This patch enhances the packet-stream API with the principle ability to
side-step the built-in implicity data-flow signals and manage the
signals manually. This allows for a more efficient batching of packet
processing.
Issue #3092
The 'tx_cap' RPC function is only used at session-creation time. For
this reason, it was not listed in the "official" RPC interface in
'block_session.h'. However, this makes the interface more obscure than
it needs to be. So this patch promotes it to a regular RPC function.
Issue #3092
This patch adjusts the implementation of the base library and core such
that the code no longer relies on deprecated APIs except for very few
cases, mainly to keep those deprecated APIs in tact for now.
The most prominent changes are:
- Removing the use of base/printf.h
- Removing of the log backend for printf. The 'Console' with the
format-string parser is still there along with 'snprintf.h' because
the latter is still used at a few places, most prominently the
'Connection' classes.
- Removing the notion of a RAM session, which does not exist in
Genode anymore. Still the types were preserved (by typedefs to
PD session) to keep up compatibility. But this transition should
come to an end now.
- Slight rennovation of core's tracing service, e.g., the use of an
Attached_dataspace as the Argument_buffer.
- Reducing the reliance on global accessors like deprecated_env() or
core_env(). Still there is a longish way to go to eliminate all such
calls. A useful pattern (or at least a stop-gap solution) is to
pass the 'Env' to the individual compilation units via init functions.
- Avoiding the use of the old 'Child_policy::resolve_session_request'
interface that returned a 'Service' instead of a 'Route'.
Issue #1987
The notion of a RAM session does not exist anymore. Hence, we have to
adjust the name of 'init_env_ram_session'. Since this change modifies
the ABI, it comes as separate commit.
Issue #2407
Refactor the graphical terminal server to internally represent
characters as 16-bit codepoints and handle the duplex terminal stream as
UTF-8.
- Make the Codepoint class printable to the Output interface
- Decode data received at the Terminal session from UTF-8 to a 16-bit
character
- Pass 16-bit characters through terminal decoder and char-cell arrays
- Send Unicode through terminal session in a burst of UTF-8 bytes
Fix#3148
- support to create multiple vCPUs
- support to implement Vm_session methods client side within base library
- adjust muen specific virtualbox4 version to compile/link
Issue #3111
Move the allocation of the session packet buffer into a subclass that is
constructed before the File_system RPC object. This allows the buffer
allocation to be wrapped in a constructor/destructor class and clearly
accounted for.
Fix#3134
The situation where a 'Session_policy' is constructed for a label with
no matching policy is in almost all cases a configuration problem.
A diagnostic message eases pin-pointing such mistaks. By adding the
message to the 'Session_policy', servers don't need to manually handle
the exception to provide diagnostic information. This simplifies the
server code in many components.
The former 'Genode::Timed_semaphore' mechanism is moved to the private
part of the two remaining users, namely dde_rump and the libc. Note
there are now two private copies of 'timed_semaphore.h'. This should be
regarded as an interim step until the use of this mechanism is removed
from both users.
This patch also cleans up the mechanism from legacy Genode API calls and
global side effects (alarm-thread singleton). The test/timed_semaphore
is now located at the libports repository as it now tests a mechanism of
the libc. The former timed_semaphore library is no more.
Fixes#3121
Since the timer and timeout handling is part of the base library (the
dynamic linker), it belongs to the base repository.
Besides moving the timer and its related infrastructure (alarm, timeout
libs, tests) to the base repository, this patch also moves the timer
from the 'drivers' subdirectory directly to 'src' and disamibuates the
timer's build locations for the various kernels. Otherwise the different
timer implementations could interfere with each other when using one
build directory with multiple kernels.
Note that this patch changes the include paths for the former os/timer,
os/alarm.h, os/duration.h, and os/timed_semaphore.h to base/.
Issue #3101
This patch improves the window decorators in the following respects:
* Strict warnings are enabled now.
* The use of the 'List_model' makes the application of window-
layout changes more robust. This is particularly the case for
the restacking of windows.
* Display-mode changes are now supported by both decorators.
Issue #3094
Init's state reports are updated whenever an interesting part of init's
internal state changes (e.g., when sessions are established, or when
children are started/removed). However, until now, a change of a skipped
heartbeat counter was not taken as trigger for state-report updates.
In scenarios where no other intersting event happened, the last reported
state did no reflect the current heartbeat state. In particular, when
the last report was issued during the construction of a new child just
before the child became able to respond to heartbeat requests, the stale
report hinted at heartbeat problems that were just an initialization
artifact. This problem became visible on some Qemu platform where the
child startup takes a long time.
The patch tracks the observed skipped-heartbeat counter and triggers a
report whenever the counter value changes.
Issue #3079
By adding an additional synchronization point in the form of a matched
log message, this patch makes the timing behavior of the "test changing
provided services" step more deterministic. Without it, the scheduling
of OKL4 and base-hw resulted in a merge of two config updates into one.
Issue #3079
Packets whose data is stored within the Packet_descriptor itself
but not as payload, .e.g Usb::Packet_descriptor, are valid packets
after all. So loosen the packet valid check for zero-sized packets
is reasonable.
Fixes#3076.
Our overall nightly test time greatly decreases when the timeouts for
the single tests are not that over-pessimistic. Using the slowest
platforms as reference, this commit reduces the test timeouts.
Ref #3027
For reading the MAC address we try first to read it from the <policy> tag, and
when it is not defined in the <policy> tag, we allocate a MAC. But there was
no handling of the case that there is no appropriate <policy> tag. In this
case we want to create the session with an allocated MAC also.
This patch makes init robust against invalid routing rules that lack a
name attribute in the '<service>' node. This situation may occur when
interactively editing routes in Sculpt.
Some application code is dereferencing the pointer returned by
'packet_content' at packet streams without checking that it is valid.
Throw an exception rather than return a null pointer, except for
zero-length packets, which have somewhat implicit invalid content and
that we believe to be properly handled in all current cases.
The client-side of a packet stream cannot take corrective action if the
server-side is sending packets with invalid content, but the servers
that provide packet streams should catch this exception to detect
misbehaving clients.
Ref #3059
Change the root of a session request into an explicit path and apply the
label-to-path conversion using the "path_prefix" policy attribute. This
is in addition to only applying a root change with a "path" attribute.
Ref #3031Fix#3056
The bulk buffer is now 64Byte-aligned so that the allocated
packets get aligned likewise (assumed the packet allocator uses an
appropriately aligned block size). This ensures that each packet
starts at a new cache line on common platforms.
Issue #3053
This patch improves the detection of new appearing top-most windows.
Such a window should prompt the decorator to bring the corresponding
nitpicker view(s) to the front of the view stack. The original
implementation relied on hints provided by the layouter (the 'topped'
attribute). With the patch, the decorator tracks the top-most window by
itself, which improves the robustness.
As a second improvement, the patch defers the destruction of windows to
the point when all other window operations are completed. This hides
intermediate states when replacing one window by another in one step,
which is typical for console-like scenarios. Hence, this patch should
eliminate flickering artifacts when switching from one virtual console
to another.
Issue #3031
* Account all RAM/CAP quota of a session except quota for metadata used in
core. The latter is considered when asking if a session can afford to make
an operation but it does not get accounted to always be able to pay back all
quota when a session closes. The general accounting mechanism is moved from
atop of the allocators down to the level of RAM/RM session operations.
* report statistics about session objects and quota if <report stats="yes"
quota="yes"/> is configured. (default is yes if <report> is present)
Issue #2953
Like suggested by RFC 2663, reprogram the dissolve timeout of a TCP link
state to 2 times the maximum segment lifetime (by default 1 minute) when
receiving a matching packet with the FIN flag set, or with the ACK flag
set to acknowledge a FIN of the remote side.
Mark a link state as closed (no further reprogramming of the dissolve
timeout) and set the dissolve timeout to 2 times the maximum segment
lifetime when receiving a packet with the RESET flag set.
Issue #2953
If the NIC router has insufficient CAP or RAM quota for the creation of
a state object for an interface, it tries to destroy a certain amount of
existing state objects of this interface to free resources. Afterwards,
it retries handling the current packet once. If it does fail again, the
router drops the packet.
Issue #2953
Ensure that a '\0' always appears at the end of the ouput of the XML
generator. Previously, exceptions during the Node(...) constructor
might have prevented this. This commit also extends the xml_generator
test to drive a harder test on exceptions in the Xml_generator.
Issue #2953
When the functor provided to the Node constructor throws an exception,
do revert all changes in reverse order. Previously, the changes made
to the parent node were not considered by the exception handler which
caused unnecessary characters to remain in the out buffer for each
reverted node.
Issue #2953
The VFS server does not support file-system with one single-file plugin
providing the root. This is because the "leaf_path" is not universally
implemented to handle the path "/". This fix is simply to skip a
"leaf_path" check when opening the path "/".
Ref #2919
The PS/2 driver retries to get mouse-reset results for 700 ms, sleeping
after each attempt for 10 ms. So, the driver needs a Timer session now.
Fixes#2713
This patch addresses a situation where _process_packets was called as a
side effect of watch notification (that was processed during an unlink
RPC operation). This scenario (triggered by the fs_query test)
ultimately ended up in a deadlock. Io/watch reponse handlers should
never re-enter the application logic.
The new base/xsd/config.inc defines generic XSD types such as 'Boolean' or
'Session_label'. It can be included in config XSD files by using:
! <xs:include schemaLocation="file://${GENODE_CONFIG_INC}"/>
The string ${GENODE_CONFIG_INC} is replaced by the run tool with the
above mentionened file path.
Issue #2897
Seen on X250
Description from https://www.win.tue.nl/~aeb/linux/kbd/scancodes-1.html
The ten grey keys Insert, Home, PgUp, Delete, End, PgDn, Up, Left,
Down, Right are supposed to function regardless of the state of Shift
and NumLock keys. But for an old AT keyboard the keypad keys would
produce digits when Numlock was on or Shift was down. Therefore, in
order to fool old programs, fake scancodes are sent: when LShift is
down, and Insert is pressed, e0 aa e0 52 is sent; upon release of
Insert e0 d2 e0 2a is sent. In other words, a fake LShift-up and fake
LShift-down are inserted.
Fixes#2888
Add additional parsing modes to the sequence decoder to detect and
discard unhandled sequences for ECMA-48, DEC private, and Xterm.
Add new behavior for cursor movement, cursor hiding, character deletion,
and line-wrapping.
Fix#2923
When the cached_fs_rom saturates the packet stream of its File_system
session it will call the session request handler recursively as pending
transfers are completed. This is bad because the content of the XML node
currently being processed will change.
The session request handler can no longer be called directly, but the
"schedule" method will submit a signal to the request handler, and
requests will be processed after the current operation has completed.
Calling 'handle_io_response()' in a regular VFS function (in contrast to a
post-signal hook) can cause problems if the caller of the VFS function holds
a lock which prevents the io response handler from returning.
With this commit, the user of the VFS becomes responsible for unblocking
threads which might be blocking after a failed 'queue_read()', 'queue_sync()'
or 'write()' call.
Fixes#2896
This new vfs_import plugin allows a VFS instance to be populated during
construction using a sub-VFS configured in an '<import>' configuration
node. This allows the ram_fs File_system server to be replaced by the
VFS server by reimplementing the ram_fs 'content' feature. At the
moment the copying of symlinks is not enabled, and the resources
obtained by the import file-system may not be freed after the import is
finished.
Fix#2906
The ram plugin to the VFS must send notifications to watch handles on
files when they are removed. This brings the VFS server to parity with
the ram_fs server for the sake of notifications.
Move run/fs_report to gems and use the vfs server and the vfs init
plugin in the test.
Ref #2902
This patch removes the detection of statically linked executables from
the base framework. It thereby fixes the corner cases encountered with
Sculpt when obtaining the binaries of the runtime from the depot_rom
service that is hosted within the runtime.
Statically linked binaries and hybrid Linux/Genode (lx_hybrid) binaries
can still be started by relabeling the ROM-session route of "ld.lib.so"
to the binary name, pretending that the binary is the dynamic linker.
This can be achieved via init's label rewriting mechanism:
<route>
<service name="ROM" unscoped_label="ld.lib.so">
<parent label="test-platform"/> </service>
</route>
However, as this is quite cryptic and would need to be applied for all
lx_hybrid components, the patch adds a shortcut to init's configuration.
One can simply add the 'ld="no"' attribute to the <start> node of the
corresponding component:
<start name="test-platform" ld="no"/>
Fixes#2866
When mounting a ROM module with binary="no", the
vfs will detect the 0-termination to calculate the
file size instead of using the dataspace size.
Fixes#2903
Process I/O packets in batches. If a batch is processed and there are
still packets pending, send a signal locally to the packet handler and
return to the entrypoint signal dispatcher. This prevents clients from
starving each other, which happens when a client continuously submits
packets at a faster rate than the server can process.
Fix#2900
Test of File_system I/O scheduling. It appears that a client not
submitting I/O packets slower than the VFS server can process will
starve other clients.
Ref #2900
This component is contrasted with the fs_rom server that serves
independent dataspaces to each client. Using a cache was not possible
until the region map session supported the creation of read-only
attachments.
Test at run/read_only_rom.
Ref #1633Fix#2760
The verbosity mode of the NIC bridge can be toggled with the verbose attribute
(default value shown):
! <config verbose="no" />
If enabled, the NIC bridge logs sent and received packets as well as the
lifetime of interfaces connected to the bridge.
Issue #2899
The test triggers the following assertion in the kernel, which will
remain unfixed as the kernel is no longer developed:
Assertion queue_state.is_set(queue_state_t::send) failed in file
.../pistachio/kernel/src/api/v4/tcb.h, line 727
This assertion is presumably similar / related to issue #1495.
Quietly insert forward declaration of a Input::Binding class, and make
it a friend of Input::Event and Input::Session_client. This is to allow
non-C++ language bindings (Nim) to access private members by providing
their own implementation of the Binding class.
Fix#2889
The legacy PIT timer driver is too jittery for the character-repeat
test. This patch disables the test for platforms using this device as
user-level time source, which are at the moment OKL4, Pistachio, and
seL4.