redox-os issueshttps://gitlab.redox-os.org/groups/redox-os/-/issues2023-11-18T02:52:24Zhttps://gitlab.redox-os.org/redox-os/installer/-/issues/15(feature request) Support specific EFI partition size2023-11-18T02:52:24ZIvan Tan(feature request) Support specific EFI partition sizeSome embedded/iot boards need more space in `EFI` partition to install boot-related firmware.Some embedded/iot boards need more space in `EFI` partition to install boot-related firmware.https://gitlab.redox-os.org/redox-os/redox/-/issues/1398MIPS architecture port2023-08-12T11:40:49ZJeremy SollerMIPS architecture port*Created by: aep*
We're in need of a kernel for MIPS.
- very small
- micro-kernel
- support for virtual memory
- reasonably stable
- reasonable linux compatbility (some porting effort is fine)
Is that something we should attempt...*Created by: aep*
We're in need of a kernel for MIPS.
- very small
- micro-kernel
- support for virtual memory
- reasonably stable
- reasonable linux compatbility (some porting effort is fine)
Is that something we should attempt to do, or would you say that redox-os is not in the right stage yet?https://gitlab.redox-os.org/redox-os/redox/-/issues/1397memtest86+ for the Redox bootloader2023-08-10T06:36:17ZRibbonmemtest86+ for the Redox bootloadermemtest86+ is offered as a package in many Linux distributions, this package has a executable called `memtest-setup` that will run memtest86+ on reboot.
`memtest-setup` is configured to GRUB, thus our port will need to add the memtest86...memtest86+ is offered as a package in many Linux distributions, this package has a executable called `memtest-setup` that will run memtest86+ on reboot.
`memtest-setup` is configured to GRUB, thus our port will need to add the memtest86+ binary to the Redox bootloader.https://gitlab.redox-os.org/redox-os/redox/-/issues/1396Raspi3b+ support2023-10-27T13:41:34ZIvan TanRaspi3b+ supportThis issue cover what is necessary for running Redox OS in raspi3b+(ARM64 device)
* 1. Build u-boot to run `bootloader.efi` with the user-specific Device Tree Blob(DTB) file.
* 2. Pass the dtb file to Redox's kernel.
* 3. Redox's kernel ...This issue cover what is necessary for running Redox OS in raspi3b+(ARM64 device)
* 1. Build u-boot to run `bootloader.efi` with the user-specific Device Tree Blob(DTB) file.
* 2. Pass the dtb file to Redox's kernel.
* 3. Redox's kernel parses dtb file.
* 4. Redox installer support adding files to specific partition, for example, writing the dtb file `/DTB/BROADCOM/bcm2837-rpi-3-b.dtb` to EFI partition.
* 5. Commands for running and debugging Redox OS in qemu.
* 6. Steps for running Redox OS in read hardware(raspi3b+).
# uboot
demo: https://gitlab.redox-os.org/Ivan/u-boot/-/tree/redox/v2022.07?ref_type=heads
# bootloader
demo: https://gitlab.redox-os.org/Ivan/bootloader/-/tree/ivan/raspi3b?ref_type=heads
# kernel
demo: https://gitlab.redox-os.org/Ivan/kernel/-/tree/ivan/raspi3b?ref_type=heads
# installer
demo: https://gitlab.redox-os.org/Ivan/installer/-/tree/ivan/raspi3b?ref_type=heads
https://gitlab.redox-os.org/Ivan/redox_firmware.git
Installation(run as root):
```
#!/bin/sh
#
mount -o loop,offset=$((2048*512)) build/aarch64/server/harddrive.img /mnt/efi_boot
mkdir -p /mnt/efi_boot/dtb/broadcom/
dtc -I dts -O dtb ~/code/redox_project/redox_firmware/platform/raspberry_pi/rpi3/bcm2837-rpi-3-b-plus.dts > bcm2837-rpi-3-b-plus.dtb
cp bcm2837-rpi-3-b-plus.dtb /mnt/efi_boot/dtb/broadcom/bcm2837-rpi-3-b.dtb
umount /mnt/efi_boot
exit
```
# cookbook
demo: https://gitlab.redox-os.org/Ivan/cookbook/-/tree/ivan/raspi3b?ref_type=heads
# qemu
QEMU emulator version 7.2.3 (v7.2.3) or upper.
# command
run:
```
SDL_VIDEO_X11_DGAMOUSE=0 qemu-system-aarch64 -M raspi3b -smp 4,cores=1 \
-serial stdio -display none\
-kernel build/aarch64/server/u-boot.bin \
-sd build/aarch64/server/harddrive.img
```
run with debug:
```
SDL_VIDEO_X11_DGAMOUSE=0 qemu-system-aarch64 -M raspi3b -smp 4,cores=1 \
-serial stdio -display none\
-kernel build/aarch64/server/u-boot.bin \
-sd build/aarch64/server/harddrive.img \
-chardev socket,path=/tmp/gdb-socket,server=on,wait=off,id=gdb0 -gdb chardev:gdb0 -S
```
gdb:
```
./prefix/aarch64-unknown-redox/relibc-install/bin/aarch64-unknown-redox-gdb --eval-command="target remote /tmp/gdb-socket"
```
# Real hardware support
TBDhttps://gitlab.redox-os.org/redox-os/drivers/-/issues/37vesad: Implement Debug for DisplayScheme2023-08-07T06:54:20ZRon Williamsvesad: Implement Debug for DisplaySchemeWhen debugging a problem with `vesad`, I hacked a version of `Debug` for `DisplayScheme` and found it extremely helpful. It would be good to implement this permanently. Be careful not to include the screen buffer.When debugging a problem with `vesad`, I hacked a version of `Debug` for `DisplayScheme` and found it extremely helpful. It would be good to implement this permanently. Be careful not to include the screen buffer.https://gitlab.redox-os.org/redox-os/drivers/-/issues/36vesad: Error in width/height calculation when switching from TextScreen to Gr...2023-08-07T07:08:55ZRon Williamsvesad: Error in width/height calculation when switching from TextScreen to GraphicsScreenIn `vesad/src/scheme.rs`, `SchemeMut for DisplayScheme`, `fn write`, if the command is `Activate` and the mode is `Graphic`, a new `GraphicScreen` is created. However, the `width()` and `height()` are taken from the previous Screen type,...In `vesad/src/scheme.rs`, `SchemeMut for DisplayScheme`, `fn write`, if the command is `Activate` and the mode is `Graphic`, a new `GraphicScreen` is created. However, the `width()` and `height()` are taken from the previous Screen type, which are calculated in pixels for `GraphicsScreen` and in characters for `TextScreen`. So if the previous screen type was `TextScreen`, the width and height are now a fraction of the correct values.
Note that the original `TextScreen` is created with `width` and `height` fields calculated in pixels. It's not clear to me if those fields should always be in pixels and the `width()` and `height()` functions should convert to character sizes. Either way, it is not consistent and should be corrected and documented.
Since the `Screen` struct is `Box<dyn Screen>`, the information is lost about whether the `Screen` is a `TextScreen` or a `GraphicsScreen`, so either the calculations need to be in pixels always, or there needs to be an addition to the `Screen` trait to provide `width_in_pixels()` and `height_in_pixels()`.https://gitlab.redox-os.org/redox-os/kernel/-/issues/134Move address space virtual address range allocation to userspace2024-03-29T13:12:11ZJacob Lorentzon4ldo2@protonmail.comMove address space virtual address range allocation to userspaceThere's currently a lot of code in the kernel dealing solely with managing user address space virtual address allocation. A more minimal kernel would only store the grants and their ranges, which would (1) allow userspace to implement gu...There's currently a lot of code in the kernel dealing solely with managing user address space virtual address allocation. A more minimal kernel would only store the grants and their ranges, which would (1) allow userspace to implement guard pages, (2) remove the need for `mmap_min`, and (3) simplify mmap and similar operations, so that they always behave as `MAP_FIXED_NOREPLACE`.https://gitlab.redox-os.org/redox-os/relibc/-/issues/181Not all memory is reclaimed when pthreads are destroyed2023-08-02T12:47:40ZJacob Lorentzon4ldo2@protonmail.comNot all memory is reclaimed when pthreads are destroyedMost notably, the stack is not freed in pthread_join or the implicit possibly-later-called pthread_detach destructor. The TCB doesn't appear to be either.
[This branch](https://gitlab.redox-os.org/4lDO2/relibc/-/commits/fix_memleak) fix...Most notably, the stack is not freed in pthread_join or the implicit possibly-later-called pthread_detach destructor. The TCB doesn't appear to be either.
[This branch](https://gitlab.redox-os.org/4lDO2/relibc/-/commits/fix_memleak) fixes part of it, but it seems like there are leaks elsewhere too.https://gitlab.redox-os.org/redox-os/redox/-/issues/1395(Feature request) Recipe categories on the Cookbook configuration2023-11-05T21:30:57ZRibbon(Feature request) Recipe categories on the Cookbook configurationAfter the implementation of the recipe categories we can add a way to build any specified folder inside the Cookbook configuration (`config/your-cpu-arch/your-config.toml`.
We could use the recipe syntax to specify the folder, for examp...After the implementation of the recipe categories we can add a way to build any specified folder inside the Cookbook configuration (`config/your-cpu-arch/your-config.toml`.
We could use the recipe syntax to specify the folder, for example: `folder-name = {}` (if it's technically possible).
The build system will build all recipes inside the specified folder, it's more easy to maintain and less error-prone, as we don't need to insert each new recipe.https://gitlab.redox-os.org/redox-os/redoxfs/-/issues/42Tooling2023-07-18T18:12:01ZRibbonToolingThis issue will cover the necessary tools for RedoxFS.
- [ ] Volume management
- [ ] Partition management
- [ ] Encryption management
- [ ] Compression management
- [ ] Enable/disable volumes
- [ ] Mount/unmount devicesThis issue will cover the necessary tools for RedoxFS.
- [ ] Volume management
- [ ] Partition management
- [ ] Encryption management
- [ ] Compression management
- [ ] Enable/disable volumes
- [ ] Mount/unmount deviceshttps://gitlab.redox-os.org/redox-os/drivers/-/issues/35Reduce code duplication2023-07-18T09:04:46ZJacob Lorentzon4ldo2@protonmail.comReduce code duplicationLots of drivers unnecessarily contain lots of duplicate code, particularly boilerplate code for scheme handling and other process management, and also the MSI/MSI-X code. Additionally, many drivers provide their own wrappers for physmap/...Lots of drivers unnecessarily contain lots of duplicate code, particularly boilerplate code for scheme handling and other process management, and also the MSI/MSI-X code. Additionally, many drivers provide their own wrappers for physmap/physunmap.https://gitlab.redox-os.org/redox-os/redox/-/issues/1394CI testing for packages2023-10-27T13:44:24ZRibbonCI testing for packagesUsing CI tests for packages we can have a stable rolling release system, Void Linux does this, being one of the most stable rolling release Linux distributions of the world.
- [Void Linux continuous integration system](https://build.voi...Using CI tests for packages we can have a stable rolling release system, Void Linux does this, being one of the most stable rolling release Linux distributions of the world.
- [Void Linux continuous integration system](https://build.voidlinux.org/)https://gitlab.redox-os.org/redox-os/relibc/-/issues/178Rustify2024-01-12T17:50:49ZRibbonRustifyThis issue covers the relibc parts that benefit from using a Rustier implementation, in order to be less prone to memory unsafety and to some extent logic bugs.
- [ ] [Rusty error handling](https://gitlab.redox-os.org/redox-os/relibc/-/...This issue covers the relibc parts that benefit from using a Rustier implementation, in order to be less prone to memory unsafety and to some extent logic bugs.
- [ ] [Rusty error handling](https://gitlab.redox-os.org/redox-os/relibc/-/issues/176)
- [ ] [Rust's libm port](https://gitlab.redox-os.org/redox-os/relibc/-/issues/154)
- [x] dlmallochttps://gitlab.redox-os.org/redox-os/redox/-/issues/1393Exploit mitigations2023-10-27T11:07:14ZRibbonExploit mitigationsThis issue will cover the mandatory and optional exploit mitigations for Redox.
As Redox is written in Rust there's memory-safety though the compiler, thus it might make sense to disable most exploit mitigations, at least by default.
B...This issue will cover the mandatory and optional exploit mitigations for Redox.
As Redox is written in Rust there's memory-safety though the compiler, thus it might make sense to disable most exploit mitigations, at least by default.
But Redox is not fully safe Rust because many crates rely on less thoroughly checked unsafe, such as when heavily using FFI. Therefore, it might make more sense to enable mitigations for such programs, as well as for C/C++ programs, even though unsafe Rust is generally still safer than C/C++.
Exploit mitigations specific to C/C++ memory errors are unnecessary for safe Rust code.
### Criteria
The exploit mitigations on this issue must follow some criteria.
1. The mitigation is needed for microkernel-based systems?
2. If the mitigation is cheap (low performance penault) and the security benefit is considerable, it can be enabled by default.
3. Classify if it's a compiler, manual system-wide/some programs or x86-specific mitigation.
### Mitigations
This list will filter the exploit mitigations.
- Address Space Layout Randomization - userspace
- ~~Kernel Address Space Layout Randomization~~ probably overkill for a microkernel; seL4 for example uses `-static -fno-pie -fno-pic`
- Position-Independent Executables - compiler-based
- RELRO
- BIND_NOW
- SEGVGUARD (ASLR brute force protection)
- W^X (memory mappings and switching pages)
- SROP
- Trusted Path Execution
- SafeStack
- Non-Cross-DSO Control-Flow Integrity
- Retpoline - Spectre mitigation for monolithic kernels?
### Implementations
This list will track the exploit mitigations implementation.
- [x] SMAP - x86-specific, manual system-wide
- [x] SMEP - x86-specific, manual system-wide
- [x] Zero-initialized userspace stack - manual system-wide
- [ ] Read-only pages where necessary - manual?
- [ ] IP ID randomization - netstack or smoltcp? manual.
- [ ] Temporary IPv6 addresses - netstack or smoltcp? manual.https://gitlab.redox-os.org/redox-os/kernel/-/issues/131Support 32-bit userspace when using 64-bit kernels2024-03-29T12:47:02ZJacob Lorentzon4ldo2@protonmail.comSupport 32-bit userspace when using 64-bit kernelshttps://gitlab.redox-os.org/redox-os/kernel/-/issues/130 needs to be fixed, and there probably needs to be two permanent GDT entries, for FS and GS.
It might be possible to allow enabling/disabling compatibility mode, at compile time.https://gitlab.redox-os.org/redox-os/kernel/-/issues/130 needs to be fixed, and there probably needs to be two permanent GDT entries, for FS and GS.
It might be possible to allow enabling/disabling compatibility mode, at compile time.https://gitlab.redox-os.org/redox-os/kernel/-/issues/130x86 segment registers are not saved/restored2024-03-29T12:47:16ZJacob Lorentzon4ldo2@protonmail.comx86 segment registers are not saved/restoredOn x86, segment registers are currently not saved and restored when context switching. Since userspace is capable of loading available selector values into segment registers,
- CS is immutable, everything but GDT_USER_CODE #GPs
- SS (wi...On x86, segment registers are currently not saved and restored when context switching. Since userspace is capable of loading available selector values into segment registers,
- CS is immutable, everything but GDT_USER_CODE #GPs
- SS (will be) immutable, can only be set to GDT_USER_DATA
- DS, ES, FS, and GS, can be either NULL or GDT_USER_DATA,
at most four bits of data can be leaked between contexts when switching.https://gitlab.redox-os.org/redox-os/redox/-/issues/1392Dev room2024-03-18T00:02:32ZRibbonDev roomThis issue cover what is necessary for the dev variant of Redox.
- [x] Port Rust
- [x] Port GCC
- [x] Port LLVM
- [ ] Port Python
- [ ] Port Go
- [x] Port Vim
- [ ] Port Neovim
- [ ] Port Emacs
- [ ] Port zsh
- [ ] Port fish
- [ ] Port ...This issue cover what is necessary for the dev variant of Redox.
- [x] Port Rust
- [x] Port GCC
- [x] Port LLVM
- [ ] Port Python
- [ ] Port Go
- [x] Port Vim
- [ ] Port Neovim
- [ ] Port Emacs
- [ ] Port zsh
- [ ] Port fish
- [ ] Port Nushell (WIP)
- [ ] Port GDB
- [ ] Port NodeJS
- [ ] Port OpenSSHhttps://gitlab.redox-os.org/redox-os/redox/-/issues/1391Desktop room2024-03-17T23:59:15ZRibbonDesktop roomThis issue cover what is necessary for the desktop variant of Redox.
- [ ] Port GTK
- [ ] Port Qt
- [ ] Port Firefox
- [ ] Port VLC
- [ ] Port Servo
- [ ] Port Chromium (hard)
- [ ] Port WebAssembly
- [ ] Implement GPU acceleration (thr...This issue cover what is necessary for the desktop variant of Redox.
- [ ] Port GTK
- [ ] Port Qt
- [ ] Port Firefox
- [ ] Port VLC
- [ ] Port Servo
- [ ] Port Chromium (hard)
- [ ] Port WebAssembly
- [ ] Implement GPU acceleration (through Linux driver VMs on QEMU)
- [ ] Port COSMIC Desktop
- [ ] Port GNOME (time-consuming)
- [ ] Port KDE Plasma (time-consuming)
- [ ] Port Swayhttps://gitlab.redox-os.org/redox-os/redox/-/issues/1390Self-hosting status2024-01-31T04:12:30ZRibbonSelf-hosting statusThis issue will cover the self-hosting status of Redox OS.
Self-hosting in the low-level world is when the operating system can build itself (compile Redox on Redox), to achieve this the toolchain and tools needs to run on it.
### Buil...This issue will cover the self-hosting status of Redox OS.
Self-hosting in the low-level world is when the operating system can build itself (compile Redox on Redox), to achieve this the toolchain and tools needs to run on it.
### Build Redox on Redox
- [ ] rustc
- [ ] cargo - close to work, some deadlocks remain.
- [ ] gcc
- [ ] llvm
- [ ] make
- [x] git - included by default
- [x] curl - included by default
### Build all recipes
- [ ] autopoint?
- [x] bash - included by default
- [ ] bison
- [ ] cmake
- [ ] wget
- [ ] file
- [ ] flex
- [ ] gperf
- [x] libexpat
- [ ] libfuse
- [x] libgmp
- [x] libpng
- [x] libjpeg
- [x] sdl1.2
- [x] sdl2-ttf
- [ ] html-parser-perl
- [ ] libtool
- [ ] m4
- [x] nasm
- [x] patch
- [x] automake
- [x] autoconf
- [ ] scons
- [x] pkg-config
- [ ] po4a
- [ ] texinfo
- [ ] ninja-build
- [ ] meson
- [ ] python3
- [ ] python3-mako
- [ ] xdg-utils
- [x] vim - included by default
- [ ] perl
- [ ] doxygen
### bootstrap.sh
Once all recipes are ported the Redox package manager function and command must be added on the script.
We can do this before the fully porting by adding the Redox OS functions and command as a comment.
- A function to detect if the OS is Redox.
- A function to detect what is installed.
#### Package manager command
```sh
# sudo pkg install rust \
# cargo \
# gcc \
# llvm \
# gnu-make \
# bison \
# cmake \
# wget \
# file \
# flex \
# gperf \
# expat \
# libgmp \
# libpng \
# libjpeg \
# sdl \
# sdl2_ttf \
# html-parser-perl \
# libtool \
# m4 \
# nasm \
# patch \
# automake \
# autoconf \
# scons \
# pkg-config \
# po4a \
# texinfo \
# ninja-build \
# meson \
# python \
# python3-mako \
# xdg-utils \
# vim \
# perl \
# doxygen \
```https://gitlab.redox-os.org/redox-os/redox/-/issues/1388(Feature request) Provide VM images for new versions2023-07-08T00:08:15ZRibbon(Feature request) Provide VM images for new versionsWe can offer QEMU and Virtual Box disk images with Redox pre-installed, like FreeBSD does.We can offer QEMU and Virtual Box disk images with Redox pre-installed, like FreeBSD does.