Commit Graph

242584 Commits

Author SHA1 Message Date
christos 06c5bf7f1c PIE in the face! 2016-05-21 16:23:10 +00:00
riastradh b93e5db80e Use rnd_getmore as intended. No more essay needed here.
Workaround for buffering got pushed into rnd_getmore, closer to the
actual cause of the problem.
2016-05-21 15:33:40 +00:00
riastradh 77ebf39786 Ask on-demand entropy sources to produce enough data to fill buffer.
Remainder of fix for PR kern/51135: if there is an entropy source
that can produce arbitrarily much data, as in rump, then nothing
should ever block indefinitely waiting for data.
2016-05-21 15:27:15 +00:00
riastradh 2b38f13330 Actually get as many bytes as requested from rumpuser_random.
rumpuser_random is limited to 32 bytes at a time -- which would be
reasonable, except that there are too many buffers in the way between
entropy sources and users of the entropy pool.

Partial fix for PR kern/51135.
2016-05-21 14:59:45 +00:00
salazar 7093afb253 fix double require bug 2016-05-21 12:39:32 +00:00
pgoyette b823c93930 Add entry for recent merge of nick-nhusb branch. Basically just a copy
of the commit log message, but this is easier for releng to find when
they start collecting info for 8.0

If anyone else wants to edit this entry, please feel free.
2016-05-21 07:22:28 +00:00
maxv c4cd7f0720 There is an issue in the way the direct map is set up on amd64.
When allocating memory, the kernel allocates physical pages and virtual
addresses for these pages. In order to optimize allocations smaller
than PAGE_SIZE, uvm_km_kmem_alloc can allocate a single physical page
and take its virtual address in the direct map in high virtual memory.
This direct map is set up at boot time, its PTEs do not change, and
therefore they don't need to be kentered. These high virtual PTEs being
constant, the permissions of the areas they point to are fixed at boot
time and cannot change.

The problem is that at boot time, they are created with RWX permissions.
Therefore, allocations smaller than PAGE_SIZE in the kernel heap are all
executable: mbufs, pnbufs, small kmem allocations, etc.

Fix this by setting the NOX bit in the direct map pages at boot time. We
also set the NOX bit in the temporary tmpva, since it does not need to
be executable either.

This also makes the U-area non executable on amd64.
2016-05-21 07:15:56 +00:00
maxv d1afa69a65 Explain where this value comes from. 2016-05-21 07:00:18 +00:00
maxv 54d6f71a61 USPACE and USPACE_ALIGN are constants. Use a #if instead. Probably saves
some instructions.
2016-05-21 06:37:28 +00:00
christos 9930e8e348 gcc can't compute the large initializer in rpi_release_mem,
so disable stack protector.
2016-05-20 16:40:40 +00:00
chs be6c83e099 simplify and fix futex requeuing:
don't wake up all the threads being requeued to have them move themselves
from one list to another (thus defeating the purpose), just change the lists
directly in futex_wake().
2016-05-20 13:54:34 +00:00
knakahara c41c6671b1 Update TODO
- "TX Multiqueue" -> "TX Multiqueue improvement"
    - add "Advanced Recieve Descriptor" (RX NEWQUEUE)
2016-05-20 08:17:14 +00:00
ozaki-r 7fa1e6be86 Adjust the tests for temp option that works now
See PR kern/50127
2016-05-20 06:48:52 +00:00
jnemeth 605ea3fe8e make CPU microcode loading dependent on both DOM0OPS AND CPU_UCODE 2016-05-20 03:41:20 +00:00
christos 5fbd96fa60 Turn on PaX ASLR/MPROTECT 2016-05-20 01:37:47 +00:00
christos 4f7caacd6a i386 is PIE now since I am turning PaX ASLR/MPROTECT on. 2016-05-20 01:36:16 +00:00
christos 142afa09a8 fix for ILP32. 2016-05-19 21:39:15 +00:00
christos da360e79eb Fix infinite recursion when building i386 -fPIE in
src/external/mit/xorg/lib/libxcb/xkb.

https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=231599

PR debug/67355
* var-tracking.c (reverse_op): Don't add dummy zero to reverse
  ops that simplify back to the original value.
* alias.c (refs_newer_value_p): Cut off recursion for
  expressions containing the original value.
2016-05-19 20:27:36 +00:00
riastradh 950b6c0b3d Replace deprecated disabled code by comment
describing what it intends to do, and why it won't work yet

From coypu.
2016-05-19 18:32:29 +00:00
riastradh b1d9699e40 While here, replace GCC __FUNCTION__ by C99 __func__
From coypu.
2016-05-19 18:32:20 +00:00
riastradh 2545e2bee1 Simplify ufs_wapbl_begin2/end2, drop 2 suffix
We are no longer calling UFS_WAPBL_BEGIN/END with vnodes (we are giving
NULL as a parameter in all cases), so we can get rid of this input
parameter and the relevant check.

From coypu.
2016-05-19 18:32:11 +00:00
riastradh d7214352ea Get rid of UFS_WAPBL_BEGIN1/END1
ufs makeinode no longer releases dvp, so incrementing the
usecount for wapbl is unnecessary.

From coypu.
2016-05-19 18:32:03 +00:00
christos 7b6e3dab7a We don't want PIE! 2016-05-19 15:41:18 +00:00
christos c06cfbd050 Turn on PIE for sparc64 so we can use ASLR effectively. 2016-05-19 15:38:13 +00:00
christos 48f9de0fc1 Turn on ASLR for sparc64 2016-05-19 15:37:06 +00:00
christos 9b7590baea lose one more bit of ALSR to account for rounding in the VA hole. 2016-05-19 15:36:35 +00:00
hannken a68d62d64c Keep the old vcache node on rekey. Change its key and remove the
new vcache node now used as placeholder only.
2016-05-19 14:50:18 +00:00
hannken ed5aa2cef9 Change "ISSET(vp->v_iflag, VI_XLOCK)" to "vdead_check(vp, VDEAD_NOWAIT)". 2016-05-19 14:48:28 +00:00
hannken 4222e592dd Add VFS_VNODE_PRIVATE protected operations vnalloc_marker() to create,
vnfree_marker() to destroy and vnis_marker() to test for marker vnodes.

Make operations vnalloc() and vnfree() local to vfs_vnode.c.
2016-05-19 14:47:33 +00:00
ozaki-r 9f10dc7910 Get rcvif once and reuse it
No functional change.
2016-05-19 08:53:25 +00:00
knakahara f058ef8fee fix build failure by gcc 4.8.5 2016-05-19 08:35:03 +00:00
knakahara 85eba4eab2 unify TX and RX interrupt handler to use MSI-X vector efficiently 2016-05-19 08:27:57 +00:00
knakahara f792094258 user-friendly interrupt affinity offset 2016-05-19 08:22:37 +00:00
knakahara 290ee03aea initial TX multiqueue support 2016-05-19 08:20:06 +00:00
ryo 5ca0adf8c7 delete unused variables 2016-05-19 05:15:51 +00:00
ozaki-r 348f728f8e Replace DIAGNOSTIC & panic with KASSERT 2016-05-19 03:11:42 +00:00
abhinav 078f21f351 Add myself. 2016-05-18 16:36:53 +00:00
christos 58a6a6ea92 Add my list of things to do for 8. To be expanded. 2016-05-18 15:27:17 +00:00
nakayama 10bacc40a1 Decrement %tl in trap handler not to make it zero unconditionally
for the nested trap, and remove useless mov.
2016-05-18 15:14:08 +00:00
ozaki-r 894d037bc1 Get rid of unnecessary assignment 2016-05-18 11:28:44 +00:00
ozaki-r 9f595a90fa Get rid of unnecessary NULL check
It's already checked just some lines above.
2016-05-18 09:32:05 +00:00
ozaki-r c82107a100 Split "MP network stack" into two and make our targets clear 2016-05-18 09:12:04 +00:00
knakahara b3e5b68219 Whether Tx interrupt handler kicks if_start() should not depend on wm_txeof()
return value.
2016-05-18 08:59:56 +00:00
knakahara 09094fcaba rename WM_TXQ_WORKING to WM_TXQ_NO_SPACE 2016-05-18 08:41:42 +00:00
ozaki-r 27df9b11fc Don't try to get outif unnecessarily from in6_selectsrc
The got outif is unused.
2016-05-18 08:40:51 +00:00
nakayama da6c94469a Fix (unused) pstate mask bits in tstate and comment. 2016-05-18 07:59:30 +00:00
knakahara 27d6758ddb device drivers should not divert ifp->if_flags to manage H/W satatus. 2016-05-18 07:49:34 +00:00
knakahara 7041241bc0 refactor: eliminate "txq->txq_descs_size", use WM_TXDESCS_SIZE instead. 2016-05-18 06:59:59 +00:00
knakahara 2195dace3a fix unmatched dma sync size for NEWQUEUE. This bug would have caused
wm_nq_tx_offload() not to work.
2016-05-18 06:55:51 +00:00
spz 54b54045cc Fixes for CVE-2016-0718 from upstream. 2016-05-17 23:53:02 +00:00