| Age | Commit message (Collapse) | Author |
|---|
|
curproc's xstate ("extended state") is loaded in the CPU or not.
- context switch, sendsig(), vmm, and doing CPU crypto in the kernel all
check the flag and, if set, save the old thread's state to the PCB,
clear the flag, and then load the _blank_ state
- when returning to userspace, if the flag is clear then set it and restore
the thread's state
This simpler tracking also fixes the restoring of FPU state after nested
signal handlers.
With this, %cr0's TS flag is never set, the FPU #DNA trap can no
longer happen, and IPIs are no longer necessary for flushing or
syncing FPU state; on the other hand, restoring xstate while returning
to userspace means we have to handle xrstor faulting if we could
be loading an altered state. If that happens, reset the state,
fake a #GP fault (SIGBUS), and recheck for ASTs.
While here, regularize fxsave/fxrstor vs xsave/xrstor handling, by
using codepatching to switch to xsave/xrstor when present in the
CPU. In addition, code patch in use of xsaveopt in most places
when the CPU supports that. Use the 64bit-wide variants of the
instructions in all cases so that x87 instruction fault IPs are
reported correctly.
This change has three motivations:
1) with modern clang, SSE registers are used even in rcrt0.o, making
lazy FPU switching a smaller benefit vs trap costs
2) the Intel SDM warns that lazy FPU switching may increase power costs
3) post-Spectre rumors suggest that the %cr0 TS flag might not block
speculation, permitting leaking of information about FPU state
(AES keys?) across protection boundaries.
tested by many in snaps; prodding from deraadt@
|
|
redundant references to termios and favor Po/Pc for parenthesis enclosing.
ok jmc@ schwarze@
|
|
|
|
Move AST handling from the bottom of alltraps and Xdoreti to the
top of the new routine.
syscall-return-via-iretq and the FPU #DNA trap jump into intr_user_exit after
the AST check (already performed for the former, skipped for the latter)
Delete a couple debugging hooks mlarkin@ and I used during Meltdown work
tested by many in snaps; thanks to brynet@ for spurious interrrupt testing
earlier reviews and comments kettenis@ mlarkin@; prodding from deraadt@
|
|
that OpenBSD runs on.
ok patrick@
|
|
to look up the mapping for the futex address.
ok visa@, mpi@
|
|
ok millert@
|
|
and that rules are evaluated sequentially, first match wins;
ok gilles
|
|
immediately above also uses this notation, it's shorter, and it keeps
two examples in the man page which claim to be the same as the default config
(but with exceptions) in sync;
ok gilles
|
|
Missed during the "Namecache revamp" in 2009.
Reported by Georg Bege <georg at bege dot email>, thanks.
OK visa jmc mpi jca
|
|
OK bluhm jca
|
|
OK bluhm mpi jca
|
|
OK bluhm deraadt jca
|
|
unused since v1.76, ca 5.3
ok kettenis@ deraadt@
|
|
Patch submitted by Nan Xiao, ok tb@ sthen@ millert@ deraadt@ jca@
|
|
|
|
that will be executed (with recipient privileges) before calling the users'
mail delivery agent
ok eric@
|
|
local variable dangling, so calculate the lock address by hand at invocation
ok kettenis
|
|
mode, so switch from 1-bit to 4-bit bus width if the host controller
supports it.
ok kettenis@
|
|
Most terminals have scrollback options, or can be achieved via tmux, so
it's not needed.
OK millert@
|
|
POSIX states: "An empty command list shall be equivalent to the p command",
so changing the behaviour of a null-command in any other case is a
violation of POSIX.
OK millert@
|
|
pf_state_insert(), so the state key has not been set. When inlining,
the compiler recognized the NULL pointer dereference in
s->key[PF_SK_STACK]->proto and optimized it away. But if pf.c was
compiled with -fno-inline, the system crashed during boot. Add a
NULL check in pf_set_protostate() to handle the situation when the
function is called.
OK sashan@ henning@
|
|
allows delivery as well as relaying (for authenticated users), and that
passing to an external mda is possible, but not required;
ok gilles
|
|
from markus@; OK mpi@
|
|
ok gilles
|
|
ok kettenis@
|
|
ok kettenis@
|
|
|
|
|
|
|
|
ok deraadt@
|
|
Use that in three places:
- vfs_stall()
- sys_mount()
- dounmount()'s MNT_FORCE-does-recursive-unmounts case
ok deraadt@ visa@
|
|
|
|
|
|
ok deraadt@ visa@
|
|
functions.
discussed with and OK mpi@ visa@
|
|
|
|
the hashmask. For the resize calculations it is clearer to use the
field inpt_size.
OK visa@ mpi@
|
|
get_recorded_lease() returning NULL.
Should fix segmentation fault reported by Klemens Nanni on bugs@.
|
|
OK visa@ mpi@
|
|
ok deraadt@
|
|
now unused 'ifra' from in_ioctl().
Discussed with mpi and visa
|
|
that sysctl in pledge. Discovered by Stuart Cassoff
|
|
(including the phandle).
ok patrick@
|
|
to its own function and merge the two switches in in_ioctl_change_ifaddr().
Finally: each ioctl has its own case and privilege check.
ok visa
As an aside, an audit of the ports tree has shown that we should continue
to support the legacy ioctls SIOCSIF{,BRD,DST}ADDR, SIOCSIFNETMASK despite
the fact that they have been deprecated for the better part of two decades
and FreeBSD dropped support 7 years ago. Too many ports still rely on them.
Thanks to sthen and visa for their help with that.
|
|
setting the FIFO thresholds apropriately. The code now also makes an
attempt to recover from failed DMA transfers.
|
|
and /usr/libexec/cpp are supposed to be hardlinks of /usr/bin/clang. The move
of /usr/bin/cc to the base set to allow kernel relinking resulted in it being
a copy and not a hardlink. Move the other files to the base set too to ensure
all are hardlinks.
Noticed by Anthony Coulter
OK deraadt
|
|
client KEX DHE processing, rather than reusing the buffer that is used
to send/receive handshake messages.
ok beck@ inoguchi@
|
|
ok beck@ inoguchi@
|
|
Introduce process-private futexs. These will bypass the uvm mapping lookup
and should be slightly more efficient.
ok visa@, mpi@
|
