#
367129 |
|
29-Oct-2020 |
kib |
MFC r366932: sysv_sem: semusz depends on semume.
PR: 250361
|
#
360451 |
|
28-Apr-2020 |
brooks |
MFC r359937:
Centralize compatability translation macros.
Copy the CP, PTRIN, etc macros from freebsd32.h into a sys/abi_compat.h and replace existing definitation with includes where required. This eliminates duplicate code and allows Linux and FreeBSD compatability headers to be included in the same files.
Obtained from: CheriBSD Sponsored by: DARPA Differential Revision: https://reviews.freebsd.org/D24275
|
#
358246 |
|
22-Feb-2020 |
kib |
Fix build with INVARIANTS turned on.
This is a direct commit to stable/11.
|
#
358245 |
|
22-Feb-2020 |
kib |
MFC r357984: sem_remove(): fix the loop that compacts sem array on semaphores removal.
|
#
358244 |
|
22-Feb-2020 |
kib |
MFC r357983: sem_remove(): add some asserts.
|
#
358243 |
|
22-Feb-2020 |
kib |
MFC r357982: Use designated initializers for seminfo.
|
#
329739 |
|
21-Feb-2018 |
brooks |
MFC r329525:
Correct/improve the descriptions if kern.ipc.(shmsegs,sema,msqids).
The description of kern.ipc.shmsegs was wrong since 2005. I updated the others (which were more correct) to match.
PR: 225933 Reviewed by: cem Sponsored by: DARPA, AFRL Differential Revision: https://reviews.freebsd.org/D14391
|
#
329177 |
|
12-Feb-2018 |
brooks |
MFC r328799:
Add kern.ipc.{msqids,semsegs,sema} sysctls for FreeBSD32.
Stop leaking kernel pointers though theses sysctls and make sure that the padding in the structures is zeroed on allocation to avoid other leaks.
Reviewed by: gordon, kib Obtained from: CheriBSD Sponsored by: DARPA, AFRL Differential Revision: https://reviews.freebsd.org/D13459
|
#
302408 |
|
07-Jul-2016 |
gjb |
Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle. Prune svn:mergeinfo from the new branch, as nothing has been merged here.
Additional commits post-branch will follow.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation |
#
298819 |
|
29-Apr-2016 |
pfg |
sys/kern: spelling fixes in comments.
No functional change.
|
#
298661 |
|
26-Apr-2016 |
cem |
osd(9): Change array pointer to array pointer type from void*
This is a minor follow-up to r297422, prompted by a Coverity warning. (It's not a real defect, just a code smell.) OSD slot array reservations are an array of pointers (void **) but were cast to void* and back unnecessarily. Keep the correct type from reservation to use.
osd.9 is updated to match, along with a few trivial igor fixes.
Reported by: Coverity CID: 1353811 Sponsored by: EMC / Isilon Storage Division
|
#
298656 |
|
26-Apr-2016 |
jamie |
Redo the changes to the SYSV IPC sysctl functions from r298585, so they don't (mis)use sbufs.
PR: 48471
|
#
298585 |
|
25-Apr-2016 |
jamie |
Encapsulate SYSV IPC objects in jails. Define per-module parameters sysvmsg, sysvsem, and sysvshm, with the following bahavior:
inherit: allow full access to the IPC primitives. This is the same as the current setup with allow.sysvipc is on. Jails and the base system can see (and moduly) each other's objects, which is generally considered a bad thing (though may be useful in some circumstances).
disable: all no access, same as the current setup with allow.sysvipc off.
new: A jail may see use the IPC objects that it has created. It also gets its own IPC key namespace, so different jails may have their own objects using the same key value. The parent jail (or base system) can see the jail's IPC objects, but not its keys.
PR: 48471 Submitted by: based on work by kikuchan98@gmail.com MFC after: 5 days
|
#
298433 |
|
21-Apr-2016 |
pfg |
sys: use our roundup2/rounddown2() macros when param.h is available.
rounddown2 tends to produce longer lines than the original code and when the code has a high indentation level it was not really advantageous to do the replacement.
This tries to strike a balance between readability using the macros and flexibility of having the expressions, so not everything is converted.
|
#
298354 |
|
20-Apr-2016 |
pfg |
Indentation issues.
Contract some lines leftover from r298310.
Mea culpa.
|
#
298310 |
|
19-Apr-2016 |
pfg |
kernel: use our nitems() macro when it is available through param.h.
No functional change, only trivial cases are done in this sweep,
Discussed in: freebsd-current
|
#
298069 |
|
15-Apr-2016 |
pfg |
kern: for pointers replace 0 with NULL.
These are mostly cosmetical, no functional change.
Found with devel/coccinelle.
|
#
295385 |
|
07-Feb-2016 |
jilles |
semget(): Check for [EEXIST] error first.
Although POSIX literally permits failing with [EINVAL] if IPC_CREAT and IPC_EXCL were both passed, the semaphore set already exists and has fewer semaphores than nsems, this does not allow an application to retry safely: if the [EINVAL] is actually because of the semmsl limit, an infinite loop would result.
PR: 206927
|
#
282213 |
|
29-Apr-2015 |
trasz |
Add kern.racct.enable tunable and RACCT_DISABLED config option. The point of this is to be able to add RACCT (with RACCT_DISABLED) to GENERIC, to avoid having to rebuild the kernel to use rctl(8).
Differential Revision: https://reviews.freebsd.org/D2369 Reviewed by: kib@ MFC after: 1 month Relnotes: yes Sponsored by: The FreeBSD Foundation
|
#
273707 |
|
26-Oct-2014 |
mjg |
Avoid dynamic syscall overhead for statically compiled modules.
The kernel tracks syscall users so that modules can safely unregister them.
But if the module is not unloadable or was compiled into the kernel, there is no need to do this.
Achieve this by adding SY_THR_STATIC_KLD macro which expands to SY_THR_STATIC during kernel build and 0 otherwise.
Reviewed by: kib (previous version) MFC after: 2 weeks
|
#
267992 |
|
28-Jun-2014 |
hselasky |
Pull in r267961 and r267973 again. Fix for issues reported will follow.
|
#
267985 |
|
27-Jun-2014 |
gjb |
Revert r267961, r267973:
These changes prevent sysctl(8) from returning proper output, such as:
1) no output from sysctl(8) 2) erroneously returning ENOMEM with tools like truss(1) or uname(1) truss: can not get etype: Cannot allocate memory
|
#
267961 |
|
27-Jun-2014 |
hselasky |
Extend the meaning of the CTLFLAG_TUN flag to automatically check if there is an environment variable which shall initialize the SYSCTL during early boot. This works for all SYSCTL types both statically and dynamically created ones, except for the SYSCTL NODE type and SYSCTLs which belong to VNETs. A new flag, CTLFLAG_NOFETCH, has been added to be used in the case a tunable sysctl has a custom initialisation function allowing the sysctl to still be marked as a tunable. The kernel SYSCTL API is mostly the same, with a few exceptions for some special operations like iterating childrens of a static/extern SYSCTL node. This operation should probably be made into a factored out common macro, hence some device drivers use this. The reason for changing the SYSCTL API was the need for a SYSCTL parent OID pointer and not only the SYSCTL parent OID list pointer in order to quickly generate the sysctl path. The motivation behind this patch is to avoid parameter loading cludges inside the OFED driver subsystem. Instead of adding special code to the OFED driver subsystem to post-load tunables into dynamically created sysctls, we generalize this in the kernel.
Other changes: - Corrected a possibly incorrect sysctl name from "hw.cbb.intr_mask" to "hw.pcic.intr_mask". - Removed redundant TUNABLE statements throughout the kernel. - Some minor code rewrites in connection to removing not needed TUNABLE statements. - Added a missing SYSCTL_DECL(). - Wrapped two very long lines. - Avoid malloc()/free() inside sysctl string handling, in case it is called to initialize a sysctl from a tunable, hence malloc()/free() is not ready when sysctls from the sysctl dataset are registered. - Bumped FreeBSD version to indicate SYSCTL API change.
MFC after: 2 weeks Sponsored by: Mellanox Technologies
|
#
225617 |
|
16-Sep-2011 |
kmacy |
In order to maximize the re-usability of kernel code in user space this patch modifies makesyscalls.sh to prefix all of the non-compatibility calls (e.g. not linux_, freebsd32_) with sys_ and updates the kernel entry points and all places in the code that use them. It also fixes an additional name space collision between the kernel function psignal and the libc function of the same name by renaming the kernel psignal kern_psignal(). By introducing this change now we will ease future MFCs that change syscalls.
Reviewed by: rwatson Approved by: re (bz)
|
#
224016 |
|
14-Jul-2011 |
bz |
Remove semaphore map entry count "semmap" field and its tuning option that is highly recommended to be adjusted in too much documentation while doing nothing in FreeBSD since r2729 (rev 1.1).
ipcs(1) needs to be recompiled as it is accessing _KERNEL private variables.
Reviewed by: jhb (before comment change on linux code) Sponsored by: Sandvine Incorporated
|
#
223825 |
|
06-Jul-2011 |
trasz |
All the racct_*() calls need to happen with the proc locked. Fixing this won't happen before 9.0. This commit adds "#ifdef RACCT" around all the "PROC_LOCK(p); racct_whatever(p, ...); PROC_UNLOCK(p)" instances, in order to avoid useless locking/unlocking in kernels built without "options RACCT".
|
#
220399 |
|
06-Apr-2011 |
trasz |
Style fix.
Submitted by: jhb@
|
#
220398 |
|
06-Apr-2011 |
trasz |
Add accounting for SysV-related resources.
Sponsored by: The FreeBSD Foundation Reviewed by: kib (earlier version)
|
#
220388 |
|
06-Apr-2011 |
trasz |
Add ucred pointer to the SysV-related memory structures. This is required for racct.
Note that after this commit, ipcs(1) needs to be rebuilt. Otherwise, it will fail with "ipcs: sysctlbyname: kern.ipc.msqids: Cannot allocate memory".
Sponsored by: The FreeBSD Foundation Reviewed by: kib (earlier version)
|
#
219028 |
|
25-Feb-2011 |
netchild |
Add some FEATURE macros for various features (AUDIT/CAM/IPC/KTR/MAC/NFS/NTP/ PMC/SYSV/...).
No FreeBSD version bump, the userland application to query the features will be committed last and can serve as an indication of the availablility if needed.
Sponsored by: Google Summer of Code 2010 Submitted by: kibab Reviewed by: arch@ (parts by rwatson, trasz, jhb) X-MFC after: to be determined in last commit with code from this project
|
#
217555 |
|
18-Jan-2011 |
mdf |
Specify a CTLTYPE_FOO so that a future sysctl(8) change does not need to rely on the format string.
|
#
215281 |
|
14-Nov-2010 |
brucec |
Add some descriptions to sys/kern sysctls.
PR: kern/148710 Tested by: Chip Camden <sterling at camdensoftware.com> MFC after: 1 week
|
#
209037 |
|
11-Jun-2010 |
ivoras |
In another move to join with the age of the Fruitbat, increase SYSV shared resources defaults beyond absolute minimums.
The new values are chosen mostly by magic. They are still fairly small and will need increasing for large installations (especially SHMMAX). However, they are now enough to e.g. start PostgreSQL installations with ~~300 users and nearly 512 MB of shared buffers.
Reviewed by: A short discussion on hackers@
|
#
205323 |
|
19-Mar-2010 |
kib |
Move SysV IPC freebsd32 compat shims from freebsd32_misc.c to corresponding sysv_{msg,sem,shm}.c files.
Mark SysV IPC freebsd32 syscalls as NOSTD and add required SYSCALL_INIT_HELPER/SYSCALL32_INIT_HELPERs to provide auto register/unregister on module load.
This makes COMPAT_FREEBSD32 functional with SysV IPC compiled and loaded as modules.
Reviewed by: jhb MFC after: 2 weeks
|
#
194910 |
|
24-Jun-2009 |
jhb |
Change the ABI of some of the structures used by the SYSV IPC API: - The uid/cuid members of struct ipc_perm are now uid_t instead of unsigned short. - The gid/cgid members of struct ipc_perm are now gid_t instead of unsigned short. - The mode member of struct ipc_perm is now mode_t instead of unsigned short (this is merely a style bug). - The rather dubious padding fields for ABI compat with SV/I386 have been removed from struct msqid_ds and struct semid_ds. - The shm_segsz member of struct shmid_ds is now a size_t instead of an int. This removes the need for the shm_bsegsz member in struct shmid_kernel and should allow for complete support of SYSV SHM regions >= 2GB. - The shm_nattch member of struct shmid_ds is now an int instead of a short. - The shm_internal member of struct shmid_ds is now gone. The internal VM object pointer for SHM regions has been moved into struct shmid_kernel. - The existing __semctl(), msgctl(), and shmctl() system call entries are now marked COMPAT7 and new versions of those system calls which support the new ABI are now present. - The new system calls are assigned to the FBSD-1.1 version in libc. The FBSD-1.0 symbols in libc now refer to the old COMPAT7 system calls. - A simplistic framework for tagging system calls with compatibility symbol versions has been added to libc. Version tags are added to system calls by adding an appropriate __sym_compat() entry to src/lib/libc/incldue/compat.h. [1]
PR: kern/16195 kern/113218 bin/129855 Reviewed by: arch@, rwatson Discussed with: kan, kib [1]
|
#
194894 |
|
24-Jun-2009 |
jhb |
Deprecate the msgsys(), semsys(), and shmsys() system calls by moving them under COMPAT_FREEBSD[4567]. Starting with FreeBSD 5.0 the SYSV IPC API was implemented via direct system calls (e.g. msgctl(), msgget(), etc.) rather than indirecting through the var-args *sys() system calls. The shmsys() system call was already effectively deprecated for all but COMPAT_FREEBSD4 already as its implementation for the !COMPAT_FREEBSD4 case was to simply invoke nosys().
|
#
194832 |
|
24-Jun-2009 |
jhb |
- Move syscall function argument structure types to be just above the relevenat system call function. - Whitespace fixes.
|
#
193511 |
|
05-Jun-2009 |
rwatson |
Move "options MAC" from opt_mac.h to opt_global.h, as it's now in GENERIC and used in a large number of files, but also because an increasing number of incorrect uses of MAC calls were sneaking in due to copy-and-paste of MAC-aware code without the associated opt_mac.h include.
Discussed with: pjd
|
#
192895 |
|
27-May-2009 |
jamie |
Add hierarchical jails. A jail may further virtualize its environment by creating a child jail, which is visible to that jail and to any parent jails. Child jails may be restricted more than their parents, but never less. Jail names reflect this hierarchy, being MIB-style dot-separated strings.
Every thread now points to a jail, the default being prison0, which contains information about the physical system. Prison0's root directory is the same as rootvnode; its hostname is the same as the global hostname, and its securelevel replaces the global securelevel. Note that the variable "securelevel" has actually gone away, which should not cause any problems for code that properly uses securelevel_gt() and securelevel_ge().
Some jail-related permissions that were kept in global variables and set via sysctls are now per-jail settings. The sysctls still exist for backward compatibility, used only by the now-deprecated jail(2) system call.
Approved by: bz (mentor)
|
#
190557 |
|
30-Mar-2009 |
brueffer |
Fix memory leak in semunload().
PR: 133064 Submitted by: Mateusz Guzik <mjguzik@gmail.com> MFC after: 1 week
|
#
187298 |
|
15-Jan-2009 |
kib |
Lock the semaphore identifier lock during semaphore initialization to guarantee atomicity of the operation for other semaphore consumers. In particular, this should guard against access to the semaphore with not done or partially done MAC label assignment.
Reviewed by: rwatson MFC after: 1 month
|
#
187223 |
|
14-Jan-2009 |
kib |
It seems that there are at least three issues with IPC_RMID operation on SysV semaphores.
The squeeze of the semaphore array in the kern_semctl() modifies sem_base for the semaphores with sem_base greater then sem_base of the removed semaphore, as well as the values of the semaphores, without locking their mutex. This can lead to (killable) hangs or unexpected behaviour of the processes performing any sem operations while other process does IPC_RMID.
The semexit_myhook() eventhandler unlocks SEMUNDO_LOCK() while accessing *suptr. This allows for IPC_RMID for the sem id to be performed in parallel with undo hook referenced by the current undo structure. This leads to the panic("semexit - semid not allocated") [1].
The semaphore creation is protected by Giant, while IPC_RMID is done while only semaphore mutex is held. This seems to result in invalid values for semtot, causing random ENOSPC error returns [2].
Redo the locking of the semaphores lifetime cycle. Delegate the sem_mtx to the sole purpose of protecting semget() and semctl(IPC_RMID). Introduce new sem_undo_mtx to protect SEM_UNDO handling. Remove the Giant remnants from the code. Note that mac_sysvsem_check_semget() and mac_sysvsem_create() are now called while sem_mtx is held, as well as mac_sysvsem_cleanup() [3].
When semaphore is removed, acquire semaphore locks for all semaphores with sem_base that is going to be changed by squeeze of the sema array. The lock order is not important there, because the region is protected by sem_mtx.
Organize both used and free sem_undo structures into the lists, protected by sem_undo_mtx. In semexit_myhook(), remove sem_undo structure that is being processed, from used list, without putting it onto the free to prevent modifications by other threads. This allows for sem_undo_lock to be dropped to acquire individial semaphore locks without violating lock order. Since IPC_RMID may no longer find this sem_undo, do tolerate references to unallocated semaphores in undo structure, and check sequential number to not undo unrelated semaphore with the same id.
While there, convert functions definitions to ANSI C and fix small style(9) glitches.
Reported by: Omer Faruk Sen <omerfsen gmail com> [1], pho [2] Reviewed by: rwatson [3] Tested by: pho MFC after: 1 month
|
#
179879 |
|
19-Jun-2008 |
gonzo |
Renew semaphore's pointer after wakeup since during msleep sem_base may have been modified by destroying one of semaphores and semptr would not be valid in this case.
PR: kern/123731
|
#
172930 |
|
24-Oct-2007 |
rwatson |
Merge first in a series of TrustedBSD MAC Framework KPI changes from Mac OS X Leopard--rationalize naming for entry points to the following general forms:
mac_<object>_<method/action> mac_<object>_check_<method/action>
The previous naming scheme was inconsistent and mostly reversed from the new scheme. Also, make object types more consistent and remove spaces from object types that contain multiple parts ("posix_sem" -> "posixsem") to make mechanical parsing easier. Introduce a new "netinet" object type for certain IPv4/IPv6-related methods. Also simplify, slightly, some entry point names.
All MAC policy modules will need to be recompiled, and modules not updates as part of this commit will need to be modified to conform to the new KPI.
Sponsored by: SPARTA (original patches against Mac OS X) Obtained from: TrustedBSD Project, Apple Computer
|
#
171179 |
|
03-Jul-2007 |
kib |
Relock the sema_mtxp unconditionally after copyin() for SETALL case in kern_semctl. Otherwise, later mtx_unlock() can operate on unlocked mutex.
Submitted by: rdivacky MFC after: 3 days Approved by: re (kensmith)
|
#
167904 |
|
26-Mar-2007 |
emaste |
Avoid manipulating semu_list outside of the scope of SEMUNDO_LOCK(). This would lead to an occasional hang with a cycle in semu_list.
X-Discussed-On: hackers@
|
#
167232 |
|
05-Mar-2007 |
rwatson |
Further system call comment cleanup:
- Remove also "MP SAFE" after prior "MPSAFE" pass. (suggested by bde) - Remove extra blank lines in some cases. - Add extra blank lines in some cases. - Remove no-op comments consisting solely of the function name, the word "syscall", or the system call name. - Add punctuation. - Re-wrap some comments.
|
#
167211 |
|
04-Mar-2007 |
rwatson |
Remove 'MPSAFE' annotations from the comments above most system calls: all system calls now enter without Giant held, and then in some cases, acquire Giant explicitly.
Remove a number of other MPSAFE annotations in the credential code and tweak one or two other adjacent comments.
|
#
163606 |
|
22-Oct-2006 |
rwatson |
Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.h begun with a repo-copy of mac.h to mac_framework.h. sys/mac.h now contains the userspace and user<->kernel API and definitions, with all in-kernel interfaces moved to mac_framework.h, which is now included across most of the kernel instead.
This change is the first step in a larger cleanup and sweep of MAC Framework interfaces in the kernel, and will not be MFC'd.
Obtained from: TrustedBSD Project Sponsored by: SPARTA
|
#
162468 |
|
20-Sep-2006 |
rwatson |
Remove MAC_DEBUG + MPRINTF debugging from System V IPC. This no longer appears to be serving a useful purpose, as it was used during initial development of MAC support for System V IPC.
MFC after: 1 month Obtained from: TrustedBSD Project Suggested by: Christopher dot Vance at SPARTA dot com
|
#
160293 |
|
12-Jul-2006 |
kib |
Use proper format specifier for pointers in debug printfs (turned off by default).
Approved by: pjd (mentor) MFC after: 2 weeks
|
#
160187 |
|
08-Jul-2006 |
jhb |
Rework kern_semctl a bit to always assume the UIO_SYSSPACE case. This mostly consists of pushing a few copyin's and copyout's up into __semctl() as all the other callers were already doing the UIO_SYSSPACE case. This also changes kern_semctl() to set the return value in a passed in pointer to a register_t rather than td->td_retval[0] directly so that callers can only set td->td_retval[0] if all the various copyout's succeed.
As a result of these changes, kern_semctl() no longer does copyin/copyout (except for GETALL/SETALL) so simplify the locking to acquire the semakptr mutex before the MAC check and hold it all the way until the end of the big switch statement. The GETALL/SETALL cases have to temporarily drop it while they do copyin/malloc and copyout. Also, simplify the SETALL case to remove handling for a non-existent race condition.
|
#
160028 |
|
29-Jun-2006 |
jhb |
Fix semctl(2) breakage from the previous commit. Previously __semctl() had a local 'semid' variable which was the array index and used uap->semid as the original IPC id. During the kern_semctl() conversion those two variables were collapsed into a single 'semid' variable breaking the places that needed the original IPC ID. To fix, add a new 'semidx' variable to hold the array index and leave 'semid' unmolested as the IPC id. While I'm here, explicitly document that the (undocumented, at least in semctl(2)) SEM_STAT command curiously expects an array index in the 'semid' parameter rather than an IPC id.
Submitted by: maxim
|
#
159991 |
|
27-Jun-2006 |
jhb |
- Add a kern_semctl() helper function for __semctl(). It accepts a pointer to a copied-in copy of the 'union semun' and a uioseg to indicate which memory space the 'buf' pointer of the union points to. This is then used in linux_semctl() and svr4_sys_semctl() to eliminate use of the stackgap. - Mark linux_ipc() and svr4_sys_semsys() MPSAFE.
|
#
159481 |
|
10-Jun-2006 |
rwatson |
Move some functions and definitions from uipc_socket2.c to uipc_socket.c:
- Move sonewconn(), which creates new sockets for incoming connections on listen sockets, so that all socket allocate code is together in uipc_socket.c.
- Move 'maxsockets' and associated sysctls to uipc_socket.c with the socket allocation code.
- Move kern.ipc sysctl node to uipc_socket.c, add a SYSCTL_DECL() for it to sysctl.h and remove lots of scattered implementations in various IPC modules.
- Sort sodealloc() after soalloc() in uipc_socket.c for dependency order reasons. Statisticize soalloc() and sodealloc() as they are now required only in uipc_socket.c, and are internal to the socket implementation.
After this change, socket allocation and deallocation is entirely centralized in one file, and uipc_socket2.c consists entirely of socket buffer manipulation and default protocol switch functions.
MFC after: 1 month
|
#
147091 |
|
07-Jun-2005 |
rwatson |
Gratuitous renaming of four System V Semaphore MAC Framework entry points to convert _sema() to _sem() for consistency purposes with respect to the other semaphore-related entry points:
mac_init_sysv_sema() -> mac_init_sysv_sem() mac_destroy_sysv_sem() -> mac_destroy_sysv_sem() mac_create_sysv_sema() -> mac_create_sysv_sem() mac_cleanup_sysv_sema() -> mac_cleanup_sysv_sem()
Congruent changes are made to the policy interface to support this.
Obtained from: TrustedBSD Project Sponsored by: SPAWAR, SPARTA
|
#
145230 |
|
18-Apr-2005 |
rwatson |
Remove end-of-line tabs.
MFC after: 3 days
|
#
143835 |
|
19-Mar-2005 |
sam |
check copyin return value
Noticed by: Coverity Prevent analysis tool
|
#
141710 |
|
11-Feb-2005 |
csjp |
Add much needed descriptions for a number of the IPC related sysctl OIDs. This information will be very useful for people who are tuning applications which have a dependence on IPC mechanisms.
The following OIDs were documented:
Message queues: kern.ipc.msgmax kern.ipc.msgmni kern.ipc.msgmnb kern.ipc.msgtlq kern.ipc.msgssz kern.ipc.msgseg
Semaphores: kern.ipc.semmap kern.ipc.semmni kern.ipc.semmns kern.ipc.semmnu kern.ipc.semmsl kern.ipc.semopm kern.ipc.semume kern.ipc.semusz kern.ipc.semvmx kern.ipc.semaem
Shared memory: kern.ipc.shmmax kern.ipc.shmmin kern.ipc.shmmni kern.ipc.shmseg kern.ipc.shmall kern.ipc.shm_use_phys kern.ipc.shm_allow_removed kern.ipc.shmsegs
These new descriptions can be viewed using sysctl -d
PR: kern/65219 Submitted by: Dan Nelson <dnelson at allantgroup dot com> (modified) No objections: developers@ Descriptions reviewed by: gnn MFC after: 1 week
|
#
140615 |
|
22-Jan-2005 |
rwatson |
Invoke label initialization, creation, cleanup, and tear-down MAC Framework entry points for System V IPC semaphores.
Submitted by: Dandekar Hrishikesh <rishi_dandekar at sbcglobal dot net> Obtained from: TrustedBSD Project Sponsored by: DARPA, SPAWAR, McAfee Research
|
#
139804 |
|
06-Jan-2005 |
imp |
/* -> /*- for copyright notices, minor format tweaks as necessary
|
#
137644 |
|
13-Nov-2004 |
rwatson |
Correct two incorrectly merged changes introduced in sysv_sem.c:1.71: return EINVAL rather than setting error, and don't free sops unconditionally. The first change was merged accidentally as part of the larger set of changes to introduce MAC labels and access control, and potentially lead to continued processing of a request even after it was determined to be invalid. The second change was due to changes in the semaphore code since the original work was performed.
Pointed out by: truckman
|
#
137613 |
|
12-Nov-2004 |
rwatson |
Second of several commits to allow kernel System V IPC data structures to be modified and extended without breaking the user space ABI:
Use _kernel variants on _ds structures for System V sempahores, message queues, and shared memory. When interfacing with userspace, export only the _ds subsets of the _kernel data structures. A lot of search and replace.
Define the message structure in the _KERNEL portion of msg.h so that it can be used by other kernel consumers, but not exposed to user space.
Submitted by: Dandekar Hrishikesh <rishi_dandekar at sbcglobal dot net> Obtained from: TrustedBSD Project Sponsored by: DARPA, SPAWAR, McAfee Research
|
#
129882 |
|
30-May-2004 |
phk |
Add missing #include <sys/module.h>
|
#
127108 |
|
17-Mar-2004 |
cperciva |
Adjust the number of processes waiting on a semaphore properly if we're woken up in the middle of sleeping.
PR: misc/64347 Reviewed by: tjr MFC after: 7 days
|
#
123667 |
|
19-Dec-2003 |
tjr |
Reduce the overhead of semop() by using the kernel stack instead of malloc'd memory to store the operations array if it is small enough to fit.
|
#
122752 |
|
15-Nov-2003 |
tjr |
Initialize sequence numbers to 0 in seminit() instead of using whatever garbage happens to be in memory. This did not seem to cause any problems except making semaphore ID's unpredictable (and ugly in ipcs(1) output).
|
#
122390 |
|
10-Nov-2003 |
tjr |
When there are no free sem_undo structs available in semu_alloc(), only free one sem_undo with un_cnt == 0 instead of all of them. This is a temporary workaround until the SLIST_FOREACH_PREVPTR loop gets fixed so that it doesn't cause cycles in semu_list when removing multiple adjacent items. It might be easier to just use (doubly-linked) LISTs here instead of complicated SLIST code to achieve O(1) removals.
This bug manifested itself as a complete lockup under heavy semaphore use by multiple processes with the SEM_UNDO flag set.
PR: 58984
|
#
122201 |
|
07-Nov-2003 |
rwatson |
Slight whitespace consistency improvement: Trim trailing whitespace. Remove unmatched " " before ")".
|
#
121307 |
|
21-Oct-2003 |
silby |
Change all SYSCTLS which are readonly and have a related TUNABLE from CTLFLAG_RD to CTLFLAG_RDTUN so that sysctl(8) can provide more useful error messages.
|
#
118615 |
|
07-Aug-2003 |
nectar |
Update some argument-documenting comments to match reality.
Add an explicit range check to those same arguments to reduce risk of cardiac arrest in future code readers.
|
#
116182 |
|
10-Jun-2003 |
obrien |
Use __FBSDID().
|
#
112564 |
|
24-Mar-2003 |
jhb |
Replace the at_fork, at_exec, and at_exit functions with the slightly more flexible process_fork, process_exec, and process_exit eventhandlers. This reduces code duplication and also means that I don't have to go duplicate the eventhandler locking three more times for each of at_fork, at_exec, and at_exit.
Reviewed by: phk, jake, almost complete silence on arch@
|
#
111119 |
|
19-Feb-2003 |
imp |
Back out M_* changes, per decision of the TRB.
Approved by: trb
|
#
110040 |
|
29-Jan-2003 |
tjr |
Fix two fatal signedness errors introduced when i and j in semop() were changed from int to size_t in the previous revision.
PR: 47625
|
#
109829 |
|
25-Jan-2003 |
alfred |
Bring semop() closer the the opengroup standards.
PR: 47471 Submitted by: Craig Rodrigues <rodrigc@attbi.com>
|
#
109623 |
|
21-Jan-2003 |
alfred |
Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0. Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
|
#
105429 |
|
19-Oct-2002 |
alfred |
Don't leak memory in semop(2). (Fix a bug I introduced in rev 1.55.)
Detective work by: jake
|
#
101774 |
|
13-Aug-2002 |
alfred |
Make SYSVSEM mpsafe. Each semaphore set gets its own lock, however there is a global lock over the undo structures because of the way they are managed.
Switch to using SLIST instead of rolling our own linked list.
Fix several races where a permission check was done before a copyin/copyout, if the copy happened to fault it may have been possible to race for access to a semaphore set that one shouldn't have access to.
Requested by: rwatson Tested by: NetBSD regression suite.
|
#
101350 |
|
05-Aug-2002 |
alfred |
Cleanup: Fix line wrapping. Remove 'register'. malloc(9) with M_WAITOK can't fail, so remove checks for that.
|
#
100523 |
|
22-Jul-2002 |
alfred |
Cleanup: Define a debug printf macro rather than wrapping all calls to printf with #ifdefs.
|
#
100511 |
|
22-Jul-2002 |
alfred |
Remove caddr_t.
|
#
92723 |
|
19-Mar-2002 |
alfred |
Remove __P.
|
#
92665 |
|
19-Mar-2002 |
peter |
Pacify gcc-3.1+, initialize two variables to avoid -Wuninitialized warnings.
|
#
91744 |
|
06-Mar-2002 |
maxim |
Fix a typo, unbreak the world.
Thanks to: mux Approved by: ru
|
#
91736 |
|
06-Mar-2002 |
maxim |
Maximum semid is seminfo.semmni not seminfo.semmsl.
PR: kern/34979 Submitted by: James Gritton <jamie@gritton.org> Reviewed by: alfred, ru Approved by: ru MFC after: 1 week
|
#
91703 |
|
05-Mar-2002 |
jhb |
- Use td_ucred for jail checks. - Move jail checks and some other checks involving constants and stack variables out from under Giant. This isn't perfectly safe atm because jail_sysvipc_allowed is read w/o a lock meaning that its value could be stale. This global variable will soon become a per-jail flag, however, at which time it will either not need a lock or will use the prison lock.
|
#
91417 |
|
27-Feb-2002 |
jhb |
Fix Giant leakage in several error cases in __semctl().
|
#
91406 |
|
27-Feb-2002 |
jhb |
Simple p_ucred -> td_ucred changes to start using the per-thread ucred reference.
|
#
90857 |
|
18-Feb-2002 |
rwatson |
Rehash of 1.43: simply remove the comment, since it's highly redundant and only partially correct.
|
#
90817 |
|
17-Feb-2002 |
rwatson |
style(9) prefers formatted comments in '/*' ... '*/' as opposed to #if 0'd.
|
#
88715 |
|
30-Dec-2001 |
alc |
Eliminate semexit_hook using at_exit(9) and rm_at_exit(9).
Reviewed by: alfred
|
#
88633 |
|
29-Dec-2001 |
alfred |
Make AIO a loadable module.
Remove the explicit call to aio_proc_rundown() from exit1(), instead AIO will use at_exit(9).
Add functions at_exec(9), rm_at_exec(9) which function nearly the same as at_exec(9) and rm_at_exec(9), these functions are called on behalf of modules at the time of execve(2) after the image activator has run.
Use a modified version of tegge's suggestion via at_exec(9) to close an exploitable race in AIO.
Fix SYSCALL_MODULE_HELPER such that it's archetecuterally neutral, the problem was that one had to pass it a paramater indicating the number of arguments which were actually the number of "int". Fix it by using an inline version of the AS macro against the syscall arguments. (AS should be available globally but we'll get to that later.)
Add a primative system for dynamically adding kqueue ops, it's really not as sophisticated as it should be, but I'll discuss with jlemon when he's around.
|
#
84789 |
|
11-Oct-2001 |
mr |
Fix SysV Semaphore Handling. Updated by peter following KSE and Giant pushdown. I've running with this patch for two week with no ill side effects.
PR: kern/12014: Fix SysV Semaphore handling Submitted by: Peter Jeremy <peter.jeremy@alcatel.com.au>
|
#
83414 |
|
13-Sep-2001 |
mr |
PR: kern/29698 (part) Reviewed by: audit Implement SEM_STAT (like IPC_STAT but treats semid as sema-index). The linuxerator will need it.
|
#
83413 |
|
13-Sep-2001 |
mr |
PR: kern/29698 (part) Reviewed by: audit Add tunables for the sem* and shm* syscontrols for tuning on boottime until they become dynamic. SAP R/3 doesn't like the compiled in defaults.
|
#
83366 |
|
12-Sep-2001 |
julian |
KSE Milestone 2 Note ALL MODULES MUST BE RECOMPILED make the kernel aware that there are smaller units of scheduling than the process. (but only allow one thread per process at this time). This is functionally equivalent to teh previousl -current except that there is a thread associated with each process.
Sorry john! (your next MFC will be a doosie!)
Reviewed by: peter@freebsd.org, dillon@freebsd.org
X-MFC after: ha ha ha ha
|
#
83341 |
|
11-Sep-2001 |
dd |
Correct a debugging message.
|
#
83292 |
|
10-Sep-2001 |
dd |
Make the `nsops' variable in `semop' unsigned. This prevents an overflow if uap->nsops (which is already unsigned) is over INT_MAX; consequently, the bounds check below becomes valid. Previously, if a value over INT_MAX was passed in uap->nsops, the bounds check wouldn't catch it, and the value would be used to compute copyin()'s third argument.
Obtained from: NetBSD
|
#
82607 |
|
30-Aug-2001 |
dillon |
Giant Pushdown: sysv shm, sem, and msg calls.
|
#
77461 |
|
30-May-2001 |
dd |
Export via sysctl: * all members of msginfo from sysv_msg.c; * msqids from sysv_msg.c; * sema from sysv_sem.c; and * shmsegs from sysv_shm.c;
These will be used by ipcs(1) in non-kvm mode.
Reviewed by: tmm
|
#
72786 |
|
21-Feb-2001 |
rwatson |
o Move per-process jail pointer (p->pr_prison) to inside of the subject credential structure, ucred (cr->cr_prison). o Allow jail inheritence to be a function of credential inheritence. o Abstract prison structure reference counting behind pr_hold() and pr_free(), invoked by the similarly named credential reference management functions, removing this code from per-ABI fork/exit code. o Modify various jail() functions to use struct ucred arguments instead of struct proc arguments. o Introduce jailed() function to determine if a credential is jailed, rather than directly checking pointers all over the place. o Convert PRISON_CHECK() macro to prison_check() function. o Move jail() function prototypes to jail.h. o Emulate the P_JAILED flag in fill_kinfo_proc() and no longer set the flag in the process flags field itself. o Eliminate that "const" qualifier from suser/p_can/etc to reflect mutex use.
Notes:
o Some further cleanup of the linux/jail code is still required. o It's now possible to consider resolving some of the process vs credential based permission checking confusion in the socket code. o Mutex protection of struct prison is still not present, and is required to protect the reference count plus some fields in the structure.
Reviewed by: freebsd-arch Obtained from: TrustedBSD Project
|
#
71038 |
|
14-Jan-2001 |
des |
Use predictable internal names for the sysvipc modules, so we have a chance of getting dependencies working.
|
#
69449 |
|
01-Dec-2000 |
alfred |
sysvipc loadable.
new syscall entry lkmressys - "reserved loadable syscall"
Make syscall_register allow overwriting of such entries (lkmressys).
|
#
68024 |
|
30-Oct-2000 |
rwatson |
o Deny access to System V IPC from within jail by default, as in the current implementation, jail neither virtualizes the Sys V IPC namespace, nor provides inter-jail protections on IPC objects. o Support for System V IPC can be enabled by setting jail.sysvipc_allowed=1 using sysctl. o This is not the "real fix" which involves virtualizing the System V IPC namespace, but prevents processes within jail from influencing those outside of jail when not approved by the administrator.
Reported by: Paulo Fragoso <paulo@nlink.com.br>
|
#
67708 |
|
27-Oct-2000 |
phk |
Convert all users of fldoff() to offsetof(). fldoff() is bad because it only takes a struct tag which makes it impossible to use unions, typedefs etc.
Define __offsetof() in <machine/ansi.h>
Define offsetof() in terms of __offsetof() in <stddef.h> and <sys/types.h>
Remove myriad of local offsetof() definitions.
Remove includes of <stddef.h> in kernel code.
NB: Kernelcode should *never* include from /usr/include !
Make <sys/queue.h> include <machine/ansi.h> to avoid polluting the API.
Deprecate <struct.h> with a warning. The warning turns into an error on 01-12-2000 and the file gets removed entirely on 01-01-2001.
Paritials reviews by: various. Significant brucifications by: bde
|
#
59839 |
|
01-May-2000 |
peter |
Move the MSG* and SEM* options to opt_sysvipc.h Remove evil allocation macros from machdep.c (why was that there???) and use malloc() instead. Move paramters out of param.h and into the code itself. Move a bunch of internal definitions from public sys/*.h headers (without #ifdef _KERNEL even) into the code itself.
I had hoped to make some of this more dynamic, but the cost of doing wakeups on all sleeping processes on old arrays was too frightening. The other possibility is to initialize on the first use, and allow dynamic sysctl changes to parameters right until that point. That would allow /etc/rc.sysctl to change SEM* and MSG* defaults as we presently do with SHM*, but without the nightmare of changing a running system.
|
#
59828 |
|
01-May-2000 |
peter |
Remove the undocumented, flawed, broken-as-designed semconfig() syscall.
|
#
58831 |
|
30-Mar-2000 |
peter |
Remove #ifdef for sem_wakeup() - we just use wakeup().
|
#
50477 |
|
27-Aug-1999 |
peter |
$Id$ -> $FreeBSD$
|
#
46116 |
|
27-Apr-1999 |
phk |
Change suser_xxx() to suser() where it applies.
|
#
41774 |
|
14-Dec-1998 |
dillon |
Fixed problems with kernel config file overrides of sysv semaphore parameters. Prior to this fix a kernel config override would effect only some of the kernel files, resulting in panics.
PR: kern/9068
|
#
34961 |
|
30-Mar-1998 |
phk |
Eradicate the variable "time" from the kernel, using various measures. "time" wasn't a atomic variable, so splfoo() protection were needed around any access to it, unless you just wanted the seconds part.
Most uses of time.tv_sec now uses the new variable time_second instead.
gettime() changed to getmicrotime(0.
Remove a couple of unneeded splfoo() protections, the new getmicrotime() is atomic, (until Bruce sets a breakpoint in it).
A couple of places needed random data, so use read_random() instead of mucking about with time which isn't random.
Add a new nfs_curusec() function.
Mark a couple of bogosities involving the now disappeard time variable.
Update ffs_update() to avoid the weird "== &time" checks, by fixing the one remaining call that passwd &time as args.
Change profiling in ncr.c to use ticks instead of time. Resolution is the same.
Add new function "tvtohz()" to avoid the bogus "splfoo(), add time, call hzto() which subtracts time" sequences.
Reviewed by: bde
|
#
30994 |
|
06-Nov-1997 |
phk |
Move the "retval" (3rd) parameter from all syscall functions and put it in struct proc instead.
This fixes a boatload of compiler warning, and removes a lot of cruft from the sources.
I have not removed the /*ARGSUSED*/, they will require some looking at.
libkvm, ps and other userland struct proc frobbing programs will need recompiled.
|
#
27845 |
|
02-Aug-1997 |
bde |
Removed unused #includes.
|
#
22975 |
|
22-Feb-1997 |
peter |
Back out part 1 of the MCFH that changed $Id$ to $FreeBSD$. We are not ready for it yet.
|
#
21673 |
|
14-Jan-1997 |
jkh |
Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!) avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been insane otherwise.
|
#
16322 |
|
12-Jun-1996 |
gpalmer |
Clean up -Wunused warnings.
Reviewed by: bde
|
#
13255 |
|
05-Jan-1996 |
wollman |
Somehow managed to miss these four files when converting the SYSV IPC options over to the new style.
|
#
13072 |
|
27-Dec-1995 |
jkh |
Gack - if you're going to call semexit() from elsewhere, it shouldn't be static.. :-)
|
#
13060 |
|
27-Dec-1995 |
joerg |
Call semexit() from exit(), in order to process `undo vectors'. This function has actually never been called.
|
#
12866 |
|
15-Dec-1995 |
peter |
Update sysv_*.c to get their argument definitions from sysproto.h
|
#
12819 |
|
14-Dec-1995 |
phk |
A Major staticize sweep. Generates a couple of warnings that I'll deal with later. A number of unused vars removed. A number of unused procs removed or #ifdefed.
|
#
11626 |
|
21-Oct-1995 |
bde |
Start including <sys/sysproto.h> to get the correct args structs and prototypes for all syscalls. The args structs are still declared in comments as in VOP implementation functions. I don't like the duplication for this, but several more layers of changes are required to get it right. First we need to catch up with 4.4lite2, which uses macros to handle struct padding. Then we need to catch up with NetBSD, which passes the args correctly (as void *). Then we need to handle varargs functions and struct padding better. I think all the details can be hidden in machine-generated functions so that the args structs and verbose macros to reference them don't have to appear in the core sources.
Add prototypes.
Add bogus casts to hide the evil type puns exposed by the previous steps. &uap[1] was used to get at the args after the first. This worked because only the first arg in *uap was declared. This broke when the machine- genenerated args struct declared all the args (actually it declares extra args in some cases and depends on the user stack having some accessible junk after the last arg, not to mention the user args being on the stack. It isn't possible to declare a correct args struct for a varargs syscall). The msgsys(), semsys() and shmsys() syscall interfaces are BAD because they multiplex several syscalls that have different types of args. There was no reason to duplicate this sysv braindamage but now we're stuck with it. NetBSD has reimplemented the syscalls properly as separate syscalls #220-231.
Declare static functions as static in both their prototype and their implementation (the latter is optional, and this misfeature was used).
Remove gratuitous #includes.
Continue cleaning up new init stuff.
|
#
10653 |
|
09-Sep-1995 |
dg |
Fixed init functions argument type - caddr_t -> void *. Fixed a couple of compiler warnings.
|
#
10428 |
|
29-Aug-1995 |
bde |
Fix several sysinit functions that had the wrong type and unnecessarily external linkage.
Remove useless comments saying that SYSINIT() does system initialization.
shm.c: Remove nearly useless comment that gave wrong pseudo-prototypes.
|
#
10358 |
|
28-Aug-1995 |
julian |
Reviewed by: julian with quick glances by bruce and others Submitted by: terry (terry lambert) This is a composite of 3 patch sets submitted by terry. they are: New low-level init code that supports loadbal modules better some cleanups in the namei code to help terry in 16-bit character support some changes to the mount-root code to make it a little more modular..
NOTE: mounting root off cdrom or NFS MIGHT be broken as I haven't been able to test those cases..
certainly mounting root of disk still works just fine.. mfs should work but is untested. (tomorrows task)
The low level init stuff includes a total rewrite of init_main.c to make it possible for new modules to have an init phase by simply adding an entry to a TEXT_SET (or is it DATA_SET) list. thus a new module can be added to the kernel without editing any other files other than the 'files' file.
|
#
9759 |
|
29-Jul-1995 |
bde |
Eliminate sloppy common-style declarations. There should be none left for the LINT configuation.
|
#
8876 |
|
30-May-1995 |
rgrimes |
Remove trailing whitespace.
|
#
3396 |
|
06-Oct-1994 |
dg |
Use tsleep() rather than sleep so that 'ps' is more informative about the wait.
|
#
3308 |
|
02-Oct-1994 |
phk |
All of this is cosmetic. prototypes, #includes, printfs and so on. Makes GCC a lot more silent.
|
#
2836 |
|
17-Sep-1994 |
dg |
Got rid of compiler warnings.
|
#
2729 |
|
13-Sep-1994 |
dfr |
Added SYSV ipcs.
Obtained from: NetBSD and FreeBSD-1.1.5
|