The zynq nic_drv also depends on hw, we therefore adapted the folder
structure for clarity. Also renamed the binary to 'zynq_nic_drv' to
prevent conflicts and to allow removing the cadence_gem spec.
Issue #3179
This commit removes APIs that were previously marked as deprecated. This
change has the following implications:
- The use of the global 'env()' accessor is not possible anymore.
- Boolean accessor methods are no longer prefixed with 'is_'. E.g.,
instead of 'is_valid()', use 'valid()'.
- The last traces of 'Ram_session' are gone now. The 'Env::ram()'
accessor returns the 'Ram_allocator' interface, which is a subset of
the 'Pd_session' interface.
- All connection constructors need the 'Env' as argument.
- The 'Reporter' constructor needs an 'Env' argument now because the
reporter creates a report connection.
- The old overload 'Child_policy::resolve_session_request' that returned
a 'Service' does not exist anymore.
- The base/printf.h header has been removed, use base/log.h instead.
- The old notion of 'Signal_dispatcher' is gone. Use 'Signal_handler'.
- Transitional headers like os/server.h, cap_session/,
volatile_object.h, os/attached*_dataspace.h, signal_rpc_dispatcher.h
have been removed.
- The distinction between 'Thread_state' and 'Thread_state_base' does
not exist anymore.
- The header cpu_thread/capability.h along with the type definition of
'Cpu_thread_capability' has been removed. Use the type
'Thread_capability' define in cpu_session/cpu_session.h instead.
- Several XML utilities (i.e., at os/include/decorator) could be removed
because their functionality is nowadays covered by util/xml_node.h.
- The 'os/ram_session_guard.h' has been removed.
Use 'Constrained_ram_allocator' provided by base/ram_allocator.h instead.
Issue #1987
Make the size of the packet buffer at the VFS File_system client
configurable. This allows larger reads to be completed in a single
packet cycle.
Example: <vfs> <fs buffer_size="512K"/> </vfs>
Fix#3167
1) A session request gets denied if there is no matching session policy.
(The <defaul-policy/> tag can be used for the former default behavior)
2) A session request gets denied if the MAC address is given through the
matching policy but this address cannot be allocated.
3) A session request gets denied if the MAC address is not given through the
matching policy and it is also not possible to allocate one.
Issue #3040
This patch adjusts the implementation of the base library and core such
that the code no longer relies on deprecated APIs except for very few
cases, mainly to keep those deprecated APIs in tact for now.
The most prominent changes are:
- Removing the use of base/printf.h
- Removing of the log backend for printf. The 'Console' with the
format-string parser is still there along with 'snprintf.h' because
the latter is still used at a few places, most prominently the
'Connection' classes.
- Removing the notion of a RAM session, which does not exist in
Genode anymore. Still the types were preserved (by typedefs to
PD session) to keep up compatibility. But this transition should
come to an end now.
- Slight rennovation of core's tracing service, e.g., the use of an
Attached_dataspace as the Argument_buffer.
- Reducing the reliance on global accessors like deprecated_env() or
core_env(). Still there is a longish way to go to eliminate all such
calls. A useful pattern (or at least a stop-gap solution) is to
pass the 'Env' to the individual compilation units via init functions.
- Avoiding the use of the old 'Child_policy::resolve_session_request'
interface that returned a 'Service' instead of a 'Route'.
Issue #1987
The notion of a RAM session does not exist anymore. Hence, we have to
adjust the name of 'init_env_ram_session'. Since this change modifies
the ABI, it comes as separate commit.
Issue #2407
- support to create multiple vCPUs
- support to implement Vm_session methods client side within base library
- adjust muen specific virtualbox4 version to compile/link
Issue #3111
Move the allocation of the session packet buffer into a subclass that is
constructed before the File_system RPC object. This allows the buffer
allocation to be wrapped in a constructor/destructor class and clearly
accounted for.
Fix#3134
Since the timer and timeout handling is part of the base library (the
dynamic linker), it belongs to the base repository.
Besides moving the timer and its related infrastructure (alarm, timeout
libs, tests) to the base repository, this patch also moves the timer
from the 'drivers' subdirectory directly to 'src' and disamibuates the
timer's build locations for the various kernels. Otherwise the different
timer implementations could interfere with each other when using one
build directory with multiple kernels.
Note that this patch changes the include paths for the former os/timer,
os/alarm.h, os/duration.h, and os/timed_semaphore.h to base/.
Issue #3101
Init's state reports are updated whenever an interesting part of init's
internal state changes (e.g., when sessions are established, or when
children are started/removed). However, until now, a change of a skipped
heartbeat counter was not taken as trigger for state-report updates.
In scenarios where no other intersting event happened, the last reported
state did no reflect the current heartbeat state. In particular, when
the last report was issued during the construction of a new child just
before the child became able to respond to heartbeat requests, the stale
report hinted at heartbeat problems that were just an initialization
artifact. This problem became visible on some Qemu platform where the
child startup takes a long time.
The patch tracks the observed skipped-heartbeat counter and triggers a
report whenever the counter value changes.
Issue #3079
For reading the MAC address we try first to read it from the <policy> tag, and
when it is not defined in the <policy> tag, we allocate a MAC. But there was
no handling of the case that there is no appropriate <policy> tag. In this
case we want to create the session with an allocated MAC also.
This patch makes init robust against invalid routing rules that lack a
name attribute in the '<service>' node. This situation may occur when
interactively editing routes in Sculpt.
Some application code is dereferencing the pointer returned by
'packet_content' at packet streams without checking that it is valid.
Throw an exception rather than return a null pointer, except for
zero-length packets, which have somewhat implicit invalid content and
that we believe to be properly handled in all current cases.
The client-side of a packet stream cannot take corrective action if the
server-side is sending packets with invalid content, but the servers
that provide packet streams should catch this exception to detect
misbehaving clients.
Ref #3059
Change the root of a session request into an explicit path and apply the
label-to-path conversion using the "path_prefix" policy attribute. This
is in addition to only applying a root change with a "path" attribute.
Ref #3031Fix#3056
* Account all RAM/CAP quota of a session except quota for metadata used in
core. The latter is considered when asking if a session can afford to make
an operation but it does not get accounted to always be able to pay back all
quota when a session closes. The general accounting mechanism is moved from
atop of the allocators down to the level of RAM/RM session operations.
* report statistics about session objects and quota if <report stats="yes"
quota="yes"/> is configured. (default is yes if <report> is present)
Issue #2953
Like suggested by RFC 2663, reprogram the dissolve timeout of a TCP link
state to 2 times the maximum segment lifetime (by default 1 minute) when
receiving a matching packet with the FIN flag set, or with the ACK flag
set to acknowledge a FIN of the remote side.
Mark a link state as closed (no further reprogramming of the dissolve
timeout) and set the dissolve timeout to 2 times the maximum segment
lifetime when receiving a packet with the RESET flag set.
Issue #2953
If the NIC router has insufficient CAP or RAM quota for the creation of
a state object for an interface, it tries to destroy a certain amount of
existing state objects of this interface to free resources. Afterwards,
it retries handling the current packet once. If it does fail again, the
router drops the packet.
Issue #2953
Ensure that a '\0' always appears at the end of the ouput of the XML
generator. Previously, exceptions during the Node(...) constructor
might have prevented this. This commit also extends the xml_generator
test to drive a harder test on exceptions in the Xml_generator.
Issue #2953
The VFS server does not support file-system with one single-file plugin
providing the root. This is because the "leaf_path" is not universally
implemented to handle the path "/". This fix is simply to skip a
"leaf_path" check when opening the path "/".
Ref #2919
The PS/2 driver retries to get mouse-reset results for 700 ms, sleeping
after each attempt for 10 ms. So, the driver needs a Timer session now.
Fixes#2713
This patch addresses a situation where _process_packets was called as a
side effect of watch notification (that was processed during an unlink
RPC operation). This scenario (triggered by the fs_query test)
ultimately ended up in a deadlock. Io/watch reponse handlers should
never re-enter the application logic.
The new base/xsd/config.inc defines generic XSD types such as 'Boolean' or
'Session_label'. It can be included in config XSD files by using:
! <xs:include schemaLocation="file://${GENODE_CONFIG_INC}"/>
The string ${GENODE_CONFIG_INC} is replaced by the run tool with the
above mentionened file path.
Issue #2897
Seen on X250
Description from https://www.win.tue.nl/~aeb/linux/kbd/scancodes-1.html
The ten grey keys Insert, Home, PgUp, Delete, End, PgDn, Up, Left,
Down, Right are supposed to function regardless of the state of Shift
and NumLock keys. But for an old AT keyboard the keypad keys would
produce digits when Numlock was on or Shift was down. Therefore, in
order to fool old programs, fake scancodes are sent: when LShift is
down, and Insert is pressed, e0 aa e0 52 is sent; upon release of
Insert e0 d2 e0 2a is sent. In other words, a fake LShift-up and fake
LShift-down are inserted.
Fixes#2888
When the cached_fs_rom saturates the packet stream of its File_system
session it will call the session request handler recursively as pending
transfers are completed. This is bad because the content of the XML node
currently being processed will change.
The session request handler can no longer be called directly, but the
"schedule" method will submit a signal to the request handler, and
requests will be processed after the current operation has completed.
Calling 'handle_io_response()' in a regular VFS function (in contrast to a
post-signal hook) can cause problems if the caller of the VFS function holds
a lock which prevents the io response handler from returning.
With this commit, the user of the VFS becomes responsible for unblocking
threads which might be blocking after a failed 'queue_read()', 'queue_sync()'
or 'write()' call.
Fixes#2896
This new vfs_import plugin allows a VFS instance to be populated during
construction using a sub-VFS configured in an '<import>' configuration
node. This allows the ram_fs File_system server to be replaced by the
VFS server by reimplementing the ram_fs 'content' feature. At the
moment the copying of symlinks is not enabled, and the resources
obtained by the import file-system may not be freed after the import is
finished.
Fix#2906
The ram plugin to the VFS must send notifications to watch handles on
files when they are removed. This brings the VFS server to parity with
the ram_fs server for the sake of notifications.
Move run/fs_report to gems and use the vfs server and the vfs init
plugin in the test.
Ref #2902
This patch removes the detection of statically linked executables from
the base framework. It thereby fixes the corner cases encountered with
Sculpt when obtaining the binaries of the runtime from the depot_rom
service that is hosted within the runtime.
Statically linked binaries and hybrid Linux/Genode (lx_hybrid) binaries
can still be started by relabeling the ROM-session route of "ld.lib.so"
to the binary name, pretending that the binary is the dynamic linker.
This can be achieved via init's label rewriting mechanism:
<route>
<service name="ROM" unscoped_label="ld.lib.so">
<parent label="test-platform"/> </service>
</route>
However, as this is quite cryptic and would need to be applied for all
lx_hybrid components, the patch adds a shortcut to init's configuration.
One can simply add the 'ld="no"' attribute to the <start> node of the
corresponding component:
<start name="test-platform" ld="no"/>
Fixes#2866
When mounting a ROM module with binary="no", the
vfs will detect the 0-termination to calculate the
file size instead of using the dataspace size.
Fixes#2903
Process I/O packets in batches. If a batch is processed and there are
still packets pending, send a signal locally to the packet handler and
return to the entrypoint signal dispatcher. This prevents clients from
starving each other, which happens when a client continuously submits
packets at a faster rate than the server can process.
Fix#2900
Test of File_system I/O scheduling. It appears that a client not
submitting I/O packets slower than the VFS server can process will
starve other clients.
Ref #2900
This component is contrasted with the fs_rom server that serves
independent dataspaces to each client. Using a cache was not possible
until the region map session supported the creation of read-only
attachments.
Test at run/read_only_rom.
Ref #1633Fix#2760
The verbosity mode of the NIC bridge can be toggled with the verbose attribute
(default value shown):
! <config verbose="no" />
If enabled, the NIC bridge logs sent and received packets as well as the
lifetime of interfaces connected to the bridge.
Issue #2899
This is a follow-up patch of "init: avoid too eager child restart". On
each config update of init, init re-applies child-specific configuration
changes. In the case of an already exited child, this re-evaluation
wrongly marked such a child as abandoned because the child's environment
sessions do no longer exist. Abandoning the child, in turn, triggers the
destruction and subseqent restart (because the <start> node of the
configuration still exists). The latter is bad for two reasons.
First, the exit state of the original instance becomes lost. Second, the
restart may have unexpected side effects due to sessions created by the
new instance. I.e., when resizing a partition in sculpt, init would
wrongly restart the gpt-write tool after the tool successfully exited.
This collides with a newly started instance of part_blk/resize2fs, which
now competes with the second gpt-write instance for the exclusive access
of the targeted block device.
The patch prevents init from re-applying configurations to exited
children. The accompanied test case covers the corner case.
The log messages covered by verbose_packet_drop were previously
configured by the verbose attribute. This isn't the case anymore. Now,
you can configure them as follows:
! <config verbose_packet_drop="no" ... >
! <domain verbose_packet_drop="no" ... />
! <config/>
The new attribute determines whether to log each packet drop and the
rational behind it. The <config> value affects all domains without a
<domain> local value.
Issue #2857
The default value of each <domain> is the <config> value. However, if
a <domain> local value is set, the <config> value doesn't affect this
value at all.
Fixes#2874
The ICMP-Echo-server functionality of the router has the following
configuration attributes (default values shown):
! <config icmp_echo_server="yes">
! <domain icmp_echo_server="yes" ... />
! </config>
The icmp_echo_server attribute configures whether the router answers ICMP Echo
requests that address the router. The <config> value affects all domains
without a <domain> local value.
Issue #2874
When a domain is updated to a new component config, the two criteria for
keeping an ARP waiting state of a remote domain are whether the remote
domain still exists and whether its IP config is still the same. This
means that a domain must also dissolve all of its remote ARP waiting
states if its IP config changes (without an update of the component
config). This wasn't the case until now.
Issue #2840
The chroot server was conceived to automatically place File_system
sessions into segregated root directories by converting session labels
to paths. If multiple children needed to be grouped under the same path,
a 'merge' policy would truncate the session label before path conversion.
Now that init can rewrite session labels and thus reproduce truncation,
the chroot merge feature is redundant and can be removed.
Fix#2846
Removed the modified mark from handles that have been written to when
they are synced, otherwise a notification would be sent again when the
handle is closed.
Ref #2839
* Do not log events that are not critical (deadly) to the NIC router if not
configured to be verbose,
* Print almost all log lines with a prefix of the domain name they are
related to,
* And, do not use Genode::error and Genode::warning as they make it hard to
read the log with the domain name prefixes.
Fixes#2840
Introduce the uplink tag:
! <config>
! <uplink label="wifi" domain="uplink">
! <uplink label="wired" domain="wired_bridge">
! <uplink domain="wired_bridge">
! <config/>
For each uplink tag, the NIC router requests a NIC session with the
corresponding label or an empty label if there is no label attribute.
These NIC sessions get attached to the domain that is set in their
uplink tag as soon as the domain appears. This means their lifetime is
not bound to the domain. Uplink NIC sessions can be safely moved from
one domain to another without being closed by reconfiguring the
corresponding domain attribute.
Attention: This may render previously valid NIC router configurations
useless. A domain named "uplink" doesn't automatically request a NIC
session anymore. To fix these configurations, just add
! <uplink domain="uplink"/>
or
! <uplink label="[LABEL]" domain="uplink"/>
as direct subtag of the <config> tag.
Issue #2840
The term was used for the old configuration during the handling of a new
configuration but in other places it was already called old_config.
Issue #2840
Dissolve and destroy the invalid domain first before deinitializing all
domains for the next round. This way, the deinitialization is not done twice
for the invalid domain.
Issue #2840
Due to a bug in the deinitialization of the DHCP server of a domain (the
reference to the destroyed object was not cleared), the NIC router could
end up in a page fault caused by a double-free at the heap. This also fixes
the previously missing dissolving of the "DNS-server-from" relation to a
remote domain.
Issue #2840
Currently has three clients that continuously create new UDP/TCP/ICMP
connections through the NIC router with NAT to the outer world and they
get never closed. A fourth client does normal ping through the same
domain to the outer world that must succeed even after the RAM quota of
the other session at the router is exhausted. The test is restricted to
Qemu to not being at risk to flood real networks.
Issue #2857
This patch weakens the aggressive restart of a child with incomplete
environment sessions. The restart check is performed each time
the init configuration changes. In sculpt, this is not a rare special
case anymore but a frequent case when using the depot_rom as provider
for environment ROM sessions. In particular when starting a chain of
inter-depending children, the sculpt-manager quickly generates a
sequence of configurations with successively added start nodes.
The addition of the 'Cap_consumer' feature to app/dummy increased the
static RAM demand of the component to a point where 1 MiB no longer
suffices on sel4 (on this kernel, the base library uses a larger amount
of statically allocated data compared to the others). The tweaks enable
init.run and init_loop.run to work on sel4 on x86-64.
Selecting an alternate interface setting, even if it is the same as the
current one, apparently makes the INQUIRY command fail with USB devices
like 'SanDisk Ultra Fit' (0781:5583) and 'Corsair Flash Voyager'
(1b1c:1a03) when the USB block driver is restarted.
Fixes#2860
* Catch Quota_guard exceptions wherever we do 'new (_alloc)' in Interface
and in case drop the packet that caused the exception
* Modify Interface::handle_config_2 to not use the guarded allocator of the
NIC session quota as we cannot handle a RAM exhaustion well at this point
in time. Instead use a Constructible member in Interface so that a needed
RAM adds up to the calculation in the create_session implementation where
an exhaustion is handled via a service denial.
Issue #2857
The interface destructor called pure virtual methods at least when
cancelling ARP- waiting states. The implementations were made by the
deriving classes Session_component respectively Uplink. This led to an
abort of the NIC router as the destruction of the derived class was
already done. A similar problem already occured in the past during the
construction of Interface and was back then solved by introducing a
separate init() method. This commit, however, solved the problem by
making Interface a member of the other classes. Therefore, the init()
method could be removed again. Furthermore, the interface polica could be
moved from Session_component_base to Session_component. The commit also
had to generalize the way the link state of an interface is determined.
Fixes#2856
While a child is abandoned, we must limit the start of anothers with
the same name. Otherwise - of the child has startup problems - a number
of abandoned children with the same name may queue up. This becomes a
problem whenever the child destruction depends on an asynchronous
service that provides an env session for the children. If the service is
unable to keep up with the session requests (both create and close),
the queue of abandoned children becomes unbounded. Limiting the child
creation rate to one abandoned child per name mitigates this problem.
This patch reduces the latency of state reports when children are
removed or added, thereby, accellerating the feedback loop between a
management component and init during the staged startup or removal of
inter-dependent components.
This test monitors the RAM quota of a dynamic init and a server hosted
within the dynamic init in the presence of a repeatedly created and
destructed client.
Previously we were doing the initialization once over all domains,
remembered which of them became invalid and destroyed those afterwards.
This isn't sufficient. As soon as one domain becomes invalid we have to
dissolve/destroy this one, deinitialize all other domains again (as they
could contain references to the invalid domain) and retry to initialize
them from the beginning. We proceed with this until we have one run
without a domain becoming invalid. Then we can be sure that the last
initialization run did not create references to any invalid domain.
Issue #2840
The generic helper Avl_string_tree of the NIC router is currently only
used for finding domains via their names, but in the future it can be
used for finding uplinks by their labels also. Additionally, it enables
us to throw an exception when inserting two elements with the same
identifier.
Issue #2840
* Get rid of the base classes Rule and Leaf_rule,
* Make log output about initiated or invalid routing rules conform to the rest
of the router log, and
* Ensure that each type of routing rule when being invalid invalidates its
whole domain.
Issue #2840
The condition was too rigid. In the case where no motion occurred in
between the press and release events of the magic button, the delayed
press event would not be delivered. This - in turn - confused other
components (like nitpicker) down the input chain.
for such classes where it should be safe and where we have seen issues.
Disabling in general bus master DMA causes on some machines hard hangs, e.g.
because the USB handover protocol was violated.
Fixes#2835
In contrast to most information of init's state reports, which can be
monitored at a relatively low rate (like 2 seconds in Sculpt's runtime),
resource requests call for an immediate response by the consumer of the
report. Otherwise the requesting child stays unnecessarily blocked until
the next rate-limited state report is due. This patch adds a fast lane
for such low-latency state updates to init.
Do not send nor buffer packets at interfaces with link state "down". This
prevents that packets that were routed to one network (allowed to see them),
due to a sudden link down/up, are leaked to another network that is not
allowed to see them.
When updating an interface in the NIC router to a new configuration and
the domain name of the interface has not changed but the domain
disappeared, the NIC router did not detach from the old domain correctly
which led to broken remnants of interface state objects (like connection
states).
Adapt the nic_router_uplinks run script to work with the fix.
fs_report truncated the report file on construction of the report
session to mimic an "empty report". This prevented existing use cases
where the initial state was already written to the file system by other
means.
I doubt that use cases exist where the inital empty-report mimic is
needed and (if I'm wrong) there is still the race of the consumer
reading the file just before the report session is constructed.
Reporters that want to enforce an empty initial report should send it
explicitly.
Clients may wish to act on missing files. In any case the fs_rom
needs to reopen a watch handle when a file is deleted, and this
sort of change to the internal state machine is propelled by
client RPC requests.
Fix#2839
The new 'displays' report contains information about the used
framebuffer backend. It is issued when nitpicker has successfully passed
all initialization, in particular the connection to the framebuffer
driver. Hence, it can be taken as an indicator of whether the framebuffer
is available or not (e.g., caused by a faulty driver).
When re-configuring the NIC router, determine for each domain if at least one
interface stays with the domain. If a domain fullfills this and has a
dynamic IP config (received via a DHCP client), keep the IP config.
To achieve this, the following changes have been made to the existing NIC
router code:
* Split-up Interface::handle_config into three steps:
1) Determine for each interface if its domain can keep its IP config or
or if it has to mark it invalid. This must be done before (re-)attaching
any interface because during "attach" several decisions are made based on
the validity of the IP config of corresponding the domain.
(E.g. whether to participate in sending DHCP DISCOVERs {IP config
invalid} or whether to participate in sending pending ARP REQUESTs
{IP config valid} ).
2) Detach, attach, or re-attach each interface according to the
configuration. This must be done before re-considering the temporary
state objects of each interface because the latter might have effects
on the interfaces of remote domains which must then be in place already.
3) Re-consider temporary state objects of each interface. (E.g. transport
layer connection states)
* Re-work IP-config setter in a way that it works as follows:
1) If the old IP config is valid, let all local interfaces as well as remote
interfaces that depend on the IP config of the domain detach from the old
IP config.
2) Overwrite with new IP config
3) If the new IP config is valid, let all local interfaces as well as remote
interfaces that depend on the IP config of the domain attach to the new
IP config.
Issue #2815
The new attribute config.domain.label has effect only at the uplink
domain-tag. It determines which label the NIC router shall use when
requesting the NIC session for the uplink domain. If value of this
attribute changes at the uplink domain-tag, the NIC router closes and
re-requests the NIC session of the uplink with the new label.
Issue #2815
Set DHCP-DISCOVER retry timeout and DHCP-REQUEST retry timeout from 10
seconds to 2 seconds. This prevents problems with tests where the NIC
driver comes up slowly and the first packets of the DHCP client get
dropped.
Issue #2837
The Ethernet destination MAC address of a DHCP reply is not the same as the
DHCP client MAC address. The DHCP server of the NIC router did not take care
of this by now.
Issue #2837
When an environment session is provided by a async service such as a
sibling component, the session metadata must be preserved until end of
the lifetime of the session at the server has been acknowledged by the
server. Since the session meta data of env sessions are always part of
the 'Child' object, the destruction of this object must be deferred
until this point.
Merge the 'Packet_handle' into the 'Rom_root' and use an Id_space to
match File_system handles to session objects rather than a list. This
avoids the need to override 'Root_component::_destroy_session'.
Fix#2833
When exhausted of RAM quota while starting children, init used to throw
an uncaught 'Out_of_ram' exception as this condition was considered
fatal. However, this behavior is undesired when init is used in a highly
dynamic yet long-running fashion like sculpt's runtime subsystem. This
change keeps init running despite the error condition, giving the user
the chance to relieve the resource pressure.
The 'View_stack::draw_rec' method limited the redraw to parts of the
view that were explicitly marked as dirty. This does not produce the
desired result when stacking multiple transparent views. Here, the
background views must be drawn regardless of whether they are marked as
dirty or not.
The file may also be changed by other components, so a open-close cycle
for write() is more robust. For example, Vim removes the original file
and recreates with the new content.
The '_active_mode' must not be changed at any time except when the
client asks for the 'Framebuffer::mode'. Otherwise, the dimensions of
dataspace used by the client is not always consistent with the mode
information as gathered by the client.
Normally, the NIC sessions are independent from the domain tags.
However, by now the uplink session, in contrast to the sessions of the
other domains, is still not a server but a client. This means that only
the NIC router itself can decide when to open and close uplink sessions
and how many. Thus, with this commit, we break with the pattern that
session lifetime is independent from domains by letting the NIC router
create the uplink session when the uplink domain appears and close the
session when the domain disappears.
Fixes#2795
Since the router MAC is allocated like the donwlink MACs it can't happen
anymore that these MACs clash, for instance due to nested routers. Thus,
the range of the MAC allocators of nested routers must not be exclusive
anymore which deprecates the 'mac_first' configuration attribute.
Issue #2795
Allocate a virtual MAC address at runtime that is used as router
Ethernet-identity for all downlink domains. This makes the downlink
domains independent from the uplink session.
Issue #2795
The old MAC allocator had several drawbacks:
* the address base was a public static that could and must have been written
directly from outside the class
* the in-use-flag array was based on unsigned values consuming 4 bytes each
for only one bit of information
* it was a public header that we actually don't want to expose to all
components but only to the few networking components
* it used the not-so-safe bit notation for integer members of GCC
The new version fixes all these drawbacks.
Issue #2795
Instead of handing over the maximum available size to the packet data
accessors, hand over a size guard that keeps track of the packets
boundaries.
This commit also moves the size-guard utilitiy header of Ping and NIC
Router to the include/net directory making it a part of the net library.
It applies the new approach to all net-lib users in the basic repositories.
Ping looses its configurability regarding the ICMP data size as this would
require an additional method in the size guard which would be used only by
Ping.
The size guard was also re-worked to fit the fact that a packet can
bring a tail as well as a header (Ethernet).
Issue #2788
For now it is enough to differentiate the most commonly used file
system on Genode, e.g. Ext2 for the Genode partition and FAT32 for
(U)EFI partitions.
Issue #2803.
The component will now always try to parse the MBR as well as the GPT
(in this order). It will bail out if both are considered valid, using
GPT/MBR hybrid tables is not supported.
Fixes#2803.
The Ethernet payload may be followed by padding of variable length and
the FCS (Frame Check Sequence). Thus, we should consider the value
"Ethernet-frame size minus Ethernet-header size" to be only the maximum
size of the encapsulated IP packet. But until now, we considered it to
be also the actual size of the encapsulated IP packet. This commit fixes
the problem for all affected components of the Genode base-repository.
Fixes#2775
This reduces the redundant implementations of checksum calculation to
one generic implementation, makes the checksum interface conform over
all protocols, and brings performance optimizations. For instance,
the checksum is now calculated directly in big endian which saves us
most of the previously done byte-re-ordering.
Issue #2775
Replace packet method 'T *data' by the new methods 'T &reinterpret_data'
for parsing or modifying existing sub-protocol packets and 'T
&construct_at_data' for composing a new sub-protocol packet. This has
the advantage that, when composing a new packet, the default constructor
that zero-fills the packet is always called first.
Fixes#2751
This commit changes the 'Input::Event' type to be more safe and to
deliver symbolic character information along with press events.
Issue #2761Fixes#2786
On the Raspberry PI, the 2 seconds of round time in the polling test
were not sufficient to reach the goal of at least 1000 successful polls.
Thus, the commit sets the round time to 2.5 seconds which doesn't hurt to
much but allows the RPI to just make it.
Fixes#2779
This patch largely reverts the feature of selecting parts of input nodes
from within the output node (as originally introduced by commit
7263cae5a18b4f1f2293d031f9bafcf05ba51146). The selection of content
should be consistently performed by input nodes instead. The principle
ability of copying input nodes verbatim into the output stays available.
Issue #2691
The new 'attribute' and 'value' attributes of input nodes
can be used to select input sub nodes that match the presence and value
of the specified attribute.
Issue #2691
The 'stat' method is called for all paths, not just the specific file
system node of the ROM module. The ROM update is needed only in the
latter case.
Otherwise, when always updating the ROM on stat, stat calls on the VFS
become very expensive in the presence of a mounted ROM module if the ROM
is obtained from fs_rom (which re-watches the file and all its
individual path elements whenever the 'update' RPC function is called).
Reduce the size and forward compatibility of VFS file-system
constructors by passing an object holding accessors for 'Genode::Env',
'Genode::Allocator', response handlers, and the root file-system.
Fix#2742
When working with GPIO interrupts on i.MX6SX for Ethernet PHYs
it became obvious that the GPIO driver repeatedly receives interrupts
for the same event, because it acknowledges the interrupt before a
client has handled the event.
Ref #2750
This driver component provides support for using consumer NVMe storage
devices, i.e. it omits name space managment and will always use the
first name space, on Genode. For now it defaults to a reasonable low
configuration:
- 1 I/O queue (completion/submission tuple)
- 128 entries in the I/O queue
- 4096 as the only I/O transaction memory page size
Fixes#2747.
The 'default' attribute is useful to change the default value for those
protocol attributes that are not explicitely set in the configuration of
the component.
Issue #2738
Each supported protocol now has an attribute with the name of the protocol in
the config tag. Each of these attributes accepts one of four possible values:
* no - do not print out this protocol
* name - print only the protocol name
* default - print a short summary of the most important header values
* all - print all available header values
Example:
! <config eth="name"
! arp="all"
! ipv4="default"
! dhcp="no"
! icmp="all"
! udp="no"
! tcp="default"
! ... />
Corresponding output example:
! ETH IPV4 10.0.2.212 > 10.0.2.55 time 7158 ms (Δ 11 ms)
! ETH IPV4 10.0.2.55 > 10.0.2.201 TCP 80 > 49154 flags ' time 6976 ms (Δ 5 ms)
! ETH ARP hw 1 prot 2048 hwsz 6 protsz 4 op 1 srcmac 02:02:02:02:02:01 srcip 10.0.2.212 dstmac 00:00:00:00:00:00 dstip 10.0.2.55 time 7074 ms (Δ 98 ms)
Issue #2738
Nitpicker's 'Session:focus' call used to trigger a one-off focus change
at call time. This focus change did not pass the same code paths as a
focus change triggered by a "focus" ROM update, which led to
inconsistencies.
This patch changes the implementation of 'Session::focus' such that the
relationship of the caller and the focused session is preserved after
call time. Whenever the calling session is focused in the future, the
specified session will receive the focus instead. So 'Session::focus'
represents no longer a single operation but propagates the information
about the inter-session relationship. This information is taken into
account whenever the focus is evaluated regardless of how the change is
triggered.
This makes the focus handling in scenarios like the window manager more
robust.
Issue #2746
Relative motion events with a motion vector of (0,0) should not exists.
They cause jittery movements of nitpicker's pointer position. This
patch filters out such events.
The 'ping' component continuously sends ICMP Echo requests to a given IP host
and waits for the corresponding ICMP Echo replies. For each successfull ICMP
Echo handshake it prints a short statistic. By now, it can be used only with a
static IP configuration. The size of the ICMP data field can be configured. It
gets filled with the letters of the alphabet ('a' to 'z') repeatedly.
Issue #2732
Originally, the timeout framework caused deadlocks when acquiring the same
lock from different timeout handlers. This use case is now tested in the
timeout test.
Fixes#2704
To handle all pending timeouts in the context of scheduling a timeout
was only necessary because the Timeout framework once made use of the
Alarm framework. The method Alarm_scheduler::schedule_absolute took an
absolute deadline as argument and we couldn't change this beause the
Alarm framework was also used without the Timeout framework. We had to
calculate this absolute deadline with the now time of the Timeout
framework but the Alarm framework has its own now time that is always a
bit behind the one of the Timeout framework. This lead to bad decisisons
when finding the right position for the new timeout. Now, we can call
schedule_absolute with a relative duration and thereby fix the problem.
When we schedule an absolute timeout without considering the small time
difference, the end-time for the timeout that is calculated using the
local time value is also smaller than the expected end-time. This can
also lead to directly triggering timeouts that should have triggered
with a certain delay.
As it is not trivial to update the local time value while scheduling a
timeout _without_ calling other timeout handlers, we simply raise the
duration of the new timeout by the age of the local time value.
Issue #2704
This fixes the problem that large timeouts, when rescheduled, are interpreted
to be from the last now_period instead of, what would be right, the next
now_period. This occured if there were multiple pending alarms at the head of
the queue and the reschedule of the first one was done with the other outdated
deadlines still in place.
Issue #2704
Instead of taking the absolute deadline of a timeout as argument from
outside (where it is calculated with a freshly requested now time), we
now take a relative duration as argument and calculate the deadline with
the scheduler-internal now time (which can be a little bit outdated).
This enables us to schedule timeouts without updating the internal now time
and thereby handle all pending timeouts.
Issue #2704