- make kata-uart-client use dependent on a new "sparrow_uart_support"
feature; this is needed for headless operation and for platforms
without a working uart driver
- add a mechanism where an "autostart.repl" file is fetched from the
builtins (if present) and passed through the shell; output goes to
the uart if configured, otherwise the kernel or /dev/nnull
- add a new "source" shell command that interprets the contents of a
builtins file as console input
- rework the command interpreter to support autostart & source
- move the logging hookup to kata-debug-console so the system builds
when no uart support is conffigured (need to add fallback to debug
syscalls in case that works when no driver is present)
Change-Id: I5e6725c93488a48d212dfaca425ede37cbdb72e5
GitOrigin-RevId: 6f360cab71ea103af52e3c68ca240fc16e0f20bb
The "ml_support" feature controls MlCoordinator commands are included.
The "TEST_ML_COORDINATOR" feature is now dependent on "ml_support".
Change-Id: I13e3e0b467f006a564bb2cf4839a11ab8a1b04c8
GitOrigin-RevId: 133e8842848c73644e593ebfd4c9115fde1afd3b
Setup a connection to the SDKRuntime for each application. To do this
add an SDKManager interface to the SDKRuntime for the ProcessManager to
obtain a badged endpoint and install that in each application's CNode.
SDKRuntime now rejects requests received without a registered badge.
RPC's are handled entirely in Rust (no CAmkES). ProcessManager sets up
RPC resources and delivers them to an application through registers.
The application-side SDK runtime uses the resources to marshal RPC
parameters in a page that is attached to the IPC buffer sent to the
SDKRuntime. Reply parameters are written to the shared page and decoded
on return.
Overhaul the SDKRuntime api to be like SecurityCoordinator to consolidate
parameter marhsaling/unmarshaling and to simplify adding new methods.
Rust applications use the SDKRuntime interface directly. C application
will wrap a C interface around the Rust impl (TBD).
Specific changes:
- add SDKManagerInterface
- sel4bundle now plumbs a connection to the SDKRuntime, the CNode slot
with the capability is passed to the application to future-proof CNode
setup changes (an alternative is to use a global const since we control
the application-side runtime api's)
- add kata-sdk-manager crate with SDKManager client interface support;
the only api's are get_endpoint (to get a badged endpoint to SDKRuntime),
release_endpoint (to remove a badged endpoint), and capscan (to dump
the SDKRuntime's top-level CNode)
- add "capscan sdk" in the shell to inspect the SDKRuntime service
- make SDKRuntime require a registered badge on inbound IPCs
- fill-in ping & log SDK api's
- connect ProcessManager to SDKRuntime for SDKManager api use,
everything else happens outside CAmkES
- make SDKRuntime lock against concurrent requests--the SDKManager
runs concurrently and shares SDKRuntime state
- remove kata-shell test_sdk_* commands (replaced by test applications)
Change-Id: I7810949ad0051ff8eda244e0385f662882a556e4
GitOrigin-RevId: 5fef55428e076f670cff325965047c98d84cfbca
StorageManager (the component) did nothing useful so remove it and plumb
the only user (DebugConsole) directly to the SecurityCoordinator. When
the SDKRuntime is ready it likewise will talk directly to
SecurityCoordinator. The only visible change in this is the "kvread" shell
command displays the raw key value instead of converting it to a string.
Change-Id: I5a285dc083e5f02ecbf0defc83deebb34a7b38d7
GitOrigin-RevId: 70d04d8155167f9bf3f88291363760d91c10a279
- replace the memory-mapped elf file by a cpio archive of bundle
objects (BundleImages until we fill in what a bundle is)
- add a new "builtins" command to list the contents of the cpio
archive (similar to cpio -t)
- extend the "install" command to load from the builtins archive
- switch the connection to ProcessManager to support the larger
ObjDescBundle's coming from the cpio archive
Change-Id: I5d7c195b58937df3921f925de3637f325f53fa2f
GitOrigin-RevId: 410813e62ae8f38685a1b32deb2e80de538085a4
- change zmodem uploads to get memory from the MemoryManager
- add a "-z" option to the "install" command to start a zmodem upload
to generate the package contents to send to ProcessManager
- increase CNode headroom for loading package contents
Change-Id: I5f329cdd044368e5568ad891245d67a4a13f8468
GitOrigin-RevId: 2853cde48cb8232f3ba75fe7e8efdbd3032bcb66
Add support for BundleImage, a file format for loading applications and
models from a bundle. BundleImage is simple, compact, and streamable,
BundleImage files are constructed with the prepare_bundle_image tool.
TODO: add compression
TODO: check crc32
Change-Id: I0770608a075cac9754a54e0bb244d75673ae1be6
GitOrigin-RevId: 368dabd3a5af19d47fe7f8084b8a0a0b57b8471d
Mark each component that depends on component.kataos.c features with a
"kataos" attribute.
Change-Id: I7e2e3f9010a7aa717d4fe3dfc2f088cbd1a66488
GitOrigin-RevId: 2967036cf4e70edc3f96d2ead45ecfe9e42fd7fa
The MemoryManager service allocates & frees seL4 objects. Requests can be
batched. Capabilities to dynamically allocated objects are moved in CNode
containers attached to IPC requests.
Specific changes:
- Add new CAmkES MemoryManager component.
- Add api's for allocating & freeing singleton objects (e.g.
kata_cnode_alloc) and batches of objects (kata_object_alloc &
kata_object_free).
- Add support to kata-os-rootserver to hand-off UntypedMemory objects
just before terminating. The objects are placed directly in the
MemoryManager's top-level CNode and a BootInfo frame is constructed
that describes where the objects are.
- Switch the rootserver to kata-os-rootserver as the C version lacks
the UntypedMemory hand-off.
- Add test_bootinfo kata-shell command to dump the MemoryManager BootInfo
frame contents (broken for now because it directlry references the
shared page).
- Add test_obj_alloc kata-shell command that exercises the MemoryManager
singleton and batch api's
While here, did some cleanup of arg handling in kata-shell.
TODO: top-level object allocations use a simplistic capability allocator
TODO: move test_bootinfo to the MemoryManager and add an interface rpc
Change-Id: I778b2d5fe7f2f9b65ee642ff905cf56d4b2b02fd
GitOrigin-RevId: 7fc72d1927bba165234955e68f8b9ad1b556f6fb
* changes:
Replace SeL4Debug with direct syscalls.
sel4-sys: fix conditional syscall numbering
sel4-sys: use target_arch &co to select target architecture
kata-os-common: add sel4-sys support for riscv32
kata-os-common: cleanup sel4-sys before bringing in local changes
kata-os-common: pristine import of sel4-sys-0.0.28 (-seL4 submodule)
GitOrigin-RevId: 36ee1d4f9e521b60fdc6b91f2581413b55882fca
- add SecurityCoordinator component (needs mailbox support, just
a fake which should be enabled with a feature flag)
- connect to ProcessManager & MlCoordinator - temproarily connect
to DebugConsole to enable scecho test command
- expand Bundle to hold application information (may need more elf)
- connect ProcessManager::{install, uninstall} to SecurityCoordinator
(no application binary yet, needs global page allocator)
Notes:
- SecurityCoordinator depends on camkes for thread synchronization
- private heap is 8KB (and could possible be less; need to tune)
- camkes interface connection uses seL4RPCOverMultiSharedData so ipc
buffers are 4KB; the request & reply serde buffers are 2KB but could
be near 4KB since they are used sequentially and the other params
are a few bytes (but beware of camkes stack allocation)
- the camkes SecurityCoordinator::request rpc is defined so that the
request param has reasonable handling but the reply param requires
a full copy (even if only partly used); haven't found a way to
express the desired handling
Change-Id: I686dc2d501e39bc8c27fe22db40657165a55b472
GitOrigin-RevId: db1536c241e28ddda1dc8f8da341b8c667ed6646
This ends the behavior where log messages would block on the prompt.
This change does not fix the potential race on dataports if
kata-uart-client read or write has multiple concurrent callers. A later
change will protect those using CAmkES mutexes, although the
alternative of having DebugConsole *own* the UART should also be
considered.
Change-Id: I8d5d8336cd58b9f22cca81ae6aca13b4ed57e7e4
GitOrigin-RevId: e781fd8454d22e0f829d788fe602e431551e259a
Add a VectorCoreDriver component that handles setting vector core CSRs.
Rewrite MLCoordinator to conform to other Kata components. The old code
wasn't useful.
Add `test_mlexecute` command for running ML. Add plumbing from shell to
coordinator.
Change-Id: I3d563f1a343361c95d3ad5b78231fbe9df32b851
GitOrigin-RevId: f3c38839f708743de596339d1b8173315283b772
- Split support into three levels:
o kata_proc_manager::process_manager is a single-threaded implementation
of ProcessManagerInterface and PackageManagerInterface that uses an
abstract manager interface to carry out low-level work (used mainly
to inject fakes for unit testing).
o kata_proc_manager is a thread-safe wrapper around process_manager that
has the manager interfaces bound to KataOS; this is the level at which
we integrate with external components.
o kata_proc_component is the top-level glue code for the ProcessManager
camkes component; it has a pre_init function to setup rust support
(logger, allocator, etc), a run function for the component's control
block, and wrapper functions for the camkes ProcessControl and
PackageManagement interfaces.
- Add install, uninstall, start, stop, and bundles shell commands for
exercising ProcessControlInterface & PackageManagementInterface.
Specifics:
- Bundle id's are now treated internally as SmallString's with &str
used for passing bundle id's through api's. The BundleId type is
temporarily used for get_running_bundles() to return information (but
see below about RawBundleIdData).
- ArrayVec's are replaced with a hashbrown::HashMap
- Bundle objects are Box'd instead of holding refs (now that we have an
allocator); this eliminates lifetime constraints.
- The manager interface is Box'd to eliminate lifetime constraints.
- Purge ProcessManager::empty(), it's infeasible with the hashmap and
is not needed with kata_proc_manager support for static decls.
- Add RawBundleIdData support for serialize+deserialize of BundleIdArray;
no more leaking internal data types to client code.
- Remove bounds check on #bundles recorded; set a nominal capacity
and fallback to dynamic allocation of the hashmap.
- Manually update ProcessManagerBindings.h (using cbindgen).
Change-Id: I08deaecc997ea96cb794808036540bedd58b3fa4
GitOrigin-RevId: 6e0826940b43b1295d39769b57812a9494b5a4cb
- add a SeL4Debug component that wraps seL4DebugPutString and seL4DumpScheduler
system calls that are marked static inline (so not callable from rust)
- connect seL4Debug to the DebugConsole and add a "ps" command to the shell
that uses sel4DumpScheduler to print the tcb's on the console; e.g.
KATA_PROMPT> ps
Dumping all tcbs!
Name State IP Prio Core
--------------------------------------------------------------------------------------
sel4debug:sel4debug running 0x1017e 254 0
sel4debug:fault_handler blocked on recv 0x1046e 255 0
sel4debug:control blocked on recv 0x1046e 254 0
drv:uart blocked on recv 0x11dc4 254 0
drv:fault_handler blocked on recv 0x105d4 255 0
drv:control blocked on recv 0x105d4 254 0
debug_console:fault_handler blocked on recv 0x10840 255 0
debug_console:control blocked on reply 0x12808 254 0
idle_thread idle 0 0 0
rootserver inactive 0x10558 255 0
Change-Id: I48496ec0002e3307aaeb5c779319d4beb87ae56b
GitOrigin-RevId: 8665f609bdb7efd3b814b4f40abf08c5dd1e863d
This also adds a skeleton for the DebugConsole CLI taking IO from a UART
via some Rust wrapper functions, also defined in this change
(kata-uart-client).
Change-Id: I56856c14992010483da58c45f6550c0a4c9987b0
GitOrigin-RevId: e1b2d65ed3a7f627a9f7377caa407151fc943864
