Commit Graph

9292 Commits

Author SHA1 Message Date
Norman Feske
7e1a2ac684 base: remove internal use of 'env_deprecated'
Fixes #4784
2023-07-14 12:06:31 +02:00
Norman Feske
de99945af0 base: pass 'Platform &' to 'bootstrap_component'
This eliminates the need of component.cc to pull the platform resources
out of thin air (calling 'env_deprecated()').

Issue #4784
2023-07-14 12:06:31 +02:00
Norman Feske
415d4ab23d startup: merge init_main_thread.cc into _main.cc
This makes the interplay of 'init_main_thread', 'init_platform',
'_main', and 'bootstrap_component' easier to follow.

Issue #4784
2023-07-14 12:06:31 +02:00
Norman Feske
7093258649 base: move 'prepare_init_main_thread' to Genode::
Issue #4784
2023-07-14 12:06:31 +02:00
Norman Feske
3f9698a292 base: remove component.cc from core
Issue #4784
2023-07-14 12:06:31 +02:00
Norman Feske
3a8c3dcc2d base: unify platform.cc between base, base-linux
This is a preparatory step for merging 'init_platform()' with
'bootstrap_component()'.

Issue #4784
2023-07-14 12:06:31 +02:00
Norman Feske
54cc70f9b1 base: remove Env arg from init_exception_handling
By supplying only the parts of the Env that are actually relevant for
initializing the cxx heap, we avoid the need for the 'Env' interface.
The patch also moves the call of 'init_ldso_phdr' to the outside
of the cxx library because it does not belong there.

Issue #4784
2023-07-14 12:06:31 +02:00
Christian Prochaska
59ce64b638 monitor: handle Monitored_thread case in kill_thread()
Fixes #4934
2023-07-14 12:06:31 +02:00
Christian Prochaska
8264b63e0b core: replenish UTCB quota in exception case
Fixes #4933
2023-07-14 12:06:31 +02:00
Christian Helmuth
ea294fff0c lx_emul: fix unplug of unclaimed USB devices
USB devices that are never associated to client sessions lack
usb_per_dev_data (and a kernel thread). Therefore, the devices should be
discontinued directly on unplug as no URBs can be pending.

Issue genodelabs/genode#4795
2023-07-14 12:06:31 +02:00
Josef Söntgen
afaabb3121 pc_nic_drv: add R8169 driver
This commits enables the R8169 driver and was tested with two
RTL8168h/8111h (10ec:8168 rev 0x15 sub 1462:7a38 / 1d05:109f) and
two equal RTL8125B (10ec:8125 rev 0x5 sub 1458:e000) devices
running Sculpt.

Firmware loading is for now not implemented but specific Linux
commits suggest it could be necessary. However, doing so will be
post-poned until we have gathered more experience with the driver.

Restarting the driver might lead to the following IOMMU error
messages but the device seems to work anyway:

[ 0] IOMMU:0xffffffff817ec040 FR:0x8a00000000002500 FI:0xfffffffdf8d30000 type:0x8 BDF:25:00.0
[ 0] IOMMU:0xffffffff817ec040 FR:0x2000004200002500 FI:0x000c21b0 type:0x2 BDF:25:00.0
[ 0] IOMMU:0xffffffff817ec040 FR:0x2020004200002500 FI:0x000c21a0 type:0x2 BDF:25:00.0
[ 0] IOMMU:0xffffffff817ec040 FR:0x2020004200002500 FI:0x00138000 type:0x2 BDF:25:00.0
[…]
[ 0] IOMMU:0xffffffff817ec040 FR:0x8a00000000002500 FI:0xfffffffdf8d30000 type:0x8 BDF:25:00.0
[ 0] IOMMU:0xffffffff817ec040 FR:0x2020004300002500 FI:0x00124000 type:0x2 BDF:25:00.0

Issue #4921.
2023-07-14 12:06:31 +02:00
Josef Söntgen
1996041dcc pc_linux: update initcall order for pc_nic_drv
Issue #4921.
2023-07-14 12:06:31 +02:00
Josef Söntgen
18c23ddb0c pc_linux: enable R8169
Issue #4921.
2023-07-14 12:06:31 +02:00
Christian Helmuth
2232b33b8e pci_decode: limit bus parsing to subordinate buses
While this approach still scans "holes" in the bus range, it stops
scanning at the maximum subordinate bus number reachable from the base
PCI bus at the host bridge. Startup under Qemu no longer takes about 12
seconds for scanning 256 buses.
2023-07-14 12:06:31 +02:00
Norman Feske
0ab69a2bb8 base: de-duplicate src/lib/base/platform.cc
By splitting the 'init_capability_slab()' implementation to a separate
compilation unit 'capability_slab.cc', base-hw no longer needs a
customized version of 'lib/base/platform.cc'.

Related to issue #4784
2023-07-14 12:06:31 +02:00
Norman Feske
6e30d00eef base: remove env_deprecated from signalling code
Issue #4784
2023-07-14 12:06:31 +02:00
Christian Helmuth
ee564125df Replace ipxe_nic_drv by pc_nic_drv in run scripts
Issue #4921
2023-07-14 12:06:31 +02:00
Christian Helmuth
8ecbc48211 sculpt: replace ipxe_nic_drv by pc_nic_drv
Issue #4921
2023-07-14 12:06:31 +02:00
Christian Helmuth
48cc8fb657 drivers_nic-pc: replace ipxe_nic_drv by pc_nic_drv
Also, the configuration enables MAC-address reporting and includes a
verbose mac_report_rom.

Issue #4921
2023-07-14 12:06:27 +02:00
Christian Helmuth
d258422c34 pc_nic_drv: ethernet NIC driver based on Linux 6.1
Fixes #4921
2023-07-14 12:05:54 +02:00
Christian Helmuth
8de0d8d4e0 pc_linux: update initcall order for pc_nic_drv
Issue #4921
2023-07-14 12:01:19 +02:00
Christian Helmuth
36c1dc16d4 pc_linux: enable e1000, e1000e, pcnet32
Issue #4921
2023-07-14 12:01:19 +02:00
Norman Feske
3489672bc0 base: remove env_deprecated from thread-start code
This patch replaces the internal use 'env_deprecated()' from the
implementation of the thread API in the base library. It also
replaces the global accessor 'main_thread_cap' by the explicit
propagation of the main-thread's capability to the single point of
use via a new 'init_thread_bootstap' function.

Issue #4784
2023-07-14 12:01:19 +02:00
Josef Söntgen
adf0b893e8 lx_kit: add random dummy back end
This back end can be used in place of the existing jitterentropy based
on in case random is not strictly needed by the component but one
wants to use the available 'shadow/drivers/char/random.c'
implementation.

Issue genodelabs/genode-allwinner#21.
2023-07-14 12:01:19 +02:00
Alice Domage
943c9809ed depot_remove.run: replace x86_64 by [depot_spec]
This change makes the run script compatible with all CPU architectures.

Issue genodelabs#4866
2023-07-14 12:01:19 +02:00
Josef Söntgen
c888fcbdd9 lx_emul: implement __get_random_u32_below
The implementation was already part of the Zynq's sd_card driver and
since other ARM drivers need it as well, promote it to the common
shadow library.

Issue genodelabs/genode-allwinner#21.
2023-07-14 12:01:19 +02:00
Josef Söntgen
7109b80bbd dde_linux: enable -gnu11
The option is default since 5.18 and several compilation units
require it.

Issue genodelabs/genode-allwinner#21.
2023-07-14 12:01:19 +02:00
Stefan Kalkowski
098bc66fc9 usb genode_c_api: reduce config report updates
Prevent unnecessarty config report updates, if a new USB device gets reported.

Fix genodelabs/genode#4929
2023-07-14 12:01:19 +02:00
Christian Helmuth
0a28df8805 lx_emul: skb_init() in lx_emul_init_task_function()
Issue #4921
2023-07-14 12:01:19 +02:00
Martin Stein
abe163c335 tresor: do not use on-disc-layouted structs
* Removes all previous structs that represented an on-disc block layout
  and were therfore subject to a number of layout restrictions (packed,
  padding members, enum representations, etc.).
* Adds a replacement struct without any layout restrictions for each of the
  removed structs. The new structs are named similar to the old structs.
* Adds block encoding and decoding utilities for easily converting from the
  new structs to on-disc blocks and vice-versa (Block_scanner, Block_generator,
  T::decode_to_blk, T::encode_from_blk)
* Adapts all affected places in the library to encode and decode proberly
  instead of simply casting pointers.
* Thereby cleans up the hashing utilities to use typed-reference args instead
  of void pointers.
* Re-enables run/tresor_tester and test-file_vault_vonfig_report for platforms
  rpi, imx53_qsb, imx53_qsb_tz, imx6q_sabrelite, imx7d_sabre.

Ref #4819
2023-07-14 12:01:19 +02:00
Martin Stein
434a4db637 lib/net: no color coding in packet print methods 2023-07-14 12:01:18 +02:00
Martin Stein
bf18ffbbdd lib/net: enable strict warnings
Enables strict warnings in the net lib and fixes all related compile errors.

Fixes #4924
2023-07-14 12:01:18 +02:00
Martin Stein
c907e44a02 register framework: read bitfields to fitting uint
* Replaces bool access types with uint8_t access types
* Ensures, that the framework always uses the smalles possible uint type
  for the return value wherever a bitfield is read and returned to the user.

Ref #4924
2023-07-14 12:01:18 +02:00
Norman Feske
79e262921e depot: update recipe hashes 2023-06-16 11:24:26 +02:00
Timo Nicolai
0a81bd5d5a depot_download_manager: fix verifying failed download
In some instances, the fetchurl progress determined by
depot_download_manager will be empty when the download fails (e.g. due
to a 404), this commit fixes a bug where this would be interpreted as
the download having completed which would subsequently start hash
verification of a package that has never actually been downloaded.

Fixes #4919
2023-06-16 11:24:26 +02:00
Christian Helmuth
c09b4ba46b depot: recipe for acpi_event 2023-06-16 11:24:26 +02:00
Johannes Schlatow
6e607349e1 depot: add black_hole and fonts_fs to pkg/goa
Goa now makes use of the black-hole component and has been enabled to provide
a fonts_fs.

genodelabs/genode#4928
genodelabs/goa#42
2023-06-16 11:24:26 +02:00
Alice Domage
fb0e8fffa2 New depot_remove component
The depot_remove component can delete PKG archives with
automatically resolving dependencies and deleting archives that are not
required on the system anymore.

Issue genodelabs#4866
2023-06-16 11:24:26 +02:00
Martin Stein
40338f9acb ping*.run: raise test timeout
On some platforms (x86_32/pistachio, x86_64/sel4) system startup is slow
and the previously configured 30 seconds not sufficient. With this commit, the
timeout is raised to 60 seconds only when running on such a platform.

Ref #4923
2023-06-16 11:24:26 +02:00
Martin Stein
21d4b8aba0 nic_router_disable_arp.run: raise test timeout
The previous, rather small timeout of 30 seconds caused problems on
x86_64/sel4.

Ref #4923
2023-06-16 11:24:26 +02:00
Martin Stein
62db70e2ea nic_router_dhcp: raise test timeout
It seems that the previous rather small timeout of 35 seconds caused problems
with our nightly tests on fiasco/x86_32.

Fixes #4923
2023-06-16 11:24:26 +02:00
Martin Stein
563f55e57b nic_dump.run: relax test procedure
This test was originally a copy of ping.run and therefore unnecessarily
inherited all its complexity for testing ping component behavior. Additionally,
ping.run was more actively maintained and evolved over time whereas
nic_dump.run didn't receive the same care. Now, the test fails on certain
platforms although NIC dump works just fine. Therefore, this commit reduces the
test behavior to what is really necessary for testing nic_dump and by doing so,
also fixes the failing targets.

Fixes #4926
2023-06-16 11:24:26 +02:00
Martin Stein
45e5a33b26 sd_card.run: fix broken config and automate
Fixes #4925
2023-06-16 11:24:26 +02:00
Martin Stein
cc99646b23 nic_router_flood.run: adjust success condition
On x86_32 okl4, the test timed out although the test timeout was already at
240 seconds for this platform. Instaed of raising it further, this commit
reduces the number of ping rounds for all platforms that are considered as
slower by the test.

Ref #4923
2023-06-16 11:24:26 +02:00
Norman Feske
e8ee2cc227 tool_chain_auto.run: incr. stack size for x86_32 2023-06-16 11:24:26 +02:00
Norman Feske
f789c8152c stdcxx: add missing symbol
Needed for building noux_pkg/gcc_x86 for x86_32 when using the
compiler's default optimization level (not Genode's default CC_OLEVEL).
2023-06-16 11:24:26 +02:00
Christian Helmuth
98cbfa3561 genode_c_api: MAC address reporter utility
Issue #4918
2023-06-16 11:24:26 +02:00
Christian Helmuth
29b441c6fa net: const Network_address source buffer
Issue #4918
2023-06-16 11:24:26 +02:00
Norman Feske
a27e46989f tool_chain_auto.run: use [build_artifacts]
The run script used to miss a few build targets for boot modules
specified at the 'build_boot_image' step.
2023-06-16 11:24:26 +02:00
Norman Feske
57b66987dd mk/gnu_build.mk: declare .tar as BUILD_ARTIFACTS
This way, run scripts using GNU build targets can use the result of
[build_artifact] for the 'build_boot_image' step.
2023-06-16 11:24:26 +02:00
Norman Feske
3c5d27506f base: stricter distinction between rx and rwx
This patch restricts 'Region_map::attach_executable' to create read-only
mappings, while offering the option to map the full rights using a new
'attach_rwx' method.

The 'attach_rwx' method is now used by the dynamic linker to explicitly
attach the linker area with full rwx rights. With the old page-fault
handling code, the execute flag was evaluated only for leaf dataspaces,
not for managed dataspaces while traversing region-map hierarchies.
With the new page-fault handling code, the execute bit is downgraded
to no-execute when passing a managed dataspace that is not attached
as executable.

Issue #4920
2023-06-16 11:24:26 +02:00
Norman Feske
a4c59c03e3 core: rework page-fault resolution
The change "core: allow offset-attached managed dataspaces" addressed a
corner case of the use of nested region maps. Apparently, this change
negatively affects other scenarios (tool_chain_auto).

In order to confidently cover all the differnt situations, this patch
reworks the page-fault resolution code for improved clarity and safety,
by introducing dedicated result types, reducing the use of basic types,
choosing expressive names, and fostering constness.

It also introduces a number of 'print' hooks that greatly ease manual
instrumentation and streamlines the error messages printed by core.
Those messages no longer appear when a user-level page-fault handler
is reistered for the faulted-at region map. So the monitor component
produces less noise on the attempt to dump non-existing memory.

Issue #4917
Fixes #4920
2023-06-16 11:24:26 +02:00
Norman Feske
65d3b3a32f base-linux: build fix for BOARD=pc
This is a follow-up commit to "base: remove internal use of format
strings".

Issue #2064
2023-06-16 11:24:26 +02:00
Norman Feske
47fa54992f run/libc_vfs_filesystem_test: adjust caps for sel4
Fixes libc_vfs_fs_ext2 and libc_vfs_fs_fat on x86_64/qemu/sel4.
2023-06-16 11:24:26 +02:00
Norman Feske
6af42c9fb5 test-sanitizer: simplify, increase caps for sel4 2023-06-16 11:24:26 +02:00
Christian Helmuth
54a549d808 lx_emul: move arch_atomic64_add_return to dde_linux 2023-06-16 11:24:26 +02:00
Norman Feske
6a57683e52 New debug monitor
The new monitor component at os/src/monitor is the designated successor
of the gdb_monitor. This initial version, however, implements only the
subset needed to inspect the memory of the monitored component(s).

In contrast to the gdb_monitor, the new component supports the monitoring
of multiple components, leveraging the sandbox API. It can therefore be
used as a drop-in replacement for the init component. Like the gdb_monitor,
the new monitor speaks the GDB protocol over Genode's terminal session.
But the protocol implementation does not re-use any gdbserver code,
sidestepping the complexities of POSIX.

There exist two run scripts illustrating the new component. The
os/run/monitor.run script exercises memory inspection via the 'm' command
by letting a test program monitor itself. The os/run/monitor_gdb.run
script allows for the interactive use of GDB to interact with monitored
components.

Issue #4917
2023-06-16 11:24:26 +02:00
Norman Feske
65f65073e6 sandbox: allow supplemental config nodes
Let the sandbox library disregard all unknown config sub nodes so that
supplemental information - like the monitor policy configuration - is
not interpreted as a misconfiguration ("unknown config element type ...").

Issue #4917
2023-06-16 11:24:26 +02:00
Norman Feske
add6dbac4e sandbox: add Pd_intrinsics::start_initial_thread
This hook allows for intercepting the creation of initial threads
whenever a new child is started.

Issue #4917
2023-06-16 11:24:26 +02:00
Norman Feske
0d5571a820 base: close PD session last when destructing child
This patch moves the destruction of the child's PD session after the
closing of all other sessions because the PD session's role as resource
container might still be needed for orderly reverting the session quotas
when closing the other remaining sessions.

Issue #4917
2023-06-16 11:24:26 +02:00
Norman Feske
734fc252e8 base: add Child_policy::start_initial_thread
The added interface allows for the local interception of
'Cpu_thread::start' RPC calls.

Issue #4917
2023-06-16 11:24:26 +02:00
Norman Feske
f2153f9b2f sandbox: allow for customized PD access
By default, the sandbox uses the Env::pd() as reference PD session of
the sandbox children.

However, to accomodate use cases where the interplay of the reference
PD session and the child's address space needs to be intercepted, this
patch adds a constructor that takes an interface for the controlled
access of PD intrinsics as argument.

Issue #4917
2023-06-16 11:24:26 +02:00
Norman Feske
30b70da6c1 base/child.h: Child_policy::with_address_space
This patch replaces the former 'address_space' accessor by a new
'with_address_space' interface that grants access to the region map of
the child's address space, but limits the interface lifetime to the
scope of the caller.

Issue #4917
2023-06-16 11:24:26 +02:00
Norman Feske
f47c64e246 core: allow offset-attached managed dataspaces
This patch adds the missing application of the region offset to the
resolution of page faults inside managed dataspaces, which resulted in
an unexpected "invalid mapping" message after attaching a managed
dataspace with an offset.

This limitation could be observed during the implementation of the debug
monitor that locally maps a portion of the debugging target's address
space, e.g., a view port of 16 MiB. All traditional uses of managed
dataspaces (e.g., stack area, linker area) happened to attach the
managed dataspaces from their beginning.

Issue #4917
2023-06-16 11:24:26 +02:00
Sebastian Sumpf
3e0e86f720 mesa: remove 'printf' from 'iris_bufmgr_tmp.patch'
also rename it to 'iris_bufmgr_fd.patch'

issue #4916
2023-06-16 11:24:26 +02:00
Sebastian Sumpf
e3c2fdf414 gpu/intel: enable GPU reset for GEN(8)/9/12
* add semaphore command to ring in order to be able to stop ring
  execution before reset (Wa KabyLake)
* implement reset sequence as done by the Linux driver
* reset ring and cancel job of vgpu causing hang
* lower watchdog timeout 1000ms -> 200ms
* improve scheduling of vgpus so progress after reset is made
* improve the generation chaos a little
* tested on Skylake, Kaby Lake, Tiger Lake

issue #4916
2023-06-16 11:24:26 +02:00
Alexander Boettcher
b599f4e106 sel4: stop thread on alignment fault
by not replying to the IPC. Otherwise, endless alignment faults are triggered,
seen on imx6q Sabrelite and usb_hid_raw.
2023-06-16 11:24:26 +02:00
Alexander Boettcher
530ec3115f sel4/x86: remove Nehalem kernel config adjustment
since the used Genode Qemu model now supports it.
2023-06-16 11:24:26 +02:00
Martin Stein
dea53f635f Refine tresor tests
* Use jitterentropy only if supported.
  On certain targets like pbxa9 or zynq_qemu, the performance counter always
  yields 0, which renders jitterentropy unusable. On these platforms, the
  Tresor tests now use a static value as entropy source instead.

* Adds a new package test-file_vault_config_report_no_entropy that is used by
  the Depot Autopilot on targets without jitterentropy support instead of
  test-file_vault_config_report. The only difference between the two packages
  is the value of the above described new config attribute of the File Vault.

* Circumvent alignment fault.
  The Tresor lib for now has the deficiency of using on-disc data structures
  directly in code instead of decoding them first to unpacked, naturally
  aligned structures. This causes problems with memory-access alignment on
  several platforms (rpi, imx6q_sabrelite, imx53_qsb, imx7d_sabre). As fixing
  this properly is a bit of work, the commit disables the tresor_tester and
  file_vault_config_report test on the affected platforms in autopilot mode for
  now.

* Further adjustments
  * Make benchmarks optional
  * Use a smaller tresor for rekeying
  * Clean up image parameters
  * No use implicit routes/resources
  * Reduce ram consumption
  * Reduce test timeout
  * Raise cap quota, required for sel4 x86_64.

Ref #4819
2023-06-16 11:24:26 +02:00
Martin Stein
5800ab4961 vfs/tresor_trust_anchor: remove debug mode
The debug mode turned out to be unnecessry because the plugin can be simply
replaced with an <inline> file VFS plugin that has a content size of 32 bytes.

Ref #4819
2023-06-16 11:24:26 +02:00
Martin Stein
03d7258d33 tresor: better handling of hash mismatches
Instead of throwing an uncaught exception, the corresponding request is marked
failed.

Ref #4819
2023-06-16 11:24:26 +02:00
Martin Stein
7c5c92351e file_vault: compatibility with 21.05 containers
* Fix minimum passphrase size to be the same as with File Vault 21.05.
* Adapt to different image name of File Vault 21.05.

Ref #4819
2023-06-16 11:24:25 +02:00
Martin Stein
80b729703b file_vault_config_report tests: fix for pistachio
* relaxes the timing and reduces the test steps because pistachio is quite
  slow and would otherwise trigger problems with our easy approach of using a
  dynamic rom instead of a proper manager

* provide IO_PORT and IRQ session to timer driver

Ref #4819
2023-06-16 11:24:25 +02:00
Josef Söntgen
194af03fe9 autopilot.list: replace cbe with tresor tester
Issue #4819.
2023-06-16 11:24:25 +02:00
Martin Stein
c40205e93f pkg/test-file_vault_config_report: minor style fix
Ref #4819
2023-06-16 11:24:25 +02:00
Martin Stein
d9dd518a20 pkg/file_vault: fix missing fs route
The File System route for the Tresor Init sub-component was somehow missing.

Ref #4819
2023-06-16 11:24:25 +02:00
Alexander Boettcher
ceaa02230e qemu: set default cpu model for x86_64 explicitly
With the update to sel4 and the gcc 12, assembly instructions are generated
and used, like POPCNT. The instruction is available on our native hardware,
but not emulated by the default cpu model necessarily, which leads to
undefined opcode exceptions (Qemu 4.2.1 && seL4). Additionally, the features
of the default Qemu cpu model may vary between Qemu releases and makes it
harder to correlate effects.
2023-06-16 11:24:25 +02:00
Christian Helmuth
6cb697e6d8 base: remove ancient artifact of config library
The config library was removed in issue #2431 in 2017.
2023-06-16 11:24:25 +02:00
Norman Feske
250c16ddcf os/path.h: fix misleading comments
Issue #4708
2023-06-16 11:24:25 +02:00
Christian Helmuth
4a15621dc8 libc: warn about unsupported RTLD_GLOBAL in dlopen()
Fixes #3779
2023-06-16 11:24:25 +02:00
Christian Helmuth
7441548458 Configure ld soname also for lib.so files
Fixes #4914
2023-06-16 11:24:25 +02:00
Alexander Boettcher
11764ed755 core: remove io_mem attachments before destruction
The attachment removal is triggered actually on _ds member destruction time,
but after the io_mem representation for the specific base-<platform> possibly
vanished already during _unmap_local in the ~Io_mem_dataspace. This creates
on base-sel4 several kernel warnings about invalid capabilities.

Issue #4913
2023-06-16 11:24:25 +02:00
Alexander Boettcher
b349dd9c0a sel4: convert io memory on demand
instead all during boot. On x86 and qemu this takes quite a while until
the system is booted.

Fixes #4913
2023-06-16 11:24:25 +02:00
Stefan Kalkowski
97bf616b5b lx_emul: fix rcu_needs_cpu() for older kernels
Resolves observed regression for the older usb host drivers (< linux
version 5.18).

Ref genodelabs/genode#4798
2023-06-16 11:24:25 +02:00
Norman Feske
6f4242f03b sculpt: version 23.06
Increase version due to upcoming binary incompatibility with 23.04.
2023-06-16 11:23:57 +02:00
Christian Helmuth
dfc1b97fa2 depot: update recipe hashes 2023-05-31 09:42:19 +02:00
Christian Helmuth
d6f65901f9 Add trace policy binary to BUILD_ARTIFACTS 2023-05-30 17:00:01 +02:00
Stefan Kalkowski
5253d4ddd7 platform_drv: dissolve shared irq session
Fix genodelabs/genode#4912
2023-05-30 16:32:22 +02:00
Sebastian Sumpf
2dbf3322d8 dde_rump: fix rump recipe for RISC-V
issue #4800
2023-05-30 16:01:03 +02:00
Martin Stein
798e3ee306 file_vault: fix deinit fs in tresor vfs
Ref #4819
2023-05-30 12:26:01 +02:00
Christian Helmuth
583f2d6a36 depot: update recipe hashes 2023-05-30 12:13:34 +02:00
Christian Helmuth
c1104ccbc7 depot_autopilot: skip file_vault on riscv and rpi
Issue #4819
2023-05-30 12:13:34 +02:00
Benjamin Lamowski
e882ca748d base-hw: virt: implement support for SVM
Ref #4826
2023-05-30 12:13:34 +02:00
Benjamin Lamowski
b277b84e19 base: extend Vcpu_state for base-hw x86 virtualization
Changes are preliminary and will most certainly be removed when fully
enabling the virtualization feature on base-hw.

Ref #4826
2023-05-30 12:13:34 +02:00
Benjamin Lamowski
1e3836f8b5 base-hw: pass generic Vm_data structure to the kernel object
This enables passing additional data structures to the kernel on x86.

Ref #4826
2023-05-30 12:13:34 +02:00
Benjamin Lamowski
312b638220 base-hw: export Intel TSC platform information
Export TSC invariant and the frequency reported on Intel processors.
Currently lacks TSC calibration and reports a fixed frequency on AMD.

Ref #4826
2023-05-30 12:13:33 +02:00
Benjamin Lamowski
c75b07e0fd base-hw: SVM: allow execute on NPT mappings
Ref #4826
2023-05-30 12:13:33 +02:00
Benjamin Lamowski
cb69c59fa3 base-hw: implement VMCB data structure for AMD SVM
Ref #4826
2023-05-30 12:13:33 +02:00
Benjamin Lamowski
fa6e819f9a base-hw: x86: use Vcpu_state as Vm_state
Ref #4826
2023-05-30 12:13:33 +02:00
Benjamin Lamowski
0a819d5e19 base-hw: add MSR and CPUID registers for AMD SVM
Ref #4826
2023-05-30 12:13:33 +02:00
Benjamin Lamowski
e11ed069bf base-hw: fix x86 CPUID register width
Ref #4826
2023-05-30 12:13:33 +02:00
Benjamin Lamowski
7477f99d05 base-hw: x86: detect CPU Vendor and SVM support
Ref #4826
2023-05-30 12:13:33 +02:00
Benjamin Lamowski
6ca7119267 base-hw: copy virtualization structure for x86_64
Ref #4826
2023-05-30 12:13:33 +02:00
Norman Feske
256a989550 base-nova: update include guard 2023-05-30 12:13:33 +02:00
Norman Feske
34c7085ada sculpt.run: whitespace 2023-05-30 12:13:33 +02:00
Stefan Kalkowski
30e0452faf sculpt: increase sculpt_manager's cap quota
Fix genodelabs/genode#4911
2023-05-30 12:13:33 +02:00
Stefan Kalkowski
435c9719a7 sculpt: support for wifi on MNT Reform 2
Fix genodelabs/genode#4908
2023-05-30 12:13:33 +02:00
Alexander Boettcher
d92bd3afee sel4: update to 12.1.0 release
Fixes #4910
2023-05-30 12:13:33 +02:00
Alexander Boettcher
7351aa1670 sel4: remove x86_32/pc and imx7-sabre
The imx7 is not supported officially [0] anymore and the 32bit pc version is
not used nor intended to be used.

https://github.com/seL4/seL4/issues/254

Issue #4910
2023-05-30 12:03:34 +02:00
Christian Helmuth
22bee79534 port/metadata: improve info for multi-source ports
Now, ./tool/ports/metadata dde_linux produces the following output.

  PORT:     dde_linux
  LICENSE:  GPLv2
  VERSION:  individual (see sources)
  SOURCE:   https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.4.3.tar.xz VERSION 4.4.3 (lxip)
  SOURCE:   https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.16.3.tar.xz VERSION 4.16.3 (fec)
  SOURCE:   https://github.com/cproc/dwc_otg.git git r5 (dwc_otg_host)
  SOURCE:   https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.16.3.tar.xz VERSION 4.16.3 (usb_host)
  SOURCE:   https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.16.3.tar.xz VERSION 4.16.3 (usb_hid)
  SOURCE:   https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.16.3.tar.xz VERSION 4.16.3 (usb_modem)
  SOURCE:   https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.16.3.tar.xz VERSION 4.16.3 (usb_net)

Issue #4685
2023-05-30 12:03:34 +02:00
Christian Helmuth
5a97297282 fiasco: gather patch files with sort + wildcard
Using $(shell find $(REP_DIR)/patches -name *.patch) fails if the
current working directory contains *.patch files due to shell wildcard
expansion before execution. Additionally, the patch list was unstable
because it was not sorted resulting in divergent hashes.
2023-05-30 12:03:33 +02:00
Benjamin Lamowski
80c8775d77 base: make Entrypoint available in Vcpu_handler_base
Fixes #4906
2023-05-30 12:03:33 +02:00
Stefan Kalkowski
1c790b2776 lx_emul: use alternative initcall for pci on ARM
On platforms different than x86 the subsys initcall `pci_subsys_init`
is not available. Therefore, we choose an alternative one here.

Fix genodelabs/genode#4907
2023-05-30 12:03:33 +02:00
Stefan Kalkowski
0aef0959d5 hw: catch all cache lines for mis-aligned addresses
Fix genodelabs/genode#4905
2023-05-30 12:03:33 +02:00
Christian Helmuth
6b2338257d Let linker assume stacks are non-executable
In our binaries, the .note.GNU-stack section is missing, which is okay
as we do not interpret these sections anyway and map stack pages
non-executable per default.

Issue #4827
2023-05-30 12:03:33 +02:00
Norman Feske
823349fffb libc: make libc-plugin headers private to libc
Fixes #4904
2023-05-30 12:03:33 +02:00
Norman Feske
e1e26c4439 libports: update doc/libc.txt 2023-05-30 12:03:33 +02:00
Christian Prochaska
b1be660c7b libusb: remove use of obsolete libc-plugin interface
Fixes #4854
2023-05-30 12:03:33 +02:00
Martin Stein
8992dadb15 libports: remove unused libsparkcrypto
The main user of libsparkcrypto in the past was the CBE block encryption
ecosystem. However, the CBE was replaced with the Tresor block encryption that
uses libcrypto instead.

Ref #4819
2023-05-30 12:03:33 +02:00
Josef Söntgen
497c8b0922 wifi: provide WPA3-personal support
This commit introduces preliminary support for joining networks secured
via WPA3-personal. So far it was only tested with the one OpenWRT AP
configured for WPA3 (see excerpt below) where it WPA3-only as well as
WPA2/WPA3 mixed worked fine.

Scan results excerpt:

00:11:22:33:44:55    5180    -45     [WPA2-SAE-CCMP][SAE-H2E][ESS][UTF-8]    PewPew
00:11:22:33:44:55    2412    -67     [WPA2-PSK+SAE+PSK-SHA256-CCMP][SAE-H2E][ESS][UTF-8]     PewPew2

Issue #4861.
2023-05-30 12:03:33 +02:00
Josef Söntgen
cfd3be675f pc_wifi: enable RTL8192CE support in rtlwifi
Issue #4861.
2023-05-30 12:03:33 +02:00
Josef Söntgen
dc178e0ab2 dde_linux: enhance KBUILD_MODNAME generation
It turns out solely relying on the name of the compilation-unit
is not enough. In at least one multi-device driver, e.g. rtlwifi,
an equally called compilation-unit is found in several different
directories. There KBUILD_MODNAME is used to name the driver,
which fails later on as the driver framework refuses to register
an equally named driver twice.

Instead of only considering the name of the compilation-unit also
include the last element of the path to generate differentiating
KBUILD_MODNAME value.

Issue #4861.
2023-05-30 12:03:33 +02:00
Josef Söntgen
0e82322605 pci_decode: force GSI for ath9k device
As noted in 'wifi/pc: add ath9k driver' it appears the tested device
only works with GSIs.

Issue #4861.
2023-05-30 12:03:33 +02:00
Josef Söntgen
22c9157231 wifi: add RFKILL notification interface
Add somewhat cosmetic changes to the RFKILL interface used between
the management layer and the driver library to make the intent clear.

Issue #4861.
2023-05-30 12:03:33 +02:00
Josef Söntgen
6b406469f6 dde_linux: remove unused var from libnl_include
Issue #4861.
2023-05-30 12:03:33 +02:00
Josef Söntgen
080b0fb9b3 dde_linux: update wpa_supplicant to version 2.10
The supplicant is updated to the current release and is now downloaded
as archive rather than pulled from git. For the time being 'libnl' is
still kept at 3.2.25 as the current 3.7.0 release relies on more Linux
infrastructure that our integration does not provide.

Issue #4861.
2023-05-30 12:03:33 +02:00
Josef Söntgen
ea0a692879 wifi: get firmware from tar archive
This commit changes the firmware handling from requesting each
firmware file as a ROM module that is checked against a list of
known images (including their size) to requesting each file via
the local VFS of the 'wifi_drv'. This allows for using the original
probing mechanism that tries to select a matching firmware version.

The 'repos/dde_linux/src/drivers/wifi/README' file contains more
detailed information on how to configure the driver.

Issue #4861.
2023-05-30 12:03:33 +02:00
Josef Söntgen
3ba070e5e4 pc_wifi: implement __crypto_xor generated dummy
This function is called when decrypting RX frames on the CPU on 32 bit
platforms. Since the frames are normally decrypted by the wireless LAN
device and this code path is triggered rather infrequently the byte-wise
implementation should not pose a performance risk.

So far it was only encounter with a 7260 device when running netperf.

Issue #4861.
2023-05-30 12:03:33 +02:00
Josef Söntgen
d5710d9de3 Move 'wifi' driver to dde_linux repository
The bulk of the driver code now lives in the 'dde_linux' repository,
which is available on all platforms, from where it can be referenced by
other repositories.

The 'wifi_drv' binary was delegated to a generic harness that includes
all configuration and management functionality shared by all wireless
device driver components, e.g., the wpa_supplicant. The code of the
device driver emulation environment is located in 'src/lib/wifi'. It
is referenced by the platform-specific driver library that resides in
the corresponding platform repository. The runtime configuration needs
to point the driver to proper driver library.

The platform-specific library is in charge of orchestrating the contrib
source utilized by the driver as well as providing the 'source.list'
and 'dep.list' files. It must include the generic library snippet
'repos/dde_linux/lib/wifi.inc' that deals with managing the emulation
environment code.

The 'repos/dde_linux/src/drivers/wifi/README' file contains more
detailed information on how to deploy the driver.

Issue #4861.
2023-05-30 12:03:32 +02:00
Josef Söntgen
6727b5ea49 dde_linux: promote PC specific additions
Issue #4861.
2023-05-30 12:03:32 +02:00
Martin Stein
aeb65d6b1b file_vault: version 23.05
* ARM support and detaching from Ada/SPARK

  * Remove all CBE-related code - especially the Ada/SPARK-based CBE library.

    * We have no means or motivation of further maintaining big projects in
      Ada/SPARK (the core Genode team is native to C++).

    * The Genode Ada/SPARK toolchain and runtime don't support ARM so far - an
      important architecture for Genode. This would mean extra commitment in
      Ada/SPARK.

    * We realize that block encryption more and more becomes a fundamental
      feature of Genode systems.

  * Implement a new block encryption library named Tresor that is inspired by
    the design and feature set of the former CBE library and that is entirely
    C++ and part of the Genode gems repository.

    * The Tresor block encryption is backwards-compatible with the on-disk
      data layout of the former CBE block encryption.

    * Except from the snapshot management and the "dump" tool, the Tresor
      block encryption provides the same feature set as the former CBE block
      encryption and accepts the same user requests at the level of the
      Tresor library API.

    * So far, the Tresor block encryption does not support the creation of
      user-defined snapshots.

    * In contrast to the former CBE, the Tresor ecosystem has
      no "dump" tool beause with the CBE library it turned out to be rarely of
      use.

    * In contrast to the Block back-end of the CBE "init" tool, the Tresor
      "init" tool uses a File System back-end.

    * The former CBE VFS-plugin is replaced with a new Tresor VFS-Plugin.

      * The Tresor-VFS plugin in general is similar to the former CBE VFS but
        has a slightly different API when it comes to re-keying and re-sizing.
        Each of these operations now is controlled via two files. The first
        file is named <operation> and the user writes the start command to it.
        The user must then read this file once in order to drive the operation.
        The read returns the result of the operation, once it is finished.
        The second file is named <operation>_progress and can be watched and
        read for obtaining the progress of the operation as percentage.

    * The file vault is adapted to use the new Tresor ecosystem
      instead of the former CBE ecosystem and thereby also gains ARM support.

    * The former CBE tester and CBE VFS-tests are replaced by equivalent
      Tresor variants and are now run on ARM as well (testing with a persistent
      storage back-end is supported only when running on Linux).

    * So far, the new Tresor block encryption has no internal cache for meta
      data blocks like the former CBE.

* Add config/report user interface

  * Add a second option for the administration front end to the file vault
    named "config and report". With this front end the File Vault communicates
    with the user via XML strings. A ROM session is requested for user input
    and a Report session for user output. The front end type must be set at
    startup via the component config and is a static setting. The graphical
    front end that was used up to now is named "menu view" and remains the
    default.

  * The File Vault can now reflect its internal state and user input ("config
    and report" mode only) at the LOG session via two new static config
    attributes "verbose_state" and "verbose_ui_config" (both defaulting to
    "no").

  * The Shutdown button in "menu view" mode is replaced with a Lock button. The
    new button doesn't terminate the File Vault but merely lock the encrypted
    container and return to a cleared passphrase input. The same transition is
    also provided in "config and report" mode.

  * The file_vault.run script is replaced with file_vault_menu_view.run and
    file_vault_cfg_report.run that address the two front end modes. In contrast
    to the former script, which is interactive, the latter script is suitable
    for automatic testing.

  * There is a new recipe/pkg/test-file_vault_cfg_report that essentially does
    the same as file_vault_cfg_report.run but uses the File Vault package and
    can be executed with the Depot Autopilot. The new test package is added to
    the default test list of depot_autopilot.run

  * The File Vault README is updated to the new version of the component and
    has gained a chapter "functional description".

  * Fixes a regression with the cbe_init_trust_anchor component that prevented
    reacting to a failed unlock attempt in the File Vault.

* The new Tresor software Trust Anchor has an optional deterministic mode in
  which it replaces the normally randomized symmetric keys with 0. This mode
  comes in handy for debugging. However, it should never be activated in
  productive systems. When activated, the user is warned extensively on the
  LOG that this system mode is insecure.

Ref #4819
2023-05-30 12:03:32 +02:00
Johannes Schlatow
d3d3351b99 base-nova: fix map for small sizes
Changes to the platform driver triggered a map() error while mapping an
address block at 0x3000 of size 0x800. Since the mapped size was larger, the
loop continued and tried mapping address 0x4000 where no dataspace was
found.

genodelabs/genode#4761
2023-05-30 12:03:32 +02:00
Johannes Schlatow
cb0546aa9b os: increase platform_session quota 2023-05-30 12:03:32 +02:00
Johannes Schlatow
b558cd18d4 platform_drv: make Device_pd a Io_mmu::Domain
By transforming the Device_pd into an Io_mmu::Domain, we implement an
IOMMU device that uses the kernel API for controlling the IOMMU. This
device gets special treatment and is used by default for every device
that has no <io_mmu/> child.

genodelabs/genode#4761
2023-05-30 12:03:32 +02:00
Johannes Schlatow
9b5944b90c platform_drv: use IOMMU devices
Every session component manages a registry of Io_mmu::Domain objects
that it creates on demand depending on the acquired devices (i.e. the
IOMMU devices referenced by the acquired devices). Via the domain
objects, a session component adds/removes the address ranges of the
allocated DMA buffers. Additionally, domain objects provide an interface
for enabling/disabling pci devices.

Domain objects get destroyed with the corresponding control device.
Moreover, on devices/policy ROM updates, domain objects of control
devices that are not referenced by any acquired device anymore get destroyed.

genodelabs/genode#4761
2023-05-30 12:03:32 +02:00
Johannes Schlatow
d3357b4c53 platform_drv: propagate IOMMU devices to session
genodelabs/genode#4761
2023-05-30 12:03:32 +02:00
Johannes Schlatow
b2e4f95f27 platform_drv: add <io_mmu> to devices ROM
This allows referencing an arbitrary number of IOMMU devices within a
<devices> node, e.g.:

<device>
  <io_mmu name="foobar"/>
</device>

The specified name is supposed to refer to an existing device in the
devices ROM. The platform driver automatically acquires known IOMMU
devices whenever they become available so that the device object can be
looked up from the platform-driver-owned devices.

genodelabs/genode#4761
2023-05-30 12:03:32 +02:00
Johannes Schlatow
f2e63bdd64 platform_drv: add IOMMU devices to common
With this change, platform-specific code is able to define factories that
acquire IOMMU devices to be used by the platform driver.

genodelabs/genode#4761
2023-05-30 12:03:32 +02:00
Johannes Schlatow
f98466430f platform_drv: don't restrict ownership to session
This is a prerequisite for letting the platform driver acquire control devices.

genodelabs/genode#4761
2023-05-30 12:03:32 +02:00
Johannes Schlatow
3520492f09 platform_drv: fix update_policy()
The method did not handle device changes properly. When a new policy
does not contain an owned device any more, we must consider this device
as changed and release it.  Moreover, the warning messages were interchanged.

genodelabs/genode#4761
2023-05-30 12:03:32 +02:00
Alexander Boettcher
475bcfc2b9 qemu: use EPYC as model for AMD SVM virtualization
"-cpu phenom" does not support all CPU instructions necessary with
gcc 12 toolchain update issuing more SSSE3, e.g. pshufb.

Additionally, remove good/bad Qemu version check of outdated versions.

Issue genodelabs/genode-world#329
2023-05-30 12:03:32 +02:00
Christian Prochaska
11f3df6e72 ports: remove obsolete noux-pkg dummy libs
Issue #4827
2023-05-30 12:03:32 +02:00
Christian Prochaska
a4fd743973 grep: disable use of unsupported pcre JIT compilation
Issue #4827
2023-05-30 12:03:32 +02:00
Christian Prochaska
9b4cd59d09 ports: preload posix.lib.so in tool_chain_auto.run
Issue #4827
2023-05-30 12:03:32 +02:00
Christian Prochaska
44046a82d4 binutils: support Genode lib name patterns with '-l' option
Issue #4827
2023-05-30 12:03:32 +02:00
Stefan Kalkowski
8cb9d19079 lx_emul: add vmalloc defines to ARM64
Ref genodelabs/genode#4813
2023-05-30 12:03:32 +02:00
Stefan Kalkowski
46c8267fa9 Fix "wifi: support building for ARM64"
Issue #4813
2023-05-30 12:03:32 +02:00
Sebastian Sumpf
4903487f21 vbox6: fix "Error: slab block [xxx] is corrupt"
In 'SUPR3InitEx' (SUPLib.cpp) a 'SUPQUERYFUNCS' structure is allocated
with

!  (PSUPQUERYFUNCS)RTMemAllocZ(SUP_IOCTL_QUERY_FUNCS_SIZE(CookieReq.u.Out.cFunctions));

where 'CookieReq.u.Out.cFunctions' is 0. To determine the size of the
allocation

! #define SUP_IOCTL_QUERY_FUNCS_SIZE(cFuncs) \
!   RT_UOFFSETOF_DYN(SUPQUERYFUNCS, u.Out.aFunctions[(cFuncs)])

is used with cFuncs = 0 (SUPDrvIOC.h) leading to an allocation up to the
arrow below

! typedef struct SUPQUERYFUNCS
! {
!     /** The header. */
!     SUPREQHDR               Hdr;
!     union
!     {
!         struct
!         {
!             /** Number of functions returned. */
!             uint32_t        cFunctions;
!             /** Array of functions. */
==> end of allocation
!             SUPFUNC         aFunctions[1];
!         } Out;
!     } u;
==> sizeof(SUPQUERYFUNCS)
! } SUPQUERYFUNCS, *PSUPQUERYFUNCS;

In sup.cc (Genode) 'ioctl(SUPQUERYFUNCS &request)' will lead to
'with_out_ioctl'

! auto &out = request.u.Out;

where auto is 'SUPQUERYFUNCS' and finally

! out = { };

will zero out 'SUPQUERYFUNCS' up to the second arrow above. Because
'RTMemAllocZ' will call 'calloc' to allocate the memory 'out = { };'
will corrupt the slab block after the allocation. Therefore, it is
reasonable to allocate at least 'sizeof(SUPQUERYFUNCS)'.

Note there might be other 'ioctl' cases like this. A better way might be
to use 'SUPQUERYFUNCS.Hdr.cbOut' to determine the 'out' size.

fixes #4675
2023-05-30 12:03:32 +02:00
Sebastian Sumpf
40f31a9050 libc: add message for corrupted allocation on 'free'
In case the meta data (or more) got zeroed upon 'free', print error
message. The offset in the meta data can never be zero. This does not
help on other memory corruptions, but at least gives a hint in the too
much zeroed out case.

issue #4675
2023-05-30 12:03:32 +02:00
Christian Prochaska
4c98be54eb libports: remove pcre16
Fixes #4903
2023-05-30 12:03:32 +02:00