1
0
mirror of https://git.FreeBSD.org/src.git synced 2025-01-01 12:19:28 +00:00
Commit Graph

59108 Commits

Author SHA1 Message Date
Christian S.J. Peron
16d878cc99 Fix the following bpf(4) race condition which can result in a panic:
(1) bpf peer attaches to interface netif0
	(2) Packet is received by netif0
	(3) ifp->if_bpf pointer is checked and handed off to bpf
	(4) bpf peer detaches from netif0 resulting in ifp->if_bpf being
	    initialized to NULL.
	(5) ifp->if_bpf is dereferenced by bpf machinery
	(6) Kaboom

This race condition likely explains the various different kernel panics
reported around sending SIGINT to tcpdump or dhclient processes. But really
this race can result in kernel panics anywhere you have frequent bpf attach
and detach operations with high packet per second load.

Summary of changes:

- Remove the bpf interface's "driverp" member
- When we attach bpf interfaces, we now set the ifp->if_bpf member to the
  bpf interface structure. Once this is done, ifp->if_bpf should never be
  NULL. [1]
- Introduce bpf_peers_present function, an inline operation which will do
  a lockless read bpf peer list associated with the interface. It should
  be noted that the bpf code will pickup the bpf_interface lock before adding
  or removing bpf peers. This should serialize the access to the bpf descriptor
  list, removing the race.
- Expose the bpf_if structure in bpf.h so that the bpf_peers_present function
  can use it. This also removes the struct bpf_if; hack that was there.
- Adjust all consumers of the raw if_bpf structure to use bpf_peers_present

Now what happens is:

	(1) Packet is received by netif0
	(2) Check to see if bpf descriptor list is empty
	(3) Pickup the bpf interface lock
	(4) Hand packet off to process

From the attach/detach side:

	(1) Pickup the bpf interface lock
	(2) Add/remove from bpf descriptor list

Now that we are storing the bpf interface structure with the ifnet, there is
is no need to walk the bpf interface list to locate the correct bpf interface.
We now simply look up the interface, and initialize the pointer. This has a
nice side effect of changing a bpf interface attach operation from O(N) (where
N is the number of bpf interfaces), to O(1).

[1] From now on, we can no longer check ifp->if_bpf to tell us whether or
    not we have any bpf peers that might be interested in receiving packets.

In collaboration with:	sam@
MFC after:	1 month
2006-06-02 19:59:33 +00:00
Matt Jacob
6dea56bafc Make the code able to compile again in RELENG_4. 2006-06-02 19:23:12 +00:00
Matt Jacob
5580ce963e More checkpointing on the way toward really (finally)
fixing speed negotiation.

Also fix the mpt_execute_req function to actually
match mpt_execute_req_a64. This may explain why
i386 users were having more grief.
2006-06-02 18:50:39 +00:00
Doug Ambrisko
51e37c7f37 Make lio ident more consistant with aio ident. 2006-06-02 17:45:48 +00:00
Gleb Smirnoff
6e86062956 Fix gif_output() so that GIF_UNLOCK() is performed only in case
we have locked the softc.

PR:		kern/98298
Submitted by:	Eugene Grosbein
2006-06-02 14:10:52 +00:00
Pawel Jakub Dawidek
f420242b2b Don't forget to unlock kq lock in low memory situations.
OK'ed by:	jmg
2006-06-02 13:23:39 +00:00
Pawel Jakub Dawidek
8ebab14c70 Remove confusing done_noglobal label. The KQ_GLOBAL_UNLOCK() macro know
how to handle both situations - when kq_global lock is and is not held.

OK'ed by:	jmg
2006-06-02 13:21:21 +00:00
Pawel Jakub Dawidek
241321abc0 Use SLIST_FOREACH_SAFE() macro, because knote_drop() can free an element
which can be then used to find next element in the list.

OK'ed by:	jmg
2006-06-02 13:18:59 +00:00
Dag-Erling Smørgrav
b19bfd3db5 As far as I can tell, the correct CPU family for amd64 (which Linux calls
x86_64) is 15, not 6.

MFC after:	3 weeks
2006-06-02 13:01:25 +00:00
Olivier Houchard
b2adc703fd Don't #error if no CPU is defined but we're not compiling the kernel. 2006-06-02 09:39:06 +00:00
Diomidis Spinellis
809f920d59 Replace the array initialization using the gcc-specific format
[constant] value
with the C99 format
[constant] = value
2006-06-02 09:08:51 +00:00
Robert Watson
4421f50dbc raw_disconnect() now disconnects but does not detach the raw pcb. As a
result, raw_uabort() now needs to call raw_detach() directly.  As
raw_uabort() is never called, and raw_disconnect() is probably not ever
actually called in practice, this is likely not a functional change, but
improves congruence between protocols, and avoids a NULL raw cb pointer
after disconnect, which could result in a panic.

MFC after:	1 month
2006-06-02 08:27:15 +00:00
Robert Watson
ad3a630f7e Minor restyling and cleanup around ipport_tick().
MFC after:	1 month
2006-06-02 08:18:27 +00:00
Gleb Smirnoff
4ec449ae88 - Add definition for IFM_10G_CX4.
- Put IFM_10G_CX4 and IFM_10G_SR into IFMEDIA_BAUDRATE array.

Requested by:	Jack Vogel <jfvogel gmail.com>
2006-06-02 07:50:58 +00:00
Warner Losh
32b35e59a3 Zero out the devices when they are deleted. We can access the pointer after
the bus detaches which can lead to core dumps.  This is quite rare.
2006-06-02 06:33:35 +00:00
Warner Losh
35988e2d46 EISA bus ia64 systems don't exist in reality. I'm told they may exist in
theory, but that it was OK to remove from NOTES.

OK'd by: marcel
2006-06-02 04:46:26 +00:00
Olivier Houchard
4bb0f51d1d sched_rem() already sets ke->ke_state to KES_THREAD, so there's no need
to redo it.
2006-06-01 22:45:56 +00:00
Craig Rodrigues
392cb4c78c Include "xfs_macros.h" to fix tinderbox build breakage. 2006-06-01 20:51:59 +00:00
Alan Cox
98c8f52baf Correct a syntax error in the previous revision. 2006-06-01 19:23:45 +00:00
Warner Losh
088c5ab556 Cope with -Wundef. This means including xfs_macros.h early in a few more
files and changing #if XXXKAN -> #ifdef XXXKAN.

# this is just compile tested, since I don't have xfs partitions.
2006-06-01 19:01:47 +00:00
Olivier Houchard
27b45ae819 Don't enable the FIQ in enable_interrupts() if F32_bit is not specified.
This has been committed by mistake.

Reported by:	ssouhlal
2006-06-01 16:17:44 +00:00
Christian S.J. Peron
7737a00f64 Check to see if the rootdir is the same as the current working directory.
If it is, and the pathname was relative, do not separate the componenets
with a '/' character.

Obtained from:	TrustedBSD Project
2006-06-01 15:38:30 +00:00
Diomidis Spinellis
132142c572 Move conditional preprocessing out from the IEEE80211_DPRINTF macro
invocation.  Per C99 6.10.3 paragraph 11 preprocessing directives
appearing as macro arguments yield undefined behavior.
2006-06-01 14:06:32 +00:00
Mike Silbersack
f25d341cfb After much discussion with mjacob and scottl, change bus_dmamem_alloc so
that it just warns the user with a printf when it misaligns a piece
of memory that was requested through a busdma tag.

Some drivers (such as mpt, and probably others) were asking for alignments
that could not be satisfied, but as far as driver operation was concerned,
that did not matter.  In the theory that other drivers will fall into
this same category, we agreed that panicing or making the allocation
fail will cause more hardship than is necessary.  The printf should
be sufficient motivation to get the driver glitch fixed.
2006-06-01 04:49:29 +00:00
Craig Rodrigues
829b898c7c mount_msdosfs.c:
- remove call to getmntopts(), and just pass -o options to
    nmount().  This removes some confusion as to what options
    msdosfs can parse, by pushing the responsibility of option parsing
    to the VFS and FS specific code in the kernel.

msdosfs_vfsops.c:
  - add "force" and "sync" to msdosfs_opts.  They used to be specified
    in mount_msdosfs.c, so move them here.  It's not clear whethere these
    options should be placed into global_opts in vfs_mount.c or not.

Motivated by:	marcus
2006-06-01 02:25:00 +00:00
Alan Cox
d49e4d3f55 Introduce pmap_enter_locked() and use it to reimplement pmap_enter_quick().
Tested by: cognet@
2006-06-01 01:31:07 +00:00
Andrew Thompson
f3b90d48bb Announce all interfaces to devd on attach/detach. This adds a new devctl
notification so all interfaces including pseudo are reported. When netif
creates the clones at startup devctl_disable has not been turned off yet so the
interfaces will not be initialised twice, enforce this by adding an explicit
order between rc.d/netif and rc.d/devd.

This change allows actions to taken in userland when an interface is cloned
and the pseudo interface will be automatically configured if a ifconfig_<int>=""
line exists in rc.conf.

Reviewed by:		brooks
No objections on:	net
2006-06-01 00:41:07 +00:00
Paul Saab
4cbb1c1aaa Fix minidumps to include pages allocated via pmap_map on amd64.
These pages are allocated from the direct map, and were not previous
tracked.  This included the vm_page_array and the early UMA bootstrap
pages.

Reviewed by:	peter
2006-05-31 22:55:23 +00:00
Colin Percival
72f6a0fa7a Enable inadvertantly disabled "securenet" access controls in ypserv. [1]
Correct a bug in the handling of backslash characters in smbfs which can
allow an attacker to escape from a chroot(2). [2]

Security:	FreeBSD-SA-06:15.ypserv [1]
Security:	FreeBSD-SA-06:16.smbfs [2]
2006-05-31 22:32:22 +00:00
Maxim Konovalov
e680b88a3d o Rearrange and remove incorrect comments.
Requested by:	bde
2006-05-31 15:55:52 +00:00
Olivier Houchard
c7f17eb45c Avoid a LOR by unlocking the vm_page_queue_mtx before calling uma_zalloc,
and freeing the allocated memory if another thread already did the same.
2006-05-31 15:52:11 +00:00
Olivier Houchard
4cd3385ee3 If our buffer is not aligned on the cache line size, write back/invalidate
the first and last cache line in PREREAD, and just invalidate the cache
lines in POSTREAD, instead of write-back/invalidating in POSTREAD, which
could lead to stale data overriding what has been transfered by DMA.
2006-05-31 15:50:33 +00:00
Matt Jacob
866fcf84ba Fix missing update to reflect change in scsi_inquiry data structure. 2006-05-31 14:33:23 +00:00
Diomidis Spinellis
23efd78d03 Remove two locking assertion entries that:
a) were incorrectly written and therefore never compiled into
assertions, and
b) were incorrectly specified and when compiled resulted in a
failed assertion.
2006-05-31 14:06:06 +00:00
Maxim Konovalov
e3243f2bf4 o Correct URL to ELF header documantation.
PR:		kern/98213
Submitted by:	Robert Gogolok
2006-05-31 13:47:32 +00:00
Maxim Konovalov
3593da9e81 o According to POSIX, the result of ftruncate(2) is unspecified
for file types other than VREG, VDIR and shared memory objects.
We already handle VREG, VLNK and VDIR cases.  Silently ignore
truncate requests for all the rest.  Adjust comments.

PR:		kern/98064
Submitted by:	bde
Security:	local DoS
Regress. test:	regression/fifo/fifo_misc
MFC after:	2 weeks
2006-05-31 13:15:29 +00:00
Olivier Houchard
c712f1ef5b Ooops arm10 is armv5, not armv4.
Submitted by:	kevlo
2006-05-31 13:06:08 +00:00
Olivier Houchard
87adbb81cc Include machine/cpuconf.h in pmap.h in order to get ARM_NMMUS defined,
to appease -Wundef.
2006-05-31 11:57:37 +00:00
Ian Dowse
9c0ce099e6 Increment the disk block offset after writing, not before. This
fixes filesystem corruption when nextboot.conf is located after
cylinder 1023. The bug appears to have been introduced at the time
bd_read was copied to create bd_write.

PR:		bin/98005
Reported by:	yar
MFC after:	1 week
2006-05-31 09:05:49 +00:00
Matt Jacob
87ba3ce6f4 Since it's to all intents and purposes identical
code to amd64 && i386, match the recent changes
to bus_dmamem_alloc here.
2006-05-31 00:38:53 +00:00
Matt Jacob
aa57a87a56 Turn the panic on not being able to meet alignment constraints
in bus_dmamem_alloc into the more reasonable EINVAL return.

Also, reclaim memory allocated but then not used if we had
an error return.
2006-05-31 00:37:56 +00:00
Matt Jacob
5a4c2d0e02 Pick reasonable alignment constraints so that we
don't ask too much of bus_dmamem_alloc/malloc.

Replace the device_printf calls in the memalloc
function mpt_prt.
2006-05-31 00:35:44 +00:00
David Xu
f1c313bff2 Clear invalid bits only if CPU supports SSE, otherwise, some fields in
struct save87 will be cleared unexpectly.
2006-05-31 00:17:29 +00:00
Olivier Houchard
1dbb640331 Protect the mapping used for pmap_copy_page/pmap_zero_page with a
mutex.
2006-05-30 23:50:45 +00:00
David Xu
afedf1a7f1 Use the method described in IA-32 Intel Architecture Software Developer's
Manual chapter 11.6.6 to get valid mxcsr bits, use the mxcsr mask to clear
invalid bits passed by user code.

Reviewed by: bde
2006-05-30 23:44:21 +00:00
Matt Jacob
4e359f5ad1 Handle some of the inquiry flags that have come into
usage as of SPC2r20. Specifically, handle the BQueue
flag which will indicate that a device supports the
Basic Queueing model (no Head of Queue or Ordered tags).
When this flag is set, SID_CmdQueue is clear. This has
causes FreeBSD to assume that the device did not support
tagged operations.

MFC after:	1 month
2006-05-30 22:44:00 +00:00
Warner Losh
8cb2906936 Add a define for the Standard SD Host Controller Base Peripheral. 2006-05-30 21:36:12 +00:00
Olivier Houchard
b64b87c8bd To avoid problems, invalidate the data cache and disable the MMU once
we're done uncompressing the kernel.
2006-05-30 21:13:47 +00:00
Diomidis Spinellis
44d6e87b07 - Add two checks for syntax errors
- Improve error reporting
- Remove redundant conditionals
2006-05-30 21:13:28 +00:00
Diomidis Spinellis
f69ec7af12 Assertion code specifications are introduced using special character
sequences that are distinct from comments. %% is used for argument
locks; %! for pre- and post-conditions.
2006-05-30 20:49:54 +00:00