| Age | Commit message (Collapse) | Author |
|---|
|
preinit hook. Delete that and instead have the kernel disable kbind
at exec-time if the program doesn't have an ELF interpreter. For
now, permit userland calls to disable it when already disabled so
existing static programs continue to work.
prompted by deraadt@ questioning about the call in libc.a
ok deraadt@ miod@
|
|
|
|
into core dumps. As a result backtraces through signal handlers no
longer work in gdb and other debuggers.
Fix this by keeping a read-only mapping of the signal trampoline in the
kernel and writing it into the core dump at the virtual address where it
is mapped in the process.
ok deraadt@, tb@
|
|
we acquiring kernel lock with mutex(9) held. This partially reverts
rev 1.205 of sys/kern/uipc_syscalls.c. Shared solock() is still fine for
getsockname(2) and getpeername(2).
Reported-by: syzbot+00a4824cb1b6a214c7d6@syzkaller.appspotmail.com
ok kn@ claudio@
|
|
input is too long.
ok mpi@
|
|
|
|
exposed in a new field returned by sysctl(KERN_PROC). Update
pthread_{get,set}_name_np(3) to use the syscalls. Show them, when
set, in ps -H and top -H output.
libc and libpthread minor bumps
ok mpi@, mvs@, deraadt@
|
|
|
|
signal trampoline can now be PROT_EXEC (without PROT_READ) everywhere
ok kettenis
|
|
the process* that it should be part of. Use that in clock_get{time,res}(),
thrkill(), and ptrace().
ok jca@ miod@ mpi@ mvs@
|
|
|
|
I think "abs" ("absolute timeout") is a better mnemonic than
"at" ("at the given time").
The interface is undocumented and there are only two callers, so
renaming it is not a big deal.
probably ok kn@
|
|
|
|
waitid(2) and __thrsigdivert(2) and teach kdump(1) to handle them.
Also report more from the siginfo_t inside PSIG tracepoints.
ok mpi@
|
|
New warning -Warray-parameter is a bit overzealous.
ok millert@ tb@
|
|
ok millert@
|
|
|
|
process. Use this information to access the vector.
OK mpi@ mbuhl@ deraadt@
|
|
|
|
state changes are reported. That's the 6th bit, so switch to hex
constants. Adjust #if tests for consistency
ok kettenis@
|
|
|
|
struct uvm_map's .addr is protected by the map's lock and .{min,max}_offset
are immutable.
uvm_map_inherit() locks the VM map upon entry, sets the desired inheritance
mode for the given address range (validated outside the lock) and unlocks
the map itself.
fork(2), i.e. uvm_mapent_forkcopy(), first locks both old and new maps and
then copies entries over as per the inheritance type.
futex(2), another user of struct vm_map_entry's .inheritance member, also
locks the map accordingly.
OK mpi
|
|
The networking people want a fast, monotonic clock that only advances
while the system is not suspended. The runtime clock satisfies most
of these requirements, so introduce getnsecruntime() to provide a fast
means for reading it.
Based on patches from jca@ and claudio@.
ok yasuoka@
|
|
|
|
socket buffers standalone locking work, move socket state bits which
represent its buffers state to per buffer state. Introduce `sb_state' and
turn SS_CANTSENDMORE to SBS_CANTSENDMORE. This bit will be processed on
`so_snd' buffer only.
Move SS_CANTRCVMORE and SS_RCVATMARK bits with separate diff to make
review easier and exclude possible so_rcv/so_snd mistypes.
Also, don't adjust the remaining SS_* bits right now.
ok millert@
|
|
Inputs and ok bluhm@
|
|
reserved port to received secure-maps from the ypserver.
issue found by niklas, using a simpler diff i proposed
ok miod
|
|
|
|
This fixes evcount_list corruption that happened when evcount_percpu()
was called after evcount_init_percpu().
OK jca@ cheloha@ jmatthew@
|
|
so{,un}lock_shared() take the shared net lock for PF_INET and PF_INET6
while sticking to the exclusive rwlock elsewhere.
getsockopt(2), getsockname(2) and getpeername(2) (all UNLOCK) do not
write, so the exclusive net lock is overkill here.
OK mvs
|
|
|
|
protocol layer they follow the same (*pr_ctloutput)() handlers.
At sockets layer we touch only per-socket data, which is solock()
protected.
At protocol layer, udp(4), unix(4) and key management sockets have no
(*pr_ctloutput)() handlers. route_ctloutput() touches only per socket
data, which is solock() protected. inet{,6} globals are protected by
netlock, which is solock() backend for corresponding sockets.
ok bluhm@
|
|
ok guenther@ kn@
|
|
unp_bind() has the only uipc_bind() caller. In the uipc_usrreq() times,
it made sense to have dedicated unp_bind() for prevent tne code mess
within giant switch(), but now it doesn't.
ok bluhm@
|
|
copy on userland stack which points at an illicit region.
ok kettenis, deraadt
|
|
so->so_state is already read without kernel lock inside soo_ioctl()
which calls pru_control() aka in6_control() and in_control().
OK mvs
|
|
the entries, so the check-sp-at-system-call check failed. Quite strange
it took this long to find this.
ok kettenis
|
|
|
|
OK deraadt@ kettenis@
|
|
SOCK_SEQPACKET. Introduce `uipc_dgram_usrreqs' to store pointers for
dgram specific handlers.
The dgram pru_shutdown and pru_send handlers were splitted to
uipc_dgram_shutdown() and uipc_dgram_send(). The pru_accept, pru_rcvd
and pru_abort handlers are not required for dgram sockets.
The unp_disconnect() remains shared between all unix(4) sockets because
it called from common paths too.
Proposed by and ok guenther@
|
|
d_uid written to disk.
|
|
We have too many timeout(9) initialization functions and macros.
Let's slim it down and combine some interfaces.
- Remove timeout_set_kclock(), TIMEOUT_INITIALIZER_KCLOCK().
- Expand timeout_set_flags(), TIMEOUT_INITIALIZER_FLAGS() to accept
an additional "kclock" parameter.
- Reimplement timeout_set(), timeout_set_proc() with timeout_set_flags().
- Reimplement TIMEOUT_INITIALIZER() with TIMEOUT_INITIALIZER_FLAGS().
- Update the sole timeout_set_flags() user to pass a kclock parameter.
- Update the sole timeout_set_kclock() user to call timeout_set_flags().
- Update the sole TIMEOUT_INITIALIZER_FLAGS() user to provide a kclock
parameter.
The timeout(9) code is now a bit out of sync with the manpage. This
will be corrected in a subsequent commit.
ok kn@
|
|
initialized with arc4random().
|
|
into FS_* values. Similar to what gpt_get_fstype() does. Code is
clearer and better positioned for planned enhancements to
spoofing.
No intentional functional change.
|
|
firmware probably does this for us on ACPI systems with proper S3 support,
but this doesn't happen on systems where we park CPUs in a low-power idle
state ourselves.
ok deraadt@
|
|
counters where the event being counted occurs across all CPUs in the
system. Counter instances can be made per-cpu by calling evcount_percpu()
after the counter is attached, and this can occur before or after all system
CPUs are attached. Per-cpu counter instances should be incremented using
evcount_inc().
ok kettenis@ jca@ cheloha@
|
|
|
|
OK mpi@
|
|
Also allow IPPROTO_TCP:TCP_NODELAY
It is very small kernel code, and will allow some software to drop "inet"
requested by djm
|
|
The code only needs to know if the vnode is exclusive locked and this
can be done on entry of the function.
OK mpi@
|
