Commit Graph

1002 Commits

Author SHA1 Message Date
yamt
0b30e1501c uobj_wirepages and uobj_unwirepages from Mindaugas. PR/34771.
(commented out in files.uvm for now because there is no user in tree.)

http://mail-index.netbsd.org/tech-kern/2006/09/24/0000.html
http://mail-index.netbsd.org/tech-kern/2006/10/10/0000.html
2006-10-12 10:11:57 +00:00
thorpej
401a3924d5 uvm_swap_stats_locked(): Consume the cmd argument even if COMPAT_13 is
not defined.
2006-10-12 04:35:40 +00:00
christos
4d595fd7b1 - sprinkle __unused on function decls.
- fix a couple of unused bugs
- no more -Wno-unused for i386
2006-10-12 01:30:41 +00:00
yamt
86004aaed3 fix some warnings in the case of PDSIM. 2006-10-09 12:50:39 +00:00
yamt
dbdfc1f677 move src/sys/uvm/pdsim to src/regress/sys/uvm/pdsim.
no objection on tech-kern@.
2006-10-09 12:32:21 +00:00
chs
33c1fd1917 add support for O_DIRECT (I/O directly to application memory,
bypassing any kernel caching for file data).
2006-10-05 14:48:32 +00:00
christos
b01cc3ff0a Coverity CID 3170,3171: Add KASSERT. 2006-10-03 18:26:03 +00:00
yamt
7e4975c5e3 don't use japanese for an identifier. 2006-09-30 16:14:00 +00:00
yamt
606f2d8add wrap a long line. 2006-09-30 16:01:19 +00:00
yamt
883278d33e whitespace. 2006-09-30 15:52:39 +00:00
yamt
04a8266e88 add ubc window hit/miss evcnts. 2006-09-30 15:38:06 +00:00
yamt
7e1b20a4cf ubc_fault: check UVM_OBJ_NEEDS_WRITEFAULT.
fix an assertion failure in genfs_putpages when using msdosfs.
(http://mail-index.NetBSD.org/tech-kern/2006/09/27/0002.html)
reported and tested by Darrin B.Jewell.
2006-09-30 15:37:22 +00:00
elad
53ca07b4d7 If Veriexec enforces access type, don't allow mmap() to use PROT_EXEC on
files that don't have the "indirect" flag. Also change the "library" alias
in veriexecctl(8) to mean "file, indirect".

okay blymn@
2006-09-30 10:56:31 +00:00
yamt
3545644943 more todo. 2006-09-30 09:07:45 +00:00
yamt
1da8d3a36e note what's this. 2006-09-30 09:03:19 +00:00
yamt
a5c3459e65 implementations of some replacement algorithms for comparison. 2006-09-30 09:00:00 +00:00
yamt
2ebf73755e a script to modify a list so that it uses small numbers as far as possible.
useful when feeding real world examples into a hackish code like lirs.c
which can't handle large numbers.
2006-09-30 08:57:17 +00:00
yamt
adf92c530f implementations of some replacement algorithms for comparison. 2006-09-30 08:50:32 +00:00
yamt
538ff1a080 an artificial access pattern generator. 2006-09-30 08:48:17 +00:00
yamt
94330f3fe8 a simple program to test uvm_pdpolicy_*.c in userland. 2006-09-30 08:47:39 +00:00
thorpej
ec1894a78a Don't inline uvm_pagealloc_pgfl(). 2006-09-27 17:18:50 +00:00
yamt
8e991698b9 revert a change which was unintentionally slipped in via yamt-pdpolicy branch. 2006-09-16 07:14:38 +00:00
yamt
9d3e3eab23 merge yamt-pdpolicy branch.
- separate page replacement policy from the rest of kernel
	- implement an alternative replacement policy
2006-09-15 15:51:12 +00:00
elad
5f7169ccb1 First take at security model abstraction.
- Add a few scopes to the kernel: system, network, and machdep.

- Add a few more actions/sub-actions (requests), and start using them as
  opposed to the KAUTH_GENERIC_ISSUSER place-holders.

- Introduce a basic set of listeners that implement our "traditional"
  security model, called "bsd44". This is the default (and only) model we
  have at the moment.

- Update all relevant documentation.

- Add some code and docs to help folks who want to actually use this stuff:

  * There's a sample overlay model, sitting on-top of "bsd44", for
    fast experimenting with tweaking just a subset of an existing model.

    This is pretty cool because it's *really* straightforward to do stuff
    you had to use ugly hacks for until now...

  * And of course, documentation describing how to do the above for quick
    reference, including code samples.

All of these changes were tested for regressions using a Python-based
testsuite that will be (I hope) available soon via pkgsrc. Information
about the tests, and how to write new ones, can be found on:

	http://kauth.linbsd.org/kauthwiki

NOTE FOR DEVELOPERS: *PLEASE* don't add any code that does any of the
following:

  - Uses a KAUTH_GENERIC_ISSUSER kauth(9) request,
  - Checks 'securelevel' directly,
  - Checks a uid/gid directly.

(or if you feel you have to, contact me first)

This is still work in progress; It's far from being done, but now it'll
be a lot easier.

Relevant mailing list threads:

http://mail-index.netbsd.org/tech-security/2006/01/25/0011.html
http://mail-index.netbsd.org/tech-security/2006/03/24/0001.html
http://mail-index.netbsd.org/tech-security/2006/04/18/0000.html
http://mail-index.netbsd.org/tech-security/2006/05/15/0000.html
http://mail-index.netbsd.org/tech-security/2006/08/01/0000.html
http://mail-index.netbsd.org/tech-security/2006/08/25/0000.html

Many thanks to YAMAMOTO Takashi, Matt Thomas, and Christos Zoulas for help
stablizing kauth(9).

Full credit for the regression tests, making sure these changes didn't break
anything, goes to Matt Fleming and Jaime Fournier.

Happy birthday Randi! :)
2006-09-08 20:58:56 +00:00
christos
37ba677a84 use c99 initializers 2006-09-03 21:37:22 +00:00
christos
5dc39be6da add missing initializers 2006-09-03 21:37:06 +00:00
christos
aa6004da57 use c99 initializer. 2006-09-03 21:33:33 +00:00
cherry
8a4036de78 bumps kernel aobj to 64 bit. \
See: http://mail-index.netbsd.org/tech-kern/2006/03/07/0007.html
2006-09-01 20:39:05 +00:00
matt
9e0ec4816e Make PTRACE and COREDUMP optional. Make the default (status quo) by putting
them in conf/std.
2006-08-29 23:34:48 +00:00
martin
c8872be34c Add a new swapctl(2) command to unset the dump device. 2006-08-22 14:07:07 +00:00
yamt
36b78db59e ubc_fault: fix a deadlock in the case of uvm_loanbreak() failure. 2006-08-18 15:03:21 +00:00
he
5ea0e70c68 Rearrange included headers and/or add include of <sys/types.h> and
<sys/lock.h>, so that the mipsco port can build again, ref.
  http://mail-index.netbsd.org/port-mips/2006/08/04/0000.html
Reviewed by thorpej
2006-08-04 22:42:36 +00:00
yamt
f9458a6ba1 - in genfs_getpages, take g_glock earlier so that it can't be
intervened by truncation.
  it also fixes a deadlock.  (g_glock vs pages locking order)
- uvm_vnp_setsize: modify v_size while holding v_interlock.

reviewed by Chuck Silvers.
2006-07-22 08:47:56 +00:00
ad
3029ac48c7 - Use the LWP cached credentials where sane.
- Minor cosmetic changes.
2006-07-21 16:48:45 +00:00
drochner
ef8848c74a Introduce a UVM_KMF_EXEC flag for uvm_km_alloc() which enforces an
executable mapping. Up to now, only R+W was requested from pmap_kenter_pa.
On most CPUs, we get an executable mapping anyway, due to lack of
hardware support or due to lazyness in the pmap implementation. Only
alpha does obey VM_PROT_EXECUTE, afaics.
2006-07-05 14:26:42 +00:00
yamt
d447115889 make amap use kmem_alloc, rather than malloc.
(ie. make it use kernel_map, rather than kmem_map.)
kmem_map is more restricted than kernel_map,
and there's no point for amap to use it.
2006-06-25 08:03:46 +00:00
yamt
9606b0accf uvm_swapin: process -> lwp in a comment. 2006-06-13 13:22:06 +00:00
christos
199372b21f prevent uninitialized variable. 2006-06-13 01:59:59 +00:00
christos
28bd7a84c0 Don't allocate > 1K on the stack. 2006-06-12 21:05:47 +00:00
kardel
de4337ab21 merge FreeBSD timecounters from branch simonb-timecounters
- struct timeval time is gone
  time.tv_sec -> time_second
- struct timeval mono_time is gone
  mono_time.tv_sec -> time_uptime
- access to time via
	{get,}{micro,nano,bin}time()
	get* versions are fast but less precise
- support NTP nanokernel implementation (NTP API 4)
- further reading:
  Timecounter Paper: http://phk.freebsd.dk/pubs/timecounter.pdf
  NTP Nanokernel: http://www.eecis.udel.edu/~mills/ntp/html/kern.html
2006-06-07 22:33:33 +00:00
yamt
c24f70bcad move wait points for kva from upper layers to vm_map. PR/33185 #1.
XXX there is a concern about interaction with kva fragmentation.
see: http://mail-index.NetBSD.org/tech-kern/2006/05/11/0000.html
2006-05-25 14:27:28 +00:00
yamt
1075c99d89 introduce macros, UAREA_TO_USER and USER_TO_UAREA,
to convert uarea VA into a pointer to struct user and vice versa,
so that MD code can change the layout in uarea.
2006-05-22 13:43:54 +00:00
elad
b3e7e1b010 Better implementation of PaX MPROTECT, after looking some more into the
code and not trying to use temporary solutions.

Lots of comments and help from YAMAMOTO Takashi, also thanks to the PaX
author for being quick to recognize that something fishy's going on. :)

Hook up in mmap/vmcmd rather than (ugh!) uvm_map_protect().

Next time I suggest to commit a temporary solution just revoke my
commit bit.
2006-05-20 15:45:37 +00:00
yamt
c876210968 UVM_MAPFLAG: add missing parens. 2006-05-19 15:08:14 +00:00
elad
04d63f90b5 Introduce PaX MPROTECT -- mprotect(2) restrictions used to strengthen
W^X mappings.

Disabled by default.

First proposed in:

	http://mail-index.netbsd.org/tech-security/2005/12/18/0000.html

More information in:

	http://pax.grsecurity.net/docs/mprotect.txt

Read relevant parts of options(4) and sysctl(3) before using!

Lots of thanks to the PaX author and Matt Thomas.
2006-05-16 00:08:24 +00:00
elad
fc9422c9d9 integrate kauth. 2006-05-14 21:31:52 +00:00
yamt
de6ea5711e - rename uvm_tree_sanity to uvm_map_check and add some
(non tree related) checks.
- remove treesanity_label.  instead, just panic if any corruption is detected.
2006-05-14 08:22:50 +00:00
yamt
37f3579cf8 - uvm_mapent_trymerge: don't forget to update hints.
- clear_hints: new function.
- uvm_map_replace: use clear_hints.  no functional change.
- add some assertions.
2006-05-14 08:21:36 +00:00
yamt
be55e1f38a update first_free correctly. 2006-05-14 08:20:35 +00:00
christos
103d2f520c XXX: GCC uninitialized. 2006-05-14 05:30:31 +00:00