Several users of the signal API used custom convenience classes to
invoke signal-handling functions on the reception of incoming signals.
The 'Signal_dispatcher' pattern turned out to be particularly useful. To
avoid the duplication of this code across the code base, this patch
adds the interface to 'base/signal.h'.
Furthermore, the patch changes the 'Signal::num()' return type from int
to unsigned because negative numbers are meaningless here.
Fixes#511
When matching the 'label' session argument using '<if-args>' in a
routing table, we can omit the child name prefix because it is always
the same for all sessions originating from the child anyway. Therefore,
this patch adds a special case for matching session labels. It makes the
expression of label-specific routing more intuitive.
Add functionality to lookup an object and lock it. Additional the case is
handled that a object may be already in-destruction and the lookup will deny
returning the object.
The object_pool generalize the lookup and lock functionality of the rpc_server
and serve as base for following up patches to fix dangling pointer issues.
File_io_channel now includes ioctl() because pseudo devices which are
implemented as a file-system, e.g. /dev/tty, are controlled via ioctl()
requests. The method is exported to the Vfs through the Vfs_io_channel
class.
The random file-system provides an arc4 based urandom implementation
which is needed for OpenSSL.
NOTE: the Arc4random class currently _does not collect enough_ random
bytes!
We will reuse the terminal connection in the stdio filesystem
to implement /dev/tty. Therefor we need to access the terminal
from different locations which is simplified if it is provided
by a singleton.
With this patch the make install target for Noux applications gets defined
in the 'NOUX_INSTALL_TARGET' make variable with 'install-strip' as default.
Fixes#503.
Since the number of the fds in the select call is not necassarily equal
to the number of fds SYSCALL_SELECT returns we have to reset the number
of fds given as argument to select().
This keeps OpenSSH from reading from a non-ready socket.
Fixes#494.
Currently the lookup of a specific record in a tar archive may take a long
time, because the records get searched in sequence. With this patch a tree
structure representing the directory layout gets created when loading the
tar file for speeding up record lookups.
Fixes#491.
The previous implementation disregards the fact that we actually have
to use libc's plugin mechanism if we play with fds. So in the end the
libc did not know to which plugin the fd belonged.
Fixes#493.
Implies support for the ARMv6 architecture through 'base-hw'.
Get rid of 'base/include/drivers' expect of 'base/include/drivers/uart'.
Merge with the support for trustzone on VEA9X4 that came from
Stefan Kalkowski.
Leave board drivers in 'base/include/platform'.
Rework structure of the other drivers that were moved to
'base_hw/src/core' and those that came with the trustzone support.
Beautify further stuff in 'base_hw'.
Test 'nested_init' with 'hw_imx31' (hardware) and 'hw_panda_a2' (hardware),
'demo' and 'signal' with 'hw_pbxa9' (qemu) and 'hw_vea9x4'
(hardware, no trustzone), and 'vmm' with 'hw_vea9x4'
(hardware, with trustzone).
Since FD_ZERO() resets a whole fd_set (which is 128 bytes) using it to
reset dst_fds will override otherwise used memory if the memory was
allocated dynamically and is less than sizeof (fd_set). So instead of
using this macro we reset the fd_set manually.
The Io_receptor is now used to unblock certain I/O channels from lwip's
callback-function.
There was also a bug in which all ready-to-ready fds were overriden by
the ready-to-write ones.
The Socket_io_channel class now uses the Io_channel_backend to provide
the network related methods. In addition the Socket_io_channel_registry
was replaced with a simpler implementation which uses Io_receptors to
unblock I/O channels from the callback-function of lwip.
The eglgears application depends on 'sqrt'. With the old tool chain,
this symbol was resolved through the dependencies of the 'gallium'
library. This does not work anymore for the new tool chain.
A similar issue arised for avplay, where we need to explicitly
state the av components in the LIBS declaration of the target.
After this commit "make prepare" uses HTTP, HTTPS, or FTP where possible
fvor downloading third-party source codes. This prevents problems with
strict firewall rules where only selected ports are usable.
Unfortunately, git.l4android.org does not support Git via HTTP and,
therefore, the sources need a working Git port (9418).
Fixes#443.
There are certain programs that need gettimeofday(), e.g.
network-related tools like ping(1) etc. but also filesystem-related
programs like find(1) etc. and of course time-related programs like
date(1).
As there is currently no interface in Genode for actually using clock
devices like RTC on x86 (though there is a driver for it) we "abuse"
the timeout_scheduler thread to at least provide flow-of-time.
Noux: add clock_gettime() implementation
For now, only CLOCK_SECOND is supported.
Noux: add utimes() dummy
Fixes#401
This patch moves the thread iterator function declarations in GDB
monitor's 'Cpu_session_component' above the 'CPU session interface'
comment, because these functions are not part of the CPU session
interface anymore.
Fixes#10.
If during the file system iterations in the 'stat()', 'rename()' or
'mkdir()' funtions of the 'Dir_file_system' class any file system
returns an error code other than 'ERR_NO_ENTRY', return immediately.
Fixes#376.
Make sure unlock is called when 'global_mutex' reaches zero count. Add verbose
variable in order to disable some output. Disable irritating 'Overflow' messages
in 'sys_mbox_post' and 'sys_mbox_try_post' per default. This may happen and is
not an error, since the ring buffer is full and will be emptied eventually.
Remove priority from genode_org run script.
Should fix#347
With this patch, when a child exits, all of its open file descriptors get
closed immediately. This is necessary to unblock the parent if it is
trying to read from a pipe (connected to the child) before calling
'wait4()'.
Fixes#357.
Use 'Nic::Packet_allocator', wait for acknowledgements if packet allocation
fails. Updated 'lwip.run' and 'genode_org.run' to support OMAP4 correctly. Use
memcpy to copy PBUFs
May resolve issue #347
Don't map all memory of the VM at once, instead only the one permitted
by the memory model. Otherwise memory regions get mapped which must not,
where each instruction and memory access have to cause an exception in
order to emulate it step by step.
Classes in Vancouver expect to get zero initialised memory when using memory
from the heap. Some classes don't initialize member variables as they should
do.
Reserve memory region for VM as early as possible before any other
memory allocation happens. Otherwise it could happen that heap
allocations will use part of the virtual region we require for the VM.
The memory allocation heuristics in the usb driver provided by dde_linux
changed with the recent commit 71b2b42936.
Apparently, the new variant requires a larger memory pool. Increasing
the quota is a temporary fix until the memory allocator gets revisited.
The 'find' program can abort if the 'gettimeofday()' function returns -1,
which it currently does. With this patch the 'gettimeofday()' returns a
dummy time instead to prevent such a termination.
Fixes#353.
With this patch the 'Vfs_io_channel::lseek()' function takes the offset
argument into account when calculating the new seek offset in the SEEK_CUR
and SEEK_END cases.
Fixes#352.
This patch introduces the functions 'affinity' and 'num_cpus' to the CPU
session interface. The interface extension will allow the assignment of
individual threads to CPUs. At this point, it is just a stub with no
actual platform support.
With this patch environment variables always get stored as zero-separated
strings in buffers of type 'Sysio::Env'. This fixes the problem that
environment variables with non-alphanumeric characters did not get set
correctly in child processes.
Fixes#340.
Change the uid/gid entries in the stat syscall to have the same values
on all filesystems that are used in the current noux-instance according
to the specified values in noux' config.
Fixes#338.
Programs use the errno value to check which error exactly occured.
It is mandatory for non-blocking I/O, e.g. connect() gets the current
state of the connection by looking at the returned errno values.
Fixes#337.
Certain programs tend to set their sockets non-blocking. As previously
descriptors in Noux were only blocking we now introduce a method to mark
the used Io_channel as non-blocking.
There are certain programms which check if an fd is open by calling
fcntl(fd, F_GETFL, ...). So to keep them happy we return true if
such an request was done to our terminal fd's.
Explanation why --disable-rpath-hack is needed:
When building on pistachio_x86 $(LDFLAGS) contains '-L[...]/l4/lib'
which will be transformed by autoconf to '-rpath [...]/l4/lib'.
Now the problem at hand is that we pretend to be FreeBSD when we are
actually not. So autoconf assumes it is valid to use '-path' when it
is actually not.
Also we use zlib for (de)compressing gzipped streams/files instead of
calling gzip as this currently somewhat buggy.
These device are mandatory for most programs (well, at least null
is required to be present for a POSIX compliant OS, which Noux is
actually not). But for proper shell-script support we will need
them anyway.
There are certain programs which need the information that is stored in
'struct passwd'. This commit introduces configurable user information
support to NOUX.
One can set the user information via <user> in NOUX config:
! <config>
! <user name="baron" uid="1" gid="1">
! <shell name="/bin/bash" />
! <home name="/home" />
! </user>
! [...]
! </config>
When <user> is not specified default values are used. Currently these
are 'root', 0, 0, '/bin/bash', '/'.
Note: this is just a single user implementation because each Noux instance
has only one user or rather one identity and there will be no complete
multi-user support in Noux. If you need different users, just start new
Noux instances for each of them.
Previously there was not actual timeout handling. If a select() call
set an timeout it would be set to zero instead and was always handled
as blocking i/o. While this works fine for file descriptors which
will be triggerd externally (for example vim through terminal i/o) it
does not work at all for socket descriptors and network operations in
general.
So this commit introduces proper timeout handling and changes the
behaviour of SYSCALL_SELECT so that it now returns more than just
one descriptor at a time.
noux/minimal and noux/net now depend on thread and alarm libraries.
Noux used to trace syscalls by default, which significantly slows down
its execution. This patch disables the tracing by default. It can be
enabled by specifying 'trace_syscalls="yes"' attribute to the Noux
configuration.
This patch resolves a problem with running 'noux_gdb.run'. Right at the
start, GDB would output a message like:
...cli-script.c:1614: internal-error: called with NULL file pointer!
A problem internal to GDB has been detected,
further debugging may prove unreliable.
Quit this debugging session? (y or n)
The LOG output hints at the cause of the problem:
[init -> noux -> /bin/genode-x86-gdb] fcntl: F_GETFL for libc_fd=3
Thanks to cproc for the fix!
The directory specified by --prefix is not only used to determine
the install location but is also used by -rpath. Therefor it is
better to use $(DESTDIR) to install the binaries to the right
directory and to use --prefix to express the actual location within
NOUX.
This patch adds lighttpd as noux package. However, we do not use the
original build system but rather compile lighttpd directly from the
Genode build system. This is needed because we want to statically link
lighttpd modules into the binary. This mode is (somehow) supported by
the SConscript that comes with lighttpd. However, the GNU build scripts
do not expose this feature.
The port of lighttpd at 'ports/src/app/lighttpd' executes the web server
directly (w/o using Noux). It is accompanied by the lighttpd.run script.
At the current stage, lighttpd is starting up but fails because of an
unsupport fcntl call.
In the current form, only PROT_READ is supported. This case is emulated
by copying the file content into new allocated backing store. Even
though the performance benefits of mmap-using code will not be
preserved, code that relies on mmap can be executed via the libc_noux
or libc_fs plugins, i.e. lightttpd.
The bash configure script cannot detect if the 'getcwd()' function in
Genode's libc works correctly, so it assumes that it is broken and makes
bash use its own version of this function. With this patch bash uses the
libc version, which has a Noux-specific implementation in the 'libc_noux'
plugin.
Fixes#324.
Since no kernel objects can be created anymore outside Genode::core,
the Vancouver port must be adjusted to use solely the Genode interfaces.
The Vcpu_dispatcher creates all portals via the cpu_session interface and
uses the feature to setup a specific receive window during a IPC (the
cap_session::alloc IPC) to place to be received/to be mapped capability
(virtualization exception portal) at the designed indexes.
The actual vCPU thread extends from a normal Genode::Thread and extends it
by specific vCPU requirements, which are a larger exception base window and
the need by Vancouver to place the SM and EC cap at indexes next to each other.
Fixes#316
When opening a new file, a new Fs_vfs_handle is created but with the
initial mode set to 0 which is not expected by functions like fdopen()
that check if the original flags given to the open() call match the
returned ones on the used fd.
Fixes#289.
With this patch the 'GNU Project Debugger' (GDB) can be built for Noux.
The included run script connects GDB and GDB monitor via a cross-link
terminal and allows interactive source-level debugging of the GDB monitor
test application on Genode.
Fixes#280.
Some type size tests in the findutils source code expect the 'time_t' type
to be of the same size as the 'long' type, whereas the Genode libc defines
it as '__int64_t' for ARM. This patch disables these tests.
Fixes#262.
Use git to get recent kernels from github. Adjust NOVA patch to compile
with recent github version. Patch and use makefile of NOVA microkernel
to avoid duplicated (and outdated) makefile in Genode
Furthermore, this patch adds support for using NOVA on x86_64. The
generic part of the syscall bindings has been moved to
'base-nova/include/nova/syscall-generic.h'. The 32/64-bit specific
parts are located at 'base-nova/include/32bit/nova/syscalls.h' and
'base-nova/include/64bit/nova/syscalls.h' respectively.
On x86_64, the run environment boots qemu using the Pulsar boot loader
because GRUB legacy does not support booting 64bit ELF executables.
In addition to the NOVA-specific changes in base-nova, this patch
rectifies compile-time warnings or build errors in the 'ports' and
'libports' repositories that are related to NOVA x86_64 (i.e., Vancouver
builds for 32bit only and needed an adaptation to NOVAs changed
bindings)
Fixes#233, fixes#234
In 'Fs_file_system::open()' the call of '_fs.dir()' can throw a
'File_system::Lookup_failed' exception, which gets explicitly caught
with this patch.
Fixes#246.
This patch adds a new "terminal" file system type to Noux, which allows to
create a "character device" file that is connected to a Genode 'Terminal'
service.
The 'Terminal' session created by the file system has the label
"noux(terminal_fs)" to distinguish it from the 'Terminal' session
created by Noux itself.
Fixes#244.
This patch extends the RAM session interface with the ability to
allocate DMA buffers. The client specifies the type of RAM dataspace to
allocate via the new 'cached' argument of the 'Ram_session::alloc()'
function. By default, 'cached' is true, which correponds to the common
case and the original behavior. When setting 'cached' to 'false', core
takes the precautions needed to register the memory as uncached in the
page table of each process that has the dataspace attached.
Currently, the support for allocating DMA buffers is implemented for
Fiasco.OC only. On x86 platforms, it is generally not needed. But on
platforms with more relaxed cache coherence (such as ARM), user-level
device drivers should always use uncacheable memory for DMA transactions.
The sysio's struct fields need to be properly set on each syscall. This
fixes a bug where the wrong fd is used after the first sendto syscall.
Also the minimal buffer size calculation uses the wrong size.
Fixes#235.
Noux/net adds network functionality to noux. Currently most basic
network related system calls including 'accept', 'bind', 'connect',
'listen', 'recv', 'send', 'shutdown', and 'socket' are implemented by
wrapping lwip's network functions.
At the moment noux/net is rarely usable, though it is possible to
use netcat to send a message to a netcat server which listen on a
given port in noux/net.
The new 'genode_envp' variable declared in '_main.cc' allows libc
plugins to supplying custom environment pointers to the main function.
This is needed by 3rd-party software such as GNU make, which expects the
environment pointer as third argument of the main function.
This patch introduces support for stacked file systems alongside new
glue for accessing file-system implementations provided via Genode's
new file-system-session interface.
Using stacked file systems, an arbitrary number of file systems (such
as tar archives or file systems implemented as separate Genode
components) can be composed to form one merged virtual file system.
An example is given via the 'ports/run/noux_bash.run' script. This run
script creates a virtual file system out of multiple tar archives each
containing the content of a particular GNU package. In addition, one
'ram_fs' is mounted, which enables Noux to perform write operations.
This way, the shell output can be redirected to a file, or files can
be saved in VIM.
Fixes#103.
This patch allows to configure the amount of RAM that GDB monitor should
preserve for itself. The configuration syntax looks as follows:
<start name="gdb_monitor">
<resource name="RAM" quantum="1G"/>
<config>
<target name="noux">
<preserve name="RAM" quantum="2M"/>
...
</config>
</start>
Fixes#190.
With this patch clients of the RM service can state if they want a mapping
to be executable or not. This allows dataspaces to be mapped as
non-executable on Linux by default and as executable only if needed.
Partially fixes#176.
With this patch GDB monitor provides a 'config' file to the target. Its
content can be defined in the <config> sub node of the <target> XML node.
Fixes#179.
This patch introduces support for ROM sessions that update their
provided data during the lifetime of the session. The 'Rom_session'
interface had been extended with the new 'release()' and 'sigh()'
functions, which are needed to support the new protocol. All ROM
services have been updated to the new interface.
Furthermore, the patch changes the child policy of init
with regard to the handling of configuration files. The 'Init::Child'
used to always provide the ROM dataspace with the child's config file
via a locally implemented ROM service. However, for dynamic ROM
sessions, we need to establish a session to the real supplier of the ROM
data. This is achieved by using a new 'Child_policy_redirect_rom_file'
policy to handle the 'configfile' rather than handling the 'configfile'
case entirely within 'Child_config'.
To see the new facility in action, the new 'os/run/dynamic_config.run'
script provides a simple scenario. The config file of the test program
is provided by a service, which generates and updates the config data
at regular intervals.
In addition, new support has been added to let slaves use dynamic
reconfiguration. By using the new 'Child_policy_dynamic_rom_file', the
configuration of a slave can be changed dynamically at runtime via the
new 'configure()' function.
The config is provided as plain null-terminated string (instead of a
dataspace capability) because we need to buffer the config data anyway.
So there is no benefit of using a dataspace. For buffering configuration
data, a 'Ram_session' must be supplied. If no 'Ram_session' is specified
at construction time of a 'Slave_policy', no config is supplied to the
slave (which is still a common case).
An example for dynamically reconfiguring a slave is provided by
'os/run/dynamic_config_slave.run'.
The 'copy_to' function turned out to be not flexible enough to
accommodate the Noux fork mechanism. This patch removes the function,
adds an accessor for the capability destination and a compound type
'Native_capability::Raw' to be used wherever plain capability
information must be communicated.
The old variant provided 8K capability slots to all processes on core,
which increased binaries by 180 KB for the static allocator. I reduced it
to 4K capabilities stay under 100 KB overhead for the allocator.
Anyway, pci_drv and pl11x_drv need more RAM quota now: 2M for pl11x_drv
and 1M for pci_drv.
- Remove example application source code files which also exist in contrib
- Outsource commonly used parts from target.mk files
- Store the current Qt version only in one place
- Add run scripts for the example applications
Fixes#127.
The 'noux_bash.run' script has become able to present the user with an
interactive bash shell for executing various coreutils programs. It is
still pretty limited, i.e., the environment is not correctly passed to
child processes and pipes are not supported. But bash and coreutils are
operational.
This patch removes the hardcoded parent cap for the new child by
introducing a facility called 'poke' similar to copy-to-user. This
change makes the fork mechanism kernel-agnostic. The 'noux_fork'
test works on L4/Fiasco, OKL4, NOVA, Fiasco.OC, and L4ka::Pistachio.
Linux is not supported yet.
The resource virtualization layer has been extended to support sub RM
sessions because this feature is used by the dynamic linker. Currently,
the address space of the forking process is copied eagerly. However,
different dataspace types are treated differently. For example, only RAM
dataspaces are copied but no ROM dataspaces.
At the libc side, a setjmp/longjmp-based trampoline mechanism is used to
implement the continuation of the main thread inside the new process.
This procedure is also responsible for re-establishing the relationship
to the new process' parent as well as its Noux session.
This version is still in flux and has many rough edges. It is tied to
OKL4 for now.
Because 'Noux::Child' implements several abstract Genode interfaces, the
'Genode::' prefix became almost ubiquitous, making the code harder to
read. By importing the 'Genode' namespace into the 'Noux' namespace,
this patch remedies this inconvenience.
To implement fork semantics, we need to customize the bootstrapping of
the newly created process, in particular the startup of the main thread.
The CPU session interface provides a suitable hook. By virtualizing the
CPU connection of the process to core, we can defer (and parametrize)
the startup of the main thread. Furthermore, this enables us to detect
illegal attempts by the Noux process to create threads in addition to
the main thread.
By letting Noux processes talk to service implementations local to the
Noux server, we can track RAM allocations and RM operations. This is
needed as a prerequisite to implement fork.
The following features are tested (currently on Fiasco.OC only):
- breakpoint in 'main()'
- breakpoint in a shared library function
- stack trace when not in a syscall
- thread info
- single stepping
- handling of segmention fault exception
- stack trace when in a syscall
This patch fixes#105.
It does not suffice to constrain the amount of returned data with chunk
size of the transport buffer because the client may have specified an
even smaller value. For example, libreadline reads single characters
from the terminal and expects a single character in return. A different
amount is interpreted as EOF.