- make kata-uart-client use dependent on a new "sparrow_uart_support"
feature; this is needed for headless operation and for platforms
without a working uart driver
- add a mechanism where an "autostart.repl" file is fetched from the
builtins (if present) and passed through the shell; output goes to
the uart if configured, otherwise the kernel or /dev/nnull
- add a new "source" shell command that interprets the contents of a
builtins file as console input
- rework the command interpreter to support autostart & source
- move the logging hookup to kata-debug-console so the system builds
when no uart support is conffigured (need to add fallback to debug
syscalls in case that works when no driver is present)
Change-Id: I5e6725c93488a48d212dfaca425ede37cbdb72e5
GitOrigin-RevId: 6f360cab71ea103af52e3c68ca240fc16e0f20bb
Adds a kata-io-compatible client that returns data from a slice and
sends writes to the kernel (if possible) or discards them. This will
be used for running cli scripts and for platforms that do not have a
uart device/driver.
Change-Id: I84facebf16eb9b6692e872e930db027998dd160f
GitOrigin-RevId: 11a3502fb2f8716f9d1a204519b5e93162274590
The "ml_support" feature controls MlCoordinator commands are included.
The "TEST_ML_COORDINATOR" feature is now dependent on "ml_support".
Change-Id: I13e3e0b467f006a564bb2cf4839a11ab8a1b04c8
GitOrigin-RevId: 133e8842848c73644e593ebfd4c9115fde1afd3b
We added Debug formatting of the error status to the rcore-os/cpio crate.
Remove use so this code builds with the upstream crate unchanged (it
was mostly useful during development).
Change-Id: Ibc83fc2201c128ec7362c60afaebba584c7eaecd
GitOrigin-RevId: 4af28c4d281e7ff5e74d8c0a21d0f774b9a1eeb0
Setup a connection to the SDKRuntime for each application. To do this
add an SDKManager interface to the SDKRuntime for the ProcessManager to
obtain a badged endpoint and install that in each application's CNode.
SDKRuntime now rejects requests received without a registered badge.
RPC's are handled entirely in Rust (no CAmkES). ProcessManager sets up
RPC resources and delivers them to an application through registers.
The application-side SDK runtime uses the resources to marshal RPC
parameters in a page that is attached to the IPC buffer sent to the
SDKRuntime. Reply parameters are written to the shared page and decoded
on return.
Overhaul the SDKRuntime api to be like SecurityCoordinator to consolidate
parameter marhsaling/unmarshaling and to simplify adding new methods.
Rust applications use the SDKRuntime interface directly. C application
will wrap a C interface around the Rust impl (TBD).
Specific changes:
- add SDKManagerInterface
- sel4bundle now plumbs a connection to the SDKRuntime, the CNode slot
with the capability is passed to the application to future-proof CNode
setup changes (an alternative is to use a global const since we control
the application-side runtime api's)
- add kata-sdk-manager crate with SDKManager client interface support;
the only api's are get_endpoint (to get a badged endpoint to SDKRuntime),
release_endpoint (to remove a badged endpoint), and capscan (to dump
the SDKRuntime's top-level CNode)
- add "capscan sdk" in the shell to inspect the SDKRuntime service
- make SDKRuntime require a registered badge on inbound IPCs
- fill-in ping & log SDK api's
- connect ProcessManager to SDKRuntime for SDKManager api use,
everything else happens outside CAmkES
- make SDKRuntime lock against concurrent requests--the SDKManager
runs concurrently and shares SDKRuntime state
- remove kata-shell test_sdk_* commands (replaced by test applications)
Change-Id: I7810949ad0051ff8eda244e0385f662882a556e4
GitOrigin-RevId: 5fef55428e076f670cff325965047c98d84cfbca
StorageManager (the component) did nothing useful so remove it and plumb
the only user (DebugConsole) directly to the SecurityCoordinator. When
the SDKRuntime is ready it likewise will talk directly to
SecurityCoordinator. The only visible change in this is the "kvread" shell
command displays the raw key value instead of converting it to a string.
Change-Id: I5a285dc083e5f02ecbf0defc83deebb34a7b38d7
GitOrigin-RevId: 70d04d8155167f9bf3f88291363760d91c10a279
This includes adding it to TOML files and CAmkES assembly files.
Change-Id: I263e7a566df91fccc04f9b2186edab13331290c5
GitOrigin-RevId: 48a35b06ca868a0a4d379f881068cc4dad491669
* changes:
kata: LSC: rustfmt with global rustfmt.toml
kata: update global rustfmt flags
kata: Promote rustfmt.toml to all kata crates
GitOrigin-RevId: 452e66fa7231f39cff81dc2fbe37ad1a1fc62fb9
Add support to output the contents of the top-level CNode of a CAmkES
service or KataOS application to the serial console. This is dependent
on kernel support that is enabled with CONFIG_PRINTING. Applications
must be running; otherwise there is no CSpace to dump.
Specific changes:
- add a "capscan" shell command
- add capscan method to each CAmkES interface
- add capscan_bundle method to the ProcessControlInterface
- add Camkes::capscan() to dump the top-level CNode
- add ProcessManager support to dump the CNode for a bundle
TODO: fix syscall wrapper error return
Change-Id: If6ca222decdb4c40a1d3a63e69792eb3feb30f6a
GitOrigin-RevId: 504c0182ccccf287b5d58cd8e33981c11d7539d7
- Use seL4_Untyped_Describe to get an accurate view of each
UntypedMemory slab being managed; this makes mstats reflect
rootserver allocations.
- Track memory allocated before we run as "overhead" (was meant to
track fragmentation but was always zero).
- Add an "mdebug" command to describe each managed memory slab;
this is useful to see whether the kernel's view of memory use is
consistent with MemoryManager.
Change-Id: I53b2738c430ad3356ecd16a1cad29ca92dc74beb
GitOrigin-RevId: 2ad43f9b7760c722a6590ea049a3814c8dcccba7
Bug: 233102476
Writing >CIRCULAR_BUFFER_CAPACITY bytes to the uart will hang because
of a missing unlock of the tx_mutex.
While here add a shell test command that was used to debug the issue
(but don't enable it by default).
Change-Id: I3e35001a653fe2659fb1534e4100727b69f662a1
GitOrigin-RevId: 550b35c88328dcbd1f87dd8e0209b1faabf7f931
Add features to control the log level used before reaching the shell
prompt (where the "loglevel" command can be used to control log
filtering). The default log level is Info. LOG_DEBUG forces it to
Debug. LOG_TRACE forces it to Trace (max).
Change-Id: Ic55eaf3cd08fc101c53319b5a45a2c7de6f94a66
GitOrigin-RevId: 5500ac5d65186773d5304a75d03295e09b2e9a63
Now that there's MemoryManager integration for zmodem uploads we no longer
need an outsized heap; make it 16KB for now (likely can be smaller).
Change-Id: I3b991ef794c0e718934d055e41aef9abc48b1d6b
GitOrigin-RevId: 7145b14fca96f59ff76497be29da6b1f447c15b0
Change the fake to behave as the real impl will for LoadModel &
LoadApplication: return a deep copy of the saved package contents as
would happen if the data were pulled from flash. Match this behaviour in
the kata-shell SecurityCoordinator test commands and the MlCoordinator
by taking ownership of the received objects and free'ing them when no
longer needed.
With these changes one can install a bundle and repeatedly load_application
without leaking any memory, capabilities, or slots in the toplevel CNode
of the caller (DebugConsole in this case).
Likewise doing install of a model, test_mlexecute, and then uninstall
of the model's bundle returns all resources.
Specific changes:
- correctly release resources in kata-shell load_application & load_model
- correct release of bundle_frames in seL4BundleImpl::stop
- release resources in MlCoordinator::load_model
- connect the MemoryInterface to the MlCoordinator so it can return memory
- setup two copyregions in the SecurityCoordinator to do the deep copy
- add ObjdDescBundle::cptr_iter for iterating over the set of seL4_CPtr's
- hack kata_frame_alloc_in_cnode to split requests according to the
kernel's config on the max Retype count
- while here switch test_mailbox to use one of the copyregions
TODO:
- deep_copy allocates all frames at once which requires a band-aid;
either hide that in MemoryManager or maybe allocate a page at a time
Change-Id: Ia425976b31ea7a32b1d0e4affc3a0ef9ba966c87
GitOrigin-RevId: 31d5bc99b569a5eab9c33c7e1014793bfe57161e
- fix size_buffer & get_manifest requests to marshal responses
- fix size_buffer marshaling (was always returning zero)
- format fakeimpl manifest string
- add shell test commands that exercise the api's (including the
key api's that were only reachable via the StorageManager)
Change-Id: Ia36906d975fb497e6de81e81fdaf2ff04c7a1e9a
GitOrigin-RevId: cad976c55c99724c2b7c5186b2864f7c44edef13
Add a new "camkes" submodule that consolidates KataOS CAmkES component
integration boilerplate. Each component is expected to declare:
static mut CAMKES: Camkes = Camkes::new("ProcessManager");
and then (typically) use "pre_init" to setup the logger, heap, and the
slot allocator. More fine-grained control is provided by:
fn init_logger(self: &Cmakes, level: Log::LevelFilter);
fn init_allocator(self: &Camkes, heap: &'static mut [u8]);
fn init_slot_allocator(self: &Camkes, first_slot: seL4_CPtr, last_slot: seL4_CPtr);
When receiving capabilities use "init_recv_path" to setup the IPCBuffer
receive path and "assert_recv_path" & "check_recv_path" calls to verify
noting has clobbered the setting.
The debug_assert_slot_* macros are wrapped in Camkes:: functions and a
"top_level_path" function for constructing seL4_CPath objects. Altogether
this normally allows a component to be written without direct use of the
CAmkES global static identifiers SELF_CNODE*.
Change-Id: Ia1351e411a5355789cf74bc0fcfe0e41a418b7d4
GitOrigin-RevId: fb81a8e0687ed9321c9961410edd5dbd54093ce5
Adds an architecture-independent api for sel4-sys interfaces similar
to what libsel4 does. For example, instead of seL4_RISCV_Page_Map use
seL4_Page_Map. This is mostly aliases for common types & system calls but
also features like the Grant right implying NoExecute for seL4_Page_Map.
While here fix crate paths to sel4-sys; everything external to
kata-os-common is intended to use kata-os-common::sel4-sys.
Change-Id: I6faa07d41ffd2fbb4182bf2fa7c05a768e4368f3
GitOrigin-RevId: f51e5186b61eab541e9fb4d2d4175adcc3ca8cee
This CL enables multiple outstanding periodic executions. To do so the
MlCoordinator now includes an array of started models and a queue of
models that are ready to be executed immediately. Additionally, each
periodic model has an associated timer. When that timer fires the model
is added to the execution queue. When a model finishes executing, the
next model is popped off the queue and executed. If a model becomes
ready when there's already an execution for it queued, that execution
is dropped and a warning printed. A cancel command is added to remove
periodic or outstanding executions.
A state debug command was also added.
Currently we can only load a single model due to limitations with the
StorageManager, but we can do so multiple times.
Tests:
Single shot: https://paste.googleplex.com/6704629669691392
Two periodic execs: https://paste.googleplex.com/5288292800004096
Overloaded warning: https://paste.googleplex.com/4549962219126784
Debug State:
KATA> state_mlcoord
kata_ml_coordinator::Running model: fubar:mobilenet_v1_emitc_static.model
kata_ml_coordinator::Loaded model: fubar:mobilenet_v1_emitc_static.model
kata_ml_coordinator::Loadable Models:
kata_ml_coordinator:: LoadableModel { bundle_id: "fubar", model_id: "mobilenet_v1_emitc_static.model", rate_in_ms: Some(2000) }
kata_ml_coordinator:: LoadableModel { bundle_id: "fubar", model_id: "mobilenet_v1_emitc_static.model", rate_in_ms: Some(6000) }
kata_ml_coordinator::Execution Queue:
kata_ml_coordinator:: fubar:mobilenet_v1_emitc_static.model
kata_ml_coordinator::Statistics: Statistics { load_failures: 0, already_queued: 0 }
Change-Id: I7637c9c390eb6ffd9ae22088f37b98c056a441c2
GitOrigin-RevId: 18c0d3fe740a37381f7f1eddee8f2224f679fd61
- replace the memory-mapped elf file by a cpio archive of bundle
objects (BundleImages until we fill in what a bundle is)
- add a new "builtins" command to list the contents of the cpio
archive (similar to cpio -t)
- extend the "install" command to load from the builtins archive
- switch the connection to ProcessManager to support the larger
ObjDescBundle's coming from the cpio archive
Change-Id: I5d7c195b58937df3921f925de3637f325f53fa2f
GitOrigin-RevId: 410813e62ae8f38685a1b32deb2e80de538085a4
- change zmodem uploads to get memory from the MemoryManager
- add a "-z" option to the "install" command to start a zmodem upload
to generate the package contents to send to ProcessManager
- increase CNode headroom for loading package contents
Change-Id: I5f329cdd044368e5568ad891245d67a4a13f8468
GitOrigin-RevId: 2853cde48cb8232f3ba75fe7e8efdbd3032bcb66
Add support for BundleImage, a file format for loading applications and
models from a bundle. BundleImage is simple, compact, and streamable,
BundleImage files are constructed with the prepare_bundle_image tool.
TODO: add compression
TODO: check crc32
Change-Id: I0770608a075cac9754a54e0bb244d75673ae1be6
GitOrigin-RevId: 368dabd3a5af19d47fe7f8084b8a0a0b57b8471d
- kata-allocator, kata-kata-logger, kata-panic, and kata-slot-allocator
are now submodules of kata-os-common
- be more consistent on use stmts (and remove unneeded deps)
- cleanup various deps on kata-panic that no longer seem to be needed
(likely due to using resolver=2)
Change-Id: I5d3f4b399e3be66c09c2f97c75d5e3053993ebdd
GitOrigin-RevId: 393e28fbb975959cba35388bab749b256cda0095
Mark each component that depends on component.kataos.c features with a
"kataos" attribute.
Change-Id: I7e2e3f9010a7aa717d4fe3dfc2f088cbd1a66488
GitOrigin-RevId: 2967036cf4e70edc3f96d2ead45ecfe9e42fd7fa
The MemoryManager service allocates & frees seL4 objects. Requests can be
batched. Capabilities to dynamically allocated objects are moved in CNode
containers attached to IPC requests.
Specific changes:
- Add new CAmkES MemoryManager component.
- Add api's for allocating & freeing singleton objects (e.g.
kata_cnode_alloc) and batches of objects (kata_object_alloc &
kata_object_free).
- Add support to kata-os-rootserver to hand-off UntypedMemory objects
just before terminating. The objects are placed directly in the
MemoryManager's top-level CNode and a BootInfo frame is constructed
that describes where the objects are.
- Switch the rootserver to kata-os-rootserver as the C version lacks
the UntypedMemory hand-off.
- Add test_bootinfo kata-shell command to dump the MemoryManager BootInfo
frame contents (broken for now because it directlry references the
shared page).
- Add test_obj_alloc kata-shell command that exercises the MemoryManager
singleton and batch api's
While here, did some cleanup of arg handling in kata-shell.
TODO: top-level object allocations use a simplistic capability allocator
TODO: move test_bootinfo to the MemoryManager and add an interface rpc
Change-Id: I778b2d5fe7f2f9b65ee642ff905cf56d4b2b02fd
GitOrigin-RevId: 7fc72d1927bba165234955e68f8b9ad1b556f6fb
This is a workaround for gdb complaints of the form:
Dwarf Error: Cannot find DIE at 0x5136b referenced from DIE at 0x57eed
Release builds continue to enable LTO.
BUG: 223253186
Change-Id: I137456045e842b2b93b32e0edd348ff916925c97
GitOrigin-RevId: 8ab2ab4fac615eb2a1a259a5a18aa410a4aae5fb
sel4-config is a build helper for keeping a crate's features in sync
with an seL4 kernel. sel4_config::get_sel4_features parses a gen_config.h
artifact from an seL4 build and returns the intersection of the feature
set with the features listed in the caller's Cargo.toml.
Change sel4-sys to use sel4-config to collect features (instead of
depending only on features from Cargo.toml). sel4-sys finds the directory
with kernel artifacts using an SEL4_OUT_DIR environment variable. If
that's not set it falls back to ${ROOTDIR}/out/kata/kernel.
Change workspace crates to use resolver="2" to deal with cargo's
mishandling of dependent features (target build of serde polluted by
std build-dep indirect through cargo_toml).
While here make sel4-sys fall back to ${ROOTDIR}/kata/kernel when SEL4_DIR
is not set in the environment.
Change-Id: I47cf2eab4aa8cd2e502f741738f587c222e94716
GitOrigin-RevId: b661f0b78c0bfe70861965a420d25add8a128cb7
Didn't find an explanation for why all versions of bare-io were yanked
but core2 has the Cursor support and is by the same author.
Change-Id: Id27adaa568a8e1b7b5825c8f81aa489a96675969
GitOrigin-RevId: 7fb8950938c9536a9c795b246d240fca756b3499
With logging on, the Rust logger trace messages do indeed cause the
sender to abort near the beginning of the upload.
Change-Id: I9ed150db1ad557034d1aefcc99385d771be3edd5
GitOrigin-RevId: 3815d6b21db1dc4978b19fc9b4307007d03e4b12
Using a buffered reader instead of the byte-at-a-time implementation
avoids doing a syscall for each byte.
Change-Id: Ia7bc42e4836593f358ff964962c910f8c94b6f8e
GitOrigin-RevId: e70697d398b07d6de6f03d1d0a4b5204139bc59a
* changes:
Replace SeL4Debug with direct syscalls.
sel4-sys: fix conditional syscall numbering
sel4-sys: use target_arch &co to select target architecture
kata-os-common: add sel4-sys support for riscv32
kata-os-common: cleanup sel4-sys before bringing in local changes
kata-os-common: pristine import of sel4-sys-0.0.28 (-seL4 submodule)
GitOrigin-RevId: 36ee1d4f9e521b60fdc6b91f2581413b55882fca
