Commit Graph

10957 Commits

Author SHA1 Message Date
Robert Watson
c14d15ae3e Remove MAC Framework access control check entry points made redundant with
the introduction of priv(9) and MAC Framework entry points for privilege
checking/granting.  These entry points exactly aligned with privileges and
provided no additional security context:

- mac_check_sysarch_ioperm()
- mac_check_kld_unload()
- mac_check_settime()
- mac_check_system_nfsd()

Add mpo_priv_check() implementations to Biba and LOMAC policies, which,
for each privilege, determine if they can be granted to processes
considered unprivileged by those two policies.  These mostly, but not
entirely, align with the set of privileges granted in jails.

Obtained from:	TrustedBSD Project
2007-04-22 15:31:22 +00:00
Stephan Uphoff
31b4f4a916 Modify TLB invalidation handling.
Reviewed by:	alc@, peter@
MFC after:	1 week
2007-04-21 14:17:30 +00:00
Stephane E. Potvin
0e5179e441 Add support for specifying a minimal size for vm.kmem_size in the loader via
vm.kmem_size_min. Useful when using ZFS to make sure that vm.kmem size will
be at least 256mb (for example) without forcing a particular value via vm.kmem_size.

Approved by: njl (mentor)
Reviewed by: alc
2007-04-21 01:14:48 +00:00
Poul-Henning Kamp
3f17cc74af style nit 2007-04-19 09:18:51 +00:00
Poul-Henning Kamp
cc76e59ded On AMD's Geode LX: Force the TSC to run through core-suspension so we can
use it as a timecounter.

Sponsored by: Soekris Engineering
2007-04-18 10:08:24 +00:00
John Baldwin
88a5255bc4 Honor the BUS_DMA_NOCACHE flag to bus_dmamem_alloc() on amd64 and i386 by
mapping the pages as UC (uncacheable) using pmap_change_attr().

MFC after:	1 week
Requested by:	ariff
Reviewed by:	scottl
2007-04-17 21:05:34 +00:00
Alan Cox
0b76504872 Eliminate the misuse of PG_FRAME to truncate a virtual address to a virtual
page boundary.

Reviewed by: ru@
2007-04-13 16:07:29 +00:00
Alan Cox
1434c1f34b MFamd64
Define PGEX_RSV.
2007-04-12 17:00:56 +00:00
Ruslan Ermilov
f76f6cfd25 Fix PAE on SMP by enabling EFER_NXE on all APs.
Reported by:	kris
Diagnosed by:	alc
2007-04-12 11:05:24 +00:00
Pawel Jakub Dawidek
fef2a25971 Remove trailing '.' for consistency! 2007-04-10 21:40:13 +00:00
Pawel Jakub Dawidek
57bcf75fd2 Add UFS_GJOURNAL options to the GENERIC kernel.
Approved by:	re (kensmith)
2007-04-10 16:49:41 +00:00
Ruslan Ermilov
2e137367b4 Add the PG_NX support for i386/PAE.
Reviewed by:	alc
2007-04-06 18:15:03 +00:00
Jung-uk Kim
357afa7113 MFP4: Turn emul_lock into a mutex.
Submitted by:	rdivacky
2007-04-02 18:38:13 +00:00
John Baldwin
4e7f640dfb Optimize sx locks to use simple atomic operations for the common cases of
obtaining and releasing shared and exclusive locks.  The algorithms for
manipulating the lock cookie are very similar to that rwlocks.  This patch
also adds support for exclusive locks using the same algorithm as mutexes.

A new sx_init_flags() function has been added so that optional flags can be
specified to alter a given locks behavior.  The flags include SX_DUPOK,
SX_NOWITNESS, SX_NOPROFILE, and SX_QUITE which are all identical in nature
to the similar flags for mutexes.

Adaptive spinning on select locks may be enabled by enabling the
ADAPTIVE_SX kernel option.  Only locks initialized with the SX_ADAPTIVESPIN
flag via sx_init_flags() will adaptively spin.

The common cases for sx_slock(), sx_sunlock(), sx_xlock(), and sx_xunlock()
are now performed inline in non-debug kernels.  As a result, <sys/sx.h> now
requires <sys/lock.h> to be included prior to <sys/sx.h>.

The new kernel option SX_NOINLINE can be used to disable the aforementioned
inlining in non-debug kernels.

The size of struct sx has changed, so the kernel ABI is probably greatly
disturbed.

MFC after:	1 month
Submitted by:	attilio
Tested by:	kris, pjd
2007-03-31 23:23:42 +00:00
Jung-uk Kim
46bd727a1e Correct BB-profiling and adjust comments.
Pointed out by:	bde
Reviewed by:	bde
2007-03-31 01:47:37 +00:00
Jung-uk Kim
6a4abad780 Fix off-by-4 error in address validation for i386, reduce PCB reloading, and
fix more style(9) nits.

Pointed out by:	bde
Discussed with:	kib
Reviewd by:	bde
2007-03-30 23:19:08 +00:00
Jung-uk Kim
80f87d5e55 Fix more style(9) nits[1] and remove unnecessary use of '#if !defined(_KERNEL)'.
Pointed out by:	bde[1]
2007-03-30 19:33:53 +00:00
Jung-uk Kim
6403d3a160 Use the same wisdom of sys/i386/i386/support.s 1.97 to remove obfuscation.
Pointed out by:	bde
2007-03-30 18:27:57 +00:00
Jung-uk Kim
a328699b34 MFP4: Linux futex support for amd64.
Initial patch was submitted by kib and additional work was done
by Divacky Roman.

Tested by:	emulation
2007-03-30 01:07:28 +00:00
Julian Elischer
6734f35eac Implement the openat() linux syscall
Submitted by:	Roman Divacky (rdivacky@)
MFC after:	2 weeks
2007-03-29 02:11:46 +00:00
Nick Hibma
f29fa1dfa4 Revisit the watchdogs: Resetting the error to EINVAL after failing to set the
watchdog might hide the succesful arming of an earlier one. Accept that on
failing to arm any watchdog (because of non-supported timeouts) EOPNOTSUPP is
returned instead of the more appropriate EINVAL.

MFC after:	3 days
2007-03-27 21:03:37 +00:00
Kris Kennaway
67eae018cb Remove unnecessary giant acquisition around panic in #ifdef DIAGNOSTIC
code.

# There is some question about whether this code is even relevant any
# longer (it dates back to prehistoric times, i.e. present in r1.1),
# especially on amd64.

Reviewed by:	jhb
2007-03-26 21:45:44 +00:00
Nate Lawson
0d4ac62a35 Add an interface for drivers to be notified of changes to CPU frequency.
cpufreq_pre_change is called before the change, giving each driver a chance
to revoke the change.  cpufreq_post_change provides the results of the
change (success or failure).  cpufreq_levels_changed gives the unit number
of the cpufreq device whose number of available levels has changed.  Hook
in all the drivers I could find that needed it.

* TSC: update TSC frequency value.  When the available levels change, take the
highest possible level and notify the timecounter set_cputicker() of that
freq.  This gets rid of the "calcru: runtime went backwards" messages.
* identcpu: updates the sysctl hw.clockrate value
* Profiling: if profiling is active when the clock changes, let the user
know the results may be inaccurate.

Reviewed by:	bde, phk
MFC after:	1 month
2007-03-26 18:03:29 +00:00
John Baldwin
9a53f6d97a Fix a silly bogon that broke ibcs2_rename().
CID:		1065
Found by:	Coverity Prevent (tm)
Reported by:	netchild
2007-03-26 15:39:49 +00:00
Alan Cox
8a5e898d63 In order to satisfy ACPI's need for an identity mapping, modify the
temporary mapping created by locore so that the lowest two to four
megabytes can become a permanent identity mapping.  This implementation
avoids any use of a large page mapping.
2007-03-24 19:53:22 +00:00
Jung-uk Kim
2be4e4713a Catch up with ACPI-CA 20070320 import. 2007-03-22 18:16:43 +00:00
John Baldwin
d66ff27773 Change the amd64, i386, and ia64 nexus drivers to setup bus space tags and
handles when activating a resource via bus_activate_resource() rather than
doing some of the work in bus_alloc_resource() and some of it in
bus_activate_resource().

One note is that when using isa_alloc_resourcev() on PC-98, drivers now
need to just use bus_release_resource() without explicitly calling
bus_deactivate_resource() first.  nyan@ has already fixed all of the PC-98
drivers.
2007-03-21 15:36:38 +00:00
John Baldwin
b8783b00f8 Add a new apic0 psuedo-device to claim memory resources for the memory
address ranges used by local and I/O APICs in the system.  Some systems
also reserve these ranges as system resources via either PnPBIOS or
ACPI, so this device currently attaches after acpi0 and legacy0 so that
the system resources are given precedence.
2007-03-20 21:53:31 +00:00
John Baldwin
95a07592ee Add a new ram0 pseudo-device that claims memory resouces for physical
addresses corresponding to system RAM.  On amd64 ram0 uses the SMAP
and claims all the type 1 SMAP regions.  On i386 ram0 uses the
dump_avail[] array.  Note that on i386 we have to ignore regions above
4G in PAE kernels since bus resources use longs.
2007-03-20 21:08:39 +00:00
Jung-uk Kim
2498f259d4 - Add macros for newly added CPUID bits in the corresponding header files.
- Use correct capticalization in xTPR as Intel uses in their documents.
- Use proper description instead of vendor code name in comment.
2007-03-20 20:22:45 +00:00
John Baldwin
ce533e82a2 Tweak the probe/attach order of devices on the x86 nexus devices.
Various BIOS-related psuedo-devices are added at an order of 5.  acpi0 is
added at an order of 10, and legacy0 is added at an order of 11.
2007-03-20 20:21:44 +00:00
Sam Leffler
09dce7a13d display two new Intel feature bits
Submitted by:	"Rui Paulo" <rpaulo@gmail.com>
MFC after:	2 weeks
2007-03-19 05:23:42 +00:00
Alan Cox
8cfba7267f Eliminate an unused parameter. 2007-03-17 19:42:06 +00:00
Nate Lawson
9b0df55b61 Create an identity mapping (V=P) super page for the low memory region on
boot.  Then, just switch to the kernel pmap when suspending instead of
allocating/freeing our own mapping every time.  This should solve a panic
of pmap_remove() being called with interrupts disabled.  Thanks to Alan
Cox for developing this patch.

Note: this means that ACPI requires super page (PG_PS) support in the CPU.
This has been present since the Pentium and first documented in the
Pentium Pro.  However, it may need to be revisited later.

Submitted by:	alc
MFC after:	1 month
2007-03-14 22:30:02 +00:00
Jung-uk Kim
ab5916a526 Add another CPUID for AMD CPUs and fix style(9) while I am here. 2007-03-12 20:27:21 +00:00
Alan Cox
c640357f04 Push down the implementation of PCPU_LAZY_INC() into the machine-dependent
header file.  Reimplement PCPU_LAZY_INC() on amd64 and i386 making it
atomic with respect to interrupts.

Reviewed by: bde, jhb
2007-03-11 05:54:29 +00:00
John Baldwin
07bb813626 Defer calling lapic_init() until we've completed the 'MPTable: <...>'
printf.  Otherwise, printfs inside of lapic_init() (such as during a
verbose boot) can uglify the output.
2007-03-09 15:49:57 +00:00
Mohan Srinivasan
f9bb753844 Over NFS, an open() call could result in multiple over-the-wire
GETATTRs being generated - one from lookup()/namei() and the other
from nfs_open() (for cto consistency). This change eliminates the
GETATTR in nfs_open() if an otw GETATTR was done from the namei()
path. Instead of extending the vop interface, we timestamp each attr
load, and use this to detect whether a GETATTR was done from namei()
for this syscall. Introduces a thread-local variable that counts the
syscalls made by the thread and uses <pid, tid, thread syscalls> as
the attrload timestamp. Thanks to jhb@ and peter@ for a discussion on
thread state that could be used as the timestamp with minimal overhead.
2007-03-09 04:02:38 +00:00
Scott Long
94e6bc303f Don't increment total_bounced when doing no-op dmamap_sync ops. 2007-03-06 18:28:43 +00:00
John Baldwin
4c5bec1161 Change the x86 interrupt code to use FreeBSD CPU IDs (i.e. PCPU_GET(cpuid))
rather than local APIC IDs to keep track of CPUs which can handle
interrupts.
2007-03-06 17:16:47 +00:00
John Baldwin
6cd68eaa7e Trim trailing whitespace. 2007-03-05 22:27:55 +00:00
Alan Cox
8da3fc95a7 Acquiring smp_ipi_mtx on every call to pmap_invalidate_*() is wasteful.
For example, during a buildworld more than half of the calls do not
generate an IPI because the only TLB entry invalidated is on the calling
processor.  This revision pushes down the acquisition and release of
smp_ipi_mtx into smp_tlb_shootdown() and smp_targeted_tlb_shootdown() and
instead uses sched_pin() and sched_unpin() in pmap_invalidate_*() so that
thread migration doesn't lead to a missed TLB invalidation.

Reviewed by: jhb
MFC after: 3 weeks
2007-03-05 21:40:10 +00:00
John Baldwin
aa7a005ee0 Use vm_paddr_t rather than uintptr_t when passing the physical address of
APICs to lapic_init() and ioapic_create().
2007-03-05 20:35:17 +00:00
John Baldwin
db181dc741 Add a simple device driver to "eat" any I/O APICs that show up as PCI
devices.

MFC after:	1 week
2007-03-05 16:22:49 +00:00
Bruce Evans
d78180f8f5 Partial fix for a bug in rev.1.231. If suspend/resume clobbers the
RTC state, then it may clobber the RTC index register, so the index
register must be restored before using it to restore control registers
in rtc_restore().

The following problems remain:
- rtc_restore() is only called if pmtimer is configured.  Buggy
  suspend/resumes are more likely to clobber the index register than
  a control register, so pmtimer is more needed than it used to be.
- pmtimer doesn't exist for amd64.
- Restoring of the RTC state may race with rtcintr().  If an RTC
  interrupt is handled before the state is restored, then rtcin(RTC_INTR)
  in rtcintr() may read from the wrong register, so rtcintr() may spin
  forever.  This may be mitigated by the most common state clobbering
  being to turn off RTC interrupts.
2007-03-05 09:10:17 +00:00
Yoshihiro Takahashi
de038d5ffc style(9). 2007-03-04 04:55:19 +00:00
Jung-uk Kim
a4e3bad794 MFP4: 115220, 115222
- Fix style(9) and reduce diff between amd64 and i386.
- Prefix Linuxulator macros with LINUX_ to prevent future collision.
2007-03-02 00:08:47 +00:00
John Baldwin
4d70511ac3 Use pause() rather than tsleep() on stack variables and function pointers. 2007-02-27 17:23:29 +00:00
Jung-uk Kim
6a5964d385 MFP4: 115094
Linux does not check file descriptor when MAP_ANONYMOUS is set.
This should fix recent LTP test regressions.

Reported by:	Scot Hetzel (swhetzel at gmail dot com)
		netchild
2007-02-27 02:08:01 +00:00
Alexander Leidinger
802e08a360 Partial MFp4 of 114977:
Whitespace commit: Fix grammar, spelling and punctuation.

Submitted by:	"Scot Hetzel" <swhetzel@gmail.com>
2007-02-24 16:49:25 +00:00