Summary:
Indicate whether the file is currently locked by adding a new field locked to filep.
0 - Unlocked
1 - Locked
The status of the filep at close is used to determine whether to continue with the following procedure.
Optimizing performance:
Before
Time taken to close the file: 33984 nsec
After
Time taken to close the file: 23744 nsec
Improvement of about 10 msec
Signed-off-by: chenrun1 <chenrun1@xiaomi.com>
Summary:
In the x86 environment, memory does not necessarily start at 0, so when end is 0x0, start = end + 1, and then determine the contents of start, it will cause x86 to cause a crash when accessing an illegal address.
This problem does not occur in the arm environment because arm starts at 0x0, so the content of the 0x1 address is “\0”.
Signed-off-by: chenrun1 <chenrun1@xiaomi.com>
Summary:
1.The relpath information is stored in the fid structure
2.The relative path information is only saved in the client. When the server changes, the relpath saved in the fid will not change.
Signed-off-by: chenrun1 <chenrun1@xiaomi.com>
When sending FIOC_XXXLK to hostfs, hostfs will return -1 by default. For ioctl statements, incompatible instructions should be processed as -ENOTTY by default
Signed-off-by: chenrun1 <chenrun1@xiaomi.com>
When handling errors through ioctl, the error returned by the server is always 0 on the client, because cookie.result is not assigned, the error returned should be in msg->result
Signed-off-by: chenrun1 <chenrun1@xiaomi.com>
Refactoring path logic to prevent logic flaws, direntry size bug fix to allow proper direntry traversal, open free bug fix to prevent memory leak after close.
Signed-off-by: Saurav Pal <resyfer.dev@gmail.com>
This triggers `mm_free_delaylist()` before dumping status in PROTECTED
build, otherwise the `free` command still shows delaylist as `used`.
Signed-off-by: Yanfeng Liu <yfliu2008@qq.com>
According to the POSIX standard, `fstat` and `stat` should return 0
(`OK`) on success. This commit changed the underlying `spiffs`
implementation to follow the POSIX standard.
Unbinding `ff_currentcluster` and `f_pos`:
1. Added `ff_pos` in `struct fat_file_s`.
2. Added function `fat_zero_cluster` for doing zeroing for gap
between EOF and new position beyond EOF.
3. Added function `fat_get_sectors` for getting the sector where
`f_pos` is located, allocting new cluster when `f_pos` is beyond
EOF.
4. Modify function `fat_read`, and `fat_write` with above functions.
5. Remove redundant logics in `fat_seek` since now new cluster is
allocated when writing instead of seeking.
Signed-off-by: Yinzhe Wu <Yinzhe.Wu@sony.com>
Reviewed-by: Yuezhang Mo <Yuezhang.Mo@sony.com>
Reviewed-by: Jacky Cao <Jacky.Cao@sony.com>
Tested-by: Yinzhe Wu <Yinzhe.Wu@sony.com>
Add a common method to format backtrace to buffer, so it can be used by both mm, fs and other possoble modules.
Signed-off-by: fangpeina <fangpeina@xiaomi.com>
sched implementation not depends on macro abstraction, so revert below commit:
This reverts commit 4e62d0005a
This reverts commit 0f0c370520
This reverts commit ad0efd04ee
Signed-off-by: chao an <anchao@lixiang.com>
pointer comparison is unsigned, when returning -errno will be converted
to a large positive number, can not enter the error handling branch,
therefore, the error code is returned directly and the sem is returned
through the parameters.
Signed-off-by: zhanghongyu <zhanghongyu@xiaomi.com>
if driver complete unlink ops, we need to call it to release some resource,
otherwise, it will only remove inode.
Signed-off-by: dongjiuzhu1 <dongjiuzhu1@xiaomi.com>
Change the type of task group member to single list chain to
avoid accessing the memory allocator to improve the performance
Signed-off-by: chao an <anchao@lixiang.com>
Pre-allocated files to avoid allocator access during thread creation
phase, For functional safety requirements, increase
CONFIG_NFILE_DESCRIPTORS_PER_BLOCK could also avoid allocator access
caused by the file descriptor exceeding the limit.
For Task Termination, the time consumption will be reduced ~3us (Tricore TC397 300MHZ):
10.65(us) -> 7.35(us)
NOTE:
This commit will not waste of extra heap, just pre-allocates the list of files for task_group.
Signed-off-by: chao an <anchao@lixiang.com>
Use private naming to avoid conflicts with user applications
In file included from libuv/src/unix/internal.h:25,
from libuv/src/unix/udp.c:23:
libuv/src/uv-common.h:57: warning: "container_of" redefined
57 | #define container_of(ptr, type, member) \
|
In file included from nuttx/include/nuttx/list.h:47,
from nuttx/include/nuttx/tls.h:40,
from nuttx/include/nuttx/sched.h:48,
from nuttx/include/nuttx/arch.h:87,
from nuttx/include/nuttx/userspace.h:35,
from nuttx/include/nuttx/mm/mm.h:30,
from nuttx/include/nuttx/kmalloc.h:34,
from nuttx/include/nuttx/lib/lib.h:31,
from nuttx/include/stdio.h:35,
from apps/system/libuv/libuv/include/uv.h:59,
from libuv/src/unix/udp.c:22:
nuttx/include/nuttx/nuttx.h:48: note: this is the location of the previous definition
48 | #define container_of(ptr, type, member) \
|
Signed-off-by: chao an <anchao@lixiang.com>
Currently at runtime it is hard to know the exact build config of
the current NuttX instance. Thus it is inconvenient when there are
multiple configs for the same board. This patch attempts to solve
the issue by adding build config to /proc/version.
Signed-off-by: Yanfeng Liu <yfliu2008@qq.com>
When we close a socket fd, it will call get path on sockets.
`close(socket_fd)` -> `file_closelk(filep)` -> `file_fcntl(F_GETPATH)`
It causes a heavy stack load for each socket close operation.
(We have `GETPATH` for sockets to be used for `fdinfo`)
But the socket fds are not intended to be used for file locks.
And so do some other file types, so we may just limit the usage of flock.
Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
These variables will trigger variable 'ret' set but not used warnings due to different configurations.
Signed-off-by: yinshengkai <yinshengkai@xiaomi.com>
When issuing an ioctl for a file that exists in a FAT32 file system,
the FAT ioctl() is first executed, but it returns -ENOSYS in
an attempt to pass through to the vfs.
Therefore, the ioctl of the VFS layer, which expects -ENOTTY,
is not processed and an error occurs.
Signed-off-by: Takeyoshi Kikuchi <kikuchi@centurysys.co.jp>
It seems that RPMSGFS is missed from the list that doesn't need block or
MTD drivers. This attempts to add it.
Signed-off-by: Yanfeng Liu <yfliu2008@qq.com>
The DIRSEC_BYTENDX(f, i) is supposed to have DIRSEC_NDXMASK(f) in its expansion instead of DIRSEC_NDXMASK(fs). It went unnoticed in the codebase as DIRSEC_BYTENDX(fs, idx) is the way it is used, and it leads to a similar expansion as desired, and thus it has worked till now without any issues from this.
Signed-off-by: Saurav Pal <resyfer.dev@gmail.com>
When shmfs_truncate is called, it uses shmfs_alloc_object to create the
physical backing for the shm file. However, the allocated physical
memory returned by mm_pgalloc is not cleared when CONFIG_BUILD_KERNEL is
set, which is a clear POSIX violation:
https://pubs.opengroup.org/onlinepubs/9699919799/functions/truncate.html
"If the file was previously shorter than length, its size is increased,
and the extended area appears as if it were zero-filled."
For FLAT and PROTECTED modes zalloc is used, so the violation affects
KERNEL mode only.
nuttx/driver/rpmsg: new folder, extract common rpmsg api in rptun.c to rpmsg.c.
rpmsg provide rpmsg_ops to each backend for specific implementation.
Signed-off-by: wangyongrong <wangyongrong@xiaomi.com>
Fix the issue where fat driver is not using the last two clusters in
the file system.
The fat parameter fs->fs_nclusters is the maximum number of data clusters;
this doesn't include the two in the beginning. Many checks in the fat driver
treat the fs->fs_nclusters-1 as being the last accessible cluster, which is not
right, the last accessible one is actually this number + 2 when the cluster
count includes the two first ones.
Normally this is not an issue when writes are being done through the same
driver, the last two clusters are just never used. But if the filesystem is
modified by external driver, for example with a populated fat created with PC,
or modifying the FS via USB-MSC, this leads to the fat driver not being able to
read anything that uses the last two clusters.
Signed-off-by: Jukka Laitinen <jukkax@ssrc.tii.ae>
Usage:
1. CONFIG_FS_PROCFS_MAX_STACK_RECORD > 0, such as 32,
2. add '-finstrument-functions' to CFLAGS for What you want to check
stack.
3. mount porcfs
4. cat /proc/<pid>/stack will print backtace & size
Signed-off-by: anjiahao <anjiahao@xiaomi.com>
A segmentfault might happen when read/write/unlink ops called without an open
ops called because it bind ept's ops in rpmsgblk_open_handler.
proxy> rm /dev/ram1
segmentfault
proxy> ls /dev/ram1
segmentfault
Signed-off-by: liaoao <liaoao@xiaomi.com>
newsize = newsize + CONFIG_FS_TMPFS_FILE_ALLOCGUARD;
When newsize is a large value,
adding a relatively small value can cause the result to become very small,
resulting in program logic errors.
For example:
0xffffffff + 0x2 = 1
Signed-off-by: hujun5 <hujun5@xiaomi.com>
The task files should consult the "spawn action" and "O_CLOEXEC flags"
to determine further whether the file should be duplicated.
This PR will further optimize file list duplicating to avoid the performance
regression caused by additional file operations.
Signed-off-by: chao an <anchao@xiaomi.com>
This moves task / thread cancel point logic from the NuttX kernel into
libc, while the data needed by the cancel point logic is moved to TLS.
The change is an enabler to move user-space APIs to libc as well, for
a coherent user/kernel separation.
ubsan_prologue: ================================================================================
ubsan_prologue: UBSAN: shift-out-of-bounds in fat/fs_fat32util.c:989:40
__ubsan_handle_shift_out_of_bounds: left shift of 268435455 by 4 places cannot be represented in type 'int'
ubsan_epilogue: ================================================================================
Signed-off-by: chao an <anchao@xiaomi.com>
1. fs_epoll: try again when epoll_teardown() return 0
when poll_notify() called larger than twice when epoll_wait() blocked
in the eph->sem, the semcount will be larger than 1 when epoll_wait()
unblocked and will return 0 directly at the next epoll_wait.
So retry to wait the eph->sem again when epoll_teardown return 0.
2. fs_epoll: poll_setup the fd again even this fd got non-expected event
Some poll implementations need call poll_setup again when their internal
states changed (e.g., local socket), so should add the fd to the epoll
teardown list and poll_setup again at the next epoll_wait even this fd
got the user non-expected event.
Signed-off-by: Bowen Wang <wangbowen6@xiaomi.com>
VELAPLATFO-18473
refs:
https://man7.org/linux/man-pages/man2/fcntl.2.html
If the FD_CLOEXEC bit is set, the file descriptor will automatically
be closed during a successful execve(2).
(If the execve(2) fails, the file descriptor is left open.)
modify:
1. Ensure that the child task copies all fds of the parent task,
including those with O_CLOEXE.
2. Make sure spawn_file_action is executed under fd with O_CLOEXEC,
otherwise it will fail.
3. When a new task is activated or exec is called, close all fds
with O_CLOEXEC flags.
Signed-off-by: dongjiuzhu1 <dongjiuzhu1@xiaomi.com>
refs: https://man7.org/linux/man-pages/man2/dup.2.html
The two file descriptors do not share file descriptor flags (the
close-on-exec flag). The close-on-exec flag (FD_CLOEXEC; see
fcntl(2)) for the duplicate descriptor is off.
Signed-off-by: dongjiuzhu1 <dongjiuzhu1@xiaomi.com>
we can mount a zipfile in nuttx use mount command like this:
mount -t zipfs -o /data/test.zip /zip
The zipfs is a read only file system,The advantage is that it
does not occupy additional space when reading the decompressed file.
When used, reading and decompression operations are simultaneous.
The known disadvantage is that when using seek to read forward,
it will reopen and cause slow speed problems.
Signed-off-by: anjiahao <anjiahao@xiaomi.com>
Fixes build error with -Werror:
shm/shmfs.c: In function 'shmfs_read':
shm/shmfs.c:122:33: error: pointer of type 'void *' used in arithmetic [-Werror=pointer-arith]
122 | memcpy(buffer, sho->paddr + startpos, nread);
| ^
shm/shmfs.c: In function 'shmfs_write':
shm/shmfs.c:166:25: error: pointer of type 'void *' used in arithmetic [-Werror=pointer-arith]
166 | memcpy(sho->paddr + startpos, buffer, nwritten);
| ^
cc1: all warnings being treated as errors
Implement I_SUID/I_SGID feature for binfs in the POSIX compliant way.
If set-user-ID bit is set in the file permissions, then the effective
user ID of process shall be set to UID of the new process image file.
test case:
hello example emulates to set uid and file set-user-ID bit, and call
geteuid and getegid API.
UID = 2000
GID = 3000
MODE = 06555
nsh> ls -l /bin/hello
-r-sr-sr-x 2000 3000 0 hello
nsh> hello
geteuid:2000
getegid:3000
Signed-off-by: fangxinyong <fangxinyong@xiaomi.com>
The memory allocated with strdup and asprintf is done via lib_malloc
so we need to use lib_free to deallocate memory otherwise the assertion
"Free memory from the wrong heap" is hit with flat mode and user separated
heap enabled mode.
Signed-off-by: Petro Karashchenko <petro.karashchenko@gmail.com>
VELAPLATFO-12536
This provides the initial hooks for Flattened Device Tree support
with QEMU RV. It also provides a new procfs file that exposes the
fdt to userspace much like the /sys/firmware/fdt endpoint in Linux.
See https://www.kernel.org/doc/Documentation/ABI/testing/sysfs-firmware-ofw
Nodes in the fdt are not yet usable by the OS.
Signed-off-by: Brennan Ashton <bashton@brennanashton.com>
Signed-off-by: liaoao <liaoao@xiaomi.com>
Both the device and the pipe used the FSNODEFLAG_TYPE_DRIVER type before,
and now add an independent pipe type
Signed-off-by: yinshengkai <yinshengkai@xiaomi.com>
In POSIX standard spec https://pubs.opengroup.org/onlinepubs/7908799/xsh/mqueue.h.html, the field type in mq_attr should be long not size_t. And no logical judgment when mq_maxmsg <= 0 or mq_msgsize <= 0. In this change, i update the field type in mq_attr, and add the missing logical judgment.
Signed-off-by: yangjiao <yangjiao@xiaomi.com>
If the shm file is removed and a subsequent close, only release shm
object, but inode is leaked. Should decrease refcount to release inode
when unmapped, that matched with refcount increase when mapped.
Another fix that remove the shm file failed.
nsh> rm /var/shm/pts_mmap_1_2_5
nsh: rm: unlink failed: 6
Signed-off-by: fangxinyong <fangxinyong@xiaomi.com>
mmap establish a mapping address space that refer to a tmpfs file,
there are two issues:
1. if the tmpfs file is removed and a subsequent close(), tmpfs_close
will release the backend memory object, use after free errors occur
when operating the mapping memory. We add an extra reference to memory object,
memory will be released when there are no more mappings.
2. if unmap only a portion of the memory, fix the bug that adds another map.
Use realloc and shrink the mapping memory instead.
The fix pass LTP posix case mmap/10-1.c and mmap/12-1.c
Signed-off-by: fangxinyong <fangxinyong@xiaomi.com>
No memory map count limit that will exhaust memory and cause
the system hang. Also that fix pass LTP posix case mmap/24-1.c
Signed-off-by: fangxinyong <fangxinyong@xiaomi.com>
If MAP_PRIVATE is specified, do not change the underlying object,
that is OK to open file with read-only permission. Change to pass:
testcases/open_posix_testsuite/conformance/interfaces/mmap/6-5.c
Signed-off-by: fangxinyong <fangxinyong@xiaomi.com>
As posix spec, mmap() function shall fail with ENODEV if fd refers
to a file whose type is not supported. Change to pass ltp open_posix test:
testcases/open_posix_testsuite/conformance/interfaces/mmap/23-1.c
https://pubs.opengroup.org/onlinepubs/9699919799/functions/mmap.html
Signed-off-by: fangxinyong <fangxinyong@xiaomi.com>
The FIOC_FILEPATH ioctl needs rf->rf_path, which is not initialized for
dup'ed romfs file and cause problems.
Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
1. command "memdump leak" can dump the leacked memory node;
2. fix the leak memory stat bug in memory manager;
Signed-off-by: wangbowen6 <wangbowen6@xiaomi.com>
since the same function can be achieved by mount:
mount(NULL, "/mnt/unionfs", "unionfs", 0,
"fspath1=/mnt/path1,prefix1=prefix1,"
"fspath2=/mnt/path2,prefix2=prefix2");
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
while iterate throuh all mapping memory to munmap and release,
the last entry is NUlL.
We need differentiate the case with invald entry at the first.
The fix is to pass ltp shm related cases.
Signed-off-by: fangxinyong <fangxinyong@xiaomi.com>
Follow the POSIX specification in https://pubs.opengroup.org/onlinepubs/9699919799/functions/sem_open.html, update the logic for condition that the semaphore name length is greater than PATH_MAX or a component length is greater than NAME_MAX.
Signed-off-by: yangjiao <yangjiao@xiaomi.com>
1. Update all CMakeLists.txt to adapt to new layout
2. Fix cmake build break
3. Update all new file license
4. Fully compatible with current compilation environment(use configure.sh or cmake as you choose)
------------------
How to test
From within nuttx/. Configure:
cmake -B build -DBOARD_CONFIG=sim/nsh -GNinja
cmake -B build -DBOARD_CONFIG=sim:nsh -GNinja
cmake -B build -DBOARD_CONFIG=sabre-6quad/smp -GNinja
cmake -B build -DBOARD_CONFIG=lm3s6965-ek/qemu-flat -GNinja
(or full path in custom board) :
cmake -B build -DBOARD_CONFIG=$PWD/boards/sim/sim/sim/configs/nsh -GNinja
This uses ninja generator (install with sudo apt install ninja-build). To build:
$ cmake --build build
menuconfig:
$ cmake --build build -t menuconfig
--------------------------
2. cmake/build: reformat the cmake style by cmake-format
https://github.com/cheshirekow/cmake_format
$ pip install cmakelang
$ for i in `find -name CMakeLists.txt`;do cmake-format $i -o $i;done
$ for i in `find -name *\.cmake`;do cmake-format $i -o $i;done
Co-authored-by: Matias N <matias@protobits.dev>
Signed-off-by: chao an <anchao@xiaomi.com>
Summary:
- Some network drivers such as GS2200M do not support to bind
a local port for TCP client socket. In this case, this config
disables to bind the port.
- See also https://github.com/apache/nuttx/pull/3707
Impact:
- None
Testing:
- Tested with spresense:wifi_smp (Kconfig will be updated later)
- Tested with sabre-6quad:netnsh_smp (QEMU)
Signed-off-by: Masayuki Ishikawa <Masayuki.Ishikawa@jp.sony.com>
Testing for overflow by adding a value to a variable to see if it "wraps
around" works only for unsigned integer values, because signed overflow
has undefined behavior according to the C and C++ standards.
Signed-off-by: Mingjie Shen <shen497@purdue.edu>
If sendfile() is called with a zero count, it will nevertheless
try to send the data. This is mostly meaningless, it causes
waste of resources, and in some cases delays.
This commit adds special handling for this case, allowing
sendfile to return immediately zero. The new behavior is
in line with the Linux variant of sendfile.
Directly return -ENOTTY in rpmsgxxx_ioctl() when the command is
not supported to avoid fdsan command FIOC_SETTAG and FIOC_GETTAG
pass to the rpmsg dev/mtd/blk server with CONFIG_FDSAN enabled.
Signed-off-by: wangbowen6 <wangbowen6@xiaomi.com>
Use sigandset function instead of & operation,
because the sigset_t structure has been changed.
This PR is to adapt to the changes made in #8885.
Signed-off-by: zhangyuan21 <zhangyuan21@xiaomi.com>
In embedded development environments, due to the lack of address isolation between processes,
fd may be passed between processes and lead to misuse,
We have designed an fd cross-process automatic detection tool,
fdcheck_protect returns the fd containing the pid information,
indicating that the ownership of the current fd belongs to the pid and is not allowed to be used by other processes.
fdcheck_restore will obtain the true fd and check if the ownership of the fd is legal
For ease of understanding, let's give an example where
the following information is represented in 32-bit binary format
fd 00000000 00000000 00000000 10001010
pid 00000000 00000000 00000011 01010101
ret 00000000 00000011 01010101 10001010
Signed-off-by: hujun5 <hujun5@xiaomi.com>
When the file pointer is reopened, keep f_tag unchanged as fd remains unchanged
fix issue https://github.com/apache/nuttx/issues/9494
Signed-off-by: hujun5 <hujun5@xiaomi.com>
Add a new field to record the global on the basis of mm_backtrace.
When using alloc, the field is incremented by 1,
so that the memory usage can be dumped within the range
Signed-off-by: anjiahao <anjiahao@xiaomi.com>
FD (file descriptor) is widely used in system software development,
and almost all implementations of posix os (including nuttx) use FD as an index.
the value of fd needs to be allocated starting from the minimum available value of 3, and each process has a copy,
so the same fd value is very easy to reuse in the program.
In multi threaded or multi process environments without address isolation,
If the ownership, global variables, and competition relationships of fd are not properly handled,
there may be issues with fd duplication or accidental closure.
Further leading to the following issues, which are difficult to troubleshoot.
1. Security vulnerability: the fd we wrote is not the expected fd and will be accessed by hackers to obtain data
2. Program exceptions or crashes: write or read fd failures, and program logic errors
3. The structured file XML or database is damaged: the data format written to the database is not the expected format.
The implementation principle of fdsan is based on the implementation of Android
https://android.googlesource.com/platform/bionic/+/master/docs/fdsan.md
Signed-off-by: hujun5 <hujun5@xiaomi.com>