| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There were multiple places where a rwlock was used despite never
rlocking, so just change these into mtxs. This was done with the aid of
Coccinelle's spatch, using this input:
#spatch -j 4 --recursive-includes --include-headers-for-types --include-headers --in-place --macro-file <seebelow.h>
virtual after_start
@initialize:ocaml@
@@
let has_write_table = Hashtbl.create 101
let has_read_table = Hashtbl.create 101
let ok i m =
let entry = (i,m) in
Hashtbl.mem has_write_table entry && not(Hashtbl.mem has_read_table entry)
@hasw depends on !after_start@
identifier i,m;
struct i x;
@@
(
rw_wlock(&x.m)
|
rw_wunlock(&x.m)
)
@script:ocaml@
i << hasw.i;
m << hasw.m;
@@
Hashtbl.replace has_write_table (i,m) ()
@hasr depends on !after_start@
identifier i,m;
struct i x;
@@
(
rw_rlock(&x.m)
|
rw_runlock(&x.m)
)
@script:ocaml@
i << hasr.i;
m << hasr.m;
@@
Hashtbl.replace has_read_table (i,m) ()
@finalize:ocaml depends on !after_start@
wt << merge.has_write_table;
rt << merge.has_read_table;
@@
let redo ts dst =
List.iter (Hashtbl.iter (fun k _ -> Hashtbl.add dst k ())) ts in
redo wt has_write_table;
redo rt has_read_table;
let it = new iteration() in
it#add_virtual_rule After_start;
it#register()
(* ----------------------------------------------------------- *)
@depends on after_start@
identifier i;
identifier m : script:ocaml(i) { ok i m };
@@
struct i {
...
- struct rwlock m;
+ struct mtx m;
...
}
@depends on after_start disable fld_to_ptr@
identifier m;
identifier i : script:ocaml(m) { ok i m };
struct i x;
@@
- rw_wlock
+ mtx_lock
(&x.m)
@depends on after_start disable fld_to_ptr@
identifier m;
identifier i : script:ocaml(m) { ok i m };
struct i x;
@@
- rw_wunlock
+ mtx_unlock
(&x.m)
@depends on after_start disable fld_to_ptr@
identifier m;
expression e;
identifier i : script:ocaml(m) { ok i m };
struct i x;
@@
- rw_init(&x.m, e);
+ mtx_init(&x.m, e, NULL, MTX_DEF);
@depends on after_start disable fld_to_ptr@
identifier m;
identifier i : script:ocaml(m) { ok i m };
struct i x;
@@
- rw_destroy
+ mtx_destroy
(&x.m)
@depends on after_start disable fld_to_ptr, ptr_to_array@
identifier m;
identifier i : script:ocaml(m) { ok i m };
struct i *x;
@@
- rw_wlock
+ mtx_lock
(&x->m)
@depends on after_start disable fld_to_ptr, ptr_to_array@
identifier m;
identifier i : script:ocaml(m) { ok i m };
struct i *x;
@@
- rw_wunlock
+ mtx_unlock
(&x->m)
@depends on after_start disable fld_to_ptr, ptr_to_array@
identifier m;
expression e;
identifier i : script:ocaml(m) { ok i m };
struct i *x;
@@
- rw_init(&x->m, e);
+ mtx_init(&x->m, e, NULL, MTX_DEF);
@depends on after_start disable fld_to_ptr, ptr_to_array@
identifier m;
identifier i : script:ocaml(m) { ok i m };
struct i *x;
@@
- rw_destroy
+ mtx_destroy
(&x->m)
A few macros needed to be provided manually for the parser to work:
#define LIST_HEAD(x,y) int
#define TAILQ_HEAD(x,y) int
#define STAILQ_HEAD(x,y) int
#define CK_LIST_HEAD(x,y) int
#define CK_LIST_ENTRY(x) int
#define LIST_ENTRY(x) int
#define TAILQ_ENTRY(x) int
#define STAILQ_ENTRY(x) int
Co-authored-by: Julia Lawall <julia.lawall@inria.fr>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
|
| |
Before, most uses of rwlock and mtx never called the destroy method,
which might cause problems for witness.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Hopefully bad tests will cause the module to not insert, so the CI picks
this up. It looks like a failure to insert the module at the moment
actually causes another crash, though:
Kernel page fault with the following non-sleepable locks held:
exclusive sleep mutex if_cloners lock (if_cloners lock) r = 0 (0xffffffff81d9a9b8) locked @ /usr/src/sys/net/if_clone.c:447
stack backtrace:
#0 0xffffffff80c66181 at witness_debugger+0x71
#1 0xffffffff80c6729d at witness_warn+0x40d
#2 0xffffffff8109499e at trap_pfault+0x7e
#3 0xffffffff81093fab at trap+0x2ab
#4 0xffffffff810687f8 at calltrap+0x8
#5 0xffffffff82925610 at wg_module_event_handler+0x120
#6 0xffffffff80bd53c3 at module_register_init+0xd3
#7 0xffffffff80bc5c61 at linker_load_module+0xc01
#8 0xffffffff80bc73b9 at kern_kldload+0xe9
#9 0xffffffff80bc74db at sys_kldload+0x5b
#10 0xffffffff810952f7 at amd64_syscall+0x147
#11 0xffffffff8106911e at fast_syscall_common+0xf8
Fatal trap 12: page fault while in kernel mode
cpuid = 9; apic id = 09
fault virtual address = 0x70
fault code = supervisor read data, page not present
instruction pointer = 0x20:0xffffffff80d18e37
stack pointer = 0x28:0xfffffe0115fb35a0
frame pointer = 0x28:0xfffffe0115fb35c0
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 1587 (kldload)
trap number = 12
panic: page fault
cpuid = 9
time = 1621380034
KDB: stack backtrace:
#0 0xffffffff80c44695 at kdb_backtrace+0x65
#1 0xffffffff80bf9d01 at vpanic+0x181
#2 0xffffffff80bf9ad3 at panic+0x43
#3 0xffffffff81094917 at trap_fatal+0x387
#4 0xffffffff810949b7 at trap_pfault+0x97
#5 0xffffffff81093fab at trap+0x2ab
#6 0xffffffff810687f8 at calltrap+0x8
#7 0xffffffff82925610 at wg_module_event_handler+0x120
#8 0xffffffff80bd53c3 at module_register_init+0xd3
#9 0xffffffff80bc5c61 at linker_load_module+0xc01
#10 0xffffffff80bc73b9 at kern_kldload+0xe9
#11 0xffffffff80bc74db at sys_kldload+0x5b
#12 0xffffffff810952f7 at amd64_syscall+0x147
#13 0xffffffff8106911e at fast_syscall_common+0xf8
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
| |
IPs mean different things per-vnet.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The two main changes here are:
* Remove cookie_ prefix from static functions. This is a leftover from
OpenBSD where they don't want static functions.
* Rename cm to macs, and cp to cm. Not sure where this came from but it
didn't really make much sense to leave it as is.
The reset are whitespace changes. Overall there is no modification to
functionality here, just appearances.
Signed-off-by: Matt Dunwoodie <ncon@noconroy.net>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Primarily this commit adds a cookie_valid state, to prevent a recently
booted machine from sending a mac2. We also do a little bit of reworking
on locking and a fixup for int to bool.
There is one slight difference to cookie_valid (latest_cookie.is_valid)
on Linux and that is to set cookie_valid to false when the
cookie_birthdate has expired. The purpose of this is to prevent the
expensive timer check after it has expired.
For the locking, we want to hold a write lock in cookie_maker_mac
because we write to mac1_last, mac1_valid and cookie_valid. This
wouldn't cause too much contention as this is a per peer lock and we
only do so when sending handshake packets. This is different from Linux
as Linux writes all it's variables at the start, then downgrades to a
read lock.
We also match cookie_maker_consume_payload locking to Linux, that is to
read lock while checking mac1_valid and decrypting the cookie then take
a write lock to set the cookie.
Signed-off-by: Matt Dunwoodie <ncon@noconroy.net>
|
|
|
|
| |
Signed-off-by: Matt Dunwoodie <ncon@noconroy.net>
|
|
|
|
| |
Signed-off-by: Matt Dunwoodie <ncon@noconroy.net>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously we relied on gc being called when adding a new entry, which
could leave us in a gc "blind spot". With this change, we schedule a
callout to run gc whenever we have entries in the table. The callout
will continue to run every ELEMENT_TIMEOUT seconds until the table is
empty.
Access to rl_gc is locked by rl_lock, so we will never have any threads
racing to callout_{pending,stop,reset}.
The alternative (which Linux does currently) is just to run the callout
every ELEMENT_TIMEOUT (1) second even when no entries are in the table.
However, the callout solution proposed here seems simple enough.
Signed-off-by: Matt Dunwoodie <ncon@noconroy.net>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
There's still more to do with wiring this up properly.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|