The 556MB monolithic redox.patch was impossible to manage, unreviewable,
blocked GitHub pushes, and could only grow. This commit:
- Moves all 64 absorbed patches from absorbed/ to active use in base/
- Removes the absorbed/ directory (consolidation history is now PATCH-HISTORY.md)
- Removes the redox.patch symlink from recipes/core/base/
- Fixes all recipe symlinks to point to active patches (not absorbed/)
- Patches are now individually wired, reviewable, and independently rebasable
The redox.patch mega-file is no longer needed — individual patches
are applied directly from the recipe.toml patches list.
redox.patch is 556MB, exceeding GitHub's 100MB file size limit.
Split into 7 chunks of ~90MB each under local/patches/base/redox-patch-chunks/.
Reassembly script: local/patches/base/reassemble-redox-patch.sh.
Added redox.patch to .gitignore to prevent future push failures.
Build system (src/cook/fetch.rs):
- Atomic patch application: applies patches to staging directory (cp -al),
atomically swaps on success, discards on failure — source tree is never
left in a partially-patched state
- normalize_patch(): strips diff --git/index/new-file-mode headers that the
build system's patch command does not recognize
- cleanup_workspace_pollution(): removes orphaned recipes/Cargo.toml and
recipes/Cargo.lock to prevent workspace conflicts
- Added --allow-protected CLI flag to repo binary
Input stack (local/patches/base/P3-*.patch):
- P3-ps2d-led-feedback: PS/2 LED state handling + InputProducer migration
- P3-inputd-keymap-bridge: InputProducer enum, keymap bridge query
- P3-usbhidd-hardening: HID descriptor validation, static lookup table,
8-button mouse support, transfer retry with exponential backoff
- P3-init-colored-output: ANSI-color coded init daemon output (green OK,
red FAILED, yellow SKIP/WARN)
XKB bridge (local/recipes/system/redbear-keymapd/source/src/xkb.rs):
- Parses X11 xkb/symbols/* format, maps XKB keycodes to PS/2 scancodes,
80+ X11 keysym names to Unicode, 4-level key support
Patch governance (local/patches/base/absorbed/README.md):
- Documents consolidation of P0-P3 patches into redox.patch
Finalize all non-artifact changes accumulated from other sessions:
- config updates, recipe changes, source edits, patches
- pkgar/cache artifacts intentionally excluded (build outputs)
This is the maximum achievable scope for this session.
Hardware-accelerated KDE blocked by: QML gate, KWin/Plasma builds,
hardware GPU validation — all require build system + physical GPU.
Mesa now builds with -Dgallium-drivers=swrast,virgl for Redox target.
Fixes:
- virgl_screen.c: wrapped disk cache creation in #ifndef __redox__
(build_id_find_nhdr_for_addr uses dl_iterate_phdr — unavailable on Redox)
- bits/safamily-t.h: provided to cross-compiler toolchain sysroot
Durable patch:
- local/patches/mesa/P4-virgl-redox-disk-cache.patch (25 lines)
This enables hardware-accelerated 3D rendering in QEMU via
virtio-gpu + virgl. Mesa EGL/GLES2/GBM now support the virgl
gallium driver alongside llvmpipe software renderer.
63MB pkgar artifact with virgl support.
Kernel hardening (proc.rs +23 lines):
- NGROUPS_MAX=65536 enforcement in Groups write handler
- Reject non-u32-aligned writes with EINVAL
- Process-scope propagation: setgroups() now fans out to
ALL threads sharing the same owner_proc_id
Relibc robustness:
- setrlimit: EINVAL for unknown resources (was silent Ok)
- posix_getgroups: kernel readback when cache is empty,
fixes exec() cache-staleness gap
Oracle audit fixes: H (kernel cap), E (alignment reject),
G (process-scope), C (cache readback), B (rlimit errors)
30-line patch: QPlatformOpenGLContext guards in header.
Recipe: added P1 to patches list (was lost in git checkout).
Recipe: removed broken inline Python attempts.
14-line durability patch adds #if QT_CONFIG(opengl) guards
around createEglWindow, createPlatformOpenGLContext, and
nativeResourceForContext functions that use OpenGL types.
Patch applied during source extraction (not inline Python).
Verified in QEMU: compositor runs, no exceptions, DRM active.
Greeter reaches 'compositor ready, launching greeter UI'.
All canaries present. Boot completes to login prompt.
Add three relibc patches (42 total) to close QtNetwork-critical socket gaps:
- P3-inet6-pton-ntop: AF_INET6 address parsing/formatting with RFC 5952
shorthand, IPv4-mapped suffix support
- P3-tcp-sockopt-forward: forward IPPROTO_TCP getsockopt/setsockopt to
scheme daemon instead of hitting todo_skip
- P3-dns-aaaa-getaddrinfo-ipv6: AAAA DNS record queries, lookup_host_v6,
dual-stack getaddrinfo with sockaddr_in6 entries
Also fix P3-tcp-nodelay to use sys_call_wo + from_raw_parts (const) in the
SOL_SOCKET setsockopt fallback — setsockopt sends data to the kernel, not
reads from it.
The 17,046-line redox.patch monolith is no longer referenced in the base
recipe. All 27 individual P2 patches are now listed explicitly in
recipe.toml with symlinks to local/patches/base/.
Coverage gap closed: ixgbed/src/device.rs was the only file not covered
by any individual patch. Added P2-ixgbed-error-handling.patch for the
10GbE Intel driver error handling (println → log::info/warn/error).
Build verified: CI=1 make r.base completes successfully with the new
patch list. The monolith file is preserved as backup but no longer applied.
Analysis shows existing P0/P1 patches cover ~85% of kernel/redox.patch
(2,335 lines). Extract the two uncovered sections as new patches:
P2-redbear-os-branding.patch (65 lines): Redox->RedBear OS branding in
aarch64, riscv64, x86_shared start files + device init logging milestones.
P3-eventfd-kernel.patch (368 lines): Full EventCounter implementation
in event.rs with blocking read/write, semaphore mode, wait conditions,
and EventScheme eventfd path dispatch in scheme/event.rs.
Update desktop status doc with Wave 2 changes.
Enforce that every source-tree edit must be mirrored to local/patches/
and wired into recipe.toml in the same session. Apply the policy
retroactively to userutils res/issue and res/motd (Redox → Red Bear).
relibc select_epoll() forced timeout=0 when any FD doesn't support epoll
(e.g. TTY on Redox), causing busy-loop. Poll with 100ms interval instead.
Also add stdint.h to signal/cbindgen.toml sys_includes so signalfd_siginfo
struct types (uint32_t, int32_t) resolve without build errors.
Upstream relibc netdb DNS lookup has two bugs exposed by Rust 2024 edition
strict unsafe handling:
1. packet_data is moved into Box::via into_boxed_slice() but the retry
loop tries to call packet_data.as_ptr() on the moved value. Use the
already-created raw pointer packet_data_ptr instead.
2. close() is a safe function in relibc, so wrapping it in unsafe{}
triggers unused-unsafe (promoted to error by -D unused-unsafe). Remove
the unnecessary unsafe blocks around close() calls.
Patch carries in local/patches/relibc/P3-netdb-lookup-retry-fix.patch and
is applied via the relibc recipe patches list.
The previous fire-and-forget fix passed hwd's own INIT_NOTIFY fd to pcid,
but that fd had CLOEXEC set (by daemon::Daemon::new), so pcid inherited
a closed fd and panicked in PipeWriter::from_raw_fd.
Fix: create a new pipe in hwd before spawning pcid. Pass the write end
as INIT_NOTIFY with CLOEXEC cleared (via pre_exec). Drop the read end
immediately — pcid's daemon.ready() will get EPIPE, which is silently
ignored by the daemon library. This gives pcid a valid fd while still
being fully non-blocking from hwd's perspective.
Root cause: hwd used daemon::Daemon::spawn(pcid) which blocks waiting
for pcid's readiness signal. But pcid only signals readiness after
completing full PCI enumeration. On real Intel hardware with complex
ACPI tables, enumeration can hang (unresponsive device, AML deadlock),
causing pcid to never signal readiness, hwd to never signal its own
readiness, and init to stall the entire initfs phase.
Fix: replace blocking daemon::Daemon::spawn with std::process::Command::spawn
(fire-and-forget). hwd signals its own readiness immediately, allowing
init to continue the initfs phase regardless of pcid's enumeration progress.
pcid runs independently and registers the pci scheme when ready.
Also: promote pcid enumeration completion log from debug to info level.
Suppress EPIPE in SchemeDaemon::ready_with_fd() to eliminate broken pipe
errors from gpiod, i2cd, ucsid at boot. Handle ENODEV gracefully in audiod
when /scheme/audiohw is absent. Both fixes verified: QEMU boots to login
prompt with zero non-fatal errors, patch applies cleanly on clean rebuild.
vasilito