Commit graph

76 commits

Author SHA1 Message Date
Ben Gras
565f13088f make vfs & filesystems use failable copying
Change the kernel to add features to vircopy and safecopies so that
transparent copy fixing won't happen to avoid deadlocks, and such copies
fail with EFAULT.

Transparently making copying work from filesystems (as normally done by
the kernel & VM when copying fails because of missing/readonly memory)
is problematic as it can happen that, for file-mapped ranges, that that
same filesystem that is blocked on the copy request is needed to satisfy
the memory range, leading to deadlock. Dito for VFS itself, if done with
a blocking call.

This change makes the copying done from a filesystem fail in such cases
with EFAULT by VFS adding the CPF_TRY flag to the grants. If a FS call
fails with EFAULT, VFS will then request the range to be made available
to VM after the FS is unblocked, allowing it to be used to satisfy the
range if need be in another VFS thread.

Similarly, for datacopies that VFS itself does, it uses the failable
vircopy variant and callers use a wrapper that talk to VM if necessary
to get the copy to work.

	. kernel: add CPF_TRY flag to safecopies
	. kernel: only request writable ranges to VM for the
	  target buffer when copying fails
	. do copying in VFS TRY-first
	. some fixes in VM to build SANITYCHECK mode
	. add regression test for the cases where
	  - a FS system call needs memory mapped in a process that the
	    FS itself must map.
	  - such a range covers more than one file-mapped region.
	. add 'try' mode to vircopy, physcopy
	. add flags field to copy kernel call messages
	. if CP_FLAG_TRY is set, do not transparently try
	  to fix memory ranges
	. for use by VFS when accessing user buffers to avoid
	  deadlock
	. remove some obsolete backwards compatability assignments
        . VFS: let thread scheduling work for VM requests too
          Allows VFS to make calls to VM while suspending and resuming
          the currently running thread. Does currently not work for the
          main thread.
        . VM: add fix memory range call for use by VFS

Change-Id: I295794269cea51a3163519a9cfe5901301d90b32
2014-07-28 17:05:14 +02:00
Lionel Sambuc
c3fc9df84a Adding ipc_ prefix to ipc primitives
* Also change _orig to _intr for clarity
 * Cleaned up {IPC,KER}VEC
 * Renamed _minix_kernel_info_struct to get_minix_kerninfo
 * Merged _senda.S into _ipc.S
 * Moved into separate files get_minix_kerninfo and _do_kernel_call
 * Adapted do_kernel_call to follow same _ convention as ipc functions
 * Drop patches in libc/net/send.c and libc/include/namespace.h

Change-Id: If4ea21ecb65435170d7d87de6c826328e84c18d0
2014-03-01 09:05:01 +01:00
David van Moolenbroek
6b3f4dc157 Input infrastructure, INPUT server, PCKBD driver
This commit separates the low-level keyboard driver from TTY, putting
it in a separate driver (PCKBD). The commit also separates management
of raw input devices from TTY, and puts it in a separate server
(INPUT). All keyboard and mouse input from hardware is sent by drivers
to the INPUT server, which either sends it to a process that has
opened a raw input device, or otherwise forwards it to TTY for
standard processing.

Design by Dirk Vogt. Prototype by Uli Kastlunger.

Additional changes made to the prototype:

- the event communication is now based on USB HID codes; all input
  drivers have to use USB codes to describe events;
- all TTY keymaps have been converted to USB format, with the effect
  that a single keymap covers all keys; there is no (static) escaped
  keymap anymore;
- further keymap tweaks now allow remapping of literally all keys;
- input device renumbering and protocol rewrite;
- INPUT server rewrite, with added support for cancel and select;
- PCKBD reimplementation, including PC/AT-to-USB translation;
- support for manipulating keyboard LEDs has been added;
- keyboard and mouse multiplexer devices have been added to INPUT,
  primarily so that an X server need only open two devices;
- a new "libinputdriver" library abstracts away protocol details from
  input drivers, and should be used by all future input drivers;
- both INPUT and PCKBD can be restarted;
- TTY is now scheduled by KERNEL, so that it won't be punished for
  running a lot; without this, simply running "yes" on the console
  kills the system;
- the KIOCBELL IOCTL has been moved to /dev/console;
- support for the SCANCODES termios setting has been removed;
- obsolete keymap compression has been removed;
- the obsolete Olivetti M24 keymap has been removed.

Change-Id: I3a672fb8c4fd566734e4b46d3994b4b7fc96d578
2014-03-01 09:04:55 +01:00
David van Moolenbroek
b48542d914 VM: readd support for forgetting cached FS blocks
Not all services involved in block I/O go through VM to access the
blocks they need.  As a result, the blocks in VM may become stale,
possibly causing corruption when the stale copy is restored by a
service that does go through VM later on.  This patch restores support
for forgetting cached blocks that belong to a particular device, and
makes the relevant file systems use this functionality 1) when
requested by VFS through REQ_FLUSH, and 2) upon unmount.

Change-Id: I0758c5ed8fe4b5ba81d432595d2113175776aff8
2014-03-01 09:04:53 +01:00
Lionel Sambuc
cfd3379bb1 Removing CSU patches
* Removed startup code patches in lib/csu regarding kernel to userland
   ABI.

 * Aligned stack layout on NetBSD stack layout.

 * Generate valid stack pointers instead of offsets by taking into account
   _minix_kerninfo->kinfo->user_sp.

 * Refactored stack generation, by moving part of execve in two
   functions {minix_stack_params(), minix_stack_fill()} and using them
   in execve(), rs and vm.

 * Changed load offset of rtld (ld.so) to:
      execi.args.stack_high - execi.args.stack_size - 0xa00000
   which is 10MB below the main executable stack.

Change-Id: I839daf3de43321cded44105634102d419cb36cec
2014-02-18 11:25:02 +01:00
Thomas Veerman
c1a31d53d9 stat.h: remove some big_ types
Change-Id: I84017db3d54edfb823cc52e02d0b07fccb003988
2014-02-18 11:25:01 +01:00
Ben Gras
b5951f9663 vm: enable filemap=1 by default
. turns on mmap() functionality for files by default
	. also causes exec() to use it to map in executables
	  without copying and with sharing those pages with the
	  disk cache and other instances of the executable

Change-Id: Idb94dfe110eed916cf83b12c45e1a77241a2cee5
2013-09-13 12:56:41 +00:00
Ben Gras
b538531449 vm: make WARNS=5 proof
Change-Id: I737ded223daf04f1c0c85a2e8e6b36c8fdcd07db
2013-09-06 11:51:20 +02:00
David van Moolenbroek
78d707cd26 VM: support for shared call mask ACLs
The VM server now manages its call masks such that all user processes
share the same call mask. As a result, an update for the call mask of
any user process will apply to all user processes. This is similar to
the privilege infrastructure employed by the kernel, and may serve as
a template for similar fine-grained restrictions in other servers.

Concretely, this patch fixes the problem of "service edit init" not
applying the given VM call mask to user processes started from RC
scripts during system startup.

In addition, this patch makes RS set a proper VM call mask for each
recovery script it spawns.

Change-Id: I520a30d85a0d3f3502d2b158293a2258825358cf
2013-08-08 23:22:58 +02:00
Antoine Leca
cfc36e5fd3 Drop obsolete <minix/compiler.h> and <minix/crtso.h>
Change-Id: I05da32bd2bdf014b6fd5c39d6e808d3c73812dc0
2013-08-07 16:28:39 +00:00
Xiaoguang Sun
64f10ee644 Implement getrusage
Implement getrusage.
These fields of struct rusage are not supported and always set to zero at this time
long ru_nswap;           /* swaps */
long ru_inblock;         /* block input operations */
long ru_oublock;         /* block output operations */
long ru_msgsnd;          /* messages sent */
long ru_msgrcv;          /* messages received */
long ru_nvcsw;           /* voluntary context switches */
long ru_nivcsw;          /* involuntary context switches */

test75.c is the unit test for this new function

Change-Id: I3f1eb69de1fce90d087d76773b09021fc6106539
2013-07-01 23:00:47 +02:00
Ben Gras
49b9165251 vm: mmap support
. test74 for mmap functionality
	. vm: add a mem_file memory type that specifies an mmap()ped
	  memory range, backed by a file
	. add fdref, an object that keeps track of FD references within
	  VM per process and so knows how to de-duplicate the use of FD's
	  by various mmap()ped ranges; there can be many more than there can
	  be FD's
	. turned off for now, enable with 'filemap=1' as boot option

Change-Id: I640b1126cdaa522a0560301cf6732b7661555672
2013-05-31 15:42:01 +00:00
Ben Gras
0cfff08e56 libexec: mmap support, prealloc variants
In libexec, split the memory allocation method into cleared and
non-cleared. Cleared gives zeroed memory, non-cleared gives 'junk'
memory (that will be overwritten anyway, and so needn't be cleared)
that is faster to get.

Also introduce the 'memmap' method that can be used, if available,
to map code and data from executables into a process using the
third-party mmap() mode.

Change-Id: I26694fd3c21deb8b97e01ed675dfc14719b0672b
2013-04-24 10:18:16 +00:00
Ben Gras
49eb1f4806 vm: new secondary cache code
Primary purpose of change: to support the mmap implementation, VM must
know both (a) about some block metadata for FS cache blocks, i.e.
inode numbers and inode offsets where applicable; and (b) know about
*all* cache blocks, i.e.  also of the FS primary caches and not just
the blocks that spill into the secondary one. This changes the
interface and VM data structures.

This change is only for the interface (libminixfs) and VM data
structures; the filesystem code is unmodified, so although the
secondary cache will be used as normal, blocks will not be annotated
with inode information until the FS is modified to provide this
information. Until it is modified, mmap of files will fail gracefully
on such filesystems.

This is indicated to VFS/VM by returning ENOSYS for REQ_PEEK.

Change-Id: I1d2df6c485e6c5e89eb28d9055076cc02629594e
2013-04-24 10:18:16 +00:00
Ben Gras
adf2032bc0 vm: remove secondary cache code
This commit removes the secondary cache code implementation from
VM and its usage from libminixfs. It is to be replaced by a new
implementation.

Change-Id: I8fa3af06330e7604c7e0dd4cbe39d3ce353a05b1
2013-04-24 10:18:10 +00:00
Ben Gras
90d777f053 VM: pagequeue data structure
. data structure that automatically keeps a set
	  of pages in reserve, to replace sparepages and
	  possibly re-used in the future for similar situations,
	  e.g. if in-filesystem-cache block eviction is
	  implemented and FS asks for a new block

Change-Id: I149d46c14b9c8e75df16cb94e08907f008c339a6
2013-03-13 12:09:32 +00:00
Lionel Sambuc
8e4736f2df Removing obsolete _MINIX define
Change-Id: Id33ac7e973d1c0e249b690fe44a597474fac6076
2013-02-26 09:44:20 +00:00
Kees Jongenburger
f240e1eaf5 vm:Display boot process name upon failure to load or execute.
Change-Id: I80fdaca09ae255622083b16dee72715f009dc0ee
2013-02-16 11:20:45 +01:00
Ben Gras
3bc6d7df06 impove memory accounting
. the total amount of memory in the system didn't include the memory
	  used by the boot-time modules and some dynamic allocation by the
	  kernel at boot time (to map in VM). especially apparent on our
	  ARM board with 'only' 512MB of memory and a huge ramdisk.
	. also: *add* the VM loaded module to the freelist after it has
	  been allocated for & mapped in instead of cutting it *out* of the
	  freelist! so we get a few more MB free..

Change-Id: If37ac32b21c9d38610830e21421264da4f20bc4f
2013-02-11 19:31:57 +01:00
Ben Gras
298b41b523 libexec: detect short files
if an exec() fails partway through reading in the sections, the target
process is already gone and a defunct process remains. sanity checking
the binary beforehand helps that.

test10 mutilates binaries and exec()s them on purpose; making an exec()
fail cleanly in such cases seems like acceptable behaviour.

fixes test10 on ARM.

Change-Id: I1ed9bb200ce469d4d349073cadccad5503b2fcb0
2013-02-04 12:04:35 +01:00
Ben Gras
3771a0833d vm: merge i386 and arm pagetable code 2012-11-09 18:46:03 +01:00
Ben Gras
d343041caa VM: make mapping types explicit
Introduce explicit abstractions for different mapping types,
handling the instantiation, forking, pagefaults and freeing of
anonymous memory, direct physical mappings, shared memory and
physically contiguous anonymous memory as separate types, making
region.c more generic.

Also some other genericification like merging the 3 munmap cases
into one.

COW and SMAP safemap code is still implicit in region.c.
2012-10-12 14:52:01 +02:00
Ben Gras
2d72cbec41 SYSENTER/SYSCALL support
. add cpufeature detection of both
	. use it for both ipc and kernelcall traps, using a register
	  for call number
	. SYSENTER/SYSCALL does not save any context, therefore userland
	  has to save it
	. to accomodate multiple kernel entry/exit types, the entry
	  type is recorded in the process struct. hitherto all types
	  were interrupt (soft int, exception, hard int); now SYSENTER/SYSCALL
	  is new, with the difference that context is not fully restored
	  from proc struct when running the process again. this can't be
	  done as some information is missing.
	. complication: cases in which the kernel has to fully change
	  process context (i.e. sigreturn). in that case the exit type
	  is changed from SYSENTER/SYSEXIT to soft-int (i.e. iret) and
	  context is fully restored from the proc struct. this does mean
	  the PC and SP must change, as the sysenter/sysexit userland code
	  will otherwise try to restore its own context. this is true in the
	  sigreturn case.
	. override all usage by setting libc_ipc=1
2012-09-24 15:53:43 +02:00
Ben Gras
ed1af3c86c VM: full munmap
complete munmap implementation; single-page references made
a general munmap() implementation possible to write cleanly.

	. memory: let the MIOCRAMSIZE ioctl set the imgrd device
	  size (but only to 0)
	. let the ramdisk command set sizes to 0
	. use this command to set /dev/imgrd to 0 after mounting /usr
	  in /etc/rc, so the boot time ramdisk is freed (about 4MB
	  currently)
2012-09-18 13:17:52 +02:00
Ben Gras
6d7b770761 VM: static data structure for mem allocation
. allocate physical memory using a fixed, pre-allocated bitmap so there
   are no call cycles and it's avilable earlier
2012-09-18 13:17:48 +02:00
Ben Gras
2cb560297c VM: remove unused dma memory support functions from vm
. unused calls / data structures
2012-09-18 13:17:47 +02:00
Ben Gras
6410f4b5db VM: some sanitycheck fixes
minor fixes to restore SANITYCHECKS
2012-09-18 13:17:45 +02:00
Ben Gras
053fa581b5 vm: remove stack handling for signals
. moved to the kernel as the handling was only
	  reading it; the kernel may as well write it too
2012-08-29 17:31:38 +02:00
Ben Gras
e4ac80eb60 various warning/errorwarning fixes for gcc47
. warnings (sometimes promoted to errors) in servers/ and kernel/
 . -Os for ext2 boot module to make it small enough
2012-08-27 16:19:18 +02:00
Ben Gras
cbcdb838f1 various coverity-inspired fixes
. some strncpy/strcpy to strlcpy conversions
	. new <minix/param.h> to avoid including other minix headers
	  that have colliding definitions with library and commands code,
	  causing parse warnings
	. removed some dead code / assignments
2012-07-16 14:00:56 +02:00
Ben Gras
50e2064049 No more intel/minix segments.
This commit removes all traces of Minix segments (the text/data/stack
memory map abstraction in the kernel) and significance of Intel segments
(hardware segments like CS, DS that add offsets to all addressing before
page table translation). This ultimately simplifies the memory layout
and addressing and makes the same layout possible on non-Intel
architectures.

There are only two types of addresses in the world now: virtual
and physical; even the kernel and processes have the same virtual
address space. Kernel and user processes can be distinguished at a
glance as processes won't use 0xF0000000 and above.

No static pre-allocated memory sizes exist any more.

Changes to booting:
        . The pre_init.c leaves the kernel and modules exactly as
          they were left by the bootloader in physical memory
        . The kernel starts running using physical addressing,
          loaded at a fixed location given in its linker script by the
          bootloader.  All code and data in this phase are linked to
          this fixed low location.
        . It makes a bootstrap pagetable to map itself to a
          fixed high location (also in linker script) and jumps to
          the high address. All code and data then use this high addressing.
        . All code/data symbols linked at the low addresses is prefixed by
          an objcopy step with __k_unpaged_*, so that that code cannot
          reference highly-linked symbols (which aren't valid yet) or vice
          versa (symbols that aren't valid any more).
        . The two addressing modes are separated in the linker script by
          collecting the unpaged_*.o objects and linking them with low
          addresses, and linking the rest high. Some objects are linked
          twice, once low and once high.
        . The bootstrap phase passes a lot of information (e.g. free memory
          list, physical location of the modules, etc.) using the kinfo
          struct.
        . After this bootstrap the low-linked part is freed.
        . The kernel maps in VM into the bootstrap page table so that VM can
          begin executing. Its first job is to make page tables for all other
          boot processes. So VM runs before RS, and RS gets a fully dynamic,
          VM-managed address space. VM gets its privilege info from RS as usual
          but that happens after RS starts running.
        . Both the kernel loading VM and VM organizing boot processes happen
	  using the libexec logic. This removes the last reason for VM to
	  still know much about exec() and vm/exec.c is gone.

Further Implementation:
        . All segments are based at 0 and have a 4 GB limit.
        . The kernel is mapped in at the top of the virtual address
          space so as not to constrain the user processes.
        . Processes do not use segments from the LDT at all; there are
          no segments in the LDT any more, so no LLDT is needed.
        . The Minix segments T/D/S are gone and so none of the
          user-space or in-kernel copy functions use them. The copy
          functions use a process endpoint of NONE to realize it's
          a physical address, virtual otherwise.
        . The umap call only makes sense to translate a virtual address
          to a physical address now.
        . Segments-related calls like newmap and alloc_segments are gone.
        . All segments-related translation in VM is gone (vir2map etc).
        . Initialization in VM is simpler as no moving around is necessary.
        . VM and all other boot processes can be linked wherever they wish
          and will be mapped in at the right location by the kernel and VM
          respectively.

Other changes:
        . The multiboot code is less special: it does not use mb_print
          for its diagnostics any more but uses printf() as normal, saving
          the output into the diagnostics buffer, only printing to the
          screen using the direct print functions if a panic() occurs.
        . The multiboot code uses the flexible 'free memory map list'
          style to receive the list of free memory if available.
        . The kernel determines the memory layout of the processes to
          a degree: it tells VM where the kernel starts and ends and
          where the kernel wants the top of the process to be. VM then
          uses this entire range, i.e. the stack is right at the top,
          and mmap()ped bits of memory are placed below that downwards,
          and the break grows upwards.

Other Consequences:
        . Every process gets its own page table as address spaces
          can't be separated any more by segments.
        . As all segments are 0-based, there is no distinction between
          virtual and linear addresses, nor between userspace and
          kernel addresses.
        . Less work is done when context switching, leading to a net
          performance increase. (8% faster on my machine for 'make servers'.)
	. The layout and configuration of the GDT makes sysenter and syscall
	  possible.
2012-07-15 22:30:15 +02:00
Ben Gras
2bfeeed885 drop segment from safecopy invocations
. all invocations were S or D, so can safely be dropped
	  to prepare for the segmentless world
	. still assign D to the SCP_SEG field in the message
	  to make previous kernels usable
2012-06-16 16:22:51 +00:00
Ben Gras
040362e379 exec() cleanup, generalization, improvement
. make exec() callers (i.e. vfs and rs) determine the
	  memory layout by explicitly reserving regions using
	  mmap() calls on behalf of the exec()ing process,
	  i.e. handling all of the exec logic, thereby eliminating
	  all special exec() knowledge from VM.
	. the new procedure is: clear the exec()ing process
	  first, then call third-party mmap()s to reserve memory, then
	  copy the executable file section contents in, all using callbacks
	  tailored to the caller's way of starting an executable
	. i.e. no more explicit EXEC_NEWMEM-style calls in PM or VM
	  as with rigid 2-section arguments
	. this naturally allows generalizing exec() by simply loading
	  all ELF sections
	. drop/merge of lots of duplicate exec() code into libexec
	. not copying the code sections to vfs and into the executable
	  again is a measurable performance improvement (about 3.3% faster
	  for 'make' in src/servers/)
2012-06-07 15:15:01 +02:00
Ben Gras
ee4016155e vm: add third-party mmap() mode and PROCCTL
these two functions will be used to support all exec() functionality
going into a single library shared by RS and VFS and exec() knowledge
leaving VM.

	. third-party mmap: allow certain processes (VFS, RS) to
	  do mmap() on behalf of another process
	. PROCCTL: used to free and clear a process' address space
2012-06-07 12:43:16 +02:00
Ben Gras
b480472a76 vm: full memory view
for user-space processes, increase text segment so it reaches the full
address space, so code can be executed anywhere.
2012-04-12 02:58:39 +02:00
Ben Gras
7336a67dfe retire PUBLIC, PRIVATE and FORWARD 2012-03-25 21:58:14 +02:00
Ben Gras
6a73e85ad1 retire _PROTOTYPE
. only good for obsolete K&R support
	. also remove a stray ansi.h and the proto cmd
2012-03-25 16:17:10 +02:00
Antoine Leca
3fb8cb760c More cleaning up 2012-02-15 19:04:58 +00:00
Ben Gras
4668b84158 vm_remap_ro
- allows shared memory to be mapped in readonly

- ben@minix3.org & tom@minix3.org
2012-01-13 11:30:01 +00:00
Ben Gras
7cd4002083 vm: clear map cache after kernel requests
. fixes a dirty tlb situation (i.e. random crashes)
	  on some hardware, seemingly new intel architectures
	  (e.g. my desktop i7 machine)
2012-01-11 01:15:35 +01:00
Ben Gras
d477a9ed82 vm/ipc: only report signals when it matters to ipc
. ipc wants to know about processes that get
	  signals, so that it can break blocking ipc operations
	. doing it for every single signal is wasteful
	  and causes the annoying 'no slot for signals' message
	. this fix tells vm on a per-process basis it (ipc)
	  wants to be notified, i.e. only when it does any ipc calls
	. move ipc config to separate config file while we're at it
2011-08-05 20:52:32 +00:00
Erik van der Kouwe
0cb22acbda Fix VM -Wall warnings and enable -Werror 2011-06-01 11:30:58 +02:00
Arun Thomas
25a790a631 VM and kernel support for ELF 2011-02-26 23:00:55 +00:00
Ben Gras
ddde360e3e vm - hash table for block cache 2010-10-15 09:10:14 +00:00
Cristiano Giuffrida
0d984b36ef Get rid of static spare pages after VM startup. 2010-07-20 21:59:27 +00:00
Ben Gras
86139e8bf2 vm: last commit should not have included wiping out these calls
(this was done temporarily to make vm work with clang; vm crashes when
the 64-bit arithmetic functions are used when compiled with clang.)
2010-07-05 14:01:34 +00:00
Ben Gras
b4bea1bfcb vm: fixes for clang warnings 2010-07-05 13:58:57 +00:00
Cristiano Giuffrida
06700d05d1 Give RS a page table. 2010-06-28 21:53:37 +00:00
Arun Thomas
b641afc78a VM: Remove legacy non-paging code paths 2010-06-05 14:39:40 +00:00
Erik van der Kouwe
1f11a57141 Oops, last commit included more than was intended 2010-05-20 08:07:47 +00:00