Commit Graph

1390 Commits

Author SHA1 Message Date
Martin Stein
3047e32dfd base-hw & arm: bugs when zero-filling BSS
fix #654
2013-02-20 19:29:00 +01:00
Norman Feske
34ec65f2a8 timer & foc: use KIP->clock as curr_time 2013-02-20 15:20:38 +01:00
Christian Prochaska
dc0ac78b34 usb_drv: prevent recursive signal dispatch
Fixes #649.
2013-02-20 14:54:13 +01:00
Christian Prochaska
519bed419d core: preserve more memory
core needs to preserve more memory when built with -O0 for the 64-bit
'linux_x86' platform

Fixes #653.
2013-02-20 14:53:42 +01:00
Norman Feske
b618c9343e Remove os/config
This patch moves the os/config examples to their respective run scripts,
removes some of them, and moves the priority example to the src/init
directory (where other examples are located).

Additionally, this patch adapts the OKL4-specific priority.run test to
the recent changes of the timer interface.
2013-02-20 14:49:16 +01:00
Norman Feske
ebc73f66df Remove base-mb platform
This base platform is no longer maintained.

For supporting the Microblaze CPU in the future, we might consider
integrating support for this architecture into base-hw. Currently
though, there does not seem to be any demand for it.
2013-02-20 13:17:39 +01:00
Norman Feske
ce67b73dca Update example configurations
With the change of the Timer::Session interface, all scenarios that use
the timer use core's SIGNAL service. So we need to route sessions
accordingly.

In addition to the adaptation to the changed timer, this patch removes
some stale examples that predate the run tool and are no longer used.
2013-02-19 14:45:55 +01:00
Norman Feske
fae63f4fa9 Merge base libraries into a single library
This patch simplifies the way of how Genode's base libraries are
organized. Originally, the base API was implemented in the form of many
small libraries such as 'thread', 'env', 'server', etc. Most of them
used to consist of only a small number of files. Because those libraries
are incorporated in any build, the checking of their inter-dependencies
made the build process more verbose than desired. Also, the number of
libraries and their roles (core only, non-core only, shared by both core
and non-core) were not easy to capture.

Hereby, the base libraries have been reduced to the following few
libraries:

- startup.mk contains the startup code for normal Genode processes.
  On some platform, core is able to use the library as well.
- base-common.mk contains the parts of the base library that are
  identical by core and non-core processes.
- base.mk contains the complete base API implementation for non-core
  processes

Consequently, the 'LIBS' declaration in 'target.mk' files becomes
simpler as well. In the most simple case, only the 'base' library must
be mentioned.

Fixes #18
2013-02-19 14:45:55 +01:00
Norman Feske
4c3d49459b moon.run: Increase quota of 'test-moon'
With the use of the new timer interface, each timer client uses signals.
Hence, programs that have not used signals before will consume slightly
more quota. This is the case for the moon test (triggered on foc_x64_64
only).
2013-02-14 17:23:47 +01:00
Norman Feske
165bb96cd3 Increase timeout of signal.run test 2013-02-14 13:26:43 +01:00
Norman Feske
2f2410fdff base-host: Build fixes 2013-02-14 13:23:37 +01:00
Norman Feske
14b9589780 xvfb: Adaptation to timer and framebuffer changes 2013-02-14 13:23:37 +01:00
Norman Feske
1ab0ae908b base-hw: Adaptation to signal API change
This patch is an interim fix for building base-hw until the signal
implementation is revisited on this platform.
2013-02-14 13:23:37 +01:00
Norman Feske
a8202c98dc pistachio: Remove dead code 2013-02-14 13:23:37 +01:00
Norman Feske
bcdc706f42 Unify 'ipc.h' and 'ipc_generic.h' across platforms
The distinction between 'ipc.h' and 'ipc_generic.h' is no more. The only
use case for platform-specific extensions of the IPC support was the
marshalling of capabilities. However, this case is accommodated by a
function interface ('_marshal_capability', '_unmarshal_capability'). By
moving the implementation of these functions from the headers into the
respective ipc libraries, we can abandon the platform-specific 'ipc.h'
headers.
2013-02-14 13:23:37 +01:00
Norman Feske
bbca9912e2 Remove 'Native_lock' type from 'native_types.h' 2013-02-14 13:23:36 +01:00
Norman Feske
b1f63e3356 Turn 'platform_env.h' into a private header
This patch removes 'platform_env.h' from the public API headers because
this header was not part of the API anyway.
2013-02-14 13:23:36 +01:00
Norman Feske
cb225a1216 Adaptation to Timer::Session change 2013-02-14 13:23:33 +01:00
Norman Feske
20a5c86a22 timer: Build platform-specific parts as lib
By using the build system's library-selection mechanism instead of many
timer targets with different 'REQUIRES' declarations, this patch reduces
the noise of the build system. For all platforms, the target at
'os/src/drivers/timer' is built. The target, in turn, depends on a
'timer' library, which is platform-specific. The various library
description files are located under 'os/lib/mk/<platform>'. The common
bits are contained in 'os/lib/mk/timer.inc'.
2013-02-14 10:36:06 +01:00
Norman Feske
3049c1004c Turn 'Timer::Session' into asynchronous interface
The 'Timer::Session::msleep' function is one of the last occurrences of
long-blocking RPC calls. Synchronous blocking RPC interfaces turned out
to be constant source of trouble and code complexity. I.e., a timer
client that also wants to respond to non-timer events was forced to be a
multi-threaded process. This patch replaces the blocking 'msleep' call
by a mechanism for programming timeouts and receiving wakeup signals in
an asynchronous fashion. Thereby signals originating from the timer can
be handled along with signals from other signal sources by a single
thread.

The changed interface has been tested on Linux, L4/Fiasco, OKL4, NOVA,
L4ka::Pistachio, Codezero, Fiasco.OC, and hw_pbxa9. Furthermore, this
patch adds the timer test to autopilot.

Fixes #1
2013-02-14 10:36:06 +01:00
Norman Feske
0ed8797df2 Add sanity check to AVL tree, fix #597 2013-02-13 16:01:25 +01:00
Norman Feske
80ab1bf3ef l4linux.run: increase timeout for test 2013-02-13 15:09:23 +01:00
Norman Feske
4b8f991f52 vancouver: coding style 2013-02-13 15:09:23 +01:00
Alexander Boettcher
b0d23abaa7 vancouver: keep one cap_session
Cap_sessions and portals created via the sessions are nowadays freed up during
c++ object destruction. Because of that the exception portals for a vCPU thread
get be revoked as soon as the cap_session object leaves its scope.

Keep one cap_session for the whole lifetime of the vmm to avoid disappearing
exception portals.

Related to #582.
2013-02-13 15:09:23 +01:00
Markus Partheymueller
47cc2f8590 vancouver: run script for booting Linux VMs
The setup now uses nitpicker and nit_fb to display several instances of
vancouver. The guest OS binaries must be supplied in the
'<build-dir>/bin' directory manually.

Furthermore, the patch lets launchpad pass Block, Nic, and Rtc to the
parent.
2013-02-13 15:09:23 +01:00
Markus Partheymueller
3a533779e4 vancouver: RTC support 2013-02-13 15:09:23 +01:00
Markus Partheymueller
5b1156a3e2 rtc_drv: new service interface 2013-02-13 15:09:23 +01:00
Markus Partheymueller
cbf4a7b0c3 vancouver: Disk support
Vancouver can now assign block devices to guests using the Block
interface. The machine has to be configured to use a specified drive,
which could be theoretically routed to different partitions or services
via policy definitions. Currently the USB driver only supports one
device. Genode's AHCI driver is untested.

If the session quota is too low, random pagefaults can occur on the
stack.

According to @Nils-TUD, it is necessary to protect the DiskCommit
messages with a lock against deadlocking with the timer. Observations
showed that this mitigates some problems with Gentoo on real hardware.
2013-02-13 15:09:23 +01:00
Markus Partheymueller
1c447d98e9 vancouver: Network support
Vancouver is now able to use the Intel 82576 device model from NUL to
give VMs access to the network via the nic_bridge service. In order to
integrate the device model, it had to be renamed to i82576 due to XML
limitations. This is done by a patch applied via the 'make prepare'
mechanism.

Although current network card models in Vancouver panic if they can't
get a MAC address, the OP_GET_MAC hostop now fails gracefully in the
case where no nic_drv or nic_bridge is available.
2013-02-13 15:09:22 +01:00
Markus Partheymueller
1ca0a66ea9 vancouver: Console support
The guest VM can now be provided with a framebuffer and keyboard input.

Mouse positioning of the guest is a problem. Because the PS2 model applies
some calculations to the movement values, it can happen that overflows mess
with the cursor.  Therefore the handling was changed and only movements of 1
and -1 are sent.  Since absolute positioning is not possible with PS2, we
have to live with this limitation until USB HID is implemented.

For the framebuffer size in Vancouver the configuration value in the machine
XML node is used.  It is possible to map the corresponding memory area
directly to the guest, regardless if it is from nitpicker,
liquid_framebuffer or vesa_drv.  The guest is provided with two modes (text
mode 3 and graphics mode 0x114 (0x314 in Linux).

Pressing LWIN+END while a VM has focus resets the virtual machine. Also,
RESET and DEBUG key presses will not be forwarded to the VM anymore.
It is possible to dump a VM's state by pressing LWIN+INS keys.

The text console is able to detect idle mode, unmaps the buffer from the
guest and stops interpreting.  Upon the next pagefault in this area, it
resumes operation again.  The code uses a simple checksum mechanism instead
of a large buffer and memcmp to detect an idle text console.  False
positives don't matter very much.
2013-02-13 15:09:22 +01:00
Markus Partheymueller
2d2373a03b vancouver: Timer support
This required usleep to be added to the timer interface.
2013-02-13 15:09:22 +01:00
Markus Partheymueller
aea0a7284f vancouver: Inline module support 2013-02-12 21:51:18 +01:00
Markus Partheymueller
5c886b4962 vancouver: Nested events during EPT violation
When an EPT/NPT fault occurs during IDT vectoring, the original event must
be reinjected.  Additionally we may have to inject an IRQ window if another
event is already pending.
2013-02-12 21:51:10 +01:00
Markus Partheymueller
1434d0948a vancouver: VMX support, improved SVM portals 2013-02-12 21:50:48 +01:00
Markus Partheymueller
14307c778a Add -std=gnu++11 flag to Vancouver Makefile
Most recent upstream version need this to be build successfully.
2013-02-12 21:31:44 +01:00
Christian Prochaska
8f12e555af lx_hybrid: reserve thread context area for core
core does not use POSIX threads when built for the 'lx_hybrid_x86'
platform, so we need to reserve the thread-context area via a segment in
the program to prevent clashes with vdso and shared libraries.

Fixes #639.
2013-02-12 14:13:16 +01:00
Alexander Boettcher
5fff9eb860 acpi: use xsdt on 64bit if available
Fix #155
2013-02-12 14:12:30 +01:00
Alexander Boettcher
44e7aa7d61 acpi: fix uninitialized members of element object
The default constructor didn't initialize all members, some of them holding
pointers. In the de-constructor the _name pointer was tried to free up, even
when it was not initialized.

Avoid any hassle for uninitialized members and just initialize it. Fixes
sporadic page fault on x86_64 base-nova.

Issue #155
2013-02-12 14:12:12 +01:00
Christian Prochaska
1947d08e78 Use the host c++ for linking hybrid applications
Some shared libraries of the host system contain search paths for finding
other needed shared libraries. These paths get evaluated only by a native
linker. To find all needed shared libraries, with this patch, the host
linker is used to link hybrid applications.

Fixes #645.
2013-02-12 12:53:35 +01:00
Alexander Boettcher
764f8335d0 base: reset _last_applicant variable
Fixes #647
2013-02-11 12:54:04 +01:00
Alexander Boettcher
ee8eea9330 nova: fix lock guard usage in cap selector
Issue #549
2013-02-11 12:11:48 +01:00
Alexander Boettcher
64dbe08359 nova: kill thread with no pager where recall fails
Issue #549
2013-02-11 12:01:27 +01:00
Alexander Boettcher
6c7661ed62 base: fix sporadic context thread area faults
reverts 68156918ee
"base: apply thread.cc fix of foc to base"

Depending on the context area a fixed location is calculated where the
memory for the stack is attached to. If the context area is released before the
detach call, the very same context area can be reused and memory for the new
stack is attached for a new thread. The detach of the old thread would then
revoke the mapping for the new thread which will cause a un-handled page fault.

Issue #549
2013-02-11 12:01:27 +01:00
Norman Feske
9acad80f37 core: support upgrades of init's Env:: sessions 2013-02-11 12:01:27 +01:00
Norman Feske
62bb85255a libc_lwip: use libc's 'get-/freeaddrinfo()'
This patch reduces problems when connecting Arora to lighttpd via
nic_bridge. Patch by Christian Prochaska
2013-02-11 12:01:27 +01:00
Norman Feske
622959ede4 core: always release Irq_proxy startup lock
Prior this patch the startup lock was not released if the call of
'_associate()' failed. In this condition, the caller of the constructor
was infinitely blocked.
2013-02-11 12:01:27 +01:00
Alexander Boettcher
7868156b19 base: fix deadlock in core_env on base-nova
During a ram_session->free call in 'core' the lock in core_env.h is taken.
Then in the ram_session::_free_ds implementation the dissolve function for the
dataspace is called. base-nova tries to make sure that the ds is not
accessible anymore by any kind of parallel incoming IPC by performing a
cleanup IPC. Unfortunately the dataspace_session implementation uses the very
same allocator in 'core' and may require to obtain the same lock as taken in
ram_session->free. This leads to a spurious deadlock on base-nova.

The actual free_ds implementation is mostly thread safe, since all used objects
inside there are already locked. The only missing piece is the _payload
variable. By changing the _payload variable in a atomic fashion there is no
need to lock the whole ram_session->free call which avoids deadlocks on
base-nova.

Fixes #549
2013-02-11 12:01:26 +01:00
Alexander Boettcher
edd30b56a2 nova: fix pager cleanup handling
The cleanup call must be performed already during the _dissolve function
shortly after the object at the cap_session is freed up. Otherwise there
is the chance that an in-flight IPC will find the to be dissolved function
again.

Bomb test triggered the case, that a already dissolved rpc_object was found
by a in-flight IPC. If the rpc_object was already freed up by alloc->destroy
the thread using this stale rpc_object pointer cause page-faults in core.

Fixes partly #549
2013-02-11 12:01:26 +01:00
Alexander Boettcher
28f7cf5dc2 nova: fix cleanup handling in server object
As first step the rpc object must be freed up so that the kernel object
(portal) vanishes. Then the object must be removed from the internal object
pool list so that the object can't be obtained anymore. And then the cleanup
call can be performed (_leave_server_object) since now all names to the
rpc_object are gone.

Doing it in different order (as before the commit) there is a very very little
chance (but the bomb test triggers it occasionally) that the rpc_object can be
obtained again by an incoming IPC - even it is already scheduled for removal.

Fixes partly #549
2013-02-11 12:01:26 +01:00
Alexander Boettcher
f50d816555 base: fix dangling session pointers in rm_session
If page faults are handled concurrently (as for base-nova) the traverse lookup
call in rm_session_component must be thread safe, which it isn't.
If the faulting area is backed by nested dataspaces which are managed by
various rm_sessions then a race happens under following circumstances
(triggered occasionally by the bomb test).

The traverse lookup may return a pointer to a rm_session of a nested dataspace.
If the rm_session is in parallel subject to destruction it happened that faults
got enqueued to the faulters list of the deleted rm_session and internally to
a list of the current rm_session of the Rm_client.

During destruction of the faulting Rm_client the associated rm_session will
be dissolved from the Rm_client, which leads to dereferencing the
dangling pointer of the already destructed rm_session.

On base-nova the memory of the rm_session object get unmapped eventually, so
that the de-referencing of the dangling pointer caused page faults in core.

The memory on other kernels inside core never get unmapped so that the
bug doesn't trigger visible faults.

The patch replace the keeping of a rm_session pointer by keeping a
capability instead. The rm_session object must be looked up now explicitly in
the Object_pool implementation, which implements proper reference counting on
the rm_session object.

Issue #549
2013-02-11 12:01:26 +01:00