Pagers can now share their own private capabilities with their
paged children, or their siblings with whom they have a common pager
ancestor.
Added flags CAP_SHARE_CHILD and CAP_SHARE_SIBLINGS for that.
Notion of pager hierarchy introduced using the existing but unused
pagerid field.
Thread creation now has two more flags TC_AS_PAGER and TC_SHARE_PAGER.
The former sets creator as pager, the latter sets creator's pager as pager.
Thread group capability sharing now correctly carries shared capabilities
to the thread group leader's tgr_cap_list list, and this list is checked
during capability checking.
Capabilities will be shared among collection of threads. A pager
will have a right to share its own capabilities with its space,
its thread group and its container.
Currently sharing is possible with only all of the caps. Next,
it will be support for cap splitting, granting, and partial sharing
and granting.
Added support for pagers that fault to suspend and become zombies
along with all the threads that they manage. Zombie killing is to
be done at a later time, from this special zombie queue.
The implementation works same as a suspension, with the added action
that the thread is moved to a queue in kernel container.
Issues:
- A page-faulting thread suspends if receives -1 from pager page fault ipc.
This is fine if pager is about to delete the thread, but it is not if
it is a buggy pager.
- Need to find a way to completely get rid of suspended pager.
- A method of deleting suspended tasks could remedy both cases above.
- removed (%d) Sleeping print from contended kernel mutexes.
- removed (%d) Waiting print from WAIT_EVENT used by the pager for suspending tasks.
- removed prints from the mutex_control syscall and user mutex test.
- Fixed a wrong instruction in mutex.S user library
- Added support for blocking lock/unlock
- Divided waiting into wait_on_prepare and wait_on_prepared_wait
so that mutex_control lock is released after getting in the waitqueue.
- Declaring waitqueue on the stack should be done outside wait_on_prepare
Issues:
- Tests can be simplified for atomic data access instead of producer/consumer.
- kmalloc variable sized memory caches are not freed properly. Currently only the
last slot can be freed, occupied correctly. it should be done in any slot, i.e.
1, 2, 3, 4 instead of just 5.
- Need to add a mutex to kmalloc.
- Mutex test added. Forked tasks demonstrate produce/consumer using a
shared mmap'ed page.
- Added l4lib assembler syscall
- Added forgotten SWI to mutex control offset in syscall page.
- Added mutex head initialization
- Contended child successfully sleeps in a waitqueue.
Issues:
- Somehow the child's produced page buffer is altered at about [4020] offset.
Parent fails to validate buffer therefore.
- Need to add syncing to test so that parent does not unlock and lock again
before child has a chance to lock buffer and produce.
- Compiles and Codezero runs as normal without touching mutex implementation
- Mutex implementation needs testing.
The mutex control syscall allows userspace programs to declare any virtual
address as a mutex lock and ask for help from the kernel syscall
for resolving locking contentions.
Previously during ipc copy, only the currently active task flags were
checked. This means the flags of whoever doing the actual copy was used
in the ipc. Now flags are stored in the ktcb and checked by the copy routine.
Current use of the flags is to determine short/full/extended ipc.
Benefits & Facts:
- Messages up to 2 kilobytes may be sent.
- Both parties may use non-disjoint user buffers. E.g. any userspace address.
- Userspace buffers can page fault.
- Page faults punish timeslice of only the faulting thread.
- Any number of extended ipcs can take place at any one time, since
only ktcbs of ipc parties are engaged. No global buffer is used.
- This also provides smp-safety benefit.
Disadvantages:
- There is triple copying penalty. This has to be done:
- Sender buffer to sender ktcb
- Sender ktcb to receiver ktcb
- Receiver ktcb to receiver buffer.
This is due to the fact that buffers can be on non-disjoint userspace addresses.
If you want to avoid disadvantages and lose some of the benefits,
(e.g. address freedom, shorter copy size) use FULL IPC.
Upon fork, child was created in a new space but as a copy of any
cloned thread in the parent space. This was due to the search of forker thread
by its space id (which is shared among many cloned threads).
Now fixed.
modified: src/api/thread.c
modified: tasks/mm0/src/task.c
