This patch supplements the existing focus reports with the new attribute
'active', which indicates recent user activity when set to "yes". This
information is consumed by the clipboard to dynamically adjust its
information-flow policy depending on the user activity.
Issue #1712
This patch moves the formerly internal classes of the report-ROM service
to the public location os/include/report_rom/ so that they can be reused
by other components such as the upcoming clipboard.
The utilities in os/session_policy.h used to be tailored for the
matching of session arguments against a server-side policy
configuration. However, the policy-matching part is useful in other
situations, too. This patch removes the tight coupling with the
session-argument parsing (via Arg_string) and the hard-wired use of
'Genode::config()'.
To make the utilities more versatile, the 'Session_label' has become a
'Genode::String' (at the time when we originally introduced the
'Session_label', there was no 'Genode::String'). The parsing of the
session arguments happens in the constructor of this special 'String'.
The constructor of 'Session_policy' now takes a 'Genode::String' as
argument. So it can be used with the 'Session_label' but also with other
'String' types. Furthermore, the implicit use of 'Genode::config()' can
be overridden by explicitly specifying the config node as an argument.
The intention of Packet_ref was to allow clients to place opaque
references into the packet descriptor itself, which could be observed on
packet completion. Currently no component in our sources uses this
feature and beyond that it is questionable if it should be used at all:
If the server tampers with the ref the client may easily be confused
into observing an incorrect or invalid context. It seems better to
remove the opaque context from the descriptor and leave the actual
implementation to the client and its needs.
Instead of holding SPEC-variable dependent files and directories inline
within the repository structure, move them into 'spec' subdirectories
at the corresponding levels, e.g.:
repos/base/include/spec
repos/base/mk/spec
repos/base/lib/mk/spec
repos/base/src/core/spec
...
Moreover, this commit removes the 'platform' directories. That term was
used in an overloaded sense. All SPEC-relative 'platform' directories are
now named 'spec'. Other files, like for instance those related to the
kernel/architecture specific startup library, where moved from 'platform'
directories to explicit, more meaningful places like e.g.: 'src/lib/startup'.
Fix#1673
Sometimes, the play position in stream is behind the out stream, mostly
because of timing issue. In this case, the mixer will produce invalid
packets which in return will lead to looping on an invalid packet in
the audio_drv.
Issue #1666.
Instead of returning pointers to locked objects via a lookup function,
the new object pool implementation restricts object access to
functors resp. lambda expressions that are applied to the objects
within the pool itself.
Fix#884Fix#1658
If a requested report already exists the request is denied with
Invalid_args.
Further, I dusted the report_rom test and added it to the
autopilot list.
Move FS Node implementations from server/ram_fs to include/ram_fs.
Support embedded ram_fs instances in VFS configurations using <ram/>.
Add 'no space' handling to VFS symlink ops.
Fixes#1635
Allow symlinks to be passed to the read and write file system utilities.
Disallow writes to symlinks with offsets in file system servers, this is
to ensure that writing the target of a symlink is an atomic operation.
Fixes#1604
This commit eliminates the mutual interlaced taking of destruction lock,
list lock and weak pointer locks that could lead to a dead-lock situation
when a lock pointer was tried to construct while a weak object is in
destruction progress.
Now, all weak pointers are invalidated and dequeued at the very
beginning of the weak object's destruction. Moreover, before a weak pointer
gets invalidated during destruction of a weak object, it gets dequeued, and
the list lock is freed again to avoid the former dead-lock.
Fix#1607
Removed the Nic::Driver implementation. All nic servers now inherit from
Nic::Session_component. Packet stream signals are dispatched to
the 'handle_packet_stream' function within a session component. Thus, nic
servers now have direct access to the packet stream channels, making handling
more flexible.
Adjusted nic_loobpack, dde_ipxe, wifi, usb, lan9118, Linux nic, and OpenVPN to
the new interface.
Fixes#1602
When replacing a report with a smaller one, the corresponding ROM
dataspace should not contain any traces of the old report. Otherwise,
the consumer of the ROM dataspace may mistake the stale content as
meaningful information. This is particularly annoying when manually
inspecting reports. This patch overwrites the stale content with zeros.
Currently, the 'pointed session' gets updated only when an input event
occurs, but an update is also needed in other situations, for example
when the view under the current mouse position was moved.
With this commit, the 'pointed session' gets updated whenever the
timer-triggered 'handle_input()' function is called.
Fixes#1473
There are lots of places where a numeric argument of an argument string
gets extraced as signed long value and then assigned to an unsigned long
variable. If the value in the string was negative, it would not be
detected as invalid (and replaced by the default value), but become a
positive bogus value.
With this patch, numeric values which are supposed to be unsigned get
extracted with the 'ulong_value()' function, which returns the default
value for negative numbers.
Fixes#1472
A Nic::Session client can install a signal handler that is used to
propagate changes of the link-state by calling 'link_state_sigh()'.
The actual link state is queried via 'link_state()'.
The nic-driver interface now provides a Driver_notification callback,
which is used to forward link-state changes from the driver to the
Nic::Session_component.
The following drivers now provide real link state: dde_ipxe, nic_bridge,
and usb_drv. Currently, OpenVPN, Linux nic_drv, and lan9118 do not
support link state and always report link up.
Fixes#1327
The GUID partition table (GPT) is primarily used by systems using
(U)EFI and is a replacement for the legacy MBR. For now, the current
implementation is able to address up to 128 GUID partition entries
(GPE).
To enable the GPT support in 'part_blk' it has to be configured
accrodingly:
! <start name="part_blk">
! [...]
! <config use_gpt="yes">
! [...]
! </start>
If 'part_blk' is not able to find a valid GPT header it falls back
to using the MBR.
Current limitations:
Since no endian conversion takes place it only works on LE platforms
and of all characters in the UTF-16 encoded name field of an entry
only the ones included in the ASCII encoding are printed. It also
ignores all GPE attributes.
Issue #1429.
The hover reports provides information about the session currently
pointed-to, i.e., hovered session. It can be enabled by the 'hover'
attribute of nitpicker's 'report' configuration element
<report hover="yes" />
Fixes#1442
For the USB-Armory, we use a newer version of Linux (3.18) as for the
i.MX53-QSB. The main difference is, that the newer Linux uses a DTB instead of
ATAGs.
Fixes#1422
* enables world-switch using ARM virtualization extensions
* split TrustZone and virtualization extensions hardly from platforms,
where it is not used
* extend 'Vm_session' interface to enable configuration of guest-physical memory
* introduce VM destruction syscall
* add virtual machine monitor for hw_arndale that emulates a simplified version
of ARM's Versatile Express Cortex A15 board for a Linux guest OS
Fixes#1405
By blocking on a timeout, we yield the CPU in order to give a
concurrently running sporadic process a chance to obtain ROM modules.
Otherwise, such requests would be deferred until the ROM prefetcher
completes its operation or in the unlikely event that the prefetcher
gets preempted.
Fixes#1378
When building Genode for VEA9X4 as micro-hypervisor protected by the ARM
TrustZone hardware we ran into limitations regarding our basic daily
testing routines. The most significant is that, when speaking about RAM
partitioning, the only available options are to configure the whole SRAM
to be secure and the whole DDR-RAM to be non-secure or vice versa. The
SRAM however provides only 32 MB which isn't enough for both a
representative non-secure guest OS or a secure Genode that is still
capable of passing our basic tests. This initiated our decision to
remove the VEA9X4 TrustZone-support.
Fixes#1351
Declaring the SP804 0/1 module and its interrupt to be non-secure prevents the
secure Genode from receiving the interrupt and hence the timer driver in the
secure Genode doesn't work.
Fixes#1340
The new 'session_control' function can be used to perform operations on
the global view stack that span one or multiple sessions, e.g., bringing
all views of specific sessions to the front, or hiding them.
When X-ray mode is active, nitpicker filters motion events that are not
referring to the currently focused domain. However, domains configured
as xray="no" (such as a panel) need to obtain motion events regardless
of the xray mode. This patch relaxes the motion-event filtering to
accommodate such clients.
The buffer offset was wrongly accounted for. The miscalculation went
unnoticed until now because the buffer offset was apparently never used
in combination with alpha-channels.
If a domain is configured as xray="no", we want to let the views of the
domain respond to input events like in flat mode, even if xray mode is
active. Normally, the input mask of views with an alpha channel is
disregarded in X-ray mode. However, for non-ray views, the input mask
should always be considered.
The 'Signal_rpc_member' takes care about dissolving its signal context
from the receiver. So we don't need to manually perform this operation
in the session destructor.
This component merges the input events of multiple sources.
Example configuration:
<start name="input_merger">
<resource name="RAM" quantum="1M" />
<provides>
<service name="Input" />
</provides>
<config>
<input label="ps2" />
<input label="usb_hid" />
</config>
<route>
<service name="Input">
<if-arg key="label" value="ps2" /> <child name="ps2_drv" />
</service>
<service name="Input">
<if-arg key="label" value="usb_hid" /> <child name="usb_drv" />
</service>
<any-service> <parent /> <any-child /> </any-service>
</route>
</start>
For each 'input' config node, the component opens an 'Input' session with the
configured label. This label is then evaluated by 'init' to route the session
request to a specific input source component.
Fixes#1259.
- correctly catch and report non-existing root directories
- remove *all* leading slashes from root-directory attributes and
sanitize empty declarations to current working directory
Before the pointer handling was removed from the nitpicker server, the
pointer was always the first view, which was skipped in the find_view
function. However, since we support pointer-less operation by now, we
have to consider all views starting with the top-most one.
This patch fixes a potential race condition that could happen if a
client connects to nitpicker before the signal for the import of the
initial configuration was delivered. In this case, nitpicker would be
unable to assign a domain to the session (because this information comes
from the configuration), rendering subsequent calls to 'mode' invalid.
The patch solves this problem by manually calling the signal handler
for importing the configuration.
This patch reimplements the nit_fb server using the server API and
thereby enables the dynamic resizing the of the framebuffer.
Note that the new implementation does not feature the ability to perform
a periodic refresh via the 'refresh_rate' configuration argument. This
feature was removed because the refresh policy can (and should) always
be implemented on the client side.
This patch introduces a way to tweak the coordinate systems per
domain. The 'origin' attribute denotes the origin of the coordinate
system. Valid values are "top_left", "top_right", "bottom_left",
"bottom_right", and "pointer". Furthermore, the screen dimensions as
reported to the nitpicker client can be tweaked per domain using the
'width' and 'height' attributes. If the specified value is positive,
it is taken as literal boundary. If the value is negative, the size
if deducted by the specified amount from the physical screen area.
This patch introduces a mandatory layer attribute to domains. The layer
ordering is superimposed on the stacking order of the views. The
top-most layer can be assigned to a pointer-managing client. An example
for such a pointer is located at os/src/app/pointer. It replaces the
formerly built-in nitpicker mouse cursor.
The new layering mechanism replaces the former "stay-top" session
argument. So the Nitpicker::Connection no longer takes the stay-top flag
as the first argument.
A session can be explicitly configured to present its views in a
completely opaque way when the X-ray mode is active as opposed to the
default where each view gets tinted and surrounded by a frame. This
is useful for decorator views, which look overly busy otherwise.
This patch introduces the notion of a "domain" to the nitpicker
configuration concept. Session policies always refer to a domain where
multiple session policies can refer to the same domain. Thereby a domain
provides a way to express the grouping of sessions. This is useful for
applications that open multiple nitpicker sessions (such as Qt5 apps that
use one nitpicker session per window, menu, etc.). We want to assign all
those sessions to a single domain.
The configuration looks as follows:
<config>
...
<domain name="default" color="#ffffff"/>
<policy label="" domain="default"/>
...
</config>
This patch changes nitpicker's session interface to use session-local
view handles instead of view capabilities. This enables the batching
of multiple view operations into one atomic update.
This patch introduces a focus-management facility to the nitpicker
session interface. As a side effect of this change, we remove the notion
of a "focused view". There can only be a "focused session". This makes
sense because input is directed to sessions, not views.
Issue #1168
This patch changes nitpicker's way of redrawing. Originally, redraw
operations were triggered immediately by the RPC functions invoked by
clients. In the presence of clients that invoked a large number of those
functions, the server could become overloaded with processing redraw
operations. The new version performs redraw operations out of band with
the RPC functions. Similar to the design of the DOpE GUI server, redraw
operations are processed periodically. The RPC functions merely modify
meta data and track the dirty areas that need to be updated.
Consequently, nitpicker's RPC functions become light-weight operations.
As a nice collateral effect of this patch, nitpicker's internal
structure could be simplified because the drawing backend is no longer
needed by the code that dispatches the RPC interface.
The new Rom_session::update function can be used to request the update of
an existing ROM dataspace. If the new data fits into the existing
dataspace, a subsequent call of 'dataspace' can be omitted. This way,
ROM dataspace updates don't suffer from page-fault-handling costs that
would occur when replacing the dataspace with each update.
On ARM it's relevant to not only distinguish between ordinary cached memory
and write-combined one, but also having non-cached memory too. To insert the
appropriated page table entries e.g.: in the base-hw kernel, we need to preserve
the information about the kind of memory from allocation until the pager
resolves a page fault. Therefore, this commit introduces a new Cache_attribute
type, and replaces the write_combined boolean with the new type where necessary.
This commit adds a 'parent_view()' function to the loader session, which
allows to set the parent view of the subsystem's Nitpicker view.
If the function is to be used, this must get done before calling
'start()'.
Fixes#1172.
This patch changes both the Input::Session interface and the skeleton
for the server-side implementation of this interface
('input/component.h').
The Input::Session interface offers a new 'sigh' function, which can be
called be the client to register a signal handler. The signal handler
gets notified on the arrival of new input. This alleviates the need to
poll for input events at the client side.
The server-side skeleton for implementing input services underwent a
redesign to make it more modular and robust. I.e., there are no
global functions needed at the server side and the event-queue
enable/disable mechanism is implemented at a central place (in the root
component) rather than inside each driver.
Fixes#46
This patch changes the top-level directory layout as a preparatory
step for improving the tools for managing 3rd-party source codes.
The rationale is described in the issue referenced below.
Issue #1082
