| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
Approved by: re (implicit)
This commit was manufactured to restore the state of the 7.2-RELEASE image.
|
| |
|
|
|
|
|
|
|
|
|
| |
superpage reservation system to the machine-independent VM system as well as
changes to the pmap code for amd64 and i386 to support superpages.
Reviewed by: alc
Tested by: ps
Notes:
svn path=/stable/7/; revision=189075
|
| |
|
|
|
|
|
|
|
|
| |
Add DTrace probes for process execution. This covers cases tested
by the DTrace test suite.
Approved by: jb
Notes:
svn path=/stable/7/; revision=186840
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
- Reduce the scope of the vnode lock such that it does not
cover the various copyouts associated with initializing
the process's argv/env data in userspace. It is possible
that these copyout operations can fault under memory
pressure, possibly resulting in dead locks.
Approved by: re@ (kib)
Notes:
svn path=/stable/7/; revision=184417
|
| |
|
|
|
|
|
|
|
|
| |
DTrace support.
Note that this defaults the 'make buildkernel' to build with CTF data so
that the release kernel and modules are DTrace-able.
Notes:
svn path=/stable/7/; revision=182231
|
| |
|
|
|
|
|
|
|
| |
Call pargs_drop() unconditionally in do_execve(), the function correctly
handles the NULL argument.
Make pargs_free() static.
Notes:
svn path=/stable/7/; revision=181120
|
| |
|
|
|
|
|
|
|
|
| |
Pair the VOP_OPEN call from do_execve() with the reciprocal VOP_CLOSE.
Note: the change needed small adaptation to RELENG_7 because fexecve(2)
is not merged into the branch.
Notes:
svn path=/stable/7/; revision=181055
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
silent NULL pointer dereference in the i386 and sparc64 pmap_pinit()
when the kmem_alloc_nofault() failed to allocate address space. Both
functions now return error instead of panicing or dereferencing NULL.
The reason for MFCing this so late in release cycle is, according to
marius@, because
> it fixes the crashing (though no panic) of the test suite
> of the graphic/OpenEXR port on sparc64. This test suite is run
> (and required to succeed) during the package build and that's
> why portmgr@ bitch about at it as OpenEXR is a dependency of KDE
> which in turn is supposed to end up on the release CD images.
Revisions MFCed:
1.677 of src/sys/amd64/amd64/machdep.c
1.592 of src/sys/amd64/amd64/pmap.c
1.88 of src/sys/arm/arm/pmap.c
1.27 of src/sys/arm/at91/kb920x_machdep.c
1.22 of src/sys/arm/sa11x0/assabet_machdep.c
1.8 of src/sys/arm/xscale/i80321/ep80219_machdep.c
1.29 of src/sys/arm/xscale/i80321/iq31244_machdep.c
1.3 of src/sys/arm/xscale/i8134x/crb_machdep.c
1.6 of src/sys/arm/xscale/ixp425/avila_machdep.c
1.41 of src/sys/compat/pecoff/imgact_pecoff.c
1.26 of src/sys/compat/svr4/imgact_svr4.c
1.660 of src/sys/i386/i386/machdep.c
1.596 of src/sys/i386/i386/pmap.c
1.68 of src/sys/i386/ibcs2/imgact_coff.c
1.56 of src/sys/i386/linux/imgact_linux.c
1.226 of src/sys/ia64/ia64/machdep.c
1.192 of src/sys/ia64/ia64/pmap.c
1.102 of src/sys/kern/imgact_aout.c
1.179 of src/sys/kern/imgact_elf.c
1.56 of src/sys/kern/imgact_gzip.c
1.310 of src/sys/kern/kern_exec.c
1.287 of src/sys/kern/kern_fork.c
1.236 of src/sys/kern/kern_kse.c
1.253 of src/sys/kern/kern_proc.c
1.352 of src/sys/kern/kern_sig.c
1.63 of src/sys/kern/kern_thr.c
1.257 of src/sys/kern/kern_thread.c
1.397 of src/sys/pc98/pc98/machdep.c
1.104 of src/sys/powerpc/powerpc/machdep.c
1.10 of src/sys/powerpc/powerpc/pmap_dispatch.c
1.139 of src/sys/sparc64/sparc64/machdep.c
1.167 of src/sys/sparc64/sparc64/pmap.c
1.16 of src/sys/sun4v/sun4v/machdep.c
1.40 of src/sys/sun4v/sun4v/pmap.c
1.493 of src/sys/sys/proc.h
1.78 of src/sys/sys/signalvar.h
1.80 of src/sys/vm/pmap.h
1.79 of src/sys/vm/vm_extern.h
1.226 of src/sys/vm/vm_glue.c
1.390 of src/sys/vm/vm_map.c
Requested by: marius
Tested by: Peter Holm, marius (make universe and sparc64 runs)
Approved by: re (kensmith)
Notes:
svn path=/stable/7/; revision=175435
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
rev 1.182 of src/sys/kern/imgact_elf.c
rev 1.288 of src/sys/kern/init_main.c
rev 1.312 of src/sys/kern/kern_exec.c
rev 1.85 of src/sys/kern/kern_mib.c
rev 1.496 of src/sys/sys/proc.h
rev 1.262 of src/sys/sys/systm.h
Implement fetching of the __FreeBSD_version from the ELF ABI-tag note.
The value is read into the p_osrel member of the struct proc. p_osrel
is set to 0 for the binaries without the note.
Approved by: re (kensmith)
Notes:
svn path=/stable/7/; revision=174363
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ways:
(1) Cached pages are no longer kept in the object's resident page
splay tree and memq. Instead, they are kept in a separate per-object
splay tree of cached pages. However, access to this new per-object
splay tree is synchronized by the _free_ page queues lock, not to be
confused with the heavily contended page queues lock. Consequently, a
cached page can be reclaimed by vm_page_alloc(9) without acquiring the
object's lock or the page queues lock.
This solves a problem independently reported by tegge@ and Isilon.
Specifically, they observed the page daemon consuming a great deal of
CPU time because of pages bouncing back and forth between the cache
queue (PQ_CACHE) and the inactive queue (PQ_INACTIVE). The source of
this problem turned out to be a deadlock avoidance strategy employed
when selecting a cached page to reclaim in vm_page_select_cache().
However, the root cause was really that reclaiming a cached page
required the acquisition of an object lock while the page queues lock
was already held. Thus, this change addresses the problem at its
root, by eliminating the need to acquire the object's lock.
Moreover, keeping cached pages in the object's primary splay tree and
memq was, in effect, optimizing for the uncommon case. Cached pages
are reclaimed far, far more often than they are reactivated. Instead,
this change makes reclamation cheaper, especially in terms of
synchronization overhead, and reactivation more expensive, because
reactivated pages will have to be reentered into the object's primary
splay tree and memq.
(2) Cached pages are now stored alongside free pages in the physical
memory allocator's buddy queues, increasing the likelihood that large
allocations of contiguous physical memory (i.e., superpages) will
succeed.
Finally, as a result of this change long-standing restrictions on when
and where a cached page can be reclaimed and returned by
vm_page_alloc(9) are eliminated. Specifically, calls to
vm_page_alloc(9) specifying VM_ALLOC_INTERRUPT can now reclaim and
return a formerly cached page. Consequently, a call to malloc(9)
specifying M_NOWAIT is less likely to fail.
Discussed with: many over the course of the summer, including jeff@,
Justin Husted @ Isilon, peter@, tegge@
Tested by: an earlier version by kris@
Approved by: re (kensmith)
Notes:
svn path=/head/; revision=172317
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
kernels exposed by the recent fixes to resource limits for 32-bit processes
on 64-bit kernels:
- Let ABIs expose their maximum stack size via a new pointer in sysentvec
and use that in preference to maxssiz during exec() rather than always
using maxssiz for all processses.
- Apply the ABI's limit fixup to the previous stack size when adjusting
RLIMIT_STACK to determine if the existing mapping for the stack needs to
be grown or shrunk (as well as how much it should be grown or shrunk).
Approved by: re (kensmith)
Notes:
svn path=/head/; revision=171410
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
during execve() when turning off tracing due to executing a setuid binary
as non-root. Previously this could fail to acquire Giant and fail an
assertion if the ktrace file was on a non-MPSAFE filesystem and the
executable was on an MPSAFE filesystem.
MFC after: 3 days
Reported by: kris
Notes:
svn path=/head/; revision=170684
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
some cases, move to priv_check() if it was an operation on a thread and
no other flags were present.
Eliminate caller-side jail exception checking (also now-unused); jail
privilege exception code now goes solely in kern_jail.c.
We can't yet eliminate suser() due to some cases in the KAME code where
a privilege check is performed and then used in many different deferred
paths. Do, however, move those prototypes to priv.h.
Reviewed by: csjp
Obtained from: TrustedBSD Project
Notes:
svn path=/head/; revision=170587
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Change the VOP_OPEN(), vn_open() vnode operation and d_fdopen() cdev operation
argument from being file descriptor index into the pointer to struct file.
Proposed and reviewed by: jhb
Reviewed by: daichi (unionfs)
Approved by: re (kensmith)
Notes:
svn path=/head/; revision=170152
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
processes under 64-bit kernels). Previously, each 32-bit process overwrote
its resource limits at exec() time. The problem with this approach is that
the new limits affect all child processes of the 32-bit process, including
if the child process forks and execs a 64-bit process. To fix this, don't
ovewrite the resource limits during exec(). Instead, sv_fixlimits() is
now replaced with a different function sv_fixlimit() which asks the ABI to
sanitize a single resource limit. We then use this when querying and
setting resource limits. Thus, if a 32-bit process sets a limit, then
that new limit will be inherited by future children. However, if the
32-bit process doesn't change a limit, then a future 64-bit child will
see the "full" 64-bit limit rather than the 32-bit limit.
MFC is tentative since it will break the ABI of old linux.ko modules (no
other modules are affected).
MFC after: 1 week
Notes:
svn path=/head/; revision=169565
|
| |
|
|
|
|
|
| |
but sometimes it is.
Notes:
svn path=/head/; revision=167876
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
- Remove also "MP SAFE" after prior "MPSAFE" pass. (suggested by bde)
- Remove extra blank lines in some cases.
- Add extra blank lines in some cases.
- Remove no-op comments consisting solely of the function name, the word
"syscall", or the system call name.
- Add punctuation.
- Re-wrap some comments.
Notes:
svn path=/head/; revision=167232
|
| |
|
|
|
|
|
|
|
|
|
| |
system calls now enter without Giant held, and then in some cases, acquire
Giant explicitly.
Remove a number of other MPSAFE annotations in the credential code and
tweak one or two other adjacent comments.
Notes:
svn path=/head/; revision=167211
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
specific privilege names to a broad range of privileges. These may
require some future tweaking.
Sponsored by: nCircle Network Security, Inc.
Obtained from: TrustedBSD Project
Discussed on: arch@
Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri,
Alex Lyashkov <umka at sevcity dot net>,
Skip Ford <skip dot ford at verizon dot net>,
Antoine Brodin <antoine dot brodin at laposte dot net>
Notes:
svn path=/head/; revision=164033
|
| |
|
|
|
|
|
| |
vm_page_wakeup(). Reduce or eliminate its use accordingly.
Notes:
svn path=/head/; revision=163614
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
begun with a repo-copy of mac.h to mac_framework.h. sys/mac.h now
contains the userspace and user<->kernel API and definitions, with all
in-kernel interfaces moved to mac_framework.h, which is now included
across most of the kernel instead.
This change is the first step in a larger cleanup and sweep of MAC
Framework interfaces in the kernel, and will not be MFC'd.
Obtained from: TrustedBSD Project
Sponsored by: SPARTA
Notes:
svn path=/head/; revision=163606
|
| |
|
|
|
|
|
|
| |
busy flag, i.e., VPO_BUSY, are now synchronized by the per-vm object
lock instead of the global page queues lock.
Notes:
svn path=/head/; revision=163604
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add the argument auditing functions for argv and env.
Add kernel-specific versions of the tokenizer functions for the
arg and env represented as a char array.
Implement the AUDIT_ARGV and AUDIT_ARGE audit policy commands to
enable/disable argv/env auditing.
Call the argument auditing from the exec system calls.
Obtained from: TrustedBSD Project
Approved by: rwatson (mentor)
Notes:
svn path=/head/; revision=161813
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
image_params arg.
- Change struct image_params to include struct sysentvec pointer and
initialize it.
- Change all consumers of process_exit/process_exec eventhandlers to
new prototypes (includes splitting up into distinct exec/exit functions).
- Add eventhandler to userret.
Sponsored by: Google SoC 2006
Submitted by: rdivacky
Parts suggested by: jhb (on hackers@)
Notes:
svn path=/head/; revision=161302
|
| |
|
|
|
|
|
|
|
| |
would also be good to audit the interpreter pathname, if any.
Obtained from: TrustedBSD Project
Notes:
svn path=/head/; revision=159003
|
| |
|
|
|
|
|
|
| |
reversals that can lead to deadlocks. Normally vn_close(), namei() or vrele()
should not be called while holding vnode locks.
Notes:
svn path=/head/; revision=158324
|
| |
|
|
| |
Notes:
svn path=/head/; revision=157443
|
| |
|
|
|
|
|
| |
Tested by: kris@
Notes:
svn path=/head/; revision=156440
|
| |
|
|
|
|
|
|
|
| |
the callers if the exec either succeeds or fails early.
- Move the code to call exit1() if the exec fails after the vmspace is
gone to the bottom of kern_execve() to cut down on some code duplication.
Notes:
svn path=/head/; revision=155402
|
| |
|
|
|
|
|
|
|
|
| |
we may need to acquire giant to vrele it.
Found by: mjacob
MFC After: 3 days
Notes:
svn path=/head/; revision=155205
|
| |
|
|
|
|
|
| |
Reviewed by: tegge
Notes:
svn path=/head/; revision=153311
|
| |
|
|
|
|
|
| |
have to duplicate code to call it in exec() and exit1().
Notes:
svn path=/head/; revision=153259
|
| |
|
|
|
|
|
|
|
| |
object lock is sufficient for reading a page's PG_BUSY and busy flags.
MFC after: 1 week
Notes:
svn path=/head/; revision=153158
|
| |
|
|
|
|
|
|
|
|
|
|
| |
both proc pointer and thread pointer, if thread pointer is NULL,
tdsignal automatically finds a thread, otherwise it sends signal
to given thread.
Add utility function psignal_event to send a realtime sigevent
to a process according to the delivery requirement specified in
struct sigevent.
Notes:
svn path=/head/; revision=151993
|
| |
|
|
|
|
|
|
|
|
| |
limits beyond what should be capiable in a 32bit process, so we
must fixup the limits.
Reviewed by: jhb
Notes:
svn path=/head/; revision=151980
|
| |
|
|
|
|
|
| |
sys/timers.h.
Notes:
svn path=/head/; revision=151585
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
clock are supported. I have plan to merge XSI timer ITIMER_REAL and other
two CPU timers into the new code, current three slots are available for
the XSI timers.
The SIGEV_THREAD notification type is not supported yet because our
sigevent struct lacks of two member fields:
sigev_notify_function
sigev_notify_attributes
I have found the sigevent is used in AIO, so I won't add the two members
unless the AIO code is adjusted.
Notes:
svn path=/head/; revision=151576
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
changes in MD code are trivial, before this change, trapsignal and
sendsig use discrete parameters, now they uses member fields of
ksiginfo_t structure. For sendsig, this change allows us to pass
POSIX realtime signal value to user code.
2. Remove cpu_thread_siginfo, it is no longer needed because we now always
generate ksiginfo_t data and feed it to libpthread.
3. Add p_sigqueue to proc structure to hold shared signals which were
blocked by all threads in the proc.
4. Add td_sigqueue to thread structure to hold all signals delivered to
thread.
5. i386 and amd64 now return POSIX standard si_code, other arches will
be fixed.
6. In this sigqueue implementation, pending signal set is kept as before,
an extra siginfo list holds additional siginfo_t data for signals.
kernel code uses psignal() still behavior as before, it won't be failed
even under memory pressure, only exception is when deleting a signal,
we should call sigqueue_delete to remove signal from sigqueue but
not SIGDELSET. Current there is no kernel code will deliver a signal
with additional data, so kernel should be as stable as before,
a ksiginfo can carry more information, for example, allow signal to
be delivered but throw away siginfo data if memory is not enough.
SIGKILL and SIGSTOP have fast path in sigqueue_add, because they can
not be caught or masked.
The sigqueue() syscall allows user code to queue a signal to target
process, if resource is unavailable, EAGAIN will be returned as
specification said.
Just before thread exits, signal queue memory will be freed by
sigqueue_flush.
Current, all signals are allowed to be queued, not only realtime signals.
Earlier patch reviewed by: jhb, deischen
Tested on: i386, amd64
Notes:
svn path=/head/; revision=151316
|
| |
|
|
|
|
|
|
|
|
|
| |
vfs_mark_atime() function, and use the new function for
performing efficient atime updates in mmap().
Reviewed by: bde
MFC after: 2 weeks
Notes:
svn path=/head/; revision=151252
|
| |
|
|
| |
Notes:
svn path=/head/; revision=150895
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
possible for do_execve() to call exit1() rather than returning. As a
result, the sequence "allocate memory; call kern_execve; free memory"
can end up leaking memory.
This commit documents this astonishing behaviour and adds a call to
exec_free_args() before the exit1() call in do_execve(). Since all
the users of kern_execve() in the tree use exec_free_args() to free
the command-line arguments after kern_execve() returns, this should
be safe, and it fixes the memory leak which can otherwise occur.
Submitted by: Peter Holm
MFC after: 3 days
Security: Local denial of service
Notes:
svn path=/head/; revision=150854
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
to avoid touching pageable memory while holding a mutex.
Simplify argument list replacement logic.
PR: kern/84935
Submitted by: "Antoine Pelisse" apelisse AT gmail.com (in a different form)
MFC after: 3 days
Notes:
svn path=/head/; revision=150780
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- pmcstat(8) gprof output mode fixes:
lib/libpmc/pmclog.{c,h}, sys/sys/pmclog.h:
+ Add a 'is_usermode' field to the PMCLOG_PCSAMPLE event
+ Add an 'entryaddr' field to the PMCLOG_PROCEXEC event,
so that pmcstat(8) can determine where the runtime loader
/libexec/ld-elf.so.1 is getting loaded.
sys/kern/kern_exec.c:
+ Use a local struct to group the entry address of the image being
exec()'ed and the process credential changed flag to the exec
handling hook inside hwpmc(4).
usr.sbin/pmcstat/*:
+ Support "-k kernelpath", "-D sampledir".
+ Implement the ELF bits of 'gmon.out' profile generation in a new
file "pmcstat_log.c". Move all log related functions to this
file.
+ Move local definitions and prototypes to "pmcstat.h"
- Other bug fixes:
+ lib/libpmc/pmclog.c: correctly handle EOF in pmclog_read().
+ sys/dev/hwpmc_mod.c: unconditionally log a PROCEXIT event to all
attached PMCs when a process exits.
+ sys/sys/pmc.h: correct a function prototype.
+ Improve usage checks in pmcstat(8).
Approved by: re (blanket hwpmc)
Notes:
svn path=/head/; revision=147708
|
| |
|
|
|
|
|
|
|
|
| |
being in opt_global.h and forcing a global recompile when only a few files
reference it.
Approved by: re
Notes:
svn path=/head/; revision=147565
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Implement sampling modes and logging support in hwpmc(4).
- Separate MI and MD parts of hwpmc(4) and allow sharing of
PMC implementations across different architectures.
Add support for P4 (EMT64) style PMCs to the amd64 code.
- New pmcstat(8) options: -E (exit time counts) -W (counts
every context switch), -R (print log file).
- pmc(3) API changes, improve our ability to keep ABI compatibility
in the future. Add more 'alias' names for commonly used events.
- bug fixes & documentation.
Notes:
svn path=/head/; revision=147191
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
file's access time should be updated when it gets executed. A while
ago the mechanism used to exec was changed to use a more mmap based
mechanism and this behavior was broken as a side-effect of that.
A new vnode flag is added that gets set when the file gets executed,
and the VOP_SETATTR() vnode operation gets called. The underlying
filesystem is expected to handle it based on its own semantics, some
filesystems don't support access time at all. Those that do should
handle it in a way that does not block, does not generate I/O if possible,
etc. In particular vn_start_write() has not been called. The UFS code
handles it the same way as it would normally handle the access time if
a file was read - the IN_ACCESS flag gets set in the inode but no other
action happens at this point. The actual time update will happen later
during a sync (which handles all the necessary locking).
Got me into this: cperciva
Discussed with: a lot with bde, a little with kan
Showed patches to: phk, jeffr, standards@, arch@
Minor discussion on: arch@
Notes:
svn path=/head/; revision=146829
|
| |
|
|
|
|
|
|
|
|
|
| |
- Fix one place where we explicitly drop Giant!
Pointy hat to: me
Submitted by: Max Laier
Warned by: Tinderbox
Notes:
svn path=/head/; revision=145833
|
| |
|
|
|
|
|
|
|
| |
Giant acquisition.
- Remove GIANT_REQUIRED in the few remaining cases; the vm and vfs have
both been locked.
Notes:
svn path=/head/; revision=145821
|
| |
|
|
|
|
|
| |
Errno supplied by: cperciva
Notes:
svn path=/head/; revision=145731
|
| |
|
|
|
|
|
| |
open them or otherwise access the data.
Notes:
svn path=/head/; revision=145584
|
