pmap_init() is called, and the initial kernel PT pages aren't enough
for the allocations pmap_init(). This fails because pmap_kenter_pa()
tries to allocate a new kernel PT page and traps because the pmap has
not been initialized. When computing the number if initial kernel PT
pages, include enough to allow kmem to map the physical memory. This
should fix PR/45915. OK by releng@. One mac68k system has been verified
to boot. Volunteers to test the others welcome. Amigas with at least
up to 128MB of memory were OK, but larger memory will need some adjusting.
1) Move core entropy-pool code and source/sink/sample management code
to sys/kern from sys/dev.
2) Remove use of NRND as test for presence of entropy-pool code throughout
source tree.
3) Remove use of RND_ENABLED in device drivers as microoptimization to
avoid expensive operations on disabled entropy sources; make the
rnd_add calls do this directly so all callers benefit.
4) Fix bug in recent rnd_add_data()/rnd_add_uint32() changes that might
have lead to slight entropy overestimation for some sources.
5) Add new source types for environmental sensors, power sensors, VM
system events, and skew between clocks, with a sample implementation
for each.
ok releng to go in before the branch due to the difficulty of later
pullup (widespread #ifdef removal and moved files). Tested with release
builds on amd64 and evbarm and live testing on amd64.
for crash(8) as amiga and sun3. There are _KERNEL protections in it.
Briefly tested by "build.sh -m news68k -U build".
Further possible botch will be fixed later.
the device lock in relevant places. avoid doing so while actually dumping.
tested i386 crash dumps still work, and that all touched files compile.
fixes PR#45705.
68030/68851 initialization paths.
Pointed out by isaki@ per observation of ATC status on XM6i emulator.
Tested on TT030, HP362, NWS-1750, and X68030 by me.
XXX: probably we can remove existing pflusha or TBIA calls after MMU turned
XXX: on (and before enabling cache) but I leave them as is for now to avoid
XXX: unexcpected side effects.
source file as the entropy-pool code itself. Move it to std. This
will be cleaned up more when I split the sources up as they should be.
This fixes build breaks on several ports. Thanks to Havard Eidnes for
pointing them out.
<20111022023242.BA26F14A158@mail.netbsd.org>. This change includes
the following:
An initial cleanup and minor reorganization of the entropy pool
code in sys/dev/rnd.c and sys/dev/rndpool.c. Several bugs are
fixed. Some effort is made to accumulate entropy more quickly at
boot time.
A generic interface, "rndsink", is added, for stream generators to
request that they be re-keyed with good quality entropy from the pool
as soon as it is available.
The arc4random()/arc4randbytes() implementation in libkern is
adjusted to use the rndsink interface for rekeying, which helps
address the problem of low-quality keys at boot time.
An implementation of the FIPS 140-2 statistical tests for random
number generator quality is provided (libkern/rngtest.c). This
is based on Greg Rose's implementation from Qualcomm.
A new random stream generator, nist_ctr_drbg, is provided. It is
based on an implementation of the NIST SP800-90 CTR_DRBG by
Henric Jungheim. This generator users AES in a modified counter
mode to generate a backtracking-resistant random stream.
An abstraction layer, "cprng", is provided for in-kernel consumers
of randomness. The arc4random/arc4randbytes API is deprecated for
in-kernel use. It is replaced by "cprng_strong". The current
cprng_fast implementation wraps the existing arc4random
implementation. The current cprng_strong implementation wraps the
new CTR_DRBG implementation. Both interfaces are rekeyed from
the entropy pool automatically at intervals justifiable from best
current cryptographic practice.
In some quick tests, cprng_fast() is about the same speed as
the old arc4randbytes(), and cprng_strong() is about 20% faster
than rnd_extract_data(). Performance is expected to improve.
The AES code in src/crypto/rijndael is no longer an optional
kernel component, as it is required by cprng_strong, which is
not an optional kernel component.
The entropy pool output is subjected to the rngtest tests at
startup time; if it fails, the system will reboot. There is
approximately a 3/10000 chance of a false positive from these
tests. Entropy pool _input_ from hardware random numbers is
subjected to the rngtest tests at attach time, as well as the
FIPS continuous-output test, to detect bad or stuck hardware
RNGs; if any are detected, they are detached, but the system
continues to run.
A problem with rndctl(8) is fixed -- datastructures with
pointers in arrays are no longer passed to userspace (this
was not a security problem, but rather a major issue for
compat32). A new kernel will require a new rndctl.
The sysctl kern.arandom() and kern.urandom() nodes are hooked
up to the new generators, but the /dev/*random pseudodevices
are not, yet.
Manual pages for the new kernel interfaces are forthcoming.
Note:
- ENTRY_NOPROFILE() is okay since they are used only for debug printf
- they are declared to return int so no need to put a return value into %a0
http://mail-index.netbsd.org/tech-userlevel/2011/08/25/msg005404.html
This is used by disk tools such as disklabel(8) to dynamically decide is
the undelyling platform uses a disklabel-in-mbr-partition or not
(instead of using a compile-time list of ports).
getlabelusesmbr() reads the sysctl kern.labelusesmbr, takes its value from the
machdep #define LABELUSESMBR.
For evbmips, make LABELUSESMBR 1 if the platform uses pmon
as bootloader, and 0 (the previous value) otherwise.
sys/stdarg.h and expect compiler to provide proper builtins, defaulting
to the GCC interface. lint still has a special fallback.
Reduce abuse of _BSD_VA_LIST_ by defining __va_list by default and
derive va_list as required by standards.
- Reorganize locking in UVM and provide extra serialisation for pmap(9).
New lock order: [vmpage-owner-lock] -> pmap-lock.
- Simplify locking in some pmap(9) modules by removing P->V locking.
- Use lock object on vmobjlock (and thus vnode_t::v_interlock) to share
the locks amongst UVM objects where necessary (tmpfs, layerfs, unionfs).
- Rewrite and optimise x86 TLB shootdown code, make it simpler and cleaner.
Add TLBSTATS option for x86 to collect statistics about TLB shootdowns.
- Unify /dev/mem et al in MI code and provide required locking (removes
kernel-lock on some ports). Also, avoid cache-aliasing issues.
Thanks to Andrew Doran and Joerg Sonnenberger, as their initial patches
formed the core changes of this branch.
to store disk quota usage and limits, integrated with ffs
metadata. Usage is checked by fsck_ffs (no more quotacheck)
and is covered by the WAPBL journal. Enabled with kernel
option QUOTA2 (added where QUOTA was enabled in kernel config files),
turned on with tunefs(8) on a per-filesystem
basis. mount_mfs(8) can also turn quotas on.
See http://mail-index.netbsd.org/tech-kern/2011/02/19/msg010025.html
for details.
copyright. Confirmed by Mike Hibler, mike at cs.utah.edu - thanks!
Also, merge UCB and Utah copyright texts back into one, as they
originally were.
Extra verification by snj@.
disabled by -D) from the output of newvers_stand.sh. Change -D to the
inverted logic, so that it adds the date to bootprog_rev in ().
Change all platforms accordingly. -D is added if MKREPRO is not yes and
wasn't present before. Platforms that didn't use -D don't depend on
MKREPRO now either.
options EXEC_ELF32, EXEC_SCRIPTS, and CPU_IN_CKSUM for md cpu_in_cksum.c
- make all m68k ports include common arch/m68k/conf/std.m68k
from MD std.${MACHINE}
M680[12346] are now available from opt_m68k_arch.h. FPSP meantioned
in the PR has already been fixed, and i could not find any more.
i built these kernels to ensure i did not break their builds:
amiga: GENERIC DRACO
atari: HADES FALCON MILAN-PCIIDE
mac68k: GENERIC
sun2: GENERIC
sun3: GENERIC GENERIC3X
cesfic: attempted GENERIC, does not build due to lack of machine/bus.h
hp300: GENERIC
luna68k: GENERIC
mvme68k: GENERIC
news68k: GENERIC
next68k: GENERIC
x68k: GENERIC
canonicalise several of the ipf option segments in various files
(this mostly means adding commented out IPFILTER_DEFAULT_BLOCK,
or adding commented or uncommented IPFILTER_LOG or IPFILTER_LOOKUP
option statements.)
i built about 20 of these kernels to check, but not all of them.
on the amount of physical memory and limited by NMBCLUSTERS if present.
Architectures without direct mapping also limit it based on the kmem_map
size, which is used as backing store. On i386 and ARM, the maximum KVA
used for mbuf clusters is limited to 64MB by default.
The old default limits and limits based on GATEWAY have been removed.
key_registered_sb_max is hard-wired to a value derived from 2048
clusters.
#if NBPFILTER is no longer required in the client. This change
doesn't yet add support for loading bpf as a module, since drivers
can register before bpf is attached. However, callers of bpf can
now be modularized.
Dynamically loadable bpf could probably be done fairly easily with
coordination from the stub driver and the real driver by registering
attachments in the stub before the real driver is loaded and doing
a handoff. ... and I'm not going to ponder the depths of unload
here.
Tested with i386/MONOLITHIC, modified MONOLITHIC without bpf and rump.
struct timeval passed to todr_gettime(9) and todr_settime(9).
We no longer have an ancient and volatile struct timeval `time'
global since we have switched to MI timercounter(9) on all port.
XXX1: some of these RTC drivers still assume 32bit time_t
XXX2: some of these should be rewritten to use todr_[gs]ettime_ymdhms()
XXX3: todr(9) man page doesn't mention todr_[gs]ettime_ymdhms()
- use SYSMAP_VA, SEGSHIFT for Sysmap address and table entries
- use TIA_SIZE, TIB_SIZE for sizes of table entries
Now page size dependent numbers are almost replaced with proper macro.
Tested on atari, hp300, and news68k.
Also explicitly set uvmexp.pagesize to prepare 8KB/page settings.
XXX: There is #ifdef !defined(amiga) && !defined(atari) workaround
XXX: because they have different pmap initialization functions.
- move macro SEGSHIFT, NBSEG, and SEGOFSET from <machine/param.h>
to <m68k/pmap_motorola.h> where they should belong
- also simplify NBSEG macro for both 020/030 and 040/060 cases
- also move m68k_trunc_seg(), m68k_round_seg(), and m68k_seg_offset()
(that use SEGOFSET) from <m68k/param.h> to <m68k/pmap_motorola.h>
- add comments about each segment size value used on pmap_motorola
implementation
- add TIA_SIZE, TIA_SHIFT, TIB_SIZE, and TIB_SHIFT macro which can be
used for ste/pte index sizes
- use proper vaddr_t cast instead of unsigned for SEGOFSET/PGOFSET macro
Tested on atari, hp300, and news68k.
They were incorrect since 1997 on amiga and atari, and since 2002
on other ports, but fortunately they don't look so fatal.
Anyway, these values will be moved into <m68k/pmap_motorola.h> soon
since they are quite pmap implementation dependent.
from MD pmap bootstrap sources to common pmap_bootstrap_finalize().
Tested on atari, hp300, mac68k, and news68k.
XXX: Why is protection_codes[] array initialized at run time?
- for 040/060, move L2 descs for Sysptmap from the last L2 block in segment
table pages to the contiguous block with ones for segment table mappings
- for 020/030, invalidate ste and pte entries separately since
ste size (TIA_SIZE) and pte size (TIB_SIZE) could be different
on 8KB/page systems
Tested on hp300 (040), mac68k (LC040), and news68k (030)
(and untested on others).
XXX: some more stuff in pmap_bootstrap.c could be moved into
XXX: common pmap_bootstrap_finalize()?
between other page tables to use different mappings for ste/pte pages
as well as amiga and atari. Should resolve XXX comments in next68k and x68k.
Tested on hp300 and mac68k.
- Addresses the issue described in PR/38828.
- Some simplification in threading and sleepq subsystems.
- Eliminates pmap_collect() and, as a side note, allows pmap optimisations.
- Eliminates XS_CTL_DATA_ONSTACK in scsipi code.
- Avoids few scans on LWP list and thus potentially long holds of proc_lock.
- Cuts ~1.5k lines of code. Reduces amd64 kernel size by ~4k.
- Removes __SWAP_BROKEN cases.
Tested on x86, mips, acorn32 (thanks <mpumford>) and partly tested on
acorn26 (thanks to <bjh21>).
Discussed on <tech-kern>, reviewed by <ad>.
The head of the list is now a pv_header, which contains the first pv_entry
as well as a 16-bit attributes field (replaces the pmap_attributes array
plus the pv_entry::pv_flags field) as a 16-bit count of caller-specified
cache-inhibited mappings.
Tested on hp300 (shared pmap_motorola.c), changes to atari and amiga copies
are purely mechanical.
There are still about 1600 left, but they have ',' or /* ... */
in the actual variable definitions - which my awk script doesn't handle.
There are also many that need () -> (void).
(The script does handle misordered arguments.)
- renamed to MEMORY_DISK_RBFLAGS to better fit the rest of the
MEMORY_DISK options(4)
- change default value to RB_AUTOBOOT instead of RB_SINGLE, and adapt
the config(5) files accordingly
- document this option inside options(4)
See also http://mail-index.netbsd.org/tech-kern/2008/12/25/msg003924.html
Reviewed by abs@ in private mail.
virtual_end, and protection_codes[] to common <m68k/pmap_motorola.h>,
and also make protection_codes[] unsigned.
XXX: avail_start and avail_end should also be moved, but it causes
XXX: -Wshadow warnings in uvm/uvm_page.c:uvm_page_physload() and
XXX: I don't have a good idea of alternative names for now.
to avoid unnecessary 64 bit ops which would make binaries larger:
satime_t (currently unsigned int):
numbers in seconds returned by the machine dependent getsecs() function
which are used to measure relative time
saseconds_t (currently int):
numbers in seconds used to specify timeout to network drivers
Per discussion on current-users.
(where MMU is not enabled yet) and make kernel_pmap_store static again.
Also consistently use uintptr_t on address conversion in RELOC() macro.
Tested on hp300 (PA != VA) and news68k (PA == VA).
phases, so move the initialization of the ksyms mutex back into main via
a function called ksyms_init. Rename the existing (but quite different)
ksyms_init* variations into ksyms_addsyms_elf() and ksyms_addsyms_explicit()
and adapt machdep code accordingly.
