| Age | Commit message (Collapse) | Author |
|---|
|
|
|
ok mpi@ miod@
|
|
found by kubsan; joint work with tobhe@; OK miod@
|
|
Move vfs_stall_barrier() from the fd layer into vn_lock() and the vfs layer.
In some cases it can result in a deadlock while suspending.
Discussed with mpi@ and deraadt@
|
|
vfs stalling is used by suspend/resume and by vmt(4) to stall any
filesystem operation from altering the state on disk. All these
operations will call vn_lock and be stalled. Adjust vfs_stall_barrier()
to allow the lock owner to still progress so that suspend can sync
the filesystems after stalling vfs operation.
OK mpi@
|
|
lock order issue with the file close path.
The FRELE() can trigger the close path during dup*(2) if another thread
manages to close the file descriptor simultaneously. This race is
possible because the file reference is taken before the file descriptor
table is locked for write access.
Vitaliy Makkoveev agrees
OK anton@ mpi@
|
|
file atomic. This also gets rid of the last kernel lock protected field
in the scope of struct file.
ok mpi@ visa@
|
|
in finishdup(). This makes the order of operations similar to that
of fdrelease() and removes a case where lock ordering might cause
problems.
OK anton@, mpi@
|
|
This makes it easier to release fdplock before calling closef().
OK mpi@, anton@
|
|
fdrelease(). This makes the upper layer of file descriptor closing
free of KERNEL_LOCK() when the process does not use kqueue.
The kernel locking around fdremove() and knote_fdclose() is no longer
needed because kqueue_register() checks if there has been a race with
file descriptor close. Moreover, the locking became ineffective against
these races when filterops callbacks were allowed to sleep.
OK anton@, mpi@
|
|
operations. Since the type of f_flag must change in order to use the
atomic(9) API, reorder the struct in order to avoid padding; as pointed
out by tedu@.
ok mpi@ visa@
|
|
necessary because other threads cannot access the data structure.
This fixes the following lock order issue:
witness: lock order reversal:
1st 0xfffffd81d821d248 fdlock (&newfdp->fd_fd.fd_lock)
2nd 0xffff800000fe45b8 primlk (&prime_fpriv->lock)
lock order "&prime_fpriv->lock"(rwlock) -> "&newfdp->fd_fd.fd_lock"(rwlock) first seen at:
#0 witness_checkorder+0x449
#1 rw_enter_write+0x43
#2 dma_buf_fd+0x8c
#3 drm_gem_prime_handle_to_fd+0xed
#4 drmioctl+0xdc
#5 VOP_IOCTL+0x55
#6 vn_ioctl+0x64
#7 sys_ioctl+0x2f6
#8 syscall+0x389
#9 Xsyscall+0x128
lock order "&newfdp->fd_fd.fd_lock"(rwlock) -> "&prime_fpriv->lock"(rwlock) first seen at:
#0 witness_checkorder+0x449
#1 rw_enter_write+0x43
#2 drm_gem_object_release_handle+0x5e
#3 idr_for_each+0xee
#4 drm_gem_release+0x1f
#5 drmclose+0x144
#6 spec_close+0x213
#7 VOP_CLOSE+0x49
#8 vn_closefile+0x9b
#9 fdrop+0x8b
#10 closef+0xaf
#11 fdfree+0xd4
#12 exit1+0x1cf
#13 sys_exit+0x16
#14 syscall+0x389
#15 Xsyscall+0x128
OK mpi@
|
|
FIOGETOWN/SIOCGPGRP/TIOCGPGRP. Do this by determining the meaning of
the ID parameter inside the sigio code. Also add cases for FIOSETOWN
and FIOGETOWN where there have been TIOCSPGRP and TIOCGPGRP before.
These changes allow removing the ID translation from sys_fcntl() and
sys_ioctl().
Idea from NetBSD
OK mpi@, claudio@
|
|
This choice of locking is guided by knote_fdclose().
OK mpi@, anton@
|
|
After inserting a knote, check that the associated file descriptor
still references the same file. Remove the knote if the descriptor
has changed because otherwise the kqueue becomes inconsistent with
the file descriptor table.
There is an analogous race in fcntl(F_SETLK). It is already handled,
but the code can be simplified by using the same check as in
kqueue_register().
Fix inspired by DragonFly BSD
OK mpi@, anton@
|
|
serializing both read/write operations using the existing file mutex.
The vnode lock still grants exclusive write access to the offset; the
mutex is only used to make the actual write atomic and prevent any
concurrent reader from observing intermediate values.
ok mpi@ visa@
|
|
in the common case.
OK mpi@
|
|
https://marc.info/?l=openbsd-cvs&m=156277704122293&w=2
ok anton@
|
|
as part of the effort to unlock the kernel. Instead of relying on the
vnode lock, introduce a dedicated lock per file. Exclusive write access
is granted using the new foffset_enter and foffset_leave API. A
convenience function foffset_get is also available for threads that only
need to read the current offset.
The lock acquisition order in vn_write has been changed to match the one
in vn_read in order to avoid a potential deadlock. This change also gets
rid of a documented race in vn_read().
Inspired by the FreeBSD implementation.
With help and ok mpi@ visa@
|
|
table. This should prevent a race with kevent when unlocked code
closes file descriptors that are fully set up.
OK mpi@
|
|
Matches the recent F_SETLK change, POSIX and the man page.
|
|
This behavior matches POSIX and our own fnctl(2) man page.
OK anton@ deraadt@
|
|
of resource limit structs has been done between processes. By applying
copy-on-write also between threads, threads can read rlimits in
a nearly lock-free manner.
Inspired by code in DragonFly BSD and FreeBSD.
OK mpi@, agreement from jmatthew@ and anton@
|
|
and incorrectly return EBADF when n>curlim.
ok millert guenther tedu
|
|
|
|
fdfree(). This fixes a resource leak with cyclic kqueue references and
prevents a kernel stack exhaustion scenario with long kqueue chains.
OK mpi@
|
|
OK mpi@
|
|
the API more logical.
OK kettenis@ mpi@
|
|
OK mpi@
|
|
Prior to r1.153 of kern_descrip.c, the kqueue descriptors were removed
using fdremove(), which reset fd_freefile as appropriate. The new code
simply avoids adding the descriptor to the new table, however this means
that fd_freefile can be left with an incorrect value, resulting in a file
descriptor allocation "hole". Restore the previous behavour by lowering
fd_freefile as appropriate when dropping descriptors.
Issue found via golang regress tests.
ok deraadt@ mpi@ visa@
|
|
ok visa@, tb@
|
|
to ioctl(TIOCSPGRP). The ioctl handlers expect a pointer to an int, so
read the argument into a local int variable and pass the variable's
address to the handler instead of referencing SCARG(uap, arg) directly.
OK guenther@, mpi@
|
|
instead of using a mutex for update serialization. Use a per-fdp mutex
to manage updating of file instance pointers in the `fd_ofiles' array
to let fd_getfile() acquire file references safely with concurrent file
reference releases.
OK mpi@
|
|
OK mpi@
|
|
This prevents the array from being freed too early. In the function
unp_internalize(), the locking also ensures the per-fdp flags stay
coherent with the file instance.
OK mpi@
|
|
system calls.
OK mpi@
|
|
to dupfdopen() has already been registered with fd_used() in fdalloc().
The duplicate call distorted the number of open file descriptors
returned by getdtablecount(2) if a file was opened via /dev/fd/.
While there, assert that the file instance should already be in the
file list.
OK mpi@
|
|
between processes using file descriptors. This provides an alternative to
eporting them with guesable 32-bit IDs. This implementation does not (yet)
allow sharing of graphics buffers between GPUs.
ok mpi@, visa@
|
|
Commiting now to help refactoring of DRI3 and diskmap rewrite.
ok visa@, kettenis@ as part of a larger diff.
|
|
tracking work without locks.
OK kettenis@, deraadt@
|
|
These syscalls can now be executed w/o the KERNEL_LOCK() depending on
the kind of socket.
The current solution uses a single global mutex to serialize access to,
and reference count, 'struct file'.
ok visa@, kettenis@
|
|
setup, take 3.
LARVAL fd still exist, but they are no longer marked with a flag and no
longer reachable via `fd_ofiles[]' or the global linked list. This allows
us to simplifies a lot code grabbing new references to fds.
All of this is now possible because dup2(2) refuses to clone LARVAL fds.
Note that the `fdplock' could now be release in all open(2)-like syscalls,
just like it is done in accept(2).
With inputs from Mathieu Masson, visa@, guenther@ and art@
Previous version ok bluhm@, ok visa@, sthen@
|
|
in knote_processexit() that can occur when the filedesc belonging to the process
already has been freed.
Similiar work has been done in:
- FreeBSD (commit bc1805c6e871c178d0b6516c3baa774ffd77224a)
- DragonFlyBSD (commit ccafe911a3aa55fd5262850ecfc5765cd31a56a2)
Thanks to tb@ for testing.
ok kettenis@ mpi@ visa@
|
|
closing a LARVAL file.
Found the hardway by sthen@.
|
|
an inserted fp.
OK mpi@
|
|
setup.
LARVAL fd still exist, but they are no longer marked with a flag and no
longer reachable via `fd_ofiles[]'. This allows us to simplifies a lot
code grabbing new references to fds.
All of this is now possible because dup2(2) refuses to clone LARVAL fds.
Note that the `fdplock' could now be release in all open(2)-like syscalls,
just like it is done in accept(2).
With inputs from Mathieu -, visa@, guenther@ and art@
ok visa@, bluhm@
|
|
From Mathieu <naabed at poolp.org>, ok visa@, tb@
|
|
KERNEL_LOCK().
Otherwise a deadlock can occur as found the hardway by tb@.
ok tb@, kettenis@, visa@
|
|
This prevents a panic due to a double free if a program exits after having
called accept(2) and dup2(2) on the same fd but without the corresponding
connect(5).
It will also allows us to simplify file descriptor locking. The error code
has been choosed to match Linux's behavior.
Pointed by Mathieu on tech@ after a discussion with guenther@. ok visa@
|
|
later.
ok bluhm@, visa@
|
