#
330067 |
|
27-Feb-2018 |
avg |
MFC r328996: exec_map_first_page: fix an inverse condition introduced in r254138
|
#
321359 |
|
22-Jul-2017 |
alc |
MFC r320498 Clear the MAP_WIREFUTURE flag on the vm map in exec_new_vmspace() when it recycles the current vm space. Otherwise, an mlockall(MCL_FUTURE) could still be in effect on the process after an execve(2), which violates the specification for mlockall(2).
It's pointless for vm_map_stack() to check the MEMLOCK limit. It will never be asked to wire the stack. Moreover, it doesn't even implement wiring of the stack.
|
#
320864 |
|
10-Jul-2017 |
kib |
MFC r320619: Resolve confusion between different error code spaces.
|
#
304188 |
|
15-Aug-2016 |
jhb |
MFC 302900,302902,302921,303461,304009: Add a mask of optional ptrace() events.
302900: Add a test for user signal delivery.
This test verifies we get the correct ptrace event details when a signal is posted to a traced process from userland.
302902: Add a mask of optional ptrace() events.
ptrace() now stores a mask of optional events in p_ptevents. Currently this mask is a single integer, but it can be expanded into an array of integers in the future.
Two new ptrace requests can be used to manipulate the event mask: PT_GET_EVENT_MASK fetches the current event mask and PT_SET_EVENT_MASK sets the current event mask.
The current set of events include: - PTRACE_EXEC: trace calls to execve(). - PTRACE_SCE: trace system call entries. - PTRACE_SCX: trace syscam call exits. - PTRACE_FORK: trace forks and auto-attach to new child processes. - PTRACE_LWP: trace LWP events.
The S_PT_SCX and S_PT_SCE events in the procfs p_stops flags have been replaced by PTRACE_SCE and PTRACE_SCX. PTRACE_FORK replaces P_FOLLOW_FORK and PTRACE_LWP replaces P2_LWP_EVENTS.
The PT_FOLLOW_FORK and PT_LWP_EVENTS ptrace requests remain for compatibility but now simply toggle corresponding flags in the event mask.
While here, document that PT_SYSCALL, PT_TO_SCE, and PT_TO_SCX both modify the event mask and continue the traced process.
302921: Rename PTRACE_SYSCALL to LINUX_PTRACE_SYSCALL.
303461: Note that not all optional ptrace events use SIGTRAP.
New child processes attached due to PTRACE_FORK use SIGSTOP instead of SIGTRAP. All other ptrace events use SIGTRAP.
304009: Remove description of P_FOLLOWFORK as this flag was removed.
|
#
303607 |
|
01-Aug-2016 |
kib |
MFC r302614: Revive the check, disabled in r197963.
MFC r302999: On first exec after vfork(), call signotify() to handle pending reenabled signals.
|
#
302239 |
|
27-Jun-2016 |
bdrewery |
MFC r300793:
exec: Provide execpath in imgp for the process_exec hook.
|
#
302238 |
|
27-Jun-2016 |
bdrewery |
MFC r300792,r300851,r301580:
r300792: exec: Add credential change information into imgp for process_exec hook. r300851: exec: get rid of one vnode lock/unlock pair in do_execve r301580: Old process credentials for setuid execve must not be dereferenced when the process credentials were not changed. This can happen if an error occured trying to activate the setuid binary. And on error, if new credentials were not yet assigned, they must be freed to not create the leak.
|
#
302237 |
|
27-Jun-2016 |
bdrewery |
MFC r292384:
Fix style issues around existing SDT probes.
** Changes to sys/netinet/in_kdtrace.c and sys/netinet/in_kdtrace.h skipped.
|
#
302234 |
|
27-Jun-2016 |
bdrewery |
MFC r298819:
sys/kern: spelling fixes in comments.
|
#
302233 |
|
27-Jun-2016 |
bdrewery |
MFC r297391:
Remove some NULL checks for M_WAITOK allocations.
|
#
302232 |
|
27-Jun-2016 |
bdrewery |
MFC r285513:
exec: textvp -> oldtextvp; binvp -> newtextvp
|
#
302231 |
|
27-Jun-2016 |
bdrewery |
MFC r285512:
exec plug a redundant vref + vrele of the image vnode
|
#
302230 |
|
27-Jun-2016 |
bdrewery |
MFC r273351:
Plug unnecessary binvp NULL initialization and test.
|
#
302229 |
|
27-Jun-2016 |
bdrewery |
MFC r280130:
cred: add proc_set_cred helper
|
#
302226 |
|
27-Jun-2016 |
bdrewery |
MFC r296285:
Correct a comment.
|
#
295454 |
|
09-Feb-2016 |
jhb |
MFC 287442,287537,288944: Fix corruption of coredumps due to procstat notes changing size during coredump generation. The changes in r287442 required some reworking since the 'fo_fill_kinfo' file op does not exist in stable/10.
287442: Detect badly behaved coredump note helpers
Coredump notes depend on being able to invoke dump routines twice; once in a dry-run mode to get the size of the note, and another to actually emit the note to the corefile.
When a note helper emits a different length section the second time around than the length it requested the first time, the kernel produces a corrupt coredump.
NT_PROCSTAT_FILES output length, when packing kinfo structs, is tied to the length of filenames corresponding to vnodes in the process' fd table via vn_fullpath. As vnodes may move around during dump, this is racy.
So:
- Detect badly behaved notes in putnote() and pad underfilled notes.
- Add a fail point, debug.fail_point.fill_kinfo_vnode__random_path to exercise the NT_PROCSTAT_FILES corruption. It simply picks random lengths to expand or truncate paths to in fo_fill_kinfo_vnode().
- Add a sysctl, kern.coredump_pack_fileinfo, to allow users to disable kinfo packing for PROCSTAT_FILES notes. This should avoid both FILES note corruption and truncation, even if filenames change, at the cost of about 1 kiB in padding bloat per open fd. Document the new sysctl in core.5.
- Fix note_procstat_files to self-limit in the 2nd pass. Since sometimes this will result in a short write, pad up to our advertised size. This addresses note corruption, at the risk of sometimes truncating the last several fd info entries.
- Fix NT_PROCSTAT_FILES consumers libutil and libprocstat to grok the zero padding.
287537: Follow-up to r287442: Move sysctl to compiled-once file
Avoid duplicate sysctl nodes.
288944: Fix core corruption caused by race in note_procstat_vmmap
This fix is spiritually similar to r287442 and was discovered thanks to the KASSERT added in that revision.
NT_PROCSTAT_VMMAP output length, when packing kinfo structs, is tied to the length of filenames corresponding to vnodes in the process' vm map via vn_fullpath. As vnodes may move during coredump, this is racy.
We do not remove the race, only prevent it from causing coredump corruption.
- Add a sysctl, kern.coredump_pack_vmmapinfo, to allow users to disable kinfo packing for PROCSTAT_VMMAP notes. This avoids VMMAP corruption and truncation, even if names change, at the cost of up to PATH_MAX bytes per mapped object. The new sysctl is documented in core.5.
- Fix note_procstat_vmmap to self-limit in the second pass. This addresses corruption, at the cost of sometimes producing a truncated result.
- Fix PROCSTAT_VMMAP consumers libutil (and libprocstat, via copy-paste) to grok the new zero padding.
Approved by: re (gjb)
|
#
289798 |
|
23-Oct-2015 |
avg |
MFC r288336: save some bytes by using more concise SDT_PROBE<n>
|
#
286216 |
|
03-Aug-2015 |
kib |
Fix ia64 to not override the call stack bottom address with the register stack bottom address, after the merge of r284956 in r285967.
Note: this is a direct commit to stable/10.
Reported and tested by: clusteradm (peter) Sponsored by: The FreeBSD Foundation
|
#
285967 |
|
28-Jul-2015 |
kib |
MFC r284956: Do not calculate the stack's bottom address twice.
|
#
283359 |
|
24-May-2015 |
kib |
MFC r282708: On exec, single-threading must be enforced before arguments space is allocated from exec_map.
|
#
282090 |
|
27-Apr-2015 |
kib |
MFC r272290 (by mjg): Use bzero instead of explicitly zeroing stuff in do_execve.
|
#
281978 |
|
25-Apr-2015 |
kib |
MFC r281883: Handle incorrect ELF images specifying size for PT_GNU_STACK not being multiple of page size.
|
#
281848 |
|
22-Apr-2015 |
kib |
MFC r281548: Implement support for binary to request specific stack size for the initial thread.
|
#
280258 |
|
19-Mar-2015 |
rwatson |
Merge r263233 from HEAD to stable/10:
Update kernel inclusions of capability.h to use capsicum.h instead; some further refinement is required as some device drivers intended to be portable over FreeBSD versions rely on __FreeBSD_version to decide whether to include capability.h.
Sponsored by: Google, Inc.
|
#
277698 |
|
25-Jan-2015 |
kib |
MFC r277322: Add procctl(2) PROC_TRACE_CTL command to enable or disable debugger attachment to the process.
|
#
276272 |
|
26-Dec-2014 |
kib |
MFC r275745: Add facility to stop all userspace processes.
MFC r275753: Fix gcc build.
MFC r275820: Add missed break.
|
#
274648 |
|
18-Nov-2014 |
kib |
Merge the fueword(9) and casueword(9). In particular,
MFC r273783: Add fueword(9) and casueword(9) functions. MFC note: ia64 is handled like arm, with NO_FUEWORD define.
MFC r273784: Replace some calls to fuword() by fueword() with proper error checking.
MFC r273785: Convert kern_umtx.c to use fueword() and casueword(). MFC note: the sys__umtx_lock and sys__umtx_unlock syscalls are not converted, they are removed from HEAD, and not used. The do_sem2*() family is not yet merged to stable/10, corresponding chunk will be merged after do_sem2* are committed.
MFC r273788 (by jkim): Actually install casuword(9) to fix build.
MFC r273911: Add type qualifier volatile to the base (userspace) address argument of fuword(9) and suword(9).
|
#
270205 |
|
20-Aug-2014 |
kib |
MFC r269907: Fix leaks of unqueued unwired pages.
|
#
270093 |
|
17-Aug-2014 |
mjg |
MFC r268636:
Plug p_pptr null test in do_execve. It is always true.
|
#
270087 |
|
17-Aug-2014 |
mjg |
MFC r268365:
Don't call crdup nor uifind under vnode lock.
A locked vnode can get into the way of satisyfing malloc with M_WATOK.
This is a fixup to r268087.
|
#
270086 |
|
17-Aug-2014 |
mjg |
MFC r268136:
Plug gcc warning after r268074 about unitialized newsigacts
|
#
270085 |
|
17-Aug-2014 |
mjg |
MFC r268087:
Don't call crcopysafe or uifind unnecessarily in execve.
|
#
270084 |
|
17-Aug-2014 |
mjg |
MFC r268074:
Perform a lockless check in sigacts_shared.
It is used only during execve (i.e. singlethreaded), so there is no fear of returning 'not shared' which soon becomes 'shared'.
While here reorganize the code a little to avoid proc lock/unlock in shared case.
|
#
268348 |
|
06-Jul-2014 |
mjg |
MFC r268002:
Call fdcloseexec right after fdunshare.
No functional changes.
|
#
268345 |
|
06-Jul-2014 |
mjg |
MFC r268001: Make fdunshare accept only td parameter.
Proc had to match the thread anyway and 2 parameters were inconsistent with the rest.
|
#
266582 |
|
23-May-2014 |
kib |
MFC r266464: In execve(2), postpone the free of old vmspace until the threads are resumed and exited.
|
#
263770 |
|
26-Mar-2014 |
kib |
MFC r263349: Make the array pointed to by AT_PAGESIZES auxv properly aligned.
|
#
260817 |
|
17-Jan-2014 |
avg |
MFC r258622: dtrace sdt: remove the ugly sname parameter of SDT_PROBE_DEFINE
|
#
257123 |
|
25-Oct-2013 |
kib |
MFC r256504: Add a sysctl kern.disallow_high_osrel which disables executing the images compiled on the world with higher major version number than the high version number of the booted kernel. Default to disable.
Approved by: re (glebius)
|
#
286216 |
|
03-Aug-2015 |
kib |
Fix ia64 to not override the call stack bottom address with the register stack bottom address, after the merge of r284956 in r285967.
Note: this is a direct commit to stable/10.
Reported and tested by: clusteradm (peter) Sponsored by: The FreeBSD Foundation
|
#
285967 |
|
28-Jul-2015 |
kib |
MFC r284956: Do not calculate the stack's bottom address twice.
|
#
283359 |
|
24-May-2015 |
kib |
MFC r282708: On exec, single-threading must be enforced before arguments space is allocated from exec_map.
|
#
282090 |
|
27-Apr-2015 |
kib |
MFC r272290 (by mjg): Use bzero instead of explicitly zeroing stuff in do_execve.
|
#
281978 |
|
25-Apr-2015 |
kib |
MFC r281883: Handle incorrect ELF images specifying size for PT_GNU_STACK not being multiple of page size.
|
#
281848 |
|
22-Apr-2015 |
kib |
MFC r281548: Implement support for binary to request specific stack size for the initial thread.
|
#
280258 |
|
19-Mar-2015 |
rwatson |
Merge r263233 from HEAD to stable/10:
Update kernel inclusions of capability.h to use capsicum.h instead; some further refinement is required as some device drivers intended to be portable over FreeBSD versions rely on __FreeBSD_version to decide whether to include capability.h.
Sponsored by: Google, Inc.
|
#
277698 |
|
25-Jan-2015 |
kib |
MFC r277322: Add procctl(2) PROC_TRACE_CTL command to enable or disable debugger attachment to the process.
|
#
276272 |
|
26-Dec-2014 |
kib |
MFC r275745: Add facility to stop all userspace processes.
MFC r275753: Fix gcc build.
MFC r275820: Add missed break.
|
#
274648 |
|
18-Nov-2014 |
kib |
Merge the fueword(9) and casueword(9). In particular,
MFC r273783: Add fueword(9) and casueword(9) functions. MFC note: ia64 is handled like arm, with NO_FUEWORD define.
MFC r273784: Replace some calls to fuword() by fueword() with proper error checking.
MFC r273785: Convert kern_umtx.c to use fueword() and casueword(). MFC note: the sys__umtx_lock and sys__umtx_unlock syscalls are not converted, they are removed from HEAD, and not used. The do_sem2*() family is not yet merged to stable/10, corresponding chunk will be merged after do_sem2* are committed.
MFC r273788 (by jkim): Actually install casuword(9) to fix build.
MFC r273911: Add type qualifier volatile to the base (userspace) address argument of fuword(9) and suword(9).
|
#
270205 |
|
20-Aug-2014 |
kib |
MFC r269907: Fix leaks of unqueued unwired pages.
|
#
270093 |
|
17-Aug-2014 |
mjg |
MFC r268636:
Plug p_pptr null test in do_execve. It is always true.
|
#
270087 |
|
17-Aug-2014 |
mjg |
MFC r268365:
Don't call crdup nor uifind under vnode lock.
A locked vnode can get into the way of satisyfing malloc with M_WATOK.
This is a fixup to r268087.
|
#
270086 |
|
17-Aug-2014 |
mjg |
MFC r268136:
Plug gcc warning after r268074 about unitialized newsigacts
|
#
270085 |
|
17-Aug-2014 |
mjg |
MFC r268087:
Don't call crcopysafe or uifind unnecessarily in execve.
|
#
270084 |
|
17-Aug-2014 |
mjg |
MFC r268074:
Perform a lockless check in sigacts_shared.
It is used only during execve (i.e. singlethreaded), so there is no fear of returning 'not shared' which soon becomes 'shared'.
While here reorganize the code a little to avoid proc lock/unlock in shared case.
|
#
268348 |
|
06-Jul-2014 |
mjg |
MFC r268002:
Call fdcloseexec right after fdunshare.
No functional changes.
|
#
268345 |
|
06-Jul-2014 |
mjg |
MFC r268001: Make fdunshare accept only td parameter.
Proc had to match the thread anyway and 2 parameters were inconsistent with the rest.
|
#
266582 |
|
23-May-2014 |
kib |
MFC r266464: In execve(2), postpone the free of old vmspace until the threads are resumed and exited.
|
#
263770 |
|
26-Mar-2014 |
kib |
MFC r263349: Make the array pointed to by AT_PAGESIZES auxv properly aligned.
|
#
260817 |
|
17-Jan-2014 |
avg |
MFC r258622: dtrace sdt: remove the ugly sname parameter of SDT_PROBE_DEFINE
|
#
257123 |
|
25-Oct-2013 |
kib |
MFC r256504: Add a sysctl kern.disallow_high_osrel which disables executing the images compiled on the world with higher major version number than the high version number of the booted kernel. Default to disable.
Approved by: re (glebius)
|