Changeset 67f11a0 in mainline for kernel/generic/src/ipc/ipcrsc.c

Timestamp:

2018-03-15T17:40:20Z (7 years ago)

Author:

Jakub Jermar <jakub@…>

Branches:

lfn, master, serial, ticket/834-toolchain-update, topic/msim-upgrade, topic/simplify-dev-export

Children:

530f2de, e9e4068

Parents:

30f1a25 (diff), a36f442 (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the (diff) links above to see all the changes relative to each parent.

git-author:

Jakub Jermar <jakub@…> (2018-03-15 17:25:56)

git-committer:

Jakub Jermar <jakub@…> (2018-03-15 17:40:20)

Message:

Merge branch 'noreclaimers'

This commit removes the left-over from the original IPC phone life-cycle
management in which phones were freed lazily during an attempt to
allocate a new phone when the allocator found a hung-up phone with zero
active calls. This mechanism is the reason why kernel objects had to
have the reclaim method. This commit changes the behavior in that phones
are deallocated with their last reference. At the same time it makes
sure that each active call has its own reference on the phone.

This change also makes sure that each connected phone has a capability
via which it can be hung up by the user or cleaned up in ipc_cleanup().
A special mode for phone_alloc() was introduced that allows calls such
as IPC_M_CONNECT_ME_TO and IPC_M_CONNECT_TO_ME to allocate an
unpublished capability and publish it only when the phone is
successfully connected. This fixes a nasty race condition when the user
destroys the capability before the phone is connected and then this
phone becomes essentially invisible for ipc_cleanup().

Last but not least, ipc_cleanup() was slightly streamlined in that it
now knows for how many calls it has to wait from the answerbox's active
call count.

File:

• kernel/generic/src/ipc/ipcrsc.c (modified) (10 diffs)

kernel/generic/src/ipc/ipcrsc.c

@@ -39 +39 @@
  *
  * The pattern of usage of the resources is:
- * - allocate empty phone capability slot, connect | deallocate slot
+ * - allocate a capability and phone kernel object (do not publish yet),
+ *   connect to the answerbox, and finally publish the capability
  * - disconnect connected phone (some messages might be on the fly)
- * - find phone in slot and send a message using phone
+ * - find phone capability and send a message using phone
  * - answer message to phone
  * - hangup phone (the caller has hung up)
@@ -53 +54 @@
  *   atomic on all platforms)
  *
- * - To find an empty phone capability slot, the TASK must be locked
  * - To answer a message, the answerbox must be locked
  * - The locking of phone and answerbox is done at the ipc_ level.
@@ -73 +73 @@
  * *** Connect_me_to ***
  * The caller sends IPC_M_CONNECT_ME_TO to an answerbox. The server receives
- * 'phoneid' of the connecting phone as an ARG5. If it answers with RETVAL=0,
- * the phonecall is accepted, otherwise it is refused.
+ * 'phoneid' of the connecting phone as an ARG5. If it answers with RETVAL=EOK,
+ * the phone call is accepted, otherwise it is refused.
  *
  * *** Connect_to_me ***
  * The caller sends IPC_M_CONNECT_TO_ME.
  * The server receives an automatically opened phoneid. If it accepts
- * (RETVAL=0), it can use the phoneid immediately.  Possible race condition can
+ * (RETVAL=EOK), it can use the phoneid immediately. Possible race condition can
  * arise, when the client receives messages from new connection before getting
  * response for connect_to_me message. Userspace should implement handshake
@@ -95 +95 @@
  * - The phone is disconnected. EHANGUP response code is sent to the calling
  *   task. All new calls through this phone get a EHUNGUP error code, the task
- *   is expected to send an sys_ipc_hangup after cleaning up its internal
+ *   is expected to call sys_ipc_hangup after cleaning up its internal
  *   structures.
  *
@@ -137 +137 @@
 #include <mm/slab.h>
 
-static bool phone_reclaim(kobject_t *kobj)
-{
-        bool gc = false;
-
-        mutex_lock(&kobj->phone->lock);
-        if (kobj->phone->state == IPC_PHONE_HUNGUP &&
-            atomic_get(&kobj->phone->active_calls) == 0)
-                gc = true;
-        mutex_unlock(&kobj->phone->lock);
-
-        return gc;
-}
-
 static void phone_destroy(void *arg)
 {
@@ -157 +144 @@
 
 static kobject_ops_t phone_kobject_ops = {
-        .reclaim = phone_reclaim,
         .destroy = phone_destroy
 };
@@ -164 +150 @@
 /** Allocate new phone in the specified task.
  *
- * @param task  Task for which to allocate a new phone.
- *
- * @param[out] out_handle  New phone capability handle.
+ * @param[in]  task     Task for which to allocate a new phone.
+ * @param[in]  publish  If true, the new capability will be published.
+ * @param[out] phandle  New phone capability handle.
+ * @param[out] kobject  New phone kobject.
  *
  * @return  An error code if a new capability cannot be allocated.
  */
-errno_t phone_alloc(task_t *task, cap_handle_t *out_handle)
+errno_t phone_alloc(task_t *task, bool publish, cap_handle_t *phandle,
+    kobject_t **kobject)
 {
         cap_handle_t handle;
@@ -180 +168 @@
                         return ENOMEM;
                 }
-                kobject_t *kobject = malloc(sizeof(kobject_t), FRAME_ATOMIC);
-                if (!kobject) {
+                kobject_t *kobj = malloc(sizeof(kobject_t), FRAME_ATOMIC);
+                if (!kobj) {
                         cap_free(TASK, handle);
                         slab_free(phone_cache, phone);
@@ -190 +178 @@
                 phone->state = IPC_PHONE_CONNECTING;
 
-                kobject_initialize(kobject, KOBJECT_TYPE_PHONE, phone,
+                kobject_initialize(kobj, KOBJECT_TYPE_PHONE, phone,
                     &phone_kobject_ops);
-                phone->kobject = kobject;
-
-                cap_publish(task, handle, kobject);
-
-                *out_handle = handle;
+                phone->kobject = kobj;
+
+                if (publish)
+                        cap_publish(task, handle, kobj);
+
+                *phandle = handle;
+                if (kobject)
+                        *kobject = kobj;
         }
         return rc;
@@ -214 +205 @@
                 return;
 
-        assert(kobj->phone);
-        assert(kobj->phone->state == IPC_PHONE_CONNECTING);
-
         kobject_put(kobj);
         cap_free(TASK, handle);
 }
 
-/** Connect phone to a given answerbox.
- *
- * @param handle  Capability handle of the phone to be connected.
- * @param box     Answerbox to which to connect the phone.
- * @return        True if the phone was connected, false otherwise.
- */
-bool phone_connect(cap_handle_t handle, answerbox_t *box)
-{
-        kobject_t *phone_obj = kobject_get(TASK, handle, KOBJECT_TYPE_PHONE);
-        if (!phone_obj)
-                return false;
-
-        assert(phone_obj->phone->state == IPC_PHONE_CONNECTING);
-
-        /* Hand over phone_obj reference to the answerbox */
-        return ipc_phone_connect(phone_obj->phone, box);
-}
-
 /** @}
  */