| Age | Commit message (Collapse) | Author |
|---|
|
This lets the kernel detect retguard traps and send SIGABRT instead
of SIGEMT.
SIGEMT does not indicate correctly the nature of the error (stack
overflow, violation of control flow). It can confuse the user to restart
the program without further investigation.
Prompted by and OK deraadt@
OK mortimer@
|
|
ok deraadt@, mpi@, visa@
ok cheloha@ as well (would have preferred in new file for this code)
|
|
This allows changing RTC drivers from <mips64/dev/clockvar.h>
to <dev/clock_subr.h> API.
OK kettenis@
|
|
the file system such that implementations can use it to guess the right
century.
ok mpi@
|
|
amd64/arm64/armv7/hppa/i386/macppc/sparc64 and move it to the end of
mips64_machdep.c. Wrap the existing tod_get and tod_set hooks into
something that can be used as a todr_handle.
ok visa@
|
|
Upgrade stacktrace_save() to stacktrace_save_at() on architectures where
the latter is missing. Define stacktrace_save() as an inline function
in header <sys/stacktrace.h> to reduce duplication of code.
OK mpi@
|
|
require the debugger on most architectures, and the separation makes the
code easier to use from other subsystems.
The function definitions are still conditional to DDB. However, that
should not matter for now.
OK deraadt@, mpi@
|
|
OK miod@
|
|
OK mpi@
|
|
Rename variables for clarity while here.
OK mpi@
|
|
a panic related to vararg function sppp_auth_send(). The vararg code
generated by clang assumes 16-byte stack alignment.
pppoe(4)-induced panic seen by many on octeon
Fix from miod@
|
|
|
|
ok dlg@, jasper@
|
|
64-bit unsigned arithmetic.
|
|
saving work with the twisted code that clang occasionally emits; stack
frame setup can happen very late after blocks of conditional code.
|
|
because the next frame is in userspace.
|
|
userret() must be called on trap() exit to deliver it, rather than
repeating the same cause infinitely. discovered by George Koehler
ok kettenis bluhm visa
|
|
|
|
of soft interrupts are lower than priorities of hard interrupts.
This allows the delivery of hard interrupts while soft interrupts
are masked.
|
|
|
|
|
|
If a CPU updates a pmap concurrently with the activation of that pmap
on another CPU, invalidation of TLB entries might be incomplete.
It is also possible that a CPU altogether stops updating its TLB.
Prevent the race by synchronizing pmap activations and logic that
determines where to send TLB invalidation IPIs.
To avoid mutex wait without ability to process IPIs, the context switch
code is adjusted to call pmap_activate() with interrupts enabled.
In practice, interrupts up to IPL_SCHED are still disabled on context
switch.
|
|
|
|
get updated when handling an AST after an interrupt.
OK deraadt@
|
|
then ran into the messaging being poor. Then I fixed the messages. But
there are two sub-cases of sp-not-MAP_STACK -- one at syscall time, and
another at regular userland trap (on some architectures), and I bungled
that messaging. Correct that now, while I look for yet another better way...
discovered by millert, who ran an pre-MAP_STACK binary.
|
|
|
|
On octeon, the instruction cache appears to fulfill instruction fetches
on icache hit even if the virtual address mapping no longer exists or
does not allow execution. Prevent running of lingering instructions
by invalidating the icache when changing a mapping that has previously
been executable.
This fix is somewhat rough and relies on the availability of the XI bit.
|
|
Lookup the address that a syscall instruction is executed from, and kill
the process if that page is writeable. This brings an aspect of W^X
behaviour to W|X mappings (in JITs not yet adapted to W^X). The goal is
to remove simple attack methods and force use of ret2libc or other more
complicated means.
ok kettenis stefan visa
|
|
stage does not need execute access, so map the page initially with
read-write protection.
OK miod@
|
|
invalidation is done by mips64 pmap when the branch emulation page is
made executable.
Originally, the pmap_proc_iflush() call was necessary. The instruction
cache invalidation was added in pmap_protect() after the FPU emulation
was introduced.
OK miod@
|
|
with the ASID format on TLB entry lines.
|
|
Make sure that any preceding stores become visible to other CPUs before
setting the AST flag in need_resched() and signotify(). This should
prevent a very unlikely case with inter-CPU ASTs where the receiving
CPU uses stale state.
When clearing the AST flag in ast(), ensure that the clearing store
is performed before any other memory accesses in the AST handler.
Otherwise, there is a slight risk of losing an AST request that gets
posted while the handler is running.
OK guenther@
|
|
The barrier ensures that any lockless state changes become visible
to other CPUs before the IPI is sent. Otherwise, a receiving CPU
might still observe an old state when it processes the interrupt.
OK guenther@
|
|
Make the interrupt and trap return paths check for ASTs with interrupts
disabled. If there is no pending request, interrupts are kept disabled
until return to userspace. This fixes delayed processing of an AST
request that arrives from another CPU after the AST flag has been
checked but before the CPU has finished the return path. The IPI that
follows the setting of the AST flag forces kernel re-entry and recheck
of AST.
Noticed by guenther@
|
|
other architectures.
|
|
|
|
on loongson.
|
|
architectures do.
Noticed by deraadt@
|
|
The assembler does not handle undeclared local symbols properly
and generates R_MIPS_CALL16 relocations where it should generate
local GOT references. For now, get along with the problem by
declaring local symbols where necessary.
OK kettenis@ guenther@
|
|
that could leave `ddb_mp_mutex' locked if one CPU incremented
`db_active' while another CPU was in the critical section. When the race
hit, the debugger was unable to resume execution or switch between CPUs.
Race analyzed by patrick@
OK mpi@ patrick@
|
|
|
|
header <machine/intr.h> can eventually stop including it on octeon.
|
|
integrated assembler accept them in the kernel.
Move fsr access code into dedicated inline functions to improve
readability.
|
|
assembler does not handle the large immediate value automatically.
|
|
understand with the three-operand instructions.
No binary change with gas.
|
|
floating point comparison is unordered. The setting should be skipped
only if an invalid operation exception is taken.
This fixes incorrect emulated compare behaviour with NaN values.
NaN issue on octeon reported by afresh1@; OK miod@
|
|
available on RM7000 processors.
From miod@
|
|
including cpu.h machine/intr.h etc without first including param.h when
MULTIPROCESSOR is defined.
ok visa@
|
|
|
|
ok guenther@ tb@ deraadt@
|
