Commit Graph

62 Commits

Author SHA1 Message Date
Konstantin Belousov
d86c1f0dc1 i386 4/4G split.
The change makes the user and kernel address spaces on i386
independent, giving each almost the full 4G of usable virtual addresses
except for one PDE at top used for trampoline and per-CPU trampoline
stacks, and system structures that must be always mapped, namely IDT,
GDT, common TSS and LDT, and process-private TSS and LDT if allocated.

By using 1:1 mapping for the kernel text and data, it appeared
possible to eliminate assembler part of the locore.S which bootstraps
initial page table and KPTmap.  The code is rewritten in C and moved
into the pmap_cold(). The comment in vmparam.h explains the KVA
layout.

There is no PCID mechanism available in protected mode, so each
kernel/user switch forth and back completely flushes the TLB, except
for the trampoline PTD region. The TLB invalidations for userspace
becomes trivial, because IPI handlers switch page tables. On the other
hand, context switches no longer need to reload %cr3.

copyout(9) was rewritten to use vm_fault_quick_hold().  An issue for
new copyout(9) is compatibility with wiring user buffers around sysctl
handlers. This explains two kind of locks for copyout ptes and
accounting of the vslock() calls.  The vm_fault_quick_hold() AKA slow
path, is only tried after the 'fast path' failed, which temporary
changes mapping to the userspace and copies the data to/from small
per-cpu buffer in the trampoline.  If a page fault occurs during the
copy, it is short-circuit by exception.s to not even reach C code.

The change was motivated by the need to implement the Meltdown
mitigation, but instead of KPTI the full split is done.  The i386
architecture already shows the sizing problems, in particular, it is
impossible to link clang and lld with debugging.  I expect that the
issues due to the virtual address space limits would only exaggerate
and the split gives more liveness to the platform.

Tested by: pho
Discussed with:	bde
Sponsored by:	The FreeBSD Foundation
MFC after:	1 month
Differential revision:	https://reviews.freebsd.org/D14633
2018-04-13 20:30:49 +00:00
Pedro F. Giffuni
df57947f08 spdx: initial adoption of licensing ID tags.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.

Initially, only tag files that use BSD 4-Clause "Original" license.

RelNotes:	yes
Differential Revision:	https://reviews.freebsd.org/D13133
2017-11-18 14:26:50 +00:00
Jung-uk Kim
fd90e2ed54 CALLOUT_MPSAFE has lost its meaning since r141428, i.e., for more than ten
years for head.  However, it is continuously misused as the mpsafe argument
for callout_init(9).  Deprecate the flag and clean up callout_init() calls
to make them more consistent.

Differential Revision:	https://reviews.freebsd.org/D2613
Reviewed by:	jhb
MFC after:	2 weeks
2015-05-22 17:05:21 +00:00
Will Andrews
49f159beef Garbage collect dragonfly and legacy FreeBSD system support from dcons(4).
Submitted by:	gibbs
MFC after:	1 week
Sponsored by:	Spectra Logic
MFSpectraBSD:	1110990 on 2015/01/06
2015-01-21 19:53:52 +00:00
Alexander Motin
fd7e682719 MFcalloutng:
Make dcons input polling adaptive, reducing poll rate to 1Hz after several
minutes of inactivty to reduce global interrupt rate.  Most of users never
used FireWire debugging, so it is not very useful to consume power by it.
2013-02-19 18:22:25 +00:00
Andriy Gapon
9976156f12 kern cons: introduce infrastructure for console grabbing by kernel
At the moment grab and ungrab methods of all console drivers are no-ops.

Current intended meaning of the calls is that the kernel takes control of
console input.  In the future the semantics may be extended to mean that
the calling thread takes full ownership of the console (e.g. console
output from other threads could be suspended).

Inspired by:	bde
MFC after:	2 months
2011-12-17 15:08:43 +00:00
Ed Schouten
6472ac3d8a Mark all SYSCTL_NODEs static that have no corresponding SYSCTL_DECLs.
The SYSCTL_NODE macro defines a list that stores all child-elements of
that node. If there's no SYSCTL_DECL macro anywhere else, there's no
reason why it shouldn't be static.
2011-11-07 15:43:11 +00:00
Robert Watson
e5a0927394 Follow up to r225203 refining break-to-debugger run-time configuration
improvements:

(1) Implement new model in previously missed at91 UART driver
(2) Move BREAK_TO_DEBUGGER and ALT_BREAK_TO_DEBUGGER from opt_comconsole.h
    to opt_kdb.h (spotted by np)
(3) Garbage collect now-unused opt_comconsole.h

MFC after:	3 weeks
Approved by:	re (bz)
2011-08-27 14:24:27 +00:00
Robert Watson
4cf7545589 Attempt to make break-to-debugger and alternative break-to-debugger more
accessible:

(1) Always compile in support for breaking into the debugger if options
    KDB is present in the kernel.

(2) Disable both by default, but allow them to be enabled via tunables
    and sysctls debug.kdb.break_to_debugger and
    debug.kdb.alt_break_to_debugger.

(3) options BREAK_TO_DEBUGGER and options ALT_BREAK_TO_DEBUGGER continue
    to behave as before -- only now instead of compiling in
    break-to-debugger support, they change the default values of the
    above sysctls to enable those features by default.  Current kernel
    configurations should, therefore, continue to behave as expected.

(4) Migrate alternative break-to-debugger state machine logic out of
    individual device drivers into centralised KDB code.  This has a
    number of upsides, but also one downside: it's now tricky to release
    sio spin locks when entering the debugger, so we don't.  However,
    similar logic does not exist in other device drivers, including uart.

(5) dcons requires some special handling; unlike other console types, it
    allows overriding KDB's own debugger selection, so we need a new
    interface to KDB to allow that to work.

GENERIC kernels in -CURRENT will now support break-to-debugger as long as
appropriate boot/run-time options are set, which should improve the
debuggability of BETA kernels significantly.

MFC after:	3 weeks
Reviewed by:	kib, nwhitehorn
Approved by:	re (bz)
2011-08-26 21:46:36 +00:00
Ed Schouten
c5e30cc02b Last minute TTY API change: remove mutex argument from tty_alloc().
I don't want people to override the mutex when allocating a TTY. It has
to be there, to keep drivers like syscons happy. So I'm creating a
tty_alloc_mutex() which can be used in those cases. tty_alloc_mutex()
should eventually be removed.

The advantage of this approach, is that we can just remove a function,
without breaking the regular API in the future.
2009-05-29 06:41:23 +00:00
Ed Schouten
2dae467d61 Reduce the dcons polling frequency to 25 Hz.
It makes little sense to use 100 Hz polling in dcons. We cannot live
without polling, because that's just how dcons works. It polls the
buffer filled by the firewire hardware. 25 Hz is probably enough for
most use cases.

Discussed with:	rwatson
Tested by:	kan
2009-04-06 13:09:02 +00:00
Alexander Kabaev
9ec7a1f568 Fix logic in MOD_LOAD handler to call dcons_attach after all successful
dcons_drv_init invocations. Testing return value for 0 does not work for
cases where dcons_drv_init was called already as part of low level
console initialization.
2009-04-06 02:29:28 +00:00
Warner Losh
3fdd7f1605 We need to initialize the console for dcons to work.
Submitted by:	nork@
2009-03-13 02:15:49 +00:00
Marius Strobl
3da80d3a0e Check the return values of contigmalloc(9) as well as bus_dma(9)
functions and stop attaching of dcons(4) and dcons_crom(4) if
they indicate failure. This fixes a panic seen on sparc64 machines
with no free physical memory in the requested 32-bit region but
still doesn't make dcons(4)/dcons_crom(4) these work. I think
the latter can be fixed by simply specifying ~0UL as the upper
limit for contigmalloc(9) and letting the bounce pages and the
IOMMU respectively handle limitations of the DMA engine. I didn't
want to change that without the consensus of simokawa@ though,
who unfortunately didn't reply so far.

MFC after:	1 week
2009-01-07 21:25:44 +00:00
Marius Strobl
eddfa7b147 Given that the buffer dcons_crom(4) exposes is used for both input
and output, set BUS_DMA_COHERENT when creating the DMA map used for
loading the buffer. As a side-effect this solves locking issues on
sparc64 when dcons(4) calls bus_dmamap_sync(9) while in an interrupt
filter, which are executed in a critical section, and iommu(4) has
to use a sleep lock when taking advantage of the streaming buffer.

Reported and tested by:	kensmith
Approved by:		simokawa
2008-11-19 22:09:03 +00:00
Ed Schouten
656b038372 Also make dcons(4) use MPSAFE callouts.
The callout locks the TTY layer the way it should, so there is no reason
why its callout shouldn't set this flag.
2008-11-19 21:12:26 +00:00
Ed Schouten
bc093719ca Integrate the new MPSAFE TTY layer to the FreeBSD operating system.
The last half year I've been working on a replacement TTY layer for the
FreeBSD kernel. The new TTY layer was designed to improve the following:

- Improved driver model:

  The old TTY layer has a driver model that is not abstract enough to
  make it friendly to use. A good example is the output path, where the
  device drivers directly access the output buffers. This means that an
  in-kernel PPP implementation must always convert network buffers into
  TTY buffers.

  If a PPP implementation would be built on top of the new TTY layer
  (still needs a hooks layer, though), it would allow the PPP
  implementation to directly hand the data to the TTY driver.

- Improved hotplugging:

  With the old TTY layer, it isn't entirely safe to destroy TTY's from
  the system. This implementation has a two-step destructing design,
  where the driver first abandons the TTY. After all threads have left
  the TTY, the TTY layer calls a routine in the driver, which can be
  used to free resources (unit numbers, etc).

  The pts(4) driver also implements this feature, which means
  posix_openpt() will now return PTY's that are created on the fly.

- Improved performance:

  One of the major improvements is the per-TTY mutex, which is expected
  to improve scalability when compared to the old Giant locking.
  Another change is the unbuffered copying to userspace, which is both
  used on TTY device nodes and PTY masters.

Upgrading should be quite straightforward. Unlike previous versions,
existing kernel configuration files do not need to be changed, except
when they reference device drivers that are listed in UPDATING.

Obtained from:		//depot/projects/mpsafetty/...
Approved by:		philip (ex-mentor)
Discussed:		on the lists, at BSDCan, at the DevSummit
Sponsored by:		Snow B.V., the Netherlands
dcons(4) fixed by:	kan
2008-08-20 08:31:58 +00:00
Peter Wemm
f2db8876a0 Spell KDB_REQ_REBOOT correctly. 2008-05-05 08:25:46 +00:00
Peter Wemm
43d7128c14 Expand kdb_alt_break a little, most commonly used with the option
ALT_BREAK_TO_DEBUGGER.  In addition to "Enter ~ ctrl-B" (to enter the
debugger), there is now "Enter ~ ctrl-P" (force panic) and
"Enter ~ ctrl-R" (request clean reboot, ala ctrl-alt-del on syscons).

We've used variations of this at work.  The force panic sequence is
best used with KDB_UNATTENDED for when you just want it to dump and
get on with it.

The reboot request is a safer way of getting into single user than
a power cycle.  eg: you've hosed the ability to log in (pam, rtld, etc).
It gives init the reboot signal, which causes an orderly reboot.

I've taken my best guess at what the !x86 and non-sio code changes
should be.

This also makes sio release its spinlock before calling KDB/DDB.
2008-05-04 23:29:38 +00:00
Robert Watson
3de213cc00 Add a new 'why' argument to kdb_enter(), and a set of constants to use
for that argument.  This will allow DDB to detect the broad category of
reason why the debugger has been entered, which it can use for the
purposes of deciding which DDB script to run.

Assign approximate why values to all current consumers of the
kdb_enter() interface.
2007-12-25 17:52:02 +00:00
Hidetoshi Shimokawa
ff038e3a82 We don't need to call dcons_poll event handlers if KDB is not active.
Approved by: re (kensmith)
2007-08-17 05:32:39 +00:00
Hidetoshi Shimokawa
40ca0d5755 - Don't force to be the GDB port since dcons(4) is in GENERIC now.
To enable the GDB port of dcons(4), you need to put
  dcons_gdb=1
in /boot/loader.conf.
2007-06-11 04:08:50 +00:00
Hidetoshi Shimokawa
55f84274e3 Don't invalidate dcons buffer on shutdown.
We would like to keep connection after halt.
2007-06-08 08:23:14 +00:00
Hidetoshi Shimokawa
293b847542 Add the address of IDT in the configuration ROM. (i386/amd64 only)
A change to dconschat(8) will follow so that it can bomb
this address over FireWire to reset a wedged system.

Though this method is just a hack and far from perfection,
it should be useful if you don't want to go machine room
just to reset or to power-cycle a machine without
remote-managed power supply.  And much better than doing:
# fwcontrol -m target-eui64
# dd if=/dev/zero of=/dev/fwmem0.2 bs=1m
2007-06-08 04:33:25 +00:00
Hidetoshi Shimokawa
c8dde64562 Replace breakpoint() with kdb_enter(). 2007-06-08 03:05:57 +00:00
Hidetoshi Shimokawa
9953c34ca6 Poll bus resets on FireWire while kdb/gdb is active.
Now, it's safe to call the fwohci interrupt(polling) routine while ddb/gdb
is active. After this change, a dcons connnection over FireWire can survive
bus resets even in kernel debugger.

This means that it is not too late to plug a FireWire cable after a panic
to investigate the problem.

Actually there is a small window(between a jump to kernel from loader and
initialization of dcons_crom) in which no one can take care of a bus reset.
Except that window, firewire console should keep working
from loader to reboot even with a panic and a bus reset.
(as far as you enable LOADER_FIREWIRE_SUPPORT)
2007-06-08 00:54:44 +00:00
Hidetoshi Shimokawa
3080596e7f We should better ignore a break on gdb port if gdb is not enabled. 2007-05-28 02:20:40 +00:00
Hidetoshi Shimokawa
db72757973 Change default value of hw.firewire.dcons_crom.force_console to 0
for least astonishment.

MFC after: 3 days
2007-05-27 14:00:34 +00:00
Hidetoshi Shimokawa
207bcebe4b Make compile without GDB option.
MFC after: 3 days
2007-05-27 13:58:43 +00:00
Hidetoshi Shimokawa
10f39c7d37 Include stand.h for loader.
MFC after: 3 days
2007-05-25 05:00:39 +00:00
Robert Watson
acd3428b7d Sweep kernel replacing suser(9) calls with priv(9) calls, assigning
specific privilege names to a broad range of privileges.  These may
require some future tweaking.

Sponsored by:           nCircle Network Security, Inc.
Obtained from:          TrustedBSD Project
Discussed on:           arch@
Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri,
                        Alex Lyashkov <umka at sevcity dot net>,
                        Skip Ford <skip dot ford at verizon dot net>,
                        Antoine Brodin <antoine dot brodin at laposte dot net>
2006-11-06 13:42:10 +00:00
Poul-Henning Kamp
a58a1ea03d Convert to new console interface. 2006-05-26 13:51:38 +00:00
Poul-Henning Kamp
9b188af13c Eliminate gdb_checkc member from GDB_DBGPORT(), it is never used.
Use polling behaviour for gdb_getc() where convenient, this edges us
closer to the console code.
2006-05-26 11:54:32 +00:00
Poul-Henning Kamp
8a7f77816e Use ttyalloc() instead of ttymalloc() 2006-01-04 09:20:41 +00:00
Ruslan Ermilov
342ed5d948 Fix -Wundef warnings found when compiling i386 LINT, GENERIC and
custom kernels.
2005-12-05 11:58:35 +00:00
Poul-Henning Kamp
7423b2b40c Make ttyconsolemode() call ttsetwater() so that drivers don't have to. 2005-10-16 20:58:22 +00:00
Warner Losh
098ca2bda9 Start each of the license/copyright comments with /*-, minor shuffle of lines 2005-01-06 01:43:34 +00:00
Hidetoshi Shimokawa
520d7d186b Use dcons buffer passed by loader on amd64. 2004-10-28 12:18:22 +00:00
Hidetoshi Shimokawa
c751e6f0fa - Use quad_t for dcons buffer address and size.
- Allow read/write access to dcons buffer passed by loader(8).
2004-10-24 12:41:04 +00:00
Hidetoshi Shimokawa
8ffa2e7954 Check _BOOT flag. 2004-10-22 15:03:22 +00:00
Poul-Henning Kamp
95bc568977 Add new function ttyinitmode() which sets our systemwide default
modes on a tty structure.

Both the ".init" and the current settings are initialized allowing
the function to be used both at attach and open time.

The function takes an argument to decide if echoing should be enabled.
Echoing should not be enabled for regular physical serial ports
unless they are consoles, in which case they should be configured
by ttyconsolemode() instead.

Use the new function throughout.
2004-10-18 21:51:27 +00:00
Hidetoshi Shimokawa
370f9086a6 Fix warnings on non-i386 arch.
Submitted by: keramida
2004-10-14 00:21:32 +00:00
Hidetoshi Shimokawa
31a5877786 - Split dcons core code and OS dependent code.
- Implement dcons_ischar() and dcons_load_buffer().
- If loader passed a dcons buffer address, keep using it.
	(We still need a patch to cheat memory management system.)
2004-10-13 05:38:42 +00:00
Hidetoshi Shimokawa
898b6e55d2 Invalidate dcons buffer on shutdown. 2004-09-26 01:15:38 +00:00
Hidetoshi Shimokawa
5a11c2d9ea Sync with DragonFly BSD. 2004-09-24 12:43:57 +00:00
Poul-Henning Kamp
672c05d49c Preparation commit for the tty cleanups that will follow in the near
future:

rename ttyopen() -> tty_open() and ttyclose() -> tty_close().

We need the ttyopen() and ttyclose() for the new generic cdevsw
functions for tty devices in order to have consistent naming.
2004-07-15 20:47:41 +00:00
Poul-Henning Kamp
3e019deaed Do a pass over all modules in the kernel and make them return EOPNOTSUPP
for unknown events.

A number of modules return EINVAL in this instance, and I have left
those alone for now and instead taught MOD_QUIESCE to accept this
as "didn't do anything".
2004-07-15 08:26:07 +00:00
Hidetoshi Shimokawa
20021e6afd Re-enable debugger port. 2004-07-13 09:41:45 +00:00
Marcel Moolenaar
ed9c21cd74 Update for the KDB framework:
o  Use kdb_alt_break() to handle the alternate break sequence instead
   of handcoding it here.
o  Remove GDB kluges to make this driver work with the pre-KDB remote
   GDB code.
o  Call kdb_enter() instead of Debugger().

Note that with this commit the dcons(4) driver cannot be used for
remote debugging anymore. This driver has to use the new GDB debug
port interface instead. Such has not been done yet.
2004-07-10 21:02:17 +00:00
Poul-Henning Kamp
f3732fd15b Second half of the dev_t cleanup.
The big lines are:
	NODEV -> NULL
	NOUDEV -> NODEV
	udev_t -> dev_t
	udev2dev() -> findcdev()

Various minor adjustments including handling of userland access to kernel
space struct cdev etc.
2004-06-17 17:16:53 +00:00