11758 Commits

Author SHA1 Message Date
Matthew D Fleming
d7854da193 Add MALLOC_DEBUG_MAXZONES debug malloc(9) option to use multiple uma
zones for each malloc bucket size.  The purpose is to isolate
different malloc types into hash classes, so that any buffer overruns
or use-after-free will usually only affect memory from malloc types in
that hash class.  This is purely a debugging tool; by varying the hash
function and tracking which hash class was corrupted, the intersection
of the hash classes from each instance will point to a single malloc
type that is being misused.  At this point inspection or memguard(9)
can be used to catch the offending code.

Add MALLOC_DEBUG_MAXZONES=8 to -current GENERIC configuration files.
The suggestion to have this on by default came from Kostik Belousov on
-arch.

This code is based on work by Ron Steinke at Isilon Systems.

Reviewed by:    -arch (mostly silence)
Reviewed by:    zml
Approved by:    zml (mentor)
2010-07-28 15:36:12 +00:00
Alan Cox
a14a949872 The interpreter name should no longer be treated as a buffer that can be
overwritten.  (This change should have been included in r210545.)

Submitted by:	kib
2010-07-28 04:47:40 +00:00
Alan Cox
2af6e14d39 Introduce exec_alloc_args(). The objective being to encapsulate the
details of the string buffer allocation in one place.

Eliminate the portion of the string buffer that was dedicated to storing
the interpreter name.  The pointer to the interpreter name can simply be
made to point to the appropriate argument string.

Reviewed by:	kib
2010-07-27 17:31:03 +00:00
Alan Cox
9e4e511499 Change the order in which the file name, arguments, environment, and
shell command are stored in exec*()'s demand-paged string buffer.  For
a "buildworld" on an 8GB amd64 multiprocessor, the new order reduces
the number of global TLB shootdowns by 31%.  It also eliminates about
330k page faults on the kernel address space.

Change exec_shell_imgact() to use "args->begin_argv" consistently as
the start of the argument and environment strings.  Previously, it
would sometimes use "args->buf", which is the start of the overall
buffer, but no longer the start of the argument and environment
strings.  While I'm here, eliminate unnecessary passing of "&length"
to copystr(), where we don't actually care about the length of the
copied string.

Clean up the initialization of the exec map.  In particular, use the
correct size for an entry, and express that size in the same way that
is used when an entry is allocated.  The old size was one page too
large.  (This discrepancy originated in 2004 when I rewrote
exec_map_first_page() to use sf_buf_alloc() instead of the exec map
for mapping the first page of the executable.)

Reviewed by:	kib
2010-07-25 17:43:38 +00:00
Alan Cox
69a8f9e3d1 Eliminate a little bit of duplicated code. 2010-07-23 18:58:27 +00:00
Andriy Gapon
676799a00d completely ignore zero-sized elf sections in modules of elf object type (amd64)
Current code doesn't check size of elf sections and may perform needless
actions of zero-sized memory allocation and similar.
The bigger issue is that alignment requirement of a zero-sized section
gets effectively applied to the next section if it has smaller alignment
requirement.  But other tools, like gdb and consequently kgdb,
completely ignore zero-sized sections and thus may map symbols to
addresses differently.

Zero-sized sections are not typical in general.
Their typical (only, even) cause in FreeBSD modules is inline assembly that
creates custom sections which is found in pcpu.h and vnet.h.  Mere inclusion
of one of those header files produces a custom section in elf output.
If there is no actual use for the section in a given module, then the
section remains empty.

Better solution is to avoid creating zero-sized sections altogether,
which is in plans.

Preloaded modules are handled in boot code (load_elf_obj.c), while
dynamically loaded modules are handled by kernel (link_elf_obj.c).

Based on code by:	np
MFC after:		3 weeks
2010-07-23 17:07:51 +00:00
Andriy Gapon
dac509311f cpufreq: allocate long-lived buffer for handling of sysctl requests
At present the cpufreq sysctl handler for current level setting would
allocate and deallocate a temporary buffer of 24KB even to handle a
read-only query.  This puts unnecessary load on memory subsystem when
current level is checked frequently, e.g. when the likes of powerd
and system monitoring software are running.
Change the strategy to allocating a long-lived buffer for handling the
requests.

Reviewed by:	njl
MFC after:	2 weeks
2010-07-23 16:46:42 +00:00
Ivan Voras
984c64736c Make lorunningspace catch up with hirunningspace.
While there, add comment about the magic numbers.

Prodded by:	alc
2010-07-23 12:30:29 +00:00
Matthew D Fleming
033459c8f1 Remove unused variable that snuck in during development.
Approved by:    zml (mentor)
2010-07-22 17:23:43 +00:00
Matthew D Fleming
242ed5d96c Fix taskqueue_drain(9) to not have false negatives. For threaded
taskqueues, more than one task can be running simultaneously.

Also make taskqueue_run(9) static to the file, since there are no
consumers in the base kernel and the function signature needs to change
with this fix.

Remove mention of taskqueue_run(9) and taskqueue_run_fast(9) from the
taskqueue(9) man page.

Reviewed by:    jhb
Approved by:    zml (mentor)
2010-07-22 16:41:09 +00:00
Konstantin Belousov
87d45a0392 When compat32 binary asks for the value of hw.machine_arch, report the
name of 32bit sibling architecture instead of the host one. Do the
same for hw.machine on amd64.

Add a safety belt debug.adaptive_machine_arch sysctl, to turn the
substitution off.

Reviewed by:	jhb, nwhitehorn
MFC after:	2 weeks
2010-07-22 09:13:49 +00:00
Edward Tomasz Napierala
175389cff2 Remove spurious '/*-' marks and fix some other style problems.
Submitted by:	bde@
2010-07-22 05:42:29 +00:00
Alexander Motin
e88f9fb47f Use proper sysctl type (quad) for et_frequency. It fixes output on sparc64. 2010-07-21 12:23:49 +00:00
Attilio Rao
4e55157fa4 Probabilly defaulting to KTR_GEN is not the right decision when KTR_MASK
is not defined at all because KTR_GEN is still a valid class and some
traces may fit in. Default to 0, instead, and block any tracing.

As long as this is a POLA violation (some thirdy-part code, even if
that may be a questionable choice, could be rely on that feature) a
MFC possibility might be carefully evaluated.

Sponsored by:	Sandvine Incorporated
2010-07-21 10:14:04 +00:00
Alexander Motin
599cf0f197 Fix several un-/signedness bugs of r210290 and r210293. Add one more check. 2010-07-20 15:48:29 +00:00
Ivan Voras
b089a17737 Fix expression style.
Prodded by: jhb
2010-07-20 13:59:51 +00:00
Alexander Motin
51636352b6 Extend timer driver API to report also minimal and maximal supported period
lengths. Make MI wrapper code to validate periods in request. Make kernel
clock management code to honor these hardware limitations while choosing hz,
stathz and profhz values.
2010-07-20 10:58:56 +00:00
David Xu
212bc4b337 Fix function name in error messages. 2010-07-20 02:23:12 +00:00
Edward Tomasz Napierala
1a996ed1d8 Revert r210225 - turns out I was wrong; the "/*-" is not license-only
thing; it's also used to indicate that the comment should not be automatically
rewrapped.

Explained by:	cperciva@
2010-07-18 20:57:53 +00:00
Edward Tomasz Napierala
805cc58ac0 The "/*-" comment marker is supposed to denote copyrights. Remove non-copyright
occurences from sys/sys/ and sys/kern/.
2010-07-18 20:23:10 +00:00
Edward Tomasz Napierala
eea4ac8b3f Remove outdated comment and move part of it into more applicable place. 2010-07-18 19:29:12 +00:00
Ivan Voras
1de98e0687 In keeping with the Age-of-the-fruitbat theme, scale up hirunningspace on
machines which can clearly afford the memory.

This is a somewhat conservative version of the patch - more fine tuning may be
necessary.

Idea from: Thread on hackers@
Discussed with: alc
2010-07-18 10:15:33 +00:00
John Baldwin
f2a664ac97 Retire td_syscalls now that it is no longer needed. 2010-07-15 20:24:37 +00:00
Ivan Voras
611daf7e62 A cosmetic change - don't output empty <flags>. 2010-07-15 13:46:30 +00:00
Alexander Motin
43fe7d458a Rename timeevents.c to kern_clocksource.c.
Suggested by:	jhb@
2010-07-14 18:43:27 +00:00
John Baldwin
a3052d6e08 - Document layout of KTR_STRUCT payload in a comment.
- Simplify ktrstruct() calling convention by having ktrstruct() use
  strlen() rather than requiring the caller to hand-code the length of
  constant strings.

MFC after:	1 month
2010-07-14 17:38:01 +00:00
Alexander Motin
28ab822d8a Move timeevents.c to MI code, as it is not x86-specific. I already have
it working on Marvell ARM SoCs, and it would be nice to unify timer code
between more platforms.
2010-07-14 13:31:27 +00:00
Colin Percival
32a8b1d832 Correctly copy the M_RDONLY flag when duplicating a reference
to an mbuf external buffer.

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-10:07.mbuf
2010-07-13 02:45:17 +00:00
Jung-uk Kim
4a82f10889 Use type-specific inline function imax() instead of deprecated macro MAX().
Prodded by:	bde
2010-07-12 15:32:45 +00:00
Alan Cox
2882388376 Change the implementation of vm_hold_free_pages() so that it performs at
most one call to pmap_qremove(), and thus one TLB shootdown, instead of one
call and TLB shootdown per page.

Simplify the interface to vm_hold_free_pages().

MFC after:	3 weeks
2010-07-11 20:11:44 +00:00
Alexander Motin
3bc5958c0e Remove interval validation from cpu_tick_calibrate(). As I found, check
was needed at preliminary version of the patch, where number of CPU ticks
was divided strictly on 16 seconds. Final code instead uses real interval
duration, so precise interval should not be important. Same time aliasing
issues around second boundary causes false positives, periodically logging
useless "t_delta ... too long/short" messages when HZ set below 256.
2010-07-11 16:47:45 +00:00
Alan Cox
b99348e5ea Add support for the VM_ALLOC_COUNT() hint to vm_page_alloc(). Consequently,
the maintenance of vm_pageout_deficit can be localized to just two places:
vm_page_alloc() and vm_pageout_scan().

This change also corrects an off-by-one error in the maintenance of
vm_pageout_deficit.  Historically, the buffer cache functions, allocbuf()
and vm_hold_load_pages(), have not taken into account that vm_page_alloc()
already increments vm_pageout_deficit by one.

Reviewed by:	kib
2010-07-09 19:38:30 +00:00
John Baldwin
e113db82af Accidentally committed an older version of this comment rather than the
final one.
2010-07-09 13:59:53 +00:00
John Baldwin
07b183388a Refine a comment.
Reviewed by:	bde
2010-07-09 13:53:25 +00:00
Jaakko Heinonen
831aa555de Remove redundant high >= 0.
Reported by:	rstone
2010-07-09 10:57:55 +00:00
Jung-uk Kim
4624e08a59 Implement optional 'precision' for numbers. Previously, it was parsed but
ignored.  Some third-party modules (e.g., APCICA) prefer this format over
zero padding flag '0'.
2010-07-08 22:13:23 +00:00
John Baldwin
fc8cca02c7 - Various style and whitespace fixes.
- Make sugid_coredump and kern_logsigexit private to kern_sig.c.

Submitted by:	bde (partially)
MFC after:	1 month
2010-07-08 19:15:26 +00:00
Jaakko Heinonen
501812f2c5 Assert that low and high are >= 0. The allocator doesn't support the
negative range.
2010-07-08 16:53:19 +00:00
Attilio Rao
631cb86f11 - Simplify logic in handling ticks wrap-up
- Fix a bug where thread may be in sleeping state but the wchan won't
  be set, leading to an empty container for sleepq_type(). [0]

Sponsored by:		Sandvine Incorporated
[0] Submitted by:	Bryan Venteicher
			<bryanv at daemoninthecloset dot org>
MFC after:		3 days
X-MFC:			209577
2010-07-07 12:00:11 +00:00
Konstantin Belousov
aa81ae08e9 In revoke(), verify that VCHR vnode indeed belongs to devfs.
Found and tested by:	pho
MFC after:	1 week
2010-07-06 18:20:49 +00:00
Ed Schouten
822eb2b050 Fix a race condition, where a TTY could be destroyed twice.
There are special cases where tty_rel_free() can be called twice in a
row, namely when closing and revoking the TTY at the same moment. Only
call destroy_dev_sched_cb() once.

Reported by:	Jeremie Le Hen
MFC after:	1 week
2010-07-06 08:56:34 +00:00
Konstantin Belousov
5f195aa32e Add the ability for the allocflag argument of the vm_page_grab() to
specify the increment of vm_pageout_deficit when sleeping due to page
shortage. Then, in allocbuf(), the code to allocate pages when extending
vmio buffer can be replaced by a call to vm_page_grab().

Suggested and reviewed by:	alc
MFC after:	2 weeks
2010-07-05 21:13:32 +00:00
Jaakko Heinonen
13c02cbb18 Extend the kernel unit number allocator for allocating specific unit
numbers. This change adds a new function alloc_unr_specific() which
returns the requested unit number if it is free. If the number is
already allocated or out of the range, -1 is returned.

Update alloc_unr(9) manual page accordingly and add a MLINK for
alloc_unr_specific(9).

Discussed on:	freebsd-hackers
2010-07-05 16:23:55 +00:00
Konstantin Belousov
34a39b7b1f Obey sv_syscallnames bounds in syscallname().
Reported and tested by:	pho
2010-07-04 18:16:17 +00:00
Konstantin Belousov
8a26007903 Extend ptrace(PT_LWPINFO) to report siginfo for the signal that caused
debugee stop. The change should keep the ABI. Take care of compat32.

Discussed with:	davidxu, jhb
MFC after:	2 weeks
2010-07-04 11:48:30 +00:00
Alan Cox
41890423b6 Use vm_page_next() instead of vm_page_lookup() in exec_map_first_page()
because vm_page_next() is faster.
2010-07-02 15:50:30 +00:00
John Baldwin
fc0de8f0b6 Move prototypes for kern_sigtimedwait() and kern_sigprocmask() to
<sys/syscallsubr.h> where all other kern_<syscall> prototypes live.
2010-06-30 18:03:42 +00:00
John Baldwin
418a27e99e Update comment for tdsignal() -> tdsendsignal() rename. Forgot to include
this in 209592.
2010-06-30 18:00:45 +00:00
Alan Cox
f4b9ace4f8 Improve bufdone_finish()'s handling of the bogus page. Specifically, if
one or more mappings to the bogus page must be replaced, call pmap_qenter()
just once.  Previously, pmap_qenter() was called for each mapping to the
bogus page.

MFC after:	3 weeks
2010-06-30 04:52:42 +00:00
John Baldwin
7a6f3d7890 Send SIGPIPE to the thread that issued the offending system call
rather than to the entire process.

Reported by:	Anit Chakraborty
Reviewed by:	kib, deischen (concept)
MFC after:	1 week
2010-06-29 20:44:19 +00:00