Dumping out the entire page table contents is extremely spammy.
Don't do this unless --verbose is passed twice.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
The port will enable Zephyr to run as a guest OS on x86-64 systems. It
comes with a test on QEMU to validate that, thus this new board
introduction. It's "make run" target will issue QEMU with the same
configuration Jailhouse upstream uses for their confis/qemu-x86.c root
cell configuration:
Test configuration for QEMU Q35 VM, 1 GB RAM, 4 cores,
6 MB hypervisor, 60 MB inmates (-4K shared mem device)
This will work provided qemu-system-x86_64 is installed in the system
and a given (qcow2) image with the Jailhouse root cell in it is
provided (any of those will ever ship with Zephyr, it's out of its
scope).
Signed-off-by: Gustavo Lima Chaves <gustavo.lima.chaves@intel.com>
Kernel object metadata had an extra data field added recently to
store bounds for stack objects. Use this data field to assign
IDs to thread objects at build time. This has numerous advantages:
* Threads can be granted permissions on kernel objects before the
thread is initialized. Previously, it was necessary to call
k_thread_create() with a K_FOREVER delay, assign permissions, then
start the thread. Permissions are still completely cleared when
a thread exits.
* No need for runtime logic to manage thread IDs
* Build error if CONFIG_MAX_THREAD_BYTES is set too low
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Do not set XD at page directory level - some leaf PTE may have it
cleared.
Fixes: d1703691c8 ("x86: MMU: Generation of PAE tables")
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
This should clear up some of the confusion with random number
generators and drivers that obtain entropy from the hardware. Also,
many hardware number generators have limited bandwidth, so it's natural
for their output to be only used for seeding a random number generator.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Use-cases for these subsystems appear to be limited to board/SOC
code, network stacks, or other drivers, no need to expose to
userspace at this time. If we change our minds it's easy enough
to add them back.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
The functionality of the shell scripts for flashing and debugging has
now been replaced by zephyr_flash_debug.py. Remove the legacy scripts
as part of transitioning all of this to Python.
Signed-off-by: Marti Bolivar <marti.bolivar@linaro.org>
Some of the flashing scripts try to be clever about picking unused
ports. That's convenient for the user, so add a helper class to
runner.core to accomplish similar ends portably.
Signed-off-by: Marti Bolivar <marti.bolivar@linaro.org>
Factor the classes which do the work into a new "runner" package. This
package has a core module where ZephyrBinaryRunner and common helpers
will live, and one file per subclass / runner front-end.
The top-level script, zephyr_flash_debug.py, still exists, but just
delegates its work to the core.
Signed-off-by: Marti Bolivar <marti.bolivar@linaro.org>
Though it isn't used by any in-tree Makefile.boards, looking at the
RIOT OS build system, this is meant to be split along lexical
boundaries defined by the shell, not just whitespace.
Signed-off-by: Marti Bolivar <marti.bolivar@linaro.org>
Several debugging scripts run setsid before executing a server
process, then run GDB with SIGINT ignored.
Relying on setsid is not portable. Add a popen_ignore_int() helper
that provides a portable alternative, and provide a generic
run_server_and_client() in ZephyrBinaryRunner which uses it to
abstract the pattern.
Subsequent patches will use this to implement the 'debug' command.
Signed-off-by: Marti Bolivar <marti.bolivar@linaro.org>
Replace the 'flash' method with a 'run' method, which takes a command
to run (flash, debug, or debugserver).
Rename the classes involved appropriately, and generalize the factory
interfaces as needed.
Add documentation and theory of ops.
Signed-off-by: Marti Bolivar <marti.bolivar@linaro.org>
We only had a few hundred tests run when sanitycheck was first written,
and printing out the reasoning why tests were skipped seemed reasonable
at the time. Now that we are running tens of thousands of tests, this
is too much information.
The dump of what tests were skipped and why now requires two instances
of --verbose on the command line.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Now that we have a newer version of bossa in the SDK we can use a
version where there -p option works properly.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
If CONFIG_X86_PAE_MODE is enabled for the build, then gen_mmu.py
would generate the boot time page tables in PAE format.
This supports 3 level paging i.e Page Directory Pointer(PDPT), Page
Directory(PD) and Page Table(PT). Each Page Table Entry(PTE) maps to
a 4KB region. Each Page Directory Entry(PDE) maps a 2MB region.
Each Page Directory Pointer Entry(PDPTE) maps to a 1GB region.
JIRA: ZEP-2511
Signed-off-by: Adithya Baglody <adithya.nagaraj.baglody@intel.com>
Cleanup how we find the yaml files for device tree bindings. Move to a
recursive dir search of the dts/ dir. This will be useful for
supporting re-organizing of the yaml files to match binding dir
structure.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
The file was opened as text, to avoid issues with UTF-8 in the future,
make it all binary and encode to UTF-8 correctly.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
It's possible to declare static threads that start up as K_USER,
but these threads can't do much since they start with permissions on
no kernel objects other than their own thread object.
Rather than do some run-time synchronization to have some other thread
grant the necessary permissions, we introduce macros
to conveniently assign object permissions to these threads when they
are brought up at boot by the kernel. The tables generated here
are constant and live in ROM when possible.
Example usage:
K_THREAD_DEFINE(my_thread, STACK_SIZE, my_thread_entry,
NULL, NULL, NULL, 0, K_USER, K_NO_WAIT);
K_THREAD_ACCESS_GRANT(my_thread, &my_sem, &my_mutex, &my_pipe);
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Support new keywords in testcase.yaml that would allow us to inject
configuration options to be merged with default configuration instead of
having to provide a prj.conf for each variant of the test which is very
difficult to keep in sync. Sanitycheck script will create an overlay
file that is merged during the build process.
This is now done using the extra_configs option which is a yaml list of
option with the values, for example:
extra_configs:
- CONFIG_XXXX=y
- CONFIG_YYYY=y
With this option we can have multiple tests that for example run on
hardware with different values. This type of testing is good on HW but
it does not make sense to be built in normal sanitycheck operation
because it will be just rebuilding the same code with different values.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
We need to track permission on stack memory regions like we do
with other kernel objects. We want stacks to live in a memory
area that is outside the scope of memory domain permission
management. We need to be able track what stacks are in use,
and what stacks may be used by user threads trying to call
k_thread_create().
Some special handling is needed because thread stacks appear as
variously-sized arrays of struct _k_thread_stack_element which is
just a char. We need the entire array to be considered an object,
but also properly handle arrays of stacks.
Validation of stacks also requires that the bounds of the stack
are not exceeded. Various approaches were considered. Storing
the size in some header region of the stack itself would not allow
the stack to live in 'noinit'. Having a stack object be a data
structure that points to the stack buffer would confound our
current APIs for declaring stacks as arrays or struct members.
In the end, the struct _k_object was extended to store this size.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
We need to enforce that if the implementation function is inlined,
and we are using a syscall declaration macro where a runtime check
is performed, that all memory access in the inlined implementation
function is done after the user context check is performed.
Fixes bad memory access issues observed due to the compiler fetching
member data from a kernel object when the calling context was in
user mode.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
