Commit Graph

5559 Commits

Author SHA1 Message Date
Josef Söntgen
76cb06794a libports: Libc::with_libc nested
Fixes #2286.
2017-02-28 12:59:25 +01:00
Martin Stein
c20bfd4414 echo_udp: do often create, bind, and close socket
Ref #2285
2017-02-28 12:59:25 +01:00
Martin Stein
d61cb2714c libc/socket_fs: unlink during close
If 'close' does not call 'unlink' like 'shutdown', the Lxip_socket_dir
never gets destroyed and thus the socket server leaks resources like
RAM and ports.

Ref #2285
2017-02-28 12:59:25 +01:00
Martin Stein
d5b1f4fa5f echo_udp.run: remove unnecessary stdcxx
Ref #2285
2017-02-28 12:59:25 +01:00
Martin Stein
43fcdc43e6 libc/socket_fs: warn on unexpected arg in shutdown
Our 'shutdown' implementation handles only the case that 'how' is 'RDWR'.
Thus, print an error and continue if a user calls it with another value.

Fixes #2285
2017-02-28 12:59:24 +01:00
Alexander Boettcher
1a6963813c libc: avoid race using Libc::suspend with pthreads
TOCTTOU bug, in our case time of check to time of sleep bug
2017-02-28 12:59:24 +01:00
Sebastian Sumpf
553a4222f4 base: entrypoint dissolve signal proxy
If not dissolved in ~Entrypoint, the signal proxy is found within NOVA's
and FOC's object pool upon Rpc_entrypoint destruction. This leads to a
deadlock because the signal proxy is destructed before the RPC EP.

issue #2284
2017-02-28 12:59:24 +01:00
Norman Feske
dfc4c58782 root/component.h: POLICY::release on exception
This patch ensures that the POLICY::release is called whenever the
session creation aborted with an exception. In the original version, an
exception like 'Quota_exceeded' caused a single-session root interface
to deny subsequent session requests.
2017-02-28 12:59:24 +01:00
Norman Feske
8b4afe95c1 News item about the license update to AGPLv3 2017-02-28 12:59:24 +01:00
Christian Prochaska
db0dc0d97c libc: unblock main thread in 'Kernel::resume_all()'
If 'Libc::Kernel::resume:all()' is called from a non-main thread, send a
signal to unblock the main thread from 'wait_and_dispatch_one_signal()'.

Fixes #2283
2017-02-28 12:59:24 +01:00
Alexander Boettcher
3226dd0649 vbox: remove signal receiver usage for fb & input
avoids deadlocks due to new libc and vfs usage
2017-02-28 12:59:23 +01:00
Alexander Boettcher
328da2975f vfs: fix races in fs_file_system with pthreads
Change metadata before submitting a packet. If the submitting thread is a
pthread, the metadata may be immediately change by the signal handler running
in the context of the entrypoint thread.
2017-02-28 12:59:23 +01:00
Josef Söntgen
69c48a3626 os: refactor Global_file_system_factory
The global file system factory is now created explicitly and the
global singleton accessor function was removed.

Fixes #2281.
2017-02-28 12:59:23 +01:00
Norman Feske
7d9f68493a base: support for multi-staged child startup
This patch enhances the 'Child' and 'Child_policy' with the ability to
separate the different steps of bootstrapping children. If the
'Child_policy::initiate_env_sessions()' returns false, the child's
environment sessions remain unrouted at construction time. This way,
child objects for many children can be initialized to a state that
allows the children to represent services for other children. Therefore,
session routing can be applied before any child executes.

At this stage, the environment RAM sessions of all children can be
created. Note that this step still has the limitation that RAM sessions
are generally expected to be provided by either the parent or a local
service.

Once all children are equipped with RAM, they can in principle receive
session-quota donations. Hence, all other environment sessions can now
be arbitrarily routed and initiated.

Once the environment of a child is complete, the child's process and
initial thread is created.
2017-02-28 12:59:23 +01:00
Norman Feske
9cba459958 base: remove Child::heap
This patch improves the accounting for the backing store of
session-state meta data. Originally, the session state used to be
allocated by a child-local heap partition fed from the child's RAM
session. However, whereas this approach was somehow practical from a
runtime's (parent's) point of view, the child component could not count
on the quota in its own RAM session. I.e., if the Child::heap grew at
the parent side, the child's RAM session would magically diminish. This
caused two problems. First, it violates assumptions of components like
init that carefully manage their RAM resources (and giving most of them
away their children). Second, if a child transfers most of its RAM
session quota to another RAM session (like init does), the child's RAM
session may actually not allow the parent's heap to grow, which is a
very difficult error condition to deal with.

In the new version, there is no Child::heap anymore. Instead, session
states are allocated from the runtime's RAM session. In order to let
children pay for these costs, the parent withdraws the local session
costs from the session quota donated from the child when the child
initiates a new session. Hence, in principle, all components on the
route of the session request take a small bite from the session quota to
pay for their local book keeping

Consequently, the session quota that ends up at the server may become
depleted more or less, depending on the route. In the case where the
remaining quota is insufficient for the server, the server responds with
'QUOTA_EXCEEDED'. Since this behavior must generally be expected, this
patch equips the client-side 'Env::session' implementation with the
ability to re-issue session requests with successively growing quota
donations.

For several of core's services (ROM, IO_MEM, IRQ), the default session
quota has now increased by 2 KiB, which should suffice for session
requests to up to 3 hops as is the common case for most run scripts. For
longer routes, the retry mechanism as described above comes into effect.
For the time being, we give a warning whenever the server-side quota
check triggers the retry mechanism. The warning may eventually be
removed at a later stage.
2017-02-28 12:59:23 +01:00
Norman Feske
641fb08b5f Automated test for init 2017-02-28 12:59:23 +01:00
Norman Feske
84fddafda7 init: enable init to report its internal state
This patch equips init with the ability to report its internal state in
the form of a "state" report. This feature can be enabled by placing a
'<report>' node in init's configuration.

The report node accepts the following arguments (with their default
values):

'delay_ms="100"': specifies the number of milliseconds to wait before
  producing a new report. This way, many consecutive state changes -
  like they occur during the startup - do not result in an overly
  large number of reports but are merged into one final report.

'buffer="4K"': the maximum size of the report in bytes. The attribute
  accepts the use of K/M/G as units.

'init_ram="no"': if enabled, the report will contain a '<ram>' node
  with the memory stats of init.

'ids="no"': supplement the children in the report with unique IDs, which
  may be used to infer the lifetime of children accross configuration
  updates in the future;

'requested="no"': if enabled, the report will contain information about
  all session requests initiated by the children.

'provided="no"': if enabled, the report will contain information about
  all sessions provided by all servers.

'session_args="no"': level of detail of the session information
  generated via 'requested' or 'provided'.

'child_ram="no"': if enabled, the report will contain a '<ram>' node
  for each child based on the information obtained from the child's RAM
  session.

Issue #2246
2017-02-28 12:59:22 +01:00
Norman Feske
9d683a56a0 base: add Child_policy::session_state_changed()
This method is a hook to enable a runtime to respond to state changes.
In particular, in init this hook is used to trigger the generation of a
new state report, if configured.

Furthermore, the patch introduces the 'generate_client_side_info' and
'generate_server_side_info' methods to the 'Session_state', which
generates an XML representation of the session states to appear in
reports produced by init.

Issue #2246
2017-02-28 12:59:22 +01:00
Martin Stein
a74a0092b3 nic_router.run: raise Qemu RAM size
Ref #2193
2017-02-28 12:59:22 +01:00
Martin Stein
d301022fe7 nic_router.run: do not append but concatenate
Makes the script more readable and saves 100 LOC.

Ref #2193
2017-02-28 12:59:22 +01:00
Martin Stein
412c5e5be4 run/platform_drv: add append-free interface
Normally, the platform driver helpers adapt the global run variables directly
via append. But the introduction of a more elegant run script style, that
incorporates dependent strings inline may be a good idea. Thus, we need the
backends of the helpers available as functions that return their string rather
than appending it.

The old interface still exists and uses the new interface as backend.

Ref #2193
2017-02-28 12:59:22 +01:00
Martin Stein
d2832c3e4d lwip/http_clnt: remove unused variable
Ref #2193
2017-02-28 12:59:22 +01:00
Martin Stein
a88954394a nic_bridge tests: simplify test names
Ref #2193
2017-02-28 12:59:21 +01:00
Martin Stein
dc4e2325d0 nic_router.run: use static IP config in general
Dynamic IP configuration is a problem when testing on real machines
in a network that behaves differently than the DHCP in QEMU.

Ref #2193
2017-02-28 12:59:21 +01:00
Martin Stein
a4d110aa60 nic_router: fix indentation in verbose log
Ref #2193
2017-02-28 12:59:21 +01:00
Martin Stein
959b80bab1 lxip/lwip tests: non-libc attributes to config tag
The 'server_ip' and 'server_port' attributes for 'lxip/udp_client' and
'lwip/http_clnt' as well as the 'port' attribute for 'lxip/udp_echo' and
'lwip/http_srv_static' are not directly libc-related so they should not
live in the libc tag but in the config tag of the component.

Ref #2193
2017-02-28 12:59:21 +01:00
Martin Stein
a9535d5311 nic_router.run: update to new usage of the VFS tag
Use <config><vfs/></config> instead of <config><libc><vfs/></libc></config>.

Ref #2193
2017-02-28 12:59:21 +01:00
Josef Söntgen
e266e3cf1d floating_window_layouter: remove deprecated env()
Issue #2280.
2017-02-28 12:59:21 +01:00
Norman Feske
e951425c59 nit_fader: fix "deprecated" warning
Issue #1987
2017-02-28 12:59:20 +01:00
Norman Feske
e17811fb7a cli_monitor: API transition
Issue #1987
2017-02-28 12:59:20 +01:00
Norman Feske
bfdadc55b2 base: Add Number_of_bytes::print method
This method attempts to print the number with a K/M/G unit if possible
and thereby increases the human readability of generated output.
2017-02-28 12:59:20 +01:00
Norman Feske
8cb0dc9c16 init: session-label rewriting
This patch enhances init with the support for rewriting session labels
in the target node of a matching session route. For example, a Noux
instance may have the following session route for the "home" file
system:

<route>
  <service name="File_system" label="home">
    <child name="rump_fs"/>
  </service>
  ...
</route>

At the rump_fs file-system server, the label of the file-system session
will appear as "noux -> home". This information may be evaluated by
rump_fs's server-side policy. However, when renaming the noux instance,
we'd need to update this server-side policy.

With the new mechanism, the client's identity can be hidden from the
server. The label could instead represent the role of the client, or a
name of a physical resource. For example, the Noux route could be
changed to this:

<route>
  <service name="File_system" label="home">
    <child name="rump_fs" label="primary_user"/>
  </service>
  ...
</route>

When the rump_fs receives the session request, it is presented with the
label "primary_user". The fact that the client is "noux" is not taken
into account for the server-side policy selection.

Issue #2248
2017-02-28 12:59:20 +01:00
Norman Feske
c0af463b81 base: Add Child_policy::Route
The new return value of 'resolve_session_request' allows the child
policy to define the label used as the policy selector at the server.

Because this patch introduces the distinction of the child-provided
label from the label as presented to the server along with the session
request, the latter is now handled as a dedicated 'Session_state'
argument.

Issue #2248
2017-02-28 12:59:20 +01:00
Sebastian Sumpf
2d199982eb os: add 'wait_and_dispatch_one_signal' test 2017-02-28 12:59:20 +01:00
Martin Stein
06e605defa LibC VFS: Warn on possible FD path leaks 2017-02-28 12:59:19 +01:00
Martin Stein
222a789fef LibC socket FS: Fix leak of remote and local files 2017-02-28 12:59:19 +01:00
Christian Prochaska
1df4e53cba Qt5: use 'Libc::with_libc()' where needed
Fixes #2282
2017-02-28 12:59:19 +01:00
Norman Feske
b1a9addeb6 os/child_policy_dynamic_rom.h: API transition
Issue #1987
2017-02-28 12:59:19 +01:00
Alexander Boettcher
9ba24c0722 vbox: use with_libc 2017-02-28 12:59:19 +01:00
Christian Helmuth
4eb04119a5 test: TCP echo server and client 2017-02-28 12:59:19 +01:00
Josef Söntgen
b1dca8e047 os: pass env to connections in uart test
Issue #2280.
2017-02-28 12:59:18 +01:00
Martin Stein
335685b7fe usb: get rid of combined specs
Issue #2280.
2017-02-28 12:59:18 +01:00
Josef Söntgen
15821e32ec nic: remove usage of deprecated env()
This commit includes changes to the Nic::Session_component interface.
We now pass the entire env to the component instead of only ram, rm and
the ep because we need the env to open connections from within the
Session_component implemenation. So far only the cadence_gem driver
needs this, though.

Issue #2280.
2017-02-28 12:59:18 +01:00
Josef Söntgen
e6e1d8c144 platform/arm: remove usage of deprecated env()
Issue #2280.
2017-02-28 12:59:18 +01:00
Josef Söntgen
0b9272bd9c timer: remove usage of deprecated env()
Issue #2280.
2017-02-28 12:59:18 +01:00
Josef Söntgen
de401f37fb uart/x86: remove usage of deprecated env()
Issue #2280.
2017-02-28 12:59:18 +01:00
Josef Söntgen
493d3e58cf ps2: remove usage of deprecated env()
Issue #2280.
2017-02-28 12:59:17 +01:00
Josef Söntgen
3c57a8b3c2 usb_session: pass Region_map explicitly
Issue #2280.
2017-02-28 12:59:17 +01:00
Josef Söntgen
a2cff03539 dde_linux: remove usage of deprecated env()
Fixes #2280.
2017-02-28 12:59:17 +01:00
Josef Söntgen
7d91b1d949 dde_bsd: remove usage of deprecated env()
Issue #2280.
2017-02-28 12:59:17 +01:00