| History log of /src/sys/kern/exec_subr.c |
| Revision | | Date | Author | Comments |
| 1.91 |
| 06-Dec-2024 |
riastradh | sys/kern/kern_exec.c, exec_*.c: Nix trailing whitespace.
No functional change intended.
|
| 1.90 |
| 06-Dec-2024 |
riastradh | sys/kern/kern_exec.c, exec_*.c: Sprinkle SET_ERROR dtrace probes.
PR kern/58378: Kernel error code origination lacks dtrace probes
|
| 1.89 |
| 06-Dec-2024 |
riastradh | sys/kern/kern_exec.c, exec_*.c: Sort includes.
No functional change intended.
|
| 1.88 |
| 21-Nov-2023 |
riastradh | branches: 1.88.2;
pax(9): Rework header file more coherently to nix some needless #ifs.
Cleans up some of the fallout from PR kern/57711 fixes.
Could do a little more to nix PAX_SEGVGUARD conditionals but maybe
not worth it.
|
| 1.87 |
| 21-Nov-2023 |
martin | Stopgap build fix for kernels w/o PAX_MPROTECT after the fixes
for PR 57711: mark variable as unused (sometimes, e.g. in macppc kernels).
|
| 1.86 |
| 21-Nov-2023 |
riastradh | exec: Map noaccess part of stack with prot=NONE, maxprot=READ|WRITE.
This way, setrlimit(RLIMT_STACK) can grant READ|WRITE access when
increasing the stack size.
PR kern/57711
XXX pullup-10
XXX pullup-9
XXX pullup-8
|
| 1.85 |
| 09-Apr-2023 |
riastradh | kern: KASSERT(A && B) -> KASSERT(A); KASSERT(B)
|
| 1.84 |
| 13-Apr-2020 |
ad | branches: 1.84.20;
Replace most uses of vp->v_usecount with a call to vrefcnt(vp), a function
that hides the details and does atomic_load_relaxed(). Signature matches
FreeBSD.
|
| 1.83 |
| 12-Jan-2020 |
ad | branches: 1.83.4;
Tidy up the vnode locking around execve() on ELF images to acquire and
release the locks fewer times. Proposed on tech-kern a very long time go.
|
| 1.82 |
| 02-Jul-2017 |
joerg | branches: 1.82.6; 1.82.10; 1.82.12;
Export the guard size of the main thread via vm.guard_size. Add a
complementary writable sysctl for the initial guard size of threads
created via pthread_create. Let the existing attribut accessors do the
right thing. Raise the default guard size for threads to 64KB.
|
| 1.81 |
| 23-Jun-2017 |
joerg | Recommit exec_subr.c revision 1.79:
Always include a 1MB guard area beyond the end of stack. While ASLR will
normally create a guard area as well, this provides a deterministic area
for all binaries.
Mitigates the rest of CVE-2017-1000374 and CVE-2017-1000375 from
Qualys.
Additionally, change VM_DEFAULT_ADDRESS_TOPDOWN to include
user_stack_guard_size in the size reservation.
|
| 1.80 |
| 19-Jun-2017 |
joerg | Revert for the moment, creates problems on i386.
|
| 1.79 |
| 19-Jun-2017 |
joerg | Always include a 1MB guard area beyond the end of stack. While ASLR will
normally create a guard area as well, this provides a deterministic area
for all binaries.
Mitigates the rest of CVE-2017-1000374 and CVE-2017-1000375 from
Qualys.
|
| 1.78 |
| 07-May-2017 |
christos | branches: 1.78.2;
de-triplicate.
|
| 1.77 |
| 06-May-2017 |
joerg | Extend the mmap(2) interface to allow requesting protections for later
use with mprotect(2), but without enabling them immediately.
Extend the mremap(2) interface to allow duplicating mappings, i.e.
create a second range of virtual addresses references the same physical
pages. Duplicated mappings can have different effective protections.
Adjust PAX mprotect logic to disallow effective protections of W&X, but
allow one mapping W and another X protections. This obsoletes using
temporary files for purposes like JIT.
Adjust PAX logic for mmap(2) and mprotect(2) to fail if W&X is requested
and not silently drop the X protection.
Improve test cases to ensure correct operation of the changed
interfaces.
|
| 1.76 |
| 22-May-2016 |
christos | branches: 1.76.8;
reduce #ifdef mess caused by PaX
|
| 1.75 |
| 13-May-2016 |
christos | - make pax aslr stack eat up to 1/8 of the max stack space insted of 1/4
and reduce the length of the randomization bits since this is unused.
- call the pax aslr stack function sooner so we don't need to re-adjust the
stack size.
- adjust the stack max resource limit to account for the maximum space that
can be lost by aslr
- tidy up debugging printfs
|
| 1.74 |
| 07-Apr-2016 |
christos | remove more ifdefs
|
| 1.73 |
| 07-Apr-2016 |
christos | Add PAX_MPROTECT_DEBUG
|
| 1.72 |
| 26-Sep-2015 |
maxv | Revamp the way processes are PaX'ed in the kernel. Sent on tech-kern@ two
months ago, but no one reviewed it - probably because it's not a trivial
change.
This change fixes the following bug: when loading a PaX'ed binary, the
kernel updates the PaX flag of the calling process before it makes sure
the new process is actually launched. If the kernel fails to launch the
new process, it does not restore the PaX flag of the calling process,
leaving it in an inconsistent state.
Actually, simply restoring it would be horrible as well, since in the
meantime another thread may have used the flag.
The solution is therefore: modify all the functions used by PaX so that
they take as argument the exec package instead of the lwp, and set the PaX
flag in the process *right before* launching the new process - it cannot
fail in the meantime.
|
| 1.71 |
| 29-Mar-2014 |
maxv | branches: 1.71.6;
Style
|
| 1.70 |
| 08-Aug-2011 |
enami | branches: 1.70.2; 1.70.12; 1.70.16;
Bounds process's stack size with max_stack_size so that 32bit
binary works regardless of stack size limit setting.
|
| 1.69 |
| 23-Jun-2011 |
matt | Allow PAX_ASLR to be used by itself.
|
| 1.68 |
| 04-Mar-2011 |
christos | PR/44673: Arna Clauson: Latest MAXSSIZ bump broke netbsd32 emulation on amd64.
- Use MAXSSIZ32 instead of MAXSSIZ for 32 bit binaries
- Default MAXXSIZ32 to a quarter of MAXSSIZ (good enough?)
- Add debugging
XXX: Note that:
- sparc32 MAXSSIZ is larger than sparc64 MAXSSIZ
- sparc64 MAXSSIZ32 != sparc32 MAXSSIZ
|
| 1.67 |
| 17-Jan-2011 |
uebayasi | branches: 1.67.2;
Include internal definitions (uvm/uvm.h) only where necessary.
|
| 1.66 |
| 17-Dec-2010 |
yamt | branches: 1.66.2;
new_vmcmd: assertions
|
| 1.65 |
| 23-Aug-2010 |
christos | Fix issues with stack allocation and pax aslr:
- since the size is unsigned, don't check just that it is > 0, but limit
it to the MAXSSIZ
- if the stack size is reduced because of aslr, make sure we reduce the
actual allocation by the same size so that the size does not wrap around.
NB: Must be pulled up to 5.x!
|
| 1.64 |
| 24-Jun-2010 |
hannken | Clean up vnode lock operations pass 2:
VOP_UNLOCK(vp, flags) -> VOP_UNLOCK(vp): Remove the unneeded flags argument.
Welcome to 5.99.32.
Discussed on tech-kern.
|
| 1.63 |
| 10-Dec-2009 |
matt | branches: 1.63.2; 1.63.4;
Change u_long to vaddr_t/vsize_t in exec code where appropriate (mostly
involves setregs and vmcmds). Should result in no code differences.
|
| 1.62 |
| 29-Mar-2009 |
mrg | - add new RLIMIT_AS (aka RLIMIT_VMEM) resource that limits the total
address space available to processes. this limit exists in most other
modern unix variants, and like most of them, our defaults are unlimited.
remove the old mmap / rlimit.datasize hack.
- adds the VMCMD_STACK flag to all the stack-creation vmcmd callers.
it is currently unused, but was added a few years ago.
- add a pair of new process size values to kinfo_proc2{}. one is the
total size of the process memory map, and the other is the total size
adjusted for unused stack space (since most processes have a lot of
this...)
- patch sh, and csh to notice RLIMIT_AS. (in some cases, the alias
RLIMIT_VMEM was already present and used if availble.)
- patch ps, top and systat to notice the new k_vm_vsize member of
kinfo_proc2{}.
- update irix, svr4, svr4_32, linux and osf1 emulations to support
this information. (freebsd could be done, but that it's best left
as part of the full-update of compat/freebsd.)
this addresses PR 7897. it also gives correct memory usage values,
which have never been entirely correct (since mmap), and have been
very incorrect since jemalloc() was enabled.
tested on i386 and sparc64, build tested on several other platforms.
thanks to many folks for feedback and testing but most espcially
chuq and yamt for critical suggestions that lead to this patch not
having a special ugliness i wasn't happy with anyway :-)
|
| 1.61 |
| 02-Jun-2008 |
ad | branches: 1.61.6; 1.61.8; 1.61.12;
Don't needlessly acquire v_interlock.
|
| 1.60 |
| 28-Jan-2008 |
ad | branches: 1.60.6; 1.60.8; 1.60.10; 1.60.12;
Authorize using the LWP cached credentials, not process credentials.
|
| 1.59 |
| 03-Jan-2008 |
yamt | malloc -> kmem_alloc
|
| 1.58 |
| 02-Jan-2008 |
ad | Merge vmlocking2 to head.
|
| 1.57 |
| 26-Dec-2007 |
christos | Add PaX ASLR (Address Space Layout Randomization) [from elad and myself]
For regular (non PIE) executables randomization is enabled for:
1. The data segment
2. The stack
For PIE executables(*) randomization is enabled for:
1. The program itself
2. All shared libraries
3. The data segment
4. The stack
(*) To generate a PIE executable:
- compile everything with -fPIC
- link with -shared-libgcc -Wl,-pie
This feature is experimental, and might change. To use selectively add
options PAX_ASLR=0
in your kernel.
Currently we are using 12 bits for the stack, program, and data segment and
16 or 24 bits for mmap, depending on __LP64__.
|
| 1.56 |
| 26-Nov-2007 |
pooka | branches: 1.56.2; 1.56.6;
Remove the "struct lwp *" argument from all VFS and VOP interfaces.
The general trend is to remove it from all kernel interfaces and
this is a start. In case the calling lwp is desired, curlwp should
be used.
quick consensus on tech-kern
|
| 1.55 |
| 10-Oct-2007 |
ad | branches: 1.55.4;
Merge from vmlocking:
- Split vnode::v_flag into three fields, depending on field locking.
- simple_lock -> kmutex in a few places.
- Fix some simple locking problems.
|
| 1.54 |
| 27-Jul-2007 |
pooka | branches: 1.54.4; 1.54.6; 1.54.8; 1.54.10;
Change unused fflags parameter in VOP_MMAP to prot and pass in
desired vm protection.
|
| 1.53 |
| 22-Jul-2007 |
pooka | Retire uvn_attach() - it abuses VXLOCK and its functionality,
setting vnode sizes, is handled elsewhere: file system vnode creation
or spec_open() for regular files or block special files, respectively.
Add a call to VOP_MMAP() to the pagedvn exec path, since the vnode
is being memory mapped.
reviewed by tech-kern & wrstuden
|
| 1.52 |
| 04-Mar-2007 |
christos | branches: 1.52.2; 1.52.10;
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
| 1.51 |
| 22-Feb-2007 |
thorpej | TRUE -> true, FALSE -> false
|
| 1.50 |
| 05-Oct-2006 |
chs | branches: 1.50.4;
add support for O_DIRECT (I/O directly to application memory,
bypassing any kernel caching for file data).
|
| 1.49 |
| 23-Jul-2006 |
ad | branches: 1.49.4; 1.49.6;
Use the LWP cached credentials where sane.
|
| 1.48 |
| 20-May-2006 |
elad | Better implementation of PaX MPROTECT, after looking some more into the
code and not trying to use temporary solutions.
Lots of comments and help from YAMAMOTO Takashi, also thanks to the PaX
author for being quick to recognize that something fishy's going on. :)
Hook up in mmap/vmcmd rather than (ugh!) uvm_map_protect().
Next time I suggest to commit a temporary solution just revoke my
commit bit.
|
| 1.47 |
| 14-May-2006 |
elad | branches: 1.47.2;
integrate kauth.
|
| 1.46 |
| 11-Dec-2005 |
christos | branches: 1.46.4; 1.46.6; 1.46.8; 1.46.10; 1.46.12;
merge ktrace-lwp.
|
| 1.45 |
| 06-Jul-2005 |
thorpej | Collect vmcmd statistics.
|
| 1.44 |
| 29-May-2005 |
christos | branches: 1.44.2;
- add const.
- remove unnecessary casts.
- add __UNCONST casts and mark them with XXXUNCONST as necessary.
|
| 1.43 |
| 26-Feb-2005 |
perry | nuke trailing whitespace
|
| 1.42 |
| 17-Sep-2004 |
skrll | branches: 1.42.4; 1.42.6;
There's no need to pass a proc value when using UIO_SYSSPACE with
vn_rdwr(9) and uiomove(9).
OK'd by Jason Thorpe
|
| 1.41 |
| 29-Aug-2003 |
junyoung | Expand NEW_VMCMD() macro to a real function new_vmcmd() for the
non-debugging case as well, rather than expanding it inline. This saves
a bunch of kernel bits, e.g. 4kB from GENERIC on i386.
|
| 1.40 |
| 24-Aug-2003 |
chs | add support for non-executable mappings (where the hardware allows this)
and make the stack and heap non-executable by default. the changes
fall into two basic catagories:
- pmap and trap-handler changes. these are all MD:
= alpha: we already track per-page execute permission with the (software)
PG_EXEC bit, so just have the trap handler pay attention to it.
= i386: use a new GDT segment for %cs for processes that have no
executable mappings above a certain threshold (currently the
bottom of the stack). track per-page execute permission with
the last unused PTE bit.
= powerpc/ibm4xx: just use the hardware exec bit.
= powerpc/oea: we already track per-page exec bits, but the hardware only
implements non-exec mappings at the segment level. so track the
number of executable mappings in each segment and turn on the no-exec
segment bit iff the count is 0. adjust the trap handler to deal.
= sparc (sun4m): fix our use of the hardware protection bits.
fix the trap handler to recognize text faults.
= sparc64: split the existing unified TSB into data and instruction TSBs,
and only load TTEs into the appropriate TSB(s) for the permissions.
fix the trap handler to check for execute permission.
= not yet implemented: amd64, hppa, sh5
- changes in all the emulations that put a signal trampoline on the stack.
instead, we now put the trampoline into a uvm_aobj and map that into
the process separately.
originally from openbsd, adapted for netbsd by me.
|
| 1.39 |
| 21-Aug-2003 |
yamt | don't make zero-sized mappings.
|
| 1.38 |
| 08-Aug-2003 |
christos | GC: exec_foo_setup_stack; use exec_setup_stack, and provide a way for
emulations to override it.
|
| 1.37 |
| 29-Jun-2003 |
fvdl | branches: 1.37.2;
Back out the lwp/ktrace changes. They contained a lot of colateral damage,
and need to be examined and discussed more.
|
| 1.36 |
| 28-Jun-2003 |
darrenr | Pass lwp pointers throughtout the kernel, as required, so that the lwpid can
be inserted into ktrace records. The general change has been to replace
"struct proc *" with "struct lwp *" in various function prototypes, pass
the lwp through and use l_proc to get the process pointer when needed.
Bump the kernel rev up to 1.6V
|
| 1.35 |
| 26-Feb-2003 |
matt | Make elf32 load_file work properly with TOPDOWN by mapping psections in
reverse order. Remove TOPDOWN support from VMCMDs since elf32 does the
right stuff now. With these changes, VAX can now use TOPDOWN.
|
| 1.34 |
| 20-Feb-2003 |
atatat | Introduce "top down" memory management for mmap()ed allocations. This
means that the dynamic linker gets mapped in at the top of available
user virtual memory (typically just below the stack), shared libraries
get mapped downwards from that point, and calls to mmap() that don't
specify a preferred address will get mapped in below those.
This means that the heap and the mmap()ed allocations will grow
towards each other, allowing one or the other to grow larger than
before. Previously, the heap was limited to MAXDSIZ by the placement
of the dynamic linker (and the process's rlimits) and the space
available to mmap was hobbled by this reservation.
This is currently only enabled via an *option* for the i386 platform
(though other platforms are expected to follow). Add "options
USE_TOPDOWN_VM" to your kernel config file, rerun config, and rebuild
your kernel to take advantage of this.
Note that the pmap_prefer() interface has not yet been modified to
play nicely with this, so those platforms require a bit more work
(most notably the sparc) before they can use this new memory
arrangement.
This change also introduces a VM_DEFAULT_ADDRESS() macro that picks
the appropriate default address based on the size of the allocation or
the size of the process's text segment accordingly. Several drivers
and the SYSV SHM address assignment were changed to use this instead
of each one picking their own "default".
|
| 1.33 |
| 30-Jan-2003 |
atatat | Two small changes to the ELF exec code:
(1) ELFNAME(load_file)() now takes a pointer to the entry point
offset, instead of taking a pointer to the entry point itself. This
allows proper adjustment of the ultimate entry point at a higher level
if the object containing the entry point is moved before the exec is
finished.
(2) Introduce VMCMD_FIXED, which means the address at which a given
vmcmd describes a mapping is fixed (ie, should not be moved). Don't
set this for entries pertaining to ld.so.
Also some minor comment/whitespace tweaks.
|
| 1.32 |
| 12-Jan-2003 |
matt | In vmcmd_readvn, if the page is mapped executable and PMAP_NEED_PROCWR
is defined, call pmap_procwr to synchronize the icache. This fixes the
problem of dynamic programs crashing on powerpc systems.
|
| 1.31 |
| 05-Oct-2002 |
chs | count executable image pages as executable for vm-usage purposes.
also, always do the VTEXT vs. v_writecount mutual exclusion
(which we previously skipped if the text or data segment was empty).
|
| 1.30 |
| 25-Aug-2002 |
thorpej | Fix a signed/unsigned comparison warning from GCC 3.3.
|
| 1.29 |
| 12-Nov-2001 |
lukem | branches: 1.29.8; 1.29.10;
add RCSIDs
|
| 1.28 |
| 14-Jul-2001 |
christos | branches: 1.28.4;
- add exec_read_from and make exec_elf32 use it.
- add a macho probe function
|
| 1.27 |
| 15-Mar-2001 |
chs | branches: 1.27.2;
eliminate the KERN_* error codes in favor of the traditional E* codes.
the mapping is:
KERN_SUCCESS 0
KERN_INVALID_ADDRESS EFAULT
KERN_PROTECTION_FAILURE EACCES
KERN_NO_SPACE ENOMEM
KERN_INVALID_ARGUMENT EINVAL
KERN_FAILURE various, mostly turn into KASSERTs
KERN_RESOURCE_SHORTAGE ENOMEM
KERN_NOT_RECEIVER <unused>
KERN_NO_ACCESS <unused>
KERN_PAGES_LOCKED <unused>
|
| 1.26 |
| 27-Nov-2000 |
chs | branches: 1.26.2;
Initial integration of the Unified Buffer Cache project.
|
| 1.25 |
| 05-Nov-2000 |
tv | 8 spaces -> tab
|
| 1.24 |
| 13-Sep-2000 |
thorpej | Add an align argument to uvm_map() and some callers of that
routine. Works similarly fto pmap_prefer(), but allows callers
to specify a minimum power-of-two alignment of the region.
How we ever got along without this for so long is beyond me.
|
| 1.23 |
| 02-Aug-2000 |
thorpej | MALLOC()/FREE() are not to be used for variable sized allocations.
|
| 1.22 |
| 01-Aug-2000 |
thorpej | ANSI'ify.
|
| 1.21 |
| 13-Jul-2000 |
mjacob | Correct omissions inadvertantly introduced when the non-debug
version (macro) was updated in exec.h.
|
| 1.20 |
| 27-Jun-2000 |
mrg | remove include of <vm/vm.h>
|
| 1.19 |
| 21-Jun-2000 |
matt | Add vmcmd_readvn (which was the 2nd halt of vmcmd_map_readvn).
|
| 1.18 |
| 13-Jun-2000 |
chs | branches: 1.18.2;
make sure that the size we pass to uvm_map() is a multiple of PAGESIZE.
this should fix PR 10175 and prevent the panic of PR 10079.
|
| 1.17 |
| 07-Jul-1999 |
ws | branches: 1.17.2; 1.17.10;
Handle misalignment in vmcmd_map_readvn and vmcmd_map_zero correctly.
|
| 1.16 |
| 24-Mar-1999 |
mrg | branches: 1.16.4;
completely remove Mach VM support. all that is left is the all the
header files as UVM still uses (most of) these.
|
| 1.15 |
| 04-Aug-1998 |
perry | branches: 1.15.2;
Abolition of bcopy, ovbcopy, bcmp, and bzero, phase one.
bcopy(x, y, z) -> memcpy(y, x, z)
ovbcopy(x, y, z) -> memmove(y, x, z)
bcmp(x, y, z) -> memcmp(x, y, z)
bzero(x, y) -> memset(x, 0, y)
|
| 1.14 |
| 28-Jul-1998 |
thorpej | Don't cast the null residual pointer passed to vn_rdwr().
|
| 1.13 |
| 23-Feb-1998 |
chuck | fix uvm-related protection error: we can't write protect the
vmcmd_map_readvn() area until after we do vn_rdwr(). should fix
problem reported by sean doran.
|
| 1.12 |
| 10-Feb-1998 |
mrg | - add defopt's for UVM, UVMHIST and PMAP_NEW.
- remove unnecessary UVMHIST_DECL's.
|
| 1.11 |
| 05-Feb-1998 |
mrg | initial import of the new virtual memory system, UVM, into -current.
UVM was written by chuck cranor <chuck@maria.wustl.edu>, with some
minor portions derived from the old Mach code. i provided some help
getting swap and paging working, and other bug fixes/ideas. chuck
silvers <chuq@chuq.com> also provided some other fixes.
this is the rest of the MI portion changes.
this will be KNF'd shortly. :-)
|
| 1.10 |
| 30-Sep-1996 |
cgd | exec vnode locking protocol changes: in a nutshell, don't keep vnodes
locked for any longer than we have to.
|
| 1.9 |
| 04-Dec-1994 |
mycroft | branches: 1.9.6;
Use common fdclose() rather than a private version.
|
| 1.8 |
| 29-Jun-1994 |
cgd | New RCS ID's, take two. they're more aesthecially pleasant, and use 'NetBSD'
|
| 1.7 |
| 23-May-1994 |
cgd | cast, also, use vm_map_protect rather than vm_protect
|
| 1.6 |
| 27-Mar-1994 |
cgd | expand uid_t/gid_t/off_t
|
| 1.5 |
| 28-Jan-1994 |
jtc | Fix spelling error in Copyright notice
|
| 1.4 |
| 16-Jan-1994 |
cgd | add function for FD handling
|
| 1.3 |
| 13-Jan-1994 |
cgd | EXEC_DEBUG -> DEBUG, and trim extra debugging code, for now
|
| 1.2 |
| 08-Jan-1994 |
cgd | de-macroify kill_vmcmds()
|
| 1.1 |
| 08-Jan-1994 |
cgd | far reaching but relatively minor cleanup and slight reorg of exec code
|
| 1.9.6.1 |
| 11-Dec-1996 |
mycroft | From trunk:
Change the exec locking protocol to fix a deadlock.
|
| 1.15.2.1 |
| 09-Nov-1998 |
chs | initial snapshot. lots left to do.
|
| 1.16.4.2 |
| 02-Aug-1999 |
thorpej | Update from trunk.
|
| 1.16.4.1 |
| 07-Jun-1999 |
chs | merge everything from chs-ubc branch.
|
| 1.17.10.1 |
| 22-Jun-2000 |
minoura | Sync w/ netbsd-1-5-base.
|
| 1.17.2.4 |
| 27-Mar-2001 |
bouyer | Sync with HEAD.
|
| 1.17.2.3 |
| 08-Dec-2000 |
bouyer | Sync with HEAD.
|
| 1.17.2.2 |
| 22-Nov-2000 |
bouyer | Sync with HEAD.
|
| 1.17.2.1 |
| 20-Nov-2000 |
bouyer | Update thorpej_scsipi to -current as of a month ago
|
| 1.18.2.2 |
| 05-Nov-2000 |
tv | Pullup 1.21 [shin] and 1.25 [releng]:
Correct omissions inadvertantly introduced when the non-debug
version (macro) was updated in exec.h.
|
| 1.18.2.1 |
| 22-Jun-2000 |
matt | Add vmcmd_readvn vmcmd.
|
| 1.26.2.6 |
| 15-Jan-2003 |
thorpej | Sync with HEAD.
|
| 1.26.2.5 |
| 18-Oct-2002 |
nathanw | Catch up to -current.
|
| 1.26.2.4 |
| 27-Aug-2002 |
nathanw | Catch up to -current.
|
| 1.26.2.3 |
| 14-Nov-2001 |
nathanw | Catch up to -current.
|
| 1.26.2.2 |
| 24-Aug-2001 |
nathanw | Catch up with -current.
|
| 1.26.2.1 |
| 09-Apr-2001 |
nathanw | Catch up with -current.
|
| 1.27.2.3 |
| 06-Sep-2002 |
jdolecek | sync kqueue branch with HEAD
|
| 1.27.2.2 |
| 10-Jan-2002 |
thorpej | Sync kqueue branch with -current.
|
| 1.27.2.1 |
| 03-Aug-2001 |
lukem | update to -current
|
| 1.28.4.1 |
| 12-Nov-2001 |
thorpej | Sync the thorpej-mips-cache branch with -current.
|
| 1.29.10.1 |
| 02-Oct-2003 |
tron | Pull up revision 1.31 (requested by junyoung in ticket #1488):
count executable image pages as executable for vm-usage purposes.
also, always do the VTEXT vs. v_writecount mutual exclusion
(which we previously skipped if the text or data segment was empty).
|
| 1.29.8.1 |
| 29-Aug-2002 |
gehenna | catch up with -current.
|
| 1.37.2.7 |
| 10-Nov-2005 |
skrll | Sync with HEAD. Here we go again...
|
| 1.37.2.6 |
| 04-Mar-2005 |
skrll | Sync with HEAD.
Hi Perry!
|
| 1.37.2.5 |
| 04-Feb-2005 |
skrll | Adapt to branch.
|
| 1.37.2.4 |
| 21-Sep-2004 |
skrll | Fix the sync with head I botched.
|
| 1.37.2.3 |
| 18-Sep-2004 |
skrll | Sync with HEAD.
|
| 1.37.2.2 |
| 03-Aug-2004 |
skrll | Sync with HEAD
|
| 1.37.2.1 |
| 02-Jul-2003 |
darrenr | Apply the aborted ktrace-lwp changes to a specific branch. This is just for
others to review, I'm concerned that patch fuziness may have resulted in some
errant code being generated but I'll look at that later by comparing the diff
from the base to the branch with the file I attempt to apply to it. This will,
at the very least, put the changes in a better context for others to review
them and attempt to tinker with removing passing of 'struct lwp' through
the kernel.
|
| 1.42.6.1 |
| 19-Mar-2005 |
yamt | sync with head. xen and whitespace. xen part is not finished.
|
| 1.42.4.1 |
| 29-Apr-2005 |
kent | sync with -current
|
| 1.44.2.8 |
| 04-Feb-2008 |
yamt | sync with head.
|
| 1.44.2.7 |
| 21-Jan-2008 |
yamt | sync with head
|
| 1.44.2.6 |
| 07-Dec-2007 |
yamt | sync with head
|
| 1.44.2.5 |
| 27-Oct-2007 |
yamt | sync with head.
|
| 1.44.2.4 |
| 03-Sep-2007 |
yamt | sync with head.
|
| 1.44.2.3 |
| 26-Feb-2007 |
yamt | sync with head.
|
| 1.44.2.2 |
| 30-Dec-2006 |
yamt | sync with head.
|
| 1.44.2.1 |
| 21-Jun-2006 |
yamt | sync with head.
|
| 1.46.12.1 |
| 24-May-2006 |
tron | Merge 2006-05-24 NetBSD-current into the "peter-altq" branch.
|
| 1.46.10.1 |
| 08-Mar-2006 |
elad | Adapt to kernel authorization KPI.
|
| 1.46.8.2 |
| 11-Aug-2006 |
yamt | sync with head
|
| 1.46.8.1 |
| 24-May-2006 |
yamt | sync with head.
|
| 1.46.6.1 |
| 01-Jun-2006 |
kardel | Sync with head.
|
| 1.46.4.1 |
| 09-Sep-2006 |
rpaulo | sync with head
|
| 1.47.2.1 |
| 19-Jun-2006 |
chap | Sync with head.
|
| 1.49.6.1 |
| 22-Oct-2006 |
yamt | sync with head
|
| 1.49.4.1 |
| 18-Nov-2006 |
ad | Sync with head.
|
| 1.50.4.2 |
| 12-Mar-2007 |
rmind | Sync with HEAD.
|
| 1.50.4.1 |
| 27-Feb-2007 |
yamt | - sync with head.
- move sched_changepri back to kern_synch.c as it doesn't know PPQ anymore.
|
| 1.52.10.1 |
| 15-Aug-2007 |
skrll | Sync with HEAD.
|
| 1.52.2.3 |
| 20-Aug-2007 |
ad | Sync with HEAD.
|
| 1.52.2.2 |
| 17-Jun-2007 |
ad | - Increase the number of thread priorities from 128 to 256. How the space
is set up is to be revisited.
- Implement soft interrupts as kernel threads. A generic implementation
is provided, with hooks for fast-path MD code that can run the interrupt
threads over the top of other threads executing in the kernel.
- Split vnode::v_flag into three fields, depending on how the flag is
locked (by the interlock, by the vnode lock, by the file system).
- Miscellaneous locking fixes and improvements.
|
| 1.52.2.1 |
| 13-Mar-2007 |
ad | Pull in the initial set of changes for the vmlocking branch.
|
| 1.54.10.2 |
| 27-Jul-2007 |
pooka | Change unused fflags parameter in VOP_MMAP to prot and pass in
desired vm protection.
|
| 1.54.10.1 |
| 27-Jul-2007 |
pooka | file exec_subr.c was added on branch matt-mips64 on 2007-07-27 08:26:39 +0000
|
| 1.54.8.1 |
| 14-Oct-2007 |
yamt | sync with head.
|
| 1.54.6.3 |
| 23-Mar-2008 |
matt | sync with HEAD
|
| 1.54.6.2 |
| 09-Jan-2008 |
matt | sync with HEAD
|
| 1.54.6.1 |
| 06-Nov-2007 |
matt | sync with HEAD
|
| 1.54.4.2 |
| 27-Nov-2007 |
joerg | Sync with HEAD. amd64 Xen support needs testing.
|
| 1.54.4.1 |
| 26-Oct-2007 |
joerg | Sync with HEAD.
Follow the merge of pmap.c on i386 and amd64 and move
pmap_init_tmp_pgtbl into arch/x86/x86/pmap.c. Modify the ACPI wakeup
code to restore CR4 before jumping back into kernel space as the large
page option might cover that.
|
| 1.55.4.2 |
| 18-Feb-2008 |
mjf | Sync with HEAD.
|
| 1.55.4.1 |
| 08-Dec-2007 |
mjf | Sync with HEAD.
|
| 1.56.6.2 |
| 08-Jan-2008 |
bouyer | Sync with HEAD
|
| 1.56.6.1 |
| 02-Jan-2008 |
bouyer | Sync with HEAD
|
| 1.56.2.1 |
| 04-Dec-2007 |
ad | Pull the vmlocking changes into a new branch.
|
| 1.60.12.1 |
| 23-Jun-2008 |
wrstuden | Sync w/ -current. 34 merge conflicts to follow.
|
| 1.60.10.4 |
| 09-Oct-2010 |
yamt | sync with head
|
| 1.60.10.3 |
| 11-Aug-2010 |
yamt | sync with head.
|
| 1.60.10.2 |
| 11-Mar-2010 |
yamt | sync with head
|
| 1.60.10.1 |
| 04-May-2009 |
yamt | sync with head.
|
| 1.60.8.1 |
| 04-Jun-2008 |
yamt | sync with head
|
| 1.60.6.1 |
| 05-Jun-2008 |
mjf | Sync with HEAD.
Also fix build.
|
| 1.61.12.1 |
| 13-May-2009 |
jym | Sync with HEAD.
Commit is split, to avoid a "too many arguments" protocol error.
|
| 1.61.8.2 |
| 31-Aug-2010 |
bouyer | Pull up following revision(s) (requested by christos in ticket #1444):
sys/kern/kern_pax.c: revision 1.24
sys/kern/exec_subr.c: revision 1.65
Fix issues with stack allocation and pax aslr:
- since the size is unsigned, don't check just that it is > 0, but limit
it to the MAXSSIZ
- if the stack size is reduced because of aslr, make sure we reduce the
actual allocation by the same size so that the size does not wrap around.
NB: Must be pulled up to 5.x!
|
| 1.61.8.1 |
| 01-Apr-2009 |
snj | branches: 1.61.8.1.2; 1.61.8.1.4;
Pull up following revision(s) (requested by mrg in ticket #622):
bin/csh/csh.1: revision 1.46
bin/csh/func.c: revision 1.37
bin/ps/print.c: revision 1.111
bin/ps/ps.c: revision 1.74
bin/sh/miscbltin.c: revision 1.38
bin/sh/sh.1: revision 1.92 via patch
external/bsd/top/dist/machine/m_netbsd.c: revision 1.7
lib/libkvm/kvm_proc.c: revision 1.82
sys/arch/mips/mips/cpu_exec.c: revision 1.55
sys/compat/darwin/darwin_exec.c: revision 1.57
sys/compat/ibcs2/ibcs2_exec.c: revision 1.73
sys/compat/irix/irix_resource.c: revision 1.15
sys/compat/linux/arch/amd64/linux_exec_machdep.c: revision 1.16
sys/compat/linux/arch/i386/linux_exec_machdep.c: revision 1.12
sys/compat/linux/common/linux_limit.h: revision 1.5
sys/compat/osf1/osf1_resource.c: revision 1.14
sys/compat/svr4/svr4_resource.c: revision 1.18
sys/compat/svr4_32/svr4_32_resource.c: revision 1.17
sys/kern/exec_subr.c: revision 1.62
sys/kern/init_sysctl.c: revision 1.160
sys/kern/kern_exec.c: revision 1.288
sys/kern/kern_resource.c: revision 1.151
sys/sys/param.h: patch
sys/sys/resource.h: revision 1.31
sys/sys/sysctl.h: revision 1.184
sys/uvm/uvm_extern.h: revision 1.153
sys/uvm/uvm_glue.c: revision 1.136
sys/uvm/uvm_mmap.c: revision 1.128
usr.bin/systat/ps.c: revision 1.32
- - add new RLIMIT_AS (aka RLIMIT_VMEM) resource that limits the total
address space available to processes. this limit exists in most other
modern unix variants, and like most of them, our defaults are unlimited.
remove the old mmap / rlimit.datasize hack.
- - adds the VMCMD_STACK flag to all the stack-creation vmcmd callers.
it is currently unused, but was added a few years ago.
- - add a pair of new process size values to kinfo_proc2{}. one is the
total size of the process memory map, and the other is the total size
adjusted for unused stack space (since most processes have a lot of
this...)
- - patch sh, and csh to notice RLIMIT_AS. (in some cases, the alias
RLIMIT_VMEM was already present and used if availble.)
- - patch ps, top and systat to notice the new k_vm_vsize member of
kinfo_proc2{}.
- - update irix, svr4, svr4_32, linux and osf1 emulations to support
this information. (freebsd could be done, but that it's best left
as part of the full-update of compat/freebsd.)
this addresses PR 7897. it also gives correct memory usage values,
which have never been entirely correct (since mmap), and have been
very incorrect since jemalloc() was enabled.
tested on i386 and sparc64, build tested on several other platforms.
thanks to many folks for feedback and testing but most espcially
chuq and yamt for critical suggestions that lead to this patch not
having a special ugliness i wasn't happy with anyway :-)
|
| 1.61.8.1.4.1 |
| 20-May-2011 |
matt | bring matt-nb5-mips64 up to date with netbsd-5-1-RELEASE (except compat).
|
| 1.61.8.1.2.1 |
| 31-Aug-2010 |
bouyer | Pull up following revision(s) (requested by christos in ticket #1444):
sys/kern/kern_pax.c: revision 1.24
sys/kern/exec_subr.c: revision 1.65
Fix issues with stack allocation and pax aslr:
- since the size is unsigned, don't check just that it is > 0, but limit
it to the MAXSSIZ
- if the stack size is reduced because of aslr, make sure we reduce the
actual allocation by the same size so that the size does not wrap around.
NB: Must be pulled up to 5.x!
|
| 1.61.6.1 |
| 28-Apr-2009 |
skrll | Sync with HEAD.
|
| 1.63.4.2 |
| 05-Mar-2011 |
rmind | sync with head
|
| 1.63.4.1 |
| 03-Jul-2010 |
rmind | sync with head
|
| 1.63.2.2 |
| 22-Oct-2010 |
uebayasi | Sync with HEAD (-D20101022).
|
| 1.63.2.1 |
| 17-Aug-2010 |
uebayasi | Sync with HEAD.
|
| 1.66.2.1 |
| 06-Jun-2011 |
jruoho | Sync with HEAD.
|
| 1.67.2.1 |
| 05-Mar-2011 |
bouyer | Sync with HEAD
|
| 1.70.16.1 |
| 18-May-2014 |
rmind | sync with head
|
| 1.70.12.2 |
| 03-Dec-2017 |
jdolecek | update from HEAD
|
| 1.70.12.1 |
| 20-Aug-2014 |
tls | Rebase to HEAD as of a few days ago.
|
| 1.70.2.1 |
| 22-May-2014 |
yamt | sync with head.
for a reference, the tree before this commit was tagged
as yamt-pagecache-tag8.
this commit was splitted into small chunks to avoid
a limitation of cvs. ("Protocol error: too many arguments")
|
| 1.71.6.4 |
| 28-Aug-2017 |
skrll | Sync with HEAD
|
| 1.71.6.3 |
| 29-May-2016 |
skrll | Sync with HEAD
|
| 1.71.6.2 |
| 22-Apr-2016 |
skrll | Sync with HEAD
|
| 1.71.6.1 |
| 27-Dec-2015 |
skrll | Sync with HEAD (as of 26th Dec)
|
| 1.76.8.1 |
| 11-May-2017 |
pgoyette | Sync with HEAD
|
| 1.78.2.5 |
| 29-Nov-2023 |
martin | Additionally pull up the following for ticket #1920:
sys/kern/exec_subr.c 1.87
Fix build for kernels w/o PAX_MPROTECT.
|
| 1.78.2.4 |
| 28-Nov-2023 |
martin | Pull up following revision(s) (requested by riastradh in ticket #1920):
tests/lib/libc/sys/t_setrlimit.c: revision 1.8
tests/lib/libc/sys/t_setrlimit.c: revision 1.9
sys/kern/exec_subr.c: revision 1.86
t_setrlimit: Verify changing RLIMIT_STACK affects access to stack.
PR kern/57711
exec: Map noaccess part of stack with prot=NONE, maxprot=READ|WRITE.
This way, setrlimit(RLIMT_STACK) can grant READ|WRITE access when
increasing the stack size.
PR kern/57711
|
| 1.78.2.3 |
| 31-Aug-2017 |
bouyer | Pull up following revision(s) (requested by joerg in ticket #234):
sys/arch/amd64/include/vmparam.h: revision 1.43
sys/kern/exec_subr.c: revision 1.79
lib/libpthread/pthread_int.h: revision 1.94
sys/arch/mips/include/vmparam.h: revision 1.58
sys/arch/mips/include/vmparam.h: revision 1.59
lib/libpthread/TODO: revision 1.19
sys/arch/powerpc/include/vmparam.h: revision 1.20
sys/arch/riscv/include/vmparam.h: revision 1.2
sys/arch/riscv/include/vmparam.h: revision 1.3
sys/arch/i386/include/vmparam.h: revision 1.85
tests/lib/libpthread/t_join.c: revision 1.9
sys/uvm/uvm_meter.c: revision 1.66
sys/uvm/uvm_param.h: revision 1.36
sys/kern/exec_subr.c: revision 1.80
sys/uvm/uvm_param.h: revision 1.37
sys/kern/exec_subr.c: revision 1.81
sys/kern/exec_subr.c: revision 1.82
lib/libpthread/pthread_attr_getguardsize.3: revision 1.4
lib/libpthread/pthread.c: revision 1.148
lib/libpthread/pthread_attr.c: revision 1.17
sys/arch/amd64/include/vmparam.h: revision 1.42
Always include a 1MB guard area beyond the end of stack. While ASLR will
normally create a guard area as well, this provides a deterministic area
for all binaries.
Mitigates the rest of CVE-2017-1000374 and CVE-2017-1000375 from
Qualys.
Revert for the moment, creates problems on i386.
Recommit exec_subr.c revision 1.79:
Always include a 1MB guard area beyond the end of stack. While ASLR will
normally create a guard area as well, this provides a deterministic area
for all binaries.
Mitigates the rest of CVE-2017-1000374 and CVE-2017-1000375 from
Qualys.
Additionally, change VM_DEFAULT_ADDRESS_TOPDOWN to include
user_stack_guard_size in the size reservation.
Update VM_DEFAULT_ADDRESS32_TOPDOWN to include guard area.
Export the guard size of the main thread via vm.guard_size. Add a
complementary writable sysctl for the initial guard size of threads
created via pthread_create. Let the existing attribut accessors do the
right thing. Raise the default guard size for threads to 64KB.
|
| 1.78.2.2 |
| 21-Jun-2017 |
snj | revert ticket 50
|
| 1.78.2.1 |
| 21-Jun-2017 |
snj | Pull up following revision(s) (requested by joerg in ticket #50):
sys/kern/exec_subr.c: revision 1.79
Always include a 1MB guard area beyond the end of stack. While ASLR will
normally create a guard area as well, this provides a deterministic area
for all binaries.
Mitigates the rest of CVE-2017-1000374 and CVE-2017-1000375 from
Qualys.
|
| 1.82.12.1 |
| 17-Jan-2020 |
ad | Sync with head.
|
| 1.82.10.2 |
| 29-Nov-2023 |
martin | Additionally pull up the following for ticket #1769:
sys/kern/exec_subr.c 1.87
Fix build for kernels w/o PAX_MPROTECT.
|
| 1.82.10.1 |
| 28-Nov-2023 |
martin | Pull up following revision(s) (requested by riastradh in ticket #1769):
tests/lib/libc/sys/t_setrlimit.c: revision 1.8
tests/lib/libc/sys/t_setrlimit.c: revision 1.9
sys/kern/exec_subr.c: revision 1.86
t_setrlimit: Verify changing RLIMIT_STACK affects access to stack.
PR kern/57711
exec: Map noaccess part of stack with prot=NONE, maxprot=READ|WRITE.
This way, setrlimit(RLIMT_STACK) can grant READ|WRITE access when
increasing the stack size.
PR kern/57711
|
| 1.82.6.2 |
| 21-Apr-2020 |
martin | Sync with HEAD
|
| 1.82.6.1 |
| 08-Apr-2020 |
martin | Merge changes from current as of 20200406
|
| 1.83.4.1 |
| 20-Apr-2020 |
bouyer | Sync with HEAD
|
| 1.84.20.2 |
| 29-Nov-2023 |
martin | Additionally pull up the following for ticket #477:
sys/kern/exec_subr.c 1.87
Fix build for kernels w/o PAX_MPROTECT.
|
| 1.84.20.1 |
| 28-Nov-2023 |
martin | Pull up following revision(s) (requested by riastradh in ticket #477):
tests/lib/libc/sys/t_setrlimit.c: revision 1.8
tests/lib/libc/sys/t_setrlimit.c: revision 1.9
sys/kern/exec_subr.c: revision 1.86
t_setrlimit: Verify changing RLIMIT_STACK affects access to stack.
PR kern/57711
exec: Map noaccess part of stack with prot=NONE, maxprot=READ|WRITE.
This way, setrlimit(RLIMT_STACK) can grant READ|WRITE access when
increasing the stack size.
PR kern/57711
|
| 1.88.2.1 |
| 02-Aug-2025 |
perseant | Sync with HEAD
|
