and make the stack and heap non-executable by default. the changes
fall into two basic catagories:
- pmap and trap-handler changes. these are all MD:
= alpha: we already track per-page execute permission with the (software)
PG_EXEC bit, so just have the trap handler pay attention to it.
= i386: use a new GDT segment for %cs for processes that have no
executable mappings above a certain threshold (currently the
bottom of the stack). track per-page execute permission with
the last unused PTE bit.
= powerpc/ibm4xx: just use the hardware exec bit.
= powerpc/oea: we already track per-page exec bits, but the hardware only
implements non-exec mappings at the segment level. so track the
number of executable mappings in each segment and turn on the no-exec
segment bit iff the count is 0. adjust the trap handler to deal.
= sparc (sun4m): fix our use of the hardware protection bits.
fix the trap handler to recognize text faults.
= sparc64: split the existing unified TSB into data and instruction TSBs,
and only load TTEs into the appropriate TSB(s) for the permissions.
fix the trap handler to check for execute permission.
= not yet implemented: amd64, hppa, sh5
- changes in all the emulations that put a signal trampoline on the stack.
instead, we now put the trampoline into a uvm_aobj and map that into
the process separately.
originally from openbsd, adapted for netbsd by me.
be inserted into ktrace records. The general change has been to replace
"struct proc *" with "struct lwp *" in various function prototypes, pass
the lwp through and use l_proc to get the process pointer when needed.
Bump the kernel rev up to 1.6V
it checks both the alternative/emul tree, and the non-emul tree.
This makes it possible to run chrooted emulated binaries without need
to setup shadow /emul tree within the chroot hierarchy.
XXX sligh code rearrangement was necessary, change not tested
memory fault handler. IRIX uses irix_vm_fault, and all other emulation
use NULL, which means to use uvm_fault.
- While we are there, explicitely set to NULL the uninitialized fields in
struct emul: e_fault and e_sysctl on most ports
- e_fault is used by the trap handler, for now only on mips. In order to avoid
intrusive modifications in UVM, the function pointed by e_fault does not
has exactly the same protoype as uvm_fault:
int uvm_fault __P((struct vm_map *, vaddr_t, vm_fault_t, vm_prot_t));
int e_fault __P((struct proc *, vaddr_t, vm_fault_t, vm_prot_t));
- In IRIX share groups, all the VM space is shared, except one page.
This bounds us to have different VM spaces and synchronize modifications
to the VM space accross share group members. We need an IRIX specific hook
to the page fault handler in order to propagate VM space modifications
caused by page faults.
format specific.
Struct emul has a e_setregs hook back, which points to emulation-specific
setregs function. es_setregs of struct execsw now only points to
optional executable-specific setup function (this is only used for
ECOFF).
From the NetBSD and OSF man pages, the arguments and operation of the
2 flocks are identical. The only differences are in some of the possible
values for errno which may be set in the event of certain errors. These
differences are (again from the manual pages):
The NetBSD flock may set errno to
[EOPNOTSUPP] The argument fd refers to an object other than a file.
and the OSF flock doesn't list this is a possible error code.
The OSF flock may set errno to:
[EINTR] A signal interuppted the flock call.
[ENOLCK] The lock table is full. Too many regions are already locked.
[EDEADLK] The lock is blocked by some lock from another process. Putting
the calling process to sleep while waiting for that lock to
become free would cause a deadlock.
while the NetBSD flock does not list these as possibilities.
The remainder of the possible error codes are the same.
commit cleared with thorpej first.
Async I/O OS specifities should now handled in OS specific code. Linux
has been done, but other emulation should be handled. See case LINUX_F_SETFL
in sys/compat/linux/common/linux_file.c:linux_sys_fcntl() for more details.
The data that has been collected yet:
Net Free Open Linux SunOS AIX OSF1 Darwin
send SIGIO to write end of pipe Y N N N N N Y Y
send SIGIO to read end of pipe Y Y N N N ? Y ?
send SIGIO to write end of socket Y Y Y N N Y Y Y
send SIGIO to read end of socket Y Y Y Y Y ? Y ?
between creation of a file descriptor and close(2) when using kernel
assisted threads. What we do is stick descriptors in the table, but
mark them as "larval". This causes essentially everything to treat
it as a non-existent descriptor, except for fdalloc(), which sees a
filled slot so that it won't (incorrectly) allocate it again. When
a descriptor is fully constructed, the code that has constructed it
marks it as "mature" (which actually clears the "larval" flag), and
things continue to work as normal.
While here, gather all the code that gets a descriptor from the table
into a fd_getfile() function, and call it, rather than having the
same (sometimes incorrect) code copied all over the place.
EMUL_BSD_ASYNCIO_PIPE notes that the emulated binaries expect the original
BSD pipe behavior for asynchronous I/O, which is to fire SIGIO on read() and
write(). OSes without this flag do not expect any SIGIO to be fired on
read() and write() for pipes, even when async I/O was requested. As far as
we know, the OSes that need EMUL_BSD_ASYNCIO_PIPE are NetBSD, OSF/1 and
Darwin.
EMUL_NO_SIGIO_ON_READ notes that the emulated binaries that requested
asynchrnous I/O expect the reader process to be notified by a SIGIO, but
not the writer process. OSes without this flag expect the reader and the
writer to be notified when some data has arrived or when some data have been
read. As far as we know, the OSes that need EMUL_NO_SIGIO_ON_READ are Linux
and SunOS.
callers and appropriate routines to cope. This makes fo_stat more
consistent with rest of fileops routines and also makes the fo_stat
match FreeBSD as an added bonus.
Discussed with Luke Mewburn on tech-kern@.
now obsolete, so that kernels will at least compile. I guess it was too
much trouble to change all 10 call sites, or perhaps, these days, only
things that build on i386 are important. Maybe it's the full moon tonight.