fault() now has an additional pc argument that is
used to detect fault on a non-executable segment.
that is, we check on read fault if the segment
has the SG_NOEXEC attribute and the program counter
is within faulting page.
a portable SG_NOEXEC segment attribute was added to allow
non-executable (physical) segments. which will set the
PTENOEXEC bits for putmmu().
in the future, this can be used to make non-executable
stack / bss segments.
the SG_DEVICE attribute was added to distinguish between
mmio regions and uncached memory. only matterns on arm64.
on arm, theres the issue that PTEUNCACHED would have
no bits set when using the hardware bit definitions.
this is the reason bcm, kw, teg2 and omap kernels use
arteficial PTE constants. on zynq, the XN bit was used
as a hack to give PTEUNCACHED a non-zero value and when
the bit is clear then cache attributes where added to
the pte.
to fix this, PTECACHED constant was added.
the portable mmu code in fault.c will now explicitely set
PTECACHED bits for cached memory and PTEUNCACHED for
uncached memory. that way the hardware bit definitions
can be used everywhere.
on the 2GB and 4GB raspberry pi 4 variants, there are two
memory regions for ram:
[0x00000000..0x3e600000)
[0x40000000..0xfc000000)
the framebuffer is somewhere at the end of the first
GB of memory.
to handle these, we append the region base and limit
of the second region to *maxmem= like:
*maxmem=0x3e600000 0x40000000 0xfc000000
the mmu code has been changed to have non-existing
ram unmapped and mmukmap() now uses small 64K pages
instead of 512GB pages to avoid aliasing (framebuffer).
the VIRTPCI mapping has been removed as we now have
a proper vmap() implementation which assigns vritual
addresses automatically.
this adds a 4GB KMAP window into the kernel address space
so we can access all physical ram on raspberry pi 4 for
user pages.
note that kernel memory above KZERO is still limited
to 1GB because of DMA restrictions.
according to the following linux change, BCM2711 uses a different
method for changing pullup/down mode:
abcfd09286 (diff-cf078559c38543ac72c5db99323e236d)
gpiomeminit() was broken, using virtual address for the gpio physseg
instead of the physical one.
cleanup the code, avoid repetition by declaring static u32int *regs
variable. make local variable names consistent.
the raspberry pi 4 has a new interrupt controller and
pci support, so get rid of intrenable() macro and
properly make intrenable function with tbdf argument.
the raspberry pi4 firmware refuses to enable the GIC interrup controller
for arm64 when the .img file is not a multiple of 4 bytes. yes, this
is insane and nowhere documented.
the new raspberry pi 4 firmware for arm64 seems to have
broken atag support. so we now parse the device tree
structure to get the bootargs and memory configuration.
Ori Bernstein had Sunrise Point-H USB 3.0 xHCI Controller that would mysteriously
crash on the 5th ENABLESLOT command. This was reproducable by even just allocating
slots in a loop right after init.
It turns out, the 1.2 spec extended the Max Scratchpad Buffers in HCSPARAMS2 so our
driver would not allocate enougth scratchpad buffers and controller firmware would
crash once it went beyond our allocated scratchpad buffer array.
This change also fixes:
- ignore bits 16:31 in PAGESIZE register
- preserve bits 10:31 in the CONFIG register
- handle ADDESSDEV command failure (so it can be retried)
preallocate 2% of user pages for page tables and MMU structures
and keep them mapped in the VMAP range. this leaves more space
in the KZERO window and avoids running out of kernel memory on
machines with large amounts of memory.
when a operation receives a chain of OINDEX nodes as its operands,
each indexing step used to allocate a new index register. this
is wastefull an can result in running out of fixed registers on 386
for code such as: x = a[a[a[a[i]]]].
instead we attempt to reuse the destination register of the operation
as the index register if it is not otherwise referenced. this results
in the index chain to use a single register for index and result and
leaves registers free to be used for something usefull instead.
for 6c, try to avoid R13 as well as BP index base register.
For ape, we never enabled warnings in cflags.
Turning it on brings up a lot of warnings. Most are noise,
but a few caught unused variables and trunctaions of pointers.
to smaller integers (int, long).
A few warnings remain.
To reproduce:
gs -q -dNOPAUSE -dSAFER '-sDEVICE=ppmraw' '-sOutputFile=/dev/null' <<.
%!PS-Adobe-3.0 EPSF-3.0
%%BoundingBox: -0 -0 100 100
/size_from 10000 def
/size_step 500 def
/size_to 65000 def
/enlarge 1000 def
%/bigarr 65000 array def
0
size_from size_step size_to {
pop
1 add
} for
/buffercount exch def
/buffersizes buffercount array def
0
size_from size_step size_to {
buffersizes exch 2 index exch put
1 add
} for
pop
/buffers buffercount array def
0 1 buffercount 1 sub {
/ind exch def
buffersizes ind get /cursize exch def
cursize string /curbuf exch def
buffers ind curbuf put
cursize 16 sub 1 cursize 1 sub {
curbuf exch 255 put
} for
} for
/buffersearchvars [0 0 0 0 0] def
/sdevice [0] def
enlarge array aload
{
.eqproc
buffersearchvars 0 buffersearchvars 0 get 1 add put
buffersearchvars 1 0 put
buffersearchvars 2 0 put
buffercount {
buffers buffersearchvars 1 get get
buffersizes buffersearchvars 1 get get
16 sub get
254 le {
buffersearchvars 2 1 put
buffersearchvars 3 buffers buffersearchvars 1 get get put
buffersearchvars 4 buffersizes buffersearchvars 1 get get 16 sub put
} if
buffersearchvars 1 buffersearchvars 1 get 1 add put
} repeat
buffersearchvars 2 get 1 ge {
exit
} if
%(.) print
} loop
.eqproc
.eqproc
.eqproc
sdevice 0
currentdevice
buffersearchvars 3 get buffersearchvars 4 get 16#7e put
buffersearchvars 3 get buffersearchvars 4 get 1 add 16#12 put
buffersearchvars 3 get buffersearchvars 4 get 5 add 16#ff put
put
buffersearchvars 0 get array aload
sdevice 0 get
16#3e8 0 put
sdevice 0 get
16#3b0 0 put
sdevice 0 get
16#3f0 0 put
currentdevice null false mark /OutputFile (%pipe%echo gotce)
.putdeviceparams
1 true .outputpage
.rsdparams
%{ } loop
0 0 .quit
%asdf
.
under heavy load, factotum can return a "too much activity" error,
which upas/smtpd and upas/smtp should consider a temporary error
instead of a permanent one.
implicit casts would cause spurious "result of operation not used"
warnings such as ape's stdio putc() macro.
make (void) casts non-ops when the casted expression has no
side effects. this avoid spurious warning with ape's assert()
macro.
for historical reasons, kenfs stores directory entries in pre 9p2000
format with directories having the QPDIR bit 31 set in the qid path.
however, the 64 bit fileserver allows 64 bit qid paths.
given that we do not support pre 9p2000 clients and do not rely on
the QPDIR, but want to keep the block check tags consistent, we will
*INVERT* the QPDIR bit in directory entry qid paths for directories.
this preserves the on-disk semantics (for < 31 bit qmax) but does
not complicate qid generation and recovery. also makes it easy to
convert between directory entry qid and 9p format.
C99 comments have been the default in compilers for something like 20 years
now. This means we don't need to remember to turn it on when porting software,
and gets rid of cryptic errors about unterminated character constants when
someone writes something like:
// Didn't need to...
We still accept the flag to avoid breaking mkfiles, but we do nothing with it.
This also removes the documentation, since the option does nothing now.
This change imports a few warnings and minor fixes from Charles branch
here: https://bitbucket.org/plan9-from-bell-labs/plan9.
The changes included here:
changeset: 1374:9185dc017be0
summary: declare castucom; move a declaration into order;
use cast instead of ULL suffix
changeset: 1353:5fe8380b1818
summary: supporting functions:
1. castucom to match unlikely mask operation;
2. be sure to snap both sides of pointer subtraction completely;
3. add extra operators as side-effect free
changeset: 1352:90058c092d66
summary: 1. correct result type for mixed-mode assignment operators
2. detect divide by zero (erik);
3. detect masks misformed by sign-extension;
4. diagnose mixed old/new prototypes
To complement the new cl-routes field, the bootp static routes option has been
renamed to cf-routes and the network/gateway pairs are separated with a right
arrow.
key exchange with git@github.com fails as they appear to try to
negotiate a mac algorithm even tho we use an AEAD cipher which
does not use a mac algorithm.
the work around is to supply a dummy mac algorithm that they
can negotiate to make them happy.
always clean AND invalidate caches before dma read,
never just invalidate as the buffer might not be
aligned to cache lines...
we have to invalidate caches again *AFTER* the dma
read has completed. the processor can bring in data
speculatively into the cache while the dma in in
flight.
Amavect wrote:
> mkone and mkmany have backwards targets for installing man pages.
> This patch makes 'mk man' actually work for mkfiles that include mkone.
> mkmany is not easily fixed without breaking changes.
> It may go without saying that external repos should write their own mkfiles.
we override atag memory on reboot, so preserve
the memsize learned from atag as *maxmem plan9
variable. the global memsize variable is not
needed anymore.
avoid trashing the following atag when zero
terminating the cmdline string.
zero memory after plan9.ini variables.
the Ipselftab is designed to not require locking on read
operation. locking the selftab in ipselftabread() risks
deadlock when accessing the user buffer creates a fault.
remove unused fields from the Ipself struct.
initialize the rate limits when the device gets
bound, not when it is created. so that the
rate limtis get reset to default when the ifc
is reused.
adjust the burst delay when the mtu is changed.
this is to make sure that we allow at least one
full sized packet burst.
make a local copy of ifc->m before doing nil
check as it can change under us when we do
not have the ifc locked.
specify Ebound[] and Eunbound[] error strings
and use them consistently.
remove references to the unused Conv.car qlock.
ipifcregisterproxy() is called with the proxy
ifc wlock'd, which means we cannot acquire the
rwlock of the interfaces that will proxy for us
because it is allowed to rlock() multiple ifc's
in any order. to get arround this, we use canrlock()
and skip the interface when we cannot acquire the
lock.
the ifc should get wlock'd only when we are about
to modify the ifc or its lifc chain. that is when
adding or removing addresses. wlock is not required
when we addresses to the selfcache, which has its
own qlock.
mark reader process pointers with (void*)-1 to mean
not started yet. this avoids the race condition when
media unbind happens before the kproc has set its
Proc* pointer. then we would not post the note and
the reader would continue running after unbind.
etherbind can be simplified by reading the #lX/addr
file to get the mac address, avoiding the temporary
buffer.
when the exclusive monitor is cleared, a event is generated
which we can use to wake up idlehands. that way we do not
need to wait for the next timer interrupt until a cpu takes
work from the run queue.
there appear to be devices out there such as Realtek RTL2838UHIDIR
SDR that do not process control transfers correctly, ignoring the
high byte of the wLength field. to work around this, we specify an
odd number of bytes for read sizes >= 256 which keeps the low byte
0xFF.
we did not interpret the $rootdir and $rootspec environment
variables right. $rootdir is what gets bound to / (usually /root)
and $rootspec is the mountspec of /root.
i'v been seeing the error condition described above in the
Slowbulkin comment. so i'm enabling the work arround which
seems to fix the lockup.
in the split transaction case where we want to start the
transaction at frame start, acquire the ctlr lock *before*
checking if we are in the right frame number. so the start
will happen atomically. checking the software ctlr->sofchan
instead of checking the interrupt mask register seems to
be quicker.
setting the haint mask bit for the chan under ctlr lock
in chanio() instead of chanwait() avoids needing to acquire
the ctlr lock twice.
mask wakechan bits with busychan bitmap in interrupt handlers
so we will not try to wake up released chans by accident.
sleep() and tsleep() might get interrupted so we have to
release the split qlock in the split transaction case and
in all cases, make sure to halt the channel before release.
add some common debug functions to dump channel and controller
registers.
we have to ensure that all stores saving the process state
have completed before setting up->mach = nil in the scheduler.
otherwise, another cpu could observe up->mach == nil while
the stores such as the processes p->sched label have not finnished.
vmx uses non portable word unpacking macros, breaking
the build for arm64. vmx only works on a pc anyway.
this forces objtype to 386 on these machines, similar
to what the kernel mkfiles do.
attached is a patch to fix receive in the 8169 chip on my thinkpad
A485. i'm not sure why, but the same thing was done in 3d56a0fc4645
for Macv45.
nick
some control transactions can confuse the xhci controller so
much that it even fails to respond to command abort or STOPEP
control command. with no way for us to abort the transaction
but a full controller reset.
we give the controller 5 seconds to abort our initial
transaction and if that fails we wake the recover process
to reset the controller.
thanks mischief for testing.
from what i can tell, sending port enable is a spec violation.
this fixes a hang during hub enumeration in the ASMedia
xhci controller when i plug in my IBM UltraNav SK-8845.
also, send unsuspend when port is suspended instead of enable.
from the USB 2 specification:
11.24.2.7.1.2 PORT_ENABLE
...
This bit may be set only as a result of a SetPortFeature(PORT_ENABLE).
...
The hub response to a SetPortFeature(PORT_ENABLE) request is not specified.
we have to explicitely convert to vlong by sign or
zero extending as not every operation leaves a proper
zero/sign extended result in the register. for example
NEGW will zero extend, breaking negative int offsets
on pointers.
we explicitely insert SXTW or MOVWU instructions which
the peephole optimizer takes out again when it is safe
todo so.
when promoting constant offsets to immediate offsets,
make sure the offset will be in range. otherwise the
linker will produce not so optimal pointer arithmetic
instructions to calculate the offset.
the possible bitmasks generated depend on the data width
of the instruction, so we introduce C_BITCON32 and C_BITCON64
operand types to keep them apart.
the encoding of the bitcon operation was wrong.
the temporary stack segment used to be at a fixed address above or
below the user stack. these days, the temp stack is mapped dynamically
by sysexec so TSTKTOP is obsolete.
return the error message from MSG_CHANNEL_OPEN_FAILURE
in the "connect" control write.
use a extra state "Finished" to distinguish server from client
initiated teardown. that way we do not need to track if we
send the MSG_CHANNEL_CLOSE message in closeclient(). this way
we also cannot be fooled by misbehaving server.
simplify hangupclient() by removing state transitions and doing
them in the caller explicitely. that way we can use hangupclient()
instead of dialedclient().
in mux mode, ssh relays raw MSG_CHANNEL_*
messages on standard input and output while
still handling authentication and key exchange
internally.
the intend is to use the mux mode to implement
something like the old sshnet ontop of ssh.
between being commited to a machno and having acquired the lock, the
scheduler could come in an schedule us on a different processor. the
solution is to have dtmachlock() take a special -1 argument to mean
"current mach" and return the actual mach number after the lock has
been acquired and interrupts being disabled.
this fixes the miscompilation of 6l with 5c resulting in bogus
vlong -> long conversion at the top of asmandsz():
asmandsz 0x0000aec4 MOVW.W R14,#-0x2c(R13)
asmandsz+0x4 0x0000aec8 MOVW rex+8(FP),R5
asmandsz+0x8 0x0000aecc MOVW $andptr-SB(SB),R7
asmandsz+0xc 0x0000aed0 MOVW R0,R6
asmandsz+0x10 0x0000aed4 AND $#0x44,R5,R8
asmandsz+0x14 0x0000aed8 MOVW R8,rex+8(FP)
asmandsz+0x18 0x0000aedc MOVW R0,R4
asmandsz+0x1c 0x0000aee0 MOVM.IA (R0),[R1,R3] <- R1 used here
asmandsz+0x20 0x0000aee4 MOVW R8,v-4(SP) <- substituted by R8
- do not write /net/ndb for loopback medium unless -p is specified
- use defmask() instead of hardcoded /64 for v6 to get correct /128 mask for ::1
- only do duplicate address detection on ethernet
- increase buffer size to support up to 4096 bit RSA keys
- handle PMTUDiscovery option and respond to pmtu probes
- handle port in Address option
- wlock(&netlk) before closing udpfd to sync with writers
- move default subnet handling out of gethost()
using ~IP_DF mask to select offset and "more fragments" bits
includes the evil bit 15. so instead define a constant IP_FO
for the fragment offset bits and use (IP_MF|IP_FO). that way
the evil bit gets ignored and doesnt cause any useless calls
to ipreassemble().
tested on a t43 with igfx and a 1600x1200 t43p screen
what works: lvds, blanking
what doesn't: hwgc (not visible), snarfing edid
untested: vga
based on realemu traces.
only try listen/dial on udp when IndirectData/TcpOnly is not
enabled.
add support for scipts:
host-up
host-down
tinc-up
tinc-down
subnet-up
subnet-down
when dialing udp connection, only switch when there is no
other udp connection active. when we receive an authenticated
message, we switch to that connection immidiately.
unfraglen() had the side effect that it would always copy the
nexthdr field from the fragment header to the previous nexthdr
field. this is fine when we reassemble packets but breaks
fragments that we want to just forward unchanged.
given that we now keep the block size consistent with the
ip packet size, the variable header part of the ip packet
is just: BLEN(bp) - fp->flen == fp->hlen.
fix bug in ip6reassemble() in the non-fragmented case:
reload ih after ip header was moved before writing ih->ploadlen.
use concatbloc() instead of pullupblock().
some protocols assume that Ip4hdr.length[] and Ip6hdr.ploadlen[]
are valid and not out of range within the block but this has
not been verified. also, the ipv4 and ipv6 headers can have variable
length options, which was not considered in the fragmentation and
reassembly code.
to make this sane, ipiput4() and ipiput6() now verify that everything
is in range and trims to block to the expected size before it does
any further processing. now blocklen() and Ip4hdr.length[] are conistent.
ipoput4() and ipoput6() are simpler now, as they can rely on
blocklen() only, not having a special routing case.
ip fragmentation reassembly has to consider that fragments could
arrive with different ip header options, so we store the header+option
size in new Ipfrag.hlen field.
unfraglen() has to make sure not to run past the buffer, and hadle
the case when it encounters multiple fragment headers.
kivik wrote:
I've found a nasty bug in lib9p handling of Tversion
messages, where an invalid version string in the request
leads to servers abort()ing the spaceship.
To reproduce:
; ramfs -S ram
; aux/9pcon /srv/ram
Tversion ~0 DIE
The issue lies in sversion() where in case an invalid
version string is received we respond right away with
ofcall.version="unknown"; however, we fail to set the
ofcall.msize, which at this point is cleared to 0. This
causes the convS2M call in respond() to fail and abort being
called.
we want to accept V4 subnets in CIDR notation consistently which
means we need to interpret the mask in context of the IP address.
so parseipmask() now has an additional v4 flag argument which
offsets the prefixlength by 96 so a /24 will be interpreted
as a /120.
parseipandmask() is the new function which handles this automatically
depending on the ip address type.
v4parsecidr() is now obsolete.
steve wrote:
> I cam across a bug in cifs.
>
> An empty directory under windows 7 pro contains a single entry "." but it
> doesn't appear to contain "..". As a result "." is not removed on dirscan
> and plan9 gets when trying to traverse the hierarchy.
all screen implementations use a Memimage* internally
for the framebuffer, so we can return a shared reference
to its Memdata structure in attachscreen() instead of
a framebuffer data pointer.
this eleminates the softscreen == 0xa110c hack as we
always use shared Memdata* now.
Under the normal close sequence, when we receive a FIN|ACK, we enter
TIME-WAIT and respond to that LAST-ACK with an ACK. Our TCP stack would
send an ACK in response to *any* ACK, which included FIN|ACK but also
included regular ACKs. (Or PSH|ACKs, which is what we were actually
getting/sending).
That was more ACKs than is necessary and results in an endless ACK storm
if we were under the simultaneous close sequence. In that scenario,
both sides of a connection are in TIME-WAIT. Both sides receive
FIN|ACK, and both respond with an ACK. Then both sides receive *those*
ACKs, and respond again. This continues until the TIME-WAIT wait period
elapses and each side's TCP timers (in the Plan 9 / Akaros case) shut
down.
The fix for this is to only respond to a FIN|ACK when we are in TIME-WAIT.
At this moment plan9 is using vendorinfo to communicate
some specific plan9 parameters, but there are some boards
that use this attribute to set specific values. This
patch allows netbooting of these boards using ndb attributes
instead of hard coded solutions in dhcpd(1). Vendor attribute
is used for that purpose because it is also used for the
same purpose in bootp.
Lookupip() was already reading rootpath, but it didn't read the
address of the rootserver. As they are very related it makes sense to
read them at the same time.
This patch also fixes a typo, where vendorclass was used instead of
vendor, resulting that vendor ndb attribute was never used.
always start the pager kproc in swapinit(), simplifying kickpager().
allow zero conf.nswap and conf.nswppo. avoid allocating the reference
map and iolist arrays in that case.
use ulong for ioptr and iolist indices.
don't panic when writing pages out to the swapfile fails. just
requeue the page in the io transaction list so we will try
again next time executeio() is run or just free the page when
the swap reference was dropped.
remove unused pagersummary() function.
rfork F closes all file descriptors, so we have to
invalidate the redirections as they are now refering
to closed files. not doing so causes the wrong file
descriptors being closed later on as the fd numbers
get reused.
the FCA registers 0x28, 0x2C have been reassigned to
to FEXTNVM on i217, i218 and i219 so add Fnofca flag
and avoid writing the registers.
make link detection more robust on i217 by delaying the
phy status read after link status change by 150ms. we'd
otherwise get a "phy wedged" (power saving state?) and
not update the link status until the next link change.
the max packet size is configured in 1K increments on these chips,
which can result in the card receiving a 10K packet but the
driver having only allocated 9.5K of buffer. this actually caued
pool corruption with i210, i217, i218, i219, i350.
for 82598 and x550, we explicitely round rbsz to avoid similar bugs
in the future, even tho the Rbsz constant was already a multiple of
1K and is not affected by the bug.
the lru is there to track least recently used messages so
we can evict them from the cache and refetch them again on
demand. for pop3 mailbox, which doesnt provide fetch routine,
the messages should never be put on the freelist.
The previous attempt to fix this problem (see changesets b32199e0f90a
and 00ae79a6ba50) caused all calls to cachefree to free the cached
message contents in addition to updating the LRU list. This causes
problems for the POP3 driver since it provides no fetch function; once
a message is evicted from the LRU cache, its contents is lost.
This time we fix cachefree to always update the LRU list but only free
the cached message contents if the driver provides a fetch function or
the force flag is set.
Some SD card readers are slow to unstall. We try to unstall them
in a loop if there's no SD card in there, but they're not stalled.
They're happily reporting that there's no SD card in them by giving
back the appropriate error code.
Skipping the unstall speeds up the retry loop, cutting the time spent
attaching the USB device at boot from multiple minutes to nearly instant.
Force the cacheclear operation in the LRU cache trimming loop in order
to guarantee that the cache becomes smaller with each iteration.
Without the force flag cacheclear is a no-op for mailboxes that do not
provide a fetch function, e.g. POP3.
because a client might not handle resize, rio would try to move ther
window offsceen after 750 ms. however, it does this by window name,
which could have been reassigned by another concurrent rio, causing the
wrong window to disappear.
now we always move the window offscreen before freeimage(). this way we
are sure to still have the right reference to the original window.
segclock() has to be called from hzclock(), otherwise
only processes running on cpu0 would catche the interrupt
and the time delta would be wrong.
lock the segment when allocating Seg->profile as
profile ctl might be issued from multiple processes.
Proc->debug qlock is not sufficient.
Seg->profile can never be freed or reallocated once
set as the timer interrupt accesses it without any
locking.
