Issue #949
Related to issue #808 - one way to nearly double the maximum VM size for
VMs on 32bit Genode/Nova host if decreased performance is acceptable.
To ease the creation of custom virtual machine monitors on top of
NOVA, this patch moves generic utilities from vancouver resp. seoul to the
public include location 'ports/include/vmm'. As a nice side effect,
this change simplifies 'vancouver/main.cc'.
Issue #949
Originally, the convenience utility for accessing a process
configuration came in the form of a header file. But this causes
aliasing problems if multiple compilation units access the config while
the configuration gets dynamically updated. Moving the implementation of
the accessor to the singleton object into a library solves those
problems.
At least 64bit Seoul dies with Region_conflict reliable and reproducible.
When during startup of Seoul some Genode code (caused by executing some
constructors) try to attach a region, the region manager code in the rm_session
will try to place the attachment at the smallest large enough aligned free
virtual region.
For now, I observed one attachment causing trouble (but not knowing who causes
this - it does also not really matter). The questionable region is 0x4000 of
size for 32bit and 0x8000 of size for 64bit.
To steer the region manager a bit, we try now following trick:
With this commit the load address of the binary for 32 and 64 bit is moved
close to the end of the virtual address space, but leaving enough free virtual
space for the above observed attachment (and a bit more).
The region manager code now will try to fill up the virtual region behind
the binary up to the end of the virtual address space, effectively letting the
lower virtual region untouched - hopefully.
Works for now, but it will break again - for sure.
Fixes#519
Forgetting to restore the old utcb content results in hard to debug bugs.
Save only the amount of word items which are actually on the UTCB.
Issue #806
Avoids the message
cxx: operator delete (void *) called - not implemented. A working implementation is available in the 'stdcxx' library
during a " new ..." which causes exceptions. Happens for seoul in disk.cc
Issue #806
The previous version of the PS/2 mouse backend manged mouse motion
events in a strange way, effectively throwing away most information
about the motion vector. Furthermore, the tracking of the mouse-button
states were missing. So drag-and-drop in a guest OS won't work. The new
version fixes those issues. For the transformation of input events to
PS/2 packets, a the Genode::Register facility is used. This greatly
simplifies the code.
This patch replaces the error-prone manual locking with the use of the
'Synced_interface' for the motherboard and the VCPU dispatcher. It also
removes all globally visible locks. Locks are now explicitly passed to
subsystems when needed.
In this version of the transition the Hip structure from Genode is reused,
@nfeskes seoul_libc_support is used for the string functions and the
nul/config.h is replaced by just using a constant value in the one place where
the file was needed.
Related to #666.
This patch simplifies the way of how Genode's base libraries are
organized. Originally, the base API was implemented in the form of many
small libraries such as 'thread', 'env', 'server', etc. Most of them
used to consist of only a small number of files. Because those libraries
are incorporated in any build, the checking of their inter-dependencies
made the build process more verbose than desired. Also, the number of
libraries and their roles (core only, non-core only, shared by both core
and non-core) were not easy to capture.
Hereby, the base libraries have been reduced to the following few
libraries:
- startup.mk contains the startup code for normal Genode processes.
On some platform, core is able to use the library as well.
- base-common.mk contains the parts of the base library that are
identical by core and non-core processes.
- base.mk contains the complete base API implementation for non-core
processes
Consequently, the 'LIBS' declaration in 'target.mk' files becomes
simpler as well. In the most simple case, only the 'base' library must
be mentioned.
Fixes#18
Cap_sessions and portals created via the sessions are nowadays freed up during
c++ object destruction. Because of that the exception portals for a vCPU thread
get be revoked as soon as the cap_session object leaves its scope.
Keep one cap_session for the whole lifetime of the vmm to avoid disappearing
exception portals.
Related to #582.
Vancouver can now assign block devices to guests using the Block
interface. The machine has to be configured to use a specified drive,
which could be theoretically routed to different partitions or services
via policy definitions. Currently the USB driver only supports one
device. Genode's AHCI driver is untested.
If the session quota is too low, random pagefaults can occur on the
stack.
According to @Nils-TUD, it is necessary to protect the DiskCommit
messages with a lock against deadlocking with the timer. Observations
showed that this mitigates some problems with Gentoo on real hardware.
Vancouver is now able to use the Intel 82576 device model from NUL to
give VMs access to the network via the nic_bridge service. In order to
integrate the device model, it had to be renamed to i82576 due to XML
limitations. This is done by a patch applied via the 'make prepare'
mechanism.
Although current network card models in Vancouver panic if they can't
get a MAC address, the OP_GET_MAC hostop now fails gracefully in the
case where no nic_drv or nic_bridge is available.
The guest VM can now be provided with a framebuffer and keyboard input.
Mouse positioning of the guest is a problem. Because the PS2 model applies
some calculations to the movement values, it can happen that overflows mess
with the cursor. Therefore the handling was changed and only movements of 1
and -1 are sent. Since absolute positioning is not possible with PS2, we
have to live with this limitation until USB HID is implemented.
For the framebuffer size in Vancouver the configuration value in the machine
XML node is used. It is possible to map the corresponding memory area
directly to the guest, regardless if it is from nitpicker,
liquid_framebuffer or vesa_drv. The guest is provided with two modes (text
mode 3 and graphics mode 0x114 (0x314 in Linux).
Pressing LWIN+END while a VM has focus resets the virtual machine. Also,
RESET and DEBUG key presses will not be forwarded to the VM anymore.
It is possible to dump a VM's state by pressing LWIN+INS keys.
The text console is able to detect idle mode, unmaps the buffer from the
guest and stops interpreting. Upon the next pagefault in this area, it
resumes operation again. The code uses a simple checksum mechanism instead
of a large buffer and memcmp to detect an idle text console. False
positives don't matter very much.
When an EPT/NPT fault occurs during IDT vectoring, the original event must
be reinjected. Additionally we may have to inject an IRQ window if another
event is already pending.
Don't map all memory of the VM at once, instead only the one permitted
by the memory model. Otherwise memory regions get mapped which must not,
where each instruction and memory access have to cause an exception in
order to emulate it step by step.
Classes in Vancouver expect to get zero initialised memory when using memory
from the heap. Some classes don't initialize member variables as they should
do.
Reserve memory region for VM as early as possible before any other
memory allocation happens. Otherwise it could happen that heap
allocations will use part of the virtual region we require for the VM.
Alexander Boettcher
Norman Feske
Martin Stein
Markus Partheymüller
Markus Partheymueller