Commit Graph

4302 Commits

Author SHA1 Message Date
Emery Hemingway 20dc750d6a Update run scenarios for policy label matching
Issue #1766
2015-11-29 18:17:06 +01:00
Norman Feske 3f6ff39d76 os: improved label matching
This patch unifies the mechanism of selecting server-side policies and
taking session-routing decisions based on session labels. In both cases,
XML nodes are scored against session labels. The score depends on the
XML attributes 'label' (exact match), 'label_prefix', and
'label_suffix'.

Issue #1766
2015-11-29 18:17:05 +01:00
Christian Prochaska b766387069 qt5: respond to zero-resized framebuffer
Interpret a zero-resized framebuffer as hint to close the window.

Fixes #1792
2015-11-29 18:17:05 +01:00
Emery Hemingway ee25dcbae3 VFS: check path on the symlink node readlink
Fixes #1790
2015-11-29 18:17:05 +01:00
Emery Hemingway 44cfc414ee VFS server: throw Not_empty
Issue #1750
2015-11-29 18:17:05 +01:00
Emery Hemingway 1d92631ef0 VFS, File_system: Not_empty
Unlink returns an error for non-empty directories when the backend does
not support recursive unlinking.

Fixes #1750
2015-11-29 18:17:05 +01:00
Emery Hemingway 5bc3b53e63 adjust quota in libc vfs tests
Issue #1780
2015-11-29 18:17:05 +01:00
Emery Hemingway 6cb0f3bb71 VFS ram: remove quota
Fixes #1780
2015-11-29 18:17:05 +01:00
Christian Prochaska 25643fa00a init: fix uninitialized variables
Fixes #1753
2015-11-29 18:17:04 +01:00
Christian Helmuth d46ad98434 clipboard: check validity of import rom before usage
The attached ROM dataspace may be not yet valid on the first update (or
at any time beyond this explicit test case).
2015-11-29 18:17:04 +01:00
Josef Söntgen e13971fcf0 xml_generator: add attribute String<N> method
Make it possible to directly pass on a Genode::String<N> object instead
of using Genode::String<N>.string() by hand.

Fixes #1783.
2015-11-29 18:17:04 +01:00
Martin Stein 59d2a83f30 TZ VMM & USB Armory: Demo
* Provide paravirtualized block API for accessing the second partition
  of the block device that is provided by the ESDHC driver.

* Provide paravirtualized serial API for sending log-output over Genodes
  serial port.

* Use the latest Linux suggested in the USB Armory Wiki [1] when on USB Armory
  while still using the older vendor Linux when on i.MX53 QSB. I.e.,
  provide a device tree through RAM and a rootfs through the paravirtualized
  block device when on USB Armory while providing ATAGs and Initrd when on
  i.MX53 QSB.

* Switch on the LED on the USB Armory when the VMM catches a VM-exception
  and switch it off again when as soon as the exception is handled. This
  merely show-cases the ability to instrument the LED for such purposes. In an
  ideal world, the LED is switched on as long as we're on the "Secure Side"
  and switched off as long as we're not.

* For further information see repos/os/run/tz_vmm.run

[1] https://github.com/inversepath/usbarmory/wiki/Preparing-a-bootable-microSD-image

Fixes #1497
2015-11-29 18:17:04 +01:00
Martin Stein bed04f1f16 hw & imx53: kernel Trustzone config for USB armory
On the USB Armory, we want to secure different devices than on other i.MX53
implementations. Thus, add a board specific configuration that is interpreted
by the kernel Trustzone initialization.

Ref #1497
2015-11-29 18:17:04 +01:00
Martin Stein 85ba3259f8 hw & imx53: IRQ injection via Vm::proceed
Enhance the VM state, that can be accessed by a VMM, by a member
'unsigned irq_injection'. In Kernel::Vm::proceed check, whether
irq_injection is set.  If so, check whether irq_injection is a
non-secure IRQ.  If so, let the PIC raise this IRQ in the VM and reset
irq_injection.

Ref #1497
2015-11-29 18:17:04 +01:00
Martin Stein 0b39b22e14 create_uboot: support for hw_usb_armory
The platform name 'hw_usb_armory' targets Genode scenarios with base-hw
as kernel and the Inversepath USB-Armory as target hardware.

Ref #1497
2015-11-29 18:17:03 +01:00
Martin Stein 640b73f5ec create_uboot: spare out first 1K of target medium
This enables installation of the bootloader image without wiping the
partition table which is needed at least for the tz_vmm tutorial with
hw_usb_armory.

Ref #1497
2015-11-29 18:17:03 +01:00
Martin Stein 8c22e5d535 sd_card & imx53: refactor and clean-up
Move ADMA2 stuff to extra header and unit. Move ESDHCv2 implementations to
extra unit. Use exceptions instead of error codes. Clean-up documentation.

Ref #1497
2015-11-29 18:17:03 +01:00
Martin Stein 9da422696b sd_card & imx53: set ADMA entry size more clean
Less heuristics.

Ref #1497
2015-11-29 18:17:03 +01:00
Martin Stein a08358dce9 sd_card & imx53: fix multiblock write termination
The manual termination of multi-block writes via "Stop Transmission" commands
seems to leave the card in a busy state sometimes. This causes errors on
subsequent commands. Thus, we have to synchronize manually with the
card-internal state via "Send State" commands. Additionally, the method
for issuing the manual "Stop Transmission" commands was refined.

Ref #1497
2015-11-29 18:17:03 +01:00
Martin Stein 2b021ec54b sd_card & imx53: simplify IRQ handler
Less switch cases.

Ref #1497
2015-11-29 18:17:03 +01:00
Martin Stein 48e7d29686 sd_card & imx53: flush ADMA2 writes via DSB
We have to issue a data synchronization barrier after writing a ADMA2
table to ensure that the corresponding write commands were actually
executed before issuing the SD command.

Ref #1497
2015-11-29 18:17:03 +01:00
Martin Stein bd7fe4160d sd_card & imx53: fix initialization problem on QSB
On i.MX53 QSB, a "Send Op Cond" command during the driver initialization
returns another response value than on the USB Armory. As the check for
this response seems to have no relevance for the driver functionality (Linux
reads the value from MMIO but I can't find a place in the source code where
it is used), we simply remove it.

Ref #1497
2015-11-29 18:17:02 +01:00
Martin Stein d8e91908a2 sd_card & imx53: install IRQ signal handler
Previously, it was not necessary to acknowledge an IRQ initially before using
it. However, since the IRQ framework changed lately it is. Adapt to this.

Ref #1497
2015-11-29 18:17:02 +01:00
Alexander Boettcher 92cb9eb06d x86: support dynamic upgrades for platform driver
and, especially, for the device_pd. Account all resources per platform session
separately.

Fixes #1539
2015-11-29 18:17:02 +01:00
Alexander Boettcher 4c4e7c64d0 x86: start per platform session separate device_pd
Issue #1539
2015-11-27 12:18:54 +01:00
Alexander Boettcher b902f42482 os: support reference ram cap for slaves
Issue #1539
2015-11-27 12:18:54 +01:00
Alexander Boettcher e49a5ee19f base: make reference ram cap part of child policy
Issue #1539
2015-11-27 12:18:54 +01:00
Christian Helmuth 50dd0dda38 Notify report-rom client on signal-handler registration
Notify client initially to enforce a client-side ROM update. Otherwise,
a server-side ROM update between session creation and signal-handler
registration would go unnoticed.

Issue #1788
2015-11-27 12:18:54 +01:00
Norman Feske 4b9e1f1060 Window decorator that can be styled 2015-11-27 12:18:54 +01:00
Norman Feske 2dde77f62c gems: add Nitpicker_buffer and Dither_painter
The two utilities gems/nitpicker_buffer.h and gems/dither_painter.h were
formerly private to the menu_view component.
2015-11-27 12:18:54 +01:00
Norman Feske c63bea825d decorator: fix warning 2015-11-27 12:18:54 +01:00
Norman Feske f9d0e57b0e decorator: fix hover detection 2015-11-27 12:18:53 +01:00
Norman Feske e4678a4dc1 decorator: do not defer stacking changes
This patch changes the decorator to always apply stacking-order changes
immediately instead of deferring the re-stacking of the nitpicker views
to the next call of 'update_nitpicker_views'. The deferred application
did not always work when more then one windows changed their stacking
position at once because the cached '_neighbor' values interfered with
each other.

The eager re-stacking should not have negative effects on the user
experience because, in contrast to re-positioning, re-stacking a rare
operation.
2015-11-27 12:18:53 +01:00
Norman Feske c26d30dffc decorator: use server API 2015-11-27 12:18:53 +01:00
Norman Feske acb0ddd9ef decorator: generalize include/decorator/window.h
This change makes it possible to reuse the generic window decorator
classes in include/decorator/ for decorators of a different structure.
E.g., instead of painting decorations on a single nitpicker session,
each window may paint its decorations into additional window-specific
nitpicker sessions.
2015-11-27 12:18:53 +01:00
Norman Feske 493386ed27 wm: prevent superfluous session upgrades
For each session upgrade performed by a wm client as part of the
Nitpicker::Connection::buffer function, the window manager wrongly
upgraded the wrapped nitpicker session twice: Once by handling the
Root::upgrade, and again by handling of the server-side 'buffer'
operation. Here, the 'buffer' operation was implemented by not merely
forwarding the RPC request to the wrapped nitpicker session but by
calling the 'buffer' method on the wrapped session's connection
object, which implictly issues session upgrades. Consequently,
the window manager would transfer twice the amount of the session
upgrades it received by its clients to nitpicker and eventually ran
out of memory.

The patch fixes the problem by eliminating the call of the
Nitpicker::Connection::buffer method and instead merely forward the RPC
requests to the wrapped nitpicker sessions.
2015-11-27 12:18:53 +01:00
Norman Feske 461776a29c wm: support multiple decorator sessions 2015-11-27 12:18:53 +01:00
Norman Feske ed774253b6 demo: fix corner case in scout_gfx/icon_painter.h
The original version of the icon painter would reach beyong the
texture boundaries for textures of even width and height, and when
painting an icon with the width or height of the texture.

In this case, p3 would be set to the same value as p2. However, the code
expects p3 to lie within the middle rectangle. However, in this corner
case, the middle rectangle is actually empty. So no pixel can lie within
it. Hence, p3 is positioned by one pixel to the left outside the middle
rectangle, which violates the assumptions when calculating the clipping
and texture offsets. The patch fixes the problem by reducing the size of
the right column by one pixel. This ensures that exists always a
non-zero middle rectangle.
2015-11-27 12:18:53 +01:00
Norman Feske 6177424fa6 demo: make Lazy_value::dst() const 2015-11-27 12:18:53 +01:00
Norman Feske 0ab49dff3a nitpicker: reflect Handle_registry::Out_of_memory
In the event where a nitpicker session's quota was depleted by the
allocation of view handles, nitpicker would abort. The patch prevents
the abort by reflecting this condition as an Out_of_metadata exception
to the client. This way, the client can upgrade its session as needed.

The problem was triggered by running the decorator_stress test (changed
to generate 40 windows) with the themed_decorator.
2015-11-27 12:18:52 +01:00
Norman Feske a1c0c99045 nitpicker: fix corner case in view stack operation
This patch addresses the corner case that the specified neighbor view
is the first view of the view stack. If this is the case when inserting
the view in front of the neighbor (behind == false), the target position
within the view stack must be a null pointer, not the first view.

Because the conditions have become rather complicated, both cases
of 'behind' are handled separately now.
2015-11-27 12:18:52 +01:00
Norman Feske 909c4c9ffc os: define storage type of rgb888 as 32-bit value
The original version used unsigned long as storage type, which wasted
memory on 64-bit machines.
2015-11-27 12:18:52 +01:00
Norman Feske f655ac31f7 vbox: don't fault if NIC is unavailable
This patch prevents vbox from faulting in the (unexpected) case where
the VM has a network adaptor configured but the NIC session cannot be
opened.
2015-11-27 12:18:52 +01:00
Norman Feske 853378960c init: prevent division by zero
During the reconfiguration of init, the CPU-quota computation caused
init to produce a division-by-zero exception.
2015-11-27 12:18:52 +01:00
Christian Prochaska a2bb96723a vbox: respond to zero-resized framebuffer 2015-11-27 12:18:52 +01:00
Norman Feske 331225dfcb Increase TRACE quota of trace subject reporter
This change is needed to accommodate the turmvilla scenario.
2015-11-27 12:18:52 +01:00
Norman Feske 23aac2954b rom_filter: respond to dynamic config updates 2015-11-27 12:18:51 +01:00
Josef Söntgen 3859e83a78 dde_bsd: requires pci
Prevent building the driver on linux.

Fixes #1785.
2015-11-27 12:18:51 +01:00
Alexander Boettcher 84dfb668d3 noux: handle rom_connection_failed gracefully
Fixes #1040
2015-11-27 12:18:51 +01:00
Christian Helmuth 638fdeb2f5 vbox: fix nitpicker config in win auto tests 2015-11-27 12:18:51 +01:00