- Fix bootloader recipe: pass correct TARGET on make command line
instead of hardcoding x86_64-unknown-uefi (breaks BIOS build)
- Add cargo -Zunstable-options to x86_64-unknown-uefi.mk and
x86-unknown-none.mk for custom target support
- Add x86_64-unknown-uefi.json target file
Remaining: redoxer toolchain cargo/rust-src version mismatch
prevents build-std compilation. Needs 'make prefix' to rebuild
toolchain with matching versions.
Bootloader needs x86_64-unknown-uefi (UEFI target) but redoxer
sets TARGET=x86_64-unknown-redox (OS target). Added:
- x86_64-unknown-uefi.json custom target file
- cargo -Zunstable-options in Makefile for custom target support
- TARGET= override in recipe (may still be overridden by redoxer)
Root cause chain discovered and fixed:
1. GCC built-in stddef.h shadowed by relibc's _STDDEF_H guard
→ fix_types.h with guarded typedefs for 15+ sys types
2. gnulib configure bakes raw typedefs into GL_CFLAG_GNULIB_WARNINGS
→ strip them from Makefiles after configure
3. __fseterr/__freadahead don't exist in relibc
→ compile C stubs and inject into link via Makefile patch
The recipe pattern is documented and reusable for other gnulib packages
(ninja-build, diffutils, etc.).
Also: bootloader recipe needs RUSTFLAGS=-Zunstable-options for
custom target support after redoxer toolchain restore.
Lines 649-651 had VramManager and info!() calls that don't belong
in handle_irq(). These were likely from a bad merge. The variables
fb_phys and fb_size are local to new() and don't exist in handle_irq().
Add pcid-spawner to initfs binaries for early boot driver spawning.
Add pcid.d/00-storage.toml with initfs-path driver commands.
pcid-spawner uses the channel protocol which works; driver-manager
hangs on pcid config handle reads.
- Create source symlinks for all 7 core components (kernel, relibc, base,
bootloader, installer, redoxfs, userutils) pointing at local/sources/
- Create redoxfs and userutils fork repos from frozen 0.1.0 archives
- Fix relibc-tests recipes: replace patch commands with direct fork build
- Archive all 417 patch files to local/archived/patches-2026-06-migration/
- Full AGENTS.md rewrite: remove all 31 remaining stale patch references,
update DURABILITY POLICY to describe git commit workflow, update WHERE TO
LOOK table, fix build flow description, replace Recipe Patch Wiring section
with Recipe Source Configuration
- Zero active patches = [...] arrays remain in any recipe.toml file
- All 13 remaining grep hits for 'patches' are TODO comments in WIP recipes
userutils compiled redox-rt with default-features=false, disabling the proc feature. This caused login's fork to not pass proc fd to child shell, triggering assertion failed: info.has_proc_fd in redox-rt. P8 patch enables features=['proc']. Verified: zero panics on boot, login works for user/root.
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent)
Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
Replace all 9 kernel uid==0 privilege checks with a capability bitmask
model. Adds caps:u64 field to Context and CallerCtx, with CAP_ALL for
root processes. Zero behavioral change - uid==0 still gets all caps.
New module: src/scheme/caps.rs with 10 capability constants.
9 check sites converted: acpi, irq, memory, debug, serio, sys (msr+write),
scheme registration, and fchown.
Patch: local/patches/kernel/P27-capability-bitmask.patch
- login.rs: drop privileges via setresugid after authentication
- login.rs: add namespace isolation to password auth path (was missing)
- login.rs: add drm, input schemes to DEFAULT_SCHEMES
- sudo service: rename 00_sudo -> 12_sudo, type daemon (no boot block)
- Branded login screen with figlet RedBear OS v0.2.2 'Liliya'
- Root user kept but not advertised on login screen
- P6-login-privilege-drop.patch generated and wired
Implements Phase 1 of Plan 9 namespace privilege model:
login creates restricted namespace (mkns/setns) then drops
uid/gid to authenticated user before spawning shell.
Three fixes for the KWin DRM device discovery failure:
1. drm_scheme_ready(): replace head -c 1 with exec 3< open test.
Reading from a DRM scheme fd blocks because the scheme expects
ioctl-style request/response, not streaming reads. Use open()
success as the scheme availability probe instead.
2. ConsoleKitSession::create(): return nullptr immediately.
The D-Bus isServiceRegistered() call can block indefinitely when
the bus daemon doesn't fully implement org.freedesktop.DBus.
With both LogindSession and ConsoleKitSession returning nullptr,
Session::create() falls through to NoopSession which uses plain
open() for DRM device access.
3. Boot chain deps: redox-drm depends on driver-manager,
greeter depends on evdevd (keyboard/mouse ready before login).
Also includes: KF6 CMake build fixes, Qt6 platform patches,
libdrm Redox ioctl shim, and wayland.toml scheme check fix.
logd was starting before randd, causing a panic when the Rust std
library tried to get random data from /scheme/rand which didn't
exist yet. This cascaded into fbbootlogd failing (no log scheme)
and vesad timing out, blocking the console/getty chain entirely.
P58 adds:
- 00_logd.service: requires = ["00_randd.service"]
- 20_fbbootlogd.service: requires = ["00_logd.service"]
Result: mini ISO boots to RedBear Login: prompt with working
console, D-Bus, driver-manager, and all boot stage markers.
When LOGD_JSON=1 is set in the environment, logd formats all log
lines as JSON objects with timestamp, source, and message fields.
Also fixes indentation issues in P51 logd rotation patch.
P46 migrated ac97d to pci_allocate_interrupt_vector but missed
adding to the pcid_handle parameter. This caused build
failure: cannot borrow pcid_handle as mutable.
Re-implements work that was lost due to ephemeral source/ subdirectory.
ITR dynamically adjusts interrupt coalescing based on packet rate.
- Add ITR register (0xC4) and set_itr() to device.rs
- Add itr.rs tracker with hysteresis-based rate adaptation
- Wire tracker into IRQ handler in main.rs
- Document in AGENTS.md: source/ is ALWAYS rewritten
- drivers/acpid/src/cstate.rs: Evaluate _CST per processor, parse
Package-of-Packages into CStateInfo structs
- AcpiContext: add cstate_state field with refresh, add processor_names()
to scan _PR namespace
- acpid scheme: expose /scheme/acpi/cstates/<proc> read handles
- thermald: read /scheme/sys/cstate, set /scheme/sys/cstate_policy
to restrict to C1 when temp exceeds WARNING_TEMP
Works with kernel P25 cpuidle deep C-states.
Extend logd output thread to write logs to per-service files in
/var/log/<service>.log, with automatic size-based rotation (10 MB
threshold, 5 backup files). All logs also go to /var/log/system.log.
Backwards compatible with existing sink file descriptors.
Add RateLimitedLog to common::logger for per-message rate limiting with
"last message repeated N times" warnings. Add structured_log! macro for
key=value formatted logs. Update thermald to rate-limit the max-temp
summary line (30s interval) to reduce log volume.
Track the target CPU ID in InterruptVector, and log the interrupt type
(MSI-X/MSI/Legacy) and CPU affinity at allocation time in
pci_allocate_interrupt_vector. Add log_affinity() helper for drivers
to call after setup.
Add fan.rs module to acpid that discovers FAN* devices under \_TZ,
evaluates _FST for current speed level and RPM, and exposes them via
/scheme/acpi/fan/<name>/status. Update thermald to read and log fan
status alongside temperature sensors.
Replace the old hardcoded /scheme/acpi/thermal_zone/{n} paths with
proper discovery of /scheme/acpi/thermal/ zones and /scheme/coretemp/
CPU temperatures. Logs per-zone and per-CPU temps with max tracking.
Switch network drivers from legacy INTx to pci_allocate_interrupt_vector
which auto-prefers MSI-X > MSI > Legacy. rtl8139d and rtl8168d already
used this helper; e1000d and ixgbed were the remaining legacy-only NIC
drivers.
Implement CPU power-saving idle loop using x86 MONITOR/MWAIT:
- Add monitor(), mwait(), enable_and_mwait() to interrupt module
- Detect MWAIT availability via CPUID at boot
- Use MONITOR+MWAIT instead of STI+HLT when supported
- Expose /scheme/sys/cstate_policy for userspace control
- Add RdWr Kind variant to sys scheme for read+write files
Implement full thermal zone backend in acpid:
- thermal.rs: Discover \_TZ_.TZ* zones, evaluate \_TMP, \_CRT, \_PSV,
\_AC0, \_TC1, \_TC2, \_TSP, \_TZP methods
- scheme.rs: Expose /scheme/acpi/thermal/ with per-zone temperature files
- acpi.rs: Add thermal_state and thermal_zone_names() to AcpiContext
Wired as P44 patch in base recipe.toml.
Add deterministic S5 (soft-off) state derivation and structured error
handling to acpid. Derive S5 parameters once at startup (or retry at
shutdown if AML was not ready) instead of re-parsing the _S5 package
on every shutdown attempt. Replace unit-return set_global_s_state()
with ShutdownResult enum for proper error propagation and fallback
handling.
Changes:
- S5State struct caches SLP_TYPa/b, PM1a/b ports, derivation timestamp
- ShutdownError enum: MissingFadt, Pm1aZero, AmlNotReady, S5NotFound,
S5NotPackage, SlpTypNotInteger, S5WriteFailed
- ShutdownResult enum: Ok, FallbackReset, Err(ShutdownError)
- derive_s5_state() method with early init attempt and lazy fallback
- set_global_s_state() returns ShutdownResult instead of ()
- Early S5 derivation in AcpiContext::init() logs AML readiness status
- main.rs logs shutdown result for debugging
This is W2.1/W2.2 from ACPI-IMPROVEMENT-PLAN.md.
P21: Replace 67 panic-grade calls across 9 boot daemon files with
graceful error handling. Affected: ps2d, inputd, fbcond, fbbootlogd.
P22: Add x2APIC MADT fallback for processors with LocalApic entries
instead of LocalX2Apic entries. QEMU KVM boots now correctly detect
all vCPUs via zero-extended APIC ID fallback.
P23: Change 50_rootfs.service from requires_weak to requires on
40_drivers.target, ensuring redoxfs waits for disk drivers before
attempting filesystem mount. This fixes the boot race where rootfs
mount failed before drivers were ready, causing init to have no
userland services after switchroot.
ramfs@.service required randd as requires_weak, which doesn't enforce
readiness ordering. When ramfs called std::random before randd registered
/scheme/rand, it panicked with 'failed to generate random data'.
Changed requires_weak to requires so init waits for randd to register
its scheme before starting ramfs.
Also patched Rust stdlib sys/random/redox.rs to fall back to xorshift64
seeded from ASLR rather than panicking when /scheme/rand is unavailable.
This is a belt-and-suspenders fix: even with proper ordering, the stdlib
should not panic on missing entropy during early boot.
x2APIC ICR mode fix cannot be a forward patch because P16-1-sipi-timing
references the ICR line as context. Modifying P1 (which introduces the line)
would require updating P16-1's offsets. Will address by consolidating into
an existing early patch in a future revision.