summaryrefslogtreecommitdiff
path: root/sys/kern
AgeCommit message (Collapse)Author
2016-05-21Fix logic bug in DUID generation - we want to generate DUIDs until we haveJoel Sing
one that is not a duplicate and not a zero DUID. ok krw@
2016-05-21Cleanup some of the DUID code and refactor for readability.Joel Sing
ok krw@ kettenis@
2016-05-20Remove dead assignment/unused variable.Joel Sing
2016-05-19Let setroot() pick the boot disk based on the DUID provided in bootduid ifMark Kettenis
a boot disk has not been selected by its caller. ok jsing@, millert@
2016-05-19All msg buf counters are long, so lmin(9) should be used for them.Alexander Bluhm
OK deraadt@ natano@
2016-05-18Kill trailing whitespaces.Alexander Bluhm
2016-05-18Use constty and cn_devvp for checking wether to use cnwrite(). ThatAlexander Bluhm
makes console redirection with senssyslog(2) and LOG_CONS work again. Also merge the two if else if else blocks into one. OK deraadt@
2016-05-18rename srp_finalize to srp_gc_finalizeDavid Gwynne
2016-05-18rework the srp api so it takes an srp_ref struct that the caller provides.David Gwynne
the srp_ref struct is used to track the location of the callers hazard pointer so later calls to srp_follow and srp_enter already know what to clear. this in turn means most of the caveats around using srps go away. specifically, you can now: - switch cpus while holding an srp ref - ie, you can sleep while holding an srp ref - you can take and release srp refs in any order the original intent was to simplify use of the api when dealing with complicated data structures. the caller now no longer has to track the location of the srp a value was fetched from, the srp_ref effectively does that for you. srp lists have been refactored to use srp_refs instead of srpl_iter structs. this is in preparation of using srps inside the ART code. ART is a complicated data structure, and lookups require overlapping holds of srp references. ok mpi@ jmatthew@
2016-05-18Remove unnecessary cast of buflen to u_int in sockargs(). This wasTodd C. Miller
missed when buflen was promoted to size_t. OK tedu@
2016-05-17Allow sendsyslog(2) with LOG_CONS even when /dev/console has notAlexander Bluhm
been opened during init(8). Only log with cnwrite() if cn_devvp exists, otherwise use cnputc() as fallback. While there move extern declarations to dev/cons.h. input and OK deraadt@
2016-05-17Backout the previous fix for the sendsyslog(2) with LOG_CONS solution.Alexander Bluhm
Permanently holding /dev/console open in the kernel works only until init(8) calls revoke(2). After that the console device vnode cannot be used anymore. It still resulted in a hanging init(8) if it tried to syslog(3) something. With the backout also dmesg -s works again.
2016-05-17Document NOLOCK, from Michal Mazurek.Martin Pieuchot
2016-05-15remove chroot(2) from allowed syscalls under pledge(2).Sebastien Marie
please note that chrooted process are still possible with pledge(2), but only if the chroot(2) is done *before* calling pledge(2). Once pledged, no more chroot(2) call are permitted.
2016-05-13contrary to documentation and other implementations, kevent was preventingTed Unangst
a process from watching other users' procs. but there are no secrets here. remove that check. at the same time, note that as far as pledge is concerned, while most of kevent is a "stdio" type operation, process monitoring belongs to the "proc" family, so add an additional check here. ok deraadt millert
2016-05-11remove hppa64 port, which we never got going beyond broken single users.Theo de Raadt
hppa reverse-stack gives us a valuable test case, but most developers don't have a 2nd one to proceed further with this. ok kettenis
2016-05-10If sendsyslog(2) is called with LOG_CONS before syslogd(8) has beenAlexander Bluhm
started and before init(8) has opened the console, the kernel could crash as the console device has not been initialized. Open /dev/console in the kernel before starting init(8) and keep it open. This way sendsyslog(2) can be called early in the system. OK beck@ deraadt@
2016-05-10SROP mitigation. sendsig() stores a (per-process ^ &sigcontext) cookieTheo de Raadt
inside the sigcontext. sigreturn(2) checks syscall entry was from the exact PC addr in the (per-process ASLR) sigtramp, verifies the cookie, and clears it to prevent sigcontext reuse. not yet tested on landisk, sparc, *88k, socppc. ok kettenis
2016-05-04Make KERN_FILE_BYPID return ESRCH when PID not found, both in sysctl andVadim Zhukov
offline paths. More polishing to come. Input and okay bluhm@ & kettenis@.
2016-05-03Stop using a soft-interrupt context to process incoming network packets.Martin Pieuchot
Use a new task that runs holding the KERNEL_LOCK to execute mp-unsafe code. Our current goal is to progressively move input functions to the unlocked task. This gives a small performance boost confirmed by Hrvoje Popovski's IPv4 forwarding measurement: before: after: send receive send receive 400kpps 400kpps 400kpps 400kpps 500kpps 500kpps 500kpps 500kpps 600kpps 600kpps 600kpps 600kpps 650kpps 650kpps 650kpps 640kpps 700kpps 700kpps 700kpps 700kpps 720kpps 640kpps 720kpps 710kpps 800kpps 640kpps 800kpps 650kpps 1.4Mpps 570kpps 1.4Mpps 590kpps 14Mpps 570kpps 14Mpps 590kpps ok kettenis@, bluhm@, dlg@
2016-04-29Fix some gibbering horrors due to uninitialized struct nameidata'sBob Beck
1) turn NDINITAT into a function and make the macros point to it with the later goal of getting rid of them. 2) Sweep the kernel for places where people make a struct nameidata manually on the stack and fill in what they hope are the required fields and count on prayer and clean living to always get them right. Instead use NDINIT everywhere. NFS was especially bad for this and there have likely been things lurking there for a while. 3) Add a couple of strategic KASSERT's to catch future offenders. ok krw@ sthen@ deraadt@
2016-04-28careful study of the holy scrolls reveals that for pselect (and ppoll)Ted Unangst
oversized timespecs should be clamped, not rejected. ok millert
2016-04-281) Split pledge whitelist path handling out of pledge_namei() and intoBob Beck
pledge_namei_wlpath(). Call the wlpath check only at the end of namei after the namei lookup would otherwise succeed. 2) Add support to namei to keep the path that was looked up, without the symlinks in it, and use that path for whitelist path lookups. This means that paths in pledge whitelists will need to always be the real path to an intended file to whitelist, without symlinks. Any symlinks to the "real" file will then be allowed ok deraadt@ semarie@
2016-04-28fix logic bug in deciding if we have UVM_PLA_NOWAIT or not in buf_realloc_pagesBob Beck
noticed by miod@
2016-04-26copy_statfs_info() is not only used by ufs, but by other filesystems too,Martin Natano
so make sure that all members of mp->mnt_stat.mount_info are copied. ok stefan
2016-04-26fix off by one in vfs_vnode_print - found by miodBob Beck
ok deraadt@, krw@
2016-04-25remove systrace remnantsTed Unangst
2016-04-25boom goes the dynamiteTed Unangst
2016-04-25simplifies the check for allowing only promisesSebastien Marie
reductions. ok deraadt@
2016-04-25removes an unneeded check on flags (used historically when tame(2) was usingSebastien Marie
bitflags) ok deraadt@ jca@
2016-04-15remove ml_filter, mq_filter, niq_filter.David Gwynne
theyre currently unused, so no functional change.
2016-04-08add m_purge for freeing a list of mbufs linked via m_nextpktDavid Gwynne
this tweaks m_freem so it returns the m_nextpkt from the mbuf it freed, like how m_free returns the m_next from the mbuf it frees. ok mpi@
2016-04-07Share clone bitmap between aliased vnodes. This prevents duplicate cloneMartin Natano
instance numbers being handed out for the same minor device. ok mikeb
2016-04-06correct the order of arguments to m_get in m_dup_pktDavid Gwynne
2016-04-05Increase size of the clone bitmap (revised diff after revert). I haveMartin Natano
tested this with fuse _and_ drm on amd64 and macppc. Also tested with cloning bpf (not in the tree) on macppc. ok mikeb "looks correct to me" millert The original commit message is as follows: Increase size of the clone bitmap. A limit of only 64 device clones turned out to be too low for the upcoming work on cloning bpf. The new limit is 1024 device clones. As part of the size increase, the bitmap has been changed to be allocated separately to avoid bloating all device nodes, as suggested by guenther, millert and deraadt. ok millert mikeb
2016-04-01Revert the clone bitmap enlargement changeMike Belopuhov
2016-03-31Increase size of the clone bitmap. A limit of only 64 device clonesMartin Natano
turned out to be too low for the upcoming work on cloning bpf. The new limit is 1024 device clones. As part of the size increase, the bitmap has been changed to be allocated separately to avoid bloating all device nodes, as suggested by guenther, millert and deraadt. ok millert mikeb
2016-03-30regeneratePhilip Guenther
2016-03-30Add getlogin_r syscall that checks and returns errors like userspacePhilip Guenther
getlogin_r() API; keep existing syscall as getlogin59 for temporary compat. ok kettenis@ deraadt@
2016-03-29In setlogin(), don't change anything on error.Philip Guenther
ok deraadt@ krw@ zhuk@ jca@ millert@
2016-03-29- packet must keep reference to statekeyAlexandr Nedvedicky
this is the second attempt to get it in, the first attempt got backed out on Jan 31 2016 the change also contains fixes contributed by Stefan Kempf in earlier iteration. OK srhen@
2016-03-29Use a macro to check if a thread has a sibling.Martin Pieuchot
Note that without locking a thread cannot claim that it is part of a multi-threaded process using this macro. Suggested by miod@, ok guenther@
2016-03-29add back $OpenBSD$Jonathan Gray
2016-03-28regenMark Kettenis
2016-03-28Make sure that a thread that calls sched_yield(2) ends up on the run queueMark Kettenis
behind all other threads in the process by temporarily lowering its priority. This isn't optimal but it is the easiest way to guarantee that we make progress when we're waiting on an other thread to release a lock. This results in significant improvements for processes that suffer from lock contention, most notably firefox. Unfortunately this means that sched_yield(2) needs to grab the kernel lock again. All the hard work was done by mpi@, based on observations of the behaviour of the BFS scheduler diff by Michal Mazurek. ok deraadt@
2016-03-27When pulling and unmounting an umass USB stick, the file systemAlexander Bluhm
could end up in an inconsistent state. The fstype dependent mp->mnt_data was NULL, but the general mp was still listed as a valid mount point. Next access to the file system would crash with a NULL pointer dereference. If closing the device fails, the mount point must go away anyway. There is nothing we can do about it. Remove the workaround for the EIO error in the general unmount code, but do not generate any error in the file system specific unmount functions. OK natano@ beck@
2016-03-26add newline on the end of the failure messageBob Beck
ok deraadt@
2016-03-25Free some more space in kernel - for network code, of course - by removalVadim Zhukov
of three unused FS-related functions. okay mpi@ and beck@
2016-03-25Silences compiler warnings, about used uninitialized variables. These lengthsSebastien Marie
are passed uninitialized to free(9) only when pointers are NULL. found by jsg@ ok deraadt@
2016-03-24set ticks 15 seconds before its value wraps.David Gwynne
this helps us identify issues around ticks wrap in 15 minutes instead of 240ish days. the change is inspired by something freebsd did as a result of a ticks change they made that went horribly wrong. lots of people said they wanted this