Age | Commit message (Collapse) | Author | Files | Lines |
|
For further optimizations, the token is represented
by a specific structure.
Bug-AGL: SPEC-2968
Change-Id: I3d46a12c8c16809c6cc1d543fa2e6309927ed84d
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
Allows the client to pass its authorization
token using the standard RFC 6750 method.
Bug-AGL: SPEC-2968
Change-Id: Ie9428f4b63554af121b091282ae2c126b4d0c020
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
There was a race condition that made the binder
crashing when reporting event to a client that was
disconnecting.
Bug-AGL: SPEC-2967
Change-Id: I37a654960b42fbce5548ace9d3fb50cf2b375090
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
Probably because of conditional compiling,
afb-api-dbus was broken since introduction
of uuid and hops in broadcats. This change
fixes this issue.
Bug-AGL: SPEC-2969
Change-Id: I9a0fd8552f5f61d6eafa1ed83f6e09e6474378ff
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
The function implementing jobs_enter, used by
implementations of synchronous calls, was not
taking care of waking up a thread. This had the
effect of blocking calls made by an external thread.
Bug-AGL: SPEC-2937
Change-Id: I4bf0265b4c029fb619ef7128824ee9d46a45996e
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
Calling exit in signal interrupts wasn't correctly handling
the case where the signal interrupts a thread waiting in the
main loop. This can lead to the binder error report:
CRITICAL: Can't enter dispatch while in dispatch!
This patch defers the call to exit in a job.
Bug-AGL: SPEC-2907
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Change-Id: I49c7cca1d229ae957d9ea9bfb8838161ce73a53e
|
|
The symbol 'afbBindingV3root' may be defined
in shared libraries that are not bindings.
Using it to detect bindings v3 can lead to
false detection and errors.
Bug-AGL: SPEC-2841
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Change-Id: Ib2bc77d95e3306e7b4a883136ce27c92f8524a8d
|
|
A queued job must be treated. It was not the case
when the job was queued from a foreign thread.
This change detect that a potential hang exists
and wake up an event loop to avoid it.
Bug-AGL: SPEC-2809
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Change-Id: Id12d32771ea37df5f5f2e208ec9645a6c4b0d0ab
|
|
Before that change, the client disconection made a loop
on read but wasn't closing the link.
Bug-AGL: SPEC-2759
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Change-Id: Iecfbb95cb1b7079e695ff5c08155b2310bf4b8d8
|
|
Also improve naming of variables.
Bug-AGL: SPEC-2720
Change-Id: I8efa74e27256425df18f57b3de257c234ff60e69
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
Interaction between pthread_cond_wait, pthread_broadcast
and signal may lead to lock when the child of afb-daemon dies.
To avoid that sad behavior, this commit defers the call to
"job_exit" using lazy job queueing.
Bug-AGL: SPEC-2720
Change-Id: Ifd1a56f4a439e1704f79a1291fa01f39b1640f29
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
There fixes a bug with an inversion between info
and error in implementation of synchronous calls,
leading to bad detection of errors.
Bug-AGL: SPEC-2697
Change-Id: I30a8cd9c45a91b442f6c501dd3b0c32cd3ea632d
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
The supervisor only allowed external accesses.
This was wrong, it must also allow local access
through standard API. This commit fix it.
Bug-AGL: SPEC-2660
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Change-Id: Ifa1119a6b2f22c87b1dbe087206d9f51c4005a57
|
|
This simplifies the flow that now has only one
case: the callbacks subscribe/unsubscribe of
struct afb_xreq_query_itf.
Bug-AGL: SPEC-2658
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
Change-Id: Ia49f3ce7aaa4d8603014fe163f311eadfcbf68e4
|
|
The management of structures handling a client
connection to a exported --ws-server was accessing
freed memory. Tha commit fixes that issue.
Bug-AGL: SPEC-2651
Change-Id: I511218afc907308347bc422a8aead32ca00bdae6
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
When API have mutual dependencies, leading to
loops in dependecies, broadcasting an event
never ends because of the loop (see SPEC-2625).
To avoid that weird flood of events, a unic
identifier (UUID) is attached to broadcasted
event and a tiny memory records previously
broadcasted events to avoid re-sending an
already sent event.
The size of the memory can be set using the
macro variable EVENT_BROADCAST_MEMORY_COUNT
whose default value is 8. It can be reduced
to 0.
An other mecanism is added to limit the count
of hops that a broadcasted event can do. That
count can be set using the macro variable
EVENT_BROADCAST_HOP_MAX whose default value
is 10.
Bug-AGL: SPEC-2625
Change-Id: I29550a8a5c8f5e2ffb20edc3330357a1e870c0e2
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Solving the bug SPEC-2625 needs to rework the broadcasting
of events. It appeared that the numerical event identifier
passed for broadcast wasn't used by called function except
for hooking. Suppressing it introduces a clear distinction
between the push and the broadcast paths.
The file afb-ws-json1 is changed to avoid casting of
functions.
Bug-AGL: SPEC-2625
Change-Id: I9fe75adc8086812b21b70ce28baffcf77bd5e1cf
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
This commit allow modules of afb-daemon to request UUID.
This introduce an abstraction above libuuid for 3 reasons:
1. Using uuid had bad side effect inthe past because it
required enought entropy at start time, leading to hanging
initialisations in wait for enough entropy.
2. Solving bug SPEC-2625 will require use of UUID.
3. Porting to systems that haven't libuuid is made more
easy after that.
Bug-AGL: SPEC-2625
Change-Id: I27d8b611946686dea6fab250697afe9b89aac869
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The tool afb-client-demo implements a synchronous
mode (option -s) that allows to wait for a reply
before to send the next request.
It is interesting for the purpose of testing to allow
afb-client-demo it to send a controlled count of
requests, ensuring that there is a controlled count
of pending requests.
Bug-AGL: SPEC-2638
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
Change-Id: Ic854d68aaeb82c17b4640c5c9de46181ad3a7e5e
|
|
Allowing to subscribe to a request that was replied
was possible and lead to problem revealed by issues
SPEC-2542 and SPEC-2599 (these issues are more related
to processing unordered incoming messages).
The choice was
- fix the bug and authorize (un)subscribe after reply
- forbids to (un)subscribe after reply
Second solution was chosen for its simplicity and
its networking efficiency.
Bug-AGL: SPEC-2542
Bug-AGL: SPEC-2599
Change-Id: I09f48b760b1fd6f70d42b80df3c8053696c45966
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
This reverts commit 5425e054fbf87fe6d024103f46e53f2a28e074f2.
The change introduced in the reverted commit
is no more necessary since events are sent asynchronousely.
Bug-AGL: SPEC-2215
Bug-AGL: SPEC-2219
Bug-AGL: SPEC-2542
Bug-AGL: SPEC-2599
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
Change-Id: I4fd8d1516c97e2f95caaa244e28491f71b15bba7
|
|
Sending events in the context of the calling process
had the consequence that the ordering of the messages
had to be removed (see SPEC-2215 & SPEC-2219). This
was not good by nature and lead to issues SPEC-2542
and SPEC-2599.
Sending events in the context of the calling process
also implies to delay the calling process.
For this reasons, sending events is now done in an
other jobs. For that reason, the count of allowed
pending jobs is increased to 100 (was 50).
Bug-AGL: SPEC-2215
Bug-AGL: SPEC-2219
Bug-AGL: SPEC-2542
Bug-AGL: SPEC-2599
Change-Id: I5b56d952cc187b65ad6eb9344ad74e5e8d3b7540
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
The commit "a2cf84e: hooks: Allow to remove hooking"
re-order fragment of code. But this is an issue when
backporting changes to guppy.
That commit improve the situation for the file
afb-evt.c in the process of fixing the issue
SPEC-2599
Bug-AGL: SPEC-2599
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Change-Id: I4e56cbeee7d3a89770e37a3045f652f39fc07410
|
|
The legacy V1 and V2 versions of bindings are no
more printed if absent.
The support of dynamic bindings is fixed.
Bug-AGL: SPEC-2617
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Change-Id: I429c0e2cdfcbfba6e0f1e639dbcbc2ca90a345ed
|
|
Bug-AGL: SPEC-2617
Change-Id: Ia935aab3b0b508e7a916e334237c639efb1feb15
Signed-off-by: Sebastien Douheret <sebastien.douheret@iot.bzh>
|
|
GCC-9.1.1 complains about variable ‘buf[0]’ that it may be used uninitialized
in the function 'make_info()'. This patchset initialize the variable.
Bug-AGL: SPEC-2482
Signed-off-by: Bechir Mghirbi <bechir.mghirbi@grammer.com>
Change-Id: I38d0c6f47fed462f4ea48990c4cb63f21fb2ee16
|
|
During its start, when implementing HTTP server,
afb-daemon checked that the upload directory was
accessible and writable and afb-daemon refused to
start when it was not the case.
When trying to use systemd's DynamicUser for platform
services, it had the effect to forbid service to run.
That commit add the directory /tmp as a fallback
upload directory.
Bug-AGL: SPEC-2446
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Change-Id: Ib4ee456d71cb1aefa19e8eed6774ef5f77919366
|
|
The binder was sometime locked until an external
event comes. This was discovered during stressing
startup test that don't expect external inputs and
that then waits for always without terminating.
The issue came from a little hole in the management
of the state of evmgr object. By design the evmgr
has to be synchronised against concurrent accesses
not by itself but by the integration. However, the
state of "running" wasn't set in the code protected
against concurent accesses. The new function allows
the integrator to correctly set the state before
releasing protection.
Bug-AGL: SPEC-2459
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Change-Id: Id75fd97c06d69666ced912a0a61380573dab31af
|
|
The test 'test-apiv3' was failing because the required
api list "albert armel" wasn't splitted but set as-is.
At the same time, test suite is improved.
Bug-AGL: SPEC-1130
Bug-AGL: SPEC-2377
Change-Id: Ia4ab23bf666b5b4b1db3e1da2654d9387c2c01e5
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The location of intrinsic bindings and samples could not be tuned
but was fixed to be ${CMAKE_INSTALL_FULL_LIBDIR}/afb and
${CMAKE_INSTALL_FULL_DATADIR}/af-binder
These default locations are not bad but it is important to be able
to tune that location.
Bug-AGL: SPEC-2367
Change-Id: I4d4f9e9490d61e3278ef35ac42f2143a752a7c37
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
These issues was discovered by static analysis tool.
Change-Id: Iea75151c9b1f5e4cb139d2dc4e8a5c8bae5bb303
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
The allocated size wasn't correct when 'path'
was used. The effect be unseen depending on
size and alignment of heap chunks.
Change-Id: Id9f85a0078028319491b51bc3e11cd51e4bc3755
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The compiling option __FORTIFY_SOURCE=2 introduced
a false ***buffer overflow*** detection when the
flexible array 'pattern' was initilized in globset.
The compiler is only complaining when the array is
in a struct that is in a struct like
struct { ...; struct { ...; char name[1]; }}
To avoid these false detections, it is enougth
to ellipsese the dimension of the array. Seems
to be the now standard way of declaring flexible
arrays when it was before an extension. So now:
struct { ...; struct { ...; char name[]; }}
works even when __FORTIFY_SOURCE=2.
Bug-AGL: SPEC-2292
Change-Id: I4b4a5df505a5357f92b9ab1657175911198ca582
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The load of dynamic bindings becomes removable.
This is a step in direction of a tiny binder library.
Also refactor AGL_DEVEL
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
Change-Id: If283f431fd8a831429e717b2770464cb54476dc7
|
|
Bindings version 2 will become legacy soon.
This patch allows their removal
Change-Id: Iecad3abd0ddd714e5d55c0b935be756a29d1ca37
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
Change-Id: Idbadb9b7b801cb61d527addb5d3137aeb4cf6311
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
The new termination function can allow the restart
because it doesn't abort the waiting jobs.
So after calling 'jobs_exit', all threads stop.
The function 'job_start' returns.
The threads that are in blocking state, i.e. in
a call to 'jobs_enter' or 'jobs_call' are stopped.
An error status -1 with errno=EINTR is returned in
that case.
But before returning, that function calls the exit
handler if any.
Change-Id: I85a4b1976b09b18804eb681af940531ae5ace6c3
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The warning maybe-uninitialized is emited only
when the optimisation level is greater than 0.
For this reason, the error was not discovered
development process. The build config is tuned
to detect that error and the error is fixed.
Change-Id: I14c8ffe6daa3d498268cfadeab20300895b3360e
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
With the introduction of more compilation flags,
it becomes interesting to use a configuration
file.
The configuration file is usually "config.h".
So that renaming avoids future ambiguity.
It also reflects better what the module does.
Change-Id: I952adc1e1bf469132dc224900bd9140ccc51c58b
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
This change allows to downsize the binder by
removing its internal hooking and tracing features.
Change-Id: Ifb080a7426216f6c6b1c8f8e5bf8ddd52df40a3e
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
The following new switches are added:
- USE_SIG_MONITOR_DUMPSTACK activate dump stack on error
- USE_SIG_MONITOR_SIGNALS activate handling of signals
- USE_SIG_MONITOR_FOR_CALL activate monitoring of calls
- USE_SIG_MONITOR_TIMERS activate monitoring of call expiration
All enabled by default
Change-Id: I2231e5f2a8db469b7258ce14530f72b4c5f38b00
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Improves security of the binder by using
secure_getenv instead of getenv.
Change-Id: Iffd56ca65251763aacb0b9dbbaa768619cd92dd4
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The event loop is renamed evmgr for "event manager"
with the intention (1) still use evloop in jobs (2)
to provide an abstract event manager/handler/loop
abstraction.
Change-Id: Ib1955f661f98df80e1c7be99e9fe26a1e06d78f6
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
- The new version of 'systemd_get_event_loop' dont depends
anymore on jobs but returns a unique systemd event loop
for any threads.
- The event loop of jobs now use system.h function instead
of the opposite.
- The function 'jobs_get_sd_event' is removed
- The function 'jobs_acquire_event_manager' is introduced.
It is designed to that the current thread can manipulate
the single event manager
Change-Id: I31fe48dfe0f2cfa4d468e49338d36fea6e7e8081
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Files "afb-systemd.[ch]" are renamed "systemd.[ch]"
and their functions "afb_systemd_*" are renamed "systemd_*"
Change-Id: I8362a2ca8b71945b54c6ab9a7ead51d9c50bc8e2
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Change-Id: Iaa7f71dc7e5d8d525463619b4da980c827722909
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Minor cleanup
Change-Id: Iddcaf85cdc30f74e54016ce300380b33662fbc04
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
In rare circumstances during intialization threads should wait instead
of using a null event loop. This is because no one has needed event loop at
this stage of initialization.
Change-Id: I05b6ddbc05bec50958d0981213219b1d641401a5
Signed-off-by: Frederic Marec <frederic.marec@iot.bzh>
|
|
At the end, the case is never reached because
json_object_to_json_string_ext only produces
valid JSON strings and a string terminated by
'\' isn't a valid JSON string.
Change-Id: I58a6dc4d9c014487ff2dc85f7eb3dbf33ffea6b1
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Requests are already sequenced on need (noconcurrency
flag of bindings). Sequencing messages until their
completion has a side effect when dealing with events
and synchronous calls: event -> call -> reply locked
until event completion (see SPEC-2219).
This change could be reverted if events are converted
to jobs (see SPEC-2215).
Bug-AGL: SPEC-2219
Change-Id: Ia577bc54ba38291817fd5ed3e3dda1b67b2818b7
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|