Commit Graph

2323 Commits

Author SHA1 Message Date
Norman Feske
f54c85e045 Genode application binary interface (ABI)
This patch decouples the kernel-specific implementation of the dynamic
linker from its kernel-agnostic binary interface. The name of the
kernel-specific dynamic linker binary now corresponds to the kernel,
e.g., 'ld-linux.lib.so' or 'ld-nova.lib.so'. Applications are no longer
linked directly against a concrete instance of the dynamic linker but
against a shallow stub called 'ld.lib.so'. This stub contains nothing
but the symbols provided by the dynamic linker. It thereby represents
the Genode ABI.

At system-integration time, the kernel-specific run/boot_dir back ends
integrate the matching the kernel-specific variant of the dynamic linker
as 'ld.lib.so' into the boot image.

The ABI symbol file for the dynamic linker is located at
'base/lib/symbols/ld'. It contains the joint ABI of all supported
architectures. The new utility 'tool/abi_symbols' eases the creation of
such an ABI symbol file for a given shared library. Its result should be
manually inspected and edited as needed.

The patch removes the 'syscall' library from 'base_libs.mk' to avoid
polluting the kernel-agnostic ABI with kernel-specific interfaces.

Issue #2190
Issue #2195
2016-12-23 16:50:28 +01:00
Alexander Boettcher
9b397b0321 vbox: adjust vbox_pointer policy to be working
vbox_pointer parses for 'label' and has no understanding of 'label_prefix'
2016-12-14 11:22:30 +01:00
Alexander Boettcher
e4a1904456 core: fix deadlock in region_map destruction
Introduced by:

commit 99fbb23ec5
Author: Alexander Boettcher <alexander.boettcher@genode-labs.com>
Date:   Fri Sep 9 17:49:34 2016 +0200

    core: use weak_ptr for Rm_faulter and Region_map

    Issue #2086
2016-12-14 11:22:30 +01:00
Alexander Boettcher
d8f2610e9c bomb: drop sleep_forever and signal_receiver 2016-12-14 11:22:29 +01:00
Alexander Boettcher
f613cd2aa9 nova: remove native_cpu interface
Issue #2173
2016-12-14 11:22:29 +01:00
Alexander Boettcher
e93ef168a1 nova: use async. map for thread/pd bootstrap
Fixes #2173
2016-12-14 11:22:29 +01:00
Christian Prochaska
5a72738def qoost: call 'select_from_ports' in qoost.mk
'select_from_ports' must be called to detect a missing port.

Fixes #2189
2016-12-14 11:22:28 +01:00
Norman Feske
dda054aa27 os: fix null termination in fb connection 2016-12-14 11:22:28 +01:00
Norman Feske
4475ac10d6 noux: reduce stack usage
By not placing the sysio buffer (16 KiB) on the stack, we can call
'noux_syscall' from the initial thread. This is needed to issue fork
from the suspend callback, which is executed by the initial thread.
2016-12-14 11:22:28 +01:00
Alexander Boettcher
10ba9c8f20 nova: fix kernel assertion during revoke
Fixes #2191
2016-12-14 11:22:28 +01:00
Josef Söntgen
400198013b alarm: limit sleep timeout to 60s
Instead of using an unreasonable value for the sleep time, limit it to
60s.

Fixes #2188.
2016-12-14 11:22:27 +01:00
Martin Stein
71d30297ff hw: clean up scheduling-readiness syscalls
This cleans up the syscalls that are mainly used to control the
scheduling readiness of a thread. The different use cases and
requirements were somehow mixed together in the previous interface. The
new syscall set is:

1) pause_thread and resume_thread

They don't affect the state of the thread (IPC, signalling, etc.) but
merely decide wether the thread is allowed for scheduling or not, the
so-called pause state. The pause state is orthogonal to the thread state
and masks it when it comes to scheduling. In contrast to the stopped
state, which is described in "stop_thread and restart_thread", the
thread state and the UTCB content of a thread may change while in the
paused state. However, the register state of a thread doesn't change
while paused. The "pause" and "resume" syscalls are both core-restricted
and may target any thread. They are used as back end for the CPU session
calls "pause" and "resume". The "pause/resume" feature is made for
applications like the GDB monitor that transparently want to stop and
continue the execution of a thread no matter what state the thread is
in.

2) stop_thread and restart_thread

The stop syscall can only be used on a thread in the non-blocking
("active") thread state. The thread then switches to the "stopped"
thread state in wich it explicitely waits for a restart. The restart
syscall can only be used on a thread in the "stopped" or the "active"
thread state. The thread then switches back to the "active" thread state
and the syscall returns whether the thread was stopped. Both syscalls
are not core-restricted. "Stop" always targets the calling thread while
"restart" may target any thread in the same PD as the caller. Thread
state and UTCB content of a thread don't change while in the stopped
state. The "stop/restart" feature is used when an active thread wants to
wait for an event that is not known to the kernel. Actually the syscalls
are used when waiting for locks and on thread exit.

3) cancel_thread_blocking

Does cleanly cancel a cancelable blocking thread state (IPC, signalling,
stopped). The thread whose blocking was cancelled goes back to the
"active" thread state. It may receive a syscall return value that
reflects the cancellation. This syscall doesn't affect the pause state
of the thread which means that it may still not get scheduled. The
syscall is core-restricted and may target any thread.

4) yield_thread

Does its best that a thread is scheduled as few as possible in the
current scheduling super-period without touching the thread or pause
state. In the next superperiod, however, the thread is scheduled
"normal" again. The syscall is not core-restricted and always targets
the caller.

Fixes #2104
2016-12-14 11:22:27 +01:00
Norman Feske
ccffbb0dfc Build dynamically linked executables by default
Fixes #2184
2016-12-14 11:22:27 +01:00
Norman Feske
d882277ce3 base: let ldso use the default stack size 2016-12-14 11:19:38 +01:00
Norman Feske
4e4cdacab3 base: trim main-thread size to 4/8 KiB
The main thread does no longer execute application code. It is solely
responsible for the initialization of the component's entrypoint and for
retrieving asynchronous notifications. Since the stack usage is no
longer dependent on application-specific code, we can significantly
shrink it to reduce the memory footprint of components. In the worst
case - should the stack overrun - we would observe a page fault because
the stack is placed in the stack area, surrounded by guard pages.
2016-12-14 11:19:38 +01:00
Norman Feske
cc98cef770 genode_rel.ld: add .gcc_except_table to RO segment
By moving .gcc_except_table section to the read-only ELF segment, this
patch reduces the size of the dynamically allocated data/bss segment.
2016-12-14 11:19:37 +01:00
Norman Feske
a387d68c2c base: use a default stack size of 64 KiB
This patch replaces the former machine-word-dependent default stack size
by the fixed value of 64 KiB which should suffice for components on both
32 and 64 bit. Previously, the default stack size on 64 bit was 128 KiB,
which is wasteful. If a component needs more stack than 64 KiB, it can
specify a custon stack size by implementing 'Component::stack_size'.
2016-12-14 11:19:37 +01:00
Norman Feske
28f5688dcf base: reduce size of initial stack from 32K to 4K
The initial stack is solely used to initialize the Genode environment
along with the application stack located in the stack area. It never
executes application code. Hence, we can make it small. To check that it
is not dimensioned too small, the patch introduces a sanity check right
before switching to the application stack.
2016-12-02 15:20:31 +01:00
Norman Feske
92460cdab7 base: remove initial heap chunk from heap
This change reduces the BSS segment by 32 KiB (on 64 bit).
2016-12-02 15:20:31 +01:00
Norman Feske
25a7ea3d40 base: rename 'Volatile_object' to 'Reconstructible'
Fixes #2151
2016-12-01 17:46:50 +01:00
Alexander Boettcher
6fa87e62dd run: adjust noux_bash to run for arm
Issue #2137
Fixes #1469
2016-12-01 16:39:47 +01:00
Alexander Boettcher
8bb2641020 noux-pkg: support less for arm
Fix #2137
2016-12-01 16:39:47 +01:00
Christian Helmuth
31631c8303 foc: remove unused function 2016-12-01 16:39:47 +01:00
Christian Helmuth
831c8d8e2d noux: fix warning in execve 2016-12-01 16:39:47 +01:00
Christian Helmuth
4bc34f73f3 lxip: provide strncpy and strstr (for ipconfig) 2016-12-01 16:39:47 +01:00
Christian Helmuth
85fa4d340b Support running netperf test on qemu
Set environment variable FORCE_QEMU to run the test on qemu.
2016-11-30 13:38:07 +01:00
Christian Helmuth
262259cd09 Increase qemu RAM in moon test
On sel4, the available RAM (beside the boot modules) is significantly
reduced by the initial pools in core.
2016-11-30 13:38:06 +01:00
Alexander Boettcher
b8485b6ca1 vbox4: avoid iommio assertion
if the mmio region is not available anymore

Fixes #2182
2016-11-30 13:38:06 +01:00
Stefan Kalkowski
4b09e357e0 intel_fb_drv: dummy implementation of lrc irqs
Ref #2179
2016-11-30 13:38:06 +01:00
Christian Helmuth
53271d8c5f Use default component stack size where appropriate 2016-11-30 13:38:06 +01:00
Martin Stein
7eabe482b6 Increase RAM quota for Nic::Connection
At least on foc_x86_64, nic_router refused to create sessions for the
test clients as the session object's size exceeds the old quota
donation.

Ref #2139
2016-11-30 13:38:06 +01:00
Alexander Boettcher
a090c9047d vfs: handle alloc failed in block_file_system
Fixes #2154
2016-11-30 13:38:06 +01:00
Alexander Boettcher
d3d4381128 nova: support to run VBox vCPUs within same PD
Issue #2173
2016-11-30 13:38:06 +01:00
Alexander Boettcher
1bea312ba2 vmm: compatible vcpu same_pd/other_pd constructors
Issue #2173
2016-11-30 13:38:05 +01:00
Alexander Boettcher
c732aef227 nova: handle oom during assign_pci 2016-11-30 13:38:05 +01:00
Martin Stein
89085096d2 nic_router: new user interface and optimizations
Fixes #2139
2016-11-30 13:38:05 +01:00
Martin Stein
f90964fdcc udp_client/http_clnt: print success message
Ref #2139
2016-11-30 13:38:05 +01:00
Martin Stein
4eea2a058d net: let Net_address and Ipv4_address be packed
Ref #2139
2016-11-30 13:38:05 +01:00
Martin Stein
4281471a34 net: replace dump.h by modern print methods
Ref #2139
2016-11-30 13:38:05 +01:00
Martin Stein
da925b9cd7 net/ipv4: Ipv4_address_prefix::prefix_matches
The new method checks whether a given IPv4 address matches the IPv4
address prefix.

Ref #2139
2016-11-30 13:38:04 +01:00
Martin Stein
6276daecab net/ipv4: convenience methods valid() and print()
Both methods are now available for Ipv4_address as well as for
Ipv4_address_prefix. An IPv4 address is invalid if it contains zeros only.
An IPv4 address prefix is invalid if its address is invalid and its
prefix is 32.

Ref #2139
2016-11-30 13:38:04 +01:00
Martin Stein
9dddc905e2 lwip/http_clnt: fix ambiguous size_t
Ref #2139
2016-11-30 13:38:04 +01:00
Martin Stein
3a7ae03f79 lxip/udp_client: create new socket on every run
Instead of creating one socket and re-using it each test run because the
client shall also test the termination of pseudo-connections at components that
implement hole punching for UDP.

Ref #2139
2016-11-30 13:38:04 +01:00
Martin Stein
cdd05ad71b lxip/udp_client: use dynamic port as source port
Instead of a registered port as this leads to conflicts with common IP stacks.

Ref #2139
2016-11-30 13:38:04 +01:00
Martin Stein
b85fa1d069 timer: move to the new timeout framework
Ref #2170
2016-11-30 13:38:04 +01:00
Martin Stein
791138ee63 os: introduce and test timeout framework
Ref #2170
2016-11-30 13:38:04 +01:00
Edgard Schmidt
f97e0f3fa0 Allow RPC arguments w/o default constructor
Fixes #2150
2016-11-30 13:38:03 +01:00
Norman Feske
6a24d70120 Fix clang compile errors
Thanks Keiko Nakata for reporting!

Fixes #2164
2016-11-30 13:37:07 +01:00
Norman Feske
5a1cef6381 Make label prefixing more strict
This patch unconditionally applies the labeling of sessions and thereby
removes the most common use case of 'Child_policy::filter_session_args'.
Furthermore, the patch removes an ambiguity of the session labels of
sessions created by the parent of behalf of its child, e.g., the PD
session created as part of 'Child' now has the label "<child-name>"
whereas an unlabeled PD-session request originating from the child
has the label "<child-name> -> ". This way, the routing-policy of
'Child_policy::resolve_session_request' can differentiate both cases.

As a consequence, the stricter labeling must now be considered wherever
a precise label was specified as a key for a session route or a server-
side policy selection. The simplest way to adapt those cases is to use a
'label_prefix' instead of the 'label' attribute. Alternatively, the
'label' attribute may used by appending " -> " (note the whitespace).

Fixes #2171
2016-11-30 13:37:07 +01:00
Christian Helmuth
f184118930 vfs: support label attribute in log file system
The log plugin can now be configured to request a log session with the
specified label like follows.

  <log label="..."/>

Per default, no new log session is requested but the existing log
session of the component's environment is used.
2016-11-30 13:37:07 +01:00
Christian Prochaska
9e86621b07 cpu_sampler_noux.run: increase auto test timeout
Fixes #2178
2016-11-30 13:37:07 +01:00
Christian Helmuth
1216839bec vesa: handle platform session memory requests
Issue #1039
2016-11-30 13:37:07 +01:00
Alexander Boettcher
7dcfc8bd49 dde_bsd: handle platform session memory requests
Issue #1039
2016-11-30 13:37:07 +01:00
Alexander Boettcher
ac2061abfe ps2: handle platform session memory requests
Issue #1039
2016-11-30 13:37:07 +01:00
Alexander Boettcher
c83eb515f9 base: sanity check for slab element allocation
Issue #1039
2016-11-30 13:37:06 +01:00
Alexander Boettcher
b8f9f92731 base: remove allocation warning in heap
The heap typically first tries to allocate larger chunks than necessary, and
if it fails the actual minimal one. The first attempt already triggers warnings
which are not critical at all. If the second (critical) allocation fails,
then there are additionally checks and warnings already in place.

Issue #1039
2016-11-30 13:37:06 +01:00
Alexander Boettcher
1018dbc89a dde_ipxe: handle platform session memory requests
Issue #1039
2016-11-30 13:37:06 +01:00
Alexander Boettcher
6e66e51088 platform_drv: use ram_session_guard
Issue #1039
2016-11-30 13:37:06 +01:00
Alexander Boettcher
e32b78d95d os: extend ram_session_guard for platform_driver
Issue #1039
2016-11-30 13:37:06 +01:00
Alexander Boettcher
dffc1b0497 os: move ram_session_guard from nic_bridge to os
Issue #1039
2016-11-30 13:37:06 +01:00
Norman Feske
5ba245f476 base: minor style fixes 2016-11-30 13:37:06 +01:00
Alexander Boettcher
33b40ec5d9 base: free memory of object throwing exception
in constructor.

Extend test case to verify it and run it by autopilot.
2016-11-30 13:37:05 +01:00
Norman Feske
7f78d182f8 test/stdcxx: spelling fix 2016-11-30 13:37:05 +01:00
Alexander Boettcher
5f0008cbc9 vbox: update to 5.1.10
Issue #2059
2016-11-30 13:37:05 +01:00
Alexander Boettcher
11b2f30318 noux: avoid tons of "no attachment" messages
Trace_control dataspace gets destroyed implicitly when the cpu session is
closed. Remove the trace control dataspace from the internal noux dataspace
registry before cpu session destruction.
2016-11-30 13:37:05 +01:00
Alexander Boettcher
03f0f38567 cxx: avoid warnings about cxx exception memory
Avoids warnings like

Warning: 2 dangling allocations at allocator destruction time

during noux process destruction.
2016-11-30 13:37:05 +01:00
Christian Helmuth
79dd99e521 terminal_mux: adapt to component API 2016-11-30 13:37:05 +01:00
Josef Söntgen
383a3c6f54 wifi_drv: call kfree in case of kfree_rcu
Fixes #2175.
2016-11-30 13:37:05 +01:00
Emery Hemingway
f1fc94cfbd app/rom_logger: base API transition, hexdump output
Ref #1987
2016-11-30 13:37:04 +01:00
Norman Feske
c0f1d99d7a Adapt decorator to component API
Issue #1987
2016-11-30 13:37:04 +01:00
Norman Feske
eb90d92009 Adapt themed decorator to component API
Issue #1987
2016-11-30 13:37:04 +01:00
Alexander Boettcher
3c4372210e core: remove redundant datastructure
Avl allocator provides a method to lookup any element, which is sufficient
to find all regions to destruct.

Issue #2173
2016-11-30 13:37:04 +01:00
Martin Stein
82443ddee6 thread test: handle capability ref-count overflow
Triggered by the create-as-many-threads test as it tries to
create as many threads as possible.

Ref #2120
2016-11-30 13:37:04 +01:00
Martin Stein
99f18a2fe6 core: handle cap-ref-cnt overflow in create_thread
The code in Core's Cpu_session_component::create_thread might throw a
capability refernce-count overflow if one creates many threads, which would
kill core if not handled.

Ref #2120
2016-11-30 13:37:04 +01:00
Martin Stein
288c2c50ba base: throw exception on cap-ref-count overflow
Ref #2120
2016-11-30 13:37:04 +01:00
Christian Helmuth
00adca8c47 lx_fs: use component API
Issue #1987
2016-11-30 13:37:03 +01:00
Norman Feske
b44f0554bd Adapt high-level components to new parent API
This patch adjusts the various users of the 'Child' API to the changes
on the account of the new non-blocking parent interface. It also removes
the use of the no-longer-available 'Connection::KEEP_OPEN' feature.

With the adjustment, we took the opportunity to redesign several
components to fit the non-blocking execution model much better, in
particular the demo applications.

Issue #2120
2016-11-30 13:37:03 +01:00
Norman Feske
8bafb9d41b Adapt low-level components to new parent interface
This patch adjusts the components of the os repository as well as device
drivers to the new parent interface.

Issue #2120
2016-11-25 16:06:42 +01:00
Norman Feske
cfdbccc5c2 Remove blocking calls from root and parent RPCs
This is a redesign of the root and parent interfaces to eliminate
blocking RPC calls.

- New session representation at the parent (base/session_state.h)
- base-internal root proxy mechanism as migration path
- Redesign of base/service.h
- Removes ancient 'Connection::KEEP_OPEN' feature
- Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy'
- New 'Slave::Connection'
- Changed child-construction procedure to be compatible with the
  non-blocking parent interface and to be easier to use
- The child's initial LOG session, its binary ROM session, and the
  linker ROM session have become part of the child's envirenment.
- Session upgrading must now be performed via 'env.upgrade' instead
  of performing a sole RPC call the parent. To make RAM upgrades
  easier, the 'Connection' provides a new 'upgrade_ram' method.

Issue #2120
2016-11-25 16:06:42 +01:00
Norman Feske
3cc2a3f085 terminal: increase stack size 2016-11-25 15:30:58 +01:00
Norman Feske
baf61df0fd base: new 'Registry' data structure
This data structure is meant as a safe alternative for a list wherever
the list is solely used to remember objects and iterate through them in
an unspecified order. One use case is the 'Service_registry'.
2016-11-25 15:30:58 +01:00
Norman Feske
513a3f1d37 base: new 'Id_space' data structure
This data structure allows the association of objects with IDs. IDs are
kept in an AVL tree. So in contrast to a bit allocator, the ID space can be
sparsely populated and does not need to be dimensioned. The lifetime of
an ID is bound to an 'Element' object, which relieves the programmer
from manually allocating/deallocating IDs for objects.

Issue #2120
2016-11-25 15:30:58 +01:00
Alexander Boettcher
58eabc756b pistachio: exclude phys ram which is unaccessible
because of 1:1 mappings, phys memory above 3G (user/kernel virtual boundary)
can't be accessed ...
2016-11-25 15:30:58 +01:00
Alexander Boettcher
a72f81472b platform_drv: use label of client for ram session 2016-11-25 15:30:58 +01:00
Alexander Boettcher
81f0cacf66 core: prefer RAM allocation in high memory
We preserve lower RAM for device drivers with physical memory
constraints. If no physical RAM constraint exists, the allocations above
3G (32-bit) or 4G (64-bit) are preferred.
2016-11-25 15:30:57 +01:00
Alexander Boettcher
57949c2bbb nova: support asynchronous delegate
Issue #2173
2016-11-25 15:30:57 +01:00
Christian Helmuth
ff5d28822c bomb: limit generations on Linux
Limit the number of generations to 4 to prevent hitting the
socket-descriptor limit on Linux. Also, all possible configuration
parameters for bomb our now customizable in the run script and the
current config is logged by bomb master.
2016-11-25 15:27:29 +01:00
Alexander Boettcher
f4a7223bbf vbox: update to 5.1.8
Issue #2059
2016-11-25 15:27:29 +01:00
Josef Söntgen
ca3be471a9 lxip: get_random_once must be called once 2016-11-25 15:27:28 +01:00
Josef Söntgen
d647b6c797 lxip: use xoroshiro128+ as random backend 2016-11-25 15:27:28 +01:00
Christian Helmuth
104775aa56 wifi: support for scans in connected state
The 'connected_scan_interval' config attribute specifies the scan
interval in seconds. The commit also removes the deprecated ram_fs
component from the test run script.
2016-11-25 15:27:28 +01:00
Josef Söntgen
9ba7b2edde vbox: improve network backend
VirtualBox mainly derives the initial link-state for its device models
from checking the <Adapter ... cable="true"/> attribute. Our backend
only propagates the current state of the Nic session if it receives a
link-state signal. This may lead to problems if a guest detects a link
up state when it is actually down and wants to use the interface. The
backend now queries the Nic session and sets the link-state accordingly
when it is constructed.

In case there is no link do not attempt to submit a packet to the packet
stream but return with an error so that upper layers can handle it.

Enable signals for network on poweron and not already during
construction. The network model may be not yet ready to process incoming
signals and data.

Fixes #2117.
2016-11-25 15:27:28 +01:00
Christian Helmuth
f75f199947 ldso: initialize ELF object before relocating
This fixes a regression on Ubuntu 16.04 (resp. Linux systems with recent
kernel versions) and address-space randomization originating from an
uninitialized relocation base of 0.
2016-11-25 15:27:28 +01:00
Norman Feske
82107bef9b base: buffer session args in 'Connection'
This patch is a preparation of the forthcoming async parent interface.
Note that this patch increases the size of connection objects.
Furthermore it adds a diagnostic message whenever a connection fails.

Issue #2166
2016-11-25 15:27:28 +01:00
Norman Feske
7fba39831a platform_drv/x86: remove device slab
Because of the session-argument buffering added to 'Connection' objects
when changing the parent interface to be non-blocking, the
'Device_component' has grown in size from 1.5 KiB to 5 KiB. The slab
allocator was configured with a block size of 4 KiB. So it does not work
with the grown 'Device_component' size.

Once the transition to the new API is completed (when we can remove the
buffering of session arguments from the 'Connection' objects), we may
revert this change.

Issue #2120
2016-11-25 15:27:27 +01:00
Norman Feske
ac1794ed7d base: add const operator * to 'Volatile_object' 2016-11-25 15:27:27 +01:00
Norman Feske
0e0f830a14 base: make Volatile_object noncopyable
Unfortunately, the volatile object does not inherit the noncopyable
attribute of the enclosed object. By making all volatile objects
noncopyable, we prevent the accidental copying of a noncopyable object
wrapped in a volatile object.
2016-11-25 15:27:27 +01:00
Norman Feske
b8e98f2355 base: forward args in Output::print
The original version copied the arguments, which does not work for the
output of complex types, in particular non-copyable objects.
2016-11-25 15:27:27 +01:00
Norman Feske
35fa67768f base: add 'Volatile_object::print' method
The method prints the message "<unconstructed>" if the object is not
available. Otherwise, it prints the encapsulated object.
2016-11-25 15:27:26 +01:00
Norman Feske
a27cbfd371 os: make report_rom/rom_module.h better reusable 2016-11-25 15:27:26 +01:00