Commit Graph

268 Commits

Author SHA1 Message Date
brooks
f53c1c309d Rework the credential code to support larger values of NGROUPS and
NGROUPS_MAX, eliminate ABI dependencies on them, and raise the to 1024
and 1023 respectively.  (Previously they were equal, but under a close
reading of POSIX, NGROUPS_MAX was defined to be too large by 1 since it
is the number of supplemental groups, not total number of groups.)

The bulk of the change consists of converting the struct ucred member
cr_groups from a static array to a pointer.  Do the equivalent in
kinfo_proc.

Introduce new interfaces crcopysafe() and crsetgroups() for duplicating
a process credential before modifying it and for setting group lists
respectively.  Both interfaces take care for the details of allocating
groups array. crsetgroups() takes care of truncating the group list
to the current maximum (NGROUPS) if necessary.  In the future,
crsetgroups() may be responsible for insuring invariants such as sorting
the supplemental groups to allow groupmember() to be implemented as a
binary search.

Because we can not change struct xucred without breaking application
ABIs, we leave it alone and introduce a new XU_NGROUPS value which is
always 16 and is to be used or NGRPS as appropriate for things such as
NFS which need to use no more than 16 groups.  When feasible, truncate
the group list rather than generating an error.

Minor changes:
  - Reduce the number of hand rolled versions of groupmember().
  - Do not assign to both cr_gid and cr_groups[0].
  - Modify ipfw to cache ucreds instead of part of their contents since
    they are immutable once referenced by more than one entity.

Submitted by:	Isilon Systems (initial implementation)
X-MFC after:	never
PR:		bin/113398 kern/133867
2009-06-19 17:10:35 +00:00
ed
68fd93f22d Fix missing includes of <string.h>, to silence some compiler warnings.
Submitted by:	Pawel Worach
2009-06-14 12:42:06 +00:00
marcel
f28ea657e9 Add support for PowerPC kernel core files. This commit only adds
support for virtual core files (aka minidumps). physical core
files are not supported.

The implementation is cross-tool ready and can be used in a non-
powerpc hosted debugger to analyze PowerPC core files. It also
accepts core files that still have the dump header, as can be
the case within Juniper where TFTP-based kernel core files are
supported and savecore is not used to "extract" the core file
from some dump device.

Obtained from:	Juniper Networks, Inc.
2009-04-06 21:52:10 +00:00
bz
d2730d5b27 MFp4:
Bring in updated jail support from bz_jail branch.

This enhances the current jail implementation to permit multiple
addresses per jail. In addtion to IPv4, IPv6 is supported as well.
Due to updated checks it is even possible to have jails without
an IP address at all, which basically gives one a chroot with
restricted process view, no networking,..

SCTP support was updated and supports IPv6 in jails as well.

Cpuset support permits jails to be bound to specific processor
sets after creation.

Jails can have an unrestricted (no duplicate protection, etc.) name
in addition to the hostname. The jail name cannot be changed from
within a jail and is considered to be used for management purposes
or as audit-token in the future.

DDB 'show jails' command was added to aid debugging.

Proper compat support permits 32bit jail binaries to be used on 64bit
systems to manage jails. Also backward compatibility was preserved where
possible: for jail v1 syscalls, as well as with user space management
utilities.

Both jail as well as prison version were updated for the new features.
A gap was intentionally left as the intermediate versions had been
used by various patches floating around the last years.

Bump __FreeBSD_version for the afore mentioned and in kernel changes.

Special thanks to:
- Pawel Jakub Dawidek (pjd) for his multi-IPv4 patches
  and Olivier Houchard (cognet) for initial single-IPv6 patches.
- Jeff Roberson (jeff) and Randall Stewart (rrs) for their
  help, ideas and review on cpuset and SCTP support.
- Robert Watson (rwatson) for lots and lots of help, discussions,
  suggestions and review of most of the patch at various stages.
- John Baldwin (jhb) for his help.
- Simon L. Nielsen (simon) as early adopter testing changes
  on cluster machines as well as all the testers and people
  who provided feedback the last months on freebsd-jail and
  other channels.
- My employer, CK Software GmbH, for the support so I could work on this.

Reviewed by:	(see above)
MFC after:	3 months (this is just so that I get the mail)
X-MFC Before:   7.2-RELEASE if possible
2008-11-29 14:32:14 +00:00
raj
032a270ba5 Support kernel crash mini dumps on ARM architecture.
Obtained from:	Juniper Networks, Semihalf
2008-11-06 16:20:27 +00:00
delphij
d3b188efba Reduce code duplication: use calloc() intead of malloc()
and memset afterward.
2008-10-17 20:11:28 +00:00
delphij
0c0113fdef _kvm_malloc allocates memory through calloc() which
returns zeroed memory, so don't redo the initialization.
2008-10-17 20:09:00 +00:00
jhb
50652bcc22 Add a "CACHING" section regarding the internal caching of kernel variables
and the ability to clear that cache.
2008-08-21 19:22:13 +00:00
jhb
67b02c52de Add a new routine kvm_getcptime(3) for fetching the equivalent of
'kern.cp_time'.  For a live kernel it uses the sysctl.  For a crashdump,
it first checks to see if the kernel has a 'cp_time' global symbol.  If
it does, it uses that.  If that doesn't work, when it uses the recently
added kvm_getmaxcpu(3) and kvm_getpcpu(3) routines to walk all the CPUs
and sum up their counters.

MFC after:	1 week
2008-08-19 21:30:36 +00:00
jhb
78678aa46b Add two new routines to libkvm for working with per-CPU data:
kvm_getmaxcpu() and kvm_getpcpu().

MFC after:	1 week
2008-08-19 19:55:33 +00:00
imp
125cb1d713 First cut at doing the kvm file needed for mips.
Obtained from:	gonzo@
2008-07-23 07:24:55 +00:00
pjd
268a4c430f Use _WANT_FILE to make struct file visible from userland. This is
similar to _WANT_UCRED and _WANT_PRISON and seems to be much nicer than
defining _KERNEL.
It is also needed for my sys/refcount.h change going in soon.
2008-05-26 15:12:47 +00:00
jeff
d98a1ab70e - Don't inspect the P_SA flag. It's being removed. 2008-03-12 10:00:33 +00:00
delphij
9a0396e98c Plug memory leaks that is observed when argbuf or argspc is used in the
context.

Submitted by:	Michal Vranek <michal.vranek seznam cz>
PR:		bin/118380
MFC after:	1 month
2008-01-12 00:54:47 +00:00
jeff
731df5b590 - Update kvm_deadfiles to be compatible with the new system which has no
global list of all files.
 - Mark kvm_getfiles() as broken since the live version exports struct xfile
   with no filelist at the head and does so incorrectly and the deadfiles
   version exports struct file with a filelist at the head.  It is not known
   if either version works or complies to the manpage.
2007-12-30 01:43:51 +00:00
julian
8726f9ec95 Aparrently MACXOCOMLEN exisrts only on my machine 2007-10-26 15:25:28 +00:00
julian
11e1aa0d18 Introduce a way to make pure kernal threads.
kthread_add() takes the same parameters as the old kthread_create()
plus a pointer to a process structure, and adds a kernel thread
to that process.

kproc_kthread_add() takes the parameters for kthread_add,
plus a process name and a pointer to a pointer to a process instead of just
a pointer, and if the proc * is NULL, it creates the process to the
specifications required, before adding the thread to it.

All other old kthread_xxx() calls return, but act on (struct thread *)
instead of (struct proc *). One reason to change the name is so that
any old kernel modules that are lying around and expect kthread_create()
to make a process will not just accidentally link.

fix top to show  kernel threads by their thread name in -SH mode
add a tdnam formatting option to ps to show thread names.

make all idle threads actual kthreads and put them into their own idled process.
make all interrupt threads kthreads and put them in an interd process
(mainly for aesthetic and accounting reasons)
rename proc 0 to be 'kernel' and it's swapper thread is now 'swapper'

man page fixes to follow.
2007-10-26 08:00:41 +00:00
jeff
275d99eb1a - When using kvm use the new conversion method to derive swtime.
Approved by:	re
2007-09-21 04:11:34 +00:00
jeff
3fc0f8b973 - Move all of the PS_ flags into either p_flag or td_flags.
- p_sflag was mostly protected by PROC_LOCK rather than the PROC_SLOCK or
   previously the sched_lock.  These bugs have existed for some time.
 - Allow swapout to try each thread in a process individually and then
   swapin the whole process if any of these fail.  This allows us to move
   most scheduler related swap flags into td_flags.
 - Keep ki_sflag for backwards compat but change all in source tools to
   use the new and more correct location of P_INMEM.

Reported by:	pho
Reviewed by:	attilio, kib
Approved by:	re (kensmith)
2007-09-17 05:31:39 +00:00
simokawa
c6862c6dc2 Re-enable raw dump format support on i386 and amd64 for /dev/fwmem. 2007-06-15 11:35:11 +00:00
jeff
95d7fe260d - Work-around the already partially broken rusage support in kvm by
completely disabling it until a full solution is agreed upon.

Pointy hat to:	me
2007-06-01 04:14:57 +00:00
marcel
797bdcc549 Add a level of indirection to the kernel PTE table. The old
scheme allowed for 1024 PTE pages, each containing 256 PTEs.
This yielded 2GB of KVA. This is not enough to boot a kernel
on a 16GB box and in general too low for a 64-bit machine.
By adding a level of indirection we now have 1024 2nd-level
directory pages, each capable of supporting 2GB of KVA. This
brings the grand total to 2TB of KVA.
2007-05-19 13:11:27 +00:00
jhb
9c764c7fc3 - Move 'struct swdevt' back into swap_pager.h and expose it to userland.
- Restore support for fetching swap information from crash dumps via
  kvm_get_swapinfo(3) to fix pstat -T/-s on crash dumps.

Reviewed by:	arch@, phk
MFC after:	1 week
2007-02-07 17:43:11 +00:00
imp
fc4122352b Per Olivier Houchard, use the proper license for this file. He
bogusly used the kvm_powerpc.c file as a template for the license, but
then either wrote the code himself, or cribbed it from the kvm_i386
file.  The only thing from the kvm_powerpc.c file was the license.
Correct this mistake with his blessing.
2007-01-08 18:25:58 +00:00
imp
98103c9fb2 Remove the advertising clause. UCB did this some time ago, but these
files were never updated to reflect that.

MFC After: 2 days
2007-01-08 17:35:36 +00:00
julian
2df2fdd630 remove already commented out code 2006-12-06 06:44:20 +00:00
jb
f82c799735 Make KSE a kernel option, turned on by default in all GENERIC
kernel configs except sun4v (which doesn't process signals properly
with KSE).

Reviewed by:	davidxu@
2006-10-26 21:42:22 +00:00
kmacy
ea415a0be8 unbreak build for sparc64 etc.
TARGET won't be defined on non subarches

Approved by: rwatson (mentor)
Reviewed by: jmg
2006-10-09 05:12:54 +00:00
kmacy
a37c943bc5 buildworld fixes for sun4v
not sure why pmap.c is included as it is unchanged

Approved by: rwatson (mentor)
Reviewed by: jmg
2006-10-09 04:58:45 +00:00
wkoszek
0f11fa239b Don't forget to set internal error message in kvm_nlist().
Approved by:	cognet (mentor)
2006-09-20 12:09:21 +00:00
ru
aa1113efea Remove alpha-specific stuff. 2006-08-23 12:12:56 +00:00
yar
89f0368396 Rev. 1.44 of this file didn't introduce a right solution,
but we don't seem to have one yet, so just add an XXX comment on
passing rux_runtime to bintime2timeval() wrongly.

Spotted by:	gcc(1) (warning)
2006-07-25 22:39:57 +00:00
delphij
5f36307f91 Include strings.h for bzero() 2006-06-05 08:51:14 +00:00
peter
aeeca95e16 Teach libkvm how to read minidumps. It turns out that minidumps are
far more convenient for libkvm to work with because of the page table
block at the beginning.  As a result, the MD code is smaller.

libkvm will automatically detect old vs mini dumps on i386 and amd64.

libkvm will handle i386 PAE and non-PAE modes.  There is a PAE flag in
the i386 minidump header to signal the width of the entries in the
page table block.

Other convenient values are also present, such as kernbase and the direct
map addresses on amd64.
2006-04-21 04:32:51 +00:00
csjp
4c05286a61 Validate that the supplied file is not empty before trying mmap(2) it
and access the pages associated with it.

Submitted by:	Wojciech A. Koszek
PR:		bin/91411
MFC after:	1 week
2006-01-15 20:30:13 +00:00
peter
e62b997c41 Fix a well duplicated fencepost error that stopped crashdumps being
readable on certain random memory configurations.  If the libkvm consumer
tried to read something that was in the very last pdpe, pde or pte slot,
it would bogusly fail.

This is broken in RELENG_6 too.
2005-10-20 05:41:38 +00:00
cognet
6acbf22315 libkvm bits for arm. 2005-10-03 14:21:14 +00:00
scottl
a592644d4a Fix the alpha build by using the correct argument types for _kvm_kvatop().
Submitted by: marcel
Approved by: re (implicit)
2005-07-02 05:49:29 +00:00
ps
da61891eff Match _kvm_kvatop to it's prototype in kvm_i386.c. This unbreaks
the build.

Approved by:	re
2005-06-30 01:25:21 +00:00
peter
d939998368 Support crash dumps > 4GB in size on 32 bit platforms. _kvm_kvatop()
returned an lseek offset in a "u_long *" value, which can't express >4GB
offsets on 32 bit machines (eg: PAE).  Change to "off_t *" for all.

Support ELF crashdumps on i386 and amd64.

Support PAE crashdumps on i386.  This is done by auto-detecting the
presence of the IdlePDPT which means that PAE is active.

I used Marcel's _kvm_pa2off strategy and ELF header reader for ELF support
on amd64.  Paul Saab ported the amd64 changes to i386 and we implemented
the PAE support from there.

Note that gdb6 in the src tree uses whatever libkvm supports.  If you want
to debug an old crash dump, you might want to keep an old libkvm.so handy
and use LD_PRELOAD or the like.  This does not detect the old raw dump
format.

Approved by: re
2005-06-29 22:39:41 +00:00
peter
9729a26e81 Set ki_tdev to NODEV rather than NULL.
Approved by:  re
2005-06-24 00:37:04 +00:00
pjd
d4e1d8c063 Make kvm(3) aware of ki_jid field.
Reviewed by:	gad
MFC after:	3 days
2005-03-20 10:37:56 +00:00
phk
9979dac9ca Dike out unwarranted reference to si_udev. 2005-03-15 14:26:14 +00:00
ru
ed72feddcb Sort sections. 2005-01-20 09:17:07 +00:00
das
bab4eb89e3 In preparation to remove U areas, don't refer to p_uarea in libkvm.
Reviewed by:	arch@
2004-11-20 02:28:26 +00:00
csjp
da083b47d0 Remove un-needed call to close(2). The fd that close is being
called on is invalid and has no use.

Reviewed by:	smkelly
2004-11-13 14:30:34 +00:00
csjp
f7e2997810 Document the fact that kvm_getenvv(3) requires procfs to be mounted
on /proc in order to operate correctly.

Reviewed by:	simon@, wes@
2004-11-13 14:26:13 +00:00
peter
9213c0d6bf Belatedly catch up with the dev_t/cdev changes from a few months back.
Extract the struct cdev pointer and the tty device from inside rather than
incorrectly casting the 'struct cdev *' pointer to a 'dev_t' int.  Not
that this was particularly important since it was only used for reading
vmcore files.
2004-10-11 21:56:27 +00:00
jhb
a217c8967b - Fix the compile to chase the p_rux changes.
- Add a comment noting that the ru_[us]times values being read aren't
  actually valid and need to be computed from the raw values.

Submitted by:	many (1)
2004-10-06 17:10:56 +00:00
marcel
b9f196b2c4 Redefine a PTE as a 64-bit integral type instead of a struct of
bit-fields. Unify the PTE defines accordingly and update all
uses.
2004-09-23 00:05:20 +00:00