implementation functions.
Changed check in system.c to check compile-time-sized bitmap of
kernel calls.
Added SYS_SAFECOPYFROM and SYS_SAFECOPYTO, both mapping to
do_safecopy (that's what sys_call_code is used for).
any number of kernel calls.
Allowed kernel calls are stored in table.c for every image process as a
variably-sized array of allowed calls. This is used to fill the bitmap
of size determined at compile time by the number of kernel calls. This
filling is done by main.c. There is a special call called SYS_ALL_CALLS
which fills the bitmap of allowed calls completely, if that is the only
entry in the array.
instead of keeping a running total of enqueued processes
(because somehow the load average was broken)
. added SI_KPROC_TAB to get a copy of kernel process table from PM, for
a top implementation
. fixed arg to sys_nice() to make it an endpoint, not a slot number
instance numbers, encoded and decoded using macros in <minix/endpoint.h>.
proc number -> endpoint migration
. proc_nr in the interrupt hook is now an endpoint, proc_nr_e.
. m_source for messages and notifies is now an endpoint, instead of
proc number.
. isokendpt() converts an endpoint to a process number, returns
success (but fails if the process number is out of range, the
process slot is not a living process, or the given endpoint
number does not match the endpoint number in the process slot,
indicating an old process).
. okendpt() is the same as isokendpt(), but panic()s if the conversion
fails. This is mainly used for decoding message.m_source endpoints,
and other endpoint numbers in kernel data structures, which should
always be correct.
. if DEBUG_ENABLE_IPC_WARNINGS is enabled, isokendpt() and okendpt()
get passed the __FILE__ and __LINE__ of the calling lines, and
print messages about what is wrong with the endpoint number
(out of range proc, empty proc, or inconsistent endpoint number),
with the caller, making finding where the conversion failed easy
without having to include code for every call to print where things
went wrong. Sometimes this is harmless (wrong arg to a kernel call),
sometimes it's a fatal internal inconsistency (bogus m_source).
. some process table fields have been appended an _e to indicate it's
become and endpoint.
. process endpoint is stored in p_endpoint, without generation number.
it turns out the kernel never needs the generation number, except
when fork()ing, so it's decoded then.
. kernel calls all take endpoints as arguments, not proc numbers.
the one exception is sys_fork(), which needs to know in which slot
to put the child.
via cause_sig() during an exception.
moved lock check configuration to <minix/sys_config.h> instead of
kernel/config.h, because the 'relocking' field in kinfo depends on it.
other prettification: common locking macro, whether lock timing is on or
not.
OUTPUT_PROCS_ARRAY in <minix/config.h>, in that order, terminated by NONE.
log no longer forwards messages to tty itself. This leads to less funny
loops and more robust debug-message handling. Also the list of
processes receiving messages can easily be changed around or disabled by
editing the array (e.g. disable it by changing the array to { NONE }.).
. motd update (ast)
. made /usr/local/man/man* and made them bin-owned (mtree)
(to let bin install there)
. made copyright notice in kernel 1987-2006 (ast)
. added chown -R bin /usr/src so that bin can compile everything
. Also allow receive() to be done from kernel processes, not just
sendrec(). This is because receive()s can't harm the kernel processes,
but are done from the CLOCK task (without sendrec()).
enforced. If a call is denied, this will be kprinted. Please report any such
errors, so that I can adjust the mask before returning errors instead of
warnings.
Wrote CMOS driver. All CMOS code from FS has been removed. Currently the
driver only supports get time calls. Set time is left out as an exercise
for the book readers ... startup scripts were updated because the CMOS driver
is needed early on. (IS got same treatment.) Don't forget to run MAKEDEV cmos
in /dev/, otherwise the driver cannot be loaded.
The user needs to set label=... to choose the driver of his or her choice.
This driver will be mapped onto the controller that is set in controller=...
Minor cleanup of kernel source code (boot image table now is static).
This was caused by a change in the shared driver code. Not log's fault.
Renamed #definitions of driver process numbers, e.g., TTY now is TTY_PROC_NR.
All known (special) processes now have consistent naming scheme. Kernel tasks
don't follow this scheme.
to provide an index (0 .. 31) that is passed in the HARD_INT message when an
interrupt occurs. The NOTIFY_ARG field contains a bitmap with all indexes for
which an interrupt occured.
TTY: select and revive with new notify and FS call back;
kernel: removed old notify code; removed ugly prepare_shutdown timer
kputc: don't send to FS if PRINTF_PROC fails
- reinstalled priority changing, now in sched() and unready()
- reinstalled check on message buffer in sys_call()
- reinstalled check in send masks in sys_call()
- changed do_fork() to get new privilege structure for SYS_PROCs
- removed some processes from boot image---will be dynamically started later
sys_privctl() call to dynamically start servers and drivers.
- Shutdown sequence slightly adjusted: called as watchdog timer to let the
busy sys_abort() call from the PM return first.
- Changed umap_bios() to have more restrictive check: BIOS memory is now
allowed in BIOS_MEM_BEGIN to END (interrupt vectors) and BASE_MEM_TOP
to UPPER_MEM_END. Hopefully this keeps QEMU and Bochs happy.
- fixed bug that caused IDLE to panic (irq hook inconsistency);
- kprintf() now accepts multiple arguments; moved to utility.c;
- prepare_shutdown() signals system processes with SIGKSTOP;
- phys_fill() renamed to phys_memset(), argument order changed;
- kmemset() removed in favor of phys_kmemset();
- kstrncpy() removed in favor of phys_copy();
- katoi, kstrncmp replaced by normal library procedure again;
- rm_irq_handler() interface changed (simply pass hook pointer);
that passes signal map along. This mechanisms is also used for nonuser signals
like SIGKMESS, SIGKSTOP, SIGKSIG.
Revised comments of many system call handlers. Renamed setpriority to nice.
New configuration header file to include/ exclude functionality.
Extracted privileged features from struct proc and create new struct priv.
Renamed various system calls for readability.
copied into was the same size as the source string - it will keep on
filling with zeroes forever. This was a signed/unsigned bug, fixed by
making the kstrncpy argument ssize_t instead of size_t. This bug was
triggered by Chris Young <teddga@earthlink.net>, by dazzling coincedence -
changing OS_VERSION into something with one more character (exactly the
same size as the buffer in the kinfo struct).
Also noticed that the kstrncpy() call didn't null-terminate the strings
if necessary, also fixed.
and the new log driver if enabled.
new usyslogd is started from /usr/etc/rc. New device created by
MAKEDEV.sh. /var/log created by etc/mtree/minix.tree (on root for
now). Made select() slightly more generic, with less code duplication.
Not a really good solution (as it might not catch situations in which this
is caused by another bug), but the forrest of checks necessary might be worse
than this quick fix - because when looking for the cause, I found some other
cases in which the PM would panic as well. See info in bug 2 for details.
Another fix is to delay notification of PM by SYSTASK of signals delivered
internally until after the reply (e.g. of exec()), because the reply would
be messed up otherwise (receiving the notify instead of reply). This caused
SIGTRAP not to be delivered properly with traced processes.
- current and maximum priority per process;
- quantum size and current ticks left per process;
- max number of full quantums in a row allow
(otherwise current priority is decremented)
Removed stop sequence when MINIX is shut down.
Disabled send mask checks --- to be replaced by proper mechanism.
Fixed bug relating to 'shutdown -x'.
Simplified clock accounting of realtime.
Updated Makefiles for mkdept script.
long. This is used to check for interrupts being disabled at the time
of a lock() call, if enabled in config.h. The number of times this
happens is then counted in the kinfo structure. These events (recursive
lockings) lead to nasty race conditions.
The TTY driver now only notifies the IS server about function key event,
but does not tell which keys are pressed. The IS servers queries the TTY
driver to find out about this.
caused interrupts to be reenabled (due to unlock), which caused a race. The
problems were especially visible on slower machines.
* Relocated free memory parsing to process manager. This saved quite some
code at the kernel level. Text size was reduced by about 650 bytes.
* Removed locks for updating the realtime in the clock's main loop and the
get_uptime function. Interrupts are no longer reentrant, so realtime is
immediately updated.
Reduced kernel size by 512KB by moving private buffer into cstart() function.
Replaced assertions with erroneous return values. Removed assertions relating
to isuserp(rp), since all processes should become user processes; system
processes are now treated similar to other processes.
* Removed some variants of the SYS_GETINFO calls from the kernel;
replaced them with new PM and utils libary functionality. Fixed
bugs in utils library that used old get_kenv() variant.
* Implemented a buffer in the kernel to gather random data.
Memory driver periodically checks this for /dev/random.
A better random algorithm can now be implemented in the driver.
Removed SYS_RANDOM; the SYS_GETINFO call is used instead.
* Remove SYS_KMALLOC from the kernel. Memory allocation can now
be done at the process manager with new 'other' library functions.
when lock timing is enabled in minix/config.h.
Added phys_zero() routine to klib386.s that zeroes a range of memory, and
added corresponding system call.
This allowed removing the p_flagarlm timer from the kernel's process table.
Furthermore, I merged p_syncalrm and p_signalrm into p_alarm_timer to save
even more space. Note that processes can no longer have both a signal and
synchronous alarm timer outstanding as of now.
size wraparound), one to see if the size fits in the designated segment.
It seems this check wasn't done. This came to light when trying to pre-check
the users buffer for read() and write() in using the vectored virtual
copy system call in servers/fs/read.c.
and type) are overwritten with newer flags/ arguments. The interface from
within the kernel is lock_notify(). User processes can make a system call with
notify(). NOTIFY fully replaces the old notification mechanism.
The call works. Permission check, restriction of outstanding notifications
to be added. Low level code to make it work from within interrupt handlers
will be added as well.
list of handlers, callable by irqctl system call
. workaround for hanging keyboard bug after shutdown.. if key is pressed
during or after shutdown procedure, keyboard stops working. It looks like
irq 1 gets stuck high if no keyboard reading is done (e.g. because the
irq is masked or tty driver has exited). Workaround is to leave irqs
enabled until the last second, and call shutdown() immediately after the
last driver has stopped (tty task). This way the chance of an unserviced
interrupt occuring is negligible.