I misread the condition and broke this in 0687a01. Thanks to Axel for
reviewing!
* Refactor the code again to move all the error checking at the top of
the function, to make it easier to read.
The API allows to create driver settings which are not added to the
global list, however those were left partially uninitialized, and there
was no way to cleanly delete them.
Tag such unattached settings with a ref_count of -1, and have
delete_driver_settings check for this and handle the case correctly.
Note: #10494 comment 2 says the settings for packagefs shouldn't be
added to the kernel driver settings list, which is why I went with this
solution. An alternative would be always using the list and the
reference counting, but I don't know what the consequences are.
Fixes#10494.
* This is not allowed by strdup POSIX specs and GCC may use its builtin
strdup which doesn't check for it.
* also refactor parse_driver_settings_string to create the
settings_handle using settings_new, to reduce code duplication.
Sorry, I can't test all cases when building from Haiku.
Including <new> after the fs shell wrapper makes the compiler fail
because new needs a size_t argument (not an fssh_size_t). But including
it before also fails because it includes C++ typedefs without the fssh
wrapper, leading to conflicts.
Undefining size_t just for the include of <new> isn't very clean, but
seems to work. new gets a size_t argument as it should and the other
typedefs aren't conflicting.
* Add an fs-shell compatible version of BOpenHashTable in the fs_shell
to keep it working. The header is renamed to KOpenHashTable to avoid a
conflict with the OpenHashTable.h available in private/shared which is
not API compatible.
- When normalizing paths of the preloaded modules to their final mounted
path, remove them from the hash table before updating their path. Otherwise,
the remove would fail due to the hash no longer matching, which in turn
would cause the code in question to introduce an infinite loop in the
hash table's internal link list due to manually rewriting the next link.
* offsetof is not allowed on non-POD types so we need to use
offset_of_member (gcc2 accepts offsetof, and C++11 relaxed the
constraints on where it is allowed so it should work there too)
* we have offset_of_member as a workaround until we switch to C++11,
move it from khash (which is soon to be removed) to list.h which is the
other place where it is used (for this one single call in our whole
codebase)
Also fix a typo in vfs.cpp.
As a result of the refactoring for OpenHashTable, the iterator semantics
have changed a bit, such that the end of the table is no longer signalled
by the iterator returning NULL. This wasn't taken into account during
refactoring, which would lead to various places returning the last item
in the list in the case where no matching item was found, causing e.g.
drivers not to be loaded properly. This fixes the boot hang regressions
introduced in hrev48640.
Could lead to wrongly setting the TYPE_MINUTE flag for an invalid (>59)
number of minutes. Harmless, as that flag is never used.
For completeness, also set the flag for seconds (also never used).
Fixes#11552.
gcc2 was relying on the c99 functions being there, but they are not in
the std namespace.
* Disable the C99 functions and macros in C++ mode
* Redefine them as inline functions in cmath in the std namespace.
Fixes#7396.
I had a KDL when trying to read an audio CD which apparently uses this
as a copy protection scheme.
I don't know if this is the right place to do this, the KDL would happen
further down when the intel partitionning system or bfs would try to
read data from the disk at offset -2048.
While the partitioning system does publish partitions as block
devices and report their size in stat(), the old BeOS-style
drivers have no means of reporting it this way.
So we fall back to ioctl(B_GET_GEOMETRY) to find out the size.
This avoids having to copy the strings.
For now we disregard argv[] as it is not remapped before
being used in add_stage2_driver_settings() and is not used
by the linux entry point.
This makes the overo loader panic at the same place as
the beagle xm one now, even though it fails to display
anything with the default RAM size since we allocate
the framebuffer beyond 128MB...
* Always include last caller and lock value on both UP and MP path.
* Change lock value printing to hex format, as 0xdeadbeef is more
obvious than its decimal counterpart.
While the NetBSD entry point is handy as we can use a single uImage
with all 3 blobs, it bypasses U-Boot's own patching of the FDT since
it's not visible to it, so we won't get the RAM size and other things
through it.
CreateThreadEvent::DoDPC() missed a reference release to balance the
acquired reference before queuing the DPC, resulting in the
CreateThreadEvent objects being leaked.
This also removes the destructor that tried to cancel the DPC. Since
the class is reference counted and only destroyed when the DPC has
run and released the last reference, this didn't make much sense.
The signal to the team/thread is only actually sent in a deferred
procedure. To ensure that the team/thread stays valid between the DPC
being queued and it actually running, we need to acquire a reference.
Fixes#11390, where the DPC was run after the team was already
destroyed.
This introduces InterruptController and HardwareTimer classes to
handle the SoC specific implementations of timers and ints for
the ARM platform.
These could be improved and moved to a more 'generic' level once
we're confident they are 'good enough'.
NOTE: The OMAP timer implementation is fully untested and probably
completely non-functional....
If we find an FDT (either from uImage or otherwise) we make sure
we map it after mmu_init() and use kernel_args to pass it to the
kernel (so it is available at all times there).
* On UEFI, pages are allocated top-down; previously,
VM would fail to allocate early pages due to
running into pages allocated at the top and
assume it had run out of pages to map.
Signed-off-by: Jessica Hamilton <jessica.l.hamilton@gmail.com>
With packagefs potentially opening quite a few packages the default of
256 slots is a bit tight. It's 4096 now, which should be safe for a
while, but we might want to consider resizing the table dynamically and
probably even switching to another algorithm for allocating the slots.
Should fix#11328.
* VMArea::AddWaiterIfWired(): Replace the ignoreRange argument by a
flags argument and introduce (currently only) flag
IGNORE_WRITE_WIRED_RANGES. If specified, ranges wired for writing
are ignored. Ignoring just a single specified range doesn't cut it
in vm_soft_fault(), and there aren't any other users of that feature.
* vm_soft_fault(): When having to unmap a page of a lower cache, this
page cannot be wired for writing. So we can safely ignore all
writed-wired ranges, instead of just our own. We even have to do that
in case there's another thread that concurrently tries to write-wire
the same page, since otherwise we'd deadlock waiting for each other.
As Axel pointed out, B_BAD_DATA is not the correct code here. B_BUSY
could be used but I wantd a code different from the existing one for
"partition already being initialized".
When we encounter a wired page that we'd have to unmap to map our newly
allocated one, we need to get rid of the latter before unlocking
everything and waiting for the wired page. Otherwise we'd leave things
in an inconsistent state (a page from an upper cache shadowing a mapped
page from a lower cache).
... in case we'd need to unmap a page that is wired.
Fixes the immediate issue of #10977. There's a problem remaining (as
discussed in comment 1): If two threads want to wire the same page at
the same time (which led to the assertion being triggered), they will
now deadlock, waiting for each other to remove the pre-registered
VMAreaWiredRange.
The thread that is being [un]scheduled already has its time_lock locked
in {stop|continue}_cpu_timers(). When updating the TeamTimeUserTimer,
the team is asked for its cpu time. Team::CPUTime() then iterates the
threads of the team and locks the time_lock of the thread again.
This workaround passes a possibly locked thread through the relevant
functions so Team::CPUTime() can decide whether or not a thread it
iterates needs to be locked or not.
This works around #11032 and its duplicates #11314 and #11344.
when uninitializing a partition or a disk (removing the partition
table), check that all partitions from that table are unmounted, as they
are about to become invalid.
Fixes#8827.
The "2nd" assert that we always ran into was due to bootloader mappings
still being active after VM init. Turns out we missed a call in the
architecture specific code for cleaning this up.
Many thanks to Ingo for spending the time to figure this out!
When a file descriptor is closed between being selected and adding the
select info to its IO context, the select info needs to be cleaned up.
This is done by deselect_select_infos() which unconditionally also put
the select_sync associated with the infos. In this special case we do
not yet hold a reference to the select_sync however, so avoid putting
the corresponding sync object.
Fixes#11098, #10763 and #10230.
QEMU was crashing since when setting the DSS divider we were _clearing_
the TV divider, and QEMU did not check for a divide by zero.
This "fixes" the QEMU crash and gets us a working framebuffer on Beagle ;)
* Added VFS helper function check_access_permissions() that combines
several partially correct versions to the one true version (tm).
* All but BFS (since recently) missed the S_IXOTH for root on directories,
and all but packagefs missed proper group handling.
When the address is not page aligned, not only adjust the address
to start mapping, but also take the "overflow" on the last page
into account.
This makes the bootloader boot again ;)
* When you change the current working directory, you actually
should have the permission to enter that directory.
* This gives us a 0.04% better score on the perl test suite :-)
The BOOT_GDT_SEGMENT_COUNT was based on USER_DATA_SEGMENT on both
x86 and x86_64. However, on x86_64 the order of the segments is
different, leading to a too small gBootGDT array. Move the define to
the arch specific headers so they can be setup correctly in either case.
Also add a STATIC_ASSERT() to check that the descriptors fit into the
array.
Pointed out by CID 1210898.
Due to the missing include, the builtin new and delete operators were
used in those two files instead of the ones from the include used
everywhere else in the runtime_loader.
The POSIX locale has gLocaleRoster = NULL and relies on the non-wide
version of the implementation. However it doesn't check that the
characters are actually in range which leads to out of bound access and
crashes in __isctype.
Fixes#11322.
Source or destination buffers passed to pagecache functions may belong
to kernel memory (e.g. when the caller is packagefs). Because of that
we should tell vm_memcpy_{from, to}_physical() truth, not assume that all
buffers are in user memory. That's important because user memory page fault
handlers cannot be nested and these functions may be used while handling
a page fault.
With high probability fixes#11246.
Signed-off-by: Paweł Dziepak <pdziepak@quarnos.org>
This patch adds user_access() which can be used to gracefully handle
page faults that may happen when accessing user memory. It is used
by arch_cpu_user{memcpy, memset, strlcpy}() to allow using optimized
functions from the standard library.
Currently only x64 uses this, but nothing really is arch specific here.
Signed-off-by: Paweł Dziepak <pdziepak@quarnos.org>
As Alex pointed out we can leak possibly sensitive data in xmm registers
when returning from the kernel. To prevent that xmm0-15 are zeroed
before sysret or iret. The cost is negligible.
Signed-off-by: Paweł Dziepak <pdziepak@quarnos.org>
The kernel is allowed to use fpu anywhere so we must make sure that
user state is not clobbered by saving fpu state at interrupt entry.
There is no need to do that in case of system calls since all fpu
data registers are caller saved.
We do not need, though, to save the whole fpu state at task swich
(again, thanks to calling convention). Only status and control
registers are preserved. This patch actually adds xmm0-15 register
to clobber list of task swich code, but the only reason of that is
to make sure that nothing bad happens inside the function that
executes that task swich. Inspection of the generated code shows
that no xmm registers are actually saved.
Signed-off-by: Paweł Dziepak <pdziepak@quarnos.org>
Enable SSE as a part of the "preparation of the environment to run any
C or C++ code" in the entry points of stage2 bootloader.
SSE2 is going to be used by memset() and memcpy().
Signed-off-by: Paweł Dziepak <pdziepak@quarnos.org>
Just following the path of least resistance and adding andq $~15, %rsp
where appropriate. That should also make things harder to break
when changing the amount of stuff placed on stack before calling the
actual syscall routine.
Signed-off-by: Paweł Dziepak <pdziepak@quarnos.org>
There is absolutely no reason for these functions to be in commpage,
they don't do anything that involves the kernel in any way.
Additionaly, this patch rewrites memset and memcpy to C++, current
implementation is quite simple (though it may perform surprisingly
well when dealing with large buffers on cpus with ermsb). Better
versions are coming soon.
Signed-off-by: Paweł Dziepak <pdziepak@quarnos.org>
