Add redbear-usb-storage-check in-guest binary that validates USB mass
storage read and write I/O: discovers /scheme/disk/ devices, writes a
test pattern to sector 2048, reads it back, verifies match, restores
original content. Updates test-usb-storage-qemu.sh with write-proof
verification step.
Includes all accumulated Red Bear OS work: kernel patches, relibc
patches, driver infrastructure, DRM/GPU, KDE recipes, firmware,
validation tooling, build system hardening, and documentation.
Oracle review found 3 gaps. All fixed:
1. Recipe #TODO updated from 'Always-permit stub' to 'Real UID-based policy'
2. init.d/20_polkit.service created
3. redbear-full.toml already has 14_redbear-polkit via [[files]] — verified
P5: redbear-polkit now enforces real authorization:
- is_authorized(uid, action_id) checks UID-based policy
- uid=0 (root) always authorized
- Other users checked against /etc/polkit-1/policy.toml
- Default: deny for unknown actions (fail-closed)
- Backend name changed from 'redbear-permit-all' to 'redbear-uid-policy'
- Default policy grants power/network/storage to root+user(1000)
Build system (src/cook/fetch.rs):
- Atomic patch application: applies patches to staging directory (cp -al),
atomically swaps on success, discards on failure — source tree is never
left in a partially-patched state
- normalize_patch(): strips diff --git/index/new-file-mode headers that the
build system's patch command does not recognize
- cleanup_workspace_pollution(): removes orphaned recipes/Cargo.toml and
recipes/Cargo.lock to prevent workspace conflicts
- Added --allow-protected CLI flag to repo binary
Input stack (local/patches/base/P3-*.patch):
- P3-ps2d-led-feedback: PS/2 LED state handling + InputProducer migration
- P3-inputd-keymap-bridge: InputProducer enum, keymap bridge query
- P3-usbhidd-hardening: HID descriptor validation, static lookup table,
8-button mouse support, transfer retry with exponential backoff
- P3-init-colored-output: ANSI-color coded init daemon output (green OK,
red FAILED, yellow SKIP/WARN)
XKB bridge (local/recipes/system/redbear-keymapd/source/src/xkb.rs):
- Parses X11 xkb/symbols/* format, maps XKB keycodes to PS/2 scancodes,
80+ X11 keysym names to Unicode, 4-level key support
Patch governance (local/patches/base/absorbed/README.md):
- Documents consolidation of P0-P3 patches into redox.patch
Finalize all non-artifact changes accumulated from other sessions:
- config updates, recipe changes, source edits, patches
- pkgar/cache artifacts intentionally excluded (build outputs)
This is the maximum achievable scope for this session.
Hardware-accelerated KDE blocked by: QML gate, KWin/Plasma builds,
hardware GPU validation — all require build system + physical GPU.
Add guard-recipes.sh with four modes:
- --verify: check all local/recipes have correct symlinks into recipes/
- --fix: repair broken symlinks (run before builds)
- --save-all: snapshot all recipe.toml into local/recipes/
- --restore: recreate all symlinks from local/recipes/ (run after sync-upstream)
Wired into apply-patches.sh (post-patch) and sync-upstream.sh (post-sync).
This prevents the build system from deleting recipe files during
cargo cook, make distclean, or upstream source refresh.
- config/redbear-full.toml: 22 KF6 + kglobalacceld enabled, kirigami only suppressed
- kf6-knewstuff + kf6-kwallet now enabled (real cmake builds with stub fallback)
- recipe.toml: added redbear-phase6-kde-check to package.files (was in Cargo.toml but not packaged)
Verified x86_64-unknown-redox cross-compilation:
redbear-hwutils, redbear-info, redbear-compositor all build and publish.
Host cargo check zero warnings. Target make r.* successful.
12 total commits. 7 master plan workstreams advanced.
- count_status: cfg-gated to Redox only (uses CheckStatus)
- list_dir_names: cfg-gated to Redox only (uses std::fs)
Verified: host cargo check zero warnings, Redox-target make r.redbear-hwutils
builds and publishes successfully (x86_64-unknown-redox).
- redbear-phase-pci-irq-check: removed Copy derive from AffinityProbe
(contains String field, not Copy-safe on Redox target)
- redbear-phase1-udev-check: added missing count_status() function
Verified: make r.redbear-hwutils builds and publishes successfully
for x86_64-unknown-redox target.
test-posix-runtime.sh: unified POSIX runtime harness running all 6
relibc-phase1-tests C programs in guest/QEMU modes, exit-code-based
redbear-usb-check.rs: recreated after cancelled task cleanup —
full Phase-pattern checker with JSON output, xHCI/USB/HID/storage probes
Zero warnings, all scripts syntax-clean.
redbear-usb-check: rewritten from 99-line minimal checker to full
Phase-pattern validation (CheckResult/Report, JSON output, proper
cfg-gating). Checks xHCI controllers, USB device enumeration,
HID class detection, storage class detection.
test-usb-runtime.sh: guest + QEMU harness following Phase 1-5 pattern.
Zero warnings.
unassign_device: clear DTE and submit hardware INVALIDATE_DEVTAB_ENTRY
and INVALIDATE_INTERRUPT_TABLE commands with completion wait (was
previously only clearing the software HashMap).
TRANSLATE opcode (0x0012): walk IOMMU page tables for IOVA-to-physical
address resolution.
fstat: return proper MODE_DIR/MODE_FILE and sizes for all handle kinds
(Root, Control, Domain, Device).
Remove #TODO from recipe.toml.
Phase 4 KDE Plasma preparation:
kded6: new recipe at local/recipes/kde/kf6-kded6/ building the KDE
daemon from source. Depends on kf6-kconfig, kf6-kcoreaddons,
kf6-kcrash, kf6-kdbusaddons, kf6-kservice — all already built.
Added to redbear-full.toml package list. D-Bus activation file
already existed; removed TODO now that recipe exists.
kirigami: rewrite from stub to real CMake build. qtdeclarative
(Qt6Quick) is now available, so the real Kirigami can be built
instead of installing dummy cmake configs and a static lib placeholder.
Added qtshadertools and qtsvg as additional dependencies.
Phase 3 input chain wiring:
udev-shim: when scheme:evdev is registered (by evdevd), probe for
event0..event7 devices and create /dev/input/eventN nodes pointing to
scheme:evdev/eventN. This bridges evdevd's evdev devices into the
/dev/input namespace that libinput and compositors expect.
libinput: remove -Dudev=false and add libudev-stub as a dependency.
The libudev-stub recipe provides libudev.so that reads from scheme:udev
(udev-shim), giving libinput a working udev enumeration path instead of
stub functions that return NULL.
Input chain is now: hardware → /scheme/input → evdevd → scheme:evdev →
udev-shim → /dev/input/eventN → libudev-stub → libinput → KWin.
The #[cfg(target_os = "redox")] variant of wait_for_shutdown had dead code
after the tokio::select! block. The select already returns Result<(), _>, so
the trailing Ok(()) was unreachable and caused a type mismatch when the compiler
tried to coerce the select result into (). Remove the dead code.
Add complete HCI protocol module (hci.rs) with packet types, 55+ constants,
command builders (Reset, Read BD Addr, Read Local Version, LE scan/connect),
event parsers, and structured result types. Add USB transport abstraction
(usb_transport.rs) with UsbHciTransport trait and StubTransport for testing.
Wire btusb daemon with endpoint descriptor parsing, HCI init sequence
(Reset → Read BD Addr → Read Local Version), ControllerState state machine,
and enhanced status output. Replace all expect()/unwrap() calls in btctl
and wifictl with proper error handling and graceful fallback.
91 btusb tests, 27 btctl tests, 2 wifictl tests passing.
Consolidate the active desktop path around redbear-full while landing the greeter/session stack and the runtime fixes needed to keep Wayland and KWin bring-up moving forward.
vasilito