feat: 内存管理、mmap支持与设备驱动的综合改进 (#1455)

* refactor(mm): 重构页缓存读写以解决死锁问题并改进错误处理

- 将页缓存读写拆分为两阶段以避免用户缺页时持有锁
- 改进文件系统缺页处理，返回SIGBUS而非panic
- 优化sys_read/sys_write的用户缓冲区访问检查
- 修复mprotect参数对齐检查

Signed-off-by: longjin <[email protected]>

* feat(devfs): 添加随机设备支持

- 新增随机设备模块random_dev，提供随机字节生成能力
- 在DevFS中注册/dev/random设备，确保系统能够访问随机数据
- 更新相关文件以支持新设备的集成

Signed-off-by: longjin <[email protected]>

* feat(filesystem): 添加mmap支持到多个文件系统节点

- 为LockedZeroInode、LockedExt4Inode、LockedFATInode和LockedRamFSInode实现mmap方法，允许内存映射操作。
- 更新相关文件以支持mmap功能，确保与用户空间的交互更加灵活。

Signed-off-by: longjin <[email protected]>

* fix(mm): Improve mmap error handling and validation

- Enhanced error handling in mmap implementation to return appropriate errors for unsupported operations.
- Added checks for MAP_PRIVATE and MAP_SHARED flags to ensure only one is set.
- Implemented page alignment validation for MAP_FIXED.
- Updated tests to reflect changes in mmap behavior.

Signed-off-by: longjin <[email protected]>

* fix(mm): Enhance memory protection handling and validation

- Updated the `init_xd_rsvd` function to ensure NX support is enabled and correctly handle hardware limitations.
- Improved alignment checks in `sys_mprotect` to prevent overflow and ensure proper memory area verification.
- Removed outdated tests from `mmap_test` to streamline the test suite.

Signed-off-by: longjin <[email protected]>

* feat(procfs): Add support for /proc/[pid]/statm file

- Introduced the ProcStatm file type to the ProcFileType enum.
- Implemented the open_statm function to return a placeholder response for the statm file.
- Updated the ProcFS inode creation to include the statm file for each process.
- Enhanced the IndexNode implementation to handle the new ProcStatm file type.

Signed-off-by: longjin <[email protected]>

* fix(mmap): 增强mmap系统调用的偏移量检查和内存分配逻辑

* fix(procfs): 优化statm文件打开逻辑，增加虚拟内存页数计算

* fix(syscall): 处理len为0的情况，确保read和write系统调用遵循POSIX标准


* refactor(mm): Optimize page reclamation process to prevent deadlocks

- Separated the page reclamation into two phases to avoid holding the reclaimer lock for extended periods, reducing the risk of lock order inversion with page_manager/page_cache.
- Updated the `shrink_list` method to handle victim page eviction without holding the reclaimer lock, ensuring safer memory management.
- Improved the `drain_lru` method to efficiently retrieve victim pages for reclamation.

Signed-off-by: longjin <[email protected]>

---------

Signed-off-by: longjin <[email protected]>

Author: fslongjin

kernel/src/arch/x86_64/mm/fault.rs

@@ -1,8 +1,5 @@
 use alloc::sync::Arc;
-use core::{
-    intrinsics::{likely, unlikely},
-    panic,
-};
+use core::{intrinsics::unlikely, panic};
 use log::error;
 use x86::{bits64::rflags::RFlags, controlregs::Cr4};
 
@@ -391,11 +388,11 @@ impl X86_64MMArch {
                     return; // 已通过异常表修复
                 }
 
-                log::error!(
-                    "vma access error, error_code: {:?}, address: {:#x}",
-                    error_code,
-                    address.data(),
-                );
+                // log::error!(
+                //     "vma access error, error_code: {:?}, address: {:#x}",
+                //     error_code,
+                //     address.data(),
+                // );
 
                 send_segv();
             }
@@ -422,8 +419,41 @@ impl X86_64MMArch {
             | VmFaultReason::VM_FAULT_HWPOISON_LARGE
             | VmFaultReason::VM_FAULT_FALLBACK;
 
-        if likely(!fault.contains(vm_fault_error)) {
-            panic!("fault error: {:?}", fault)
+        if fault.intersects(vm_fault_error) {
+            // 内核态访问用户地址（如 copy_from_user）应走异常表修复，返回 -EFAULT，而不是发送信号/崩溃
+            if !regs.is_from_user() {
+                if Self::try_fixup_exception(regs, error_code, address) {
+                    return;
+                }
+                panic!(
+                    "kernel access to user addr failed without fixup, fault: {:?}, addr: {:#x}, rip: {:#x}",
+                    fault,
+                    address.data(),
+                    regs.rip
+                );
+            }
+
+            // 用户态 fault：发送对应信号
+            let mut info = if fault.contains(VmFaultReason::VM_FAULT_SIGSEGV) {
+                SigInfo::new(
+                    Signal::SIGSEGV,
+                    0,
+                    SigCode::User,
+                    SigType::Kill(ProcessManager::current_pid()),
+                )
+            } else {
+                // 包括 SIGBUS / OOM / HWPOISON 等统一 SIGBUS
+                SigInfo::new(
+                    Signal::SIGBUS,
+                    0,
+                    SigCode::User,
+                    SigType::Kill(ProcessManager::current_pid()),
+                )
+            };
+            let _ = Signal::SIGBUS.send_signal_info(Some(&mut info), ProcessManager::current_pid());
+            return;
         }
+
+        panic!("fault error: {:?}", fault)
     }
 }

kernel/src/arch/x86_64/mm/mod.rs

@@ -524,23 +524,25 @@ const fn protection_map() -> [EntryFlags<MMArch>; 16] {
 
 impl X86_64MMArch {
     fn init_xd_rsvd() {
-        // 读取ia32-EFER寄存器的值
-        let efer: EferFlags = x86_64::registers::model_specific::Efer::read();
+        // 读取并确保开启 NXE，使用户态 PROT_EXEC 正确受 NX 约束
+        let mut efer = x86_64::registers::model_specific::Efer::read();
         if !efer.contains(EferFlags::NO_EXECUTE_ENABLE) {
-            // NO_EXECUTE_ENABLE是false，那么就设置xd_reserved为true
-            debug!("NO_EXECUTE_ENABLE is false, set XD_RESERVED to true");
-            XD_RESERVED.store(true, Ordering::Relaxed);
+            debug!("Enabling EFER.NXE for NX support");
+            efer.insert(EferFlags::NO_EXECUTE_ENABLE);
+            unsafe { x86_64::registers::model_specific::Efer::write(efer) };
         }
+        // 若硬件仍不支持（写入无效），标记为保留，否则可用
+        let efer_after = x86_64::registers::model_specific::Efer::read();
+        let xd_reserved = !efer_after.contains(EferFlags::NO_EXECUTE_ENABLE);
+        XD_RESERVED.store(xd_reserved, Ordering::Relaxed);
         compiler_fence(Ordering::SeqCst);
     }
 
     /// 判断XD标志位是否被保留
     pub fn is_xd_reserved() -> bool {
-        // return XD_RESERVED.load(Ordering::Relaxed);
-
-        // 由于暂时不支持execute disable，因此直接返回true
-        // 不支持的原因是，目前好像没有能正确的设置page-level的xd位，会触发page fault
-        return true;
+        // 若硬件不支持 NX/XD，则返回 true，表示执行位不可用；否则遵从检测结果
+        // 默认使用启动阶段检测到的 XD_RESERVED 值
+        return XD_RESERVED.load(Ordering::Relaxed);
     }
 
     pub unsafe fn read_array<T>(addr: VirtAddr, count: usize) -> Vec<T> {

kernel/src/filesystem/devfs/mod.rs

@@ -1,5 +1,6 @@
 /// 导出devfs的模块
 pub mod null_dev;
+pub mod random_dev;
 pub mod zero_dev;
 
 use super::{
@@ -9,6 +10,9 @@ use super::{
         FileType, FsInfo, IndexNode, InodeFlags, InodeMode, Magic, Metadata, SuperBlock,
     },
 };
+use crate::filesystem::devfs::zero_dev::LockedZeroInode;
+use crate::mm::fault::{PageFaultHandler, PageFaultMessage};
+use crate::mm::VmFaultReason;
 use crate::{
     driver::base::{block::gendisk::GenDisk, device::device_number::DeviceNumber},
     filesystem::vfs::mount::MountFlags,
@@ -39,6 +43,21 @@ pub struct DevFS {
     super_block: SuperBlock,
 }
 
+fn is_zero_inode(pfm: &PageFaultMessage) -> bool {
+    let vma = pfm.vma();
+    let vma_guard = vma.lock_irqsave();
+    match vma_guard.vm_file() {
+        Some(file) => {
+            let inode = file.inode();
+            inode
+                .as_any_ref()
+                .downcast_ref::<LockedZeroInode>()
+                .is_some()
+        }
+        None => false,
+    }
+}
+
 impl FileSystem for DevFS {
     fn as_any_ref(&self) -> &dyn core::any::Any {
         self
@@ -62,6 +81,25 @@ impl FileSystem for DevFS {
     fn super_block(&self) -> SuperBlock {
         self.super_block.clone()
     }
+
+    unsafe fn fault(&self, pfm: &mut PageFaultMessage) -> VmFaultReason {
+        if !is_zero_inode(pfm) {
+            return VmFaultReason::VM_FAULT_SIGBUS;
+        }
+        PageFaultHandler::zero_fault(pfm)
+    }
+
+    unsafe fn map_pages(
+        &self,
+        pfm: &mut PageFaultMessage,
+        start_pgoff: usize,
+        end_pgoff: usize,
+    ) -> VmFaultReason {
+        if !is_zero_inode(pfm) {
+            return VmFaultReason::VM_FAULT_SIGBUS;
+        }
+        PageFaultHandler::zero_map_pages(pfm, start_pgoff, end_pgoff)
+    }
 }
 
 impl DevFS {
@@ -109,6 +147,7 @@ impl DevFS {
     /// @brief 注册系统内部自带的设备
     fn register_bultinin_device(&self) {
         use null_dev::LockedNullInode;
+        use random_dev::LockedRandomInode;
         use zero_dev::LockedZeroInode;
         let dev_root: Arc<LockedDevFSInode> = self.root_inode.clone();
         dev_root
@@ -117,6 +156,9 @@ impl DevFS {
         dev_root
             .add_dev("zero", LockedZeroInode::new())
             .expect("DevFS: Failed to register /dev/zero");
+        dev_root
+            .add_dev("random", LockedRandomInode::new())
+            .expect("DevFS: Failed to register /dev/random");
     }
 
     /// @brief 在devfs内注册设备

kernel/src/filesystem/devfs/random_dev.rs

@@ -0,0 +1,161 @@
+use crate::driver::base::device::device_number::{DeviceNumber, Major};
+use crate::filesystem::devfs::LockedDevFSInode;
+use crate::filesystem::vfs::file::FileFlags;
+use crate::filesystem::vfs::{
+    vcore::generate_inode_id, FilePrivateData, FileSystem, FileType, IndexNode, InodeFlags,
+    InodeMode, Metadata,
+};
+use crate::libs::rand::rand_bytes;
+use crate::libs::spinlock::SpinLockGuard;
+use crate::{filesystem::devfs::DevFS, libs::spinlock::SpinLock, time::PosixTimeSpec};
+use alloc::{
+    string::String,
+    sync::{Arc, Weak},
+    vec::Vec,
+};
+use core::{cmp::min, mem::size_of};
+use system_error::SystemError;
+
+use super::DeviceINode;
+
+#[derive(Debug)]
+pub struct RandomInode {
+    self_ref: Weak<LockedRandomInode>,
+    fs: Weak<DevFS>,
+    parent: Weak<LockedDevFSInode>,
+    metadata: Metadata,
+}
+
+#[derive(Debug)]
+pub struct LockedRandomInode(SpinLock<RandomInode>);
+
+impl LockedRandomInode {
+    pub fn new() -> Arc<Self> {
+        let inode = RandomInode {
+            self_ref: Weak::default(),
+            fs: Weak::default(),
+            parent: Weak::default(),
+            metadata: Metadata {
+                dev_id: 1,
+                inode_id: generate_inode_id(),
+                size: 0,
+                blk_size: 0,
+                blocks: 0,
+                atime: PosixTimeSpec::default(),
+                mtime: PosixTimeSpec::default(),
+                ctime: PosixTimeSpec::default(),
+                btime: PosixTimeSpec::default(),
+                file_type: FileType::CharDevice,
+                mode: InodeMode::from_bits_truncate(0o666),
+                flags: InodeFlags::empty(),
+                nlinks: 1,
+                uid: 0,
+                gid: 0,
+                raw_dev: DeviceNumber::new(Major::new(1), 8),
+            },
+        };
+
+        let result = Arc::new(LockedRandomInode(SpinLock::new(inode)));
+        result.0.lock().self_ref = Arc::downgrade(&result);
+        result
+    }
+}
+
+impl DeviceINode for LockedRandomInode {
+    fn set_fs(&self, fs: Weak<DevFS>) {
+        self.0.lock().fs = fs;
+    }
+
+    fn set_parent(&self, parent: Weak<LockedDevFSInode>) {
+        self.0.lock().parent = parent;
+    }
+}
+
+impl IndexNode for LockedRandomInode {
+    fn as_any_ref(&self) -> &dyn core::any::Any {
+        self
+    }
+
+    fn open(
+        &self,
+        _data: SpinLockGuard<FilePrivateData>,
+        _flags: &FileFlags,
+    ) -> Result<(), SystemError> {
+        Ok(())
+    }
+
+    fn close(&self, _data: SpinLockGuard<FilePrivateData>) -> Result<(), SystemError> {
+        Ok(())
+    }
+
+    fn metadata(&self) -> Result<Metadata, SystemError> {
+        Ok(self.0.lock().metadata.clone())
+    }
+
+    fn fs(&self) -> Arc<dyn FileSystem> {
+        self.0.lock().fs.upgrade().unwrap()
+    }
+
+    fn list(&self) -> Result<Vec<String>, SystemError> {
+        Err(SystemError::ENOSYS)
+    }
+
+    fn set_metadata(&self, metadata: &Metadata) -> Result<(), SystemError> {
+        let mut inode = self.0.lock();
+        inode.metadata.atime = metadata.atime;
+        inode.metadata.mtime = metadata.mtime;
+        inode.metadata.ctime = metadata.ctime;
+        inode.metadata.btime = metadata.btime;
+        inode.metadata.mode = metadata.mode;
+        inode.metadata.uid = metadata.uid;
+        inode.metadata.gid = metadata.gid;
+        Ok(())
+    }
+
+    fn mmap(&self, _start: usize, _len: usize, _offset: usize) -> Result<(), SystemError> {
+        Err(SystemError::ENODEV)
+    }
+
+    fn read_at(
+        &self,
+        _offset: usize,
+        len: usize,
+        buf: &mut [u8],
+        _data: SpinLockGuard<FilePrivateData>,
+    ) -> Result<usize, SystemError> {
+        if buf.len() < len {
+            return Err(SystemError::EINVAL);
+        }
+
+        let mut copied = 0;
+        while copied < len {
+            let chunk = rand_bytes::<{ size_of::<usize>() }>();
+            let copy_len = min(len - copied, chunk.len());
+            buf[copied..copied + copy_len].copy_from_slice(&chunk[..copy_len]);
+            copied += copy_len;
+        }
+
+        Ok(len)
+    }
+
+    fn write_at(
+        &self,
+        _offset: usize,
+        len: usize,
+        buf: &[u8],
+        _data: SpinLockGuard<FilePrivateData>,
+    ) -> Result<usize, SystemError> {
+        if buf.len() < len {
+            return Err(SystemError::EINVAL);
+        }
+        Ok(len)
+    }
+
+    fn parent(&self) -> Result<Arc<dyn IndexNode>, SystemError> {
+        let parent = self.0.lock().parent.upgrade();
+        if let Some(parent) = parent {
+            return Ok(parent);
+        }
+        Err(SystemError::ENOENT)
+    }
+}

kernel/src/filesystem/devfs/zero_dev.rs

@@ -153,6 +153,11 @@ impl IndexNode for LockedZeroInode {
         Ok(len)
     }
 
+    fn mmap(&self, _start: usize, _len: usize, _offset: usize) -> Result<(), SystemError> {
+        // /dev/zero 支持 mmap，语义等同匿名零页映射
+        Ok(())
+    }
+
     fn parent(&self) -> Result<Arc<dyn IndexNode>, SystemError> {
         let parent = self.0.lock().parent.upgrade();
         if let Some(parent) = parent {

kernel/src/filesystem/ext4/inode.rs

@@ -43,6 +43,10 @@ pub struct Ext4Inode {
 pub struct LockedExt4Inode(pub(super) SpinLock<Ext4Inode>);
 
 impl IndexNode for LockedExt4Inode {
+    fn mmap(&self, _start: usize, _len: usize, _offset: usize) -> Result<(), SystemError> {
+        Ok(())
+    }
+
     fn open(
         &self,
         _data: crate::libs::spinlock::SpinLockGuard<vfs::FilePrivateData>,
@@ -117,7 +121,7 @@ impl IndexNode for LockedExt4Inode {
                 None,
             )
             .map_err(SystemError::from)?;
-            page_cache.lock_irqsave().read(offset, buf)
+            page_cache.read(offset, buf)
         } else {
             self.read_direct(offset, len, buf, data)
         }
@@ -158,7 +162,7 @@ impl IndexNode for LockedExt4Inode {
         let len = core::cmp::min(len, buf.len());
         let buf = &buf[0..len];
         if let Some(page_cache) = &guard.page_cache {
-            let write_len = page_cache.lock_irqsave().write(offset, buf)?;
+            let write_len = PageCache::write(page_cache, offset, buf)?;
             let old_file_size = ext4.getattr(guard.inner_inode_num)?.size;
             let current_file_size = core::cmp::max(old_file_size, (offset + write_len) as u64);
             let time = PosixTimeSpec::now().tv_sec.to_u32().unwrap_or_else(|| {