2005-04-21 16:53:53 +02:00
|
|
|
/* This task handles the interface between the kernel and user-level servers.
|
|
|
|
* System services can be accessed by doing a system call. System calls are
|
|
|
|
* transformed into request messages, which are handled by this task. By
|
|
|
|
* convention, a sys_call() is transformed in a SYS_CALL request message that
|
|
|
|
* is handled in a function named do_call().
|
|
|
|
*
|
|
|
|
* A private call vector is used to map all system calls to the functions that
|
|
|
|
* handle them. The actual handler functions are contained in separate files
|
|
|
|
* to keep this file clean. The call vector is used in the system task's main
|
|
|
|
* loop to handle all incoming requests.
|
|
|
|
*
|
|
|
|
* In addition to the main sys_task() entry point, which starts the main loop,
|
|
|
|
* there are several other minor entry points:
|
2005-07-26 14:48:34 +02:00
|
|
|
* get_priv: assign privilege structure to user or system process
|
2009-07-02 18:25:31 +02:00
|
|
|
* set_sendto_bit: allow a process to send messages to a new target
|
|
|
|
* unset_sendto_bit: disallow a process from sending messages to a target
|
2010-07-07 00:05:21 +02:00
|
|
|
* fill_sendto_mask: fill the target mask of a given process
|
2005-07-21 20:36:40 +02:00
|
|
|
* send_sig: send a signal directly to a system process
|
New RS and new signal handling for system processes.
UPDATING INFO:
20100317:
/usr/src/etc/system.conf updated to ignore default kernel calls: copy
it (or merge it) to /etc/system.conf.
The hello driver (/dev/hello) added to the distribution:
# cd /usr/src/commands/scripts && make clean install
# cd /dev && MAKEDEV hello
KERNEL CHANGES:
- Generic signal handling support. The kernel no longer assumes PM as a signal
manager for every process. The signal manager of a given process can now be
specified in its privilege slot. When a signal has to be delivered, the kernel
performs the lookup and forwards the signal to the appropriate signal manager.
PM is the default signal manager for user processes, RS is the default signal
manager for system processes. To enable ptrace()ing for system processes, it
is sufficient to change the default signal manager to PM. This will temporarily
disable crash recovery, though.
- sys_exit() is now split into sys_exit() (i.e. exit() for system processes,
which generates a self-termination signal), and sys_clear() (i.e. used by PM
to ask the kernel to clear a process slot when a process exits).
- Added a new kernel call (i.e. sys_update()) to swap two process slots and
implement live update.
PM CHANGES:
- Posix signal handling is no longer allowed for system processes. System
signals are split into two fixed categories: termination and non-termination
signals. When a non-termination signaled is processed, PM transforms the signal
into an IPC message and delivers the message to the system process. When a
termination signal is processed, PM terminates the process.
- PM no longer assumes itself as the signal manager for system processes. It now
makes sure that every system signal goes through the kernel before being
actually processes. The kernel will then dispatch the signal to the appropriate
signal manager which may or may not be PM.
SYSLIB CHANGES:
- Simplified SEF init and LU callbacks.
- Added additional predefined SEF callbacks to debug crash recovery and
live update.
- Fixed a temporary ack in the SEF init protocol. SEF init reply is now
completely synchronous.
- Added SEF signal event type to provide a uniform interface for system
processes to deal with signals. A sef_cb_signal_handler() callback is
available for system processes to handle every received signal. A
sef_cb_signal_manager() callback is used by signal managers to process
system signals on behalf of the kernel.
- Fixed a few bugs with memory mapping and DS.
VM CHANGES:
- Page faults and memory requests coming from the kernel are now implemented
using signals.
- Added a new VM call to swap two process slots and implement live update.
- The call is used by RS at update time and in turn invokes the kernel call
sys_update().
RS CHANGES:
- RS has been reworked with a better functional decomposition.
- Better kernel call masks. com.h now defines the set of very basic kernel calls
every system service is allowed to use. This makes system.conf simpler and
easier to maintain. In addition, this guarantees a higher level of isolation
for system libraries that use one or more kernel calls internally (e.g. printf).
- RS is the default signal manager for system processes. By default, RS
intercepts every signal delivered to every system process. This makes crash
recovery possible before bringing PM and friends in the loop.
- RS now supports fast rollback when something goes wrong while initializing
the new version during a live update.
- Live update is now implemented by keeping the two versions side-by-side and
swapping the process slots when the old version is ready to update.
- Crash recovery is now implemented by keeping the two versions side-by-side
and cleaning up the old version only when the recovery process is complete.
DS CHANGES:
- Fixed a bug when the process doing ds_publish() or ds_delete() is not known
by DS.
- Fixed the completely broken support for strings. String publishing is now
implemented in the system library and simply wraps publishing of memory ranges.
Ideally, we should adopt a similar approach for other data types as well.
- Test suite fixed.
DRIVER CHANGES:
- The hello driver has been added to the Minix distribution to demonstrate basic
live update and crash recovery functionalities.
- Other drivers have been adapted to conform the new SEF interface.
2010-03-17 02:15:29 +01:00
|
|
|
* cause_sig: take action to cause a signal to occur via a signal mgr
|
Merge of David's ptrace branch. Summary:
o Support for ptrace T_ATTACH/T_DETACH and T_SYSCALL
o PM signal handling logic should now work properly, even with debuggers
being present
o Asynchronous PM/VFS protocol, full IPC support for senda(), and
AMF_NOREPLY senda() flag
DETAILS
Process stop and delay call handling of PM:
o Added sys_runctl() kernel call with sys_stop() and sys_resume()
aliases, for PM to stop and resume a process
o Added exception for sending/syscall-traced processes to sys_runctl(),
and matching SIGKREADY pseudo-signal to PM
o Fixed PM signal logic to deal with requests from a process after
stopping it (so-called "delay calls"), using the SIGKREADY facility
o Fixed various PM panics due to race conditions with delay calls versus
VFS calls
o Removed special PRIO_STOP priority value
o Added SYS_LOCK RTS kernel flag, to stop an individual process from
running while modifying its process structure
Signal and debugger handling in PM:
o Fixed debugger signals being dropped if a second signal arrives when
the debugger has not retrieved the first one
o Fixed debugger signals being sent to the debugger more than once
o Fixed debugger signals unpausing process in VFS; removed PM_UNPAUSE_TR
protocol message
o Detached debugger signals from general signal logic and from being
blocked on VFS calls, meaning that even VFS can now be traced
o Fixed debugger being unable to receive more than one pending signal in
one process stop
o Fixed signal delivery being delayed needlessly when multiple signals
are pending
o Fixed wait test for tracer, which was returning for children that were
not waited for
o Removed second parallel pending call from PM to VFS for any process
o Fixed process becoming runnable between exec() and debugger trap
o Added support for notifying the debugger before the parent when a
debugged child exits
o Fixed debugger death causing child to remain stopped forever
o Fixed consistently incorrect use of _NSIG
Extensions to ptrace():
o Added T_ATTACH and T_DETACH ptrace request, to attach and detach a
debugger to and from a process
o Added T_SYSCALL ptrace request, to trace system calls
o Added T_SETOPT ptrace request, to set trace options
o Added TO_TRACEFORK trace option, to attach automatically to children
of a traced process
o Added TO_ALTEXEC trace option, to send SIGSTOP instead of SIGTRAP upon
a successful exec() of the tracee
o Extended T_GETUSER ptrace support to allow retrieving a process's priv
structure
o Removed T_STOP ptrace request again, as it does not help implementing
debuggers properly
o Added MINIX3-specific ptrace test (test42)
o Added proper manual page for ptrace(2)
Asynchronous PM/VFS interface:
o Fixed asynchronous messages not being checked when receive() is called
with an endpoint other than ANY
o Added AMF_NOREPLY senda() flag, preventing such messages from
satisfying the receive part of a sendrec()
o Added asynsend3() that takes optional flags; asynsend() is now a
#define passing in 0 as third parameter
o Made PM/VFS protocol asynchronous; reintroduced tell_fs()
o Made PM_BASE request/reply number range unique
o Hacked in a horrible temporary workaround into RS to deal with newly
revealed RS-PM-VFS race condition triangle until VFS is asynchronous
System signal handling:
o Fixed shutdown logic of device drivers; removed old SIGKSTOP signal
o Removed is-superuser check from PM's do_procstat() (aka getsigset())
o Added sigset macros to allow system processes to deal with the full
signal set, rather than just the POSIX subset
Miscellaneous PM fixes:
o Split do_getset into do_get and do_set, merging common code and making
structure clearer
o Fixed setpriority() being able to put to sleep processes using an
invalid parameter, or revive zombie processes
o Made find_proc() global; removed obsolete proc_from_pid()
o Cleanup here and there
Also included:
o Fixed false-positive boot order kernel warning
o Removed last traces of old NOTIFY_FROM code
THINGS OF POSSIBLE INTEREST
o It should now be possible to run PM at any priority, even lower than
user processes
o No assumptions are made about communication speed between PM and VFS,
although communication must be FIFO
o A debugger will now receive incoming debuggee signals at kill time
only; the process may not yet be fully stopped
o A first step has been made towards making the SYSTEM task preemptible
2009-09-30 11:57:22 +02:00
|
|
|
* sig_delay_done: tell PM that a process is not sending
|
2005-04-21 16:53:53 +02:00
|
|
|
* umap_bios: map virtual address in BIOS_SEG to physical
|
2005-06-03 15:55:06 +02:00
|
|
|
* get_randomness: accumulate randomness in a buffer
|
2006-03-15 13:01:59 +01:00
|
|
|
* clear_endpoint: remove a process' ability to send and receive messages
|
2010-07-13 17:30:17 +02:00
|
|
|
* sched_proc: schedule a process
|
2005-04-21 16:53:53 +02:00
|
|
|
*
|
|
|
|
* Changes:
|
2009-12-11 01:08:19 +01:00
|
|
|
* Nov 22, 2009 get_priv supports static priv ids (Cristiano Giuffrida)
|
2005-10-14 11:13:52 +02:00
|
|
|
* Aug 04, 2005 check if system call is allowed (Jorrit N. Herder)
|
2005-08-04 11:26:36 +02:00
|
|
|
* Jul 20, 2005 send signal to services with message (Jorrit N. Herder)
|
|
|
|
* Jan 15, 2005 new, generalized virtual copy function (Jorrit N. Herder)
|
2005-04-21 16:53:53 +02:00
|
|
|
* Oct 10, 2004 dispatch system calls from call vector (Jorrit N. Herder)
|
|
|
|
* Sep 30, 2004 source code documentation updated (Jorrit N. Herder)
|
|
|
|
*/
|
|
|
|
|
'proc number' is process slot, 'endpoint' are generation-aware process
instance numbers, encoded and decoded using macros in <minix/endpoint.h>.
proc number -> endpoint migration
. proc_nr in the interrupt hook is now an endpoint, proc_nr_e.
. m_source for messages and notifies is now an endpoint, instead of
proc number.
. isokendpt() converts an endpoint to a process number, returns
success (but fails if the process number is out of range, the
process slot is not a living process, or the given endpoint
number does not match the endpoint number in the process slot,
indicating an old process).
. okendpt() is the same as isokendpt(), but panic()s if the conversion
fails. This is mainly used for decoding message.m_source endpoints,
and other endpoint numbers in kernel data structures, which should
always be correct.
. if DEBUG_ENABLE_IPC_WARNINGS is enabled, isokendpt() and okendpt()
get passed the __FILE__ and __LINE__ of the calling lines, and
print messages about what is wrong with the endpoint number
(out of range proc, empty proc, or inconsistent endpoint number),
with the caller, making finding where the conversion failed easy
without having to include code for every call to print where things
went wrong. Sometimes this is harmless (wrong arg to a kernel call),
sometimes it's a fatal internal inconsistency (bogus m_source).
. some process table fields have been appended an _e to indicate it's
become and endpoint.
. process endpoint is stored in p_endpoint, without generation number.
it turns out the kernel never needs the generation number, except
when fork()ing, so it's decoded then.
. kernel calls all take endpoints as arguments, not proc numbers.
the one exception is sys_fork(), which needs to know in which slot
to put the child.
2006-03-03 11:00:02 +01:00
|
|
|
#include "debug.h"
|
2005-04-21 16:53:53 +02:00
|
|
|
#include "kernel.h"
|
|
|
|
#include "system.h"
|
Mostly bugfixes of bugs triggered by the test set.
bugfixes:
SYSTEM:
. removed
rc->p_priv->s_flags = 0;
for the priv struct shared by all user processes in get_priv(). this
should only be done once. doing a SYS_PRIV_USER in sys_privctl()
caused the flags of all user processes to be reset, so they were no
longer PREEMPTIBLE. this happened when RS executed a policy script.
(this broke test1 in the test set)
VFS/MFS:
. chown can change the mode of a file, and chmod arguments are only
part of the full file mode so the full filemode is slightly magic.
changed these calls so that the final modes are returned to VFS, so
that the vnode can be kept up-to-date.
(this broke test11 in the test set)
MFS:
. lookup() checked for sizeof(string) instead of sizeof(user_path),
truncating long path names
(caught by test 23)
. truncate functions neglected to update ctime
(this broke test16)
VFS:
. corner case of an empty filename lookup caused fields of a request
not to be filled in in the lookup functions, not making it clear
that the lookup had failed, causing messages to garbage processes,
causing strange failures.
(caught by test 30)
. trust v_size in vnode when doing reads or writes on non-special
files, truncating i/o where necessary; this is necessary for pipes,
as MFS can't tell when a pipe has been truncated without it being
told explicitly each time.
when the last reader/writer on a pipe closes, tell FS about
the new size using truncate_vn().
(this broke test 25, among others)
. permission check for chdir() had disappeared; added a
forbidden() call
(caught by test 23)
new code, shouldn't change anything:
. introduced RTS_SET, RTS_UNSET, and RTS_ISSET macro's, and their
LOCK variants. These macros set and clear the p_rts_flags field,
causing a lot of duplicated logic like
old_flags = rp->p_rts_flags; /* save value of the flags */
rp->p_rts_flags &= ~NO_PRIV;
if (old_flags != 0 && rp->p_rts_flags == 0) lock_enqueue(rp);
to change into the simpler
RTS_LOCK_UNSET(rp, NO_PRIV);
so the macros take care of calling dequeue() and enqueue() (or lock_*()),
as the case may be). This makes the code a bit more readable and a
bit less fragile.
. removed return code from do_clocktick in CLOCK as it currently
never replies
. removed some debug code from VFS
. fixed grant debug message in device.c
preemptive checks, tests, changes:
. added return code checks of receive() to SYSTEM and CLOCK
. O_TRUNC should never arrive at MFS (added sanity check and removed
O_TRUNC code)
. user_path declared with PATH_MAX+1 to let it be null-terminated
. checks in MFS to see if strings passed by VFS are null-terminated
IS:
. static irq name table thrown out
2007-02-01 18:50:02 +01:00
|
|
|
#include "proc.h"
|
2008-11-19 13:26:10 +01:00
|
|
|
#include "vm.h"
|
2010-07-13 17:30:17 +02:00
|
|
|
#include "kernel/clock.h"
|
2005-04-21 16:53:53 +02:00
|
|
|
#include <stdlib.h>
|
2010-03-10 14:00:05 +01:00
|
|
|
#include <assert.h>
|
2005-04-21 16:53:53 +02:00
|
|
|
#include <signal.h>
|
|
|
|
#include <unistd.h>
|
|
|
|
#include <sys/sigcontext.h>
|
'proc number' is process slot, 'endpoint' are generation-aware process
instance numbers, encoded and decoded using macros in <minix/endpoint.h>.
proc number -> endpoint migration
. proc_nr in the interrupt hook is now an endpoint, proc_nr_e.
. m_source for messages and notifies is now an endpoint, instead of
proc number.
. isokendpt() converts an endpoint to a process number, returns
success (but fails if the process number is out of range, the
process slot is not a living process, or the given endpoint
number does not match the endpoint number in the process slot,
indicating an old process).
. okendpt() is the same as isokendpt(), but panic()s if the conversion
fails. This is mainly used for decoding message.m_source endpoints,
and other endpoint numbers in kernel data structures, which should
always be correct.
. if DEBUG_ENABLE_IPC_WARNINGS is enabled, isokendpt() and okendpt()
get passed the __FILE__ and __LINE__ of the calling lines, and
print messages about what is wrong with the endpoint number
(out of range proc, empty proc, or inconsistent endpoint number),
with the caller, making finding where the conversion failed easy
without having to include code for every call to print where things
went wrong. Sometimes this is harmless (wrong arg to a kernel call),
sometimes it's a fatal internal inconsistency (bogus m_source).
. some process table fields have been appended an _e to indicate it's
become and endpoint.
. process endpoint is stored in p_endpoint, without generation number.
it turns out the kernel never needs the generation number, except
when fork()ing, so it's decoded then.
. kernel calls all take endpoints as arguments, not proc numbers.
the one exception is sys_fork(), which needs to know in which slot
to put the child.
2006-03-03 11:00:02 +01:00
|
|
|
#include <minix/endpoint.h>
|
2006-06-20 11:58:58 +02:00
|
|
|
#include <minix/safecopies.h>
|
2005-04-21 16:53:53 +02:00
|
|
|
|
2005-04-29 17:36:43 +02:00
|
|
|
/* Declaration of the call vector that defines the mapping of system calls
|
|
|
|
* to handler functions. The vector is initialized in sys_init() with map(),
|
|
|
|
* which makes sure the system call numbers are ok. No space is allocated,
|
|
|
|
* because the dummy is declared extern. If an illegal call is given, the
|
|
|
|
* array size will be negative and this won't compile.
|
2005-04-21 16:53:53 +02:00
|
|
|
*/
|
2010-04-22 09:49:40 +02:00
|
|
|
PRIVATE int (*call_vec[NR_SYS_CALLS])(struct proc * caller, message *m_ptr);
|
2005-04-21 16:53:53 +02:00
|
|
|
|
2005-04-29 17:36:43 +02:00
|
|
|
#define map(call_nr, handler) \
|
2005-07-26 16:54:49 +02:00
|
|
|
{extern int dummy[NR_SYS_CALLS>(unsigned)(call_nr-KERNEL_CALL) ? 1:-1];} \
|
|
|
|
call_vec[(call_nr-KERNEL_CALL)] = (handler)
|
2005-04-29 17:36:43 +02:00
|
|
|
|
2010-02-09 16:20:09 +01:00
|
|
|
PRIVATE void kernel_call_finish(struct proc * caller, message *msg, int result)
|
|
|
|
{
|
|
|
|
if(result == VMSUSPEND) {
|
|
|
|
/* Special case: message has to be saved for handling
|
|
|
|
* until VM tells us it's allowed. VM has been notified
|
|
|
|
* and we must wait for its reply to restart the call.
|
|
|
|
*/
|
2010-03-10 14:00:05 +01:00
|
|
|
assert(RTS_ISSET(caller, RTS_VMREQUEST));
|
|
|
|
assert(caller->p_vmrequest.type == VMSTYPE_KERNELCALL);
|
2010-02-09 16:20:09 +01:00
|
|
|
caller->p_vmrequest.saved.reqmsg = *msg;
|
|
|
|
caller->p_misc_flags |= MF_KCALL_RESUME;
|
|
|
|
} else {
|
|
|
|
/*
|
|
|
|
* call is finished, we could have been suspended because of VM,
|
|
|
|
* remove the request message
|
|
|
|
*/
|
|
|
|
caller->p_vmrequest.saved.reqmsg.m_source = NONE;
|
|
|
|
if (result != EDONTREPLY) {
|
|
|
|
/* copy the result as a message to the original user buffer */
|
|
|
|
msg->m_source = SYSTEM;
|
|
|
|
msg->m_type = result; /* report status of call */
|
2010-06-24 15:31:40 +02:00
|
|
|
#if DEBUG_DUMPIPC
|
|
|
|
printmsgkresult(msg, caller);
|
|
|
|
#endif
|
2010-02-09 16:20:09 +01:00
|
|
|
if (copy_msg_to_user(caller, msg,
|
|
|
|
(message *)caller->p_delivermsg_vir)) {
|
2010-03-03 16:45:01 +01:00
|
|
|
printf("WARNING wrong user pointer 0x%08x from "
|
2010-02-09 16:20:09 +01:00
|
|
|
"process %s / %d\n",
|
|
|
|
caller->p_delivermsg_vir,
|
|
|
|
caller->p_name,
|
|
|
|
caller->p_endpoint);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2005-04-21 16:53:53 +02:00
|
|
|
|
2010-02-09 16:20:09 +01:00
|
|
|
PRIVATE int kernel_call_dispatch(struct proc * caller, message *msg)
|
2005-04-21 16:53:53 +02:00
|
|
|
{
|
2010-02-09 16:20:09 +01:00
|
|
|
int result = OK;
|
2006-06-20 11:58:58 +02:00
|
|
|
int call_nr;
|
2010-06-24 15:31:40 +02:00
|
|
|
|
|
|
|
#if DEBUG_DUMPIPC
|
|
|
|
printmsgkcall(msg, caller);
|
|
|
|
#endif
|
2010-02-09 16:20:09 +01:00
|
|
|
call_nr = msg->m_type - KERNEL_CALL;
|
2005-04-21 16:53:53 +02:00
|
|
|
|
2010-02-09 16:20:09 +01:00
|
|
|
/* See if the caller made a valid request and try to handle it. */
|
|
|
|
if (call_nr < 0 || call_nr >= NR_SYS_CALLS) { /* check call number */
|
2010-03-03 16:45:01 +01:00
|
|
|
printf("SYSTEM: illegal request %d from %d.\n",
|
2010-02-09 16:20:09 +01:00
|
|
|
call_nr,msg->m_source);
|
2005-04-21 16:53:53 +02:00
|
|
|
result = EBADREQUEST; /* illegal message type */
|
2010-02-09 16:20:09 +01:00
|
|
|
}
|
|
|
|
else if (!GET_BIT(priv(caller)->s_k_call_mask, call_nr)) {
|
2010-03-17 19:23:51 +01:00
|
|
|
printf("SYSTEM: denied request %d from %d.\n",
|
|
|
|
call_nr,msg->m_source);
|
2006-08-10 12:56:16 +02:00
|
|
|
result = ECALLDENIED; /* illegal message type */
|
2010-02-09 16:20:09 +01:00
|
|
|
} else {
|
2010-02-03 10:04:48 +01:00
|
|
|
/* handle the system call */
|
2010-06-01 10:54:31 +02:00
|
|
|
if (call_vec[call_nr])
|
|
|
|
result = (*call_vec[call_nr])(caller, msg);
|
|
|
|
else {
|
|
|
|
printf("Unused kernel call %d from %d\n",
|
|
|
|
call_nr, caller->p_endpoint);
|
|
|
|
result = EBADREQUEST;
|
|
|
|
}
|
2010-02-09 16:20:09 +01:00
|
|
|
}
|
2005-04-21 16:53:53 +02:00
|
|
|
|
2010-02-09 16:20:09 +01:00
|
|
|
return result;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*===========================================================================*
|
|
|
|
* kernel_call *
|
|
|
|
*===========================================================================*/
|
|
|
|
/*
|
|
|
|
* this function checks the basic syscall parameters and if accepted it
|
|
|
|
* dispatches its handling to the right handler
|
|
|
|
*/
|
|
|
|
PUBLIC void kernel_call(message *m_user, struct proc * caller)
|
|
|
|
{
|
|
|
|
int result = OK;
|
|
|
|
message msg;
|
|
|
|
|
|
|
|
caller->p_delivermsg_vir = (vir_bytes) m_user;
|
|
|
|
/*
|
|
|
|
* the ldt and cr3 of the caller process is loaded because it just've trapped
|
2010-05-18 15:00:39 +02:00
|
|
|
* into the kernel or was already set in switch_to_user() before we resume
|
2010-02-09 16:20:09 +01:00
|
|
|
* execution of an interrupted kernel call
|
|
|
|
*/
|
|
|
|
if (copy_msg_from_user(caller, m_user, &msg) == 0) {
|
|
|
|
msg.m_source = caller->p_endpoint;
|
|
|
|
result = kernel_call_dispatch(caller, &msg);
|
|
|
|
}
|
|
|
|
else {
|
2010-03-03 16:45:01 +01:00
|
|
|
printf("WARNING wrong user pointer 0x%08x from process %s / %d\n",
|
2010-02-09 16:20:09 +01:00
|
|
|
m_user, caller->p_name, caller->p_endpoint);
|
|
|
|
result = EBADREQUEST;
|
2005-04-21 16:53:53 +02:00
|
|
|
}
|
2010-02-09 16:20:09 +01:00
|
|
|
|
|
|
|
kernel_call_finish(caller, &msg, result);
|
2005-04-21 16:53:53 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/*===========================================================================*
|
2005-09-11 18:44:06 +02:00
|
|
|
* initialize *
|
2005-04-21 16:53:53 +02:00
|
|
|
*===========================================================================*/
|
2010-02-09 16:12:20 +01:00
|
|
|
PUBLIC void system_init(void)
|
2005-04-21 16:53:53 +02:00
|
|
|
{
|
2005-07-14 17:12:12 +02:00
|
|
|
register struct priv *sp;
|
2005-04-21 16:53:53 +02:00
|
|
|
int i;
|
|
|
|
|
2005-05-02 16:30:04 +02:00
|
|
|
/* Initialize IRQ handler hooks. Mark all hooks available. */
|
|
|
|
for (i=0; i<NR_IRQ_HOOKS; i++) {
|
'proc number' is process slot, 'endpoint' are generation-aware process
instance numbers, encoded and decoded using macros in <minix/endpoint.h>.
proc number -> endpoint migration
. proc_nr in the interrupt hook is now an endpoint, proc_nr_e.
. m_source for messages and notifies is now an endpoint, instead of
proc number.
. isokendpt() converts an endpoint to a process number, returns
success (but fails if the process number is out of range, the
process slot is not a living process, or the given endpoint
number does not match the endpoint number in the process slot,
indicating an old process).
. okendpt() is the same as isokendpt(), but panic()s if the conversion
fails. This is mainly used for decoding message.m_source endpoints,
and other endpoint numbers in kernel data structures, which should
always be correct.
. if DEBUG_ENABLE_IPC_WARNINGS is enabled, isokendpt() and okendpt()
get passed the __FILE__ and __LINE__ of the calling lines, and
print messages about what is wrong with the endpoint number
(out of range proc, empty proc, or inconsistent endpoint number),
with the caller, making finding where the conversion failed easy
without having to include code for every call to print where things
went wrong. Sometimes this is harmless (wrong arg to a kernel call),
sometimes it's a fatal internal inconsistency (bogus m_source).
. some process table fields have been appended an _e to indicate it's
become and endpoint.
. process endpoint is stored in p_endpoint, without generation number.
it turns out the kernel never needs the generation number, except
when fork()ing, so it's decoded then.
. kernel calls all take endpoints as arguments, not proc numbers.
the one exception is sys_fork(), which needs to know in which slot
to put the child.
2006-03-03 11:00:02 +01:00
|
|
|
irq_hooks[i].proc_nr_e = NONE;
|
2005-05-02 16:30:04 +02:00
|
|
|
}
|
2005-04-21 16:53:53 +02:00
|
|
|
|
|
|
|
/* Initialize all alarm timers for all processes. */
|
2005-07-14 17:12:12 +02:00
|
|
|
for (sp=BEG_PRIV_ADDR; sp < END_PRIV_ADDR; sp++) {
|
|
|
|
tmr_inittimer(&(sp->s_alarm_timer));
|
2005-04-21 16:53:53 +02:00
|
|
|
}
|
2005-04-29 17:36:43 +02:00
|
|
|
|
|
|
|
/* Initialize the call vector to a safe default handler. Some system calls
|
|
|
|
* may be disabled or nonexistant. Then explicitely map known calls to their
|
|
|
|
* handler functions. This is done with a macro that gives a compile error
|
|
|
|
* if an illegal call number is used. The ordering is not important here.
|
|
|
|
*/
|
|
|
|
for (i=0; i<NR_SYS_CALLS; i++) {
|
2010-06-01 10:54:31 +02:00
|
|
|
call_vec[i] = NULL;
|
2005-04-29 17:36:43 +02:00
|
|
|
}
|
|
|
|
|
2005-08-04 11:26:36 +02:00
|
|
|
/* Process management. */
|
2005-07-14 17:12:12 +02:00
|
|
|
map(SYS_FORK, do_fork); /* a process forked a new process */
|
|
|
|
map(SYS_EXEC, do_exec); /* update process after execute */
|
New RS and new signal handling for system processes.
UPDATING INFO:
20100317:
/usr/src/etc/system.conf updated to ignore default kernel calls: copy
it (or merge it) to /etc/system.conf.
The hello driver (/dev/hello) added to the distribution:
# cd /usr/src/commands/scripts && make clean install
# cd /dev && MAKEDEV hello
KERNEL CHANGES:
- Generic signal handling support. The kernel no longer assumes PM as a signal
manager for every process. The signal manager of a given process can now be
specified in its privilege slot. When a signal has to be delivered, the kernel
performs the lookup and forwards the signal to the appropriate signal manager.
PM is the default signal manager for user processes, RS is the default signal
manager for system processes. To enable ptrace()ing for system processes, it
is sufficient to change the default signal manager to PM. This will temporarily
disable crash recovery, though.
- sys_exit() is now split into sys_exit() (i.e. exit() for system processes,
which generates a self-termination signal), and sys_clear() (i.e. used by PM
to ask the kernel to clear a process slot when a process exits).
- Added a new kernel call (i.e. sys_update()) to swap two process slots and
implement live update.
PM CHANGES:
- Posix signal handling is no longer allowed for system processes. System
signals are split into two fixed categories: termination and non-termination
signals. When a non-termination signaled is processed, PM transforms the signal
into an IPC message and delivers the message to the system process. When a
termination signal is processed, PM terminates the process.
- PM no longer assumes itself as the signal manager for system processes. It now
makes sure that every system signal goes through the kernel before being
actually processes. The kernel will then dispatch the signal to the appropriate
signal manager which may or may not be PM.
SYSLIB CHANGES:
- Simplified SEF init and LU callbacks.
- Added additional predefined SEF callbacks to debug crash recovery and
live update.
- Fixed a temporary ack in the SEF init protocol. SEF init reply is now
completely synchronous.
- Added SEF signal event type to provide a uniform interface for system
processes to deal with signals. A sef_cb_signal_handler() callback is
available for system processes to handle every received signal. A
sef_cb_signal_manager() callback is used by signal managers to process
system signals on behalf of the kernel.
- Fixed a few bugs with memory mapping and DS.
VM CHANGES:
- Page faults and memory requests coming from the kernel are now implemented
using signals.
- Added a new VM call to swap two process slots and implement live update.
- The call is used by RS at update time and in turn invokes the kernel call
sys_update().
RS CHANGES:
- RS has been reworked with a better functional decomposition.
- Better kernel call masks. com.h now defines the set of very basic kernel calls
every system service is allowed to use. This makes system.conf simpler and
easier to maintain. In addition, this guarantees a higher level of isolation
for system libraries that use one or more kernel calls internally (e.g. printf).
- RS is the default signal manager for system processes. By default, RS
intercepts every signal delivered to every system process. This makes crash
recovery possible before bringing PM and friends in the loop.
- RS now supports fast rollback when something goes wrong while initializing
the new version during a live update.
- Live update is now implemented by keeping the two versions side-by-side and
swapping the process slots when the old version is ready to update.
- Crash recovery is now implemented by keeping the two versions side-by-side
and cleaning up the old version only when the recovery process is complete.
DS CHANGES:
- Fixed a bug when the process doing ds_publish() or ds_delete() is not known
by DS.
- Fixed the completely broken support for strings. String publishing is now
implemented in the system library and simply wraps publishing of memory ranges.
Ideally, we should adopt a similar approach for other data types as well.
- Test suite fixed.
DRIVER CHANGES:
- The hello driver has been added to the Minix distribution to demonstrate basic
live update and crash recovery functionalities.
- Other drivers have been adapted to conform the new SEF interface.
2010-03-17 02:15:29 +01:00
|
|
|
map(SYS_CLEAR, do_clear); /* clean up after process exit */
|
|
|
|
map(SYS_EXIT, do_exit); /* a system process wants to exit */
|
2005-08-04 11:26:36 +02:00
|
|
|
map(SYS_PRIVCTL, do_privctl); /* system privileges control */
|
2005-07-14 17:12:12 +02:00
|
|
|
map(SYS_TRACE, do_trace); /* request a trace operation */
|
2006-06-23 17:35:05 +02:00
|
|
|
map(SYS_SETGRANT, do_setgrant); /* get/set own parameters */
|
Merge of David's ptrace branch. Summary:
o Support for ptrace T_ATTACH/T_DETACH and T_SYSCALL
o PM signal handling logic should now work properly, even with debuggers
being present
o Asynchronous PM/VFS protocol, full IPC support for senda(), and
AMF_NOREPLY senda() flag
DETAILS
Process stop and delay call handling of PM:
o Added sys_runctl() kernel call with sys_stop() and sys_resume()
aliases, for PM to stop and resume a process
o Added exception for sending/syscall-traced processes to sys_runctl(),
and matching SIGKREADY pseudo-signal to PM
o Fixed PM signal logic to deal with requests from a process after
stopping it (so-called "delay calls"), using the SIGKREADY facility
o Fixed various PM panics due to race conditions with delay calls versus
VFS calls
o Removed special PRIO_STOP priority value
o Added SYS_LOCK RTS kernel flag, to stop an individual process from
running while modifying its process structure
Signal and debugger handling in PM:
o Fixed debugger signals being dropped if a second signal arrives when
the debugger has not retrieved the first one
o Fixed debugger signals being sent to the debugger more than once
o Fixed debugger signals unpausing process in VFS; removed PM_UNPAUSE_TR
protocol message
o Detached debugger signals from general signal logic and from being
blocked on VFS calls, meaning that even VFS can now be traced
o Fixed debugger being unable to receive more than one pending signal in
one process stop
o Fixed signal delivery being delayed needlessly when multiple signals
are pending
o Fixed wait test for tracer, which was returning for children that were
not waited for
o Removed second parallel pending call from PM to VFS for any process
o Fixed process becoming runnable between exec() and debugger trap
o Added support for notifying the debugger before the parent when a
debugged child exits
o Fixed debugger death causing child to remain stopped forever
o Fixed consistently incorrect use of _NSIG
Extensions to ptrace():
o Added T_ATTACH and T_DETACH ptrace request, to attach and detach a
debugger to and from a process
o Added T_SYSCALL ptrace request, to trace system calls
o Added T_SETOPT ptrace request, to set trace options
o Added TO_TRACEFORK trace option, to attach automatically to children
of a traced process
o Added TO_ALTEXEC trace option, to send SIGSTOP instead of SIGTRAP upon
a successful exec() of the tracee
o Extended T_GETUSER ptrace support to allow retrieving a process's priv
structure
o Removed T_STOP ptrace request again, as it does not help implementing
debuggers properly
o Added MINIX3-specific ptrace test (test42)
o Added proper manual page for ptrace(2)
Asynchronous PM/VFS interface:
o Fixed asynchronous messages not being checked when receive() is called
with an endpoint other than ANY
o Added AMF_NOREPLY senda() flag, preventing such messages from
satisfying the receive part of a sendrec()
o Added asynsend3() that takes optional flags; asynsend() is now a
#define passing in 0 as third parameter
o Made PM/VFS protocol asynchronous; reintroduced tell_fs()
o Made PM_BASE request/reply number range unique
o Hacked in a horrible temporary workaround into RS to deal with newly
revealed RS-PM-VFS race condition triangle until VFS is asynchronous
System signal handling:
o Fixed shutdown logic of device drivers; removed old SIGKSTOP signal
o Removed is-superuser check from PM's do_procstat() (aka getsigset())
o Added sigset macros to allow system processes to deal with the full
signal set, rather than just the POSIX subset
Miscellaneous PM fixes:
o Split do_getset into do_get and do_set, merging common code and making
structure clearer
o Fixed setpriority() being able to put to sleep processes using an
invalid parameter, or revive zombie processes
o Made find_proc() global; removed obsolete proc_from_pid()
o Cleanup here and there
Also included:
o Fixed false-positive boot order kernel warning
o Removed last traces of old NOTIFY_FROM code
THINGS OF POSSIBLE INTEREST
o It should now be possible to run PM at any priority, even lower than
user processes
o No assumptions are made about communication speed between PM and VFS,
although communication must be FIFO
o A debugger will now receive incoming debuggee signals at kill time
only; the process may not yet be fully stopped
o A first step has been made towards making the SYSTEM task preemptible
2009-09-30 11:57:22 +02:00
|
|
|
map(SYS_RUNCTL, do_runctl); /* set/clear stop flag of a process */
|
New RS and new signal handling for system processes.
UPDATING INFO:
20100317:
/usr/src/etc/system.conf updated to ignore default kernel calls: copy
it (or merge it) to /etc/system.conf.
The hello driver (/dev/hello) added to the distribution:
# cd /usr/src/commands/scripts && make clean install
# cd /dev && MAKEDEV hello
KERNEL CHANGES:
- Generic signal handling support. The kernel no longer assumes PM as a signal
manager for every process. The signal manager of a given process can now be
specified in its privilege slot. When a signal has to be delivered, the kernel
performs the lookup and forwards the signal to the appropriate signal manager.
PM is the default signal manager for user processes, RS is the default signal
manager for system processes. To enable ptrace()ing for system processes, it
is sufficient to change the default signal manager to PM. This will temporarily
disable crash recovery, though.
- sys_exit() is now split into sys_exit() (i.e. exit() for system processes,
which generates a self-termination signal), and sys_clear() (i.e. used by PM
to ask the kernel to clear a process slot when a process exits).
- Added a new kernel call (i.e. sys_update()) to swap two process slots and
implement live update.
PM CHANGES:
- Posix signal handling is no longer allowed for system processes. System
signals are split into two fixed categories: termination and non-termination
signals. When a non-termination signaled is processed, PM transforms the signal
into an IPC message and delivers the message to the system process. When a
termination signal is processed, PM terminates the process.
- PM no longer assumes itself as the signal manager for system processes. It now
makes sure that every system signal goes through the kernel before being
actually processes. The kernel will then dispatch the signal to the appropriate
signal manager which may or may not be PM.
SYSLIB CHANGES:
- Simplified SEF init and LU callbacks.
- Added additional predefined SEF callbacks to debug crash recovery and
live update.
- Fixed a temporary ack in the SEF init protocol. SEF init reply is now
completely synchronous.
- Added SEF signal event type to provide a uniform interface for system
processes to deal with signals. A sef_cb_signal_handler() callback is
available for system processes to handle every received signal. A
sef_cb_signal_manager() callback is used by signal managers to process
system signals on behalf of the kernel.
- Fixed a few bugs with memory mapping and DS.
VM CHANGES:
- Page faults and memory requests coming from the kernel are now implemented
using signals.
- Added a new VM call to swap two process slots and implement live update.
- The call is used by RS at update time and in turn invokes the kernel call
sys_update().
RS CHANGES:
- RS has been reworked with a better functional decomposition.
- Better kernel call masks. com.h now defines the set of very basic kernel calls
every system service is allowed to use. This makes system.conf simpler and
easier to maintain. In addition, this guarantees a higher level of isolation
for system libraries that use one or more kernel calls internally (e.g. printf).
- RS is the default signal manager for system processes. By default, RS
intercepts every signal delivered to every system process. This makes crash
recovery possible before bringing PM and friends in the loop.
- RS now supports fast rollback when something goes wrong while initializing
the new version during a live update.
- Live update is now implemented by keeping the two versions side-by-side and
swapping the process slots when the old version is ready to update.
- Crash recovery is now implemented by keeping the two versions side-by-side
and cleaning up the old version only when the recovery process is complete.
DS CHANGES:
- Fixed a bug when the process doing ds_publish() or ds_delete() is not known
by DS.
- Fixed the completely broken support for strings. String publishing is now
implemented in the system library and simply wraps publishing of memory ranges.
Ideally, we should adopt a similar approach for other data types as well.
- Test suite fixed.
DRIVER CHANGES:
- The hello driver has been added to the Minix distribution to demonstrate basic
live update and crash recovery functionalities.
- Other drivers have been adapted to conform the new SEF interface.
2010-03-17 02:15:29 +01:00
|
|
|
map(SYS_UPDATE, do_update); /* update a process into another */
|
2010-04-08 15:41:35 +02:00
|
|
|
map(SYS_STATECTL, do_statectl); /* let a process control its state */
|
2005-04-29 17:36:43 +02:00
|
|
|
|
|
|
|
/* Signal handling. */
|
|
|
|
map(SYS_KILL, do_kill); /* cause a process to be signaled */
|
New RS and new signal handling for system processes.
UPDATING INFO:
20100317:
/usr/src/etc/system.conf updated to ignore default kernel calls: copy
it (or merge it) to /etc/system.conf.
The hello driver (/dev/hello) added to the distribution:
# cd /usr/src/commands/scripts && make clean install
# cd /dev && MAKEDEV hello
KERNEL CHANGES:
- Generic signal handling support. The kernel no longer assumes PM as a signal
manager for every process. The signal manager of a given process can now be
specified in its privilege slot. When a signal has to be delivered, the kernel
performs the lookup and forwards the signal to the appropriate signal manager.
PM is the default signal manager for user processes, RS is the default signal
manager for system processes. To enable ptrace()ing for system processes, it
is sufficient to change the default signal manager to PM. This will temporarily
disable crash recovery, though.
- sys_exit() is now split into sys_exit() (i.e. exit() for system processes,
which generates a self-termination signal), and sys_clear() (i.e. used by PM
to ask the kernel to clear a process slot when a process exits).
- Added a new kernel call (i.e. sys_update()) to swap two process slots and
implement live update.
PM CHANGES:
- Posix signal handling is no longer allowed for system processes. System
signals are split into two fixed categories: termination and non-termination
signals. When a non-termination signaled is processed, PM transforms the signal
into an IPC message and delivers the message to the system process. When a
termination signal is processed, PM terminates the process.
- PM no longer assumes itself as the signal manager for system processes. It now
makes sure that every system signal goes through the kernel before being
actually processes. The kernel will then dispatch the signal to the appropriate
signal manager which may or may not be PM.
SYSLIB CHANGES:
- Simplified SEF init and LU callbacks.
- Added additional predefined SEF callbacks to debug crash recovery and
live update.
- Fixed a temporary ack in the SEF init protocol. SEF init reply is now
completely synchronous.
- Added SEF signal event type to provide a uniform interface for system
processes to deal with signals. A sef_cb_signal_handler() callback is
available for system processes to handle every received signal. A
sef_cb_signal_manager() callback is used by signal managers to process
system signals on behalf of the kernel.
- Fixed a few bugs with memory mapping and DS.
VM CHANGES:
- Page faults and memory requests coming from the kernel are now implemented
using signals.
- Added a new VM call to swap two process slots and implement live update.
- The call is used by RS at update time and in turn invokes the kernel call
sys_update().
RS CHANGES:
- RS has been reworked with a better functional decomposition.
- Better kernel call masks. com.h now defines the set of very basic kernel calls
every system service is allowed to use. This makes system.conf simpler and
easier to maintain. In addition, this guarantees a higher level of isolation
for system libraries that use one or more kernel calls internally (e.g. printf).
- RS is the default signal manager for system processes. By default, RS
intercepts every signal delivered to every system process. This makes crash
recovery possible before bringing PM and friends in the loop.
- RS now supports fast rollback when something goes wrong while initializing
the new version during a live update.
- Live update is now implemented by keeping the two versions side-by-side and
swapping the process slots when the old version is ready to update.
- Crash recovery is now implemented by keeping the two versions side-by-side
and cleaning up the old version only when the recovery process is complete.
DS CHANGES:
- Fixed a bug when the process doing ds_publish() or ds_delete() is not known
by DS.
- Fixed the completely broken support for strings. String publishing is now
implemented in the system library and simply wraps publishing of memory ranges.
Ideally, we should adopt a similar approach for other data types as well.
- Test suite fixed.
DRIVER CHANGES:
- The hello driver has been added to the Minix distribution to demonstrate basic
live update and crash recovery functionalities.
- Other drivers have been adapted to conform the new SEF interface.
2010-03-17 02:15:29 +01:00
|
|
|
map(SYS_GETKSIG, do_getksig); /* signal manager checks for signals */
|
|
|
|
map(SYS_ENDKSIG, do_endksig); /* signal manager finished signal */
|
2005-04-29 17:36:43 +02:00
|
|
|
map(SYS_SIGSEND, do_sigsend); /* start POSIX-style signal */
|
|
|
|
map(SYS_SIGRETURN, do_sigreturn); /* return from POSIX-style signal */
|
|
|
|
|
|
|
|
/* Device I/O. */
|
|
|
|
map(SYS_IRQCTL, do_irqctl); /* interrupt control operations */
|
|
|
|
map(SYS_DEVIO, do_devio); /* inb, inw, inl, outb, outw, outl */
|
|
|
|
map(SYS_VDEVIO, do_vdevio); /* vector with devio requests */
|
|
|
|
|
2005-08-04 11:26:36 +02:00
|
|
|
/* Memory management. */
|
|
|
|
map(SYS_NEWMAP, do_newmap); /* set up a process memory map */
|
2005-04-29 17:36:43 +02:00
|
|
|
map(SYS_SEGCTL, do_segctl); /* add segment and get selector */
|
2005-08-04 11:26:36 +02:00
|
|
|
map(SYS_MEMSET, do_memset); /* write char to memory area */
|
2008-11-19 13:26:10 +01:00
|
|
|
map(SYS_VMCTL, do_vmctl); /* various VM process settings */
|
2005-04-29 17:36:43 +02:00
|
|
|
|
|
|
|
/* Copying. */
|
|
|
|
map(SYS_UMAP, do_umap); /* map virtual to physical address */
|
2005-05-02 16:30:04 +02:00
|
|
|
map(SYS_VIRCOPY, do_vircopy); /* use pure virtual addressing */
|
2008-11-19 13:26:10 +01:00
|
|
|
map(SYS_PHYSCOPY, do_copy); /* use physical addressing */
|
2010-06-01 10:51:37 +02:00
|
|
|
map(SYS_SAFECOPYFROM, do_safecopy_from);/* copy with pre-granted permission */
|
|
|
|
map(SYS_SAFECOPYTO, do_safecopy_to); /* copy with pre-granted permission */
|
2006-06-23 13:54:03 +02:00
|
|
|
map(SYS_VSAFECOPY, do_vsafecopy); /* vectored safecopy */
|
2005-08-04 11:26:36 +02:00
|
|
|
|
2010-01-14 16:24:16 +01:00
|
|
|
/* Mapping. */
|
|
|
|
map(SYS_SAFEMAP, do_safemap); /* map pages from other process */
|
|
|
|
map(SYS_SAFEREVMAP, do_saferevmap); /* grantor revokes the map grant */
|
|
|
|
map(SYS_SAFEUNMAP, do_safeunmap); /* requestor unmaps the mapped pages */
|
|
|
|
|
2005-08-04 11:26:36 +02:00
|
|
|
/* Clock functionality. */
|
|
|
|
map(SYS_TIMES, do_times); /* get uptime and process times */
|
|
|
|
map(SYS_SETALARM, do_setalarm); /* schedule a synchronous alarm */
|
2007-08-07 14:21:40 +02:00
|
|
|
map(SYS_STIME, do_stime); /* set the boottime */
|
2009-08-15 23:37:26 +02:00
|
|
|
map(SYS_VTIMER, do_vtimer); /* set or retrieve a virtual timer */
|
2005-08-04 11:26:36 +02:00
|
|
|
|
|
|
|
/* System control. */
|
|
|
|
map(SYS_ABORT, do_abort); /* abort MINIX */
|
|
|
|
map(SYS_GETINFO, do_getinfo); /* request system information */
|
2009-01-26 18:43:59 +01:00
|
|
|
map(SYS_SYSCTL, do_sysctl); /* misc system manipulation */
|
2006-10-30 16:53:38 +01:00
|
|
|
|
|
|
|
/* Profiling. */
|
|
|
|
map(SYS_SPROF, do_sprofile); /* start/stop statistical profiling */
|
|
|
|
map(SYS_CPROF, do_cprofile); /* get/reset call profiling data */
|
|
|
|
map(SYS_PROFBUF, do_profbuf); /* announce locations to kernel */
|
Split of architecture-dependent and -independent functions for i386,
mainly in the kernel and headers. This split based on work by
Ingmar Alting <iaalting@cs.vu.nl> done for his Minix PowerPC architecture
port.
. kernel does not program the interrupt controller directly, do any
other architecture-dependent operations, or contain assembly any more,
but uses architecture-dependent functions in arch/$(ARCH)/.
. architecture-dependent constants and types defined in arch/$(ARCH)/include.
. <ibm/portio.h> moved to <minix/portio.h>, as they have become, for now,
architecture-independent functions.
. int86, sdevio, readbios, and iopenable are now i386-specific kernel calls
and live in arch/i386/do_* now.
. i386 arch now supports even less 86 code; e.g. mpx86.s and klib86.s have
gone, and 'machine.protected' is gone (and always taken to be 1 in i386).
If 86 support is to return, it should be a new architecture.
. prototypes for the architecture-dependent functions defined in
kernel/arch/$(ARCH)/*.c but used in kernel/ are in kernel/proto.h
. /etc/make.conf included in makefiles and shell scripts that need to
know the building architecture; it defines ARCH=<arch>, currently only
i386.
. some basic per-architecture build support outside of the kernel (lib)
. in clock.c, only dequeue a process if it was ready
. fixes for new include files
files deleted:
. mpx/klib.s - only for choosing between mpx/klib86 and -386
. klib86.s - only for 86
i386-specific files files moved (or arch-dependent stuff moved) to arch/i386/:
. mpx386.s (entry point)
. klib386.s
. sconst.h
. exception.c
. protect.c
. protect.h
. i8269.c
2006-12-22 16:22:27 +01:00
|
|
|
|
|
|
|
/* i386-specific. */
|
|
|
|
#if _MINIX_CHIP == _CHIP_INTEL
|
|
|
|
map(SYS_INT86, do_int86); /* real-mode BIOS calls */
|
|
|
|
map(SYS_READBIOS, do_readbios); /* read from BIOS locations */
|
|
|
|
map(SYS_IOPENABLE, do_iopenable); /* Enable I/O */
|
|
|
|
map(SYS_SDEVIO, do_sdevio); /* phys_insb, _insw, _outsb, _outsw */
|
2010-03-12 16:58:41 +01:00
|
|
|
|
|
|
|
/* Machine state switching. */
|
|
|
|
map(SYS_SETMCONTEXT, do_setmcontext); /* set machine context */
|
|
|
|
map(SYS_GETMCONTEXT, do_getmcontext); /* get machine context */
|
Split of architecture-dependent and -independent functions for i386,
mainly in the kernel and headers. This split based on work by
Ingmar Alting <iaalting@cs.vu.nl> done for his Minix PowerPC architecture
port.
. kernel does not program the interrupt controller directly, do any
other architecture-dependent operations, or contain assembly any more,
but uses architecture-dependent functions in arch/$(ARCH)/.
. architecture-dependent constants and types defined in arch/$(ARCH)/include.
. <ibm/portio.h> moved to <minix/portio.h>, as they have become, for now,
architecture-independent functions.
. int86, sdevio, readbios, and iopenable are now i386-specific kernel calls
and live in arch/i386/do_* now.
. i386 arch now supports even less 86 code; e.g. mpx86.s and klib86.s have
gone, and 'machine.protected' is gone (and always taken to be 1 in i386).
If 86 support is to return, it should be a new architecture.
. prototypes for the architecture-dependent functions defined in
kernel/arch/$(ARCH)/*.c but used in kernel/ are in kernel/proto.h
. /etc/make.conf included in makefiles and shell scripts that need to
know the building architecture; it defines ARCH=<arch>, currently only
i386.
. some basic per-architecture build support outside of the kernel (lib)
. in clock.c, only dequeue a process if it was ready
. fixes for new include files
files deleted:
. mpx/klib.s - only for choosing between mpx/klib86 and -386
. klib86.s - only for 86
i386-specific files files moved (or arch-dependent stuff moved) to arch/i386/:
. mpx386.s (entry point)
. klib386.s
. sconst.h
. exception.c
. protect.c
. protect.h
. i8269.c
2006-12-22 16:22:27 +01:00
|
|
|
#endif
|
2005-04-21 16:53:53 +02:00
|
|
|
|
Userspace scheduling
- cotributed by Bjorn Swift
- In this first phase, scheduling is moved from the kernel to the PM
server. The next steps are to a) moving scheduling to its own server
and b) include useful information in the "out of quantum" message,
so that the scheduler can make use of this information.
- The kernel process table now keeps record of who is responsible for
scheduling each process (p_scheduler). When this pointer is NULL,
the process will be scheduled by the kernel. If such a process runs
out of quantum, the kernel will simply renew its quantum an requeue
it.
- When PM loads, it will take over scheduling of all running
processes, except system processes, using sys_schedctl().
Essentially, this only results in taking over init. As children
inherit a scheduler from their parent, user space programs forked by
init will inherit PM (for now) as their scheduler.
- Once a process has been assigned a scheduler, and runs out of
quantum, its RTS_NO_QUANTUM flag will be set and the process
dequeued. The kernel will send a message to the scheduler, on the
process' behalf, informing the scheduler that it has run out of
quantum. The scheduler can take what ever action it pleases, based
on its policy, and then reschedule the process using the
sys_schedule() system call.
- Balance queues does not work as before. While the old in-kernel
function used to renew the quantum of processes in the highest
priority run queue, the user-space implementation only acts on
processes that have been bumped down to a lower priority queue.
This approach reacts slower to changes than the old one, but saves
us sending a sys_schedule message for each process every time we
balance the queues. Currently, when processes are moved up a
priority queue, their quantum is also renewed, but this can be
fiddled with.
- do_nice has been removed from kernel. PM answers to get- and
setpriority calls, updates it's own nice variable as well as the
max_run_queue. This will be refactored once scheduling is moved to a
separate server. We will probably have PM update it's local nice
value and then send a message to whoever is scheduling the process.
- changes to fix an issue in do_fork() where processes could run out
of quantum but bypassing the code path that handles it correctly.
The future plan is to remove the policy from do_fork() and implement
it in userspace too.
2010-03-29 13:07:20 +02:00
|
|
|
/* Scheduling */
|
|
|
|
map(SYS_SCHEDULE, do_schedule); /* reschedule a process */
|
|
|
|
map(SYS_SCHEDCTL, do_schedctl); /* change process scheduler */
|
|
|
|
|
|
|
|
}
|
2005-07-14 17:12:12 +02:00
|
|
|
/*===========================================================================*
|
2005-09-11 18:44:06 +02:00
|
|
|
* get_priv *
|
2005-07-14 17:12:12 +02:00
|
|
|
*===========================================================================*/
|
2009-12-11 01:08:19 +01:00
|
|
|
PUBLIC int get_priv(rc, priv_id)
|
2005-07-20 17:25:38 +02:00
|
|
|
register struct proc *rc; /* new (child) process pointer */
|
2009-12-11 01:08:19 +01:00
|
|
|
int priv_id; /* privilege id */
|
2005-07-14 17:12:12 +02:00
|
|
|
{
|
2009-12-11 01:08:19 +01:00
|
|
|
/* Allocate a new privilege structure for a system process. Privilege ids
|
|
|
|
* can be assigned either statically or dynamically.
|
2005-07-21 20:36:40 +02:00
|
|
|
*/
|
2009-12-11 01:08:19 +01:00
|
|
|
register struct priv *sp; /* privilege structure */
|
|
|
|
|
|
|
|
if(priv_id == NULL_PRIV_ID) { /* allocate slot dynamically */
|
|
|
|
for (sp = BEG_DYN_PRIV_ADDR; sp < END_DYN_PRIV_ADDR; ++sp)
|
|
|
|
if (sp->s_proc_nr == NONE) break;
|
|
|
|
if (sp >= END_DYN_PRIV_ADDR) return(ENOSPC);
|
|
|
|
}
|
|
|
|
else { /* allocate slot from id */
|
|
|
|
if(!is_static_priv_id(priv_id)) {
|
|
|
|
return EINVAL; /* invalid static priv id */
|
|
|
|
}
|
|
|
|
if(priv[priv_id].s_proc_nr != NONE) {
|
|
|
|
return EBUSY; /* slot already in use */
|
|
|
|
}
|
|
|
|
sp = &priv[priv_id];
|
2005-05-30 13:05:42 +02:00
|
|
|
}
|
2009-12-11 01:08:19 +01:00
|
|
|
rc->p_priv = sp; /* assign new slot */
|
|
|
|
rc->p_priv->s_proc_nr = proc_nr(rc); /* set association */
|
|
|
|
|
2005-07-21 20:36:40 +02:00
|
|
|
return(OK);
|
2005-04-21 16:53:53 +02:00
|
|
|
}
|
|
|
|
|
2009-07-02 18:25:31 +02:00
|
|
|
/*===========================================================================*
|
|
|
|
* set_sendto_bit *
|
|
|
|
*===========================================================================*/
|
2010-03-27 15:31:00 +01:00
|
|
|
PUBLIC void set_sendto_bit(const struct proc *rp, int id)
|
2009-07-02 18:25:31 +02:00
|
|
|
{
|
|
|
|
/* Allow a process to send messages to the process(es) associated with the
|
|
|
|
* system privilege structure with the given ID.
|
|
|
|
*/
|
|
|
|
|
2009-12-11 01:08:19 +01:00
|
|
|
/* Disallow the process from sending to a process privilege structure with no
|
2009-07-02 18:25:31 +02:00
|
|
|
* associated process, and disallow the process from sending to itself.
|
|
|
|
*/
|
2009-12-11 01:08:19 +01:00
|
|
|
if (id_to_nr(id) == NONE || priv_id(rp) == id) {
|
|
|
|
unset_sys_bit(priv(rp)->s_ipc_to, id);
|
2009-07-02 18:25:31 +02:00
|
|
|
return;
|
2009-12-11 01:08:19 +01:00
|
|
|
}
|
2009-07-02 18:25:31 +02:00
|
|
|
|
|
|
|
set_sys_bit(priv(rp)->s_ipc_to, id);
|
|
|
|
|
2009-12-11 01:08:19 +01:00
|
|
|
/* The process that this process can now send to, must be able to reply (or
|
|
|
|
* vice versa). Therefore, its send mask should be updated as well. Ignore
|
|
|
|
* receivers that don't support traps other than RECEIVE, they can't reply
|
|
|
|
* or send messages anyway.
|
2009-07-02 18:25:31 +02:00
|
|
|
*/
|
2009-12-11 01:08:19 +01:00
|
|
|
if (priv_addr(id)->s_trap_mask & ~((1 << RECEIVE)))
|
|
|
|
set_sys_bit(priv_addr(id)->s_ipc_to, priv_id(rp));
|
2009-07-02 18:25:31 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/*===========================================================================*
|
|
|
|
* unset_sendto_bit *
|
|
|
|
*===========================================================================*/
|
2010-03-27 15:31:00 +01:00
|
|
|
PUBLIC void unset_sendto_bit(const struct proc *rp, int id)
|
2009-07-02 18:25:31 +02:00
|
|
|
{
|
|
|
|
/* Prevent a process from sending to another process. Retain the send mask
|
|
|
|
* symmetry by also unsetting the bit for the other direction.
|
|
|
|
*/
|
|
|
|
|
|
|
|
unset_sys_bit(priv(rp)->s_ipc_to, id);
|
|
|
|
|
|
|
|
unset_sys_bit(priv_addr(id)->s_ipc_to, priv_id(rp));
|
|
|
|
}
|
|
|
|
|
2010-07-07 00:05:21 +02:00
|
|
|
/*===========================================================================*
|
|
|
|
* fill_sendto_mask *
|
|
|
|
*===========================================================================*/
|
2010-12-07 11:32:42 +01:00
|
|
|
PUBLIC void fill_sendto_mask(const struct proc *rp, sys_map_t *map)
|
2010-07-07 00:05:21 +02:00
|
|
|
{
|
|
|
|
int i;
|
|
|
|
|
|
|
|
for (i=0; i < NR_SYS_PROCS; i++) {
|
2010-12-07 11:32:42 +01:00
|
|
|
if (get_sys_bit(*map, i))
|
2010-07-07 00:05:21 +02:00
|
|
|
set_sendto_bit(rp, i);
|
|
|
|
else
|
|
|
|
unset_sendto_bit(rp, i);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2005-07-19 14:21:36 +02:00
|
|
|
/*===========================================================================*
|
|
|
|
* send_sig *
|
|
|
|
*===========================================================================*/
|
2010-07-07 00:05:21 +02:00
|
|
|
PUBLIC void send_sig(endpoint_t ep, int sig_nr)
|
2005-07-19 14:21:36 +02:00
|
|
|
{
|
|
|
|
/* Notify a system process about a signal. This is straightforward. Simply
|
|
|
|
* set the signal that is to be delivered in the pending signals map and
|
|
|
|
* send a notification with source SYSTEM.
|
|
|
|
*/
|
|
|
|
register struct proc *rp;
|
2010-07-07 00:05:21 +02:00
|
|
|
int proc_nr;
|
'proc number' is process slot, 'endpoint' are generation-aware process
instance numbers, encoded and decoded using macros in <minix/endpoint.h>.
proc number -> endpoint migration
. proc_nr in the interrupt hook is now an endpoint, proc_nr_e.
. m_source for messages and notifies is now an endpoint, instead of
proc number.
. isokendpt() converts an endpoint to a process number, returns
success (but fails if the process number is out of range, the
process slot is not a living process, or the given endpoint
number does not match the endpoint number in the process slot,
indicating an old process).
. okendpt() is the same as isokendpt(), but panic()s if the conversion
fails. This is mainly used for decoding message.m_source endpoints,
and other endpoint numbers in kernel data structures, which should
always be correct.
. if DEBUG_ENABLE_IPC_WARNINGS is enabled, isokendpt() and okendpt()
get passed the __FILE__ and __LINE__ of the calling lines, and
print messages about what is wrong with the endpoint number
(out of range proc, empty proc, or inconsistent endpoint number),
with the caller, making finding where the conversion failed easy
without having to include code for every call to print where things
went wrong. Sometimes this is harmless (wrong arg to a kernel call),
sometimes it's a fatal internal inconsistency (bogus m_source).
. some process table fields have been appended an _e to indicate it's
become and endpoint.
. process endpoint is stored in p_endpoint, without generation number.
it turns out the kernel never needs the generation number, except
when fork()ing, so it's decoded then.
. kernel calls all take endpoints as arguments, not proc numbers.
the one exception is sys_fork(), which needs to know in which slot
to put the child.
2006-03-03 11:00:02 +01:00
|
|
|
|
2010-07-07 00:05:21 +02:00
|
|
|
if(!isokendpt(ep, &proc_nr) || isemptyn(proc_nr))
|
|
|
|
panic("send_sig to empty process: %d", ep);
|
2005-07-19 14:21:36 +02:00
|
|
|
|
|
|
|
rp = proc_addr(proc_nr);
|
2010-07-06 13:59:19 +02:00
|
|
|
(void) sigaddset(&priv(rp)->s_sig_pending, sig_nr);
|
2010-02-09 16:26:58 +01:00
|
|
|
mini_notify(proc_addr(SYSTEM), rp->p_endpoint);
|
2005-07-19 14:21:36 +02:00
|
|
|
}
|
|
|
|
|
2005-04-21 16:53:53 +02:00
|
|
|
/*===========================================================================*
|
|
|
|
* cause_sig *
|
|
|
|
*===========================================================================*/
|
|
|
|
PUBLIC void cause_sig(proc_nr, sig_nr)
|
2010-01-26 13:26:06 +01:00
|
|
|
proc_nr_t proc_nr; /* process to be signalled */
|
2009-11-28 14:20:50 +01:00
|
|
|
int sig_nr; /* signal to be sent */
|
2005-04-21 16:53:53 +02:00
|
|
|
{
|
2005-06-17 11:09:54 +02:00
|
|
|
/* A system process wants to send a signal to a process. Examples are:
|
2005-07-14 17:12:12 +02:00
|
|
|
* - HARDWARE wanting to cause a SIGSEGV after a CPU exception
|
|
|
|
* - TTY wanting to cause SIGINT upon getting a DEL
|
|
|
|
* - FS wanting to cause SIGPIPE for a broken pipe
|
New RS and new signal handling for system processes.
UPDATING INFO:
20100317:
/usr/src/etc/system.conf updated to ignore default kernel calls: copy
it (or merge it) to /etc/system.conf.
The hello driver (/dev/hello) added to the distribution:
# cd /usr/src/commands/scripts && make clean install
# cd /dev && MAKEDEV hello
KERNEL CHANGES:
- Generic signal handling support. The kernel no longer assumes PM as a signal
manager for every process. The signal manager of a given process can now be
specified in its privilege slot. When a signal has to be delivered, the kernel
performs the lookup and forwards the signal to the appropriate signal manager.
PM is the default signal manager for user processes, RS is the default signal
manager for system processes. To enable ptrace()ing for system processes, it
is sufficient to change the default signal manager to PM. This will temporarily
disable crash recovery, though.
- sys_exit() is now split into sys_exit() (i.e. exit() for system processes,
which generates a self-termination signal), and sys_clear() (i.e. used by PM
to ask the kernel to clear a process slot when a process exits).
- Added a new kernel call (i.e. sys_update()) to swap two process slots and
implement live update.
PM CHANGES:
- Posix signal handling is no longer allowed for system processes. System
signals are split into two fixed categories: termination and non-termination
signals. When a non-termination signaled is processed, PM transforms the signal
into an IPC message and delivers the message to the system process. When a
termination signal is processed, PM terminates the process.
- PM no longer assumes itself as the signal manager for system processes. It now
makes sure that every system signal goes through the kernel before being
actually processes. The kernel will then dispatch the signal to the appropriate
signal manager which may or may not be PM.
SYSLIB CHANGES:
- Simplified SEF init and LU callbacks.
- Added additional predefined SEF callbacks to debug crash recovery and
live update.
- Fixed a temporary ack in the SEF init protocol. SEF init reply is now
completely synchronous.
- Added SEF signal event type to provide a uniform interface for system
processes to deal with signals. A sef_cb_signal_handler() callback is
available for system processes to handle every received signal. A
sef_cb_signal_manager() callback is used by signal managers to process
system signals on behalf of the kernel.
- Fixed a few bugs with memory mapping and DS.
VM CHANGES:
- Page faults and memory requests coming from the kernel are now implemented
using signals.
- Added a new VM call to swap two process slots and implement live update.
- The call is used by RS at update time and in turn invokes the kernel call
sys_update().
RS CHANGES:
- RS has been reworked with a better functional decomposition.
- Better kernel call masks. com.h now defines the set of very basic kernel calls
every system service is allowed to use. This makes system.conf simpler and
easier to maintain. In addition, this guarantees a higher level of isolation
for system libraries that use one or more kernel calls internally (e.g. printf).
- RS is the default signal manager for system processes. By default, RS
intercepts every signal delivered to every system process. This makes crash
recovery possible before bringing PM and friends in the loop.
- RS now supports fast rollback when something goes wrong while initializing
the new version during a live update.
- Live update is now implemented by keeping the two versions side-by-side and
swapping the process slots when the old version is ready to update.
- Crash recovery is now implemented by keeping the two versions side-by-side
and cleaning up the old version only when the recovery process is complete.
DS CHANGES:
- Fixed a bug when the process doing ds_publish() or ds_delete() is not known
by DS.
- Fixed the completely broken support for strings. String publishing is now
implemented in the system library and simply wraps publishing of memory ranges.
Ideally, we should adopt a similar approach for other data types as well.
- Test suite fixed.
DRIVER CHANGES:
- The hello driver has been added to the Minix distribution to demonstrate basic
live update and crash recovery functionalities.
- Other drivers have been adapted to conform the new SEF interface.
2010-03-17 02:15:29 +01:00
|
|
|
* Signals are handled by sending a message to the signal manager assigned to
|
|
|
|
* the process. This function handles the signals and makes sure the signal
|
|
|
|
* manager gets them by sending a notification. The process being signaled
|
|
|
|
* is blocked while the signal manager has not finished all signals for it.
|
2005-07-19 14:21:36 +02:00
|
|
|
* Race conditions between calls to this function and the system calls that
|
|
|
|
* process pending kernel signals cannot exist. Signal related functions are
|
|
|
|
* only called when a user process causes a CPU exception and from the kernel
|
|
|
|
* process level, which runs to completion.
|
2005-04-21 16:53:53 +02:00
|
|
|
*/
|
2010-07-07 00:05:21 +02:00
|
|
|
register struct proc *rp, *sig_mgr_rp;
|
New RS and new signal handling for system processes.
UPDATING INFO:
20100317:
/usr/src/etc/system.conf updated to ignore default kernel calls: copy
it (or merge it) to /etc/system.conf.
The hello driver (/dev/hello) added to the distribution:
# cd /usr/src/commands/scripts && make clean install
# cd /dev && MAKEDEV hello
KERNEL CHANGES:
- Generic signal handling support. The kernel no longer assumes PM as a signal
manager for every process. The signal manager of a given process can now be
specified in its privilege slot. When a signal has to be delivered, the kernel
performs the lookup and forwards the signal to the appropriate signal manager.
PM is the default signal manager for user processes, RS is the default signal
manager for system processes. To enable ptrace()ing for system processes, it
is sufficient to change the default signal manager to PM. This will temporarily
disable crash recovery, though.
- sys_exit() is now split into sys_exit() (i.e. exit() for system processes,
which generates a self-termination signal), and sys_clear() (i.e. used by PM
to ask the kernel to clear a process slot when a process exits).
- Added a new kernel call (i.e. sys_update()) to swap two process slots and
implement live update.
PM CHANGES:
- Posix signal handling is no longer allowed for system processes. System
signals are split into two fixed categories: termination and non-termination
signals. When a non-termination signaled is processed, PM transforms the signal
into an IPC message and delivers the message to the system process. When a
termination signal is processed, PM terminates the process.
- PM no longer assumes itself as the signal manager for system processes. It now
makes sure that every system signal goes through the kernel before being
actually processes. The kernel will then dispatch the signal to the appropriate
signal manager which may or may not be PM.
SYSLIB CHANGES:
- Simplified SEF init and LU callbacks.
- Added additional predefined SEF callbacks to debug crash recovery and
live update.
- Fixed a temporary ack in the SEF init protocol. SEF init reply is now
completely synchronous.
- Added SEF signal event type to provide a uniform interface for system
processes to deal with signals. A sef_cb_signal_handler() callback is
available for system processes to handle every received signal. A
sef_cb_signal_manager() callback is used by signal managers to process
system signals on behalf of the kernel.
- Fixed a few bugs with memory mapping and DS.
VM CHANGES:
- Page faults and memory requests coming from the kernel are now implemented
using signals.
- Added a new VM call to swap two process slots and implement live update.
- The call is used by RS at update time and in turn invokes the kernel call
sys_update().
RS CHANGES:
- RS has been reworked with a better functional decomposition.
- Better kernel call masks. com.h now defines the set of very basic kernel calls
every system service is allowed to use. This makes system.conf simpler and
easier to maintain. In addition, this guarantees a higher level of isolation
for system libraries that use one or more kernel calls internally (e.g. printf).
- RS is the default signal manager for system processes. By default, RS
intercepts every signal delivered to every system process. This makes crash
recovery possible before bringing PM and friends in the loop.
- RS now supports fast rollback when something goes wrong while initializing
the new version during a live update.
- Live update is now implemented by keeping the two versions side-by-side and
swapping the process slots when the old version is ready to update.
- Crash recovery is now implemented by keeping the two versions side-by-side
and cleaning up the old version only when the recovery process is complete.
DS CHANGES:
- Fixed a bug when the process doing ds_publish() or ds_delete() is not known
by DS.
- Fixed the completely broken support for strings. String publishing is now
implemented in the system library and simply wraps publishing of memory ranges.
Ideally, we should adopt a similar approach for other data types as well.
- Test suite fixed.
DRIVER CHANGES:
- The hello driver has been added to the Minix distribution to demonstrate basic
live update and crash recovery functionalities.
- Other drivers have been adapted to conform the new SEF interface.
2010-03-17 02:15:29 +01:00
|
|
|
endpoint_t sig_mgr;
|
2010-07-07 00:05:21 +02:00
|
|
|
int sig_mgr_proc_nr;
|
2005-04-21 16:53:53 +02:00
|
|
|
|
New RS and new signal handling for system processes.
UPDATING INFO:
20100317:
/usr/src/etc/system.conf updated to ignore default kernel calls: copy
it (or merge it) to /etc/system.conf.
The hello driver (/dev/hello) added to the distribution:
# cd /usr/src/commands/scripts && make clean install
# cd /dev && MAKEDEV hello
KERNEL CHANGES:
- Generic signal handling support. The kernel no longer assumes PM as a signal
manager for every process. The signal manager of a given process can now be
specified in its privilege slot. When a signal has to be delivered, the kernel
performs the lookup and forwards the signal to the appropriate signal manager.
PM is the default signal manager for user processes, RS is the default signal
manager for system processes. To enable ptrace()ing for system processes, it
is sufficient to change the default signal manager to PM. This will temporarily
disable crash recovery, though.
- sys_exit() is now split into sys_exit() (i.e. exit() for system processes,
which generates a self-termination signal), and sys_clear() (i.e. used by PM
to ask the kernel to clear a process slot when a process exits).
- Added a new kernel call (i.e. sys_update()) to swap two process slots and
implement live update.
PM CHANGES:
- Posix signal handling is no longer allowed for system processes. System
signals are split into two fixed categories: termination and non-termination
signals. When a non-termination signaled is processed, PM transforms the signal
into an IPC message and delivers the message to the system process. When a
termination signal is processed, PM terminates the process.
- PM no longer assumes itself as the signal manager for system processes. It now
makes sure that every system signal goes through the kernel before being
actually processes. The kernel will then dispatch the signal to the appropriate
signal manager which may or may not be PM.
SYSLIB CHANGES:
- Simplified SEF init and LU callbacks.
- Added additional predefined SEF callbacks to debug crash recovery and
live update.
- Fixed a temporary ack in the SEF init protocol. SEF init reply is now
completely synchronous.
- Added SEF signal event type to provide a uniform interface for system
processes to deal with signals. A sef_cb_signal_handler() callback is
available for system processes to handle every received signal. A
sef_cb_signal_manager() callback is used by signal managers to process
system signals on behalf of the kernel.
- Fixed a few bugs with memory mapping and DS.
VM CHANGES:
- Page faults and memory requests coming from the kernel are now implemented
using signals.
- Added a new VM call to swap two process slots and implement live update.
- The call is used by RS at update time and in turn invokes the kernel call
sys_update().
RS CHANGES:
- RS has been reworked with a better functional decomposition.
- Better kernel call masks. com.h now defines the set of very basic kernel calls
every system service is allowed to use. This makes system.conf simpler and
easier to maintain. In addition, this guarantees a higher level of isolation
for system libraries that use one or more kernel calls internally (e.g. printf).
- RS is the default signal manager for system processes. By default, RS
intercepts every signal delivered to every system process. This makes crash
recovery possible before bringing PM and friends in the loop.
- RS now supports fast rollback when something goes wrong while initializing
the new version during a live update.
- Live update is now implemented by keeping the two versions side-by-side and
swapping the process slots when the old version is ready to update.
- Crash recovery is now implemented by keeping the two versions side-by-side
and cleaning up the old version only when the recovery process is complete.
DS CHANGES:
- Fixed a bug when the process doing ds_publish() or ds_delete() is not known
by DS.
- Fixed the completely broken support for strings. String publishing is now
implemented in the system library and simply wraps publishing of memory ranges.
Ideally, we should adopt a similar approach for other data types as well.
- Test suite fixed.
DRIVER CHANGES:
- The hello driver has been added to the Minix distribution to demonstrate basic
live update and crash recovery functionalities.
- Other drivers have been adapted to conform the new SEF interface.
2010-03-17 02:15:29 +01:00
|
|
|
/* Lookup signal manager. */
|
|
|
|
rp = proc_addr(proc_nr);
|
|
|
|
sig_mgr = priv(rp)->s_sig_mgr;
|
2010-07-07 00:05:21 +02:00
|
|
|
if(sig_mgr == SELF) sig_mgr = rp->p_endpoint;
|
New RS and new signal handling for system processes.
UPDATING INFO:
20100317:
/usr/src/etc/system.conf updated to ignore default kernel calls: copy
it (or merge it) to /etc/system.conf.
The hello driver (/dev/hello) added to the distribution:
# cd /usr/src/commands/scripts && make clean install
# cd /dev && MAKEDEV hello
KERNEL CHANGES:
- Generic signal handling support. The kernel no longer assumes PM as a signal
manager for every process. The signal manager of a given process can now be
specified in its privilege slot. When a signal has to be delivered, the kernel
performs the lookup and forwards the signal to the appropriate signal manager.
PM is the default signal manager for user processes, RS is the default signal
manager for system processes. To enable ptrace()ing for system processes, it
is sufficient to change the default signal manager to PM. This will temporarily
disable crash recovery, though.
- sys_exit() is now split into sys_exit() (i.e. exit() for system processes,
which generates a self-termination signal), and sys_clear() (i.e. used by PM
to ask the kernel to clear a process slot when a process exits).
- Added a new kernel call (i.e. sys_update()) to swap two process slots and
implement live update.
PM CHANGES:
- Posix signal handling is no longer allowed for system processes. System
signals are split into two fixed categories: termination and non-termination
signals. When a non-termination signaled is processed, PM transforms the signal
into an IPC message and delivers the message to the system process. When a
termination signal is processed, PM terminates the process.
- PM no longer assumes itself as the signal manager for system processes. It now
makes sure that every system signal goes through the kernel before being
actually processes. The kernel will then dispatch the signal to the appropriate
signal manager which may or may not be PM.
SYSLIB CHANGES:
- Simplified SEF init and LU callbacks.
- Added additional predefined SEF callbacks to debug crash recovery and
live update.
- Fixed a temporary ack in the SEF init protocol. SEF init reply is now
completely synchronous.
- Added SEF signal event type to provide a uniform interface for system
processes to deal with signals. A sef_cb_signal_handler() callback is
available for system processes to handle every received signal. A
sef_cb_signal_manager() callback is used by signal managers to process
system signals on behalf of the kernel.
- Fixed a few bugs with memory mapping and DS.
VM CHANGES:
- Page faults and memory requests coming from the kernel are now implemented
using signals.
- Added a new VM call to swap two process slots and implement live update.
- The call is used by RS at update time and in turn invokes the kernel call
sys_update().
RS CHANGES:
- RS has been reworked with a better functional decomposition.
- Better kernel call masks. com.h now defines the set of very basic kernel calls
every system service is allowed to use. This makes system.conf simpler and
easier to maintain. In addition, this guarantees a higher level of isolation
for system libraries that use one or more kernel calls internally (e.g. printf).
- RS is the default signal manager for system processes. By default, RS
intercepts every signal delivered to every system process. This makes crash
recovery possible before bringing PM and friends in the loop.
- RS now supports fast rollback when something goes wrong while initializing
the new version during a live update.
- Live update is now implemented by keeping the two versions side-by-side and
swapping the process slots when the old version is ready to update.
- Crash recovery is now implemented by keeping the two versions side-by-side
and cleaning up the old version only when the recovery process is complete.
DS CHANGES:
- Fixed a bug when the process doing ds_publish() or ds_delete() is not known
by DS.
- Fixed the completely broken support for strings. String publishing is now
implemented in the system library and simply wraps publishing of memory ranges.
Ideally, we should adopt a similar approach for other data types as well.
- Test suite fixed.
DRIVER CHANGES:
- The hello driver has been added to the Minix distribution to demonstrate basic
live update and crash recovery functionalities.
- Other drivers have been adapted to conform the new SEF interface.
2010-03-17 02:15:29 +01:00
|
|
|
|
|
|
|
/* If the target is the signal manager of itself, send the signal directly. */
|
|
|
|
if(rp->p_endpoint == sig_mgr) {
|
|
|
|
if(SIGS_IS_LETHAL(sig_nr)) {
|
2010-07-07 00:05:21 +02:00
|
|
|
/* If the signal is lethal, see if a backup signal manager exists. */
|
|
|
|
sig_mgr = priv(rp)->s_bak_sig_mgr;
|
|
|
|
if(sig_mgr != NONE && isokendpt(sig_mgr, &sig_mgr_proc_nr)) {
|
|
|
|
priv(rp)->s_sig_mgr = sig_mgr;
|
|
|
|
priv(rp)->s_bak_sig_mgr = NONE;
|
|
|
|
sig_mgr_rp = proc_addr(sig_mgr_proc_nr);
|
|
|
|
RTS_UNSET(sig_mgr_rp, RTS_NO_PRIV);
|
|
|
|
cause_sig(proc_nr, sig_nr); /* try again with the new sig mgr. */
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
/* We are out of luck. Time to panic. */
|
2010-04-14 11:06:34 +02:00
|
|
|
proc_stacktrace(rp);
|
2010-07-07 00:05:21 +02:00
|
|
|
panic("cause_sig: sig manager %d gets lethal signal %d for itself",
|
|
|
|
rp->p_endpoint, sig_nr);
|
New RS and new signal handling for system processes.
UPDATING INFO:
20100317:
/usr/src/etc/system.conf updated to ignore default kernel calls: copy
it (or merge it) to /etc/system.conf.
The hello driver (/dev/hello) added to the distribution:
# cd /usr/src/commands/scripts && make clean install
# cd /dev && MAKEDEV hello
KERNEL CHANGES:
- Generic signal handling support. The kernel no longer assumes PM as a signal
manager for every process. The signal manager of a given process can now be
specified in its privilege slot. When a signal has to be delivered, the kernel
performs the lookup and forwards the signal to the appropriate signal manager.
PM is the default signal manager for user processes, RS is the default signal
manager for system processes. To enable ptrace()ing for system processes, it
is sufficient to change the default signal manager to PM. This will temporarily
disable crash recovery, though.
- sys_exit() is now split into sys_exit() (i.e. exit() for system processes,
which generates a self-termination signal), and sys_clear() (i.e. used by PM
to ask the kernel to clear a process slot when a process exits).
- Added a new kernel call (i.e. sys_update()) to swap two process slots and
implement live update.
PM CHANGES:
- Posix signal handling is no longer allowed for system processes. System
signals are split into two fixed categories: termination and non-termination
signals. When a non-termination signaled is processed, PM transforms the signal
into an IPC message and delivers the message to the system process. When a
termination signal is processed, PM terminates the process.
- PM no longer assumes itself as the signal manager for system processes. It now
makes sure that every system signal goes through the kernel before being
actually processes. The kernel will then dispatch the signal to the appropriate
signal manager which may or may not be PM.
SYSLIB CHANGES:
- Simplified SEF init and LU callbacks.
- Added additional predefined SEF callbacks to debug crash recovery and
live update.
- Fixed a temporary ack in the SEF init protocol. SEF init reply is now
completely synchronous.
- Added SEF signal event type to provide a uniform interface for system
processes to deal with signals. A sef_cb_signal_handler() callback is
available for system processes to handle every received signal. A
sef_cb_signal_manager() callback is used by signal managers to process
system signals on behalf of the kernel.
- Fixed a few bugs with memory mapping and DS.
VM CHANGES:
- Page faults and memory requests coming from the kernel are now implemented
using signals.
- Added a new VM call to swap two process slots and implement live update.
- The call is used by RS at update time and in turn invokes the kernel call
sys_update().
RS CHANGES:
- RS has been reworked with a better functional decomposition.
- Better kernel call masks. com.h now defines the set of very basic kernel calls
every system service is allowed to use. This makes system.conf simpler and
easier to maintain. In addition, this guarantees a higher level of isolation
for system libraries that use one or more kernel calls internally (e.g. printf).
- RS is the default signal manager for system processes. By default, RS
intercepts every signal delivered to every system process. This makes crash
recovery possible before bringing PM and friends in the loop.
- RS now supports fast rollback when something goes wrong while initializing
the new version during a live update.
- Live update is now implemented by keeping the two versions side-by-side and
swapping the process slots when the old version is ready to update.
- Crash recovery is now implemented by keeping the two versions side-by-side
and cleaning up the old version only when the recovery process is complete.
DS CHANGES:
- Fixed a bug when the process doing ds_publish() or ds_delete() is not known
by DS.
- Fixed the completely broken support for strings. String publishing is now
implemented in the system library and simply wraps publishing of memory ranges.
Ideally, we should adopt a similar approach for other data types as well.
- Test suite fixed.
DRIVER CHANGES:
- The hello driver has been added to the Minix distribution to demonstrate basic
live update and crash recovery functionalities.
- Other drivers have been adapted to conform the new SEF interface.
2010-03-17 02:15:29 +01:00
|
|
|
}
|
2010-07-06 13:59:19 +02:00
|
|
|
(void) sigaddset(&priv(rp)->s_sig_pending, sig_nr);
|
New RS and new signal handling for system processes.
UPDATING INFO:
20100317:
/usr/src/etc/system.conf updated to ignore default kernel calls: copy
it (or merge it) to /etc/system.conf.
The hello driver (/dev/hello) added to the distribution:
# cd /usr/src/commands/scripts && make clean install
# cd /dev && MAKEDEV hello
KERNEL CHANGES:
- Generic signal handling support. The kernel no longer assumes PM as a signal
manager for every process. The signal manager of a given process can now be
specified in its privilege slot. When a signal has to be delivered, the kernel
performs the lookup and forwards the signal to the appropriate signal manager.
PM is the default signal manager for user processes, RS is the default signal
manager for system processes. To enable ptrace()ing for system processes, it
is sufficient to change the default signal manager to PM. This will temporarily
disable crash recovery, though.
- sys_exit() is now split into sys_exit() (i.e. exit() for system processes,
which generates a self-termination signal), and sys_clear() (i.e. used by PM
to ask the kernel to clear a process slot when a process exits).
- Added a new kernel call (i.e. sys_update()) to swap two process slots and
implement live update.
PM CHANGES:
- Posix signal handling is no longer allowed for system processes. System
signals are split into two fixed categories: termination and non-termination
signals. When a non-termination signaled is processed, PM transforms the signal
into an IPC message and delivers the message to the system process. When a
termination signal is processed, PM terminates the process.
- PM no longer assumes itself as the signal manager for system processes. It now
makes sure that every system signal goes through the kernel before being
actually processes. The kernel will then dispatch the signal to the appropriate
signal manager which may or may not be PM.
SYSLIB CHANGES:
- Simplified SEF init and LU callbacks.
- Added additional predefined SEF callbacks to debug crash recovery and
live update.
- Fixed a temporary ack in the SEF init protocol. SEF init reply is now
completely synchronous.
- Added SEF signal event type to provide a uniform interface for system
processes to deal with signals. A sef_cb_signal_handler() callback is
available for system processes to handle every received signal. A
sef_cb_signal_manager() callback is used by signal managers to process
system signals on behalf of the kernel.
- Fixed a few bugs with memory mapping and DS.
VM CHANGES:
- Page faults and memory requests coming from the kernel are now implemented
using signals.
- Added a new VM call to swap two process slots and implement live update.
- The call is used by RS at update time and in turn invokes the kernel call
sys_update().
RS CHANGES:
- RS has been reworked with a better functional decomposition.
- Better kernel call masks. com.h now defines the set of very basic kernel calls
every system service is allowed to use. This makes system.conf simpler and
easier to maintain. In addition, this guarantees a higher level of isolation
for system libraries that use one or more kernel calls internally (e.g. printf).
- RS is the default signal manager for system processes. By default, RS
intercepts every signal delivered to every system process. This makes crash
recovery possible before bringing PM and friends in the loop.
- RS now supports fast rollback when something goes wrong while initializing
the new version during a live update.
- Live update is now implemented by keeping the two versions side-by-side and
swapping the process slots when the old version is ready to update.
- Crash recovery is now implemented by keeping the two versions side-by-side
and cleaning up the old version only when the recovery process is complete.
DS CHANGES:
- Fixed a bug when the process doing ds_publish() or ds_delete() is not known
by DS.
- Fixed the completely broken support for strings. String publishing is now
implemented in the system library and simply wraps publishing of memory ranges.
Ideally, we should adopt a similar approach for other data types as well.
- Test suite fixed.
DRIVER CHANGES:
- The hello driver has been added to the Minix distribution to demonstrate basic
live update and crash recovery functionalities.
- Other drivers have been adapted to conform the new SEF interface.
2010-03-17 02:15:29 +01:00
|
|
|
send_sig(rp->p_endpoint, SIGKSIGSM);
|
|
|
|
return;
|
|
|
|
}
|
2007-04-23 16:23:37 +02:00
|
|
|
|
2005-06-24 18:24:40 +02:00
|
|
|
/* Check if the signal is already pending. Process it otherwise. */
|
|
|
|
if (! sigismember(&rp->p_pending, sig_nr)) {
|
2010-07-06 13:59:19 +02:00
|
|
|
(void) sigaddset(&rp->p_pending, sig_nr);
|
2009-11-10 10:11:13 +01:00
|
|
|
if (! (RTS_ISSET(rp, RTS_SIGNALED))) { /* other pending */
|
2010-02-09 16:26:58 +01:00
|
|
|
RTS_SET(rp, RTS_SIGNALED | RTS_SIG_PENDING);
|
New RS and new signal handling for system processes.
UPDATING INFO:
20100317:
/usr/src/etc/system.conf updated to ignore default kernel calls: copy
it (or merge it) to /etc/system.conf.
The hello driver (/dev/hello) added to the distribution:
# cd /usr/src/commands/scripts && make clean install
# cd /dev && MAKEDEV hello
KERNEL CHANGES:
- Generic signal handling support. The kernel no longer assumes PM as a signal
manager for every process. The signal manager of a given process can now be
specified in its privilege slot. When a signal has to be delivered, the kernel
performs the lookup and forwards the signal to the appropriate signal manager.
PM is the default signal manager for user processes, RS is the default signal
manager for system processes. To enable ptrace()ing for system processes, it
is sufficient to change the default signal manager to PM. This will temporarily
disable crash recovery, though.
- sys_exit() is now split into sys_exit() (i.e. exit() for system processes,
which generates a self-termination signal), and sys_clear() (i.e. used by PM
to ask the kernel to clear a process slot when a process exits).
- Added a new kernel call (i.e. sys_update()) to swap two process slots and
implement live update.
PM CHANGES:
- Posix signal handling is no longer allowed for system processes. System
signals are split into two fixed categories: termination and non-termination
signals. When a non-termination signaled is processed, PM transforms the signal
into an IPC message and delivers the message to the system process. When a
termination signal is processed, PM terminates the process.
- PM no longer assumes itself as the signal manager for system processes. It now
makes sure that every system signal goes through the kernel before being
actually processes. The kernel will then dispatch the signal to the appropriate
signal manager which may or may not be PM.
SYSLIB CHANGES:
- Simplified SEF init and LU callbacks.
- Added additional predefined SEF callbacks to debug crash recovery and
live update.
- Fixed a temporary ack in the SEF init protocol. SEF init reply is now
completely synchronous.
- Added SEF signal event type to provide a uniform interface for system
processes to deal with signals. A sef_cb_signal_handler() callback is
available for system processes to handle every received signal. A
sef_cb_signal_manager() callback is used by signal managers to process
system signals on behalf of the kernel.
- Fixed a few bugs with memory mapping and DS.
VM CHANGES:
- Page faults and memory requests coming from the kernel are now implemented
using signals.
- Added a new VM call to swap two process slots and implement live update.
- The call is used by RS at update time and in turn invokes the kernel call
sys_update().
RS CHANGES:
- RS has been reworked with a better functional decomposition.
- Better kernel call masks. com.h now defines the set of very basic kernel calls
every system service is allowed to use. This makes system.conf simpler and
easier to maintain. In addition, this guarantees a higher level of isolation
for system libraries that use one or more kernel calls internally (e.g. printf).
- RS is the default signal manager for system processes. By default, RS
intercepts every signal delivered to every system process. This makes crash
recovery possible before bringing PM and friends in the loop.
- RS now supports fast rollback when something goes wrong while initializing
the new version during a live update.
- Live update is now implemented by keeping the two versions side-by-side and
swapping the process slots when the old version is ready to update.
- Crash recovery is now implemented by keeping the two versions side-by-side
and cleaning up the old version only when the recovery process is complete.
DS CHANGES:
- Fixed a bug when the process doing ds_publish() or ds_delete() is not known
by DS.
- Fixed the completely broken support for strings. String publishing is now
implemented in the system library and simply wraps publishing of memory ranges.
Ideally, we should adopt a similar approach for other data types as well.
- Test suite fixed.
DRIVER CHANGES:
- The hello driver has been added to the Minix distribution to demonstrate basic
live update and crash recovery functionalities.
- Other drivers have been adapted to conform the new SEF interface.
2010-03-17 02:15:29 +01:00
|
|
|
send_sig(sig_mgr, SIGKSIG);
|
2005-06-30 17:55:19 +02:00
|
|
|
}
|
2005-06-24 18:24:40 +02:00
|
|
|
}
|
2005-04-21 16:53:53 +02:00
|
|
|
}
|
|
|
|
|
Merge of David's ptrace branch. Summary:
o Support for ptrace T_ATTACH/T_DETACH and T_SYSCALL
o PM signal handling logic should now work properly, even with debuggers
being present
o Asynchronous PM/VFS protocol, full IPC support for senda(), and
AMF_NOREPLY senda() flag
DETAILS
Process stop and delay call handling of PM:
o Added sys_runctl() kernel call with sys_stop() and sys_resume()
aliases, for PM to stop and resume a process
o Added exception for sending/syscall-traced processes to sys_runctl(),
and matching SIGKREADY pseudo-signal to PM
o Fixed PM signal logic to deal with requests from a process after
stopping it (so-called "delay calls"), using the SIGKREADY facility
o Fixed various PM panics due to race conditions with delay calls versus
VFS calls
o Removed special PRIO_STOP priority value
o Added SYS_LOCK RTS kernel flag, to stop an individual process from
running while modifying its process structure
Signal and debugger handling in PM:
o Fixed debugger signals being dropped if a second signal arrives when
the debugger has not retrieved the first one
o Fixed debugger signals being sent to the debugger more than once
o Fixed debugger signals unpausing process in VFS; removed PM_UNPAUSE_TR
protocol message
o Detached debugger signals from general signal logic and from being
blocked on VFS calls, meaning that even VFS can now be traced
o Fixed debugger being unable to receive more than one pending signal in
one process stop
o Fixed signal delivery being delayed needlessly when multiple signals
are pending
o Fixed wait test for tracer, which was returning for children that were
not waited for
o Removed second parallel pending call from PM to VFS for any process
o Fixed process becoming runnable between exec() and debugger trap
o Added support for notifying the debugger before the parent when a
debugged child exits
o Fixed debugger death causing child to remain stopped forever
o Fixed consistently incorrect use of _NSIG
Extensions to ptrace():
o Added T_ATTACH and T_DETACH ptrace request, to attach and detach a
debugger to and from a process
o Added T_SYSCALL ptrace request, to trace system calls
o Added T_SETOPT ptrace request, to set trace options
o Added TO_TRACEFORK trace option, to attach automatically to children
of a traced process
o Added TO_ALTEXEC trace option, to send SIGSTOP instead of SIGTRAP upon
a successful exec() of the tracee
o Extended T_GETUSER ptrace support to allow retrieving a process's priv
structure
o Removed T_STOP ptrace request again, as it does not help implementing
debuggers properly
o Added MINIX3-specific ptrace test (test42)
o Added proper manual page for ptrace(2)
Asynchronous PM/VFS interface:
o Fixed asynchronous messages not being checked when receive() is called
with an endpoint other than ANY
o Added AMF_NOREPLY senda() flag, preventing such messages from
satisfying the receive part of a sendrec()
o Added asynsend3() that takes optional flags; asynsend() is now a
#define passing in 0 as third parameter
o Made PM/VFS protocol asynchronous; reintroduced tell_fs()
o Made PM_BASE request/reply number range unique
o Hacked in a horrible temporary workaround into RS to deal with newly
revealed RS-PM-VFS race condition triangle until VFS is asynchronous
System signal handling:
o Fixed shutdown logic of device drivers; removed old SIGKSTOP signal
o Removed is-superuser check from PM's do_procstat() (aka getsigset())
o Added sigset macros to allow system processes to deal with the full
signal set, rather than just the POSIX subset
Miscellaneous PM fixes:
o Split do_getset into do_get and do_set, merging common code and making
structure clearer
o Fixed setpriority() being able to put to sleep processes using an
invalid parameter, or revive zombie processes
o Made find_proc() global; removed obsolete proc_from_pid()
o Cleanup here and there
Also included:
o Fixed false-positive boot order kernel warning
o Removed last traces of old NOTIFY_FROM code
THINGS OF POSSIBLE INTEREST
o It should now be possible to run PM at any priority, even lower than
user processes
o No assumptions are made about communication speed between PM and VFS,
although communication must be FIFO
o A debugger will now receive incoming debuggee signals at kill time
only; the process may not yet be fully stopped
o A first step has been made towards making the SYSTEM task preemptible
2009-09-30 11:57:22 +02:00
|
|
|
/*===========================================================================*
|
|
|
|
* sig_delay_done *
|
|
|
|
*===========================================================================*/
|
2010-03-30 16:07:15 +02:00
|
|
|
PUBLIC void sig_delay_done(struct proc *rp)
|
Merge of David's ptrace branch. Summary:
o Support for ptrace T_ATTACH/T_DETACH and T_SYSCALL
o PM signal handling logic should now work properly, even with debuggers
being present
o Asynchronous PM/VFS protocol, full IPC support for senda(), and
AMF_NOREPLY senda() flag
DETAILS
Process stop and delay call handling of PM:
o Added sys_runctl() kernel call with sys_stop() and sys_resume()
aliases, for PM to stop and resume a process
o Added exception for sending/syscall-traced processes to sys_runctl(),
and matching SIGKREADY pseudo-signal to PM
o Fixed PM signal logic to deal with requests from a process after
stopping it (so-called "delay calls"), using the SIGKREADY facility
o Fixed various PM panics due to race conditions with delay calls versus
VFS calls
o Removed special PRIO_STOP priority value
o Added SYS_LOCK RTS kernel flag, to stop an individual process from
running while modifying its process structure
Signal and debugger handling in PM:
o Fixed debugger signals being dropped if a second signal arrives when
the debugger has not retrieved the first one
o Fixed debugger signals being sent to the debugger more than once
o Fixed debugger signals unpausing process in VFS; removed PM_UNPAUSE_TR
protocol message
o Detached debugger signals from general signal logic and from being
blocked on VFS calls, meaning that even VFS can now be traced
o Fixed debugger being unable to receive more than one pending signal in
one process stop
o Fixed signal delivery being delayed needlessly when multiple signals
are pending
o Fixed wait test for tracer, which was returning for children that were
not waited for
o Removed second parallel pending call from PM to VFS for any process
o Fixed process becoming runnable between exec() and debugger trap
o Added support for notifying the debugger before the parent when a
debugged child exits
o Fixed debugger death causing child to remain stopped forever
o Fixed consistently incorrect use of _NSIG
Extensions to ptrace():
o Added T_ATTACH and T_DETACH ptrace request, to attach and detach a
debugger to and from a process
o Added T_SYSCALL ptrace request, to trace system calls
o Added T_SETOPT ptrace request, to set trace options
o Added TO_TRACEFORK trace option, to attach automatically to children
of a traced process
o Added TO_ALTEXEC trace option, to send SIGSTOP instead of SIGTRAP upon
a successful exec() of the tracee
o Extended T_GETUSER ptrace support to allow retrieving a process's priv
structure
o Removed T_STOP ptrace request again, as it does not help implementing
debuggers properly
o Added MINIX3-specific ptrace test (test42)
o Added proper manual page for ptrace(2)
Asynchronous PM/VFS interface:
o Fixed asynchronous messages not being checked when receive() is called
with an endpoint other than ANY
o Added AMF_NOREPLY senda() flag, preventing such messages from
satisfying the receive part of a sendrec()
o Added asynsend3() that takes optional flags; asynsend() is now a
#define passing in 0 as third parameter
o Made PM/VFS protocol asynchronous; reintroduced tell_fs()
o Made PM_BASE request/reply number range unique
o Hacked in a horrible temporary workaround into RS to deal with newly
revealed RS-PM-VFS race condition triangle until VFS is asynchronous
System signal handling:
o Fixed shutdown logic of device drivers; removed old SIGKSTOP signal
o Removed is-superuser check from PM's do_procstat() (aka getsigset())
o Added sigset macros to allow system processes to deal with the full
signal set, rather than just the POSIX subset
Miscellaneous PM fixes:
o Split do_getset into do_get and do_set, merging common code and making
structure clearer
o Fixed setpriority() being able to put to sleep processes using an
invalid parameter, or revive zombie processes
o Made find_proc() global; removed obsolete proc_from_pid()
o Cleanup here and there
Also included:
o Fixed false-positive boot order kernel warning
o Removed last traces of old NOTIFY_FROM code
THINGS OF POSSIBLE INTEREST
o It should now be possible to run PM at any priority, even lower than
user processes
o No assumptions are made about communication speed between PM and VFS,
although communication must be FIFO
o A debugger will now receive incoming debuggee signals at kill time
only; the process may not yet be fully stopped
o A first step has been made towards making the SYSTEM task preemptible
2009-09-30 11:57:22 +02:00
|
|
|
{
|
|
|
|
/* A process is now known not to send any direct messages.
|
2009-10-01 12:36:09 +02:00
|
|
|
* Tell PM that the stop delay has ended, by sending a signal to the process.
|
Merge of David's ptrace branch. Summary:
o Support for ptrace T_ATTACH/T_DETACH and T_SYSCALL
o PM signal handling logic should now work properly, even with debuggers
being present
o Asynchronous PM/VFS protocol, full IPC support for senda(), and
AMF_NOREPLY senda() flag
DETAILS
Process stop and delay call handling of PM:
o Added sys_runctl() kernel call with sys_stop() and sys_resume()
aliases, for PM to stop and resume a process
o Added exception for sending/syscall-traced processes to sys_runctl(),
and matching SIGKREADY pseudo-signal to PM
o Fixed PM signal logic to deal with requests from a process after
stopping it (so-called "delay calls"), using the SIGKREADY facility
o Fixed various PM panics due to race conditions with delay calls versus
VFS calls
o Removed special PRIO_STOP priority value
o Added SYS_LOCK RTS kernel flag, to stop an individual process from
running while modifying its process structure
Signal and debugger handling in PM:
o Fixed debugger signals being dropped if a second signal arrives when
the debugger has not retrieved the first one
o Fixed debugger signals being sent to the debugger more than once
o Fixed debugger signals unpausing process in VFS; removed PM_UNPAUSE_TR
protocol message
o Detached debugger signals from general signal logic and from being
blocked on VFS calls, meaning that even VFS can now be traced
o Fixed debugger being unable to receive more than one pending signal in
one process stop
o Fixed signal delivery being delayed needlessly when multiple signals
are pending
o Fixed wait test for tracer, which was returning for children that were
not waited for
o Removed second parallel pending call from PM to VFS for any process
o Fixed process becoming runnable between exec() and debugger trap
o Added support for notifying the debugger before the parent when a
debugged child exits
o Fixed debugger death causing child to remain stopped forever
o Fixed consistently incorrect use of _NSIG
Extensions to ptrace():
o Added T_ATTACH and T_DETACH ptrace request, to attach and detach a
debugger to and from a process
o Added T_SYSCALL ptrace request, to trace system calls
o Added T_SETOPT ptrace request, to set trace options
o Added TO_TRACEFORK trace option, to attach automatically to children
of a traced process
o Added TO_ALTEXEC trace option, to send SIGSTOP instead of SIGTRAP upon
a successful exec() of the tracee
o Extended T_GETUSER ptrace support to allow retrieving a process's priv
structure
o Removed T_STOP ptrace request again, as it does not help implementing
debuggers properly
o Added MINIX3-specific ptrace test (test42)
o Added proper manual page for ptrace(2)
Asynchronous PM/VFS interface:
o Fixed asynchronous messages not being checked when receive() is called
with an endpoint other than ANY
o Added AMF_NOREPLY senda() flag, preventing such messages from
satisfying the receive part of a sendrec()
o Added asynsend3() that takes optional flags; asynsend() is now a
#define passing in 0 as third parameter
o Made PM/VFS protocol asynchronous; reintroduced tell_fs()
o Made PM_BASE request/reply number range unique
o Hacked in a horrible temporary workaround into RS to deal with newly
revealed RS-PM-VFS race condition triangle until VFS is asynchronous
System signal handling:
o Fixed shutdown logic of device drivers; removed old SIGKSTOP signal
o Removed is-superuser check from PM's do_procstat() (aka getsigset())
o Added sigset macros to allow system processes to deal with the full
signal set, rather than just the POSIX subset
Miscellaneous PM fixes:
o Split do_getset into do_get and do_set, merging common code and making
structure clearer
o Fixed setpriority() being able to put to sleep processes using an
invalid parameter, or revive zombie processes
o Made find_proc() global; removed obsolete proc_from_pid()
o Cleanup here and there
Also included:
o Fixed false-positive boot order kernel warning
o Removed last traces of old NOTIFY_FROM code
THINGS OF POSSIBLE INTEREST
o It should now be possible to run PM at any priority, even lower than
user processes
o No assumptions are made about communication speed between PM and VFS,
although communication must be FIFO
o A debugger will now receive incoming debuggee signals at kill time
only; the process may not yet be fully stopped
o A first step has been made towards making the SYSTEM task preemptible
2009-09-30 11:57:22 +02:00
|
|
|
* Used for actual signal delivery.
|
|
|
|
*/
|
|
|
|
|
|
|
|
rp->p_misc_flags &= ~MF_SIG_DELAY;
|
|
|
|
|
2010-03-31 10:55:12 +02:00
|
|
|
cause_sig(proc_nr(rp), SIGSNDELAY);
|
Merge of David's ptrace branch. Summary:
o Support for ptrace T_ATTACH/T_DETACH and T_SYSCALL
o PM signal handling logic should now work properly, even with debuggers
being present
o Asynchronous PM/VFS protocol, full IPC support for senda(), and
AMF_NOREPLY senda() flag
DETAILS
Process stop and delay call handling of PM:
o Added sys_runctl() kernel call with sys_stop() and sys_resume()
aliases, for PM to stop and resume a process
o Added exception for sending/syscall-traced processes to sys_runctl(),
and matching SIGKREADY pseudo-signal to PM
o Fixed PM signal logic to deal with requests from a process after
stopping it (so-called "delay calls"), using the SIGKREADY facility
o Fixed various PM panics due to race conditions with delay calls versus
VFS calls
o Removed special PRIO_STOP priority value
o Added SYS_LOCK RTS kernel flag, to stop an individual process from
running while modifying its process structure
Signal and debugger handling in PM:
o Fixed debugger signals being dropped if a second signal arrives when
the debugger has not retrieved the first one
o Fixed debugger signals being sent to the debugger more than once
o Fixed debugger signals unpausing process in VFS; removed PM_UNPAUSE_TR
protocol message
o Detached debugger signals from general signal logic and from being
blocked on VFS calls, meaning that even VFS can now be traced
o Fixed debugger being unable to receive more than one pending signal in
one process stop
o Fixed signal delivery being delayed needlessly when multiple signals
are pending
o Fixed wait test for tracer, which was returning for children that were
not waited for
o Removed second parallel pending call from PM to VFS for any process
o Fixed process becoming runnable between exec() and debugger trap
o Added support for notifying the debugger before the parent when a
debugged child exits
o Fixed debugger death causing child to remain stopped forever
o Fixed consistently incorrect use of _NSIG
Extensions to ptrace():
o Added T_ATTACH and T_DETACH ptrace request, to attach and detach a
debugger to and from a process
o Added T_SYSCALL ptrace request, to trace system calls
o Added T_SETOPT ptrace request, to set trace options
o Added TO_TRACEFORK trace option, to attach automatically to children
of a traced process
o Added TO_ALTEXEC trace option, to send SIGSTOP instead of SIGTRAP upon
a successful exec() of the tracee
o Extended T_GETUSER ptrace support to allow retrieving a process's priv
structure
o Removed T_STOP ptrace request again, as it does not help implementing
debuggers properly
o Added MINIX3-specific ptrace test (test42)
o Added proper manual page for ptrace(2)
Asynchronous PM/VFS interface:
o Fixed asynchronous messages not being checked when receive() is called
with an endpoint other than ANY
o Added AMF_NOREPLY senda() flag, preventing such messages from
satisfying the receive part of a sendrec()
o Added asynsend3() that takes optional flags; asynsend() is now a
#define passing in 0 as third parameter
o Made PM/VFS protocol asynchronous; reintroduced tell_fs()
o Made PM_BASE request/reply number range unique
o Hacked in a horrible temporary workaround into RS to deal with newly
revealed RS-PM-VFS race condition triangle until VFS is asynchronous
System signal handling:
o Fixed shutdown logic of device drivers; removed old SIGKSTOP signal
o Removed is-superuser check from PM's do_procstat() (aka getsigset())
o Added sigset macros to allow system processes to deal with the full
signal set, rather than just the POSIX subset
Miscellaneous PM fixes:
o Split do_getset into do_get and do_set, merging common code and making
structure clearer
o Fixed setpriority() being able to put to sleep processes using an
invalid parameter, or revive zombie processes
o Made find_proc() global; removed obsolete proc_from_pid()
o Cleanup here and there
Also included:
o Fixed false-positive boot order kernel warning
o Removed last traces of old NOTIFY_FROM code
THINGS OF POSSIBLE INTEREST
o It should now be possible to run PM at any priority, even lower than
user processes
o No assumptions are made about communication speed between PM and VFS,
although communication must be FIFO
o A debugger will now receive incoming debuggee signals at kill time
only; the process may not yet be fully stopped
o A first step has been made towards making the SYSTEM task preemptible
2009-09-30 11:57:22 +02:00
|
|
|
}
|
|
|
|
|
Split of architecture-dependent and -independent functions for i386,
mainly in the kernel and headers. This split based on work by
Ingmar Alting <iaalting@cs.vu.nl> done for his Minix PowerPC architecture
port.
. kernel does not program the interrupt controller directly, do any
other architecture-dependent operations, or contain assembly any more,
but uses architecture-dependent functions in arch/$(ARCH)/.
. architecture-dependent constants and types defined in arch/$(ARCH)/include.
. <ibm/portio.h> moved to <minix/portio.h>, as they have become, for now,
architecture-independent functions.
. int86, sdevio, readbios, and iopenable are now i386-specific kernel calls
and live in arch/i386/do_* now.
. i386 arch now supports even less 86 code; e.g. mpx86.s and klib86.s have
gone, and 'machine.protected' is gone (and always taken to be 1 in i386).
If 86 support is to return, it should be a new architecture.
. prototypes for the architecture-dependent functions defined in
kernel/arch/$(ARCH)/*.c but used in kernel/ are in kernel/proto.h
. /etc/make.conf included in makefiles and shell scripts that need to
know the building architecture; it defines ARCH=<arch>, currently only
i386.
. some basic per-architecture build support outside of the kernel (lib)
. in clock.c, only dequeue a process if it was ready
. fixes for new include files
files deleted:
. mpx/klib.s - only for choosing between mpx/klib86 and -386
. klib86.s - only for 86
i386-specific files files moved (or arch-dependent stuff moved) to arch/i386/:
. mpx386.s (entry point)
. klib386.s
. sconst.h
. exception.c
. protect.c
. protect.h
. i8269.c
2006-12-22 16:22:27 +01:00
|
|
|
#if _MINIX_CHIP == _CHIP_INTEL
|
|
|
|
|
2005-04-21 16:53:53 +02:00
|
|
|
/*===========================================================================*
|
2005-05-24 12:06:17 +02:00
|
|
|
* umap_bios *
|
2005-04-21 16:53:53 +02:00
|
|
|
*===========================================================================*/
|
2008-11-19 13:26:10 +01:00
|
|
|
PUBLIC phys_bytes umap_bios(vir_addr, bytes)
|
2005-04-21 16:53:53 +02:00
|
|
|
vir_bytes vir_addr; /* virtual address in BIOS segment */
|
|
|
|
vir_bytes bytes; /* # of bytes to be copied */
|
|
|
|
{
|
2005-04-29 17:36:43 +02:00
|
|
|
/* Calculate the physical memory address at the BIOS. Note: currently, BIOS
|
Split of architecture-dependent and -independent functions for i386,
mainly in the kernel and headers. This split based on work by
Ingmar Alting <iaalting@cs.vu.nl> done for his Minix PowerPC architecture
port.
. kernel does not program the interrupt controller directly, do any
other architecture-dependent operations, or contain assembly any more,
but uses architecture-dependent functions in arch/$(ARCH)/.
. architecture-dependent constants and types defined in arch/$(ARCH)/include.
. <ibm/portio.h> moved to <minix/portio.h>, as they have become, for now,
architecture-independent functions.
. int86, sdevio, readbios, and iopenable are now i386-specific kernel calls
and live in arch/i386/do_* now.
. i386 arch now supports even less 86 code; e.g. mpx86.s and klib86.s have
gone, and 'machine.protected' is gone (and always taken to be 1 in i386).
If 86 support is to return, it should be a new architecture.
. prototypes for the architecture-dependent functions defined in
kernel/arch/$(ARCH)/*.c but used in kernel/ are in kernel/proto.h
. /etc/make.conf included in makefiles and shell scripts that need to
know the building architecture; it defines ARCH=<arch>, currently only
i386.
. some basic per-architecture build support outside of the kernel (lib)
. in clock.c, only dequeue a process if it was ready
. fixes for new include files
files deleted:
. mpx/klib.s - only for choosing between mpx/klib86 and -386
. klib86.s - only for 86
i386-specific files files moved (or arch-dependent stuff moved) to arch/i386/:
. mpx386.s (entry point)
. klib386.s
. sconst.h
. exception.c
. protect.c
. protect.h
. i8269.c
2006-12-22 16:22:27 +01:00
|
|
|
* address zero (the first BIOS interrupt vector) is not considered as an
|
2005-04-29 17:36:43 +02:00
|
|
|
* error here, but since the physical address will be zero as well, the
|
|
|
|
* calling function will think an error occurred. This is not a problem,
|
|
|
|
* since no one uses the first BIOS interrupt vector.
|
|
|
|
*/
|
2005-04-21 16:53:53 +02:00
|
|
|
|
2005-04-29 17:36:43 +02:00
|
|
|
/* Check all acceptable ranges. */
|
|
|
|
if (vir_addr >= BIOS_MEM_BEGIN && vir_addr + bytes <= BIOS_MEM_END)
|
|
|
|
return (phys_bytes) vir_addr;
|
2005-07-21 20:36:40 +02:00
|
|
|
else if (vir_addr >= BASE_MEM_TOP && vir_addr + bytes <= UPPER_MEM_END)
|
2005-04-29 17:36:43 +02:00
|
|
|
return (phys_bytes) vir_addr;
|
2005-07-21 20:36:40 +02:00
|
|
|
|
2010-03-03 16:45:01 +01:00
|
|
|
printf("Warning, error in umap_bios, virtual address 0x%x\n", vir_addr);
|
2005-04-29 17:36:43 +02:00
|
|
|
return 0;
|
2005-04-21 16:53:53 +02:00
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
Split of architecture-dependent and -independent functions for i386,
mainly in the kernel and headers. This split based on work by
Ingmar Alting <iaalting@cs.vu.nl> done for his Minix PowerPC architecture
port.
. kernel does not program the interrupt controller directly, do any
other architecture-dependent operations, or contain assembly any more,
but uses architecture-dependent functions in arch/$(ARCH)/.
. architecture-dependent constants and types defined in arch/$(ARCH)/include.
. <ibm/portio.h> moved to <minix/portio.h>, as they have become, for now,
architecture-independent functions.
. int86, sdevio, readbios, and iopenable are now i386-specific kernel calls
and live in arch/i386/do_* now.
. i386 arch now supports even less 86 code; e.g. mpx86.s and klib86.s have
gone, and 'machine.protected' is gone (and always taken to be 1 in i386).
If 86 support is to return, it should be a new architecture.
. prototypes for the architecture-dependent functions defined in
kernel/arch/$(ARCH)/*.c but used in kernel/ are in kernel/proto.h
. /etc/make.conf included in makefiles and shell scripts that need to
know the building architecture; it defines ARCH=<arch>, currently only
i386.
. some basic per-architecture build support outside of the kernel (lib)
. in clock.c, only dequeue a process if it was ready
. fixes for new include files
files deleted:
. mpx/klib.s - only for choosing between mpx/klib86 and -386
. klib86.s - only for 86
i386-specific files files moved (or arch-dependent stuff moved) to arch/i386/:
. mpx386.s (entry point)
. klib386.s
. sconst.h
. exception.c
. protect.c
. protect.h
. i8269.c
2006-12-22 16:22:27 +01:00
|
|
|
/*===========================================================================*
|
|
|
|
* umap_grant *
|
|
|
|
*===========================================================================*/
|
|
|
|
PUBLIC phys_bytes umap_grant(rp, grant, bytes)
|
|
|
|
struct proc *rp; /* pointer to proc table entry for process */
|
|
|
|
cp_grant_id_t grant; /* grant no. */
|
|
|
|
vir_bytes bytes; /* size */
|
|
|
|
{
|
|
|
|
int proc_nr;
|
2008-11-19 13:26:10 +01:00
|
|
|
vir_bytes offset, ret;
|
Split of architecture-dependent and -independent functions for i386,
mainly in the kernel and headers. This split based on work by
Ingmar Alting <iaalting@cs.vu.nl> done for his Minix PowerPC architecture
port.
. kernel does not program the interrupt controller directly, do any
other architecture-dependent operations, or contain assembly any more,
but uses architecture-dependent functions in arch/$(ARCH)/.
. architecture-dependent constants and types defined in arch/$(ARCH)/include.
. <ibm/portio.h> moved to <minix/portio.h>, as they have become, for now,
architecture-independent functions.
. int86, sdevio, readbios, and iopenable are now i386-specific kernel calls
and live in arch/i386/do_* now.
. i386 arch now supports even less 86 code; e.g. mpx86.s and klib86.s have
gone, and 'machine.protected' is gone (and always taken to be 1 in i386).
If 86 support is to return, it should be a new architecture.
. prototypes for the architecture-dependent functions defined in
kernel/arch/$(ARCH)/*.c but used in kernel/ are in kernel/proto.h
. /etc/make.conf included in makefiles and shell scripts that need to
know the building architecture; it defines ARCH=<arch>, currently only
i386.
. some basic per-architecture build support outside of the kernel (lib)
. in clock.c, only dequeue a process if it was ready
. fixes for new include files
files deleted:
. mpx/klib.s - only for choosing between mpx/klib86 and -386
. klib86.s - only for 86
i386-specific files files moved (or arch-dependent stuff moved) to arch/i386/:
. mpx386.s (entry point)
. klib386.s
. sconst.h
. exception.c
. protect.c
. protect.h
. i8269.c
2006-12-22 16:22:27 +01:00
|
|
|
endpoint_t granter;
|
2008-11-19 13:26:10 +01:00
|
|
|
|
Split of architecture-dependent and -independent functions for i386,
mainly in the kernel and headers. This split based on work by
Ingmar Alting <iaalting@cs.vu.nl> done for his Minix PowerPC architecture
port.
. kernel does not program the interrupt controller directly, do any
other architecture-dependent operations, or contain assembly any more,
but uses architecture-dependent functions in arch/$(ARCH)/.
. architecture-dependent constants and types defined in arch/$(ARCH)/include.
. <ibm/portio.h> moved to <minix/portio.h>, as they have become, for now,
architecture-independent functions.
. int86, sdevio, readbios, and iopenable are now i386-specific kernel calls
and live in arch/i386/do_* now.
. i386 arch now supports even less 86 code; e.g. mpx86.s and klib86.s have
gone, and 'machine.protected' is gone (and always taken to be 1 in i386).
If 86 support is to return, it should be a new architecture.
. prototypes for the architecture-dependent functions defined in
kernel/arch/$(ARCH)/*.c but used in kernel/ are in kernel/proto.h
. /etc/make.conf included in makefiles and shell scripts that need to
know the building architecture; it defines ARCH=<arch>, currently only
i386.
. some basic per-architecture build support outside of the kernel (lib)
. in clock.c, only dequeue a process if it was ready
. fixes for new include files
files deleted:
. mpx/klib.s - only for choosing between mpx/klib86 and -386
. klib86.s - only for 86
i386-specific files files moved (or arch-dependent stuff moved) to arch/i386/:
. mpx386.s (entry point)
. klib386.s
. sconst.h
. exception.c
. protect.c
. protect.h
. i8269.c
2006-12-22 16:22:27 +01:00
|
|
|
/* See if the grant in that process is sensible, and
|
|
|
|
* find out the virtual address and (optionally) new
|
|
|
|
* process for that address.
|
|
|
|
*
|
|
|
|
* Then convert that process to a slot number.
|
|
|
|
*/
|
|
|
|
if(verify_grant(rp->p_endpoint, ANY, grant, bytes, 0, 0,
|
|
|
|
&offset, &granter) != OK) {
|
2010-03-03 16:45:01 +01:00
|
|
|
printf("SYSTEM: umap_grant: verify_grant failed\n");
|
Split of architecture-dependent and -independent functions for i386,
mainly in the kernel and headers. This split based on work by
Ingmar Alting <iaalting@cs.vu.nl> done for his Minix PowerPC architecture
port.
. kernel does not program the interrupt controller directly, do any
other architecture-dependent operations, or contain assembly any more,
but uses architecture-dependent functions in arch/$(ARCH)/.
. architecture-dependent constants and types defined in arch/$(ARCH)/include.
. <ibm/portio.h> moved to <minix/portio.h>, as they have become, for now,
architecture-independent functions.
. int86, sdevio, readbios, and iopenable are now i386-specific kernel calls
and live in arch/i386/do_* now.
. i386 arch now supports even less 86 code; e.g. mpx86.s and klib86.s have
gone, and 'machine.protected' is gone (and always taken to be 1 in i386).
If 86 support is to return, it should be a new architecture.
. prototypes for the architecture-dependent functions defined in
kernel/arch/$(ARCH)/*.c but used in kernel/ are in kernel/proto.h
. /etc/make.conf included in makefiles and shell scripts that need to
know the building architecture; it defines ARCH=<arch>, currently only
i386.
. some basic per-architecture build support outside of the kernel (lib)
. in clock.c, only dequeue a process if it was ready
. fixes for new include files
files deleted:
. mpx/klib.s - only for choosing between mpx/klib86 and -386
. klib86.s - only for 86
i386-specific files files moved (or arch-dependent stuff moved) to arch/i386/:
. mpx386.s (entry point)
. klib386.s
. sconst.h
. exception.c
. protect.c
. protect.h
. i8269.c
2006-12-22 16:22:27 +01:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
if(!isokendpt(granter, &proc_nr)) {
|
2010-03-03 16:45:01 +01:00
|
|
|
printf("SYSTEM: umap_grant: isokendpt failed\n");
|
Split of architecture-dependent and -independent functions for i386,
mainly in the kernel and headers. This split based on work by
Ingmar Alting <iaalting@cs.vu.nl> done for his Minix PowerPC architecture
port.
. kernel does not program the interrupt controller directly, do any
other architecture-dependent operations, or contain assembly any more,
but uses architecture-dependent functions in arch/$(ARCH)/.
. architecture-dependent constants and types defined in arch/$(ARCH)/include.
. <ibm/portio.h> moved to <minix/portio.h>, as they have become, for now,
architecture-independent functions.
. int86, sdevio, readbios, and iopenable are now i386-specific kernel calls
and live in arch/i386/do_* now.
. i386 arch now supports even less 86 code; e.g. mpx86.s and klib86.s have
gone, and 'machine.protected' is gone (and always taken to be 1 in i386).
If 86 support is to return, it should be a new architecture.
. prototypes for the architecture-dependent functions defined in
kernel/arch/$(ARCH)/*.c but used in kernel/ are in kernel/proto.h
. /etc/make.conf included in makefiles and shell scripts that need to
know the building architecture; it defines ARCH=<arch>, currently only
i386.
. some basic per-architecture build support outside of the kernel (lib)
. in clock.c, only dequeue a process if it was ready
. fixes for new include files
files deleted:
. mpx/klib.s - only for choosing between mpx/klib86 and -386
. klib86.s - only for 86
i386-specific files files moved (or arch-dependent stuff moved) to arch/i386/:
. mpx386.s (entry point)
. klib386.s
. sconst.h
. exception.c
. protect.c
. protect.h
. i8269.c
2006-12-22 16:22:27 +01:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Do the mapping from virtual to physical. */
|
2008-11-19 13:26:10 +01:00
|
|
|
ret = umap_virtual(proc_addr(proc_nr), D, offset, bytes);
|
|
|
|
if(!ret) {
|
2010-03-03 16:45:01 +01:00
|
|
|
printf("SYSTEM:umap_grant:umap_virtual failed; grant %s:%d -> %s: vir 0x%lx\n",
|
2008-11-19 13:26:10 +01:00
|
|
|
rp->p_name, grant,
|
|
|
|
proc_addr(proc_nr)->p_name, offset);
|
|
|
|
}
|
|
|
|
return ret;
|
2005-04-21 16:53:53 +02:00
|
|
|
}
|
|
|
|
|
2010-04-08 15:41:35 +02:00
|
|
|
/*===========================================================================*
|
|
|
|
* clear_ipc *
|
|
|
|
*===========================================================================*/
|
2010-04-22 09:49:40 +02:00
|
|
|
PRIVATE void clear_ipc(
|
|
|
|
register struct proc *rc /* slot of process to clean up */
|
|
|
|
)
|
2010-04-08 15:41:35 +02:00
|
|
|
{
|
|
|
|
/* Clear IPC data for a given process slot. */
|
|
|
|
struct proc **xpp; /* iterate over caller queue */
|
|
|
|
|
2009-11-10 10:11:13 +01:00
|
|
|
if (RTS_ISSET(rc, RTS_SENDING)) {
|
2006-03-15 13:01:59 +01:00
|
|
|
int target_proc;
|
|
|
|
|
|
|
|
okendpt(rc->p_sendto_e, &target_proc);
|
|
|
|
xpp = &proc_addr(target_proc)->p_caller_q; /* destination's queue */
|
2010-03-28 11:54:32 +02:00
|
|
|
while (*xpp) { /* check entire queue */
|
2006-03-15 13:01:59 +01:00
|
|
|
if (*xpp == rc) { /* process is on the queue */
|
|
|
|
*xpp = (*xpp)->p_q_link; /* replace by next process */
|
|
|
|
#if DEBUG_ENABLE_IPC_WARNINGS
|
2010-03-03 16:45:01 +01:00
|
|
|
printf("endpoint %d / %s removed from queue at %d\n",
|
2009-01-14 09:52:50 +01:00
|
|
|
rc->p_endpoint, rc->p_name, rc->p_sendto_e);
|
2006-03-15 13:01:59 +01:00
|
|
|
#endif
|
|
|
|
break; /* can only be queued once */
|
|
|
|
}
|
|
|
|
xpp = &(*xpp)->p_q_link; /* proceed to next queued */
|
|
|
|
}
|
2011-01-18 11:18:08 +01:00
|
|
|
RTS_UNSET(rc, RTS_SENDING);
|
2006-03-15 13:01:59 +01:00
|
|
|
}
|
2011-01-18 11:18:08 +01:00
|
|
|
RTS_UNSET(rc, RTS_RECEIVING);
|
2010-04-08 15:41:35 +02:00
|
|
|
}
|
|
|
|
|
2010-04-22 09:49:40 +02:00
|
|
|
/*===========================================================================*
|
|
|
|
* clear_endpoint *
|
|
|
|
*===========================================================================*/
|
|
|
|
PUBLIC void clear_endpoint(rc)
|
|
|
|
register struct proc *rc; /* slot of process to clean up */
|
|
|
|
{
|
|
|
|
if(isemptyp(rc)) panic("clear_proc: empty process: %d", rc->p_endpoint);
|
|
|
|
|
|
|
|
/* Make sure that the exiting process is no longer scheduled. */
|
|
|
|
RTS_SET(rc, RTS_NO_ENDPOINT);
|
|
|
|
if (priv(rc)->s_flags & SYS_PROC)
|
|
|
|
{
|
|
|
|
priv(rc)->s_asynsize= 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* If the process happens to be queued trying to send a
|
|
|
|
* message, then it must be removed from the message queues.
|
|
|
|
*/
|
|
|
|
clear_ipc(rc);
|
|
|
|
|
|
|
|
/* Likewise, if another process was sending or receive a message to or from
|
|
|
|
* the exiting process, it must be alerted that process no longer is alive.
|
|
|
|
* Check all processes.
|
|
|
|
*/
|
|
|
|
clear_ipc_refs(rc, EDEADSRCDST);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
2010-04-08 15:41:35 +02:00
|
|
|
/*===========================================================================*
|
|
|
|
* clear_ipc_refs *
|
|
|
|
*===========================================================================*/
|
|
|
|
PUBLIC void clear_ipc_refs(rc, caller_ret)
|
|
|
|
register struct proc *rc; /* slot of process to clean up */
|
|
|
|
int caller_ret; /* code to return on callers */
|
|
|
|
{
|
|
|
|
/* Clear IPC references for a given process slot. */
|
|
|
|
struct proc *rp; /* iterate over process table */
|
2006-03-15 13:01:59 +01:00
|
|
|
|
|
|
|
for (rp = BEG_PROC_ADDR; rp < END_PROC_ADDR; rp++) {
|
|
|
|
if(isemptyp(rp))
|
|
|
|
continue;
|
|
|
|
|
|
|
|
/* Unset pending notification bits. */
|
|
|
|
unset_sys_bit(priv(rp)->s_notify_pending, priv(rc)->s_id);
|
|
|
|
|
2010-04-08 15:41:35 +02:00
|
|
|
/* XXX FIXME: Cleanup should be done for senda() as well. For this to be
|
|
|
|
* done in a realistic way, we need a better implementation of senda
|
|
|
|
* with a bitmap similar to s_notify_pending for notify() rather than
|
|
|
|
* a single global MF_ASYNMSG flag. The current arrangement exposes
|
|
|
|
* several performance issues.
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* Check if process depends on given process. */
|
2010-03-03 16:32:26 +01:00
|
|
|
if (P_BLOCKEDON(rp) == rc->p_endpoint) {
|
2010-04-08 15:41:35 +02:00
|
|
|
rp->p_reg.retreg = caller_ret; /* return requested code */
|
2011-01-18 11:18:08 +01:00
|
|
|
clear_ipc(rp);
|
2010-04-08 15:41:35 +02:00
|
|
|
}
|
2006-03-15 13:01:59 +01:00
|
|
|
}
|
2008-11-19 13:26:10 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/*===========================================================================*
|
2010-02-09 16:20:09 +01:00
|
|
|
* kernel_call_resume *
|
2008-11-19 13:26:10 +01:00
|
|
|
*===========================================================================*/
|
2010-02-09 16:20:09 +01:00
|
|
|
PUBLIC void kernel_call_resume(struct proc *caller)
|
2008-11-19 13:26:10 +01:00
|
|
|
{
|
2010-02-09 16:20:09 +01:00
|
|
|
int result;
|
|
|
|
|
2010-03-10 14:00:05 +01:00
|
|
|
assert(!RTS_ISSET(caller, RTS_SLOT_FREE));
|
|
|
|
assert(!RTS_ISSET(caller, RTS_VMREQUEST));
|
2010-02-09 16:20:09 +01:00
|
|
|
|
2010-03-10 14:00:05 +01:00
|
|
|
assert(caller->p_vmrequest.saved.reqmsg.m_source == caller->p_endpoint);
|
2010-02-09 16:20:09 +01:00
|
|
|
|
|
|
|
/*
|
|
|
|
printf("KERNEL_CALL restart from %s / %d rts 0x%08x misc 0x%08x\n",
|
|
|
|
caller->p_name, caller->p_endpoint,
|
|
|
|
caller->p_rts_flags, caller->p_misc_flags);
|
|
|
|
*/
|
|
|
|
|
2010-07-05 01:09:24 +02:00
|
|
|
/* re-execute the kernel call, with MF_KCALL_RESUME still set so
|
|
|
|
* the call knows this is a retry.
|
|
|
|
*/
|
|
|
|
result = kernel_call_dispatch(caller, &caller->p_vmrequest.saved.reqmsg);
|
2010-02-09 16:20:09 +01:00
|
|
|
/*
|
|
|
|
* we are resuming the kernel call so we have to remove this flag so it
|
|
|
|
* can be set again
|
|
|
|
*/
|
|
|
|
caller->p_misc_flags &= ~MF_KCALL_RESUME;
|
|
|
|
kernel_call_finish(caller, &caller->p_vmrequest.saved.reqmsg, result);
|
2006-03-15 13:01:59 +01:00
|
|
|
}
|
2010-07-13 17:30:17 +02:00
|
|
|
|
|
|
|
/*===========================================================================*
|
|
|
|
* sched_proc *
|
|
|
|
*===========================================================================*/
|
2010-09-15 16:10:42 +02:00
|
|
|
PUBLIC int sched_proc(struct proc *p,
|
|
|
|
int priority,
|
|
|
|
int quantum,
|
|
|
|
int cpu)
|
2010-07-13 17:30:17 +02:00
|
|
|
{
|
2010-09-15 16:10:42 +02:00
|
|
|
/* Make sure the values given are within the allowed range.*/
|
|
|
|
if ((priority < TASK_Q && priority != -1) || priority > NR_SCHED_QUEUES)
|
|
|
|
return(EINVAL);
|
2010-07-13 17:30:17 +02:00
|
|
|
|
2010-09-15 16:10:42 +02:00
|
|
|
if (quantum < 1 && quantum != -1)
|
|
|
|
return(EINVAL);
|
|
|
|
|
2010-09-15 16:11:03 +02:00
|
|
|
#ifdef CONFIG_SMP
|
2010-09-15 16:10:42 +02:00
|
|
|
if ((cpu < 0 && cpu != -1) || (cpu > 0 && (unsigned) cpu >= ncpus))
|
|
|
|
return(EINVAL);
|
2010-09-15 16:11:21 +02:00
|
|
|
if (cpu != -1 && !(cpu_is_ready(cpu)))
|
|
|
|
return EBADCPU;
|
2010-09-15 16:11:03 +02:00
|
|
|
#endif
|
2010-07-13 17:30:17 +02:00
|
|
|
|
|
|
|
/* In some cases, we might be rescheduling a runnable process. In such
|
|
|
|
* a case (i.e. if we are updating the priority) we set the NO_QUANTUM
|
|
|
|
* flag before the generic unset to dequeue/enqueue the process
|
|
|
|
*/
|
|
|
|
|
2010-09-15 16:10:42 +02:00
|
|
|
/* FIXME this preempts the process, do we really want to do that ?*/
|
|
|
|
|
|
|
|
/* FIXME this is a problem for SMP if the processes currently runs on a
|
|
|
|
* different CPU */
|
2010-09-15 16:10:51 +02:00
|
|
|
if (proc_is_runnable(p)) {
|
2010-09-15 16:11:03 +02:00
|
|
|
#ifdef CONFIG_SMP
|
2010-09-15 16:10:51 +02:00
|
|
|
if (p->p_cpu != cpuid && cpu != -1 && cpu != p->p_cpu) {
|
2010-09-15 16:11:25 +02:00
|
|
|
smp_schedule_migrate_proc(p, cpu);
|
2010-09-15 16:10:51 +02:00
|
|
|
}
|
2010-09-15 16:11:03 +02:00
|
|
|
#endif
|
2010-09-15 16:10:51 +02:00
|
|
|
|
|
|
|
RTS_SET(p, RTS_NO_QUANTUM);
|
2010-09-15 16:10:42 +02:00
|
|
|
}
|
2010-07-13 17:30:17 +02:00
|
|
|
|
2010-09-15 16:10:42 +02:00
|
|
|
if (proc_is_runnable(p))
|
|
|
|
RTS_SET(p, RTS_NO_QUANTUM);
|
|
|
|
|
|
|
|
if (priority != -1)
|
|
|
|
p->p_priority = priority;
|
|
|
|
if (quantum != -1) {
|
|
|
|
p->p_quantum_size_ms = quantum;
|
|
|
|
p->p_cpu_time_left = ms_2_cpu_time(quantum);
|
|
|
|
}
|
2010-09-15 16:11:03 +02:00
|
|
|
#ifdef CONFIG_SMP
|
2010-09-15 16:10:42 +02:00
|
|
|
if (cpu != -1)
|
|
|
|
p->p_cpu = cpu;
|
2010-09-15 16:11:03 +02:00
|
|
|
#endif
|
2010-09-15 16:10:42 +02:00
|
|
|
|
|
|
|
/* Clear the scheduling bit and enqueue the process */
|
|
|
|
RTS_UNSET(p, RTS_NO_QUANTUM);
|
2010-07-13 17:30:17 +02:00
|
|
|
|
|
|
|
return OK;
|
|
|
|
}
|
|
|
|
|