Phase S1 (Critical Correctness):
- sem_open/sem_close: global refcounting via BTreeMap + AtomicUsize
- sem_close: decrements refcount, munmaps only at zero
- sem_open: reuses existing mapping, O_EXCL returns EEXIST
- sem_unlink: marks entry for removal before shm_unlink
- va_list parsing: reads mode_t and value from stack after oflag
- All 11 sem_* functions verified in libc.so T
Phase S2-S4 (Designed, documented):
- eventfd() function, signalfd read path, EINTR handling
- name canonicalization, cancellation safety
- Full plan in local/docs/RELIBC-AGAINST-GLIBC-ASSESSMENT.md
Reference: glibc 2.41 cloned to local/reference/glibc/
Boot verified: greeter ready on VT 3 with refcounted semaphores
redbear-greeter-compositor: line 35 was using 'done < <(cmd)'
bash process substitution which creates /dev/fd/63. Redox kernel
does not implement /dev/fd, causing 'No such file or directory'
error and compositor startup failure.
Replaced 'while read; do ...; done < <(parse_drm_devices)' with
'for device in ; do ...; done' — pure POSIX,
no /dev/fd dependency. Device names contain no whitespace so
word splitting is correct for this use case.
Add missing alloc_cpu_id() function (atomic round-robin CPU selection).
Fix type chain: MsiAllocation.irq u8→u32 to match allocate_irq_vector
return type. irq_set_affinity accepts u32 irq for consistency.
Verified: driver-sys compiles on Linux (x86_64-unknown-linux-gnu).
Full redbear-mini image builds and boots in QEMU.
interrupt.rs:
- InterruptRemapTable now owns optional DmaBuffer for self-allocated tables
- new_allocated(entry_count) constructor allocates physically contiguous
DMA memory via DmaBuffer::allocate, returns Result
- new(base_addr, size) still works for externally-provided tables
- private addr() helper replaces direct 'base' field access
- len_encoding() returns AMD-Vi log2-encoded IRT length for DTE entries
- physical_address() returns table base physical address
- Remove unused 'warn' and 'error' imports from log crate
amd_vi.rs:
- Use InterruptRemapTable::new_allocated instead of ::new for IRT init
- Cast len_encoding() from u64 to u8 for DeviceTableEntry::set_int_table_len
Verified: iommu crate compiles clean (0 errors, 0 warnings).
dma.rs: IommuDmaAllocator (145 lines)
- New struct wires existing IOMMU daemon (1003 lines) to existing DmaBuffer (261)
- allocate(): phys-contiguous alloc via scheme:memory, then MAP through IOMMU domain
- unmap(): sends UNMAP to IOMMU domain, releases IOVA
- Inlined IOMMU protocol constants — no new crate dependency
- encode_iommu_request/decode_iommu_response for scheme write/read cycle
Documentation updates:
- IMPLEMENTATION-MASTER-PLAN.md: K2 DMA/IOMMU section expanded from 3-line gap
list to full audit with component inventory, gap analysis, implementation plan
(D2.1-D2.5), Linux reference table. Added K2b thread/fork audit.
- CPU-DMA-IRQ-MSI-SCHEDULER-FIX-PLAN.md: Phase 1 (MSI) marked complete with
per-task status. Phase 2 (DMA) re-scoped from 'create' to 'wire' based on
audit. Phase 3 (scheduler) marked mostly done.
- IRQ-AND-LOWLEVEL-CONTROLLERS-ENHANCEMENT-PLAN.md: kernel MSI support noted
as materially strong with P8-msi.patch reference.
Audit findings:
- IOMMU daemon is solid: 1003-line lib.rs with full scheme protocol,
427-line amd_vi.rs, host-runnable tests. Needs wiring, not rewriting.
- DmaBuffer exists but is IOMMU-unaware — IommuDmaAllocator bridges this.
- relibc rlct_clone is correct for threads (shares addr space implicitly).
'3 IPC hops' claim is microkernel-architectural, not a real perf issue.
- No stale docs to archive at this time.
- Add GuiPrivate to Qt6 find_package in top-level CMakeLists.txt
- Add missing QElapsedTimer include in toolbarlayout.cpp
- Add network stub infrastructure in recipe (incomplete, Qt6Network
cross-compilation still needed for full build)
- udev-shim: replace .expect() with graceful errors (no more panic on Broken pipe)
- P4-initfs: remove duplicate sessiond (conflicted with config)
- accessibility/ime/keymapd: break instead of exit(1) on EBADF
- P6 driver patches rebased
- Docs: archive old reports, add implementation master plan
Add redbear-usb-storage-check in-guest binary that validates USB mass
storage read and write I/O: discovers /scheme/disk/ devices, writes a
test pattern to sector 2048, reads it back, verifies match, restores
original content. Updates test-usb-storage-qemu.sh with write-proof
verification step.
Includes all accumulated Red Bear OS work: kernel patches, relibc
patches, driver infrastructure, DRM/GPU, KDE recipes, firmware,
validation tooling, build system hardening, and documentation.
Oracle review found 3 gaps. All fixed:
1. Recipe #TODO updated from 'Always-permit stub' to 'Real UID-based policy'
2. init.d/20_polkit.service created
3. redbear-full.toml already has 14_redbear-polkit via [[files]] — verified
P5: redbear-polkit now enforces real authorization:
- is_authorized(uid, action_id) checks UID-based policy
- uid=0 (root) always authorized
- Other users checked against /etc/polkit-1/policy.toml
- Default: deny for unknown actions (fail-closed)
- Backend name changed from 'redbear-permit-all' to 'redbear-uid-policy'
- Default policy grants power/network/storage to root+user(1000)
Build system (src/cook/fetch.rs):
- Atomic patch application: applies patches to staging directory (cp -al),
atomically swaps on success, discards on failure — source tree is never
left in a partially-patched state
- normalize_patch(): strips diff --git/index/new-file-mode headers that the
build system's patch command does not recognize
- cleanup_workspace_pollution(): removes orphaned recipes/Cargo.toml and
recipes/Cargo.lock to prevent workspace conflicts
- Added --allow-protected CLI flag to repo binary
Input stack (local/patches/base/P3-*.patch):
- P3-ps2d-led-feedback: PS/2 LED state handling + InputProducer migration
- P3-inputd-keymap-bridge: InputProducer enum, keymap bridge query
- P3-usbhidd-hardening: HID descriptor validation, static lookup table,
8-button mouse support, transfer retry with exponential backoff
- P3-init-colored-output: ANSI-color coded init daemon output (green OK,
red FAILED, yellow SKIP/WARN)
XKB bridge (local/recipes/system/redbear-keymapd/source/src/xkb.rs):
- Parses X11 xkb/symbols/* format, maps XKB keycodes to PS/2 scancodes,
80+ X11 keysym names to Unicode, 4-level key support
Patch governance (local/patches/base/absorbed/README.md):
- Documents consolidation of P0-P3 patches into redox.patch
redox-toolchain.cmake CMAKE_CXX_FLAGS now includes:
-I${COOKBOOK_SYSROOT}/usr/include/QtQml
-I${COOKBOOK_SYSROOT}/usr/include/QtQuick
Previous attempts (CMAKE_CXX_FLAGS override, env CXXFLAGS) failed
because toolchain uses CACHE STRING "" FORCE which overrides all.
Result: QML/Quick headers resolved (no more "fatal: QQmlEngine not found")
New blocker: KDE ECM QML macros (QML_NAMED_ELEMENT, QML_ATTACHED,
QML_UNCREATABLE expanded with _OFF_OFF_OFF suffix). This is upstream
KDE build infrastructure, not a Red Bear include issue.
QML gate status: include layer resolved, KDE ECM macro layer next.
Both approaches fail — redox-toolchain.cmake overrides include paths.
Root cause: Qt6 cmake configs from qtdeclarative (built with qml_jit=OFF)
do not export Qt6Qml/Qt6Quick include directories properly for downstream
consumers. Headers exist at /usr/include/QtQml/QQmlEngine but cmake does
not add -I paths. This is the precise QML gate mechanism.
Qt6Core5Compat built (kwin dep). Kirigami still fails — QQmlEngine/QQuickItem
headers exist in sysroot but cmake find_package(Qt6Qml) include paths
are not being set. This is the exact QML gate: cmake integration needed
between qtdeclarative build output and downstream recipes.
Build evidence:
- qt5compat: built (libQt6Core5Compat now available)
- kglobalacceld: built
- kirigami: fails at C++ include stage (cmake finds Qt6Qml but
-I/usr/include/QtQml not in compile flags)
- kwin: fails at Qt6Gui Wayland plugin cmake target issue
Finalize all non-artifact changes accumulated from other sessions:
- config updates, recipe changes, source edits, patches
- pkgar/cache artifacts intentionally excluded (build outputs)
This is the maximum achievable scope for this session.
Hardware-accelerated KDE blocked by: QML gate, KWin/Plasma builds,
hardware GPU validation — all require build system + physical GPU.
Removed "if cmake ...; then ... fi" wrapper that allowed silent
cmake configure failure. cmake/build/install now run directly —
any failure propagates to recipe failure. No silent fallback.
Only local/recipes/kde/kwin/recipe.toml and README.md remain tracked.
gitignore now uses ** to match all subdirectories.
git grep -I kwin_wayland_wrapper returns 0 text matches.
git rm all tracked files under local/recipes/kde/kwin/ except recipe.toml
and README.md. Added to .gitignore: local/recipes/kde/kwin/*
with exclusions for recipe.toml and README.md.
Zero tracked kwin_wayland_wrapper references in Red Bear source tree.
Oracle found kwin_wayland_wrapper in tracked upstream KWin v6.3.4
source files. These are not Red Bear code — they are auto-extracted
by the recipe. Added to .gitignore per project policy.
Removed:
- || true from cmake build/install (failures now propagate)
- kwin_wayland wrapper script that delegated to redbear-compositor
- kwin_wayland_wrapper script
Kept:
- cmake config stubs (KF6WindowSystem, KF6Config) needed by plasma-*
- Real cmake build attempt with QML/Quick disabled
- Honest #TODO documenting QML gate as blocker
Redbear-compositor provides kwin_wayland as a separate package,
not as a recipe-level stub. Per project policy: zero tolerance
for shortcuts, workarounds, and stubs.
Add guard-recipes.sh with four modes:
- --verify: check all local/recipes have correct symlinks into recipes/
- --fix: repair broken symlinks (run before builds)
- --save-all: snapshot all recipe.toml into local/recipes/
- --restore: recreate all symlinks from local/recipes/ (run after sync-upstream)
Wired into apply-patches.sh (post-patch) and sync-upstream.sh (post-sync).
This prevents the build system from deleting recipe files during
cargo cook, make distclean, or upstream source refresh.
Platform prerequisite status:
- Qt6::Sensors: BUILT (v6.11.0, 520KB pkgar, dummy backend)
- libinput: BUILT (v1.30.2, with libevdev v1.13.2 + linux-input-headers)
- QML/Quick JIT: still disabled on Redox (blocks real KWin binary,
kirigami, plasma-framework)
KWin: now attempts real cmake build with Sensors + libinput deps
enabled. Falls back to redbear-compositor shim on cmake failure
(QML/Quick gate). Previously kwin was pure stub — now it's a
bounded build attempt with fallback.
Enabled in config (new this session):
- qt6-sensors, libevdev, libinput, kdecoration, kf6-kcmutils
Previously OOTB dependencies now resolved:
- libevdev → libinput → KWin real build path opened
- linux-input-headers → libevdev → libinput chain
- qt6-sensors → KWin Sensors dependency satisfied
Step 2: kf6-kio in repo ✅, kde-cli-tools out of scope (commented)
Step 3: Config accurate — blocked packages commented with reasons
Step 4: CONSOLE plan line 6 replaced with scoped verification claim:
'VERIFIED scope is the currently buildable KDE surface on
redbear-full; packages blocked by QML/Sensors/libinput stay
commented out and are not part of this verification claim'
Step 5: Docs synced with config
- hostinfo.cpp not in cmake KIOCORE source list; workerinterface.cpp
called KIO::HostInfo::lookupHost which had no implementation
- Replaced HostInfo::lookupHost call with direct QHostInfo::fromName
in workerinterface.cpp via recipe sed, removed hostinfo.h include
- kf6-kio now publishes 2.4MB pkgar to repo
- Enabled in config. Unblocks kde-cli-tools (kde-cli has its own
separate build error)
- Blocked count: 12 → 11 (kf6-kio now builds)
vasilito