2011-12-22 16:19:25 +01:00
|
|
|
/*
|
|
|
|
|
* \brief L4lxapi library task functions.
|
|
|
|
|
* \author Stefan Kalkowski
|
|
|
|
|
* \date 2011-04-11
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
/*
|
2012-01-03 15:35:05 +01:00
|
|
|
* Copyright (C) 2011-2012 Genode Labs GmbH
|
2011-12-22 16:19:25 +01:00
|
|
|
*
|
|
|
|
|
* This file is part of the Genode OS framework, which is distributed
|
|
|
|
|
* under the terms of the GNU General Public License version 2.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
/* Genode includes */
|
|
|
|
|
#include <base/printf.h>
|
Fiasco.OC: introduce Cap_index (fixes #149, #112)
This commit introduces a Cap_index class for Fiasco.OC's capabilities.
A Cap_index is a combination of the global capability id, that is used by Genode
to correctly identify a kernel-object, and a corresponding entry in a
protection-domain's (kernel-)capability-space. The cap-indices are non-copyable,
unique objects, that are held in a Cap_map. The Cap_map is used to re-find
capabilities already present in the protection-domain, when a capability is
received via IPC. The retrieval of capabilities effectively fixes issue #112,
meaning the waste of capability-space entries.
Because Cap_index objects are non-copyable (their address indicates the position
in the capability-space of the pd), they are inappropriate to use as
Native_capability. Therefore, Native_capability is implemented as a reference
to Cap_index objects. This design seems to be a good pre-condition to implement
smart-pointers for entries in the capability-space, and thereby closing existing
leaks (please refer to issue #32).
Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way,
that it should be relatively easy to apply the same concept to NOVA also. By now,
these classes are located in the `base-foc` repository, but they intentionally
contain no Fiasco.OC specific elements.
The previously explained changes had extensive impact on the whole Fiasco.OC
platform implementation, due to various dependencies. The following things had to
be changed:
* The Thread object's startup and destruction routine is re-arranged, to
enable another thread (that calls the Thread destructor) gaining the
capability id of the thread's gate to remove it from the Cap_map, the
thread's UTCB had to be made available to the caller, because there
is the current location of that id. After having the UTCB available
in the Thread object for that reason, the whole thread bootstrapping
could be simplified.
* In the course of changing the Native_capability's semantic, a new Cap_mapping
class was introduced in core, that facilitates the establishment and
destruction of capability mappings between core and it's client's, especially
mappings related to Platform_thread and Platform_task, that are relevant to
task and thread creation and destruction. Thereby, the destruction of
threads had to be reworked, which effectively removed a bug (issue #149)
where some threads weren't destroyed properly.
* In the quick fix for issue #112, something similar to the Cap_map was
introduced available in all processes. Moreover, some kind of a capability
map already existed in core, to handle cap-session request properly. The
introduction of the Cap_map unified both structures, so that the
cap-session component code in core had to be reworked too.
* The platform initialization code had to be changed sligthly due to the
changes in Native_capability
* The vcpu initialization in the L4Linux support library had to be adapted
according to the already mentioned changes in the Thread object's bootstrap
code.
2012-03-15 12:41:24 +01:00
|
|
|
#include <base/cap_map.h>
|
2011-12-22 16:19:25 +01:00
|
|
|
|
|
|
|
|
#include <env.h>
|
|
|
|
|
#include <l4lx_task.h>
|
|
|
|
|
|
|
|
|
|
using namespace Fiasco;
|
|
|
|
|
|
|
|
|
|
enum {
|
|
|
|
|
L4LX_TASK_DELETE_SPACE = 1,
|
|
|
|
|
L4LX_TASK_DELETE_THREAD = 2,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
extern "C" {
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* \brief Initialize task management.
|
|
|
|
|
* \ingroup task.
|
|
|
|
|
*
|
|
|
|
|
*
|
|
|
|
|
* General information about tasks:
|
|
|
|
|
* - The entity called task is meant for user space tasks in L4Linux,
|
|
|
|
|
* i.e. threads running in another address space then the L4Linux
|
|
|
|
|
* server
|
|
|
|
|
* - The term "task" has no connection with L4 tasks.
|
|
|
|
|
* - The task in L4Linux is represented by an (unsigned) integer
|
|
|
|
|
* which is non-ambiguous in the L4Linux server (the same number can
|
|
|
|
|
* exist in several L4Linux servers running in parallel though)
|
|
|
|
|
*/
|
|
|
|
|
void l4lx_task_init(void) { }
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* \brief Allocate a task from the task management system for later use.
|
|
|
|
|
* \ingroup task
|
|
|
|
|
*
|
|
|
|
|
* \return A valid task, or L4_NIL_ID if no task could be allocated.
|
|
|
|
|
*/
|
|
|
|
|
l4_cap_idx_t l4lx_task_number_allocate(void)
|
|
|
|
|
{
|
|
|
|
|
NOT_IMPLEMENTED;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* \brief Free task number after the task has been deleted.
|
|
|
|
|
* \ingroup task
|
|
|
|
|
*
|
|
|
|
|
* \param task The task to delete.
|
|
|
|
|
*
|
|
|
|
|
* \return 0 on succes, -1 if task number invalid or already free
|
|
|
|
|
*/
|
|
|
|
|
int l4lx_task_number_free(l4_cap_idx_t task)
|
|
|
|
|
{
|
Fiasco.OC: introduce Cap_index (fixes #149, #112)
This commit introduces a Cap_index class for Fiasco.OC's capabilities.
A Cap_index is a combination of the global capability id, that is used by Genode
to correctly identify a kernel-object, and a corresponding entry in a
protection-domain's (kernel-)capability-space. The cap-indices are non-copyable,
unique objects, that are held in a Cap_map. The Cap_map is used to re-find
capabilities already present in the protection-domain, when a capability is
received via IPC. The retrieval of capabilities effectively fixes issue #112,
meaning the waste of capability-space entries.
Because Cap_index objects are non-copyable (their address indicates the position
in the capability-space of the pd), they are inappropriate to use as
Native_capability. Therefore, Native_capability is implemented as a reference
to Cap_index objects. This design seems to be a good pre-condition to implement
smart-pointers for entries in the capability-space, and thereby closing existing
leaks (please refer to issue #32).
Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way,
that it should be relatively easy to apply the same concept to NOVA also. By now,
these classes are located in the `base-foc` repository, but they intentionally
contain no Fiasco.OC specific elements.
The previously explained changes had extensive impact on the whole Fiasco.OC
platform implementation, due to various dependencies. The following things had to
be changed:
* The Thread object's startup and destruction routine is re-arranged, to
enable another thread (that calls the Thread destructor) gaining the
capability id of the thread's gate to remove it from the Cap_map, the
thread's UTCB had to be made available to the caller, because there
is the current location of that id. After having the UTCB available
in the Thread object for that reason, the whole thread bootstrapping
could be simplified.
* In the course of changing the Native_capability's semantic, a new Cap_mapping
class was introduced in core, that facilitates the establishment and
destruction of capability mappings between core and it's client's, especially
mappings related to Platform_thread and Platform_task, that are relevant to
task and thread creation and destruction. Thereby, the destruction of
threads had to be reworked, which effectively removed a bug (issue #149)
where some threads weren't destroyed properly.
* In the quick fix for issue #112, something similar to the Cap_map was
introduced available in all processes. Moreover, some kind of a capability
map already existed in core, to handle cap-session request properly. The
introduction of the Cap_map unified both structures, so that the
cap-session component code in core had to be reworked too.
* The platform initialization code had to be changed sligthly due to the
changes in Native_capability
* The vcpu initialization in the L4Linux support library had to be adapted
according to the already mentioned changes in the Thread object's bootstrap
code.
2012-03-15 12:41:24 +01:00
|
|
|
Genode::Cap_index* idx = Genode::cap_idx_alloc()->kcap_to_idx(task);
|
|
|
|
|
Genode::cap_idx_alloc()->free(idx, 1);
|
2011-12-22 16:19:25 +01:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* \brief Allocate a new task number and return threadid for user task.
|
|
|
|
|
* \ingroup task
|
|
|
|
|
*
|
|
|
|
|
* \param parent_id If not NIL_ID, a new thread within
|
|
|
|
|
* parent_id's address space will be
|
|
|
|
|
* allocated, for CLONE_VM tasks.
|
|
|
|
|
*
|
|
|
|
|
* \retval id Thread ID of the user thread.
|
|
|
|
|
*
|
|
|
|
|
* \return 0 on success, != 0 on error
|
|
|
|
|
*/
|
|
|
|
|
int l4lx_task_get_new_task(l4_cap_idx_t parent_id,
|
|
|
|
|
l4_cap_idx_t *id)
|
|
|
|
|
{
|
Fiasco.OC: introduce Cap_index (fixes #149, #112)
This commit introduces a Cap_index class for Fiasco.OC's capabilities.
A Cap_index is a combination of the global capability id, that is used by Genode
to correctly identify a kernel-object, and a corresponding entry in a
protection-domain's (kernel-)capability-space. The cap-indices are non-copyable,
unique objects, that are held in a Cap_map. The Cap_map is used to re-find
capabilities already present in the protection-domain, when a capability is
received via IPC. The retrieval of capabilities effectively fixes issue #112,
meaning the waste of capability-space entries.
Because Cap_index objects are non-copyable (their address indicates the position
in the capability-space of the pd), they are inappropriate to use as
Native_capability. Therefore, Native_capability is implemented as a reference
to Cap_index objects. This design seems to be a good pre-condition to implement
smart-pointers for entries in the capability-space, and thereby closing existing
leaks (please refer to issue #32).
Cap_index, Cap_map, and the allocator for Cap_index objects are designed in a way,
that it should be relatively easy to apply the same concept to NOVA also. By now,
these classes are located in the `base-foc` repository, but they intentionally
contain no Fiasco.OC specific elements.
The previously explained changes had extensive impact on the whole Fiasco.OC
platform implementation, due to various dependencies. The following things had to
be changed:
* The Thread object's startup and destruction routine is re-arranged, to
enable another thread (that calls the Thread destructor) gaining the
capability id of the thread's gate to remove it from the Cap_map, the
thread's UTCB had to be made available to the caller, because there
is the current location of that id. After having the UTCB available
in the Thread object for that reason, the whole thread bootstrapping
could be simplified.
* In the course of changing the Native_capability's semantic, a new Cap_mapping
class was introduced in core, that facilitates the establishment and
destruction of capability mappings between core and it's client's, especially
mappings related to Platform_thread and Platform_task, that are relevant to
task and thread creation and destruction. Thereby, the destruction of
threads had to be reworked, which effectively removed a bug (issue #149)
where some threads weren't destroyed properly.
* In the quick fix for issue #112, something similar to the Cap_map was
introduced available in all processes. Moreover, some kind of a capability
map already existed in core, to handle cap-session request properly. The
introduction of the Cap_map unified both structures, so that the
cap-session component code in core had to be reworked too.
* The platform initialization code had to be changed sligthly due to the
changes in Native_capability
* The vcpu initialization in the L4Linux support library had to be adapted
according to the already mentioned changes in the Thread object's bootstrap
code.
2012-03-15 12:41:24 +01:00
|
|
|
*id = Genode::cap_idx_alloc()->alloc(1)->kcap();
|
2011-12-22 16:19:25 +01:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* \brief Create a (user) task. The pager is the Linux server.
|
|
|
|
|
* \ingroup task
|
|
|
|
|
*
|
|
|
|
|
* \param task_no Task number of the task to be created
|
|
|
|
|
* (task number is from l4lx_task_allocate()).
|
|
|
|
|
* \return 0 on success, error code otherwise
|
|
|
|
|
*
|
|
|
|
|
* This function additionally sets the priority of the thread 0 to
|
|
|
|
|
* CONFIG_L4_PRIO_USER_PROCESS.
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
int l4lx_task_create(l4_cap_idx_t task_no)
|
|
|
|
|
{
|
|
|
|
|
using namespace L4lx;
|
|
|
|
|
|
|
|
|
|
Linux::Irq_guard guard;
|
|
|
|
|
|
|
|
|
|
Env::env()->tasks()->insert(new (Genode::env()->heap()) Task(task_no));
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int l4lx_task_create_thread_in_task(l4_cap_idx_t thread, l4_cap_idx_t task,
|
|
|
|
|
l4_cap_idx_t pager, unsigned cpu)
|
|
|
|
|
{
|
|
|
|
|
NOT_IMPLEMENTED;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* \brief Create a (user) task.
|
|
|
|
|
* \ingroup task
|
|
|
|
|
*
|
|
|
|
|
* \param task_no See l4lx_task_create
|
|
|
|
|
* \param pager The pager for this task.
|
|
|
|
|
*
|
|
|
|
|
* \return See l4lx_task_create
|
|
|
|
|
*/
|
|
|
|
|
int l4lx_task_create_pager(l4_cap_idx_t task_no, l4_cap_idx_t pager)
|
|
|
|
|
{
|
|
|
|
|
NOT_IMPLEMENTED;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* \brief Terminate a task (and all its threads).
|
|
|
|
|
* \ingroup task
|
|
|
|
|
*
|
|
|
|
|
* \param task Id of the task to delete.
|
|
|
|
|
* \param option Delete options (currently only supported is
|
|
|
|
|
* option=1: send exit signal to the events
|
|
|
|
|
* server, option=0: send no exit signal to
|
|
|
|
|
* events server)
|
|
|
|
|
*
|
|
|
|
|
* \return 0 on error (task delete failed, threads are not deleted)
|
|
|
|
|
* != 0 on sucess:
|
|
|
|
|
* 1 if the whole address space was deleted
|
|
|
|
|
* 2 if just a thread was "deleted"
|
|
|
|
|
*/
|
|
|
|
|
int l4lx_task_delete_thread(l4_cap_idx_t thread)
|
|
|
|
|
{
|
|
|
|
|
NOT_IMPLEMENTED;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int l4lx_task_delete_task(l4_cap_idx_t task, unsigned option)
|
|
|
|
|
{
|
|
|
|
|
using namespace L4lx;
|
|
|
|
|
|
|
|
|
|
unsigned long flags = 0;
|
|
|
|
|
l4x_irq_save(flags);
|
|
|
|
|
|
|
|
|
|
Task *entry = Env::env()->tasks()->find_by_ref(task);
|
|
|
|
|
Env::env()->tasks()->remove(entry);
|
|
|
|
|
destroy(Genode::env()->heap(), entry);
|
|
|
|
|
|
|
|
|
|
l4x_irq_restore(flags);
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
