for certain user pages, stores to kernel pages would not update the
affected cache lines, which would sometimes cause the wrong data to be
returned for loads from kernel pages. This was especially fatal when
the addresses affected held the kernel stack pointer, and a random
value was loaded into it.
Fix a harmless off by one error in a dcache_inval_phys call.
Fix a potential race in setting up the per-cpu pointer if the special
restore fails on return to user mode fails and we need to trap back
into the kernel to fault in more stack.
Remove debug code.
an efficient way for the kernel to bounce certain mundane traps back to
userland for handling there. A user trap handler returns directly to the
trapping user code, rather than going through the kernel again. Only a
handful of instructions are actually executed in kernel mode.
Implement sysarch(SPARC_UTRAP_INSTALL).
Add code to handle sharing of the user trap table across forks and unsharing
at exec.
This can be used to implement efficient tracking of floating point register
usage in userland, fe by a thread library, and to handle alignment fault
fixups and instruction emulation in userland, for which the code may need
to be different for 32bit and 64bit binaries.
something wrong with the kernel stack.
Add code to check the kernel stack pointer in various important places
and try hard not to go down in flames if its wrong.
- Move from msleep/wakeup to condvar.
- Return either zero or a positive errno value from a function.
Return additional result via references.
- Unify the typedef of callback functions.
Reviewed by: Brooks Davis <brooks@freebsd.org>
Warner Losh <imp@freebsd.org>
Approved by: Brooks Davis <brooks@freebsd.org>
Warner Losh <imp@freebsd.org>
a packed array so sizeof work. This broke RFMON mode and passing
up 802.11 packets.
The Linux emulation code was derived from the open source Linux driver to
maintain compatibility.
LEAP support is added, hints from Richard Johnson. I've verified this
locally with PC350v42510.img firmware. More bug fixing from Marco to
fix long passwords.
Change DELAYs in flash part of driver to FLASH_DELAY which uses tsleep
so it doesn't look like your system died during a flash update.
Install header files in /usr/include/dev/an
Cleanup some ifmedia bugs add "Home" key mode to ifmedia and ancontrol.
This way you can manage 2 keys a little easier. Map the home mode into
key 5. Enhance ifconfig to dump the various configured SSIDs. I use
a bunch of different ones and roam between them. Use the syntax similar
to the WEP keys to deal with setting difference SSIDs.
Bump up up the Card capabilities RID since they added 2 bytes to it
in the latest firmware. Thankfully we changed it from a terminal
failure so the card still worked but the driver whined.
Some cleanup patches from Marco Molteni.
Submitted by: Richard Johnson <raj@cisco.com>
Marco Molteni <molter@tin.it>
and myself
Various checks: David Wolfskill <david@catwhisker.org>
Reviewed by: Brooks Davis <brooks@freebsd.org>
Warner Losh <imp@freebsd.org>
Approved by: Brooks Davis <brooks@freebsd.org>
Warner Losh <imp@freebsd.org>
Obtained from: Linux emulation API's from Aironet driver.
they were right. Fix both kenter() and kremove() for SMP by ensuring that
the tlb is flushed on other cpu's. This will directly solve random-corruption
panic issues in -stable when it is MFC'd. Better to be safe then sorry, we
can optimize this later.
Original Suspicion by: peter
Maybe MFC: immediately on re's permission
socreate(), rather than getting it implicitly from the thread
argument.
o Make NFS cache the credential provided at mount-time, and use
the cached credential (nfsmount->nm_cred) when making calls to
socreate() on initially connecting, or reconnecting the socket.
This fixes bugs involving NFS over TCP and ipfw uid/gid rules, as well
as bugs involving NFS and mandatory access control implementations.
Reviewed by: freebsd-arch
must have been inadvertently changed to '>'. This broke nfsm_adv()
in the case where the advancement count is equal to the amount of
data remaining in the current mbuf. Instead of moving the current
position N bytes forward, nfs_adv() could end up moving it back to
N bytes from the start of the mbuf data.
This should fix the client-side readdirplus problems that have been
reported since September.
In order of importance:
* Make ugen use updated frlengths.
* More tests for NULL pipes.
* Generate better error codes on bulk write.
* Error messages in general.
IPv6 on an sppp interface. In an IPv6-enabled kernel, every IPv6
interface automatically gets an IPv6 address assigned (and IPv6
multicast packets sent at initialization time). For sppp links where
we know our remote peer wouldn't support IPv6 at all, there's no point
in attempting to negotiate IPV6CP (or to even dial out for an IPv6
packet at all for dial-on-demand interfaces).
I wish there were a more generic way to administratively disable IPv6
on an interface instead. ume told me there isn't.
While i was at it, converted both, enable_vj and enable_ipv6 into flag
bits in struct sppp (enable_vj used to be an int of its own).
MFC after: 1 month
it again when going from INITIAL to STARTING. This has been done for
passive or auto-conecting interfaces always, but not for permanent
ones.
Obtained from: NetBSD (rev 1.32)
& and && has been botched. This was likely the cause for some havoc
with various negotiation cases of sppp in the past.
Obtained from: NetBSD (rev 1.13)
MFC after: 1 week
makes the implied assumption there were another 128 bytes of space in
front of the packet handed off to it... which is not the case for
sppp. This could easily end up in corrupting random memory.
This fix is about the same as revs 1.6, 1.8, and 1.9 from our
i4b_ispppsubr.c.
Also fixed IPCP option negotiation to zero out the options when
starting IPCP. Otherwise, if negotiation parameters change between
various IPCP startups, it could happen that old options would still be
requested (this happened if VJ was turned off, and ended up in half
off the link still negotiating for VJ compression).
IMHO, the base system's sppp is now feature-wise up to date with the
one in the i4b part of the tree, so the latter can be disabled.
MFC after: 1 month
o Do not use a special struct to keep track of CPUs we found;
instead, use struct pcpu. This handles all the magic WRT
thread creation (yay!).
o Respect MAXCPU.
o Use the vhpt_base and vhpt_size values to initialize the AP.
o Style fixes.
Note that this commit temporarily breaks SMP configurations.
Previously APs didn't do anything, but they now enter the
scheduler. They hold sched_lock for more than 5 secs though
and cause a panic. That's what I call progress :-)
ia64_pal_base instead of scanning the EFI tables. This way
AP startup code can more easily use the function.
o Initialize ia64_pal_base in ia64_init(). When the PAL code
doesn't need explicit mapping or no PAL code has been found,
ia64_pal_base will be 0.
o Remove some unused global variables.
o Also in ia64_init(), allocate only 1 page for struct pcpu
and remove some Alpha leftovers.
o Initialize pc_pcb in cpu_pcpu_init().
1222 bytes (derived as the maximum that isc-dhcpd uses). This solves
the problem if a bootp/DHCP reply is over 256 bytes in which the
end of the bootp/DHCP reply will not be found and then the reply will
be ignored. This happens when swap and root paths are longish or many
parameters are set.
Reviewed by: imp
Approved by: imp
The following steps are involved:
a) the IP options related to routing (LSRR and SSRR) are processed
as though the router were a host,
b) the other IP options are processed as usual only if the packet
is destined for the router; otherwise they are ignored.
PR: kern/23123
Discussed in: freebsd-hackers
Add fields to md_page for tracking virtual page color, and pv entry
lists.
Fix pmap_track_modified to work for non-kernel pmaps. This is due to
kernel virtual addresses potentially overlapping with userland addresses.
much less magic, fragile, broken. Use ttes rather than sttes.
We still use the replacement scheme used by the original code, which
is pretty cool.
Many crucial bug fixes from: tmm
of sttes. Also removes many differences between this and the other pmaps.
Reserve the kva space used by the openfirmware translations.
Use physical addresses directly in pmap_zero_page and pmap_copy_page, now
that we have the cache line shooting support.
Add code to track the virtual cachability of mapped pages. The dmmu
requires that multiple mappings of the same phsyical address have the
save virtual address bits up to a colour boundary. Violating this
requires all mappings to be mapped uncacheable. We do not yet handle
the case of a badly aliased mapping becoming cachable again.
Many crucial bug fixes from: tmm
the registers so we don't uselessly save them over and over again for
each context switch until another floating point instruction is executed.
Use a non-specific tlb slot for the tsb, which needs to have a locked
entry.
Remove overly verbose traces.
Add macros to atomically increment an integer variable in the data
section and to atomically set a bit in a tte. Note that the latter
does not return the new value.
Rewrite RESUME_SPILLFILL_MAGIC to use more sensical calculations, and
to preserve all alternate globals religiously. Must now be called on
alternate globals.
Defer switching to the kernel stack until inside the syscall, trap,
interrupt wrappers. Splitting the windows is all that's really urgent.
Adapt to new trap types.
Add %xcc where appropriate in order to not use v8 opcodes inadvertantly
(which work fine).
Modify the low level tlb fault handlers to operate on a tsb made up of
ttes, not sttes. This effectively makes the tsb twice as large.
After atomically updating tte bits in memory, also set the bit in the
register that holds the data which will be loaded into the tlb. The
macro returns the old value.
Use the preloaded mmu global which holds the address of the current
user tsb.
Add back a low level protection fault handler instead of just punting
into the vm system. This effectively saves a soft fault per COW fault.
Add a trace to intr_enqueue.
Pass arguments to the trap, interrupt, syscall wrappers in the out
registers instead of some on the stack, some in registers.
Use the preloaded alternate global pcb register.
2. Make trap_pfault more like it is on other architectures.
3. Fix a bug in syscall() which caused system calls with more than
six arguments that are called through the wild card syscall to
have their arguments scrambled. This affected mmap due to the
(bogus) wrapper in libc.
Submitted by: tmm (3)
Add some traces that can be useful but are also very loud.
Use defines for offsets into jmpbuf instead of magic numbers.
Fix a style bug.
Fixup comments.
Remove the explicit call to aio_proc_rundown() from exit1(), instead AIO
will use at_exit(9).
Add functions at_exec(9), rm_at_exec(9) which function nearly the
same as at_exec(9) and rm_at_exec(9), these functions are called
on behalf of modules at the time of execve(2) after the image
activator has run.
Use a modified version of tegge's suggestion via at_exec(9) to close
an exploitable race in AIO.
Fix SYSCALL_MODULE_HELPER such that it's archetecuterally neutral,
the problem was that one had to pass it a paramater indicating the
number of arguments which were actually the number of "int". Fix
it by using an inline version of the AS macro against the syscall
arguments. (AS should be available globally but we'll get to that
later.)
Add a primative system for dynamically adding kqueue ops, it's really
not as sophisticated as it should be, but I'll discuss with jlemon when
he's around.
specified by the sparc abi. We use numerically higher values for all
internal kernel types.
Remove soft trap types which need to be exposed to userland. They will
move to utrap.h.
their duration. This is still only effective as long as they are
only used in the static kernel. Code in modules may cause instruction
faults which makes these break in different ways anyway.
2. Add a load bearing membar #Sync.
3. Add an inline for demapping an entire context.
Submitted by: tmm (1, 2)
Bloat trapframe with many extra fields so we don't need extra structures.
Use small data types where possible.
Remove second copy of TF_DONE.
Remove mmuframe.
inclusion of VJ compression into sppp.
Now, instead of the need to include this and that and everything plus
the kitchensink in each of those drivers, struct sppp uses struct
slcompress as an opaque structure only referenced by a pointer. The
actual structure is then malloced at initialization time.
While i was at it, also fixed a bug where received VJ packets would only
be recognized if INET6 was defined.
(1) Don't attempt aquire the non-recursive lock sio_lock recursively.
Doing so caused unbounded recursion in some setups. E.g., if DDB,
BREAK_TO_DEBUGGER and WITNESS are configured; if the debugger is
entered using a break, then WITNESS will actually detect the invalid
recursion and will add to it attempting to print a message about it.
(2) Don't use sio_lock before it has been initialized. The old check
(sio_inited != 0) didn't work when sio_inited was boolean because
sio_inited was set too early, and became just wrong when sio_inited
was changed to a tri-state variable in rev.1.348.
Reported and fixed in another way by: fenner (1)
time from the PPP packets sent. This effectively merges rev 1.2 of
the old i4b_ispppsubr.c, with the exception that i eventually ended up
in debugging and fixing it so the idle time is now really
detected. ;-) (The version in i4b simply doesn't work right since it
still accounts for incoming LCP echo packets which it is supposed to
ignore for idle time considerations...)
Obtained from: i4b
MFC after: 1 month
sppp_parms that are needed for the SPPPIO[GS]DEFS ioctl commands.
This allows it to keep struct sppp inside #ifdef _KERNEL (where it
belongs), and prevents userland programs that wish to include
<net/if_sppp.h> from including the earth, the hell, and the universe
before the are able to resolve all the kernel-internal stuff that's in
struct sppp.
Discussed with: hm
MFC after: 1 month
This (effectively) merges rev 1.36 of i4b's old if_spppsubr.c, albeit
in a slightly different manner (we export the timer in millisecond
values as exposed to tick values from/to userland).
Obtained from: i4b
MFC after: 1 month
This is the logical merge of rev 1.32 of i4b's old if_spppsubr.c (which
was based on PR misc/11767), plus (i4b) rev 1.6 of i4b's if_ispppsubr.c,
albeit with numerous stylistic and cosmetic changes.
PR: misc/11767
Submitted by: i4b, Joachim Kuebart
MFC after: 1 month
Character-Map. RFC 1662 demands it for the sake of async to sync
PPP protocol converters (like Win9* :).
This merges rev 1.26/1.27 of the old i4b sppp changes.
route to the destination twice. Now that brian has fixed route.c to no
longer accept this second route, this long-standing nuisance became a
showstopper bug for sppp users.
In retrospect, this is the same fix as the one in rev 1.78 of if_sl.c;
most likely the original version of sppp has been cloned from SLIP. ;-)
A [hopefully] conforming style(9) revamp of mb_alloc and related code.
(This was possible due to bde's remarkable patience.)
Submitted by: (in large part) bde
Reviewed by: (the other part) bde
see people trip over it. Do not set the FIFO trigger to just before it
would otherwise overflow. Give it a little more slop so characters aren't
lost if the interrupt is delayed by other system activities.
MFC maybe: 7 days
- Temporary fix a bug of Intel ACPI CA core code.
- Add OS layer ACPI mutex support. This can be disabled by
specifying option ACPI_NO_SEMAPHORES.
- Add ACPI threading support. Now that we have a dedicate taskqueue for
ACPI tasks and more ACPI task threads can be created by specifying option
ACPI_MAX_THREADS.
- Change acpi_EvaluateIntoBuffer() behavior slightly to reuse given
caller's buffer unless AE_BUFFER_OVERFLOW occurs. Also CM battery's
evaluations were changed to use acpi_EvaluateIntoBuffer().
- Add new utility function acpi_ConvertBufferToInteger().
- Add simple locking for CM battery and temperature updating.
- Fix a minor problem on EC locking.
- Make the thermal zone polling rate to be changeable.
- Change minor things on AcpiOsSignal(); in ACPI_SIGNAL_FATAL case,
entering Debugger is easier to investigate the problem rather than panic.
and a generic resource_list_print_type() function to print all resouces
of a certain type in a resource list.
Use ulmin()/ulmax() instead of min()/max() in two places to handle
u_longs correctly.
argument specifying the boundary for the resource allocation.
Use ulmin()/ulmax() instead of min()/max() in some places to correctly
deal with the u_long resource range specifications.
code only passed up the connection to the tcp stack when it was complete,
so it went directly into the so_comp (complete) queue. However, with
accept filters, there is an additional phase before calling it "complete".
Reviewed by: jlemon
and it's associated state variables: icu_lock with the name "icu". This
renames the imen_mtx for x86 SMP, but also uses the lock to protect
access to the 8259 PIC on x86 UP. This also adds an appropriate lock to
the various Alpha chipsets which fixes problems with Alpha SMP machines
dropping interrupts with an SMP kernel.
against VM_WAIT in the pageout code. Both fixes involve adjusting
the lockmgr's timeout capability so locks obtained with timeouts do not
interfere with locks obtained without a timeout.
Hopefully MFC: before the 4.5 release
for this file, but here goes nothing. This was my first attempt at
tidying up this file. Unfortunately, it just exposes many more horrors
in the code itself that had been masked by the eyesore that was there
before. I think this just needs to be put out of its misery.