Commit graph

371 commits

Author SHA1 Message Date
Ben Gras
e900735ddd old reminder 2009-09-25 17:58:23 +00:00
Ben Gras
cd3e83f849 get_randomness restored. 2009-09-25 17:57:24 +00:00
Ben Gras
e64e75dbc5 also don't let user process change ss segment selector when returning from
signal.
2009-09-25 17:44:26 +00:00
Ben Gras
1d0854e6db pre-APPROVEd (thanks Arun) sanity check function. 2009-09-25 11:12:06 +00:00
Ben Gras
9e53925504 save a few lines of unnecessary output. 2009-09-23 13:27:21 +00:00
Tomas Hruby
dd0ea3aba0 NOT_REACHABLE() removed until ack will be taught to handle macros as a grownup
compiler
2009-09-23 07:25:04 +00:00
Tomas Hruby
7c10365f1b removed idt_reload()
- not part of klib386 yet
2009-09-23 07:20:57 +00:00
Tomas Hruby
48602fcfae NOT_REACHABLE macro
- marks code path that should be unreachable (never executed)

- if hit, panics and reports the problem

- the end of main() marked as such. The SMP changes need some magic with stack
  switching before the AP can be started as they need to run on the boot stack
  before figuring out what is their own stack. As main() uses the boot stack to,
  we need to switch to to the stack of BSP before executing the last part of
  main() which needs to be in a separate function so we can jump to it.
  Therefore restart() won't be the last call in main() which may be confusing.
  The macro can/should be used in other such places too.
2009-09-22 21:46:47 +00:00
Tomas Hruby
b900311656 endpoint_t in syslib
- headers use the endpoint_t in syslib.h and the implmentation was using int
  instead. Both uses endpoint_t now

- every variable named like proc, proc_nr or proc_nr_e of type endpoint_t has
  name proc_ep now

- endpoint_t defined as u32_t not int
2009-09-22 21:42:02 +00:00
Ben Gras
c2324398f4 sha1 unused now. 2009-09-21 20:32:53 +00:00
Ben Gras
cd8b915ed9 Primary goal for these changes is:
- no longer have kernel have its own page table that is loaded
    on every kernel entry (trap, interrupt, exception). the primary
    purpose is to reduce the number of required reloads.
Result:
  - kernel can only access memory of process that was running when
    kernel was entered
  - kernel must be mapped into every process page table, so traps to
    kernel keep working
Problem:
  - kernel must often access memory of arbitrary processes (e.g. send
    arbitrary processes messages); this can't happen directly any more;
    usually because that process' page table isn't loaded at all, sometimes
    because that memory isn't mapped in at all, sometimes because it isn't
    mapped in read-write.
So:
  - kernel must be able to map in memory of any process, in its own
    address space.
Implementation:
  - VM and kernel share a range of memory in which addresses of
    all page tables of all processes are available. This has two purposes:
      . Kernel has to know what data to copy in order to map in a range
      . Kernel has to know where to write the data in order to map it in
    That last point is because kernel has to write in the currently loaded
    page table.
  - Processes and kernel are separated through segments; kernel segments
    haven't changed.
  - The kernel keeps the process whose page table is currently loaded
    in 'ptproc.'
  - If it wants to map in a range of memory, it writes the value of the
    page directory entry for that range into the page directory entry
    in the currently loaded map. There is a slot reserved for such
    purposes. The kernel can then access this memory directly.
  - In order to do this, its segment has been increased (and the
    segments of processes start where it ends).
  - In the pagefault handler, detect if the kernel is doing
    'trappable' memory access (i.e. a pagefault isn't a fatal
     error) and if so,
       - set the saved instruction pointer to phys_copy_fault,
	 breaking out of phys_copy
       - set the saved eax register to the address of the page
	 fault, both for sanity checking and for checking in
	 which of the two ranges that phys_copy was called
	 with the fault occured
  - Some boot-time processes do not have their own page table,
    and are mapped in with the kernel, and separated with
    segments. The kernel detects this using HASPT. If such a
    process has to be scheduled, any page table will work and
    no page table switch is done.

Major changes in kernel are
  - When accessing user processes memory, kernel no longer
    explicitly checks before it does so if that memory is OK.
    It simply makes the mapping (if necessary), tries to do the
    operation, and traps the pagefault if that memory isn't present;
    if that happens, the copy function returns EFAULT.
    So all of the CHECKRANGE_OR_SUSPEND macros are gone.
  - Kernel no longer has to copy/read and parse page tables.
  - A message copying optimisation: when messages are copied, and
    the recipient isn't mapped in, they are copied into a buffer
    in the kernel. This is done in QueueMess. The next time
    the recipient is scheduled, this message is copied into
    its memory. This happens in schedcheck().
    This eliminates the mapping/copying step for messages, and makes
    it easier to deliver messages. This eliminates soft_notify.
  - Kernel no longer creates a page table at all, so the vm_setbuf
    and pagetable writing in memory.c is gone.

Minor changes in kernel are
  - ipc_stats thrown out, wasn't used
  - misc flags all renamed to MF_*
  - NOREC_* macros to enter and leave functions that should not
    be called recursively; just sanity checks really
  - code to fully decode segment selectors and descriptors
    to print on exceptions
  - lots of vmassert()s added, only executed if DEBUG_VMASSERT is 1
2009-09-21 14:31:52 +00:00
Ben Gras
f5b04e1881 minor change to panic code 2009-09-21 14:28:16 +00:00
David van Moolenbroek
f2def7d360 Kernel: correct a few SYSTEM source documentation comments 2009-09-17 20:51:34 +00:00
Tomas Hruby
db56801ddc Some clean up of the segment selectors macros
- [ABCD]_INDEX are not used anywhere

- value of *_SELECTOR is now calculated using the *_INDEX value so changing the
  index does not break the selector

- TSS is now the last of the global selectors. There will be TSS per CPU on SMP
  and the number will vary depending on the maximal supported number of CPUs
  configured
2009-09-15 10:01:06 +00:00
Tomas Hruby
71077d1228 iskernelp() and isuserp() test pointers
- we may test even not fully initialized entries, e.g. during boot
  crash

- is we know the process number we should use iskerneln
  and isusern
2009-09-15 09:58:46 +00:00
Tomas Hruby
78793f4f38 pproc_addr unused and removed 2009-09-15 09:57:54 +00:00
Tomas Hruby
4fd433694f proc_addr() returns address based on location in proc array
- pproc_addr is not neccessary to get the address of a process if we know its
  number

- local proc variables in system calls implementation (sys_task) conflicts with
  the global proc array of all process, therefore the variable were renamed to
  proc_nr as they hold the process number
2009-09-15 09:57:22 +00:00
David van Moolenbroek
e538509508 Kernel: remove unused CHECK_DEADLOCK definition 2009-09-07 20:23:31 +00:00
David van Moolenbroek
9c19233879 Kernel: do_[sv]devio.c header corrections 2009-09-06 15:54:15 +00:00
David van Moolenbroek
979bcfc195 - sys_privctl: don't mix message types
- sys_privctl: remove CTL_MM_PRIV (third parameter)
- remove obsolete sys_svrctl.c library file
2009-09-06 12:37:13 +00:00
Tomas Hruby
2e293ce7c0 system_init() renamed to arch_init()
- a better name for architecture specific init function

- some of x86 init code must execute in protected mode

- prot_init() removed from this function and still called in cstart() Imho this
  should be called from the architecture specific assembly not cstart. cstart
  perform Minix monitor specific tasks and will be touched once another
  bootloader is in use, e.g. booting via tftp, therefore we keep it as is for
  now.

- this is a backport from the SMP code which requires this. Merging will be simpler
2009-08-30 14:55:30 +00:00
Tomas Hruby
b1aaee6dcc Printing the trap info even if kernel crashes is handy. 2009-08-29 19:38:11 +00:00
Tomas Hruby
50473107c2 saved_proc in exception() may be NULL
If an exception happens in kernel while the kernel is booting and no processes
are running yet, saved_proc == NULL and priting any process related information
results in dumping rubish.

This check is mostly useful when debugging kernel stuff. Should _never_ happen
on a production kernel.
2009-08-29 19:26:46 +00:00
Tomas Hruby
4903a734b8 IDT is initialized in idt_init() not in prot_init()
This is a backport form the SMP branch. Not required here, it only makes life
for SMP easier. And future merging too.

- filling the IDT is removed from prot_init()

- struct gate_table_s is a public type

- gate_table_pic is a global array as it is used by APIC code too

- idt_copy_vectors() is also global and used by idt_init() as well as
  apic_idt_init()

- idt_init() is called right after prot_init() in system_init()
2009-08-28 15:55:30 +00:00
David van Moolenbroek
323f0abdd6 Support for setitimer(ITIMER_VIRTUAL/ITIMER_PROF). New test (41) for setitimer. 2009-08-15 21:37:26 +00:00
David van Moolenbroek
5e173f55f5 Remove leftover PowerPC cruft. Reported by Evgeniy Ivanov. 2009-07-07 18:55:11 +00:00
David van Moolenbroek
b8b8f537bd IPC privileges fixes
Kernel:
o Remove s_ipc_sendrec, instead using s_ipc_to for all send primitives
o Centralize s_ipc_to bit manipulation,
  - disallowing assignment of bits pointing to unused priv structs;
  - preventing send-to-self by not setting bit for own priv struct;
  - preserving send mask matrix symmetry in all cases
o Add IPC send mask checks to SENDA, which were missing entirely somehow
o Slightly improve IPC stats accounting for SENDA
o Remove SYSTEM from user processes' send mask
o Half-fix the dependency between boot image order and process numbers,
  - correcting the table order of the boot processes;
  - documenting the order requirement needed for proper send masks;
  - warning at boot time if the order is violated

RS:
o Add support in /etc/drivers.conf for servers that talk to user processes,
  - disallowing IPC to user processes if no "ipc" field is present
  - adding a special "USER" label to explicitly allow IPC to user processes
o Always apply IPC masks when specified; remove -i flag from service(8)
o Use kernel send mask symmetry to delay adding IPC permissions for labels
  that do not exist yet, adding them to that label's process upon creation
o Add VM to ipc permissions list for rtl8139 and fxp in drivers.conf

Left to future fixes:
o Removal of the table order vs process numbers dependency altogether,
  possibly using per-process send list structures as used for SYSTEM calls
o Proper assignment of send masks to boot processes;
  some of the assigned (~0) masks are much wider than necessary
o Proper assignment of IPC send masks for many more servers in drivers.conf
o Removal of the debugging warning about the now legitimate case where RS's
  add_forward_ipc cannot find the IPC destination's label yet
2009-07-02 16:25:31 +00:00
Ben Gras
bdab3c4cfb Library call for cpu features; make kernel and vm use this to query cpu
features (specifically: 4MB pages and TLB global bit).  Only enable
these features in CR4 if available. 4MB pages to be used in the near
future.
2009-05-15 17:07:36 +00:00
Arun Thomas
db4faccbf9 -Installation info is on the wiki now, so remove setup guides and update
README.
-Remove obsolete FAT partitioning utility.
-Update startup banner.
2009-05-14 15:54:02 +00:00
David van Moolenbroek
c2aef85eda Clear trace bit for child on fork.
Without this, a forking single-stepped process will have its child
die from a TRAP signal right away.
2009-05-13 21:58:10 +00:00
Ben Gras
e3ca89c0be more sanity checking. sanity checking disabled by default.
give every process a full pagetable by default now.

first step to disabling kernel page table code (processes
might not have page tables -> no address translation).
2009-05-12 11:35:01 +00:00
David van Moolenbroek
4af032bbfe Kernel interrupt hook management fixes:
- properly assign unique hook IDs
- after hook removal, remove hook-specific interrupt disable flag
2009-05-07 14:52:07 +00:00
Ben Gras
bb23344283 spurious debug 2009-04-27 16:11:38 +00:00
Ben Gras
ef8a741301 set global flag for kernel pages, so tlb entries for kernel aren't thrown
away on cr3 reload. minor optimization.
2009-04-23 15:11:16 +00:00
Ben Gras
e0f3a5acf1 - enable ipc warnings by default
- ipc checking code in kernel didn't properly catch the
   sendrec() to self case; added special case check
 - triggered by PM using stock panic() - needs its own _exit()

reported by Joren l'Ami.
2009-04-17 13:46:37 +00:00
Ben Gras
9647fbc94e moved type and constants for random data to include file;
added consistency check in random; added source of randomness
internal to random using timing; only retrieve random bins that are full.
2009-04-02 15:24:44 +00:00
Ben Gras
b560a36b20 trace fix contributed by Joren l'Ami 2009-04-02 11:38:23 +00:00
Ben Gras
6ac0338584 Don't declare the cprof buf if CPROFILE isn't on. 2009-02-06 16:31:28 +00:00
Ben Gras
6e86e6706d fix compiler warning; missing memory range check 2009-02-05 13:00:03 +00:00
Ben Gras
113932905f disable interrupts if necessary in kernel debug code to dump all process
stacks.
2009-01-29 15:13:54 +00:00
Ben Gras
c628f24bc2 moved stacktrace to sysctl, as vmctl is very privileged so can't
be used outside VM. IS code cleanup. added stacktrace feature to IS.
2009-01-27 12:54:33 +00:00
Ben Gras
3cc092ff06 . new kernel call sysctl for generic unprivileged system operations;
now used for printing diagnostic messages through the kernel message
   buffer. this lets processes print diagnostics without sending messages
   to tty and log directly, simplifying the message protocol a lot and
   reducing difficulties with deadlocks and other situations in which
   diagnostics are blackholed (e.g. grants don't work). this makes
   DIAGNOSTICS(_S), ASYN_DIAGNOSTICS and DIAG_REPL obsolete, although tty
   and log still accept the codes for 'old' binaries. This also simplifies
   diagnostics in several servers and drivers - only tty needs its own
   kputc() now.
 . simplifications in vfs, and some effort to get the vnode references
   right (consistent) even during shutdown. m_mounted_on is now NULL
   for root filesystems (!) (the original and new root), a less awkward
   special case than 'm_mounted_on == m_root_node'. root now has exactly
   one reference, to root, if no files are open, just like all other
   filesystems. m_driver_e is unused.
2009-01-26 17:43:59 +00:00
Ben Gras
b784e88026 prototype 2009-01-22 17:09:45 +00:00
Ben Gras
0f41416100 minor cleanup, extra check 2009-01-20 15:47:00 +00:00
Ben Gras
ef2867de41 don't print if we're already printing to serial. 2009-01-14 08:54:17 +00:00
Ben Gras
b4934f0e12 debug twiddle. 2009-01-14 08:52:50 +00:00
Ben Gras
3ca00a926c don't produce kernel output if serial debug is on. 2009-01-11 23:47:03 +00:00
Ben Gras
d5f978411e use #include name for servarname 2009-01-11 23:45:29 +00:00
Ben Gras
cd54beeb30 cprofile not conditional 2009-01-09 21:45:27 +00:00
Ben Gras
c27008fbcc cprofile not conditional 2009-01-09 21:44:52 +00:00
Ben Gras
22d9444773 don't always time that 2009-01-09 20:58:35 +00:00
Ben Gras
7740d0379c no longer in kernel 2009-01-09 16:35:25 +00:00
Ben Gras
128a0508c0 timing measurement code out of kernel and into library
(so other components can use it too)
2009-01-09 16:15:15 +00:00
Ben Gras
23a158b361 don't check senda() buffer if size is 0. 2008-12-21 03:46:42 +00:00
Ben Gras
203eb54a4c make space for first code and data pages if so configured. 2008-12-19 15:46:29 +00:00
Ben Gras
b740ff055f if serial output is enabled in the boot monitor, on the first serial line,
enable serial debug output in the kernel too.
2008-12-19 13:21:42 +00:00
Ben Gras
f0000078c3 make kernel leave a page-sized gap in its code and data to not be
mapped in if so configured.
2008-12-18 14:30:55 +00:00
Ben Gras
5db1a042c2 stacktrace feature. 2008-12-11 15:33:43 +00:00
Ben Gras
9d096e014b . print kernel stacktrace unconditionally on panic
. provide a panic() in the kernel for if a library function wants to panic
2008-12-11 14:23:58 +00:00
Ben Gras
b61687fb1b . VM needs a higher priority than VFS, PM etc
. introduce FULLVM flag: MEMORY and the initial MFS
   get their own full address spaces, making their stacks
   and heaps not preallocated (well, freed after VM has
   initialized it) and letting them allocate more dynamically.
   MEMORY in particular needs this to map in physical memory
   using its own page table, without having to allocate.
2008-12-11 14:21:47 +00:00
Ben Gras
034b5c6042 PM_PROC_NR shouldn't be hardcoded as the caller. 2008-12-11 14:18:51 +00:00
Ben Gras
66b161238d function to increase process stack (pointer). used by VM to set up large,
sparse, non-preallocated heap and stack.
2008-12-11 14:17:45 +00:00
Ben Gras
e911d44a5c system image processes with full address space are allowed to have pagefaults. 2008-12-11 14:16:40 +00:00
Ben Gras
c4fb567bd5 . replace HZ by runtime system_hz (sysenv variable 'hz')
. new flag PROC_FULLVM in table indicating process wants full address
   space (this is then created and managed by VM)
2008-12-11 14:15:23 +00:00
Ben Gras
afef5e0711 . some flags to <minix/const.h>
. add system_hz for runtime HZ value
2008-12-11 14:12:52 +00:00
Ben Gras
a74132ec69 fix race condition that can trigger 'enqueue already ready process' panic. 2008-12-11 13:42:37 +00:00
Ben Gras
51fdce1d36 minor fixes 2008-11-19 14:10:33 +00:00
Ben Gras
c078ec0331 Basic VM and other minor improvements.
Not complete, probably not fully debugged or optimized.
2008-11-19 12:26:10 +00:00
Philip Homburg
a508e0a03c _function, function -> call_nr 2008-02-25 14:35:11 +00:00
Philip Homburg
73ea967b6c Keep track of error statistics, rate limit debug output, added SYS_MAPDMA. 2008-02-22 12:38:22 +00:00
Philip Homburg
992edfd558 Keep track of various statistics related to IPC and SYSTEM. 2008-02-22 12:36:46 +00:00
Philip Homburg
5996d1de58 Added do_mapdma. 2008-02-22 12:25:59 +00:00
Philip Homburg
f6872f8323 Added ipc_stats_target. 2008-02-22 12:25:44 +00:00
Philip Homburg
4a86b1fea5 Changes to debug output, mostly rate limiting. 2008-02-22 11:00:06 +00:00
Philip Homburg
3c2e122d6d Disabled code to set ipc_stats_target. 2008-02-22 10:58:27 +00:00
Philip Homburg
2679321ba0 Added do_mapdma. 2008-02-22 10:51:37 +00:00
Philip Homburg
594035f13c More verbose (optional) debug output for exceptions. 2008-02-22 10:43:18 +00:00
Philip Homburg
f5389ecf19 Code to dump IPC statistics over a serial line. (Disabled) code to disable the
FPU.
2008-02-22 10:40:38 +00:00
Philip Homburg
6ef2e9b866 Added global variable boottime, prototype for do_stime, and table entry for
SYS_STIME.
2007-08-07 12:21:40 +00:00
Philip Homburg
fab77fd01f Added do_stime.c, return boot time in do_times.c 2007-08-07 12:20:31 +00:00
Philip Homburg
4f787035ea Removed check for grants that wrap. 2007-08-07 12:19:45 +00:00
Ben Gras
b00f287449 Restore user-owned bits from PSW after a signal handler, instead of
copying complete PSW after signal handler.

This fixes a psw corruption bug reported by Jens de Smit <jst260@few.vu.nl>.
2007-05-08 15:43:00 +00:00
Philip Homburg
cab8f526de Fixed some lose ends in the serial line debug dump code. 2007-04-23 15:59:16 +00:00
Philip Homburg
13da935060 Debug dumps over the serial line. Direct output to video memory. 2007-04-23 14:25:17 +00:00
Philip Homburg
c59b23859e Clean and support for asynchronous sends. 2007-04-23 14:24:30 +00:00
Philip Homburg
47233bdf30 Fixed bad boundary condition, support for asynchronous I/O. 2007-04-23 14:23:37 +00:00
Philip Homburg
c7a7c0cb17 Removed some white space. 2007-04-23 13:58:37 +00:00
Philip Homburg
94bc849574 Poll serial line for debug output requests when do_serial_debug is true. 2007-04-23 13:56:27 +00:00
Philip Homburg
8937b6a8de Initialize s_ipc_sendrec. 2007-04-23 13:46:54 +00:00
Philip Homburg
da4bb9144d Removed ECHO. 2007-04-23 13:46:26 +00:00
Philip Homburg
f41429d815 Cleanup. 2007-04-23 13:44:56 +00:00
Philip Homburg
cb3e271b24 Fields for asynchronous sends (s_asyntab and s_asynsize) and for allowed
sendrecs (s_ipc_sendrec).
2007-04-23 13:37:30 +00:00
Philip Homburg
6554f3d3dc Added MF_ASYNMSG. 2007-04-23 13:36:38 +00:00
Philip Homburg
8eb27a714e More debug output. Dump kernel process on serial line. Directly put
text in video memory.
2007-04-23 13:36:11 +00:00
Philip Homburg
c082f607df Disallow unaligned access to I/O ports. 2007-04-23 13:31:45 +00:00
Philip Homburg
d2cec7db49 Disallow unaligned access to I/O ports. 2007-04-23 13:31:16 +00:00
Philip Homburg
7541e0753b Separate permissions for sendrec. Actually initialize send/sendrec permissions
for data supplied by rs.
2007-04-23 13:30:04 +00:00
Philip Homburg
d80e25068c GET_PRIVID: return the ID of a process' privilege structure. 2007-04-23 13:28:14 +00:00
Philip Homburg
2b2d3d5131 Fail unsafe sdevio. Disallow unaligned I/O ports. 2007-04-23 13:22:26 +00:00
Philip Homburg
bc17115a34 Prototypes for exception and stacktrace. Declare additional arguments
for exception to be able to print nexted exceptions.
2007-04-23 13:19:25 +00:00