terminal servers,
only the graphical terminal triggers this signal.
- handle line wraps in 'ech()'
- take (1,1) origin into account in 'hpa()' and 'vpa()'
- unify handling of SGR escape sequences of different lengths
- accept the '[?2004h' and '[?2004l' escape sequences (used by midnight commander)
Fixes#2671
The 'Expanding_reporter' wrapper for the 'Reporter' eliminates
the burden of handling 'Xml_generator::Buffer_exceeded' exceptions
from components that generate reports.
Fixes#2655
Instead of having a lot of platform specific quirks in the run test,
and to also test it on platforms currently missing a NIC driver,
this commit removes hardware drivers from the nic_router and
nic_bridge run scripts, and uses the nic_loopback server instead.
AVL trees can't be copied with the default copy constructor as the
parent pointer of the first item of both of the resulting trees would
point to the original tree. Copying an AVL node, however, generally
violates the integrity of the corresponding tree. The copy constructor
of Avl_tree is used in some places but in those places it can be
replaced easily. So, this commit deletes the copy constructor of
Avl_node_base which makes Avl_node and Avl_tree non-copyable.
Issue #2654
On platforms without nic or audio driver support, the corresponding
functions to return the correct names should return a meaningful
name instead of an empty list. Otherwise, in an erroneous run-script
that calls those functions to append names to the boot modules
the whole 'bin' directory is appended instead, which leads to big
image files or errors when linking the boot modules to core.
This patch adds hooks for customizing the location of the configure
script within the package, the build target, as well as the install
step. This is useful for packages like tcl that deviate from the
usual layout of source packages.
Issue #2648
The 'trace_logger' component can be used to easily gather, process and export
different types of tracing data. Which subjects to select is configurable via
session label policies and thread names. Which data to collect from the
selected subjects can be configured for each subject individually, for groups
of subjects, or for all subjects. The gathered data can be exported as log
output.
This is an example configuration of the 'trace_logger' component which shows
the default value for each attribute except the policy.thread and
policy.label:
! <config verbose="no"
! session_ram="10M"
! session_arg_buffer="4K"
! session_parent_levels="0"
! period_sec="5"
! activity="no"
! affinity="no"
! default_policy="null"
! default_buffer="4K">
!
! <policy label="init -> timer" />
! <policy label_suffix=" -> ram_fs" />
! <policy label_prefix="init -> encryption -> "
! thread="worker"
! buffer="4K"
! policy="null" />
! </config>
For more details see os/src/app/trace_logger/README.
Fixes#2654
Building this policy was disabled by a REQUIRES = riscv_toolchain_bugfix
to prevent compiler crashes on nightly test builds. Since the latest
RISCV toolchain update, test builds for RISCV crash at much more places
which makes this single work-around senseless.
Issue #2654
Previously, base/trace/buffer.h included base/thread.h which includes
base/trace/logger.h which includes base/trace/buffer.h.
Removed the base/thread.h include in base/trace/buffer.h as it is not
needed.
Issue #2654
The 'Buffered_xml' utility is used by three components and a fourth is
on the way. To avoid another duplication of the code, this patch makes
it publicly available at 'os/buffered_xml.h'.
This patch replaces the 'Heap' by a 'Sliced_heap' to avoid the
allocation of a 16 KiB memory block when 'dummy' acts as a server. On
seL4, such an allocation would exceed the 1M quota as assigned by the
init.run script.
The 'initial_width' and 'initial_height' attributes were added to
accomodate the use-case to set the initial dimensions whenever 'nit_fb'
is used in a dynamic fashion, e.g, in combination with a window manager.
These attributes may not be mixed with the 'width' and 'height'
attributes, which are mostly used when a static size configuration is
desired.
When a NIC session is destructed at the router, we have to remove all ARP
cache entries that match the MAC address of that session. Otherwise the
outdated entries might be re-applied later, leading to wrong destination
MAC addresses in routed packets.
Fixes#2637
By specifying the 'config' of a '<runtime>' as an attribute, we can
distinguish the case where the config is obtained from a ROM session
from the case where the config is specified inline as a '<config>' node.
The new 'verify' component facilitates the code of GnuPG to verify
detached OpenPGP signatures against public keys.
Since GnuPG depends on libgcrypt and libgpg-error, the patch adds these
libraries to the libports repository.
Fixes#2640
This fix handles the case where the focused domain loses its focus
because the currently focused client vanishes. In this case, the focus
will be undefined and the non-focused views of the domain become
tinted again. The refresh should take effect immediately as soon as the
client vanishes.
With this patch, init responds to the exit of a child by closing all
sessions of the child. E.g., if a child is a GUI application, its
nitpicker session is closed at the time of exit, not at the time when
the start node disappears from init's configuration.
Since this change requires a modification of the 'Genode::Child' class,
it takes the chance to make the child-destruction less brutal. The
new version ensures that all threads of the destructed subsystem are
destructed before other sessions, in particular PD sessions. This
eliminates spurious page-fault warnings during the child destruction.
On Fiasco.OC, closing the CPU session of a thread while being called by
the thread causes a deadlock. Hence, we skip the eager destruction of
CPU sessions on this kernel.
Related to issue #2659
Adds two new netperf tests, netperf_lxip_router and netperf_lwip_router
who test the TCP throughput of the NIC router when routed with a tcp-forward
rule and NAT.
Issue #2624
which executed in the current measurement period but are now dead.
Keep the Entry object up to next period, where the recent_execution_time will
become 0 since it will not execute definitely.
Issue #2638
Previously, the dst_len value was not decreased after each character that was
written to the dst buffer. This way, if the content length was greater than
dst_len, decoded_content wrote to memory out of bounds.
Issue #2644
Do not leave space for a terminating '0' at the end of the dst buffer in
decoded_content as the method does not write this '0'. The caller of the
method shall take care of it instead.
Issue #2644
Until now, if we examined an EPT fault and the corresponding guest
physical memory was not allocated, we forwarded the faulting instruction
to the instruction emulator, which in turn handled the memory allocation
implicitly. This lead to long instruction emulation times on certain
instructions (e.g. 'rep mov' on large memory junks). Therefore, we now
allocate and map the corresponding guest physical memory immediately in
the EPT fault handler and directly return to the guest.
fixes#2645
Require x86_64 because memory/adress space limitations on x86_32
restrict the use-cases on such a platform anyway. Doing that,
we can also assume that memory adresses are always 64bit long and
do not have to handle 32bit adresses.
According to the creator of the net-stat lib, this lib was a mere debugging
tool that is not used anymore nor worth the work of updating the it to
modern Genode coding paradigms. Also, there exist no tests for the lib.
Instead of having a method validate_size in each packet class, check
sizes in the data accessor of the surrounding packet class. This packet
accessor is the one that casts the data pointer to the desired data type
so it is sensible that it also checks whether the desired type would
exceed the available RAM before doing the cast. This also fits nicely
the fact that for the top-level packet-class of a packet, the size must
not be checked (which was previously done).
Issue #465
The TCP window scaling is implemented for servers (like netperf's
netserver) only. The client implementation just uses the lower 16 bits
of the TCP_WND configuration value, which we therefore maximize to ~64K.
The '<dependencies>' attribute 'path' refers to a depot archive.
Depending on the attributes 'source="no"' and 'binary="no" (defaults
shown), the depot_query component determines the source/binary
dependencies of the given archive. The result has the form of a report
with a sequence of <missing> and <present> nodes, each equipped with the
'path' of the dependency.
Since the <query> node results in the generation of a "blueprint"
report, it should better be named <blueprint>. This also clears the way
for adding further query types such as <dependencies>, following the
same pattern of generating a report of the corresponding query name.
With this patch, it becomes possible to pass a 'Directory const &' to
the constructor of 'File_content', which is intuitive as the directory
content is not changed by reading a file.
The 'File_content::for_each_line' method did not correctly detect the
end of data for files without a trailing linebreak, thereby cutting the
last character from the last line.
This patch removes the former use of ram_fs, fs_rom, and fs_report from
the subsystem and uses a report_rom instead. The fs-based reporting was
introduced to accommodate automatically instantiated usb_block drivers,
which turned out to be impractical for the sculpt scenario.
