Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
154,259 Commits 606 Branches 0 Tags 3.1 GiB
Commit Graph

5036 Commits

Author SHA1 Message Date
gdamore 7b0092122f Update the base time (used when no filesystem or rtc time exists) to 12pm, 
Jan 1, 2006. This is somewhat arbitrary, but its a heck of a lot better than
mid 1991. :-)
 2006-09-03 17:13:04 +00:00
martin e0c4f3147e Fix %X in kernel printf, from Arnaud Degroote in PR kern/34459. 2006-09-03 17:06:36 +00:00
christos 28ea22fb52 use c99 initializers, per gimpy's request 2006-09-03 06:40:39 +00:00
gdamore 487ed45995 Don't warn about RTC losing/gaining days if the filesystem time is bogus. 2006-09-03 06:37:55 +00:00
christos be15e5387b use c99 initializers 2006-09-03 06:34:34 +00:00
christos e2ea4b04bb avoid empty else statement 2006-09-03 06:25:19 +00:00
christos a307d25b10 add missing initializer 2006-09-03 06:24:21 +00:00
gdamore a6abab1852 Incorporate changes from x86/i386 as follows: 
1) don't set a clock when panicing during early boot
2) if the filesystem time is newer than the rtc time (by at least 2 days) then
revert to the filesystem time.
3) use x86 style messaging.

We still use a threshold of 2 days of gain or loss in time to warn though.
 2006-09-03 05:25:05 +00:00
gdamore c583da0d13 Add MI implementation of inittodr, todr_attach, and resettodr. 
This is triggered upon __HAVE_GENRIC_TODR in machine/types.h.  Conversion of
evbmips port forthcoming.
 2006-09-02 20:18:00 +00:00
elad 994bc68e9f Short-circuit calls to kauth_authorize_action() for a scope withtout any 
listeners to always return "allow".

The idea is that it's not entirely unlikely that some vendors, or users,
will decide to load the security model as an LKM, and that can only
happen after at least mounting local file-systems. If we would not have
this fast-path, all authorization requests would be denied.

okay christos@
 2006-09-02 20:10:24 +00:00
kardel e23bdf3c6e move MAX_TCNAMELEN into timetc.h, use constant in tmp buffer allocation 2006-09-02 13:45:04 +00:00
christos 8d6177c953 add missing initializer 2006-09-02 06:35:49 +00:00
christos bdd0dbdf82 add missing initializers 2006-09-02 06:35:12 +00:00
christos 72c936995b delete unreachable code 2006-09-02 06:33:11 +00:00
christos 9802793325 deal with empty if bodies 2006-09-02 06:32:09 +00:00
christos 2e1a2f9d5e comment out impossible comparison 2006-09-02 06:30:53 +00:00
christos 4e2f7e29cf - fix initializer 
- comment out unused code
 2006-09-02 06:29:13 +00:00
christos e04bc58b1a Add missing initializer 2006-09-02 06:26:13 +00:00
christos 04eadef67e add missing initializer 2006-09-02 06:22:45 +00:00
christos bbff9f7a92 Add missing initializers 2006-09-02 06:21:32 +00:00
matt 21b62eb996 Missed commit (Regen'ed). 2006-09-01 22:23:18 +00:00
matt 7e0679149d Properly deal with/without ktrace/ptrace/systrace 2006-09-01 21:24:50 +00:00
matt bb97e7087b process_domem exists for ktrace/ptrace/systrace 2006-09-01 21:05:33 +00:00
matt 894d299a2b Regen. (add __weak_alias(sys_ptrace, sys_nosys) when PTRACE is off) 2006-09-01 21:04:45 +00:00
matt 30183e299f Don't conditionalize *sys_ptrace. The lack of sys_ptrace will be dealt 
with differently.
 2006-09-01 20:58:18 +00:00
dyoung ae7bd05531 Skip computing tags on IP Filter while its compatibility #defines 
shadow important names like radix_node and radix_node_head.
 2006-09-01 04:55:12 +00:00
dogcow 5d399ea343 process_stoptrace is also used by PTRACE; fixes INSTALL_SMALL, GENERIC_TINY, 
et al, where KTRACE isn't defined but PTRACE is.
 2006-08-31 18:05:21 +00:00
tsutsui 79d3499096 Disable asm statement which defines bpendtsleep symbol as "handy breakpoint" 
on all m68k ports since it may cause a multiple symble definition error
by code duplication of gcc4 optimizer. Also note about this in comment.
 2006-08-30 17:28:32 +00:00
cube 67306d2035 Make this compile under "no options COREDUMP". 2006-08-30 14:41:06 +00:00
cube c09480be6c Let those compile under "no options COREDUMP". 2006-08-30 13:55:03 +00:00
cube 21222420ab Regen against correct syscalls.master version [hi gimpy!]. 2006-08-30 13:53:41 +00:00
matt 984109dc99 Regen. 2006-08-30 11:35:21 +00:00
matt 0cf3f9db4e Add || defined(_KERNEL) to ptrace entry (like ktrace). 2006-08-30 11:34:26 +00:00
matt 583998d384 sys_process.c is also used by KTRACE. 2006-08-30 11:08:15 +00:00
matt 1f5dae8a54 #include "opt_ptrace.h" 2006-08-30 10:17:49 +00:00
matt bae263f051 Regen. 2006-08-29 23:37:30 +00:00
matt 084f43623d Fix typo (ktrace -> ptrace) 2006-08-29 23:36:56 +00:00
matt 9e0ec4816e Make PTRACE and COREDUMP optional. Make the default (status quo) by putting 
them in conf/std.
 2006-08-29 23:34:48 +00:00
yamt b153af038b don't include sys/lock.h as it is no longer necessary. 2006-08-28 13:41:04 +00:00
jld e782915872 Add %'s to go with PRI format constants. 2006-08-24 01:08:00 +00:00
manu 81c909dd45 1) Complete Linux exit_group() emulation 
Members of the thread group must die without reporting to the parent and
without going to zombie stage. We do that by reparenting to init before
catching a SIGKILL. The parent will not see the child death.

The thread group leader must report the exit status, even if it exits
because of another thread calling exit_group(). We do that by storing the
exit status in struct linux_emuldata_shared, and the exit hook has the
duty of setting struct proc's p_xstat for the thread group leader.

2) For exit/fork/exec hooks, move the NPTL specific code to separate functions
that are shared between COMPAT_LINUX and COMPAT_LINUX32

3) Fix LINUX_CLONE_PARENT_SETTID semantics
 2006-08-23 19:49:09 +00:00
christos f73c6e5980 Change iostat_alloc() to take the parent pointer and the name directly, so 
that callers are not responsible for initializing the fields. Store the name
inside the struct instead of maintaining a pointer to external storage, or
leaked memory (nfs case).
 2006-08-23 17:19:32 +00:00
seanb eeb51ff4c3 Don't leave a dangling socket (no associated struct file) if 
user supplied a bad name or anamelen parameter to accept(2).
If bad paramaters were suplied and a copyout() failed, the
struct file was cleaned up but not the associated socket.  This
could leave sockets in CLOSE_WAIT that could never be closed.
 2006-08-22 13:39:48 +00:00
martin 5581630d1f Add <sys/lock.h> include for <sys/callback.h> 2006-08-21 09:06:06 +00:00
martin b87950a9f6 Use %zu for size_t 2006-08-21 09:05:22 +00:00
christos cba8e50f44 From Elad: 
Attached diff short-circuits kauth_authorize_action() if the request
comes from the kernel (NOCRED or FSCRED).

okay matt@
 2006-08-20 15:05:14 +00:00
yamt f3d146fd88 vmf_to_prf: tweak code to avoid a "may be used uninitialized" warning. 
pointed by Kurt Schreiner.
 2006-08-20 13:14:03 +00:00
yamt 4e59653466 move kmem_kva_reclaim_callback out of #ifdef DEBUG. 
fixes compilation problem in the case of !DEBUG.
pointed by Kurt Schreiner.
 2006-08-20 13:08:11 +00:00
blymn 50abf3c730 Add functions to the fileassoc interface to allow a "hint" to be provided 
instead of performing an implicit VOP_GETATTR() when adding/looking up
fileassoc entries.
 2006-08-20 10:38:23 +00:00
yamt 0406a06106 implement kva reclamation for kmem_alloc quantum cache. 2006-08-20 09:45:59 +00:00
yamt fc12b34a0a kmem_init: use vmem quantum cache. XXX needs tune. 2006-08-20 09:44:06 +00:00
yamt c8cdcde4de implement vmem quantum cache. 2006-08-20 09:43:08 +00:00
yamt 3c433fc395 implement PR_NOALIGN. (allow unaligned pages) 
to be used by vmem quantum cache.
 2006-08-20 09:35:25 +00:00
yamt 8f01bd288f pool_init: in the case of PR_NOTOUCH, don't bump item size to 
sizeof(struct pool_item).
 2006-08-19 14:01:15 +00:00
christos 35ca6c8b5b Fix all the -D*DEBUG* code that it was rotting away and did not even compile. 
Mostly from Arnaud Lacombe, many thanks!
 2006-08-17 17:11:27 +00:00
plunky d9b3621e66 Fix broken comments - there is no SO_ISCONNECTED or SO_ISCONFIRMING 
this fixes kern/32058
 2006-08-16 18:31:54 +00:00
plunky b54ec7d631 Remove macro call sonewconn() => sonewconn1() as it is no longer necessary. 
There are no such calls and the compiler would catch mistakes like this
in any case.
 2006-08-16 18:17:23 +00:00
christos c07e49883f Pretending to be Elad's keyboard: 
Attached diff let's call kauth_register_scope() with a NULL default
listener. from tn2127:

"callback is the address of the listener callback function for this
scope; this becomes the scope's default listener. This parameter may be
NULL, in which case a callback that always returns KAUTH_RESULT_DEFER is
assumed."
 2006-08-16 17:57:26 +00:00
yamt c777d5404f - fix integer overflows. 
- bump VMEM_MAXORDER.

should fix "idx < VMEM_MAXORDER" assertion failure reported by
Martijn van Buul on current-users@.
 2006-08-16 13:19:03 +00:00
ad 87dd042f7a sys__lwp_create: put newuc back to the pool on failure. 2006-08-14 14:11:21 +00:00
xtraeme dfa8fac821 Add __KERNEL_RCSID() 2006-08-13 06:21:10 +00:00
christos 0b7fa73e66 fix a stray \n 2006-08-12 21:46:03 +00:00
christos adddcaa6ee Fix the dump printing too. 2006-08-12 20:27:35 +00:00
christos f7cf5ff3b4 Only print the partition letter if the device supports partitions. 2006-08-12 19:58:55 +00:00
christos ce0ef6cfc4 Pretending to be Elad's keyboard: 
fileassoc.diff adds a fileassoc_table_run() routine that allows you to
pass a callback to be called with every entry on a given mount.

veriexec.diff adds some raw device access policies: if raw disk is
opened at strict level 1, all fingerprints on this disk will be
invalidated as a safety measure. level 2 will not allow opening disk
for raw writing if we monitor it, and prevent raw writes to memory.
level 3 will not allow opening any disk for raw writing.

both update all relevant documentation.

veriexec concept is okay blymn@.
 2006-08-11 19:17:47 +00:00
pavel fd456db2e7 MCLAIM the correct mbuf. PR kern/34162. 2006-08-08 15:53:40 +00:00
yamt 56d02ae53a vfs_copyinfh_alloc: kludge for nfsv2 file handles. 2006-08-08 13:08:08 +00:00
bjh21 47ef6bac03 Using humanize_number() on clock speeds does more harm than good, and 
precious little of either.  Go back to displaying them with all their digits.
 2006-08-06 13:29:42 +00:00
bjh21 fc39059504 Clock frequencies tend to be big numbers -- use humanize_number() when 
displaying them through printf.
 2006-08-05 21:59:40 +00:00
yamt ac0b9042bb sys___fhstatvfs140: update a comment. 2006-08-04 17:07:32 +00:00
yamt 4977b4bbc0 some filehandle syscall related changes. 
- remove the support of variable-sized filehandle from compat version of
  syscalls.  (strictly speaking, it breaks abi.  i don't think it's a problem
  because this feature is short-lived and there are no affected in-tree
  filesystems.)
- unify vfs_copyinfh_alloc and vfs_copyinfh_alloc_size.
- vfs_copyinfh_alloc_size: check fhsize strictly.
- reduce code duplication between compat and current syscalls.
 2006-08-04 16:29:51 +00:00
yamt e99f3cca81 vfs_copyinfh_alloc_size: fix indent. 2006-08-04 13:31:51 +00:00
christos cf3258890d PR/34129: Andreas Gustafsson: Nonblocking write to pty can return 0 
If we cannot write on the slave side, always return EWOULDBLOCK in the
non-blocking case, because we don't know that the buffer we started
writing is actually in a system call boundary.
 2006-08-03 22:51:05 +00:00
christos 740d87bac5 adjust resid in one more place. 2006-08-03 22:06:55 +00:00
christos 75300d10c2 don't drop characters that we've copied in when we block. 2006-08-03 22:03:18 +00:00
martin b4cb63a646 Make filehandles opaque to userland 2006-07-31 16:34:42 +00:00
martin f956f13e21 Step 1 to make filehandles completely opaque to userland 2006-07-31 16:32:51 +00:00
ad a0c8510a86 Single-thread updates to the process credential. 2006-07-30 21:58:11 +00:00
elad 5446ee0ef6 ugh.. more stuff that's overdue and should not be in 4.0: remove the 
sysctl(9) flags CTLFLAG_READONLY[12]. luckily they're not documented
so it's only half regression.

only two knobs used them; proc.curproc.corename (check added in the
existing handler; its CTLFLAG_ANYWRITE, yay) and net.inet.ip.forwsrcrt,
that got its own handler now too.
 2006-07-30 17:38:19 +00:00
christos 3358c957a3 PR/34094: Jorge Acereda: Kernel option KSTACK_CHECK_MAGIC doesn't build 2006-07-27 00:04:08 +00:00
elad 14171f6143 make the sleepable assertion in #if 0 (with commented out LOCKDEBUG for 
later) until we sort that stuff out.
 2006-07-26 17:13:26 +00:00
elad ebdd7412b5 sync kpi with docs, remove old comments 2006-07-26 16:34:07 +00:00
elad 22e1a583a2 fix logic in veriexec_report() 2006-07-26 15:14:24 +00:00
dogcow c959b3c4bd at the request of elad, as veriexec.h has returned, revert the changes 
from 2006-07-25.
 2006-07-26 09:33:57 +00:00
dogcow cc44d2fe07 mechanically go through and 
s,include "veriexec.h",include <sys/verified_exec.h>,
as the former has apparently gone away.
 2006-07-25 00:23:06 +00:00
elad 05eb39fb84 replace magic numbers for strict levels (0-3) with defines. 2006-07-24 21:32:39 +00:00
elad 32e391d158 finally do things properly. veriexec_report() takes flags, not three ints. 2006-07-24 21:15:05 +00:00
elad 5d611badde some fixes: 
- adapt to NVERIEXEC in init_sysctl.c.
  - we now need "veriexec.h" for NVERIEXEC.
  - "opt_verified_exec.h" -> "opt_veriexec.h", and include it only where
    it is needed.
 2006-07-24 16:37:28 +00:00
elad 93a2eaef51 prevent removal of monitored files as early as ids mode. 
okay blymn@
 2006-07-24 16:27:15 +00:00
ad f474dceb13 Use the LWP cached credentials where sane. 2006-07-23 22:06:03 +00:00
elad e2706baefd kill a VOP_GETATTR() we don't need for veriexec. 2006-07-22 10:40:49 +00:00
elad a92c1615a4 deprecate the VERIFIED_EXEC option; now we only need the pseudo-device to 
enable it. while here, some config file tweaks.

tons of input from cube@ (thanks!) and okay blymn@.
 2006-07-22 10:34:26 +00:00
elad 7e7591e119 if LOCKDEBUG, assert that we can sleep in kauth_authorize_action(). 
discussed with yamt@ on tech-kern.
 2006-07-22 09:24:25 +00:00
yamt 13170f18a9 assert_sleepable: panic if curlwp == NULL. 2006-07-21 10:22:51 +00:00
yamt 696edc2b76 use ASSERT_SLEEPABLE where appropriate. 2006-07-21 10:08:41 +00:00
yamt 9862c5bef2 add ASSERT_SLEEPABLE() macro to assert we can sleep. 2006-07-21 10:07:29 +00:00
christos cb6bd87d8a PR/34043: mrt at notwork dot org: 3.99.22 kernel crashes at *_vptofh() called 
from vfs_composefh_alloc() due to uninitialized "fidsize".
 2006-07-20 16:18:14 +00:00
cube 2d03dc4c3e Fix an obvious overlook (struct fileassoc_hook is not defined in 
fileassoc.h anymore).  I could say "please compile-test", but then, I'm not
doing it either for that commit.
 2006-07-20 09:00:41 +00:00
ad fe65535924 Try again.. Move l_cred into the startzero section, and fix the define. 
Doesn't change the layout of struct lwp.
 2006-07-20 00:17:10 +00:00
ad 2b79369c7e - Hold a reference to the process credentials in each struct lwp. 
- Update the reference on syscall and user trap if p_cred has changed.
- Collect accounting flags in the LWP, and collate on LWP exit.
 2006-07-19 21:11:37 +00:00
blymn 36c3e07ffa Add destination file vnode to rename checking. 2006-07-19 12:45:19 +00:00
elad 8ee43586ab move the fileassoc_delete_file() call above the VOP_REMOVE() one, yamt@ 
says vp might not be valid after it.
 2006-07-17 19:05:36 +00:00
ad e7447d9340 - Always make p->p_cred a private copy before modifying. 
- Share credentials among processes when forking.
 2006-07-17 15:29:06 +00:00
ad 16fc727817 Just use proc0.p_cred where root credentials are needed, instead of 
allocating a new kauth_cred_t.
 2006-07-17 14:49:16 +00:00
ad 2af3d29e01 - Don't cast kauth_cred_t to (struct ucred *), just set pc_ucred = NULL. 
- Fill ucred::cr_ref.
 2006-07-17 14:47:02 +00:00
ad 55a5faa1ef - Only acquire cr_lock when changing cr_refcnt. 
- When freeing, test the value of cr_refcnt from inside the lock perimiter.
- Change some uint16_t/uint32_t types to u_int.
- KASSERT(cr_refcnt > 0) in appropriate places.
- KASSERT(cr_refcnt == 1) when changing the credential.
 2006-07-17 14:37:20 +00:00
elad d4410e6fde CURTAIN() -> KAUTH_GENERIC_CANSEE. 2006-07-16 20:21:42 +00:00
elad d9a7152c3e add KAUTH_GENERIC_CANSEE, which is like the KAUTH_PROCESS_CANSEE, only 
for two kauth_cred_t rather than kauth_cred_t and struct proc *.

advise against using it in the man-page; it should be used only in cases
where we either don't have an object-specific op or when we can't easily
use one.
 2006-07-16 20:10:11 +00:00
elad 9be7229906 expose less api; prompted by yamt@. 2006-07-16 19:37:55 +00:00
kardel e804524e26 fix another t{s,v}tohz() fallout (invalid remaining time) 
now passes regression/sys/kern/sleeping
 2006-07-16 19:23:11 +00:00
elad c6d34abf63 oops, forgot to commit that one. thanks Arnaud Lacombe. 2006-07-16 18:49:29 +00:00
elad 4f60437127 minor api cleanup, and remove useless VOP_GETATTR() calls. 2006-07-15 20:07:36 +00:00
elad a904c6895a update my email on the copyright to @netbsd.org 2006-07-15 16:48:51 +00:00
elad a890e27076 move veriexec_clear() from dev/verified_exec.c to kern/kern_verifiedexec.c 2006-07-15 16:43:35 +00:00
elad e3f6ad54bf dont use magic numbers. 2006-07-15 16:42:12 +00:00
elad 904a157292 some cleanup and fixes: 
- fix possible panic and vfs refcnt issue
  - use log(9) instead of printf(9) where possible
  - indent
  - stop logging fsid/fileid
 2006-07-15 16:33:16 +00:00
martin 631d071e84 FHANDLE_SIZE_MIN is an allowed value for the requested size (it happens 
to be the old static size on 32bit archs, so the compat_30 code uses it)
 2006-07-15 16:32:29 +00:00
yamt 73f44d02f7 do_setresuid, do_setresgid: use the suser privilege only when necessary. 2006-07-15 06:31:34 +00:00
yamt bfe8806772 kauth_cred_setgroups: fix an assertion. 2006-07-15 05:54:56 +00:00
kardel 7e5391a22a rename boottimebin to timebasebin as this 
struct actually keeps the start of the UTC
time scale and not the boot time. the relationship
is: utc-time = up-time + timebase.
background: when doing an ACPI sleep the uptime
freezes and on wakeup the tc_setclock() leads to
a new timebasebin - this had no relationship with
a boottime as the structure was previously called.

discussed on tech-kern@
anomalies (moving boottime, uptime describing running time)
where discovered by Arnaud Lacombe.
 2006-07-14 23:01:12 +00:00
kardel 97b1c42feb keep NetBSD boottime semantics: 
- only set at boot
- only tracking delta of set-time operations
-> will keep boottime stable across ACPI sleeps
   uptime(1) will report the time since last boot
 2006-07-14 22:44:28 +00:00
kardel 9a7410ffff reduce sleep time by slept time for retrys 2006-07-14 22:35:15 +00:00
kardel ac3f10a8d9 make inittimeleft() and gettimeleft() available (for e. g. kern_event.c) 2006-07-14 22:33:27 +00:00
elad 1c8d298b89 move security.setid_core.* to kern.coredump.setid.*, as requested by yamt@. 2006-07-14 21:55:19 +00:00
elad b5d09ef065 okay, since there was no way to divide this to two commits, here it goes.. 
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.

this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.

as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.

also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.

tons of input from yamt@, wrstuden@, martin@, and christos@.
 2006-07-14 18:41:40 +00:00
yamt a1c2fd0906 introduce filehandle size limits: 
- FHANDLE_SIZE_MAX: refuse unreasonable size allocation, esp. when
  it's a user-specified value.

- FHANDLE_SIZE_MIN: pad small filehandles with zero for compatibility.
  XXX it might be better to push this into filesystem dependent code so that
  new filesystems can choose smaller handles.
 2006-07-14 18:30:35 +00:00
yamt cf80fa09d3 - sys___getfh30: 
- restructure code so that it doesn't try to allocate user-specified
	  unbound amount of memory.
	- don't ignore copyout failure in the case of E2BIG.
- rename vfs_copyinfh to vfs_copyinfh_alloc for consistency.
 2006-07-14 18:29:40 +00:00
christos a2f707bc1b factor out common code. 2006-07-14 16:02:45 +00:00
yamt 2d1ef0388d - fix buffer overruns in fhopen and friends. 
- share some code among them.
 2006-07-14 15:59:29 +00:00
christos 199b3952c8 - rename sleepts to sleeptv since it is a timeval. 
- don't initialize it needlessly.
- fix the poll code the same way the select code was fixed, so that it
  computes the remaining time to sleep properly.
 2006-07-14 15:52:44 +00:00
yamt e221f55a3b sys___getfh30: fix a vnode lock botch in rev.1.244. 2006-07-14 14:28:58 +00:00
yamt 387e1097ba sys___getfh30: remove unnecessary casts. 2006-07-14 14:00:46 +00:00
pavel a360a47f63 regenerate again to have correct source RCS Id 2006-07-13 23:26:24 +00:00
martin edf136d748 fix typo 2006-07-13 21:51:50 +00:00
martin a3b5baed42 Fix alignement problems for fhandle_t, exposed by gcc4.1. 
While touching all vptofh/fhtovp functions, get rid of VFS_MAXFIDSIZ,
version the getfh(2) syscall and explicitly pass the size available in
the filehandle from userland.

Discussed on tech-kern, with lots of help from yamt (thanks!).
 2006-07-13 12:00:24 +00:00
blymn af4af92111 Fix behaviour of files with no signatures on exec. 2006-07-09 10:13:53 +00:00
kardel b36308b48b when adjusting the left over timeout value in selcommon() 
do actually subtract the elapsed time instead of adding it.
 2006-07-08 16:01:25 +00:00
kardel e472b9091e fix a bug reported by Steven M. Bellovin regarding oversleeping 
select(2) timeouts. Introduced via timecounter branch from a
tvtohz() conversion.
The left over timeout was not decremented when re-starting
the sleep in select.
 2006-07-08 12:16:09 +00:00
kardel d788cc37f6 report true clock resolution based on the frequency information 
from the underlying counter in clock_getres(). For frequencies
above 1GHz report a resolution if 1 nsec.
 2006-07-08 12:10:33 +00:00
yamt d9530c47ba add DEBUG code to detect modifications on free memory. 2006-07-08 06:01:53 +00:00
matt 34b5f92bac Don't define bpendtsleep on vax (gcc4 optimizer will duplicate the asm 
that contains it result in a multiple symbol definition in gas).
 2006-07-08 00:23:29 +00:00
drochner 8c61e0077d Request executable memory for LKM code/data areas. This fixes LKMs 
on alpha (which were broken for more than a year appearently and noone
noticed). (The other archs didn't suffer because their pmap_kenter_pa()
doesn't support non-executable mappings.)
 2006-07-05 14:31:00 +00:00
yamt d145ea66dc change KMEM_QUANTUM_SIZE from sizeof(void *) to (ALIGNBYTES + 1). 
the latter is larger on eg. sparc.

noted by Christos Zoulas.
http://mail-index.NetBSD.org/port-sparc/2006/07/02/0001.html
 2006-07-03 09:18:35 +00:00
christos 2f4b451441 Make sure we have at least PIPE_BUF bytes available in the socket send buffer. 
Review and comment by yamt.
 2006-07-03 02:34:39 +00:00
christos 5f5ceecc09 Revert previous change to bump the socket low watermark to sock_loan_thresh. 
With sock_loan_thresh=4096, sb_lowat==sb_hiwat, and sowritable will never
be true (even if only a single byte is pending). Some programs (like screen)
expect select() to return that a socket is writable on a socket when there
is space to write to it. XXX: What is the right thing to do here?
 2006-07-01 15:38:28 +00:00
kardel 6dc2fb00a7 L_CLR(time_adj) each round so adjtime() corrections don't 
accumulate over time resulting in a constantly speeding/
slowing clock. found with wiz@ in a timecounter non NTP
kernel configuration.
 2006-07-01 05:44:26 +00:00
kardel 596d823cde always call ntp initialisation for timecounter systems as 
the ntp code degenerates to the adjtime implementation in the
non NTP case
 2006-07-01 05:41:10 +00:00
mrg 1b7ff51599 regenerate. 2006-06-26 21:30:50 +00:00
mrg e2eb31d3a3 version the socket(2) syscall. for compat30 socket, we use 
EPROTONOSUPPORT instead of EAFNOSUPPORT.

from pavel@ with a little bit of clean up from myself.

XXX: netbsd32 (and perhaps other emulations) should be able
XXX: to call the standard socket calls for this i think, but
XXX: revisit this at another time.
 2006-06-26 21:23:56 +00:00
yamt ffa1c23e58 fix VM_BESTFIT. 2006-06-26 10:23:20 +00:00
yamt 9595f19850 wrap long lines. 2006-06-26 10:21:59 +00:00
yamt a3b2d62857 sa_stackused, sa_setstackfree: share some common code. 2006-06-26 10:21:34 +00:00
yamt f374633f81 remove some unnecessary casts. 2006-06-25 08:13:28 +00:00
yamt 0fca5c447b move SA related pools to where they are used. make them static. 2006-06-25 08:12:54 +00:00
yamt 44c017beb2 sa_makeupcalls: don't leak kernel stack garbage to userland. 2006-06-25 08:12:10 +00:00
yamt 8308eb1f7a implement kmem_zalloc. 2006-06-25 08:10:04 +00:00
yamt 23fcb7c3d3 sa_makeupcalls: cleanup usage of sae_sacopyout. 2006-06-25 08:09:10 +00:00
yamt d038c11b60 sa_makeupcalls: simplify code and fix an sau leak on error. 2006-06-25 08:08:13 +00:00
yamt 5df39bb5be sa_makeupcalls: don't allocate big structures on stack. 2006-06-25 08:05:36 +00:00
yamt bc4977819f 1. implement solaris-like vmem. (still primitive, though) 
2. implement solaris-like kmem_alloc/free api, using #1.
   (note: this implementation is backed by kernel_map, thus can't be
   used from interrupt context.)
 2006-06-25 08:00:01 +00:00
yamt 6108244889 remove unused M_SA. 2006-06-25 07:46:39 +00:00
mrg 8075fe8705 don't put the bpendtsleep handy breakpoint in sun2 kernels as the 
output asm includes it twice causing multiply-defined symbols.
 2006-06-24 05:23:06 +00:00
drochner 99f30cd9d2 add a comment telling which structure members are zero-initialized, 
as requested by YAMAMOTO Takashi
 2006-06-23 16:17:23 +00:00
yamt e408053d1b fix a simonb-timecounters regression. 
the precision of getnanotime() is not suitable for file timestamps.
esp. when it's nfs-exported.

- introduce vfs_timestamp().
  (the name is from freebsd.  currently merely a wrapper of nanotime())
- for ufs-like filesystems, use it rather than getnanotime().

XXX check other filesystems.
 2006-06-23 14:13:02 +00:00
drochner 9b00231778 zero-init callback_head by memset(). code is 12 bytes shorter 2006-06-21 17:16:00 +00:00
christos ece76dd170 Don't leak memory on success. Allocate only the type of struct that we'll 
need for efficiency.
 2006-06-21 13:46:17 +00:00
yamt 300d4b1ed6 bump default so_snd.sb_lowat to increase chance to use loaning. 
the idea to tweak the watermark from Jonathan Stone.
reviewed by Bill Studenmund.
 2006-06-21 12:55:12 +00:00
christos 709b2e6f55 don't allocate too much stuff on the stack. 2006-06-20 03:20:44 +00:00
yamt 7d3142aa6a - introduce vfs_composefh() and use it where appropriate. 
- fix lock/unlock mismatch in sys_getfh.
 2006-06-17 07:06:50 +00:00
yamt 7b37f4549b sysctl_security_setidcorename: don't allocate MAXPATHLEN bytes on stack. 2006-06-17 06:54:58 +00:00
dyoung 5174aa84b6 The UID_MAX limit is not enforced by syscalls such as setreuid(2), 
so I remove the assertion uid >= 0 && uid <= UID_MAX.  This squashes
a bug where Quagga would panic my machine by passing a UID outside
the range [0, UID_MAX].

AFAICT, this restores the historical (pre-kauth) behavior.

It is likely that GIDs do not satisfy the assertion gid >= 0 &&
gid <= GID_MAX, so remove that, too.

Patch from elad.
 2006-06-13 22:56:46 +00:00
ginsbach d05e0bc3e8 Add EAFNOSUPPORT as a possible error if the address family is not 
supported.  This adds further differentiation between which argument to
socket(2) caused the error.  No longer are invalid domain (address family)
errors classified as ENOPROTOSUPPORT errors.  This should make socket(2)
conform to current POSIX and X/Open standards.  Fixes PR/33676.
 2006-06-13 21:19:56 +00:00
yamt f755e9e9b8 remove unnecessary arguments from kauth_authorize_process. 
ie. make it similar to the one found in apple TN.
 2006-06-13 13:56:50 +00:00
yamt 4602c1be73 sysctl_unpcblist: don't abuse kauth_authorize_process for non-process object. 2006-06-13 13:52:39 +00:00
yamt c1e6396657 sysctl_kern_file, sysctl_kern_file2: don't abuse kauth_authorize_process 
for non-process objects.
 2006-06-13 13:52:06 +00:00
yamt 52e88e8188 sysctl_kern_file2: fix an indent. 2006-06-13 13:23:03 +00:00
christos 67894004ec Don't allocate > 2K on the stack. 2006-06-12 01:25:05 +00:00
christos c0160ad4aa don't allocate statvfs on the stack. 2006-06-12 00:22:47 +00:00
christos 1214d130c2 Always make partitions contiguous even if the mbr has gaps. From someone 
who wants to remain anonymous.
 2006-06-11 23:25:23 +00:00
rjs 4ba88d2489 Add includes of opt_multiprocessor.h and opt_lockdebug.h where missing. 2006-06-11 07:32:18 +00:00
kardel 54cd6fafa8 re-order initialization sequence to have real counters available during autoconfig 2006-06-09 22:47:56 +00:00
drochner 698fb4fb6c make the public declaration of "hardclock_ticks" signed again; other 
code (kernel timeout/callout) does comparisions with it
 2006-06-08 17:23:11 +00:00
kardel de4337ab21 merge FreeBSD timecounters from branch simonb-timecounters 
- struct timeval time is gone
  time.tv_sec -> time_second
- struct timeval mono_time is gone
  mono_time.tv_sec -> time_uptime
- access to time via
	{get,}{micro,nano,bin}time()
	get* versions are fast but less precise
- support NTP nanokernel implementation (NTP API 4)
- further reading:
  Timecounter Paper: http://phk.freebsd.dk/pubs/timecounter.pdf
  NTP Nanokernel: http://www.eecis.udel.edu/~mills/ntp/html/kern.html
 2006-06-07 22:33:33 +00:00
christos 65a5eb3712 Grr, change the code so that it compiles with gcc-3. It was ok with gcc-4. 2006-06-04 16:44:08 +00:00
christos 95e13e63bd Introduce SA_NOKERNINFO, a flag for SIGINFO not to print kernel messages. 2006-06-03 18:18:26 +00:00
drochner ad909cf73e export ntp_gettime() and ntp_timestatus(), for use by compat code 2006-05-29 16:43:05 +00:00
drochner 4f2e2f7d77 regen 2006-05-29 09:58:51 +00:00
drochner 42a3bd3098 Extend "struct ntptimeval" for the needs of "timecounters". 
Allocate a new syscall for ntp_gettime() and set up COMPAT_30 for
the old one.
 2006-05-29 09:57:54 +00:00
yamt 07ddfaead3 systrace_seteuid, systrace_setegid: 
fix bugs in kauth change.  don't forget to update p_cred.
 2006-05-28 07:08:41 +00:00
yamt 04c3beb7b1 make some internal variables static. 2006-05-28 06:52:17 +00:00
yamt b7da9130d1 remove kauth_cred_destroy, which isn't used anymore. ok'ed by Elad Efrat. 2006-05-28 06:49:27 +00:00
simonb e78022e1d6 Limit the size of any kernel buffers allocated by the VOP_READDIR 
routines to MAXBSIZE.
 2006-05-27 23:46:49 +00:00
yamt 4e9ca7aa01 callback_head_init: don't forget to initialize ch_running and ch_flags. 
fix a problem reported by Jeff Rizzo on tech-kern@.
 2006-05-27 07:42:42 +00:00
yamt c24f70bcad move wait points for kva from upper layers to vm_map. PR/33185 #1. 
XXX there is a concern about interaction with kva fragmentation.
see: http://mail-index.NetBSD.org/tech-kern/2006/05/11/0000.html
 2006-05-25 14:27:28 +00:00
yamt 67c564ace6 sa_upcall_userret: yield cpu on stack starvation so that it's 
killable at least.  PR/28612 from ITOH Yasufumi.
 2006-05-25 14:13:29 +00:00
blymn 3018e35533 Add kauth header for function prototypes 
Whitespace clean up.
 2006-05-25 11:23:11 +00:00
yamt a53726f2a7 kauth_cred_uucmp: fix inversed return code. PR/33546 from Juan RP. 2006-05-24 23:00:49 +00:00
yamt be46b8e46c KNF. wrap a long line. 2006-05-23 00:43:30 +00:00
yamt 1075c99d89 introduce macros, UAREA_TO_USER and USER_TO_UAREA, 
to convert uarea VA into a pointer to struct user and vice versa,
so that MD code can change the layout in uarea.
 2006-05-22 13:43:54 +00:00
yamt b43dc97b09 use consistent order of function specifiers and type specifiers. 
(int inline -> inline int)
 2006-05-22 12:42:01 +00:00
elad b3e7e1b010 Better implementation of PaX MPROTECT, after looking some more into the 
code and not trying to use temporary solutions.

Lots of comments and help from YAMAMOTO Takashi, also thanks to the PaX
author for being quick to recognize that something fishy's going on. :)

Hook up in mmap/vmcmd rather than (ugh!) uvm_map_protect().

Next time I suggest to commit a temporary solution just revoke my
commit bit.
 2006-05-20 15:45:37 +00:00
yamt 0f0124d1a9 remove NOLOCKF and use normal NULL instead. 2006-05-20 12:20:55 +00:00
yamt b22546608e remove an debug printf slipped into the previous. 2006-05-20 12:19:30 +00:00
yamt a6518311cc fix F_SETLKW deadlock detection, which has been broken since lwpify. 
although this doesn't work for processes with multiple lwps, it's better
than not working at all.
 2006-05-20 12:06:20 +00:00
yamt cecc761849 make lockfpool static. 2006-05-20 12:04:21 +00:00
yamt 408b7c1e5c move lockf implementation details from sys/lockf.h to kern/vfs_lockf.c. 2006-05-20 12:02:47 +00:00
elad 56a6a2b09b don't break lkms; pointed out by hannken@ and he@, thanks! 2006-05-18 17:35:49 +00:00
elad b6894eda07 CTLFLAG_IMMEDIATE doesn't do what I thought it did. from yamt@, thanks! 2006-05-18 17:33:18 +00:00
yamt b5420599d2 timers_alloc: use PR_WAITOK. 2006-05-18 10:09:12 +00:00
christos ccd6888699 Don't set mature an fd that has been ffree'd 2006-05-16 21:00:02 +00:00
elad 04d63f90b5 Introduce PaX MPROTECT -- mprotect(2) restrictions used to strengthen 
W^X mappings.

Disabled by default.

First proposed in:

	http://mail-index.netbsd.org/tech-security/2005/12/18/0000.html

More information in:

	http://pax.grsecurity.net/docs/mprotect.txt

Read relevant parts of options(4) and sysctl(3) before using!

Lots of thanks to the PaX author and Matt Thomas.
 2006-05-16 00:08:24 +00:00
elad 215bd95ba4 integrate kauth. 2006-05-14 21:15:11 +00:00
elad 33b0a10da4 add kauth backend. 2006-05-14 21:12:38 +00:00
christos 103d2f520c XXX: GCC uninitialized. 2006-05-14 05:30:31 +00:00
christos 99b7478875 Initialize an uninitialized variable gcc 4 found 2006-05-14 05:26:59 +00:00
christos 5eed059930 Add MSG_NOSIGNAL (from FreeBSD) 2006-05-11 15:49:44 +00:00
mrg 084c052803 quell GCC 4.1 uninitialised variable warnings. 
XXX: we should audit the tree for which old ones are no longer needed
after getting the older compilers out of the tree..
 2006-05-10 21:53:14 +00:00
yamt 7729c57a0f don't allocate struct statvfs on stack as it's too large. 2006-05-10 11:02:29 +00:00
thorpej 2977973ac1 Initialize dv_properties in config_attach_pseudo(). PR kern/33438 2006-05-08 01:04:09 +00:00
thorpej 621d724145 Remove the obsolete (and now unused) propdb API. 2006-05-05 18:26:19 +00:00
thorpej fb44a8574b Remove the devprop API and switch everthing over to the new proplib. Add 
a new device_properties() accessor for device_t that returns the device's
property dictionary.
 2006-05-05 18:04:41 +00:00
christos 89a5572015 Regen 2006-05-04 17:50:28 +00:00
christos 9ec9aed92e fhstat needs to be versioned too (for ino_t). Pointed out by Izumi Tsutsui 2006-05-04 17:48:56 +00:00
perseant 86f30eea43 Regen after making VOP_FCNTL take an unlocked vnode. 2006-05-04 16:49:54 +00:00
perseant 935530188d Change VOP_FCNTL to take an unlocked vnode. Approved by wrstuden@. 2006-05-04 16:48:16 +00:00
rpaulo 69ade2726c Use for in a forever loop as per KNF. 2006-05-02 13:26:07 +00:00
yamt a0e5478237 lwp_suspend: don't forget to decrement p_nrlwps when suspending ourselves. 
fix PR/33287 from Gregory McGarry.
 2006-04-26 11:44:39 +00:00
yamt 261fb8266c sprinkle some const and static. 2006-04-21 14:00:18 +00:00
yamt 80dfcaed5b iostat_alloc: don't forget to initialize io_busy etc. 
fix weird "time" in iostat.
 2006-04-21 13:58:10 +00:00
yamt b9eb99f927 iostat_find/disk_find: constify and simplify. 2006-04-21 13:53:30 +00:00
yamt c1078a4a2a sysctl_io_stats_setup: HW_IOSTATS is iostats, not drivestats. 2006-04-21 13:52:23 +00:00
yamt f7fc2f12db remove some unnecessary #include. 2006-04-21 13:51:24 +00:00
yamt 86ddb75ddc iostat_alloc: use waitok allocation. 2006-04-21 13:50:38 +00:00
yamt 1a29b7c5c3 unwrap a short line. 2006-04-21 13:49:32 +00:00
yamt 6237cabc7d whitespace. 2006-04-21 13:48:57 +00:00
blymn 10df330c85 Prefix iostat structure elements with io_ 2006-04-20 12:13:51 +00:00
yamt 51ab7131e8 from Christian Ehrhardt: 
* physio: The first call to ltsleep should apparently use o &obp->b_interlock
  instead of bp->b_interlock (bp is probably NULL here).
 2006-04-18 09:54:32 +00:00
christos 45af66f763 Make sure we clear cpi_name; reported by Aymeric Vincent. 2006-04-17 22:05:23 +00:00
elad ae87f36cbf Ensure creation of kern node. 2006-04-17 03:45:19 +00:00
elad 7ee081e4bd Move securelevel-specific stuff to its own file. 2006-04-17 03:39:39 +00:00
simonb 727facb192 Add a DEBUG check that panics if pool_init() is called more than 
once on the same pool.

As discussed on tech-kern a few months ago.
 2006-04-15 14:23:11 +00:00
christos 6f0c68c543 Spell coalesce correctly. 2006-04-15 05:07:15 +00:00
christos 1e59f0da77 Coverity CID 2727: Simplify code. 2006-04-15 05:05:44 +00:00
christos cb70a32776 Coverity CID 848: Protect against NULL deref. 2006-04-15 04:58:14 +00:00
christos df507c4fbb Coverity CID 846: Simplify code. 2006-04-15 04:56:14 +00:00
christos 76a19fcdb4 Coverity CID 845: Make it clear that devnullfp != NULL. 2006-04-15 04:50:08 +00:00
christos d269a5fa4d Coverity CID 760: Protect against NULL deref. 2006-04-15 04:47:11 +00:00
christos 10c2c730a5 Coverity CID 716: Fix query size vs return results initialization. 2006-04-15 04:41:52 +00:00
christos e073deb555 Coverity CID 602: Remove always true if statement. 2006-04-15 04:33:48 +00:00
christos b0c1177d65 Coverity CID 840: Add KASSERT before deref. 2006-04-15 04:26:43 +00:00