This is now an app that can be loaded at runtime so remove the component.
Change-Id: Ibb851a64902e69322465fc729cf6d1876ae7943b
GitOrigin-RevId: b534499935f32dd7d7529af86dd5ee0843d9579a
So we don't need to maintain the version at two places.
Change-Id: Ibbbb9b7744bdd4e209404bf744e2f57e0022db7a
GitOrigin-RevId: 7583eaba9d5364e6c47ede3e5fed4505c73ae790
indexmap is a dependency crate of serde_ymal, which only loosely
specifies the major release version of indexmap. indexmap > 1.9.0
requires a newer version of Cargo (> 1.56.0-nightly). We can pin
the indexmap version to avoid updating the Cargo toolchain.
Change-Id: I66abb47ca58d081bb1dfe423ccb06b46859fd03e
GitOrigin-RevId: 77428ed6927a9634ccea4d644a221b835c4e6592
Two sdk-less applications modeled after minisel:
- hello: prints arguments to the console and loops
- fibonacci: calculates fibonacci #'s, printing state to the console
every second
You can start multiple fibonacci apps to verify multi-tasking.
Change-Id: I3f1fd79e939d106dc259a9fa923c7f7db4f9fa58
GitOrigin-RevId: 1de1ff4cacd7f7e58c3c35fa2215b9c31d3a21f3
- fix size_buffer & get_manifest requests to marshal responses
- fix size_buffer marshaling (was always returning zero)
- format fakeimpl manifest string
- add shell test commands that exercise the api's (including the
key api's that were only reachable via the StorageManager)
Change-Id: Ia36906d975fb497e6de81e81fdaf2ff04c7a1e9a
GitOrigin-RevId: cad976c55c99724c2b7c5186b2864f7c44edef13
Fake bundle id's are now "fake.X" where X is the CPtr for the package
contents' CNode (which is known unique).
While here fix some whitespace bogons.
Change-Id: I84c586e11f56c416d9bad667cae8e4cecba5dca2
GitOrigin-RevId: 0cec9e3308d9f3fe019af666dea583f92b3735b4
RustAddLibrary was setting RUST_TARGET to a fixed string with a potential
override by the caller. The later is not used in our builds so move it
to east-settings.cmake so it can be changed from the cmd line.
Change-Id: I17f16cf8df16e6d7e997091165e8df097f7fcc32
GitOrigin-RevId: 98b687fd600e328cacbaf3c1127eef841d664a92
A smorgasbord of chnages to sel4-sys and kata-os-model mostly in support
of the aarch64 platform. This is derived from Marcin's aarch64 work.
TODO(sleffler): seL4_Page_Map_Flush maybe belongs in sel4-sys
sel4-sys changes:
- hoist seL4_ObjectTypeCount out of arch
- make seL4_Page_Map for ARM honor the grant right to set the NX bit
- fill-in seL4_ObjectType & related impl's for ARM & X86
- import cfg-if crate to cleanup various tangled conditionals
kata-os-model changes:
- add seL4_Page_Map_Flush to encapsulate arch-specific work needed after
an seL4_Page_Map call; this is kept separate to avoid changing the
Page_Map api
- purge kobject_t and replace kobject_get_type with get_frame_type
- purge kobject_get_size (only use was to calculate the size of the
SchedContext object which is arch-independent)
- redo CDL_ObjectType to work for all arch's
- various fixes for target_arch aarch64
- construct platform_gen.rs at build-time from seL4's platform_gen.h for
seL4_Page_Map_Flush to do it's job
- get target_arch arm closer (esp needs vspace setup fixed)
- correct various "arm" & "x86" target_arch checks to cover both 32-
and 64-bit arch's
- misc style changes (e.g. sort imports)
capdl changes:
- add arch-specific CDL_CapType entries
NB: seL4_Page_Map_Flush for ARM is overly conservative in invalidating
the data cache; this could be improved by identifying whether the page
has a pre-assigned paddr
Change-Id: I005cbbbd36ea6711feed66412391e3790dda2966
GitOrigin-RevId: b5c6893fa1c7f3297d88aa7f522a2792ac3b75c7
A smorgasbord of chnages to sel4-sys and kata-os-model mostly in support
of the aarch64 platform. This is derived from Marcin's aarch64 work.
TODO(sleffler): seL4_Page_Map_Flush maybe belongs in sel4-sys
sel4-sys changes:
- hoist seL4_ObjectTypeCount out of arch
- make seL4_Page_Map for ARM honor the grant right to set the NX bit
- fill-in seL4_ObjectType & related impl's for ARM & X86
- import cfg-if crate to cleanup various tangled conditionals
kata-os-model changes:
- add seL4_Page_Map_Flush to encapsulate arch-specific work needed after
an seL4_Page_Map call; this is kept separate to avoid changing the
Page_Map api
- purge kobject_t and replace kobject_get_type with get_frame_type
- purge kobject_get_size (only use was to calculate the size of the
SchedContext object which is arch-independent)
- redo CDL_ObjectType to work for all arch's
- various fixes for target_arch aarch64
- construct platform_gen.rs at build-time from seL4's platform_gen.h for
seL4_Page_Map_Flush to do it's job
- get target_arch arm closer (esp needs vspace setup fixed)
- correct various "arm" & "x86" target_arch checks to cover both 32-
and 64-bit arch's
- misc style changes (e.g. sort imports)
capdl changes:
- add arch-specific CDL_CapType entries
NB: seL4_Page_Map_Flush for ARM is overly conservative in invalidating
the data cache; this could be improved by identifying whether the page
has a pre-assigned paddr
Change-Id: Ia690006436b2bd5fc892bff139668f8d518cb426
GitOrigin-RevId: c8081ff8d932e5c9b427a1e9bb0bc2db7c674738
Request the MemoryManager to free the package contents' CNode
on uninstall. We were reclaiming this locally without informing
MmemoryManager so it's bookkeeping was off.
Change-Id: I925178ad50cf84a85dd401aafd9fdbea71e050a3
GitOrigin-RevId: 3e369dd558542d6f85f70f0ea9894ea370fd51d6
Add a new "camkes" submodule that consolidates KataOS CAmkES component
integration boilerplate. Each component is expected to declare:
static mut CAMKES: Camkes = Camkes::new("ProcessManager");
and then (typically) use "pre_init" to setup the logger, heap, and the
slot allocator. More fine-grained control is provided by:
fn init_logger(self: &Cmakes, level: Log::LevelFilter);
fn init_allocator(self: &Camkes, heap: &'static mut [u8]);
fn init_slot_allocator(self: &Camkes, first_slot: seL4_CPtr, last_slot: seL4_CPtr);
When receiving capabilities use "init_recv_path" to setup the IPCBuffer
receive path and "assert_recv_path" & "check_recv_path" calls to verify
noting has clobbered the setting.
The debug_assert_slot_* macros are wrapped in Camkes:: functions and a
"top_level_path" function for constructing seL4_CPath objects. Altogether
this normally allows a component to be written without direct use of the
CAmkES global static identifiers SELF_CNODE*.
Change-Id: Ia1351e411a5355789cf74bc0fcfe0e41a418b7d4
GitOrigin-RevId: fb81a8e0687ed9321c9961410edd5dbd54093ce5
Adds an architecture-independent api for sel4-sys interfaces similar
to what libsel4 does. For example, instead of seL4_RISCV_Page_Map use
seL4_Page_Map. This is mostly aliases for common types & system calls but
also features like the Grant right implying NoExecute for seL4_Page_Map.
While here fix crate paths to sel4-sys; everything external to
kata-os-common is intended to use kata-os-common::sel4-sys.
Change-Id: I6faa07d41ffd2fbb4182bf2fa7c05a768e4368f3
GitOrigin-RevId: f51e5186b61eab541e9fb4d2d4175adcc3ca8cee
This CL enables multiple outstanding periodic executions. To do so the
MlCoordinator now includes an array of started models and a queue of
models that are ready to be executed immediately. Additionally, each
periodic model has an associated timer. When that timer fires the model
is added to the execution queue. When a model finishes executing, the
next model is popped off the queue and executed. If a model becomes
ready when there's already an execution for it queued, that execution
is dropped and a warning printed. A cancel command is added to remove
periodic or outstanding executions.
A state debug command was also added.
Currently we can only load a single model due to limitations with the
StorageManager, but we can do so multiple times.
Tests:
Single shot: https://paste.googleplex.com/6704629669691392
Two periodic execs: https://paste.googleplex.com/5288292800004096
Overloaded warning: https://paste.googleplex.com/4549962219126784
Debug State:
KATA> state_mlcoord
kata_ml_coordinator::Running model: fubar:mobilenet_v1_emitc_static.model
kata_ml_coordinator::Loaded model: fubar:mobilenet_v1_emitc_static.model
kata_ml_coordinator::Loadable Models:
kata_ml_coordinator:: LoadableModel { bundle_id: "fubar", model_id: "mobilenet_v1_emitc_static.model", rate_in_ms: Some(2000) }
kata_ml_coordinator:: LoadableModel { bundle_id: "fubar", model_id: "mobilenet_v1_emitc_static.model", rate_in_ms: Some(6000) }
kata_ml_coordinator::Execution Queue:
kata_ml_coordinator:: fubar:mobilenet_v1_emitc_static.model
kata_ml_coordinator::Statistics: Statistics { load_failures: 0, already_queued: 0 }
Change-Id: I7637c9c390eb6ffd9ae22088f37b98c056a441c2
GitOrigin-RevId: 18c0d3fe740a37381f7f1eddee8f2224f679fd61
Having CSpaceSlot be a submodule of kata-slot-allocator caused an sel-4sys
dependency that broke unit tests. Split it out to it's own crate.
Change-Id: Iea531e36284b58e932eb0cbd84f90abc81823fe3
GitOrigin-RevId: 39abb4510f66cfe026b12fcacf78b429ddd8f0b5
Running test_obj_alloc and similar (e.g. install+start+stop+uninstall)
on a release build yields kernel complaints about using a null
capability. Traced this down to delete_caps for ObjDesc's with count >
1. Checking the result from the syscall resolves things. Seems like an
optimizer bug.
Change-Id: Ib09095ac4255261b1ef67fec68ef3267d6be4883
GitOrigin-RevId: 7149d33b88d2b383d4ab65903c62c478e1659d1d
- replace the memory-mapped elf file by a cpio archive of bundle
objects (BundleImages until we fill in what a bundle is)
- add a new "builtins" command to list the contents of the cpio
archive (similar to cpio -t)
- extend the "install" command to load from the builtins archive
- switch the connection to ProcessManager to support the larger
ObjDescBundle's coming from the cpio archive
Change-Id: I5d7c195b58937df3921f925de3637f325f53fa2f
GitOrigin-RevId: 410813e62ae8f38685a1b32deb2e80de538085a4
- change zmodem uploads to get memory from the MemoryManager
- add a "-z" option to the "install" command to start a zmodem upload
to generate the package contents to send to ProcessManager
- increase CNode headroom for loading package contents
Change-Id: I5f329cdd044368e5568ad891245d67a4a13f8468
GitOrigin-RevId: 2853cde48cb8232f3ba75fe7e8efdbd3032bcb66
- remove vestiges of mapped ELF file; models now come from
SecurityCoordinator using a LoadModel request in the form of a BundleImage
- change execute api to take a bundle_id & model_id
- track loded bundle_id & model_id to handle switching between models
- load_elf -> load_image (which loads a BundleImage)
- add a client-side wrapper to hide marshalling details
- add a copyregion (VSpace hole) for processing BundleImages
- integrate with slot allocator
- setup the heap (needed for various things)
Change-Id: I50f3526bddefcdb67b742d42ca396bfefc10801f
GitOrigin-RevId: 80aa0da34b057b334b7d76932c7ad25146364569
- replace the opaque memory placeholder with MemoryManager integration
(e.g. ObjDescBundle's and BundleImage's)
- set CNode headroom so there is space to construct a 4MB application
- arrange to get capabilities for an ASIDPool, the global SchedController,
and the global DomainController for crafting new TCB's
- arrange for copregions (VSpace holes) for working with BundleImage's
and spilling arguments to the stack of a new TCB
- integrate with the slot allocator
- accept an ObjDescBundle for the pkg_contents of an install request
- add BundleImplInterface traits in suport of mocking/faking the bundle
implementation (unit tests not included)
- new error codes: ObjCapInvalid, SuspendFailed, ResumeFailed
- integrate with the kernel so TCB construction honors settings like MCS
- track kata_security_* wrapper additions
- add seL4BundleImpl (derived from kata-os-rootserver)
TODO: build+test only on RISCV32
TODO: verify seL4BundleImpl features all build at least
TODO: cleanup VSpace layout (is probably arch specific)
TODO: review+cleanup error handling (esp resources)
TODO: fault endpoints are not conencted
TODO: SDK runtime is not setup
TODO: scheduling is likely not the way we want
TODO: security eview
Change-Id: I025b008eeb8b47af2fe3894149da6576642bb8ed
GitOrigin-RevId: 539bf11739a9e756936168a9cbd3e2e2e4b0ba11
- break dependency loop with kata-security-interface
- use new kata_security_* wrappers
Change-Id: I65b98a406f18c82354e5425b37612789d4ab340d
GitOrigin-RevId: 5744715a439a5305ead57a99eacc1108b5d10750
This mostly cleans up my bad idea of how to process SecurityRequests.
- accept an ObjDescBundle attached in an InstallRequest
- return a BundleImage in LoadApplication & LoadNModel replies
- integrate with the slot allocator
- integrate with MemoryManager (for the fake)
Change-Id: I695efbecabfa3e71d7d2cfdd013c113a5a915b40
GitOrigin-RevId: 623ffdf19f5550918da530b57a299659061832aa
- hide marshalling details in kata_security_* wrappers
- replace the placeholder opaque memory representation in rpc's with
MemoryManager integration
- uses proper struct's for all Request/Response msgs (except for Echo):
this mostly eases the way for switching away from postcard + CAmkES
to comething like flatbuffers
- extend SecurityRequest structs with SecurityCapability traits to
support passing capabilities (specifically CNode's holding dynamically
allocated objects)
- new error codes: SreDeleteFirst, SreCapAllocFailed, SreCapMoveFailed,
and SreObjCapInvalid
- shuffle integration with StorageManager to resolve a dependency loop
- redo SecurityCoordinatorInterface to enable server-side changes (in
a separate cl)
- add headroom to the component CNode for the fake impl to hold package
contents
Change-Id: Ief6931d451023b511dbe1bdc3ffba4bf18070962
GitOrigin-RevId: 066f6cfa72f47fb8b4f8edc861dd9e3759ec6054
Add support for BundleImage, a file format for loading applications and
models from a bundle. BundleImage is simple, compact, and streamable,
BundleImage files are constructed with the prepare_bundle_image tool.
TODO: add compression
TODO: check crc32
Change-Id: I0770608a075cac9754a54e0bb244d75673ae1be6
GitOrigin-RevId: 368dabd3a5af19d47fe7f8084b8a0a0b57b8471d
- track CAmkES well-known name changes (e.g. RECV_CNODE -> MEMORT_RECV_CNODE)
- initialize the slot allocator for the component
- fix size_bytes to use the object count in its calculation
- add can_combine method to help optimize ObjDescBundle construction
- enhance ObjDescBundle:
- len, count, size_bytes, count_log2, maybe_combine_last
- move_objects_to_toplevel, move_objects_from_toplevel
- fmt (show SELF_CNODE & MEMORY_RECV_CNODE symbolically)
- add MmeCapAllocFailed
- add kata_object_alloc_in_toplevel & kata_object_free_toplevel
- add kata_object_alloc_in_cnode & kata_object_free_in_cnode
- add kata_frame_alloc_in_cnode
- avoid underflow in stats bookkeeping to not crash until we fix
the root cause
Change-Id: I826b55f1f0b07bef58a420e32efbc02cd1d6363f
GitOrigin-RevId: 43bd8ae5cf41fd510fae502c7cd8e234c04edb85
This fixes debug builds which otherwise have an undefined reference
to SELF_CNODE.
Change-Id: I55384cfff19b99cf49b147d396b274c74bdf5db5
GitOrigin-RevId: d055b070ee5a67f1648566d1c1c511446d02b3cc
The slot allocator has CAmkES-specific support that will not build for
a non-CAmkES target. Add a "camkes_support" feature flag that controls
whether the slot allocator is included. This is enabled by default but
allows users like kata-os-rootserver to workaround the problem.
Change-Id: I2decb9fc794c215455e223d17c24c6a19cc52d56
GitOrigin-RevId: d7a3811b4a9a000b0f34fbc2abdfc628250f64d4
