Before safecopies, the IO_ENDPT and DL_ENDPT message fields were needed
to know which actual process to copy data from/to, as that process may
not always be the caller. Now that we have full safecopy support, these
fields have become useless for that purpose: the owner of the grant is
*always* the caller. Allowing the caller to supply another endpoint is
in fact dangerous, because the callee may then end up using a grant
from a third party. One could call this a variant of the confused
deputy problem.
From now on, safecopy calls should always use the caller's endpoint as
grant owner. This fully obsoletes the DL_ENDPT field in the
inet/ethernet protocol. IO_ENDPT has other uses besides identifying the
grant owner though. This patch renames IO_ENDPT to USER_ENDPT, not only
because that is a more fitting name (it should never be used for I/O
after all), but also in order to intentionally break any old system
source code outside the base system. If this patch breaks your code,
fixing it is fairly simple:
- DL_ENDPT should be replaced with m_source;
- IO_ENDPT should be replaced with m_source when used for safecopies;
- IO_ENDPT should be replaced with USER_ENDPT for any other use, e.g.
when setting REP_ENDPT, matching requests in CANCEL calls, getting
DEV_SELECT flags, and retrieving of the real user process's endpoint
in DEV_OPEN.
The changes in this patch are binary backward compatible.
M include/Makefile
A include/minix/input.h
M include/minix/com.h
M drivers/tty/keyboard.c
M drivers/tty/tty.c
M drivers/tty/tty.h
M include/minix/syslib.h
M lib/libsys/Makefile
A lib/libsys/input.c
Move archtypes.h to include/ dir, since several servers require it. Move
fpu.h and stackframe.h to arch-specific header directory. Make source
files and makefiles aware of the new header locations.
this change
- makes panic() variadic, doing full printf() formatting -
no more NO_NUM, and no more separate printf() statements
needed to print extra info (or something in hex) before panicing
- unifies panic() - same panic() name and usage for everyone -
vm, kernel and rest have different names/syntax currently
in order to implement their own luxuries, but no longer
- throws out the 1st argument, to make source less noisy.
the panic() in syslib retrieves the server name from the kernel
so it should be clear enough who is panicing; e.g.
panic("sigaction failed: %d", errno);
looks like:
at_wini(73130): panic: sigaction failed: 0
syslib:panic.c: stacktrace: 0x74dc 0x2025 0x100a
- throws out report() - printf() is more convenient and powerful
- harmonizes/fixes the use of panic() - there were a few places
that used printf-style formatting (didn't work) and newlines
(messes up the formatting) in panic()
- throws out a few per-server panic() functions
- cleans up a tie-in of tty with panic()
merging printf() and panic() statements to be done incrementally.
- if "debug_fkeys" boot monitor variable is set to 0:
- pass Fn, Shift+Fn, Ctrl+Fn, Shift+Ctrl+Fn to applications
- don't start IS
- update termcap files with function key, color, end key support
IS:
- do not use p_getfrom_e for a process that is sending
- register with TTY only function keys that are used
- various header and formatting fixes
- proper shutdown code
TTY:
- restore proper Ctrl+F1 dump contents
isofs:
- don't even try to call sys_exit()
remembering the origin and cursor position as that feature didn't
really work properly anyway
- tty: map in video and font memory using a vm call, access it from C,
thereby eliminating pesky weird segment calls and assembly to access it,
and unbreaks loadfont (Roman Ignatov)
- bios_wini: fix bios_wini by allocating a <1MB buffers for it
- memory: preallocate ramdisk, makes it a bit faster (and doesn't
fail halfway if you allocate a huge one)
- floppy: use <1MB buffer
- ramdisk proto: because of the 2x1 page reservations, binaries
got a little fatter and didn't fit on the ramdisk any more.
increase it.
a little cleaner (escaped scancodes are less of a special case) and
lets us be completely flexible when assigning meaning to them.
Future: a tool and ioctl to load the escaped keymap.
to col selected from the keymap untill right-alt is pressed again.
Sticky alt code and russian keymap contributed by Roman Ignatov
and Yaroslav Schekin.
mainly in the kernel and headers. This split based on work by
Ingmar Alting <iaalting@cs.vu.nl> done for his Minix PowerPC architecture
port.
. kernel does not program the interrupt controller directly, do any
other architecture-dependent operations, or contain assembly any more,
but uses architecture-dependent functions in arch/$(ARCH)/.
. architecture-dependent constants and types defined in arch/$(ARCH)/include.
. <ibm/portio.h> moved to <minix/portio.h>, as they have become, for now,
architecture-independent functions.
. int86, sdevio, readbios, and iopenable are now i386-specific kernel calls
and live in arch/i386/do_* now.
. i386 arch now supports even less 86 code; e.g. mpx86.s and klib86.s have
gone, and 'machine.protected' is gone (and always taken to be 1 in i386).
If 86 support is to return, it should be a new architecture.
. prototypes for the architecture-dependent functions defined in
kernel/arch/$(ARCH)/*.c but used in kernel/ are in kernel/proto.h
. /etc/make.conf included in makefiles and shell scripts that need to
know the building architecture; it defines ARCH=<arch>, currently only
i386.
. some basic per-architecture build support outside of the kernel (lib)
. in clock.c, only dequeue a process if it was ready
. fixes for new include files
files deleted:
. mpx/klib.s - only for choosing between mpx/klib86 and -386
. klib86.s - only for 86
i386-specific files files moved (or arch-dependent stuff moved) to arch/i386/:
. mpx386.s (entry point)
. klib386.s
. sconst.h
. exception.c
. protect.c
. protect.h
. i8269.c
include grant id in DEV_REVIVE messages.
. Removal of TTY_FLAGS field (and so O_NONBLOCK support).
. Fixed CANCEL behaviour and return code on blocking I/O,
previously handled by O_NONBLOCK
. Totally removed REVIVE replies, previously still possible on
blocking ioctls (REVIVE directly called) and ptys (missing TTY_REVIVE
check), removes deadlock bug with FS
. Removed obsolete *COMPAT options and associated code
initialization. One-time init is called from tty.
Side effect is that the one-time init is done after the sys_getmachine()
call, which makes set_leds() work, which makes numlock go off at booting.
Output during initialization should be suppressed. Unless an error occurs.
Note that main() can now be main(int argc, char **argv) and arguments can
be passed when bringing up the driver.
to provide an index (0 .. 31) that is passed in the HARD_INT message when an
interrupt occurs. The NOTIFY_ARG field contains a bitmap with all indexes for
which an interrupt occured.
TTY: select and revive with new notify and FS call back;
kernel: removed old notify code; removed ugly prepare_shutdown timer
kputc: don't send to FS if PRINTF_PROC fails