This patch replaces formerly blocking packet-stream operations by
the explicit use of 'wait_and_dispatch_io_signal' for blocking.
It also removes a misleading comment that promised a fire-and-forget
behavior whereas the implementation relied on blocking I/O anyway.
Issue #4390
The VFS block plugin used to depend on the blocking semantics of the
packet stream's 'get_acked_packet'. This patch replaces this dependency
by the use of 'wait_and_dispatch_one_io_signal'. However, in order to
implement this change, the custom instance of a 'Signal_receiver' had to
be removed as well.
To keep this patch as little invasive as possible, it does not touch the
direct use of the block session's packet stream, which should better be
replaced by the 'Block::Connection::Job' API.
Issue #4390
The zynq_nic_drv follows a zero-copy approach and thus uses the packet
buffers as DMA memory. In order to know when the RX DMA memory can be used
for another packet, a custom ack_avail_handler is needed.
Similarly, packets received from the Uplink session are not copied to a
DMA buffer but to directly passed on as DMA memory. For this purpose,
a a custom packet_avail handler is needed.
genodelabs/genode#4384
The 'read' and 'write' utilities are from a time before the VFS API
as os/vfs.h was available. They rely on the (now removed) blocking
semantics of the packet-stream interface.
The only remaining legitimate use case of the direct interaction with
the file-system session without VFS is the back end of gcov, which needs
a way to exfiltrate the statistical data using a channel that is
independent from the libc or the VFS.
Issue #4390
This patch replaces the direct use of a file-system session via the
'file_system/util.h' helpers by the VFS using the os/vfs.h API. This
makes the component more flexible while removing the dependence from
read and write utilities of file_system/util.h, which happen to rely on
the (now removed) blocking packet-stream semantics.
Issue #4390
Since the change "block_tester: limit batching in sequential test", the
sequence test blocks infinitely when encountering a length value smaller
than the block size.
This patch takes precautions against the use of blocking packet-stream
operations like 'submit_packet'.
With the change of issue #4388, the ready-to-submit signals are no
longer implicitly handled. Hence, a call of submit_packet to a
saturated submit queue blocks infinitely.
Issue #4390
* use 'Id_space::apply_any' instead of 'for_each' to destroy session local
buffer objects
* save session capability in session because 'cap()' is not valid in
'Session_component' destructor because it was dissolved before calling
'Root::_destruct_session', the cap is necessary to remove owned
buffers from the EP
issue #4380
Add 'export_buffer'/'import_buffer' calls in order to support buffer
sharing between GPU sessions.
Reduce CAP costs for Gpu::Connection from 256 to 32.
issue #4380
Account RAM and CAP resources for GPU sessions and trigger client
upgrades before allocating resources at the multiplexer. This prevents
the multiplexer from running out of resources.
issue #4380
Imagine receiving the signal for an available TX ack or an available RX packet
at the Uplink connection but a later received signal for a link-state change
(to link state "down") at the same connection is handled first and destructs
the Uplink connection before the handling of the former signals. In this case,
the methods 'Uplink_client_base::_conn_tx_handle_ack_avail' and
'Uplink_client_base::_conn_rx_handle_packet_avail' must be guarded against an
unconstructed '_conn' member, but they weren't so far.
Fixes#4384
So far, the generic Uplink connection code considered NIC drivers to transmit
connection RX packets in three different manners. Most of the drivers follow
the "normal" way of transmission with only one driver callback from generic
code. The monolithic USB NIC-driver, however, used to send in a "burst" mode
that required a dedicated path with multiple driver callbacks in the generic
code. And then there were drivers that had a fully custom function for doing
transmissions.
Also for handling connection TX acks, there was a "normal" and a
"custom handler" way.
Today, all NIC drivers in the Genode repos and the Genode-World repo follow the
"normal" way. Therefor, the unused code can be removed.
Ref #4384
This patch equips Sculpt with the ability to customize the system image
in very flexible ways.
All customizable aspects of the image have been relocated from the
former sculpt.run script and the accompanied gems/run/sculpt/ directory
to a new location - the sculpt/ directory - which can exist in any
repository. The directory at repos/gems/sculpt/ serves as reference.
The sculpt directory can host any number of <name>-<board>.sculpt files,
each containing a list of ingredients to be incorporated into the
Sculpt system image. The <name> can be specified to the sculpt.run
script. E.g., the following command refers to the 'default-pc.sculpt'
file:
make run/sculpt KERNEL=nova BOARD=pc SCULPT=default
If no 'SCULPT' argument is supplied, the value 'default' is used.
A .sculpt file refers to a selection of files found at various
subdirectries named after their respective purpose. In particular, There
exists a subdirectory for each file in Sculpt's config fs, like
nitpicker, drivers... The .sculpt file selects the alternative to use
by a simple tag-value notation.
drivers: pc
The supported tags are as follows.
*Optional* selection of /config files. If not specified, those files are
omitted, which prompts Sculpt to manage those configurations
automatically or via the Leitzentrale GUI:
fonts
nic_router
event_filter
wifi
runtime
gpu_drv
Selection of mandatory /config files. If not specified, the respective
'default' alternative will be used.
nitpicker
deploy
fb_drv
clipboard
drivers
numlock_remap
leitzentrale
usb
system
ram_fs
Furthermore, the .sculpt file supports the optional selection of
supplemental content such as a set of launchers.
launches: nano3d system_shell
Another type of content are the set of blessed pubkey/download files
used for installing and verifying software on target.
With the new version, it has become possible to supply a depot with the
the system image. The depot content is assembled according to the 'pkg'
attributes found in launcher files and the selected deploy config.
The resulting depot is incorporated into the system image as 'depot.tar'
archive. It can be supplied to the Sculpt system by mounting it into the
ram fs as done by the 'ram_fs/depot' configuration for the ram fs.
It is possible to add additional boot modules to the system image. There
are two options.
build: <list of targets>
This tag prompts the sculpt.run script to build the specified targets
directly using the Genode build system and add the created artifacts
into the system image as boot modules.
import: <list of depot src or pkg archives>
This tag instructs Sculpt to supply the specifid depot-archive content
as boot modules to the system image. This change eliminates the need for
board-specific pkg/sculpt-<board> archives. The board-specific
specializations can now be placed directly into the respective .sculpt
files by using 'import:'.
To make the use of Sculpt as testbed during development more convenient,
the log output of the drivers, leitzentrale, and runtime subsystems
can be redirected to core using the optional 'LOG=core' argument, e.g.,
make run/sculpt KERNEL=linux BOARD=linux LOG=core
The former pkg/sculpt-installation and pkg/sculpt-installation-pc
archives have been replaced by pkg/sculpt_distribution-pc, which
references the generic pkg/sculpt_distribution archive. Those pkgs are
solely used for publishing / distribution purposes.
Fixes#4369
Fix some trivial cases where the signedness of the constant value does
not match the signedness of type the code expects to see. GCC can be
asked to warn about those by passing Wsign-covnersion flag.
Issue #4354
This comes up when building the code with clang 13. It happens due to
recently enabled Wconversion warning, which in case of clang also
enables implicit-int-conversion warning. The warning reads:
fs_file_system.h:937:44: error: higher order bits are zeroes after
implicit conversion [-Werror,-Wimplicit-int-conversion]
::File_system::Watch_handle fs_handle { -1U };
~~~~~~~~~ ^~~
This can be fixed by properly specifying fs_handle value to be of
unsigned long type.
Issue #4354
Remove '_expected_offset' check on round trip test from RX packet,
because allocators between RX/TX can have different allocation
strategies. Rely on 'pattern' check for RX packets only.
In loopback server alloc size must match actual packet size.
issue #4312
Override 'try_alloc/free' because ethernet frame headers are 14 bytes
(src/dst mac (12) + ethertype (2)) causing the IP header to be 2 byte
aligned, leading to problems on platforms that require load/store
operations to be naturally aligned when reading, for example, 4 byte IP
addresses. Therefore, we align the allocation to 2 bytes, so the IP
header is aligned to 4.
issue #4312
This patch improves the robustness of the CPU-affinity handling.
- The types in base/affinity.h received the accessors
'Location::within(space)' and 'Affinity::valid', which alleviates
the fiddling with coordinates when sanity checking the values,
in init or core.
- The 'Affinity::Location::valid' method got removed because its
meaning was too vague. For sanity checks of affinity configurations,
the new 'within' method is approriate. In cases where only the x,y
values are used for selecting a physical CPU (during thread creation),
the validity check (width*height > 0) was not meaningful anyway.
- The 'Affinity::Location::from_xml' requires a 'Affinity::Space'
as argument because a location always relates to the bounds of
a specific space. This function now implements the selection of
whole rows or columns, which has previously a feature of the
sandbox library only.
- Whenever the sandbox library (init) encounters an invalid affinity
configuration, it prints a warning message as a diagnostic aid.
- A new 'Affinity::unrestricted' function constructs an affinity that
covers the whole affinity space. The named functions clarifies
the meaning over the previous use of the default constructor.
- Core's CPU service denies session requests with an invalid
affinity parameter. Previously, it would fall back to an
unrestricted affinity.
Issue #4300
After VirtIO::Queue refactoring buffers no longer share the same
dataspace as VirtIO rings. This makes optimal buffer calculations a lot
easier. In this case 64 buffers 2kB each will need precisely 128kB of
RAM. Previous value of 2016 will just waste 768b.
Fixed#4347
The key changes in this patch are:
* Buffer allocation is moved into a separate Buffer_pool helper. The
implementation of the buffer allocation strategy does not change.
The helper allocates a single RAM dataspace and splits it in multiple,
equally sized chunks.
* Management of main descriptor ring is enacapsulated in Descriptor_ring
helper class.
* Use separate RAM dataspaces for descriptor rings and buffers.
Previously both of them were packed into a single dataspace. This
might have been more RAM efficient, but IMO it made the code uglier and
harder to understand.
* All of the VirtIO::Queue members are now initialized on the class member
initializer list. This is possible due to previously listed changes.
* Since all VirtIO::Queue members are initalized on member initalizer
list, some additional ones can be marked as const, ex _avail, _used ring
pointers.
* Move descriptor writing code into a common method used by both
write_data and write_data_read_reply members. This avoids some code
duplication between those methods.
* Get rid of request_irq argument that most public VirtIO::Queue methods
accept. None of the existing drivers use it and I doubt this will
change any time soon.
* Use Genode namespace by default in Virtio.
This patch also fixes at least one bug that I discovered while working
on VirtIO block device driver. Namely, when chaining descriptors only the
first descriptor in the chain should be exposed in the available ring.
Issue #4347
The const-variant of the data() method contained an erroneous
calculation of the tail size. This led to the size guard throwing
exceptions when trying to parse TCP packets that only contained the
TCP header.
Fixesgenodelabs/genode#4340
Thanks to Piotr Tworek for the fix and his explanation as follows:
The basic idea is to try to fit payload data into the descriptor used to
send the header. If there is no payload, or the payload fits exactly
into the remaining space in the header decriptor, len should be 0 and
only one descriptor should be used. In such case the "next" and "flags"
members of the descriptor structure should be set to 0.
In case there is some extra payload data to send, but its size is
bigger than the remaining free space in the descriptor used to send the
header, len should contain the remaining size of the payload that
can't be sent via the header descriptor. The code will then chain
additional descriptors to handle this remainder.
With the len variable shadowing, the code will never queue the remaining
data.
Issue #4327
Share datastructures for clock, power and reset related configurations
per device. In the generic platform driver component these structures
are kept empty. Driver derivates can fill the clocks settings, power and
reset switches with life. The former Driver::Env gets removed.
Fix#4338
This change of the inner working of the platform driver for ARM allows
clients to have permanent open sessions, as long as a policy node matches
the client. If devices disappear from the policy resp. from the set of
available devices (hotplug), the devices ROM of the session gets updated,
and a corresponding device session gets closed. If the device remains
untouched in the configuration but other devices appeared/disappeared, the
device session is not affected.
Ref #4330