This patch enhances menu_view with the optional configuration attributes
'opaque' and 'background'. Setting 'opaque' to "yes" suppresses the use
of the alpha channel at the GUI session. This improves the drawing
performance by 20% on the PinePhone. Since the menu_view uses the
gems/gui_buffer.h utility, the 'Gui_buffer' received a new 'Alpha'
argument at construction time.
The 'background' attribute can be specified to define the reset color of
the GUI buffer. It alleviates the need to create a frame widget for the
top level.
The patch also switches the optimization level for compiling menu_view
to -O3, which increases the drawing performance on the PinePhone by 30%.
Fixes#4592
This change increases the quota to allow the use of bigger fonts, and
tweaks the style such that the keyboard gets a decent appearance on the
PinePhone's 1440x720 display.
This patch adds principle support for using a USB-net modem as
mobile-data uplink. The change is motivated by the upcoming phone
manager for the PinePhone where the modem serves as the primary network
uplink. For the regular PC version of Sculpt, the feature is not needed
(hence remains disabled) because USB net can be deployed from a package
as described in:
https://genodians.org/jschlatow/2021-07-21-mobile-network
The patch also renames the "Local" network option to "Disconnected" to
be more intuitive.
By decoupling the network dialog's menu view from the 'Network' class,
we become able to host the network dialog in the same menu view instance
as other dialogs.
By using the new functions provided by the base API, this patch removes
the dependency of several components from include/decorator/xml_utils.h.
Issue #4584
Define custom analyses that can be imported into TraceCompass (>= 7.3)
for evaluating the traced component interactions and checkpoints.
genodelabs/genode#4352
The box layout evenly distributes the child widgets according to the
number of children. This is not desired in the special case where a
child widget has a size of zero. The patch changes the layout algorithm
such that zero-sized widgets are not taken into account for distributing
residual space.
This patch replaces the former implicit "phonyness" of the rule by an
explicit .PHONY and installs a symlink from the target's build directory
to bin/ as is the usual practice for regular targets.
Related to issue #3972
By declaring the generated menu_view_styles.tar archive as build
artifact, it is automatically picked up whenever menu_view appears as
build ingredient of sculpt.
build: app/menu_view
This patch simplifies the use of the menu_view in scenarios where no
absolute motion events but only touch events occur. Previously, such
scenarios required the creation of artificial absolute motion events
via the event filter.
Issue #4514
This patch fixes rare freezes of menu view instances, which could happen boot
time whenever the leitzentale GUI happens to get initialized before the display
driver finished setting up a reasonable mode. In this case, the resolution-
dependent font size can temporarily get almost zero, tripping up the glyph
renderer.
This patch reduces the response time of supposedly stuck situations like
an unresponsive part_block component. First, it reduces the heartbeat
rate from 1 to 2 seconds to make it consistent with the frequency of
state reports. Second, it allows up to four skipped heartbeats until
regarding the situation as stuck. With those changes, the prolonged
initialization sequence of a USB ZIP drive succeeds with Sculpt.
This patch handles the corner case of switching virtual desktops while
child views are visible. Examples of such child views are tool tips,
pull-down menus, or the graph of the top-view utility. The switch to
another virtual desktop would implicitely turn the child views into
top-level views of the root nitpicker GUI server until switching back
to the original virtual desktop.
The patch implements the expected behavior of hiding all child views
that belong to a disappearing top-level view.
The value of 50% as assigned by commit "sculpt: add basic support for
i.MX8 Quad EVK" leaves too little room for other components of the
runtime subsystem. With the adjustements of commit "sculpt: assign CPU
quotas" the sum exeedcs 100%. Hence this commit tunes down the value to
sensible 10%.
By assigning CPU budgets, base-hw's priorities come into effect.
Even though the chosen values are rather guessed than informed, they
yield a visibly improved responsiveness on the Pinephone.
* Switch from the legacy usb_host driver to the new PC version
in recipes and automated tests
* Update documentation snippets
* Remove outdated, unused usb_rndis run-script
Fixgenodelabs/genode#4416
Do not set '_mode' per default to MANANGED. Check if a manual config ROM
is present during construction and set '_mode' to MANUAL in case it is.
issue #4369
This patch makes Sculpt's leitzentrale GUI able to respond to touch events. It
formerly assumed that click/clack events are always preceded by hover reports
that identify the clicked-on widgets. For touch events, however, the most
up-to-date hover information referred to the previous click because there is no
motion without touching. So the GUI tended to identify the wrong widgets as
click targets.
The patch solved this problem by testing the freshness of the hover information
at the time of the click. If the hover information is older than the click, the
action is deferred until up-to-date hover information becomes available.
Fixes#4398
* retrieve Genode::Env from plugin, this way no mesa applications need to
be changed.
* add 'vfs_gpu' api
* remove when all required functionality is implemented within the plugin.
issue #4380
When a <gpu> node is present in the VFS, the plugin opens a
Gpu::Connection for each open call to the 'gpu' node and installs a
completion signal handler. A read only to the fd returned only comes
back if a completion signal has been received between two read
transctions to the fd.
For now the Gpu::Connections can be retrieved by calling the
'vfs_gpu_connection(unsigned long id)' function. The id can be obtained
using 'stat' on the 'gpu' device and is located in the inode (st_ino)
field of the stat buffer.
issue #4380
This patch equips Sculpt with the ability to customize the system image
in very flexible ways.
All customizable aspects of the image have been relocated from the
former sculpt.run script and the accompanied gems/run/sculpt/ directory
to a new location - the sculpt/ directory - which can exist in any
repository. The directory at repos/gems/sculpt/ serves as reference.
The sculpt directory can host any number of <name>-<board>.sculpt files,
each containing a list of ingredients to be incorporated into the
Sculpt system image. The <name> can be specified to the sculpt.run
script. E.g., the following command refers to the 'default-pc.sculpt'
file:
make run/sculpt KERNEL=nova BOARD=pc SCULPT=default
If no 'SCULPT' argument is supplied, the value 'default' is used.
A .sculpt file refers to a selection of files found at various
subdirectries named after their respective purpose. In particular, There
exists a subdirectory for each file in Sculpt's config fs, like
nitpicker, drivers... The .sculpt file selects the alternative to use
by a simple tag-value notation.
drivers: pc
The supported tags are as follows.
*Optional* selection of /config files. If not specified, those files are
omitted, which prompts Sculpt to manage those configurations
automatically or via the Leitzentrale GUI:
fonts
nic_router
event_filter
wifi
runtime
gpu_drv
Selection of mandatory /config files. If not specified, the respective
'default' alternative will be used.
nitpicker
deploy
fb_drv
clipboard
drivers
numlock_remap
leitzentrale
usb
system
ram_fs
Furthermore, the .sculpt file supports the optional selection of
supplemental content such as a set of launchers.
launches: nano3d system_shell
Another type of content are the set of blessed pubkey/download files
used for installing and verifying software on target.
With the new version, it has become possible to supply a depot with the
the system image. The depot content is assembled according to the 'pkg'
attributes found in launcher files and the selected deploy config.
The resulting depot is incorporated into the system image as 'depot.tar'
archive. It can be supplied to the Sculpt system by mounting it into the
ram fs as done by the 'ram_fs/depot' configuration for the ram fs.
It is possible to add additional boot modules to the system image. There
are two options.
build: <list of targets>
This tag prompts the sculpt.run script to build the specified targets
directly using the Genode build system and add the created artifacts
into the system image as boot modules.
import: <list of depot src or pkg archives>
This tag instructs Sculpt to supply the specifid depot-archive content
as boot modules to the system image. This change eliminates the need for
board-specific pkg/sculpt-<board> archives. The board-specific
specializations can now be placed directly into the respective .sculpt
files by using 'import:'.
To make the use of Sculpt as testbed during development more convenient,
the log output of the drivers, leitzentrale, and runtime subsystems
can be redirected to core using the optional 'LOG=core' argument, e.g.,
make run/sculpt KERNEL=linux BOARD=linux LOG=core
The former pkg/sculpt-installation and pkg/sculpt-installation-pc
archives have been replaced by pkg/sculpt_distribution-pc, which
references the generic pkg/sculpt_distribution archive. Those pkgs are
solely used for publishing / distribution purposes.
Fixes#4369
- Consider 'sdl' as source of input events in the event-filter
configuration as generated by the sculpt manager
- Supply an artificial 'platform_info' ROM as requested by the
sculpt manager to obtain the affinity-space information
- Substitute 'fs_rom' for 'cached_fs_rom' as a workaround for the
lack of support for managed dataspaces on Linux
Fixes#4362
This patch improves the robustness of the CPU-affinity handling.
- The types in base/affinity.h received the accessors
'Location::within(space)' and 'Affinity::valid', which alleviates
the fiddling with coordinates when sanity checking the values,
in init or core.
- The 'Affinity::Location::valid' method got removed because its
meaning was too vague. For sanity checks of affinity configurations,
the new 'within' method is approriate. In cases where only the x,y
values are used for selecting a physical CPU (during thread creation),
the validity check (width*height > 0) was not meaningful anyway.
- The 'Affinity::Location::from_xml' requires a 'Affinity::Space'
as argument because a location always relates to the bounds of
a specific space. This function now implements the selection of
whole rows or columns, which has previously a feature of the
sandbox library only.
- Whenever the sandbox library (init) encounters an invalid affinity
configuration, it prints a warning message as a diagnostic aid.
- A new 'Affinity::unrestricted' function constructs an affinity that
covers the whole affinity space. The named functions clarifies
the meaning over the previous use of the default constructor.
- Core's CPU service denies session requests with an invalid
affinity parameter. Previously, it would fall back to an
unrestricted affinity.
Issue #4300
Similar to other devices allow for selecting a graphics device as
well. This is currently only useful on iMX8-based systems like
iMX8Q-EVK and MNT Reform2 where the driver is explicitly started
from a pkg.
Fixes#4342.
This patch changes the 'Allocator' interface to the use of 'Attempt'
return values instead of using exceptions for propagating errors.
To largely uphold compatibility with components using the original
exception-based interface - in particluar use cases where an 'Allocator'
is passed to the 'new' operator - the traditional 'alloc' is still
supported. But it existes merely as a wrapper around the new
'try_alloc'.
Issue #4324
This patch adds a missing call of '_handle_decorator_margins' at
construction time. Up to commit "report_rom: versioning and explicit
notification" this problem was masked by an unconditional signal, which
implicitely triggered the call.
Issue #4274Fixes#4306
This patch presents all press and release events to the pointer state,
fixing the problem that _key_cnt was decreased but never increased.
However, the inconsistency had no observable effects in practice.
Issue #4176
This patch ensures that the pointer report is updated not before all
input events are handled. The change does not solve any observed
practical issue but the potential problem was spotted while reviewing
the code.
Issue #4176
This patch changes the depot_query tool to filter the returned index
data depending on the 'arch' as specified for the query. This way, one
index file can support multiple CPU architectures while allowing
individual entries to be architecture-specific.
Fixes#4295
This patch adds the missing definition of 'prio_levels' in the prepare
sub init, fixing the warning:
[init -> runtime -> prepare] Warning: vfs: invalid priority, upgrading from -2 to 0
Issue #4281
Warning!
The current version of the file vault is not thought for productive use but
for mere demonstrational purpose! Please refrain from storing sensitive data
with it!
The File Vault component implements a graphical frontend for setting up and
controlling encrypted virtual file systems using the Consistent Block Encrypter
(CBE) for encryption and snapshot management. For more details see
'repos/gems/src/app/file_vault/README'.
Fixes#4032
Previously unconditional calls to Genode::log in cbe init and the cbe trust
anchor VFS plugin were made dependent on a verbosity flag that is set to
"false" by default.
Ref #4032
Instead of simply encrypting the private key with AES-256 when storing it to
the 'encrypted_private_key' file, wrap it using the AES-key-wrap algorithm
described in RFC 3394 "Advanced Encryption Standard (AES) Key Wrap Algorithm".
This is more secure and enables us to directly check whether the passphrase
entered by the user was correct or not.
Ref #4032
As the file formerly named 'secured_superblock' actually contains the hash of
the superblock that was secured, it was renamed 'superblock_hash'.
Ref #4032
As the file formerly named 'keyfile' actually contains the encrypted private
key of the Trust Anchor, it was renamed 'encrypted_private_key'.
Ref #4032
By now, the symmetric keys were only XOR'ed with the private key as placeholder
for a real encryption. Now they are encrypted using AES256 with the TA's
private key as key
Ref #4032.
A private key of 256 bits is generated pseudo-randomly using the jitterentropy
VFS plugin on initialization. The private key is stored in the key file
encrypted via AES256 using the SHA256 hash of the users passphrase. When
unlocking the CBE device, the encrypted private key is read from the key file
and decrypted with the hash of the users passphrase.
Ref #4032
Instead of using the user passphrase directly, use its SHA256 hash calculated
using libcrypto. The passphrase hash is still stored in the key file to be
used as base for the very primitive way of generating the private key.
Ref #4032
Closing the keyfile handle after a write operation wasn't synchronised to the
actual end of the write operation.
Issuing a write operation at the back end returns successfull as soon as the
back end has acknowledged that it will execute the operation. However, the
actual writing of the data might still be in progress at this point. But the
plugin used to close the file handle and declare the operation finished at this
point which led to warnings about acks on unknown file handles and leaking
resources. Now, the plugin issues a sync operation directly after the write
operation and waits for the sync to complete. This ensures that the plugin
doesn't declare the operation finished too early.
Ref #4032
The unlocking operation in the trust anchor was broken wich caused bad keys in
the CBE. This rewrites the whole operation to work as desired. Note that this
doesn't make it more safe! The private key is still almost the same as the
passphrase and stored plaintext.
Ref #4032
The plugin used to close file handles via the 'vfs_env.root_dir.close'.
However, this lead to resource leaks and apparently isn't the right way to
do it. Other VFS plugins do it by calling 'close' directly on the handle and
doing it in the trust anchor plugin also, fixes the leaks.
Ref #4032
Closing the hashfile handle after a write operation wasn't synchronised to the
actual end of the write operation.
Issuing a write operation at the back end returns successfull as soon as the
back end has acknowledged that it will execute the operation. However, the
actual writing of the data might still be in progress at this point. But the
plugin used to close the file handle and declare the operation finished at this
point which led to warnings about acks on unknown file handles and leaking
resources. Now, the plugin issues a sync operation directly after the write
operation and waits for the sync to complete. This ensures that the plugin
doesn't declare the operation finished too early.
Ref #4032
There were no means for issuing a Deinitialize request at the CBE using the
CBE VFS plugin. The new control/deinitialize file fixes this. When writing
"true" to the file, a Deinitialize request is submitted at the CBE. When
reading the file, the state of the operation is returned as a string of the
format "[current_state] last-result: [last_result]" where [current_state] can
be "idle" or "in-progress" and [last_result] can be "none", "success", or
"failed".
Ref #4032
When discarding a snapshot, the CBE VFS plugin didn't communicate the ID of
the snapshot to the CBE. Instead it set the ID argument to 0. Therefore the
operation never had any effect.
Ref #4032
The snapshots file system used to return the number of snapshots on
'num_dirent' when called for the root directory although it was expected to
return 1. This confused the tooling ontop of the VFS.
Ref #4032
Despite being readable, the files control/extend and control/rekey proclaimed
that they were not when asked. This caused the fs_query tool to not report the
content of the files although it could have.
Ref #4032
Stat calls on the control/extend and control/rekey files returned a bogus file
size that led to an error in the VFS File_content tool. The tool complained
that the size of the file determined while reading the content differs from the
one reported by the stat operation. Now, the stat call will always determine
the actual size of what would be read. However, it isn't guaranteed that this
size doesn't change in the time after the stat operation and before the read
operation.
Ref #4032
Both, trace_logger and vfs_trace had their own trace_buffer.h. This
commit consolidates the existing implementations and provides the
resulting trace_buffer.h at 'include/trace/'. It thereby becomes part of
the trace api archive.
genodelabs/genode#4244
WARNING: BREAKS CONFIG COMPATIBILITY!
This commit changes the configuration interface of the NIC router in a way that
may break systems that use the component without proper adjustment!
How to adjust:
At each occurrence of the 'dns_server_from' attribute in a NIC router
configuration replace the attribute name with 'dns_config_from'. The attribute
value remains unaltered.
DETAILED DESCRIPTION
The new attribute name 'dns_config_from' reflects that also other aspects of
the DNS configuration of the denominated domain are used by the DHCP server
that holds the attribute. This commit is a preparation for forwarding also the
domain name (DHCP option 15) with the mechanism behind the attribute.
Ref #4246
File size must be the same as the number of bytes that can be read from
the file. Otherwise, this will trigger a `Truncated_during_read`
exception.
Fixesgenodelabs/genode#4240
* the GPU multiplexer now offers the platform service to the Intel
framebuffer driver (driver_manager)
* ajdusted drivers_managed-pc to hand out resources to the GPU driver
* adjust quotas
issue #4233
The fs_query component used to exit with an uncaught exception if a queried
directory didn't exist. Now, fs_query will catch this event and simply skip the
affected query, thereby indicating to the user the inexistence of the
queried directory.
Ref #4032
If no window has ever been focused, next() always returns an invalid
window id. As a consequence, there is no way to cycle through the focus
history without an explicit focus event (e.g. mouse hover).
Instead, next() should return the first window from the focus history if the
currently focused window is not present.
Fixesgenodelabs/genode#4164
Adds the <new-file> operation to the fs_tool. When configured, the
<new-file path="...">...</new-file> tag will cause creation or overwriting of
the file given through the 'path' attribute. The file will contain the text
content of the tag.
Ref #4032
This patch moves the utility from the app/text_area to os/vfs.h to make
it easier to use by other components. By hosting the 'New_file' as a
friend alongside the 'Directory', we can now pass a 'Directory' as
constructor argument, which is consistent with other utilities such as
'File_content'.
As a further improvement, the new version supports the implicit creation
of the directory hierarchy leading to the new file.
Issue #4032
By adding an attribute 'size="yes"' to a query, one instructs fs_query to
report also the size of each queried file as attribute 'size' of the
corresponding 'file' node.
Ref #4032
The fs_query component used to try watching all files it found resulting in
errors on files that are not watchable. For some files, however, the watch-
feature doesn't make sense as they are not readable (no content, no size).
Now, fs_query will check first whether a file is readable and skip watching
if it isn't.
Ref #4032
When configuring fs_query to print the content of files it used to try so for
all files it found resulting in errors on files that are not readable. Now,
fs_query will check first whether a file is readable and skip printing the
content of those that are not.
Ref #4032
Managing ssh event file descriptors was performed from two different
threads which could cause reallocation of structure used in other thread
in a call to 'poll' function.
Splitted initialization to parts and moved ssh event part into ssh loop.
Issue #4095
Moved creating ssh loop thread after initialization of wake up server
file descriptors to make sure that they will be properly handled even in
first loop run.
Issue #4095
pthread.0 acquires a write buffer mutex and calls potentially
blocking fs operations. The EP thread handles session requests and tries to
acquire the same write buffer lock. IO progress events for pthread.0 are
handled by the EP thread, which however is blocking on the write buffer mutex.
The commit uses two write buffers, one which is filled by the EP and a second
which is used by pthread.0. The two buffers are swapped protected by a mutex
without invoking blocking fs operations.
Issue #4095
The exec_terminal generates a config report which is used as input ROM for
sandbox/init, which does not support an "<empty>" node.
An empty config node is empty, without an node.
Issue #4095
With this patch, the user is able to re-gain access to the inspect view
by toggling the inspect button of a file system unrelated to the failed
USB storage device.
Fixes#4090
The direct execution of application-level code by a watch handler is
troublesome because those handlers are executed at the I/O signal level.
In the concrete case, the watch handler got recursively called because
the handler called _handle_config (application-code), which called the
VFS, which in turn performed a wait_and_dispatch_one_io_signal, which
again invoked the watch handler.
The patch works around the problem by letting the watch notification
trigger the application-level signal for the _config_handler.
Fixes#4091
This patch adds the handling neccessary for clients to upgrade the cap
quota of their GUI session. Until now, the upgrade mechanism supported
only RAM quota.
The limitation became visible once a client - in the particular case the
motif_decorator - attempted the cap upgrade of its GUI session. The cap
quota would arrive at the wm, but the wm would keep it instead of
forwarding the quota to nitpicker. This resulted in an infinite retry
loop at the motif_decorator, ultimatedly depleting all its cap quota.
The window manager infers the overall state from the intercepted input
events for the decorator and all GUI clients. However, each of those
parties have an independent input-event stream. Whereas the order of
events within one GUI session is strict, the order of events between GUI
sessions is arbitrary. The window manager wrongly relied on a global
event ordering to track the pointed-at GUI session.
The patch removes the assumption of a global event order by tracking the
relevant pointer state for each GUI session independently and evaluating
these states when propagating the pointer position to the decorator.
Fixes#4059
The addition of further keyboard layouts would otherwise pollute the
config/ directory too much.
Caution: When updating Sculpt OS, don't reuse your existing
config/event_filter file unmodified! You need to replace the chargen
includes, pointing to the new location, e.g.,
<include rom="en_us.chargen"/>
<include rom="special.chargen"/>
must be changed to
<include rom="keyboard/en_us"/>
<include rom="keyboard/special"/>
Issue #4055
This patch extends the settings dialog with the ability to select the
keyboard layout between the options that are included in the sculpt
image. The manual configuration is of course still possible by editing
the /config/event_filter directly.
If both the fonts configuration and the event-filter configuration are
managed manually, the settings button and window are not displayed.
Fixes#4055
By sorting the reported output, all consumers of the reports become able
to rely on a deterministic order. For example, the file browser of
Sculpt OS, the launcher menu items, and the depot-selection items will
appear in a predictable order.
Fixes#4054
This patch adds session-routing options to connect components to the
capture/event interfaces of the global nitpicker GUI server or the
leitzentrale GUI server. It thereby enables the implementation of screen
capturing components, remote management tools, or virtual keyboards.
Since those services are very powerful, they are subsumed under the
"hardware" category of the component graph as opposed to the GUI
category, which guarantees the separation of clients.
Fixes#4053
This patch adds 4 priority levels to the runtime subsystem. The highest
priority is used for components that are critical for the operation of
Sculpt, in particular the Leitzentrale GUI. All regularly deployed
components are assigned the lowest priority by default.
With priorities available in the runtime subsystem, this patch flattens
the priority levels at the top-level init to only two levels and
overlays the priority bands of the drivers, leitzentrale, and runtime
subsystems into one priority band. This has three benenfits:
- This change prevents the starvation of the Leitzentrale GUI from a
spinning high-priority driver (issue #3997).
- The change will also ease the hosting of latency-critical components
in the runtime subsystem that are prioritized higher than regular
components, the storage stack, and the network stack.
- The Leitzentrale GUI remains always perfectly responsive regardless
of the workloads deployed from packages. In the previous version,
the runtime graph was sometimes stuttering on high system load.
Issue #4045
This patch triggers the immediate removal of part_block once the
discovery of a fresh inserted USB stick has completed. Without the
patch, part_block was retained until the runtime was reconfigured the
next time for other reasons (e.g., toggling an inspect view). Until the
next reconfituration, part_block tended to stand in the way of directly
assigning the USB device to a VM.
This commit improves the performance of the pipe plugin by using local
signal handling and avoiding sending a signal during write when pipe
buffer is full.
Issue #3583
All pipe-ends were notified at the same time which leads to dead-locks.
This commit mitigates this by having a signal handler for each pipe and
each pipe-end respectively.
Issue #3583
The vfs pipe plugin can now be used as named pipe which anables data
transfer via file handles from one component to another. E.g. if one
would like to send data from component A to stdin of a libc component B,
one can do so by simply writing to that fifo file.
Issue #3583
The deadlock reported in #3236 could be reproduced via the wm.run script
and the modification of test/nitpicker in commit "nitpicker: fix destroy
with invalid handle" by clicking on the testnit entry of the launchpad.
This patch fixes the deadlock by releasing the locked pointer early in
the destruction path, which is legitimate as the wm is single-threaded.
Fixes#3236
No code in this class uses this private member variable. This prompts
clang to produce a warning message about it. Fix it by dropping the
variable.
Issue #3985
This private member variable is not used anywhere in the code. This
produces compilation warning when using clang instead of GCC. Drop the
unused variable.
Issue #3985
The State enum and _state private member variable are not used anywhere.
This produces an extra warning when building the code with clang instead
of GCC. Remove this dead code.
Issue #3985
Let the NIC router provide an Uplink service besides the Nic service that it
already provided. Requests for an Uplink session towards the NIC router are
assigned to Domains using the same <policy> configuration tags that are used in
order to assign Nic session requests. The MAC addresses of Uplink session
components are _NOT_ considered during the allocation of MAC addresses for NIC
session components at the same Domain. The task of avoiding MAC address clashes
between Uplink session components and Nic session components is therefore left
to the integrator. Apart from that, Uplink session components are treated by
the NIC router like any other interface.
Ref #3961
This patch relaxes the need to specify the rom content of all pkg dependencies
in each runtime file. Whenever a dependency features a runtime file, the
contained <content> <rom/> ... </content> nodes are implicitely included.
Fixes#3981
This patch complements the commit "nitpicker: defer hover changed while
dragging" with fixes of the window layouter and motif decorator.
- Handling of empty pointer model (after unhovering a decoration)
instead of not updating it.
- Re-applying the hover model to the window layout when leaving the
drag state. This addresses the corner case that the hover model
changed during the drag operation (which is rightfully not handled
while dragging).
- Letting the window layouter enter the drag state only if a dragged
window is defined.
Issue #3973
When idle, the decorator still consumes a bit of CPU time when triggered
by the GUI session's sync signal. This patch installs the sync handler
each time the decorator goes idle.
* Introduce CPU quota for driver subsytem (needed by sd_card_drv)
* Introduce CPU quota for runtime subsytem and nic_drv (needed by fec_nic_drv)
* Increase CAP quota for inspect terminal slightly
* Add sculpt packages for imx8q_evk
Fix#3958
* Introduce sculpt-[board] specific package
* Move rtc driver into managed drivers sub-system
* Name nic_drv in a generic fashion in sculpt_manager
* Copy over pc-specific config files only when building for PC
Ref #3958
Originally the outgoing buffer was flush when the terminal was
detached. Since we cannot do that at this point, make the flushing
part of the common cleanup procedure.
Issue #3682.
Rather than calling 'ssh_disconnect' from within the Terminal session,
flag the detached terminal in the session and let the event loop do the
cleanup. Otherwise it might happen that the 'ep' (handling the Terminal
session) as well as the 'pthread.0' (executing the ssh event loop) end
up both triggering the cleanup concurrently.
Issue #3682.
The CBE repository contained a lot of Genode-specific code despite the fact
that the CBE core logic is not bound to Genode in any way. Therefore the
Genode-specific CBE code is moved to the 'gems' repository to form part of
Genode mainline. The remaining CBE code becomes a port in Genode instead of
being invoked as sub-repository.
The commit combines the following work steps:
* add all files removed from CBE repository
* add CBE port files
* make all CBE libs and targets build again
* make all CBE run scripts succeed again
* make all CBE recipes build again
* make CBE autopilot succeed again
* let CBE autopilot use 'libsparcrypto' contrib dir and Genode build dir
instead of '.ci' dir in CBE contrib dir (remove '.ci' dir from CBE repo)
* let CBE autopilot always check for all ports
* make CBE autopilot directly executable
* fix license headers in all Genode CBE files
* remove unused VFS replay component
* remove unused CBE test
* remove unused external crypto
* remove unused files in run dir
* remove unused external trust anchor
* add cbe_tester test to autopilot list
* get rid of directories 'include/cbe_*' and 'include/utils'
Fixes#3937
- Show "..." for resource-assignment menu entry because it leads
to a sub menu.
- Avoid dialog changes when clicking on "Add component" while a
routing or resource dialog is unfolded.
The initial implementation of the affinity configuration in
"depot_deploy: support affinity configuration" added the affinity
location attributes to the <start> node of the deploy config. This patch
moves the information into a dedicated <affinity> sub node as done by
the init configuration. So the context of the attributes 'xpos', 'ypos',
'width' and 'height' becomes clear.
It also fixes a usability issue in Sculpt that occurred during testing:
When configuring multiple components with custom affinities, the
resources dialog of later components would wrongly display the state of
earlier components instead of displaying the fresh (default) state. The
resulting configuration would then not match the displayed information.
This is fixed by resetting the dialog state.
As another minor cosmetic change, the patch adds a line break in front
of copied <config> or <heartbeat> nodes.
Issue #3597
With the move of the storage-management dialogs to the graph in Sculpt
version 20.02, the ability to unselect the buttons for destructive
storage operations such as format or expand disappeared. This patch
restores the original behavior.
This patch enables the menu view's new ability to respond to font-size
changes in Sculpt so that the menu view instanced no longer need to be
restarted whenever the screen resolution or font size is changed.
Fixes#3875
This patch allows the use of the VFS watch mechanism for the glyph file
of the TTF VFS plugin so that clients become able to dynamically respond
to font reconfigurations.
Issue #3875
With this patch, sculpt uses init's heartbeat-monitoring mechanism to
detect the failure of part_block instances during storage disovery.
If part_block gets stuck, the device is released and can thereby
be accessed at the whole-device level.
Issue #3861
The check prevents the Ttf_font from violating the bounding box in the
presence of very small scale values. This can happen during the startup
of Sculpt. Before the framebuffer driver is up, Sculpt bases its dynamic
font-size setting on a screen resolution of 1x1.
Issue #3812
The sculpt manager used to defer the initialization of the GUI until
nitpicker's first display report became ready. This way, Sculpt was able
to run headlessly even if the framebuffer driver failed to start up.
Thanks to #3827, nitpicker no longer depends on a working framebuffer
driver. So the sculpt manager is safe to rely on nitpicker in any case,
simplifying the code.
Issue #3827
* enable all common warnings through default value of CC_ADA_WARN
* treat warnings like errors through default value of CC_ADA_WARN_STRICT
* enable almost all style checks through default value of CC_ADA_WARN_STRICT
* style fixes for aes_cbc_4k
* disable strict warnings and style checks for libsparkcrypto and spark lib
Ref #3848
This commit applies the transition from the "Input" session to the "Event"
session to the event-filtering mechansim. The functionality of the
input_filter is now provided by the event_filter. The event filter
requests only one "Event" session as destination for the filter result,
which is usually routed to the nitpicker GUI server. It provides an
"Event" service to which any number of event sources can connect.
The configuration of the filter chain remains almost the same. Only the
declaration of the <input> nodes is no longer needed. Instead, the
configuration must specify <policy> nodes, which define the mapping of
"Event" clients (event sources) to the inputs used in the filter chain.
The patch adjusts all uses of the nitpicker GUI server accordingly such
that the event filter reports events to nitpicker's event service
instead of having nitpicker request an "Input" session. This dissolves
the dependency of nitpicker from input drivers.
Issue #3827
This patch replaces the use of the "Framebuffer" session interface by
the new "Capture" session interface in all framebuffer drivers. Thanks
to this change, those drivers have become mere clients of the nitpicker
GUI server now, and are no longer critical for the liveliness of the GUI
server.
The patch touches the following areas:
- The actual driver components. The new versions of all drivers have
been tested on the respective hardware. Generally, the drivers
have become simpler.
- The drivers_interactive packages for various boards. The drivers
subsystem no longer provides a "Framebuffer" service but needs a
valid route to the "Capture" service provided by nitpicker.
- The driver manager of Sculpt OS.
- This patch changes the role of the test-framebuffer component from a
framebuffer client to a capture server so that drivers (capture clients)
can be directly connected to the test component without the nitpicker
server.
- Framebuffer driver no longer support the unbuffered mode.
- The fb_bench.run script is no longer very meaningful because it
interplays solely with nitpicker, not with the driver directly.
- All run scripts for graphical scenarios and the related depot
archives got adapted to the change.
Fixes#3813