2009-05-20 23:07:56 +03:00
|
|
|
#pypp 0
|
|
|
|
|
#include "kernel.hh"
|
|
|
|
|
|
2009-05-25 01:31:35 +03:00
|
|
|
Capability *Memory::find_capability (unsigned code, bool *copy):
|
|
|
|
|
*copy = code & 2 ? true : false
|
|
|
|
|
if code & 1:
|
|
|
|
|
// Cappage capability
|
|
|
|
|
unsigned num = (code & ~PAGE_MASK) >> 1
|
|
|
|
|
if num >= CAPPAGE_SIZE:
|
|
|
|
|
return NULL
|
|
|
|
|
Capability *page = (Capability *)(code & PAGE_MASK)
|
|
|
|
|
for Cappage *p = cappages; p; p = p->next:
|
|
|
|
|
if p->page == page:
|
|
|
|
|
return &page[num]
|
|
|
|
|
else:
|
|
|
|
|
// Normal capability
|
|
|
|
|
for Capability *c = capabilities; c; c = c->next:
|
|
|
|
|
if c == (Capability *)code:
|
|
|
|
|
return c
|
2009-05-20 23:07:56 +03:00
|
|
|
return NULL
|
|
|
|
|
|
2009-05-25 01:31:35 +03:00
|
|
|
static Capability *reply
|
2009-05-27 15:38:52 +03:00
|
|
|
static Receiver *reply_receiver
|
2009-05-25 01:31:35 +03:00
|
|
|
|
2009-05-27 19:33:05 +03:00
|
|
|
static void fill_cap (Capability *r, unsigned target, unsigned protected_data):
|
2009-05-25 01:31:35 +03:00
|
|
|
Capability **ref
|
|
|
|
|
if target & ~KERNEL_MASK:
|
|
|
|
|
ref = &((Receiver *)target)->capabilities
|
|
|
|
|
else:
|
|
|
|
|
ref = &((Object_base *)protected_data)->refs
|
|
|
|
|
// alloc_capability needs a Memory, but it isn't used if return storage is given.
|
2009-05-27 19:33:05 +03:00
|
|
|
top_memory.alloc_capability ((Receiver *)target, NULL, ref, protected_data, r)
|
|
|
|
|
|
|
|
|
|
static void reply_cap (unsigned target, unsigned protected_data):
|
|
|
|
|
Capability r
|
|
|
|
|
fill_cap (&r, target, protected_data)
|
2009-05-25 01:31:35 +03:00
|
|
|
unsigned d[4] = { 0, 0, 0, 0 }
|
|
|
|
|
Capability *caps[4] = { &r, NULL, NULL, NULL }
|
|
|
|
|
bool cops[4] = { true, false, false, false }
|
2009-05-27 15:38:52 +03:00
|
|
|
if reply:
|
|
|
|
|
reply->invoke (d, caps, cops)
|
|
|
|
|
else:
|
2009-05-27 19:33:05 +03:00
|
|
|
reply_receiver->send_message (~0, d, caps, cops)
|
|
|
|
|
r.invalidate ()
|
2009-05-25 01:31:35 +03:00
|
|
|
|
|
|
|
|
static void reply_cap (Capability *cap, bool copy):
|
|
|
|
|
unsigned d[4] = { 0, 0, 0, 0 }
|
|
|
|
|
Capability *caps[4] = { cap, NULL, NULL, NULL }
|
|
|
|
|
bool cops[4] = { copy, false, false, false }
|
2009-05-27 15:38:52 +03:00
|
|
|
if reply:
|
|
|
|
|
reply->invoke (d, caps, cops)
|
|
|
|
|
else:
|
2009-05-27 19:33:05 +03:00
|
|
|
reply_receiver->send_message (~0, d, caps, cops)
|
2009-05-25 01:31:35 +03:00
|
|
|
|
|
|
|
|
static void reply_num (unsigned num):
|
|
|
|
|
unsigned d[4] = { num, 0, 0, 0 }
|
|
|
|
|
Capability *caps[4] = { NULL, NULL, NULL, NULL }
|
|
|
|
|
bool cops[4] = { false, false, false, false }
|
2009-05-27 15:38:52 +03:00
|
|
|
if reply:
|
|
|
|
|
reply->invoke (d, caps, cops)
|
|
|
|
|
else:
|
2009-05-27 19:33:05 +03:00
|
|
|
reply_receiver->send_message (~0, d, caps, cops)
|
2009-05-25 01:31:35 +03:00
|
|
|
|
|
|
|
|
static void receiver_invoke (unsigned target, unsigned protected_data, Capability *cap, unsigned request, unsigned data):
|
|
|
|
|
Receiver *receiver = (Receiver *)protected_data
|
|
|
|
|
switch request:
|
|
|
|
|
case CAP_RECEIVER_SET_OWNER:
|
|
|
|
|
if ((unsigned)cap->target & (CAPTYPE_MASK | ~KERNEL_MASK)) != CAPTYPE_THREAD:
|
|
|
|
|
// FIXME: This makes it impossible to use a fake thread capability.
|
|
|
|
|
return
|
|
|
|
|
receiver->own ((Thread *)cap->protected_data)
|
|
|
|
|
break
|
|
|
|
|
case CAP_RECEIVER_CREATE_CAPABILITY:
|
|
|
|
|
reply_cap ((unsigned)receiver, data)
|
|
|
|
|
break
|
|
|
|
|
case CAP_RECEIVER_CREATE_CALL_CAPABILITY:
|
|
|
|
|
reply_cap (CAPTYPE_RECEIVER | CAP_RECEIVER_CALL, protected_data)
|
|
|
|
|
break
|
|
|
|
|
default:
|
|
|
|
|
break
|
|
|
|
|
|
|
|
|
|
static void memory_invoke (unsigned target, unsigned protected_data, Capability *cap, unsigned request, unsigned data):
|
|
|
|
|
Memory *mem = (Memory *)protected_data
|
|
|
|
|
switch request:
|
|
|
|
|
case CAP_MEMORY_CREATE:
|
|
|
|
|
switch data:
|
|
|
|
|
case CAPTYPE_RECEIVER:
|
|
|
|
|
Receiver *ret = mem->alloc_receiver ()
|
|
|
|
|
if ret:
|
|
|
|
|
reply_cap (data | REQUEST_MASK, (unsigned)ret)
|
|
|
|
|
else:
|
|
|
|
|
reply_num (0)
|
|
|
|
|
break
|
|
|
|
|
case CAPTYPE_MEMORY:
|
|
|
|
|
Memory *ret = mem->alloc_memory ()
|
|
|
|
|
if ret:
|
|
|
|
|
reply_cap (data | REQUEST_MASK, (unsigned)ret)
|
|
|
|
|
else:
|
|
|
|
|
reply_num (0)
|
|
|
|
|
break
|
|
|
|
|
case CAPTYPE_THREAD:
|
|
|
|
|
Thread *ret = mem->alloc_thread ()
|
|
|
|
|
if ret:
|
|
|
|
|
reply_cap (data | REQUEST_MASK, (unsigned)ret)
|
|
|
|
|
else:
|
|
|
|
|
reply_num (0)
|
|
|
|
|
break
|
|
|
|
|
case CAPTYPE_PAGE:
|
|
|
|
|
Page *ret = mem->alloc_page ()
|
|
|
|
|
if ret:
|
|
|
|
|
reply_cap (data | REQUEST_MASK, (unsigned)ret)
|
|
|
|
|
else:
|
|
|
|
|
reply_num (0)
|
|
|
|
|
break
|
|
|
|
|
case CAPTYPE_CAPPAGE:
|
|
|
|
|
Cappage *ret = mem->alloc_cappage ()
|
|
|
|
|
if ret:
|
|
|
|
|
reply_cap (data | REQUEST_MASK, (unsigned)ret)
|
|
|
|
|
else:
|
|
|
|
|
reply_num (0)
|
|
|
|
|
break
|
|
|
|
|
default:
|
|
|
|
|
return
|
|
|
|
|
break
|
|
|
|
|
case CAP_MEMORY_DESTROY:
|
2009-05-27 15:38:52 +03:00
|
|
|
if !cap || cap->address_space != mem || (unsigned)cap->target & ~KERNEL_MASK:
|
|
|
|
|
return
|
|
|
|
|
switch (unsigned)cap->target & CAPTYPE_MASK:
|
|
|
|
|
case CAPTYPE_RECEIVER:
|
|
|
|
|
mem->free_receiver ((Receiver *)cap->protected_data)
|
|
|
|
|
return
|
|
|
|
|
case CAPTYPE_MEMORY:
|
|
|
|
|
mem->free_memory ((Memory *)cap->protected_data)
|
|
|
|
|
return
|
|
|
|
|
case CAPTYPE_THREAD:
|
|
|
|
|
mem->free_thread ((Thread *)cap->protected_data)
|
|
|
|
|
return
|
|
|
|
|
case CAPTYPE_PAGE:
|
|
|
|
|
mem->free_page ((Page *)cap->protected_data)
|
|
|
|
|
return
|
|
|
|
|
case CAPTYPE_CAPABILITY:
|
|
|
|
|
mem->free_capability ((Capability *)cap->protected_data)
|
|
|
|
|
return
|
|
|
|
|
case CAPTYPE_CAPPAGE:
|
|
|
|
|
mem->free_cappage ((Cappage *)cap->protected_data)
|
|
|
|
|
return
|
|
|
|
|
default:
|
|
|
|
|
panic (0x55228930, "invalid case")
|
2009-05-25 01:31:35 +03:00
|
|
|
break
|
|
|
|
|
case CAP_MEMORY_LIST:
|
|
|
|
|
// TODO
|
|
|
|
|
break
|
|
|
|
|
case CAP_MEMORY_MAPPING:
|
|
|
|
|
bool write
|
|
|
|
|
Page *page = mem->get_mapping (data, &write)
|
|
|
|
|
unsigned t = CAPTYPE_PAGE | REQUEST_MASK
|
|
|
|
|
if !write:
|
|
|
|
|
t &= ~CAP_PAGE_WRITE
|
|
|
|
|
reply_cap (t, (unsigned)page)
|
|
|
|
|
break
|
|
|
|
|
case CAP_MEMORY_SET_LIMIT:
|
|
|
|
|
mem->limit = data
|
|
|
|
|
break
|
|
|
|
|
case CAP_MEMORY_GET_LIMIT:
|
|
|
|
|
reply_num (mem->limit)
|
|
|
|
|
break
|
|
|
|
|
case CAP_MEMORY_DROP:
|
|
|
|
|
if cap->address_space != mem:
|
|
|
|
|
break
|
|
|
|
|
mem->free_capability (cap)
|
|
|
|
|
break
|
|
|
|
|
default:
|
|
|
|
|
break
|
|
|
|
|
|
2009-05-27 19:33:05 +03:00
|
|
|
static void thread_invoke (unsigned target, unsigned protected_data, Capability *cap, unsigned data[4]):
|
2009-05-25 01:31:35 +03:00
|
|
|
Thread *thread = (Thread *)protected_data
|
2009-05-27 19:33:05 +03:00
|
|
|
switch data[0]:
|
2009-05-25 01:31:35 +03:00
|
|
|
case CAP_THREAD_GET_INFO:
|
2009-05-27 19:33:05 +03:00
|
|
|
switch data[1]:
|
|
|
|
|
case CAP_THREAD_INFO_PC:
|
|
|
|
|
reply_num (thread->pc)
|
|
|
|
|
break
|
|
|
|
|
case CAP_THREAD_INFO_SP:
|
|
|
|
|
reply_num (thread->sp)
|
|
|
|
|
break
|
|
|
|
|
case CAP_THREAD_INFO_FLAGS:
|
|
|
|
|
reply_num (thread->flags)
|
|
|
|
|
break
|
|
|
|
|
default:
|
|
|
|
|
unsigned *n = Thread_arch_info (thread, data[1])
|
|
|
|
|
if n:
|
|
|
|
|
reply_num (*n)
|
|
|
|
|
break
|
|
|
|
|
break
|
2009-05-25 01:31:35 +03:00
|
|
|
case CAP_THREAD_SET_INFO:
|
2009-05-27 19:33:05 +03:00
|
|
|
unsigned *value
|
|
|
|
|
switch data[1]:
|
|
|
|
|
case CAP_THREAD_INFO_PC:
|
|
|
|
|
value = &thread->pc
|
|
|
|
|
break
|
|
|
|
|
case CAP_THREAD_INFO_SP:
|
|
|
|
|
value = &thread->sp
|
|
|
|
|
break
|
|
|
|
|
case CAP_THREAD_INFO_FLAGS:
|
2009-05-27 20:29:21 +03:00
|
|
|
// It is not possible to set the PRIV flag, but it can be reset.
|
|
|
|
|
data[2] &= ~THREAD_FLAG_PRIV
|
2009-05-27 19:33:05 +03:00
|
|
|
value = &thread->flags
|
|
|
|
|
if data[3] & ~THREAD_FLAG_USER:
|
|
|
|
|
unsigned v = (*value & data[3]) | (data[2] & data[3])
|
|
|
|
|
if (v & THREAD_FLAG_WAITING) != (*value & THREAD_FLAG_WAITING):
|
|
|
|
|
if v & THREAD_FLAG_WAITING:
|
|
|
|
|
thread->wait ()
|
|
|
|
|
else
|
|
|
|
|
thread->unwait ()
|
|
|
|
|
if (v & THREAD_FLAG_RUNNING) != (*value & THREAD_FLAG_RUNNING):
|
|
|
|
|
if v & THREAD_FLAG_RUNNING:
|
|
|
|
|
thread->run ()
|
|
|
|
|
else
|
|
|
|
|
thread->unrun ()
|
|
|
|
|
break
|
|
|
|
|
default:
|
|
|
|
|
value = Thread_arch_info (thread, data[1])
|
|
|
|
|
break
|
|
|
|
|
if value:
|
|
|
|
|
*value &= ~data[3]
|
|
|
|
|
*value |= data[2] & data[3]
|
|
|
|
|
break
|
|
|
|
|
case CAP_THREAD_SCHEDULE:
|
|
|
|
|
schedule ()
|
|
|
|
|
break
|
|
|
|
|
case CAP_THREAD_REGISTER_INTERRUPT:
|
|
|
|
|
arch_register_interrupt (data[1], (Receiver *)cap->protected_data)
|
|
|
|
|
break
|
2009-05-25 01:31:35 +03:00
|
|
|
default:
|
|
|
|
|
break
|
|
|
|
|
|
2009-05-27 20:29:21 +03:00
|
|
|
static void page_invoke (unsigned target, unsigned protected_data, Capability *cap, bool copy, unsigned request, unsigned data):
|
2009-05-25 01:31:35 +03:00
|
|
|
Page *page
|
|
|
|
|
Cappage *cappage
|
|
|
|
|
if (target & CAPTYPE_MASK) == CAPTYPE_PAGE:
|
|
|
|
|
page = (Page *)protected_data
|
|
|
|
|
cappage = NULL
|
|
|
|
|
else:
|
|
|
|
|
page = NULL
|
|
|
|
|
cappage = (Cappage *)protected_data
|
|
|
|
|
switch request:
|
|
|
|
|
case CAP_PAGE_MAP:
|
|
|
|
|
if !page:
|
|
|
|
|
return
|
2009-05-27 20:29:21 +03:00
|
|
|
page->address_space->map (page, data, target & CAP_PAGE_WRITE)
|
|
|
|
|
break
|
2009-05-25 01:31:35 +03:00
|
|
|
case CAP_PAGE_SHARE:
|
|
|
|
|
// TODO
|
|
|
|
|
case CAP_PAGE_SHARE_COW:
|
|
|
|
|
// TODO
|
|
|
|
|
case CAP_PAGE_FORGET:
|
|
|
|
|
// TODO
|
|
|
|
|
case CAP_CAPPAGE_SET:
|
2009-05-27 20:29:21 +03:00
|
|
|
if !cappage || data >= CAPPAGE_SIZE || !(target & CAP_PAGE_WRITE):
|
2009-05-25 01:31:35 +03:00
|
|
|
return
|
2009-05-27 20:29:21 +03:00
|
|
|
Capability *c = &cappage->page[data]
|
|
|
|
|
c->invalidate ()
|
|
|
|
|
// clone_capability needs a Memory, but doesn't use it when storage is provided.
|
|
|
|
|
top_memory.clone_capability (cap, copy, c)
|
|
|
|
|
break
|
2009-05-25 01:31:35 +03:00
|
|
|
default:
|
|
|
|
|
break
|
|
|
|
|
|
|
|
|
|
static void capability_invoke (unsigned target, unsigned protected_data, Capability *cap, unsigned request, unsigned data):
|
|
|
|
|
Capability *capability = (Capability *)protected_data
|
|
|
|
|
switch request:
|
|
|
|
|
case CAP_CAPABILITY_GET:
|
|
|
|
|
reply_cap (capability, true)
|
|
|
|
|
break
|
|
|
|
|
case CAP_CAPABILITY_SET_DEATH_NOTIFY:
|
|
|
|
|
// TODO
|
|
|
|
|
default:
|
|
|
|
|
break
|
|
|
|
|
|
|
|
|
|
static bool kernel_invoke (unsigned target, unsigned protected_data, unsigned d[4], Capability *c[4], bool copy[4]):
|
|
|
|
|
// Kernel calling convention:
|
|
|
|
|
// data[0] is the request.
|
|
|
|
|
// cap[0] is the reply capability
|
|
|
|
|
// other parameters' meanings depend on the operation.
|
|
|
|
|
if !((1 << d[0]) & target & ~REQUEST_MASK):
|
|
|
|
|
// You are not allowed to perform this operation.
|
2009-05-27 15:38:52 +03:00
|
|
|
return true
|
2009-05-25 01:31:35 +03:00
|
|
|
reply = c[0]
|
|
|
|
|
if d[0] == CAP_DEGRADE:
|
|
|
|
|
reply_cap (target & d[1], protected_data)
|
|
|
|
|
return true
|
|
|
|
|
switch target & CAPTYPE_MASK:
|
|
|
|
|
case CAPTYPE_RECEIVER:
|
2009-05-27 15:38:52 +03:00
|
|
|
if target & (1 << CAP_RECEIVER_CALL):
|
2009-05-25 01:31:35 +03:00
|
|
|
// This is a call capability.
|
2009-05-27 19:33:05 +03:00
|
|
|
Capability r
|
|
|
|
|
Receiver *t = c[0]->target
|
|
|
|
|
unsigned p_d = c[0]->protected_data
|
|
|
|
|
if ~(unsigned)t & ~KERNEL_MASK:
|
|
|
|
|
fill_cap (&r, protected_data, ~0)
|
|
|
|
|
c[0] = &r
|
|
|
|
|
copy[0] = true
|
|
|
|
|
bool ret = kernel_invoke ((unsigned)t, p_d, d, c, copy)
|
|
|
|
|
r.invalidate ()
|
|
|
|
|
return ret
|
2009-05-27 15:38:52 +03:00
|
|
|
else:
|
|
|
|
|
// Kernel call: don't create actual capablities.
|
|
|
|
|
reply = NULL
|
|
|
|
|
reply_receiver = (Receiver *)protected_data
|
2009-05-27 19:33:05 +03:00
|
|
|
return kernel_invoke ((unsigned)t, p_d, d, c, copy)
|
2009-05-27 15:38:52 +03:00
|
|
|
if target & (1 << CAP_RECEIVER_REPLY):
|
|
|
|
|
// This is a reply capability.
|
2009-05-27 19:33:05 +03:00
|
|
|
((Receiver *)protected_data)->send_message (~0, d, c, copy)
|
2009-05-27 15:38:52 +03:00
|
|
|
return true
|
2009-05-25 01:31:35 +03:00
|
|
|
receiver_invoke (target, protected_data, c[1], d[0], d[1])
|
|
|
|
|
break
|
|
|
|
|
case CAPTYPE_MEMORY:
|
|
|
|
|
memory_invoke (target, protected_data, c[1], d[0], d[1])
|
|
|
|
|
break
|
|
|
|
|
case CAPTYPE_THREAD:
|
2009-05-27 19:33:05 +03:00
|
|
|
thread_invoke (target, protected_data, c[1], d)
|
2009-05-25 01:31:35 +03:00
|
|
|
break
|
|
|
|
|
case CAPTYPE_PAGE:
|
2009-05-27 20:29:21 +03:00
|
|
|
page_invoke (target, protected_data, c[1], copy[1], d[0], d[1])
|
2009-05-25 01:31:35 +03:00
|
|
|
break
|
|
|
|
|
case CAPTYPE_CAPABILITY:
|
|
|
|
|
capability_invoke (target, protected_data, c[1], d[0], d[1])
|
|
|
|
|
break
|
|
|
|
|
case CAPTYPE_CAPPAGE:
|
2009-05-27 20:29:21 +03:00
|
|
|
page_invoke (target, protected_data, c[1], copy[1], d[0], d[1])
|
2009-05-25 01:31:35 +03:00
|
|
|
break
|
|
|
|
|
default:
|
|
|
|
|
panic (0x99337744, "invalid capability type invoked")
|
|
|
|
|
return true
|
|
|
|
|
|
2009-05-27 19:33:05 +03:00
|
|
|
bool Receiver::send_message (unsigned protected_data, unsigned data[4], Capability *cap[4], bool copy[4]):
|
|
|
|
|
bool tried_direct = false
|
|
|
|
|
if owner && owner->is_waiting ():
|
|
|
|
|
Capability *c[4]
|
2009-05-25 01:31:35 +03:00
|
|
|
for unsigned i = 0; i < 4; ++i:
|
|
|
|
|
if !cap[i]:
|
2009-05-27 19:33:05 +03:00
|
|
|
c[i] = NULL
|
2009-05-25 01:31:35 +03:00
|
|
|
else:
|
2009-05-27 19:33:05 +03:00
|
|
|
c[i] = owner->address_space->clone_capability (cap[i], copy[i])
|
|
|
|
|
if !c[i]:
|
2009-05-25 01:31:35 +03:00
|
|
|
for unsigned j = 0; j < i; ++j:
|
2009-05-27 19:33:05 +03:00
|
|
|
owner->address_space->free_capability (c[i])
|
|
|
|
|
tried_direct = true
|
|
|
|
|
break
|
|
|
|
|
if !tried_direct:
|
|
|
|
|
Thread_arch_receive (owner, data, c)
|
|
|
|
|
owner->unwait ()
|
|
|
|
|
return true
|
|
|
|
|
// The owner was not waiting, or it was not possible to deliver the message. Put it in the queue.
|
|
|
|
|
Message *msg = address_space->alloc_message (this, protected_data)
|
|
|
|
|
if !msg:
|
|
|
|
|
return false
|
|
|
|
|
for unsigned i = 0; i < 4; ++i:
|
|
|
|
|
msg->data[i] = data[i]
|
|
|
|
|
if !cap[i]:
|
|
|
|
|
msg->capabilities[i] = NULL
|
|
|
|
|
else:
|
|
|
|
|
msg->capabilities[i] = address_space->clone_capability (cap[i], copy[i])
|
|
|
|
|
if !msg->capabilities[i]:
|
|
|
|
|
for unsigned j = 0; j < i; ++j:
|
|
|
|
|
address_space->free_capability (msg->capabilities[j])
|
|
|
|
|
address_space->free_message (msg)
|
|
|
|
|
return false
|
|
|
|
|
if tried_direct:
|
|
|
|
|
Thread_arch_receive_fail (owner)
|
|
|
|
|
owner->unwait ()
|
|
|
|
|
return true
|
|
|
|
|
|
|
|
|
|
bool Capability::invoke (unsigned data[4], Capability *cap[4], bool copy[4]):
|
|
|
|
|
if (unsigned)target & ~KERNEL_MASK:
|
|
|
|
|
// This is not a kernel capability: send a message to the receiver.
|
|
|
|
|
return target->send_message (protected_data, data, cap, copy)
|
2009-05-25 01:31:35 +03:00
|
|
|
// This is a kernel capability. Use a function to allow optimized call capabilities.
|
|
|
|
|
return kernel_invoke ((unsigned)target, protected_data, data, cap, copy)
|
