Until now, Genode's Linux system call bindings were based on original
Unix system calls that were later superseded by more flexibile variants.
E.g., 'openat' is a modern version of 'open'. Even though Linux upholds
the compatiblity with the original versions for existing architectures
like x86, the legacy syscalls are absent for the recently added AARCH64
architecture. A good overview of the system calls accross the prominent
architectures can be found at
https://chromium.googlesource.com/chromiumos/docs/+/master/constants/syscalls.md
This patch updates Genode's syscall bindings to avoid legacy versions,
thereby easing the support for AARCH64. The used "modern" versions
were introduced back in Linux version 2 days. So we are fine to rely
on them.
The patch slightly changes the signature for lx_stat because this system
call is merely used to check for the existance of a file and its size.
The new name 'lx_stat_size' draws a closer connection to its use case.
That said, the stat syscall has not been updated to the modern statx
since statx is still a fairly recent addition.
Issue #4136
This patch simplifies the use of the clone system call for creating
processes and threads. Until now, the binding used an opaque pointer
argument to pass context information to the newly created process or
thread. However, upon close inspection, this is not a strict
requirement.
A newly created thread accesses its contextual information by
using its stack pointer as key. The pointer argument is not used.
The creation of processes is strictly serialized because the
intermediate stack used in-between clone and execve is a global
variable. Since we rely on the serialization anyway, we can pass the
context information of a new process via a global variable as well.
This change simplifies the syscall binding for the upcoming AARCH64
support, which would otherwise require us to deal with the notion
of TLS on Linux.
Issue #4136
This patch changes the 'alloc_aligned' interface as follows:
- The former 'from' and 'to' arguments are replaced by a single
'range' argument.
- The distinction of the use cases of regular allocations vs.
address-constrained allocations is now overed by a dedicated
overload instead of relying on a default argument.
- The 'align' argument has been changed from 'int' to 'unsigned'
to be better compatible with 'addr_t' and 'size_t'.
Fixes#4067
According to GNU as manual the syntax of this directive is:
.cfi_undefined register
The manual does not mention the register should be in parentheses.
This works in GNU as even when those are present, but unfortunately
clang integrated-as does not parse this correctly. Both GNU and
clang's integrated assembler work fine when the extra parentheses
are omitted.
Fixes#3986
* Remove SPEC declarations from mk/spec
* Remove all board-specific REQUIRE declaratiions left
* Replace [have_spec <board>] run-script declarations with have_board where necessary
* Remove addition of BOARD variable to SPECS in toplevel Makefile
* Move board-specific directories in base-hw out of specs
The _root, _gid and _uid private member variables are not used for
anything. GCC does not care, but clang likes to complain about things
like this.
Issue #3938
- base/cancelable_lock.h becomes base/lock.h
- all members become private within base/lock.h
- solely Mutex and Blockade are friends to use base/lock.h
Fixes#3819
base-linux uses seccomp to reduce the available system calls
to the minimum set needed to run base-linux. There are still
some syscalls that allow accessing global state which should
be further reduced.
The combination of seccomp and socket descriptor caps should
provide an intermediate level of security for base-linux
thereby enabling base-linux as a migration path from using
the Linux kernel to the use of microkernel-based Genode.
Fixes#3581
Add the option to configure the RAM quota for core on base-linux.
The environment variable GENODE_RAM_QUOTA if it exists is interpreted
as number of bytes to provide to the first init.
Issue #3762
- Since Genode::strncpy is not 100% compatible with the POSIX
strncpy function, better use a distinct name.
- Remove bogus return value from the function, easing the potential
enforcement of mandatory return-value checks later.
Fixes#3752
This patch largely reverts the commit "base: lay groundwork for
base-linux caps change" because the use of 'epoll' instead of 'select'
alleviated the need to allocate large FD sets, which motivated the
introduction of the 'Native_context' hook.
Related to issue #3581
