CVS commit: [netbsd-10] src/sys/kern

2024-03-11 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Mon Mar 11 18:00:06 UTC 2024

Modified Files:
src/sys/kern [netbsd-10]: sysv_shm.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #626):

sys/kern/sysv_shm.c: revision 1.142

Avoid overflow when computing kern.ipc.shmmax. Keep shmmax (bytes) and
shmall (pages) values aligned and use arithmetic everywhere instead
of shifts.

Should fix PR 57979


To generate a diff of this commit:
cvs rdiff -u -r1.141 -r1.141.26.1 src/sys/kern/sysv_shm.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/kern/sysv_shm.c
diff -u src/sys/kern/sysv_shm.c:1.141 src/sys/kern/sysv_shm.c:1.141.26.1
--- src/sys/kern/sysv_shm.c:1.141	Wed Oct  9 17:47:13 2019
+++ src/sys/kern/sysv_shm.c	Mon Mar 11 18:00:06 2024
@@ -1,4 +1,4 @@
-/*	$NetBSD: sysv_shm.c,v 1.141 2019/10/09 17:47:13 chs Exp $	*/
+/*	$NetBSD: sysv_shm.c,v 1.141.26.1 2024/03/11 18:00:06 martin Exp $	*/
 
 /*-
  * Copyright (c) 1999, 2007 The NetBSD Foundation, Inc.
@@ -61,7 +61,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: sysv_shm.c,v 1.141 2019/10/09 17:47:13 chs Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sysv_shm.c,v 1.141.26.1 2024/03/11 18:00:06 martin Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_sysv.h"
@@ -961,10 +961,10 @@ shminit(void)
 	ALIGN(shminfo.shmmni * sizeof(struct shmid_ds)));
 
 	if (shminfo.shmmax == 0)
-		shminfo.shmmax = uimax(physmem / 4, 1024) * PAGE_SIZE;
+		shminfo.shmall = uimax(physmem / 4, 1024);
 	else
-		shminfo.shmmax *= PAGE_SIZE;
-	shminfo.shmall = shminfo.shmmax / PAGE_SIZE;
+		shminfo.shmall = shminfo.shmmax / PAGE_SIZE;
+	shminfo.shmmax = (uint64_t)shminfo.shmall * PAGE_SIZE;
 
 	for (i = 0; i < shminfo.shmmni; i++) {
 		cv_init(_cv[i], "shmwait");
@@ -1083,7 +1083,7 @@ sysctl_ipc_shmmax(SYSCTLFN_ARGS)
 		return EINVAL;
 
 	shminfo.shmmax = round_page(newsize);
-	shminfo.shmall = shminfo.shmmax >> PAGE_SHIFT;
+	shminfo.shmall = shminfo.shmmax / PAGE_SIZE;
 
 	return 0;
 }



CVS commit: [netbsd-10] src/sys/kern

2024-03-11 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Mon Mar 11 18:00:06 UTC 2024

Modified Files:
src/sys/kern [netbsd-10]: sysv_shm.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #626):

sys/kern/sysv_shm.c: revision 1.142

Avoid overflow when computing kern.ipc.shmmax. Keep shmmax (bytes) and
shmall (pages) values aligned and use arithmetic everywhere instead
of shifts.

Should fix PR 57979


To generate a diff of this commit:
cvs rdiff -u -r1.141 -r1.141.26.1 src/sys/kern/sysv_shm.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: [netbsd-10] src/sys/kern

2023-11-29 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Wed Nov 29 12:25:17 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: exec_subr.c

Log Message:
Additionally pull up the following for ticket #477:

sys/kern/exec_subr.c1.87

Fix build for kernels w/o PAX_MPROTECT.


To generate a diff of this commit:
cvs rdiff -u -r1.84.20.1 -r1.84.20.2 src/sys/kern/exec_subr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/kern/exec_subr.c
diff -u src/sys/kern/exec_subr.c:1.84.20.1 src/sys/kern/exec_subr.c:1.84.20.2
--- src/sys/kern/exec_subr.c:1.84.20.1	Tue Nov 28 12:56:28 2023
+++ src/sys/kern/exec_subr.c	Wed Nov 29 12:25:17 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: exec_subr.c,v 1.84.20.1 2023/11/28 12:56:28 martin Exp $	*/
+/*	$NetBSD: exec_subr.c,v 1.84.20.2 2023/11/29 12:25:17 martin Exp $	*/
 
 /*
  * Copyright (c) 1993, 1994, 1996 Christopher G. Demetriou
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: exec_subr.c,v 1.84.20.1 2023/11/28 12:56:28 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: exec_subr.c,v 1.84.20.2 2023/11/29 12:25:17 martin Exp $");
 
 #include "opt_pax.h"
 
@@ -162,7 +162,7 @@ static int
 vmcmd_get_prot(struct lwp *l, const struct exec_vmcmd *cmd, vm_prot_t *prot,
 vm_prot_t *maxprot)
 {
-	vm_prot_t extraprot = PROT_MPROTECT_EXTRACT(cmd->ev_prot);
+	vm_prot_t extraprot __unused = PROT_MPROTECT_EXTRACT(cmd->ev_prot);
 
 	*prot = cmd->ev_prot & UVM_PROT_ALL;
 	*maxprot = PAX_MPROTECT_MAXPROTECT(l, *prot, extraprot, UVM_PROT_ALL);



CVS commit: [netbsd-10] src/sys/kern

2023-11-29 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Wed Nov 29 12:25:17 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: exec_subr.c

Log Message:
Additionally pull up the following for ticket #477:

sys/kern/exec_subr.c1.87

Fix build for kernels w/o PAX_MPROTECT.


To generate a diff of this commit:
cvs rdiff -u -r1.84.20.1 -r1.84.20.2 src/sys/kern/exec_subr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: [netbsd-10] src/sys/kern

2023-11-27 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Mon Nov 27 20:00:17 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: uipc_mbuf.c

Log Message:
Pull up following revision(s) (requested by ozaki-r in ticket #475):
sys/kern/uipc_mbuf.c: revision 1.252

mbuf: avoid assertion failure when splitting mbuf cluster

>From OpenBSD:
commit 7b4d35e0a60ba1dd4daf4b1c2932020a22463a89
Author: bluhm 
Date:   Fri Oct 20 16:25:15 2023 +
Avoid assertion failure when splitting mbuf cluster.
m_split() calls m_align() to initialize the data pointer of newly
allocated mbuf.  If the new mbuf will be converted to a cluster,
this is not necessary.  If additionally the new mbuf is larger than
MLEN, this can lead to a panic.
Only call m_align() when a valid m_data is needed.  This is the
case if we do not refecence the existing cluster, but memcpy() the
data into the new mbuf.
Reported-by: syzbot+0e6817f5877926f0e...@syzkaller.appspotmail.com
OK claudio@ deraadt@

The issue is harmless if DIAGNOSTIC is not enabled.


To generate a diff of this commit:
cvs rdiff -u -r1.247 -r1.247.2.1 src/sys/kern/uipc_mbuf.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/kern/uipc_mbuf.c
diff -u src/sys/kern/uipc_mbuf.c:1.247 src/sys/kern/uipc_mbuf.c:1.247.2.1
--- src/sys/kern/uipc_mbuf.c:1.247	Fri Dec 16 08:42:55 2022
+++ src/sys/kern/uipc_mbuf.c	Mon Nov 27 20:00:17 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: uipc_mbuf.c,v 1.247 2022/12/16 08:42:55 msaitoh Exp $	*/
+/*	$NetBSD: uipc_mbuf.c,v 1.247.2.1 2023/11/27 20:00:17 martin Exp $	*/
 
 /*
  * Copyright (c) 1999, 2001, 2018 The NetBSD Foundation, Inc.
@@ -62,7 +62,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: uipc_mbuf.c,v 1.247 2022/12/16 08:42:55 msaitoh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: uipc_mbuf.c,v 1.247.2.1 2023/11/27 20:00:17 martin Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_mbuftrace.h"
@@ -1286,10 +1286,7 @@ m_split_internal(struct mbuf *m0, int le
 		len_save = m0->m_pkthdr.len;
 		m0->m_pkthdr.len = len0;
 
-		if (m->m_flags & M_EXT)
-			goto extpacket;
-
-		if (remain > MHLEN) {
+		if ((m->m_flags & M_EXT) == 0 && remain > MHLEN) {
 			/* m can't be the lead packet */
 			m_align(n, 0);
 			n->m_len = 0;
@@ -1300,8 +1297,6 @@ m_split_internal(struct mbuf *m0, int le
 return NULL;
 			}
 			return n;
-		} else {
-			m_align(n, remain);
 		}
 	} else if (remain == 0) {
 		n = m->m_next;
@@ -1312,14 +1307,13 @@ m_split_internal(struct mbuf *m0, int le
 		if (n == NULL)
 			return NULL;
 		MCLAIM(n, m->m_owner);
-		m_align(n, remain);
 	}
 
-extpacket:
 	if (m->m_flags & M_EXT) {
 		n->m_data = m->m_data + len;
 		MCLADDREFERENCE(m, n);
 	} else {
+		m_align(n, remain);
 		memcpy(mtod(n, void *), mtod(m, char *) + len, remain);
 	}
 



CVS commit: [netbsd-10] src/sys/kern

2023-11-27 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Mon Nov 27 20:00:17 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: uipc_mbuf.c

Log Message:
Pull up following revision(s) (requested by ozaki-r in ticket #475):
sys/kern/uipc_mbuf.c: revision 1.252

mbuf: avoid assertion failure when splitting mbuf cluster

>From OpenBSD:
commit 7b4d35e0a60ba1dd4daf4b1c2932020a22463a89
Author: bluhm 
Date:   Fri Oct 20 16:25:15 2023 +
Avoid assertion failure when splitting mbuf cluster.
m_split() calls m_align() to initialize the data pointer of newly
allocated mbuf.  If the new mbuf will be converted to a cluster,
this is not necessary.  If additionally the new mbuf is larger than
MLEN, this can lead to a panic.
Only call m_align() when a valid m_data is needed.  This is the
case if we do not refecence the existing cluster, but memcpy() the
data into the new mbuf.
Reported-by: syzbot+0e6817f5877926f0e...@syzkaller.appspotmail.com
OK claudio@ deraadt@

The issue is harmless if DIAGNOSTIC is not enabled.


To generate a diff of this commit:
cvs rdiff -u -r1.247 -r1.247.2.1 src/sys/kern/uipc_mbuf.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: [netbsd-10] src/sys/kern

2023-11-26 Thread Manuel Bouyer
Module Name:src
Committed By:   bouyer
Date:   Sun Nov 26 12:33:19 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: sys_eventfd.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #468):
sys/kern/sys_eventfd.c: revision 1.10
eventfd(2): Omit needless micro-optimization causing PR kern/57703.
Unfortunately, owing to PR kern/57705 and PR misc/57706, it isn't
convenient to flip the xfail switch on a test for this bug.  So we'll
do that separately.  (But I did verify that a rumpified version of
the test postd to PR kern/57703 failed without this change, and
passed with this change.)
PR kern/57703
XXX pullup-10


To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.9.4.1 src/sys/kern/sys_eventfd.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: [netbsd-10] src/sys/kern

2023-11-26 Thread Manuel Bouyer
Module Name:src
Committed By:   bouyer
Date:   Sun Nov 26 12:33:19 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: sys_eventfd.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #468):
sys/kern/sys_eventfd.c: revision 1.10
eventfd(2): Omit needless micro-optimization causing PR kern/57703.
Unfortunately, owing to PR kern/57705 and PR misc/57706, it isn't
convenient to flip the xfail switch on a test for this bug.  So we'll
do that separately.  (But I did verify that a rumpified version of
the test postd to PR kern/57703 failed without this change, and
passed with this change.)
PR kern/57703
XXX pullup-10


To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.9.4.1 src/sys/kern/sys_eventfd.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/kern/sys_eventfd.c
diff -u src/sys/kern/sys_eventfd.c:1.9 src/sys/kern/sys_eventfd.c:1.9.4.1
--- src/sys/kern/sys_eventfd.c:1.9	Thu Feb 17 16:28:29 2022
+++ src/sys/kern/sys_eventfd.c	Sun Nov 26 12:33:19 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: sys_eventfd.c,v 1.9 2022/02/17 16:28:29 thorpej Exp $	*/
+/*	$NetBSD: sys_eventfd.c,v 1.9.4.1 2023/11/26 12:33:19 bouyer Exp $	*/
 
 /*-
  * Copyright (c) 2020 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: sys_eventfd.c,v 1.9 2022/02/17 16:28:29 thorpej Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sys_eventfd.c,v 1.9.4.1 2023/11/26 12:33:19 bouyer Exp $");
 
 /*
  * eventfd
@@ -69,8 +69,6 @@ struct eventfd {
 	eventfd_t	efd_val;
 	int64_t		efd_nwaiters;
 	bool		efd_restarting;
-	bool		efd_has_read_waiters;
-	bool		efd_has_write_waiters;
 	bool		efd_is_semaphore;
 
 	/*
@@ -117,8 +115,6 @@ eventfd_destroy(struct eventfd * const e
 {
 
 	KASSERT(efd->efd_nwaiters == 0);
-	KASSERT(efd->efd_has_read_waiters == false);
-	KASSERT(efd->efd_has_write_waiters == false);
 
 	cv_destroy(>efd_read_wait);
 	cv_destroy(>efd_write_wait);
@@ -155,10 +151,8 @@ eventfd_wait(struct eventfd * const efd,
 	}
 
 	if (is_write) {
-		efd->efd_has_write_waiters = true;
 		waitcv = >efd_write_wait;
 	} else {
-		efd->efd_has_read_waiters = true;
 		waitcv = >efd_read_wait;
 	}
 
@@ -194,17 +188,11 @@ eventfd_wake(struct eventfd * const efd,
 	int pollev;
 
 	if (is_write) {
-		if (efd->efd_has_read_waiters) {
-			waitcv = >efd_read_wait;
-			efd->efd_has_read_waiters = false;
-		}
+		waitcv = >efd_read_wait;
 		sel = >efd_read_sel;
 		pollev = POLLIN | POLLRDNORM;
 	} else {
-		if (efd->efd_has_write_waiters) {
-			waitcv = >efd_write_wait;
-			efd->efd_has_write_waiters = false;
-		}
+		waitcv = >efd_write_wait;
 		sel = >efd_write_sel;
 		pollev = POLLOUT | POLLWRNORM;
 	}
@@ -537,14 +525,8 @@ eventfd_fop_restart(file_t * const fp)
 
 	if (efd->efd_nwaiters != 0) {
 		efd->efd_restarting = true;
-		if (efd->efd_has_read_waiters) {
-			cv_broadcast(>efd_read_wait);
-			efd->efd_has_read_waiters = false;
-		}
-		if (efd->efd_has_write_waiters) {
-			cv_broadcast(>efd_write_wait);
-			efd->efd_has_write_waiters = false;
-		}
+		cv_broadcast(>efd_read_wait);
+		cv_broadcast(>efd_write_wait);
 	}
 
 	mutex_exit(>efd_lock);



CVS commit: [netbsd-10] src/sys/kern

2023-10-18 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Wed Oct 18 15:03:12 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: subr_thmap.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #423):

sys/kern/subr_thmap.c: revision 1.14
sys/kern/subr_thmap.c: revision 1.15

thmap(9): Test alloc failure, not THMAP_GETPTR failure.
THMAP_GETPTR may return nonnull even though alloc returned zero.

Note that this failure branch is not actually appropriate;
thmap_create should not fail.  We really need to pass KM_SLEEP
through in this call site even though there are other call sites for
which KM_NOSLEEP is appropriate.

Adapted from: https://github.com/rmind/thmap/pull/14
PR kern/57666
https://github.com/rmind/thmap/issues/13

thmap(9): Preallocate GC list storage for thmap_del.
thmap_del can't fail, and it is used in places in npf where sleeping
is forbidden, so it can't rely on allocating memory either.
Instead of having thmap_del allocate memory on the fly for each
object to defer freeing until thmap_gc, arrange to have thmap(9)
preallocate the same storage when allocating all the objects in the
first place, with a GC header.

This is suboptimal for memory usage, especially on insertion- and
lookup-heavy but deletion-light workloads, but it's not clear rmind's
alternative (https://github.com/rmind/thmap/tree/thmap_del_mem_fail)
is ready to use yet, so we'll go with this for correctness.
PR kern/57208

https://github.com/rmind/npf/issues/129


To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.12.4.1 src/sys/kern/subr_thmap.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: [netbsd-10] src/sys/kern

2023-10-18 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Wed Oct 18 15:03:12 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: subr_thmap.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #423):

sys/kern/subr_thmap.c: revision 1.14
sys/kern/subr_thmap.c: revision 1.15

thmap(9): Test alloc failure, not THMAP_GETPTR failure.
THMAP_GETPTR may return nonnull even though alloc returned zero.

Note that this failure branch is not actually appropriate;
thmap_create should not fail.  We really need to pass KM_SLEEP
through in this call site even though there are other call sites for
which KM_NOSLEEP is appropriate.

Adapted from: https://github.com/rmind/thmap/pull/14
PR kern/57666
https://github.com/rmind/thmap/issues/13

thmap(9): Preallocate GC list storage for thmap_del.
thmap_del can't fail, and it is used in places in npf where sleeping
is forbidden, so it can't rely on allocating memory either.
Instead of having thmap_del allocate memory on the fly for each
object to defer freeing until thmap_gc, arrange to have thmap(9)
preallocate the same storage when allocating all the objects in the
first place, with a GC header.

This is suboptimal for memory usage, especially on insertion- and
lookup-heavy but deletion-light workloads, but it's not clear rmind's
alternative (https://github.com/rmind/thmap/tree/thmap_del_mem_fail)
is ready to use yet, so we'll go with this for correctness.
PR kern/57208

https://github.com/rmind/npf/issues/129


To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.12.4.1 src/sys/kern/subr_thmap.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/kern/subr_thmap.c
diff -u src/sys/kern/subr_thmap.c:1.12 src/sys/kern/subr_thmap.c:1.12.4.1
--- src/sys/kern/subr_thmap.c:1.12	Sat Apr  9 23:51:57 2022
+++ src/sys/kern/subr_thmap.c	Wed Oct 18 15:03:12 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: subr_thmap.c,v 1.12 2022/04/09 23:51:57 riastradh Exp $	*/
+/*	$NetBSD: subr_thmap.c,v 1.12.4.1 2023/10/18 15:03:12 martin Exp $	*/
 
 /*-
  * Copyright (c) 2018 Mindaugas Rasiukevicius 
@@ -112,7 +112,7 @@
 #include "utils.h"
 #endif
 
-THMAP_RCSID("$NetBSD: subr_thmap.c,v 1.12 2022/04/09 23:51:57 riastradh Exp $");
+THMAP_RCSID("$NetBSD: subr_thmap.c,v 1.12.4.1 2023/10/18 15:03:12 martin Exp $");
 
 #include 
 
@@ -212,11 +212,17 @@ typedef struct {
 	uint32_t	hashval;	// current hash value
 } thmap_query_t;
 
-typedef struct {
-	uintptr_t	addr;
+union thmap_align {
+	void *		p;
+	uint64_t	v;
+};
+
+typedef struct thmap_gc thmap_gc_t;
+struct thmap_gc {
 	size_t		len;
-	void *		next;
-} thmap_gc_t;
+	thmap_gc_t *	next;
+	char		data[] __aligned(sizeof(union thmap_align));
+};
 
 #define	THMAP_ROOT_LEN	(sizeof(thmap_ptr_t) * ROOT_SIZE)
 
@@ -252,6 +258,34 @@ static const thmap_ops_t thmap_default_o
 	.free = free_wrapper
 };
 
+static uintptr_t
+gc_alloc(const thmap_t *thmap, size_t len)
+{
+	const size_t alloclen = offsetof(struct thmap_gc, data[len]);
+	const uintptr_t gcaddr = thmap->ops->alloc(alloclen);
+
+	if (!gcaddr)
+		return 0;
+
+	thmap_gc_t *const gc = THMAP_GETPTR(thmap, gcaddr);
+	gc->len = len;
+	return THMAP_GETOFF(thmap, >data[0]);
+}
+
+static void
+gc_free(const thmap_t *thmap, uintptr_t addr, size_t len)
+{
+	const size_t alloclen = offsetof(struct thmap_gc, data[len]);
+	char *const ptr = THMAP_GETPTR(thmap, addr);
+	thmap_gc_t *const gc = container_of(ptr, struct thmap_gc, data[0]);
+	const uintptr_t gcaddr = THMAP_GETOFF(thmap, gc);
+
+	KASSERTMSG(gc->len == len, "thmap=%p ops=%p addr=%p len=%zu"
+	" gc=%p gc->len=%zu",
+	thmap, thmap->ops, (void *)addr, len, gc, gc->len);
+	thmap->ops->free(gcaddr, alloclen);
+}
+
 /*
  * NODE LOCKING.
  */
@@ -395,7 +429,7 @@ node_create(thmap_t *thmap, thmap_inode_
 	thmap_inode_t *node;
 	uintptr_t p;
 
-	p = thmap->ops->alloc(THMAP_INODE_LEN);
+	p = gc_alloc(thmap, THMAP_INODE_LEN);
 	if (!p) {
 		return NULL;
 	}
@@ -456,7 +490,7 @@ leaf_create(const thmap_t *thmap, const 
 	thmap_leaf_t *leaf;
 	uintptr_t leaf_off, key_off;
 
-	leaf_off = thmap->ops->alloc(sizeof(thmap_leaf_t));
+	leaf_off = gc_alloc(thmap, sizeof(thmap_leaf_t));
 	if (!leaf_off) {
 		return NULL;
 	}
@@ -467,9 +501,9 @@ leaf_create(const thmap_t *thmap, const 
 		/*
 		 * Copy the key.
 		 */
-		key_off = thmap->ops->alloc(len);
+		key_off = gc_alloc(thmap, len);
 		if (!key_off) {
-			thmap->ops->free(leaf_off, sizeof(thmap_leaf_t));
+			gc_free(thmap, leaf_off, sizeof(thmap_leaf_t));
 			return NULL;
 		}
 		memcpy(THMAP_GETPTR(thmap, key_off), key, len);
@@ -487,9 +521,9 @@ static void
 leaf_free(const thmap_t *thmap, thmap_leaf_t *leaf)
 {
 	if ((thmap->flags & THMAP_NOCOPY) == 0) {
-		thmap->ops->free(leaf->key, leaf->len);
+		gc_free(thmap, leaf->key, leaf->len);
 	}
-	thmap->ops->free(THMAP_GETOFF(thmap, leaf), sizeof(thmap_leaf_t));
+	gc_free(thmap, THMAP_GETOFF(thmap, leaf), sizeof(thmap_leaf_t));
 }
 
 

CVS commit: [netbsd-10] src/sys/kern

2023-08-01 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Tue Aug  1 16:10:59 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: kern_entropy.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #294):

sys/kern/kern_entropy.c: revision 1.60
sys/kern/kern_entropy.c: revision 1.61

entropy(9): On flags change, cancel any scheduled consolidation.

We've been instructed to lose confidence in existing entropy sources,
so let's make sure to re-gather enough entropy before the next
consolidation can happen, in case some of what would be counted in
consolidation is from those entropy sources.

entropy(9): Avoid race between rnd_add_data and ioctl(RNDCTL).


To generate a diff of this commit:
cvs rdiff -u -r1.57.4.2 -r1.57.4.3 src/sys/kern/kern_entropy.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/kern/kern_entropy.c
diff -u src/sys/kern/kern_entropy.c:1.57.4.2 src/sys/kern/kern_entropy.c:1.57.4.3
--- src/sys/kern/kern_entropy.c:1.57.4.2	Mon Jul 31 15:57:43 2023
+++ src/sys/kern/kern_entropy.c	Tue Aug  1 16:10:59 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_entropy.c,v 1.57.4.2 2023/07/31 15:57:43 martin Exp $	*/
+/*	$NetBSD: kern_entropy.c,v 1.57.4.3 2023/08/01 16:10:59 martin Exp $	*/
 
 /*-
  * Copyright (c) 2019 The NetBSD Foundation, Inc.
@@ -75,7 +75,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.57.4.2 2023/07/31 15:57:43 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.57.4.3 2023/08/01 16:10:59 martin Exp $");
 
 #include 
 #include 
@@ -1910,6 +1910,14 @@ rnd_add_data(struct krndsource *rs, cons
 		return;
 	}
 
+	/*
+	 * Hold up the reset xcall before it zeroes the entropy counts
+	 * on this CPU or globally.  Otherwise, we might leave some
+	 * nonzero entropy attributed to an untrusted source in the
+	 * event of a race with a change to flags.
+	 */
+	kpreempt_disable();
+
 	/* Load a snapshot of the flags.  Ioctl may change them under us.  */
 	flags = atomic_load_relaxed(>flags);
 
@@ -1922,7 +1930,7 @@ rnd_add_data(struct krndsource *rs, cons
 	if (!atomic_load_relaxed(_collection) ||
 	ISSET(flags, RND_FLAG_NO_COLLECT) ||
 	!ISSET(flags, RND_FLAG_COLLECT_VALUE|RND_FLAG_COLLECT_TIME))
-		return;
+		goto out;
 
 	/* If asked, ignore the estimate.  */
 	if (ISSET(flags, RND_FLAG_NO_ESTIMATE))
@@ -1939,6 +1947,9 @@ rnd_add_data(struct krndsource *rs, cons
 		rnd_add_data_1(rs, , sizeof extra, 0,
 		RND_FLAG_COLLECT_TIME);
 	}
+
+out:	/* Allow concurrent changes to flags to finish.  */
+	kpreempt_enable();
 }
 
 static unsigned
@@ -2414,6 +2425,7 @@ entropy_ioctl(unsigned long cmd, void *d
 			E->pending = 0;
 			atomic_store_relaxed(>needed,
 			ENTROPY_CAPACITY*NBBY);
+			E->consolidate = false;
 			mutex_exit(>lock);
 		}
 



CVS commit: [netbsd-10] src/sys/kern

2023-08-01 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Tue Aug  1 16:10:59 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: kern_entropy.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #294):

sys/kern/kern_entropy.c: revision 1.60
sys/kern/kern_entropy.c: revision 1.61

entropy(9): On flags change, cancel any scheduled consolidation.

We've been instructed to lose confidence in existing entropy sources,
so let's make sure to re-gather enough entropy before the next
consolidation can happen, in case some of what would be counted in
consolidation is from those entropy sources.

entropy(9): Avoid race between rnd_add_data and ioctl(RNDCTL).


To generate a diff of this commit:
cvs rdiff -u -r1.57.4.2 -r1.57.4.3 src/sys/kern/kern_entropy.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: [netbsd-10] src/sys/kern

2023-08-01 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Tue Aug  1 15:05:06 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: vfs_vnops.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #287):

sys/kern/vfs_vnops.c: revision 1.238

readdir(2), lseek(2): Fix races in access to struct file::f_offset.

For non-directory vnodes:
- reading f_offset requires a shared or exclusive vnode lock
- writing f_offset requires an exclusive vnode lock

For directory vnodes, access (read or write) requires either:
- a shared vnode lock AND f_lock, or
- an exclusive vnode lock.

This way, two files for the same underlying directory vnode can still
do VOP_READDIR in parallel, but if two readdir(2) or lseek(2) calls
run in parallel on the same file, the load and store of f_offset is
atomic (otherwise, e.g., on 32-bit systems it might be torn and lead
to corrupt offsets).

There is still a potential problem: the _whole transaction_ of
readdir(2) may not be atomic.  For example, if thread A and thread B
read n bytes of directory content, thread A might get bytes [0,n) and
thread B might get bytes [n,2n) but f_offset might end up at n
instead of 2n once both operations complete.  (However, f_offset
wouldn't be some corrupt garbled number like n & 0x.)

Fixing this would require either:
(a) using an exclusive vnode lock in vn_readdir,
(b) introducing a new lock that serializes vn_readdir on the same
file (but ont necessarily the same vnode), or
(c) proving it is safe to hold f_lock across VOP_READDIR, VOP_SEEK,
and VOP_GETATTR.


To generate a diff of this commit:
cvs rdiff -u -r1.235 -r1.235.4.1 src/sys/kern/vfs_vnops.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/kern/vfs_vnops.c
diff -u src/sys/kern/vfs_vnops.c:1.235 src/sys/kern/vfs_vnops.c:1.235.4.1
--- src/sys/kern/vfs_vnops.c:1.235	Sat Aug  6 21:21:10 2022
+++ src/sys/kern/vfs_vnops.c	Tue Aug  1 15:05:05 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: vfs_vnops.c,v 1.235 2022/08/06 21:21:10 riastradh Exp $	*/
+/*	$NetBSD: vfs_vnops.c,v 1.235.4.1 2023/08/01 15:05:05 martin Exp $	*/
 
 /*-
  * Copyright (c) 2009 The NetBSD Foundation, Inc.
@@ -66,7 +66,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: vfs_vnops.c,v 1.235 2022/08/06 21:21:10 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: vfs_vnops.c,v 1.235.4.1 2023/08/01 15:05:05 martin Exp $");
 
 #include "veriexec.h"
 
@@ -590,9 +590,11 @@ unionread:
 	}
 	auio.uio_resid = count;
 	vn_lock(vp, LK_SHARED | LK_RETRY);
+	mutex_enter(>f_lock);
 	auio.uio_offset = fp->f_offset;
+	mutex_exit(>f_lock);
 	error = VOP_READDIR(vp, , fp->f_cred, , cookies,
-		ncookies);
+	ncookies);
 	mutex_enter(>f_lock);
 	fp->f_offset = auio.uio_offset;
 	mutex_exit(>f_lock);
@@ -651,7 +653,13 @@ vn_read(file_t *fp, off_t *offset, struc
 		vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
 	else
 		vn_lock(vp, LK_SHARED | LK_RETRY);
+	if (__predict_false(vp->v_type == VDIR) &&
+	offset == >f_offset && (flags & FOF_UPDATE_OFFSET) == 0)
+		mutex_enter(>f_lock);
 	uio->uio_offset = *offset;
+	if (__predict_false(vp->v_type == VDIR) &&
+	offset == >f_offset && (flags & FOF_UPDATE_OFFSET) == 0)
+		mutex_enter(>f_lock);
 	count = uio->uio_resid;
 	error = VOP_READ(vp, uio, ioflag, cred);
 	if (flags & FOF_UPDATE_OFFSET)
@@ -820,8 +828,13 @@ vn_ioctl(file_t *fp, u_long com, void *d
 		if (com == FIONREAD) {
 			vn_lock(vp, LK_SHARED | LK_RETRY);
 			error = VOP_GETATTR(vp, , kauth_cred_get());
-			if (error == 0)
+			if (error == 0) {
+if (vp->v_type == VDIR)
+	mutex_enter(>f_lock);
 *(int *)data = vattr.va_size - fp->f_offset;
+if (vp->v_type == VDIR)
+	mutex_exit(>f_lock);
+			}
 			VOP_UNLOCK(vp);
 			if (error)
 return error;
@@ -1144,7 +1157,11 @@ vn_seek(struct file *fp, off_t delta, in
 		vn_lock(vp, LK_SHARED | LK_RETRY);
 
 	/* Compute the old and new offsets.  */
+	if (vp->v_type == VDIR && (flags & FOF_UPDATE_OFFSET) == 0)
+		mutex_enter(>f_lock);
 	oldoff = fp->f_offset;
+	if (vp->v_type == VDIR && (flags & FOF_UPDATE_OFFSET) == 0)
+		mutex_exit(>f_lock);
 	switch (whence) {
 	case SEEK_CUR:
 		if (delta > 0) {



CVS commit: [netbsd-10] src/sys/kern

2023-08-01 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Tue Aug  1 15:05:06 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: vfs_vnops.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #287):

sys/kern/vfs_vnops.c: revision 1.238

readdir(2), lseek(2): Fix races in access to struct file::f_offset.

For non-directory vnodes:
- reading f_offset requires a shared or exclusive vnode lock
- writing f_offset requires an exclusive vnode lock

For directory vnodes, access (read or write) requires either:
- a shared vnode lock AND f_lock, or
- an exclusive vnode lock.

This way, two files for the same underlying directory vnode can still
do VOP_READDIR in parallel, but if two readdir(2) or lseek(2) calls
run in parallel on the same file, the load and store of f_offset is
atomic (otherwise, e.g., on 32-bit systems it might be torn and lead
to corrupt offsets).

There is still a potential problem: the _whole transaction_ of
readdir(2) may not be atomic.  For example, if thread A and thread B
read n bytes of directory content, thread A might get bytes [0,n) and
thread B might get bytes [n,2n) but f_offset might end up at n
instead of 2n once both operations complete.  (However, f_offset
wouldn't be some corrupt garbled number like n & 0x.)

Fixing this would require either:
(a) using an exclusive vnode lock in vn_readdir,
(b) introducing a new lock that serializes vn_readdir on the same
file (but ont necessarily the same vnode), or
(c) proving it is safe to hold f_lock across VOP_READDIR, VOP_SEEK,
and VOP_GETATTR.


To generate a diff of this commit:
cvs rdiff -u -r1.235 -r1.235.4.1 src/sys/kern/vfs_vnops.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: [netbsd-10] src/sys/kern

2023-08-01 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Tue Aug  1 14:53:54 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: subr_autoconf.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #285):

sys/kern/subr_autoconf.c: revision 1.308

autoconf(9): Avoid potential ABA bug in config_makeroom.

When we unlock alldevs_lock to allocate a new cd_devs array nsp,
other threads may have:
1. freed the old one (osp),
2. done some other memory allocation,
3. allocated a new _larger_ array whose address happens to concide
   with osp (e.g., in (2) the page was recycled for a different pool
   cache), and
4. updated cd_devs back to osp but increased cd_ndevs.

In that case, the memory may be corrupted: we try to copy the wrong
number of device_t pointers into nsp and we free osp with the wrong
(stale) length.

Avoid this by checking whether cd_ndevs has changed too -- if not,
osp might have been recycled but at least the lengths we're about to
copy and free are still correct so there's no harm in an ABA
situation.


To generate a diff of this commit:
cvs rdiff -u -r1.306.4.1 -r1.306.4.2 src/sys/kern/subr_autoconf.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/kern/subr_autoconf.c
diff -u src/sys/kern/subr_autoconf.c:1.306.4.1 src/sys/kern/subr_autoconf.c:1.306.4.2
--- src/sys/kern/subr_autoconf.c:1.306.4.1	Sun Jul 30 12:04:22 2023
+++ src/sys/kern/subr_autoconf.c	Tue Aug  1 14:53:54 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: subr_autoconf.c,v 1.306.4.1 2023/07/30 12:04:22 martin Exp $ */
+/* $NetBSD: subr_autoconf.c,v 1.306.4.2 2023/08/01 14:53:54 martin Exp $ */
 
 /*
  * Copyright (c) 1996, 2000 Christopher G. Demetriou
@@ -77,7 +77,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: subr_autoconf.c,v 1.306.4.1 2023/07/30 12:04:22 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: subr_autoconf.c,v 1.306.4.2 2023/08/01 14:53:54 martin Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_ddb.h"
@@ -1347,7 +1347,7 @@ config_makeroom(int n, struct cfdriver *
 		 * If another thread moved the array while we did
 		 * not hold alldevs_lock, try again.
 		 */
-		if (cd->cd_devs != osp) {
+		if (cd->cd_devs != osp || cd->cd_ndevs != ondevs) {
 			mutex_exit(_lock);
 			kmem_free(nsp, sizeof(device_t) * nndevs);
 			mutex_enter(_lock);



CVS commit: [netbsd-10] src/sys/kern

2023-08-01 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Tue Aug  1 14:53:54 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: subr_autoconf.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #285):

sys/kern/subr_autoconf.c: revision 1.308

autoconf(9): Avoid potential ABA bug in config_makeroom.

When we unlock alldevs_lock to allocate a new cd_devs array nsp,
other threads may have:
1. freed the old one (osp),
2. done some other memory allocation,
3. allocated a new _larger_ array whose address happens to concide
   with osp (e.g., in (2) the page was recycled for a different pool
   cache), and
4. updated cd_devs back to osp but increased cd_ndevs.

In that case, the memory may be corrupted: we try to copy the wrong
number of device_t pointers into nsp and we free osp with the wrong
(stale) length.

Avoid this by checking whether cd_ndevs has changed too -- if not,
osp might have been recycled but at least the lengths we're about to
copy and free are still correct so there's no harm in an ABA
situation.


To generate a diff of this commit:
cvs rdiff -u -r1.306.4.1 -r1.306.4.2 src/sys/kern/subr_autoconf.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: [netbsd-10] src/sys/kern

2023-07-31 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Mon Jul 31 16:20:14 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: uipc_domain.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #277):

sys/kern/uipc_domain.c: revision 1.109

sockaddr_alloc(9): Avoid uninitialized buffer in sockaddr_checklen.

Manifests only under DIAGNOSTIC because the DIAGNOSTIC check itself
uses an uninitialized buffer.


To generate a diff of this commit:
cvs rdiff -u -r1.108 -r1.108.18.1 src/sys/kern/uipc_domain.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: [netbsd-10] src/sys/kern

2023-07-31 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Mon Jul 31 16:20:14 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: uipc_domain.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #277):

sys/kern/uipc_domain.c: revision 1.109

sockaddr_alloc(9): Avoid uninitialized buffer in sockaddr_checklen.

Manifests only under DIAGNOSTIC because the DIAGNOSTIC check itself
uses an uninitialized buffer.


To generate a diff of this commit:
cvs rdiff -u -r1.108 -r1.108.18.1 src/sys/kern/uipc_domain.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/kern/uipc_domain.c
diff -u src/sys/kern/uipc_domain.c:1.108 src/sys/kern/uipc_domain.c:1.108.18.1
--- src/sys/kern/uipc_domain.c:1.108	Fri Nov  6 14:50:13 2020
+++ src/sys/kern/uipc_domain.c	Mon Jul 31 16:20:14 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: uipc_domain.c,v 1.108 2020/11/06 14:50:13 christos Exp $	*/
+/*	$NetBSD: uipc_domain.c,v 1.108.18.1 2023/07/31 16:20:14 martin Exp $	*/
 
 /*
  * Copyright (c) 1982, 1986, 1993
@@ -32,7 +32,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: uipc_domain.c,v 1.108 2020/11/06 14:50:13 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: uipc_domain.c,v 1.108.18.1 2023/07/31 16:20:14 martin Exp $");
 
 #include 
 #include 
@@ -324,6 +324,15 @@ sockaddr_alloc(sa_family_t af, socklen_t
 	struct sockaddr *sa;
 	socklen_t reallen = MAX(socklen, offsetof(struct sockaddr, sa_data[0]));
 
+#ifdef DIAGNOSTIC
+	/*
+	 * sockaddr_checklen passes sa to sockaddr_format which
+	 * requires it to be fully initialized.
+	 *
+	 * XXX This should be factored better.
+	 */
+	flags |= M_ZERO;
+#endif
 	if ((sa = malloc(reallen, M_SOCKADDR, flags)) == NULL)
 		return NULL;
 



CVS commit: [netbsd-10] src/sys/kern

2023-07-31 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Mon Jul 31 15:43:33 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: kern_entropy.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #270):

sys/kern/kern_entropy.c: revision 1.58

random(4): Report number of bytes ready to read, not number of bits.

Only affects systems with the diagnostic and testing option
kern.entropy.depletion=1.


To generate a diff of this commit:
cvs rdiff -u -r1.57 -r1.57.4.1 src/sys/kern/kern_entropy.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/kern/kern_entropy.c
diff -u src/sys/kern/kern_entropy.c:1.57 src/sys/kern/kern_entropy.c:1.57.4.1
--- src/sys/kern/kern_entropy.c:1.57	Fri Aug  5 23:43:46 2022
+++ src/sys/kern/kern_entropy.c	Mon Jul 31 15:43:33 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_entropy.c,v 1.57 2022/08/05 23:43:46 riastradh Exp $	*/
+/*	$NetBSD: kern_entropy.c,v 1.57.4.1 2023/07/31 15:43:33 martin Exp $	*/
 
 /*-
  * Copyright (c) 2019 The NetBSD Foundation, Inc.
@@ -75,7 +75,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.57 2022/08/05 23:43:46 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.57.4.1 2023/07/31 15:43:33 martin Exp $");
 
 #include 
 #include 
@@ -1554,7 +1554,7 @@ filt_entropy_read_event(struct knote *kn
 		ret = 0;
 	} else {
 		if (atomic_load_relaxed(_depletion))
-			kn->kn_data = ENTROPY_CAPACITY*NBBY;
+			kn->kn_data = ENTROPY_CAPACITY; /* bytes */
 		else
 			kn->kn_data = MIN(INT64_MAX, SSIZE_MAX);
 		ret = 1;



CVS commit: [netbsd-10] src/sys/kern

2023-07-31 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Mon Jul 31 15:43:33 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: kern_entropy.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #270):

sys/kern/kern_entropy.c: revision 1.58

random(4): Report number of bytes ready to read, not number of bits.

Only affects systems with the diagnostic and testing option
kern.entropy.depletion=1.


To generate a diff of this commit:
cvs rdiff -u -r1.57 -r1.57.4.1 src/sys/kern/kern_entropy.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: [netbsd-10] src/sys/kern

2023-07-31 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Mon Jul 31 14:45:59 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: kern_rwlock.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #266):

sys/kern/kern_rwlock.c: revision 1.68

rwlock(9): Fix membars.

rw_downgrade must be a release operation, and rw_tryupgrade must be
an acquire operation.  membar_producer is not enough -- need to use
membar_release and membar_acquire.

Discussed on tech-kern:
https://mail-index.netbsd.org/tech-kern/2023/02/22/msg028726.html


To generate a diff of this commit:
cvs rdiff -u -r1.66.4.1 -r1.66.4.2 src/sys/kern/kern_rwlock.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/kern/kern_rwlock.c
diff -u src/sys/kern/kern_rwlock.c:1.66.4.1 src/sys/kern/kern_rwlock.c:1.66.4.2
--- src/sys/kern/kern_rwlock.c:1.66.4.1	Mon Jul 31 14:38:25 2023
+++ src/sys/kern/kern_rwlock.c	Mon Jul 31 14:45:59 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_rwlock.c,v 1.66.4.1 2023/07/31 14:38:25 martin Exp $	*/
+/*	$NetBSD: kern_rwlock.c,v 1.66.4.2 2023/07/31 14:45:59 martin Exp $	*/
 
 /*-
  * Copyright (c) 2002, 2006, 2007, 2008, 2009, 2019, 2020
@@ -45,7 +45,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: kern_rwlock.c,v 1.66.4.1 2023/07/31 14:38:25 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_rwlock.c,v 1.66.4.2 2023/07/31 14:45:59 martin Exp $");
 
 #include "opt_lockdebug.h"
 
@@ -103,11 +103,9 @@ do { \
 #ifdef __HAVE_ATOMIC_AS_MEMBAR
 #define	RW_MEMBAR_ACQUIRE()
 #define	RW_MEMBAR_RELEASE()
-#define	RW_MEMBAR_PRODUCER()
 #else
 #define	RW_MEMBAR_ACQUIRE()		membar_acquire()
 #define	RW_MEMBAR_RELEASE()		membar_release()
-#define	RW_MEMBAR_PRODUCER()		membar_producer()
 #endif
 
 /*
@@ -613,7 +611,7 @@ rw_downgrade(krwlock_t *rw)
 	__USE(curthread);
 #endif
 
-	RW_MEMBAR_PRODUCER();
+	RW_MEMBAR_RELEASE();
 
 	for (owner = rw->rw_owner;; owner = next) {
 		/*
@@ -712,7 +710,7 @@ rw_tryupgrade(krwlock_t *rw)
 		newown = curthread | RW_WRITE_LOCKED | (owner & ~RW_THREAD);
 		next = rw_cas(rw, owner, newown);
 		if (__predict_true(next == owner)) {
-			RW_MEMBAR_PRODUCER();
+			RW_MEMBAR_ACQUIRE();
 			break;
 		}
 		RW_ASSERT(rw, (next & RW_WRITE_LOCKED) == 0);



CVS commit: [netbsd-10] src/sys/kern

2023-07-31 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Mon Jul 31 14:45:59 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: kern_rwlock.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #266):

sys/kern/kern_rwlock.c: revision 1.68

rwlock(9): Fix membars.

rw_downgrade must be a release operation, and rw_tryupgrade must be
an acquire operation.  membar_producer is not enough -- need to use
membar_release and membar_acquire.

Discussed on tech-kern:
https://mail-index.netbsd.org/tech-kern/2023/02/22/msg028726.html


To generate a diff of this commit:
cvs rdiff -u -r1.66.4.1 -r1.66.4.2 src/sys/kern/kern_rwlock.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: [netbsd-10] src/sys/kern

2023-07-31 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Mon Jul 31 14:38:25 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: kern_lock.c kern_mutex.c kern_rwlock.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #265):

sys/kern/kern_rwlock.c: revision 1.67
sys/kern/kern_lock.c: revision 1.182
sys/kern/kern_mutex.c: revision 1.102

Sprinkle __predict_{true,false} for panicstr checks


To generate a diff of this commit:
cvs rdiff -u -r1.181 -r1.181.2.1 src/sys/kern/kern_lock.c
cvs rdiff -u -r1.101 -r1.101.2.1 src/sys/kern/kern_mutex.c
cvs rdiff -u -r1.66 -r1.66.4.1 src/sys/kern/kern_rwlock.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: [netbsd-10] src/sys/kern

2023-07-31 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Mon Jul 31 14:38:25 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: kern_lock.c kern_mutex.c kern_rwlock.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #265):

sys/kern/kern_rwlock.c: revision 1.67
sys/kern/kern_lock.c: revision 1.182
sys/kern/kern_mutex.c: revision 1.102

Sprinkle __predict_{true,false} for panicstr checks


To generate a diff of this commit:
cvs rdiff -u -r1.181 -r1.181.2.1 src/sys/kern/kern_lock.c
cvs rdiff -u -r1.101 -r1.101.2.1 src/sys/kern/kern_mutex.c
cvs rdiff -u -r1.66 -r1.66.4.1 src/sys/kern/kern_rwlock.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/kern/kern_lock.c
diff -u src/sys/kern/kern_lock.c:1.181 src/sys/kern/kern_lock.c:1.181.2.1
--- src/sys/kern/kern_lock.c:1.181	Wed Oct 26 23:28:18 2022
+++ src/sys/kern/kern_lock.c	Mon Jul 31 14:38:25 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_lock.c,v 1.181 2022/10/26 23:28:18 riastradh Exp $	*/
+/*	$NetBSD: kern_lock.c,v 1.181.2.1 2023/07/31 14:38:25 martin Exp $	*/
 
 /*-
  * Copyright (c) 2002, 2006, 2007, 2008, 2009, 2020 The NetBSD Foundation, Inc.
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: kern_lock.c,v 1.181 2022/10/26 23:28:18 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_lock.c,v 1.181.2.1 2023/07/31 14:38:25 martin Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_lockdebug.h"
@@ -71,7 +71,7 @@ assert_sleepable(void)
 	uint64_t pctr;
 	bool idle;
 
-	if (panicstr != NULL) {
+	if (__predict_false(panicstr != NULL)) {
 		return;
 	}
 

Index: src/sys/kern/kern_mutex.c
diff -u src/sys/kern/kern_mutex.c:1.101 src/sys/kern/kern_mutex.c:1.101.2.1
--- src/sys/kern/kern_mutex.c:1.101	Mon Dec  5 07:09:04 2022
+++ src/sys/kern/kern_mutex.c	Mon Jul 31 14:38:25 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_mutex.c,v 1.101 2022/12/05 07:09:04 skrll Exp $	*/
+/*	$NetBSD: kern_mutex.c,v 1.101.2.1 2023/07/31 14:38:25 martin Exp $	*/
 
 /*-
  * Copyright (c) 2002, 2006, 2007, 2008, 2019 The NetBSD Foundation, Inc.
@@ -40,7 +40,7 @@
 #define	__MUTEX_PRIVATE
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: kern_mutex.c,v 1.101 2022/12/05 07:09:04 skrll Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_mutex.c,v 1.101.2.1 2023/07/31 14:38:25 martin Exp $");
 
 #include 
 #include 
@@ -516,7 +516,7 @@ mutex_vector_enter(kmutex_t *mtx)
 	MUTEX_ASSERT(mtx, !cpu_intr_p());
 	MUTEX_WANTLOCK(mtx);
 
-	if (panicstr == NULL) {
+	if (__predict_true(panicstr == NULL)) {
 		KDASSERT(pserialize_not_in_read_section());
 		LOCKDEBUG_BARRIER(_lock, 1);
 	}

Index: src/sys/kern/kern_rwlock.c
diff -u src/sys/kern/kern_rwlock.c:1.66 src/sys/kern/kern_rwlock.c:1.66.4.1
--- src/sys/kern/kern_rwlock.c:1.66	Sat Apr  9 23:46:19 2022
+++ src/sys/kern/kern_rwlock.c	Mon Jul 31 14:38:25 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_rwlock.c,v 1.66 2022/04/09 23:46:19 riastradh Exp $	*/
+/*	$NetBSD: kern_rwlock.c,v 1.66.4.1 2023/07/31 14:38:25 martin Exp $	*/
 
 /*-
  * Copyright (c) 2002, 2006, 2007, 2008, 2009, 2019, 2020
@@ -45,7 +45,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: kern_rwlock.c,v 1.66 2022/04/09 23:46:19 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_rwlock.c,v 1.66.4.1 2023/07/31 14:38:25 martin Exp $");
 
 #include "opt_lockdebug.h"
 
@@ -197,7 +197,7 @@ static void __noinline
 rw_abort(const char *func, size_t line, krwlock_t *rw, const char *msg)
 {
 
-	if (panicstr != NULL)
+	if (__predict_false(panicstr != NULL))
 		return;
 
 	LOCKDEBUG_ABORT(func, line, rw, _lockops, msg);
@@ -304,7 +304,7 @@ rw_vector_enter(krwlock_t *rw, const krw
 	RW_ASSERT(rw, curthread != 0);
 	RW_WANTLOCK(rw, op);
 
-	if (panicstr == NULL) {
+	if (__predict_true(panicstr == NULL)) {
 		KDASSERT(pserialize_not_in_read_section());
 		LOCKDEBUG_BARRIER(_lock, 1);
 	}



CVS commit: [netbsd-10] src/sys/kern

2023-07-30 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Sun Jul 30 12:09:51 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: kern_descrip.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #262):

sys/kern/kern_descrip.c: revision 1.252
sys/kern/kern_descrip.c: revision 1.253
sys/kern/kern_descrip.c: revision 1.254

kern_descrip.c: Fix membars around reference count decrement.

In general, the `last one out hit the lights' style of reference
counting (as opposed to the `whoever's destroying must wait for
pending users to finish' style) requires memory barriers like so:
... usage of resources associated with object ...
membar_release();
if (atomic_dec_uint_nv(>refcnt) != 0)
return;
membar_acquire();
... freeing of resources associated with object ...

This way, all usage happens-before all freeing.  This fixes several
errors:
- fd_close failed to ensure whatever its caller did would
  happen-before the freeing, in the case where another thread is
  concurrently trying to close the fd (ff->ff_file == NULL).
  Fix: Add membar_release before atomic_dec_uint(>ff_refcnt) in
  that branch.
- fd_close failed to ensure all loads its caller had issued will have
  happened-before the freeing, in the case where the fd is still in
  use by another thread (fdp->fd_refcnt > 1 and ff->ff_refcnt-- > 0).
  Fix: Change membar_producer to membar_release before
  atomic_dec_uint(>ff_refcnt).
- fd_close failed to ensure that any usage of fp by other callers
  would happen-before any freeing it does.
  Fix: Add membar_acquire after atomic_dec_uint_nv(>ff_refcnt).
- fd_free failed to ensure that any usage of fdp by other callers
  would happen-before any freeing it does.
  Fix: Add membar_acquire after atomic_dec_uint_nv(>fd_refcnt).

While here, change membar_exit -> membar_release.  No semantic
change, just updating away from the legacy API.

kern_descrip.c: Use atomic_store_relaxed/release for ff->ff_file.
1. atomic_store_relaxed in fd_close avoids the appearance of race in
   sanitizers (minor bug).
2. atomic_store_release in fd_affix is necessary because the lock
   activity was not, in fact, enough to guarantee ordering (real bug
   some architectures like aarch64).
   The premise appears to have been that the mutex_enter/exit earlier
   in fd_affix is enough to guarantee that initialization of fp (A)
   happens before use of fp by a user once fp is published (B):
fp->f_... = ...;// A
/* fd_affix */
mutex_enter(>f_lock);
fp->f_count++;
mutex_exit(>f_lock);
...
ff->ff_file = fp;   // B
   But actually mutex_enter/exit allow the following reordering by
   the CPU:
mutex_enter(>f_lock);
ff->ff_file = fp;   // B
fp->f_count++;
fp->f_... = ...;// A
mutex_exit(>f_lock);
   The only constraints they imply are:
1. fp->f_count++ and B cannot precede mutex_enter
2. mutex_exit cannot precede A and fp->f_count++
   They imply no constraint on the relative ordering of A, B, and
   fp->f_count++ amongst each other, however.
   This affects any architecture that has a native load-acquire or
   store-release operation in mutex_enter/exit, like aarch64, instead
   of explicit load-before-load/store and load/store-before-store
   barrier.

No need for atomic_store_* in fd_copy or fd_free because we have
exclusive access to ff as is.

kern_descrip.c: Change membar_enter to membar_acquire in fd_getfile.
membar_acquire is cheaper on many CPUs, and unlikely to be costlier
on any CPUs, than the legacy membar_enter.
Add a long comment explaining the interaction between fd_getfile and
fd_close and why membar_acquire is safe.


To generate a diff of this commit:
cvs rdiff -u -r1.251 -r1.251.10.1 src/sys/kern/kern_descrip.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/kern/kern_descrip.c
diff -u src/sys/kern/kern_descrip.c:1.251 src/sys/kern/kern_descrip.c:1.251.10.1
--- src/sys/kern/kern_descrip.c:1.251	Tue Jun 29 22:40:53 2021
+++ src/sys/kern/kern_descrip.c	Sun Jul 30 12:09:51 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_descrip.c,v 1.251 2021/06/29 22:40:53 dholland Exp $	*/
+/*	$NetBSD: kern_descrip.c,v 1.251.10.1 2023/07/30 12:09:51 martin Exp $	*/
 
 /*-
  * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc.
@@ -70,7 +70,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: kern_descrip.c,v 1.251 2021/06/29 22:40:53 dholland Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_descrip.c,v 1.251.10.1 2023/07/30 12:09:51 martin Exp $");
 
 #include 
 #include 
@@ -392,10 +392,45 @@ fd_getfile(unsigned fd)
 		 * Multi threaded: issue a memory barrier to ensure that we
 		 * acquire the file pointer _after_ adding a reference.  If
 		 * no memory barrier, we could fetch a stale 

CVS commit: [netbsd-10] src/sys/kern

2023-07-30 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Sun Jul 30 12:09:51 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: kern_descrip.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #262):

sys/kern/kern_descrip.c: revision 1.252
sys/kern/kern_descrip.c: revision 1.253
sys/kern/kern_descrip.c: revision 1.254

kern_descrip.c: Fix membars around reference count decrement.

In general, the `last one out hit the lights' style of reference
counting (as opposed to the `whoever's destroying must wait for
pending users to finish' style) requires memory barriers like so:
... usage of resources associated with object ...
membar_release();
if (atomic_dec_uint_nv(>refcnt) != 0)
return;
membar_acquire();
... freeing of resources associated with object ...

This way, all usage happens-before all freeing.  This fixes several
errors:
- fd_close failed to ensure whatever its caller did would
  happen-before the freeing, in the case where another thread is
  concurrently trying to close the fd (ff->ff_file == NULL).
  Fix: Add membar_release before atomic_dec_uint(>ff_refcnt) in
  that branch.
- fd_close failed to ensure all loads its caller had issued will have
  happened-before the freeing, in the case where the fd is still in
  use by another thread (fdp->fd_refcnt > 1 and ff->ff_refcnt-- > 0).
  Fix: Change membar_producer to membar_release before
  atomic_dec_uint(>ff_refcnt).
- fd_close failed to ensure that any usage of fp by other callers
  would happen-before any freeing it does.
  Fix: Add membar_acquire after atomic_dec_uint_nv(>ff_refcnt).
- fd_free failed to ensure that any usage of fdp by other callers
  would happen-before any freeing it does.
  Fix: Add membar_acquire after atomic_dec_uint_nv(>fd_refcnt).

While here, change membar_exit -> membar_release.  No semantic
change, just updating away from the legacy API.

kern_descrip.c: Use atomic_store_relaxed/release for ff->ff_file.
1. atomic_store_relaxed in fd_close avoids the appearance of race in
   sanitizers (minor bug).
2. atomic_store_release in fd_affix is necessary because the lock
   activity was not, in fact, enough to guarantee ordering (real bug
   some architectures like aarch64).
   The premise appears to have been that the mutex_enter/exit earlier
   in fd_affix is enough to guarantee that initialization of fp (A)
   happens before use of fp by a user once fp is published (B):
fp->f_... = ...;// A
/* fd_affix */
mutex_enter(>f_lock);
fp->f_count++;
mutex_exit(>f_lock);
...
ff->ff_file = fp;   // B
   But actually mutex_enter/exit allow the following reordering by
   the CPU:
mutex_enter(>f_lock);
ff->ff_file = fp;   // B
fp->f_count++;
fp->f_... = ...;// A
mutex_exit(>f_lock);
   The only constraints they imply are:
1. fp->f_count++ and B cannot precede mutex_enter
2. mutex_exit cannot precede A and fp->f_count++
   They imply no constraint on the relative ordering of A, B, and
   fp->f_count++ amongst each other, however.
   This affects any architecture that has a native load-acquire or
   store-release operation in mutex_enter/exit, like aarch64, instead
   of explicit load-before-load/store and load/store-before-store
   barrier.

No need for atomic_store_* in fd_copy or fd_free because we have
exclusive access to ff as is.

kern_descrip.c: Change membar_enter to membar_acquire in fd_getfile.
membar_acquire is cheaper on many CPUs, and unlikely to be costlier
on any CPUs, than the legacy membar_enter.
Add a long comment explaining the interaction between fd_getfile and
fd_close and why membar_acquire is safe.


To generate a diff of this commit:
cvs rdiff -u -r1.251 -r1.251.10.1 src/sys/kern/kern_descrip.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: [netbsd-10] src/sys/kern

2023-07-30 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Sun Jul 30 12:04:22 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: subr_autoconf.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #260):

sys/kern/subr_autoconf.c: revision 1.314

autoconf(9): Print `waiting for devices' normally once a minute.


To generate a diff of this commit:
cvs rdiff -u -r1.306 -r1.306.4.1 src/sys/kern/subr_autoconf.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: [netbsd-10] src/sys/kern

2023-07-30 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Sun Jul 30 12:04:22 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: subr_autoconf.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #260):

sys/kern/subr_autoconf.c: revision 1.314

autoconf(9): Print `waiting for devices' normally once a minute.


To generate a diff of this commit:
cvs rdiff -u -r1.306 -r1.306.4.1 src/sys/kern/subr_autoconf.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/kern/subr_autoconf.c
diff -u src/sys/kern/subr_autoconf.c:1.306 src/sys/kern/subr_autoconf.c:1.306.4.1
--- src/sys/kern/subr_autoconf.c:1.306	Tue Sep 13 09:43:33 2022
+++ src/sys/kern/subr_autoconf.c	Sun Jul 30 12:04:22 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: subr_autoconf.c,v 1.306 2022/09/13 09:43:33 riastradh Exp $ */
+/* $NetBSD: subr_autoconf.c,v 1.306.4.1 2023/07/30 12:04:22 martin Exp $ */
 
 /*
  * Copyright (c) 1996, 2000 Christopher G. Demetriou
@@ -77,7 +77,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: subr_autoconf.c,v 1.306 2022/09/13 09:43:33 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: subr_autoconf.c,v 1.306.4.1 2023/07/30 12:04:22 martin Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_ddb.h"
@@ -2539,6 +2539,7 @@ config_finalize(void)
 	struct finalize_hook *f;
 	struct pdevinit *pdev;
 	extern struct pdevinit pdevinit[];
+	unsigned t0 = getticks();
 	int errcnt, rv;
 
 	/*
@@ -2547,17 +2548,27 @@ config_finalize(void)
 	 */
 	mutex_enter(_misc_lock);
 	while (!TAILQ_EMPTY(_pending)) {
-		device_t dev;
-		int error;
+		const unsigned t1 = getticks();
 
-		error = cv_timedwait(_misc_cv, _misc_lock,
-		mstohz(1000));
-		if (error == EWOULDBLOCK) {
-			aprint_debug("waiting for devices:");
+		if (t1 - t0 >= hz) {
+			void (*pr)(const char *, ...) __printflike(1,2);
+			device_t dev;
+
+			if (t1 - t0 >= 60*hz) {
+pr = aprint_normal;
+t0 = t1;
+			} else {
+pr = aprint_debug;
+			}
+
+			(*pr)("waiting for devices:");
 			TAILQ_FOREACH(dev, _pending, dv_pending_list)
-aprint_debug(" %s", device_xname(dev));
-			aprint_debug("\n");
+(*pr)(" %s", device_xname(dev));
+			(*pr)("\n");
 		}
+
+		(void)cv_timedwait(_misc_cv, _misc_lock,
+		mstohz(1000));
 	}
 	mutex_exit(_misc_lock);
 



CVS commit: [netbsd-10] src/sys/kern

2023-06-27 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Tue Jun 27 18:51:47 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: kern_timeout.c

Log Message:
Pull up following revision(s) (requested by pho in ticket #219):

sys/kern/kern_timeout.c: revision 1.74
sys/kern/kern_timeout.c: revision 1.75
sys/kern/kern_timeout.c: revision 1.76

callout(9): Fix panic() in callout_destroy() (kern/57226)

The culprit was callout_halt(). "(c->c_flags & CALLOUT_FIRED) != 0" wasn't
the correct way to check if a callout is running. It failed to wait for a
running callout to finish in the following scenario:
1. cpu0 initializes a callout and schedules it.
2. cpu0 invokes callout_softlock() and fires the callout, setting the flag
CALLOUT_FIRED.
3. The callout invokes callout_schedule() to re-schedule itself.
4. callout_schedule_locked() clears the flag CALLOUT_FIRED, and releases
the lock.
5. Before the lock is re-acquired by callout_softlock(), cpu1 decides to
destroy the callout. It first invokes callout_halt() to make sure the
callout finishes running.
6. But since CALLOUT_FIRED has been cleared, callout_halt() thinks it's not
running and therefore returns without invoking callout_wait().
7. cpu1 proceeds to invoke callout_destroy() while it's still running on
cpu0. callout_destroy() detects that and panics.

callout(9): Tidy up the condition for "callout is running on another LWP"
No functional changes.

callout(9): Delete the unused member cc_cancel from struct callout_cpu
I see no reason why it should be there, and believe its a leftover from
some old code.


To generate a diff of this commit:
cvs rdiff -u -r1.73 -r1.73.2.1 src/sys/kern/kern_timeout.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/kern/kern_timeout.c
diff -u src/sys/kern/kern_timeout.c:1.73 src/sys/kern/kern_timeout.c:1.73.2.1
--- src/sys/kern/kern_timeout.c:1.73	Sat Oct 29 00:19:21 2022
+++ src/sys/kern/kern_timeout.c	Tue Jun 27 18:51:47 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_timeout.c,v 1.73 2022/10/29 00:19:21 riastradh Exp $	*/
+/*	$NetBSD: kern_timeout.c,v 1.73.2.1 2023/06/27 18:51:47 martin Exp $	*/
 
 /*-
  * Copyright (c) 2003, 2006, 2007, 2008, 2009, 2019 The NetBSD Foundation, Inc.
@@ -59,7 +59,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: kern_timeout.c,v 1.73 2022/10/29 00:19:21 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_timeout.c,v 1.73.2.1 2023/06/27 18:51:47 martin Exp $");
 
 /*
  * Timeouts are kept in a hierarchical timing wheel.  The c_time is the
@@ -174,7 +174,6 @@ struct callout_cpu {
 	u_int		cc_ticks;
 	lwp_t		*cc_lwp;
 	callout_impl_t	*cc_active;
-	callout_impl_t	*cc_cancel;
 	struct evcnt	cc_ev_late;
 	struct evcnt	cc_ev_block;
 	struct callout_circq cc_todo;		/* Worklist */
@@ -263,6 +262,17 @@ callout_lock(callout_impl_t *c)
 }
 
 /*
+ * Check if the callout is currently running on an LWP that isn't curlwp.
+ */
+static inline bool
+callout_running_somewhere_else(callout_impl_t *c, struct callout_cpu *cc)
+{
+	KASSERT(c->c_cpu == cc);
+
+	return cc->cc_active == c && cc->cc_lwp != curlwp;
+}
+
+/*
  * callout_startup:
  *
  *	Initialize the callout facility, called at system startup time.
@@ -378,7 +388,7 @@ callout_destroy(callout_t *cs)
 	KASSERTMSG((c->c_flags & CALLOUT_PENDING) == 0,
 	"pending callout %p: c_func (%p) c_flags (%#x) destroyed from %p",
 	c, c->c_func, c->c_flags, __builtin_return_address(0));
-	KASSERTMSG(c->c_cpu->cc_lwp == curlwp || c->c_cpu->cc_active != c,
+	KASSERTMSG(!callout_running_somewhere_else(c, c->c_cpu),
 	"running callout %p: c_func (%p) c_flags (%#x) destroyed from %p",
 	c, c->c_func, c->c_flags, __builtin_return_address(0));
 	c->c_magic = 0;
@@ -496,7 +506,6 @@ bool
 callout_stop(callout_t *cs)
 {
 	callout_impl_t *c = (callout_impl_t *)cs;
-	struct callout_cpu *cc;
 	kmutex_t *lock;
 	bool expired;
 
@@ -509,16 +518,6 @@ callout_stop(callout_t *cs)
 	expired = ((c->c_flags & CALLOUT_FIRED) != 0);
 	c->c_flags &= ~(CALLOUT_PENDING|CALLOUT_FIRED);
 
-	cc = c->c_cpu;
-	if (cc->cc_active == c) {
-		/*
-		 * This is for non-MPSAFE callouts only.  To synchronize
-		 * effectively we must be called with kernel_lock held.
-		 * It's also taken in callout_softclock.
-		 */
-		cc->cc_cancel = c;
-	}
-
 	SDT_PROBE5(sdt, kernel, callout, stop,
 	c, c->c_func, c->c_arg, c->c_flags, expired);
 
@@ -542,7 +541,6 @@ callout_halt(callout_t *cs, void *interl
 {
 	callout_impl_t *c = (callout_impl_t *)cs;
 	kmutex_t *lock;
-	int flags;
 
 	KASSERT(c->c_magic == CALLOUT_MAGIC);
 	KASSERT(!cpu_intr_p());
@@ -552,11 +550,10 @@ callout_halt(callout_t *cs, void *interl
 	lock = callout_lock(c);
 	SDT_PROBE4(sdt, kernel, callout, halt,
 	c, c->c_func, c->c_arg, c->c_flags);
-	flags = c->c_flags;
-	if ((flags & CALLOUT_PENDING) != 0)
+	if ((c->c_flags & CALLOUT_PENDING) != 0)
 		CIRCQ_REMOVE(>c_list);
-	

CVS commit: [netbsd-10] src/sys/kern

2023-06-27 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Tue Jun 27 18:51:47 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: kern_timeout.c

Log Message:
Pull up following revision(s) (requested by pho in ticket #219):

sys/kern/kern_timeout.c: revision 1.74
sys/kern/kern_timeout.c: revision 1.75
sys/kern/kern_timeout.c: revision 1.76

callout(9): Fix panic() in callout_destroy() (kern/57226)

The culprit was callout_halt(). "(c->c_flags & CALLOUT_FIRED) != 0" wasn't
the correct way to check if a callout is running. It failed to wait for a
running callout to finish in the following scenario:
1. cpu0 initializes a callout and schedules it.
2. cpu0 invokes callout_softlock() and fires the callout, setting the flag
CALLOUT_FIRED.
3. The callout invokes callout_schedule() to re-schedule itself.
4. callout_schedule_locked() clears the flag CALLOUT_FIRED, and releases
the lock.
5. Before the lock is re-acquired by callout_softlock(), cpu1 decides to
destroy the callout. It first invokes callout_halt() to make sure the
callout finishes running.
6. But since CALLOUT_FIRED has been cleared, callout_halt() thinks it's not
running and therefore returns without invoking callout_wait().
7. cpu1 proceeds to invoke callout_destroy() while it's still running on
cpu0. callout_destroy() detects that and panics.

callout(9): Tidy up the condition for "callout is running on another LWP"
No functional changes.

callout(9): Delete the unused member cc_cancel from struct callout_cpu
I see no reason why it should be there, and believe its a leftover from
some old code.


To generate a diff of this commit:
cvs rdiff -u -r1.73 -r1.73.2.1 src/sys/kern/kern_timeout.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: [netbsd-10] src/sys/kern

2023-03-30 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Thu Mar 30 11:41:07 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: vfs_xattr.c

Log Message:
Pull up following revision(s) (requested by bouyer in ticket #129):

sys/kern/vfs_xattr.c: revision 1.39

extattr_set_vp(): properly handle XATTR_REPLACE flags, FFSv2ea will return
ENOATTR, not ENODATA if the attribute is missing.

Makes glusterfs 10 run on a FFSv2ea file system.


To generate a diff of this commit:
cvs rdiff -u -r1.38 -r1.38.2.1 src/sys/kern/vfs_xattr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: [netbsd-10] src/sys/kern

2023-03-30 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Thu Mar 30 11:41:07 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: vfs_xattr.c

Log Message:
Pull up following revision(s) (requested by bouyer in ticket #129):

sys/kern/vfs_xattr.c: revision 1.39

extattr_set_vp(): properly handle XATTR_REPLACE flags, FFSv2ea will return
ENOATTR, not ENODATA if the attribute is missing.

Makes glusterfs 10 run on a FFSv2ea file system.


To generate a diff of this commit:
cvs rdiff -u -r1.38 -r1.38.2.1 src/sys/kern/vfs_xattr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/kern/vfs_xattr.c
diff -u src/sys/kern/vfs_xattr.c:1.38 src/sys/kern/vfs_xattr.c:1.38.2.1
--- src/sys/kern/vfs_xattr.c:1.38	Tue Oct 25 23:22:36 2022
+++ src/sys/kern/vfs_xattr.c	Thu Mar 30 11:41:07 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: vfs_xattr.c,v 1.38 2022/10/25 23:22:36 riastradh Exp $	*/
+/*	$NetBSD: vfs_xattr.c,v 1.38.2.1 2023/03/30 11:41:07 martin Exp $	*/
 
 /*-
  * Copyright (c) 2005, 2008 The NetBSD Foundation, Inc.
@@ -68,7 +68,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: vfs_xattr.c,v 1.38 2022/10/25 23:22:36 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: vfs_xattr.c,v 1.38.2.1 2023/03/30 11:41:07 martin Exp $");
 
 #include 
 #include 
@@ -231,6 +231,7 @@ extattr_set_vp(struct vnode *vp, int att
 
 		switch (error) {
 		case ENODATA:
+		case ENOATTR:
 			if (flag & XATTR_REPLACE)
 goto done;
 			break;



CVS commit: [netbsd-10] src/sys/kern

2023-03-07 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Tue Mar  7 19:56:45 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: vfs_syscalls.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #115):

sys/kern/vfs_syscalls.c: revision 1.557

open(2): Don't map ERESTART to EINTR.

If a file or device's open function returns ERESTART, respect that --
restart the syscall; don't pretend a signal has been delivered when
it was not.  If an SA_RESTART signal was delivered, POSIX does not
allow it to fail with EINTR:

SA_RESTART
This flag affects the behavior of interruptible functions;
that is, those specified to fail with errno set to [EINTR].
If set, and a function specified as interruptible is
interrupted by this signal, the function shall restart and
shall not fail with [EINTR] unless otherwise specified.  If
an interruptible function which uses a timeout is restarted,
the duration of the timeout following the restart is set to
an unspecified value that does not exceed the original
timeout value.  If the flag is not set, interruptible
functions interrupted by this signal shall fail with errno
set to [EINTR].

https://pubs.opengroup.org/onlinepubs/9699919799/functions/sigaction.html

Nothing in the POSIX definition of open specifies otherwise.

In 1990, Kirk McKusick added these lines with a mysterious commit
message:
Author: Kirk McKusick 
Date:   Tue Apr 10 19:36:33 1990 -0800
eliminate longjmp from the kernel (for karels)
diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c
index 7bc7b39bbf..d572d3a32d 100644
--- a/sys/kern/vfs_syscalls.c
+++ b/sys/kern/vfs_syscalls.c
@@ -14,7 +14,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- * @(#)vfs_syscalls.c  7.42 (Berkeley) 3/26/90
+ * @(#)vfs_syscalls.c  7.43 (Berkeley) 4/10/90
  */
 #include "param.h"
@@ -530,8 +530,10 @@ copen(scp, fmode, cmode, ndp, resultfd)
if (error = vn_open(ndp, fmode, (cmode & 0) &~ S_ISVTX)) {
crfree(fp->f_cred);
fp->f_count--;
-   if (error == -1)/* XXX from fdopen */
-   return (0); /* XXX from fdopen */
+   if (error == EJUSTRETURN)   /* XXX from fdopen */
+   return (0); /* XXX from fdopen */
+   if (error == ERESTART)
+   error = EINTR;
scp->sc_ofile[indx] = NULL;
return (error);
}

(found via this git import of the CSRG history:
https://github.com/robohack/ucb-csrg-bsd/commit/cce2869b7ae5d360921eb411005b328a29c4a3fe

This change appears to have served two related purposes:
1. The fdopen function (the erstwhile open routine for /dev/fd/N)
   used to return -1 as a hack to mean it had just duplicated the fd;
   it was recently changed by Mike Karels, in kern_descrip.c 7.9, to
   return EJUSTRETURN, now defined to be -2, presumably to avoid a
   conflict with ERESTART, defined to be -1.  So this change finished
   part of the change by Mike Karels to use a different magic return
   code from fdopen.
   Of course, today we use still another disgusting hack, EDUPFD, for
   the same purpose, so none of this is relevant any more.
2. Prior to April 1990, the kernel handled signals during tsleep(9)
   by longjmping out to the system call entry point or similar.  In
   April 1990, Mike Karels worked to convert all of that into
   explicit unwind logic by passing through EINTR or ERESTART as
   appropriate, instead of setjmp at each entry point.

However, it's not clear to me why this setjmp/longjmp and
fdopen/-1/EJUSTRETURN renovation justifies unconditional logic to map
ERESTART to EINTR in open(2).  I suspect it was a mistake.

In 2013, the corresponding logic to map ERESTART to EINTR in open(2)
was removed from FreeBSD:

   r246472 | kib | 2013-02-07 14:53:33 + (Thu, 07 Feb 2013) | 11 lines
   Stop translating the ERESTART error from the open(2) into EINTR.
   Posix requires that open(2) is restartable for SA_RESTART.
   For non-posix objects, in particular, devfs nodes, still disable
   automatic restart of the opens. The open call to a driver could have
   significant side effects for the hardware.
   Noted and reviewed by:  jilles
   Discussed with: bde
   MFC after:  2 weeks

Index: vfs_syscalls.c
===
--- vfs_syscalls.c  (revision 246471)
+++ vfs_syscalls.c  (revision 246472)
@@ -1106,8 +1106,6 @@
goto success;
}
-   if (error == ERESTART)
-   error = EINTR;
goto bad;
}
td->td_dupfd = 0;


CVS commit: [netbsd-10] src/sys/kern

2023-03-07 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Tue Mar  7 19:56:45 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: vfs_syscalls.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #115):

sys/kern/vfs_syscalls.c: revision 1.557

open(2): Don't map ERESTART to EINTR.

If a file or device's open function returns ERESTART, respect that --
restart the syscall; don't pretend a signal has been delivered when
it was not.  If an SA_RESTART signal was delivered, POSIX does not
allow it to fail with EINTR:

SA_RESTART
This flag affects the behavior of interruptible functions;
that is, those specified to fail with errno set to [EINTR].
If set, and a function specified as interruptible is
interrupted by this signal, the function shall restart and
shall not fail with [EINTR] unless otherwise specified.  If
an interruptible function which uses a timeout is restarted,
the duration of the timeout following the restart is set to
an unspecified value that does not exceed the original
timeout value.  If the flag is not set, interruptible
functions interrupted by this signal shall fail with errno
set to [EINTR].

https://pubs.opengroup.org/onlinepubs/9699919799/functions/sigaction.html

Nothing in the POSIX definition of open specifies otherwise.

In 1990, Kirk McKusick added these lines with a mysterious commit
message:
Author: Kirk McKusick 
Date:   Tue Apr 10 19:36:33 1990 -0800
eliminate longjmp from the kernel (for karels)
diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c
index 7bc7b39bbf..d572d3a32d 100644
--- a/sys/kern/vfs_syscalls.c
+++ b/sys/kern/vfs_syscalls.c
@@ -14,7 +14,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- * @(#)vfs_syscalls.c  7.42 (Berkeley) 3/26/90
+ * @(#)vfs_syscalls.c  7.43 (Berkeley) 4/10/90
  */
 #include "param.h"
@@ -530,8 +530,10 @@ copen(scp, fmode, cmode, ndp, resultfd)
if (error = vn_open(ndp, fmode, (cmode & 0) &~ S_ISVTX)) {
crfree(fp->f_cred);
fp->f_count--;
-   if (error == -1)/* XXX from fdopen */
-   return (0); /* XXX from fdopen */
+   if (error == EJUSTRETURN)   /* XXX from fdopen */
+   return (0); /* XXX from fdopen */
+   if (error == ERESTART)
+   error = EINTR;
scp->sc_ofile[indx] = NULL;
return (error);
}

(found via this git import of the CSRG history:
https://github.com/robohack/ucb-csrg-bsd/commit/cce2869b7ae5d360921eb411005b328a29c4a3fe

This change appears to have served two related purposes:
1. The fdopen function (the erstwhile open routine for /dev/fd/N)
   used to return -1 as a hack to mean it had just duplicated the fd;
   it was recently changed by Mike Karels, in kern_descrip.c 7.9, to
   return EJUSTRETURN, now defined to be -2, presumably to avoid a
   conflict with ERESTART, defined to be -1.  So this change finished
   part of the change by Mike Karels to use a different magic return
   code from fdopen.
   Of course, today we use still another disgusting hack, EDUPFD, for
   the same purpose, so none of this is relevant any more.
2. Prior to April 1990, the kernel handled signals during tsleep(9)
   by longjmping out to the system call entry point or similar.  In
   April 1990, Mike Karels worked to convert all of that into
   explicit unwind logic by passing through EINTR or ERESTART as
   appropriate, instead of setjmp at each entry point.

However, it's not clear to me why this setjmp/longjmp and
fdopen/-1/EJUSTRETURN renovation justifies unconditional logic to map
ERESTART to EINTR in open(2).  I suspect it was a mistake.

In 2013, the corresponding logic to map ERESTART to EINTR in open(2)
was removed from FreeBSD:

   r246472 | kib | 2013-02-07 14:53:33 + (Thu, 07 Feb 2013) | 11 lines
   Stop translating the ERESTART error from the open(2) into EINTR.
   Posix requires that open(2) is restartable for SA_RESTART.
   For non-posix objects, in particular, devfs nodes, still disable
   automatic restart of the opens. The open call to a driver could have
   significant side effects for the hardware.
   Noted and reviewed by:  jilles
   Discussed with: bde
   MFC after:  2 weeks

Index: vfs_syscalls.c
===
--- vfs_syscalls.c  (revision 246471)
+++ vfs_syscalls.c  (revision 246472)
@@ -1106,8 +1106,6 @@
goto success;
}
-   if (error == ERESTART)
-   error = EINTR;
goto bad;
}
td->td_dupfd = 0;


CVS commit: [netbsd-10] src/sys/kern

2023-02-24 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Fri Feb 24 14:12:51 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: kern_ksyms.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #107):

sys/kern/kern_ksyms.c: revision 1.108

ksyms(4): Reject negative offsets earlier in lseek.

Avoid arithmetic overflow.


To generate a diff of this commit:
cvs rdiff -u -r1.107 -r1.107.4.1 src/sys/kern/kern_ksyms.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/kern/kern_ksyms.c
diff -u src/sys/kern/kern_ksyms.c:1.107 src/sys/kern/kern_ksyms.c:1.107.4.1
--- src/sys/kern/kern_ksyms.c:1.107	Fri Jul 15 06:40:24 2022
+++ src/sys/kern/kern_ksyms.c	Fri Feb 24 14:12:51 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_ksyms.c,v 1.107 2022/07/15 06:40:24 mrg Exp $	*/
+/*	$NetBSD: kern_ksyms.c,v 1.107.4.1 2023/02/24 14:12:51 martin Exp $	*/
 
 /*-
  * Copyright (c) 2008 The NetBSD Foundation, Inc.
@@ -73,7 +73,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: kern_ksyms.c,v 1.107 2022/07/15 06:40:24 mrg Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_ksyms.c,v 1.107.4.1 2023/02/24 14:12:51 martin Exp $");
 
 #if defined(_KERNEL) && defined(_KERNEL_OPT)
 #include "opt_copy_symtab.h"
@@ -1417,6 +1417,7 @@ ksymsmmap(struct file *fp, off_t *offp, 
 static int
 ksymsseek(struct file *fp, off_t delta, int whence, off_t *newoffp, int flags)
 {
+	const off_t OFF_MAX = __type_max(off_t);
 	struct ksyms_snapshot *ks = fp->f_data;
 	off_t base, newoff;
 	int error;
@@ -1438,13 +1439,15 @@ ksymsseek(struct file *fp, off_t delta, 
 		goto out;
 	}
 
-	/* Compute the new offset and validate it.  */
-	newoff = base + delta;	/* XXX arithmetic overflow */
-	if (newoff < 0) {
+	/* Check for arithmetic overflow and reject negative offsets.  */
+	if (base < 0 || delta > OFF_MAX - base || base + delta < 0) {
 		error = EINVAL;
 		goto out;
 	}
 
+	/* Compute the new offset.  */
+	newoff = base + delta;
+
 	/* Success!  */
 	if (newoffp)
 		*newoffp = newoff;



CVS commit: [netbsd-10] src/sys/kern

2023-02-24 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Fri Feb 24 14:12:51 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: kern_ksyms.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #107):

sys/kern/kern_ksyms.c: revision 1.108

ksyms(4): Reject negative offsets earlier in lseek.

Avoid arithmetic overflow.


To generate a diff of this commit:
cvs rdiff -u -r1.107 -r1.107.4.1 src/sys/kern/kern_ksyms.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: [netbsd-10] src/sys/kern

2023-02-22 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Wed Feb 22 19:54:30 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: kern_time.c

Log Message:
Pull up following revision(s) (requested by thorpej in ticket #101):

sys/kern/kern_time.c: revision 1.219

In itimer_arm_real(), KASSERT that it->it_dying is false.  This was
already implicitly assumed, but make it explicit in hopes of tracking
down kern/57226.


To generate a diff of this commit:
cvs rdiff -u -r1.218 -r1.218.2.1 src/sys/kern/kern_time.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: [netbsd-10] src/sys/kern

2023-02-22 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Wed Feb 22 19:54:30 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: kern_time.c

Log Message:
Pull up following revision(s) (requested by thorpej in ticket #101):

sys/kern/kern_time.c: revision 1.219

In itimer_arm_real(), KASSERT that it->it_dying is false.  This was
already implicitly assumed, but make it explicit in hopes of tracking
down kern/57226.


To generate a diff of this commit:
cvs rdiff -u -r1.218 -r1.218.2.1 src/sys/kern/kern_time.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/kern/kern_time.c
diff -u src/sys/kern/kern_time.c:1.218 src/sys/kern/kern_time.c:1.218.2.1
--- src/sys/kern/kern_time.c:1.218	Wed Oct 26 23:23:52 2022
+++ src/sys/kern/kern_time.c	Wed Feb 22 19:54:30 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_time.c,v 1.218 2022/10/26 23:23:52 riastradh Exp $	*/
+/*	$NetBSD: kern_time.c,v 1.218.2.1 2023/02/22 19:54:30 martin Exp $	*/
 
 /*-
  * Copyright (c) 2000, 2004, 2005, 2007, 2008, 2009, 2020
@@ -62,7 +62,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: kern_time.c,v 1.218 2022/10/26 23:23:52 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_time.c,v 1.218.2.1 2023/02/22 19:54:30 martin Exp $");
 
 #include 
 #include 
@@ -809,6 +809,8 @@ static void itimer_callout(void *);
 static void
 itimer_arm_real(struct itimer * const it)
 {
+	KASSERT(!it->it_dying);
+
 	/*
 	 * Don't need to check tshzto() return value, here.
 	 * callout_reset() does it for us.



CVS commit: [netbsd-10] src/sys/kern

2023-02-22 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Wed Feb 22 19:07:09 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: kern_module.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #100):

sys/kern/kern_module.c: revision 1.161

module(9): Make error message for multiple MODULE decls more obvious.


To generate a diff of this commit:
cvs rdiff -u -r1.160 -r1.160.2.1 src/sys/kern/kern_module.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/kern/kern_module.c
diff -u src/sys/kern/kern_module.c:1.160 src/sys/kern/kern_module.c:1.160.2.1
--- src/sys/kern/kern_module.c:1.160	Wed Oct 26 23:22:07 2022
+++ src/sys/kern/kern_module.c	Wed Feb 22 19:07:09 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_module.c,v 1.160 2022/10/26 23:22:07 riastradh Exp $	*/
+/*	$NetBSD: kern_module.c,v 1.160.2.1 2023/02/22 19:07:09 martin Exp $	*/
 
 /*-
  * Copyright (c) 2008 The NetBSD Foundation, Inc.
@@ -34,7 +34,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: kern_module.c,v 1.160 2022/10/26 23:22:07 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_module.c,v 1.160.2.1 2023/02/22 19:07:09 martin Exp $");
 
 #define _MODULE_INTERNAL
 
@@ -1632,8 +1632,16 @@ module_fetch_info(module_t *mod)
 		return error;
 	}
 	if (size != sizeof(modinfo_t **)) {
-		module_error("`link_set_modules' section wrong size "
-		"(got %zu, wanted %zu)", size, sizeof(modinfo_t **));
+		if (size > sizeof(modinfo_t **) &&
+		(size % sizeof(modinfo_t **)) == 0) {
+			module_error("`link_set_modules' section wrong size "
+			"(%zu different MODULE declarations?)",
+			size / sizeof(modinfo_t **));
+		} else {
+			module_error("`link_set_modules' section wrong size "
+			"(got %zu, wanted %zu)",
+			size, sizeof(modinfo_t **));
+		}
 		return ENOEXEC;
 	}
 	mod->mod_info = *(modinfo_t **)addr;



CVS commit: [netbsd-10] src/sys/kern

2023-02-22 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Wed Feb 22 19:07:09 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: kern_module.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #100):

sys/kern/kern_module.c: revision 1.161

module(9): Make error message for multiple MODULE decls more obvious.


To generate a diff of this commit:
cvs rdiff -u -r1.160 -r1.160.2.1 src/sys/kern/kern_module.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: [netbsd-10] src/sys/kern

2023-02-22 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Wed Feb 22 13:28:02 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: kern_subr.c

Log Message:
Pull up following revision(s) (requested by mlelstv in ticket #96):

sys/kern/kern_subr.c: revision 1.231

If a specified root device does not exist when the kernel tries to
mount the root filesystem, retry for up to ROOT_WAITTIME (20) seconds.

This helps for root on hot-plug devices like USB disks.


To generate a diff of this commit:
cvs rdiff -u -r1.230 -r1.230.4.1 src/sys/kern/kern_subr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/kern/kern_subr.c
diff -u src/sys/kern/kern_subr.c:1.230 src/sys/kern/kern_subr.c:1.230.4.1
--- src/sys/kern/kern_subr.c:1.230	Sat Mar 19 13:51:35 2022
+++ src/sys/kern/kern_subr.c	Wed Feb 22 13:28:01 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_subr.c,v 1.230 2022/03/19 13:51:35 hannken Exp $	*/
+/*	$NetBSD: kern_subr.c,v 1.230.4.1 2023/02/22 13:28:01 martin Exp $	*/
 
 /*-
  * Copyright (c) 1997, 1998, 1999, 2002, 2007, 2008 The NetBSD Foundation, Inc.
@@ -79,7 +79,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: kern_subr.c,v 1.230 2022/03/19 13:51:35 hannken Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_subr.c,v 1.230.4.1 2023/02/22 13:28:01 martin Exp $");
 
 #include "opt_ddb.h"
 #include "opt_md.h"
@@ -174,6 +174,13 @@ uint64_t booted_nblks;
 char *bootspec;
 
 /*
+ * Time to wait for a specified boot device to appear.
+ */
+#ifndef ROOT_WAITTIME
+#define ROOT_WAITTIME 20
+#endif
+
+/*
  * Use partition letters if it's a disk class but not a wedge or flash.
  * XXX Check for wedge/flash is kinda gross.
  */
@@ -185,6 +192,7 @@ char *bootspec;
 void
 setroot(device_t bootdv, int bootpartition)
 {
+	time_t waitend;
 
 	/*
 	 * Let bootcode augment "rootspec", ensure that
@@ -241,14 +249,19 @@ setroot(device_t bootdv, int bootpartiti
 	/*
 	 * loop until a root device is specified
 	 */
+	waitend = time_uptime + ROOT_WAITTIME;
 	do {
 		if (boothowto & RB_ASKNAME)
 			setroot_ask(bootdv, bootpartition);
-		else
+		else {
 			setroot_root(bootdv, bootpartition);
-
-		if (root_device == NULL)
-			boothowto |= RB_ASKNAME;
+			if (root_device == NULL) {
+if (time_uptime < waitend) {
+	kpause("root", false, hz, NULL);
+} else
+	boothowto |= RB_ASKNAME;
+			}
+		}
 	} while (root_device == NULL);
 }
 



CVS commit: [netbsd-10] src/sys/kern

2023-02-22 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Wed Feb 22 13:28:02 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: kern_subr.c

Log Message:
Pull up following revision(s) (requested by mlelstv in ticket #96):

sys/kern/kern_subr.c: revision 1.231

If a specified root device does not exist when the kernel tries to
mount the root filesystem, retry for up to ROOT_WAITTIME (20) seconds.

This helps for root on hot-plug devices like USB disks.


To generate a diff of this commit:
cvs rdiff -u -r1.230 -r1.230.4.1 src/sys/kern/kern_subr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: [netbsd-10] src/sys/kern

2023-02-14 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Tue Feb 14 16:16:30 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: subr_devsw.c

Log Message:
Pull up following revision(s) (requested by buhrow in ticket #84):

sys/kern/subr_devsw.c: revision 1.50

When a device driver calls devsw_attach() it has the option of 
attaching a block device
structure and a character device structure, or, just the character device 
structure.
With the existing code, if a driver elects not to attach a block device 
structure and if it
asks for a major number to be dynamically assigned to its character interface,
that driver will not be able to detach and reattach its character driver 
interface.  This is a very
long standing bug which didn't come to light until we began using loadable 
kernel modules more
heavily.  this patch fixes this problem.  With this patch in place, drivers 
that implement only
a character device interface may detach and reattach that character interface 
as often as they
need to.

Fixes PR kern/57229


To generate a diff of this commit:
cvs rdiff -u -r1.49 -r1.49.2.1 src/sys/kern/subr_devsw.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



CVS commit: [netbsd-10] src/sys/kern

2023-02-14 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Tue Feb 14 16:16:30 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: subr_devsw.c

Log Message:
Pull up following revision(s) (requested by buhrow in ticket #84):

sys/kern/subr_devsw.c: revision 1.50

When a device driver calls devsw_attach() it has the option of 
attaching a block device
structure and a character device structure, or, just the character device 
structure.
With the existing code, if a driver elects not to attach a block device 
structure and if it
asks for a major number to be dynamically assigned to its character interface,
that driver will not be able to detach and reattach its character driver 
interface.  This is a very
long standing bug which didn't come to light until we began using loadable 
kernel modules more
heavily.  this patch fixes this problem.  With this patch in place, drivers 
that implement only
a character device interface may detach and reattach that character interface 
as often as they
need to.

Fixes PR kern/57229


To generate a diff of this commit:
cvs rdiff -u -r1.49 -r1.49.2.1 src/sys/kern/subr_devsw.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/kern/subr_devsw.c
diff -u src/sys/kern/subr_devsw.c:1.49 src/sys/kern/subr_devsw.c:1.49.2.1
--- src/sys/kern/subr_devsw.c:1.49	Sat Oct 29 10:52:36 2022
+++ src/sys/kern/subr_devsw.c	Tue Feb 14 16:16:30 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: subr_devsw.c,v 1.49 2022/10/29 10:52:36 riastradh Exp $	*/
+/*	$NetBSD: subr_devsw.c,v 1.49.2.1 2023/02/14 16:16:30 martin Exp $	*/
 
 /*-
  * Copyright (c) 2001, 2002, 2007, 2008 The NetBSD Foundation, Inc.
@@ -69,7 +69,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: subr_devsw.c,v 1.49 2022/10/29 10:52:36 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: subr_devsw.c,v 1.49.2.1 2023/02/14 16:16:30 martin Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_dtrace.h"
@@ -397,7 +397,7 @@ devsw_attach(const char *devname,
 		if (conv->d_name == NULL || strcmp(devname, conv->d_name) != 0)
 			continue;
 
-		if (*bmajor < 0)
+		if ((bdev != NULL) && (*bmajor < 0)) 
 			*bmajor = conv->d_bmajor;
 		if (*cmajor < 0)
 			*cmajor = conv->d_cmajor;



CVS commit: [netbsd-10] src/sys/kern

2023-02-08 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Wed Feb  8 18:24:52 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: subr_prf.c

Log Message:
Pull up following revision(s) (requested by mrg in ticket #75):

sys/kern/subr_prf.c: revision 1.197
sys/kern/subr_prf.c: revision 1.198

avoid pserialize usage in early boot

there are DEBUG-only aprint_normal() calls early in eg, ksyms
setup that may happen before eg curcpu() is setup.  this is the
case in sparc64, where it sets up ksyms as early as it can so
that DDB has symbols early, which is before the curcpu() setup
is created, and thus the calls to pserialize_read_enter() and
pserialize_read_exit() attempt to access unmapped cpu_info and
due to being so early, the system faults to the prom.
simply use "cold" to determine whether to skip these pserialize
calls or not.

ok riastradh
XXX: pullup-10

fix logic-reversing tpyo in putone()


To generate a diff of this commit:
cvs rdiff -u -r1.196 -r1.196.2.1 src/sys/kern/subr_prf.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/kern/subr_prf.c
diff -u src/sys/kern/subr_prf.c:1.196 src/sys/kern/subr_prf.c:1.196.2.1
--- src/sys/kern/subr_prf.c:1.196	Mon Oct 31 09:14:18 2022
+++ src/sys/kern/subr_prf.c	Wed Feb  8 18:24:52 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: subr_prf.c,v 1.196 2022/10/31 09:14:18 simonb Exp $	*/
+/*	$NetBSD: subr_prf.c,v 1.196.2.1 2023/02/08 18:24:52 martin Exp $	*/
 
 /*-
  * Copyright (c) 1986, 1988, 1991, 1993
@@ -37,7 +37,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: subr_prf.c,v 1.196 2022/10/31 09:14:18 simonb Exp $");
+__KERNEL_RCSID(0, "$NetBSD: subr_prf.c,v 1.196.2.1 2023/02/08 18:24:52 martin Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_ddb.h"
@@ -401,6 +401,7 @@ putone(int c, int flags, struct tty *tp)
 {
 	struct tty *ctp;
 	int s;
+	bool do_ps = !cold;
 
 	ctp = NULL;	/* XXX gcc i386 -Os */
 
@@ -408,7 +409,8 @@ putone(int c, int flags, struct tty *tp)
 	 * Ensure whatever constty points to can't go away while we're
 	 * trying to use it.
 	 */
-	s = pserialize_read_enter();
+	if (__predict_true(do_ps))
+		s = pserialize_read_enter();
 
 	if (panicstr)
 		atomic_store_relaxed(, NULL);
@@ -429,7 +431,8 @@ putone(int c, int flags, struct tty *tp)
 	if ((flags & TOCONS) && ctp == NULL && c != '\0')
 		(*v_putc)(c);
 
-	pserialize_read_exit(s);
+	if (__predict_true(do_ps))
+		pserialize_read_exit(s);
 }
 
 static void



CVS commit: [netbsd-10] src/sys/kern

2023-02-08 Thread Martin Husemann
Module Name:src
Committed By:   martin
Date:   Wed Feb  8 18:24:52 UTC 2023

Modified Files:
src/sys/kern [netbsd-10]: subr_prf.c

Log Message:
Pull up following revision(s) (requested by mrg in ticket #75):

sys/kern/subr_prf.c: revision 1.197
sys/kern/subr_prf.c: revision 1.198

avoid pserialize usage in early boot

there are DEBUG-only aprint_normal() calls early in eg, ksyms
setup that may happen before eg curcpu() is setup.  this is the
case in sparc64, where it sets up ksyms as early as it can so
that DDB has symbols early, which is before the curcpu() setup
is created, and thus the calls to pserialize_read_enter() and
pserialize_read_exit() attempt to access unmapped cpu_info and
due to being so early, the system faults to the prom.
simply use "cold" to determine whether to skip these pserialize
calls or not.

ok riastradh
XXX: pullup-10

fix logic-reversing tpyo in putone()


To generate a diff of this commit:
cvs rdiff -u -r1.196 -r1.196.2.1 src/sys/kern/subr_prf.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.