ehmry/genode
ehmry
/
genode
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
genode/repos/base/include/base/child.h

609 lines
17 KiB
C
Raw Normal View History

Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
/*
* \brief Child creation framework
* \author Norman Feske
* \date 2006-07-22
*/
/*
Update copyright headers to 2013
2013-01-10 21:44:47 +01:00
* Copyright (C) 2006-2013 Genode Labs GmbH
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
*
* This file is part of the Genode OS framework, which is distributed
* under the terms of the GNU General Public License version 2.
*/
#ifndef _INCLUDE__BASE__CHILD_H_
#define _INCLUDE__BASE__CHILD_H_
#include <base/rpc_server.h>
#include <base/heap.h>
#include <base/service.h>
#include <base/lock.h>
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
#include <base/local_connection.h>
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
#include <util/arg_string.h>
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
#include <ram_session/connection.h>
Remove Genode::Process from API This patch makes the former 'Process' class private to the 'Child' class and changes the constructor of the 'Child' in a way that principally enables the implementation of single-threaded runtime environments that virtualize the CPU, PD, and RAM services. The new interfaces has become free from side effects. I.e., instead of implicitly using Genode::env()->rm_session(), it takes the reference to the local region map as argument. Also, the handling of the dynamic linker via global variables is gone. Now, the linker binary must be provided as constructor argument. Fixes #1949
2016-04-27 16:04:58 +02:00
#include <region_map/client.h>
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
#include <pd_session/connection.h>
#include <cpu_session/connection.h>
#include <log_session/connection.h>
#include <rom_session/connection.h>
Remove Genode::Process from API This patch makes the former 'Process' class private to the 'Child' class and changes the constructor of the 'Child' in a way that principally enables the implementation of single-threaded runtime environments that virtualize the CPU, PD, and RAM services. The new interfaces has become free from side effects. I.e., instead of implicitly using Genode::env()->rm_session(), it takes the reference to the local region map as argument. Also, the handling of the dynamic linker via global variables is gone. Now, the linker binary must be provided as constructor argument. Fixes #1949
2016-04-27 16:04:58 +02:00
#include <parent/capability.h>
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
namespace Genode {
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
struct Child_policy;
struct Child;
}
/**
* Child policy interface
*
* A child-policy object is an argument to a 'Child'. It is responsible for
* taking policy decisions regarding the parent interface. Most importantly,
* it defines how session requests are resolved and how session arguments
* are passed to servers when creating sessions.
*/
struct Genode::Child_policy
{
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
typedef String<64> Name;
typedef String<64> Binary_name;
typedef String<64> Linker_name;
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
virtual ~Child_policy() { }
/**
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
* Name of the child used as the child's label prefix
*/
virtual Name name() const = 0;
/**
* ROM module name of the binary to start
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
*/
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
virtual Binary_name binary_name() const { return name(); }
/**
* ROM module name of the dynamic linker
*/
virtual Linker_name linker_name() const { return "ld.lib.so"; }
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
/**
* Determine service to provide a session request
*
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
* \return service to be contacted for the new session
*
* \throw Parent::Service_denied
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
*/
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
virtual Service &resolve_session_request(Service::Name const &,
Session_state::Args const &) = 0;
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
/**
* Apply transformations to session arguments
*/
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
virtual void filter_session_args(Service::Name const &,
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
char * /*args*/, size_t /*args_len*/) { }
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
/**
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
* Register a service provided by the child
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
*/
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
virtual void announce_service(Service::Name const &) { }
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
/**
* Apply session affinity policy
*
* \param affinity affinity passed along with a session request
* \return affinity subordinated to the child policy
*/
virtual Affinity filter_session_affinity(Affinity const &affinity)
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
{
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
return affinity;
}
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
/**
* Exit child
*/
virtual void exit(int exit_value)
{
base: avoid use of deprecated base/printf.h Besides adapting the components to the use of base/log.h, the patch cleans up a few base headers, i.e., it removes unused includes from root/component.h, specifically base/heap.h and ram_session/ram_session.h. Hence, components that relied on the implicit inclusion of those headers have to manually include those headers now. While adjusting the log messages, I repeatedly stumbled over the problem that printing char * arguments is ambiguous. It is unclear whether to print the argument as pointer or null-terminated string. To overcome this problem, the patch introduces a new type 'Cstring' that allows the caller to express that the argument should be handled as null-terminated string. As a nice side effect, with this type in place, the optional len argument of the 'String' class could be removed. Instead of supplying a pair of (char const *, size_t), the constructor accepts a 'Cstring'. This, in turn, clears the way let the 'String' constructor use the new output mechanism to assemble a string from multiple arguments (and thereby getting rid of snprintf within Genode in the near future). To enforce the explicit resolution of the char * ambiguity, the 'char *' overload of the 'print' function is marked as deleted. Issue #1987
2016-07-13 19:07:09 +02:00
log("child \"", name(), "\" exited with exit value ", exit_value);
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
}
/**
* Reference RAM session
*
Revised API documentation This patch curates the API documentation to become suitable for the functional specificaton, which is partially generated from the header files.
2015-03-20 17:50:41 +01:00
* The RAM session returned by this method is used for session-quota
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
* transfers.
*/
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
virtual Ram_session &ref_ram() = 0;
virtual Ram_session_capability ref_ram_cap() const = 0;
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
/**
* Respond to the release of resources by the child
*
Revised API documentation This patch curates the API documentation to become suitable for the functional specificaton, which is partially generated from the header files.
2015-03-20 17:50:41 +01:00
* This method is called when the child confirms the release of
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
* resources in response to a yield request.
*/
virtual void yield_response() { }
/**
* Take action on additional resource needs by the child
*/
virtual void resource_request(Parent::Resource_args const &) { }
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
/**
* Initialize the child's RAM session
*
* The function must define the child's reference account and transfer
* the child's initial RAM quota.
*/
virtual void init(Ram_session &, Capability<Ram_session>) = 0;
/**
* Initialize the child's CPU session
*
* The function may install an exception signal handler or assign CPU quota
* to the child.
*/
virtual void init(Cpu_session &, Capability<Cpu_session>) { }
/**
* Initialize the child's PD session
*
* The function may install a region-map fault handler for the child's
* address space ('Pd_session::address_space');.
*/
virtual void init(Pd_session &, Capability<Pd_session>) { }
class Nonexistent_id_space : Exception { };
/**
* ID space for sessions provided by the child
*
* \throw Nonexistent_id_space
*/
virtual Id_space<Parent::Server> &server_id_space() { throw Nonexistent_id_space(); }
/**
* Return region map for the child's address space
*
* \param pd the child's PD session capability
*
* By default, the function returns a 'nullptr'. In this case, the 'Child'
* interacts with the address space of the child's PD session via RPC calls
* to the 'Pd_session::address_space'.
*
* By overriding the default, those RPC calls can be omitted, which is
* useful if the child's PD session (including the PD's address space) is
* virtualized by the parent. If the virtual PD session is served by the
* same entrypoint as the child's parent interface, an RPC call to 'pd'
* would otherwise produce a deadlock.
*/
virtual Region_map *address_space(Pd_session &) { return nullptr; }
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
};
/**
* Implementation of the parent interface that supports resource trading
*
* There are three possible cases of how a session can be provided to
Revised API documentation This patch curates the API documentation to become suitable for the functional specificaton, which is partially generated from the header files.
2015-03-20 17:50:41 +01:00
* a child: The service is implemented locally, the session was obtained by
* asking our parent, or the session is provided by one of our children.
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
*
* These types must be differentiated for the quota management when a child
Revised API documentation This patch curates the API documentation to become suitable for the functional specificaton, which is partially generated from the header files.
2015-03-20 17:50:41 +01:00
* issues the closing of a session or transfers quota via our parent
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
* interface.
*
* If we close a session to a local service, we transfer the session quota
* from our own account to the client.
*
* If we close a parent session, we receive the session quota on our own
* account and must transfer this amount to the session-closing child.
*
* If we close a session provided by a server child, we close the session
Revised API documentation This patch curates the API documentation to become suitable for the functional specificaton, which is partially generated from the header files.
2015-03-20 17:50:41 +01:00
* at the server, transfer the session quota from the server's RAM session
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
* to our account, and subsequently transfer the same amount from our
* account to the client.
*/
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
class Genode::Child : protected Rpc_object<Parent>,
Session_state::Ready_callback,
Session_state::Closed_callback
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
{
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
private:
Separation of thread operations from CPU session This patch moves the thread operations from the 'Cpu_session' to the 'Cpu_thread' interface. A noteworthy semantic change is the meaning of the former 'exception_handler' function, which used to define both, the default exception handler or a thread-specific signal handler. Now, the 'Cpu_session::exception_sigh' function defines the CPU-session-wide default handler whereas the 'Cpu_thread::exception_sigh' function defines the thread-specific one. To retain the ability to create 'Child' objects without invoking a capability, the child's initial thread must be created outside the 'Child::Process'. It is now represented by the 'Child::Initial_thread', which is passed as argument to the 'Child' constructor. Fixes #1939
2016-05-10 18:05:38 +02:00
struct Initial_thread_base
{
/**
* Start execution at specified instruction pointer
*/
virtual void start(addr_t ip) = 0;
/**
* Return capability of the initial thread
*/
base: apply routing policy to environment sessions This patch changes the child-construction procedure to allow the routing of environment sessions to arbitrary servers, not only to the parent. In particular, it restores the ability to route the LOG session of the child to a LOG service provided by a child of init. In principle, it becomes possible to also route the immediate child's PD, CPU, and RAM environment sessions in arbitrary ways, which simplifies scenarios that intercept those sessions, e.g., the CPU sampler. Note that the latter ability should be used with great caution because init needs to interact with these sessions to create/destruct the child. Normally, the sessions are provided by the parent. So init is safe at all times. If they are routed to a child however, init will naturally become dependent on this particular child. For the LOG session, this is actually not a problem because even though the parent creates the LOG session as part of the child's environment, it never interacts with the session directly. Fixes #2197
2016-12-12 17:40:55 +01:00
virtual Capability<Cpu_thread> cap() const = 0;
Separation of thread operations from CPU session This patch moves the thread operations from the 'Cpu_session' to the 'Cpu_thread' interface. A noteworthy semantic change is the meaning of the former 'exception_handler' function, which used to define both, the default exception handler or a thread-specific signal handler. Now, the 'Cpu_session::exception_sigh' function defines the CPU-session-wide default handler whereas the 'Cpu_thread::exception_sigh' function defines the thread-specific one. To retain the ability to create 'Child' objects without invoking a capability, the child's initial thread must be created outside the 'Child::Process'. It is now represented by the 'Child::Initial_thread', which is passed as argument to the 'Child' constructor. Fixes #1939
2016-05-10 18:05:38 +02:00
};
struct Initial_thread : Initial_thread_base
{
private:
Cpu_session &_cpu;
Thread_capability _cap;
public:
typedef Cpu_session::Name Name;
/**
* Constructor
*
* \throw Cpu_session::Thread_creation_failed
* \throw Cpu_session::Out_of_metadata
*/
Initial_thread(Cpu_session &, Pd_session_capability, Name const &);
~Initial_thread();
void start(addr_t) override;
base: apply routing policy to environment sessions This patch changes the child-construction procedure to allow the routing of environment sessions to arbitrary servers, not only to the parent. In particular, it restores the ability to route the LOG session of the child to a LOG service provided by a child of init. In principle, it becomes possible to also route the immediate child's PD, CPU, and RAM environment sessions in arbitrary ways, which simplifies scenarios that intercept those sessions, e.g., the CPU sampler. Note that the latter ability should be used with great caution because init needs to interact with these sessions to create/destruct the child. Normally, the sessions are provided by the parent. So init is safe at all times. If they are routed to a child however, init will naturally become dependent on this particular child. For the LOG session, this is actually not a problem because even though the parent creates the LOG session as part of the child's environment, it never interacts with the session directly. Fixes #2197
2016-12-12 17:40:55 +01:00
Capability<Cpu_thread> cap() const { return _cap; }
Separation of thread operations from CPU session This patch moves the thread operations from the 'Cpu_session' to the 'Cpu_thread' interface. A noteworthy semantic change is the meaning of the former 'exception_handler' function, which used to define both, the default exception handler or a thread-specific signal handler. Now, the 'Cpu_session::exception_sigh' function defines the CPU-session-wide default handler whereas the 'Cpu_thread::exception_sigh' function defines the thread-specific one. To retain the ability to create 'Child' objects without invoking a capability, the child's initial thread must be created outside the 'Child::Process'. It is now represented by the 'Child::Initial_thread', which is passed as argument to the 'Child' constructor. Fixes #1939
2016-05-10 18:05:38 +02:00
};
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
/* child policy */
Child_policy &_policy;
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
base: apply routing policy to environment sessions This patch changes the child-construction procedure to allow the routing of environment sessions to arbitrary servers, not only to the parent. In particular, it restores the ability to route the LOG session of the child to a LOG service provided by a child of init. In principle, it becomes possible to also route the immediate child's PD, CPU, and RAM environment sessions in arbitrary ways, which simplifies scenarios that intercept those sessions, e.g., the CPU sampler. Note that the latter ability should be used with great caution because init needs to interact with these sessions to create/destruct the child. Normally, the sessions are provided by the parent. So init is safe at all times. If they are routed to a child however, init will naturally become dependent on this particular child. For the LOG session, this is actually not a problem because even though the parent creates the LOG session as part of the child's environment, it never interacts with the session directly. Fixes #2197
2016-12-12 17:40:55 +01:00
/* print error message with the child's name prepended */
template <typename... ARGS>
void _error(ARGS &&... args) { error(_policy.name(), ": ", args...); }
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
base: apply routing policy to environment sessions This patch changes the child-construction procedure to allow the routing of environment sessions to arbitrary servers, not only to the parent. In particular, it restores the ability to route the LOG session of the child to a LOG service provided by a child of init. In principle, it becomes possible to also route the immediate child's PD, CPU, and RAM environment sessions in arbitrary ways, which simplifies scenarios that intercept those sessions, e.g., the CPU sampler. Note that the latter ability should be used with great caution because init needs to interact with these sessions to create/destruct the child. Normally, the sessions are provided by the parent. So init is safe at all times. If they are routed to a child however, init will naturally become dependent on this particular child. For the LOG session, this is actually not a problem because even though the parent creates the LOG session as part of the child's environment, it never interacts with the session directly. Fixes #2197
2016-12-12 17:40:55 +01:00
Region_map &_local_rm;
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
Rpc_entrypoint &_entrypoint;
Parent_capability _parent_cap;
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
/* signal handlers registered by the child */
Signal_context_capability _resource_avail_sigh;
Signal_context_capability _yield_sigh;
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
Signal_context_capability _session_sigh;
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
/* arguments fetched by the child in response to a yield signal */
Lock _yield_request_lock;
Resource_args _yield_request_args;
base: apply routing policy to environment sessions This patch changes the child-construction procedure to allow the routing of environment sessions to arbitrary servers, not only to the parent. In particular, it restores the ability to route the LOG session of the child to a LOG service provided by a child of init. In principle, it becomes possible to also route the immediate child's PD, CPU, and RAM environment sessions in arbitrary ways, which simplifies scenarios that intercept those sessions, e.g., the CPU sampler. Note that the latter ability should be used with great caution because init needs to interact with these sessions to create/destruct the child. Normally, the sessions are provided by the parent. So init is safe at all times. If they are routed to a child however, init will naturally become dependent on this particular child. For the LOG session, this is actually not a problem because even though the parent creates the LOG session as part of the child's environment, it never interacts with the session directly. Fixes #2197
2016-12-12 17:40:55 +01:00
/* sessions opened by the child */
Id_space<Client> _id_space;
typedef Session_state::Args Args;
/*
* Members that are initialized not before the child's environment is
* complete.
*/
void _try_construct_env_dependent_members();
/* heap for child-specific allocations using the child's quota */
Constructible<Heap> _heap;
/* factory for dynamically created session-state objects */
Constructible<Session_state::Factory> _session_factory;
Constructible<Initial_thread> _initial_thread;
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
Remove Genode::Process from API This patch makes the former 'Process' class private to the 'Child' class and changes the constructor of the 'Child' in a way that principally enables the implementation of single-threaded runtime environments that virtualize the CPU, PD, and RAM services. The new interfaces has become free from side effects. I.e., instead of implicitly using Genode::env()->rm_session(), it takes the reference to the local region map as argument. Also, the handling of the dynamic linker via global variables is gone. Now, the linker binary must be provided as constructor argument. Fixes #1949
2016-04-27 16:04:58 +02:00
struct Process
{
class Missing_dynamic_linker : Exception { };
class Invalid_executable : Exception { };
struct Loaded_executable
{
/**
* Initial instruction pointer of the new process, as defined
* in the header of the executable.
*/
addr_t entry;
/**
* Constructor parses the executable and sets up segment
* dataspaces
*
* \param local_rm local address space, needed to make the
* segment dataspaces temporarily visible in
* the local address space to initialize their
* content with the data from the 'elf_ds'
*
* \throw Region_map::Attach_failed
* \throw Invalid_executable
* \throw Missing_dynamic_linker
* \throw Ram_session::Alloc_failed
*/
Loaded_executable(Dataspace_capability elf_ds,
Dataspace_capability ldso_ds,
Ram_session &ram,
Region_map &local_rm,
Region_map &remote_rm,
Parent_capability parent_cap);
} loaded_executable;
/**
* Constructor
*
* \param ram RAM session used to allocate the BSS and
* DATA segments for the new process
* \param parent parent of the new protection domain
* \param name name of protection domain
*
* \throw Missing_dynamic_linker
* \throw Invalid_executable
* \throw Region_map::Attach_failed
* \throw Ram_session::Alloc_failed
*
* The other arguments correspond to those of 'Child::Child'.
*
* On construction of a protection domain, the initial thread is
* started immediately.
*
* The argument 'elf_ds' may be invalid to create an empty process.
* In this case, all process initialization steps except for the
* creation of the initial thread must be done manually, i.e., as
* done for implementing fork.
*/
Process(Dataspace_capability elf_ds,
Dataspace_capability ldso_ds,
Pd_session_capability pd_cap,
Pd_session &pd,
Ram_session &ram,
Separation of thread operations from CPU session This patch moves the thread operations from the 'Cpu_session' to the 'Cpu_thread' interface. A noteworthy semantic change is the meaning of the former 'exception_handler' function, which used to define both, the default exception handler or a thread-specific signal handler. Now, the 'Cpu_session::exception_sigh' function defines the CPU-session-wide default handler whereas the 'Cpu_thread::exception_sigh' function defines the thread-specific one. To retain the ability to create 'Child' objects without invoking a capability, the child's initial thread must be created outside the 'Child::Process'. It is now represented by the 'Child::Initial_thread', which is passed as argument to the 'Child' constructor. Fixes #1939
2016-05-10 18:05:38 +02:00
Initial_thread_base &initial_thread,
Remove Genode::Process from API This patch makes the former 'Process' class private to the 'Child' class and changes the constructor of the 'Child' in a way that principally enables the implementation of single-threaded runtime environments that virtualize the CPU, PD, and RAM services. The new interfaces has become free from side effects. I.e., instead of implicitly using Genode::env()->rm_session(), it takes the reference to the local region map as argument. Also, the handling of the dynamic linker via global variables is gone. Now, the linker binary must be provided as constructor argument. Fixes #1949
2016-04-27 16:04:58 +02:00
Region_map &local_rm,
Region_map &remote_rm,
Separation of thread operations from CPU session This patch moves the thread operations from the 'Cpu_session' to the 'Cpu_thread' interface. A noteworthy semantic change is the meaning of the former 'exception_handler' function, which used to define both, the default exception handler or a thread-specific signal handler. Now, the 'Cpu_session::exception_sigh' function defines the CPU-session-wide default handler whereas the 'Cpu_thread::exception_sigh' function defines the thread-specific one. To retain the ability to create 'Child' objects without invoking a capability, the child's initial thread must be created outside the 'Child::Process'. It is now represented by the 'Child::Initial_thread', which is passed as argument to the 'Child' constructor. Fixes #1939
2016-05-10 18:05:38 +02:00
Parent_capability parent);
Remove Genode::Process from API This patch makes the former 'Process' class private to the 'Child' class and changes the constructor of the 'Child' in a way that principally enables the implementation of single-threaded runtime environments that virtualize the CPU, PD, and RAM services. The new interfaces has become free from side effects. I.e., instead of implicitly using Genode::env()->rm_session(), it takes the reference to the local region map as argument. Also, the handling of the dynamic linker via global variables is gone. Now, the linker binary must be provided as constructor argument. Fixes #1949
2016-04-27 16:04:58 +02:00
~Process();
};
base: apply routing policy to environment sessions This patch changes the child-construction procedure to allow the routing of environment sessions to arbitrary servers, not only to the parent. In particular, it restores the ability to route the LOG session of the child to a LOG service provided by a child of init. In principle, it becomes possible to also route the immediate child's PD, CPU, and RAM environment sessions in arbitrary ways, which simplifies scenarios that intercept those sessions, e.g., the CPU sampler. Note that the latter ability should be used with great caution because init needs to interact with these sessions to create/destruct the child. Normally, the sessions are provided by the parent. So init is safe at all times. If they are routed to a child however, init will naturally become dependent on this particular child. For the LOG session, this is actually not a problem because even though the parent creates the LOG session as part of the child's environment, it never interacts with the session directly. Fixes #2197
2016-12-12 17:40:55 +01:00
Constructible<Process> _process;
/*
* The child's environment sessions
*/
template <typename CONNECTION>
struct Env_connection
{
typedef String<64> Label;
Args const _args;
Service &_service;
/*
* The 'Env_service' monitors session responses in order to attempt
* to 'Child::_try_construct_env_dependent_members()' on the
* arrival of environment sessions.
*/
struct Env_service : Service, Session_state::Ready_callback
{
Child &_child;
Service &_service;
Env_service(Child &child, Service &service)
:
Genode::Service(CONNECTION::service_name(), service.ram()),
_child(child), _service(service)
{ }
void initiate_request(Session_state &session) override
{
session.ready_callback = this;
session.async_client_notify = true;
_service.initiate_request(session);
}
/**
* Session_state::Ready_callback
*/
void session_ready(Session_state &session) override
{
_child._try_construct_env_dependent_members();
}
void wakeup() override { _service.wakeup(); }
} _env_service;
Local_connection<CONNECTION> _connection;
/**
* Construct session arguments with the child policy applied
*/
Args _construct_args(Child_policy &policy, Label const &label)
{
/* copy original arguments into modifiable buffer */
char buf[Session_state::Args::capacity()];
buf[0] = 0;
/* supply label as session argument */
if (label.valid())
Arg_string::set_arg_string(buf, sizeof(buf), "label", label.string());
/* apply policy to argument buffer */
policy.filter_session_args(CONNECTION::service_name(), buf, sizeof(buf));
return Session_state::Args(Cstring(buf));
}
static char const *_service_name() { return CONNECTION::service_name(); }
Env_connection(Child &child, Id_space<Parent::Client>::Id id,
Label const &label = Label())
:
_args(_construct_args(child._policy, label)),
_service(child._policy.resolve_session_request(_service_name(), _args)),
_env_service(child, _service),
_connection(_env_service, child._id_space, id, _args,
child._policy.filter_session_affinity(Affinity()))
{ }
typedef typename CONNECTION::Session_type SESSION;
SESSION &session() { return _connection.session(); }
Capability<SESSION> cap() const { return _connection.cap(); }
};
Env_connection<Ram_connection> _ram { *this, Env::ram(), _policy.name() };
Env_connection<Pd_connection> _pd { *this, Env::pd(), _policy.name() };
Env_connection<Cpu_connection> _cpu { *this, Env::cpu(), _policy.name() };
Env_connection<Log_connection> _log { *this, Env::log(), _policy.name() };
Env_connection<Rom_connection> _binary { *this, Env::binary(), _policy.binary_name() };
Constructible<Env_connection<Rom_connection> > _linker;
Dataspace_capability _linker_dataspace()
{
return _linker.constructed() ? _linker->session().dataspace()
: Rom_dataspace_capability();
}
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
void _revert_quota_and_destroy(Session_state &);
Close_result _close(Session_state &);
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
/**
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
* Session_state::Ready_callback
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
*/
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
void session_ready(Session_state &session) override;
base: redesign object pool using lambda interface Instead of returning pointers to locked objects via a lookup function, the new object pool implementation restricts object access to functors resp. lambda expressions that are applied to the objects within the pool itself. Fix #884 Fix #1658
2015-08-10 13:34:16 +02:00
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
/**
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
* Session_state::Closed_callback
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
*/
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
void session_closed(Session_state &) override;
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
public:
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
Apply affinity subspacing to session requests
2013-08-14 21:19:11 +02:00
/**
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
* Constructor
Apply affinity subspacing to session requests
2013-08-14 21:19:11 +02:00
*
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
* \param rm local address space, usually 'env.rm()'
* \param entrypoint entrypoint used to serve the parent interface of
* the child
* \param policy policy for the child
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
*
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
* \throw Parent::Service_denied if the initial sessions for the
* child's environment could not be
* opened
Apply affinity subspacing to session requests
2013-08-14 21:19:11 +02:00
*/
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
Child(Region_map &rm, Rpc_entrypoint &entrypoint, Child_policy &policy);
Apply affinity subspacing to session requests
2013-08-14 21:19:11 +02:00
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
/**
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
* Destructor
*
* On destruction of a child, we close all sessions of the child to
* other services.
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
*/
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
virtual ~Child();
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
base: apply routing policy to environment sessions This patch changes the child-construction procedure to allow the routing of environment sessions to arbitrary servers, not only to the parent. In particular, it restores the ability to route the LOG session of the child to a LOG service provided by a child of init. In principle, it becomes possible to also route the immediate child's PD, CPU, and RAM environment sessions in arbitrary ways, which simplifies scenarios that intercept those sessions, e.g., the CPU sampler. Note that the latter ability should be used with great caution because init needs to interact with these sessions to create/destruct the child. Normally, the sessions are provided by the parent. So init is safe at all times. If they are routed to a child however, init will naturally become dependent on this particular child. For the LOG session, this is actually not a problem because even though the parent creates the LOG session as part of the child's environment, it never interacts with the session directly. Fixes #2197
2016-12-12 17:40:55 +01:00
/**
* Return true if the child has been started
*
* After the child's construction, the child is not always able to run
* immediately. In particular, a session of the child's environment
* may still be pending. This method returns true only if the child's
* environment is completely initialized at the time of calling.
*
* If all environment sessions are immediately available (as is the
* case for local services or parent services), the return value is
* expected to be true. If this is not the case, one of child's
* environment sessions could not be established, e.g., the ROM session
* of the binary could not be obtained.
*/
bool active() const { return _process.constructed(); }
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
/**
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
* RAM quota unconditionally consumed by the child's environment
*/
static size_t env_ram_quota()
{
return Cpu_connection::RAM_QUOTA + Ram_connection::RAM_QUOTA +
Pd_connection::RAM_QUOTA + Log_connection::RAM_QUOTA +
2*Rom_connection::RAM_QUOTA;
}
/**
* Deduce session costs from usable ram quota
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
*/
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
static size_t effective_ram_quota(size_t const ram_quota)
{
if (ram_quota < env_ram_quota())
return 0;
Make Child's reference RAM session configurable The 'Child' framework used to perform the transfer of session quota using 'env()->ram_session()' as hard-wired reference account. When locally virtualizing the RAM session supplied to the 'Child', this policy does not work. When closing a session, core would try to transfer session quota to the virtualized RAM service, which is of course not possible. This patch makes the reference RAM session configable via the 'Child_policy' interface.
2012-02-15 22:36:54 +01:00
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
return ram_quota - env_ram_quota();
}
Add chroot support to core Since the recent move of the process creation into core, the original chroot trampoline mechanism implemented in 'os/src/app/chroot' does not work anymore. A process could simply escape the chroot environment by spawning a new process via core's PD service. Therefore, this patch moves the chroot support into core. So the chroot policy becomes mandatory part of the process creation. For each process created by core, core checks for 'root' argument of the PD session. If a path is present, core takes the precautions needed to execute the new process in the specified chroot environment. This conceptual change implies minor changes with respect to the Genode API and the configuration of the init process. The API changes are the enhancement of the 'Genode::Child' and 'Genode::Process' constructors to take the root path as argument. Init supports the specification of a chroot per process by specifying the new 'root' attribute to the '<start>' node of the process. In line with these changes, the 'Loader::Session::start' function has been enhanced with the additional (optional) root argument.
2012-10-24 16:27:26 +02:00
/**
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
* Return heap that uses the child's quota
Add chroot support to core Since the recent move of the process creation into core, the original chroot trampoline mechanism implemented in 'os/src/app/chroot' does not work anymore. A process could simply escape the chroot environment by spawning a new process via core's PD service. Therefore, this patch moves the chroot support into core. So the chroot policy becomes mandatory part of the process creation. For each process created by core, core checks for 'root' argument of the PD session. If a path is present, core takes the precautions needed to execute the new process in the specified chroot environment. This conceptual change implies minor changes with respect to the Genode API and the configuration of the init process. The API changes are the enhancement of the 'Genode::Child' and 'Genode::Process' constructors to take the root path as argument. Init supports the specification of a chroot per process by specifying the new 'root' attribute to the '<start>' node of the process. In line with these changes, the 'Loader::Session::start' function has been enhanced with the additional (optional) root argument.
2012-10-24 16:27:26 +02:00
*/
base: apply routing policy to environment sessions This patch changes the child-construction procedure to allow the routing of environment sessions to arbitrary servers, not only to the parent. In particular, it restores the ability to route the LOG session of the child to a LOG service provided by a child of init. In principle, it becomes possible to also route the immediate child's PD, CPU, and RAM environment sessions in arbitrary ways, which simplifies scenarios that intercept those sessions, e.g., the CPU sampler. Note that the latter ability should be used with great caution because init needs to interact with these sessions to create/destruct the child. Normally, the sessions are provided by the parent. So init is safe at all times. If they are routed to a child however, init will naturally become dependent on this particular child. For the LOG session, this is actually not a problem because even though the parent creates the LOG session as part of the child's environment, it never interacts with the session directly. Fixes #2197
2016-12-12 17:40:55 +01:00
Allocator &heap() { return *_heap; }
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
Ram_session_capability ram_session_cap() const { return _ram.cap(); }
Parent_capability parent_cap() const { return cap(); }
Ram_session &ram() { return _ram.session(); }
Cpu_session &cpu() { return _cpu.session(); }
Pd_session &pd() { return _pd .session(); }
base: apply routing policy to environment sessions This patch changes the child-construction procedure to allow the routing of environment sessions to arbitrary servers, not only to the parent. In particular, it restores the ability to route the LOG session of the child to a LOG service provided by a child of init. In principle, it becomes possible to also route the immediate child's PD, CPU, and RAM environment sessions in arbitrary ways, which simplifies scenarios that intercept those sessions, e.g., the CPU sampler. Note that the latter ability should be used with great caution because init needs to interact with these sessions to create/destruct the child. Normally, the sessions are provided by the parent. So init is safe at all times. If they are routed to a child however, init will naturally become dependent on this particular child. For the LOG session, this is actually not a problem because even though the parent creates the LOG session as part of the child's environment, it never interacts with the session directly. Fixes #2197
2016-12-12 17:40:55 +01:00
/**
* Exception type
*/
class Inactive : Exception { };
/**
* Request factory for creating session-state objects
*
* \throw Inactive factory cannot by provided because the child it
* not yet completely initialized.
*/
Session_state::Factory &session_factory()
{
if (_session_factory.constructed())
return *_session_factory;
throw Inactive();
}
Implement resource-balancing in parent interface
2013-09-25 10:51:57 +02:00
/**
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
* Instruct the child to yield resources
Implement resource-balancing in parent interface
2013-09-25 10:51:57 +02:00
*
Revised API documentation This patch curates the API documentation to become suitable for the functional specificaton, which is partially generated from the header files.
2015-03-20 17:50:41 +01:00
* By calling this method, the child will be notified about the
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
* need to release the specified amount of resources. For more
* details about the protocol between a child and its parent,
* refer to the description given in 'parent/parent.h'.
Implement resource-balancing in parent interface
2013-09-25 10:51:57 +02:00
*/
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
void yield(Resource_args const &args);
Implement resource-balancing in parent interface
2013-09-25 10:51:57 +02:00
/**
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
* Notify the child about newly available resources
Implement resource-balancing in parent interface
2013-09-25 10:51:57 +02:00
*/
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
void notify_resource_avail() const;
/**********************
** Parent interface **
**********************/
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
void announce(Service_name const &) override;
void session_sigh(Signal_context_capability) override;
Session_capability session(Client::Id, Service_name const &,
Session_args const &, Affinity const &) override;
Session_capability session_cap(Client::Id) override;
Upgrade_result upgrade(Client::Id, Upgrade_args const &) override;
Close_result close(Client::Id) override;
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
void exit(int) override;
Remove blocking calls from root and parent RPCs This is a redesign of the root and parent interfaces to eliminate blocking RPC calls. - New session representation at the parent (base/session_state.h) - base-internal root proxy mechanism as migration path - Redesign of base/service.h - Removes ancient 'Connection::KEEP_OPEN' feature - Interface change of 'Child', 'Child_policy', 'Slave', 'Slave_policy' - New 'Slave::Connection' - Changed child-construction procedure to be compatible with the non-blocking parent interface and to be easier to use - The child's initial LOG session, its binary ROM session, and the linker ROM session have become part of the child's envirenment. - Session upgrading must now be performed via 'env.upgrade' instead of performing a sole RPC call the parent. To make RAM upgrades easier, the 'Connection' provides a new 'upgrade_ram' method. Issue #2120
2016-11-06 14:26:34 +01:00
void session_response(Server::Id, Session_response) override;
void deliver_session_cap(Server::Id, Session_capability) override;
base,os: Coding-style unification Fixes #1432
2015-03-04 21:12:14 +01:00
Thread_capability main_thread_cap() const override;
void resource_avail_sigh(Signal_context_capability) override;
void resource_request(Resource_args const &) override;
void yield_sigh(Signal_context_capability) override;
Resource_args yield_request() override;
void yield_response() override;
};
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
#endif /* _INCLUDE__BASE__CHILD_H_ */