Changeset c739102 in mainline for kernel/generic/src

Timestamp:

2012-11-21T23:26:22Z (13 years ago)

Author:

Jan Vesely <jano.vesely@…>

Branches:

lfn, master, serial, ticket/834-toolchain-update, topic/msim-upgrade, topic/simplify-dev-export

Children:

0f2c80a

Parents:

bebf97d (diff), 1f7753a (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the (diff) links above to see all the changes relative to each parent.

Message:

Mainline changes.

Location:

kernel/generic/src

Files:

• interrupt/interrupt.c (modified) (1 diff)
• main/kinit.c (modified) (1 diff)
• mm/as.c (modified) (17 diffs)
• mm/backend_anon.c (modified) (8 diffs)
• mm/backend_elf.c (modified) (3 diffs)
• mm/backend_phys.c (modified) (3 diffs)
• mm/km.c (modified) (3 diffs)
• proc/program.c (modified) (2 diffs)
• proc/task.c (modified) (1 diff)

kernel/generic/src/interrupt/interrupt.c

@@ -168 +168 @@
 static NO_TRACE void fault_from_uspace_core(istate_t *istate, const char *fmt, va_list args)
 {
-        printf("Task %s (%" PRIu64 ") killed due to an exception at "
-            "program counter %p.\n", TASK->name, TASK->taskid,
-            (void *) istate_get_pc(istate));
-        
-        istate_decode(istate);
-        stack_trace_istate(istate);
-        
-        printf("Kill message: ");
-        vprintf(fmt, args);
-        printf("\n");
+        if (!TASK->silent_kill) {
+                printf("Task %s (%" PRIu64 ") killed due to an exception at "
+                    "program counter %p.\n", TASK->name, TASK->taskid,
+                    (void *) istate_get_pc(istate));
+        
+                istate_decode(istate);
+                stack_trace_istate(istate);
+        
+                printf("Kill message: ");
+                vprintf(fmt, args);
+                printf("\n");
+        }
         
         task_kill_self(true);

kernel/generic/src/main/kinit.c

@@ -172 +172 @@
 #endif /* CONFIG_KCONSOLE */
         
+        /*
+         * Store the default stack size in sysinfo so that uspace can create
+         * stack with this default size.
+         */
+        sysinfo_set_item_val("default.stack_size", NULL, STACK_SIZE_USER);
+        
         interrupts_enable();
         

kernel/generic/src/mm/as.c

@@ -285 +285 @@
 /** Check area conflicts with other areas.
  *
- * @param as    Address space.
- * @param addr  Starting virtual address of the area being tested.
- * @param count Number of pages in the area being tested.
- * @param avoid Do not touch this area.
+ * @param as      Address space.
+ * @param addr    Starting virtual address of the area being tested.
+ * @param count   Number of pages in the area being tested.
+ * @param guarded True if the area being tested is protected by guard pages.
+ * @param avoid   Do not touch this area.
  *
  * @return True if there is no conflict, false otherwise.
@@ -294 +295 @@
  */
 NO_TRACE static bool check_area_conflicts(as_t *as, uintptr_t addr,
-    size_t count, as_area_t *avoid)
+    size_t count, bool guarded, as_area_t *avoid)
 {
         ASSERT((addr % PAGE_SIZE) == 0);
         ASSERT(mutex_locked(&as->lock));
+
+        /*
+         * If the addition of the supposed area address and size overflows,
+         * report conflict.
+         */
+        if (overflows_into_positive(addr, P2SZ(count)))
+                return false;
         
         /*
@@ -304 +312 @@
         if (overlaps(addr, P2SZ(count), (uintptr_t) NULL, PAGE_SIZE))
                 return false;
-        
+
         /*
          * The leaf node is found in O(log n), where n is proportional to
@@ -328 +336 @@
                 if (area != avoid) {
                         mutex_lock(&area->lock);
-                        
+
+                        /*
+                         * If at least one of the two areas are protected
+                         * by the AS_AREA_GUARD flag then we must be sure
+                         * that they are separated by at least one unmapped
+                         * page.
+                         */
+                        int const gp = (guarded || 
+                            (area->flags & AS_AREA_GUARD)) ? 1 : 0;
+                        
+                        /*
+                         * The area comes from the left neighbour node, which
+                         * means that there already are some areas in the leaf
+                         * node, which in turn means that adding gp is safe and
+                         * will not cause an integer overflow.
+                         */
                         if (overlaps(addr, P2SZ(count), area->base,
+                            P2SZ(area->pages + gp))) {
+                                mutex_unlock(&area->lock);
+                                return false;
+                        }
+                        
+                        mutex_unlock(&area->lock);
+                }
+        }
+        
+        node = btree_leaf_node_right_neighbour(&as->as_area_btree, leaf);
+        if (node) {
+                area = (as_area_t *) node->value[0];
+                
+                if (area != avoid) {
+                        int gp;
+
+                        mutex_lock(&area->lock);
+
+                        gp = (guarded || (area->flags & AS_AREA_GUARD)) ? 1 : 0;
+                        if (gp && overflows(addr, P2SZ(count))) {
+                                /*
+                                 * Guard page not needed if the supposed area
+                                 * is adjacent to the end of the address space.
+                                 * We already know that the following test is
+                                 * going to fail...
+                                 */
+                                gp--;
+                        }
+                        
+                        if (overlaps(addr, P2SZ(count + gp), area->base,
                             P2SZ(area->pages))) {
                                 mutex_unlock(&area->lock);
@@ -339 +392 @@
         }
         
-        node = btree_leaf_node_right_neighbour(&as->as_area_btree, leaf);
-        if (node) {
-                area = (as_area_t *) node->value[0];
-                
-                if (area != avoid) {
-                        mutex_lock(&area->lock);
-                        
-                        if (overlaps(addr, P2SZ(count), area->base,
-                            P2SZ(area->pages))) {
-                                mutex_unlock(&area->lock);
-                                return false;
-                        }
-                        
-                        mutex_unlock(&area->lock);
-                }
-        }
-        
         /* Second, check the leaf node. */
         btree_key_t i;
         for (i = 0; i < leaf->keys; i++) {
                 area = (as_area_t *) leaf->value[i];
+                int agp;
+                int gp;
                 
                 if (area == avoid)
@@ -365 +403 @@
                 
                 mutex_lock(&area->lock);
-                
-                if (overlaps(addr, P2SZ(count), area->base,
-                    P2SZ(area->pages))) {
+
+                gp = (guarded || (area->flags & AS_AREA_GUARD)) ? 1 : 0;
+                agp = gp;
+
+                /*
+                 * Sanitize the two possible unsigned integer overflows.
+                 */
+                if (gp && overflows(addr, P2SZ(count)))
+                        gp--;
+                if (agp && overflows(area->base, P2SZ(area->pages)))
+                        agp--;
+
+                if (overlaps(addr, P2SZ(count + gp), area->base,
+                    P2SZ(area->pages + agp))) {
                         mutex_unlock(&area->lock);
                         return false;
@@ -377 +426 @@
         /*
          * So far, the area does not conflict with other areas.
-         * Check if it doesn't conflict with kernel address space.
+         * Check if it is contained in the user address space.
          */
         if (!KERNEL_ADDRESS_SPACE_SHADOWED) {
-                return !overlaps(addr, P2SZ(count), KERNEL_ADDRESS_SPACE_START,
-                    KERNEL_ADDRESS_SPACE_END - KERNEL_ADDRESS_SPACE_START);
+                return iswithin(USER_ADDRESS_SPACE_START,
+                    (USER_ADDRESS_SPACE_END - USER_ADDRESS_SPACE_START) + 1,
+                    addr, P2SZ(count));
         }
         
@@ -392 +442 @@
  * this function.
  *
- * @param as    Address space.
- * @param bound Lowest address bound.
- * @param size  Requested size of the allocation.
+ * @param as      Address space.
+ * @param bound   Lowest address bound.
+ * @param size    Requested size of the allocation.
+ * @param guarded True if the allocation must be protected by guard pages.
  *
  * @return Address of the beginning of unmapped address space area.
@@ -401 +452 @@
  */
 NO_TRACE static uintptr_t as_get_unmapped_area(as_t *as, uintptr_t bound,
-    size_t size)
+    size_t size, bool guarded)
 {
         ASSERT(mutex_locked(&as->lock));
@@ -423 +474 @@
         /* First check the bound address itself */
         uintptr_t addr = ALIGN_UP(bound, PAGE_SIZE);
-        if ((addr >= bound) &&
-            (check_area_conflicts(as, addr, pages, NULL)))
-                return addr;
+        if (addr >= bound) {
+                if (guarded) {
+                        /* Leave an unmapped page between the lower
+                         * bound and the area's start address.
+                         */
+                        addr += P2SZ(1);
+                }
+
+                if (check_area_conflicts(as, addr, pages, guarded, NULL))
+                        return addr;
+        }
         
         /* Eventually check the addresses behind each area */
@@ -439 +498 @@
                         addr =
                             ALIGN_UP(area->base + P2SZ(area->pages), PAGE_SIZE);
+
+                        if (guarded || area->flags & AS_AREA_GUARD) {
+                                /* We must leave an unmapped page
+                                 * between the two areas.
+                                 */
+                                addr += P2SZ(1);
+                        }
+
                         bool avail =
                             ((addr >= bound) && (addr >= area->base) &&
-                            (check_area_conflicts(as, addr, pages, area)));
+                            (check_area_conflicts(as, addr, pages, guarded, area)));
                         
                         mutex_unlock(&area->lock);
@@ -481 +548 @@
         if (size == 0)
                 return NULL;
-        
+
         size_t pages = SIZE2FRAMES(size);
         
@@ -487 +554 @@
         if ((flags & AS_AREA_EXEC) && (flags & AS_AREA_WRITE))
                 return NULL;
+
+        bool const guarded = flags & AS_AREA_GUARD;
         
         mutex_lock(&as->lock);
         
         if (*base == (uintptr_t) -1) {
-                *base = as_get_unmapped_area(as, bound, size);
+                *base = as_get_unmapped_area(as, bound, size, guarded);
                 if (*base == (uintptr_t) -1) {
                         mutex_unlock(&as->lock);
@@ -497 +566 @@
                 }
         }
-        
-        if (!check_area_conflicts(as, *base, pages, NULL)) {
+
+        if (overflows_into_positive(*base, size))
+                return NULL;
+
+        if (!check_area_conflicts(as, *base, pages, guarded, NULL)) {
                 mutex_unlock(&as->lock);
                 return NULL;
@@ -625 +697 @@
                 return ENOENT;
         }
-        
-        if (area->backend == &phys_backend) {
-                /*
-                 * Remapping of address space areas associated
-                 * with memory mapped devices is not supported.
+
+        if (!area->backend->is_resizable(area)) {
+                /*
+                 * The backend does not support resizing for this area.
                  */
                 mutex_unlock(&area->lock);
@@ -776 +847 @@
                 /*
                  * Growing the area.
+                 */
+
+                if (overflows_into_positive(address, P2SZ(pages)))
+                        return EINVAL;
+
+                /*
                  * Check for overlaps with other address space areas.
                  */
-                if (!check_area_conflicts(as, address, pages, area)) {
+                bool const guarded = area->flags & AS_AREA_GUARD;
+                if (!check_area_conflicts(as, address, pages, guarded, area)) {
                         mutex_unlock(&area->lock);
                         mutex_unlock(&as->lock);
@@ -979 +1057 @@
         }
         
-        if ((!src_area->backend) || (!src_area->backend->share)) {
-                /*
-                 * There is no backend or the backend does not
-                 * know how to share the area.
+        if (!src_area->backend->is_shareable(src_area)) {
+                /*
+                 * The backend does not permit sharing of this area.
                  */
                 mutex_unlock(&src_area->lock);

kernel/generic/src/mm/backend_anon.c

@@ -59 +59 @@
 static void anon_destroy(as_area_t *);
 
+static bool anon_is_resizable(as_area_t *);
+static bool anon_is_shareable(as_area_t *);
+
 static int anon_page_fault(as_area_t *, uintptr_t, pf_access_t);
 static void anon_frame_free(as_area_t *, uintptr_t, uintptr_t);
@@ -68 +71 @@
         .destroy = anon_destroy,
 
+        .is_resizable = anon_is_resizable,
+        .is_shareable = anon_is_shareable,
+
         .page_fault = anon_page_fault,
         .frame_free = anon_frame_free,
@@ -74 +80 @@
 bool anon_create(as_area_t *area)
 {
+        if (area->flags & AS_AREA_LATE_RESERVE)
+                return true;
+
         return reserve_try_alloc(area->pages);
 }
@@ -79 +88 @@
 bool anon_resize(as_area_t *area, size_t new_pages)
 {
+        if (area->flags & AS_AREA_LATE_RESERVE)
+                return true;
+
         if (new_pages > area->pages)
                 return reserve_try_alloc(new_pages - area->pages);
@@ -100 +112 @@
         ASSERT(mutex_locked(&area->as->lock));
         ASSERT(mutex_locked(&area->lock));
+        ASSERT(!(area->flags & AS_AREA_LATE_RESERVE));
 
         /*
@@ -139 +152 @@
 void anon_destroy(as_area_t *area)
 {
+        if (area->flags & AS_AREA_LATE_RESERVE)
+                return;
+
         reserve_free(area->pages);
 }
 
+bool anon_is_resizable(as_area_t *area)
+{
+        return true;
+}
+
+bool anon_is_shareable(as_area_t *area)
+{
+        return !(area->flags & AS_AREA_LATE_RESERVE);
+}
 
 /** Service a page fault in the anonymous memory address space area.
@@ -225 +250 @@
                  *   the different causes
                  */
+
+                if (area->flags & AS_AREA_LATE_RESERVE) {
+                        /*
+                         * Reserve the memory for this page now.
+                         */
+                        if (!reserve_try_alloc(1)) {
+                                printf("Killing task %" PRIu64 " due to a "
+                                    "failed late reservation request.\n",
+                                    TASK->taskid);
+                                TASK->silent_kill = true;
+                                return AS_PF_FAULT;
+                        }
+                }
+
                 kpage = km_temporary_page_get(&frame, FRAME_NO_RESERVE);
                 memsetb((void *) kpage, PAGE_SIZE, 0);
@@ -255 +294 @@
         ASSERT(mutex_locked(&area->lock));
 
-        frame_free_noreserve(frame);
+        if (area->flags & AS_AREA_LATE_RESERVE) {
+                /*
+                 * In case of the late reserve areas, physical memory will not
+                 * be unreserved when the area is destroyed so we need to use
+                 * the normal unreserving frame_free().
+                 */
+                frame_free(frame);
+        } else {
+                /*
+                 * The reserve will be given back when the area is destroyed or
+                 * resized, so use the frame_free_noreserve() which does not
+                 * manipulate the reserve or it would be given back twice.
+                 */
+                frame_free_noreserve(frame);
+        }
 }
 

kernel/generic/src/mm/backend_elf.c

@@ -58 +58 @@
 static void elf_destroy(as_area_t *);
 
+static bool elf_is_resizable(as_area_t *);
+static bool elf_is_shareable(as_area_t *);
+
 static int elf_page_fault(as_area_t *, uintptr_t, pf_access_t);
 static void elf_frame_free(as_area_t *, uintptr_t, uintptr_t);
@@ -66 +69 @@
         .share = elf_share,
         .destroy = elf_destroy,
+
+        .is_resizable = elf_is_resizable,
+        .is_shareable = elf_is_shareable,
 
         .page_fault = elf_page_fault,
@@ -213 +219 @@
 }
 
+bool elf_is_resizable(as_area_t *area)
+{
+        return true;
+}
+
+bool elf_is_shareable(as_area_t *area)
+{
+        return true;
+}
+
+
 /** Service a page fault in the ELF backend address space area.
  *

kernel/generic/src/mm/backend_phys.c

@@ -52 +52 @@
 static void phys_destroy(as_area_t *);
 
+static bool phys_is_resizable(as_area_t *);
+static bool phys_is_shareable(as_area_t *);
+
+
 static int phys_page_fault(as_area_t *, uintptr_t, pf_access_t);
 
@@ -59 +63 @@
         .share = phys_share,
         .destroy = phys_destroy,
+
+        .is_resizable = phys_is_resizable,
+        .is_shareable = phys_is_shareable,
 
         .page_fault = phys_page_fault,
@@ -87 +94 @@
         /* Nothing to do. */
 }
+
+bool phys_is_resizable(as_area_t *area)
+{
+        return false;
+}
+
+bool phys_is_shareable(as_area_t *area)
+{
+        return true;
+}
+
 
 /** Service a page fault in the address space area backed by physical memory.

kernel/generic/src/mm/km.c

@@ -233 +233 @@
  * @param[inout] framep Pointer to a variable which will receive the physical
  *                      address of the allocated frame.
- * @param[in] flags     Frame allocation flags. FRAME_NONE or FRAME_NO_RESERVE.
+ * @param[in] flags     Frame allocation flags. FRAME_NONE, FRAME_NO_RESERVE
+ *                      and FRAME_ATOMIC bits are allowed.
  * @return              Virtual address of the allocated frame.
  */
@@ -243 +244 @@
         ASSERT(THREAD);
         ASSERT(framep);
-        ASSERT(!(flags & ~FRAME_NO_RESERVE));
+        ASSERT(!(flags & ~(FRAME_NO_RESERVE | FRAME_ATOMIC)));
 
         /*
@@ -255 +256 @@
                 ASSERT(page);   // FIXME
         } else {
-                frame = (uintptr_t) frame_alloc_noreserve(ONE_FRAME,
-                    FRAME_LOWMEM);
+                frame = (uintptr_t) frame_alloc(ONE_FRAME,
+                    FRAME_LOWMEM | flags);
+                if (!frame)
+                        return (uintptr_t) NULL;
                 page = PA2KA(frame);
         }

kernel/generic/src/proc/program.c

@@ -79 +79 @@
          * Create the stack address space area.
          */
-        uintptr_t virt = USTACK_ADDRESS;
+        uintptr_t virt = (uintptr_t) -1;
+        uintptr_t bound = USER_ADDRESS_SPACE_END - (STACK_SIZE_USER - 1);
+
+        /* Adjust bound to create space for the desired guard page. */
+        bound -= PAGE_SIZE;
+
         as_area_t *area = as_area_create(as,
-            AS_AREA_READ | AS_AREA_WRITE | AS_AREA_CACHEABLE,
-            STACK_SIZE, AS_AREA_ATTR_NONE, &anon_backend, NULL, &virt, 0);
+            AS_AREA_READ | AS_AREA_WRITE | AS_AREA_CACHEABLE | AS_AREA_GUARD |
+            AS_AREA_LATE_RESERVE, STACK_SIZE_USER, AS_AREA_ATTR_NONE,
+            &anon_backend, NULL, &virt, bound);
         if (!area) {
                 task_destroy(prg->task);
@@ -93 +99 @@
         kernel_uarg->uspace_entry = (void *) entry_addr;
         kernel_uarg->uspace_stack = (void *) virt;
-        kernel_uarg->uspace_stack_size = STACK_SIZE;
+        kernel_uarg->uspace_stack_size = STACK_SIZE_USER;
         kernel_uarg->uspace_thread_function = NULL;
         kernel_uarg->uspace_thread_arg = NULL;

kernel/generic/src/proc/task.c

@@ -196 +196 @@
         task->ucycles = 0;
         task->kcycles = 0;
+
+        task->silent_kill = false;
         
         task->ipc_info.call_sent = 0;