- Test0 has a full ipc mr read/write test.
- A full ipc occurs for definite only if both parties use the FULL IPC flag.
Otherwise the thread that makes the ipc copy rules on whether it was a short
or a full copy.
- Added a full ipc send/recv test
- Removed non-zero value checking in r2 for ipc that was there
to catch inadvertent full ipc calls.
- Added correct hanlding for read/write mrs for current status of utcb.
TODO:
- Add mapping of every utcb to every task for privileged access so that
the kernel can access every utcb without switching spaces.
- Removal of same mappings
- Upon thread creation need to copy page tables accordingly i.e.
each task will have its own utcb mapped with USER access, but every
other utcb as kernel access only. Need to handle this case upon page
table copying.
- Added ARM register ipc usage explanation to glue/arm/message.h
- In the current design, the unused r2 register is a system register
that kernel checks for ipc flags such as:
- IPC type: e.g. full or extended.
- In extended IPC, MR index containing message buffer ptr.
- In extended IPC, message size
sys_timer accumulates timer ticks into seconds, minutes, hours and days.
It's left to the user to calculate from days into a date. It is not yet
known if the calculation is even roughly correct.
Reduced 2 kmem_reclaim/grant calls into one kmem_control call.
Removed setting of tag during ipc_return(). So it does not overwrite
return value anymore.
Next stage is for the tasks to map their utcb via shmget/shmat before
accessing.
Modified ipc handling so that from now on the kernel inspects and sets
the sender id if the receiver is receiving from L4_ANYTHREAD. This posed
a security problem since the receiver could not trust the sender for
sender information.
Previously we had changed the method of setting the ipc tag from l4_ipc() call
argument to being passed as a message register.
- This change was not reflected in l4_ipc() signature as it still had a 3rd argument,
even though ignored.
- l4_set_sender and _set_tag had their arguments wrong way around.
- Previously 5 mrs were passed onto utcb instead of 6, relying on the fact that
l4_ipc tag argument was being passed in r3 directly, this wasnt true anymore
with new convention, but wasn't catered for.
TODO:
- MM0 shouldn't really allocate tids itself, but use ones supplied by C0.
- Sender tid shouldn't really passed by the sender task, but rather by C0. Otherwise
security can be easily breached by user tasks pretending to be other tasks. This
would also save us a message register.
