The 'aes_cbc_4k' library is simple wrapper around libsparkcrypto to
serve as a backend for storage encryption. It operates on data chunks of
4 KiB and uses AES-CBC while incorporating the block number and the
private key as salt values.
This is a follow-up commit to "Update <provides> info in pkg runtimes",
which adapts the users of the wm pkg to the changed label of the "focus"
nitpicker session.
The fs_tool component performs file operations according to its
configuration. This initial version implements only the operation
<remove-file> as needed for Sculpt CE.
Issue #3222
Issue #3193
When buiding the sculpt image, the sculpt.run script used to integrate
the current version of the index of the 'depot_user' into the boot
image. At runtime, when the Sculpt partition is selected for "use" this
index - along with the 'pubkey' and 'download' files of the known
depot users - is written to the Sculpt partition.
This has the undesirable effect that a later version of the index
(published some time after the sculpt image was created) would always be
overwritten by the outdated index shipped with the boot image.
The built-in default index was actually a stop-gap solution needed
during the development of Sculpt CE, introduced when the downloading of
index files was not yet supported. Now, with the working download
mechanism, it is no longer needed. Hence, this patch removes the default
index from the sculpt image.
This commit removes most of the default launchers, which are now
superseded by the interactive component addition feature of the '+'
menu.
We keep the chroot components because we cannot easily create chroot
instances interactively yet.
The usb_devices_rom is still needed because its configuration is meant
to be edited at runtime.
It also adds a 'themed_wm' launcher to make the initial sculpt
experience easier. For knowledgeable users, the index contains all
ingredients needed to build a multi-component window manager manually.
This commit turns the '+' menu into a tool for the following tasks:
- Selecting and downloading of depot index files
- Browsing of the hierarchical depot index files
- Installation of packages found in the index files
- Interactive routing configuration of a selected package
- Deployment of configured component
With this commit, the 'installation' input of the depot-download
subsystem accepts <index> nodes in addition to <archive> nodes. Each
index node refers to one index file specified via the 'path' attribute.
This commit also improves the tracking of failure states. Once an
installation job failed (due to a download of verification error),
it won't get re-scheduled. In the past, such failure states were not kept
across subsequent import iterations, which could result in infinite
re-attempts when an installation contained archives from multiple users.
The the progress of the download process is now reflected by the
"progress" attribute on the download manager's state report, which
allows the final report to contain the list of installed/failed archives
along with the overall progress/completed state. The detection of the
latter is important for the sculpt manager for reattempting the
deployment of the completed packages.
The patch enhances the depot_download.run script to stress the new
abilities. In particular, the scenario downloads a mix of index files
(one present, one missing) and archives, from two different depot users
(genodelabs and nfeske).
Issue #3172
The input for the pkg index is located at gems/run/sculpt/index.
The sculpt.run script uses this input for generating the depot index
file at depot/<user>/index/<version>.
The tool/depot/publish tool support arguments of the form
<user>/index/<version> where <version> corresponds to the Sculpt
version.
Issue #3172
The zynq nic_drv also depends on hw, we therefore adapted the folder
structure for clarity. Also renamed the binary to 'zynq_nic_drv' to
prevent conflicts and to allow removing the cadence_gem spec.
Issue #3179
This patch simplifies the propagation of pointer shapes from
window-manager clients to the pointer. The "shape" report is routed to
the wm server, which, in turn, reports it to the pointer. This way, the
pointer can easily correlate the label of the application's "shape"
report with the label of the application's Nitpicker session. The
formerly used manual rewriting of the "shape" label is not needed
anymore.
Since the wm server provides a "Report" service now, its <provides>
declaration must cover "Report" in addition to "Nitpicker" to avoid
runtime error messages. Vice versa, the wm is now expected to request
"shape" reports, which should be routed to the pointer (using the
'label_last' routing attribute).
Fixes#3165
Refactor the graphical terminal server to internally represent
characters as 16-bit codepoints and handle the duplex terminal stream as
UTF-8.
- Make the Codepoint class printable to the Output interface
- Decode data received at the Terminal session from UTF-8 to a 16-bit
character
- Pass 16-bit characters through terminal decoder and char-cell arrays
- Send Unicode through terminal session in a burst of UTF-8 bytes
Fix#3148
The minimal-footprint Ada runtime for implementing library-like
functionality in SPARK is now called "spark" runtime.
The full Ada runtime for entire components written in Ada and using the
libc as glue to the underlying system will move to the world repository
as "ada" runtime.
Issue #3144
The 'run_genode_until' procedure only called 'run_power_on' to reset
the target machine. That works will with the softreset module, which
is used by all x86-based test system but falls short regarding ARM
boards. The way those boards are connected requires turning the power
off and on for a complete cycle.
In less interactive mode, the run script doesn't give up on missing test
archives but instead removes the corresponding tests and marks them "missing".
This mode avoids total failure of a platform in automated test infrastructures
when only a few archives are missing.
Fixes#3120
After a certain number of tests, presumably some resource in core is exceeded
and loading the successive test fails. This quickfix looks out for the
characteristic Core error and then reboots to avoid that all successive tests
are marked as failed.
Since the timer and timeout handling is part of the base library (the
dynamic linker), it belongs to the base repository.
Besides moving the timer and its related infrastructure (alarm, timeout
libs, tests) to the base repository, this patch also moves the timer
from the 'drivers' subdirectory directly to 'src' and disamibuates the
timer's build locations for the various kernels. Otherwise the different
timer implementations could interfere with each other when using one
build directory with multiple kernels.
Note that this patch changes the include paths for the former os/timer,
os/alarm.h, os/duration.h, and os/timed_semaphore.h to base/.
Issue #3101
This patch improves the appearance of the leitzentrale by eliminating
the (hardly visible) decorations from the GUI and graph views, and by
animating the motion of the graph position. The latter is meant to
remove the stuttering effect when the graph's size changes (and
re-centered).
Adds an config attribute to the Depot Autopilot component:
:<config repeat>:
Can be one of
"false" - process the given test list only once,
"until_forever" - endlessly repeat processing the given test list,
"until_failed" - repeat processing the given test list until it fails.
Adds an environment variable to the Depot Autopilot Run script:
:TEST_REPEAT:
Same as the <config repeat> attribute of the Depot Autopilot.
This is useful when having to debug very sporadic errors during one test
or a series of tests.
This ensures that the depot_autopilot.run script, when exiting, always prints
a result overview of the so far available test results, except the Depot
Autopilot component has managed to print the result overview up to this point.
Unequal numbers of double quotes let the XML parser of init fail,
therefore replace all double quotes when transfering previous
results after a reboot.
Ref #3027
The number of tests to run is the number of test package-archives minus the
the those that are skipped for the given platform. The number is printed
directly after checking if the given platform is supported by the run script.
It helps the surrounding test infrastructure to ensure that, for instance, a
result graph always reflects the same total number of tests, even though there
is a sporadic problem with booting the platform.
The test for python requires x86 to be built. Therefore, there is no test
binary available when trying to execute that test on ARM with depot_autopilot.
The commented-out <start> nodes are prone to become inconsistent with
the launchers. Hence, this patch removes them. Start nodes should better
be added by the '+' menu, at least initially.
Furthermore, the patch directs requests for the vfs.lib.so ROM to core's
ROM service to reduce the impact of low-level ABI changes (i.e., the
packet-stream layout) on existing vfs/libc-based packages.
The recall file system is a place where components can remember state.
E.g., to allow the window layouter to recall the window layout of the
previous session.
The pthread API is considered a standard feature of libc so better to
simply merge it with the libc. Pthreads are in fact already a part of
the libc in the form of weak symbols. This merger is also a prerequisite
for better integrating pthreads with the libc I/O task.
Fix#3054
Print a line like "succeeded: 35 failed: 11 skipped: 2" below the list of test
results. Adds further attributes to <previous-results> to communicate also the
previous statistics.
This commit moves the window layouter and window decorator into
dedicated packages that can now be combined with the "wm" server at
runtime and restarted/reconfigured/swapped-out independently.
To use the window manager, one must start the 'wm', 'window_layouter',
and one of the 'motif_decorator' or 'themed_decorator' subsystems.
Fixes#3024
When doing the libc_getenv test on autopilot+foc+x86 and one of the
subsequent tests crashes the system so it gets rebooted by the run
script, the system doesn't come up again. It gets stuck after core
initialization.
Issue #3027
This commit replaces the former floating_window_layouter with a new
window_layouter component that supports the subdivision of screen space
into columns and rows, the concept of layers, and the principle ability
to store window layout information across reboots. The latter is
accomplished by reflecting the component's internal state as a 'rules'
report to the outside.
Fixes#3031
This component allows access to Terminal sessions via interactive SSH
sessions. Please read _repos/gems/src/server/ssh_terminal/README_ for
more detailed information.
Fixes#3014.
On some machines, both the AHCI and NVMe drivers are started within the
[drivers -> dynamic] subsystem. This ultimately exhausted the RAM quota
of this subsystem.
Issue #2987
This patch introduces the distinction of the manually managed
config/deploy from the managed config/managed/deploy. The latter
incorporates interactive changes of the system by the user. There are
two user interactions supported.
First, by clicking on the '+' button at the top-left of the runtime
view, the user can select a component to launch. All launchers at
config/launcher/ are listed in the popup menu. Each launcher can be
lauched only once. While running, is not available in the popup
menu.
Second, when selecting a node that corresponds to a start node in
config/deploy or that was interactively launched, the detailed view
shows a 'remove' button, which can be used to exclude the component
from the deployment.
The result of the interactive manipulation is always available at
config/managed/deploy. Hence, the current situation can be made
persistent by using it as config/deploy.
Fixes#2986
This patch enables the user to click on a component in the runtime view
to reveal more information such as the used/assigned RAM/caps and
secondary dependencies.
This patch adds a graph of the current runtime state to the
leitzentrale. The topology of the graph depends on the first routing
rule of each component. For this reason, the patch re-orders routing
policies to make the most important route the first in the list.
The user can switch between the runtime view and the inspect window
by clicking on the corresponding menu dialogs. E.g., a click on the
storage dialog reveals the inspect window.
The most important route of each launcher is at the top of routes and
will be used to layout the graph topology of the runtime view.
By caching the state reports generated by the runtime init, the sculpt
manager becomes able to quickly check for the presence of components. So
we can apply routing-dependency checks not only prior starting
components but also while components are running.
Fixes#2938Fixes#2912
The 'Report' route was missing. The commit also removes superfluous
routing rules for IO_PORT, IRQ, and IO_MEM that are captured by the
subsequenting wildcard anyway.
Issue #2909
The COW plugin provided only partial copy-on-write semantics and had
problems detecting recursive requests. Conversely, the import plugin has
much simpler behavior that is easy to test because it mirrors that of
the ram_fs server.
Ref #2745
This new vfs_import plugin allows a VFS instance to be populated during
construction using a sub-VFS configured in an '<import>' configuration
node. This allows the ram_fs File_system server to be replaced by the
VFS server by reimplementing the ram_fs 'content' feature. At the
moment the copying of symlinks is not enabled, and the resources
obtained by the import file-system may not be freed after the import is
finished.
Fix#2906
The ram plugin to the VFS must send notifications to watch handles on
files when they are removed. This brings the VFS server to parity with
the ram_fs server for the sake of notifications.
Move run/fs_report to gems and use the vfs server and the vfs init
plugin in the test.
Ref #2902
This patch removes the detection of statically linked executables from
the base framework. It thereby fixes the corner cases encountered with
Sculpt when obtaining the binaries of the runtime from the depot_rom
service that is hosted within the runtime.
Statically linked binaries and hybrid Linux/Genode (lx_hybrid) binaries
can still be started by relabeling the ROM-session route of "ld.lib.so"
to the binary name, pretending that the binary is the dynamic linker.
This can be achieved via init's label rewriting mechanism:
<route>
<service name="ROM" unscoped_label="ld.lib.so">
<parent label="test-platform"/> </service>
</route>
However, as this is quite cryptic and would need to be applied for all
lx_hybrid components, the patch adds a shortcut to init's configuration.
One can simply add the 'ld="no"' attribute to the <start> node of the
corresponding component:
<start name="test-platform" ld="no"/>
Fixes#2866
This patch adds the /config/usb file to Sculpt, which allows then user
to manually define rules for assigning USB devices to clients. The
content is incorporated by the driver manager into the USB driver
configuration. Note that this mechanism does not work for HID devices
because these devices are claimed by the USB driver's built-in HID
support.
Issue #2890
This patch makes the run script compatible with the disk-image backend
of the run tool. Since this backend attaches the boot image as AHCI
disk 0, we have to supply our custom disk image as AHCI 1.
This commit is a follow-up to "nit_fb: allow screen-relative
initial_width/height". With it, the nit_fb window created via the
launchpad can be interactively resized.
Also remove 'requires_installation_of', while also checking sbin
directories in 'have_installed'. The run scripts have been adjusted
accordingly.
Fixes#2853
The top-level Sculpt configuration is routing ROM requests for chargen
files from the input_filter to the parent, and this prevents new chargen
files to specified, for instance the German or Workman layout. Route ROM
requests with a combination of label_prefix and label_suffix patterns to
the config_fs_rom component, allowing the input_filter to be dynamically
reconfigurable.
Fix#2872
With this patch, the sculpt manager takes over the role the window
layouter of the leitzentrale, which eliminates the need to manually
position and size the inspect window.
The sculpt manager wrongly paid for the nitpicker session of the fader
out of its own pocket. This patch reduces the quota transfer to the
amount provided the fader.
This commit updates Early-Adopters (EA) version of Sculpt to the version
for The Curious (TC). Most importantly, it contains the new interactive
sculpt-manager component that automates many system management and
configuration tasks.
The state report reflects the progress of downloading, verifying, and
extracting archives. For the download step, it includes the progress
as reported by fetchurl.
Rename LwIP library in preparation for removal of LwIP libc plugin. The
current LwIP library will be replaced with a new version stripped of its
synchronous socket support. The next version will be incompatible with
the current, so removing 'lwip.lib.so' completely for a period makes it
easy to identify legacy users.
Fix#2797
This patch enhances the box layout such that child widgets are
equally stretched to the available size whenever the box layout's
size is larger than its min size. Furthermore, it corrects the
mixed-up use of the terms east and west in the float widget.
This component creates a GPT on a Block device. It supports the common
actions, as in adding, deleting and modifying entries in the GPT, while
considering alignment constraints. If needed it will round the length of
a partition down to meet those constraints. The component will not
perform layout checking, i.e., it does not care about overlapping
partitions. Only when apping a partition it will make sure that the
partition will fit.
Please read _repos/gems/src/app/gpt_write/README_ for more detailed
information on how to use the component and feel free to check out
_repos/gems/run/gpt_write.run_.
Fixes#2814.
By incorporating the sculpt version into the path where customizations
are stored, we can update and roll back sculpt versions without risking
configuration incompatibilities. By default, the sculpt version
corresponds to <genode-dir>/VERSION.
This patch replaces the terminal's formerly built-in fonts with the new
VFS-based font handling.
To avoid the copying of the terminal's font configuration across run
scripts, this patch adds the new terminal/pkg runtime package, which
includes everything needed for instantiating a terminal: the actual
terminal component, the library dependencies (vfs_ttf, which in turn
depends on the libc), a font (bitstream-vera), and a reasonable default
configuration.
Fixes#2758
VFS plugin to replicate from one file-system to another. Can be used to
seed a mutable file-system with an immutable file-system. The plugin is
configure with two paths, a read-only path, and a read-write path. This
is an initial implementation that copies files on open. It is not
optimized to perform actual copy-on-write, but the result is the same.
<vfs>
<dir name="immutable"> ... </dir>
<dir name="mutable"> ... </dir>
<dir name="cow">
<cow ro="/immutable" rw="/mutable"/>
</dir>
</vfs>
Fix#2745
A ring buffer that uses a single dataspace mapped twice in consecutive
regions. This allows any operation that is less or equal to the size of
the buffer to be read or written in a single pass. The capacity of
Magic_ring_buffer is defined at runtime.
Fix#2725
This patch changes the 'depot_deploy' tool to spawn any number of
runtimes. In contrast to the original version, which merely consumed a
blueprint generated by a pre-configured 'depot_query' instance, the new
version actively generates queries as needed. So there is a feedback
loop between 'depot_deploy' and 'depot_query'. The instantiation of
subsystems is controlled by the '<start>' nodes of the 'depot_deploy'
configuration. For each start node, the tool tries to determine the
ingredients (provided by the depot) by asking the 'depot_query' tool.
Once the information is complete, a corresponding start node of the
dynamic init instance is generated.
Since the <query> node results in the generation of a "blueprint"
report, it should better be named <blueprint>. This also clears the way
for adding further query types such as <dependencies>, following the
same pattern of generating a report of the corresponding query name.
This patch removes the former use of ram_fs, fs_rom, and fs_report from
the subsystem and uses a report_rom instead. The fs-based reporting was
introduced to accommodate automatically instantiated usb_block drivers,
which turned out to be impractical for the sculpt scenario.
This patch changes the depot layout such that each archive is
represented as a directory that contains the versions of the archive as
subdirectories.
Issue #2610
This commit replaces the old xray_trigger component by a new component
called global_keys_handler. For details, please refer to the issue text
and the accompanied README file.
Fixes#2554
This is a drivers subsystem that starts the most fundamental
(framebuffer, input, block) device drivers dynamically, depending on the
runtime-detected devices. The discovered block devices are reported
as a "block_devices" report.
The launcher.run scenario was last updated mid-may of the recently
developed cap-quota accounting (before all cap types were covered).
Hence, the quotas used in the scenario are too low. This patch adjusts
the values such that the scenario can be started on NOVA on Qemu. It
also fixes a warning about a deprecated way of configuring the
report_rom component.
Thanks to Jörg-Christian Böhme for reporting!
This patch changes the noux build rules to produce a tar archive in
'bin/', alleviating the need for this step from the run scripts.
This way, the visible result of a built noux package is a single (tar)
file in '<build-dir>bin/', which is suited for the use as a ROM module.
Removes the following Fiasco.OC specific features:
* GDB extensions for Fiasco.OC
* i.MX53 support for Fiasco.OC
* Kernel debugger terminal driver
* Obsolete interface Native_pd
* Obsolete function of interface Native_cpu
By building the posix library as shared object with an ABI, we
effectively decouple posix-using programs from the library
implementation (which happens to depend on several os-level APIs such as
the VFS).
This patch adjusts the interactive scenarios of the gems repository to
use the depot. This has three immediate benefits. First, once the depot
is populated with binary archives, the start time of the scenarios
becomes very quick because most dependency checks and build steps are
side-stepped. Second, the run scripts become more versatile. In
particular, run scripts that were formerly supported on base-linux only
(nit_fader, decorator, menu_view) have become usable on all base
platforms that have a 'drivers_interactive' package defined. Finally,
the run scripts have become much shorter.
Issue #2339
This patch adjusts the run script in two ways:
It removes the reliance on init's formerly built-in resource-request
handling by increasing the RAM quota for the backdrop instances. Since
commit "init: explicit response to resource requests", init no longer
hands out slack memory automatically.
Second, it makes sure that the backdrop appears under the precise label
"backdrop" at nitpicker by facilitating init's label-rewriting feature.
Without explicitly setting the label to "backdrop", nitpicker observes
the label "backdrop -> backdrop" (the first part comes from init, the
second part comes from the nitpicker-session argument specified by
backdrop itself). However, the client is only considered as default
background if labeled as "backdrop" (see nitpicker's '_create_session')
implementation.
Issue #2352
This patch adds the handling of 'CHARACTER' events as emitted by the
input-filter's character generator (<chargen>). To avoid interpreting
press/release events twice (at the input filter and by the terminal's
built-in scancode tracker), the terminal's scancode tracker can be
explicitly disabled via <config> <keyboard layout="none"/> </config>.
In the future, the terminal's built-in scancode tracker will be
removed.
The use of the terminal with the input filter is illustrated by the
'terminal_echo.run' script.
Issue #2264
This function returns the information whether the used platform relies
on USB HID for interactive scenarios by default as is the case for most
ARM platforms. In contrast, for x86 the USB driver can be omitted because
we can use the PS/2 driver (that is readily available in repos/os/).
The init component used to create the CPU/RAM/PD/ROM sessions (the child
environment) for its children by issuing session requests to its parent,
which is typically core. This policy was hard-wired. This patch enables
the routing of the environment sessions of the children of init
according to the configured routing policy.
Because there is no hard-wired policy regarding the environment sessions
anymore, routes to respective services must be explicitly declared in
the init configuration. For this reason, the patch adjusts several run
scripts in this respect.
This patch removes the outdated '<if-args>' special handling of session
labels. The '<if-args>' feature will eventually be removed completely
(ref #2250)
Issue #2197
Issue #2215
Issue #2233
Issue #2250
This patch unconditionally applies the labeling of sessions and thereby
removes the most common use case of 'Child_policy::filter_session_args'.
Furthermore, the patch removes an ambiguity of the session labels of
sessions created by the parent of behalf of its child, e.g., the PD
session created as part of 'Child' now has the label "<child-name>"
whereas an unlabeled PD-session request originating from the child
has the label "<child-name> -> ". This way, the routing-policy of
'Child_policy::resolve_session_request' can differentiate both cases.
As a consequence, the stricter labeling must now be considered wherever
a precise label was specified as a key for a session route or a server-
side policy selection. The simplest way to adapt those cases is to use a
'label_prefix' instead of the 'label' attribute. Alternatively, the
'label' attribute may used by appending " -> " (note the whitespace).
Fixes#2171
A run script to demonstrate the combination of the cpu_sampler, fs_log,
ram_fs and noux components for saving the sampled data in files and
accessing these in a Noux environment. When the script is run by the
autopilot, it will check if one of the generated sample data files
contains the correct instruction pointer. When the script is run
interactively, the generated files can be accessed from a Noux Bash shell.
Fixes#2078
Instead of holding SPEC-variable dependent files and directories inline
within the repository structure, move them into 'spec' subdirectories
at the corresponding levels, e.g.:
repos/base/include/spec
repos/base/mk/spec
repos/base/lib/mk/spec
repos/base/src/core/spec
...
Moreover, this commit removes the 'platform' directories. That term was
used in an overloaded sense. All SPEC-relative 'platform' directories are
now named 'spec'. Other files, like for instance those related to the
kernel/architecture specific startup library, where moved from 'platform'
directories to explicit, more meaningful places like e.g.: 'src/lib/startup'.
Fix#1673
This patch adds two new painters located at gems/include/polygon_gfx.
Both painters draw convex polygons with an arbirary number of points.
The shaded-polygon painter interpolates the color and alpha values
whereas the textured-polygon painter applies a texture to the polygon.
The painters are accompanied by simplistic 3D routines located at
gems/include/nano3d/ and a corresponding example (gems/run/nano3d.run).
Drivers like SD-Card, platform, AHCI, and framebuffer are specified as Exynos5
compliant. But they are at least not compliant with Odroid-XU although this is
Exynos5. Thus, prevent tests that rely on such drivers when building for
hw_odoid_xu. Furthermore, make previous Arndale regulator/consts.h,
uart_defs.h, and some Board_base enums available to all Exynos5 builds to
enable at least building the drivers.
Fixes#1419
The menu view generates a simple dialog of widgets and reports the
hovered element. It is meant to be embedded into applications that
require simple GUIs but don't want to deal with the pecularities of
a full-blown widget set.
The window manager provides a nitpicker session interface. In contrast
to the nitpicker server, which leaves the view layout up to the client,
the window manager organizes the views on screen according to a policy
provided by a window layouter. Furthermore, it equips views with window
decorations as provided by a window decorator. Both layouter and
decorator are independent programs.
This patch changes the top-level directory layout as a preparatory
step for improving the tools for managing 3rd-party source codes.
The rationale is described in the issue referenced below.
Issue #1082
