and make the stack and heap non-executable by default. the changes
fall into two basic catagories:
- pmap and trap-handler changes. these are all MD:
= alpha: we already track per-page execute permission with the (software)
PG_EXEC bit, so just have the trap handler pay attention to it.
= i386: use a new GDT segment for %cs for processes that have no
executable mappings above a certain threshold (currently the
bottom of the stack). track per-page execute permission with
the last unused PTE bit.
= powerpc/ibm4xx: just use the hardware exec bit.
= powerpc/oea: we already track per-page exec bits, but the hardware only
implements non-exec mappings at the segment level. so track the
number of executable mappings in each segment and turn on the no-exec
segment bit iff the count is 0. adjust the trap handler to deal.
= sparc (sun4m): fix our use of the hardware protection bits.
fix the trap handler to recognize text faults.
= sparc64: split the existing unified TSB into data and instruction TSBs,
and only load TTEs into the appropriate TSB(s) for the permissions.
fix the trap handler to check for execute permission.
= not yet implemented: amd64, hppa, sh5
- changes in all the emulations that put a signal trampoline on the stack.
instead, we now put the trampoline into a uvm_aobj and map that into
the process separately.
originally from openbsd, adapted for netbsd by me.
descriptions of WinCE behavior from Ge'rard Gambaro (jornada.free.fr).
Not tested on an actual ABF unit.
Hidden under #if 0, as we don't have a platform id for French Jornadas yet.
But I think it's better off committed before it's got lost.
- use file buffer for all block reads
- only save a small amount of the indirect block list
Allows i386 bootxx_ufs code to load /boot from a filesystem with 32k blocks
while still fitting inside 64k of memory.
Code size reduced as well (by ~1k on i386).
It ought to be possible to use a buffer that is smaller than a filesystem
block. This might be needed in order to boot from filesystems with larger
block sizes.
replace the set_socket() method of passing an extra struct socket*
argument to ip6_output() with a new explicit struct in6pcb* argument.
(The underlying socket can be obtained via in6pcb->inp6_socket.)
In preparation for fast-ipsec. Reviewed by itojun.
argument to ip6_output() with a new explicit struct in6pcb* argument.
(The underlying socket can be obtained via in6pcb->inp6_socket.)
In preparation for fast-ipsec. Reviewed by itojun.
observation is that some 570x devices can get themselves into a state
where they miscompute off-loaded TCP or UDP checksums on packets so
small that Ethernet padding is required. Further obsevation suggests
that the bge checksum-offload hardware is adding those padding bytes
into its TCP checksum computation. (Once a 5700 gets in this state,
even a warm boot won't fix it: it needs a hard powerdown.)
Work around the problem by padding such runts with zeros: even if the
checksum-offload adds in extra zeros, the resulting sum will be correct.
Also, dont trust the checksum-offload on received packets smaller than
the minimum ethernet frame, in case the Rx-side has a similar bug.
Finally, on packets where we do trust the outboard Rx-side TCP or UDP
checksum, the bge did not include the pseudo-header. Set the
M_CSUM_NO_PSEUDOHDR bit as well as M_CSUM_DATA, and rely on
udp_input() or tcp_input() adding in the sum via in_cksum_phdr().
if we m_dup() a packet to compactify it, and later run out of DMA
descriptors, bge_encap() will return ENOBUFS, hoping the driver will
try again later. But we have just m_freem()'d the original chain
which was m_dup()'d, leaving a pointer to the just-freed packet header
in the tx queue.
Fix by always walking the chain, shuffling data towards the head;
except if we find a runt in the very last mbuf, we must borrow data
from its predecessor.
(Patch is verbatim from a third-party tree, apologies for any style woes.)
Sam Leffler's FreeBSD commit message was
``to eliminate context switch when returning results from the
software crypto driver''
but the patch also contains the CRYPTO_SESID*() macros used in newer
ubsec and hifn drivers.
as argument passed by value' trick, as gcc 3.3.x makes (valid) assumptions
about the stack that will not be true. Costs 2 instructions per trap/syscall
on i386, 4 per interrupt for MP. One instruction per trap/syscall on amd64,
2 per interrupt for MP. I expect gcc 3.3.1 to make up for this by better
optimization (it'd better..)
While here, make amd64 compile again by using subr_mbr_disk.c
- Write label to all netbsd (type 169) mbr partitions (even if they don't
already have a label).
- Update any label found in sector LABELSECTOR and sector 0.
Latter change makes DIOCWDINFO (etc) work on raidframe (fixing bin/22529).
reported by Shiva Shenoy
while we're here, fix another problem when the same interface address is
assigned to !IFF_MULTICAST and IFF_MULTICAST interface. if ip_multicast_if()
returns the first one, join/leave will fail, which is not an desired effect.
- fix opcodes_base[10] to allow us to find "cmpli".
- fix "cmp" definition.
- add various missing SPRs.
- use the right bits for the "BI" operand.
- fix operand calculation for "rlwinm" and friends, and display
the operands in the same order as the manuals do.
- make the buffer bigger to avoid overflow.
it has a bug in the backoff calculation. so,
- clip it to 1-60 sec. (suggested by Rick Macklem)
- use a constant multiplier instead of nfs_backoff, which
is already exponential.
- move some related constant definations to nfs.h from nqnfs.h and
prefix with NFS_ instead of NQ_ because they are not nqnfs-specific.
and for regression-testing performance at various MTUs.
NB: route MTU may not track MTU changes, which may cause problems for
AF_ISO if loopback MTU is decreased. I've never seen problems with IP,
in various tests going back to around NetBSD 1.3.
is assumed to be in host byteorder during the input(?) path. NetBSD
keeps ip_off and ip_len in network order. Add (or remove) byteswaps
accordingly. TCP over fast_ipsec now works with PMTU, as well as without.
- defer access to interrupt configuration register, as its existence depends on
HDRTYPE.
- add "skip particular funtion in multifunction device" functionality
to quirk table.
- add GEODE/NS SC1100 quirk (now boots on soekris Net4801).
configured with ``options FAST_IPSEC''. Kernels with KAME IPsec or
with no IPsec should work as before.
All calls to ip_output() now always pass an additional compulsory
argument: the inpcb associated with the packet being sent,
or 0 if no inpcb is available.
Fast-ipsec tested with ICMP or UDP over ESP. TCP doesn't work, yet.
in jazz_bus_dmamap_create() disable BUS_DMA_ALLOCNOW for now
rather than return ENOMEM. Required by some PCI devices (like pciide(4)).
XXX needs re-think how BUS_DMA_ALLOCNOW should be handled.
XXX (we should use another flag for the jazz internal DMAC?)
Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the
OpenCryptoFramework (and thus hardware crypto accelerators) and
numerous detailed performance improvements.
This import is (aside from SPL-level names) the FreeBSD source,
imported ``as-is'' as a historical snapshot, for future maintenance
and comparison against the FreeBSD source. For now, several minor
kernel-API differences are hidden by macros a shim file, ipsec_osdep.h,
which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
(previously 'GLptr' was used as mask.)
this long standing bug seems to be uncovered by
my previous change(rev.1.2) on some machines.
PR/22457 from Matthias Scheler, and tested by him.
and when MAXDSIZ were increased memcpy() length sometimes were larger
than 64k (like in amap_extend()) All functions now checks the length.
This fixes PR#19968.
Disable the inline string functions and use the C versions instead.
since it was write-only. When setting up a process, make sure the fake
callframes are properly linked together.
Only lower SPL when in Idle loop. Raise spl to previous level (which would
be IPL_SCHED) when exiting Idle loop. Never lower SPL anyplace else.
which caused the exception. To avoid an endless loop if
the user is ignoring or catching SIGFPE, adjust the saved
PC to skip over the offending instruction.
XXX: It's not clear that this is the correct behaviour,
XXX: but it's the only way to make sh5 pass the IEEEFP
XXX: regression tests in regress/lib/libc/ieeefp/except.
means "count", in this context) the entropy we're adding because we poll the
device periodically. Sure, we poll it periodically, but it's a hardware
RNG -- the data returned should be random no matter when we read the
register!
The patch below (hopefully) improves some signaling problems
found by Nathan.
It also contains some cleanup of the sa_upcall_userret() function
removing any sleep calls using PCATCH.
Unblocked threads now only use an upcall stack after they
acquire the virtual CPU.
This prevents unblocked threads from stealing all available
upcall stacks.
Tested by Nick Hudson.
instead of keeping sysmon_envsys_list_slock spinlock held
because some drivers might sleep in sysmon_envsys ops,
XXX sysmon_envsys_lock is now redundant
I doubt it makes much sense to use the VM's stack for this, but the
old code was doubtless wrong because it potentially overwrote random
user memory.
(It might be a good idea to use the process' pre-vm86()-call stack,
but atm the infrastructure for this is missing.)
truncate64() wrapper to translate args structure
NetBSD truncate() and ftrucate() have hidden 'pad' argument, so we have
to do the argument translation
Problem found and patch supplied in PR kern/22360 by Ales Krenek
This is the last of syscalls with hidden 'pad' arg we didn't have
wrapper for; all the others (lseek, mmap, pwrite, pread) already had
wrapper before.
destroy %dl (drive number) across the 'disk reset' command.
Preserve %dl across that call and all registers across the disk reads.
Reorder the code to remove some long conditional jumps to save space.
panics in ffs_full_fsync because v_specmountpoint requires that the NULL
v_specinfo be followed.
Tidy up in the same order in all error paths so compiler can merge the
code sequences.
Fixes PR kern/22419
did not fit in struct osockaddr. Fixes linux emulation issue where bogus
addresses where returned for the interfaces [AF_LINK, AF_INET6]. While
I am here, change ioctl, so if the ifconf buffer passed is NULL, then it
computes how much space is needed and returns it in ifc_len.
chs