This patch is a rework of the NuttX file descriptor implementation. The
goal is two-fold:
1. Improve POSIX compliance. The old implementation tied file description
to inode only, not the file struct. POSIX however dictates otherwise.
2. Fix a bug with descriptor duplication (dup2() and dup3()). There is
an existing race condition with this POSIX API that currently results
in a kernel side crash.
The crash occurs when a partially open / closed file descriptor is
duplicated. The reason for the crash is that even if the descriptor is
closed, the file might still be in use by the kernel (due to e.g. ongoing
write to file). The open file data is changed by file_dup3() and this
causes a crash in the device / drivers themselves as they lose access to
the inode and private data.
The fix is done by separating struct file into file and file descriptor
structs. The file struct can live on even if the descriptor is closed,
fixing the crash. This also fixes the POSIX issue, as two descriptors
can now point to the same file.
Signed-off-by: Ville Juven <ville.juven@unikie.com>
Signed-off-by: dongjiuzhu1 <dongjiuzhu1@xiaomi.com>
1. The call to file_close_without_clear in file_dup3 does not clear
the tag information, so there is no need to back it up.
2. file_dup3 don't need to copy tag information, tag is only valid for fd.
Signed-off-by: dongjiuzhu1 <dongjiuzhu1@xiaomi.com>
Previously, this config was added to ensure that the size of the struct
file remained unchanged, thereby preventing the Flash memory of
resource-constrained MCUs from being unnecessarily increased.
However, we have now refactored the relationship between struct fd and struct file,
reducing their memory footprint in both Flash and RAM.
Consequently, this config can be removed.
Signed-off-by: dongjiuzhu1 <dongjiuzhu1@xiaomi.com>
Currently the code is dumped into one massive file; fs_files. Move the
different logical parts into their own files.
Signed-off-by: Ville Juven <ville.juven@unikie.com>
Signed-off-by: dongjiuzhu1 <dongjiuzhu1@xiaomi.com>
after below change merge to kernel, spin_lock() will turn off preemption by default,
but this change is not applicable to all scenarios. The locations in the kernel that
use spin_lock() extensively only require short critical sections and do not trigger
scheduling, which leads to serious performance degradation of NuttX in AMP mode.
In this PR, I try to expose similar problems and hope that each subsystem will carefully check the code coverage
https://github.com/apache/nuttx/pull/14578
|commit b69111d16a
|Author: hujun5 <hujun5@xiaomi.com>
|Date: Thu Jan 23 16:14:18 2025 +0800
|
| spinlock: add sched_lock to spin_lock_irqsave
|
| reason:
| We aim to replace big locks with smaller ones. So we will use spin_lock_irqsave extensively to
| replace enter_critical_section in the subsequent process. We imitate the implementation of Linux
| by adding sched_lock to spin_lock_irqsave in order to address scenarios where sem_post occurs
| within spin_lock_irqsave, which can lead to spinlock failures and deadlocks.
|
| Signed-off-by: hujun5 <hujun5@xiaomi.com>
Signed-off-by: chao an <anchao.archer@bytedance.com>
reason:
The list->fl_files may be modified by files_extend.
If it is being modified, there will be a race condition for fl_files[l1][l2].
Signed-off-by: hujun5 <hujun5@xiaomi.com>
After tcb is destroyed, it is very dangerous to back reference tcb through file.
This commit will perform file operations while ensuring the validity of tcb during
fsync, with will avoid tcb check in each subsystem.
Signed-off-by: chao an <anchao@lixiang.com>
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.
Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
Summary:
When the device reboot through reboot_notify to notify the task fsync time, if there is a task in the exit process, there may be priority robbed off the phenomenon, and at this time the group->tg_filelist crefs has been 0, resulting in the ASSERT
Signed-off-by: chenrun1 <chenrun1@xiaomi.com>
Summary:
1.Add configuration to allocate memory from the specified section
2.Replace all memory operations (kmm_) in the vfs with
fs_heap_. When FS_HEAPSIZE > 0, memory is requested for the file system by specifying a configured heap location. By default (i.e. FS_HEAPSIZE=0) fs_heap_ is equivalent to kmm_
Signed-off-by: chenrun1 <chenrun1@xiaomi.com>
Summary:
1.Added msync callback in struct mm_map_entry_s
2.Added msync API in fs_msync.c
3.Added static msync_rammap for rammap.
Signed-off-by: chenrun1 <chenrun1@xiaomi.com>
Pre-allocated files to avoid allocator access during thread creation
phase, For functional safety requirements, increase
CONFIG_NFILE_DESCRIPTORS_PER_BLOCK could also avoid allocator access
caused by the file descriptor exceeding the limit.
For Task Termination, the time consumption will be reduced ~3us (Tricore TC397 300MHZ):
10.65(us) -> 7.35(us)
NOTE:
This commit will not waste of extra heap, just pre-allocates the list of files for task_group.
Signed-off-by: chao an <anchao@lixiang.com>
The task files should consult the "spawn action" and "O_CLOEXEC flags"
to determine further whether the file should be duplicated.
This PR will further optimize file list duplicating to avoid the performance
regression caused by additional file operations.
Signed-off-by: chao an <anchao@xiaomi.com>
VELAPLATFO-18473
refs:
https://man7.org/linux/man-pages/man2/fcntl.2.html
If the FD_CLOEXEC bit is set, the file descriptor will automatically
be closed during a successful execve(2).
(If the execve(2) fails, the file descriptor is left open.)
modify:
1. Ensure that the child task copies all fds of the parent task,
including those with O_CLOEXE.
2. Make sure spawn_file_action is executed under fd with O_CLOEXEC,
otherwise it will fail.
3. When a new task is activated or exec is called, close all fds
with O_CLOEXEC flags.
Signed-off-by: dongjiuzhu1 <dongjiuzhu1@xiaomi.com>
