ehmry/genode
ehmry
/
genode
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
genode/repos/base-foc/src/core/platform_thread.cc

329 lines
7.7 KiB
C++
Raw Normal View History

Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
/*
* \brief Fiasco thread facility
* \author Stefan Kalkowski
* \date 2011-01-04
*/
/*
Update copyright headers to 2013
2013-01-10 21:44:47 +01:00
* Copyright (C) 2011-2013 Genode Labs GmbH
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
*
* This file is part of the Genode OS framework, which is distributed
* under the terms of the GNU General Public License version 2.
*/
/* Genode includes */
#include <base/ipc.h>
#include <base/printf.h>
#include <util/string.h>
/* core includes */
#include <platform_thread.h>
#include <platform.h>
#include <core_env.h>
/* Fiasco includes */
namespace Fiasco {
#include <l4/sys/debugger.h>
#include <l4/sys/factory.h>
#include <l4/sys/irq.h>
#include <l4/sys/scheduler.h>
#include <l4/sys/thread.h>
#include <l4/sys/types.h>
}
using namespace Genode;
using namespace Fiasco;
int Platform_thread::start(void *ip, void *sp)
{
Fiasco.OC: introduce Cap_index (fixes #149, #112) This commit introduces a Cap_index class for Fiasco.OC's capabilities. A Cap_index is a combination of the global capability id, that is used by Genode to correctly identify a kernel-object, and a corresponding entry in a protection-domain's (kernel-)capability-space. The cap-indices are non-copyable, unique objects, that are held in a Cap_map. The Cap_map is used to re-find capabilities already present in the protection-domain, when a capability is received via IPC. The retrieval of capabilities effectively fixes issue #112, meaning the waste of capability-space entries. Because Cap_index objects are non-copyable (their address indicates the position in the capability-space of the pd), they are inappropriate to use as Native_capability. Therefore, Native_capability is implemented as a reference to Cap_index objects. This design seems to be a good pre-condition to implement smart-pointers for entries in the capability-space, and thereby closing existing leaks (please refer to issue #32). Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way, that it should be relatively easy to apply the same concept to NOVA also. By now, these classes are located in the `base-foc` repository, but they intentionally contain no Fiasco.OC specific elements. The previously explained changes had extensive impact on the whole Fiasco.OC platform implementation, due to various dependencies. The following things had to be changed: * The Thread object's startup and destruction routine is re-arranged, to enable another thread (that calls the Thread destructor) gaining the capability id of the thread's gate to remove it from the Cap_map, the thread's UTCB had to be made available to the caller, because there is the current location of that id. After having the UTCB available in the Thread object for that reason, the whole thread bootstrapping could be simplified. * In the course of changing the Native_capability's semantic, a new Cap_mapping class was introduced in core, that facilitates the establishment and destruction of capability mappings between core and it's client's, especially mappings related to Platform_thread and Platform_task, that are relevant to task and thread creation and destruction. Thereby, the destruction of threads had to be reworked, which effectively removed a bug (issue #149) where some threads weren't destroyed properly. * In the quick fix for issue #112, something similar to the Cap_map was introduced available in all processes. Moreover, some kind of a capability map already existed in core, to handle cap-session request properly. The introduction of the Cap_map unified both structures, so that the cap-session component code in core had to be reworked too. * The platform initialization code had to be changed sligthly due to the changes in Native_capability * The vcpu initialization in the L4Linux support library had to be adapted according to the already mentioned changes in the Thread object's bootstrap code.
2012-03-15 12:41:24 +01:00
/* map the pager cap */
if (_platform_pd)
Fiasco.OC: fix capability ref-counter issue in core The Cap_mapping abstraction in core shouldn't use a Cap_index directly, but use Native_capability instead, as it can break reference-counting, as long as the same Cap_index gets used in a Cap_mapping and a Native_capability. This commit finally fixes #208.
2012-08-29 17:07:38 +02:00
_pager.map(_platform_pd->native_task().dst());
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
/* reserve utcb area and associate thread with this task */
l4_thread_control_start();
Fiasco.OC: introduce Cap_index (fixes #149, #112) This commit introduces a Cap_index class for Fiasco.OC's capabilities. A Cap_index is a combination of the global capability id, that is used by Genode to correctly identify a kernel-object, and a corresponding entry in a protection-domain's (kernel-)capability-space. The cap-indices are non-copyable, unique objects, that are held in a Cap_map. The Cap_map is used to re-find capabilities already present in the protection-domain, when a capability is received via IPC. The retrieval of capabilities effectively fixes issue #112, meaning the waste of capability-space entries. Because Cap_index objects are non-copyable (their address indicates the position in the capability-space of the pd), they are inappropriate to use as Native_capability. Therefore, Native_capability is implemented as a reference to Cap_index objects. This design seems to be a good pre-condition to implement smart-pointers for entries in the capability-space, and thereby closing existing leaks (please refer to issue #32). Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way, that it should be relatively easy to apply the same concept to NOVA also. By now, these classes are located in the `base-foc` repository, but they intentionally contain no Fiasco.OC specific elements. The previously explained changes had extensive impact on the whole Fiasco.OC platform implementation, due to various dependencies. The following things had to be changed: * The Thread object's startup and destruction routine is re-arranged, to enable another thread (that calls the Thread destructor) gaining the capability id of the thread's gate to remove it from the Cap_map, the thread's UTCB had to be made available to the caller, because there is the current location of that id. After having the UTCB available in the Thread object for that reason, the whole thread bootstrapping could be simplified. * In the course of changing the Native_capability's semantic, a new Cap_mapping class was introduced in core, that facilitates the establishment and destruction of capability mappings between core and it's client's, especially mappings related to Platform_thread and Platform_task, that are relevant to task and thread creation and destruction. Thereby, the destruction of threads had to be reworked, which effectively removed a bug (issue #149) where some threads weren't destroyed properly. * In the quick fix for issue #112, something similar to the Cap_map was introduced available in all processes. Moreover, some kind of a capability map already existed in core, to handle cap-session request properly. The introduction of the Cap_map unified both structures, so that the cap-session component code in core had to be reworked too. * The platform initialization code had to be changed sligthly due to the changes in Native_capability * The vcpu initialization in the L4Linux support library had to be adapted according to the already mentioned changes in the Thread object's bootstrap code.
2012-03-15 12:41:24 +01:00
l4_thread_control_pager(_pager.remote);
l4_thread_control_exc_handler(_pager.remote);
base: hide internals of the Thread API This patch moves details about the stack allocation and organization the base-internal headers. Thereby, I replaced the notion of "thread contexts" by "stacks" as this term is much more intuitive. The fact that we place thread-specific information at the bottom of the stack is not worth introducing new terminology. Issue #1832
2016-01-23 14:42:55 +01:00
l4_thread_control_bind((l4_utcb_t *)_utcb, _platform_pd->native_task().dst());
Fiasco.OC: fix capability ref-counter issue in core The Cap_mapping abstraction in core shouldn't use a Cap_index directly, but use Native_capability instead, as it can break reference-counting, as long as the same Cap_index gets used in a Cap_mapping and a Native_capability. This commit finally fixes #208.
2012-08-29 17:07:38 +02:00
l4_msgtag_t tag = l4_thread_control_commit(_thread.local.dst());
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
if (l4_msgtag_has_error(tag)) {
PWRN("l4_thread_control_commit for %lx failed!",
Fiasco.OC: fix capability ref-counter issue in core The Cap_mapping abstraction in core shouldn't use a Cap_index directly, but use Native_capability instead, as it can break reference-counting, as long as the same Cap_index gets used in a Cap_mapping and a Native_capability. This commit finally fixes #208.
2012-08-29 17:07:38 +02:00
(unsigned long) _thread.local.dst());
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
return -1;
}
base-foc: introduce state in platform thread When destroying a thread, which was not bound to a protection domain via kernel primitives beforehand, it is critical to change the pager and exregs the thread in the destruction process. Therefore, this commit introduces two thread states: DEAD and RUNNING. On the basis of the thread state, we can decide whether to reset the thread before destroying it, or not.
2013-03-26 17:23:40 +01:00
_state = RUNNING;
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
/* set ip and sp and run the thread */
Fiasco.OC: fix capability ref-counter issue in core The Cap_mapping abstraction in core shouldn't use a Cap_index directly, but use Native_capability instead, as it can break reference-counting, as long as the same Cap_index gets used in a Cap_mapping and a Native_capability. This commit finally fixes #208.
2012-08-29 17:07:38 +02:00
tag = l4_thread_ex_regs(_thread.local.dst(), (l4_addr_t) ip,
Fiasco.OC: introduce Cap_index (fixes #149, #112) This commit introduces a Cap_index class for Fiasco.OC's capabilities. A Cap_index is a combination of the global capability id, that is used by Genode to correctly identify a kernel-object, and a corresponding entry in a protection-domain's (kernel-)capability-space. The cap-indices are non-copyable, unique objects, that are held in a Cap_map. The Cap_map is used to re-find capabilities already present in the protection-domain, when a capability is received via IPC. The retrieval of capabilities effectively fixes issue #112, meaning the waste of capability-space entries. Because Cap_index objects are non-copyable (their address indicates the position in the capability-space of the pd), they are inappropriate to use as Native_capability. Therefore, Native_capability is implemented as a reference to Cap_index objects. This design seems to be a good pre-condition to implement smart-pointers for entries in the capability-space, and thereby closing existing leaks (please refer to issue #32). Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way, that it should be relatively easy to apply the same concept to NOVA also. By now, these classes are located in the `base-foc` repository, but they intentionally contain no Fiasco.OC specific elements. The previously explained changes had extensive impact on the whole Fiasco.OC platform implementation, due to various dependencies. The following things had to be changed: * The Thread object's startup and destruction routine is re-arranged, to enable another thread (that calls the Thread destructor) gaining the capability id of the thread's gate to remove it from the Cap_map, the thread's UTCB had to be made available to the caller, because there is the current location of that id. After having the UTCB available in the Thread object for that reason, the whole thread bootstrapping could be simplified. * In the course of changing the Native_capability's semantic, a new Cap_mapping class was introduced in core, that facilitates the establishment and destruction of capability mappings between core and it's client's, especially mappings related to Platform_thread and Platform_task, that are relevant to task and thread creation and destruction. Thereby, the destruction of threads had to be reworked, which effectively removed a bug (issue #149) where some threads weren't destroyed properly. * In the quick fix for issue #112, something similar to the Cap_map was introduced available in all processes. Moreover, some kind of a capability map already existed in core, to handle cap-session request properly. The introduction of the Cap_map unified both structures, so that the cap-session component code in core had to be reworked too. * The platform initialization code had to be changed sligthly due to the changes in Native_capability * The vcpu initialization in the L4Linux support library had to be adapted according to the already mentioned changes in the Thread object's bootstrap code.
2012-03-15 12:41:24 +01:00
(l4_addr_t) sp, 0);
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
if (l4_msgtag_has_error(tag)) {
PWRN("l4_thread_ex_regs failed!");
return -1;
}
return 0;
}
void Platform_thread::pause()
{
Fiasco.OC: introduce Cap_index (fixes #149, #112) This commit introduces a Cap_index class for Fiasco.OC's capabilities. A Cap_index is a combination of the global capability id, that is used by Genode to correctly identify a kernel-object, and a corresponding entry in a protection-domain's (kernel-)capability-space. The cap-indices are non-copyable, unique objects, that are held in a Cap_map. The Cap_map is used to re-find capabilities already present in the protection-domain, when a capability is received via IPC. The retrieval of capabilities effectively fixes issue #112, meaning the waste of capability-space entries. Because Cap_index objects are non-copyable (their address indicates the position in the capability-space of the pd), they are inappropriate to use as Native_capability. Therefore, Native_capability is implemented as a reference to Cap_index objects. This design seems to be a good pre-condition to implement smart-pointers for entries in the capability-space, and thereby closing existing leaks (please refer to issue #32). Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way, that it should be relatively easy to apply the same concept to NOVA also. By now, these classes are located in the `base-foc` repository, but they intentionally contain no Fiasco.OC specific elements. The previously explained changes had extensive impact on the whole Fiasco.OC platform implementation, due to various dependencies. The following things had to be changed: * The Thread object's startup and destruction routine is re-arranged, to enable another thread (that calls the Thread destructor) gaining the capability id of the thread's gate to remove it from the Cap_map, the thread's UTCB had to be made available to the caller, because there is the current location of that id. After having the UTCB available in the Thread object for that reason, the whole thread bootstrapping could be simplified. * In the course of changing the Native_capability's semantic, a new Cap_mapping class was introduced in core, that facilitates the establishment and destruction of capability mappings between core and it's client's, especially mappings related to Platform_thread and Platform_task, that are relevant to task and thread creation and destruction. Thereby, the destruction of threads had to be reworked, which effectively removed a bug (issue #149) where some threads weren't destroyed properly. * In the quick fix for issue #112, something similar to the Cap_map was introduced available in all processes. Moreover, some kind of a capability map already existed in core, to handle cap-session request properly. The introduction of the Cap_map unified both structures, so that the cap-session component code in core had to be reworked too. * The platform initialization code had to be changed sligthly due to the changes in Native_capability * The vcpu initialization in the L4Linux support library had to be adapted according to the already mentioned changes in the Thread object's bootstrap code.
2012-03-15 12:41:24 +01:00
if (!_pager_obj)
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
return;
Fiasco.OC: introduce Cap_index (fixes #149, #112) This commit introduces a Cap_index class for Fiasco.OC's capabilities. A Cap_index is a combination of the global capability id, that is used by Genode to correctly identify a kernel-object, and a corresponding entry in a protection-domain's (kernel-)capability-space. The cap-indices are non-copyable, unique objects, that are held in a Cap_map. The Cap_map is used to re-find capabilities already present in the protection-domain, when a capability is received via IPC. The retrieval of capabilities effectively fixes issue #112, meaning the waste of capability-space entries. Because Cap_index objects are non-copyable (their address indicates the position in the capability-space of the pd), they are inappropriate to use as Native_capability. Therefore, Native_capability is implemented as a reference to Cap_index objects. This design seems to be a good pre-condition to implement smart-pointers for entries in the capability-space, and thereby closing existing leaks (please refer to issue #32). Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way, that it should be relatively easy to apply the same concept to NOVA also. By now, these classes are located in the `base-foc` repository, but they intentionally contain no Fiasco.OC specific elements. The previously explained changes had extensive impact on the whole Fiasco.OC platform implementation, due to various dependencies. The following things had to be changed: * The Thread object's startup and destruction routine is re-arranged, to enable another thread (that calls the Thread destructor) gaining the capability id of the thread's gate to remove it from the Cap_map, the thread's UTCB had to be made available to the caller, because there is the current location of that id. After having the UTCB available in the Thread object for that reason, the whole thread bootstrapping could be simplified. * In the course of changing the Native_capability's semantic, a new Cap_mapping class was introduced in core, that facilitates the establishment and destruction of capability mappings between core and it's client's, especially mappings related to Platform_thread and Platform_task, that are relevant to task and thread creation and destruction. Thereby, the destruction of threads had to be reworked, which effectively removed a bug (issue #149) where some threads weren't destroyed properly. * In the quick fix for issue #112, something similar to the Cap_map was introduced available in all processes. Moreover, some kind of a capability map already existed in core, to handle cap-session request properly. The introduction of the Cap_map unified both structures, so that the cap-session component code in core had to be reworked too. * The platform initialization code had to be changed sligthly due to the changes in Native_capability * The vcpu initialization in the L4Linux support library had to be adapted according to the already mentioned changes in the Thread object's bootstrap code.
2012-03-15 12:41:24 +01:00
_pager_obj->state.lock.lock();
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
Fiasco.OC: introduce Cap_index (fixes #149, #112) This commit introduces a Cap_index class for Fiasco.OC's capabilities. A Cap_index is a combination of the global capability id, that is used by Genode to correctly identify a kernel-object, and a corresponding entry in a protection-domain's (kernel-)capability-space. The cap-indices are non-copyable, unique objects, that are held in a Cap_map. The Cap_map is used to re-find capabilities already present in the protection-domain, when a capability is received via IPC. The retrieval of capabilities effectively fixes issue #112, meaning the waste of capability-space entries. Because Cap_index objects are non-copyable (their address indicates the position in the capability-space of the pd), they are inappropriate to use as Native_capability. Therefore, Native_capability is implemented as a reference to Cap_index objects. This design seems to be a good pre-condition to implement smart-pointers for entries in the capability-space, and thereby closing existing leaks (please refer to issue #32). Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way, that it should be relatively easy to apply the same concept to NOVA also. By now, these classes are located in the `base-foc` repository, but they intentionally contain no Fiasco.OC specific elements. The previously explained changes had extensive impact on the whole Fiasco.OC platform implementation, due to various dependencies. The following things had to be changed: * The Thread object's startup and destruction routine is re-arranged, to enable another thread (that calls the Thread destructor) gaining the capability id of the thread's gate to remove it from the Cap_map, the thread's UTCB had to be made available to the caller, because there is the current location of that id. After having the UTCB available in the Thread object for that reason, the whole thread bootstrapping could be simplified. * In the course of changing the Native_capability's semantic, a new Cap_mapping class was introduced in core, that facilitates the establishment and destruction of capability mappings between core and it's client's, especially mappings related to Platform_thread and Platform_task, that are relevant to task and thread creation and destruction. Thereby, the destruction of threads had to be reworked, which effectively removed a bug (issue #149) where some threads weren't destroyed properly. * In the quick fix for issue #112, something similar to the Cap_map was introduced available in all processes. Moreover, some kind of a capability map already existed in core, to handle cap-session request properly. The introduction of the Cap_map unified both structures, so that the cap-session component code in core had to be reworked too. * The platform initialization code had to be changed sligthly due to the changes in Native_capability * The vcpu initialization in the L4Linux support library had to be adapted according to the already mentioned changes in the Thread object's bootstrap code.
2012-03-15 12:41:24 +01:00
if (_pager_obj->state.paused == true) {
_pager_obj->state.lock.unlock();
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
return;
}
Fiasco.OC: introduce Cap_index (fixes #149, #112) This commit introduces a Cap_index class for Fiasco.OC's capabilities. A Cap_index is a combination of the global capability id, that is used by Genode to correctly identify a kernel-object, and a corresponding entry in a protection-domain's (kernel-)capability-space. The cap-indices are non-copyable, unique objects, that are held in a Cap_map. The Cap_map is used to re-find capabilities already present in the protection-domain, when a capability is received via IPC. The retrieval of capabilities effectively fixes issue #112, meaning the waste of capability-space entries. Because Cap_index objects are non-copyable (their address indicates the position in the capability-space of the pd), they are inappropriate to use as Native_capability. Therefore, Native_capability is implemented as a reference to Cap_index objects. This design seems to be a good pre-condition to implement smart-pointers for entries in the capability-space, and thereby closing existing leaks (please refer to issue #32). Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way, that it should be relatively easy to apply the same concept to NOVA also. By now, these classes are located in the `base-foc` repository, but they intentionally contain no Fiasco.OC specific elements. The previously explained changes had extensive impact on the whole Fiasco.OC platform implementation, due to various dependencies. The following things had to be changed: * The Thread object's startup and destruction routine is re-arranged, to enable another thread (that calls the Thread destructor) gaining the capability id of the thread's gate to remove it from the Cap_map, the thread's UTCB had to be made available to the caller, because there is the current location of that id. After having the UTCB available in the Thread object for that reason, the whole thread bootstrapping could be simplified. * In the course of changing the Native_capability's semantic, a new Cap_mapping class was introduced in core, that facilitates the establishment and destruction of capability mappings between core and it's client's, especially mappings related to Platform_thread and Platform_task, that are relevant to task and thread creation and destruction. Thereby, the destruction of threads had to be reworked, which effectively removed a bug (issue #149) where some threads weren't destroyed properly. * In the quick fix for issue #112, something similar to the Cap_map was introduced available in all processes. Moreover, some kind of a capability map already existed in core, to handle cap-session request properly. The introduction of the Cap_map unified both structures, so that the cap-session component code in core had to be reworked too. * The platform initialization code had to be changed sligthly due to the changes in Native_capability * The vcpu initialization in the L4Linux support library had to be adapted according to the already mentioned changes in the Thread object's bootstrap code.
2012-03-15 12:41:24 +01:00
unsigned exc = _pager_obj->state.exceptions;
_pager_obj->state.ip = ~0UL;
_pager_obj->state.sp = ~0UL;
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
l4_umword_t flags = L4_THREAD_EX_REGS_TRIGGER_EXCEPTION;
/* Mark thread to be stopped */
Fiasco.OC: introduce Cap_index (fixes #149, #112) This commit introduces a Cap_index class for Fiasco.OC's capabilities. A Cap_index is a combination of the global capability id, that is used by Genode to correctly identify a kernel-object, and a corresponding entry in a protection-domain's (kernel-)capability-space. The cap-indices are non-copyable, unique objects, that are held in a Cap_map. The Cap_map is used to re-find capabilities already present in the protection-domain, when a capability is received via IPC. The retrieval of capabilities effectively fixes issue #112, meaning the waste of capability-space entries. Because Cap_index objects are non-copyable (their address indicates the position in the capability-space of the pd), they are inappropriate to use as Native_capability. Therefore, Native_capability is implemented as a reference to Cap_index objects. This design seems to be a good pre-condition to implement smart-pointers for entries in the capability-space, and thereby closing existing leaks (please refer to issue #32). Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way, that it should be relatively easy to apply the same concept to NOVA also. By now, these classes are located in the `base-foc` repository, but they intentionally contain no Fiasco.OC specific elements. The previously explained changes had extensive impact on the whole Fiasco.OC platform implementation, due to various dependencies. The following things had to be changed: * The Thread object's startup and destruction routine is re-arranged, to enable another thread (that calls the Thread destructor) gaining the capability id of the thread's gate to remove it from the Cap_map, the thread's UTCB had to be made available to the caller, because there is the current location of that id. After having the UTCB available in the Thread object for that reason, the whole thread bootstrapping could be simplified. * In the course of changing the Native_capability's semantic, a new Cap_mapping class was introduced in core, that facilitates the establishment and destruction of capability mappings between core and it's client's, especially mappings related to Platform_thread and Platform_task, that are relevant to task and thread creation and destruction. Thereby, the destruction of threads had to be reworked, which effectively removed a bug (issue #149) where some threads weren't destroyed properly. * In the quick fix for issue #112, something similar to the Cap_map was introduced available in all processes. Moreover, some kind of a capability map already existed in core, to handle cap-session request properly. The introduction of the Cap_map unified both structures, so that the cap-session component code in core had to be reworked too. * The platform initialization code had to be changed sligthly due to the changes in Native_capability * The vcpu initialization in the L4Linux support library had to be adapted according to the already mentioned changes in the Thread object's bootstrap code.
2012-03-15 12:41:24 +01:00
_pager_obj->state.paused = true;
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
/*
* Force the thread to be paused to trigger an exception.
* The pager thread, which also acts as exception handler, will
* leave the thread in exception state until, it gets woken again
*/
Fiasco.OC: fix capability ref-counter issue in core The Cap_mapping abstraction in core shouldn't use a Cap_index directly, but use Native_capability instead, as it can break reference-counting, as long as the same Cap_index gets used in a Cap_mapping and a Native_capability. This commit finally fixes #208.
2012-08-29 17:07:38 +02:00
l4_thread_ex_regs_ret(_thread.local.dst(), &_pager_obj->state.ip,
Fiasco.OC: introduce Cap_index (fixes #149, #112) This commit introduces a Cap_index class for Fiasco.OC's capabilities. A Cap_index is a combination of the global capability id, that is used by Genode to correctly identify a kernel-object, and a corresponding entry in a protection-domain's (kernel-)capability-space. The cap-indices are non-copyable, unique objects, that are held in a Cap_map. The Cap_map is used to re-find capabilities already present in the protection-domain, when a capability is received via IPC. The retrieval of capabilities effectively fixes issue #112, meaning the waste of capability-space entries. Because Cap_index objects are non-copyable (their address indicates the position in the capability-space of the pd), they are inappropriate to use as Native_capability. Therefore, Native_capability is implemented as a reference to Cap_index objects. This design seems to be a good pre-condition to implement smart-pointers for entries in the capability-space, and thereby closing existing leaks (please refer to issue #32). Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way, that it should be relatively easy to apply the same concept to NOVA also. By now, these classes are located in the `base-foc` repository, but they intentionally contain no Fiasco.OC specific elements. The previously explained changes had extensive impact on the whole Fiasco.OC platform implementation, due to various dependencies. The following things had to be changed: * The Thread object's startup and destruction routine is re-arranged, to enable another thread (that calls the Thread destructor) gaining the capability id of the thread's gate to remove it from the Cap_map, the thread's UTCB had to be made available to the caller, because there is the current location of that id. After having the UTCB available in the Thread object for that reason, the whole thread bootstrapping could be simplified. * In the course of changing the Native_capability's semantic, a new Cap_mapping class was introduced in core, that facilitates the establishment and destruction of capability mappings between core and it's client's, especially mappings related to Platform_thread and Platform_task, that are relevant to task and thread creation and destruction. Thereby, the destruction of threads had to be reworked, which effectively removed a bug (issue #149) where some threads weren't destroyed properly. * In the quick fix for issue #112, something similar to the Cap_map was introduced available in all processes. Moreover, some kind of a capability map already existed in core, to handle cap-session request properly. The introduction of the Cap_map unified both structures, so that the cap-session component code in core had to be reworked too. * The platform initialization code had to be changed sligthly due to the changes in Native_capability * The vcpu initialization in the L4Linux support library had to be adapted according to the already mentioned changes in the Thread object's bootstrap code.
2012-03-15 12:41:24 +01:00
&_pager_obj->state.sp, &flags);
foc: Select "thread-ready" bit in pause function
2013-03-14 16:34:56 +01:00
/*
* The thread state ("ready") is encoded in the lowest bit of the flags.
*/
bool in_syscall = (flags & 1) == 0;
Fiasco.OC: introduce Cap_index (fixes #149, #112) This commit introduces a Cap_index class for Fiasco.OC's capabilities. A Cap_index is a combination of the global capability id, that is used by Genode to correctly identify a kernel-object, and a corresponding entry in a protection-domain's (kernel-)capability-space. The cap-indices are non-copyable, unique objects, that are held in a Cap_map. The Cap_map is used to re-find capabilities already present in the protection-domain, when a capability is received via IPC. The retrieval of capabilities effectively fixes issue #112, meaning the waste of capability-space entries. Because Cap_index objects are non-copyable (their address indicates the position in the capability-space of the pd), they are inappropriate to use as Native_capability. Therefore, Native_capability is implemented as a reference to Cap_index objects. This design seems to be a good pre-condition to implement smart-pointers for entries in the capability-space, and thereby closing existing leaks (please refer to issue #32). Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way, that it should be relatively easy to apply the same concept to NOVA also. By now, these classes are located in the `base-foc` repository, but they intentionally contain no Fiasco.OC specific elements. The previously explained changes had extensive impact on the whole Fiasco.OC platform implementation, due to various dependencies. The following things had to be changed: * The Thread object's startup and destruction routine is re-arranged, to enable another thread (that calls the Thread destructor) gaining the capability id of the thread's gate to remove it from the Cap_map, the thread's UTCB had to be made available to the caller, because there is the current location of that id. After having the UTCB available in the Thread object for that reason, the whole thread bootstrapping could be simplified. * In the course of changing the Native_capability's semantic, a new Cap_mapping class was introduced in core, that facilitates the establishment and destruction of capability mappings between core and it's client's, especially mappings related to Platform_thread and Platform_task, that are relevant to task and thread creation and destruction. Thereby, the destruction of threads had to be reworked, which effectively removed a bug (issue #149) where some threads weren't destroyed properly. * In the quick fix for issue #112, something similar to the Cap_map was introduced available in all processes. Moreover, some kind of a capability map already existed in core, to handle cap-session request properly. The introduction of the Cap_map unified both structures, so that the cap-session component code in core had to be reworked too. * The platform initialization code had to be changed sligthly due to the changes in Native_capability * The vcpu initialization in the L4Linux support library had to be adapted according to the already mentioned changes in the Thread object's bootstrap code.
2012-03-15 12:41:24 +01:00
_pager_obj->state.lock.unlock();
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
/**
* Check whether the thread was in ongoing ipc, if so it won't raise
* an exception before ipc is completed.
*/
if (!in_syscall) {
/*
* Wait until the pager thread got an exception from
* the requested thread, and stored its thread state
*/
Fiasco.OC: introduce Cap_index (fixes #149, #112) This commit introduces a Cap_index class for Fiasco.OC's capabilities. A Cap_index is a combination of the global capability id, that is used by Genode to correctly identify a kernel-object, and a corresponding entry in a protection-domain's (kernel-)capability-space. The cap-indices are non-copyable, unique objects, that are held in a Cap_map. The Cap_map is used to re-find capabilities already present in the protection-domain, when a capability is received via IPC. The retrieval of capabilities effectively fixes issue #112, meaning the waste of capability-space entries. Because Cap_index objects are non-copyable (their address indicates the position in the capability-space of the pd), they are inappropriate to use as Native_capability. Therefore, Native_capability is implemented as a reference to Cap_index objects. This design seems to be a good pre-condition to implement smart-pointers for entries in the capability-space, and thereby closing existing leaks (please refer to issue #32). Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way, that it should be relatively easy to apply the same concept to NOVA also. By now, these classes are located in the `base-foc` repository, but they intentionally contain no Fiasco.OC specific elements. The previously explained changes had extensive impact on the whole Fiasco.OC platform implementation, due to various dependencies. The following things had to be changed: * The Thread object's startup and destruction routine is re-arranged, to enable another thread (that calls the Thread destructor) gaining the capability id of the thread's gate to remove it from the Cap_map, the thread's UTCB had to be made available to the caller, because there is the current location of that id. After having the UTCB available in the Thread object for that reason, the whole thread bootstrapping could be simplified. * In the course of changing the Native_capability's semantic, a new Cap_mapping class was introduced in core, that facilitates the establishment and destruction of capability mappings between core and it's client's, especially mappings related to Platform_thread and Platform_task, that are relevant to task and thread creation and destruction. Thereby, the destruction of threads had to be reworked, which effectively removed a bug (issue #149) where some threads weren't destroyed properly. * In the quick fix for issue #112, something similar to the Cap_map was introduced available in all processes. Moreover, some kind of a capability map already existed in core, to handle cap-session request properly. The introduction of the Cap_map unified both structures, so that the cap-session component code in core had to be reworked too. * The platform initialization code had to be changed sligthly due to the changes in Native_capability * The vcpu initialization in the L4Linux support library had to be adapted according to the already mentioned changes in the Thread object's bootstrap code.
2012-03-15 12:41:24 +01:00
while (exc == _pager_obj->state.exceptions && !_pager_obj->state.in_exception)
Fiasco.OC: fix capability ref-counter issue in core The Cap_mapping abstraction in core shouldn't use a Cap_index directly, but use Native_capability instead, as it can break reference-counting, as long as the same Cap_index gets used in a Cap_mapping and a Native_capability. This commit finally fixes #208.
2012-08-29 17:07:38 +02:00
l4_thread_switch(_thread.local.dst());
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
}
}
void Platform_thread::resume()
{
Fiasco.OC: introduce Cap_index (fixes #149, #112) This commit introduces a Cap_index class for Fiasco.OC's capabilities. A Cap_index is a combination of the global capability id, that is used by Genode to correctly identify a kernel-object, and a corresponding entry in a protection-domain's (kernel-)capability-space. The cap-indices are non-copyable, unique objects, that are held in a Cap_map. The Cap_map is used to re-find capabilities already present in the protection-domain, when a capability is received via IPC. The retrieval of capabilities effectively fixes issue #112, meaning the waste of capability-space entries. Because Cap_index objects are non-copyable (their address indicates the position in the capability-space of the pd), they are inappropriate to use as Native_capability. Therefore, Native_capability is implemented as a reference to Cap_index objects. This design seems to be a good pre-condition to implement smart-pointers for entries in the capability-space, and thereby closing existing leaks (please refer to issue #32). Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way, that it should be relatively easy to apply the same concept to NOVA also. By now, these classes are located in the `base-foc` repository, but they intentionally contain no Fiasco.OC specific elements. The previously explained changes had extensive impact on the whole Fiasco.OC platform implementation, due to various dependencies. The following things had to be changed: * The Thread object's startup and destruction routine is re-arranged, to enable another thread (that calls the Thread destructor) gaining the capability id of the thread's gate to remove it from the Cap_map, the thread's UTCB had to be made available to the caller, because there is the current location of that id. After having the UTCB available in the Thread object for that reason, the whole thread bootstrapping could be simplified. * In the course of changing the Native_capability's semantic, a new Cap_mapping class was introduced in core, that facilitates the establishment and destruction of capability mappings between core and it's client's, especially mappings related to Platform_thread and Platform_task, that are relevant to task and thread creation and destruction. Thereby, the destruction of threads had to be reworked, which effectively removed a bug (issue #149) where some threads weren't destroyed properly. * In the quick fix for issue #112, something similar to the Cap_map was introduced available in all processes. Moreover, some kind of a capability map already existed in core, to handle cap-session request properly. The introduction of the Cap_map unified both structures, so that the cap-session component code in core had to be reworked too. * The platform initialization code had to be changed sligthly due to the changes in Native_capability * The vcpu initialization in the L4Linux support library had to be adapted according to the already mentioned changes in the Thread object's bootstrap code.
2012-03-15 12:41:24 +01:00
if (!_pager_obj)
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
return;
Fiasco.OC: introduce Cap_index (fixes #149, #112) This commit introduces a Cap_index class for Fiasco.OC's capabilities. A Cap_index is a combination of the global capability id, that is used by Genode to correctly identify a kernel-object, and a corresponding entry in a protection-domain's (kernel-)capability-space. The cap-indices are non-copyable, unique objects, that are held in a Cap_map. The Cap_map is used to re-find capabilities already present in the protection-domain, when a capability is received via IPC. The retrieval of capabilities effectively fixes issue #112, meaning the waste of capability-space entries. Because Cap_index objects are non-copyable (their address indicates the position in the capability-space of the pd), they are inappropriate to use as Native_capability. Therefore, Native_capability is implemented as a reference to Cap_index objects. This design seems to be a good pre-condition to implement smart-pointers for entries in the capability-space, and thereby closing existing leaks (please refer to issue #32). Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way, that it should be relatively easy to apply the same concept to NOVA also. By now, these classes are located in the `base-foc` repository, but they intentionally contain no Fiasco.OC specific elements. The previously explained changes had extensive impact on the whole Fiasco.OC platform implementation, due to various dependencies. The following things had to be changed: * The Thread object's startup and destruction routine is re-arranged, to enable another thread (that calls the Thread destructor) gaining the capability id of the thread's gate to remove it from the Cap_map, the thread's UTCB had to be made available to the caller, because there is the current location of that id. After having the UTCB available in the Thread object for that reason, the whole thread bootstrapping could be simplified. * In the course of changing the Native_capability's semantic, a new Cap_mapping class was introduced in core, that facilitates the establishment and destruction of capability mappings between core and it's client's, especially mappings related to Platform_thread and Platform_task, that are relevant to task and thread creation and destruction. Thereby, the destruction of threads had to be reworked, which effectively removed a bug (issue #149) where some threads weren't destroyed properly. * In the quick fix for issue #112, something similar to the Cap_map was introduced available in all processes. Moreover, some kind of a capability map already existed in core, to handle cap-session request properly. The introduction of the Cap_map unified both structures, so that the cap-session component code in core had to be reworked too. * The platform initialization code had to be changed sligthly due to the changes in Native_capability * The vcpu initialization in the L4Linux support library had to be adapted according to the already mentioned changes in the Thread object's bootstrap code.
2012-03-15 12:41:24 +01:00
_pager_obj->state.lock.lock();
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
/* Mark thread to be runable again */
Fiasco.OC: introduce Cap_index (fixes #149, #112) This commit introduces a Cap_index class for Fiasco.OC's capabilities. A Cap_index is a combination of the global capability id, that is used by Genode to correctly identify a kernel-object, and a corresponding entry in a protection-domain's (kernel-)capability-space. The cap-indices are non-copyable, unique objects, that are held in a Cap_map. The Cap_map is used to re-find capabilities already present in the protection-domain, when a capability is received via IPC. The retrieval of capabilities effectively fixes issue #112, meaning the waste of capability-space entries. Because Cap_index objects are non-copyable (their address indicates the position in the capability-space of the pd), they are inappropriate to use as Native_capability. Therefore, Native_capability is implemented as a reference to Cap_index objects. This design seems to be a good pre-condition to implement smart-pointers for entries in the capability-space, and thereby closing existing leaks (please refer to issue #32). Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way, that it should be relatively easy to apply the same concept to NOVA also. By now, these classes are located in the `base-foc` repository, but they intentionally contain no Fiasco.OC specific elements. The previously explained changes had extensive impact on the whole Fiasco.OC platform implementation, due to various dependencies. The following things had to be changed: * The Thread object's startup and destruction routine is re-arranged, to enable another thread (that calls the Thread destructor) gaining the capability id of the thread's gate to remove it from the Cap_map, the thread's UTCB had to be made available to the caller, because there is the current location of that id. After having the UTCB available in the Thread object for that reason, the whole thread bootstrapping could be simplified. * In the course of changing the Native_capability's semantic, a new Cap_mapping class was introduced in core, that facilitates the establishment and destruction of capability mappings between core and it's client's, especially mappings related to Platform_thread and Platform_task, that are relevant to task and thread creation and destruction. Thereby, the destruction of threads had to be reworked, which effectively removed a bug (issue #149) where some threads weren't destroyed properly. * In the quick fix for issue #112, something similar to the Cap_map was introduced available in all processes. Moreover, some kind of a capability map already existed in core, to handle cap-session request properly. The introduction of the Cap_map unified both structures, so that the cap-session component code in core had to be reworked too. * The platform initialization code had to be changed sligthly due to the changes in Native_capability * The vcpu initialization in the L4Linux support library had to be adapted according to the already mentioned changes in the Thread object's bootstrap code.
2012-03-15 12:41:24 +01:00
_pager_obj->state.paused = false;
_pager_obj->state.lock.unlock();
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
/* Send a message to the exception handler, to unblock the client */
Msgbuf<16> snd, rcv;
Fiasco.OC: introduce Cap_index (fixes #149, #112) This commit introduces a Cap_index class for Fiasco.OC's capabilities. A Cap_index is a combination of the global capability id, that is used by Genode to correctly identify a kernel-object, and a corresponding entry in a protection-domain's (kernel-)capability-space. The cap-indices are non-copyable, unique objects, that are held in a Cap_map. The Cap_map is used to re-find capabilities already present in the protection-domain, when a capability is received via IPC. The retrieval of capabilities effectively fixes issue #112, meaning the waste of capability-space entries. Because Cap_index objects are non-copyable (their address indicates the position in the capability-space of the pd), they are inappropriate to use as Native_capability. Therefore, Native_capability is implemented as a reference to Cap_index objects. This design seems to be a good pre-condition to implement smart-pointers for entries in the capability-space, and thereby closing existing leaks (please refer to issue #32). Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way, that it should be relatively easy to apply the same concept to NOVA also. By now, these classes are located in the `base-foc` repository, but they intentionally contain no Fiasco.OC specific elements. The previously explained changes had extensive impact on the whole Fiasco.OC platform implementation, due to various dependencies. The following things had to be changed: * The Thread object's startup and destruction routine is re-arranged, to enable another thread (that calls the Thread destructor) gaining the capability id of the thread's gate to remove it from the Cap_map, the thread's UTCB had to be made available to the caller, because there is the current location of that id. After having the UTCB available in the Thread object for that reason, the whole thread bootstrapping could be simplified. * In the course of changing the Native_capability's semantic, a new Cap_mapping class was introduced in core, that facilitates the establishment and destruction of capability mappings between core and it's client's, especially mappings related to Platform_thread and Platform_task, that are relevant to task and thread creation and destruction. Thereby, the destruction of threads had to be reworked, which effectively removed a bug (issue #149) where some threads weren't destroyed properly. * In the quick fix for issue #112, something similar to the Cap_map was introduced available in all processes. Moreover, some kind of a capability map already existed in core, to handle cap-session request properly. The introduction of the Cap_map unified both structures, so that the cap-session component code in core had to be reworked too. * The platform initialization code had to be changed sligthly due to the changes in Native_capability * The vcpu initialization in the L4Linux support library had to be adapted according to the already mentioned changes in the Thread object's bootstrap code.
2012-03-15 12:41:24 +01:00
Ipc_client ipc_client(_pager_obj->cap(), &snd, &rcv);
ipc_client << _pager_obj << IPC_CALL;
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
}
void Platform_thread::bind(Platform_pd *pd)
{
_platform_pd = pd;
Fiasco.OC: fix capability ref-counter issue in core The Cap_mapping abstraction in core shouldn't use a Cap_index directly, but use Native_capability instead, as it can break reference-counting, as long as the same Cap_index gets used in a Cap_mapping and a Native_capability. This commit finally fixes #208.
2012-08-29 17:07:38 +02:00
_gate.map(pd->native_task().dst());
_irq.map(pd->native_task().dst());
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
}
void Platform_thread::unbind()
{
base-foc: introduce state in platform thread When destroying a thread, which was not bound to a protection domain via kernel primitives beforehand, it is critical to change the pager and exregs the thread in the destruction process. Therefore, this commit introduces two thread states: DEAD and RUNNING. On the basis of the thread state, we can decide whether to reset the thread before destroying it, or not.
2013-03-26 17:23:40 +01:00
if (_state == RUNNING) {
/* first set the thread as its own pager */
l4_thread_control_start();
l4_thread_control_pager(_gate.remote);
l4_thread_control_exc_handler(_gate.remote);
if (l4_msgtag_has_error(l4_thread_control_commit(_thread.local.dst())))
PWRN("l4_thread_control_commit for %lx failed!",
(unsigned long) _thread.local.dst());
/* now force it into a pagefault */
l4_thread_ex_regs(_thread.local.dst(), 0, 0, L4_THREAD_EX_REGS_CANCEL);
}
Fiasco.OC: introduce Cap_index (fixes #149, #112) This commit introduces a Cap_index class for Fiasco.OC's capabilities. A Cap_index is a combination of the global capability id, that is used by Genode to correctly identify a kernel-object, and a corresponding entry in a protection-domain's (kernel-)capability-space. The cap-indices are non-copyable, unique objects, that are held in a Cap_map. The Cap_map is used to re-find capabilities already present in the protection-domain, when a capability is received via IPC. The retrieval of capabilities effectively fixes issue #112, meaning the waste of capability-space entries. Because Cap_index objects are non-copyable (their address indicates the position in the capability-space of the pd), they are inappropriate to use as Native_capability. Therefore, Native_capability is implemented as a reference to Cap_index objects. This design seems to be a good pre-condition to implement smart-pointers for entries in the capability-space, and thereby closing existing leaks (please refer to issue #32). Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way, that it should be relatively easy to apply the same concept to NOVA also. By now, these classes are located in the `base-foc` repository, but they intentionally contain no Fiasco.OC specific elements. The previously explained changes had extensive impact on the whole Fiasco.OC platform implementation, due to various dependencies. The following things had to be changed: * The Thread object's startup and destruction routine is re-arranged, to enable another thread (that calls the Thread destructor) gaining the capability id of the thread's gate to remove it from the Cap_map, the thread's UTCB had to be made available to the caller, because there is the current location of that id. After having the UTCB available in the Thread object for that reason, the whole thread bootstrapping could be simplified. * In the course of changing the Native_capability's semantic, a new Cap_mapping class was introduced in core, that facilitates the establishment and destruction of capability mappings between core and it's client's, especially mappings related to Platform_thread and Platform_task, that are relevant to task and thread creation and destruction. Thereby, the destruction of threads had to be reworked, which effectively removed a bug (issue #149) where some threads weren't destroyed properly. * In the quick fix for issue #112, something similar to the Cap_map was introduced available in all processes. Moreover, some kind of a capability map already existed in core, to handle cap-session request properly. The introduction of the Cap_map unified both structures, so that the cap-session component code in core had to be reworked too. * The platform initialization code had to be changed sligthly due to the changes in Native_capability * The vcpu initialization in the L4Linux support library had to be adapted according to the already mentioned changes in the Thread object's bootstrap code.
2012-03-15 12:41:24 +01:00
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
_platform_pd = (Platform_pd*) 0;
}
Fiasco.OC: introduce Cap_index (fixes #149, #112) This commit introduces a Cap_index class for Fiasco.OC's capabilities. A Cap_index is a combination of the global capability id, that is used by Genode to correctly identify a kernel-object, and a corresponding entry in a protection-domain's (kernel-)capability-space. The cap-indices are non-copyable, unique objects, that are held in a Cap_map. The Cap_map is used to re-find capabilities already present in the protection-domain, when a capability is received via IPC. The retrieval of capabilities effectively fixes issue #112, meaning the waste of capability-space entries. Because Cap_index objects are non-copyable (their address indicates the position in the capability-space of the pd), they are inappropriate to use as Native_capability. Therefore, Native_capability is implemented as a reference to Cap_index objects. This design seems to be a good pre-condition to implement smart-pointers for entries in the capability-space, and thereby closing existing leaks (please refer to issue #32). Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way, that it should be relatively easy to apply the same concept to NOVA also. By now, these classes are located in the `base-foc` repository, but they intentionally contain no Fiasco.OC specific elements. The previously explained changes had extensive impact on the whole Fiasco.OC platform implementation, due to various dependencies. The following things had to be changed: * The Thread object's startup and destruction routine is re-arranged, to enable another thread (that calls the Thread destructor) gaining the capability id of the thread's gate to remove it from the Cap_map, the thread's UTCB had to be made available to the caller, because there is the current location of that id. After having the UTCB available in the Thread object for that reason, the whole thread bootstrapping could be simplified. * In the course of changing the Native_capability's semantic, a new Cap_mapping class was introduced in core, that facilitates the establishment and destruction of capability mappings between core and it's client's, especially mappings related to Platform_thread and Platform_task, that are relevant to task and thread creation and destruction. Thereby, the destruction of threads had to be reworked, which effectively removed a bug (issue #149) where some threads weren't destroyed properly. * In the quick fix for issue #112, something similar to the Cap_map was introduced available in all processes. Moreover, some kind of a capability map already existed in core, to handle cap-session request properly. The introduction of the Cap_map unified both structures, so that the cap-session component code in core had to be reworked too. * The platform initialization code had to be changed sligthly due to the changes in Native_capability * The vcpu initialization in the L4Linux support library had to be adapted according to the already mentioned changes in the Thread object's bootstrap code.
2012-03-15 12:41:24 +01:00
void Platform_thread::pager(Pager_object *pager_obj)
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
{
Fiasco.OC: introduce Cap_index (fixes #149, #112) This commit introduces a Cap_index class for Fiasco.OC's capabilities. A Cap_index is a combination of the global capability id, that is used by Genode to correctly identify a kernel-object, and a corresponding entry in a protection-domain's (kernel-)capability-space. The cap-indices are non-copyable, unique objects, that are held in a Cap_map. The Cap_map is used to re-find capabilities already present in the protection-domain, when a capability is received via IPC. The retrieval of capabilities effectively fixes issue #112, meaning the waste of capability-space entries. Because Cap_index objects are non-copyable (their address indicates the position in the capability-space of the pd), they are inappropriate to use as Native_capability. Therefore, Native_capability is implemented as a reference to Cap_index objects. This design seems to be a good pre-condition to implement smart-pointers for entries in the capability-space, and thereby closing existing leaks (please refer to issue #32). Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way, that it should be relatively easy to apply the same concept to NOVA also. By now, these classes are located in the `base-foc` repository, but they intentionally contain no Fiasco.OC specific elements. The previously explained changes had extensive impact on the whole Fiasco.OC platform implementation, due to various dependencies. The following things had to be changed: * The Thread object's startup and destruction routine is re-arranged, to enable another thread (that calls the Thread destructor) gaining the capability id of the thread's gate to remove it from the Cap_map, the thread's UTCB had to be made available to the caller, because there is the current location of that id. After having the UTCB available in the Thread object for that reason, the whole thread bootstrapping could be simplified. * In the course of changing the Native_capability's semantic, a new Cap_mapping class was introduced in core, that facilitates the establishment and destruction of capability mappings between core and it's client's, especially mappings related to Platform_thread and Platform_task, that are relevant to task and thread creation and destruction. Thereby, the destruction of threads had to be reworked, which effectively removed a bug (issue #149) where some threads weren't destroyed properly. * In the quick fix for issue #112, something similar to the Cap_map was introduced available in all processes. Moreover, some kind of a capability map already existed in core, to handle cap-session request properly. The introduction of the Cap_map unified both structures, so that the cap-session component code in core had to be reworked too. * The platform initialization code had to be changed sligthly due to the changes in Native_capability * The vcpu initialization in the L4Linux support library had to be adapted according to the already mentioned changes in the Thread object's bootstrap code.
2012-03-15 12:41:24 +01:00
_pager_obj = pager_obj;
Fix: don't deference stale pager pointer in core Reset pager pointer in platform_thread if pager object is removed. Fixes #532
2012-11-29 13:37:30 +01:00
if (_pager_obj)
_pager.local = pager_obj->cap();
else
_pager.local = Native_capability();
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
}
cpu_session: Access thread state by value
2012-11-12 17:48:18 +01:00
void Platform_thread::state(Thread_state s)
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
{
base-foc: enable CPU state modification With this patch, the register contents of a paused thread (which is not currently executing a syscall) can get modified by the 'Cpu_session::state()' function. Fixes #896.
2013-09-26 11:49:00 +02:00
if (_pager_obj)
_pager_obj->state = s;
cpu_session: Access thread state by value
2012-11-12 17:48:18 +01:00
}
Fiasco.OC: introduce Cap_index (fixes #149, #112) This commit introduces a Cap_index class for Fiasco.OC's capabilities. A Cap_index is a combination of the global capability id, that is used by Genode to correctly identify a kernel-object, and a corresponding entry in a protection-domain's (kernel-)capability-space. The cap-indices are non-copyable, unique objects, that are held in a Cap_map. The Cap_map is used to re-find capabilities already present in the protection-domain, when a capability is received via IPC. The retrieval of capabilities effectively fixes issue #112, meaning the waste of capability-space entries. Because Cap_index objects are non-copyable (their address indicates the position in the capability-space of the pd), they are inappropriate to use as Native_capability. Therefore, Native_capability is implemented as a reference to Cap_index objects. This design seems to be a good pre-condition to implement smart-pointers for entries in the capability-space, and thereby closing existing leaks (please refer to issue #32). Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way, that it should be relatively easy to apply the same concept to NOVA also. By now, these classes are located in the `base-foc` repository, but they intentionally contain no Fiasco.OC specific elements. The previously explained changes had extensive impact on the whole Fiasco.OC platform implementation, due to various dependencies. The following things had to be changed: * The Thread object's startup and destruction routine is re-arranged, to enable another thread (that calls the Thread destructor) gaining the capability id of the thread's gate to remove it from the Cap_map, the thread's UTCB had to be made available to the caller, because there is the current location of that id. After having the UTCB available in the Thread object for that reason, the whole thread bootstrapping could be simplified. * In the course of changing the Native_capability's semantic, a new Cap_mapping class was introduced in core, that facilitates the establishment and destruction of capability mappings between core and it's client's, especially mappings related to Platform_thread and Platform_task, that are relevant to task and thread creation and destruction. Thereby, the destruction of threads had to be reworked, which effectively removed a bug (issue #149) where some threads weren't destroyed properly. * In the quick fix for issue #112, something similar to the Cap_map was introduced available in all processes. Moreover, some kind of a capability map already existed in core, to handle cap-session request properly. The introduction of the Cap_map unified both structures, so that the cap-session component code in core had to be reworked too. * The platform initialization code had to be changed sligthly due to the changes in Native_capability * The vcpu initialization in the L4Linux support library had to be adapted according to the already mentioned changes in the Thread object's bootstrap code.
2012-03-15 12:41:24 +01:00
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
cpu_session: Access thread state by value
2012-11-12 17:48:18 +01:00
Thread_state Platform_thread::state()
{
Thread_state s;
if (_pager_obj) s = _pager_obj->state;
s.kcap = _gate.remote;
s.id = _gate.local.local_name();
s.utcb = _utcb;
return s;
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
}
void Platform_thread::cancel_blocking()
{
Fiasco.OC: fix capability ref-counter issue in core The Cap_mapping abstraction in core shouldn't use a Cap_index directly, but use Native_capability instead, as it can break reference-counting, as long as the same Cap_index gets used in a Cap_mapping and a Native_capability. This commit finally fixes #208.
2012-08-29 17:07:38 +02:00
l4_irq_trigger(_irq.local.dst());
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
}
Express affinities via Cartesian coordinates This patch introduces new types for expressing CPU affinities. Instead of dealing with physical CPU numbers, affinities are expressed as rectangles in a grid of virtual CPU nodes. This clears the way to conveniently assign sets of adjacent CPUs to subsystems, each of them managing their respective viewport of the coordinate space. By using 2D Cartesian coordinates, the locality of CPU nodes can be modeled for different topologies such as SMP (simple Nx1 grid), grids of NUMA nodes, or ring topologies.
2013-08-07 22:16:58 +02:00
void Platform_thread::affinity(Affinity::Location location)
Extend Cpu_session with thread-affinity API This patch introduces the functions 'affinity' and 'num_cpus' to the CPU session interface. The interface extension will allow the assignment of individual threads to CPUs. At this point, it is just a stub with no actual platform support.
2012-09-04 17:32:55 +02:00
{
Express affinities via Cartesian coordinates This patch introduces new types for expressing CPU affinities. Instead of dealing with physical CPU numbers, affinities are expressed as rectangles in a grid of virtual CPU nodes. This clears the way to conveniently assign sets of adjacent CPUs to subsystems, each of them managing their respective viewport of the coordinate space. By using 2D Cartesian coordinates, the locality of CPU nodes can be modeled for different topologies such as SMP (simple Nx1 grid), grids of NUMA nodes, or ring topologies.
2013-08-07 22:16:58 +02:00
_location = location;
int const cpu = location.xpos();
Fiasco.OC: implement thread-affinity function
2012-09-10 13:21:04 +02:00
l4_sched_param_t params = l4_sched_param(_prio);
params.affinity = l4_sched_cpu_set(cpu, 0, 1);
l4_msgtag_t tag = l4_scheduler_run_thread(L4_BASE_SCHEDULER_CAP,
_thread.local.dst(), &params);
if (l4_error(tag))
PWRN("setting affinity of %lx to %d failed!", _thread.local.dst(), cpu);
Extend Cpu_session with thread-affinity API This patch introduces the functions 'affinity' and 'num_cpus' to the CPU session interface. The interface extension will allow the assignment of individual threads to CPUs. At this point, it is just a stub with no actual platform support.
2012-09-04 17:32:55 +02:00
}
core: provide thread exec times via TRACE service This patch enable clients of core's TRACE service to obtain the execution times of trace subjects (i.e., threads). The execution time is delivered as part of the 'Subject_info' structure. Right now, the feature is available solely on NOVA. On all other base platforms, the returned execution times are 0. Issue #813
2015-06-11 23:05:02 +02:00
Affinity::Location Platform_thread::affinity() const
base: add affinity support to pager construction Propagating the affinity information is needed to allow for assigning a pager thread that is local to the CPU of the to-be-created thread. issue #814
2013-07-09 15:58:06 +02:00
{
Express affinities via Cartesian coordinates This patch introduces new types for expressing CPU affinities. Instead of dealing with physical CPU numbers, affinities are expressed as rectangles in a grid of virtual CPU nodes. This clears the way to conveniently assign sets of adjacent CPUs to subsystems, each of them managing their respective viewport of the coordinate space. By using 2D Cartesian coordinates, the locality of CPU nodes can be modeled for different topologies such as SMP (simple Nx1 grid), grids of NUMA nodes, or ring topologies.
2013-08-07 22:16:58 +02:00
return _location;
base: add affinity support to pager construction Propagating the affinity information is needed to allow for assigning a pager thread that is local to the CPU of the to-be-created thread. issue #814
2013-07-09 15:58:06 +02:00
}
Integrate CAP session into PD session This patch integrates the functionality of the former CAP session into the PD session and unifies the approch of supplementing the generic PD session with kernel-specific functionality. The latter is achieved by the new 'Native_pd' interface. The kernel-specific interface can be obtained via the Pd_session::native_pd accessor function. The kernel-specific interfaces are named Nova_native_pd, Foc_native_pd, and Linux_native_pd. The latter change allowed for to deduplication of the pd_session_component code among the various base platforms. To retain API compatibility, we keep the 'Cap_session' and 'Cap_connection' around. But those classes have become mere wrappers around the PD session interface. Issue #1841
2016-01-19 20:24:22 +01:00
static Rpc_cap_factory &thread_cap_factory()
{
static Rpc_cap_factory inst(*platform()->core_mem_alloc());
return inst;
}
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
void Platform_thread::_create_thread()
{
l4_msgtag_t tag = l4_factory_create_thread(L4_BASE_FACTORY_CAP,
Fiasco.OC: fix capability ref-counter issue in core The Cap_mapping abstraction in core shouldn't use a Cap_index directly, but use Native_capability instead, as it can break reference-counting, as long as the same Cap_index gets used in a Cap_mapping and a Native_capability. This commit finally fixes #208.
2012-08-29 17:07:38 +02:00
_thread.local.dst());
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
if (l4_msgtag_has_error(tag))
PERR("cannot create more thread kernel-objects!");
Fiasco.OC: introduce Cap_index (fixes #149, #112) This commit introduces a Cap_index class for Fiasco.OC's capabilities. A Cap_index is a combination of the global capability id, that is used by Genode to correctly identify a kernel-object, and a corresponding entry in a protection-domain's (kernel-)capability-space. The cap-indices are non-copyable, unique objects, that are held in a Cap_map. The Cap_map is used to re-find capabilities already present in the protection-domain, when a capability is received via IPC. The retrieval of capabilities effectively fixes issue #112, meaning the waste of capability-space entries. Because Cap_index objects are non-copyable (their address indicates the position in the capability-space of the pd), they are inappropriate to use as Native_capability. Therefore, Native_capability is implemented as a reference to Cap_index objects. This design seems to be a good pre-condition to implement smart-pointers for entries in the capability-space, and thereby closing existing leaks (please refer to issue #32). Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way, that it should be relatively easy to apply the same concept to NOVA also. By now, these classes are located in the `base-foc` repository, but they intentionally contain no Fiasco.OC specific elements. The previously explained changes had extensive impact on the whole Fiasco.OC platform implementation, due to various dependencies. The following things had to be changed: * The Thread object's startup and destruction routine is re-arranged, to enable another thread (that calls the Thread destructor) gaining the capability id of the thread's gate to remove it from the Cap_map, the thread's UTCB had to be made available to the caller, because there is the current location of that id. After having the UTCB available in the Thread object for that reason, the whole thread bootstrapping could be simplified. * In the course of changing the Native_capability's semantic, a new Cap_mapping class was introduced in core, that facilitates the establishment and destruction of capability mappings between core and it's client's, especially mappings related to Platform_thread and Platform_task, that are relevant to task and thread creation and destruction. Thereby, the destruction of threads had to be reworked, which effectively removed a bug (issue #149) where some threads weren't destroyed properly. * In the quick fix for issue #112, something similar to the Cap_map was introduced available in all processes. Moreover, some kind of a capability map already existed in core, to handle cap-session request properly. The introduction of the Cap_map unified both structures, so that the cap-session component code in core had to be reworked too. * The platform initialization code had to be changed sligthly due to the changes in Native_capability * The vcpu initialization in the L4Linux support library had to be adapted according to the already mentioned changes in the Thread object's bootstrap code.
2012-03-15 12:41:24 +01:00
/* create initial gate for thread */
Integrate CAP session into PD session This patch integrates the functionality of the former CAP session into the PD session and unifies the approch of supplementing the generic PD session with kernel-specific functionality. The latter is achieved by the new 'Native_pd' interface. The kernel-specific interface can be obtained via the Pd_session::native_pd accessor function. The kernel-specific interfaces are named Nova_native_pd, Foc_native_pd, and Linux_native_pd. The latter change allowed for to deduplication of the pd_session_component code among the various base platforms. To retain API compatibility, we keep the 'Cap_session' and 'Cap_connection' around. But those classes have become mere wrappers around the PD session interface. Issue #1841
2016-01-19 20:24:22 +01:00
_gate.local = thread_cap_factory().alloc(_thread.local);
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
}
Fiasco.OC: implement thread-affinity function
2012-09-10 13:21:04 +02:00
void Platform_thread::_finalize_construction(const char *name)
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
{
/* create irq for new thread */
Fiasco.OC: introduce Cap_index (fixes #149, #112) This commit introduces a Cap_index class for Fiasco.OC's capabilities. A Cap_index is a combination of the global capability id, that is used by Genode to correctly identify a kernel-object, and a corresponding entry in a protection-domain's (kernel-)capability-space. The cap-indices are non-copyable, unique objects, that are held in a Cap_map. The Cap_map is used to re-find capabilities already present in the protection-domain, when a capability is received via IPC. The retrieval of capabilities effectively fixes issue #112, meaning the waste of capability-space entries. Because Cap_index objects are non-copyable (their address indicates the position in the capability-space of the pd), they are inappropriate to use as Native_capability. Therefore, Native_capability is implemented as a reference to Cap_index objects. This design seems to be a good pre-condition to implement smart-pointers for entries in the capability-space, and thereby closing existing leaks (please refer to issue #32). Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way, that it should be relatively easy to apply the same concept to NOVA also. By now, these classes are located in the `base-foc` repository, but they intentionally contain no Fiasco.OC specific elements. The previously explained changes had extensive impact on the whole Fiasco.OC platform implementation, due to various dependencies. The following things had to be changed: * The Thread object's startup and destruction routine is re-arranged, to enable another thread (that calls the Thread destructor) gaining the capability id of the thread's gate to remove it from the Cap_map, the thread's UTCB had to be made available to the caller, because there is the current location of that id. After having the UTCB available in the Thread object for that reason, the whole thread bootstrapping could be simplified. * In the course of changing the Native_capability's semantic, a new Cap_mapping class was introduced in core, that facilitates the establishment and destruction of capability mappings between core and it's client's, especially mappings related to Platform_thread and Platform_task, that are relevant to task and thread creation and destruction. Thereby, the destruction of threads had to be reworked, which effectively removed a bug (issue #149) where some threads weren't destroyed properly. * In the quick fix for issue #112, something similar to the Cap_map was introduced available in all processes. Moreover, some kind of a capability map already existed in core, to handle cap-session request properly. The introduction of the Cap_map unified both structures, so that the cap-session component code in core had to be reworked too. * The platform initialization code had to be changed sligthly due to the changes in Native_capability * The vcpu initialization in the L4Linux support library had to be adapted according to the already mentioned changes in the Thread object's bootstrap code.
2012-03-15 12:41:24 +01:00
l4_msgtag_t tag = l4_factory_create_irq(L4_BASE_FACTORY_CAP,
Fiasco.OC: fix capability ref-counter issue in core The Cap_mapping abstraction in core shouldn't use a Cap_index directly, but use Native_capability instead, as it can break reference-counting, as long as the same Cap_index gets used in a Cap_mapping and a Native_capability. This commit finally fixes #208.
2012-08-29 17:07:38 +02:00
_irq.local.dst());
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
if (l4_msgtag_has_error(tag))
PWRN("creating thread's irq failed");
/* attach thread to irq */
Fiasco.OC: fix capability ref-counter issue in core The Cap_mapping abstraction in core shouldn't use a Cap_index directly, but use Native_capability instead, as it can break reference-counting, as long as the same Cap_index gets used in a Cap_mapping and a Native_capability. This commit finally fixes #208.
2012-08-29 17:07:38 +02:00
tag = l4_irq_attach(_irq.local.dst(), 0, _thread.local.dst());
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
if (l4_msgtag_has_error(tag))
PWRN("attaching thread's irq failed");
/* set human readable name in kernel debugger */
strncpy(_name, name, sizeof(_name));
Fiasco.OC: fix capability ref-counter issue in core The Cap_mapping abstraction in core shouldn't use a Cap_index directly, but use Native_capability instead, as it can break reference-counting, as long as the same Cap_index gets used in a Cap_mapping and a Native_capability. This commit finally fixes #208.
2012-08-29 17:07:38 +02:00
Fiasco::l4_debugger_set_object_name(_thread.local.dst(), name);
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
/* set priority of thread */
Fiasco.OC: implement thread-affinity function
2012-09-10 13:21:04 +02:00
l4_sched_param_t params = l4_sched_param(_prio);
Fiasco.OC: fix capability ref-counter issue in core The Cap_mapping abstraction in core shouldn't use a Cap_index directly, but use Native_capability instead, as it can break reference-counting, as long as the same Cap_index gets used in a Cap_mapping and a Native_capability. This commit finally fixes #208.
2012-08-29 17:07:38 +02:00
l4_scheduler_run_thread(L4_BASE_SCHEDULER_CAP, _thread.local.dst(),
Fiasco.OC: introduce Cap_index (fixes #149, #112) This commit introduces a Cap_index class for Fiasco.OC's capabilities. A Cap_index is a combination of the global capability id, that is used by Genode to correctly identify a kernel-object, and a corresponding entry in a protection-domain's (kernel-)capability-space. The cap-indices are non-copyable, unique objects, that are held in a Cap_map. The Cap_map is used to re-find capabilities already present in the protection-domain, when a capability is received via IPC. The retrieval of capabilities effectively fixes issue #112, meaning the waste of capability-space entries. Because Cap_index objects are non-copyable (their address indicates the position in the capability-space of the pd), they are inappropriate to use as Native_capability. Therefore, Native_capability is implemented as a reference to Cap_index objects. This design seems to be a good pre-condition to implement smart-pointers for entries in the capability-space, and thereby closing existing leaks (please refer to issue #32). Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way, that it should be relatively easy to apply the same concept to NOVA also. By now, these classes are located in the `base-foc` repository, but they intentionally contain no Fiasco.OC specific elements. The previously explained changes had extensive impact on the whole Fiasco.OC platform implementation, due to various dependencies. The following things had to be changed: * The Thread object's startup and destruction routine is re-arranged, to enable another thread (that calls the Thread destructor) gaining the capability id of the thread's gate to remove it from the Cap_map, the thread's UTCB had to be made available to the caller, because there is the current location of that id. After having the UTCB available in the Thread object for that reason, the whole thread bootstrapping could be simplified. * In the course of changing the Native_capability's semantic, a new Cap_mapping class was introduced in core, that facilitates the establishment and destruction of capability mappings between core and it's client's, especially mappings related to Platform_thread and Platform_task, that are relevant to task and thread creation and destruction. Thereby, the destruction of threads had to be reworked, which effectively removed a bug (issue #149) where some threads weren't destroyed properly. * In the quick fix for issue #112, something similar to the Cap_map was introduced available in all processes. Moreover, some kind of a capability map already existed in core, to handle cap-session request properly. The introduction of the Cap_map unified both structures, so that the cap-session component code in core had to be reworked too. * The platform initialization code had to be changed sligthly due to the changes in Native_capability * The vcpu initialization in the L4Linux support library had to be adapted according to the already mentioned changes in the Thread object's bootstrap code.
2012-03-15 12:41:24 +01:00
&params);
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
}
core: Introduce 'Address_space' interface The new core-internal 'Address_space' interface enables cores RM service to flush mappings of a PD in which a given 'Rm_client' thread resides. Prior this patch, each platform invented their own way to flush mappings in the respective 'rm_session_support.cc' implementation. However, those implementations used to deal poorly with some corner cases. In particular, if a PD session was destroyed prior a RM session, the RM session would try to use no longer existing PD session. The new 'Address_space' uses the just added weak-pointer mechanism to deal with this issue. Furthermore, the generic 'Rm_session_component::detach' function has been improved to avoid duplicated unmap operations for platforms that implement the 'Address_space' interface. Therefore, it is related to issue #595. Right now, this is OKL4 only, but other platforms will follow.
2013-03-08 11:54:12 +01:00
Weak_ptr<Address_space> Platform_thread::address_space()
{
return _platform_pd->Address_space::weak_ptr();
}
core: TRACE service interface and implementation
2013-08-10 03:44:55 +02:00
Platform_thread::Platform_thread(const char *name, unsigned prio, addr_t)
base-foc: introduce state in platform thread When destroying a thread, which was not bound to a protection domain via kernel primitives beforehand, it is critical to change the pager and exregs the thread in the destruction process. Therefore, this commit introduces two thread states: DEAD and RUNNING. On the basis of the thread state, we can decide whether to reset the thread before destroying it, or not.
2013-03-26 17:23:40 +01:00
: _state(DEAD),
_core_thread(false),
Fiasco.OC: introduce Cap_index (fixes #149, #112) This commit introduces a Cap_index class for Fiasco.OC's capabilities. A Cap_index is a combination of the global capability id, that is used by Genode to correctly identify a kernel-object, and a corresponding entry in a protection-domain's (kernel-)capability-space. The cap-indices are non-copyable, unique objects, that are held in a Cap_map. The Cap_map is used to re-find capabilities already present in the protection-domain, when a capability is received via IPC. The retrieval of capabilities effectively fixes issue #112, meaning the waste of capability-space entries. Because Cap_index objects are non-copyable (their address indicates the position in the capability-space of the pd), they are inappropriate to use as Native_capability. Therefore, Native_capability is implemented as a reference to Cap_index objects. This design seems to be a good pre-condition to implement smart-pointers for entries in the capability-space, and thereby closing existing leaks (please refer to issue #32). Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way, that it should be relatively easy to apply the same concept to NOVA also. By now, these classes are located in the `base-foc` repository, but they intentionally contain no Fiasco.OC specific elements. The previously explained changes had extensive impact on the whole Fiasco.OC platform implementation, due to various dependencies. The following things had to be changed: * The Thread object's startup and destruction routine is re-arranged, to enable another thread (that calls the Thread destructor) gaining the capability id of the thread's gate to remove it from the Cap_map, the thread's UTCB had to be made available to the caller, because there is the current location of that id. After having the UTCB available in the Thread object for that reason, the whole thread bootstrapping could be simplified. * In the course of changing the Native_capability's semantic, a new Cap_mapping class was introduced in core, that facilitates the establishment and destruction of capability mappings between core and it's client's, especially mappings related to Platform_thread and Platform_task, that are relevant to task and thread creation and destruction. Thereby, the destruction of threads had to be reworked, which effectively removed a bug (issue #149) where some threads weren't destroyed properly. * In the quick fix for issue #112, something similar to the Cap_map was introduced available in all processes. Moreover, some kind of a capability map already existed in core, to handle cap-session request properly. The introduction of the Cap_map unified both structures, so that the cap-session component code in core had to be reworked too. * The platform initialization code had to be changed sligthly due to the changes in Native_capability * The vcpu initialization in the L4Linux support library had to be adapted according to the already mentioned changes in the Thread object's bootstrap code.
2012-03-15 12:41:24 +01:00
_thread(true),
_irq(true),
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
_utcb(0),
_platform_pd(0),
Fiasco.OC: implement thread-affinity function
2012-09-10 13:21:04 +02:00
_pager_obj(0),
_prio(Cpu_session::scale_priority(DEFAULT_PRIORITY, prio))
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
{
Fiasco.OC: fix capability ref-counter issue in core The Cap_mapping abstraction in core shouldn't use a Cap_index directly, but use Native_capability instead, as it can break reference-counting, as long as the same Cap_index gets used in a Cap_mapping and a Native_capability. This commit finally fixes #208.
2012-08-29 17:07:38 +02:00
((Core_cap_index*)_thread.local.idx())->pt(this);
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
_create_thread();
Fiasco.OC: implement thread-affinity function
2012-09-10 13:21:04 +02:00
_finalize_construction(name);
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
}
Fiasco.OC: introduce Cap_index (fixes #149, #112) This commit introduces a Cap_index class for Fiasco.OC's capabilities. A Cap_index is a combination of the global capability id, that is used by Genode to correctly identify a kernel-object, and a corresponding entry in a protection-domain's (kernel-)capability-space. The cap-indices are non-copyable, unique objects, that are held in a Cap_map. The Cap_map is used to re-find capabilities already present in the protection-domain, when a capability is received via IPC. The retrieval of capabilities effectively fixes issue #112, meaning the waste of capability-space entries. Because Cap_index objects are non-copyable (their address indicates the position in the capability-space of the pd), they are inappropriate to use as Native_capability. Therefore, Native_capability is implemented as a reference to Cap_index objects. This design seems to be a good pre-condition to implement smart-pointers for entries in the capability-space, and thereby closing existing leaks (please refer to issue #32). Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way, that it should be relatively easy to apply the same concept to NOVA also. By now, these classes are located in the `base-foc` repository, but they intentionally contain no Fiasco.OC specific elements. The previously explained changes had extensive impact on the whole Fiasco.OC platform implementation, due to various dependencies. The following things had to be changed: * The Thread object's startup and destruction routine is re-arranged, to enable another thread (that calls the Thread destructor) gaining the capability id of the thread's gate to remove it from the Cap_map, the thread's UTCB had to be made available to the caller, because there is the current location of that id. After having the UTCB available in the Thread object for that reason, the whole thread bootstrapping could be simplified. * In the course of changing the Native_capability's semantic, a new Cap_mapping class was introduced in core, that facilitates the establishment and destruction of capability mappings between core and it's client's, especially mappings related to Platform_thread and Platform_task, that are relevant to task and thread creation and destruction. Thereby, the destruction of threads had to be reworked, which effectively removed a bug (issue #149) where some threads weren't destroyed properly. * In the quick fix for issue #112, something similar to the Cap_map was introduced available in all processes. Moreover, some kind of a capability map already existed in core, to handle cap-session request properly. The introduction of the Cap_map unified both structures, so that the cap-session component code in core had to be reworked too. * The platform initialization code had to be changed sligthly due to the changes in Native_capability * The vcpu initialization in the L4Linux support library had to be adapted according to the already mentioned changes in the Thread object's bootstrap code.
2012-03-15 12:41:24 +01:00
Platform_thread::Platform_thread(Core_cap_index* thread,
Core_cap_index* irq, const char *name)
base-foc: introduce state in platform thread When destroying a thread, which was not bound to a protection domain via kernel primitives beforehand, it is critical to change the pager and exregs the thread in the destruction process. Therefore, this commit introduces two thread states: DEAD and RUNNING. On the basis of the thread state, we can decide whether to reset the thread before destroying it, or not.
2013-03-26 17:23:40 +01:00
: _state(RUNNING),
_core_thread(true),
Fiasco.OC: fix capability ref-counter issue in core The Cap_mapping abstraction in core shouldn't use a Cap_index directly, but use Native_capability instead, as it can break reference-counting, as long as the same Cap_index gets used in a Cap_mapping and a Native_capability. This commit finally fixes #208.
2012-08-29 17:07:38 +02:00
_thread(Native_capability(thread), L4_BASE_THREAD_CAP),
_irq(Native_capability(irq)),
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
_utcb(0),
_platform_pd(0),
Fiasco.OC: implement thread-affinity function
2012-09-10 13:21:04 +02:00
_pager_obj(0),
_prio(Cpu_session::scale_priority(DEFAULT_PRIORITY, 0))
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
{
Fiasco.OC: fix capability ref-counter issue in core The Cap_mapping abstraction in core shouldn't use a Cap_index directly, but use Native_capability instead, as it can break reference-counting, as long as the same Cap_index gets used in a Cap_mapping and a Native_capability. This commit finally fixes #208.
2012-08-29 17:07:38 +02:00
reinterpret_cast<Core_cap_index*>(_thread.local.idx())->pt(this);
Fiasco.OC: implement thread-affinity function
2012-09-10 13:21:04 +02:00
_finalize_construction(name);
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
}
Platform_thread::Platform_thread(const char *name)
base-foc: introduce state in platform thread When destroying a thread, which was not bound to a protection domain via kernel primitives beforehand, it is critical to change the pager and exregs the thread in the destruction process. Therefore, this commit introduces two thread states: DEAD and RUNNING. On the basis of the thread state, we can decide whether to reset the thread before destroying it, or not.
2013-03-26 17:23:40 +01:00
: _state(DEAD),
_core_thread(true),
Fiasco.OC: introduce Cap_index (fixes #149, #112) This commit introduces a Cap_index class for Fiasco.OC's capabilities. A Cap_index is a combination of the global capability id, that is used by Genode to correctly identify a kernel-object, and a corresponding entry in a protection-domain's (kernel-)capability-space. The cap-indices are non-copyable, unique objects, that are held in a Cap_map. The Cap_map is used to re-find capabilities already present in the protection-domain, when a capability is received via IPC. The retrieval of capabilities effectively fixes issue #112, meaning the waste of capability-space entries. Because Cap_index objects are non-copyable (their address indicates the position in the capability-space of the pd), they are inappropriate to use as Native_capability. Therefore, Native_capability is implemented as a reference to Cap_index objects. This design seems to be a good pre-condition to implement smart-pointers for entries in the capability-space, and thereby closing existing leaks (please refer to issue #32). Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way, that it should be relatively easy to apply the same concept to NOVA also. By now, these classes are located in the `base-foc` repository, but they intentionally contain no Fiasco.OC specific elements. The previously explained changes had extensive impact on the whole Fiasco.OC platform implementation, due to various dependencies. The following things had to be changed: * The Thread object's startup and destruction routine is re-arranged, to enable another thread (that calls the Thread destructor) gaining the capability id of the thread's gate to remove it from the Cap_map, the thread's UTCB had to be made available to the caller, because there is the current location of that id. After having the UTCB available in the Thread object for that reason, the whole thread bootstrapping could be simplified. * In the course of changing the Native_capability's semantic, a new Cap_mapping class was introduced in core, that facilitates the establishment and destruction of capability mappings between core and it's client's, especially mappings related to Platform_thread and Platform_task, that are relevant to task and thread creation and destruction. Thereby, the destruction of threads had to be reworked, which effectively removed a bug (issue #149) where some threads weren't destroyed properly. * In the quick fix for issue #112, something similar to the Cap_map was introduced available in all processes. Moreover, some kind of a capability map already existed in core, to handle cap-session request properly. The introduction of the Cap_map unified both structures, so that the cap-session component code in core had to be reworked too. * The platform initialization code had to be changed sligthly due to the changes in Native_capability * The vcpu initialization in the L4Linux support library had to be adapted according to the already mentioned changes in the Thread object's bootstrap code.
2012-03-15 12:41:24 +01:00
_thread(true),
_irq(true),
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
_utcb(0),
_platform_pd(0),
Fiasco.OC: implement thread-affinity function
2012-09-10 13:21:04 +02:00
_pager_obj(0),
_prio(Cpu_session::scale_priority(DEFAULT_PRIORITY, 0))
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
{
Fiasco.OC: fix capability ref-counter issue in core The Cap_mapping abstraction in core shouldn't use a Cap_index directly, but use Native_capability instead, as it can break reference-counting, as long as the same Cap_index gets used in a Cap_mapping and a Native_capability. This commit finally fixes #208.
2012-08-29 17:07:38 +02:00
((Core_cap_index*)_thread.local.idx())->pt(this);
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
_create_thread();
Fiasco.OC: implement thread-affinity function
2012-09-10 13:21:04 +02:00
_finalize_construction(name);
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
}
Platform_thread::~Platform_thread()
{
Integrate CAP session into PD session This patch integrates the functionality of the former CAP session into the PD session and unifies the approch of supplementing the generic PD session with kernel-specific functionality. The latter is achieved by the new 'Native_pd' interface. The kernel-specific interface can be obtained via the Pd_session::native_pd accessor function. The kernel-specific interfaces are named Nova_native_pd, Foc_native_pd, and Linux_native_pd. The latter change allowed for to deduplication of the pd_session_component code among the various base platforms. To retain API compatibility, we keep the 'Cap_session' and 'Cap_connection' around. But those classes have become mere wrappers around the PD session interface. Issue #1841
2016-01-19 20:24:22 +01:00
thread_cap_factory().free(_gate.local);
Fiasco.OC: fix capability ref-counter issue in core The Cap_mapping abstraction in core shouldn't use a Cap_index directly, but use Native_capability instead, as it can break reference-counting, as long as the same Cap_index gets used in a Cap_mapping and a Native_capability. This commit finally fixes #208.
2012-08-29 17:07:38 +02:00
Imported Genode release 11.11
2011-12-22 16:19:25 +01:00
/*
* We inform our protection domain about thread destruction, which will end up in
* Thread::unbind()
*/
if (_platform_pd)
_platform_pd->unbind_thread(this);
}