P27-capability-bitmask.patch was generated against an incorrectly
patched source tree, causing hunk mismatches in validate-patches.
Regenerated from clean upstream + P0-P26 baseline using git diff -U0 -w.
All 39 patches now validate successfully.
Replace all 9 kernel uid==0 privilege checks with a capability bitmask
model. Adds caps:u64 field to Context and CallerCtx, with CAP_ALL for
root processes. Zero behavioral change - uid==0 still gets all caps.
New module: src/scheme/caps.rs with 10 capability constants.
9 check sites converted: acpi, irq, memory, debug, serio, sys (msr+write),
scheme registration, and fchown.
Patch: local/patches/kernel/P27-capability-bitmask.patch
- login.rs: drop privileges via setresugid after authentication
- login.rs: add namespace isolation to password auth path (was missing)
- login.rs: add drm, input schemes to DEFAULT_SCHEMES
- sudo service: rename 00_sudo -> 12_sudo, type daemon (no boot block)
- Branded login screen with figlet RedBear OS v0.2.2 'Liliya'
- Root user kept but not advertised on login screen
- P6-login-privilege-drop.patch generated and wired
Implements Phase 1 of Plan 9 namespace privilege model:
login creates restricted namespace (mkns/setns) then drops
uid/gid to authenticated user before spawning shell.
Three fixes for the KWin DRM device discovery failure:
1. drm_scheme_ready(): replace head -c 1 with exec 3< open test.
Reading from a DRM scheme fd blocks because the scheme expects
ioctl-style request/response, not streaming reads. Use open()
success as the scheme availability probe instead.
2. ConsoleKitSession::create(): return nullptr immediately.
The D-Bus isServiceRegistered() call can block indefinitely when
the bus daemon doesn't fully implement org.freedesktop.DBus.
With both LogindSession and ConsoleKitSession returning nullptr,
Session::create() falls through to NoopSession which uses plain
open() for DRM device access.
3. Boot chain deps: redox-drm depends on driver-manager,
greeter depends on evdevd (keyboard/mouse ready before login).
Also includes: KF6 CMake build fixes, Qt6 platform patches,
libdrm Redox ioctl shim, and wayland.toml scheme check fix.
The cookbook resolves patch paths from recipe.dir which is the symlink
path (recipes/libs/libdrm/), not the physical path (local/recipes/).
Fix ../../../patches/libdrm/ → ../../../local/patches/libdrm/ to
match the convention used by kernel, base, relibc, and other recipes.
Replace 95-line manual symlink list with auto-discovery of all
local/recipes/<category>/<name>/ directories. This fixes 15 missing
symlinks that would have blocked the redbear-full build, including
critical packages: libdrm, qtbase, qtwayland, libinput, libevdev,
seatd, and wayland-protocols.
Special-case aliases preserved:
- kf6-kirigami → kirigami (KDE expects both names)
- wip/wayland/qt6-wayland-smoke (historical WIP path)
L1: Add make qemu-ram target — copies disk image to host tmpfs before
QEMU boots, eliminating host disk I/O during OS runtime.
Usage: make qemu-ram CONFIG_NAME=redbear-full QEMU_MEM=12288
L2: Create local/recipes/AGENTS.md — comprehensive catalog of all 165
custom recipes across 15 categories with descriptions.
L3: CollisionTracker already fully implemented and wired into installer
(recipes/core/installer/source/src/collision.rs, 267 lines).
L4: Add scripts/validate-collision-log.sh to make validate target —
scans build logs for [COLLISION-ERROR]/[COLLISION-WARN] markers
from the runtime CollisionTracker.
Add #ifdef __redox__ path to drmGetDeviceFromDevId() that mirrors the
working drmGetDevice2() Redox implementation. On Redox there is no
/dev/dri/ directory — DRM devices are accessed via /scheme/drm/card0.
The patch constructs a drmDevice with both PRIMARY and RENDER nodes
pointing to /scheme/drm/card0, since the redox-drm scheme serves both
roles through a single endpoint.
Also fixes drmParseSubsystemType() to return DRM_BUS_PCI on Redox.
Fix P3 patch paths (strip local/recipes/libs/libdrm/source/ prefix
from diff headers so patches apply correctly during repo fetch).
logd was starting before randd, causing a panic when the Rust std
library tried to get random data from /scheme/rand which didn't
exist yet. This cascaded into fbbootlogd failing (no log scheme)
and vesad timing out, blocking the console/getty chain entirely.
P58 adds:
- 00_logd.service: requires = ["00_randd.service"]
- 20_fbbootlogd.service: requires = ["00_logd.service"]
Result: mini ISO boots to RedBear Login: prompt with working
console, D-Bus, driver-manager, and all boot stage markers.
When LOGD_JSON=1 is set in the environment, logd formats all log
lines as JSON objects with timestamp, source, and message fields.
Also fixes indentation issues in P51 logd rotation patch.
The service_logs declaration hunk was targeting line 48 instead of 49,
causing patch to insert it inside the let persistent_log chain instead
of inside the thread spawn closure.
P53: Change itr_tracker insertion point from line 46 to 47
so it applies after NetworkScheme::new() closing, not inside it.
P45: Add log.workspace = true to ixgbed Cargo.toml since
P45 adds log::error! usage to ixgbed main.rs.
P46 migrated ac97d to pci_allocate_interrupt_vector but missed
adding to the pcid_handle parameter. This caused build
failure: cannot borrow pcid_handle as mutable.
The original P49 patch had incorrect line numbers that caused
patch --fuzz=3 to insert cpu_id field and methods at wrong locations,
corrupting irq_helpers.rs. Regenerate from clean P0-P48 baseline.
Reads from /scheme/acpi/thermal/, /scheme/acpi/fan/, and /scheme/acpi/cstates/
plus /scheme/sys/cstate_policy to populate the --health dashboard with
hardware thermal status, fan activity, and CPU power-management state.
Re-implements work that was lost due to ephemeral source/ subdirectory.
ITR dynamically adjusts interrupt coalescing based on packet rate.
- Add ITR register (0xC4) and set_itr() to device.rs
- Add itr.rs tracker with hysteresis-based rate adaptation
- Wire tracker into IRQ handler in main.rs
- Document in AGENTS.md: source/ is ALWAYS rewritten
- Add intel_vtd.rs module with DMAR parsing, DRHD discovery,
register definitions, and basic unit initialization
- Update iommu daemon discovery to detect both AMD-Vi (IVRS)
and Intel VT-d (DMAR) units
- Update IommuScheme to track both amd_units and intel_units
- Intel VT-d init: version check, capability read, disable
translation, report supported features (QI, IR, EIM)
Full DMA remapping enablement (root table, context entries,
page tables, command buffer) remains as TODO for follow-up.
- drivers/acpid/src/cstate.rs: Evaluate _CST per processor, parse
Package-of-Packages into CStateInfo structs
- AcpiContext: add cstate_state field with refresh, add processor_names()
to scan _PR namespace
- acpid scheme: expose /scheme/acpi/cstates/<proc> read handles
- thermald: read /scheme/sys/cstate, set /scheme/sys/cstate_policy
to restrict to C1 when temp exceeds WARNING_TEMP
Works with kernel P25 cpuidle deep C-states.
Define 4 hardware target classes (AMD/Intel desktop/laptop),
per-target checklist, negative-result capture format, and
quick/full test procedures. Ready for bare-metal evidence.
Detect CPU vendor by probing MSRs (Intel IA32_THERM_STATUS vs AMD
TCTL MSR C0010293). Support both Intel Tjmax-based and AMD direct
temperature reading. Log detected vendor per CPU at startup.
Extend logd output thread to write logs to per-service files in
/var/log/<service>.log, with automatic size-based rotation (10 MB
threshold, 5 backup files). All logs also go to /var/log/system.log.
Backwards compatible with existing sink file descriptors.
Add RateLimitedLog to common::logger for per-message rate limiting with
"last message repeated N times" warnings. Add structured_log! macro for
key=value formatted logs. Update thermald to rate-limit the max-temp
summary line (30s interval) to reduce log volume.
Track the target CPU ID in InterruptVector, and log the interrupt type
(MSI-X/MSI/Legacy) and CPU affinity at allocation time in
pci_allocate_interrupt_vector. Add log_affinity() helper for drivers
to call after setup.
Add fan.rs module to acpid that discovers FAN* devices under \_TZ,
evaluates _FST for current speed level and RPM, and exposes them via
/scheme/acpi/fan/<name>/status. Update thermald to read and log fan
status alongside temperature sensors.
Replace the old hardcoded /scheme/acpi/thermal_zone/{n} paths with
proper discovery of /scheme/acpi/thermal/ zones and /scheme/coretemp/
CPU temperatures. Logs per-zone and per-CPU temps with max tracking.
Switch network drivers from legacy INTx to pci_allocate_interrupt_vector
which auto-prefers MSI-X > MSI > Legacy. rtl8139d and rtl8168d already
used this helper; e1000d and ixgbed were the remaining legacy-only NIC
drivers.
Implement CPU power-saving idle loop using x86 MONITOR/MWAIT:
- Add monitor(), mwait(), enable_and_mwait() to interrupt module
- Detect MWAIT availability via CPUID at boot
- Use MONITOR+MWAIT instead of STI+HLT when supported
- Expose /scheme/sys/cstate_policy for userspace control
- Add RdWr Kind variant to sys scheme for read+write files
Graceful init patches for fbcond, graphics scheme, smolnetd, vesad,
PCI interrupt allocation, BAR probing, common init, inputd fallback,
and dhcpd hard dependency ordering.