1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-14 10:09:48 +00:00
Commit Graph

58360 Commits

Author SHA1 Message Date
Robert Watson
4c7c478d0f Break out in_pcbdetach() into two functions:
- in_pcbdetach(), which removes the link between an inpcb and its
  socket.

- in_pcbfree(), which frees a detached pcb.

Unlike the previous in_pcbdetach(), neither of these functions will
attempt to conditionally free the socket, as they are responsible only
for managing in_pcb memory.  Mirror these changes into in6_pcbdetach()
by breaking it into in6_pcbdetach() and in6_pcbfree().

While here, eliminate undesired checks for NULL inpcb pointers in
sockets, as we will now have as an invariant that sockets will always
have valid so_pcb pointers.

MFC after:	3 months
2006-04-01 16:04:42 +00:00
Robert Watson
0154484bef In raw and raw-derived socket types, maintain and enforce invariant that
the so_pcb pointer on the socket is always non-NULL.  This eliminates
countless unnecessary error checks, replacing them with assertions.

MFC after:	3 months
2006-04-01 15:55:44 +00:00
Robert Watson
bc725eafc7 Chance protocol switch method pru_detach() so that it returns void
rather than an error.  Detaches do not "fail", they other occur or
the protocol flags SS_PROTOREF to take ownership of the socket.

soclose() no longer looks at so_pcb to see if it's NULL, relying
entirely on the protocol to decide whether it's time to free the
socket or not using SS_PROTOREF.  so_pcb is now entirely owned and
managed by the protocol code.  Likewise, no longer test so_pcb in
other socket functions, such as soreceive(), which have no business
digging into protocol internals.

Protocol detach routines no longer try to free the socket on detach,
this is performed in the socket code if the protocol permits it.

In rts_detach(), no longer test for rp != NULL in detach, and
likewise in other protocols that don't permit a NULL so_pcb, reduce
the incidence of testing for it during detach.

netinet and netinet6 are not fully updated to this change, which
will be in an upcoming commit.  In their current state they may leak
memory or panic.

MFC after:	3 months
2006-04-01 15:42:02 +00:00
Robert Watson
f7f45ac8e2 Annotate uses of fgetsock() with indications that they should rely
on their existing file descriptor references to sockets, rather than
use fgetsock() to retrieve a direct socket reference.

MFC after:	3 months
2006-04-01 15:25:01 +00:00
Robert Watson
ac45e92ff2 Change protocol switch pru_abort() API so that it returns void rather
than an int, as an error here is not meaningful.  Modify soabort() to
unconditionally free the socket on the return of pru_abort(), and
modify most protocols to no longer conditionally free the socket,
since the caller will do this.

This commit likely leaves parts of netinet and netinet6 in a situation
where they may panic or leak memory, as they have not are not fully
updated by this commit.  This will be corrected shortly in followup
commits to these components.

MFC after:      3 months
2006-04-01 15:15:05 +00:00
Robert Watson
fa4c5373ce Add comment to accept1() that it should use getsock() instead of fgetsock()
to avoid additional mutex operations, and also to avoid use of soref/sorele
which are now not preferred.

MFC after:	3 months
2006-04-01 11:14:56 +00:00
Robert Watson
197b35d717 Mark fgetsock() and fputsock() as depcrecated: callers should rely on
the file descriptor reference, rather than paying additional lock
operations to acquire a socket reference from the file descriptor.
This will also help to ensure that file descriptor based socket
requests are not delivered to a socket after close.  Most consumers
have already been converted to this model.

MFC after:	3 months
2006-04-01 11:09:54 +00:00
Robert Watson
c43a4e8a83 Add a comment describing SS_PROTOREF in detail. This will eventually be
in socket(9).

MFC after:	3 months
2006-04-01 10:54:51 +00:00
Robert Watson
7f689de232 Assert so->so_pcb is NULL in sodealloc() -- the protocol state should not
be present at this point.  We will eventually remove this assert because
the socket layer should never look at so_pcb, but for now it's a useful
debugging tool.

MFC after:	3 months
2006-04-01 10:45:52 +00:00
Robert Watson
220c1357ed Add a somewhat sizable comment documenting the semantics of various kernel
socket calls relating to the creation and destruction of sockets.  This
will eventually form the foundation of socket(9), but is currently in too
much flux to do so.

MFC after:	3 months
2006-04-01 10:43:02 +00:00
Matt Jacob
5e073106d5 Fix some of the previus changes 'better'.
There's something strange going on with async events. They seem
to be be treated differently for different Fusion implementations.
Some will really tell you when it's okay to free the request that
started them.  Some won't. Very disconcerting.

This is particularily bad when the chip (FC in this case) tells you
in the reply that it's not a continuation reply, which means you
can free the request that its associated with. However, if you do
that, I've found that additional async event replies come back for
that message context after you freed it. Very Bad Things Happen.

Put in a reply register debounce. Warn about out of range context
indices. Use more MPILIB defines where possible. Replace bzero with
memset. Add tons more KASSERTS. Do a *lot* more request free list
auditting and serial number usages. Get rid of the warning about
the short IOC Facts Reply.  Go back to 16 bits of context index.

Do a lot more target state auditting as well. Make a tag out
of not only the ioindex but the request index as well and worry
less about keeping a full serial number.
2006-04-01 07:12:18 +00:00
Marcel Moolenaar
a75b305ac6 Build the scc(4) module with EBus and SBus attachments for sparc64
only and build the scc(4) module with MacIO attachment for powerpc.
2006-04-01 04:54:47 +00:00
Marcel Moolenaar
2825701d6c Add the MacIO attachment for scc(4). 2006-04-01 04:53:08 +00:00
Marcel Moolenaar
ffc08b2147 Add a MacIO bus attachment. The Z8530 as present in the Mac needs
a different register shift and is fed by a different clock than
we use for UltraSPARC hardware. To deal with this, the regshft and
rclk fields in the class structure are removed and bus frontends
now pass the right regshft and rclk to the probe function where
they're put in the BAS and passed in to subordinate drivers.
2006-04-01 04:51:56 +00:00
Jeff Roberson
b2282f9a3f - Busy the filesystem in nfs_statfs to prevent us from creating a new
vnode after vflush() has succeeded.  This would cause a dangling vnode
   panic at unmount time otherwise.  Other filesystems may have this problem
   via their VFS_VGET() routines.

Found by:	kris
Sponsored by:	Isilon Systems, Inc.
2006-04-01 01:15:23 +00:00
Jeff Roberson
0af2472199 - Add an assert to vgone. It is illegal to call vgone without a reference
to the vnode.  Without a reference the vnode will never be vdestroy'd
   and the memory will never be reclaimed.

Sponsored by:	Isilon Systems, Inc.
2006-03-31 23:39:26 +00:00
Jeff Roberson
ba5eb429e3 - When there are dangling vnodes at unmount print them before we panic.
Sponsored by:	Isilon Systems, Inc.
2006-03-31 23:38:15 +00:00
Jeff Roberson
23b77994f2 - Add a bogus vhold/vdrop around vgone() in devfs_revoke. Without this
the vnode is never recycled.  It is bogus because the reference really
   should be associated with the devfs dirent.
2006-03-31 23:37:29 +00:00
Maksim Yevmenkin
b643101293 Add kbdmux(4) to GENERIC on amd64
Requested by:	scottl
Tested by:	scottl
2006-03-31 23:04:48 +00:00
Marcel Moolenaar
19ef0b1184 Fix cut-n-paste braino in previous commit: s/puc/scc/g
Pointy hat: marcel@
2006-03-31 21:55:53 +00:00
Scott Long
c2e1d5d04c Remove the USB keyboard hack now that KBDMUX is enabled by default. Allow
it to be disabled if Safe Mode is selected.
2006-03-31 21:36:17 +00:00
Maksim Yevmenkin
9216fccdd9 Add kbdmux(4) to GENERIC
Requested by:	scottl
2006-03-31 19:03:37 +00:00
Marcel Moolenaar
1b0c333020 Add a DRIVER_MODULE declaration for fhc(4) as this attachement is
also used for the FHC bus.

Pointed out by: marius@
2006-03-31 17:39:49 +00:00
Ariff Abdullah
a1d444e140 MEGA Fixes / Cleanup
--------------------

- Seal the fate of long standing memory leak (4 years, 7 months) during
  pcm_unregister(). While destroying cdevs, scan / detect possible
  children and free its SLIST placeholder properly.
- Optimize channel allocation / numbering even further. Do brute cyclic
  checking only if the channel numbering screwed.
- Mega vchan create/destroy cleanup:
  o Implement pcm_setvchans() so everybody can use it freely instead
    of implementing their own, be it through sysctl or channel auto
    allocation.
  o Increase vchan creation/destruction resiliency:
    + it's possible to increase/decrease total vchans even during
      busy playback/recording. Busy channel will be left alone, untouched.
      Abusive test sample:
      # play whatever...
      #
         while : ; do
           sysctl hw.snd.pcm0.vchans=1
           sysctl hw.snd.pcm0.vchans=10
           sysctl hw.snd.pcm0.vchans=100
           sysctl hw.snd.pcm0.vchans=200
         done
      # Play something else, leave above loop running frantically.
    + Seal another 4 years old bug where it is possible to destroy (virtual)
      channel even when its cdevs being referenced by other process.
      The "First Come First Served" nature of dsp_clone() is the main
      culprit of this issue, and usually manifest itself as dangling
      channel <-> process association. Ensure that all of its cdevs
      are free from being referenced before destroying it (through
      ORPHAN_CDEVT() macross).

All these fixes (including previous fixes) will be MFCed, later.
2006-03-31 10:36:36 +00:00
Ariff Abdullah
9c271eba78 - Increase snddev refcount earlier while accessing through sysctl interface
to avoid possible device unregister race (impossible to reproduce, yet
  possible).
- Extra sanity check to ensure proper parent channel is being selected.
- Reset parent channel once all of its children gone.
2006-03-31 10:27:47 +00:00
Søren Schmidt
cd8a592bb3 Make the ATAPI sense data accessible when using the ioctl interface
MFC candidate.
2006-03-31 08:09:05 +00:00
Jeff Roberson
3bbd6d8ae6 - Release the references acquired by VOP_GETWRITEMOUNT and vfs_getvfs().
Discussed with:	tegge
Tested by:	kris
Sponsored by:	Isilon Systems, Inc.
2006-03-31 03:54:20 +00:00
Jeff Roberson
94bc95db3c - Hold a reference from the time vfs_busy starts until vfs_unbusy is
called.
 - vfs_getvfs has to return a reference to prevent the returned mountpoint
   from changing identities.
 - Release references acquired via vfs_getvfs.

Discussed with:	tegge
Tested by:	kris
Sponsored by:	Isilon Systems, Inc.
2006-03-31 03:53:25 +00:00
Jeff Roberson
c5fcce21c5 - GETWRITEMOUNT now returns a referenced mountpoint to prevent its
identity from changing.  This is possible now that mounts are not freed.

Discussed with:	tegge
Tested by:	kris
Sponsored by:	Isilon Systems, Inc.
2006-03-31 03:52:24 +00:00
Jeff Roberson
a218edceb2 - Allocate mounts from a uma zone that uses UMA_ZONE_NOFREE to prevent
mount memory from being reclaimed.  This resolves a number of race
   conditions described in vfs_default.c and introduced with the
   VFS_LOCK_GIANT macros.
 - Let the mtx and lock remain valid after the mount structure has been
   freed by using init and fini calls.  Technically fini will never be
   called but is included for completeness.
 - Consistently use lockmgr directly rather than lockmgr to lock and
   vfs_unbusy to unlock.

Discussed with:	tegge
Tested by:	kris
Sponsored by:	Isilon Systems, Inc.
2006-03-31 03:49:51 +00:00
Jeff Roberson
9eee260594 - Define mnt_startzero and mnt_endzero as a range that excludes mnt_mtx
and mnt_lock so that the mountpoint can be explicitly zeroed on
   creation.

Discussed with: tegge
Tested by:      kris
Sponsored by:   Isilon Systems, Inc.
2006-03-31 03:49:16 +00:00
Jeff Roberson
fdf86b2dcd - LK_RETRY means nothing when passed to VOP_LOCK. Call vn_lock instead.
- Move the vn_lock of the dvp until after we've unbusied the filesystem
   to avoid a LOR with the mount point lock.
 - In the v_mountedhere while loop we acquire a new instance of giant each
   time through without releasing the first.  This would cause us to leak
   Giant.

Sponsored by:	Isilon Systems, Inc.
2006-03-31 02:59:23 +00:00
Jeff Roberson
084d64ac21 - Add the B_NEEDSGIANT flag which is only set if the vnode that owns a buf
requires Giant.  It is set in bgetvp and cleared in brelvp.
 - Create QUEUE_DIRTY_GIANT for dirty buffers that require giant.
 - In the buf daemon, only grab giant when processing QUEUE_DIRTY_GIANT and
   only if we think there are buffers in that queue.

Sponsored by:	Isilon Systems, Inc.
2006-03-31 02:56:30 +00:00
Marcel Moolenaar
c9e0c5b9c4 Build uart(4) on PowerPC. 2006-03-31 01:50:23 +00:00
Marcel Moolenaar
ce8f00136f Allow uart(4) to be built on PowerPC. 2006-03-31 01:42:55 +00:00
Marcel Moolenaar
bc1fefaa7d Add a dummy implementation of bus_space_map(). 2006-03-31 01:39:50 +00:00
Sam Leffler
00537061dd fixup error handling in taskqueue_start_threads: check for kthread_create
failing, print a message when we fail for some reason as most callers do
not check the return value (e.g. 'cuz they're called from SYSINIT)

Reviewed by:	scottl
MFC after:	1 week
2006-03-30 23:06:59 +00:00
Marcel Moolenaar
1411591a14 Include the sbus attachment of scc(1) when either fhc(4) or sbus(4)
is configured.
2006-03-30 21:39:36 +00:00
Scott Long
cadfc102f1 Revert to using acpi_max_threads instead of the hardcoded value of '3'. 2006-03-30 19:22:45 +00:00
Bjoern A. Zeeb
e59d4d98ef Fix more stack corruptions on amd64.
Vararg functions have a different calling convention than regular
functions on amd64. Casting a varag function to a regular one to
match the function pointer declaration will hide the varargs from
the caller and we will end up with an incorrectly setup stack.

Entirely remove the varargs from these functions and change the
functions to match the declaration of the function pointers.
Remove the now unnecessary casts.

Also change static struct ipprotosw[] to two independent
protosw/ip6protosw definitions to remove an unnecessary cast.

PR:				amd64/95008
Submitted and tested by:	Mats Palmgren
Reviewed by:			rwatson
MFC after:			3 days
2006-03-30 18:57:04 +00:00
Pawel Jakub Dawidek
700e04d9b6 Revert previous change, as I fixed MD5(9). 2006-03-30 18:50:00 +00:00
Pawel Jakub Dawidek
177a987379 Fix a panic on sparc64 related to inproper aligment - we cannot assume,
that 'unsigned char *' argument is 4 byte aligned.

MFC after:	3 days
2006-03-30 18:45:50 +00:00
Marcel Moolenaar
90730ac6d0 When we attach to either a SAB82532 or a Z8530, print a notice
saying that scc(4) should be configured into the kernel. This
helps people to migrate away from puc(4) for these devices.
2006-03-30 18:43:03 +00:00
Marcel Moolenaar
09410159b2 Add scc(4). 2006-03-30 18:40:25 +00:00
Marcel Moolenaar
af2e25a6d2 o Add scc(4) to the build.
o  Add the scc(4) manpage to the build.
o  Update the uart(4) manpage to account for scc(4).
o  Update the uart(4) module build to include support for scc(4).
2006-03-30 18:39:24 +00:00
Marcel Moolenaar
8af03381d8 Add support for scc(4). 2006-03-30 18:37:03 +00:00
Marcel Moolenaar
6174e6ed12 Add scc(4), a driver for serial communications controllers. These
controllers typically have multiple channels and support a number
of serial communications protocols. The scc(4) driver is itself
an umbrella driver that delegates the control over each channel
and mode to a subordinate driver (like uart(4)).
The scc(4) driver supports the Siemens SAB 82532 and the Zilog
Z8530 and replaces puc(4) for these devices.
2006-03-30 18:33:22 +00:00
Marcel Moolenaar
1d9c4393ff o Don't make the SER_INT_* defines visible to userland. They
are related to internals, not user-visible state.
o  Add a typedef for serdev_intr_t and protect it with !LOCORE.
2006-03-30 17:24:42 +00:00
John Baldwin
8346951353 Style fix. 2006-03-30 15:48:06 +00:00
Pawel Jakub Dawidek
8e88808915 md_hash field in g_eli_metadata structure is not 4 byte aligned, which
case panic on sparc64.

The problem is in MD5(9) implementation. The Encode() function takes
'unsigned char *output' as its first argument, which is then assigned to
'u_int32_t *op'. If the 'output' argument is not 4 byte aligned (and in
geli(8) case it is not), sparc64 machine will panic.

I don't know how to fix MD5(9) in a clean way, so I'm implementing a
work-around in geli(8).

Reported by:	brueffer
MFC after:	3 days
2006-03-30 14:41:13 +00:00