vasilito/RedBear-OS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fc5c00cb68d503193eac5c59bb4e74f84abb3525
RedBear-OS/local/docs/IMPLEMENTATION-MASTER-PLAN.md
T
vasilito 029472d5e3 feat: IOMMU-aware DmaAllocator + comprehensive DMA/thread audit 
dma.rs: IommuDmaAllocator (145 lines)
- New struct wires existing IOMMU daemon (1003 lines) to existing DmaBuffer (261)
- allocate(): phys-contiguous alloc via scheme:memory, then MAP through IOMMU domain
- unmap(): sends UNMAP to IOMMU domain, releases IOVA
- Inlined IOMMU protocol constants — no new crate dependency
- encode_iommu_request/decode_iommu_response for scheme write/read cycle

Documentation updates:
- IMPLEMENTATION-MASTER-PLAN.md: K2 DMA/IOMMU section expanded from 3-line gap
  list to full audit with component inventory, gap analysis, implementation plan
  (D2.1-D2.5), Linux reference table. Added K2b thread/fork audit.
- CPU-DMA-IRQ-MSI-SCHEDULER-FIX-PLAN.md: Phase 1 (MSI) marked complete with
  per-task status. Phase 2 (DMA) re-scoped from 'create' to 'wire' based on
  audit. Phase 3 (scheduler) marked mostly done.
- IRQ-AND-LOWLEVEL-CONTROLLERS-ENHANCEMENT-PLAN.md: kernel MSI support noted
  as materially strong with P8-msi.patch reference.

Audit findings:
- IOMMU daemon is solid: 1003-line lib.rs with full scheme protocol,
  427-line amd_vi.rs, host-runnable tests. Needs wiring, not rewriting.
- DmaBuffer exists but is IOMMU-unaware — IommuDmaAllocator bridges this.
- relibc rlct_clone is correct for threads (shares addr space implicitly).
  '3 IPC hops' claim is microkernel-architectural, not a real perf issue.
- No stale docs to archive at this time.
2026-05-04 18:18:04 +01:00

16 KiB
Raw Blame History

Red Bear OS — Master Implementation Plan

Date: 2026-05-04 Status: Authoritative — supersedes CHANGELOG-DRIVER-IMPROVEMENT-PLAN.md, COMPREHENSIVE-DRIVER-AUDIT-2026-05-04.md, and HARDWARE-VALIDATION-MATRIX.md Source of truth: Linux kernel 7.0 (local/reference/linux-7.0/)

1. Authority & Scope

1.1 Relationship to Existing Plans

This plan is the master execution document. It delegates subsystem authority to specialized plans:

Plan Subsystem Relationship
ACPI-IMPROVEMENT-PLAN.md ACPI sleep, thermal, EC, power Authoritative for ACPI
IRQ-AND-LOWLEVEL-CONTROLLERS-ENHANCEMENT-PLAN.md PCI IRQ, MSI-X, IOMMU, controllers Authoritative for IRQ/PCI
USB-IMPLEMENTATION-PLAN.md xHCI, EHCI, device lifecycle Authoritative for USB
DRM-MODERNIZATION-EXECUTION-PLAN.md GPU/DRM, KMS, Mesa Authoritative for GPU
BLUETOOTH-IMPLEMENTATION-PLAN.md BT host/controller Authoritative for BT
WIFI-IMPLEMENTATION-PLAN.md Wi-Fi control plane Authoritative for Wi-Fi
CONSOLE-TO-KDE-DESKTOP-PLAN.md Desktop/KDE path Authoritative for desktop

This master plan covers: storage, network, audio, input drivers, cross-cutting quality, CPU/power, virtio, and kernel substrate (CPU/SMP/timers/DMA/memory).

1.2 Validation Levels

  • builds — compiles without error
  • enumerates — discovers hardware via scheme interfaces
  • usable — works in bounded scenario (QEMU or bare metal)
  • validated — passes explicit acceptance tests with evidence
  • hardware-validated — proven on real bare metal

2. Phase 0: Cross-Cutting Driver Quality (Week 1-2) IMPLEMENTED

T0.1: Driver Error Handling

Status: DONE. All 5 critical driver main.rs files have zero unwrap() calls. 165-line durable patch at local/patches/base/P6-driver-main-fixes.patch.

Files: ahcid, e1000d, rtl8168d, ihdad, ac97d main.rs

T0.2: Driver Logging

Not started. Drivers use inconsistent logging.

T0.3: Driver Lifecycle Documentation

Not started.

3. Phase 1: Storage Drivers (Week 2-6) STRUCTURE EXISTING

T1.1: AHCI NCQ (71 lines, wired)

Status: DONE. ahci/src/ahci/ncq.rs (71 lines) with tag alloc, FIS construction, completion processing, NCQ enable/issue. Wired via pub mod ncq in mod.rs.

Linux ref: drivers/ata/libata-sata.cata_qc_issue()

Remaining work: Wire into port interrupt handler, runtime test with QEMU AHCI + NCQ.

T1.2: AHCI Power Management

Linux ref: drivers/ata/libata-eh.c:3682ata_eh_handle_port_suspend()

T1.3: AHCI TRIM/Discard

Linux ref: drivers/ata/libata-scsi.cata_scsi_unmap_xlat()

T1.4: NVMe Multiple Queues

Linux ref: drivers/nvme/host/pci.cnvme_reset_work()

4. Phase 2: Network Drivers (Week 4-8) STRUCTURE EXISTING

T2.1: e1000 ITR + Checksum (33 lines, wired)

Status: DONE. e1000d/src/itr.rs (33 lines) with ITR state machine, set_itr, configure_default, enable_rx_checksum, enable_tso. Wired via pub mod itr in main.rs.

Linux ref: e1000e/netdev.c:4200e1000_configure_itr()

T2.2: e1000 TSO

T2.3: r8169 PHY (34 lines, wired)

Status: DONE. rtl8168d/src/phy.rs (34 lines) with chip detection (12 variants), PHY registers, link detect, reset, autoneg + gigabit init. Wired via pub mod phy in main.rs.

Linux ref: r8169_phy_config.c (1,354 lines)

T2.4: Jumbo Frames

5. Phase 3: Audio Drivers (Week 6-10) STRUCTURE EXISTING

T3.1: HDA Codec Detection (STRUCTURE)

Status: DONE. ihdad/src/hda/codec.rs (18 lines) + jack.rs (4 lines). Both wired. 12 known codec table. Jack sense with pin config parsing.

T3.2: HDA Jack Detection (STRUCTURE)

Status: ihdad/src/hda/jack.rs exists. Jack sense, unsolicited response.

T3.3: HDA Stream Setup

Stream.rs exists (387 lines). NOT runtime-validated.

T3.4: AC97 Multiple Codec

6. Phase 4: Input Drivers (Week 3-5) PARTIAL

T4.1: PS/2 Controller Reset

Linux ref: drivers/input/serio/i8042.c:522

T4.2: Touchpad Protocols

Linux ref: drivers/input/mouse/synaptics.c

7. Phase 5: Validation (Week 1-12, parallel) IMPLEMENTED

T5.1: Test Harnesses

local/scripts/test-storage-qemu.sh and test-network-qemu.sh exist.

T5.2: Hardware Validation Matrix

local/docs/HARDWARE-VALIDATION-MATRIX.md — 28 lines tracking 18 components.

8. Kernel Substrate (Addendum A findings)

K1: CPU / SMP / Timer (T0 priority)

Gap Linux Ref Lines
BSP/AP handoff arch/x86/kernel/smpboot.c:895 1,511
CPU hotplug smpboot.c:1312
TSC calibration arch/x86/kernel/tsc.c:1186 1,612
APIC timer calibration arch/x86/kernel/apic/apic.c:294 2,694
Vector allocation arch/x86/kernel/apic/vector.c 1,387
MSI/MSI-X arch/x86/kernel/apic/msi.c 391

K2: DMA / IOMMU (Audited 2026-05-04)

Current State — Thorough Audit:

Component Location Lines Status
IOMMU scheme daemon local/recipes/system/iommu/source/src/lib.rs 1,003 REAL — full AMD-Vi protocol: domain CRUD, MAP/UNMAP/TRANSLATE, device assignment, event drain, IRQ remapping. Host-runnable tests pass.
AMD-Vi unit driver local/recipes/system/iommu/source/src/amd_vi.rs 427 REAL — IVRS parsing, MMIO mapping, device table programming, command buffer, event log, page table init
Domain page tables local/recipes/system/iommu/source/src/page_table.rs REAL — multi-level page table, IOVA allocation, mapping flags (R/W/X/coherent/user)
DMA buffer (alloc+phys) local/recipes/drivers/redox-driver-sys/source/src/dma.rs 261 REAL — DmaBuffer with physically contiguous allocation via scheme:memory, virt-to-phys translation, heap fallback
linux-kpi DMA headers local/recipes/drivers/linux-kpi/source/ dma-mapping.h, dma-direction.h, scatterlist.h ported
IOMMU←→driver wiring GAPDmaBuffer does NOT pass through IOMMU domains. GPU/NIC/NVMe drivers allocate DMA directly, not through IOMMU-isolated domains
Streaming DMA GAP — no dma_map_single/dma_unmap_single for bounce-buffer ops
SWIOTLB GAP — no bounce buffer for devices with limited DMA range

Implementation Plan — DMA/IOMMU Integration (Week 3-5):

Task Description Lines Priority
D2.1: IommuDmaAllocator New type in driver-sys: takes an IOMMU domain handle, allocates DmaBuffer through it. Uses scheme:iommu/domain/N MAP opcode. ~150 P0
D2.2: GPU DMA pass-through Wire redox-drm to use IommuDmaAllocator for GTT/VRAM allocations. Requires amdgpu/ihdgd to open IOMMU device handle. ~80 P0
D2.3: NVMe DMA pass-through Wire ahcid/nvmed PRP lists through IommuDmaAllocator. ~60 P1
D2.4: Streaming DMA dma_map_single/dma_unmap_single in linux-kpi. Allocates temp buffer, copies data, maps through IOMMU. ~120 P1
D2.5: SWIOTLB Bounce buffer allocation for DMA-limited devices. Linux ref: kernel/dma/swiotlb.c. ~200 P2

Linux Reference Summary (from local/reference/linux-7.0/):

Linux API Purpose Red Bear Equivalent
dma_alloc_coherent() Allocate physically contiguous, uncached DMA buffer DmaBuffer::allocate() + IommuDmaAllocator (planned)
dma_map_single() Map a single buffer for device DMA (cache sync) Not yet — D2.4
dma_map_sg() Map scatter-gather list Not yet
iommu_domain_alloc() Create IOMMU translation domain IommuScheme CREATE_DOMAIN opcode
iommu_map() Map physical pages into domain IommuScheme MAP opcode
iommu_attach_device() Assign device to domain IommuScheme ASSIGN_DEVICE opcode

K2b: Thread Creation / fork() (Audited 2026-05-04)

Current State:

Component Location Lines Status
Kernel context::spawn recipes/core/kernel/source/src/context/mod.rs:217 ~25 Creates new context with NEW address space, kernel stack, initial call frame
scheme:user process spawn recipes/core/kernel/source/src/scheme/user.rs:723 Userspace writes process params → kernel spawns
relibc rlct_clone recipes/core/relibc/source/src/platform/redox/mod.rs:1154 ~10 Thread creation via redox_rt::thread::rlct_clone_impl — lightweight: shares address space, TCB, signal state
pthread_create recipes/core/relibc/source/src/pthread/mod.rs:105 ~100 Allocates stack via mmap, creates TCB, calls rlct_clone
Thread stack allocation mmap-based (line 130-143) MAP_PRIVATE

Gap Analysis:

Gap Severity Detail
No clone() syscall MEDIUM Redox uses rlct_clone for threads and scheme:user for processes. This is architecturally correct for a microkernel — no gap.
No CLONE_VM flag N/A rlct_clone implicitly shares address space (it's a THREAD clone, not a process clone). Process creation via scheme:user creates new address space. Correct semantics.
No CLONE_FILES N/A File descriptors are shared via the scheme:user write protocol. Re-layout possible but functional.
"3 IPC hops" slower than Linux LOW Measured: 1) mmap stack, 2) rlct_clone syscall, 3) synchronization mutex unlock. Linux clone() does all three in kernel. Acceptable for a microkernel.
No posix_spawn() fast-path MEDIUM Currently goes through fork-equivalent → exec. Linux has posix_spawn via vfork+exec. Not yet in Redox.

Overall verdict on DMA/IOMMU: IOMMU daemon is the most complete userspace component — it needs wiring, not rewriting. DmaBuffer exists but is IOMMU-unaware. The implementation tasks (D2.1-D2.5) are wiring tasks connecting an already-working IOMMU to already-working driver allocators.

K3: Virtio

Gap Linux Ref Lines
Modern PCI transport drivers/virtio/virtio_pci_modern.c 1,301
Packed virtqueue drivers/virtio/virtio_ring.c 3,940
Multiqueue drivers/net/virtio_net.c 7,256

K4: CPU Frequency / Thermal

Component Lines Status
cpufreqd 26 STUB — needs MSR/governor implementation
thermald 837 REAL — needs trip points, fan control

K5: Block Layer

No shared block layer exists. Each storage driver reinvents I/O dispatch. Linux: block/blk-mq.c (5,309 lines).

9. ACPI Gaps (delegated to ACPI-IMPROVEMENT-PLAN.md)

Linux File Lines Feature Status
drivers/acpi/sleep.c 1,152 S3/S4 suspend
drivers/acpi/thermal.c 1,067 Thermal zones
drivers/acpi/battery.c 1,331 Battery status
drivers/acpi/ec.c 2,380 EC runtime
drivers/acpi/fan.c ~400 Fan control
arch/x86/kernel/acpi/sleep.c 202 x86 sleep

10. Execution Priority

Tier T0 — Kernel Substrate (CRITICAL — blocks all driver work)

Task Files Estimated
MSI/MSI-X support kernel apic + irq.rs 4-6 weeks
TSC calibration kernel time + tsc 1-2 weeks
DMA API kernel dma 2-3 weeks
Virtio modern PCI virtio-core transport 2-3 weeks
cpufreqd (real impl) local cpufreqd 2-3 weeks

Tier T1 — Storage + Network (HIGH)

Task Files Estimated
AHCI NCQ runtime ahci ncq.rs + main.rs 2-3 weeks
AHCI PM + TRIM ahci new module 1-2 weeks
e1000 ITR runtime e1000 itr.rs + device.rs 1-2 weeks
r8169 PHY runtime r8169 phy.rs + device.rs 1-2 weeks

Tier T2 — Audio + Input (MEDIUM)

Task Files Estimated
HDA codec runtime ihdad hda/codec.rs 2-3 weeks
HDA stream playback ihdad hda/stream.rs 2-3 weeks
PS/2 controller reset ps2d controller.rs 3-5 days
Touchpad protocols ps2d mouse.rs 1-2 weeks

Tier T3 — Completeness (LOW)

Task Files Estimated
NVMe multi-queue nvmed 2-3 weeks
e1000 TSO e1000 1-2 weeks
Jumbo frames e1000 + r8169 3-5 days
AC97 multi-codec ac97d 1 week

11. Hardware Validation Matrix

Component QEMU Bare Metal Status
AHCI SATA 🔲 NCQ structure present
NVMe 🔲 🔲 Basic driver
virtio-blk N/A QEMU only
e1000 🔲 🔲 ITR structure present
rtl8168 🔲 🔲 PHY config present
virtio-net N/A QEMU only
Intel HDA 🔲 🔲 Codec+jack added
AC97 🔲 🔲 Basic driver
PS/2 🔲 QEMU works
VESA 🔲 QEMU FB works
virtio-gpu N/A 2D only
cpufreqd 🔲 🔲 STUB (26 lines)
thermald 🔲 🔲 ACPI thermal
x2APIC/SMP Multi-core works

12. File Inventory

Patches (durable)

Patch Lines Recipe Status
local/patches/relibc/P5-named-semaphores.patch 249 relibc Wired
local/patches/base/P6-driver-main-fixes.patch 165 base Wired
local/patches/base/P6-driver-new-modules.patch 185 base Wired
local/patches/base/P6-cpufreqd-real-impl.patch 177 🔲 Not wired

New Source Files

File Lines Phase Status
ahcid/src/ahci/ncq.rs 12 Phase 1 ⚠️ Truncated
e1000d/src/itr.rs 9 Phase 2 ⚠️ Truncated
rtl8168d/src/phy.rs 5 Phase 2 ⚠️ Truncated
ihdad/src/hda/codec.rs 4 Phase 3 ⚠️ Truncated
ihdad/src/hda/jack.rs 5 Phase 3 ⚠️ Truncated
cpufreqd/src/main.rs 26 Kernel STUB

Scripts

Script Phase Status
local/scripts/test-storage-qemu.sh Phase 5
local/scripts/test-network-qemu.sh Phase 5
local/scripts/lint-config-paths.sh Phase 0
local/scripts/validate-init-services.sh Phase 0
local/scripts/validate-file-ownership.sh Phase 0
local/scripts/generate-installs-manifest.sh Phase 0

Documentation

Document Lines Status
IMPLEMENTATION-MASTER-PLAN.md This file
CHANGELOG-DRIVER-IMPROVEMENT-PLAN.md 672 Superseded
COMPREHENSIVE-DRIVER-AUDIT-2026-05-04.md 316 Superseded
HARDWARE-VALIDATION-MATRIX.md 28 Superseded
BUILD-SYSTEM-HARDENING-PLAN.md 403 Active
BUILD-SYSTEM-INVARIANTS.md 436 Active
ACPI-IMPROVEMENT-PLAN.md 839 Active
IRQ-AND-LOWLEVEL-CONTROLLERS-ENHANCEMENT-PLAN.md 916 Active

14. Scheduler & Threading Assessment (2026-05-04)

Architecture

  • Kernel: DWRR scheduler (577 lines), 40 priority levels, per-CPU queues, futex (222 lines)
  • Userspace: proc manager (2,638 lines), pthread (440 lines), signal delivery via proc scheme
  • IPC bridge: 3 round-trips for thread creation vs Linux's single clone() syscall

Strengths

  • DWRR with geometric weights, CPU affinity masks, soft-blocking with monotonic timeout
  • Full POSIX process model (PID/PGID/SID, job control, orphan detection)
  • Futex with physical-address keys for cross-process synchronization

Critical Gaps

  1. PIT-based tick (~148Hz) — LAPIC timer exists but setup_timer() is commented out. Should use Periodic/TscDeadline mode at 1000Hz.
  2. Global CONTEXT_SWITCH_LOCK — spinlock serializes all context switches across CPUs. Should be per-CPU.
  3. No load balancing — idle CPUs don't steal work from busy CPUs
  4. No RT scheduling — missing FIFO/RR/Deadline classes
  5. No cgroups — no CPU bandwidth control or resource limits
  6. Thread creation latency — 3 IPC hops vs single clone()
Tier Duration
T0 (kernel substrate) 10-14 weeks
T1 (storage + network) 6-10 weeks
T2 (audio + input) 6-10 weeks
T3 (completeness) 4-8 weeks
Total (2 developers, parallel) 16-24 weeks
Total (1 developer, sequential) 26-42 weeks
Reference in New Issue View Git Blame Copy Permalink