checking the returned oldlen: when ENOMEM is due to the supplied
buffer being too short the return oldlen is equal to buffer size.
Without this additional check kvm_getprocs() gets stuck in loop if the
returned ENOMEM was due the exceeded memorylocked limit. This is
easily can be observed running `limits -l 1k top'.
Submitted by: Andrey Zonov <andrey zonov org>
MFC after: 1 week
requested value was handled incorrectly, and the function retuned NULL
instead of the truncated result.
Fix this and also remove unnecessary check for buf != NULL, which alway
retuns true.
MFC after: 3 days
o get the physical address and size of the PBVM page table. This
can be found in the bootinfo structure, of which the physical
address is recorded as the ELF entry point.
o translate region 4 virtual addresses to physical addresses using
the PBVM page table.
In _kvm_kvatop() make the distinction between physical address and
core file offset a little clearer to avoid confusion. To further
enhance readability, always store the translated address into pa
so that it's obvious how the translation from va to pa happened.
Approved by: re (blanket)
mask of CPUs, pc_other_cpus and pc_cpumask become highly inefficient.
Remove them and replace their usage with custom pc_cpuid magic (as,
atm, pc_cpumask can be easilly represented by (1 << pc_cpuid) and
pc_other_cpus by (all_cpus & ~(1 << pc_cpuid))).
This change is not targeted for MFC because of struct pcpu members
removal and dependency by cpumask_t retirement.
MD review by: marcel, marius, alc
Tested by: pluknet
MD testing by: marcel, marius, gonzo, andreast
as long as this does not happen, we need to fix interfaces to userland
in order to not break run-time accesses to the structure.
Reviwed by: kib
Tested by: pluknet
Fix a long standing bug, where the procs ticks where assumed to be in
us. Instead, read cpu_tick_frequency from the kernel and use the same
logic to convert runtime. This is still too optimistic in that it
assumes cpu_tick_frequency is available and fixed. Since this function
is only called on crashdumps, I think we can live with that. Testing has
shown the values to be correct for different kern.hz inside Virtualbox.
Bump WARNS. Alignment issues on some archs mean this is still at 3.
Reviewed by: bde
- make WARNS=6 clean for archs w/o strict alignment requirments
- add const, ANSIfy, remove unused vars, cast types for comparison
- thanks to differing definitions of VM_MIN_ADDRESS across our archs, we
need to trick the compiler to not complain about signedness. We could
either fix VM_MIN_ADDRESS to always be a simple integer or make the
check conditional on $ARCH.
Closes PRs: kern/42386, kern/83364
Reviewed by: bde
After KVA space was increased to 512GB on amd64 it became impractical
to use PTEs as entries in the minidump map of dumped pages, because size
of that map alone would already be 1GB.
Instead, we now use PDEs as page map entries and employ two stage lookup
in libkvm: virtual address -> PDE -> PTE -> physical address. PTEs are
now dumped as regular pages. Fixed page map size now is 2MB.
libkvm keeps support for accessing amd64 minidumps of version 1.
Support for 1GB pages is added.
Many thanks to Alan Cox for his guidance, numerous reviews, suggestions,
enhancments and corrections.
Reviewed by: alc [kernel part]
MFC after: 15 days
Additionally, because of sysctl(3) use (which is generally good), behaviour
for crash dumps differs slightly from behaviour for live kernels and this
will probably never be fixed entirely, so weaken that claim.
MFC after: 1 week
(DPCPU):
A new API, kvm_dpcpu_setcpu(3), selects the active CPU for the purposes
of DPCPU. Calls to kvm_nlist(3) will automatically translate DPCPU
symbols and return a pointer to the current CPU's version of the data.
Consumers needing to read the same symbol on several CPUs will invoke a
series of setcpu/nlist calls, one per CPU of interest.
This addition makes it possible for tools like netstat(1) to query the
values of DPCPU variables during crashdump analysis, and is based on
similar code handling virtualized global variables.
MFC after: 1 week
Sponsored by: Juniper Networks, Inc.
Similar to libexec/, do the same with lib/. Make WARNS=6 the norm and
lower it when needed.
I'm setting WARNS?=0 for secure/. It seems secure/ includes the
Makefile.inc provided by lib/. I'm not going to touch that directory.
Most of the code there is contributed anyway.
in a seperate array. As such we need to use kvm_read rather than bcopy
to populate the ki_groups field.
This fixes a crash when running ps -ax on a coredump.
Reported by: brucec
Tested by: brucec
MFC after: 3 days
value the kernel calculated directly as we already read it
with struct vnet. This will make kvm_vnet.c more resilent
in case of possible kernel changes.
Reviewed by: rwatson
Approved by: re (kib)
vnet.h, we now use jails (rather than vimages) as the abstraction
for virtualization management, and what remained was specific to
virtual network stacks. Minor cleanups are done in the process,
and comments updated to reflect these changes.
Reviewed by: bz
Approved by: re (vimage blanket)
in up to 16 (KI_NGROUPS) values and steal a bit from ki_cr_flags
(all bits currently unused) to indicate overflow with the new flag
KI_CRF_GRP_OVERFLOW.
This fixes procstat -s.
Approved by: re (kib)
without VIMAGE virtualization in the kernel.
If we cannot resolve a symbol try to see if we can find it with
prefix of the virtualized subsystem, currently only "vnet_entry"
by identifying either the vnet of the current process for a
live system or the vnet of proc0 (or of dumptid if compiled
in a non-default way).
The way this is done currently allows us to only touch libkvm
but no single application. Once we are going to virtualize more
subsystems we will have to review this decision for better scaling.
Submitted by: rwatson (initial version of kvm_vnet.c, lots of ideas)
Reviewed by: rwatson
Approved by: re (kib)
NGROUPS_MAX, eliminate ABI dependencies on them, and raise the to 1024
and 1023 respectively. (Previously they were equal, but under a close
reading of POSIX, NGROUPS_MAX was defined to be too large by 1 since it
is the number of supplemental groups, not total number of groups.)
The bulk of the change consists of converting the struct ucred member
cr_groups from a static array to a pointer. Do the equivalent in
kinfo_proc.
Introduce new interfaces crcopysafe() and crsetgroups() for duplicating
a process credential before modifying it and for setting group lists
respectively. Both interfaces take care for the details of allocating
groups array. crsetgroups() takes care of truncating the group list
to the current maximum (NGROUPS) if necessary. In the future,
crsetgroups() may be responsible for insuring invariants such as sorting
the supplemental groups to allow groupmember() to be implemented as a
binary search.
Because we can not change struct xucred without breaking application
ABIs, we leave it alone and introduce a new XU_NGROUPS value which is
always 16 and is to be used or NGRPS as appropriate for things such as
NFS which need to use no more than 16 groups. When feasible, truncate
the group list rather than generating an error.
Minor changes:
- Reduce the number of hand rolled versions of groupmember().
- Do not assign to both cr_gid and cr_groups[0].
- Modify ipfw to cache ucreds instead of part of their contents since
they are immutable once referenced by more than one entity.
Submitted by: Isilon Systems (initial implementation)
X-MFC after: never
PR: bin/113398 kern/133867
support for virtual core files (aka minidumps). physical core
files are not supported.
The implementation is cross-tool ready and can be used in a non-
powerpc hosted debugger to analyze PowerPC core files. It also
accepts core files that still have the dump header, as can be
the case within Juniper where TFTP-based kernel core files are
supported and savecore is not used to "extract" the core file
from some dump device.
Obtained from: Juniper Networks, Inc.
Bring in updated jail support from bz_jail branch.
This enhances the current jail implementation to permit multiple
addresses per jail. In addtion to IPv4, IPv6 is supported as well.
Due to updated checks it is even possible to have jails without
an IP address at all, which basically gives one a chroot with
restricted process view, no networking,..
SCTP support was updated and supports IPv6 in jails as well.
Cpuset support permits jails to be bound to specific processor
sets after creation.
Jails can have an unrestricted (no duplicate protection, etc.) name
in addition to the hostname. The jail name cannot be changed from
within a jail and is considered to be used for management purposes
or as audit-token in the future.
DDB 'show jails' command was added to aid debugging.
Proper compat support permits 32bit jail binaries to be used on 64bit
systems to manage jails. Also backward compatibility was preserved where
possible: for jail v1 syscalls, as well as with user space management
utilities.
Both jail as well as prison version were updated for the new features.
A gap was intentionally left as the intermediate versions had been
used by various patches floating around the last years.
Bump __FreeBSD_version for the afore mentioned and in kernel changes.
Special thanks to:
- Pawel Jakub Dawidek (pjd) for his multi-IPv4 patches
and Olivier Houchard (cognet) for initial single-IPv6 patches.
- Jeff Roberson (jeff) and Randall Stewart (rrs) for their
help, ideas and review on cpuset and SCTP support.
- Robert Watson (rwatson) for lots and lots of help, discussions,
suggestions and review of most of the patch at various stages.
- John Baldwin (jhb) for his help.
- Simon L. Nielsen (simon) as early adopter testing changes
on cluster machines as well as all the testers and people
who provided feedback the last months on freebsd-jail and
other channels.
- My employer, CK Software GmbH, for the support so I could work on this.
Reviewed by: (see above)
MFC after: 3 months (this is just so that I get the mail)
X-MFC Before: 7.2-RELEASE if possible