If a script is executed which uses a interpreter that does not exist the
construction of the child fails and potentially leaks memory because the
wrong delete operator is called.
Therefore the binary dataspace of the script and the binary dataspace of
the interpreter are now checked before a new child will be created.
Fixes#812.
This patch eliminates the "no attachment at..." warnings, which
were caused by a use-after-free problem of dataspaces. When a
dataspace was destroyed, the users of the dataspace were not
informed and therefore could not revert possible attachments to
RM sessions. The fix introduces a callback mechanism that allows
dataspace users (i.e., RM regions) to register for the event that
a dataspace vanishes.
The following types of dataspaces are handled:
* RAM dataspaces
* ROM dataspaces
* The process binary
* The binary of the dynamic linker
* Args dataspace
* Sysio dataspace
* Env dataspace
* managed RM dataspaces
The handling of ROM dataspaces is still not complete. When forking,
the ROM dataspace of the parent process gets just reused without
creating proper meta data ('Dataspace_info') for the forked process.
Similar issues might arise from other special dataspaces (e.g.,
args, env, sysio).
This patch removes all "no attachment at..." warnings except for
one (an attachment at 0).
Issue #485
With this patch, the 'Signal_receiver::dissolve()' function does not return
as long as the signal context to be dissolved is still referenced by one
or more 'Signal' objects. This is supposed to delay the destruction of the
signal context while it is still in use.
Fixes#594.
With this patch the destruction of Noux 'Child' objects gets delayed
further until the exit signal has been dispatched. This prevents the
self-destruction of the signal dispatcher, which is a member of the
'Child' object.
Fixes#603.
Several users of the signal API used custom convenience classes to
invoke signal-handling functions on the reception of incoming signals.
The 'Signal_dispatcher' pattern turned out to be particularly useful. To
avoid the duplication of this code across the code base, this patch
adds the interface to 'base/signal.h'.
Furthermore, the patch changes the 'Signal::num()' return type from int
to unsigned because negative numbers are meaningless here.
Fixes#511
We will reuse the terminal connection in the stdio filesystem
to implement /dev/tty. Therefor we need to access the terminal
from different locations which is simplified if it is provided
by a singleton.
The Io_receptor is now used to unblock certain I/O channels from lwip's
callback-function.
There was also a bug in which all ready-to-ready fds were overriden by
the ready-to-write ones.
The Socket_io_channel class now uses the Io_channel_backend to provide
the network related methods. In addition the Socket_io_channel_registry
was replaced with a simpler implementation which uses Io_receptors to
unblock I/O channels from the callback-function of lwip.
There are certain programs that need gettimeofday(), e.g.
network-related tools like ping(1) etc. but also filesystem-related
programs like find(1) etc. and of course time-related programs like
date(1).
As there is currently no interface in Genode for actually using clock
devices like RTC on x86 (though there is a driver for it) we "abuse"
the timeout_scheduler thread to at least provide flow-of-time.
Noux: add clock_gettime() implementation
For now, only CLOCK_SECOND is supported.
Noux: add utimes() dummy
Fixes#401
With this patch environment variables always get stored as zero-separated
strings in buffers of type 'Sysio::Env'. This fixes the problem that
environment variables with non-alphanumeric characters did not get set
correctly in child processes.
Fixes#340.
Change the uid/gid entries in the stat syscall to have the same values
on all filesystems that are used in the current noux-instance according
to the specified values in noux' config.
Fixes#338.
Certain programs tend to set their sockets non-blocking. As previously
descriptors in Noux were only blocking we now introduce a method to mark
the used Io_channel as non-blocking.
There are certain programs which need the information that is stored in
'struct passwd'. This commit introduces configurable user information
support to NOUX.
One can set the user information via <user> in NOUX config:
! <config>
! <user name="baron" uid="1" gid="1">
! <shell name="/bin/bash" />
! <home name="/home" />
! </user>
! [...]
! </config>
When <user> is not specified default values are used. Currently these
are 'root', 0, 0, '/bin/bash', '/'.
Note: this is just a single user implementation because each Noux instance
has only one user or rather one identity and there will be no complete
multi-user support in Noux. If you need different users, just start new
Noux instances for each of them.
Previously there was not actual timeout handling. If a select() call
set an timeout it would be set to zero instead and was always handled
as blocking i/o. While this works fine for file descriptors which
will be triggerd externally (for example vim through terminal i/o) it
does not work at all for socket descriptors and network operations in
general.
So this commit introduces proper timeout handling and changes the
behaviour of SYSCALL_SELECT so that it now returns more than just
one descriptor at a time.
noux/minimal and noux/net now depend on thread and alarm libraries.
Noux used to trace syscalls by default, which significantly slows down
its execution. This patch disables the tracing by default. It can be
enabled by specifying 'trace_syscalls="yes"' attribute to the Noux
configuration.
Noux/net adds network functionality to noux. Currently most basic
network related system calls including 'accept', 'bind', 'connect',
'listen', 'recv', 'send', 'shutdown', and 'socket' are implemented by
wrapping lwip's network functions.
At the moment noux/net is rarely usable, though it is possible to
use netcat to send a message to a netcat server which listen on a
given port in noux/net.
This patch introduces support for stacked file systems alongside new
glue for accessing file-system implementations provided via Genode's
new file-system-session interface.
Using stacked file systems, an arbitrary number of file systems (such
as tar archives or file systems implemented as separate Genode
components) can be composed to form one merged virtual file system.
An example is given via the 'ports/run/noux_bash.run' script. This run
script creates a virtual file system out of multiple tar archives each
containing the content of a particular GNU package. In addition, one
'ram_fs' is mounted, which enables Noux to perform write operations.
This way, the shell output can be redirected to a file, or files can
be saved in VIM.
Fixes#103.
The 'noux_bash.run' script has become able to present the user with an
interactive bash shell for executing various coreutils programs. It is
still pretty limited, i.e., the environment is not correctly passed to
child processes and pipes are not supported. But bash and coreutils are
operational.
This patch removes the hardcoded parent cap for the new child by
introducing a facility called 'poke' similar to copy-to-user. This
change makes the fork mechanism kernel-agnostic. The 'noux_fork'
test works on L4/Fiasco, OKL4, NOVA, Fiasco.OC, and L4ka::Pistachio.
Linux is not supported yet.
The resource virtualization layer has been extended to support sub RM
sessions because this feature is used by the dynamic linker. Currently,
the address space of the forking process is copied eagerly. However,
different dataspace types are treated differently. For example, only RAM
dataspaces are copied but no ROM dataspaces.
At the libc side, a setjmp/longjmp-based trampoline mechanism is used to
implement the continuation of the main thread inside the new process.
This procedure is also responsible for re-establishing the relationship
to the new process' parent as well as its Noux session.
This version is still in flux and has many rough edges. It is tied to
OKL4 for now.
Because 'Noux::Child' implements several abstract Genode interfaces, the
'Genode::' prefix became almost ubiquitous, making the code harder to
read. By importing the 'Genode' namespace into the 'Noux' namespace,
this patch remedies this inconvenience.
To implement fork semantics, we need to customize the bootstrapping of
the newly created process, in particular the startup of the main thread.
The CPU session interface provides a suitable hook. By virtualizing the
CPU connection of the process to core, we can defer (and parametrize)
the startup of the main thread. Furthermore, this enables us to detect
illegal attempts by the Noux process to create threads in addition to
the main thread.
By letting Noux processes talk to service implementations local to the
Noux server, we can track RAM allocations and RM operations. This is
needed as a prerequisite to implement fork.
When reading the values of environment variables supplied via Genode
config mechanism, the XML attribute values were taken as is. On the libc
side, however, the values are processed using Genode's 'Arg_string'
functions. When unquoted, 'Arg_string' expects values to be either
identifiers or numbers. In the general case, however, env values cannot
be expected to satisfy these requirements. Hence, it is better to always
quote these values when reading the XML config. An alternative (maybe
better) solution would be to not use the 'Arg_string' classes in the
libc side.