#
359652 |
|
06-Apr-2020 |
hselasky |
MFC r333806: Use NULL for SYSINIT's last arg, which is a pointer type
Sponsored by: The FreeBSD Foundation
|
#
340054 |
|
02-Nov-2018 |
bz |
MFC r339931,r339933
As a follow-up to r339930 and various reports implement logging in case we fail during module load because the pcpu or vnet module sections are full. We did return a proper error but not leaving any indication to the user as to what the actual problem was.
PR: 228854
|
#
340053 |
|
02-Nov-2018 |
bz |
MFC r339431:
In r78161 the lookup_set linker method was introduced which optionally returns the section start and stop locations as well as a count if the caller asks for them. There was only one out-of-file consumer of count which did not actually use it and hence was eliminated in r339407. In r194784 parse_dpcpu(), and in r195699 parse_vnet() (a copy of the former) started to use the link_elf_lookup_set() interface internally also asking for the count.
count is computed as the difference of the void **stop - void **start locations and as such, if the absoulte numbers (stop - start) % sizeof(void *) != 0 a round-down happens, e.g., **stop 0x1003 - **start 0x1000 => count 0.
To get the section size instead of "count is the number of pointer elements in the section", the parse_*() functions do a count *= sizeof(void *). They use the result to allocate memory and copy the section data into the "master" and per-instance memory regions with a size of count.
As a result of count possibly round-down this can miss the last bytes of the section. The good news is that we do not touch out of bounds memory during these operations (we may at a later stage if the last bytes would overflow the master sections). Given relocation in elf_relocaddr() works based on the absolute numbers of start and stop, this means that we can possibly try to access relocated data which was never copied and hence we get random garbage or at best zeroed memory.
Stop the two (last) consumers of count (the parse_*() functions) from using count as well, and calculate the section size based on the absolute numbers of stop and start and use the proper size for the memory allocation and data copies. This will make the symbols in the last bytes of the pcpu or vnet sections be presented as expected.
PR: 232289
|
#
338867 |
|
21-Sep-2018 |
markj |
MFC r338211: Prepare the kernel linker to handle PC-relative ifunc relocations.
|
#
336749 |
|
26-Jul-2018 |
markj |
MFC r336504, r336507: Provide the full module path to preload_delete_name().
|
#
333720 |
|
17-May-2018 |
kib |
MFC r333228 Implement support for ifuncs in the kernel linker on x86.
MFC r333411: Avoid calls to bzero() before ireloc
Approved by: re (marius)
|
#
302408 |
|
07-Jul-2016 |
gjb |
Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle. Prune svn:mergeinfo from the new branch, as nothing has been merged here.
Additional commits post-branch will follow.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation |
#
298069 |
|
15-Apr-2016 |
pfg |
kern: for pointers replace 0 with NULL.
These are mostly cosmetical, no functional change.
Found with devel/coccinelle.
|
#
295489 |
|
10-Feb-2016 |
kib |
Remove useless checks for NULL before calling free(9), in the kernel elf linkers.
Found by: Related PVS-Studio diagnostic Sponsored by: The FreeBSD Foundation MFC after: 1 week
|
#
292641 |
|
23-Dec-2015 |
ngie |
Fix r292640
vim overzealously removed some trailing `+' and I didn't check the diff
MFC after: 1 week X-MFC with: r292640 Pointyhat to: ngie Sponsored by: EMC / Isilon Storage Division
|
#
292640 |
|
23-Dec-2015 |
ngie |
Clean up trailing whitespace; no functional change
MFC after: 1 week Sponsored by: EMC / Isilon Storage Division
|
#
290320 |
|
03-Nov-2015 |
markj |
Have elf_lookup() return an error if the specified non-weak symbol could not be found. Otherwise, relocations against such symbols will be silently ignored instead of causing an error to be raised.
Reviewed by: kib MFC after: 1 week
|
#
288000 |
|
19-Sep-2015 |
kib |
Add support for weak symbols to the kernel linkers. It means that linkers no longer raise an error when undefined weak symbols are found, but relocate as if the symbol value was 0. Note that we do not repeat the mistake of userspace dynamic linker of making the symbol lookup prefer non-weak symbol definition over the weak one, if both are available. In fact, kernel linker uses the first definition found, and ignores duplicates.
Signature of the elf_lookup() and elf_obj_lookup() functions changed to split result/error code and the symbol address returned. Otherwise, it is impossible to return zero address as the symbol value, to MD relocation code. This explains the mechanical changes in elf_machdep.c sources.
The powerpc64 R_PPC_JMP_SLOT handler did not checked error from the lookup() call, the patch leaves the code as is (untested).
Reported by: glebius Sponsored by: The FreeBSD Foundation MFC after: 1 week
|
#
287000 |
|
21-Aug-2015 |
royger |
preload_search_info: make sure mod is set
Add a check to preload_search_info to make sure mod is set. Most of the callers of preload_search_info don't check that the mod parameter is set, which can cause page faults. While at it, remove some now unnecessary checks before calling preload_search_info.
Sponsored by: Citrix Systems R&D Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D3440
|
#
281855 |
|
22-Apr-2015 |
rodrigc |
Move zlib.c from net to libkern.
It is not network-specific code and would be better as part of libkern instead. Move zlib.h and zutil.h from net/ to sys/ Update includes to use sys/zlib.h and sys/zutil.h instead of net/
Submitted by: Steve Kiernan stevek@juniper.net Obtained from: Juniper Networks, Inc. GitHub Pull Request: https://github.com/freebsd/freebsd/pull/28 Relnotes: yes
|
#
279750 |
|
07-Mar-2015 |
nwhitehorn |
Make 32-bit PowerPC kernels, like 64-bit PowerPC kernels, position-independent executables. The goal here, not yet accomplished, is to let the e500 kernel run under QEMU by setting KERNBASE to something that fits in low memory and then having the kernel relocate itself at runtime.
|
#
279119 |
|
21-Feb-2015 |
nwhitehorn |
Make kernel ELF image parsing not crash for kernels running at locations other than their link address.
|
#
273334 |
|
20-Oct-2014 |
marcel |
Fully support constructors for the purpose of code coverage analysis. This involves: 1. Have the loader pass the start and size of the .ctors section to the kernel in 2 new metadata elements. 2. Have the linker backends look for and record the start and size of the .ctors section in dynamically loaded modules. 3. Have the linker backends call the constructors as part of the final work of initializing preloaded or dynamically loaded modules.
Note that LLVM appends the priority of the constructors to the name of the .ctors section. Not so when compiling with GCC. The code currently works for GCC and not for LLVM.
Submitted by: Dmitry Mikulin <dmitrym@juniper.net> Obtained from: Juniper Networks, Inc.
|
#
268351 |
|
06-Jul-2014 |
marcel |
Remove ia64.
This includes: o All directories named *ia64* o All files named *ia64* o All ia64-specific code guarded by __ia64__ o All ia64-specific makefile logic o Mention of ia64 in comments and documentation
This excludes: o Everything under contrib/ o Everything under crypto/ o sys/xen/interface o sys/sys/elf_common.h
Discussed at: BSDcan
|
#
255426 |
|
09-Sep-2013 |
jhb |
Add a mmap flag (MAP_32BIT) on 64-bit platforms to request that a mapping use an address in the first 2GB of the process's address space. This flag should have the same semantics as the same flag on Linux.
To facilitate this, add a new parameter to vm_map_find() that specifies an optional maximum virtual address. While here, fix several callers of vm_map_find() to use a VMFS_* constant for the findspace argument instead of TRUE and FALSE.
Reviewed by: alc Approved by: re (kib)
|
#
254808 |
|
24-Aug-2013 |
markj |
Remove some code that has been commented out since it was added in 2000.
|
#
241896 |
|
22-Oct-2012 |
kib |
Remove the support for using non-mpsafe filesystem modules.
In particular, do not lock Giant conditionally when calling into the filesystem module, remove the VFS_LOCK_GIANT() and related macros. Stop handling buffers belonging to non-mpsafe filesystems.
The VFS_VERSION is bumped to indicate the interface change which does not result in the interface signatures changes.
Conducted and reviewed by: attilio Tested by: pho
|
#
240997 |
|
27-Sep-2012 |
trociny |
Kernel and modules have "set_vnet" linker set, where virtualized global variables are placed. When a module is loaded by link_elf linker its variables from "set_vnet" linker set are copied to the kernel "set_vnet" ("modspace") and all references to these variables inside the module are relocated accordingly.
The issue is when a module is loaded that has references to global variables from another, previously loaded module: these references are not relocated so an invalid address is used when the module tries to access the variable. The example is V_layer3_chain, defined in ipfw module and accessed from ipfw_nat.
The same issue is with DPCPU variables, which use "set_pcpu" linker set.
Fix this making the link_elf linker on a module load recognize "external" DPCPU/VNET variables defined in the previously loaded modules and relocate them accordingly. For this set_pcpu_list and set_vnet_list are used, where the addresses of modules' "set_pcpu" and "set_vnet" linker sets are stored.
Note, archs that use link_elf_obj (amd64) were not affected by this issue.
Reviewed by: jhb, julian, zec (initial version) MFC after: 1 month
|
#
231949 |
|
20-Feb-2012 |
kib |
Fix found places where uio_resid is truncated to int.
Add the sysctl debug.iosize_max_clamp, enabled by default. Setting the sysctl to zero allows to perform the SSIZE_MAX-sized i/o requests from the usermode.
Discussed with: bde, das (previous versions) MFC after: 1 month
|
#
223155 |
|
16-Jun-2011 |
marcel |
Even if the loaded module has no symbols, we still need to notify MD code about it and update the link map for GDB's use.
|
#
220730 |
|
16-Apr-2011 |
dchagin |
Remove malloc(9) return value checks when M_WAITOK is used.
MFC after: 2 Week
|
#
215013 |
|
08-Nov-2010 |
mdf |
Whitespace and other aspects of style(9). No functional changes.
MFC after: 3 days
|
#
213359 |
|
02-Oct-2010 |
kib |
Release the vnode lock and close the linker file vnode earlier in the linker_load_file methods. The change is that the consequent linker_file_unload() call is not under the vnode lock anymore. This prevents the LOR between kernel linker sx xlock and vnode lock, because linker_file_unload() relocks kernel linker lock.
MFC after: 2 weeks
|
#
195699 |
|
14-Jul-2009 |
rwatson |
Build on Jeff Roberson's linker-set based dynamic per-CPU allocator (DPCPU), as suggested by Peter Wemm, and implement a new per-virtual network stack memory allocator. Modify vnet to use the allocator instead of monolithic global container structures (vinet, ...). This change solves many binary compatibility problems associated with VIMAGE, and restores ELF symbols for virtualized global variables.
Each virtualized global variable exists as a "reference copy", and also once per virtual network stack. Virtualized global variables are tagged at compile-time, placing the in a special linker set, which is loaded into a contiguous region of kernel memory. Virtualized global variables in the base kernel are linked as normal, but those in modules are copied and relocated to a reserved portion of the kernel's vnet region with the help of a the kernel linker.
Virtualized global variables exist in per-vnet memory set up when the network stack instance is created, and are initialized statically from the reference copy. Run-time access occurs via an accessor macro, which converts from the current vnet and requested symbol to a per-vnet address. When "options VIMAGE" is not compiled into the kernel, normal global ELF symbols will be used instead and indirection is avoided.
This change restores static initialization for network stack global variables, restores support for non-global symbols and types, eliminates the need for many subsystem constructors, eliminates large per-subsystem structures that caused many binary compatibility issues both for monitoring applications (netstat) and kernel modules, removes the per-function INIT_VNET_*() macros throughout the stack, eliminates the need for vnet_symmap ksym(2) munging, and eliminates duplicate definitions of virtualized globals under VIMAGE_GLOBALS.
Bump __FreeBSD_version and update UPDATING.
Portions submitted by: bz Reviewed by: bz, zec Discussed with: gnn, jamie, jeff, jhb, julian, sam Suggested by: peter Approved by: re (kensmith)
|
#
194784 |
|
23-Jun-2009 |
jeff |
Implement a facility for dynamic per-cpu variables. - Modules and kernel code alike may use DPCPU_DEFINE(), DPCPU_GET(), DPCPU_SET(), etc. akin to the statically defined PCPU_*. Requires only one extra instruction more than PCPU_* and is virtually the same as __thread for builtin and much faster for shared objects. DPCPU variables can be initialized when defined. - Modules are supported by relocating the module's per-cpu linker set over space reserved in the kernel. Modules may fail to load if there is insufficient space available. - Track space available for modules with a one-off extent allocator. Free may block for memory to allocate space for an extent.
Reviewed by: jhb, rwatson, kan, sam, grehan, marius, marcel, stas
|
#
193511 |
|
05-Jun-2009 |
rwatson |
Move "options MAC" from opt_mac.h to opt_global.h, as it's now in GENERIC and used in a large number of files, but also because an increasing number of incorrect uses of MAC calls were sneaking in due to copy-and-paste of MAC-aware code without the associated opt_mac.h include.
Discussed with: pjd
|
#
192859 |
|
26-May-2009 |
sson |
Add the ksyms(4) pseudo driver. The ksyms driver allows a process to get a quick snapshot of the kernel's symbol table including the symbols from any loaded modules (the symbols are all merged into one symbol table). Unlike like other implementations, this ksyms driver maps memory in the process memory space to store the snapshot at the time /dev/ksyms is opened. It also checks to see if the process has already a snapshot open and won't allow it to open /dev/ksyms it again until it closes first. This prevents kernel and process memory from being exhausted. Note that /dev/ksyms is used by the lockstat(1) command.
Reviewed by: gallatin kib (freebsd-arch) Approved by: gnn (mentor)
|
#
188440 |
|
10-Feb-2009 |
attilio |
Scanning all the formats for binary translation of modules loading can result in errors for a format loading but subsequent correct recognizing for another format.
File format loading functions should avoid printing any additional informations but just returning appropriate (and different between each other) error condition, characterizing different informations. Additively, the linker should handle appropriately different format loading errors.
While a general mechanism is desired, fix a simple and common case on amd64: file type is not recognized for link elf and confuses the linker. Printout an error if all the registered linker classes can't recognize and load the module.
Reviewed by: jhb Sponsored by: Sandvine Incorporated
|
#
181235 |
|
03-Aug-2008 |
kib |
Calling linker_load_dependencies() while holding the module' vnode lock may cause a LOR between kld_sx lock and vnode lock. linker_load_dependencies() drops kld_sx, and another thread may attempt to load the same kld.
Reported and tested by: pjd MFC after: 1 week
|
#
180438 |
|
10-Jul-2008 |
obrien |
Revert r180431. r180431 broke the AMD64 build (the only arch using kern/link_elf_obj.c)
|
#
180431 |
|
10-Jul-2008 |
obrien |
Allow 'elf_file_t' to be used in a wider scope.
|
#
180374 |
|
08-Jul-2008 |
edwin |
Improve the output of kldload(8) to show which module can't be loaded.
Was: kldload: Unsupported file type Is now: kldload: /boot/modules/test.ko: Unsupported file type
PR: kern/121276 Submitted by: Edwin Groothuis <edwin@mavetju.org> Approved by: bde (mentor) MFC after: 1 week
|
#
179223 |
|
22-May-2008 |
jb |
Add hooks for the Compact C Type Format (CTF) data to be attached to the elf files. This is complicated by the fact that the actual CTF parsing has to be done in CDDL'd code, so the BSD licensed code only knows about the opaque data which it must be able to free.
|
#
177228 |
|
15-Mar-2008 |
ru |
Fix panic on e.g. "kldload /dev/null".
PR: kern/121427 Reviewed by: sem MFC after: 3 days
|
#
175294 |
|
13-Jan-2008 |
attilio |
VOP_LOCK1() (and so VOP_LOCK()) and VOP_UNLOCK() are only used in conjuction with 'thread' argument passing which is always curthread. Remove the unuseful extra-argument and pass explicitly curthread to lower layer functions, when necessary.
KPI results broken by this change, which should affect several ports, so version bumping and manpage update will be further committed.
Tested by: kris, pho, Diego Sardina <siarodx at gmail dot com>
|
#
172930 |
|
24-Oct-2007 |
rwatson |
Merge first in a series of TrustedBSD MAC Framework KPI changes from Mac OS X Leopard--rationalize naming for entry points to the following general forms:
mac_<object>_<method/action> mac_<object>_check_<method/action>
The previous naming scheme was inconsistent and mostly reversed from the new scheme. Also, make object types more consistent and remove spaces from object types that contain multiple parts ("posix_sem" -> "posixsem") to make mechanical parsing easier. Introduce a new "netinet" object type for certain IPv4/IPv6-related methods. Also simplify, slightly, some entry point names.
All MAC policy modules will need to be recompiled, and modules not updates as part of this commit will need to be modified to conform to the new KPI.
Sponsored by: SPARTA (original patches against Mac OS X) Obtained from: TrustedBSD Project, Apple Computer
|
#
170152 |
|
31-May-2007 |
kib |
Revert UF_OPENING workaround for CURRENT. Change the VOP_OPEN(), vn_open() vnode operation and d_fdopen() cdev operation argument from being file descriptor index into the pointer to struct file.
Proposed and reviewed by: jhb Reviewed by: daichi (unionfs) Approved by: re (kensmith)
|
#
167020 |
|
26-Feb-2007 |
jhb |
Mark the kernel linker file as linked so that it is visible to the various kld*() syscalls.
Tested by: piso
|
#
163606 |
|
22-Oct-2006 |
rwatson |
Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.h begun with a repo-copy of mac.h to mac_framework.h. sys/mac.h now contains the userspace and user<->kernel API and definitions, with all in-kernel interfaces moved to mac_framework.h, which is now included across most of the kernel instead.
This change is the first step in a larger cleanup and sweep of MAC Framework interfaces in the kernel, and will not be MFC'd.
Obtained from: TrustedBSD Project Sponsored by: SPARTA
|
#
160367 |
|
14-Jul-2006 |
jkim |
Let native elf class be registered earlier.
|
#
159845 |
|
21-Jun-2006 |
jhb |
Replace the kld_mtx mutex with a kld_sx sx lock and expand it's scope to protect all linker-related data structures including the contents of linker file objects and the any linker class data as well. Considering how rarely the linker is used I just went with the simple solution of single-threading the whole thing rather than expending a lot of effor on something more fine-grained and complex. Giant is still explicitly acquired while registering and deregistering sysctl's as well as in the elf linker class while calling kmupetext(). The rest of the linker runs without Giant unless it has to acquire Giant while loading files from a non-MPSAFE filesystem.
|
#
159808 |
|
20-Jun-2006 |
jhb |
Conditionally acquire Giant around VFS operations.
|
#
153504 |
|
18-Dec-2005 |
marcel |
Make our ELF64 type definitions match standards. In particular this means: o Remove Elf64_Quarter, o Redefine Elf64_Half to be 16-bit, o Redefine Elf64_Word to be 32-bit, o Add Elf64_Xword and Elf64_Sxword for 64-bit entities, o Use Elf_Size in MI code to abstract the difference between Elf32_Word and Elf64_Word. o Add Elf_Ssize as the signed counterpart of Elf_Size.
MFC after: 2 weeks
|
#
151902 |
|
31-Oct-2005 |
jhb |
Check to see if the hash table is present in link_elf_lookup_symbol() before dereferencing it. Certain corrupt kernel modules might not have a valid hash table, and would cause a kernel panic when they were loaded. Instead of panic'ing, the kernel now prints out a warning that it is missing the symbol hash table.
Tested by: Benjamin Close Benjamin dot Close at clearchain dot com MFC after: 1 week
|
#
151430 |
|
17-Oct-2005 |
peter |
Add support for kernel modules with a single PT_LOAD section.
While here, support up to four sections because it was trivial to do and cheap. (One pointer per section).
For amd64 with "-fpic -shared" format .ko files, using a single PT_LOAD section is important to avoid wasting about 1MB of KVM and physical ram for the 'gap' between the two PT_LOAD sections. amd64 normally uses .o format kld files and isn't affected normally. But -fpic -shared modules are actually possible to produce and load... (And with a bugfix to binutils, we can build and use plain -shared .ko files without -fpic)
i386 only wastes 4K per .ko file, so that isn't such a big deal there.
|
#
149544 |
|
28-Aug-2005 |
alc |
Correctly handle vm_map_wire()'s failure. (See also revisions 1.81 and 1.82.)
Reviewed by: tegge
|
#
149540 |
|
27-Aug-2005 |
alc |
Eliminate an unneeded reference on a vm object. If, in fact, the nearby vm_map_find() fails, then the excess reference causes the vm object to be leaked.
Reviewed by: tegge
|
#
149539 |
|
27-Aug-2005 |
alc |
Revert the previous change for two reasons: (1) If vm_map_find() succeeds but vm_map_wire() fails, then a vm object, vm map entries, and kernel_map free space is leaked and (2) unwiring is handled automatically by vm_map_remove().
Suggested by: tegge
|
#
133397 |
|
09-Aug-2004 |
green |
Normalize the VM wiring done with SPARSE_MAPPING: check for errors, and unmap when done. For whatever reason, SPARSE_MAPPING is not even a config option, so this is dead code.
|
#
132117 |
|
13-Jul-2004 |
phk |
Give kldunload a -f(orce) argument.
Add a MOD_QUIESCE event for modules. This should return error (EBUSY) of the module is in use.
MOD_UNLOAD should now only fail if it is impossible (as opposed to inconvenient) to unload the module. Valid reasons are memory references into the module which cannot be tracked down and eliminated.
When kldunloading, we abandon if MOD_UNLOAD fails, and if -force is not given, MOD_QUIESCE failing will also prevent the unload.
For backwards compatibility, we treat EOPNOTSUPP from MOD_QUIESCE as success.
Document that modules should return EOPNOTSUPP for unknown events.
|
#
131928 |
|
10-Jul-2004 |
marcel |
Make the GDB dynamic linker hooks (r_debug_state) conditional upon GDB instead of DDB.
|
#
129443 |
|
19-May-2004 |
bde |
Include <sys/gmon.h> instead of <machine/profile.h> for the declaration of kmupetext(). The declaration is misplaced in <machine/profile.h> since it is not MD and not related to the lowest level of profiling. It will be moved, but getting it via <sys/gmon.h> already works.
|
#
129282 |
|
16-May-2004 |
peter |
Make a small revision to the api between the elf linker core and the elf_reloc() backends for two reasons. First, to support the possibility of there being two elf linkers in the kernel (eg: amd64), and second, to pass the relocbase explicitly (for relocating .o format kld files).
|
#
118771 |
|
11-Aug-2003 |
bms |
Add the mlockall() and munlockall() system calls. - All those diffs to syscalls.master for each architecture *are* necessary. This needed clarification; the stub code generation for mlockall() was disabled, which would prevent applications from linking to this API (suggested by mux) - Giant has been quoshed. It is no longer held by the code, as the required locking has been pushed down within vm_map.c. - Callers must specify VM_MAP_WIRE_HOLESOK or VM_MAP_WIRE_NOHOLES to express their intention explicitly. - Inspected at the vmstat, top and vm pager sysctl stats level. Paging-in activity is occurring correctly, using a test harness. - The RES size for a process may appear to be greater than its SIZE. This is believed to be due to mappings of the same shared library page being wired twice. Further exploration is needed. - Believed to back out of allocations and locks correctly (tested with WITNESS, MUTEX_PROFILING, INVARIANTS and DIAGNOSTIC).
PR: kern/43426, standards/54223 Reviewed by: jake, alc Approved by: jake (mentor) MFC after: 2 weeks
|
#
118094 |
|
27-Jul-2003 |
phk |
Add fdidx argument to vn_open() and vn_open_cred() and pass -1 throughout.
|
#
116182 |
|
10-Jun-2003 |
obrien |
Use __FBSDID().
|
#
114946 |
|
12-May-2003 |
phk |
Bail out if there were not two loadable sections. Add XXX comment about one other issue.
Approved by: re/rwatson.
|
#
113158 |
|
06-Apr-2003 |
peter |
Search for "elf32 kernel" (and elf64) and "elf32 module" (and elf64) as well as "elf kernel" and "elf module". This is a precursor to x86-64 support in the i386 loader so it can load an elf64 x86-64 kernel.
|
#
111119 |
|
19-Feb-2003 |
imp |
Back out M_* changes, per decision of the TRB.
Approved by: trb
|
#
109623 |
|
21-Jan-2003 |
alfred |
Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0. Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
|
#
109605 |
|
21-Jan-2003 |
jake |
Resolve relative relocations in klds before trying to parse the module's metadata. This fixes module dependency resolution by the kernel linker on sparc64, where the relocations for the metadata are different than on other architectures; the relative offset is in the addend of an Elf_Rela record instead of the original value of the location being patched. Also fix printf formats in debug code.
Submitted by: Hartmut Brandt <brandt@fokus.gmd.de> PR: 46732 Tested on: alpha (obrien), i386, sparc64
|
#
107089 |
|
19-Nov-2002 |
rwatson |
Merge kld access control checks from the MAC tree: these access control checks permit policy modules to augment the system policy for permitting kld operations. This permits policies to limit access to kld operations based on credential (and other) properties, as well as to perform checks on the kld being loaded (integrity, etc).
Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|
#
105469 |
|
19-Oct-2002 |
marcel |
Add two hooks to signal module load and module unload to MD code. The primary reason for this is to allow MD code to process machine specific attributes, segments or sections in the ELF file and update machine specific state accordingly. An immediate use of this is in the ia64 port where unwind information is updated to allow debugging and tracing in/across modules. Note that this commit does not add the functionality to the ia64 port. See revision 1.9 of ia64/ia64/elf_machdep.c.
Validated on: alpha, i386, ia64
|
#
105468 |
|
19-Oct-2002 |
marcel |
Reduce code duplication by moving the common actions in link_elf_init(), link_elf_link_preload_finish() and link_elf_load_file() to link_elf_link_common_finish(). Since link_elf_init() did initializations as a side-effect of doing the common actions, keep the initialization in that function. Consequently, link_elf_add_gdb() is now also called to insert the very first link_map() (ie the kernel).
|
#
105467 |
|
19-Oct-2002 |
marcel |
Non-functional change in preparation of the next commit: Move link_elf_add_gdb(), link_elf_delete_gdb() and link_elf_error() near the top of the file. The *_gdb() functions are moved inside the #ifdef DDB already present there.
|
#
105434 |
|
19-Oct-2002 |
marcel |
In link_elf_load_file(), when SPARSE_MAPPING is defined and we cannot allocate ef->object, we freed ef before bailing out with an error. This is wrong because ef=lf and when we have an error and lf is non-NULL (which holds if we try to alloc ef->object), we free lf and thus ef as part of the bailing-out.
|
#
105147 |
|
15-Oct-2002 |
marcel |
Fix kernel module loading on ia64. Cross-module function calls were improperly relocated due to faulty logic in lookup_fdesc() in elf_machdep.c. The symbol index (symidx) was bogusly used for load modules other than the one the relocation applied to. This resulted in bogus bindings and consequently runtime failures.
The fix is to use the symbol index only for the module being relocated and to use the symbol name for look-ups in the modules in the dependent list. As such, we need a function to return the symbol name given the linker file and symbol index.
|
#
104094 |
|
28-Sep-2002 |
phk |
Be consistent about "static" functions: if the function is marked static in its prototype, mark it static at the definition too.
Inspired by: FlexeLint warning #512
|
#
104072 |
|
27-Sep-2002 |
jake |
Add a workaround for what seems to be confusion between binutils and the sparc v9 ABI. The Elf_Rela records for local symbols appear to already have the symbol's value added in to the addend field, even though the ABI specifies we need to lookup the symbol and add its value too. This breaks text relocations in klds because the symbol's value is added twice, and the resulting address points off into nowhere land, so for now just use the addend.
Tested by: rwatson
|
#
103436 |
|
16-Sep-2002 |
peter |
Initiate deorbit burn for the i386-only a.out related support. Moves are under way to move the remnants of the a.out toolchain to ports. As the comment in src/Makefile said, this stuff is deprecated and one should not expect this to remain beyond 4.0-REL. It has already lasted WAY beyond that.
Notable exceptions: gcc - I have not touched the a.out generation stuff there. ldd/ldconfig - still have some code to interface with a.out rtld. old as/ld/etc - I have not removed these yet, pending their move to ports. some includes - necessary for ldd/ldconfig for now.
Tested on: i386 (extensively), alpha
|
#
102547 |
|
28-Aug-2002 |
jake |
Unrot SPARSE_MAPPING code (vm_map_pageable -> vm_map_wire).
|
#
102348 |
|
24-Aug-2002 |
marcel |
Work around a GCC optimization bug on ia64: In link_elf_symbol_values(), a pointer to a symbol is given and we have to find the containing symbol table. We do this by bounds checking. For some strange reason (ie I haven't found the root cause) the first test succeeded for said symbol, implying that the symbol came from the .dynsym table. In reality however the symbol actually resided in the .symtab table. Needless to say that all that was returned was junk.
The upper bounds check was: (symptr - baseptr) < symtab_size This has been rewritten to: symptr < (baseptr + symtab_size)
As a side-effect, slightly more optimal (and still correct :-) code can be generated on ia64.
|
#
102293 |
|
22-Aug-2002 |
peter |
s/sus/sys/ in the a.out kernel case.
Submitted by: julian
|
#
102288 |
|
22-Aug-2002 |
peter |
Instead of nlist.h and link.h, use sys/nlist_aout.h and sys/link_elf.h This avoids reaching out into userland sources (or worse: /usr/include!) for building the kernel.
|
#
101941 |
|
15-Aug-2002 |
rwatson |
In order to better support flexible and extensible access control, make a series of modifications to the credential arguments relating to file read and write operations to cliarfy which credential is used for what:
- Change fo_read() and fo_write() to accept "active_cred" instead of "cred", and change the semantics of consumers of fo_read() and fo_write() to pass the active credential of the thread requesting an operation rather than the cached file cred. The cached file cred is still available in fo_read() and fo_write() consumers via fp->f_cred. These changes largely in sys_generic.c.
For each implementation of fo_read() and fo_write(), update cred usage to reflect this change and maintain current semantics:
- badfo_readwrite() unchanged - kqueue_read/write() unchanged pipe_read/write() now authorize MAC using active_cred rather than td->td_ucred - soo_read/write() unchanged - vn_read/write() now authorize MAC using active_cred but VOP_READ/WRITE() with fp->f_cred
Modify vn_rdwr() to accept two credential arguments instead of a single credential: active_cred and file_cred. Use active_cred for MAC authorization, and select a credential for use in VOP_READ/WRITE() based on whether file_cred is NULL or not. If file_cred is provided, authorize the VOP using that cred, otherwise the active credential, matching current semantics.
Modify current vn_rdwr() consumers to pass a file_cred if used in the context of a struct file, and to always pass active_cred. When vn_rdwr() is used without a file_cred, pass NOCRED.
These changes should maintain current semantics for read/write, but avoid a redundant passing of fp->f_cred, as well as making it more clear what the origin of each credential is in file descriptor read/write operations.
Follow-up commits will make similar changes to other file descriptor operations, and modify the MAC framework to pass both credentials to MAC policy modules so they can implement either semantic for revocation.
Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs
|
#
95410 |
|
24-Apr-2002 |
marcel |
Don't use the symbol name to lookup the symbol value when we can use the symbol index defined by the relocation. The elf_lookup() support function is to be used by elf_reloc() when symbol lookups need to be done. The elf_lookup() function operates on the symbol index and will do a symbol name based lookup when such is required, otherwise it uses the symbol index directly. This solves the problem seen on ia64 where the symbol hash table does not contain local symbols and a symbol name based lookup would fail for those symbols.
Don't pass the symbol name to elf_reloc(), as it isn't used any more.
|
#
95228 |
|
21-Apr-2002 |
marcel |
Add function link_elf_get_gp(), specific to ia64 for now, to get the DT_PLTGOT value. On ia64 this is the value of GP. We need this to construct function descriptors, but the elf file structure is not exported to MD code.
Note that the name of the function is based on the meaning that DT_PLTGOT has on ia64. This may differ on other architectures. As such, link_elf_get_gp() has a high level of MD to it. Renaming the function to describe what DT_* value is returned makes it generic, but also makes the MD code less clear and if we only need this on ia64, then a general name for a specific function doesn't help.
In short: I don't know what is "right" at this time, so I'll go with what I have.
|
#
91406 |
|
27-Feb-2002 |
jhb |
Simple p_ucred -> td_ucred changes to start using the per-thread ucred reference.
|
#
86469 |
|
16-Nov-2001 |
iedowse |
Fix a number of misspellings of "dependency" and "dependencies" in comments and function names.
PR: kern/8589 Submitted by: Rajesh Vaidheeswarran <rv@fore.com>
|
#
85736 |
|
30-Oct-2001 |
green |
Add the sysctl "kern.function_list", which currently exports all function symbols in the kernel in a list of C strings, with an extra nul-termination at the end.
This sysctl requires addition of a new linker operation. Now, linker_file_t's need to respond to "each_function_name" to export their function symbols.
Note that the sysctl doesn't currently allow distinguishing multiple symbols with the same name from different modules, but could quite easily without a change to the linker operation. This will be a nicety to have when it can be used.
Obtained from: NAI Labs CBOSS project Funded by: DARPA
|
#
85735 |
|
30-Oct-2001 |
green |
Also, machine/profile.h should be necessary for the function prototype of kmupetext().
|
#
85734 |
|
30-Oct-2001 |
green |
Use kmupetext() for ELF KLDs to allow for increased text segment size.
Obtained from: NAI Labs CBOSS project Funded by: DARPA
|
#
83505 |
|
15-Sep-2001 |
dfr |
The ia64 kernel is now linked dynamically so parse its _DYNAMIC structure.
|
#
83366 |
|
12-Sep-2001 |
julian |
KSE Milestone 2 Note ALL MODULES MUST BE RECOMPILED make the kernel aware that there are smaller units of scheduling than the process. (but only allow one thread per process at this time). This is functionally equivalent to teh previousl -current except that there is a thread associated with each process.
Sorry john! (your next MFC will be a doosie!)
Reviewed by: peter@freebsd.org, dillon@freebsd.org
X-MFC after: ha ha ha ha
|
#
83282 |
|
10-Sep-2001 |
peter |
Fix a warning. l_name is managed by us and is malloc/free'ed. It is the userland declaration of l_name that is inconvenient for us.
|
#
82848 |
|
03-Sep-2001 |
peter |
Unindent a if (1) { that was left behind in the last commit. (commits were seperated to not obscure the real change)
|
#
82847 |
|
03-Sep-2001 |
peter |
Argh. Make the ia64 kernel work in all situations. For some reason, and I still dont know why, this was not failing on the non-kse kernel. It certainly should have since things were using linker_kernel_file unconditionally. This has highlighted a different problem though that means that trying to do a kldload on a non-dynamic kernel will implode.
|
#
81500 |
|
10-Aug-2001 |
wpaul |
Fix some of the GDB linkage setup. The l_name member of the gdb linkage structure is always free()ed yet only sometimes malloc()ed. In particular, it was simply set to point to l_filename from the a linker_file_t in link_elf_link_preload_finish(). The l_filename had been malloc()ed inside the kern_linker.c module and was being free()ed twice: once by link_elf_unload_file() and again by linker_file_unload(), leading to a panic.
How to duplicate the problem:
- Pre-load a kernel module from the loader, i.e. if_sis.ko - Boot system - Attempt to unload module with kldunload if_sis - Bewm
The problem here is that the case where the module was loaded with kldload after system boot would work correctly, so this bug went unnoticed until I stubbed my toe on it just now. (Also, you can only trip this bug if you compile a kernel with options DDB, but that's the default now.)
Fix: remember to malloc() a separate copy of the module name for the l_name member of the gdb linkage structure in three places where the linkage structure can be initialized.
|
#
81201 |
|
06-Aug-2001 |
green |
Previously, the ELF linker would always just store the pointer to a filename passed in via the module loader functions in the GDB "sharedlibrary" support structures. This isn't good, since the pointer would become stale in almost every case (not the pre-loaded case, of course).
Change this to malloc()ed copy of the string and finally fix the reason that gdb -k's "sharedlibrary" command stopped working.
Obtained from: LOMAC/FreeBSD (cf. NAI Labs)
|
#
80700 |
|
31-Jul-2001 |
jake |
Use a machine dependent type, Elf_Hashelt, for the elements of the elf dynamic symbol table buckets and chains. The sparc64 toolchain uses 32 bit .hash entries, unlike other 64 bits architectures (alpha), which use 64 bit entries.
Discussed with: dfr, jdp
|
#
79224 |
|
04-Jul-2001 |
dillon |
With Alfred's permission, remove vm_mtx in favor of a fine-grained approach (this commit is just the first stage). Also add various GIANT_ macros to formalize the removal of Giant, making it easy to test in a more piecemeal fashion. These macros will allow us to test fine-grained locks to a degree before removing Giant, and also after, and to remove Giant in a piecemeal fashion via sysctl's on those subsystems which the authors believe can operate without Giant.
|
#
78161 |
|
13-Jun-2001 |
peter |
With this commit, I hereby pronounce gensetdefs past its use-by date.
Replace the a.out emulation of 'struct linker_set' with something a little more flexible. <sys/linker_set.h> now provides macros for accessing elements and completely hides the implementation.
The linker_set.h macros have been on the back burner in various forms since 1998 and has ideas and code from Mike Smith (SET_FOREACH()), John Polstra (ELF clue) and myself (cleaned up API and the conversion of the rest of the kernel to use it).
The macros declare a strongly typed set. They return elements with the type that you declare the set with, rather than a generic void *.
For ELF, we use the magic ld symbols (__start_<setname> and __stop_<setname>). Thanks to Richard Henderson <rth@redhat.com> for the trick about how to force ld to provide them for kld's.
For a.out, we use the old linker_set struct.
NOTE: the item lists are no longer null terminated. This is why the code impact is high in certain areas.
The runtime linker has a new method to find the linker set boundaries depending on which backend format is in use.
linker sets are still module/kld unfriendly and should never be used for anything that may be modular one day.
Reviewed by: eivind
|
#
77642 |
|
03-Jun-2001 |
dd |
Include sys/mutex.h to silence a warning.
|
#
76827 |
|
18-May-2001 |
alfred |
Introduce a global lock for the vm subsystem (vm_mtx).
vm_mtx does not recurse and is required for most low level vm operations.
faults can not be taken without holding Giant.
Memory subsystems can now call the base page allocators safely.
Almost all atomic ops were removed as they are covered under the vm mutex.
Alpha and ia64 now need to catch up to i386's trap handlers.
FFS and NFS have been tested, other filesystems will need minor changes (grabbing the vm lock when twiddling page properties).
Reviewed (partially) by: jake, jhb
|
#
76166 |
|
01-May-2001 |
markm |
Undo part of the tangle of having sys/lock.h and sys/mutex.h included in other "system" header files.
Also help the deprecation of lockmgr.h by making it a sub-include of sys/lock.h and removing sys/lockmgr.h form kernel .c files.
Sort sys/*.h includes where possible in affected files.
OK'ed by: bde (with reservations)
|
#
73016 |
|
25-Feb-2001 |
peter |
Make this compile in a.out mode. link.h has extra dependencies for a.out.
|
#
69781 |
|
08-Dec-2000 |
dwmalone |
Convert more malloc+bzero to malloc+M_ZERO.
Submitted by: josh@zipperup.org Submitted by: Robert Drehmel <robd@gmx.net>
|
#
66719 |
|
06-Oct-2000 |
jhb |
Correct a warning where the r_debug_state() dummy function used to trigger a breakpoint in the kernel didn't use the proper argument list. To avoid having to include the userland link.h header everyhwere that sys/linker.h is used, make r_debug_state() a static function in link_elf.c as well.
|
#
66454 |
|
29-Sep-2000 |
dfr |
Don't support dynamic linking on ia64 for now - the tools can't cope.
|
#
65503 |
|
06-Sep-2000 |
bp |
Ignore ELF files with 'interpreter' section because KLDs doesn't contain it.
Reviewed by: peter
|
#
62550 |
|
04-Jul-2000 |
mckusick |
Move the truncation code out of vn_open and into the open system call after the acquisition of any advisory locks. This fix corrects a case in which a process tries to open a file with a non-blocking exclusive lock. Even if it fails to get the lock it would still truncate the file even though its open failed. With this change, the truncation is done only after the lock is successfully acquired.
Obtained from: BSD/OS
|
#
59794 |
|
30-Apr-2000 |
phk |
Remove unneeded #include <vm/vm_zone.h>
Generated by: src/tools/tools/kerninclude
|
#
59751 |
|
29-Apr-2000 |
peter |
First round implementation of a fine grain enhanced module to module version dependency system. This isn't quite finished, but it is at a useful stage to do a functional checkpoint.
Highlights: - version and dependency metadata is gathered via linker sets, so things are handled the same for static kernels and code built to live in a kld. - The dependencies are at module level (versus at file level). - Dependencies determine kld symbol search order - this means that you cannot link against symbols in another file unless you depend on it. This is so that you cannot accidently unload the target out from underneath the ones referencing it. - It is flexible enough that we can put tags in #include files and macros so that we can get decent hooks for enforcing recompiles on incompatable ABI changes. eg: if we change struct proc, we could force a recompile for all kld's that reference the proc struct. - Tangled dependency references at boot time are sorted. Files are relocated once all their dependencies are already relocated.
Caveats: - Loader support is incomplete, but has been worked on seperately. - Actual enforcement of the version number tags is not active yet - just the module dependencies are live. The actual structure of versioning hasn't been agreed on yet. (eg: major.minor, or whatever) - There is some backwards compatability for old modules without metadata but I'm not sure how good it is.
This is based on work originally done by Boris Popov (bp@freebsd.org), but I'm not sure he'd recognize much of it now. Don't blame him. :-) Also, ideas have been borrowed from Mike Smith.
|
#
59744 |
|
29-Apr-2000 |
peter |
Do not use uprintf() for link time error messages. This has unpleasant consequences when it happens in the preload support, before curproc or the tty system exist.
|
#
59603 |
|
24-Apr-2000 |
dfr |
* Rewrite to use kobj(9) instead of hard-coded function tables. * Report link errors to stdout with uprintf() so that the user can see what went wrong (PR kern/9214). * Add support code to allow module symbols to be loaded into GDB using the debugger's "sharedlibrary" command.
|
#
55090 |
|
24-Dec-1999 |
bde |
Fixed a cast of a pointer to an integer of a possibly different size. Fixed casts of non-`void *' pointers to uintptr_t. Fixed related style bugs. This file uses perfectly non-KNF formatting for casts.
|
#
54655 |
|
15-Dec-1999 |
eivind |
Introduce NDFREE (and remove VOP_ABORTOP)
|
#
53820 |
|
28-Nov-1999 |
peter |
Fix an embarresing mistake in the kld symbol lookup for DDB. It should now correctly do a traceback when crashing inside a KLD module.
PR: 15014 Submitted by: Vladimir N. Silyaev <vns@delta.odessa.ua>
|
#
52635 |
|
29-Oct-1999 |
phk |
useracc() the prequel:
Merge the contents (less some trivial bordering the silly comments) of <vm/vm_prot.h> and <vm/vm_inherit.h> into <vm/vm.h>. This puts the #defines for the vm_inherit_t and vm_prot_t types next to their typedefs.
This paves the road for the commit to follow shortly: change useracc() to use VM_PROT_{READ|WRITE} rather than B_{READ|WRITE} as argument.
|
#
52128 |
|
11-Oct-1999 |
peter |
Trim unused options (or #ifdef for undoc options).
Submitted by: phk
|
#
50477 |
|
27-Aug-1999 |
peter |
$Id$ -> $FreeBSD$
|
#
50275 |
|
23-Aug-1999 |
bde |
Cast pointers to uintptr_t instead of casting them to u_long, and/or vice versa. Cosmetic.
|
#
46694 |
|
08-May-1999 |
peter |
Use KERNBASE for the load address of the kernel rather than magic constants as it seems to work.. (at least on i386/elf).
|
#
43388 |
|
29-Jan-1999 |
bde |
Cast to `const char *' instead of to c_caddr_t. This is part of terminating c_caddr_t with extreme prejudice. Here we depended on the "opaque" type c_caddr_t being precisely `const char *' to do unportable pointer arithmetic.
|
#
43311 |
|
27-Jan-1999 |
dillon |
Fix warnings in preparation for adding -Wall -Wcast-qual to the kernel compile
|
#
43309 |
|
27-Jan-1999 |
dillon |
Fix warnings in preparation for adding -Wall -Wcast-qual to the kernel compile.
This commit includes significant work to proper handle const arguments for the DDB symbol routines.
|
#
43301 |
|
27-Jan-1999 |
dillon |
Fix warnings in preparation for adding -Wall -Wcast-qual to the kernel compile
|
#
43185 |
|
25-Jan-1999 |
dfr |
Don't try to call SYSUNINIT functions if there was a link error.
Reviewed by: Peter Wemm <peter@netplex.com.au>
|
#
42200 |
|
31-Dec-1998 |
peter |
When loading something that has undefined symbols, it would be helpful to know what they were..
|
#
40962 |
|
06-Nov-1998 |
peter |
Don't put aggregate structs 4K large on the kernel stack, especially when we can recurse when loading dependencies and that the kstack is limited to something like 6 or 7KB. Having a single dependency caused an instant double panic, and I stronly suspect some of the other strange "events" that I have seen are possibly as a result of taking a couple of interrupts with a large chunk of the stack already in use.
While here, fix a minor logic hiccup in a sanity check.
|
#
40906 |
|
04-Nov-1998 |
peter |
The handle for the kernel is common. With this fix, ELF kernels can load a.out kld modules, and a.out kernels can load ELF kld modules.
|
#
40648 |
|
25-Oct-1998 |
phk |
Nitpicking and dusting performed on a train. Removes trivial warnings about unused variables, labels and other lint.
|
#
40435 |
|
16-Oct-1998 |
peter |
*gulp*. Jordan specifically OK'ed this..
This is the bulk of the support for doing kld modules. Two linker_sets were replaced by SYSINIT()'s. VFS's and exec handlers are self registered. kld is now a superset of lkm. I have converted most of them, they will follow as a seperate commit as samples. This all still works as a static a.out kernel using LKM's.
|
#
40397 |
|
15-Oct-1998 |
peter |
- bzero() after malloc() bug fix - look up relocation symbol names in correct table bugfix. - remove unused (initialized to 0) variable and conditional free() of it.
|
#
40292 |
|
13-Oct-1998 |
peter |
Load the full symbol tables if they are present. This means that ddb and tracebacks have access to local symbols. This is particularly important for the Alpha.
|
#
40254 |
|
12-Oct-1998 |
peter |
Only print kernel entry point during load. Drastically quieten down the verbose load progress messages. They were more useful for debugging than anything, but are beyond a joke when loading a few dozen modules. Simplify the ELF extended symbol table load format. Just take the main symbol table and the string table that corresponds. This is what we will be getting local symbols from. (needed for the alpha stack tracebacks). Use the (optional) full symbol tables in lookups. This means we have to furhter distinguish between symbols that can come from the dynamic linking table and the complete table. The alpha boot code now needs to be adapted as ddb/db_elf.c cannot use the simpler format. I have not implemented loading the extended symbol tables from the syscall interface yet, just for preloaded modules. I am not sure about the symbol resolution. I *think* it's possible that a local symbol can be found in preference to a global, depending on the search sequence and dependency tree.
|
#
40156 |
|
09-Oct-1998 |
peter |
Fully implement KLD and preloading. - seperate unload for preloaded linker objects. - Don't build a kernel object if running as an a.out kernel. - extract the real kernel name rather than hardwiring "kernel" for kldstat. (sysctl kern.bootfile getst the full name via bootinfo) - use real addresses on the kernel "module" rather than fictitious ones. - preloaded module support - search module path for file modules. - symbols are checked to see if they are in the right containing file before using their indexes into string tables. This is to help ddb since it only supplies a pointer to an opaque symbol and there is no telling which file/object/module/whatever it came from.
|
#
39071 |
|
11-Sep-1998 |
dfr |
Implement dynamic loading for ELF.
|
#
38514 |
|
24-Aug-1998 |
dfr |
Add partial KLD support for ELF. The module loading is not written yet.
|