Commit graph

6799 commits

Author SHA1 Message Date
Cristiano Giuffrida
d639cffec9 libsys: Support for senda_reload().
Change-Id: I67f94515d2b89199643195d32d92f1bef9770359
2015-09-16 11:03:30 +00:00
Cristiano Giuffrida
e1f889d228 libsys: Change SEF Live Update state callback API.
The following callbacks are concerned:
 - state_save
 - state_isvalid

Change-Id: I75f71fe162ccd8b23b18cae15f844b79b290a8c1
2015-09-16 11:03:17 +00:00
Cristiano Giuffrida
01c875ce91 kernel: Debug printing at live update time.
Change-Id: I0fa896eb248b3b62e1858f76196d3d6862a30f2b
2015-09-16 11:03:04 +00:00
Cristiano Giuffrida
062400c0e2 kernel: Handle IPC properly at live update time.
Change-Id: I2dfc6c6cf4d2bfe198e159d3e4b7c50d0bb499c8
2015-09-16 11:02:53 +00:00
Cristiano Giuffrida
56e56d2af2 kernel: Inherit allowed memory, IRQ & I/O ranges
Inherit at live update time all the priviledges previously acquired by
the process.

Change-Id: I1fd6ab16680ea85a1f3d8d1c106a7c716bf65e8e
2015-09-16 11:02:44 +00:00
Cristiano Giuffrida
9e6b1315c3 kernel: Allow kernel calls to return ENOTREADY.
This is required to avoid races with safecopy() at live update time.

Change-Id: I1f3e22d40f22d94bd2b850915f9b8163a08b5616
2015-09-16 11:02:31 +00:00
Cristiano Giuffrida
c8a9900b0c kernel: Add support for IPC filters.
Edited by David van Moolenbroek.

Change-Id: Ia0052c42a0f218d011dd2da1e3db6c5b2107adc7
2015-09-16 11:02:24 +00:00
Cristiano Giuffrida
6fc5006250 kernel: Add SYS_PRIV_CLEAR_IPC_REFS support.
Change-Id: Ie5e86191d5040f305a5a42942d83319cd600bfb6
2015-09-16 11:02:13 +00:00
Cristiano Giuffrida
a1760b573b kernel: Extend the {sys,vm}_update() interfaces.
Change-Id: I9ada3c04c08d219b198e9081f4e1942b11c722f6
2015-09-16 11:01:47 +00:00
Cristiano Giuffrida
76bf77a21f kernel: Extend the sys_whoami() interface.
Add support for init flags.

Change-Id: Ibb4d7eb9064d2bbee6d51112ad0c56b2750a5f8e
2015-09-16 11:01:36 +00:00
Cristiano Giuffrida
41022be182 kernel: Extend the sys_statectl() interface.
Change-Id: Ica37640f61513db9466dacf861a8148e3fb799d5
2015-09-16 11:01:15 +00:00
Cristiano Giuffrida
606626c691 include: Add sys flags definitions.
Change-Id: I8ecbe636641467efea058a9527416fc25d954daf
2015-09-16 10:59:34 +00:00
David van Moolenbroek
de95c84d3e VFS: fix short select(2) timeouts
Some select queries require a response from device drivers.  If a
select call is nonblocking (with a zero timeout), the response to
the caller may have to be deferred until all involved drivers have
responded to the initial query.  This is handled just fine.

However, if the select call has a timeout that is so short that it
triggers before all the involved drivers have responded, the
resulting alarm would be discarded, possibly resulting in the call
blocking forever.  This fix changes the alarm handler such that if
the alarm triggers too early, the select call is further handled
as though it was nonblocking.

This fix resolves a test77 deadlock on really slow systems.

Change-Id: Ib487c8fe436802c3e11c57355ae0c8480721f06e
2015-09-16 10:41:46 +00:00
David van Moolenbroek
fefec20e6b procfs: do not list init in /proc/services
It is not a system service.

Change-Id: Ibfbf08aa52095826c19172e517bcbd292e7944a0
2015-09-07 22:56:19 +00:00
David van Moolenbroek
d09f72c453 Kernel: improve stacktrace printing
- corrupt stack traces could trigger a kernel panic;
- output consistency and spelling.

Change-Id: I04c9ac7db77593d6e837a28c83f1734adc8d9da7
2015-09-07 22:56:00 +00:00
David van Moolenbroek
1d9856e713 inet: resolve some compile and runtime warnings
- ping(1) triggers warnings about unimplemented exceptions for select;
  even if there could be a useful implementation (which is doubtful),
  the warnings are not helping anyone right now;
- the clock_t data type has changed.

Change-Id: Ie5b1383e7657e8501f63bb4b9d255c6502567a15
2015-09-01 16:21:20 +00:00
David van Moolenbroek
4b12166f26 VFS: workaround to allow TIOCSCTTY on PTYs
Fix /dev/tty-related issues in tmux(1) by hardcoding the PTY major
in VFS in addition to the TTY major.  Even though this is exactly
what we did NOT want to have to do, the actual fix for this issue
is going to take a little longer.

Change-Id: I24c75eaf688b9ebd28e931f2e445b8442cfdac78
2015-09-01 11:42:03 +00:00
David van Moolenbroek
29e004d23b VFS: make message pointer management more robust
The previous approach of storing pointers to messages structures for
thread-blocking sendrec operations relied on several assumptions,
which if violated could lead to odd cases of memory corruption.
With this patch, VFS resets pointers right after use, avoiding that
any dangling pointers are accidentally dereferenced later.  This
approach was already used in some cases, but not all of them.

Change-Id: I752d994ea847b46228bd2ccf4e537deceb78fbaf
2015-08-31 12:58:39 +00:00
David van Moolenbroek
56ac45c10b VFS: check X bit, not R bit, opening executables
For dynamically linked executables, the interpreter is passed a
file descriptor of the binary being executed.  To this end, VFS
opens the target executable, but opening the file fails if it is
not readable, even when it is executable.  With this patch, when
opening the executable, it verifies the X bit rather than the R
bit on the file, thus allowing the execution of dynamically
linked binaries that are executable but not readable.

Add test86 to verify correctness.

Change-Id: If3514add6a33b33d52c05a0a627d757bff118d77
2015-08-31 12:55:55 +00:00
David van Moolenbroek
9f15e7b366 VFS: tweak coredump wrapper code
Change-Id: I6c1f50910d906b25f6df2b48f2cbfb899850924e
2015-08-31 12:55:48 +00:00
David van Moolenbroek
253dbfc285 VFS: resolve noassert warning
Change-Id: I647f5a7b3c2935be3df032873705be83de9aaffb
2015-08-31 12:55:43 +00:00
David van Moolenbroek
6c31058de4 sched: simplify
- do not use timers when there is only ever one timer;
- do not include kernel header files for no reason;
- do not reply to notifications ever.

Change-Id: I5817e22c1b46c4e30e5135069df318af0b4f87fd
2015-08-31 12:55:30 +00:00
David van Moolenbroek
736b88cf53 DS: fix regex memory leaks
The regcomp(3) calls had no matching regfree(3) calls.

Change-Id: I5250d62e6ab22821aff18bcdc336cb485df6868e
2015-08-31 12:55:18 +00:00
David van Moolenbroek
4472b590c7 libminixfs: rework prefetch API
This patch changes the prefetch API so that file systems must now
provide a set of block numbers, rather than a set of buffers.  The
result is a leaner and more well-defined API; linear computation of
the range of blocks to prefetch; duplicates no longer interfering
with the prefetch process; guaranteed inclusion of the block needed
next into the prefetch range; and, limits and policy decisions better
established by libminixfs now actually being moved into libminixfs.

Change-Id: I7e44daf2d2d164bc5e2f1473ad717f3ff0f0a77f
2015-08-14 18:39:30 +00:00
David van Moolenbroek
6c46a77d95 libminixfs: better support for read errors and EOF
- The lmfs_get_block*(3) API calls may now return an error.  The idea
  is to encourage a next generation of file system services to do a
  better job at dealing with block read errors than the MFS-derived
  implementations do.  These existing file systems have been changed
  to panic immediately upon getting a block read error, in order to
  let unchecked errors cause corruption.  Note that libbdev already
  retries failing I/O operations a few times first.

- The libminixfs block device I/O module (bio.c) now deals properly
  with end-of-file conditions on block devices.  Since a device or
  partition size may not be a multiple of the root file system's block
  size, support for partial block retrival has been added, with a new
  internal lmfs_get_partial_block(3) call.  A new test program,
  test85, tests the new handling of EOF conditions when reading,
  writing, and memory-mapping a block device.

Change-Id: I05e35b6b8851488328a2679da635ebba0c6d08ce
2015-08-14 18:39:26 +00:00
David van Moolenbroek
1311233cfb libminixfs: keep track of block usage
This patch changes the libminixfs API and implementation such that the
library is at all times aware of how many total and used blocks there
are in the file system.  This removes the last upcall of libminixfs
into file systems (fs_blockstats).  In the process, make this part of
the libminixfs API a little prettier and more robust.  Change file
systems accordingly.  Since this change only adds to MFS being unable
to deal with zones and blocks having different sizes, fail to mount
such file systems immediately rather than triggering an assert later.

Change-Id: I078e589c7e1be1fa691cf391bf5dfddd1baf2c86
2015-08-14 18:39:21 +00:00
David van Moolenbroek
0314acfb2d libminixfs: miscellaneous API cleanup
Mostly removal of unused parameters from calls.

Change-Id: I0eb7b568265d1669492d958e78b9e69d7cf6fc05
2015-08-14 18:39:00 +00:00
David van Moolenbroek
b8f6d4a649 libminixfs: do not flush blocks that are in use
This removes an implicit requirement for the way the libminixfs API is
to be used, namely that a block is to be marked as dirty only once its
contents have been fully updated, within a single get_block/put_block
window.  The requirement may not be appropriate for all file systems.

Change-Id: I6a129d51b1a5e9aec1572039dc7c1c82dd795db5
2015-08-13 13:46:52 +00:00
David van Moolenbroek
cb9453ca63 libminixfs: add support for peeking blocks
With this change, the lmfs_get_block*(3) functions allow the caller to
specify that it only wants the block if it is in the cache or the
secondary VM cache.  If the block is not found there, the functions
return NULL.  Previously, the PREFETCH method would be used to this
end instead, which was both abuse in name and less efficient.

Change-Id: Ieb5a15b67fa25d2008a8eeef9d126ac908fc2395
2015-08-13 13:46:50 +00:00
David van Moolenbroek
d75faf18d9 libminixfs: add support for memory-mapped holes
When VM asks a file system to provide a block to satisfy a page fault
on a file memory mapping, the file system previously had no way to
inform VM that the block is a hole, since there is no corresponding
block on the underlying device.  To work around this, MFS and ext2
would actually allocate a block for the hole when asked by VM, which
not only defeats the point of holes in the first place, but also does
not work on read-only file systems.  With this patch, a new libminixfs
call allows the file system to inform VM about holes.  This issue does
raise the question as to whether the VM cache is using the right data
structures, since there are now two places where we have to fake a
device offset.  This will have to be revisited in the future.

The patch changes file systems accordingly, and adds a test to test74.

Change-Id: Ib537d56b3f30a8eb05bc1f63c92b5c7428d18f4c
2015-08-13 13:46:48 +00:00
David van Moolenbroek
e94f856b38 libminixfs/VM: fix memory-mapped file corruption
This patch employs one solution to resolve two independent but related
issues.  Both issues are the result of one fundamental aspect of the
way VM's memory mapping works: VM uses its cache to map in blocks for
memory-mapped file regions, and for blocks already in the VM cache, VM
does not go to the file system before mapping them in.  To preserve
consistency between the FS and VM caches, VM relies on being informed
about all updates to file contents through the block cache.  The two
issues are both the result of VM not being properly informed about
such updates:

 1. Once a file system provides libminixfs with an inode association
    (inode number + inode offset) for a disk block, this association
    is not broken until a new inode association is provided for it.
    If a block is freed and reallocated as a metadata (non-inode)
    block, its old association is maintained, and may be supplied to
    VM's secondary cache.  Due to reuse of inodes, it is possible
    that the same inode association becomes valid for an actual file
    block again.  In that case, when that new file is memory-mapped,
    under certain circumstances, VM may end up using the metadata
    block to satisfy a page fault on the file, due to the stale inode
    association.  The result is a corrupted memory mapping, with the
    application seeing data other than the current file contents
    mapped in at the file block.

 2. When a hole is created in a file, the underlying block is freed
    from the device, but VM is not informed of this update, and thus,
    if VM's cache contains the block with its previous inode
    association, this block will remain there.  As a result, if an
    application subsequently memory-maps the file, VM will map in the
    old block at the position of the hole, rather than an all-zeroes
    block.  Thus, again, the result is a corrupted memory mapping.

This patch resolves both issues by making the file system inform the
minixfs library about blocks being freed, so that libminixfs can
break the inode association for that block, both in its own cache and
in the VM cache.  Since libminixfs does not know whether VM has the
block in its cache or not, it makes a call to VM for each block being
freed.  Thus, this change introduces more calls to VM, but it solves
the correctness issues at hand; optimizations may be introduced
later.  On the upside, all freed blocks are now marked as clean,
which should result in fewer blocks being written back to the device,
and the blocks are removed from the caches entirely, which should
result in slightly better cache usage.

This patch is necessary but not sufficient to resolve the situation
with respect to memory mapping of file holes in general.  Therefore,
this patch extends test 74 with a (rather particular but effective)
test for the first issue, but not yet with a test for the second one.

This fixes #90.

Change-Id: Iad8b134d2f88a884f15d3fc303e463280749c467
2015-08-13 13:46:46 +00:00
David van Moolenbroek
b65ad59e08 libminixfs: add support for 64-bit block numbers
There are currently no devices out there that require this change.
The change is merely needed to support subsequent changes.

Change-Id: I64214c5f46ff4a2260815d15c15e4a17709b9036
2015-08-13 13:46:44 +00:00
David van Moolenbroek
bd851af48f VFS: merge scratchpad into fproc
There is no reason to keep these tightly coupled data structures
separate.  Moreover, there is no reason to have a union of file
descriptor and file pointer, since the second can be derived from
the first.  The result are somewhat cleaner VFS internals.

Change-Id: I854da7d8291177878eecfc3077ef0a9e0cc82aaa
2015-08-13 13:45:02 +00:00
David van Moolenbroek
162f54c289 service(8): no need to include kernel headers
Change-Id: I8fb7a1a58457909b7759a74925a12cf9b11261f0
2015-08-13 13:44:57 +00:00
David van Moolenbroek
e9cd054009 Restore and expand NONE_MAJOR comment
This fixes #50.

Change-Id: I318d08e8c57c12cfd409700b14c88a90c81a1715
2015-08-13 13:44:52 +00:00
David van Moolenbroek
a6fc634735 etc: create system log files
The new syslogd(8) does not create log files that do not already
exist, and thus, we adopt the NetBSD way of creating them.

Change-Id: Icd7fdba362726696df6a52dd55c049fd2bfcc2d3
2015-08-10 11:38:16 +00:00
David van Moolenbroek
ec725af4c5 lwip: no need to retrieve own endpoint
Change-Id: I86bd20be9b1aec4116edbe112eb562737860568f
2015-08-08 16:57:14 +00:00
David van Moolenbroek
efa7e3e6d2 Kernel: correctly set USE_ defines from Makefile
Without defining these to 1, #if statements on them will fail.

Change-Id: Ifc4824a6ffacc4bebcfd6f1110c864d7eb16401a
2015-08-08 16:56:37 +00:00
David van Moolenbroek
a082b2af62 libsys: add Tomas Hruby's asynsend barrier
This barrier ensures that all fields of an asynchronously sent
message are properly initialized before the message is marked as
valid.

Change-Id: I7b9590c11c4e040c8f992f1dd2581e54201bf214
2015-08-08 16:56:20 +00:00
David van Moolenbroek
3091b8cf26 Kernel: fix async message failure handling crash
If an asynchronous message is delivered during an ipc_receive(2) call,
but a failure occurred while copying out the status to the sending
process, then the receiving process would be left in an inconsistent
state, leading to a kernel crash shortly after.

For now, we fix this by altogether ignoring errors while copying out
the status field to the sending process.  While this resolves the
kernel crash, it is hardly ideal, since it will likely cause the same
message to be delivered repeatedly.  It would be better to disable
asynchronous communication from the sender process altogether, but this
solution requires more changes and thus more testing.

Change-Id: Ib00bf01ad29cdd10a5dee731d4788254d9037a76
2015-08-08 16:55:52 +00:00
David van Moolenbroek
e10ce184e4 libsys: make tickdelay(3) more reliable
Previously, there was a tiny chance that tickdelay(3) would return
early or that it would fail to reinstate a previous alarm.

- sys_setalarm(2) now returns TMR_NEVER instead of 0 for the time
  left if no previous alarm was set;
- sys_setalarm(2) now also returns the current time, to allow the
  caller to determine whether it got an alarm notification for the
  alarm it set or for a previous alarm that has just gone off;
- tickdelay(3) now makes use of these facilities.

Change-Id: Id4f8fe19a61ca8574f43131964e6f0317f613f49
2015-08-08 16:55:23 +00:00
David van Moolenbroek
8731fd1c47 audio: use standard Makefile structure
The previous approach of including libraries through the parent
directory's Makefile.inc created linking issues, with libchardriver
not finding snprintf in certain cases.  The new approach of including
libraries through the driver's only Makefile is the one used by all
other drivers.

Change-Id: I96e6308e12e54f0fce8ecf58bd061269860d4355
2015-08-08 16:55:03 +00:00
Kaustubh Kelkar
989398b447 Importing bin/domainname utility
Change-Id: Iaf2067296195d2d55b93d00ac593b431572ca4cd
2015-07-28 21:56:19 +00:00
David van Moolenbroek
ea69bfc71d tests: resolve new compiler warnings
Change-Id: I57f6602a9fe9e8524f7da4320b0d1a46889b90d6
2015-07-28 14:18:35 +00:00
Jean-Baptiste Boric
1facb0487c libc: add posix_spawn family of functions
The implementation is taken from newlib (BSD licensed) and test84 is based
on NetBSD's t_spawn.c

Change-Id: Ia4e9dd5204a0b4ef241a451978057e11fb29e3d6
2015-07-28 14:18:03 +00:00
Jacob Adams
7b2da7b2c7 update_bootcfg(8): Add actually useful information
Change-Id: I3f1aa2141827b3dc4072f2e8cedeecb40006e626
2015-07-28 10:03:50 +00:00
Jacob Adams
e01448dd84 Close #83 with fix suggested
Change-Id: I83975a0963d09eab73df62adf81ce8027ca41bb0
2015-07-28 09:58:12 +00:00
David van Moolenbroek
d8127f841f patch(1): fix arbitrary code execution bug
This is the combination of two NetBSD patches committed by Christos
Zoulas, based on the findings and Bitrig patch by Martin Natano.
The NetBSD log messages read:

  From Martin Natano @bitrig: Use execve(2) instead of system to
  apply patches that require rcs command execution instead system(3)
  to avoid malicious filenames in patches causing bad things to
  happen. In the process, lose SCCS support. It is not like we are
  shipping sccs commands for that to work.

And:

  Use absolute paths for RCS commands (Martin Natano)

Change-Id: Id44bd59a5a6bc6cd95d1e1fae468bd718cfff2db
2015-07-26 15:53:47 +00:00
Leonardo Fogel
4796287659 eMMC: add support to 8-bit mode.
Change-Id: I0470130eb5f8de319cd55c448a9aa1b9131e8e07
2015-07-26 15:53:37 +00:00
David van Moolenbroek
3e07920fe2 Import NetBSD syslogd(8)
The primary reason for the import is a likely GPL taint of the
original MINIX3 syslogd.  As a result, this import may still
have some rough edges.

Change-Id: I5c8d26eca10fc2dd50ecc9eab44a1d483cf068a9
2015-07-26 11:57:04 +00:00