Via a new configuration attribute, the user can decide whether the router
should answer dropped fragmented IPv4 with an ICMP "destination unreachable"
packet and, if so, which value the ICMP code field of this packet should have.
The default is that the router doesn't send such responses (silently dropping
fragmented IPv4). The behavior is tested by the 'nic_router_ipv4_fragm' test.
Fixes#4236
If the new attribute 'dropped_fragm_ipv4' of the <report> tag in the NIC router
config is set "yes", the router will report the number of packets that were
dropped per interface respectively domain because fragmented IPv4 is not
supported. The default is not to report the counter. The behavior is tested by
the 'nic_router_ipv4_fragm' test.
Ref #4236
The NIC router used to ignore the IPv4 header fields "More fragments" and
"Fragment offset" completely. Therefore higher-level protocols of fragmented
IPv4 were interpreted wrong because each fragment was considered a self-
standing packet, expecting, for instance UDP/TCP headers somewhere inside of
the UDP/TCP data field. Normally, such packets were dropped as soon as the
UDP/TCP checksum check failed because of the misinterpretation. However,
it was also possible for fragmented IPv4 to pass the router although normally
only partially.
IPv4 fragmentation support in the router would introduce some potential
security risks and is presumably not an easy endeavor. So, for now, we settled
on not supporting IPv4 fragmentation. With this commit, the router simply drops
all fragmented IPv4. This is reflected to the log for each fragment as "drop
packet (fragmented IPv4 not supported)" when 'verbose_packet_drop="yes"' is
configured.
The new test 'run/nic_router_ipv4_fragm' is an automated test for this
behavior. The test is added to the autopilot list.
Ref #4236
- remove redundant file system factory
- remove dead code block
The code was guarded by preprocessor directives checking whether the
contrib code define "_USE_MKFS" is 1. As "_USE_MKFS" is not set one
for our port of FAT, the code was never executed and can be removed.
- remove uneffective config attributes
Apparently, the former XML attributes to the plugin 'drive' and
'codepage' had no effect. I tested them in a scenario with the VFS
block server on a disk-image boot-module as back end. Regardless of
the 'drive' value, the block session label was always "0". Regardless
of the 'codepage' value, the FAT on the disk image succeeded to mount
when not using '--codepage' for 'mkfs.fat' and failed to mount when
using '--codepage' to specify a supported but foreign codepage for
'mkfs.fat' (e.g. "720").
Ref #4220
There was one global static constructor:
! namespace Fatfs { static Constructible<Platform> _platform; }
This caused applications that used the lib or the <fatfs> VFS plugin to end up
in an uncaught exception due to Genode::Component complaining that method
'construct' returned without executing pending static constructors if they
didn't call Genode::Env::exec_static_constructors().
As the use of Genode::Env::exec_static_constructors() is discouraged in Genode,
this commit rather moves the '_platform' object to the scope of the
initializing function and introduces a global static pointer to the object that
gets set by the initializing function. Although this prevents the exception, it
is, technically speaking even worse than the former solution as the new pointer
isn't checked for validity in contrast to the 'Constructible' object.
However, so far, I don't see a clean solution to this problem without the need
for Genode::Env::exec_static_constructors().
Fixes#4220
For mesa-21 the client takes care and manages
the virtual address space of the vGPU by itself and the intel/gpu driver
can't add silently a guard page anymore. Move the patch to the drm/ioctl
of the former mesa version.
Issue #4148#4233
BREAKS CONFIG COMPATIBILITY:
This commit changes the configuration interface of the NIC router in a way that
may break systems that use the component without proper adjustment!
HOW TO ADJUST:
At each occurrence of the '<uplink ...>' tag in a NIC router configuration
replace the tag name 'uplink' with 'nic-client'. The rest of the tag stays the
same.
The term "uplink" for network interfaces in the router that have a NIC session
client as back end was introduced in a time when Uplink sessions didn't yet
exist. Now, they do and, although both an uplink and an Uplink session
normally describe a network session between router and network device driver,
they are based on two different service types (NIC and Uplink). This can easily
cause confusion when integrating the router (the <uplink> is not related to
Uplink sessions) or trying to understand its functioning (an 'Uplink' object
has nothing to do with the Uplink service).
Therefore, this commit introduces the more specific term "NIC client" for an
interface that is based on a NIC session requested by the router. This doesn't
imply any semantic changes at the NIC router. However, the commit also brings a
broader update of the router's README and removes the term "downlink" that was
used only in documentation to refer to interfaces backed by a NIC session
provided by the router. The term was only associated with this meaning because
it is the natural counterpart to an uplink. This isn't appropriate anymore as
the terms for interface types have moved to a more technical level.
The commit adjusts all scenarios in the basic Genode repositories properly.
Fixes#4238
I discovered thinkbroadband.com requires the User-Agent header field and
rejects requests missing it with HTTP response code 403 "access to the
requested resource is forbidden". Now, fetchurl always adds the
User-Agent header fetchurl/LIBCURL_VERSION.
Also the error message now contains the HTTP response code.
The symlink implementation wrongly constructed a 'Sync' object within
the context of a monitor call. The 'Sync' constructor indirectly
depended on libc I/O for obtaining the current time, ultimately
resulting in a nested attempt of a monitor call. This could be
reproduced via the base.run script:
$ cd /home
$ ln -s a b
The 'ln' command resulted in the following log message:
[init -> /bin/bash -> 7] Error: deadlock ahead, mutex=0x10ff8c70, return ip=0x500583a7
The patch fixes the problem by splitting the single monitor call into
two monitor calls and moving the construction of the 'Sync' object
in-between both monitor calls, thereby executing the constructor at the
libc application level.
Fixes#4219
- Patch the XHCI model in order to handle frame wrapping correctly. For
this adjust 'mfindex_kick' to the correct period (same, before, or after
'mfindex').
- Flush EP when it is stopped, this causes all pending packets for the EP
to be acked. Correct counting of packets in flight.
- Add BEI patch by Josef.
issue #4196
- API packages for: libusb, libuvc, and libyuv
- Source packages for: API packages + USB webcam app
- Meta package for USB webcam
- Raw package for USB webcam configuration
issue #4196
Because qemu-usb allocated host devices after 'USB_HOST_DEVICE' in the
object array and 'USB_WEBCAM' is loacated after 'USB_HOST_DEVICE' the
webcam model can overwrite an already allocated pass-through device. As
a solution add the 'USB_FIRST_FREE' to make it clear from where host
devices can be allocated. Also increase the number of supported host
devices to eight.
fixes#4182