This commit gets rid of the router-local wrapper of Genode's AVL string tree
and replaces it with Genode's new Dictionary structure. The Dictionary is now
used for managing domains and NIC clients. Due to this change, the formerly
necessary helper classes Domain_base and Nic_client_base could be removed as
well.
Ref #4610
The default file-system communication-buffer size of 128 KiB combined
with the clamping of requests to 1/4th the buffer size results in the
fragementation of read operations into 32 KiB chunks. This is overly
conservative and causes high context-switch overhead down the storage
stack (vfs server -> part_block -> block driver).
Related to #4613
The NIC router README claims that the 'dns_config_from' attribute in a DHCP
server configuration binds the propagated link state of all interfaces at the
domain of the server to the validity of the IP config of the domain that is
given through 'dns_config_from'.
However, this was not true. The router missed to implement this detail which
led to clients of such a DHCP server sending DHCP DISCOVER packets too early.
These early DHCP DISCOVER packets were dropped by the router potentially
causing a big delay until the client started a new attempt. Unnecessary long
network boot-up delays were observed with at least the lwip run script and
Sculpt on the PinePhone and could be tracked down to this former
inconsistency in the router.
This commit fixes the inconsistency.
Fixes#4612
The new 'Dictionary' provides an easy way to access objects using
strings as key. The 'String' received the 'operator >' to simplify the
organization of strings in an AVL tree.
The patch removes the former definition of the 'operator >' from the
platform driver because it would be ambigious now.
Fixes#4610
In case a driver is waiting for data, is should only investigate 'pos'.
It should not advance the ring in any way until there is data available.
issue #4609
This patch consolidates the repetitive error handling across the RPC
functions, which take node handles or directory handles as arguments.
During this change, I noticed that directory handles - which are values
provided by the client - were not checked for their type before being
used. A misbehaving client may open a file, manually construct a
directory handle using the number of the file handle, and invoke a
directory operation at lx_fs, which would then wrongly access a file
node as directory node.
This patch solves this issue by introducing two distinct methods
_with_open_node and _with_open_dir_node, which perform the respective
safety checks.
Fixes#4608
Creating and destructing an interface was not considered a change of its real
link state as defined in the description of the <report link_state_triggers="">
config attribute in the router's README. In case of Uplink sessions this is
obviously a problem as they communicate their real link state through session
lifetime. But also in case of NIC sessions it's a possible to create an
interface that is immediately "up" after creation or destruct an interface
without its link state going "down" beforehand.
Taking into account also the practical application of the
<report link_state_triggers=""> attribute, reporting only on destruction and
construction of interfaces that are "up" seems shorthanded. This is because a
report-receiver most likely needs to be able to synchronize the lifetime of
the objects that keep track of the link states with the lifetime of the
corresponding sessions.
That said, with this commit, the router triggers a report update on each
session construction/destruction when <report link_state_triggers=""> is
set.
Fixes#4462
The NIC router used to generate reports triggered by IP config changes or link
state changes synchonously, i.e., inline with the activation context that
caused the change. This has two disadvantages. First, it can lead to an
excessive number of report updates in situations with quick bursts of
triggering changes. In such situations it is preferable to collect the changes
and reflect them with only one final report update.
Second, synchronous reporting may happen while the router is in a state that
leads to an incorrect report (e.g. during reconfiguration). To prevent this
from happening, the router so far explicitely switched off reporting when
entering incoherent states and back on when leaving them. However, this
solution is error-prone as the exclusion windows must be maintained manually.
Both issues can be solved by not directly generating a report when necessary
but instead submitting a signal and letting the signal handler do the work in
a dedicated activation context.
Ref #4462
This patch splits the querying of the number of directory entries from
the directory's 'status' information. Subsuming the number of directory
entries as part of the status makes 'stat' calls too costly for some
file systems that need to read a directory for determining the number of
entries. So when stat'ing the entries of one directory that contains sub
directories, all entries of each sub directory are visited.
Thanks to Cedric Degea for pointing out this performance bottleneck!
With this change, the 'status' function returns a 'Status::size' value
of 0 when called for a directory handle.
Fixes#4603
The DHCP client of the NIC router used to end up in an uncaught exception if
an IP address in the DNS server option of a DHCP ACK was invalid. This commit
makes the 'Dns_server' constructor (where the exception originated from)
private and instead introduces a public lambda method 'construct' that calls
one lambda argument on success and another on failure. This is also in line
with the most recent changes to the 'find_by_*' methods of other classes in
the NIC router and contributes to the goal of reducing expensive exception
handling.
Fixes#4465
The Interface class of the router is an abstraction for NIC client sessions,
NIC server sessions, and Uplink sessions. Nonetheless, Interface generally used
to use the packet stream types of the Nic namespace and it worked because the
Uplink packet stream types are factually the same (the are typedef'd from the
same base type templates with the same parameters).
The initial intention of this issue was to remove dependency on the diverse
packet stream stream types from Interface. However, this turned out to be more
tricky than thought. The Interface class calls function templates on the packet
stream types, making a generic virtual interface impossible. And moving the
calling code to the session classes as well would produce a lot of redundancy.
Therefore, this commit removes only the use of the Nic namespace in the
interface.* files by typedef'ing the packet stream types from the generic
Genode type templates with the same parameters as in Nic and Uplink.
Fixes#4385
The `with_sub_node` method is renamed to `with_optional_sub_node` to
better reflect that the non-existence of a sub node with the desired type is
ignored.
At the same time, the new `with_sub_node` now takes a second functor that is
called when no sub node of the desired type exists.
genodelabs/genode#4600
By using the new functions provided by the base API, this patch removes
the dependency of several components from include/decorator/xml_utils.h.
Issue #4584
The NIC router used to send an ICMP "Destination Unreachable" packet as
response to every unroutable IPv4 packet. However, RFC 1812 section 4.3.2.7
defines certain properties that must be fullfilled by an incoming packet in
order to be answered with this type of ICMP. One requirement is that the packet
is no IPv4 multicast.
This commit prevents sending the mentioned ICMP response for unroutable IPv4
multicasts and instead drops them silently.
Fixes#4563
Instead of having a generic "virt_qemu" board use "virt_qemu_<arch>" in
order to have a clean distinction between boards. Current supported
boards are "virt_qemu_arm_v7a", "virt_qemu_arm_v8a", and
"virt_qemu_riscv".
issue #4034
The NIC router used to add the DNS servers field to DHCP replies regardless of
whether there were DNS servers or not. As reported by a Genode user, the empty
DNS server field irritated at least Windows 10 guests (Vbox 6) that connected
to the NIC router. This resulted in Windows 10 ignoring DHCP offers from the
router with such characteristic.
With this commit adding the DNS server DHCP option is skipped if there are no
DNS servers at the corresponding DHCP server or the domain IP config the server
shall fetch its DNS servers from.
Fixes#4581
Provide additional PCI register information inside the pci-config part
of the devices ROM for clients able to access an Intel graphic card,
namely the GMCH control register content, which contains for instance
the GTT size and stolen memory size.
Ref genodelabs/genode#4578
Implement BIOS handover and Intel resume register update
apart from device driver to circumvent export of PCI
config space to drivers.
Ref genodelabs/genode#4578
The pci_decode has to extract the additional fields from the PCI configuration
space. The platform driver again has to parse and forward the knowledge too.
The PCI BAR indices are exported when info="yes" is set in the policy node for
the corresponding session.
Fixgenodelabs/genode#4577
The base address of I/O ports has a different encoding than
those of I/O memory. This needs to be encountered in the PCI
config helper utilities.
Fixgenodelabs/genode#4576
On okl4, pistachio, sel4 the test didn't come up fast enough in order to still
experience the first configuration of NIC router #1. This commit doubles the
lifetime of the first configuration of NIC router #1 to 4 seconds and raises
the overall test timeout accordingly.
Ref #4555
In overload situations, i.e. when a sender fills up the entire buffer, we land
in situations where the sender receives an ack_avail signal, releases one
packet, allocates and sends a packet and fails to allocate a second packet.
This is especially relevant if the receiver does not batch ack_avail signals
(such as vfs_lwip). In those ping-pong scheduling scenarios, the overhead from
catching the Packet_alloc_failed exception becomes significant. In case of the
NIC router, we will land in an overload situation if the sender is faster than
the receiver. The packet buffer will be filled up at some point and the NIC
router starts to drop packets. For every dropped packet, we currently have to
catch the Packet_alloc_failed exception.
This commit adds a new method alloc_packet_attempt to Packet_stream_source that
has almost the same signature as the older alloc_packet method but returns
an Attempt<Packet_descriptor, Alloc_packet_error> object. As the method already
used the allocator back end exception-less, changes on lower levels were not
needed. Furthermore, the NIC router was modified to use the new exception-less
alloc_packet_attempt instead of alloc_packet.
Ref #4555
Replaces the former implementation of the 'find_by_ip' method at the data
structure for ARP cache entries. This method used to return a reference to the
found object and threw an exception if no matching object was found.
The new implementation doesn't return anything and doesn't throw exceptions. It
takes two lambda arguments instead. One for handling the case that a match was
found with a reference to the matching object as argument and another for
handling the case that no object matches.
This way, expensive exception handling can be avoided and object references
stay in a local scope.
Ref #4555
According to a benchmarking series on Zynq (base-hw) and x260 (base-nova) using
test-nic_perf_router, increasing the 'max_packets_per_signal' has a significant
effect on the packet throughput. By increasing the default value from 32
to 150, we could gain a few hundred Mbit/s. Increasing the value further
does not seem to have such a strong effect, though.
genodelabs/genode#4555
The checksums for forwarded/routed UDP, TCP and ICMP, used to be always
re-calculated from scratch in the NIC router although the router changes only
a few packet fields. This commit replaces the old approach whereever sensible
with an algorithm for incremental checksum updates suggested in RFC 1071.
The goal is to improve router performance.
Ref #4555
The checksums for forwarded/routed IPv4, used to be always re-calculated from
scratch in the NIC router although the router changes only a few packet fields.
This commit replaces the old approach whereever sensible with an algorithm for
incremental checksum updates suggested in RFC 1071. The goal is to improve
router performance.
Ref #4555
We used to use 'unsigned long' for the accumulating variable when calculating
internet checksums. However, 'signed long' is more in accordance with RFC 1071
and will allow us to share the same back end for folding, once we implement
incremental updating of internet checksums.
Ref #4555
Prevent public reflection of the only internally used 'init_sum' argument in
'uint16_t internet_checksum(...)' that, in addition, added a default value to
the function interface.
Ref #4555
When sending an ICMP ECHO reply, the router merely swaps SRC and DST of the
IPv4 header of the corresponding request and these changes cancel each other
out in checksum calculation. Therefore, with this commit, the router skips
updating the IPv4 checksum in this context.
Ref #4555
The router used to update IPv4 checksums when routing via an <ip> rule
despite the fact that it doesn't change any IPv4 header fields in this case.
Ref #4555
The NIC router used to update IPv4 and layer 4 checksums of a packet for each
interface it was sent to (say, all interfaces of the domain the packet was
routed to). However, there was and is no technical reason for not doing it
only once and then iterating over the interfaces with the already updated
packet. This is what this commit does in an intent to raise the router's
performance.
Ref #4555
The NIC router uses the timer for relatively coarse-grained timeouts.
It therefore suffices to update and store the current time when the NIC router
is signalled and use the cached time instead. This prevents frequent
syscalls or RPCs when acquiring the current time for every packet.
genodelabs/genode#4555
The link dissolve timeout is updated for every packet, which leads to
trigger_once() RPCs that only marginally change the scheduled timeout but
significantly slow down the packet throughput.
genodelabs/genode#4555
The wakeup call only emits a single signal as it assumed both are
handled by the same signal handler. However, the original implementation
did not reset the wakeup_needed variable properly.
genodelabs/genode#4555
When using signal batching, ack_avail and packet_avail should always
be emitted and preferred over ready_to_submit and ready_to_ack.
A signal receiver might decide to not register the ready_to_* signals when it
handles congestion by dropping packets. The Nic router is an example of
such a signal receiver.
genodelabs/genode#4555
Using the 'query_buffer_ppgtt()' function allows for retrieving the
virtual address of the buffer in the PPGTT.
This is for components that manage the GPU virtual addresses rather than
the client as is the case with the lima driver.
Issue #4559.
The parent-provides model is destroyed if no <parent-provides> node is
found in the configuration, which resulted in
Warning: list model not empty at destruction time
and leaking memory for the allocated nodes. The commit now explicitly
empties the list model in the destructor of ~Parent_provides_model.
Note, the case is implicitly tested in pkg/test-init by step "denial of
forwarded session request" and <init_config version="empty">.
Thanks to Peter for reporting this issue.
Fixes#4547
Whenever a domain looses all its interfaces or the link state of all attached
interfaces is down at once, the domain potentially moves to another Ethernet
segment and should therefore consider its ARP cache to be outdated.
RFC 826 states that "... If a host moves, any connections initiated by that
host will work, assuming its own address resolution table is cleared when it
moves. ...".
Therefore, this commit introduces clearing the ARP cache and the initially
stated events.
This commit was motivated by an issue with the PinePhone Modem and USB NIC.
On the PinePhone, the Modem has its own OS and acts as direct gateway to the
outer world for the USB NIC that is driven by Genode. However, whenever the
Modem gets restarted, Modem and USB NIC receive a new MAC address. This used
to conflict with the NIC routers ARP entry for the Modem that didn't cease to
be valid.
With this commit, the integrator of such a scenario at least has a convenient
way of fixing this by ensuring that all interfaces at the USB NIC domain go
down when resetting (e.g. by ensuring that the USB NIC is the only interface at
that domain).
Fixes#4558
Replaces the former use of the 'find_by_name' method of the AVL string tree.
This method returned a reference to the found object and threw an exception if
no matching object was found.
The locally implemented replacement doesn't return anything and doesn't throw
exceptions. It takes two lambda arguments instead. One for handling the case
that a match was found with a reference to the matching object as argument and
another for handling the case that no object matches.
This way, expensive exception handling can be avoided and object references
stay in a local scope.
Furthermore, this commit modifies the local wrapper for the insert method of
the AVL string tree, so, that it follows the above mentioned concept as well.
Ref #4536
Replaces the former implementation of the 'find_by_domain' method at the data
structure for NAT rules. This method used to return a reference to the found
object and threw an exception if no matching object was found.
The new implementation doesn't return anything and doesn't throw exceptions. It
takes two lambda arguments instead. One for handling the case that a match was
found with a reference to the matching object as argument and another for
handling the case that no object matches.
This way, expensive exception handling can be avoided and object references
stay in a local scope.
Ref #4536
Replaces the former implementation of the 'find_by_port' method at the data
structure for permit rules. This method used to return a reference to the found
object and threw an exception if no matching object was found.
The new implementation doesn't return anything and doesn't throw exceptions. It
takes two lambda arguments instead. One for handling the case that a match was
found with a reference to the matching object as argument and another for
handling the case that no object matches.
This way, expensive exception handling can be avoided and object references
stay in a local scope.
Furthermore, the commit introduces a convenience wrapper for finding the best
matching pair of transport rule and corresponding permit rule for a given
destination IP and port. This method as well follows the above mentioned
concept.
Ref #4536
Replaces the former implementation of the 'find_longest_prefix_match' method at
the data structure for direct rules. This method used to return a reference to
the found object and threw an exception if no matching object was found.
The new implementation doesn't return anything and doesn't throw exceptions. It
takes two lambda arguments instead. One for handling the case that a match was
found with a reference to the matching object as argument and another for
handling the case that no object matches.
This way, expensive exception handling can be avoided and object references
stay in a local scope.
Ref #4536
Replaces the former implementation of the 'find_longest_prefix_match' method at
the data structure for direct rules. This method used to return a reference to
the found object and threw an exception if no matching object was found.
The new implementation doesn't return anything and doesn't throw exceptions. It
takes two lambda arguments instead. One for handling the case that a match was
found with a reference to the matching object as argument and another for
handling the case that no object matches.
This way, expensive exception handling can be avoided and object references
stay in a local scope.
Ref #4536
Replaces the former implementation of find_by_id at the data structure for
links. This method used to return a reference to the found object and threw an
exception if no matching object was found.
The new implementation doesn't return anything and doesn't throw exceptions. It
takes two lambda arguments instead. One for handling the case that a match was
found with a reference to the matching object as argument and another for
handling the case that no object matches.
This way, expensive exception handling can be avoided and object references
stay in a local scope.
Ref #4536
Just add riscv spec files. The riscv versions should use MMIO transport
as ARM versions do. They also should work fine for riscv_qemu machine
from genode-riscv repository.
acpica and the Intel display driver tries to use the Intel Opregion
simultaneously on Genode, which is not supported nor wanted for IO_MEM region as
which it is handled.
Attempts to remove the access to the region was not successful, since some
SSDT table contains ACPI AML code which is executed regularly and read/write
the Opregion.
The patch adds support to make a copy of the Intel Opregion and report it as
is. The copy was sufficient to make the Intel display driver working to find
and lookup the Intel VBT (video bios table) information to setup all
connectors on a Fujitsu U7411 docking station.
Issue #4531
ACPICA needs access to the host bridge 0:0.0 on Intel, which is also
accessed by the Intel display driver. Since for the Intel display driver the
PCI device is specified in the policy explicitly, the PCI device is filtered
out for the ACPICA driver which uses the policy "ALL".
Issue #4532
As accommodating the session component object is already taken care of
be the root component implementation, remove the remaining redundant
checks.
Fixes#4521.
There is a race between the trace subject doing the buffer
initialization and the monitor trying to iterate the buffer entries. If
the monitor tries to iterate entries of an uninitialized buffer, it will
read the very first entry twice. The monitor should therefore only start
iteration when the buffer has been initialised.
genodelabs/genode#4513
The hover state is evaluated for the routing of input events. When
routing a touch event, the decision should be based on the most recently
observed touch position. Without this patch, however, the hover state kept
referring to the initial pointer position (screen center) in the absence
of any other motion events.
Issue #4514
* Adds methods for copying raw data to the data field of Ethernet frames and
UDP packets. This is used in the port to wrap the higher-layer packet data
prepared by the contrib code with the additionally required headers before
sending it at a network session.
* Adds a method to cast raw data to an IPv4 packet. This is required in the
port in order to check values in stand-alone IP packets produced by the
contrib code before sending them at a network session.
* Adds methods for setting UDP ports given big endian port values without
having to convert to little endian in the app and then back to big endian in
the net lib.
Ref #4397