CVS commit: [netbsd-5-1] src/sys/kern
Module Name:src Committed By: snj Date: Sat Nov 7 20:42:59 UTC 2015 Modified Files: src/sys/kern [netbsd-5-1]: kern_exec.c kern_exit.c kern_synch.c Log Message: Pull up following revision(s) (requested by pgoyette in ticket #1979): sys/kern/kern_synch.c: revision 1.309 sys/kern/kern_exit.c: revisions 1.246, 1.247 sys/kern/kern_exec.c: revision 1.419 In execve_runproc(), update the p_waited entry for the process being moved to SSTOP state, not for its parent. (It is correct to update the parent's p_nstopchild count.) If the value is not already zero, it could prevent its parent from waiting for the process. Fixes PR kern/50298 -- When clearing out the scheduler queues during system shutdown, we move all processes to the SSTOP state. Make sure we update each process's p_waited and the parents' p_nstopchild counters to maintain consistent values. Should not make any real difference this late in the shutdown process, but we should still be consistent just in case. Fixes PR kern/50318 -- Currently, if a process is exiting and its parent has indicated no intent of reaping the process (nor any other children), the process wil get reparented to init. Since the state of the exiting process at this point is SDEAD, proc_reparent() will not update either the old or new parent's p_nstopchild counters. This change causes both old and new parents to be properly updated. Fixes PR kern/50300 -- For processes marked with PS_STOPEXIT, update the process's p_waited value, and update its parent's p_nstopchild value when marking the process's p_stat to SSTOP. The process needed to be SACTIVE to get here, so this transition represents an additional process for which the parent needs to wait. Fixes PR kern/50308 To generate a diff of this commit: cvs rdiff -u -r1.280.4.3 -r1.280.4.3.6.1 src/sys/kern/kern_exec.c cvs rdiff -u -r1.214.4.2 -r1.214.4.2.2.1 src/sys/kern/kern_exit.c cvs rdiff -u -r1.254.2.6 -r1.254.2.6.6.1 src/sys/kern/kern_synch.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/kern_exec.c diff -u src/sys/kern/kern_exec.c:1.280.4.3 src/sys/kern/kern_exec.c:1.280.4.3.6.1 --- src/sys/kern/kern_exec.c:1.280.4.3 Wed Apr 1 21:03:04 2009 +++ src/sys/kern/kern_exec.c Sat Nov 7 20:42:59 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: kern_exec.c,v 1.280.4.3 2009/04/01 21:03:04 snj Exp $ */ +/* $NetBSD: kern_exec.c,v 1.280.4.3.6.1 2015/11/07 20:42:59 snj Exp $ */ /*- * Copyright (c) 2008 The NetBSD Foundation, Inc. @@ -59,7 +59,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: kern_exec.c,v 1.280.4.3 2009/04/01 21:03:04 snj Exp $"); +__KERNEL_RCSID(0, "$NetBSD: kern_exec.c,v 1.280.4.3.6.1 2015/11/07 20:42:59 snj Exp $"); #include "opt_ktrace.h" #include "opt_syscall_debug.h" @@ -1104,7 +1104,7 @@ execve1(struct lwp *l, const char *path, if (p->p_sflag & PS_STOPEXEC) { KERNEL_UNLOCK_ALL(l, >l_biglocks); p->p_pptr->p_nstopchild++; - p->p_pptr->p_waited = 0; + p->p_waited = 0; mutex_enter(p->p_lock); ksiginfo_queue_init(); sigclearall(p, , ); Index: src/sys/kern/kern_exit.c diff -u src/sys/kern/kern_exit.c:1.214.4.2 src/sys/kern/kern_exit.c:1.214.4.2.2.1 --- src/sys/kern/kern_exit.c:1.214.4.2 Wed Jul 1 22:30:30 2009 +++ src/sys/kern/kern_exit.c Sat Nov 7 20:42:59 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: kern_exit.c,v 1.214.4.2 2009/07/01 22:30:30 snj Exp $ */ +/* $NetBSD: kern_exit.c,v 1.214.4.2.2.1 2015/11/07 20:42:59 snj Exp $ */ /*- * Copyright (c) 1998, 1999, 2006, 2007, 2008 The NetBSD Foundation, Inc. @@ -67,7 +67,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: kern_exit.c,v 1.214.4.2 2009/07/01 22:30:30 snj Exp $"); +__KERNEL_RCSID(0, "$NetBSD: kern_exit.c,v 1.214.4.2.2.1 2015/11/07 20:42:59 snj Exp $"); #include "opt_ktrace.h" #include "opt_perfctrs.h" @@ -234,8 +234,15 @@ exit1(struct lwp *l, int rv) if (__predict_false(p->p_sflag & PS_STOPEXIT)) { KERNEL_UNLOCK_ALL(l, >l_biglocks); sigclearall(p, , ); + + if (!mutex_tryenter(proc_lock)) { + mutex_exit(p->p_lock); + mutex_enter(proc_lock); + mutex_enter(p->p_lock); + } p->p_waited = 0; - membar_producer(); + p->p_pptr->p_nstopchild++; + mutex_exit(proc_lock); p->p_stat = SSTOP; lwp_lock(l); p->p_nrlwps--; @@ -1011,7 +1018,7 @@ proc_reparent(struct proc *child, struct if (child->p_pptr == parent) return; - if (child->p_stat == SZOMB || + if (child->p_stat == SZOMB || child->p_stat == SDEAD || (child->p_stat == SSTOP && !child->p_waited)) { child->p_pptr->p_nstopchild--; parent->p_nstopchild++; Index: src/sys/kern/kern_synch.c diff -u src/sys/kern/kern_synch.c:1.254.2.6 src/sys/kern/kern_synch.c:1.254.2.6.6.1 --- src/sys/kern/kern_synch.c:1.254.2.6 Thu Apr 23 17:47:13 2009 +++ src/sys/kern/kern_synch.c Sat Nov 7 20:42:59 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: kern_synch.c,v 1.254.2.6 2009/04/23 17:47:13 snj Exp $ */ +/* $NetBSD:
CVS commit: [netbsd-5-1] src/sys/kern
Module Name:src Committed By: snj Date: Sat Nov 7 20:49:19 UTC 2015 Modified Files: src/sys/kern [netbsd-5-1]: kern_exit.c Log Message: Pull up following revision(s) (requested by pgoyette in ticket #1981): sys/kern/kern_exit.c: revision 1.248 Update value of p_stat before we release the proc_lock. Thanks to Robert Elz. To generate a diff of this commit: cvs rdiff -u -r1.214.4.2.2.1 -r1.214.4.2.2.2 src/sys/kern/kern_exit.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/kern_exit.c diff -u src/sys/kern/kern_exit.c:1.214.4.2.2.1 src/sys/kern/kern_exit.c:1.214.4.2.2.2 --- src/sys/kern/kern_exit.c:1.214.4.2.2.1 Sat Nov 7 20:42:59 2015 +++ src/sys/kern/kern_exit.c Sat Nov 7 20:49:19 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: kern_exit.c,v 1.214.4.2.2.1 2015/11/07 20:42:59 snj Exp $ */ +/* $NetBSD: kern_exit.c,v 1.214.4.2.2.2 2015/11/07 20:49:19 snj Exp $ */ /*- * Copyright (c) 1998, 1999, 2006, 2007, 2008 The NetBSD Foundation, Inc. @@ -67,7 +67,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: kern_exit.c,v 1.214.4.2.2.1 2015/11/07 20:42:59 snj Exp $"); +__KERNEL_RCSID(0, "$NetBSD: kern_exit.c,v 1.214.4.2.2.2 2015/11/07 20:49:19 snj Exp $"); #include "opt_ktrace.h" #include "opt_perfctrs.h" @@ -242,8 +242,8 @@ exit1(struct lwp *l, int rv) } p->p_waited = 0; p->p_pptr->p_nstopchild++; - mutex_exit(proc_lock); p->p_stat = SSTOP; + mutex_exit(proc_lock); lwp_lock(l); p->p_nrlwps--; l->l_stat = LSSTOP;
CVS commit: [netbsd-5-1] src/sys/kern
Module Name:src Committed By: snj Date: Sat Nov 7 20:46:38 UTC 2015 Modified Files: src/sys/kern [netbsd-5-1]: kern_sig.c Log Message: Pull up following revision(s) (requested by pgoyette in ticket #1980): sys/kern/kern_sig.c: revision 1.321 When delivering a signal, it's possible that the process's state in p_stat is SACTIVE yet p_sflag is PS_STOPPING (while waiting for other lwp's to stop). In that case, we don't want to adjust the parent's p_nstopchild count. Found by Robert Elz. To generate a diff of this commit: cvs rdiff -u -r1.289.4.6.2.1 -r1.289.4.6.2.2 src/sys/kern/kern_sig.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/kern_sig.c diff -u src/sys/kern/kern_sig.c:1.289.4.6.2.1 src/sys/kern/kern_sig.c:1.289.4.6.2.2 --- src/sys/kern/kern_sig.c:1.289.4.6.2.1 Sat Mar 17 19:15:12 2012 +++ src/sys/kern/kern_sig.c Sat Nov 7 20:46:37 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: kern_sig.c,v 1.289.4.6.2.1 2012/03/17 19:15:12 bouyer Exp $ */ +/* $NetBSD: kern_sig.c,v 1.289.4.6.2.2 2015/11/07 20:46:37 snj Exp $ */ /*- * Copyright (c) 2006, 2007, 2008 The NetBSD Foundation, Inc. @@ -66,7 +66,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: kern_sig.c,v 1.289.4.6.2.1 2012/03/17 19:15:12 bouyer Exp $"); +__KERNEL_RCSID(0, "$NetBSD: kern_sig.c,v 1.289.4.6.2.2 2015/11/07 20:46:37 snj Exp $"); #include "opt_ptrace.h" #include "opt_compat_sunos.h" @@ -1391,14 +1391,13 @@ kpsignal2(struct proc *p, ksiginfo_t *ks } if ((prop & SA_CONT) != 0 || signo == SIGKILL) { /* - * Re-adjust p_nstopchild if the process wasn't - * collected by its parent. + * Re-adjust p_nstopchild if the process was + * stopped but not yet collected by its parent. */ + if (p->p_stat == SSTOP && !p->p_waited) +p->p_pptr->p_nstopchild--; p->p_stat = SACTIVE; p->p_sflag &= ~PS_STOPPING; - if (!p->p_waited) { -p->p_pptr->p_nstopchild--; - } if (p->p_slflag & PSL_TRACED) { KASSERT(signo == SIGKILL); goto deliver;
CVS commit: [netbsd-5-1] src/sys/kern
Module Name:src Committed By: msaitoh Date: Fri Apr 24 05:46:33 UTC 2015 Modified Files: src/sys/kern [netbsd-5-1]: sys_select.c Log Message: Pull up following revision(s) (requested by prlw1 in ticket #1957): sys/kern/sys_select.c patch Limit nfds arg to poll() to a large enough value that user programs cannot allocate indefinite sized blocks of kvm. If the limit is exceeded, then return EINVAL instead of silently truncating the list. Addresses PR/17507. [prlw1, ticket #1957] To generate a diff of this commit: cvs rdiff -u -r1.10 -r1.10.10.1 src/sys/kern/sys_select.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/sys_select.c diff -u src/sys/kern/sys_select.c:1.10 src/sys/kern/sys_select.c:1.10.10.1 --- src/sys/kern/sys_select.c:1.10 Wed Oct 15 08:13:17 2008 +++ src/sys/kern/sys_select.c Fri Apr 24 05:46:33 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: sys_select.c,v 1.10 2008/10/15 08:13:17 ad Exp $ */ +/* $NetBSD: sys_select.c,v 1.10.10.1 2015/04/24 05:46:33 msaitoh Exp $ */ /*- * Copyright (c) 2007, 2008 The NetBSD Foundation, Inc. @@ -70,7 +70,7 @@ */ #include sys/cdefs.h -__KERNEL_RCSID(0, $NetBSD: sys_select.c,v 1.10 2008/10/15 08:13:17 ad Exp $); +__KERNEL_RCSID(0, $NetBSD: sys_select.c,v 1.10.10.1 2015/04/24 05:46:33 msaitoh Exp $); #include sys/param.h #include sys/systm.h @@ -432,9 +432,17 @@ pollcommon(lwp_t *l, register_t *retval, struct timeval sleeptv; selcpu_t *sc; - if (nfds p-p_fd-fd_nfiles) { - /* forgiving; slightly wrong */ - nfds = p-p_fd-fd_nfiles; + if (nfds 1000 + p-p_fd-fd_nfiles) { + /* + * Either the user passed in a very sparse 'fds' or junk! + * The kmem_alloc() call below would be bad news. + * We could process the 'fds' array in chunks, but that + * is a lot of code that isn't normally useful. + * (Or just move the copyin/out into pollscan().) + * Historically the code silently truncated 'fds' to + * dt_nfiles entries - but that does cause issues. + */ + return EINVAL; } ni = nfds * sizeof(struct pollfd); if (ni sizeof(smallbits)) {
CVS commit: [netbsd-5-1] src/sys/kern
Module Name:src Committed By: msaitoh Date: Mon Jul 14 09:10:18 UTC 2014 Modified Files: src/sys/kern [netbsd-5-1]: sys_module.c Log Message: Pull up following revision(s) (requested by maxv in ticket #1914): sys/kern/sys_module.c: revision 1.15 via patch Fix a user-controlled memory allocation. kmem_alloc(0) will panic the system. ok christos@ To generate a diff of this commit: cvs rdiff -u -r1.8.4.1 -r1.8.4.1.2.1 src/sys/kern/sys_module.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/sys_module.c diff -u src/sys/kern/sys_module.c:1.8.4.1 src/sys/kern/sys_module.c:1.8.4.1.2.1 --- src/sys/kern/sys_module.c:1.8.4.1 Sun May 3 13:07:39 2009 +++ src/sys/kern/sys_module.c Mon Jul 14 09:10:18 2014 @@ -1,4 +1,4 @@ -/* $NetBSD: sys_module.c,v 1.8.4.1 2009/05/03 13:07:39 bouyer Exp $ */ +/* $NetBSD: sys_module.c,v 1.8.4.1.2.1 2014/07/14 09:10:18 msaitoh Exp $ */ /*- * Copyright (c) 2008 The NetBSD Foundation, Inc. @@ -31,7 +31,7 @@ */ #include sys/cdefs.h -__KERNEL_RCSID(0, $NetBSD: sys_module.c,v 1.8.4.1 2009/05/03 13:07:39 bouyer Exp $); +__KERNEL_RCSID(0, $NetBSD: sys_module.c,v 1.8.4.1.2.1 2014/07/14 09:10:18 msaitoh Exp $); #include sys/param.h #include sys/systm.h @@ -43,6 +43,11 @@ __KERNEL_RCSID(0, $NetBSD: sys_module.c #include sys/syscall.h #include sys/syscallargs.h +/* + * Arbitrary limit to avoid DoS for excessive memory allocation. + */ +#define MAXPROPSLEN 4096 + static int handle_modctl_load(modctl_load_t *ml) { @@ -63,6 +68,11 @@ handle_modctl_load(modctl_load_t *ml) if (error != 0) goto out2; + if (ml-ml_propslen MAXPROPSLEN) { + error = ENOMEM; + goto out2; + } + propslen = ml-ml_propslen + 1; props = (char *)kmem_alloc(propslen, KM_SLEEP); if (props == NULL) {
CVS commit: [netbsd-5-1] src/sys/kern
Module Name:src Committed By: jdc Date: Sun Jun 3 08:47:36 UTC 2012 Modified Files: src/sys/kern [netbsd-5-1]: uipc_usrreq.c Log Message: Pull up revision 1.137 (requested by martin in ticket #1766). Stopgap fix for PR kern/46463: disallow passing of kqueue descriptors via SCM_RIGHT anxiliary socket messages. To generate a diff of this commit: cvs rdiff -u -r1.119.4.3 -r1.119.4.3.2.1 src/sys/kern/uipc_usrreq.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/uipc_usrreq.c diff -u src/sys/kern/uipc_usrreq.c:1.119.4.3 src/sys/kern/uipc_usrreq.c:1.119.4.3.2.1 --- src/sys/kern/uipc_usrreq.c:1.119.4.3 Sun Nov 8 21:47:45 2009 +++ src/sys/kern/uipc_usrreq.c Sun Jun 3 08:47:35 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: uipc_usrreq.c,v 1.119.4.3 2009/11/08 21:47:45 snj Exp $ */ +/* $NetBSD: uipc_usrreq.c,v 1.119.4.3.2.1 2012/06/03 08:47:35 jdc Exp $ */ /*- * Copyright (c) 1998, 2000, 2004, 2008, 2009 The NetBSD Foundation, Inc. @@ -96,7 +96,7 @@ */ #include sys/cdefs.h -__KERNEL_RCSID(0, $NetBSD: uipc_usrreq.c,v 1.119.4.3 2009/11/08 21:47:45 snj Exp $); +__KERNEL_RCSID(0, $NetBSD: uipc_usrreq.c,v 1.119.4.3.2.1 2012/06/03 08:47:35 jdc Exp $); #include sys/param.h #include sys/systm.h @@ -1326,7 +1326,10 @@ unp_internalize(struct mbuf **controlp) error = EAGAIN; goto out; } - if ((fp = fd_getfile(fd)) == NULL) { + if ((fp = fd_getfile(fd)) == NULL + || fp-f_type == DTYPE_KQUEUE) { + if (fp) + fd_putfile(fd); atomic_dec_uint(unp_rights); nfds = i; error = EBADF;
CVS commit: [netbsd-5-1] src/sys/kern
Module Name:src Committed By: bouyer Date: Sat Mar 17 19:15:12 UTC 2012 Modified Files: src/sys/kern [netbsd-5-1]: kern_sig.c Log Message: Pull up following revision(s) (requested by christos in ticket #1741): sys/kern/kern_sig.c: revision 1.300 kpsignal2: do not make the signal pending twice when tracing the process, also update a comment and add an assert. Fixes PR/42309 by Nicolas Joly. To generate a diff of this commit: cvs rdiff -u -r1.289.4.6 -r1.289.4.6.2.1 src/sys/kern/kern_sig.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/kern_sig.c diff -u src/sys/kern/kern_sig.c:1.289.4.6 src/sys/kern/kern_sig.c:1.289.4.6.2.1 --- src/sys/kern/kern_sig.c:1.289.4.6 Sat Jan 16 17:32:52 2010 +++ src/sys/kern/kern_sig.c Sat Mar 17 19:15:12 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: kern_sig.c,v 1.289.4.6 2010/01/16 17:32:52 bouyer Exp $ */ +/* $NetBSD: kern_sig.c,v 1.289.4.6.2.1 2012/03/17 19:15:12 bouyer Exp $ */ /*- * Copyright (c) 2006, 2007, 2008 The NetBSD Foundation, Inc. @@ -66,7 +66,7 @@ */ #include sys/cdefs.h -__KERNEL_RCSID(0, $NetBSD: kern_sig.c,v 1.289.4.6 2010/01/16 17:32:52 bouyer Exp $); +__KERNEL_RCSID(0, $NetBSD: kern_sig.c,v 1.289.4.6.2.1 2012/03/17 19:15:12 bouyer Exp $); #include opt_ptrace.h #include opt_compat_sunos.h @@ -1382,15 +1382,13 @@ kpsignal2(struct proc *p, ksiginfo_t *ks goto out; } else { /* - * Process is stopped or stopping. If traced, then no - * further action is necessary. + * Process is stopped or stopping. + * - If traced, then no action is needed, unless killing. + * - Run the process only if sending SIGCONT or SIGKILL. */ - if ((p-p_slflag PSL_TRACED) != 0 signo != SIGKILL) + if ((p-p_slflag PSL_TRACED) != 0 signo != SIGKILL) { goto out; - - /* - * Run the process only if sending SIGCONT or SIGKILL. - */ + } if ((prop SA_CONT) != 0 || signo == SIGKILL) { /* * Re-adjust p_nstopchild if the process wasn't @@ -1398,9 +1396,13 @@ kpsignal2(struct proc *p, ksiginfo_t *ks */ p-p_stat = SACTIVE; p-p_sflag = ~PS_STOPPING; - if (!p-p_waited) + if (!p-p_waited) { p-p_pptr-p_nstopchild--; - + } + if (p-p_slflag PSL_TRACED) { +KASSERT(signo == SIGKILL); +goto deliver; + } /* * Do not make signal pending if SIGCONT is default. * @@ -1423,6 +1425,7 @@ kpsignal2(struct proc *p, ksiginfo_t *ks /* * Make signal pending. */ + KASSERT((p-p_slflag PSL_TRACED) == 0); sigput(p-p_sigpend, p, kp); deliver:
CVS commit: [netbsd-5-1] src/sys/kern
Module Name:src Committed By: bouyer Date: Sun Feb 5 12:28:20 UTC 2012 Modified Files: src/sys/kern [netbsd-5-1]: kern_fork.c Log Message: Pull up following revision(s) (requested by rmind in ticket #1628): sys/kern/kern_fork.c: revision 1.184 via patch fork1: fix stop-on-fork case, lend a correct lock to LWP for LSSTOP state. Fixes PR/44935. To generate a diff of this commit: cvs rdiff -u -r1.171.12.1 -r1.171.12.2 src/sys/kern/kern_fork.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/kern_fork.c diff -u src/sys/kern/kern_fork.c:1.171.12.1 src/sys/kern/kern_fork.c:1.171.12.2 --- src/sys/kern/kern_fork.c:1.171.12.1 Sat Jun 18 16:35:56 2011 +++ src/sys/kern/kern_fork.c Sun Feb 5 12:28:20 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: kern_fork.c,v 1.171.12.1 2011/06/18 16:35:56 bouyer Exp $ */ +/* $NetBSD: kern_fork.c,v 1.171.12.2 2012/02/05 12:28:20 bouyer Exp $ */ /*- * Copyright (c) 1999, 2001, 2004, 2006, 2007, 2008 The NetBSD Foundation, Inc. @@ -67,7 +67,7 @@ */ #include sys/cdefs.h -__KERNEL_RCSID(0, $NetBSD: kern_fork.c,v 1.171.12.1 2011/06/18 16:35:56 bouyer Exp $); +__KERNEL_RCSID(0, $NetBSD: kern_fork.c,v 1.171.12.2 2012/02/05 12:28:20 bouyer Exp $); #include opt_ktrace.h @@ -509,13 +509,15 @@ fork1(struct lwp *l1, int flags, int exi p2-p_acflag = AFORK; lwp_lock(l2); if (p2-p_sflag PS_STOPFORK) { + struct schedstate_percpu *spc = l2-l_cpu-ci_schedstate; p2-p_nrlwps = 0; p2-p_stat = SSTOP; p2-p_waited = 0; p1-p_nstopchild++; l2-l_stat = LSSTOP; l2-l_flag |= tmp; - lwp_unlock(l2); + KASSERT(l2-l_wchan == NULL); + lwp_unlock_to(l2, spc-spc_lwplock); } else { p2-p_nrlwps = 1; p2-p_stat = SACTIVE; @@ -524,7 +526,6 @@ fork1(struct lwp *l1, int flags, int exi sched_enqueue(l2, false); lwp_unlock(l2); } - mutex_exit(p2-p_lock); /*
CVS commit: [netbsd-5-1] src/sys/kern
Module Name:src Committed By: bouyer Date: Sun Feb 5 12:30:38 UTC 2012 Modified Files: src/sys/kern [netbsd-5-1]: vfs_bio.c Log Message: Pull up following revision(s) (requested by rmind in ticket #1718): sys/kern/vfs_bio.c: revision 1.233 sysctl_dobuf: re-acquire the sysctl lock on retry path. PR/45827. To generate a diff of this commit: cvs rdiff -u -r1.210 -r1.210.10.1 src/sys/kern/vfs_bio.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/vfs_bio.c diff -u src/sys/kern/vfs_bio.c:1.210 src/sys/kern/vfs_bio.c:1.210.10.1 --- src/sys/kern/vfs_bio.c:1.210 Thu Sep 11 09:14:46 2008 +++ src/sys/kern/vfs_bio.c Sun Feb 5 12:30:38 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: vfs_bio.c,v 1.210 2008/09/11 09:14:46 hannken Exp $ */ +/* $NetBSD: vfs_bio.c,v 1.210.10.1 2012/02/05 12:30:38 bouyer Exp $ */ /*- * Copyright (c) 2007, 2008 The NetBSD Foundation, Inc. @@ -109,7 +109,7 @@ */ #include sys/cdefs.h -__KERNEL_RCSID(0, $NetBSD: vfs_bio.c,v 1.210 2008/09/11 09:14:46 hannken Exp $); +__KERNEL_RCSID(0, $NetBSD: vfs_bio.c,v 1.210.10.1 2012/02/05 12:30:38 bouyer Exp $); #include fs_ffs.h #include opt_bufcache.h @@ -1788,6 +1788,7 @@ sysctl_dobuf(SYSCTLFN_ARGS) break; } mutex_exit(bufcache_lock); + sysctl_relock(); goto retry; } dp += elem_size;
CVS commit: [netbsd-5-1] src/sys/kern
Module Name:src Committed By: sborrill Date: Sat Nov 19 22:22:56 UTC 2011 Modified Files: src/sys/kern [netbsd-5-1]: kern_event.c Log Message: Pull up the following revisions(s) (requested by rmind in ticket #1695): sys/kern/kern_event.c: revision 1.74 kqueue_register: avoid calling fd_getfile() with filedesc_t::fd_lock held. Fixes PR/45479 by KOGULE Ryo. To generate a diff of this commit: cvs rdiff -u -r1.60.6.2 -r1.60.6.2.2.1 src/sys/kern/kern_event.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/kern_event.c diff -u src/sys/kern/kern_event.c:1.60.6.2 src/sys/kern/kern_event.c:1.60.6.2.2.1 --- src/sys/kern/kern_event.c:1.60.6.2 Sat Jan 9 01:08:39 2010 +++ src/sys/kern/kern_event.c Sat Nov 19 22:22:56 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: kern_event.c,v 1.60.6.2 2010/01/09 01:08:39 snj Exp $ */ +/* $NetBSD: kern_event.c,v 1.60.6.2.2.1 2011/11/19 22:22:56 sborrill Exp $ */ /*- * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc. @@ -58,7 +58,7 @@ */ #include sys/cdefs.h -__KERNEL_RCSID(0, $NetBSD: kern_event.c,v 1.60.6.2 2010/01/09 01:08:39 snj Exp $); +__KERNEL_RCSID(0, $NetBSD: kern_event.c,v 1.60.6.2.2.1 2011/11/19 22:22:56 sborrill Exp $); #include sys/param.h #include sys/systm.h @@ -866,18 +866,16 @@ kqueue_register(struct kqueue *kq, struc return (EINVAL); } - mutex_enter(fdp-fd_lock); - /* search if knote already exists */ if (kfilter-filtops-f_isfd) { /* monitoring a file descriptor */ fd = kev-ident; if ((fp = fd_getfile(fd)) == NULL) { - mutex_exit(fdp-fd_lock); rw_exit(kqueue_filter_lock); kmem_free(newkn, sizeof(*newkn)); return EBADF; } + mutex_enter(fdp-fd_lock); ff = fdp-fd_ofiles[fd]; if (fd = fdp-fd_lastkqfile) { SLIST_FOREACH(kn, ff-ff_knlist, kn_link) { @@ -891,6 +889,7 @@ kqueue_register(struct kqueue *kq, struc * not monitoring a file descriptor, so * lookup knotes in internal hash table */ + mutex_enter(fdp-fd_lock); if (fdp-fd_knhashmask != 0) { list = fdp-fd_knhash[ KN_HASH((u_long)kev-ident, fdp-fd_knhashmask)];
CVS commit: [netbsd-5-1] src/sys/kern
Module Name:src Committed By: bouyer Date: Sat Jun 18 16:35:56 UTC 2011 Modified Files: src/sys/kern [netbsd-5-1]: kern_fork.c Log Message: Pull up following revision(s) (requested by rmind in ticket #1629): sys/kern/kern_fork.c: revision 1.181 Inherit proc_t::p_mqueue_cnt on fork(). To generate a diff of this commit: cvs rdiff -u -r1.171 -r1.171.12.1 src/sys/kern/kern_fork.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/kern_fork.c diff -u src/sys/kern/kern_fork.c:1.171 src/sys/kern/kern_fork.c:1.171.12.1 --- src/sys/kern/kern_fork.c:1.171 Sat Oct 11 13:40:57 2008 +++ src/sys/kern/kern_fork.c Sat Jun 18 16:35:56 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: kern_fork.c,v 1.171 2008/10/11 13:40:57 pooka Exp $ */ +/* $NetBSD: kern_fork.c,v 1.171.12.1 2011/06/18 16:35:56 bouyer Exp $ */ /*- * Copyright (c) 1999, 2001, 2004, 2006, 2007, 2008 The NetBSD Foundation, Inc. @@ -67,7 +67,7 @@ */ #include sys/cdefs.h -__KERNEL_RCSID(0, $NetBSD: kern_fork.c,v 1.171 2008/10/11 13:40:57 pooka Exp $); +__KERNEL_RCSID(0, $NetBSD: kern_fork.c,v 1.171.12.1 2011/06/18 16:35:56 bouyer Exp $); #include opt_ktrace.h @@ -343,6 +343,9 @@ else p2-p_fd = fd_copy(); + /* XXX racy */ + p2-p_mqueue_cnt = p1-p_mqueue_cnt; + if (flags FORK_SHARECWD) cwdshare(p2); else
CVS commit: [netbsd-5-1] src/sys/kern
Module Name:src Committed By: bouyer Date: Sun Mar 20 21:20:12 UTC 2011 Modified Files: src/sys/kern [netbsd-5-1]: vfs_syscalls.c Log Message: Pull up following revision(s) (requested by dholland in ticket #1567): sys/kern/vfs_syscalls.c: revision 1.415 via patch Check for bogus flags to access() up front. Otherwise we end up calling VOP_ACCESS with flags 0 and something asserts deep in the bowels of kauth. PR 44648 from Taylor Campbell. (I moved the check earlier relative to the suggested patch.) Pullup candidate. To generate a diff of this commit: cvs rdiff -u -r1.376.4.5 -r1.376.4.5.2.1 src/sys/kern/vfs_syscalls.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/vfs_syscalls.c diff -u src/sys/kern/vfs_syscalls.c:1.376.4.5 src/sys/kern/vfs_syscalls.c:1.376.4.5.2.1 --- src/sys/kern/vfs_syscalls.c:1.376.4.5 Sun Feb 14 13:27:45 2010 +++ src/sys/kern/vfs_syscalls.c Sun Mar 20 21:20:12 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: vfs_syscalls.c,v 1.376.4.5 2010/02/14 13:27:45 bouyer Exp $ */ +/* $NetBSD: vfs_syscalls.c,v 1.376.4.5.2.1 2011/03/20 21:20:12 bouyer Exp $ */ /*- * Copyright (c) 2008 The NetBSD Foundation, Inc. @@ -63,7 +63,7 @@ */ #include sys/cdefs.h -__KERNEL_RCSID(0, $NetBSD: vfs_syscalls.c,v 1.376.4.5 2010/02/14 13:27:45 bouyer Exp $); +__KERNEL_RCSID(0, $NetBSD: vfs_syscalls.c,v 1.376.4.5.2.1 2011/03/20 21:20:12 bouyer Exp $); #include opt_compat_netbsd.h #include opt_compat_43.h @@ -2390,6 +2390,11 @@ int error, flags; struct nameidata nd; + if ((SCARG(uap, flags) ~(R_OK | W_OK | X_OK)) != 0) { + /* nonsense flags */ + return EINVAL; + } + cred = kauth_cred_dup(l-l_cred); kauth_cred_seteuid(cred, kauth_cred_getuid(l-l_cred)); kauth_cred_setegid(cred, kauth_cred_getgid(l-l_cred));
CVS commit: [netbsd-5-1] src/sys/kern
Module Name:src Committed By: snj Date: Mon Mar 7 17:08:18 UTC 2011 Modified Files: src/sys/kern [netbsd-5-1]: init_sysctl.c Log Message: Apply patch (requested by joerg in ticket 1575): Sanitize arguments before memory allocation. To generate a diff of this commit: cvs rdiff -u -r1.149.4.7 -r1.149.4.7.2.1 src/sys/kern/init_sysctl.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/init_sysctl.c diff -u src/sys/kern/init_sysctl.c:1.149.4.7 src/sys/kern/init_sysctl.c:1.149.4.7.2.1 --- src/sys/kern/init_sysctl.c:1.149.4.7 Wed Jul 1 22:42:28 2009 +++ src/sys/kern/init_sysctl.c Mon Mar 7 17:08:18 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: init_sysctl.c,v 1.149.4.7 2009/07/01 22:42:28 snj Exp $ */ +/* $NetBSD: init_sysctl.c,v 1.149.4.7.2.1 2011/03/07 17:08:18 snj Exp $ */ /*- * Copyright (c) 2003, 2007, 2008 The NetBSD Foundation, Inc. @@ -30,7 +30,7 @@ */ #include sys/cdefs.h -__KERNEL_RCSID(0, $NetBSD: init_sysctl.c,v 1.149.4.7 2009/07/01 22:42:28 snj Exp $); +__KERNEL_RCSID(0, $NetBSD: init_sysctl.c,v 1.149.4.7.2.1 2011/03/07 17:08:18 snj Exp $); #include opt_sysv.h #include opt_compat_netbsd32.h @@ -2528,6 +2528,11 @@ #endif len = sizeof(char *) * nargv; + if (nargv 0 || len ARG_MAX || len (size_t)nargv) { + error = EINVAL; + goto done; + } + if ((argvlen = len) != 0) argv = kmem_alloc(len, KM_SLEEP);
CVS commit: [netbsd-5-1] src/sys/kern
Module Name:src Committed By: riz Date: Mon Mar 7 04:09:55 UTC 2011 Modified Files: src/sys/kern [netbsd-5-1]: vfs_wapbl.c Log Message: Pull up following revision(s) (requested by bouyer in ticket #1543): sys/kern/vfs_wapbl.c: revision 1.27 sys/kern/vfs_wapbl.c: revision 1.28 Turn a KASSERT into a panic. I don't want us to be randomly overwriting memory on non-DIAGNOSTIC kernels if resource estimation fails. Add dealloccnt to list of things to be considered in the stetson-harrison decision making algorithm for flushing a wapbl transation. To generate a diff of this commit: cvs rdiff -u -r1.3.8.2.2.1 -r1.3.8.2.2.2 src/sys/kern/vfs_wapbl.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/vfs_wapbl.c diff -u src/sys/kern/vfs_wapbl.c:1.3.8.2.2.1 src/sys/kern/vfs_wapbl.c:1.3.8.2.2.2 --- src/sys/kern/vfs_wapbl.c:1.3.8.2.2.1 Mon Nov 22 02:53:19 2010 +++ src/sys/kern/vfs_wapbl.c Mon Mar 7 04:09:55 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: vfs_wapbl.c,v 1.3.8.2.2.1 2010/11/22 02:53:19 riz Exp $ */ +/* $NetBSD: vfs_wapbl.c,v 1.3.8.2.2.2 2011/03/07 04:09:55 riz Exp $ */ /*- * Copyright (c) 2003, 2008, 2009 The NetBSD Foundation, Inc. @@ -33,7 +33,7 @@ * This implements file system independent write ahead filesystem logging. */ #include sys/cdefs.h -__KERNEL_RCSID(0, $NetBSD: vfs_wapbl.c,v 1.3.8.2.2.1 2010/11/22 02:53:19 riz Exp $); +__KERNEL_RCSID(0, $NetBSD: vfs_wapbl.c,v 1.3.8.2.2.2 2011/03/07 04:09:55 riz Exp $); #include sys/param.h @@ -787,16 +787,20 @@ wl-wl_bufbytes_max / 2) || ((wl-wl_bufcount + (lockcount * 10)) wl-wl_bufcount_max / 2) || - (wapbl_transaction_len(wl) wl-wl_circ_size / 2); + (wapbl_transaction_len(wl) wl-wl_circ_size / 2) || + (wl-wl_dealloccnt = + (wl-wl_dealloclim - (wl-wl_dealloclim 8))); mutex_exit(wl-wl_mtx); if (doflush) { WAPBL_PRINTF(WAPBL_PRINT_FLUSH, (force flush lockcnt=%d bufbytes=%zu - (max=%zu) bufcount=%zu (max=%zu)\n, + (max=%zu) bufcount=%zu (max=%zu) + dealloccnt %d (lim=%d)\n, lockcount, wl-wl_bufbytes, wl-wl_bufbytes_max, wl-wl_bufcount, - wl-wl_bufcount_max)); + wl-wl_bufcount_max, + wl-wl_dealloccnt, wl-wl_dealloclim)); } if (doflush) { @@ -1671,8 +1675,14 @@ mutex_enter(wl-wl_mtx); /* XXX should eventually instead tie this into resource estimation */ - /* XXX this KASSERT needs locking/mutex analysis */ - KASSERT(wl-wl_dealloccnt wl-wl_dealloclim); + /* + * XXX this panic needs locking/mutex analysis and the + * ability to cope with the failure. + */ + /* XXX this XXX doesn't have enough XXX */ + if (__predict_false(wl-wl_dealloccnt = wl-wl_dealloclim)) + panic(wapbl_register_deallocation: out of resources); + wl-wl_deallocblks[wl-wl_dealloccnt] = blk; wl-wl_dealloclens[wl-wl_dealloccnt] = len; wl-wl_dealloccnt++;
CVS commit: [netbsd-5-1] src/sys/kern
Module Name:src Committed By: riz Date: Mon Nov 22 02:53:19 UTC 2010 Modified Files: src/sys/kern [netbsd-5-1]: vfs_wapbl.c Log Message: Pull up following revision(s) (requested by hannken in ticket #1477): sys/kern/vfs_wapbl.c: revision 1.38 Wapbl_register_deallocation(): the taken reader lock is not sufficient to protect wl_dealloc* members. Take the mutex here and change the lock requirements of these fields to writer lock or mutex. This error lead to file system corruption and freeing free block panics. To generate a diff of this commit: cvs rdiff -u -r1.3.8.2 -r1.3.8.2.2.1 src/sys/kern/vfs_wapbl.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/vfs_wapbl.c diff -u src/sys/kern/vfs_wapbl.c:1.3.8.2 src/sys/kern/vfs_wapbl.c:1.3.8.2.2.1 --- src/sys/kern/vfs_wapbl.c:1.3.8.2 Mon Sep 13 19:52:49 2010 +++ src/sys/kern/vfs_wapbl.c Mon Nov 22 02:53:19 2010 @@ -1,4 +1,4 @@ -/* $NetBSD: vfs_wapbl.c,v 1.3.8.2 2010/09/13 19:52:49 snj Exp $ */ +/* $NetBSD: vfs_wapbl.c,v 1.3.8.2.2.1 2010/11/22 02:53:19 riz Exp $ */ /*- * Copyright (c) 2003, 2008, 2009 The NetBSD Foundation, Inc. @@ -33,7 +33,7 @@ * This implements file system independent write ahead filesystem logging. */ #include sys/cdefs.h -__KERNEL_RCSID(0, $NetBSD: vfs_wapbl.c,v 1.3.8.2 2010/09/13 19:52:49 snj Exp $); +__KERNEL_RCSID(0, $NetBSD: vfs_wapbl.c,v 1.3.8.2.2.1 2010/11/22 02:53:19 riz Exp $); #include sys/param.h @@ -95,6 +95,7 @@ * r = read-only after init * l = rwlock held * m = mutex held + * lm = rwlock held writing or mutex held * u = unlocked access ok * b = bufcache_lock held */ @@ -162,9 +163,9 @@ size_t wl_unsynced_bufbytes; /* Byte count of unsynced buffers */ #endif - daddr_t *wl_deallocblks;/* l: address of block */ - int *wl_dealloclens; /* l: size of block (fragments, kom ih�g) */ - int wl_dealloccnt; /* l: total count */ + daddr_t *wl_deallocblks;/* lm: address of block */ + int *wl_dealloclens; /* lm: size of block */ + int wl_dealloccnt; /* lm: total count */ int wl_dealloclim; /* l: max count */ /* hashtable of inode numbers for allocated but unlinked inodes */ @@ -1668,6 +1669,7 @@ wapbl_jlock_assert(wl); + mutex_enter(wl-wl_mtx); /* XXX should eventually instead tie this into resource estimation */ /* XXX this KASSERT needs locking/mutex analysis */ KASSERT(wl-wl_dealloccnt wl-wl_dealloclim); @@ -1676,6 +1678,7 @@ wl-wl_dealloccnt++; WAPBL_PRINTF(WAPBL_PRINT_ALLOC, (wapbl_register_deallocation: blk=%PRId64 len=%d\n, blk, len)); + mutex_exit(wl-wl_mtx); } //