#
79da0792 |
|
01-Mar-2020 |
Gerwin Klein <gerwin.klein@data61.csiro.au> |
Convert license tags to SPDX identifiers This commit also converts our own copyright headers to directly use SPDX, but leaves all other copyright header intact, only adding the SPDX ident. As far as possible this commit also merges multiple Data61 copyright statements/headers into one for consistency.
|
#
28c1ff4b |
|
05-Sep-2019 |
Simon Shields <simon.shields@data61.csiro.au> |
kernel: set maximum user paddr in build system expose the maximum physical address that can be given to userspace for use in hardware_gen.py
|
#
b0f974c4 |
|
18-Sep-2019 |
Kent McLeod <Kent.Mcleod@data61.csiro.au> |
pc99,CMake: Move configs to x86 dir These configs are also used by x86 files and this fixes an configuration race condition where projects try set KernelIOMMU after platform settings are configured and so KernelIOMMU doesn't result in a correct value.
|
#
d6bef3c5 |
|
09-Sep-2019 |
Kent McLeod <Kent.Mcleod@data61.csiro.au> |
cmake: Only include cmake files for selected arch This prevents accidental declaration of properties or configurations that are for the incorrect architecture selected. This was previously required as the variables KernelWordSize and KernelArch were defined in each arch specific cmake.config file. Now that they are defined in advance it is possible to exclude the other imports.
|
#
15091664 |
|
20-Mar-2019 |
Curtis Millar <curtis.millar@data61.csiro.au> |
Add syscall for setting the current TLS register. Some platforms and configurations do not allow user code to change the value of the register used for TLS. On these architectures a syscall can be used to allow the kernel to update the register on their behalf. This does not immediately update the value in the user context on many configurations as the values are only stored in the user context on a context switch.
|
#
3207abee |
|
20-Mar-2019 |
Curtis Millar <curtis.millar@data61.csiro.au> |
RFC-3: Update context for x86 to use FS and GS. TLS_BASE virtual register is replaced with FS_BASE and GS_BASE virtual registers. The FS_BASE and GS_BASE virtual registers are moved to the end of the context so they need not be considered in the kernel exit and entry implementation. Removed tracking of ES, DS, FS, and GS segment selectors on kernel entry and exit. ES and DS are clobbered on kernel entry with the RPL 3 selector for a DPL 3 linear data segment. FS is clobbered on exit with the RPL 3 selector for the DPL 3 segment with FS_BASE as the base. This is done on exit to reload the value from the GDT. GS is clobbered on exit with the RPL 3 selector for the DPL 3 segment with GS_BASE as the base. This is done on exit to reload the value from the GDT. Kernel entry and exit code is refactored, simplified, and improved in light of the above changes. x64: update verified config to use fsgsbase instr The verification platform for x64 relies on the fsgsbase instruction.
|
#
4ede700f |
|
06-May-2019 |
Kent McLeod <Kent.Mcleod@data61.csiro.au> |
CMake: Invert plat config.cmake processing order Instead of processing each platform CMake file during the arch's config.cmake file, we process all of the platform CMake files first. This is primarily motivated by wanting to move platform configuration into a config file that is processed via a -C argument to the initial build initialisation command. Now a platform config is responsible for setting the kernel architecture and it's own platform/arch specific config settings. Where previously a platform was chosen in an arch specific way via either setting KernelARMPlatform or KernelX86Sel4Arch or KernelRiscVPlatform, a platform can now be set by KernelPlatform. In cases where a platform may further parameterise its configuration it is free to choose its own config options to query. Platforms that support multiple seL4 architectures should use KernelSel4Arch to query this. Platforms that provide sub platforms such as exynos5 and subplatforms exynos5250, exynos5410 and exynos5422 can be selected by specifying KernelPlatform=exynos5, KernelARMPlatform=exynos5410 for example.
|
#
ffa9fda8 |
|
21-Mar-2019 |
Anna Lyons <Anna.Lyons@data61.csiro.au> |
style: use consistent styling for all cmake files Add .cmake-format.yaml which defines custom functions with kwargs to style nicely
|
#
2ac5bd63 |
|
05-Dec-2018 |
Edward Pierzchalski <ed.pierzchalski@data61.csiro.au> |
cmake: make pde_C an optional top-level type. RISCV has its own model of page tables that doesn't have a distinguished 'directory' level.
|
#
15895f81 |
|
26-Nov-2018 |
Kent McLeod <Kent.Mcleod@data61.csiro.au> |
Fix typo 'vulernable' in 2 files
|
#
a2ba49a8 |
|
20-Feb-2018 |
Matthew Brecknell <Matthew.Brecknell@data61.csiro.au> |
x64: fix typo in CMake config
|
#
b1e799a4 |
|
28-Jan-2018 |
Adrian Danis <Adrian.Danis@data61.csiro.au> |
x86: Config option for RSB flush on context switch This option can be enabled to prevent a user from performing a Spectre like attack on another user through polluting the RSB.
|
#
2423c620 |
|
28-Jan-2018 |
Adrian Danis <Adrian.Danis@data61.csiro.au> |
x86: Config option for branch prediction barrier on context switch This option can be enabled to prevent a user from performing a Spectre like attack on another user through polluting the indirect branch predictor.
|
#
f0594ac9 |
|
28-Jan-2018 |
Adrian Danis <Adrian.Danis@data61.csiro.au> |
x86: Implement IBRS based Spectre mitigations Provides the ability to enable the IBRS hardware Spectre mitigation strategies, as well as completes the software mitigation by disabling jump tables in compilation. The hardware mitigations are largely provided "for completeness" in the hopes that they eventually become less expensive. For the moment there is no reason to turn on any beyond STIBP if running in multicore
|
#
29695d26 |
|
07-Jan-2018 |
Adrian Danis <Adrian.Danis@data61.csiro.au> |
x64: SKIM window to mitigate Meltdown (CVE-2017-5754) on x86-64 Introduces a kernel option that, when enabled, reduces the kernel window in a user address space to just be Static Kernel Image and Microstate (SKIM), instead of the full kernel address space. This isolates the important kernel data from the user preventing a Meltdown style attack being able to violate secrecy. The kernel text and read only data, i.e. anything that is static from boot, is not secret and can be allowed in the SKIM window and potentially read by the user. Additionally to switch to and from the actual kernel address space a small amount of state needs to also be in the SKIM window. This is only an implementation for x86-64, although the same design is applicable to ia32
|
#
eec02fd2 |
|
15-Jan-2018 |
Adrian Danis <Adrian.Danis@data61.csiro.au> |
x86: Dangerous read/write MSR interface Provides a syscall interface for reading and writing arbitrary MSR values. This is being introduced as an alternative to the DebugRun, as the main purpose of debug run is for modifying the performance monitoring events via read/write MSR.
|
#
abe99d3a |
|
14-Jan-2018 |
Adrian Danis <Adrian.Danis@data61.csiro.au> |
x86: Export PMC to user Provides an option that, on kernel init, enables user reading of the performance monitoring counters. This is a step towards removing the dependence on seL4_DebugRun for user level benchmarking/profiling
|
#
8639dbca |
|
06-Nov-2017 |
Adrian Danis <Adrian.Danis@data61.csiro.au> |
Abstractly declare a threads registers have changed This removes an #ifdef for x86-64 that was in generic code by declaring the generic mechanism that is being used as an Arch_ function
|
#
87923b72 |
|
14-Nov-2017 |
Adrian Danis <Adrian.Danis@data61.csiro.au> |
cmake: Additional TOPLEVELTYPES for x86-64
|
#
d59c876d |
|
08-Oct-2017 |
Adrian Danis <Adrian.Danis@data61.csiro.au> |
x86: Configuration options for different multiboot headers This allows for disabling a particular multiboot version if there are problems using it with a particular loader.
|
#
a873611c |
|
21-Aug-2017 |
Adrian Danis <Adrian.Danis@data61.csiro.au> |
Consistent capitalisation of XSave
|
#
0b730720 |
|
16-Mar-2017 |
Adrian Danis <Adrian.Danis@data61.csiro.au> |
Add a CMake based build system This commit adds an alternate build system using CMake that operates indepenently of the existing Kconfig+Kbuild+make based build system
|