| Age | Commit message (Collapse) | Author |
|---|
|
are started before syslogd(8). This resulted in ugly sendsyslog(2)
dropped logs and the real message was lost.
Create a temporary stash for log messages within the kernel. It
has a limited size of 100 messages, and each message is truncated
to 8192 bytes. When the stash is exhausted, the well-known dropped
message is generated with a counter. After syslogd(8) has setup
everything, it sends a debug line through libc to flush the kernel
stash. Then syslogd receives all messages from the kernel before
the usual logs.
OK deraadt@ visa@
|
|
|
|
OK claudio@ visa@
|
|
|
|
The global "tickadj" variable is a remnant of the old NTP adjustment
code we used in the kernel before the current timecounter subsystem
was imported from FreeBSD circa 2004 or 2005.
Fifteen years hence it is completely vestigial and we can remove it.
We probably should have removed it long ago but I guess it slipped
through the cracks. FreeBSD removed it in 2002:
https://cgit.freebsd.org/src/commit/?id=e1d970f1811e5e1e9c912c032acdcec6521b2a6d
NetBSD and DragonflyBSD can probably remove it, too.
We export tickadj via the kern.clockrate sysctl(2), so update sysctl.2
and sysctl(8) accordingly. Hypothetically this change could break
someone's sysctl(8) parsing script. I don't think that's very likely.
ok mvs@
|
|
OK schwarze@, jmc@, deraadt@
|
|
With help/input from jmc@ and kn@.
ok jmc@
|
|
or pseudo terminals (visa);
ok mpi visa
|
|
|
|
The clock_gettime.2 page is clumsy. It will be easier to use if it is
reorganized to emphasize clock_gettime(2), a general and widely used
interface, over clock_settime(2), a special-purpose and rarely used
interface.
While doing that I found a bunch of other things I wanted to tweak
or improve:
- Simplify the NAME summary. No need to mention "calibration" or "date".
- "now", "res", and "clock" are better argument names than "tp"
and "clock_id".
- The CLOCK_* list is a bunch of fragments. Rewrite the list to
make it easier to understand what the clocks represent and how
they behave.
- Mention clock_settime(2) *after* the list of clocks. Almost nobody
needs to use it. It shouldn't lead the page alongside clock_gettime(2).
- Drop the adjtime(2) reference. We could mention it in a CAVEATS
section but it definitely doesn't belong here in the DESCRIPTION.
- Drop the useless init(8) reference.
- Add a bunch of EXAMPLES demonstrating how to actually use each clock.
- Clean up the ERRORS.
- Update the cross references.
- Add a HISTORY for the interfaces and each clock.
High-level structural ideas from jmc@ and schwarze@. Edited by jmc@.
ok jmc@, probably ok schwarze@
|
|
regarding EINVAL for denomalized time values (sub-second out of range)
ok jmc millert, discussion with kettenis
|
|
Reported by Fabian Raetz <fabian.raetz@gmail.com>.
|
|
related mbufs. Each mbuf(9) passed to these queues stores the pointer to
corresponding pipex(4) session referenced as `m_pkthdr.ph_cookie'. When
session was destroyed its reference can still be in these queues so we
have use after free issue while pipexintr() dereference it.
I removed `pipexinq', `pipexoutq' and pipexintr(). This not only allows
us to avoid issue described above, but also removes unnecessary context
switch in packet processing. Also it makes code simpler.
ok mpi@ yasuoka@
|
|
Reminder that unveil does not kill from brynet and gsoares.
Wording tweaks from jmc; feedback from deraadt.
ok jmc@, millert@, solene@, "fine with me" deraadt@
|
|
|
|
|
|
When we recompute the scaling factor during tc_windup() there is an
opportunity for arithmetic overflow if the active timecounter's
adjfreq(2) adjustment is too large. If we limit the adjustment to
[-500000, +500000] ppm the statement in question cannot overflow.
In particular, we are concerned with the following bit of code:
scale = (u_int64_t)1 << 63;
scale += \
((th->th_adjustment + th->th_counter->tc_freq_adj) / 1024) * 2199;
scale /= th->th_counter->tc_frequency;
th->th_scale = scale * 2;
where scale is an int64_t. Overflow when we do:
scale += (...) / 1024 * 2199;
as th->th_counter->tc_freq_adj is currently unbounded.
th->th_adjustment is limited to [-5000ppm, 5000ppm].
To see that overflow is prevented with the new bounds, consider the
new edge case where th->th_counter->tc_freq_adj is 500000ppm and
th->th_adjustment is 5000ppm. Both are of type int64_t. We have:
int64_t th_adjustment = (5000 * 1000) << 32; /* 21474836480000000 */
int64_t tc_freq_adj = 500000000LL << 32; /* 2147483648000000000 */
scale = (u_int64_t)1 << 63; /* 9223372036854775808 */
scale += (th_adjustment + tc_freq_adj) / 1024 * 2199;
/* scale += 2168958484480000000 / 1024 * 2199; */
/* scale += 4657753620480000000; */
9223372036854775808 + 4657753620480000000 = 13881125657334775808,
which less than 18446744073709551616, so we don't have overflow.
On the opposite end, if th->th_counter->tc_freq_adj is -500000ppm and
th->th_adjustment is -5000ppm we would have -4657753620480000000.
9223372036854775808 - 4657753620480000000 = 4565618416374775808.
Again, no overflow.
500000ppm and -500000ppm are extreme adjustments. otto@ says ntpd(8)
would never arrive at them naturally, so we are not at risk of breaking
a working setup by imposing these restrictions.
Documentation input from kettenis@.
No complaints from otto@.
|
|
This diff exposes parts of clock_gettime(2) and gettimeofday(2) to
userland via libc eliberating processes from the need for a context
switch everytime they want to count the passage of time.
If a timecounter clock can be exposed to userland than it needs to set
its tc_user member to a non-zero value. Tested with one or multiple
counters per architecture.
The timing data is shared through a pointer found in the new ELF
auxiliary vector AUX_openbsd_timekeep containing timehands information
that is frequently updated by the kernel.
Timing differences between the last kernel update and the current time
are adjusted in userland by the tc_get_timecount() function inside the
MD usertc.c file.
This permits a much more responsive environment, quite visible in
browsers, office programs and gaming (apparently one is are able to fly
in Minecraft now).
Tested by robert@, sthen@, naddy@, kmos@, phessler@, and many others!
OK from at least kettenis@, cheloha@, naddy@, sthen@
|
|
|
|
This filter, already implemented in macOS and Dragonfly BSD, returns
exceptional conditions like the reception of out-of-band data.
The functionnality is similar to poll(2)'s POLLPRI & POLLRDBAND and
it can be used by the kqfilter-based poll & select implementation.
ok millert@ on a previous version, ok visa@
|
|
OK mpi@ beck@
|
|
|
|
filesystem, and remove the BUGS section, as this was fixed by making
realpath() a system call.
ok ingo@ deraadt@
|
|
against root-only device nodes.
|
|
ok deraadt@
|
|
|
|
in many underlying subsystems and device drivers. guenther@ pointed
out this applies to system calls taking a file descriptor as an
argument. deraadt@ warned against attempting to be excessively
precise and against spreading fear, uncertainty, and doubt.
So apply a minimal patch that merely avoids the misleading wording
"will succeed unless", given that the lists aren't really exhaustive,
and simply uses a more usual wording.
Unfortunate wording reported by <David dot Raymond at nmt dot edu>.
|
|
This was replaced by a getlogin() system call which Ingo discovered we
incorrectly list as being 4.2BSD when it was introduced in 4.3BSD Reno.
ok schwarze@
|
|
Starting from "Combined Table of Contents" in Doug McIlroy's
"A Research UNIX Reader" a table of which edition manuals appeared in.
Checked against manuals from bitsavers/TUHS and source from TUHS where
available.
Ingo points out there are cases where something is included but not
documented until a later release.
bcd(6) v6 v7
printf(3) v2 v4
abort(3) v5 v6
system(3) v6 v7
fmod(3) v5 v6
ok schwarze@
|
|
|
|
sysctl.2 bits from benno@
|
|
SunOS 4.0 based on text from the following papers.
"Two 4.2BSD system calls, madvise and mincore, remain unspecified,
madvise is intended to provide information to the system to influence
its management policies. Since a major rework of such policies was
deferred to a future release, we decided to defer full specification
and implementation of madvise until that time."
R. Gingell, J. Moran, W. Shannon
"Virtual Memory Architecture in SunOS"
Proceedings of USENIX Summer Conference, June 1987
AUUGN Volume 8 Number 5, October 1987
"Memory management related system calls based on the original 4.2BSD
specification that were implemented include mmap, munmap, mprotect,
madvise, and mincore."
J. Moran
"SunOS Virtual Memory Implementation"
Proceedings of the Spring 1988 European UNIX Users Group Conference,
April 1988
AUUGN Volume 9 Number 3, June 1988
and a reference in
"Global Index", Part Number: 800-1758-10, Revision A, of 9 May 1988
bitsavers pdf/sun/sunos/4.0/800-1758-10A_Global_Index_198805.pdf
discussed with an ok schwarze@
|
|
mmap(), munman(), madvise() and mprotect() are described as planned for
later releases.
A fully functional mmap(2) supporting shared libraries first appeared in
SunOS 4.0 along with msync(2). SunOS 4.1 added madvise(3) and replaced
msync(2) with mctl(2) which was was used to implement msync(3), mlock(3)
and munlock(3).
While some of these functions appear as empty or ifdef'd functions in
4.1cBSD and later it was not until the Mach VM was integrated with Net/2
that most of them were implemented. Though the CSRG releases never
supported shared libraries or madvise(). mlock()/munlock() were not in
Net/2 as they were added by hibler in 1993, but were in 4.4BSD.
madvise(2) was implemented for UVM in NetBSD 1.5 and ported to
OpenBSD 2.7.
For now instead of trying to accurately describe when interfaces
first appeared in other systems correct when they were first available
in CSRG or OpenBSD releases, retaining the text in mmap(2) discussing
SunOS 4.0.
madvise(2) 4.4BSD -> OpenBSD 2.7
mmap2(2) 4.4BSD -> 4.3BSD Net/2
mprotect(2) 4.4BSD -> 4.3BSD Net/2
msync(2) 4.4BSD -> 4.3BSD Net/2
munmap(2) 4.1cBSD -> 4.3BSD Net/2
|
|
|
|
A fully functional mmap() system call first appeared in SunOS 4.0 and
has been available since 4.4BSD.
wording from and ok schwarze@ input from deraadt@
|
|
|
|
where such packet is bound to. This check is enforced if and only
IP forwarding is disabled.
Change discussed with bluhm@, claudio@, deraadt@, markus@, tobhe@
OK bluhm@, claudio@, tobhe@
|
|
|
|
Potential for misunderstanding noticed by Chris Rawnsley <chris at
puny dot agency>, wording proposed by deraadt@, patch sent by Chris
Rawnsley, OK deraadt@.
|
|
OK florian jmc
|
|
ok millert@ deraadt@
|
|
and drop NetBSD RCS tag apparently left over from copy & paste
|
|
where libc.so's text segment is, thereby allowing invocation of system
calls from that region. An upcoming change will kill the process if a
system call is invoked from addresses not explicitly permitted.
ok guenther kettenis mortimer
|
|
|
|
|
|
2) say that the data comes from the random(4) subsystem, so that curious
people can go read up on how this works
|
|
source: https://minnie.tuhs.org/cgi-bin/utree.pl?file=V4/man/man2/break.2
pointed out by Sevan Janiyan <venture37 at geeklan dot co dot uk>
|
|
a few cases that weren't altogether straightforward;
tweak and OK jmc@, OK sobrado@
|
|
This became possible because copies of the original v1 manuals
have shown up on the Internet some time ago.
Reminded by Sevan Janiyan <venture37 at geeklan dot co dot uk>.
|
|
in revision 1.30.
ok deraadt@ tb@
|
