| Age | Commit message (Collapse) | Author |
|---|
|
associated mistake in the uvm manpage.
Suggested by and ok tedu@
|
|
discussed with miod, deraadt, and guenther.
|
|
- rename _check function without suffix: a "pledge" function called from
anywhere is a "check" function.
- makes pledge_fail call the responsability to the _check function. remove it
from caller.
- make proper use of (potential) returned error of _check() functions.
- adds pledge_kill() and pledge_protexec()
with and OK deraadt@
|
|
uvm_page_init() (causing uvmexp.npages to be sligthly wrong if
pmap_steal_memory() has been used) and uvm_page_physload().
ok guenther@ kettenis@ visa@ beck@
|
|
ps-style programs (there are quite a few in the tree, including tmux).
"vminfo" exposes a bit more system operation information, which many
observation programs want (such as top). settime allows setting the system
time, and will be used to pledge-protect the last ntpd process.
|
|
strict than anticipated. It allows a programmer to pledge/promise/covenant
that their program will operate within an easily defined subset of the
Unix environment, or it pays the price.
|
|
mtx_enter() and mtx_leave() operations. Not 100% this won't blow up but
there is only one way to find out, and we need this to make progress on
further unlocking uvm.
prodded by deraadt@
|
|
or pager code. We may end up here without holding the kernel lock from
uvm_unmap().
"ja ja" tedu@
|
|
- by default, a tamed-program don't have the possibility to use PROT_EXEC for
mmap(2) or mprotect(2)
- for that, use the request "prot_exec" (that could be dropped later)
initial idea from deraadt@ and kettenis@
"make complete sense" beck@
ok deraadt@
|
|
will perform the unmap as necessary, holding the vm lock.
reminded by kettenis
|
|
this pulls all the relevant operations under the same map locking, and
relieves calling code from responsibility.
ok kettenis matthew
|
|
crashes seen by sthen@ on i386.
ok visa@, guenther@, tedu@
|
|
together the unmap and map portions of a fixed mmap. make this explicit
by pulling the lock up higher. in preparation for unlocking the syscall.
there's still (always has been) a race where if the unmap sleeps, another
mmap may see partial results because the map lock isn't held througout.
another problem, another day.
|
|
data, only new
|
|
consistency with PQ_AOBJ.
Input kettenis@, ok beck@
|
|
remainder of that commit was backed out. However,clearing the PQ_AOBJ bit
here is definitely wrong.
Our pagedaemon uses two separate lists to keep track of inactive
pages. It uses PQ_SWAPBACKED, which really is both PQ_ANON and
PQ_AOBJ to keep track of which inactive queue a page is sitting on.
So if you twiddle PQ_AOBJ (or PQ_ANON) for an inactive page, a
subsequent uvm_pagefree(9) will remove the page from the wrong queue!
This usually goes unnoticed, but if the page happens to be the last
one on the queue, the queues get corrupted. The damage quickly
spreads to the free page queues and almost certainly results in the
uvm_pmr_size_RB_REMOVE_COLOR() faults that people have seen
sporadically since the spring of this year.
ok visa@, beck@, krw@, guenther@
|
|
necessary
ok deraadt@ jsing@
|
|
normal maps.
ok beck@, miod@, guenther@
|
|
set). Since we cannot sleep in that case, use a mutex instead of an rwlock.
This is ok as the more complex code paths in the uvm code are not entered
for interrupt-safe maps as paging isn't allowed in those maps.
ok tedu@
|
|
#ifndef pmap_resident_count code paths.
|
|
|
|
|
|
|
|
ok mpi@, visa@
|
|
|
|
ok kettenis@
|
|
no way.
|
|
the page loaning code is already in the Attic.
ok kettenis@, beck@
|
|
an exact match.
ok kettenis@
|
|
ok kettenis@
|
|
compiler will warn.
|
|
ok miod@
|
|
memory for lazy binding
ok deraadt@
|
|
|
|
a value so that they may be called with UVM_PLA_NOWAIT
ok kettenis@
|
|
up workloads that fork a lot of processes and, more importantly reduces
latency because it makes sure the reaper doesn't hold on to the kernel lock
for long periods of time.
This almost certainly breaks MP kernels on alpha, macppc, m88k and sgi;
hppa might work, but probably doesn't.
ok deraadt@, beck@
|
|
|
|
specify an address constraint even when free pages that meet the constraint
are still available. This happens because the old code was using the root
of the size tree as a starting point for a search down the address tree.
This meant only part of the address tree was searched, and that part could
very well not contain any of the pages that met the constraint. Instead,
always walk the address tree from its root if the list of single pages is
empty and the root of the size tree doesn't meet our constraints.
From Visa Hankala.
ok deraadt@
|
|
Input and ok millert@
|
|
ok miod@
|
|
a function in uvm_swap_encrypt.c instead of doing stuff inline.
lets me remove an extern from the header too.
ok kettenis@
|
|
delete coredump_trad(), uvm_coredump(), cpu_coredump(), struct md_coredump,
and various #includes that are superfluous.
This leaves compat_linux processes without a coredump callback. If that
ability is desired, someone should update it to use coredump_elf32() and
verify the results...
ok kettenis@
|
|
uvm_meter.c needs it to route the sysctl, uvm_swap.c needs it to
use the functionality, and uvm_swap_encrypt.c needs it to for obvious
reasons. userland sysctl already includes it explicitely.
everything else doesnt and shouldnt care.
ok miod@
|
|
the idle thread.
ok deraadt@
|
|
|
|
|
|
constrained to a suitable range.
|
|
sure it will return an address within that range.
Use this in uaddr_rnd_select() to make sure we will not attempt to pick
an address beyond what we are allowed to map.
In my trees for 9 months, blackmailed s2k15 attendees into agreeing now would
be a good time to commit.
|
|
|
|
have any direct symbols used. Tested for indirect use by compiling
amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
