| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
from Michal Mazurek
|
| |
|
|
|
|
| |
strict than anticipated. It allows a programmer to pledge/promise/covenant
that their program will operate within an easily defined subset of the
Unix environment, or it pays the price.
|
| |
|
|
| |
ok deraadt@ miod@
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The pathlist is a whitelist of dirs and files; anything else returns ENOENT.
Recommendation is to use a narrowly defined list. Also add TAME_FATTR, which
permits explicit change operations against "struct stat" fields. Some
other TAME_ flags are refined slightly.
Not cranking libc now, since nothing commited in base uses this and the
timing is uncomfortable for others. Discussed with many; thanks for a
few bug fixes from semarie, doug, guenther.
ok guenther
|
| |
|
|
|
|
| |
operating model". This is the kernel component; various changes should
proceed in-tree for a while before userland programs start using it.
ok miod, discussions and help from many
|
| | |
|
| |
|
|
|
|
|
| |
have any direct symbols used. Tested for indirect use by compiling
amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
| |
|
|
|
|
|
| |
setting up process0, 'cause I'm sick of forgetting to update main()
when touching process_new()
ok blambert@ miod@
|
| |
|
|
| |
to include that than rdnvar.h. ok deraadt dlg
|
| | |
|
| |
|
|
| |
ok doug tedu
|
| |
|
|
|
|
| |
months that I broke it before the 5.5 release.
confirmed as not being required by ports by sthen@, ajacoutot@, dcoppa@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a new assertion macro, KERNEL_ASSERT_LOCKED(), to assert that
kernel_lock is held. In the long process of removing kernel_lock, there will
be a lot (hundreds or thousands) of use of this; virtually almost all functions
in !MP-safe subsystems should have this assertion. Thus this assertion should
have a short, good name.
Not only that "KERNEL_ASSERT_LOCKED" is consistent with other KERNEL_* and
SCHED_ASSERT_LOCKED() macros.
Input from dlg@ guenther@ kettenis@.
OK dlg@ guenther@
|
| |
|
|
| |
after discussions with beck deraadt kettenis.
|
| |
|
|
|
|
| |
atomic_setbits_int()
ok kettenis@
|
| |
|
|
|
| |
don't need to be married.
ok guenther miod beck jsing kettenis
|
| |
|
|
|
|
|
|
| |
Now that file descriptor tables have moved from a per-thread resource
to per-process, it's impossible to fork a thread without sharing the
file descriptor table.
ok guenther
|
| |
|
|
|
|
|
|
|
|
|
| |
PS_{ZOMBIE,EMBRYO} on the process instead of peeking into the process's
thread data. This eliminates the need for the thread-level SDEAD state.
Change kvm_getprocs() (both the sysctl() and kvm backends) to report the
"most active" scheduler state for the process's threads.
tweaks kettenis@
feedback and ok matthew@
|
| |
|
|
|
|
|
|
|
|
| |
to the process's vmspace and filedescs. struct proc continues to
keep copies of the pointers, copying them on fork, clearing them
on exit, and (for vmspace) refreshing on exec.
Also, make uvm_swapout_threads() thread aware, eliminating p_swtime
in kernel.
particular testing by ajacoutot@ and sebastia@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
pulled by <uvm/uvm_extern.h> and turn uvm_total() into a private
function.
The preferred way to get memory stats is through the VM_UVMEXP
sysctl(3) since VM_METER is just a wrapper on top of it. In the
kernel, use `uvmexp' directly instead of uvm_total().
This change does not remove <sys/vmmeter.h> from <uvm/uvm_extern.h>
to give some more time to port maintainers to fix their ports.
ok guenther@ as part of a larger diff.
|
| |
|
|
|
|
|
| |
and FORK_SYSTEM as a flag to set them. This eliminates needing to
peek into other processes threads in various places. Inspired by NetBSD
ok miod@ matthew@
|
| |
|
|
|
|
| |
uvm_uarea_alloc()
function name from NetBSD; arm testing by miod@
|
| |
|
|
|
|
|
|
|
| |
to avoid possible use-after-free references when swapping ids in threaded
processes. "Do I have the right creds?" checks are always made with the
threads creds.
Inspired by FreeBSD and NetBSD
"right time" deraadt@
|
| |
|
|
|
|
|
|
|
| |
struct ucred; struct process then directly links to the ucred
Based on a discussion at c2k10 or so before noting that FreeBSD and
NetBSD did this too.
ok matthew@
|
| |
|
|
|
|
| |
<uvm/uvm.h> if possible and remove double inclusions.
ok beck@, mlarkin@, deraadt@
|
| |
|
|
|
|
|
|
|
| |
Tweak the handling of ktrace EMUL when changing ktracing: only
generate one per process (not one per thread) and pass the correct
proc pointer down to the VFS layer. Permit generating of NAMI and
CSW records inside ktrace(2) itself.
ok deraadt@ millert@
|
| |
|
|
| |
testing help mpi@
|
| |
|
|
|
|
|
|
| |
Linux-compat clone() syscall when *not* using CLONE_THREAD. pirofti@
confirms Opera runs in compat without this, so out it goes; one less hair
to choke on in kern_exit.c
ok tedu@ pirofti@
|
| |
|
|
|
|
| |
arithmetic so that PID_MAX can be reached.
ok otto@ zhuk@ miod@
|
| |
|
|
|
|
|
|
| |
make it a list of processes, and change P_NOZOMBIE and P_STOPPED from thread
flags to process flags. Add allprocess list for the code that just wants
to see processes.
ok tedu@
|
| |
|
|
|
|
| |
can be further simplified.
ok kettenis@
|
| |
|
|
|
|
|
|
| |
hardclock() set a flag on the running thread and force AST processing,
and then have the thread signal itself from userret().
idea and flag names from FreeBSD
ok jsing@
|
| |
|
|
|
|
|
| |
so COMPAT_O51 can go. The complete ABI role means COMPAT_O53 can
be removed as well.
ok jsing@ tedu@
|
| |
|
|
| |
ok kettenis
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There is a race condition which might trigger a case where two cpus try
to run the same idle thread.
The problem arises when one cpu steals the idle proc of another cpu and
this other cpu ends up running the idle thread via spc->spc_idleproc,
resulting in two cpus trying to cpu_switchto(idleX).
On startup, idle procs are scaterred around different runqueues, the
decision for scheduling is:
1 look at my runqueue.
2 if empty, look at other dudes runqueue.
3 if empty, select idle proc via spc->spc_idleproc.
The problem is that cpu0's idle0 might be running on cpu1 due to step 1
or 2 and cpu0 hits step 3.
So cpu0 will select idle0, while cpu1 is in fact running it already.
The solution is to never place idle on a runqueue, therefore being
only selectable through spc->spc_idleproc.
This race can be more easily triggered on a HT cpu on virtualized
environments, where the guest more often than not doesn't have the cpu
for itself, so timing gets shuffled.
ok tedu@ guenther@
go ahead after t2k13 deraadt@
|
| |
|
|
|
| |
exited pids that won't get recycled.
ok deraadt
|
| |
|
|
|
|
|
| |
until it's fully built, so that it can't get a signal from
realitexpire(), as seen by sthen@ and espie@ in ports builds.
Exact bits moved down worked out with tedu@, ok deraadt@
|
| |
|
|
| |
ok matthew@ deraadt@
|
| |
|
|
|
|
| |
with threaded processes. Fix this by checking for an attempt to go
single threaded in fork1 and account for the new thread as well.
ok espie guenther kurt
|
| |
|
|
| |
ok deraadt guenther kettenis matthew
|
| |
|
|
|
|
| |
fully deprecate it (notably the go port was still using it as of 5.3)
so to give users a little more time to update, __tfork51 lives again.
okish deraadt guenther
|
| |
|
|
| |
ok deraadt@
|
| |
|
|
|
|
| |
process), then don't decrement the total and per-user counts of processes.
ok deraadt@ miod@
|
| |
|
|
|
|
|
| |
profil() by moving P_PROFIL from proc->p_flag to process->ps_flags with
matching adjustment in fork1() and exit1()
ok matthew@
|
| |
|
|
|
|
|
|
|
| |
so that it can't get a signal while still running on the parent thread's
stack. Also, pass in sizeof(struct __tfork) to provide forward compat
when more members are added. This is an ABI change, so switch syscall
numbers and bump lib majors this time.
ok deraadt@ matthew@
|
| |
|
|
|
|
|
| |
also no need to protect that and the setting of the AFORK accounting flag
with the scheduler lock.
ok mikeb@
|
| |
|
|
|
|
|
|
|
|
| |
It implements a full-stop model where all threads are stopped before handing
over control to the debugger. Events are reported as before through wait(2);
you will have to call ptrace(PT_GET_PROCESS_STATE, ...) to find out which
thread hit the event. Since this changes the size of struct ptrace_state,
you will have to recompile gdb.
ok guenther@
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
count processes instead of threads. New sysctl()s KERN_NTHREADS and
KERN_MAXTHREAD count and limit threads. The nprocs and maxproc kernel
variables are replaced by nprocess, maxprocess, nthreads, and maxthread.
ok tedu@ mikeb@
|
tedu
deraadt
guenther
jsg
uebayasi
matthew
mpi
haesbaert
kettenis
mikeb