RE: Physical memory allocation to L4linux
Hey Adam, thanks a lot for the replies. I still have a few questions/clarifications though. :-) a. Is there a way to implement the MODE=sigma for linux? I could not find anything that points to it. b. Now if I were to tweak the page fault handler in sigma, then does that imply that even a corrupt moe/ned/l4linux cannot get access to the protected part of the address space? c. Who are the clients of this page fault handler? Is it just what runs on top of sigma like moe, ned, l4linux or even faisco? d. If it is just moe, ned, l4linux, then can I use the same page fault trick to ensure that (moe,ned,sigma) they always get memory from a certain dedicated region? Thanks a ton for your patience (to everyone on the list and particularly you and Martin). I totally appreciate it. Best, Ramya From: l4-hackers [l4-hackers-boun...@os.inf.tu-dresden.de] on behalf of Adam Lackorzynski [a...@os.inf.tu-dresden.de] Sent: 09 September 2014 23:16 To: l4-hackers@os.inf.tu-dresden.de Subject: Re: Physical memory allocation to L4linux On Tue Sep 09, 2014 at 16:03:11 +, Masti Ramya Jayaram wrote: I would like to explain my situation better. Here is what I intend: a. What is the lowest module (bootstrap, fiasco, sigma, moe, ned,l4linux) that can be confined not access a portion of the address space? Without changing anything and with this list of program, it's just L4Linux. Reason is that ned typically has a cap to sigma0 because it needs to give it to io. When you would like to make a little change, in Fiasco there's a function handle_sigma0_page_fault that covers page-fault by sigma0. So if you add a check on pfa there and return false you should be able to exclude a memory region from any user program. I know that bootstrap and fiasco run in privileged mode, so there is no way to stop them. What is the next module? b. Assuming that it is sigma, I would like to do the following: Have three regions in the physical address space (not necessarily memory): i) one for bootstrap, fiasco ii) moe, ned, sigma, l4linux iii). Special region accessible only from (i) - bootstrap and fiasco. If it is not possible to confine sigma, i.e., hide a portion of the address space from it, then add sigma to lists (i,iii) and remove it from (ii) - and so on for the other modules. If it is moe, could my goal be reached by adding an IO device as a blocker but then not give moe the corresponding capability? In the stack moe is below any notion of an IO device, so that would not work. Adam -- Adam a...@os.inf.tu-dresden.de Lackorzynski http://os.inf.tu-dresden.de/~adam/ ___ l4-hackers mailing list l4-hackers@os.inf.tu-dresden.de http://os.inf.tu-dresden.de/mailman/listinfo/l4-hackers ___ l4-hackers mailing list l4-hackers@os.inf.tu-dresden.de http://os.inf.tu-dresden.de/mailman/listinfo/l4-hackers
RE: Aborted L4linux due to CLI/STI
hi, a. Ok I will re-enable the cmpxchg8b. b. I am not sure about the changes and since it occurs quite rarely, I am not sure if it is a case of not cleaning up interrupts properly after a crash. I will live with them for now and get back to this once the other issues are sorted out. thanks, Ramya From: l4-hackers [l4-hackers-boun...@os.inf.tu-dresden.de] on behalf of Adam Lackorzynski [a...@os.inf.tu-dresden.de] Sent: 09 September 2014 22:46 To: l4-hackers@os.inf.tu-dresden.de Subject: Re: Aborted L4linux due to CLI/STI Hi, On Mon Sep 08, 2014 at 07:10:00 +, Masti Ramya Jayaram wrote: That's ok as long it's also ok for native Linux. I am not sure what they did with native Linux but I know from the SCC forums that these instructions do not exist. So I guess that is ok. I'm wondering how did you end up with the code containing the cli? In L4Linux this part is replaced. Well, I am not sure about that. I did force a couple of options though as I already mentioned. The reason was that when I tried to compile L4linux for pentium/i586, I saw that it would complain about CONFIG_X86_CMPXCHG64 not being enabled (this corresponds to the PAE option). So I disabled this explicitly since the processors on the SCC do not contain PAE. I also disabled the CONFIG_X86_CMPXCHG and CONFIG_CMPXCHG_LOCAL options. As far as I know the SCC does have a cmpxchg8b so you could just make Linux use that by tweaking the config. Attached is my l4linux config. Just as a note, I am using quite an old build of L4linux. Do you know of any related bugs? Uh, that's old. There are probably many. Were there any significant changes to that version? Adam -- Adam a...@os.inf.tu-dresden.de Lackorzynski http://os.inf.tu-dresden.de/~adam/ ___ l4-hackers mailing list l4-hackers@os.inf.tu-dresden.de http://os.inf.tu-dresden.de/mailman/listinfo/l4-hackers ___ l4-hackers mailing list l4-hackers@os.inf.tu-dresden.de http://os.inf.tu-dresden.de/mailman/listinfo/l4-hackers
Re: l4/sys/syscalls.h: No such file or directory
Hi, On 09/08/2014 12:17 AM, Adam Lackorzynski wrote: Your threads page-fault all around. The reason is that I was slightly wrong with my last statement on paging. The pager of the parent task resolves the page-fault however just maps the memory locally to the parent task, so the memory never appears in the child tasks. I guess you have to map the pages yourself. I guess you could just map everything from _stext L4_PAGEMASK to _end L4_PAGEMASk to all tasks. OK, can you please give me a small example for that to get things working for my library? The only code that I found on your website that might be relevant is: http://os.inf.tu-dresden.de/l4env/doc/html/events/demo2_2main_8c-source.html However, there is syscalls.h included, so it seems to use an outdated version of L4Re. Best regards, Valentin ___ l4-hackers mailing list l4-hackers@os.inf.tu-dresden.de http://os.inf.tu-dresden.de/mailman/listinfo/l4-hackers
Using IO-Server
Hello Community, I'm relative new to l4RE. My Goal is to get access to an Hardware Device which is Build in the Processor. After some research i came to the conclusion that the IO-Server is the thing I need, but i have no clue how to invoke it. It would be great if someone could supply a short example Thanks Korbinian ___ l4-hackers mailing list l4-hackers@os.inf.tu-dresden.de http://os.inf.tu-dresden.de/mailman/listinfo/l4-hackers
Re: Using IO-Server
Hi Korbinian, Am 10.09.2014 um 14:24 schrieb Korbinian Ederer: Hello Community, I'm relative new to l4RE. My Goal is to get access to an Hardware Device which is Build in the Processor. After some research i came to the conclusion that the IO-Server is the thing I need, but i have no clue how to invoke it. It would be great if someone could supply a short example Try this: https://os.inf.tu-dresden.de/L4Re/doc/io.html /src/l4/conf/examples/*.io, *.cfg https://fooprotected.wordpress.com/2012/04/12/l4linux-patch-for-mv643xx-ethernet/ Best regards, Martin. ___ l4-hackers mailing list l4-hackers@os.inf.tu-dresden.de http://os.inf.tu-dresden.de/mailman/listinfo/l4-hackers
RE: Physical memory allocation to L4linux
Update: Sorry, I misunderstood a few things in the previous email. The change
was in fiasco and not sigma and therefore, in theory, no user space process
should have access to the protected region. This also implies that sigma0 will
not have access if I understand correctly which is rather nice.
So, I tried changing the handle_sigma0_page_fault function. This is located in
kernel/fiasco/src/kern/ia32/thread-ia32.cpp to prevent mapping of some range of
physical memory (NOT RAM) as follows:
IMPLEMENT inline
bool
Thread::handle_sigma0_page_fault(Address pfa)
{
size_t size;
// Check if mapping a superpage doesn't exceed the size of physical memory
if (Cpu::have_superpages()
// Some distributions do not allow to mmap below a certain threshold
// (like 64k on Ubuntu 8.04) so we cannot map a superpage at 0 if
// we're Fiasco-UX
(!Config::Is_ux || !(pfa Config::SUPERPAGE_SIZE)))
{
pfa = Config::SUPERPAGE_MASK;
size = Config::SUPERPAGE_SIZE;
}
else
{
pfa = Config::PAGE_MASK;
size = Config::PAGE_SIZE;
}
--
- My change start
if((pfa=0xe000) (pfa=0xefff)){
printf(\nNot allowed...denying\n);
return Mem_space::Insert_err_nomem;
}
--
- My change end
return mem_space()-v_insert(Mem_space::Phys_addr(pfa), Mem_space::Addr(pfa),
Mem_space::Size(size),
Mem_space::Page_writable
| Mem_space::Page_user_accessible)
!= Mem_space::Insert_err_nomem;
}
However, I realized that when I try to map this address space using
l4io_request_iomem, I see that it goes through and the call never reaches until
fiasco's sigma0_page_fault handler. A little more debugging revealed that it
goes as far as the following function in l4/pkg/sigma0/server/src/memmap.cc:
static
void map_mem(l4_fpage_t fp, Memory_type fn, l4_umword_t t, Answer *an)
{
an-clear();
Mem_man *m;
switch (fn)
{
case Ram:
m = Mem_man::ram();
break;
case Io_mem:
case Io_mem_cached:
m = iomem;
break;
default:
return;
}
unsigned long addr = m-alloc(Region::bs(fp.raw ~((1UL 12) - 1),
1UL l4_fpage_size(fp), t));
if (addr == ~0UL)
return;
/* the Fiasco kernel makes the page non-cachable if the frame
* address is greater than mem_high */
an-snd_base(addr);
an-snd_fpage(addr, l4_fpage_size(fp), false, fn != Io_mem);
an-tag = l4_msgtag(0, 0, 1, 0);
return;
}
From here on, the generics make it a little hard to parse. So I am not sure
where the control flow ends but it does not get to fiasco's sigma0 page fault
handler. Given this,
a. does the handle_sigma0_page_fault only work on memory. The region I want to
protect is not RAM.
b. Given that the setup of sigma0's memory happens in
kernel/fiasco/src/kern/kernel_thread-std.cpp, is there more to be done here?
Thanks.
Ramya
From: Masti Ramya Jayaram
Sent: 10 September 2014 09:46
To: Adam Lackorzynski; l4-hackers@os.inf.tu-dresden.de
Subject: RE: Physical memory allocation to L4linux
Hey Adam,
thanks a lot for the replies. I still have a few questions/clarifications
though. :-)
a. Is there a way to implement the MODE=sigma for linux? I could not find
anything that points to it.
b. Now if I were to tweak the page fault handler in sigma, then does that imply
that even a corrupt moe/ned/l4linux cannot get access to the protected part of
the address space?
c. Who are the clients of this page fault handler? Is it just what runs on top
of sigma like moe, ned, l4linux or even faisco?
d. If it is just moe, ned, l4linux, then can I use the same page fault trick to
ensure that (moe,ned,sigma) they always get memory from a certain dedicated
region?
Thanks a ton for your patience (to everyone on the list and particularly you
and Martin). I totally appreciate it.
Best,
Ramya
From: l4-hackers [l4-hackers-boun...@os.inf.tu-dresden.de] on behalf of Adam
Lackorzynski [a...@os.inf.tu-dresden.de]
Sent: 09 September 2014 23:16
To: l4-hackers@os.inf.tu-dresden.de
Subject: Re: Physical memory allocation to L4linux
On Tue Sep 09, 2014 at 16:03:11 +, Masti Ramya Jayaram wrote:
I would like to explain my situation better. Here is what I intend:
a. What is the lowest module (bootstrap, fiasco, sigma, moe,
ned,l4linux) that can be confined not access a portion of the address
space?
Without changing anything and with this list of program, it's just
L4Linux. Reason is that ned typically has a cap to sigma0 because it
needs to give it to io.
When you would like to make a little change, in Fiasco
Does Fiasco have yield system call or something similar
Hi All, Does Fiasco support yield system call? Or other mechanism one thread can switch to another one without IPC? Thank you very much. Yuxin ___ l4-hackers mailing list l4-hackers@os.inf.tu-dresden.de http://os.inf.tu-dresden.de/mailman/listinfo/l4-hackers
Re: Does Fiasco have yield system call or something similar
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10.09.2014 20:06, Yuxin Ren wrote: Hi All, Does Fiasco support yield system call? Or other mechanism one thread can switch to another one without IPC? $ cd src/l4/pkg $ find . -name \*.h | xargs grep l4.\*yield [..] ./l4sys/include/thread.h:l4_thread_yield(void) L4_NOTHROW; ./l4sys/include/thread.h:l4_thread_yield(void) L4_NOTHROW $ Yes. Bjoern -BEGIN PGP SIGNATURE- Version: GnuPG v1 iEYEARECAAYFAlQQpvUACgkQP5ijxgQLUNmuywCdHgQomRmYNvT3XXlBeak1z/fz aTAAniW1yrHo6PiK4XmSNhIHpbLwho5A =PwMY -END PGP SIGNATURE- ___ l4-hackers mailing list l4-hackers@os.inf.tu-dresden.de http://os.inf.tu-dresden.de/mailman/listinfo/l4-hackers
Re: l4/sys/syscalls.h: No such file or directory
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10.09.2014 11:32, Valentin Hauner wrote: Hi, On 09/08/2014 12:17 AM, Adam Lackorzynski wrote: Your threads page-fault all around. The reason is that I was slightly wrong with my last statement on paging. The pager of the parent task resolves the page-fault however just maps the memory locally to the parent task, so the memory never appears in the child tasks. I guess you have to map the pages yourself. I guess you could just map everything from _stext L4_PAGEMASK to _end L4_PAGEMASk to all tasks. OK, can you please give me a small example for that to get things working for my library? Are you looking for examples on using the l4_task_map() system call? Please consider l4/pkg/examples/sys/vmtest and l4/pkg/examples/sys/vcpu. The only code that I found on your website that might be relevant is: http://os.inf.tu-dresden.de/l4env/doc/html/events/demo2_2main_8c-source.html However, there is syscalls.h included, so it seems to use an outdated version of L4Re. If it has l4env in the URL, please ignore it. Björn -BEGIN PGP SIGNATURE- Version: GnuPG v1 iEYEARECAAYFAlQQp6gACgkQP5ijxgQLUNlxawCfSVd795M9S15/nXY0RwqOzOPN MYMAniHgPDklKbpHdANVzY5XvJ7t85xt =tj45 -END PGP SIGNATURE- ___ l4-hackers mailing list l4-hackers@os.inf.tu-dresden.de http://os.inf.tu-dresden.de/mailman/listinfo/l4-hackers
