Commit Graph

103472 Commits

Author SHA1 Message Date
fvdl
5e33ec48d8 Define NOREDZONE and use it in the *_TINY config files to save a page
per process.
2002-10-06 12:36:16 +00:00
fvdl
14c70e4627 Put an unmapped page below the kernel stack (and above struct user) to
catch kernel stack overflows. This bumps UPAGES from 2 to 4 (one unmapped),
because struct user take 1 page then there's the unmapped page, and
then the 2 pages for the kernel stack. If the NOREDZONE option is
set, UPAGES is 2 as before, and no unmapped page is used.
2002-10-06 12:35:16 +00:00
bjh21
7d7fc4e3d8 Change obviously-acorn32-specific entries to say acorn32 rather than arm32. 2002-10-06 12:35:01 +00:00
bjh21
b3db781eb3 Add "hydra" on acorn32. 2002-10-06 12:32:02 +00:00
lukem
8b42f7b9d9 Provide strtoll() in libnbcompat.
Should fix relevant build issue on HP-UX and MacOS X hosts.
2002-10-06 12:09:34 +00:00
lukem
9df13b15cf pull in config.h (et al) for libnbcompat 2002-10-06 12:07:28 +00:00
dsainty
12bc497c14 Typo: axctivate -> activate 2002-10-06 11:38:41 +00:00
bjh21
c775c3e73c Give each CPU a struct cpu_info, and have curcpu() return the right one.
Also have cpu_boot_secondary_processors() un-halt all the slave CPUs, and
have them do something visible when that happens.
2002-10-06 11:34:12 +00:00
fvdl
b3e87c44a4 Adjust callers to setgate() to match new prototype. 2002-10-06 10:40:04 +00:00
bjh21
8e25492f64 Make cpu_number() work. 2002-10-06 10:21:50 +00:00
bjh21
f68de9a752 Use HYDRA_ID_SLAVE_MASK rather than 3.
No need for an infinite loop after we jump out of hydra_hatchcode.
2002-10-06 10:21:10 +00:00
kristerw
bc68323a39 Correct test for busy-ness when setting parameters. 2002-10-06 10:01:08 +00:00
kristerw
d509ae30db Correct possible return of uninitialized error variable. 2002-10-06 09:48:29 +00:00
tls
0f95ec4fd5 ESP output was drawing down the entropy pool at a ferocious rate, a
particular problem on hosts with only wireless interfaces that are
definitely not safe to use as entropy sources.

Add arc4randbytes() which hands out bytes from the same source used
by arc4random().  This is intended to be a _temporary_ interface
until we can design and implement a better general PRNG interface
that is decoupled from the entropy-pool implementation.

Modify key_randomfill() (used only for initialization vectors on
SA creation and via key_sa_stir_iv(), which does not "stir",
despite its name) to use arc4randbytes() instead of pulling bits
directly from the entropy pool.  It is my hope that this change
will pose minimal integration problems for the KAME folks as the
random-pool interface is *already* different between each BSD
variant; this just simplifies the NetBSD case and solves a
fairly serious problem.

Note that it is generally considered acceptable cryptographic
practice to use a fast stream cipher to generate IVs for encryption
with stronger block ciphers.  For example, the use of "non-Approved"
PRNGs to generate IVs for "Approved" block ciphers is explicitly
sanctioned by FIPS 140-2.
2002-10-06 08:51:44 +00:00
tls
cd114adca5 This commit includes two major changes:
1) Speed up arc4random().  We make arc4randbyte() inline, which makes this
   not much slower than, say, the other arc4 implementation in our kernel.

   We also replace four calls to arc4randbyte() with a loop, saving about
   20% on some processors where the "unrolled" arc4randbyte() calls would
   needlessly stomp the cache.

2) Address various problems with the initialization/"stirring" code,
   primarily in the area of handling of the source data from the kernel
   entropy pool.  We used to:

	a) Ask the entropy pool for 32 bytes

	b) If we got zero bytes, key with junk from the stack (ouch!)
	   which has some nasty implications, to say the least.  For
	   example, we're most likely to get zero bytes at boot time,
	   when the stack contents are even more predictable than usual.

	c) If we got less than 32 bytes but more than zero bytes, use
	   however many bytes we got as the arc4 key, copying it
	   repeatedly as per usual arc4 key setup.

	   Because of the way NetBSD's entropy pool works, this was
	   mostly harmless, because if you ask for RND_EXTRACT_ANY,
	   you always get as many bytes as you ask for.  However,
	   this is probably a security hole in the original FreeBSD
	   code, where AFAICT you might end up using an 8-bit arc4
	   key -- not good, much worse than using the output of the
	   entropy pool hash function even when it thinks it only
	   has 8 bits of entropy to give you.

	   One thing this code could do on NetBSD that was not so
	   good was to replace a key with a lot of entropy with
	   one with less entropy.  That's clearly counterproductive.

   The new code, instead:

	a) Asks for 32 good bytes.  If it gets them, use them as the
	   arc4 key in the usual way.

	b) Tracks how many entropy bytes the key it's replacing had.
	   If the new entropy request got less bytes, leave the old
	   key in place.  Note that the first time through, the "old
	   key" had zero bytes, so we'll always replace it.

	c) If we get less then 32 bytes but more than we had, request
	   EXTRACT_ANY bytes from the entropy pool, padding the key
	   out to 32 bytes which we then use as the arc4 key in the
	   usual way.

This is still really all rather backwards.  Instead of this generator
deciding to rekey itself using a basically arbitrary metric, it should
register a callback so that the entropy pool code could rekey it when
a lot of bits were available.  Details at 11.

Finally, rename the "stir" function (which did not stir) to "rekey",
which is what it actually does.
2002-10-06 06:47:40 +00:00
oster
eb9d6f5ffa Add a missing RF_LOCK_MUTEX(). 2002-10-06 05:32:59 +00:00
oster
0567afd1cf Introduce a temp variable, and allocate the ReconCtrl structure before
we protect raidPtr.  One less thing for LOCKDEBUG to complain about.
2002-10-06 05:23:55 +00:00
provos
4b7278c7f2 use FNM_LEADING_DIR 2002-10-06 03:16:25 +00:00
provos
b899aa2abc implement FNM_LEADING_DIR; matches Linux and other *BSDs; approved thorpej 2002-10-06 03:15:45 +00:00
provos
d1c3210192 regen from GENERIC.in 2002-10-06 03:00:02 +00:00
provos
fbc128def8 add SYSTRACE here; pointed out by lukem 2002-10-06 02:58:21 +00:00
tsutsui
a7933969a6 Sync with GENERIC. (systrace and other misc options) 2002-10-06 02:50:28 +00:00
tsutsui
a9ca52263a Sync with GENERIC:
- Add options SYSTRACE
- Add (commented out) options for semaphores
2002-10-06 02:31:38 +00:00
provos
2f7a0aaac8 add SYSTRACE; approved perry. 2002-10-06 02:11:54 +00:00
junyoung
d0c512001c Embedded whitespace in dirname is supported again. 2002-10-06 01:36:36 +00:00
lukem
64beaeafc8 - Check HAVE_LCHFLAGS for lchflags(2) support, rather than assuming
that HAVE_STRUCT_STAT_ST_FLAGS implies this.
- Set HAVE_LCHFLAGS for native builds
- Clean up {CLEAR,SET,CHANGE}FLAGS macros, and only provide if
  HAVE_STRUCT_STAT_ST_FLAGS is set.

(Fixes compilation as a tool on MacOS X, noted by Allen Briggs.)
2002-10-06 01:36:09 +00:00
provos
9008ac33c8 assume that inserting a template implies permit for the current syscall 2002-10-06 01:28:55 +00:00
lukem
c61581112f complete check for lchflags 2002-10-06 01:25:58 +00:00
fvdl
dcee4ceeba Back out revision 1.23, it breaks all kernel configs that do
makeoptions	COPTS="foo"

There are quite a few of those in the tree, as well.
2002-10-06 00:07:17 +00:00
bjh21
bb6b27b143 Second phase of Hydra attachment: All CPUs are now set up sufficiently that
they can call printf(), which they do before halting.
2002-10-05 23:30:03 +00:00
bjh21
389f612a10 Remove spurious comment. 2002-10-05 23:26:48 +00:00
manu
075c3542d8 Added uname emulation so that IRIX's uname -s returns IRIX 2002-10-05 23:17:29 +00:00
manu
e9b4436254 Fixed typo in a comment 2002-10-05 23:15:58 +00:00
oster
6108856337 update_size() does some bookkeeping, but nothing ever reads the data
it gathers.  Nuke it.  Without update_size, FreeReconMapListElem() can
do without mapPtr.  That, in turn, means crunch_list() doesn't need a
mapPtr either.
2002-10-05 22:45:46 +00:00
chs
993948e989 count executable image pages as executable for vm-usage purposes.
also, always do the VTEXT vs. v_writecount mutual exclusion
(which we previously skipped if the text or data segment was empty).
2002-10-05 22:34:02 +00:00
fvdl
9110a093d8 Do rendezvous for TLB shootdown IPI. The sender sets a bitmask
of all CPUs it wants entries shot down on, and waits until it
clears. pmap_tlb_doshootdown clears the bit of the current CPU
in this mask.

Also, change simple_lock -> __cpu_simple_lock in IPI path.
2002-10-05 21:30:42 +00:00
manu
6589fa5eda Added an ioctl emulation so that IRIX's tar is able to extract a file. 2002-10-05 21:29:02 +00:00
fvdl
c55b2f6fa9 Define XINTR_TSS 2002-10-05 21:29:01 +00:00
fvdl
2153e9d81a Adjust callers to setgate() to match new extra parameter. 2002-10-05 21:28:34 +00:00
fvdl
1176155ea2 Protect against multiple inclusion. 2002-10-05 21:27:52 +00:00
fvdl
724f151d44 Define some masks to be able to pass information about a trap
being a TSS trap down to things like DDB.

XXX a bit of a hack.
2002-10-05 21:27:35 +00:00
fvdl
3230052ed9 Change setgate() prototype.
Define GDT entries for DDB and double fault TSS.
2002-10-05 21:26:24 +00:00
fvdl
8cea44a52a Adapt i386_send_ipi prototype. Make spllock < splipi (IPI paths
changed to use __cpu_simple_lock because of LOCKDEBUG conflict).
2002-10-05 21:25:24 +00:00
fvdl
df3dd8684d Add mask for TLB IPI rendezvous, and stackpointers + TSS structures
for TSS gates per CPU.

XXX struct cpu_info is getting to be a bit large
2002-10-05 21:22:31 +00:00
fvdl
75b1ec0ed0 Add wrapper for trap() to be used for traps that come in via a TSS. 2002-10-05 21:21:05 +00:00
fvdl
23349480e8 To be able to set up TSS gates, setgate needs another argument for the
selector.
2002-10-05 21:20:27 +00:00
fvdl
b70873cac2 Add double fault TSS stub code. 2002-10-05 21:20:00 +00:00
fvdl
4c9f03d9e5 Make i386_send_ipi return an error when it fails to send. 2002-10-05 21:19:39 +00:00
fvdl
736c720259 Deal with coming in via a TSS. 2002-10-05 21:19:16 +00:00
fvdl
d24101a133 Set up TSS gates per CPU for DDB IPI and double fault handlers. 2002-10-05 21:18:44 +00:00