Commit graph

1679 commits

Author SHA1 Message Date
Ben Gras
2384a85296 FS support for grant-based i/o.
For character device i/o, FS does a so-called 'magic' grant to let the
driver copy from or to user space. As this is done in FS address space,
the driver is told to do this in FS address space. The redirection to
the right user process then happens at copy-time in the kernel, using the
FS grant table. This also happens for DEV_READ and DEV_WRITE on block
devices.

For other block device i/o, which happens from/to FS buffers, FS does
a 'direct' grant to its own address space for the driver.

After the i/o returns, this access has to be K-I-L-L-E-D, revoked.
Sometimes this is after a SUSPEND and DEV_REVIVE, in which case the
revoking happens in pipe.c.

This conversion happens in safe_io_conversion() in device.c, called
by dev_io and dev_bio.

FS has to pre-allocate its own space for these grant tables. This happens
in main.c.
2006-06-20 10:12:09 +00:00
Ben Gras
54f1e6d3d4 Use endpoint_t 2006-06-20 10:04:33 +00:00
Ben Gras
7a76a7a495 Rename protected to prot
Also print size of grant table known in system
2006-06-20 10:03:48 +00:00
Ben Gras
3061d7b17a Changed do_devio not to require DIO_TYPE, but to extract type
from DIO_REQUEST. Also do_vdevio. Also do_sdevio, but this
function also supports grant id's and offsets.

do_segctl: rename protected to prot.

do_umap: support for GRANT_SEG umap.

do_privctl: support SYS_PRIV_SET_GRANTS, which sets location and size
of in-own-address-space grant table.

do_safecopy: functions to verify and perform 'safe' (grant-based) copies.
2006-06-20 10:03:10 +00:00
Ben Gras
ada6592af9 Prototype of do_safecopy 2006-06-20 09:59:50 +00:00
Ben Gras
bf6fa2acd0 Introduced global sys_call_code to check in called kernel call
implementation functions.

Changed check in system.c to check compile-time-sized bitmap of
kernel calls.

Added SYS_SAFECOPYFROM and SYS_SAFECOPYTO, both mapping to
do_safecopy (that's what sys_call_code is used for).
2006-06-20 09:58:58 +00:00
Ben Gras
b89c6634f5 Use endpoint_t. New prototypes for related to grants and safecopy functions. 2006-06-20 09:57:00 +00:00
Ben Gras
2e89eb5270 Change allowed kernel call bitmap to an array of bitmaps to allow
any number of kernel calls.

Allowed kernel calls are stored in table.c for every image process as a
variably-sized array of allowed calls. This is used to fill the bitmap
of size determined at compile time by the number of kernel calls. This
filling is done by main.c. There is a special call called SYS_ALL_CALLS
which fills the bitmap of allowed calls completely, if that is the only
entry in the array.
2006-06-20 09:56:06 +00:00
Ben Gras
eecb40cf21 Rename protected to prot for g++ 2006-06-20 09:52:11 +00:00
Ben Gras
28950e6104 Use endpoint_t type 2006-06-20 09:51:49 +00:00
Ben Gras
831bc7ecd1 Move bitmap manipulation macros to <minix/bitmap.h> 2006-06-20 09:50:26 +00:00
Ben Gras
281e76364a Conversion to safe calls, and returning grant in DEV_REVIVE messages 2006-06-20 09:49:02 +00:00
Ben Gras
d61715a69e Fix for new *_ins* i/o functions 2006-06-20 09:48:26 +00:00
Ben Gras
6d8fa97233 Kick out REVIVE 2006-06-20 09:47:23 +00:00
Ben Gras
b80626c878 safe conversion 2006-06-20 09:46:57 +00:00
Ben Gras
1c8b206a5d . Safe I/O, ioctl() and DIAGNOSTICS variants conversion - safe copies,
include grant id in DEV_REVIVE messages.
. Removal of TTY_FLAGS field (and so O_NONBLOCK support).
. Fixed CANCEL behaviour and return code on blocking I/O,
  previously handled by O_NONBLOCK
. Totally removed REVIVE replies, previously still possible on
  blocking ioctls (REVIVE directly called) and ptys (missing TTY_REVIVE
  check), removes deadlock bug with FS
. Removed obsolete *COMPAT options and associated code
2006-06-20 09:02:54 +00:00
Ben Gras
9fa06d5e3f safe conversion 2006-06-20 08:56:58 +00:00
Ben Gras
5350645c86 Safe I/O and ioctl functions 2006-06-20 08:56:15 +00:00
Ben Gras
60bbcab13f Understand *_S variants: DIAGNOSTICS_S, DEV_{READ,WRITE,IOCTL}_S,
include grant id in DEV_REVIVE messages
2006-06-20 08:55:35 +00:00
Ben Gras
3ca26c812d Change to 'safe' copy variant 2006-06-20 08:54:22 +00:00
Ben Gras
ad6d8a53c8 Understand *_S variants 2006-06-20 08:52:26 +00:00
Ben Gras
4fa6691106 Change for safe copies, and DEV_REVIVE message including grant id 2006-06-20 08:52:11 +00:00
Ben Gras
3bd3c2cee1 Change at driver to understand 'safe' transfers and ioctls; do corresponding
safe copy and safe sys_insw and sys_outsw calls.
2006-06-20 08:51:24 +00:00
Ben Gras
e929676268 . made libdriver understand *_S variants
. ioctl, transfer and 'other' functions get an extra parameter: 'safe', int
  is nonzero if function is called with *_S variant ('other' if ioctl)
2006-06-20 08:49:51 +00:00
Ben Gras
9be69be836 . flex moved back into the base system, so prefix is /usr
. sysenv.c and umount.c need <minix/type.h> now
2006-06-20 08:46:45 +00:00
Ben Gras
296a0fb33d /CD check unnecessary 2006-06-20 08:46:09 +00:00
Ben Gras
9df1183b94 . removed const from putenv() for g++
. added safecopies.c:
  these are library functions to maintain grant tables in own address space
. sys_safecopy.c:
  interfaces to kernel calls to perform safe copy functions in from or to
  foreign process
. changes in i/o fields (type merged with request) reflected in
  library functions (sys_out.c, sys_vinb.c, sys_vinl.c, sys_vinw.c,
  sys_voutb.c, sys_voutl.c, sys_voutw.c)
. type merged with request in sys_sdevio, also now accepts offset which
  is used when a grant is specified (the _DIO_SAFE subtype)
. system printf() function changed to send DIAGNOSTICS_S messages, which
  specify a grant id instead of a direct address for the buffer to be
  printed; tty and log can then safecopy the buffer
2006-06-20 08:45:04 +00:00
Ben Gras
cfb984e9bd . renamed __str to __makestr to allow for g++
. changed some CMOS ioctl codes to have correct sizes (struct tm instead
  of u32_t), a disk ioctl code from W to RW, and memory ioctl codes from R
  to W, needed for proper matching of grant in FS
2006-06-20 08:40:26 +00:00
Ben Gras
aaca17c36d . introduced DEV_READ_S, DEV_WRITE_S, DEV_SCATTER_S, DEV_GATHER_S
and DEV_IOCTL_S as replacements for DEV_READ, DEV_WRITE, DEV_SCATTER,
  DEV_GATHER and DEV_IOCTL. Instead of a direct address, the *_S commands
  pass 'grant ids' to the drivers which are referenced through a new set
  of copy calls (sys_safecopyfrom and sys_safecopyto). in order for this
  copy to succeed, the grant must have previously been created in the
  address space of the granter.
. bitmap manipulation functions moved to <minix/bitmap.h>
. HIGHPOS introduced as field containing high 32 bits of position in
  device I/O message; TTY_FLAGS no longer used
. IO_GRANT field introduced for GRANTs, to replace ADDRESS
. REP_IO_GRANT field for un-SUSPEND messages introduced to indicate
  grant for which I/O was done to disambiguate messages
. SYS_SAFECOPYFROM and SYS_SAFECOPYTO introduced as new calls
. SYS_PRIV_SET_GRANTS code introduced as a code to set the address and
  size of the grant table in a process' own address space
. 'type' and 'direction' field of _ins* and _outs* I/O functions
  are merged into one by ORing _DIO_INPUT/_DIO_OUTPUT and _DIO_BYTE/_DIO_WORD
  etc. This allows for an additional parameter, _DIO_SAFE, which indicates
  the address in another address space isn't actually an address, but
  a grant id. Also needs an offset, for which fields had to be merged.
. SCP_* are field names for SYS_SAFECOPY* functions
. DIAGNOSTICS and GET_KMESS moved to their own range above DIAG_BASE,
  added DIAGNOSTICS_S which is a grant-based variant of DIAGNOSTICS
. removed obsolete BINCOMPAT and SRCCOMPAT options
. added GRANT_SEG type for use in vircopy - allows copying to a grant
  id (without offset)
. added _MINIX_IOCTL_* macros that decode information encoded by
  _IO* macros in ioctl codes, used to check which grants are necessary
  for an ioctl
. introduced the type endpoint_t for process endpoints, changed some
  prototypes and struct field types to match
. renamed protected to prot for g++
2006-06-20 08:38:15 +00:00
Ben Gras
6ef5aa4fb2 . flex back into the base system
. imports of Michael Temari's httpd and ftp
2006-06-19 14:58:20 +00:00
Ben Gras
aa5efff203 Initial revision 2006-06-19 14:55:09 +00:00
Ben Gras
ede3e5ab83 Al Woodhull's new manual pages 2006-06-19 14:51:41 +00:00
Philip Homburg
3edf4c2854 Prototype for readline. 2006-06-14 13:19:48 +00:00
Philip Homburg
a617a46e35 Retry read after EINTR. 2006-06-14 13:18:53 +00:00
Philip Homburg
221e731e45 Wake up writer when selecting for read on an empty pipe.
Set fp_revived to NOT_REVIVING when decrementing reviving.
2006-06-14 13:17:41 +00:00
Philip Homburg
474d137c39 Forgot include some Minix 3 specific changes. 2006-06-07 15:03:42 +00:00
Philip Homburg
cb02a90b77 Fixed some select bugs related to pipes. Removed SELFD_* because they were
bogus and unused.
2006-06-07 14:41:47 +00:00
Philip Homburg
373ea53510 A bigger ramdisk is needed for the new version of ash. 2006-06-07 14:39:50 +00:00
Philip Homburg
acebf7b52f Important BSD version of setenv, added killpg, replaced _sigsetjmp.c with
an assembler jump to longjmp.
2006-06-07 14:38:39 +00:00
Philip Homburg
3f297ffd9f Added killpg to signal.h, rearranged getloadavg, putenv, and setenv in
stdlib.h and added unsetenv, added declaration of optreset to unistd.h.
2006-06-07 14:36:35 +00:00
Philip Homburg
eaf9e4cff8 Make sure that line editing is disabled when the shell is not connected to a
tty.
2006-05-29 13:20:28 +00:00
Philip Homburg
43d9263589 Parsing of '-OT' and '-OS' failed in acd.descr. 2006-05-29 12:29:25 +00:00
Philip Homburg
5f19e53afb Install /usr/lib/descr from the source tree. 2006-05-29 12:25:44 +00:00
Philip Homburg
7aa4c9ec2f New version of ash. From FreeBSD 5.4 via Minix-vmd. 2006-05-23 12:59:34 +00:00
Philip Homburg
3ea083b8d4 Actually remove allocmem and freemem sources from the library. 2006-05-19 12:45:55 +00:00
Philip Homburg
e9aabcf2f8 Disabled building rescue driver (no longer needed). Moved allocmem from
library to the memory driver. Always put output from within TTY directly on
the console. Removed second include of driver.h from tty.c. Made tty_inrepcode
bigger. First step to move PM and FS calls that are not regular (API)
system calls out of callnr.h (renumbered them, and removed them from the
table.c files). Imported the Minix-vmd uname implementation. This provides
a more stable ABI than the current implementation. Added a bit of security
checking. Unfortunately not nearly enough to get a secure system. Fixed a
bug related to the sizes of the programs in the image (in PM patch_mem_chunks).
2006-05-19 12:19:37 +00:00
Philip Homburg
c3cf4ef460 Fixed off by one error in backoff code. Limit backoff to 1 second for
disk drivers.
2006-05-15 12:08:43 +00:00
Philip Homburg
c9ff3994f1 Unpause requests (to FS) can be generated in parallel to other requests. 2006-05-15 12:06:19 +00:00
Philip Homburg
f0186f4179 Do not unmap a driver when the driver dies (it interferes with restarting
disk drivers). Fixed accounting for REVIVING/reviving.
2006-05-15 11:43:06 +00:00
Philip Homburg
ae92cc208d The new service command managed to escape. 2006-05-11 15:30:56 +00:00