Commit Graph

1115 Commits

Author SHA1 Message Date
ad
63873b9b21 Revert unintentially committed change. 2007-07-14 22:27:15 +00:00
rmind
20bbb87e34 Implementation of per-CPU work-queues support for workqueue(9) interface.
WQ_PERCPU flag for workqueue and additional argument for workqueue_enqueue()
to assign a CPU might be used. Notes:
 - For now, the list is used for workqueue_queue, which is non-optimal,
   and will be changed with array, where index would be CPU ID.
 - The data structures should be changed to be cache-friendly.

Reviewed by: <yamt>, <tech-kern>
2007-07-12 20:39:56 +00:00
ad
88ab7da936 Merge some of the less invasive changes from the vmlocking branch:
- kthread, callout, devsw API changes
- select()/poll() improvements
- miscellaneous MT safety improvements
2007-07-09 20:51:58 +00:00
christos
751a3d3a74 handle UVM_UNKNOWN_OFFSET. 2007-06-24 22:56:58 +00:00
yamt
670c065b9a ubc_alloc: break loans on UBC_FAULTBUSY.
it's necessary after recent file overwrite changes.
(http://mail-index.NetBSD.org/source-changes/2007/06/05/0014.html)
it should fix the problem reported by Sarton O'Brien on
current-users@/port-xen@.
(http://mail-index.NetBSD.org/current-users/2007/06/22/0001.html)
2007-06-22 15:15:48 +00:00
ad
6820f4664f Add a sysctl to disable swapout of kernel stacks. Discussed on tech-kern@. 2007-06-15 18:28:39 +00:00
yamt
da51d139a4 improve post-ubc file overwrite performance in common cases.
ie. when it's safe, actually overwrite blocks rather than doing
read-modify-write.

also fixes PR/33152 and PR/36303.
2007-06-05 12:31:30 +00:00
yamt
f03010953f merge yamt-idlelwp branch. asked by core@. some ports still needs work.
from doc/BRANCHES:

	idle lwp, and some changes depending on it.

	1. separate context switching and thread scheduling.
	   (cf. gmcgarry_ctxsw)
	2. implement idle lwp.
	3. clean up related MD/MI interfaces.
	4. make scheduler(s) modular.
2007-05-17 14:51:11 +00:00
elad
6700cfccd6 Some Veriexec stuff that's been rotting in my tree for months.
Bug fixes:
  - Fix crash reported by Scott Ellis on current-users@.

  - Fix race conditions in enforcing the Veriexec rename and remove
    policies. These are NOT security issues.

  - Fix memory leak in rename handling when overwriting a monitored
    file.

  - Fix table deletion logic.

  - Don't prevent query requests if not in learning mode.


KPI updates:
  - fileassoc_table_run() now takes a cookie to pass to the callback.

  - veriexec_table_add() was removed, it is now done internally. As a
    result, there's no longer a need for VERIEXEC_TABLESIZE.

  - veriexec_report() was removed, it is now internal.

  - Perform sanity checks on the entry type, and enforce default type
    in veriexec_file_add() rather than in veriexecctl.

  - Add veriexec_flush(), used to delete all Veriexec tables, and
    veriexec_dump(), used to fill an array with all Veriexec entries.


New features:
  - Add a '-k' flag to veriexecctl, to keep the filenames in the kernel
    database. This allows Veriexec to produce slightly more accurate
    logs under certain circumstances. In the future, this can be either
    replaced by vnode->pathname translation, or combined with it.

  - Add a VERIEXEC_DUMP ioctl, to dump the entire Veriexec database.
    This can be used to recover a database if the file was lost.
    Example usage:

        # veriexecctl dump > /etc/signatures

    Note that only entries with the filename kept (that is, were loaded
    with the '-k' flag) will be dumped.

    Idea from Brett Lymn.

  - Add a VERIEXEC_FLUSH ioctl, to delete all Veriexec entries. Sample
    usage:

        # veriexecctl flush

  - Add a 'veriexec_flags' rc(8) variable, and make its default have
    the '-k' flag. On systems using the default signatures file
    (generaetd from running 'veriexecgen' with no arguments), this will
    use additional 32kb of kernel memory on average.

  - Add a '-e' flag to veriexecctl, to evaluate the fingerprint during
    load. This is done automatically for files marked as 'untrusted'.


Misc. stuff:
  - The code for veriexecctl was massively simplified as a result of
    eliminating the need for VERIEXEC_TABLESIZE, and now uses a single
    pass of the signatures file, making the loading somewhat faster.

  - Lots of minor fixes found using the (still under development)
    Veriexec regression testsuite.

  - Some of the messages Veriexec prints were improved.

  - Various documentation fixes.


All relevant man-pages were updated to reflect the above changes.

Binary compatibility with existing veriexecctl binaries is maintained.
2007-05-15 19:47:43 +00:00
christos
67695a4835 Make us standards compliant again. Return EINVAL in all cases (except for
mmap) so we cannot tell what went wrong.
2007-05-11 21:30:23 +00:00
christos
5e0b06ff45 Improve on previous and write a RANGE_TEST macro and do it on all the
system calls instead of doing a half-assed job on some of them and none
on others.
2007-05-11 20:41:14 +00:00
christos
c5a89b37a0 fix bogus wrap tests; ssize_t != int... 2007-05-11 20:05:50 +00:00
tsutsui
31c6ef6761 Add temporary workaround for PR kern/36019 (panic on sun2 and sun3).
Ok'ed by yamt.
2007-05-11 12:11:09 +00:00
yamt
e332a34211 add an evcnt and some assertions. 2007-05-07 12:39:45 +00:00
pooka
c65d708ad2 adjust misleading comment: PGO_SYNCIO does not depend on PGO_CLEANIT 2007-04-23 20:10:50 +00:00
dsl
b8fbaf8c4b Change the way that emulations locate files within the emulation root to
avoid having to allocate space in the 'stackgap'
  - which is very LWP unfriendly.
The additional code for non-emulation namei() is trivial, the reduction for
  the emulations is massive.
The vnode for a processes emulation root is saved in the cwdi structure
  during process exec.
If the emulation root the TRYEMULROOT flag are set, namei() will do an initial
  search for absolute pathnames in the emulation root, if that fails it will
  retry from the normal root.
".." at the emulation root will always go to the real root, even in the middle
  of paths and when expanding symlinks.
Absolute symlinks found using absolute paths in the emulation root will be
  relative to the emulation root (so /usr/lib/xxx.so -> /lib/xxx.so links
  inside the emulation root don't need changing).
If the root of the emulation would be returned (for an emulation lookup), then
  the real root is returned instead (matching the behaviour of emul_lookup,
  but being a cheap comparison here) so that programs that scan "../.."
  looking for the root dircetory don't loop forever.
The target for symbolic links is no longer mangled (it used to get the
  CHECK_ALT_xxx() treatment, so could get /emul/xxx prepended).
CHECK_ALT_xxx() are no more. Most of the change is deleting them, and adding
  TRYEMULROOT to the flags to NDINIT().
A lot of the emulation system call stubs could now be deleted.
2007-04-22 08:29:55 +00:00
chs
aba740b225 define a pager flag PGO_RECLAIM, similar to FSYNC_RECLAIM, and use it
to skip unnecessary flushing when layered file system vnodes are recycled.
this also prevents a deadlock with the dodgy LFS putpages routine.
fixes the non-LFS part of PR 36150.
2007-04-16 05:14:54 +00:00
perseant
9bab95b2ae Track lwp as well as proc owner with UVM_PAGE_TRKOWN 2007-04-14 07:01:33 +00:00
rmind
60e35a7f80 Export uvm_uarea_free() to the rest.
Make things compile again.
2007-03-24 21:15:39 +00:00
ad
59d979c5f1 Pass an ipl argument to pool_init/POOL_INIT to be used when initializing
the pool's lock.
2007-03-12 18:18:22 +00:00
christos
53524e44ef Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 2007-03-04 05:59:00 +00:00
yamt
e781af39bd implement priority inheritance. 2007-02-26 09:20:52 +00:00
skrll
e7f4fd07df -#include <sys/sa.h> 2007-02-23 08:18:35 +00:00
thorpej
b3667ada6d TRUE -> true, FALSE -> false 2007-02-22 06:05:00 +00:00
matt
93feeb1203 Fix lossage from boolean_t -> bool and updated x86 bus_dma. 2007-02-22 04:38:02 +00:00
thorpej
dd962f8680 Pick up some additional files that were missed before due to conflicts
with newlock2 merge:

Replace the Mach-derived boolean_t type with the C99 bool type.  A
future commit will replace use of TRUE and FALSE with true and false.
2007-02-21 23:48:10 +00:00
thorpej
712239e366 Replace the Mach-derived boolean_t type with the C99 bool type. A
future commit will replace use of TRUE and FALSE with true and false.
2007-02-21 22:59:35 +00:00
ad
7df3c36a6c uvm_kick_scheduler(): do nothing until the swap subsystem is initialized. 2007-02-19 01:35:19 +00:00
pavel
934634a18c Change the process/lwp flags seen by userland via sysctl back to the
P_*/L_* naming convention, and rename the in-kernel flags to avoid
conflict. (P_ -> PK_, L_ -> LW_ ). Add back the (now unused) LSDEAD
constant.

Restores source compatibility with pre-newlock2 tools like ps or top.

Reviewed by Andrew Doran.
2007-02-17 22:31:36 +00:00
rmind
27c80c165c Mention rmind@ as an author in the license. No functional change. 2007-02-17 20:45:36 +00:00
ad
2a34d8467a Fix load average calculation:
- Don't consider kernel threads when calculating the load average. Their
  priorities are no longer adjusted by the scheduler, and their level of
  activity is dependent upon running user processes.
- Change the (l->l_priority > PZERO) check in uvm_meter() to (l->l_flag &
  L_SINTR). I think this check was originally intended to weed out
  processes sleeping interruptably.
2007-02-15 20:22:43 +00:00
ad
d91014721f Add uvm_kick_scheduler() (MP safe) to replace wakeup(&proc0). 2007-02-15 20:21:13 +00:00
ad
b07ec3fc38 Merge newlock2 to head. 2007-02-09 21:55:00 +00:00
elad
d60f1f435f If Veriexec prevents indirect execution of the binary, in addition to just
blocking the mmap() if exec bit is requested, also strip exec bit from
maxprot for further mprotect() calls.

Okay joerg@.
2007-02-03 01:11:50 +00:00
hubertf
142c2a33ba Remove duplicate #includes, patch contributed in private mail
by Slava Semushin <slava.semushin@gmail.com>.

To verify that no nasty side effects of duplicate includes (or their
removal) have an effect here, I've compiled an i386/ALL kernel with
and without the patch, and the only difference in the resulting .o
files was in shifted line numbers in some assert() calls.
The comparison of the .o files was based on the output of "objdump -D".

Thanks to martin@ for the input on testing.
2007-01-24 13:08:11 +00:00
skrll
4b3e98dc1b Remove useless double assignment.
PR 35442
2007-01-19 15:52:24 +00:00
elad
fa26351488 Cosmetic nit in the 'filename' passed to veriexec_verify(). 2007-01-11 14:26:07 +00:00
alc
2fc133de08 CID-4192: ensure we have 'uobj != NULL` here
ok christos@ and yamt@
2006-12-27 17:59:08 +00:00
yamt
8bf7662829 merge yamt-splraiseipl branch.
- finish implementing splraiseipl (and makeiplcookie).
	  http://mail-index.NetBSD.org/tech-kern/2006/07/01/0000.html
	- complete workqueue(9) and fix its ipl problem, which is reported
	  to cause audio skipping.
	- fix netbt (at least compilation problems) for some ports.
	- fix PR/33218.
2006-12-21 15:55:21 +00:00
skrll
03c2b891e6 Update uvm_grow to support stacks that grow upwards.
Use on hppa and fix a bug in the hppa trap handler.
2006-12-18 09:39:14 +00:00
yamt
fc88d88996 put ->K loaned pages on the page queue, so that page loaning doesn't
disturb pagedaemon/pdpolicy.
2006-12-15 13:51:30 +00:00
chs
c398ae9734 a smorgasbord of improvements to vnode locking and path lookup:
- LOCKPARENT is no longer relevant for lookup(), relookup() or VOP_LOOKUP().
   these now always return the parent vnode locked.  namei() works as before.
   lookup() and various other paths no longer acquire vnode locks in the
   wrong order via vrele().  fixes PR 32535.
   as a nice side effect, path lookup is also up to 25% faster.
 - the above allows us to get rid of PDIRUNLOCK.
 - also get rid of WANTPARENT (just use LOCKPARENT and unlock it).
 - remove an assumption in layer_node_find() that all file systems implement
   a recursive VOP_LOCK() (unionfs doesn't).
 - require that all file systems supply vfs_vptofh and vfs_fhtovp routines.
   fill in eopnotsupp() for file systems that don't support being exported
   and remove the checks for NULL.  (layerfs calls these without checking.)
 - in union_lookup1(), don't change refcounts in the ISDOTDOT case, just
   adjust which vnode is locked.  fixes PR 33374.
 - apply fixes for ufs_rename() from ufs_vnops.c rev. 1.61 to ext2fs_rename().
2006-12-09 16:11:50 +00:00
elad
b8e4702fb2 Back out uvm_is_swap_device(). 2006-12-07 14:06:51 +00:00
elad
cbcd623862 We are required to hold uvm.swap_data_lock here too. 2006-12-02 03:23:38 +00:00
yamt
10cd898fb8 uvm_fault: fix an assertion. PR/35134 from Christos Zoulas.
it can be triggered by minherit as well.
2006-12-01 19:15:22 +00:00
elad
a6c2dfb16d Introduce uvm_is_swap_device(), to check if the passed struct vnode * is
used as a swap device or not.

Okay mrg@.
2006-12-01 16:06:09 +00:00
yamt
c6970b82a3 uvm_fault: unwrap a short line. 2006-11-28 13:16:37 +00:00
yamt
ec1dd90a2a uvmpdpol_pagedequeue: clear PQ_INITIALREF.
otherwise, dequeue/enqueue cycles (eg. page loaning) can cause
an assertion failure in clockpro_pageenqueue.
2006-11-28 13:14:53 +00:00
christos
df031f1edc PR/34837: Mindaguas: Add SysV SHM dynamic reallocation and locking to the
physical memory
2006-11-25 21:40:04 +00:00
christos
168cd830d2 __unused removal on arguments; approved by core. 2006-11-16 01:32:37 +00:00
yamt
1a7bc55dcc remove some __unused from function parameters. 2006-11-01 10:17:58 +00:00
yamt
b89279d039 revert malloc -> kmem_alloc part of uvm_swap.c rev.1.110 because
the current implementation of kmem_free can sleep.
2006-10-27 15:06:04 +00:00
uwe
5704a46a71 uvm_page_printall: With new PQ_* flags pg->pqflags no longer fits and
makes the output of "show all pages" ragged.  Widen the field to 4 chars.
2006-10-26 20:00:52 +00:00
yamt
e95cf416a6 extent/malloc -> vmem_alloc/kmem_alloc. 2006-10-22 09:44:21 +00:00
mrg
648bbec934 in cpu_dumpconf(), don't panic() if we can't bdevsw_lookup() the
dumpdev.  this occurs when we try to set the dumpdev to a device
with no driver loaded.  this fixes PR#34872.

in sys_swapctl, if bdevsw_lookup() fails, set dumpdev = NODEV
before calling cpu_dumpconf().  (this also fixes PR#34872.)

XXX: cpu_dumpconf() should probably be changed to take a dumpdev
XXX: and return an error in such cases, but that is a much more
XXX: intrusive change.

XXX2: this is only run-tested on sparc64 and compile tested on a
XXX2: couple of platforms.
2006-10-21 05:54:31 +00:00
yamt
4ba42a7148 add an assertion. 2006-10-19 09:34:00 +00:00
yamt
a7dbf2d5e5 uvm_loanbreak: transfer dirtiness of the old page to the new page,
rather than blindly mark it dirty.  fix a part of PR/33513.
2006-10-14 09:23:56 +00:00
yamt
61934cf2b4 uvm_vnp_setsize: put back v_size assignment after uvn_put.
PR/34147 from Juergen Hannken-Illjes.
2006-10-14 09:20:35 +00:00
uwe
bb003f9487 More __unused (in cpp conditionals not touched by i386). 2006-10-12 21:35:00 +00:00
dogcow
e0909532c0 even more __unused. 2006-10-12 20:18:19 +00:00
yamt
0a8c1584c7 remove unnecessary #include of vnode.h. 2006-10-12 10:14:43 +00:00
yamt
9de1cdc8fe move some knowledge about vnode into uvm_vnode.c. 2006-10-12 10:14:20 +00:00
yamt
b290489c81 whitespace. 2006-10-12 10:13:35 +00:00
yamt
0b30e1501c uobj_wirepages and uobj_unwirepages from Mindaugas. PR/34771.
(commented out in files.uvm for now because there is no user in tree.)

http://mail-index.netbsd.org/tech-kern/2006/09/24/0000.html
http://mail-index.netbsd.org/tech-kern/2006/10/10/0000.html
2006-10-12 10:11:57 +00:00
thorpej
401a3924d5 uvm_swap_stats_locked(): Consume the cmd argument even if COMPAT_13 is
not defined.
2006-10-12 04:35:40 +00:00
christos
4d595fd7b1 - sprinkle __unused on function decls.
- fix a couple of unused bugs
- no more -Wno-unused for i386
2006-10-12 01:30:41 +00:00
yamt
86004aaed3 fix some warnings in the case of PDSIM. 2006-10-09 12:50:39 +00:00
yamt
dbdfc1f677 move src/sys/uvm/pdsim to src/regress/sys/uvm/pdsim.
no objection on tech-kern@.
2006-10-09 12:32:21 +00:00
chs
33c1fd1917 add support for O_DIRECT (I/O directly to application memory,
bypassing any kernel caching for file data).
2006-10-05 14:48:32 +00:00
christos
b01cc3ff0a Coverity CID 3170,3171: Add KASSERT. 2006-10-03 18:26:03 +00:00
yamt
7e4975c5e3 don't use japanese for an identifier. 2006-09-30 16:14:00 +00:00
yamt
606f2d8add wrap a long line. 2006-09-30 16:01:19 +00:00
yamt
883278d33e whitespace. 2006-09-30 15:52:39 +00:00
yamt
04a8266e88 add ubc window hit/miss evcnts. 2006-09-30 15:38:06 +00:00
yamt
7e1b20a4cf ubc_fault: check UVM_OBJ_NEEDS_WRITEFAULT.
fix an assertion failure in genfs_putpages when using msdosfs.
(http://mail-index.NetBSD.org/tech-kern/2006/09/27/0002.html)
reported and tested by Darrin B.Jewell.
2006-09-30 15:37:22 +00:00
elad
53ca07b4d7 If Veriexec enforces access type, don't allow mmap() to use PROT_EXEC on
files that don't have the "indirect" flag. Also change the "library" alias
in veriexecctl(8) to mean "file, indirect".

okay blymn@
2006-09-30 10:56:31 +00:00
yamt
3545644943 more todo. 2006-09-30 09:07:45 +00:00
yamt
1da8d3a36e note what's this. 2006-09-30 09:03:19 +00:00
yamt
a5c3459e65 implementations of some replacement algorithms for comparison. 2006-09-30 09:00:00 +00:00
yamt
2ebf73755e a script to modify a list so that it uses small numbers as far as possible.
useful when feeding real world examples into a hackish code like lirs.c
which can't handle large numbers.
2006-09-30 08:57:17 +00:00
yamt
adf92c530f implementations of some replacement algorithms for comparison. 2006-09-30 08:50:32 +00:00
yamt
538ff1a080 an artificial access pattern generator. 2006-09-30 08:48:17 +00:00
yamt
94330f3fe8 a simple program to test uvm_pdpolicy_*.c in userland. 2006-09-30 08:47:39 +00:00
thorpej
ec1894a78a Don't inline uvm_pagealloc_pgfl(). 2006-09-27 17:18:50 +00:00
yamt
8e991698b9 revert a change which was unintentionally slipped in via yamt-pdpolicy branch. 2006-09-16 07:14:38 +00:00
yamt
9d3e3eab23 merge yamt-pdpolicy branch.
- separate page replacement policy from the rest of kernel
	- implement an alternative replacement policy
2006-09-15 15:51:12 +00:00
elad
5f7169ccb1 First take at security model abstraction.
- Add a few scopes to the kernel: system, network, and machdep.

- Add a few more actions/sub-actions (requests), and start using them as
  opposed to the KAUTH_GENERIC_ISSUSER place-holders.

- Introduce a basic set of listeners that implement our "traditional"
  security model, called "bsd44". This is the default (and only) model we
  have at the moment.

- Update all relevant documentation.

- Add some code and docs to help folks who want to actually use this stuff:

  * There's a sample overlay model, sitting on-top of "bsd44", for
    fast experimenting with tweaking just a subset of an existing model.

    This is pretty cool because it's *really* straightforward to do stuff
    you had to use ugly hacks for until now...

  * And of course, documentation describing how to do the above for quick
    reference, including code samples.

All of these changes were tested for regressions using a Python-based
testsuite that will be (I hope) available soon via pkgsrc. Information
about the tests, and how to write new ones, can be found on:

	http://kauth.linbsd.org/kauthwiki

NOTE FOR DEVELOPERS: *PLEASE* don't add any code that does any of the
following:

  - Uses a KAUTH_GENERIC_ISSUSER kauth(9) request,
  - Checks 'securelevel' directly,
  - Checks a uid/gid directly.

(or if you feel you have to, contact me first)

This is still work in progress; It's far from being done, but now it'll
be a lot easier.

Relevant mailing list threads:

http://mail-index.netbsd.org/tech-security/2006/01/25/0011.html
http://mail-index.netbsd.org/tech-security/2006/03/24/0001.html
http://mail-index.netbsd.org/tech-security/2006/04/18/0000.html
http://mail-index.netbsd.org/tech-security/2006/05/15/0000.html
http://mail-index.netbsd.org/tech-security/2006/08/01/0000.html
http://mail-index.netbsd.org/tech-security/2006/08/25/0000.html

Many thanks to YAMAMOTO Takashi, Matt Thomas, and Christos Zoulas for help
stablizing kauth(9).

Full credit for the regression tests, making sure these changes didn't break
anything, goes to Matt Fleming and Jaime Fournier.

Happy birthday Randi! :)
2006-09-08 20:58:56 +00:00
christos
37ba677a84 use c99 initializers 2006-09-03 21:37:22 +00:00
christos
5dc39be6da add missing initializers 2006-09-03 21:37:06 +00:00
christos
aa6004da57 use c99 initializer. 2006-09-03 21:33:33 +00:00
cherry
8a4036de78 bumps kernel aobj to 64 bit. \
See: http://mail-index.netbsd.org/tech-kern/2006/03/07/0007.html
2006-09-01 20:39:05 +00:00
matt
9e0ec4816e Make PTRACE and COREDUMP optional. Make the default (status quo) by putting
them in conf/std.
2006-08-29 23:34:48 +00:00
martin
c8872be34c Add a new swapctl(2) command to unset the dump device. 2006-08-22 14:07:07 +00:00
yamt
36b78db59e ubc_fault: fix a deadlock in the case of uvm_loanbreak() failure. 2006-08-18 15:03:21 +00:00
he
5ea0e70c68 Rearrange included headers and/or add include of <sys/types.h> and
<sys/lock.h>, so that the mipsco port can build again, ref.
  http://mail-index.netbsd.org/port-mips/2006/08/04/0000.html
Reviewed by thorpej
2006-08-04 22:42:36 +00:00
yamt
f9458a6ba1 - in genfs_getpages, take g_glock earlier so that it can't be
intervened by truncation.
  it also fixes a deadlock.  (g_glock vs pages locking order)
- uvm_vnp_setsize: modify v_size while holding v_interlock.

reviewed by Chuck Silvers.
2006-07-22 08:47:56 +00:00
ad
3029ac48c7 - Use the LWP cached credentials where sane.
- Minor cosmetic changes.
2006-07-21 16:48:45 +00:00
drochner
ef8848c74a Introduce a UVM_KMF_EXEC flag for uvm_km_alloc() which enforces an
executable mapping. Up to now, only R+W was requested from pmap_kenter_pa.
On most CPUs, we get an executable mapping anyway, due to lack of
hardware support or due to lazyness in the pmap implementation. Only
alpha does obey VM_PROT_EXECUTE, afaics.
2006-07-05 14:26:42 +00:00
yamt
d447115889 make amap use kmem_alloc, rather than malloc.
(ie. make it use kernel_map, rather than kmem_map.)
kmem_map is more restricted than kernel_map,
and there's no point for amap to use it.
2006-06-25 08:03:46 +00:00
yamt
9606b0accf uvm_swapin: process -> lwp in a comment. 2006-06-13 13:22:06 +00:00