static int
test_full_cspace(env_t env)
{
int error;
seL4_CPtr cnode[CONFIG_WORD_SIZE];
seL4_CPtr ep = vka_alloc_endpoint_leaky(&env->vka);
seL4_Word ep_pos = 1;
/* Create 32 or 64 cnodes, each resolving one bit. */
for (unsigned int i = 0; i < CONFIG_WORD_SIZE; i++) {
cnode[i] = vka_alloc_cnode_object_leaky(&env->vka, 1);
assert(cnode[i]);
}
/* Copy cnode i to alternating slots in cnode i-1. */
seL4_Word slot = 0;
for (unsigned int i = 1; i < CONFIG_WORD_SIZE; i++) {
error = seL4_CNode_Copy(
cnode[i - 1], slot, 1,
env->cspace_root, cnode[i], seL4_WordBits,
seL4_AllRights);
test_assert(!error);
ep_pos |= (slot << i);
slot ^= 1;
}
/* In the final cnode, put an IPC endpoint in slot 1. */
error = seL4_CNode_Copy(
cnode[CONFIG_WORD_SIZE - 1], slot, 1,
env->cspace_root, ep, seL4_WordBits,
seL4_AllRights);
test_assert(!error);
/* Start a helper thread in our own cspace, to let it get set up. */
helper_thread_t t;
create_helper_thread(env, &t);
start_helper(env, &t, ipc_caller, ep, ep_pos, CONFIG_WORD_SIZE, 0);
/* Wait for it. */
seL4_MessageInfo_t tag;
seL4_Word sender_badge = 0;
tag = seL4_Recv(ep, &sender_badge);
test_assert(seL4_MessageInfo_get_length(tag) == 1);
test_assert(seL4_GetMR(0) == READY_MAGIC);
/* Now switch its cspace. */
error = seL4_TCB_SetSpace(t.thread.tcb.cptr, t.fault_endpoint,
cnode[0], seL4_NilData, env->page_directory,
seL4_NilData);
test_assert(!error);
/* And now wait for it to do some tests and return to us. */
tag = seL4_Recv(ep, &sender_badge);
test_assert(seL4_MessageInfo_get_length(tag) == 1);
test_assert(seL4_GetMR(0) == SUCCESS_MAGIC);
cleanup_helper(env, &t);
return sel4test_get_result();
}
void
doNormalTransfer(tcb_t *sender, word_t *sendBuffer, endpoint_t *endpoint,
word_t badge, bool_t canGrant, tcb_t *receiver,
word_t *receiveBuffer, bool_t diminish)
{
word_t msgTransferred;
seL4_MessageInfo_t tag;
exception_t status;
extra_caps_t caps;
tag = messageInfoFromWord(getRegister(sender, msgInfoRegister));
if (canGrant) {
status = lookupExtraCaps(sender, sendBuffer, tag);
caps = current_extra_caps;
if (unlikely(status != EXCEPTION_NONE)) {
caps.excaprefs[0] = NULL;
}
} else {
caps = current_extra_caps;
caps.excaprefs[0] = NULL;
}
msgTransferred = copyMRs(sender, sendBuffer, receiver, receiveBuffer,
seL4_MessageInfo_get_length(tag));
tag = transferCaps(tag, caps, endpoint, receiver, receiveBuffer, diminish);
tag = seL4_MessageInfo_set_length(tag, msgTransferred);
setRegister(receiver, msgInfoRegister, wordFromMessageInfo(tag));
setRegister(receiver, badgeRegister, badge);
}
int /*? me.interface.name ?*/__run(void) {
seL4_Word fault_type;
seL4_Word length;
seL4_MessageInfo_t info;
seL4_Word args[4];
seL4_Word reply_cap = /*? reply_cap_slot ?*/;
while (1) {
/* Wait for fault */
info = seL4_Recv(/*? ep ?*/, &gdb_state.current_thread_tcb);
/* Get the relevant registers */
fault_type = seL4_MessageInfo_get_label(info);
length = seL4_MessageInfo_get_length(info);
for (int i = 0; i < length; i++) {
args[i] = seL4_GetMR(i);
}
gdb_state.current_pc = args[0];
ZF_LOGD("------------------------------");
ZF_LOGD("Received fault for tcb %zu", gdb_state.current_thread_tcb);
ZF_LOGD("Stopped at %zx", gdb_state.current_pc);
ZF_LOGD("Length: %zu", length);
// Save the reply cap
seL4_CNode_SaveCaller(/*? cnode ?*/, reply_cap, 32);
gdb_state.stop_reason = find_stop_reason(fault_type, args);
gdb_state.current_thread_step_mode = false;
/* Send fault message to gdb client */
gdb_handle_fault(&gdb_state);
/* Wait for gdb client to deal with fault */
int UNUSED error = b_wait();
/* Reply to the fault ep to restart the thread.
We look inside the gdb_state struct to interpret how to restart the thread.
*/
if (gdb_state.stop_reason == stop_step && gdb_state.current_thread_step_mode==false) {
/* If this was a Debug Exception, then we respond with
a bp_num and the number of instruction to step
Since we're going to continue, we set MR0 to 0
*/
info = seL4_MessageInfo_new(0, 0, 0, 1);
seL4_SetMR(0, 0);
seL4_Send(reply_cap, info);
} else if (gdb_state.stop_reason == stop_none) {
/* If this was a fault, set the instruction pointer to
what we expect it to be
*/
info = seL4_MessageInfo_new(0, 0, 0, 1);
seL4_SetMR(0, gdb_state.current_pc);
seL4_Send(reply_cap, info);
} else {
ZF_LOGD("Responding to some other debug exception %d", gdb_state.stop_reason);
seL4_Signal(reply_cap);
}
}
UNREACHABLE();
}
static int
ipc_test_helper_1(ipc_test_data_t *data)
{
seL4_Word sender_badge = 0;
seL4_MessageInfo_t tag;
int result = 0;
/* TEST PART 1 */
/* Receive a pending send. */
CHECK_STEP(ipc_test_step, 1);
tag = seL4_Recv(data->ep1, &sender_badge);
/* As soon as the wait is performed, we should be preempted. */
/* Thread 3 will give us a chance to check our message. */
CHECK_STEP(ipc_test_step, 3);
CHECK_TESTCASE(result, seL4_MessageInfo_get_length(tag) == 20);
for (int i = 0; i < seL4_MessageInfo_get_length(tag); i++) {
CHECK_TESTCASE(result, seL4_GetMR(i) == i);
}
/* Now we bounce to allow thread 3 control again. */
seL4_MessageInfo_ptr_set_length(&tag, 0);
seL4_Call(data->ep0, tag);
/* TEST PART 2 */
/* Receive a send that is not yet pending. */
CHECK_STEP(ipc_test_step, 5);
tag = seL4_Recv(data->ep1, &sender_badge);
CHECK_STEP(ipc_test_step, 8);
CHECK_TESTCASE(result, seL4_MessageInfo_get_length(tag) == 19);
for (int i = 0; i < seL4_MessageInfo_get_length(tag); i++) {
CHECK_TESTCASE(result, seL4_GetMR(i) == i);
}
return result;
}
void ffiseL4_Recv(unsigned char *c, long clen, unsigned char *a, long alen) {
seL4_CPtr ep;
memcpy(&ep, a + 1, sizeof(ep));
seL4_Word badge;
seL4_MessageInfo_t info = seL4_Recv(ep, &badge);
seL4_Word len = seL4_MessageInfo_get_length(info) * sizeof(seL4_Word);
int offset = 1;
memcpy(a + offset, &len, sizeof(len));
offset += sizeof(len);
memcpy(a + offset, &badge, sizeof(badge));
offset += sizeof(badge);
memcpy(a + offset, &seL4_GetIPCBuffer()->msg[0], len);
a[0] = FFI_SUCCESS;
}
int /*? me.from_interface.name ?*/_poll(unsigned int *len, uint16_t *port, ip_addr_t *addr) {
int status;
seL4_MessageInfo_t UNUSED info;
info = seL4_Call(/*? ep ?*/, seL4_MessageInfo_new(0, 0, 0, 0));
assert(seL4_MessageInfo_get_length(info) > 0);
status = seL4_GetMR(0);
if (status != -1) {
*len = seL4_GetMR(1);
*port = seL4_GetMR(2);
*addr = (ip_addr_t){.addr = seL4_GetMR(3)};
assert(*len < 4096);
}
return status;
}
static test_init_data_t *
receive_init_data(seL4_CPtr endpoint)
{
/* wait for a message */
seL4_Word badge;
UNUSED seL4_MessageInfo_t info;
info = seL4_Recv(endpoint, &badge);
/* check the label is correct */
assert(seL4_MessageInfo_get_label(info) == seL4_NoFault);
assert(seL4_MessageInfo_get_length(info) == 1);
test_init_data_t *init_data = (test_init_data_t *) seL4_GetMR(0);
assert(init_data->free_slots.start != 0);
assert(init_data->free_slots.end != 0);
return init_data;
}
void syscall_loop(seL4_CPtr ep) {
while (1) {
//dprintf(3, "looping\n");
seL4_Word badge;
seL4_Word label;
seL4_MessageInfo_t message;
message = seL4_Wait(ep, &badge);
//dprintf(3, "badge=0x%x\n", badge);
label = seL4_MessageInfo_get_label(message);
if(badge & IRQ_EP_BADGE){
/* Interrupt */
if (badge & IRQ_BADGE_NETWORK) {
network_irq();
}
if (badge & IRQ_BADGE_TIMER) {
int ret = timer_interrupt();
if (ret != CLOCK_R_OK) {
//What now?
}
}
}else if(label == seL4_VMFault){
/* Page fault */
dprintf(3, "user with pid = %d, 0x%08x is having a vmfault\n", badge & ~USER_EP_BADGE, badge);
set_cur_proc(badge & ~USER_EP_BADGE);
handle_pagefault();
}else if(label == seL4_NoFault) {
/* System call */
dprintf(3, "user with pid = %d, 0x%08x is making a syscall\n", badge & ~USER_EP_BADGE, badge);
set_cur_proc(badge & ~USER_EP_BADGE);
handle_syscall(badge, seL4_MessageInfo_get_length(message) - 1);
}else{
dprintf(3, "Rootserver got an unknown message\n");
}
}
}
/* function to run in the new thread */
void thread_2(void) {
seL4_Word sender_badge;
seL4_MessageInfo_t tag;
seL4_Word msg;
printf("thread_2: hallo wereld\n");
/* wait for a message to come in over the endpoint */
tag = seL4_Wait(ep_cap, &sender_badge);
/* make sure it is what we expected */
assert(sender_badge == EP_BADGE);
assert(seL4_MessageInfo_get_length(tag) == 1);
/* get the message stored in the first message register */
msg = seL4_GetMR(0);
printf("thread_2: got a message %#x from %#x\n", msg, sender_badge);
/* modify the message and send it back */
seL4_SetMR(0, ~msg);
seL4_ReplyWait(ep_cap, tag, &sender_badge);
}
static int
call_func(seL4_CPtr ep, seL4_Word msg, volatile seL4_Word *done, seL4_Word arg3)
{
seL4_MessageInfo_t tag = seL4_MessageInfo_new(0, 0, 0, 1);
/* Send the given message once. */
seL4_SetMR(0, msg);
tag = seL4_Call(ep, tag);
test_check(seL4_MessageInfo_get_length(tag) == 1);
test_check(seL4_GetMR(0) == ~msg);
*done = 0;
/* Send the given message again - should (eventually) fault this time. */
seL4_SetMR(0, msg);
tag = seL4_Call(ep, tag);
/* The call should fail. */
test_check(seL4_MessageInfo_get_label(tag) == seL4_InvalidCapability);
*done = 1;
return sel4test_get_result();
}
void ffiseL4_ReplyRecv(unsigned char *c, long clen, unsigned char *a, long alen) {
seL4_CPtr ep;
int offset = 1;
memcpy(&ep, a + offset, sizeof(ep));
offset += sizeof(ep);
seL4_Word len;
memcpy(&len, a + offset, sizeof(len));
offset += sizeof(len);
seL4_Word badge;
memcpy(&seL4_GetIPCBuffer()->msg[0], a + offset, len);
seL4_MessageInfo_t info = seL4_ReplyRecv(
ep,
seL4_MessageInfo_new(0, 0, 0, ROUND_UP_UNSAFE(len, sizeof(seL4_Word)) / sizeof(seL4_Word)),
&badge);
len = seL4_MessageInfo_get_length(info) * sizeof(seL4_Word);
offset = 1;
memcpy(a + offset, &len, sizeof(len));
offset += sizeof(len);
memcpy(a + offset, &badge, sizeof(badge));
offset += sizeof(badge);
memcpy(a + offset, &seL4_GetIPCBuffer()->msg[0], len);
a[0] = FFI_SUCCESS;
}
/* function to run in the new thread */
void thread_2(void) {
seL4_Word sender_badge;
seL4_MessageInfo_t tag;
seL4_Word msg;
printf("thread_2: hallo wereld\n");
/* TODO 11: wait for a message to come in over the endpoint */
/* hint 1: seL4_Recv()
* seL4_MessageInfo_t seL4_Recv(seL4_CPtr src, seL4_Word* sender)
* @param src The capability to be invoked.
* @param sender The badge of the endpoint capability that was invoked by the sender is written to this address.
* @return A seL4_MessageInfo_t structure
* Link to source: https://wiki.sel4.systems/seL4%20Tutorial%203#TODO_11:
* You can find out more about it in the API manual: http://sel4.systems/Info/Docs/seL4-manual-3.0.0.pdf
*
* hint 2: seL4_MessageInfo_t is generated during build.
* The type definition and generated field access functions are defined in a generated file:
* build/x86/pc99/libsel4/include/sel4/types_gen.h
* It is generated from the following definition:
* Link to source: https://wiki.sel4.systems/seL4%20Tutorial%203#TODO_11:
* You can find out more about it in the API manual: http://sel4.systems/Info/Docs/seL4-manual-3.0.0.pdf
*/
tag = seL4_Recv(ep_object.cptr, &sender_badge);
/* TODO 12: make sure it is what we expected */
/* hint 1: check the badge. is it EP_BADGE?
* hint 2: we are expecting only 1 message register
* hint 3: seL4_MessageInfo_get_length()
* seL4_Uint32 CONST seL4_MessageInfo_get_length(seL4_MessageInfo_t seL4_MessageInfo)
* @param seL4_MessageInfo the seL4_MessageInfo_t to extract a field from
* @return the number of message registers delivered
* seL4_MessageInfo_get_length() is generated during build. It can be found in:
* build/x86/pc99/libsel4/include/sel4/types_gen.h
* It is generated from the following definition:
* Link to source: https://wiki.sel4.systems/seL4%20Tutorial%203#TODO_12:
*/
ZF_LOGF_IF(sender_badge != EP_BADGE,
"Badge on the endpoint was not what was expected.\n");
ZF_LOGF_IF(seL4_MessageInfo_get_length(tag) != 1,
"Length of the data send from root thread was not what was expected.\n"
"\tHow many registers did you set with seL4_SetMR, within the root thread?\n");
/* TODO 13: get the message stored in the first message register */
/* hint: seL4_GetMR()
* seL4_Word seL4_GetMR(int i)
* @param i The message register to retreive
* @return The message register value
* Link to source: https://wiki.sel4.systems/seL4%20Tutorial%203#TODO_13:
* You can find out more about message registers in the API manual: http://sel4.systems/Info/Docs/seL4-manual-3.0.0.pdf
*/
msg = seL4_GetMR(0);
printf("thread_2: got a message %#x from %#x\n", msg, sender_badge);
/* modify the message */
msg = ~msg;
/* TODO 14: copy the modified message back into the message register */
/* hint: seL4_SetMR()
* void seL4_SetMR(int i, seL4_Word mr)
* @param i The message register to write
* @param mr The value of the message register
* Link to source: https://wiki.sel4.systems/seL4%20Tutorial%203#TODO_14:
* You can find out more about message registers in the API manual: http://sel4.systems/Info/Docs/seL4-manual-3.0.0.pdf
*/
seL4_SetMR(0, msg);
/* TODO 15: send the message back */
/* hint 1: seL4_ReplyRecv()
* seL4_MessageInfo_t seL4_ReplyRecv(seL4_CPtr dest, seL4_MessageInfo_t msgInfo, seL4_Word *sender)
* @param dest The capability to be invoked.
* @param msgInfo The messageinfo structure for the IPC. This specifies information about the message to send (such as the number of message registers to send) as the Reply part.
* @param sender The badge of the endpoint capability that was invoked by the sender is written to this address. This is a result of the Wait part.
* @return A seL4_MessageInfo_t structure. This is a result of the Wait part.
* Link to source: https://wiki.sel4.systems/seL4%20Tutorial%203#TODO_15:
* You can find out more about it in the API manual: http://sel4.systems/Info/Docs/seL4-manual-3.0.0.pdf
*
* hint 2: seL4_MessageInfo_t is generated during build.
* The type definition and generated field access functions are defined in a generated file:
* build/x86/pc99/libsel4/include/sel4/types_gen.h
* It is generated from the following definition:
* Link to source: https://wiki.sel4.systems/seL4%20Tutorial%203#TODO_15:
* You can find out more about it in the API manual: http://sel4.systems/Info/Docs/seL4-manual-3.0.0.pdf
*/
seL4_ReplyRecv(ep_object.cptr, tag, &sender_badge);
}
int main(void)
{
UNUSED int error;
/* Set up logging and give us a name: useful for debugging if the thread faults */
zf_log_set_tag_prefix("hello-3:");
name_thread(seL4_CapInitThreadTCB, "hello-3");
/* get boot info */
info = seL4_GetBootInfo();
/* init simple */
simple_default_init_bootinfo(&simple, info);
/* print out bootinfo and other info about simple */
simple_print(&simple);
/* create an allocator */
allocman = bootstrap_use_current_simple(&simple, ALLOCATOR_STATIC_POOL_SIZE, allocator_mem_pool);
ZF_LOGF_IF(allocman == NULL, "Failed to initialize alloc manager.\n"
"\tMemory pool sufficiently sized?\n"
"\tMemory pool pointer valid?\n");
/* create a vka (interface for interacting with the underlying allocator) */
allocman_make_vka(&vka, allocman);
/* get our cspace root cnode */
seL4_CPtr cspace_cap;
cspace_cap = simple_get_cnode(&simple);
/* get our vspace root page directory */
seL4_CPtr pd_cap;
pd_cap = simple_get_pd(&simple);
/* create a new TCB */
vka_object_t tcb_object = {0};
error = vka_alloc_tcb(&vka, &tcb_object);
ZF_LOGF_IFERR(error, "Failed to allocate new TCB.\n"
"\tVKA given sufficient bootstrap memory?");
/*
* create and map an ipc buffer:
*/
/* TODO 1: get a frame cap for the ipc buffer */
/* hint: vka_alloc_frame()
* int vka_alloc_frame(vka_t *vka, uint32_t size_bits, vka_object_t *result)
* @param vka Pointer to vka interface.
* @param size_bits Frame size: 2^size_bits
* @param result Structure for the Frame object. This gets initialised.
* @return 0 on success
* Link to source: https://wiki.sel4.systems/seL4%20Tutorial%203#TODO_1:
*/
vka_object_t ipc_frame_object;
error = vka_alloc_frame(&vka, IPCBUF_FRAME_SIZE_BITS, &ipc_frame_object);
ZF_LOGF_IFERR(error, "Failed to alloc a frame for the IPC buffer.\n"
"\tThe frame size is not the number of bytes, but an exponent.\n"
"\tNB: This frame is not an immediately usable, virtually mapped page.\n")
/*
* map the frame into the vspace at ipc_buffer_vaddr.
* To do this we first try to map it in to the root page directory.
* If there is already a page table mapped in the appropriate slot in the
* page diretory where we can insert this frame, then this will succeed.
* Otherwise we first need to create a page table, and map it in to
* the page directory, before we can map the frame in. */
seL4_Word ipc_buffer_vaddr = IPCBUF_VADDR;
/* TODO 2: try to map the frame the first time */
/* hint 1: seL4_ARCH_Page_Map()
* The *ARCH* versions of seL4 sys calls are abstractions over the architecture provided by libsel4utils
* this one is defined as:
* #define seL4_ARCH_Page_Map seL4_X86_Page_Map
* in: Link to source: https://wiki.sel4.systems/seL4%20Tutorial%203#TODO_2:
* The signature for the underlying function is:
* int seL4_X86_Page_Map(seL4_X86_Page service, seL4_X86_PageDirectory pd, seL4_Word vaddr, seL4_CapRights rights, seL4_X86_VMAttributes attr)
* @param service Capability to the page to map.
* @param pd Capability to the VSpace which will contain the mapping.
* @param vaddr Virtual address to map the page into.
* @param rights Rights for the mapping.
* @param attr VM Attributes for the mapping.
* @return 0 on success.
*
* Note: this function is generated during build. It is generated from the following definition:
* Link to source: https://wiki.sel4.systems/seL4%20Tutorial%203#TODO_2:
* You can find out more about it in the API manual: http://sel4.systems/Info/Docs/seL4-manual-3.0.0.pdf
*
* hint 2: for the rights, use seL4_AllRights
* hint 3: for VM attributes use seL4_ARCH_Default_VMAttributes
* Hint 4: It is normal for this function call to fail. That means there are
* no page tables with free slots -- proceed to the next step where you'll
* be led to allocate a new empty page table and map it into the VSpace,
* before trying again.
*/
error = seL4_ARCH_Page_Map(ipc_frame_object.cptr, pd_cap, ipc_buffer_vaddr,
seL4_AllRights, seL4_ARCH_Default_VMAttributes);
if (error != 0) {
/* TODO 3: create a page table */
/* hint: vka_alloc_page_table()
* int vka_alloc_page_table(vka_t *vka, vka_object_t *result)
* @param vka Pointer to vka interface.
* @param result Structure for the PageTable object. This gets initialised.
* @return 0 on success
* Link to source: https://wiki.sel4.systems/seL4%20Tutorial%203#TODO_3:
*/
vka_object_t pt_object;
error = vka_alloc_page_table(&vka, &pt_object);
ZF_LOGF_IFERR(error, "Failed to allocate new page table.\n");
/* TODO 4: map the page table */
/* hint 1: seL4_ARCH_PageTable_Map()
* The *ARCH* versions of seL4 sys calls are abstractions over the architecture provided by libsel4utils
* this one is defined as:
* #define seL4_ARCH_PageTable_Map seL4_X86_PageTable_Map
* Link to source: https://wiki.sel4.systems/seL4%20Tutorial%203#TODO_4:
* The signature for the underlying function is:
* int seL4_X86_PageTable_Map(seL4_X86_PageTable service, seL4_X86_PageDirectory pd, seL4_Word vaddr, seL4_X86_VMAttributes attr)
* @param service Capability to the page table to map.
* @param pd Capability to the VSpace which will contain the mapping.
* @param vaddr Virtual address to map the page table into.
* @param rights Rights for the mapping.
* @param attr VM Attributes for the mapping.
* @return 0 on success.
*
* Note: this function is generated during build. It is generated from the following definition:
* Link to source: https://wiki.sel4.systems/seL4%20Tutorial%203#TODO_4:
* You can find out more about it in the API manual: http://sel4.systems/Info/Docs/seL4-manual-3.0.0.pdf
*
* hint 2: for VM attributes use seL4_ARCH_Default_VMAttributes
*/
error = seL4_ARCH_PageTable_Map(pt_object.cptr, pd_cap,
ipc_buffer_vaddr, seL4_ARCH_Default_VMAttributes);
ZF_LOGF_IFERR(error, "Failed to map page table into VSpace.\n"
"\tWe are inserting a new page table into the top-level table.\n"
"\tPass a capability to the new page table, and not for example, the IPC buffer frame vaddr.\n")
/* TODO 5: then map the frame in */
/* hint 1: use seL4_ARCH_Page_Map() as above
* hint 2: for the rights, use seL4_AllRights
* hint 3: for VM attributes use seL4_ARCH_Default_VMAttributes
*/
error = seL4_ARCH_Page_Map(ipc_frame_object.cptr, pd_cap,
ipc_buffer_vaddr, seL4_AllRights, seL4_ARCH_Default_VMAttributes);
ZF_LOGF_IFERR(error, "Failed again to map the IPC buffer frame into the VSpace.\n"
"\t(It's not supposed to fail.)\n"
"\tPass a capability to the IPC buffer's physical frame.\n"
"\tRevisit the first seL4_ARCH_Page_Map call above and double-check your arguments.\n");
}
/* set the IPC buffer's virtual address in a field of the IPC buffer */
seL4_IPCBuffer *ipcbuf = (seL4_IPCBuffer*)ipc_buffer_vaddr;
ipcbuf->userData = ipc_buffer_vaddr;
/* TODO 6: create an endpoint */
/* hint: vka_alloc_endpoint()
* int vka_alloc_endpoint(vka_t *vka, vka_object_t *result)
* @param vka Pointer to vka interface.
* @param result Structure for the Endpoint object. This gets initialised.
* @return 0 on success
* Link to source: https://wiki.sel4.systems/seL4%20Tutorial%203#TODO_6:
*/
error = vka_alloc_endpoint(&vka, &ep_object);
ZF_LOGF_IFERR(error, "Failed to allocate new endpoint object.\n");
/* TODO 7: make a badged copy of it in our cspace. This copy will be used to send
* an IPC message to the original cap */
/* hint 1: vka_mint_object()
* int vka_mint_object(vka_t *vka, vka_object_t *object, cspacepath_t *result, seL4_CapRights rights, seL4_CapData_t badge)
* @param[in] vka The allocator for the cspace.
* @param[in] object Target object for cap minting.
* @param[out] result Allocated cspacepath.
* @param[in] rights The rights for the minted cap.
* @param[in] badge The badge for the minted cap.
* @return 0 on success
*
* Link to source: https://wiki.sel4.systems/seL4%20Tutorial%203#TODO_7:
*
* hint 2: for the rights, use seL4_AllRights
* hint 3: for the badge use seL4_CapData_Badge_new()
* seL4_CapData_t CONST seL4_CapData_Badge_new(seL4_Uint32 Badge)
* @param[in] Badge The badge number to use
* @return A CapData structure containing the desired badge info
*
* seL4_CapData_t is generated during build.
* The type definition and generated field access functions are defined in a generated file:
* build/x86/pc99/libsel4/include/sel4/types_gen.h
* It is generated from the following definition:
* Link to source: https://wiki.sel4.systems/seL4%20Tutorial%203#TODO_7:
* You can find out more about it in the API manual: http://sel4.systems/Info/Docs/seL4-manual-3.0.0.pdf
*
* hint 4: for the badge use EP_BADGE
*/
error = vka_mint_object(&vka, &ep_object, &ep_cap_path, seL4_AllRights,
seL4_CapData_Badge_new(EP_BADGE));
ZF_LOGF_IFERR(error, "Failed to mint new badged copy of IPC endpoint.\n"
"\tseL4_Mint is the backend for vka_mint_object.\n"
"\tseL4_Mint is simply being used here to create a badged copy of the same IPC endpoint.\n"
"\tThink of a badge in this case as an IPC context cookie.\n");
/* initialise the new TCB */
error = seL4_TCB_Configure(tcb_object.cptr, seL4_CapNull, seL4_PrioProps_new(seL4_MaxPrio, seL4_MaxPrio),
cspace_cap, seL4_NilData, pd_cap, seL4_NilData,
ipc_buffer_vaddr, ipc_frame_object.cptr);
ZF_LOGF_IFERR(error, "Failed to configure the new TCB object.\n"
"\tWe're running the new thread with the root thread's CSpace.\n"
"\tWe're running the new thread in the root thread's VSpace.\n");
/* give the new thread a name */
name_thread(tcb_object.cptr, "hello-3: thread_2");
/* set start up registers for the new thread */
seL4_UserContext regs = {0};
size_t regs_size = sizeof(seL4_UserContext) / sizeof(seL4_Word);
/* set instruction pointer where the thread shoud start running */
sel4utils_set_instruction_pointer(®s, (seL4_Word)thread_2);
/* check that stack is aligned correctly */
const int stack_alignment_requirement = sizeof(seL4_Word) * 2;
uintptr_t thread_2_stack_top = (uintptr_t)thread_2_stack + sizeof(thread_2_stack);
ZF_LOGF_IF(thread_2_stack_top % (stack_alignment_requirement) != 0,
"Stack top isn't aligned correctly to a %dB boundary.\n"
"\tDouble check to ensure you're not trampling.",
stack_alignment_requirement);
/* set stack pointer for the new thread. remember the stack grows down */
sel4utils_set_stack_pointer(®s, thread_2_stack_top);
/* set the fs register for IPC buffer */
regs.fs = IPCBUF_GDT_SELECTOR;
/* actually write the TCB registers. */
error = seL4_TCB_WriteRegisters(tcb_object.cptr, 0, 0, regs_size, ®s);
ZF_LOGF_IFERR(error, "Failed to write the new thread's register set.\n"
"\tDid you write the correct number of registers? See arg4.\n");
/* start the new thread running */
error = seL4_TCB_Resume(tcb_object.cptr);
ZF_LOGF_IFERR(error, "Failed to start new thread.\n");
/* we are done, say hello */
printf("main: hello world\n");
/*
* now send a message to the new thread, and wait for a reply
*/
seL4_Word msg;
seL4_MessageInfo_t tag;
/* TODO 8: set the data to send. We send it in the first message register */
/* hint 1: seL4_MessageInfo_new()
* seL4_MessageInfo_t CONST seL4_MessageInfo_new(seL4_Uint32 label, seL4_Uint32 capsUnwrapped, seL4_Uint32 extraCaps, seL4_Uint32 length)
* @param label The value of the label field
* @param capsUnwrapped The value of the capsUnwrapped field
* @param extraCaps The value of the extraCaps field
* @param length The number of message registers to send
* @return The seL4_MessageInfo_t containing the given values.
*
* seL4_MessageInfo_new() is generated during build. It can be found in:
* build/x86/pc99/libsel4/include/sel4/types_gen.h
* It is generated from the following definition:
* Link to source: https://wiki.sel4.systems/seL4%20Tutorial%203#TODO_8:
*
* hint 2: use 0 for the first 3 fields.
* hint 3: send only 1 message register of data
*
* hint 4: seL4_SetMR()
* void seL4_SetMR(int i, seL4_Word mr)
* @param i The message register to write
* @param mr The value of the message register
* Link to source: https://wiki.sel4.systems/seL4%20Tutorial%203#TODO_8:
* You can find out more about message registers in the API manual: http://sel4.systems/Info/Docs/seL4-manual-3.0.0.pdf
*
* hint 5: send MSG_DATA
*/
tag = seL4_MessageInfo_new(0, 0, 0, 1);
seL4_SetMR(0, MSG_DATA);
/* TODO 9: send and wait for a reply. */
/* hint: seL4_Call()
* seL4_MessageInfo_t seL4_Call(seL4_CPtr dest, seL4_MessageInfo_t msgInfo)
* @param dest The capability to be invoked.
* @param msgInfo The messageinfo structure for the IPC. This specifies information about the message to send (such as the number of message registers to send).
* @return A seL4_MessageInfo_t structure. This is information about the repy message.
* Link to source: https://wiki.sel4.systems/seL4%20Tutorial%203#TODO_9:
* You can find out more about it in the API manual: http://sel4.systems/Info/Docs/seL4-manual-3.0.0.pdf
*
* hint 2: seL4_MessageInfo_t is generated during build.
* The type definition and generated field access functions are defined in a generated file:
* build/x86/pc99/libsel4/include/sel4/types_gen.h
* It is generated from the following definition:
* Link to source: https://wiki.sel4.systems/seL4%20Tutorial%203#TODO_9:
* You can find out more about it in the API manual: http://sel4.systems/Info/Docs/seL4-manual-3.0.0.pdf
*/
tag = seL4_Call(ep_cap_path.capPtr, tag);
/* TODO 10: get the reply message */
/* hint: seL4_GetMR()
* seL4_Word seL4_GetMR(int i)
* @param i The message register to retreive
* @return The message register value
* Link to source: https://wiki.sel4.systems/seL4%20Tutorial%203#TODO_10:
* You can find out more about message registers in the API manual: http://sel4.systems/Info/Docs/seL4-manual-3.0.0.pdf
*/
msg = seL4_GetMR(0);
/* check that we got the expected repy */
ZF_LOGF_IF(seL4_MessageInfo_get_length(tag) != 1,
"Response data from thread_2 was not the length expected.\n"
"\tHow many registers did you set with seL4_SetMR within thread_2?\n");
ZF_LOGF_IF(msg != ~MSG_DATA,
"Response data from thread_2's content was not what was expected.\n");
printf("main: got a reply: %#x\n", msg);
return 0;
}
void fastpath_reply_recv(word_t cptr, word_t msgInfo)
{
seL4_MessageInfo_t info;
cap_t ep_cap;
endpoint_t *ep_ptr;
word_t length;
cte_t *callerSlot;
cap_t callerCap;
tcb_t *caller;
word_t badge;
tcb_t *endpointTail;
word_t fault_type;
cap_t newVTable;
vspace_root_t *cap_pd;
pde_t stored_hw_asid;
dom_t dom;
/* Get message info and length */
info = messageInfoFromWord_raw(msgInfo);
length = seL4_MessageInfo_get_length(info);
fault_type = seL4_Fault_get_seL4_FaultType(NODE_STATE(ksCurThread)->tcbFault);
/* Check there's no extra caps, the length is ok and there's no
* saved fault. */
if (unlikely(fastpath_mi_check(msgInfo) ||
fault_type != seL4_Fault_NullFault)) {
slowpath(SysReplyRecv);
}
/* Lookup the cap */
ep_cap = lookup_fp(TCB_PTR_CTE_PTR(NODE_STATE(ksCurThread), tcbCTable)->cap,
cptr);
/* Check it's an endpoint */
if (unlikely(!cap_capType_equals(ep_cap, cap_endpoint_cap) ||
!cap_endpoint_cap_get_capCanReceive(ep_cap))) {
slowpath(SysReplyRecv);
}
/* Check there is nothing waiting on the notification */
if (NODE_STATE(ksCurThread)->tcbBoundNotification &&
notification_ptr_get_state(NODE_STATE(ksCurThread)->tcbBoundNotification) == NtfnState_Active) {
slowpath(SysReplyRecv);
}
/* Get the endpoint address */
ep_ptr = EP_PTR(cap_endpoint_cap_get_capEPPtr(ep_cap));
/* Check that there's not a thread waiting to send */
if (unlikely(endpoint_ptr_get_state(ep_ptr) == EPState_Send)) {
slowpath(SysReplyRecv);
}
/* Only reply if the reply cap is valid. */
callerSlot = TCB_PTR_CTE_PTR(NODE_STATE(ksCurThread), tcbCaller);
callerCap = callerSlot->cap;
if (unlikely(!fastpath_reply_cap_check(callerCap))) {
slowpath(SysReplyRecv);
}
/* Determine who the caller is. */
caller = TCB_PTR(cap_reply_cap_get_capTCBPtr(callerCap));
/* ensure we are not single stepping the caller in ia32 */
#if defined(CONFIG_HARDWARE_DEBUG_API) && defined(CONFIG_ARCH_IA32)
if (caller->tcbArch.tcbContext.breakpointState.single_step_enabled) {
slowpath(SysReplyRecv);
}
#endif
/* Check that the caller has not faulted, in which case a fault
reply is generated instead. */
fault_type = seL4_Fault_get_seL4_FaultType(caller->tcbFault);
if (unlikely(fault_type != seL4_Fault_NullFault)) {
slowpath(SysReplyRecv);
}
/* Get destination thread.*/
newVTable = TCB_PTR_CTE_PTR(caller, tcbVTable)->cap;
/* Get vspace root. */
cap_pd = cap_vtable_cap_get_vspace_root_fp(newVTable);
/* Ensure that the destination has a valid MMU. */
if (unlikely(! isValidVTableRoot_fp(newVTable))) {
slowpath(SysReplyRecv);
}
#ifdef CONFIG_ARCH_AARCH32
/* Get HWASID. */
stored_hw_asid = cap_pd[PD_ASID_SLOT];
#endif
#ifdef CONFIG_ARCH_X86_64
stored_hw_asid.words[0] = cap_pml4_cap_get_capPML4MappedASID(newVTable);
#endif
#ifdef CONFIG_ARCH_AARCH64
stored_hw_asid.words[0] = cap_page_global_directory_cap_get_capPGDMappedASID(newVTable);
#endif
#ifdef CONFIG_ARCH_RISCV
stored_hw_asid.words[0] = cap_page_table_cap_get_capPTMappedASID(newVTable);
#endif
/* Ensure the original caller can be scheduled directly. */
dom = maxDom ? ksCurDomain : 0;
if (unlikely(!isHighestPrio(dom, caller->tcbPriority))) {
slowpath(SysReplyRecv);
}
#ifdef CONFIG_ARCH_AARCH32
/* Ensure the HWASID is valid. */
if (unlikely(!pde_pde_invalid_get_stored_asid_valid(stored_hw_asid))) {
slowpath(SysReplyRecv);
}
#endif
/* Ensure the original caller is in the current domain and can be scheduled directly. */
if (unlikely(caller->tcbDomain != ksCurDomain && maxDom)) {
slowpath(SysReplyRecv);
}
#ifdef ENABLE_SMP_SUPPORT
/* Ensure both threads have the same affinity */
if (unlikely(NODE_STATE(ksCurThread)->tcbAffinity != caller->tcbAffinity)) {
slowpath(SysReplyRecv);
}
#endif /* ENABLE_SMP_SUPPORT */
/*
* --- POINT OF NO RETURN ---
*
* At this stage, we have committed to performing the IPC.
*/
#ifdef CONFIG_BENCHMARK_TRACK_KERNEL_ENTRIES
ksKernelEntry.is_fastpath = true;
#endif
/* Set thread state to BlockedOnReceive */
thread_state_ptr_mset_blockingObject_tsType(
&NODE_STATE(ksCurThread)->tcbState, (word_t)ep_ptr, ThreadState_BlockedOnReceive);
thread_state_ptr_set_blockingIPCCanGrant(&NODE_STATE(ksCurThread)->tcbState,
cap_endpoint_cap_get_capCanGrant(ep_cap));;
/* Place the thread in the endpoint queue */
endpointTail = endpoint_ptr_get_epQueue_tail_fp(ep_ptr);
if (likely(!endpointTail)) {
NODE_STATE(ksCurThread)->tcbEPPrev = NULL;
NODE_STATE(ksCurThread)->tcbEPNext = NULL;
/* Set head/tail of queue and endpoint state. */
endpoint_ptr_set_epQueue_head_np(ep_ptr, TCB_REF(NODE_STATE(ksCurThread)));
endpoint_ptr_mset_epQueue_tail_state(ep_ptr, TCB_REF(NODE_STATE(ksCurThread)),
EPState_Recv);
} else {
/* Append current thread onto the queue. */
endpointTail->tcbEPNext = NODE_STATE(ksCurThread);
NODE_STATE(ksCurThread)->tcbEPPrev = endpointTail;
NODE_STATE(ksCurThread)->tcbEPNext = NULL;
/* Update tail of queue. */
endpoint_ptr_mset_epQueue_tail_state(ep_ptr, TCB_REF(NODE_STATE(ksCurThread)),
EPState_Recv);
}
/* Delete the reply cap. */
mdb_node_ptr_mset_mdbNext_mdbRevocable_mdbFirstBadged(
&CTE_PTR(mdb_node_get_mdbPrev(callerSlot->cteMDBNode))->cteMDBNode,
0, 1, 1);
callerSlot->cap = cap_null_cap_new();
callerSlot->cteMDBNode = nullMDBNode;
/* I know there's no fault, so straight to the transfer. */
/* Replies don't have a badge. */
badge = 0;
fastpath_copy_mrs(length, NODE_STATE(ksCurThread), caller);
/* Dest thread is set Running, but not queued. */
thread_state_ptr_set_tsType_np(&caller->tcbState,
ThreadState_Running);
switchToThread_fp(caller, cap_pd, stored_hw_asid);
msgInfo = wordFromMessageInfo(seL4_MessageInfo_set_capsUnwrapped(info, 0));
fastpath_restore(badge, msgInfo, NODE_STATE(ksCurThread));
}
void
#ifdef ARCH_X86
NORETURN
#endif
fastpath_call(word_t cptr, word_t msgInfo)
{
seL4_MessageInfo_t info;
cap_t ep_cap;
endpoint_t *ep_ptr;
word_t length;
tcb_t *dest;
word_t badge;
cte_t *replySlot, *callerSlot;
cap_t newVTable;
vspace_root_t *cap_pd;
pde_t stored_hw_asid;
word_t fault_type;
dom_t dom;
word_t replyCanGrant;
/* Get message info, length, and fault type. */
info = messageInfoFromWord_raw(msgInfo);
length = seL4_MessageInfo_get_length(info);
fault_type = seL4_Fault_get_seL4_FaultType(NODE_STATE(ksCurThread)->tcbFault);
/* Check there's no extra caps, the length is ok and there's no
* saved fault. */
if (unlikely(fastpath_mi_check(msgInfo) ||
fault_type != seL4_Fault_NullFault)) {
slowpath(SysCall);
}
/* Lookup the cap */
ep_cap = lookup_fp(TCB_PTR_CTE_PTR(NODE_STATE(ksCurThread), tcbCTable)->cap, cptr);
/* Check it's an endpoint */
if (unlikely(!cap_capType_equals(ep_cap, cap_endpoint_cap) ||
!cap_endpoint_cap_get_capCanSend(ep_cap))) {
slowpath(SysCall);
}
/* Get the endpoint address */
ep_ptr = EP_PTR(cap_endpoint_cap_get_capEPPtr(ep_cap));
/* Get the destination thread, which is only going to be valid
* if the endpoint is valid. */
dest = TCB_PTR(endpoint_ptr_get_epQueue_head(ep_ptr));
/* Check that there's a thread waiting to receive */
if (unlikely(endpoint_ptr_get_state(ep_ptr) != EPState_Recv)) {
slowpath(SysCall);
}
/* ensure we are not single stepping the destination in ia32 */
#if defined(CONFIG_HARDWARE_DEBUG_API) && defined(CONFIG_ARCH_IA32)
if (dest->tcbArch.tcbContext.breakpointState.single_step_enabled) {
slowpath(SysCall);
}
#endif
/* Get destination thread.*/
newVTable = TCB_PTR_CTE_PTR(dest, tcbVTable)->cap;
/* Get vspace root. */
cap_pd = cap_vtable_cap_get_vspace_root_fp(newVTable);
/* Ensure that the destination has a valid VTable. */
if (unlikely(! isValidVTableRoot_fp(newVTable))) {
slowpath(SysCall);
}
#ifdef CONFIG_ARCH_AARCH32
/* Get HW ASID */
stored_hw_asid = cap_pd[PD_ASID_SLOT];
#endif
#ifdef CONFIG_ARCH_X86_64
/* borrow the stored_hw_asid for PCID */
stored_hw_asid.words[0] = cap_pml4_cap_get_capPML4MappedASID_fp(newVTable);
#endif
#ifdef CONFIG_ARCH_AARCH64
stored_hw_asid.words[0] = cap_page_global_directory_cap_get_capPGDMappedASID(newVTable);
#endif
#ifdef CONFIG_ARCH_RISCV
/* Get HW ASID */
stored_hw_asid.words[0] = cap_page_table_cap_get_capPTMappedASID(newVTable);
#endif
/* let gcc optimise this out for 1 domain */
dom = maxDom ? ksCurDomain : 0;
/* ensure only the idle thread or lower prio threads are present in the scheduler */
if (likely(dest->tcbPriority < NODE_STATE(ksCurThread->tcbPriority)) &&
!isHighestPrio(dom, dest->tcbPriority)) {
slowpath(SysCall);
}
/* Ensure that the endpoint has has grant or grant-reply rights so that we can
* create the reply cap */
if (unlikely(!cap_endpoint_cap_get_capCanGrant(ep_cap) &&
!cap_endpoint_cap_get_capCanGrantReply(ep_cap))) {
slowpath(SysCall);
}
#ifdef CONFIG_ARCH_AARCH32
if (unlikely(!pde_pde_invalid_get_stored_asid_valid(stored_hw_asid))) {
slowpath(SysCall);
}
#endif
/* Ensure the original caller is in the current domain and can be scheduled directly. */
if (unlikely(dest->tcbDomain != ksCurDomain && maxDom)) {
slowpath(SysCall);
}
#ifdef ENABLE_SMP_SUPPORT
/* Ensure both threads have the same affinity */
if (unlikely(NODE_STATE(ksCurThread)->tcbAffinity != dest->tcbAffinity)) {
slowpath(SysCall);
}
#endif /* ENABLE_SMP_SUPPORT */
/*
* --- POINT OF NO RETURN ---
*
* At this stage, we have committed to performing the IPC.
*/
#ifdef CONFIG_BENCHMARK_TRACK_KERNEL_ENTRIES
ksKernelEntry.is_fastpath = true;
#endif
/* Dequeue the destination. */
endpoint_ptr_set_epQueue_head_np(ep_ptr, TCB_REF(dest->tcbEPNext));
if (unlikely(dest->tcbEPNext)) {
dest->tcbEPNext->tcbEPPrev = NULL;
} else {
endpoint_ptr_mset_epQueue_tail_state(ep_ptr, 0, EPState_Idle);
}
badge = cap_endpoint_cap_get_capEPBadge(ep_cap);
/* Block sender */
thread_state_ptr_set_tsType_np(&NODE_STATE(ksCurThread)->tcbState,
ThreadState_BlockedOnReply);
/* Get sender reply slot */
replySlot = TCB_PTR_CTE_PTR(NODE_STATE(ksCurThread), tcbReply);
/* Get dest caller slot */
callerSlot = TCB_PTR_CTE_PTR(dest, tcbCaller);
/* Insert reply cap */
replyCanGrant = thread_state_ptr_get_blockingIPCCanGrant(&dest->tcbState);;
cap_reply_cap_ptr_new_np(&callerSlot->cap, replyCanGrant, 0,
TCB_REF(NODE_STATE(ksCurThread)));
mdb_node_ptr_set_mdbPrev_np(&callerSlot->cteMDBNode, CTE_REF(replySlot));
mdb_node_ptr_mset_mdbNext_mdbRevocable_mdbFirstBadged(
&replySlot->cteMDBNode, CTE_REF(callerSlot), 1, 1);
fastpath_copy_mrs(length, NODE_STATE(ksCurThread), dest);
/* Dest thread is set Running, but not queued. */
thread_state_ptr_set_tsType_np(&dest->tcbState,
ThreadState_Running);
switchToThread_fp(dest, cap_pd, stored_hw_asid);
msgInfo = wordFromMessageInfo(seL4_MessageInfo_set_capsUnwrapped(info, 0));
fastpath_restore(badge, msgInfo, NODE_STATE(ksCurThread));
}
void
fastpath_reply_recv(word_t cptr, word_t msgInfo)
{
seL4_MessageInfo_t info;
cap_t ep_cap;
endpoint_t *ep_ptr;
word_t length;
cte_t *callerSlot;
cap_t callerCap;
tcb_t *caller;
word_t badge;
tcb_t *endpointTail;
word_t fault_type;
cap_t newVTable;
pde_t *cap_pd;
pde_t stored_hw_asid;
/* Get message info and length */
info = messageInfoFromWord_raw(msgInfo);
length = seL4_MessageInfo_get_length(info);
fault_type = fault_get_faultType(ksCurThread->tcbFault);
#ifdef CONFIG_BENCHMARK_TRACK_KERNEL_ENTRIES
ksKernelEntry.path = Entry_Syscall;
ksKernelEntry.syscall_no = SysReplyRecv;
ksKernelEntry.cap_type = cap_endpoint_cap;
ksKernelEntry.invocation_tag = seL4_MessageInfo_get_label(info);
ksKernelEntry.is_fastpath = true;
benchmark_track_start();
#endif
#ifdef CONFIG_BENCHMARK_TRACK_UTILISATION
benchmark_utilisation_kentry_stamp();
#endif /* CONFIG_BENCHMARK_TRACK_UTILISATION */
/* Check there's no extra caps, the length is ok and there's no
* saved fault. */
if (unlikely(fastpath_mi_check(msgInfo) ||
fault_type != fault_null_fault)) {
slowpath(SysReplyRecv);
}
/* Lookup the cap */
ep_cap = lookup_fp(TCB_PTR_CTE_PTR(ksCurThread, tcbCTable)->cap,
cptr);
/* Check it's an endpoint */
if (unlikely(!cap_capType_equals(ep_cap, cap_endpoint_cap) ||
!cap_endpoint_cap_get_capCanReceive(ep_cap))) {
slowpath(SysReplyRecv);
}
/* Check there is nothing waiting on the notification */
if (ksCurThread->tcbBoundNotification &&
notification_ptr_get_state(ksCurThread->tcbBoundNotification) == NtfnState_Active) {
slowpath(SysReplyRecv);
}
/* Get the endpoint address */
ep_ptr = EP_PTR(cap_endpoint_cap_get_capEPPtr(ep_cap));
/* Check that there's not a thread waiting to send */
if (unlikely(endpoint_ptr_get_state(ep_ptr) == EPState_Send)) {
slowpath(SysReplyRecv);
}
/* Only reply if the reply cap is valid. */
callerSlot = TCB_PTR_CTE_PTR(ksCurThread, tcbCaller);
callerCap = callerSlot->cap;
if (unlikely(!fastpath_reply_cap_check(callerCap))) {
slowpath(SysReplyRecv);
}
/* Determine who the caller is. */
caller = TCB_PTR(cap_reply_cap_get_capTCBPtr(callerCap));
/* Check that the caller has not faulted, in which case a fault
reply is generated instead. */
fault_type = fault_get_faultType(caller->tcbFault);
if (unlikely(fault_type != fault_null_fault)) {
slowpath(SysReplyRecv);
}
/* Get destination thread.*/
newVTable = TCB_PTR_CTE_PTR(caller, tcbVTable)->cap;
/* Get vspace root. */
#if defined(ARCH_ARM) || !defined(CONFIG_PAE_PAGING)
cap_pd = PDE_PTR(cap_page_directory_cap_get_capPDBasePtr(newVTable));
#else
cap_pd = PDE_PTR(cap_pdpt_cap_get_capPDPTBasePtr(newVTable));
#endif
/* Ensure that the destination has a valid MMU. */
if (unlikely(! isValidVTableRoot_fp (newVTable))) {
slowpath(SysReplyRecv);
}
#ifdef ARCH_ARM
/* Get HWASID. */
stored_hw_asid = cap_pd[PD_ASID_SLOT];
#endif
/* Ensure the original caller can be scheduled directly. */
if (unlikely(caller->tcbPriority < ksCurThread->tcbPriority)) {
slowpath(SysReplyRecv);
}
#ifdef ARCH_ARM
/* Ensure the HWASID is valid. */
if (unlikely(!pde_pde_invalid_get_stored_asid_valid(stored_hw_asid))) {
slowpath(SysReplyRecv);
}
#endif
/* Ensure the original caller is in the current domain and can be scheduled directly. */
if (unlikely(caller->tcbDomain != ksCurDomain && maxDom)) {
slowpath(SysReplyRecv);
}
/*
* --- POINT OF NO RETURN ---
*
* At this stage, we have committed to performing the IPC.
*/
#ifdef ARCH_X86
/* Need to update NextIP in the calling thread */
setRegister(ksCurThread, NextIP, getRegister(ksCurThread, NextIP) + 2);
#endif
/* Set thread state to BlockedOnReceive */
thread_state_ptr_mset_blockingObject_tsType(
&ksCurThread->tcbState, (word_t)ep_ptr, ThreadState_BlockedOnReceive);
/* Place the thread in the endpoint queue */
endpointTail = TCB_PTR(endpoint_ptr_get_epQueue_tail(ep_ptr));
if (likely(!endpointTail)) {
ksCurThread->tcbEPPrev = NULL;
ksCurThread->tcbEPNext = NULL;
/* Set head/tail of queue and endpoint state. */
endpoint_ptr_set_epQueue_head_np(ep_ptr, TCB_REF(ksCurThread));
endpoint_ptr_mset_epQueue_tail_state(ep_ptr, TCB_REF(ksCurThread),
EPState_Recv);
} else {
/* Append current thread onto the queue. */
endpointTail->tcbEPNext = ksCurThread;
ksCurThread->tcbEPPrev = endpointTail;
ksCurThread->tcbEPNext = NULL;
/* Update tail of queue. */
endpoint_ptr_mset_epQueue_tail_state(ep_ptr, TCB_REF(ksCurThread),
EPState_Recv);
}
/* Delete the reply cap. */
mdb_node_ptr_mset_mdbNext_mdbRevocable_mdbFirstBadged(
&CTE_PTR(mdb_node_get_mdbPrev(callerSlot->cteMDBNode))->cteMDBNode,
0, 1, 1);
callerSlot->cap = cap_null_cap_new();
callerSlot->cteMDBNode = nullMDBNode;
/* I know there's no fault, so straight to the transfer. */
/* Replies don't have a badge. */
badge = 0;
fastpath_copy_mrs (length, ksCurThread, caller);
/* Dest thread is set Running, but not queued. */
thread_state_ptr_set_tsType_np(&caller->tcbState,
ThreadState_Running);
switchToThread_fp(caller, cap_pd, stored_hw_asid);
msgInfo = wordFromMessageInfo(seL4_MessageInfo_set_capsUnwrapped(info, 0));
#ifdef CONFIG_BENCHMARK_TRACK_KERNEL_ENTRIES
benchmark_track_exit();
#endif
fastpath_restore(badge, msgInfo, ksCurThread);
}
static int
ipc_test_helper_3(ipc_test_data_t *data)
{
seL4_MessageInfo_t tag;
int last_spins, last_bounces, result = 0;
/* This test starts here. */
/* TEST PART 1 */
/* Perform a send to a thread 1. It is not yet waiting. */
CHECK_STEP(ipc_test_step, 0);
seL4_MessageInfo_ptr_new(&tag, 0, 0, 0, 20);
for (int i = 0; i < seL4_MessageInfo_get_length(tag); i++) {
seL4_SetMR(i, i);
}
last_spins = data->spins;
last_bounces = data->bounces;
seL4_Send(data->ep1, tag);
/* We block, causing thread 2 to spin for a while, before it calls the
* bouncer thread 0, which finally lets thread 1 run and reply to us. */
CHECK_STEP(ipc_test_step, 2);
CHECK_TESTCASE(result, data->spins - last_spins == 1);
CHECK_TESTCASE(result, data->bounces - last_bounces == 0);
/* Now bounce ourselves, to ensure that thread 1 can check its stuff. */
seL4_MessageInfo_ptr_set_length(&tag, 0);
seL4_Call(data->ep0, tag);
/* Two bounces - us and thread 1. */
CHECK_TESTCASE(result, data->spins - last_spins == 2);
CHECK_TESTCASE(result, data->bounces - last_bounces == 2);
CHECK_STEP(ipc_test_step, 4);
/* TEST PART 2 */
/* Perform a send to a thread 1, which is already waiting. */
/* Bounce first to let thread prepare. */
last_spins = data->spins;
last_bounces = data->bounces;
seL4_MessageInfo_ptr_set_length(&tag, 0);
seL4_Call(data->ep0, tag);
CHECK_STEP(ipc_test_step, 6);
/* Do the send. */
seL4_MessageInfo_ptr_set_length(&tag, 19);
for (int i = 0; i < seL4_MessageInfo_get_length(tag); i++) {
seL4_SetMR(i, i);
}
seL4_Send(data->ep1, tag);
CHECK_STEP(ipc_test_step, 7);
/* Bounce to let thread 1 check again. */
seL4_MessageInfo_ptr_set_length(&tag, 0);
seL4_Call(data->ep0, tag);
CHECK_STEP(ipc_test_step, 9);
/* Five bounces in total. */
CHECK_TESTCASE(result, data->spins - last_spins == 2);
CHECK_TESTCASE(result, data->bounces - last_bounces == 5);
return result;
}
int main(void)
{
UNUSED int error;
/* give us a name: useful for debugging if the thread faults */
name_thread(seL4_CapInitThreadTCB, "hello-3");
/* get boot info */
info = seL4_GetBootInfo();
/* init simple */
simple_default_init_bootinfo(&simple, info);
/* print out bootinfo and other info about simple */
simple_print(&simple);
/* create an allocator */
allocman = bootstrap_use_current_simple(&simple, ALLOCATOR_STATIC_POOL_SIZE, allocator_mem_pool);
assert(allocman);
/* create a vka (interface for interacting with the underlying allocator) */
allocman_make_vka(&vka, allocman);
/* get our cspace root cnode */
seL4_CPtr cspace_cap;
cspace_cap = simple_get_cnode(&simple);
/* get our vspace root page directory */
seL4_CPtr pd_cap;
pd_cap = simple_get_pd(&simple);
/* create a new TCB */
vka_object_t tcb_object = {0};
error = vka_alloc_tcb(&vka, &tcb_object);
assert(error == 0);
/*
* create and map an ipc buffer:
*/
/* TODO 1: get a frame cap for the ipc buffer */
/* hint: vka_alloc_frame()
* int vka_alloc_frame(vka_t *vka, uint32_t size_bits, vka_object_t *result)
* @param vka Pointer to vka interface.
* @param size_bits Frame size: 2^size_bits
* @param result Structure for the Frame object. This gets initialised.
* @return 0 on success
* https://github.com/seL4/libsel4vka/blob/master/include/vka/object.h#L147
*/
vka_object_t ipc_frame_object;
error = vka_alloc_frame(&vka, IPCBUF_FRAME_SIZE_BITS, &ipc_frame_object);
assert(error == 0);
/*
* map the frame into the vspace at ipc_buffer_vaddr.
* To do this we first try to map it in to the root page directory.
* If there is already a page table mapped in the appropriate slot in the
* page diretory where we can insert this frame, then this will succeed.
* Otherwise we first need to create a page table, and map it in to
* the page directory, before we can map the frame in. */
seL4_Word ipc_buffer_vaddr = IPCBUF_VADDR;
/* TODO 2: try to map the frame the first time */
/* hint 1: seL4_ARCH_Page_Map()
* The *ARCH* versions of seL4 sys calls are abstractions over the architecture provided by libsel4utils
* this one is defined as:
* #define seL4_ARCH_Page_Map seL4_IA32_Page_Map
* in: https://github.com/seL4/libsel4utils/blob/master/include/sel4utils/mapping.h#L69
* The signature for the underlying function is:
* int seL4_IA32_Page_Map(seL4_IA32_Page service, seL4_IA32_PageDirectory pd, seL4_Word vaddr, seL4_CapRights rights, seL4_IA32_VMAttributes attr)
* @param service Capability to the page to map.
* @param pd Capability to the VSpace which will contain the mapping.
* @param vaddr Virtual address to map the page into.
* @param rights Rights for the mapping.
* @param attr VM Attributes for the mapping.
* @return 0 on success.
*
* Note: this function is generated during build. It is generated from the following definition:
* https://github.com/seL4/seL4/blob/master/libsel4/arch_include/x86/interfaces/sel4arch.xml#L52
* You can find out more about it in the API manual: http://sel4.systems/Info/Docs/seL4-manual.pdf
*
* hint 2: for the rights, use seL4_AllRights
* hint 3: for VM attributes use seL4_ARCH_Default_VMAttributes
*/
error = seL4_ARCH_Page_Map(ipc_frame_object.cptr, pd_cap, ipc_buffer_vaddr,
seL4_AllRights, seL4_ARCH_Default_VMAttributes);
if (error != 0) {
/* TODO 3: create a page table */
/* hint: vka_alloc_page_table()
* int vka_alloc_page_table(vka_t *vka, vka_object_t *result)
* @param vka Pointer to vka interface.
* @param result Structure for the PageTable object. This gets initialised.
* @return 0 on success
* https://github.com/seL4/libsel4vka/blob/master/include/vka/object.h#L178
*/
vka_object_t pt_object;
error = vka_alloc_page_table(&vka, &pt_object);
assert(error == 0);
/* TODO 4: map the page table */
/* hint 1: seL4_ARCH_PageTable_Map()
* The *ARCH* versions of seL4 sys calls are abstractions over the architecture provided by libsel4utils
* this one is defined as:
* #define seL4_ARCH_PageTable_Map seL4_IA32_PageTable_Map
* in: https://github.com/seL4/libsel4utils/blob/master/include/sel4utils/mapping.h#L73
* The signature for the underlying function is:
* int seL4_IA32_PageTable_Map(seL4_IA32_PageTable service, seL4_IA32_PageDirectory pd, seL4_Word vaddr, seL4_IA32_VMAttributes attr)
* @param service Capability to the page table to map.
* @param pd Capability to the VSpace which will contain the mapping.
* @param vaddr Virtual address to map the page table into.
* @param rights Rights for the mapping.
* @param attr VM Attributes for the mapping.
* @return 0 on success.
*
* Note: this function is generated during build. It is generated from the following definition:
* https://github.com/seL4/seL4/blob/master/libsel4/arch_include/x86/interfaces/sel4arch.xml#L37
* You can find out more about it in the API manual: http://sel4.systems/Info/Docs/seL4-manual.pdf
*
* hint 2: for VM attributes use seL4_ARCH_Default_VMAttributes
*/
error = seL4_ARCH_PageTable_Map(pt_object.cptr, pd_cap,
ipc_buffer_vaddr, seL4_ARCH_Default_VMAttributes);
assert(error == 0);
/* TODO 5: then map the frame in */
/* hint 1: use seL4_ARCH_Page_Map() as above
* hint 2: for the rights, use seL4_AllRights
* hint 3: for VM attributes use seL4_ARCH_Default_VMAttributes
*/
error = seL4_ARCH_Page_Map(ipc_frame_object.cptr, pd_cap,
ipc_buffer_vaddr, seL4_AllRights, seL4_ARCH_Default_VMAttributes);
assert(error == 0);
}
/* set the IPC buffer's virtual address in a field of the IPC buffer */
seL4_IPCBuffer *ipcbuf = (seL4_IPCBuffer*)ipc_buffer_vaddr;
ipcbuf->userData = ipc_buffer_vaddr;
/* TODO 6: create an endpoint */
/* hint: vka_alloc_endpoint()
* int vka_alloc_endpoint(vka_t *vka, vka_object_t *result)
* @param vka Pointer to vka interface.
* @param result Structure for the Endpoint object. This gets initialised.
* @return 0 on success
* https://github.com/seL4/libsel4vka/blob/master/include/vka/object.h#L94
*/
error = vka_alloc_endpoint(&vka, &ep_object);
assert(error == 0);
/* TODO 7: make a badged copy of it in our cspace. This copy will be used to send
* an IPC message to the original cap */
/* hint 1: vka_mint_object()
* int vka_mint_object(vka_t *vka, vka_object_t *object, cspacepath_t *result, seL4_CapRights rights, seL4_CapData_t badge)
* @param[in] vka The allocator for the cspace.
* @param[in] object Target object for cap minting.
* @param[out] result Allocated cspacepath.
* @param[in] rights The rights for the minted cap.
* @param[in] badge The badge for the minted cap.
* @return 0 on success
*
* https://github.com/seL4/libsel4vka/blob/master/include/vka/object_capops.h#L41
*
* hint 2: for the rights, use seL4_AllRights
* hint 3: for the badge use seL4_CapData_Badge_new()
* seL4_CapData_t CONST seL4_CapData_Badge_new(seL4_Uint32 Badge)
* @param[in] Badge The badge number to use
* @return A CapData structure containing the desired badge info
*
* seL4_CapData_t is generated during build.
* The type definition and generated field access functions are defined in a generated file:
* build/x86/pc99/libsel4/include/sel4/types_gen.h
* It is generated from the following definition:
* https://github.com/seL4/seL4/blob/master/libsel4/include/sel4/types.bf#L30
* You can find out more about it in the API manual: http://sel4.systems/Info/Docs/seL4-manual.pdf
*
* hint 4: for the badge use EP_BADGE
*/
error = vka_mint_object(&vka, &ep_object, &ep_cap_path, seL4_AllRights,
seL4_CapData_Badge_new(EP_BADGE));
assert(error == 0);
/* initialise the new TCB */
error = seL4_TCB_Configure(tcb_object.cptr, seL4_CapNull, seL4_MaxPrio,
cspace_cap, seL4_NilData, pd_cap, seL4_NilData,
ipc_buffer_vaddr, ipc_frame_object.cptr);
assert(error == 0);
/* give the new thread a name */
name_thread(tcb_object.cptr, "hello-3: thread_2");
/* set start up registers for the new thread */
seL4_UserContext regs = {0};
size_t regs_size = sizeof(seL4_UserContext) / sizeof(seL4_Word);
/* set instruction pointer where the thread shoud start running */
sel4utils_set_instruction_pointer(®s, (seL4_Word)thread_2);
/* check that stack is aligned correctly */
uintptr_t thread_2_stack_top = (uintptr_t)thread_2_stack + sizeof(thread_2_stack);
assert(thread_2_stack_top % (sizeof(seL4_Word) * 2) == 0);
/* set stack pointer for the new thread. remember the stack grows down */
sel4utils_set_stack_pointer(®s, thread_2_stack_top);
/* set the gs register for thread local storage */
regs.gs = IPCBUF_GDT_SELECTOR;
/* actually write the TCB registers. */
error = seL4_TCB_WriteRegisters(tcb_object.cptr, 0, 0, regs_size, ®s);
assert(error == 0);
/* start the new thread running */
error = seL4_TCB_Resume(tcb_object.cptr);
assert(error == 0);
/* we are done, say hello */
printf("main: hello world\n");
/*
* now send a message to the new thread, and wait for a reply
*/
seL4_Word msg;
seL4_MessageInfo_t tag;
/* TODO 8: set the data to send. We send it in the first message register */
/* hint 1: seL4_MessageInfo_new()
* seL4_MessageInfo_t CONST seL4_MessageInfo_new(seL4_Uint32 label, seL4_Uint32 capsUnwrapped, seL4_Uint32 extraCaps, seL4_Uint32 length)
* @param label The value of the label field
* @param capsUnwrapped The value of the capsUnwrapped field
* @param extraCaps The value of the extraCaps field
* @param length The number of message registers to send
* @return The seL4_MessageInfo_t containing the given values.
*
* seL4_MessageInfo_new() is generated during build. It can be found in:
* build/x86/pc99/libsel4/include/sel4/types_gen.h
* It is generated from the following definition:
* https://github.com/seL4/seL4/blob/master/libsel4/include/sel4/types.bf#L35
*
* hint 2: use 0 for the first 3 fields.
* hint 3: send only 1 message register of data
*
* hint 4: seL4_SetMR()
* void seL4_SetMR(int i, seL4_Word mr)
* @param i The message register to write
* @param mr The value of the message register
* https://github.com/seL4/seL4/blob/master/libsel4/arch_include/x86/sel4/arch/functions.h#L41
* You can find out more about message registers in the API manual: http://sel4.systems/Info/Docs/seL4-manual.pdf
*
* hint 5: send MSG_DATA
*/
tag = seL4_MessageInfo_new(0, 0, 0, 1);
seL4_SetMR(0, MSG_DATA);
/* TODO 9: send and wait for a reply. */
/* hint: seL4_Call()
* seL4_MessageInfo_t seL4_Call(seL4_CPtr dest, seL4_MessageInfo_t msgInfo)
* @param dest The capability to be invoked.
* @param msgInfo The messageinfo structure for the IPC. This specifies information about the message to send (such as the number of message registers to send).
* @return A seL4_MessageInfo_t structure. This is information about the repy message.
* https://github.com/seL4/seL4/blob/master/libsel4/arch_include/x86/sel4/arch/syscalls.h#L242
* You can find out more about it in the API manual: http://sel4.systems/Info/Docs/seL4-manual.pdf
*
* hint 2: seL4_MessageInfo_t is generated during build.
* The type definition and generated field access functions are defined in a generated file:
* build/x86/pc99/libsel4/include/sel4/types_gen.h
* It is generated from the following definition:
* https://github.com/seL4/seL4/blob/master/libsel4/include/sel4/types.bf#L35
* You can find out more about it in the API manual: http://sel4.systems/Info/Docs/seL4-manual.pdf
*/
tag = seL4_Call(ep_cap_path.capPtr, tag);
/* TODO 10: get the reply message */
/* hint: seL4_GetMR()
* seL4_Word seL4_GetMR(int i)
* @param i The message register to retreive
* @return The message register value
* https://github.com/seL4/seL4/blob/master/libsel4/arch_include/x86/sel4/arch/functions.h#L33
* You can find out more about message registers in the API manual: http://sel4.systems/Info/Docs/seL4-manual.pdf
*/
msg = seL4_GetMR(0);
/* check that we got the expected repy */
assert(seL4_MessageInfo_get_length(tag) == 1);
assert(msg == ~MSG_DATA);
printf("main: got a reply: %#x\n", msg);
return 0;
}
static int
test_ep_recycle(env_t env)
{
seL4_MessageInfo_t tag = seL4_MessageInfo_new(0, 0, 0, 0);
struct {
helper_thread_t thread;
seL4_CPtr badged_ep;
seL4_CPtr derived_badged_ep;
volatile seL4_Word done;
} senders[NUM_BADGED_CLIENTS];
helper_thread_t bouncer;
seL4_CPtr bounce_ep;
UNUSED int error;
seL4_CPtr ep;
/* Create the master endpoint. */
ep = vka_alloc_endpoint_leaky(&env->vka);
/* Create N badged endpoints, and derive each of them. */
for (int i = 0; i < NUM_BADGED_CLIENTS; i++) {
senders[i].badged_ep = get_free_slot(env);
assert(senders[i].badged_ep != 0);
senders[i].derived_badged_ep = get_free_slot(env);
assert(senders[i].derived_badged_ep != 0);
seL4_CapData_t cap_data;
cap_data = seL4_CapData_Badge_new (i + 200);
error = cnode_mint(env, ep, senders[i].badged_ep, seL4_AllRights, cap_data);
assert(!error);
error = cnode_copy(env, senders[i].badged_ep, senders[i].derived_badged_ep, seL4_AllRights);
assert(!error);
create_helper_thread(env, &senders[i].thread);
set_helper_priority(&senders[i].thread, 100);
senders[i].done = -1;
}
/* Create a bounce thread so we can get lower prio threads to run. */
bounce_ep = vka_alloc_endpoint_leaky(&env->vka);
create_helper_thread(env, &bouncer);
set_helper_priority(&bouncer, 0);
start_helper(env, &bouncer, bouncer_func, bounce_ep, 0, 0, 0);
for (int i = 0; i < NUM_BADGED_CLIENTS; i++) {
start_helper(env, &senders[i].thread, (helper_fn_t) call_func,
senders[i].derived_badged_ep, i + 100, (seL4_Word) &senders[i].done, 0);
}
/* Let the sender threads run. */
seL4_Call(bounce_ep, tag);
/* Receive a message from each endpoint and check the badge. */
for (int i = 0; i < NUM_BADGED_CLIENTS; i++) {
seL4_Word sender_badge;
seL4_MessageInfo_ptr_set_length(&tag, 1);
tag = seL4_Recv(ep, &sender_badge);
assert(seL4_MessageInfo_get_length(tag) == 1);
assert(seL4_GetMR(0) == sender_badge - 100);
seL4_SetMR(0, ~seL4_GetMR(0));
seL4_Reply(tag);
}
/* Let the sender threads run. */
seL4_Call(bounce_ep, tag);
/* Check none of the threads have failed yet. */
for (int i = 0; i < NUM_BADGED_CLIENTS; i++) {
assert(senders[i].done == 0);
}
/* Recycle each endpoint. */
for (int i = 0; i < NUM_BADGED_CLIENTS; i++) {
error = cnode_recycle(env, senders[i].badged_ep);
assert(!error);
/* Let thread run. */
seL4_Call(bounce_ep, tag);
/* Check that only the intended threads have now aborted. */
for (int j = 0; j < NUM_BADGED_CLIENTS; j++) {
if (j <= i) {
assert(senders[j].done == 1);
} else {
assert(senders[j].done == 0);
}
}
}
seL4_Call(bounce_ep, tag);
for (int i = 0; i < NUM_BADGED_CLIENTS; i++) {
cleanup_helper(env, &senders[i].thread);
}
cleanup_helper(env, &bouncer);
return sel4test_get_result();
}
void
#ifdef ARCH_X86
NORETURN
#endif
fastpath_call(word_t cptr, word_t msgInfo)
{
seL4_MessageInfo_t info;
cap_t ep_cap;
endpoint_t *ep_ptr;
word_t length;
tcb_t *dest;
word_t badge;
cte_t *replySlot, *callerSlot;
cap_t newVTable;
pde_t *cap_pd;
pde_t stored_hw_asid;
word_t fault_type;
/* Get message info, length, and fault type. */
info = messageInfoFromWord_raw(msgInfo);
length = seL4_MessageInfo_get_length(info);
fault_type = fault_get_faultType(ksCurThread->tcbFault);
#ifdef CONFIG_BENCHMARK_TRACK_KERNEL_ENTRIES
ksKernelEntry.path = Entry_Syscall;
ksKernelEntry.syscall_no = SysCall;
ksKernelEntry.cap_type = cap_endpoint_cap;
ksKernelEntry.invocation_tag = seL4_MessageInfo_get_label(info);
ksKernelEntry.is_fastpath = true;
benchmark_track_start();
#endif
#ifdef CONFIG_BENCHMARK_TRACK_UTILISATION
benchmark_utilisation_kentry_stamp();
#endif /* CONFIG_BENCHMARK_TRACK_UTILISATION */
/* Check there's no extra caps, the length is ok and there's no
* saved fault. */
if (unlikely(fastpath_mi_check(msgInfo) ||
fault_type != fault_null_fault)) {
slowpath(SysCall);
}
/* Lookup the cap */
ep_cap = lookup_fp(TCB_PTR_CTE_PTR(ksCurThread, tcbCTable)->cap, cptr);
/* Check it's an endpoint */
if (unlikely(!cap_capType_equals(ep_cap, cap_endpoint_cap) ||
!cap_endpoint_cap_get_capCanSend(ep_cap))) {
slowpath(SysCall);
}
/* Get the endpoint address */
ep_ptr = EP_PTR(cap_endpoint_cap_get_capEPPtr(ep_cap));
/* Get the destination thread, which is only going to be valid
* if the endpoint is valid. */
dest = TCB_PTR(endpoint_ptr_get_epQueue_head(ep_ptr));
/* Check that there's a thread waiting to receive */
if (unlikely(endpoint_ptr_get_state(ep_ptr) != EPState_Recv)) {
slowpath(SysCall);
}
/* Get destination thread.*/
newVTable = TCB_PTR_CTE_PTR(dest, tcbVTable)->cap;
/* Get vspace root. */
#if defined(ARCH_ARM) || !defined(CONFIG_PAE_PAGING)
cap_pd = PDE_PTR(cap_page_directory_cap_get_capPDBasePtr(newVTable));
#else
cap_pd = PDE_PTR(cap_pdpt_cap_get_capPDPTBasePtr(newVTable));
#endif
/* Ensure that the destination has a valid VTable. */
if (unlikely(! isValidVTableRoot_fp(newVTable))) {
slowpath(SysCall);
}
#ifdef ARCH_ARM
/* Get HW ASID */
stored_hw_asid = cap_pd[PD_ASID_SLOT];
#endif
/* Ensure the destination has a higher/equal priority to us. */
if (unlikely(dest->tcbPriority < ksCurThread->tcbPriority)) {
slowpath(SysCall);
}
/* Ensure that the endpoint has has grant rights so that we can
* create the reply cap */
if (unlikely(!cap_endpoint_cap_get_capCanGrant(ep_cap))) {
slowpath(SysCall);
}
#ifdef ARCH_ARM
if (unlikely(!pde_pde_invalid_get_stored_asid_valid(stored_hw_asid))) {
slowpath(SysCall);
}
#endif
/* Ensure the original caller is in the current domain and can be scheduled directly. */
if (unlikely(dest->tcbDomain != ksCurDomain && maxDom)) {
slowpath(SysCall);
}
/*
* --- POINT OF NO RETURN ---
*
* At this stage, we have committed to performing the IPC.
*/
#ifdef ARCH_X86
/* Need to update NextIP in the calling thread */
setRegister(ksCurThread, NextIP, getRegister(ksCurThread, NextIP) + 2);
#endif
/* Dequeue the destination. */
endpoint_ptr_set_epQueue_head_np(ep_ptr, TCB_REF(dest->tcbEPNext));
if (unlikely(dest->tcbEPNext)) {
dest->tcbEPNext->tcbEPPrev = NULL;
} else {
endpoint_ptr_mset_epQueue_tail_state(ep_ptr, 0, EPState_Idle);
}
badge = cap_endpoint_cap_get_capEPBadge(ep_cap);
/* Block sender */
thread_state_ptr_set_tsType_np(&ksCurThread->tcbState,
ThreadState_BlockedOnReply);
/* Get sender reply slot */
replySlot = TCB_PTR_CTE_PTR(ksCurThread, tcbReply);
/* Get dest caller slot */
callerSlot = TCB_PTR_CTE_PTR(dest, tcbCaller);
/* Insert reply cap */
cap_reply_cap_ptr_new_np(&callerSlot->cap, 0, TCB_REF(ksCurThread));
mdb_node_ptr_set_mdbPrev_np(&callerSlot->cteMDBNode, CTE_REF(replySlot));
mdb_node_ptr_mset_mdbNext_mdbRevocable_mdbFirstBadged(
&replySlot->cteMDBNode, CTE_REF(callerSlot), 1, 1);
fastpath_copy_mrs (length, ksCurThread, dest);
/* Dest thread is set Running, but not queued. */
thread_state_ptr_set_tsType_np(&dest->tcbState,
ThreadState_Running);
switchToThread_fp(dest, cap_pd, stored_hw_asid);
msgInfo = wordFromMessageInfo(seL4_MessageInfo_set_capsUnwrapped(info, 0));
#ifdef CONFIG_BENCHMARK_TRACK_KERNEL_ENTRIES
benchmark_track_exit();
#endif
fastpath_restore(badge, msgInfo, ksCurThread);
}
static exception_t
handleInvocation(bool_t isCall, bool_t isBlocking)
{
seL4_MessageInfo_t info;
cptr_t cptr;
lookupCapAndSlot_ret_t lu_ret;
word_t *buffer;
exception_t status;
word_t length;
tcb_t *thread;
thread = ksCurThread;
info = messageInfoFromWord(getRegister(thread, msgInfoRegister));
cptr = getRegister(thread, capRegister);
/* faulting section */
lu_ret = lookupCapAndSlot(thread, cptr);
#ifdef DEBUG
ksKernelEntry.cap_type = cap_get_capType(lu_ret.cap);
ksKernelEntry.invocation_tag = seL4_MessageInfo_get_label(info);
#endif /* DEBUG */
if (unlikely(lu_ret.status != EXCEPTION_NONE)) {
userError("Invocation of invalid cap #%lu.", cptr);
current_fault = fault_cap_fault_new(cptr, false);
if (isBlocking) {
handleFault(thread);
}
return EXCEPTION_NONE;
}
buffer = lookupIPCBuffer(false, thread);
status = lookupExtraCaps(thread, buffer, info);
if (unlikely(status != EXCEPTION_NONE)) {
userError("Lookup of extra caps failed.");
if (isBlocking) {
handleFault(thread);
}
return EXCEPTION_NONE;
}
/* Syscall error/Preemptible section */
length = seL4_MessageInfo_get_length(info);
if (unlikely(length > n_msgRegisters && !buffer)) {
length = n_msgRegisters;
}
status = decodeInvocation(seL4_MessageInfo_get_label(info), length,
cptr, lu_ret.slot, lu_ret.cap,
current_extra_caps, isBlocking, isCall,
buffer);
if (unlikely(status == EXCEPTION_PREEMPTED)) {
return status;
}
if (unlikely(status == EXCEPTION_SYSCALL_ERROR)) {
if (isCall) {
replyFromKernel_error(thread);
}
return EXCEPTION_NONE;
}
if (unlikely(
thread_state_get_tsType(thread->tcbState) == ThreadState_Restart)) {
if (isCall) {
replyFromKernel_success_empty(thread);
}
setThreadState(thread, ThreadState_Running);
}
return EXCEPTION_NONE;
}
int
vm_event(vm_t* vm, seL4_MessageInfo_t tag)
{
seL4_Word label;
seL4_Word length;
label = seL4_MessageInfo_get_label(tag);
length = seL4_MessageInfo_get_length(tag);
switch (label) {
case SEL4_PFIPC_LABEL: {
int err;
fault_t* fault;
fault = vm->fault;
err = new_fault(fault);
assert(!err);
do {
err = handle_page_fault(vm, fault);
if (err) {
return -1;
}
} while (!fault_handled(fault));
}
break;
case SEL4_EXCEPT_IPC_LABEL: {
int err;
assert(length == SEL4_EXCEPT_IPC_LENGTH);
err = handle_syscall(vm, length);
assert(!err);
if (!err) {
seL4_MessageInfo_t reply;
reply = seL4_MessageInfo_new(0, 0, 0, 0);
seL4_Reply(reply);
}
}
break;
case SEL4_USER_EXCEPTION_LABEL: {
seL4_Word ip;
int err;
assert(length == SEL4_USER_EXCEPTION_LENGTH);
ip = seL4_GetMR(0);
err = handle_exception(vm, ip);
assert(!err);
if (!err) {
seL4_MessageInfo_t reply;
reply = seL4_MessageInfo_new(0, 0, 0, 0);
seL4_Reply(reply);
}
}
break;
case SEL4_VGIC_MAINTENANCE_LABEL: {
int idx;
int err;
assert(length == SEL4_VGIC_MAINTENANCE_LENGTH);
idx = seL4_GetMR(EXCEPT_IPC_SYS_MR_R0);
/* Currently not handling spurious IRQs */
assert(idx >= 0);
err = handle_vgic_maintenance(vm, idx);
assert(!err);
if (!err) {
seL4_MessageInfo_t reply;
reply = seL4_MessageInfo_new(0, 0, 0, 0);
seL4_Reply(reply);
}
}
break;
case SEL4_VCPU_FAULT_LABEL: {
seL4_MessageInfo_t reply;
seL4_UserContext regs;
seL4_CPtr tcb;
uint32_t hsr;
int err;
assert(length == SEL4_VCPU_FAULT_LENGTH);
hsr = seL4_GetMR(EXCEPT_IPC_SYS_MR_R0);
/* Increment the PC and ignore the fault */
tcb = vm_get_tcb(vm);
err = seL4_TCB_ReadRegisters(tcb, false, 0,
sizeof(regs) / sizeof(regs.pc), ®s);
assert(!err);
switch (hsr) {
case HSR_WFI:
case HSR_WFE:
regs.pc += (regs.cpsr & BIT(5)) ? 2 : 4;
err = seL4_TCB_WriteRegisters(tcb, false, 0,
sizeof(regs) / sizeof(regs.pc), ®s);
assert(!err);
reply = seL4_MessageInfo_new(0, 0, 0, 0);
seL4_Reply(reply);
return 0;
default:
printf("Unhandled VCPU fault from [%s]: HSR 0x%08x\n", vm->name, hsr);
print_ctx_regs(®s);
return -1;
}
}
break;
default:
/* What? Why are we here? What just happened? */
printf("Unknown fault from [%s]: label=0x%x length=0x%x\n",
vm->name, label, length);
return -1;
}
return 0;
}
int main(void)
{
int error;
/* give us a name: useful for debugging if the thread faults */
name_thread(seL4_CapInitThreadTCB, "hello-3");
/* get boot info */
info = seL4_GetBootInfo();
/* print out bootinfo */
print_bootinfo(info);
/* get our cspace root cnode */
seL4_CPtr cspace_cap;
cspace_cap = seL4_CapInitThreadCNode;
/* get our vspace root page directory */
seL4_CPtr pd_cap;
pd_cap = seL4_CapInitThreadPD;
/* TODO 1: Find free cap slots for the caps to the:
* - tcb
* - ipc frame
* - endpoint
* - badged endpoint
* - page table
* hint: The bootinfo struct contains a range of free cap slot indices.
*/
/* decide on slots to use based on what is free */
seL4_CPtr tcb_cap = ???;
seL4_CPtr ipc_frame_cap = ???;
ep_cap = ???;
badged_ep_cap = ???;
seL4_CPtr page_table_cap = ???;
/* get an untyped to retype into all the objects we will need */
seL4_CPtr untyped;
/* TODO 2: Obtain a cap to an untyped which is large enough to contain:
* - tcb
* - ipc frame
* - endpoint
* - badged endpoint
* - page table
*
* hint 1: determine the size of each object
* (look in libs/libsel4/arch_include/x86/sel4/arch/types.h)
* hint 2: an array of untyped caps, and a corresponding array of untyped sizes
* can be found in the bootinfo struct
* hint 3: a single untyped cap can be retyped multiple times. Each time, an appropriately sized chunk
* of the object is "chipped off". For simplicity, find a cap to an untyped which is large enough
* to contain all required objects.
*/
/* TODO 3: Using the untyped, create the required objects, storing their caps in the roottask's root cnode.
*
* hint 1: int seL4_Untyped_Retype(seL4_Untyped service, int type, int size_bits, seL4_CNode root, int node_index, int node_depth, int node_offset, int num_objects)
* hint 2: use a depth of 32
* hint 3: use cspace_cap for the root cnode AND the cnode_index
*/
/*
* map the frame into the vspace at ipc_buffer_vaddr.
* To do this we first try to map it in to the root page directory.
* If there is already a page table mapped in the appropriate slot in the
* page diretory where we can insert this frame, then this will succeed.
* Otherwise we first need to create a page table, and map it in to
* the page`directory, before we can map the frame in.
*/
seL4_Word ipc_buffer_vaddr;
ipc_buffer_vaddr = IPCBUF_VADDR;
error = seL4_IA32_Page_Map(ipc_frame_cap, pd_cap, ipc_buffer_vaddr,
seL4_AllRights, seL4_IA32_Default_VMAttributes);
if (error != 0) {
/* TODO 4: Retype the untyped into page table (if this was done in TODO 3, ignore this). */
error = seL4_IA32_PageTable_Map(page_table_cap, pd_cap,
ipc_buffer_vaddr, seL4_IA32_Default_VMAttributes);
assert(error == 0);
/* then map the frame in */
error = seL4_IA32_Page_Map(ipc_frame_cap, pd_cap,
ipc_buffer_vaddr, seL4_AllRights, seL4_IA32_Default_VMAttributes);
assert(error == 0);
}
/* set the IPC buffer's virtual address in a field of the IPC buffer */
seL4_IPCBuffer *ipcbuf = (seL4_IPCBuffer*)ipc_buffer_vaddr;
ipcbuf->userData = ipc_buffer_vaddr;
/* TODO 5: Mint a copy of the endpoint cap into our cspace, using the badge EP_BADGE
* hint: int seL4_CNode_Mint(seL4_CNode service, seL4_Word dest_index, seL4_Uint8 dest_depth, seL4_CNode src_root, seL4_Word src_index, seL4_Uint8 src_depth, seL4_CapRights rights, seL4_CapData_t badge);
*/
/* initialise the new TCB */
error = seL4_TCB_Configure(tcb_cap, seL4_CapNull, seL4_MaxPrio,
cspace_cap, seL4_NilData, pd_cap, seL4_NilData,
ipc_buffer_vaddr, ipc_frame_cap);
assert(error == 0);
/* give the new thread a name */
name_thread(tcb_cap, "hello-3: thread_2");
/* set start up registers for the new thread */
size_t regs_size = sizeof(seL4_UserContext) / sizeof(seL4_Word);
/* check that stack is aligned correctly */
uintptr_t thread_2_stack_top = (uintptr_t)thread_2_stack + sizeof(thread_2_stack);
assert(thread_2_stack_top % (sizeof(seL4_Word) * 2) == 0);
/* set instruction pointer, stack pointer and gs register (used for thread local storage) */
seL4_UserContext regs = {
.eip = (seL4_Word)thread_2,
.esp = (seL4_Word)thread_2_stack_top,
.gs = IPCBUF_GDT_SELECTOR
};
/* actually write the TCB registers. */
error = seL4_TCB_WriteRegisters(tcb_cap, 0, 0, regs_size, ®s);
assert(error == 0);
/* start the new thread running */
error = seL4_TCB_Resume(tcb_cap);
assert(error == 0);
/* we are done, say hello */
printf("main: hello world\n");
/*
* now send a message to the new thread, and wait for a reply
*/
seL4_Word msg;
seL4_MessageInfo_t tag;
/* set the data to send. We send it in the first message register */
tag = seL4_MessageInfo_new(0, 0, 0, 1);
seL4_SetMR(0, MSG_DATA);
/* send and wait for a reply */
tag = seL4_Call(badged_ep_cap, tag);
/* check that we got the expected repy */
assert(seL4_MessageInfo_get_length(tag) == 1);
msg = seL4_GetMR(0);
assert(msg == ~MSG_DATA);
printf("main: got a reply: %#x\n", msg);
return 0;
}
bool_t handleFaultReply(tcb_t *receiver, tcb_t *sender)
{
/* These lookups are moved inward from doReplyTransfer */
seL4_MessageInfo_t tag = messageInfoFromWord(getRegister(sender, msgInfoRegister));
word_t label = seL4_MessageInfo_get_label(tag);
word_t length = seL4_MessageInfo_get_length(tag);
seL4_Fault_t fault = receiver->tcbFault;
switch (seL4_Fault_get_seL4_FaultType(fault)) {
case seL4_Fault_CapFault:
return true;
case seL4_Fault_UnknownSyscall:
copyMRsFaultReply(sender, receiver, MessageID_Syscall, MIN(length, n_syscallMessage));
return (label == 0);
case seL4_Fault_UserException:
copyMRsFaultReply(sender, receiver, MessageID_Exception, MIN(length, n_exceptionMessage));
return (label == 0);
#ifdef CONFIG_HARDWARE_DEBUG_API
case seL4_Fault_DebugException: {
word_t n_instrs;
if (seL4_Fault_DebugException_get_exceptionReason(fault) != seL4_SingleStep) {
/* Only single-step replies are required to set message registers.
*/
return (label == 0);
}
if (length < DEBUG_REPLY_N_EXPECTED_REGISTERS) {
/* A single-step reply doesn't mean much if it isn't composed of the bp
* number and number of instructions to skip. But even if both aren't
* set, we can still allow the thread to continue because replying
* should uniformly resume thread execution, based on the general seL4
* API model.
*
* If it was single-step, but no reply registers were set, just
* default to skipping 1 and continuing.
*
* On x86, bp_num actually doesn't matter for single-stepping
* because single-stepping doesn't use a hardware register -- it
* uses EFLAGS.TF.
*/
n_instrs = 1;
} else {
/* If the reply had all expected registers set, proceed as normal */
n_instrs = getRegister(sender, msgRegisters[0]);
}
syscall_error_t res;
res = Arch_decodeConfigureSingleStepping(receiver, 0, n_instrs, true);
if (res.type != seL4_NoError) {
return false;
};
configureSingleStepping(receiver, 0, n_instrs, true);
/* Replying will always resume the thread: the only variant behaviour
* is whether or not the thread will be resumed with stepping still
* enabled.
*/
return (label == 0);
}
#endif
default:
return Arch_handleFaultReply(receiver, sender, seL4_Fault_get_seL4_FaultType(fault));
}
}
bool_t
handleFaultReply(tcb_t *receiver, tcb_t *sender)
{
seL4_MessageInfo_t tag;
word_t label;
fault_t fault;
word_t length;
/* These lookups are moved inward from doReplyTransfer */
tag = messageInfoFromWord(getRegister(sender, msgInfoRegister));
label = seL4_MessageInfo_get_label(tag);
length = seL4_MessageInfo_get_length(tag);
fault = receiver->tcbFault;
switch (fault_get_faultType(fault)) {
case fault_cap_fault:
return true;
case fault_vm_fault:
return true;
#ifdef CONFIG_ARM_HYPERVISOR_SUPPORT
case fault_vgic_maintenance:
return true;
case fault_vcpu_fault:
return true;
#endif
case fault_unknown_syscall: {
word_t i;
register_t r;
word_t v;
word_t *sendBuf;
sendBuf = lookupIPCBuffer(false, sender);
/* Assumes n_syscallMessage > n_msgRegisters */
for (i = 0; i < length && i < n_msgRegisters; i++) {
r = syscallMessage[i];
v = getRegister(sender, msgRegisters[i]);
setRegister(receiver, r, sanitiseRegister(r, v));
}
if (sendBuf) {
for (; i < length && i < n_syscallMessage; i++) {
r = syscallMessage[i];
v = sendBuf[i + 1];
setRegister(receiver, r, sanitiseRegister(r, v));
}
}
}
return (label == 0);
case fault_user_exception: {
word_t i;
register_t r;
word_t v;
/* Assumes n_exceptionMessage <= n_msgRegisters */
for (i = 0; i < length && i < n_exceptionMessage; i++) {
r = exceptionMessage[i];
v = getRegister(sender, msgRegisters[i]);
setRegister(receiver, r, sanitiseRegister(r, v));
}
}
return (label == 0);
default:
fail("Invalid fault");
}
}
/* function to run in the new thread */
void thread_2(void) {
seL4_Word sender_badge;
seL4_MessageInfo_t tag;
seL4_Word msg;
printf("thread_2: hallo wereld\n");
/* TODO 11: wait for a message to come in over the endpoint */
/* hint 1: seL4_Wait()
* seL4_MessageInfo_t seL4_Wait(seL4_CPtr src, seL4_Word* sender)
* @param src The capability to be invoked.
* @param sender The badge of the endpoint capability that was invoked by the sender is written to this address.
* @return A seL4_MessageInfo_t structure
* https://github.com/seL4/seL4/blob/master/libsel4/arch_include/x86/sel4/arch/syscalls.h#L165
* You can find out more about it in the API manual: http://sel4.systems/Info/Docs/seL4-manual.pdf
*
* hint 2: seL4_MessageInfo_t is generated during build.
* The type definition and generated field access functions are defined in a generated file:
* build/x86/pc99/libsel4/include/sel4/types_gen.h
* It is generated from the following definition:
* https://github.com/seL4/seL4/blob/master/libsel4/include/sel4/types.bf#L35
* You can find out more about it in the API manual: http://sel4.systems/Info/Docs/seL4-manual.pdf
*/
tag = seL4_Wait(ep_object.cptr, &sender_badge);
/* TODO 12: make sure it is what we expected */
/* hint 1: check the badge. is it EP_BADGE?
* hint 2: we are expecting only 1 message register
* hint 3: seL4_MessageInfo_get_length()
* seL4_Uint32 CONST seL4_MessageInfo_get_length(seL4_MessageInfo_t seL4_MessageInfo)
* @param seL4_MessageInfo the seL4_MessageInfo_t to extract a field from
* @return the number of message registers delivered
* seL4_MessageInfo_get_length() is generated during build. It can be found in:
* build/x86/pc99/libsel4/include/sel4/types_gen.h
* It is generated from the following definition:
* https://github.com/seL4/seL4/blob/master/libsel4/include/sel4/types.bf#L35 *
*/
assert(sender_badge == EP_BADGE);
assert(seL4_MessageInfo_get_length(tag) == 1);
/* TODO 13: get the message stored in the first message register */
/* hint: seL4_GetMR()
* seL4_Word seL4_GetMR(int i)
* @param i The message register to retreive
* @return The message register value
* https://github.com/seL4/seL4/blob/master/libsel4/arch_include/x86/sel4/arch/functions.h#L33
* You can find out more about message registers in the API manual: http://sel4.systems/Info/Docs/seL4-manual.pdf
*/
msg = seL4_GetMR(0);
printf("thread_2: got a message %#x from %#x\n", msg, sender_badge);
/* modify the message */
msg = ~msg;
/* TODO 14: copy the modified message back into the message register */
/* hint: seL4_SetMR()
* void seL4_SetMR(int i, seL4_Word mr)
* @param i The message register to write
* @param mr The value of the message register
* https://github.com/seL4/seL4/blob/master/libsel4/arch_include/x86/sel4/arch/functions.h#L41
* You can find out more about message registers in the API manual: http://sel4.systems/Info/Docs/seL4-manual.pdf
*/
seL4_SetMR(0, msg);
/* TODO 15: send the message back */
/* hint 1: seL4_ReplyWait()
* seL4_MessageInfo_t seL4_ReplyWait(seL4_CPtr dest, seL4_MessageInfo_t msgInfo, seL4_Word *sender)
* @param dest The capability to be invoked.
* @param msgInfo The messageinfo structure for the IPC. This specifies information about the message to send (such as the number of message registers to send) as the Reply part.
* @param sender The badge of the endpoint capability that was invoked by the sender is written to this address. This is a result of the Wait part.
* @return A seL4_MessageInfo_t structure. This is a result of the Wait part.
* https://github.com/seL4/seL4/blob/master/libsel4/arch_include/x86/sel4/arch/syscalls.h#L324
* You can find out more about it in the API manual: http://sel4.systems/Info/Docs/seL4-manual.pdf
*
* hint 2: seL4_MessageInfo_t is generated during build.
* The type definition and generated field access functions are defined in a generated file:
* build/x86/pc99/libsel4/include/sel4/types_gen.h
* It is generated from the following definition:
* https://github.com/seL4/seL4/blob/master/libsel4/include/sel4/types.bf#L35
* You can find out more about it in the API manual: http://sel4.systems/Info/Docs/seL4-manual.pdf
*/
seL4_ReplyWait(ep_object.cptr, tag, &sender_badge);
}
