- 29 May, 2024 1 commit
-
-
ROOL authored
-
- 24 Apr, 2024 1 commit
-
-
ROOL authored
-
- 20 Nov, 2023 3 commits
-
-
Jeffrey Lee authored
The poor documentation of OS_Exit in the PRMs means there could be many pieces of software which are using it in a dangerous way. E.g. the famous issue of "OS_Exit generates a garbage error if the return code is out of range" that's documented in the OS StrongHelp manuals - where people (quite rightly) assumed that the OS would generate the "return code out of range" error, when in reality the OS has only ever used the error pointer that was supplied by the caller. Try and improve on things slightly by having OS_Exit sanity check the supplied error pointer before it tries to use it. This doesn't alter the cases where OS_Exit decides to silently ignore the supplied error pointer / return code (if R0 isn't word aligned, or historically, if R0 wasn't word aligned and wasn't in the low 64MB of address space), it just alters the logic for what error pointer gets sent to OS_GenerateError when it does decide to raise an error. If the error pointer looks bad (it's below &4000 or not pointing to at least 8 bytes of readable memory) then it will get swapped out for one of the "return code out of range" errors which get used when you *Set Sys$ReturnCode. Version 6.70. Tagged as 'Kernel-6_70'
-
Jeffrey Lee authored
Although it's never been officially documented, RISC OS has historically used the following values for R0-R2 when calling the exit environment handler: R0 = 0 (or some other "safe" value) R1 = R1 from OS_Exit R2 = Return code Some exit handlers were relying on this (e.g. Shared C Library / ANSILib). Changing OS_Exit to use TaskControl_ResetStacks was causing R1 & R2 to be corrupt, with the result that non-zero, non-error-generating return codes from C programs were being lost and reset to zero. Document things more clearly and ensure R0-R2 have acceptable values so that software which relies on the old behaviour will work again.
-
Jeffrey Lee authored
OSExitArgs checks how OS_Exit handles its arguments, whether it passes the call on to the error or exit handler, and the register state on entry to those handlers. It will currently fail on this version of the kernel due to a register corruption bug introduced when OS_Exit was changed to use TaskControl_ResetStacks (the state of R0-R2 on entry to exit handlers has never been documented, and some handlers rely on R0-R2 being in a valid state to pass into another OS_Exit call, but TaskControl was corrupting R1-R2, preventing the return code from being passed on)
-
- 21 Oct, 2023 1 commit
-
-
Phil Pemberton authored
Add VCO, TV, NTSC video flag to VDU VideoDevice descriptor for Bush IBX (and possibly others later). Allows the HAL to convey hardware settings to the VIDC20Driver at run time. Also add the Lazarus machine name to the list of machines for abort trap. Version 6.69. Tagged as 'Kernel-6_69'
-
- 14 Oct, 2023 1 commit
-
-
Robert Sprowson authored
There's no assured 1:1 relationship between ROM module and module chain position now some modules can be started early for keyboard detection (and even ignoring that, if you *Unplug something the module chain numbers all change), so take the configured language to mean the position in the system ROM. Version 6.68. Tagged as 'Kernel-6_68'
-
- 23 Aug, 2023 1 commit
-
-
Ben Avison authored
BuildSys 7.91 changes how top-level phony rules are overridden. In this component, the `export`, `install`, `install_rom` and `rom` targets are redefined after `AAsmModule` is included, so they will be affected. Version 6.67. Not tagged
-
- 19 Aug, 2023 1 commit
-
-
John Ballance authored
Version 6.67. Tagged as 'Kernel-6_67'
-
- 03 May, 2023 2 commits
-
-
Jeffrey Lee authored
A mistake in the interlace handling changes that were made in Kernel 6.21 meant that when HandleServiceEnumerateScreenModes populates the buffer that's returned to the caller, all of the modes were getting treated as interlaced, resulting in most of them reporting a Y resolution that's twice what it should be. Attempting to use those mode entries (e.g. constructing a mode selector block and calling OS_ScreenMode 0 or OS_CheckModeValid) would then most likely fail. Fix the code to look at the correct VIDC list member when checking for interlace. This fixes things so that (when using legacy monitor types) the mode lists reported by Service_EnumerateScreenModes and the display manager are once again valid. Version 6.65. Tagged as 'Kernel-6_65'
-
Jeffrey Lee authored
File this under "how did this ever work": the call to DoBasicVetMode was corrupting R5 if the VIDC list was accepted by the driver (and potentially corrupting it if it wasn't), which would then cause a crash or memory corruption if this wasn't the last pixel depth that we wanted to try for this X/Y/Hz combination. This wouldn't have affected most people since most machines will be using MDFs or EDID, but I'm not sure how this got missed during my initial testing of the feature (Service_EnumerateScreenModes implementation for legacy monitor types). Fixes issue reported on forums with *Desktop crashing in the kernel after shift-booting on Iyonix: https://www.riscosopen.org/forum/forums/5/topics/17705?page=4#posts-140181
-
- 30 Jan, 2023 3 commits
-
-
Jeffrey Lee authored
Version 6.64. Not tagged
-
Timothy E Baldwin authored
R4 contains the offset to adjust the PC value to use in the error message, but was being corrupted by changes in Kernel 6.62 (commit 6baad1bc). Version 6.64. Tagged as 'Kernel-6_64'
-
Timothy E Baldwin authored
Was trying to use SYS mode to access user registers, which was introduced in ARMv4. Fix by using STM and LDM instead. Also support reading and writing registers for 26-bit modes. Tested on RPCEmu. Version 6.63. Not tagged
-
- 14 Jan, 2023 13 commits
-
-
Jeffrey Lee authored
If lazy task swapping is disabled, and appspace is an AMB node, it was possible to map out the page at &7000 and trigger an abort by attempting to shrink application space to a negative size, e.g. by using "*ChangeDyn -RamFSSize" to create a RAM disc larger than the amount of available RAM. Fix it by sanity checking the DA/AMBNode size within AMBDAHandler before passing on the request to the lower-level growpages/shrinkpages calls (shrinkpages requires the input to be valid and will break if given a negative size). Version 6.63. Tagged as 'Kernel-6_63'
-
Jeffrey Lee authored
Needed for BCM2835 builds, at least. Guess I should have checked that things built correctly after all the rebasing & cherry-picking that went into preparing the MR.
-
Jeffrey Lee authored
Version 6.62. Tagged as 'Kernel-6_62'
-
Jeffrey Lee authored
-
Jeffrey Lee authored
-
Jeffrey Lee authored
-
Jeffrey Lee authored
-
Jeffrey Lee authored
-
Jeffrey Lee authored
Add an implementation of RISCOS Ltd's OS_TaskControl 0. In addition to the documented Select behaviour of resetting the IRQ and SVC stacks, under RISC OS 5 it resets ABT+UND, and some other important kernel variables (IRQsema + CDASemaphore)
-
Jeffrey Lee authored
-
Jeffrey Lee authored
Will be useful for HALs that want to use LDREXD/STREXD to workspace locations
-
Jeffrey Lee authored
SyncLib use is still disabled by default, but this ensures that when we do enable it we'll be using the right version of the library.
-
Jeffrey Lee authored
To match BuildSys 7.76
-
- 05 Jan, 2023 1 commit
-
-
ROOL authored
Version 6.61. Tagged as 'Kernel-6_61'
-
- 01 Jun, 2022 2 commits
-
-
Richard Coleman authored
Deleting a non-existent system variable resulted in the error message: System variable '%0' not found. Version 6.60. Tagged as 'Kernel-6_60'
-
Ben Avison authored
These are the 4 common access privilege values in bits 0-3 of OS_DynamicArea 0 and word 3 of the entries used with OS_Read/SetMemMapEntries. They are equivalent to the kernel's internal OSAP_* symbols. Version 6.59. Not tagged
-
- 07 Aug, 2021 4 commits
-
-
Jeffrey Lee authored
When AP1 memory is being emulated (long descriptor page tables are in use), the AbortTrap machinery is used to emulate usermode read access. This provides coverage for all read instructions except those that AbortTrap handles via MemMap requests - LDREX, LDA, LDAEX, LDF & LFM. LDREX & LDAEX request both read & write access, so are fine (the MemMap request will get passed through to the registered AbortTrap handlers). LDF & LFM are irrelevant, since they only exist on ARM7500FE (on other machines FPEmulator will translate them to regular LDR/LDM, which are handled correctly) LDA however, will generate a plain "memmap with usermode read" request. When AbortTrap looks at the permissions of emulated AP1 it doesn't take into account the fact that the usermode read permission is being emulated, so it thinks that everything is fine and claims the memmap was successful, causing the abort handler to retry the instruction without making any changes, resulting in an infinite abort loop. Deal with this by detecting the above situation and also requesting usermode execute access. This will avoid the kernel (and hopefully the registered AbortTrap handlers) from thinking that the emulated AP1 is acceptable, without adversely affecting the behaviour of other instructions or access privileges. If no handler is present or the memmap request is denied, the abort will get passed on to the next stage of the abort handler (i.e. you'll get a standard data abort from trying to LDA from arbitrary emulated AP1 memory) The new test program (Dev/AbortTrap/attest_ap1) will check that this edge case is dealt with correctly. Tested on Pi 4, for both long & short page tables Version 6.59. Tagged as 'Kernel-6_59'
-
Jeffrey Lee authored
To avoid CallASWI's CPUFeatures implementation getting dangerously out of sync with the kernel, add extra asserts to both sets of sources to check try and make sure both sets of sources get updated when new flags are added.
-
Jeffrey Lee authored
Pyromaniac doesn't allow low-level control or examination of the memory map; allocate an OS_PlatformFeatures bit to allow software to directly detect this limitation instead of having to rely on the affected SWIs erroring. https://www.riscosopen.org/forum/forums/3/topics/16609
-
Jeffrey Lee authored
-
- 28 Jul, 2021 6 commits
-
-
Jeffrey Lee authored
Version 6.58. Tagged as 'Kernel-6_58'
-
Jeffrey Lee authored
The long descriptor page table format doesn't support RISC OS access privilege 1 (user RX, privileged RWX). Previously we were downgrading this to AP 0 (user RWX, privielged RWX), which obviously weakens the security of the memory. However now that we have an AbortTrap implementation, we can map the memory as "user none, privileged RWX" and provide user read support via AbortTrap's instruction decode & execute logic. There's no support for executing usermode code from the memory, but the compatibility issues caused by that are likely to be minimal.
-
Jeffrey Lee authored
Also make lazy task swapping aborts to use IFAR where possible, to ensure any Thumb-2/Jazelle instructions which cross page boundaries are handled correctly.
-
Jeffrey Lee authored
OS_ReadSysInfo 7 is meant to record the details of the last data or prefetch abort that was passed to the environment handlers. This was implemented in Ursula, but the code for recording the prefetch abort details got lost somewhere during the 32 bit conversion process. Restore it.
-
Jeffrey Lee authored
This implementation should be compatible with RISCOS Ltd's implementation.
-
Jeffrey Lee authored
Sadly we need one file per combination of action files, but by adding these pre-generated cache files to git we can speed up building the kernel from clean by a significant amount.
-