| Age | Commit message (Collapse) | Author |
|---|
|
|
|
ok kettenis@
|
|
ok kettenis@
|
|
Extend the logic already present for panic() to any DDB-related
operation such that if ddb(4) is entered because of a fault or
other trap it is still possible to call 'boot reboot'.
While here stop printing splassert() messages as well, to not fill
the buffer.
ok visa@, deraadt@
|
|
From Arrtturi Alm.
|
|
ok patrick@
|
|
like we already do in the code that flushes the BTB.
ok jsg@
|
|
|
|
|
|
The account flag `ASU' will no longer be set but that makes suser()
mpsafe since it no longer mess with a per-process field.
No objection from millert@, ok tedu@, bluhm@
|
|
ok millert@
|
|
boot interface to the "netboot" group. efiboot grabs the MAC address
from the PXE environment, passes it to the kernel, where it is matched
against the list of ethernet interfaces and the boot device is set.
Concept and most of the code cribbed from amd64.
ok kettenis@
|
|
ok patrick@
|
|
pmap_copy_page().
ok patrick@
|
|
the secondary CPUs receive clock interrupts. Based on diffs from drahn@.
ok patrick@
|
|
ok patrick@
|
|
from dran@.
ok patrick@
|
|
ok patrick@
|
|
definitive list of block devices supported on an architecture.
ok kettenis@ deraadt@
|
|
ok patrick@
|
|
|
|
secondary CPUs. This involves adjusting get_virt_delta() to account for the
fact that it may no longer live near the start of kernel code. Heavily based
on a diff from drahn@.
ok patrick@, deraadt@
|
|
fixed.
|
|
attacks by flushing the branch predictor cache (BTB) on context switches
and page faults in kkernel address space. Note that this relies on the
presence of firmware (such as Arm Trusted Firmware) that provides PSCI
services that flush the BTB on entry as described in Arm Trusted Firmware
Security Advisory TFV 6.
ok patrick@, visa@
|
|
guaranteed to be available after pmap_map_early() returns. Fixes a hang
seen with the in-progress SMP work.
ok patrick@
|
|
option MULTIPROCESSOR on a single CPU.
ok patrick@
|
|
Skip these mappings during the remap-pahse as they are likely to be in
a different 512G bloch as memory and SetVirtualAddressMap() shouldn't need
them. But do assign a new virtual address and let efi(4) create a mapping.
Add a PMAP_DEVICE flag such that pmap_enter() can continue to be used
to create these mappings.
ok patrick@
|
|
OK mpi@
|
|
is running. This provides protection against meltown on cores that are
vilnerable (just Cortex-A75 so far) but also seems to be an essential to
protect against spectre-like attacks against the kernel.
This implementation only exposes a single treampoline page that does not
contain any kernel virtual addresses and also hides the real virtual address
of the exception vectors, which helps on cores vulnerable to "variant 3a"
(Cortex-A57, Cortex-A72). The implementation is inspired by the work done
by Will Deacon for Linux, but there are no knobs to turn it off. The
overhead is fairly limited: around 3-4% slowdown on Cortex-A57.
ok patrick@, deraadt@
|
|
a time-of-day clock device based on the GetTime() and SetTime() services.
The virtual memory mappings for the runtime services calls are implemented
through a separate pmap that is only activated when we make a runtime services
call.
ok tom@, visa@
tested by naddy@
|
|
Add an interface to establish additional VA=PA 1G block mappings for use by
upcoming EFI runtime services support.
ok guenther@
|
|
ok millert@ krw@
|
|
ok guenther@
|
|
to SMC64 functions don't get truncated. Implement support for the CPU_ON
call.
|
|
at address zero. Spotted by Artturi Alm.
ok patrick@
|
|
sections doesn't work when the -r option is used. Disable the unmapping
code again until lld gets fixed.
|
|
disabled while lld was growing up, but forgotten about when gap.o was
added back.
ok deraadt@
|
|
implement hw.cpuspeed using the clock framework.
ok patrick@
|
|
ok jsg@
|
|
|
|
ok kettenis@
|
|
ok patrick@
|
|
the memory devices (/dev/null, /dev/zero, etc) need to permit them.
problem noted, tweak, and testing by jeremy@
ok deraadt@
|
|
for blocks re-fetchable from the filesystem. However at reboot time,
filesystems are unmounted, and since processes lack backing store they
are killed. Since the scheduler is still running, in some cases init is
killed... which drops us to ddb [noted by bluhm]. Solution is to convert
filesystems to read-only [proposed by kettenis]. The tale follows:
sys_reboot() should pass proc * to MD boot() to vfs_shutdown() which
completes current IO with vfs_busy VB_WRITE|VB_WAIT, then calls VFS_MOUNT()
with MNT_UPDATE | MNT_RDONLY, soon teaching us that *fs_mount() calls a
copyin() late... so store the sizes in vfsconflist[] and move the copyin()
to sys_mount()... and notice nfs_mount copyin() is size-variant, so kill
legacy struct nfs_args3. Next we learn ffs_mount()'s MNT_UPDATE code is
sharp and rusty especially wrt softdep, so fix some bugs adn add
~MNT_SOFTDEP to the downgrade. Some vnodes need a little more help,
so tie them to &dead_vnops.
ffs_mount calling DIOCCACHESYNC is causing a bit of grief still but
this issue is seperate and will be dealt with in time.
couple hundred reboots by bluhm and myself, advice from guenther and
others at the hut
|
|
protection issues. So make amd64 do that instead of passing through
uvm_fault()'s return value, which lead to other possible errors
(particularly EACCES) being returned to userspace. Clean up a vestige
on arm64 too.
ok bluhn@ deraadt@
|
|
|
|
This improves page zeroing (a rather common occurance) by over 8x.
ok kettenis@, phessler@, tom@
|
|
of the /chosen node in the device tree to decide whether the framebuffer
should be used as the console device. Most, if not all, machines will
have that set to use a serial console and there is no easy way yet to
change that.
ok jsg@
|
|
ok guenther@
|
|
|
