On Redox there is no udev-based DRM device enumeration. KWin's DRM
backend relies on m_udev->listGPUs() which returns nothing without udev.
Add a fallback: when no KWIN_DRM_DEVICES is set and the session is
kde-wayland, inject KWIN_DRM_DEVICES=/scheme/drm/card0 so KWin knows
which device to open. This fixes the 'No suitable DRM devices' error
that prevented KWin from starting on Redox.
Added test: build_environment_sets_kwin_drm_devices_default_for_kde_wayland
to verify the fallback is applied correctly.
Per AGENTS.md policy: local recipes ALWAYS supersede WIP packages.
Any WIP directory that shadows a local/recipes/ package is replaced
with a symlink to the local version.
Fixed shadows: bison, flex, m4, meson, ninja-build, libxcvt,
qt6-sensors, libepoxy, mc — all now symlinked to local/recipes/.
Added WIP-local enforcement to build-redbear.sh: auto-detects and
fixes WIP shadows at build time.
Extract protocol-agnostic FenceTimeline from Intel to shared
src/drivers/fence.rs — atomic-based fence tracking suitable
for Intel, VIRGL, and AMD drivers.
Extract protocol-agnostic SyncobjManager from Intel to shared
src/drivers/syncobj.rs — syncobj create/destroy/signal/reset/
wait/query and sync_file fd export/import.
Wire both into VirtioDriver:
- Add FenceTimeline + SyncobjManager fields
- Implement all 5 GpuDriver syncobj trait methods
(create, destroy, wait, export_fd, import_fd)
- Track fence seqnos in virgl_submit_3d (allocate
before submit, signal after completion)
Intel fence.rs and syncobj.rs converted to thin re-export
modules pointing at shared sources — no behavioral change
for Intel driver.
This gives Mesa VIRGL userspace the standard DRM syncobj
API for GPU/compositor synchronization.
The WIP recipes/wip/files/mc had an empty recipe.toml (0 bytes),
causing the cookbook to report 'successful' without producing any
output. Replaced with a symlink to the real recipe at
local/recipes/tui/mc which has the full build configuration.
Also fixed the recipe: removed broken cookbook_configure call
(which was cached from a previous failed attempt), replaced with
explicit configure+make+make install. Added gl_cv_list_mounted_fs=yes
since Redox has no /etc/mtab or /proc/mounts.
Passes the current Unix timestamp as BUILD_TIMESTAMP env var
to cargo, so rtcd can use it as a fallback when the hardware
RTC is unavailable or returns invalid data.
bison: fix __fseterr stub injection using LIBS variable instead
of ar rcs to avoid static archive member ordering issues.
- Fix bootloader recipe: pass correct TARGET on make command line
instead of hardcoding x86_64-unknown-uefi (breaks BIOS build)
- Add cargo -Zunstable-options to x86_64-unknown-uefi.mk and
x86-unknown-none.mk for custom target support
- Add x86_64-unknown-uefi.json target file
Remaining: redoxer toolchain cargo/rust-src version mismatch
prevents build-std compilation. Needs 'make prefix' to rebuild
toolchain with matching versions.
Bootloader needs x86_64-unknown-uefi (UEFI target) but redoxer
sets TARGET=x86_64-unknown-redox (OS target). Added:
- x86_64-unknown-uefi.json custom target file
- cargo -Zunstable-options in Makefile for custom target support
- TARGET= override in recipe (may still be overridden by redoxer)
Root cause chain discovered and fixed:
1. GCC built-in stddef.h shadowed by relibc's _STDDEF_H guard
→ fix_types.h with guarded typedefs for 15+ sys types
2. gnulib configure bakes raw typedefs into GL_CFLAG_GNULIB_WARNINGS
→ strip them from Makefiles after configure
3. __fseterr/__freadahead don't exist in relibc
→ compile C stubs and inject into link via Makefile patch
The recipe pattern is documented and reusable for other gnulib packages
(ninja-build, diffutils, etc.).
Also: bootloader recipe needs RUSTFLAGS=-Zunstable-options for
custom target support after redoxer toolchain restore.
Root cause: gnulib configure bakes raw typedef statements
(typedef long unsigned int size_t; etc.) into the generated
Makefile's GL_CFLAG_GNULIB_WARNINGS variable. These break
shell command parsing when expanded on recipe lines.
Fix:
1. Strip raw typedefs from all generated Makefiles after configure
2. Provide fix_types.h with guarded typedefs for size_t, ptrdiff_t,
off_t, wchar_t, ssize_t, time_t
3. Force-include fix_types.h via CPPFLAGS to work around the
cross-compiler's GCC built-in stddef.h ordering issue
Also: comprehensive upstream relibc comparison and import plan
Lines 649-651 had VramManager and info!() calls that don't belong
in handle_irq(). These were likely from a bad merge. The variables
fb_phys and fb_size are local to new() and don't exist in handle_irq().
Add pcid-spawner to initfs binaries for early boot driver spawning.
Add pcid.d/00-storage.toml with initfs-path driver commands.
pcid-spawner uses the channel protocol which works; driver-manager
hangs on pcid config handle reads.
Fix 4 E0277 errors in daemon/src/lib.rs where scheme_root()
and create_this_scheme_fd() return syscall::error::Error but
the function returns syscall::Error. Add .map_err() conversions.
redox-driver-sys errors (6 remaining E0308/E0061 in dma.rs/io.rs)
are pre-existing API mismatches between libredox and redox_syscall
crate versions — not addressed here.
- Create source symlinks for all 7 core components (kernel, relibc, base,
bootloader, installer, redoxfs, userutils) pointing at local/sources/
- Create redoxfs and userutils fork repos from frozen 0.1.0 archives
- Fix relibc-tests recipes: replace patch commands with direct fork build
- Archive all 417 patch files to local/archived/patches-2026-06-migration/
- Full AGENTS.md rewrite: remove all 31 remaining stale patch references,
update DURABILITY POLICY to describe git commit workflow, update WHERE TO
LOOK table, fix build flow description, replace Recipe Patch Wiring section
with Recipe Source Configuration
- Zero active patches = [...] arrays remain in any recipe.toml file
- All 13 remaining grep hits for 'patches' are TODO comments in WIP recipes
userutils compiled redox-rt with default-features=false, disabling the proc feature. This caused login's fork to not pass proc fd to child shell, triggering assertion failed: info.has_proc_fd in redox-rt. P8 patch enables features=['proc']. Verified: zero panics on boot, login works for user/root.
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent)
Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
Replace all 9 kernel uid==0 privilege checks with a capability bitmask
model. Adds caps:u64 field to Context and CallerCtx, with CAP_ALL for
root processes. Zero behavioral change - uid==0 still gets all caps.
New module: src/scheme/caps.rs with 10 capability constants.
9 check sites converted: acpi, irq, memory, debug, serio, sys (msr+write),
scheme registration, and fchown.
Patch: local/patches/kernel/P27-capability-bitmask.patch
- login.rs: drop privileges via setresugid after authentication
- login.rs: add namespace isolation to password auth path (was missing)
- login.rs: add drm, input schemes to DEFAULT_SCHEMES
- sudo service: rename 00_sudo -> 12_sudo, type daemon (no boot block)
- Branded login screen with figlet RedBear OS v0.2.2 'Liliya'
- Root user kept but not advertised on login screen
- P6-login-privilege-drop.patch generated and wired
Implements Phase 1 of Plan 9 namespace privilege model:
login creates restricted namespace (mkns/setns) then drops
uid/gid to authenticated user before spawning shell.
Three fixes for the KWin DRM device discovery failure:
1. drm_scheme_ready(): replace head -c 1 with exec 3< open test.
Reading from a DRM scheme fd blocks because the scheme expects
ioctl-style request/response, not streaming reads. Use open()
success as the scheme availability probe instead.
2. ConsoleKitSession::create(): return nullptr immediately.
The D-Bus isServiceRegistered() call can block indefinitely when
the bus daemon doesn't fully implement org.freedesktop.DBus.
With both LogindSession and ConsoleKitSession returning nullptr,
Session::create() falls through to NoopSession which uses plain
open() for DRM device access.
3. Boot chain deps: redox-drm depends on driver-manager,
greeter depends on evdevd (keyboard/mouse ready before login).
Also includes: KF6 CMake build fixes, Qt6 platform patches,
libdrm Redox ioctl shim, and wayland.toml scheme check fix.
logd was starting before randd, causing a panic when the Rust std
library tried to get random data from /scheme/rand which didn't
exist yet. This cascaded into fbbootlogd failing (no log scheme)
and vesad timing out, blocking the console/getty chain entirely.
P58 adds:
- 00_logd.service: requires = ["00_randd.service"]
- 20_fbbootlogd.service: requires = ["00_logd.service"]
Result: mini ISO boots to RedBear Login: prompt with working
console, D-Bus, driver-manager, and all boot stage markers.
When LOGD_JSON=1 is set in the environment, logd formats all log
lines as JSON objects with timestamp, source, and message fields.
Also fixes indentation issues in P51 logd rotation patch.
P46 migrated ac97d to pci_allocate_interrupt_vector but missed
adding to the pcid_handle parameter. This caused build
failure: cannot borrow pcid_handle as mutable.
Re-implements work that was lost due to ephemeral source/ subdirectory.
ITR dynamically adjusts interrupt coalescing based on packet rate.
- Add ITR register (0xC4) and set_itr() to device.rs
- Add itr.rs tracker with hysteresis-based rate adaptation
- Wire tracker into IRQ handler in main.rs
- Document in AGENTS.md: source/ is ALWAYS rewritten
- drivers/acpid/src/cstate.rs: Evaluate _CST per processor, parse
Package-of-Packages into CStateInfo structs
- AcpiContext: add cstate_state field with refresh, add processor_names()
to scan _PR namespace
- acpid scheme: expose /scheme/acpi/cstates/<proc> read handles
- thermald: read /scheme/sys/cstate, set /scheme/sys/cstate_policy
to restrict to C1 when temp exceeds WARNING_TEMP
Works with kernel P25 cpuidle deep C-states.
Detect CPU vendor by probing MSRs (Intel IA32_THERM_STATUS vs AMD
TCTL MSR C0010293). Support both Intel Tjmax-based and AMD direct
temperature reading. Log detected vendor per CPU at startup.
Extend logd output thread to write logs to per-service files in
/var/log/<service>.log, with automatic size-based rotation (10 MB
threshold, 5 backup files). All logs also go to /var/log/system.log.
Backwards compatible with existing sink file descriptors.
Add RateLimitedLog to common::logger for per-message rate limiting with
"last message repeated N times" warnings. Add structured_log! macro for
key=value formatted logs. Update thermald to rate-limit the max-temp
summary line (30s interval) to reduce log volume.
Track the target CPU ID in InterruptVector, and log the interrupt type
(MSI-X/MSI/Legacy) and CPU affinity at allocation time in
pci_allocate_interrupt_vector. Add log_affinity() helper for drivers
to call after setup.
Add fan.rs module to acpid that discovers FAN* devices under \_TZ,
evaluates _FST for current speed level and RPM, and exposes them via
/scheme/acpi/fan/<name>/status. Update thermald to read and log fan
status alongside temperature sensors.
Replace the old hardcoded /scheme/acpi/thermal_zone/{n} paths with
proper discovery of /scheme/acpi/thermal/ zones and /scheme/coretemp/
CPU temperatures. Logs per-zone and per-CPU temps with max tracking.