87946 Commits

Author SHA1 Message Date
Matthew N. Dodd
09139a4537 Implement support for RFC 3514 (The Security Flag in the IPv4 Header).
(See: ftp://ftp.rfc-editor.org/in-notes/rfc3514.txt)

This fulfills the host requirements for userland support by
way of the setsockopt() IP_EVIL_INTENT message.

There are three sysctl tunables provided to govern system behavior.

	net.inet.ip.rfc3514:

		Enables support for rfc3514.  As this is an
		Informational RFC and support is not yet widespread
		this option is disabled by default.

	net.inet.ip.hear_no_evil

		 If set the host will discard all received evil packets.

	net.inet.ip.speak_no_evil

		If set the host will discard all transmitted evil packets.

The IP statistics counter 'ips_evil' (available via 'netstat') provides
information on the number of 'evil' packets recieved.

For reference, the '-E' option to 'ping' has been provided to demonstrate
and test the implementation.
2003-04-01 08:21:44 +00:00
Poul-Henning Kamp
c8d01707ba Fix KASSERT syntax errors.
Please compile LINT before commiting.
2003-04-01 08:10:21 +00:00
Poul-Henning Kamp
4a1e273c48 Remove the old config interface, the new OAM is sufficiently functional
now.
2003-04-01 07:33:56 +00:00
Poul-Henning Kamp
dfb99a70d8 Remove the old config interface now that the new OAM is functional. 2003-04-01 07:33:17 +00:00
Jeff Roberson
7a57e9abdd - Adjust the makefiles so we have a per architecture makefile. 2003-04-01 07:07:38 +00:00
Jake Burkholder
73adf5691f - Add a flags field to struct pcb. Use this to keep track of wether or
not the pcb has floating point registers saved in it.
- Implement get_mcontext and set_mcontext.
2003-04-01 04:58:50 +00:00
Jeff Roberson
42d3ad7144 - Spell SIGSETOR correctly. 2003-04-01 04:49:12 +00:00
Jake Burkholder
404221fe55 - Don't allow tf_wstate to be set in set_regs.
- Clear FPRS_FEF in set_fpregs so the new registers will be reloaded.
2003-04-01 04:29:03 +00:00
Jake Burkholder
8fe20fdafa Implement cpu_set_upcall. 2003-04-01 04:19:29 +00:00
Jake Burkholder
f217a77ce4 - Rename pcb_fpstate to pcb_ufp (user floating point), and change it to
a simple array of 64 ints.
- Use a critical section when saving floating point state in cpu_fork
  instead of sched_lock.
2003-04-01 04:02:45 +00:00
Jeff Roberson
70d5093a8b - Commit the forgotten libthr/sys bits. 2003-04-01 03:51:08 +00:00
Jeff Roberson
bb535300dd - Add libthr but don't hook it up to the regular build yet. This is an
adaptation of libc_r for the thr system call interface.  This is beta
   quality code.
2003-04-01 03:46:29 +00:00
Jake Burkholder
e50173aeaa Rename pcb_fp to pcb_sp, so as to not be confused with floating point
state.
2003-04-01 03:05:46 +00:00
Tim J. Robbins
a968deece9 Specify the M_WAITOK flag explicitly in the MALLOC call to silence a
runtime warning ("Bad malloc flags: 0").
2003-04-01 02:47:09 +00:00
Tim J. Robbins
788fc48e32 Give the M_WAITOK flag explicitly to the MALLOC call to silence a runtime
warning ("Bad malloc flags: 0").
2003-04-01 02:42:02 +00:00
Jake Burkholder
a31794d553 Implement casuptr. 2003-04-01 02:37:04 +00:00
Jeff Roberson
4518589564 - Regen. 2003-04-01 02:34:21 +00:00
Jeff Roberson
8446303e01 - thr_exit() should no longer be called with Giant held. 2003-04-01 02:32:53 +00:00
Jeff Roberson
f27bf63b8a - Mark the various thr syscalls as MP safe. Previously there was a bug if
this was not done since thr_exit() unwinds giant.
2003-04-01 02:32:07 +00:00
Jeff Roberson
2c10d16a4b - Borrow the KSE single threading code for exec and exit. We use the check
if (p->p_numthreads > 1) and not a flag because action is only necessary
   if there are other threads.  The rest of the system has no need to
   identify thr threaded processes.
 - In kern_thread.c use thr_exit1() instead of thread_exit() if P_THREADED
   is not set.
2003-04-01 01:26:20 +00:00
Jeff Roberson
8af830c374 - Regen for umtx. 2003-04-01 01:22:18 +00:00
Jeff Roberson
a0704f9de9 - Add thr and umtx system calls. 2003-04-01 01:15:56 +00:00
Jeff Roberson
404c3ad471 - Add the kern_umtx.c file to the build. 2003-04-01 01:13:29 +00:00
Jeff Roberson
6eeb9653aa - Include umtx.h in files generated by makesyscalls.sh
- Add system calls for umtx.
2003-04-01 01:12:24 +00:00
Jeff Roberson
7f49f8e05b - Add an entry and a head for the queue of threads blocked on a umtx.
- Add a prototype for thr_exit1().
2003-04-01 01:11:22 +00:00
Jeff Roberson
69404b5090 - Add an api for doing smp safe locks in userland.
- umtx_lock() is defined as an inline in umtx.h.  It tries to do an
   uncontested acquire of a lock which falls back to the _umtx_lock()
   system-call if that fails.
 - umtx_unlock() is also an inline which falls back to _umtx_unlock() if the
   uncontested unlock fails.
 - Locks are keyed off of the thr_id_t of the currently running thread which
   is currently just the pointer to the 'struct thread' in kernel.
 - _umtx_lock() uses the proc pointer to synchronize access to blocked thread
   queues which are stored in the first blocked thread.
2003-04-01 01:10:42 +00:00
Jeff Roberson
90e38817b7 - We now have to include umtx.h and ucontext.h in the system call related
headers.
2003-04-01 00:35:12 +00:00
Jeff Roberson
d4a63cb9c8 - Regen for thr related system calls. 2003-04-01 00:34:29 +00:00
Jeff Roberson
8d5377e538 - Add the four thr related system calls. 2003-04-01 00:31:37 +00:00
Jeff Roberson
f00fea89ca - Add kern_thr.c 2003-04-01 00:30:54 +00:00
Jeff Roberson
89bb1cef1d - Add two files to support the thr threading interface.
- sys/thr.h contains the user space visible api that is intended only for
   use in threading library packages.
 - kern/kern_thr.c contains thr system calls and other thr specific code.
2003-04-01 00:30:30 +00:00
Jeff Roberson
b8db34d280 - Define a new md function 'casuptr'. This atomically compares and sets
a pointer that is in user space.  It will be used as the basic primitive
   for a kernel supported user space lock implementation.
 - Implement this function in x86's support.s
 - Provide stubs that return -1 in all other architectures.  Implementations
   will follow along shortly.

Reviewed by:	jake
2003-04-01 00:18:55 +00:00
Jeff Roberson
fb8aaa76c7 - In npxgetregs() use the td argument to save the fpu state from and not
curthread.  Nothing currently depends on this behavior.
 - Clean up an extra newline.

Obtained from:	bde
2003-04-01 00:16:32 +00:00
Jeff Roberson
a9b34138dc - Add a placeholder for sigwait 2003-03-31 23:36:40 +00:00
Jeff Roberson
722547925e - Regen for the sig*wait* system calls. 2003-03-31 23:33:45 +00:00
Jeff Roberson
55d9ba3eac - According to mike@FreeBSD.org SIGTHR should be hiden by
#ifdef __BSD_VISIBLE
2003-03-31 23:31:50 +00:00
Jeff Roberson
a447cd8b28 - Define sigwait, sigtimedwait, and sigwaitinfo in terms of
kern_sigtimedwait() which is capable of supporting all of their semantics.
 - These should be POSIX compliant but more careful review is needed before
   we announce this.
2003-03-31 23:30:41 +00:00
Thomas Quinot
da4898b1d7 Revert change 1.201 (removing mapping of VAPPEND to VWRITE).
Instead, use the generic vaccess() operation to determine whether
an operation is permitted. This avoids embedding knowledge on
vnode permission bits such as VAPPEND in the NFS client.

PR:		kern/46515
vaccess() patch submitted by:	"Peter Edwards" <pmedwards@eircom.net>
Approved by:	tjr, roberto (mentor)
2003-03-31 23:26:10 +00:00
Jeff Roberson
31a9779e5d - Catch up with kernel signal changes. 2003-03-31 22:57:55 +00:00
Jeff Roberson
b716dd84b3 - The siglist in the proc holds signals that were blocked by all threads
when they were delivered.  In signotify() check to see if we have
   unblocked any of those signals and post them to the thread.
 - Use td_sigmask instead of p_sigmask in all cases.
 - In sigpending return both signals pending on the thread and proc.
 - Define a function, sigtd(), that finds the appropriate thread to deliver
   the signal to if psignal() has been called instead of tdsignal().
 - Define a function, tdsignal(), that delivers a signal to a specific thread
   or if that thread has the signal blocked it may deliver it to the process
   where it will wait for a thread to unblock it.
 - Since we are delivering signals to a specific thread we do not need to
   abort the sleep of all threads.
 - Rename the old tdsignal() to tdsigwakeup().
 - Save and restore the old signal mask to and from the thread.
2003-03-31 22:57:01 +00:00
Jeff Roberson
c5c34c0a76 - Move the NEEDSIGCHK and OLDMASK flags from proc to thread.
- Move the signal mask to the thread.
 - Adjust a few comments.
2003-03-31 22:51:19 +00:00
Jeff Roberson
4093529dee - Move p->p_sigmask to td->td_sigmask. Signal masks will be per thread with
a follow on commit to kern_sig.c
 - signotify() now operates on a thread since unmasked pending signals are
   stored in the thread.
 - PS_NEEDSIGCHK moves to TDF_NEEDSIGCHK.
2003-03-31 22:49:17 +00:00
Julian Elischer
0d49bb4b30 Do NOT return from an non-interruptable cv_wait, falsely
claiming to have timed out. I don't know what I was thinking..
2003-03-31 22:41:47 +00:00
Jeff Roberson
a35394bd84 - Fix two calls to trapsignal() that were still passing in 'struct proc'.
These were missed in my last commit.
2003-03-31 22:41:32 +00:00
Jeff Roberson
90176341c3 - Add a signal for thread synchronization. Add an XXX so that maybe
someone more knowledgeable on standards defined namespaces may ifdef
   this out.
2003-03-31 22:30:08 +00:00
Jeff Roberson
da33176f39 - Mark signals which may be delivered to any thread in the process with
SA_PROC.  Signals without this flag should be directed to a particular
   thread if this is possible.
2003-03-31 22:12:09 +00:00
Jeff Roberson
1bf4700bff - Change trapsignal() to accept a thread and not a proc.
- Change all consumers to pass in a thread.

Right now this does not cause any functional changes but it will be important
later when signals can be delivered to specific threads.
2003-03-31 22:02:38 +00:00
Jeff Roberson
772e5d8d88 - Use sigexit() instead of twiddling the signal mask, catch, ignore, and
action bits to allow SIGILL to work as expected.  This brings this file in
   line with other architectures.
2003-03-31 21:40:47 +00:00
Wes Peters
f4cf2141f6 Add a facility allowing processes to inform the VM subsystem they are
critical and should not be killed when pageout is looking for more
memory pages in all the wrong places.

Reviewed by:	arch@
Sponsored by:	St. Bernard Software
2003-03-31 21:09:57 +00:00
John Baldwin
59f47d29b7 Add missing ()'s so that these drivers all compile again.
Noticed by:	jake
Tested on:	i386 (compile)
2003-03-31 20:22:00 +00:00