Hi,
I was just trying to set up a simple application that uses L4Re namespaces. I therefore took the clntsrv example and modified it as shown in the diff below with the result that the server blocks on the bind_thread() call. Am I missing something?
Cheers Johannes
diff --git a/src/l4/pkg/examples/clntsrv/clntsrv.cfg b/src/l4/pkg/examples/clntsrv/clntsrv.cfg index bb2ae50..dd7dfa5 100644 --- a/src/l4/pkg/examples/clntsrv/clntsrv.cfg +++ b/src/l4/pkg/examples/clntsrv/clntsrv.cfg @@ -9,13 +9,16 @@ local ld = L4.default_loader; -- Channel for the two programs to talk to each other. local calc_server = ld:new_channel();
+local server_ns = ld:create_namespace({ calc_server = calc_server:svr()}); +local client_ns = ld:create_namespace({ calc_server = calc_server}); + -- The server program, getting the channel in server mode. -ld:start({ caps = { calc_server = calc_server:svr() }, +ld:start({ caps = { namespace = server_ns }, log = { "server", "blue" } }, "rom/ex_clntsrv-server");
-- The client program, getting the 'calc_server' channel to be able to talk -- to the server. The client will be started with a green log output. -ld:start({ caps = { calc_server = calc_server }, +ld:start({ caps = { namespace = client_ns }, log = { "client", "green" } }, "rom/ex_clntsrv-client"); diff --git a/src/l4/pkg/examples/clntsrv/server.cc b/src/l4/pkg/examples/clntsrv/server.cc index 2f2e3fc..9c4c0b9 100644 --- a/src/l4/pkg/examples/clntsrv/server.cc +++ b/src/l4/pkg/examples/clntsrv/server.cc @@ -12,6 +12,7 @@ #include <l4/re/util/cap_alloc> #include <l4/re/util/object_registry> #include <l4/cxx/ipc_server> +#include <l4/re/namespace>
#include "shared.h"
@@ -60,12 +61,34 @@ main() { static Calculation_server calc;
- // Register calculation server - if (!server.registry()->register_obj(&calc, "calc_server").is_valid()) - { - printf("Could not register my service, is there a 'calc_server' in the caps table?\n"); - return 1; - } + L4::CapL4Re::Namespace ns = L4Re::Env::env()->get_capL4Re::Namespace("namespace"); + if (!ns.is_valid()) { + printf("Could not get namespace cap from cap table.\n"); + return 1; + } + L4::CapL4::Ipc_gate calc_server = L4Re::Util::cap_alloc.allocL4::Ipc_gate(); + + if (ns->query("calc_server", calc_server) != 0) { + printf("Could not get 'calc_server' cap from namespace\n"); + return 1; + } + + if (!calc_server.is_valid()) { + printf("calc_server cap is invalid\n"); + return 1; + } + + l4_umword_t id = l4_umword_t(0xcaffee); + L4::CapL4::Thread tcap = L4Re::Env::env()->main_thread(); + + printf("bind_thread()...\n"); + int err = l4_error(calc_server->bind_thread(tcap, id)); + if (err < 0) { + printf("failed\n"); + return 1; + } + + printf("OK\n");
printf("Welcome to the calculation server!\n" "I can do substractions and negations.\n");
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi Johannes,
I was just trying to set up a simple application that uses L4Re namespaces. I therefore took the clntsrv example and modified it as shown in the diff below with the result that the server blocks on the bind_thread() call. Am I missing something?
could you shortly describe what you are trying to achieve here?
Bjoern
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi Johannes,
I was just trying to set up a simple application that uses L4Re namespaces. I therefore took the clntsrv example and modified it as shown in the diff below with the result that the server blocks on the bind_thread() call. Am I missing something?
could you shortly describe what you are trying to achieve here?
Well, I want to provide capabilities for an application by putting them into a local namespace. Since our system changes dynamically I want to add capabilities at runtime by registering them to the corresponding namespace.
Bjoern -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAlHn8EUACgkQP5ijxgQLUNliFQCdHD/P8gaIuPbLVvk+CkBsLSCf cNwAn23fQEPj7JTUcqtKEptPPSQGnENi =7FQc -----END PGP SIGNATURE-----
l4-hackers mailing list l4-hackers@os.inf.tu-dresden.de http://os.inf.tu-dresden.de/mailman/listinfo/l4-hackers
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi Johannes,
Well, I want to provide capabilities for an application by putting them into a local namespace. Since our system changes dynamically I want to add capabilities at runtime by registering them to the corresponding namespace.
please find attached the clntsrv example adapted to use namespaces. The general approach is:
1) In the Lua config create an empty namespace and make it accessible to your application(s). Note that the example also uses different access rights for client and server.
2) On the server side I use the object registry's register_object() function, which internally creates an IPC gate and binds the calling thread to it. Then I use the namespace's register_object() call to make the new channel externally visible.
3) In the client I query for the object name. This call blocks until the server has registered the new channel.
Apart from these steps, client and server implementation are identical to the original example.
Regarding your approach of putting a channel into the namespace within the Lua config file: This does not work for me. We are still trying to figure out, why. It's probably indeed be related to the downgrading as suggested by Christian.
Bjoern
Thanks Björn.
The problem I have is not lua specific though. I was not only trying to pass the client capability via namespaces (which works perfectly as you just demonstrated) but also to register the server capability of an ipc_gate to the server's namespace.
Basically, I don't want the server to create the ipc_gate by itself. Instead I have another (trusted) application that has access to both namespaces (i.e. the one of the server and the one of the client). This application creates the ipc_gate and registers its capability with appropriate rights to the corresponding namespaces.
The lua config I sent initially was just my approach to reproduce this problem without posting too much of my code and to minimize the PEBKAC factor ;)
Johannes
On Thu, 18 Jul 2013 18:53:37 +0200 Björn Döbel doebel@os.inf.tu-dresden.de wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi Johannes,
Well, I want to provide capabilities for an application by putting them into a local namespace. Since our system changes dynamically I want to add capabilities at runtime by registering them to the corresponding namespace.
please find attached the clntsrv example adapted to use namespaces. The general approach is:
In the Lua config create an empty namespace and make it accessible to your application(s). Note that the example also uses different access rights for client and server.
On the server side I use the object registry's register_object() function, which internally creates an IPC gate and binds the
calling thread to it. Then I use the namespace's register_object() call to make the new channel externally visible.
- In the client I query for the object name. This call blocks until the server has registered the new channel.
Apart from these steps, client and server implementation are identical to the original example.
Regarding your approach of putting a channel into the namespace within the Lua config file: This does not work for me. We are still trying to figure out, why. It's probably indeed be related to the downgrading as suggested by Christian.
Bjoern -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAlHoHZAACgkQP5ijxgQLUNlt0wCfX3qShBjEXdXvaXGmVtbk5IgG Ys8An2vS/Uqj5qrFyKVxFAvGBB0BgtE0 =0Qez -----END PGP SIGNATURE-----
Hi Johannes,
I extended Björns example, see attachment. Now a trusted app creates the IPC gate, which can be used for client-server communication.
To try the example you have to use the attached patch.
Best regards, Tobias
On Thu, 2013-07-18 at 21:00 +0200, Johannes Schlatow wrote:
Thanks Björn.
The problem I have is not lua specific though. I was not only trying to pass the client capability via namespaces (which works perfectly as you just demonstrated) but also to register the server capability of an ipc_gate to the server's namespace.
Basically, I don't want the server to create the ipc_gate by itself. Instead I have another (trusted) application that has access to both namespaces (i.e. the one of the server and the one of the client). This application creates the ipc_gate and registers its capability with appropriate rights to the corresponding namespaces.
The lua config I sent initially was just my approach to reproduce this problem without posting too much of my code and to minimize the PEBKAC factor ;)
Johannes
On Thu, 18 Jul 2013 18:53:37 +0200 Björn Döbel doebel@os.inf.tu-dresden.de wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi Johannes,
Well, I want to provide capabilities for an application by putting them into a local namespace. Since our system changes dynamically I want to add capabilities at runtime by registering them to the corresponding namespace.
please find attached the clntsrv example adapted to use namespaces. The general approach is:
In the Lua config create an empty namespace and make it accessible to your application(s). Note that the example also uses different access rights for client and server.
On the server side I use the object registry's register_object() function, which internally creates an IPC gate and binds the
calling thread to it. Then I use the namespace's register_object() call to make the new channel externally visible.
- In the client I query for the object name. This call blocks until the server has registered the new channel.
Apart from these steps, client and server implementation are identical to the original example.
Regarding your approach of putting a channel into the namespace within the Lua config file: This does not work for me. We are still trying to figure out, why. It's probably indeed be related to the downgrading as suggested by Christian.
Bjoern -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAlHoHZAACgkQP5ijxgQLUNlt0wCfX3qShBjEXdXvaXGmVtbk5IgG Ys8An2vS/Uqj5qrFyKVxFAvGBB0BgtE0 =0Qez -----END PGP SIGNATURE-----
l4-hackers mailing list l4-hackers@os.inf.tu-dresden.de http://os.inf.tu-dresden.de/mailman/listinfo/l4-hackers
Hi,
On Wed, Jul 17, 2013 at 10:08:14PM +0200, Johannes Schlatow wrote:
I was just trying to set up a simple application that uses L4Re namespaces. I therefore took the clntsrv example and modified it as shown in the diff below with the result that the server blocks on the bind_thread() call. Am I missing something?
Cheers Johannes
diff --git a/src/l4/pkg/examples/clntsrv/clntsrv.cfg b/src/l4/pkg/examples/clntsrv/clntsrv.cfg index bb2ae50..dd7dfa5 100644 --- a/src/l4/pkg/examples/clntsrv/clntsrv.cfg +++ b/src/l4/pkg/examples/clntsrv/clntsrv.cfg @@ -9,13 +9,16 @@ local ld = L4.default_loader; -- Channel for the two programs to talk to each other. local calc_server = ld:new_channel();
+local server_ns = ld:create_namespace({ calc_server = calc_server:svr()}); +local client_ns = ld:create_namespace({ calc_server = calc_server});
It's been a while since I tried to do something like this but IIRC an IPC-Gate Capability is automatically downgraded when you put it into a namespace. I.e. cal_server:svr() will not work and instead but the client side of the IPC-gate into the namespace.
Whether this is intential or not, I don't know.
regards Christian
l4-hackers@os.inf.tu-dresden.de
-
Björn Döbel -
Christian Ehrhardt -
Johannes Schlatow -
Tobias Stumpf