This patch solves keyboard-focus issues with the wifi dialog that were
caused by making the focus update conditional. However, since the update
is not expensive, we can unconditionally re-evaluate the focus atfer
each user interaction.
Issue #4820Fixes#4856
This patch includes the system dialog in the global keyboard focus
handling, supports hovering of the "Edit" and "Add" buttons,
allows the use of the enter key to finish URL editing, and
triggers a re-scan of depot users after adding a new one.
Issue #4820
Should the selected depot user not be present in the depot - for example
after switching the sculpt partition to another - unfold the selection
of all present depot users so that the one can pick an existing one.
Issue #4820
We repeatedly experience issues with XHCI handoff in the USB host driver
at runtime on modern systems. Mostly, these issues manifest as
initialization delays with very high CPU load. Investigations show that
during this time the handoff MMIO write does not return, which hints the
firmware driver enters some spinning loop. I suspect the enabled IOMMU
does not play well with the firmware due to insufficient RMRR
information.
Therefore, we disable USB handoff in Sculpt via the driver manager (as
we do for dedicated devices already in other contexts). Note, UHCI and
EHCI handoff is still done in the platform driver and succeeds on all
our test hardware.
Issue #4820
This split allows us to cross-compile all arm_v8a packages needed for
'goa build' by creating pkg/arm_v8a/goa.
The components featured on pkg/goa-linux are solely needed for 'goa
run'. As they contain a number of lx/hybrid components, pkg/goa-linux
must be complied on Linux running on the target architecture.
Fixes a regression with the cbe_init_trust_anchor component that prevented
reacting to a failed unlock attempt in the File Vault. The regression was
caused by new semantics in the vfs that did not allow for using the file
operation result as indicator for whether the unlock attempt failed or
succeeded. The correct and hereby applied approach is to check for the data
read from the file after having written the unlock command. The data reads
either "ok" or "failed".
This patch mitigates potential busy feedback effects when evaluating the
reports produced by 'depot_deploy' in a closed control loop. Reports
are now generated only if the deployment state has changed.
Issue #4818
This patch marks a child as incomplete if one of the ROM modules listed
in its blueprint is missing. This, in turn, triggers the update system
in Sculpt, which then tries to download the missing pieces.
Issue #4818
By managing downloads issued by the deploy subsystem via the
'Download_queue', failed downloads (e.g., due to HTTP error 404) are
properly tracked and don't cause infinite re-attempts.
Issue #4818
This patch replaces the former 'nic_drv' and 'nic_drv_dtb' functions
by a more general 'nic_driver_routes' function that can return one or
multiple platform-specific ROM routes for NIC-driver binaries and dtb
files. This allows for supplying customizations for the wifi driver
as well. E.g., on the PinePhone, this hook can be used to handle the
renaming of the 'wifi_drv' to 'a64_wifi_drv'.
Related to issue #4813 and issue genodelabs/genode-allwinner#17.
This commit updates the used firmware images for the iwlwifi device
to latest available ones (supported by the current 6.1.x driver).
It also removes old firmware images that by now are not used anymore.
Fixes#4807.
Unfortunately, the change of "depot: remove empty config from
pkg/nano3d" broke the manual deployment of the nano3d demo because no
<config> is provided in this case.
This patch splits pkg/nano3d into two variants. The regular nano3d pkg
comes with an empty <config/> node as before. The unconfigured_nano3d
pkg does not feature any <config/> node and can thereby be configured
via a ROM route to a dynamic-rom service.
This patch equips the depot_download subsystem with the option to
explicitly skip the signature verification for downloads by specifying
the attribute 'verify="no"' for an <installation> item. This is useful
in scenarios where the lack of integrity of downloaded content does not
pose a risk, e.g., for untrusted applications that are rigidly
sandboxed, or during development.
Note that this option does not entirely discarge the signature checking.
Whenever an download has dependencies that are verifyable - for
which the public key exists in the depot - the dependencies are still
verified. This allows untrusted content to depend of verifyable content
while protecting the integrity the verifyable content.
Issue #4804
This patch adds the 'Verify' argument to all download-related interfaces
in order to control the checking of signatures for downloads. Note that
it does not change the sculpt_manager's existing built-in policy of
always checking signatures.
Issue #4804
This patch moves the interfaces needed for the interactive addition of runtime
components from the 'Popup_dialog' to the 'model/component.h'. So those
interfaces are no longer tied to one specific view implementation.
This free-standing function is meant to gradually replace
'Dialog::match_sub_dialog' interface, which relies on the caching of
the hover state. The new function is more flexible because dialogs do no
longer need to inherit 'Dialog'.
The missing else statements resulted in the addition of a
superfluous <archive> node when installing an <index>, causing
warning messages by the depot-download subsytem.
This patch adds the ability to specify an optional 'as' attribute in a
<rom> module declarion of a runtime file.
<runtime ...>
...
<content>
<rom label="camera-pinephone.dtb" as="dtb"/>
...
</content>
</runtime>
If specified, The depot-deploy tool uses the provided attribute value to
hand out the ROM 'camera-pinephone.dtb' under the label 'dtb' to the
subsystem.
Now, block_devices are reported earliest right after the devices ROM was
parsed and neither AHCI nor NVMe were found. If one or both devices were
found, the report is deferred after all expected reports arrived.
Issue #4791
The 'file_size' type denotes the size of files on disk in bytes. On
32-bit architectures it is larger than the size_t, which refers to
in-memory object sizes.
Whereas the use of 'file_size' is appropriate for ftruncate and seek, it
is not a suitable type for the parameters of read/write operations
because those operations refer to in-memory buffers.
This patch replaces the use of 'file_size' by size_t. However, since it
affects all sites where the read/write interface is uses, it takes the
opportunity to replace the C-style (pointer, size) arguments by
'Byte_range_ptr' and 'Const_byte_range_ptr'.
Issue #4706
The screenshot trigger displays a little red dot at the upper-left
corner of the screen. When touched or clicked-on, it generates an
artificial key-press-release sequence for the print key and disappears
for one second. In this time, a separate screenshot component can handle
the print key by capturing the screen without the red dot appearing in
the saved picture.
The touch-keyboard config accepts the new attributes 'opaque="yes"
and 'background=#112233' to control the dialog background. The
attributes are passed unmodified to embedded the menu view.
This patch add the support needed for implementing on-target
system-update functionality. The new 'empty' method is required for the
two-step procedure of updating image-index files - removing the old
index, followed by downloading the most current one. It is used to the
detect the completion of the first step.
Issue #4744
This patch reflects more details such as the percentage value for
downloads maintained in the download queue. This makes this information
easier to display at the GUI.
Issue #4744
This patch replaces the generic "In progress..." message by slightly
more concrete information about the type of operation. This is useful to
distinguish the two steps during the expansion of a partition.
This patch enhances the depot_download subsystem with support for
downloading and querying system images.
The installation ROM support the following two now download types:
<image_index path="<user>/image/index"/>
<image path="<user>/image/<name>"/>
Internally, the depot-download subsystem employs the depot-query
component to determine the missing depot content. This component
accepts the following two new queries:
<images user="..."/>
<image_index user="..."/>
If present in the query, depot_query generates reports labeled as
"images" and "image_index" respectively.
The also tracks the completion of each job depending on the depot-
query results, so that the final report contains a result for each
installation item requested. Prior this patch, the inactivity of the
depot-download manager (indicated by an empty state report) was
interpreted as success. But that prevents the proper association of
results and requested installation items.
Issue #4744
The 'scan' query for depot users used to list the names of depot users.
However, the URL and existence of a pubkey is useful to know when
assembling a GUI menu from this list.
Issue #4744
Each time when enlarging the menu view, a new 'Gui_buffer' is
constructed with the new size. At its contruction time, the default
reset background color is in effect, which is evaluated by
'reset_surface' as part of the construction. A custom reset color
takes effect only after the construction. Hence, when the Gui_buffer is
flushed to screen immediately at construction time, the gray default
becomes visible for a short time.
This patch changes the Gui_buffer to accept the reset background color
as construction argument so that it takes immediate effect.
Related to #4592
With the new 'presets:' tag, .sculpt files can now refer to deploy
configurations to be integrated in the presets/ subdirectory of the
config file system. Those files can thereby be used as preconfigured
system scenarios. Such a preconfigured scenario can be loaded at
runtime by copying the preset file to config/deploy.
Issue #4731
This patch simplifies the 'Deploy::update_managed_deploy_config'
interface by keeping an internal copy of the currently used deploy
template inside the 'Deploy' class. The template is updated whenever
the config/deploy file is modified.
This change weakens the coupling between the '_manual_deploy_rom' and
the '_deploy' subsystem, easing the upcoming implementation of the
switching between presets.
When writing the GPT header, the tool always wrote the GPT entries
belonging to the primary header to LBA following the header. Normally
this is LBA 2 as the header is located in LBA 1. The GPT allows for
up to 128 entries that all in all cover 16 KiB of storage space.
However, on some systems, e.g. ARM-based machines, the bootloader can
be stored in this region. For this reason the GPT entries may be moved
to a different LBA.
This commit changes the tool to adhere to then given GPE LBA in header
when writing out the modified GPT data.
Fixes#4720.
The old 'Io_response_handler::io_progress_response' interface has been
replaced by the 'Vfs::Env::User::wakeup_vfs_user' (issue #4697). The
remaining 'read_ready_response' method is now hosted in the
appropriately named 'Read_ready_response_handler'.
Issue #4706
This patch keeps driving the internal state machines until no progress
can be made. This required fixing the return values of several execute
functions, which used to report progress while being in complete state.
Along the way, the patch removes default switch cases to ensure that all
states are covered.
Issue #4706
By adding a 'write_ready' interface following the lines of the existing
'read_ready', VFS plugins become able to propagate the (de-)saturation
of I/O buffers to the VFS user. This information is important when using
a non-blocking file descriptor for writing into a TCP socket. Once the
application observes EAGAIN, it expects a subsequent 'select' call to
return as soon as new I/O buffer space becomes available.
Before this patch, the select call would always return under this
condition, causing an unnecessarily busy write loop.
Issue #4697
This patch removes the 'Insufficient_buffer' exception by returning the
WRITE_ERR_WOULD_BLOCK result value instead. It also eliminates the
superfluous WRITE_ERR_AGAIN and WRITE_ERR_INTERRUPT codes.
Issue #4697
This patch fosters the batching of network packets transferred by the
lwIP stack over the NIC connection. It replaces the eager submission of
the packet-stream's data-flow signals by explicit wakeup notifications.
The commit also increases the NIC session's buffer size from 128 to 1024
packets.
Issue #4697
This patch facilitates the batching of I/O operations in the VFS library
by replacing the implicit wakeup of remote peer (via the traditional
packet-stream interface like 'submit_packet') by explicit wakeup
signalling.
The wakeup signalling is triggered not before the VFS user settles down.
E.g., for libc-based applications, this is the case if the libc goes
idle, waiting for external I/O.
In the case of a busy writer to a non-blocking file descriptor or socket
(e.g., lighttpd), the remote peers are woken up once a write operation
yields an out-count of 0.
The deferring of wakeup signals is accommodated by the new 'Remote_io'
mechanism (vfs/remote_io.h) that is designated to be used by all VFS
plugins that interact with asynchronous Genode services for I/O.
Issue #4697
The commit "sculpt_manager: relax nic_drv policy label" introduced the use of
the "label_prefix" attribute instead of "label" for the uplink policy in the
NIC router. However, it missed an appropriate adaption of the lookup of that
attribute when the Sculpt manager has to decide which uplink is used in a
manually managed router config. This caused the uplink to disappear whenever a
user created a manually managed router config. This commit fixes the problem.
Issue #4660Fixes#4695
Although we do not have the full ACPI information parsed yet, to
announce non-PCI devices derived from the ACPI tables, the device
description of the assumed devices is now integral-part of pci_decode.
Formerly, the information was gained separatedly as boot-module, whereby
we lost synchronization in between ACPI/PCI parsing, BIOS handover, and
PS/2 emulation code already acting.
The platform driver configuration is missing the required 'info'
attribute that allows the 'vesa_fb_drv' to map the proper I/O
memory address of the framebuffer. In addition the driver requires
at least '2' more CAPs, so raise the quota to '110'.
Fixes#4668.
This patch makes the component graph better reusable for the phone
version of Sculpt. In the phone version, the '+' menu does not exist.
So we need to omit the corresponding button. Furthermore, the storage
dialog is presented in a dedicate section of the GUI instead of
presenting it inside the 'storage' graph node. The phone version
also does not offer the inspect view. So we need to omit the
corresponding buttons.
When using the newer genode_c_api uplink library, an uplink connection uses
the device name as label, which enables integrators to use different policies
resp. routes for different devices driven by one driver. The nic_drv policy
of the nic_roouter configuration generated by the sculpt_manager however uses
an empty label like: "nic_drv -> ". This is the way how existent NIC drivers,
like ipxe_nic_drv requested their uplink session. To support both driver
variants this commit relaxes the policy by checking for a prefix only.
Ref genodelabs/genode#4660
If `select_from_ports` is evaluated lazily, we might miss a port during
the dependency check. A way to prevent this is to use the `:=` operator.
Fixesgenodelabs/genode#4618
plain_decorator_theme.tar is not linked to the app but must be generated
as side effect. Therefore, use CUSTOM_TARGET_DEPS to trigger the
generation.
Fixes#4637
This patch removes the intermediate querying of the depot while the
installation of packages is in progress. This avoids misleading warning
messages and reduces superfluous file-system load during the
installation of large packages.
Issue #4631
This patch reflects both the pci_decode results and the platform
driver's aggregated device information in Sculpt's /report/drivers/ in
the form of pci_devices and devices files respectively.