Thomas Veerman [Fri, 30 Nov 2012 12:49:53 +0000 (12:49 +0000)]
VFS: fix locking bugs
.sync and fsync used unnecessarily restrictive locking type
.fsync violated locking order by obtaining a vmnt lock after a filp lock
.fsync contained a TOCTOU bug
.new_node violated locking rules (didn't upgrade lock upon file creation)
.do_pipe used unnecessarily restrictive locking type
.always lock pipes exclusively; even a read operation might require to do
a write on a vnode object (update pipe size)
.when opening a file with O_TRUNC, upgrade vnode lock when truncating
.utime used unnecessarily restrictive locking type
.path parsing:
.always acquire VMNT_WRITE or VMNT_EXCL on vmnt and downgrade to
VMNT_READ if that was what was actually requested. This prevents the
following deadlock scenario:
thread A:
lock_vmnt(vmp, TLL_READSER);
lock_vnode(vp, TLL_READSER);
upgrade_vmnt_lock(vmp, TLL_WRITE);
thread A will be stuck in upgrade_vmnt_lock and thread B is stuck in
lock_vnode. This happens when, for example, thread A tries create a
new node (open.c:new_node) and thread B tries to do eat_path to
change dir (stadir.c:do_chdir). When the path is being resolved, a
vnode is always locked with VNODE_OPCL (TLL_READSER) and then
downgraded to VNODE_READ if read-only is actually requested. Thread
A locks the vmnt with VMNT_WRITE (TLL_READSER) which still allows
VMNT_READ locks. Thread B can't acquire a lock on the vnode because
thread A has it; Thread A can't upgrade its vmnt lock to VMNT_WRITE
(TLL_WRITE) because thread B has a VMNT_READ lock on it.
By serializing vmnt locks during path parsing, thread B can only
acquire a lock on vmp when thread A has completely finished its
operation.
Antoine Leca [Mon, 7 Jan 2013 11:07:29 +0000 (11:07 +0000)]
gzip: fix warning messages with off_t
NetBSD assumes off_t is 64-bit, but on MINIX it is still 32-bit.
So cast the calls to use big_off_t, as stat(2) uses.
Only used in warning messages, was not a real production bug.
Ben Gras [Sun, 6 Jan 2013 18:18:41 +0000 (18:18 +0000)]
kernel: trap-dependent state restore, trace fixes
. restore state depends on how saving of state was done;
also remember trap style in sig context
. actually set and restore TRACEBIT with new trap styles;
have to remove it once process enters kernel though, done
in debug trap exception handler
. introduce MF_STEP that makes arch-specific code
turn on trace bit instead of setting TRACEBIT directly,
a bit more arch-friendly and avoids keeping precious
state in per-process PSW arch-dependently
Ben Gras [Fri, 4 Jan 2013 17:14:31 +0000 (17:14 +0000)]
kernel: separate state for trace-deferred syscalls
state is usually not in p_reg any more with sysenter/syscall trap entries,
so when saving/restarting do_ipc invocations the state has to be remembered
explicitly.
Ben Gras [Fri, 4 Jan 2013 14:58:12 +0000 (14:58 +0000)]
kernel: restore setting KTS_NONE
The 'trap style' variable records how a process has trapped into the
kernel (hardware/software interrupt, or one of the other trap
instructions). KTS_NONE indicates the process isn't trapped into the
kernel at all and is useful for sanity checking. The KTS_NONE reset was
inadvertently removed while removing some debugging code and this commit
restores it.
Ben Gras [Fri, 4 Jan 2013 18:26:10 +0000 (18:26 +0000)]
kernel: restore stacktraces
When processes have entered the kernel with one of the new
trap modes, %ebp is not valid, used for stacktraces, so we
need an alternative way to retrieve it to make the stacktraces
valid again.
Ben Gras [Mon, 17 Dec 2012 18:26:52 +0000 (18:26 +0000)]
vm: replace phys avl by array
. make vm be able to use malloc() by overriding brk()
and minix_mmap() functions
. phys regions can then be malloc()ed and free()d instead
of being in an avl tree, which is slightly faster
. 'offset' field in phys_region can go too (offset is implied
by position in array) but leads to bigger code changes
Lionel Sambuc [Mon, 10 Dec 2012 14:49:24 +0000 (15:49 +0100)]
Shell tests now complain more loudly.
Adding the bomb function which takes as a parameter a string
to be printed, print it, cleans up and exits with an error
code. It also means they will exit after the first error, unlike
previous behaviour.
test3 performs tests for null pointers but after that still continues
and uses them. This results in segfault's. Fixing this issue by failing
on the first error.
Lionel Sambuc [Tue, 27 Nov 2012 11:40:17 +0000 (11:40 +0000)]
Adding missing symlink to dynamic loader.
As the release script does not copy over files from the currently
running system anymore, it has appeared that some binaries are
looking for the dynamic loader in /lib instead of /usr/lib.
It has been replaced by a symlink to ensure compatibility with
binaries, until the path is updated in all the toolchains to be
the same.
Lionel Sambuc [Tue, 27 Nov 2012 11:48:49 +0000 (11:48 +0000)]
Simplifying release.sh script.
As the build system can now generate a full root file system,
there is no need to bootstrap the iso image by copying over
files from the currently system.
The SVN references have also been mostly taken out, as they are
not anymore valid. Some cleanup have been done to try to improve
the readability of the script.
Thomas Veerman [Tue, 20 Nov 2012 13:14:31 +0000 (13:14 +0000)]
VFS: change 'last_dir' to match locking assumption
new_node makes the assumption that when it does last_dir on a path, a
successive advance would not yield a lock on a vmnt, because last_dir
already locked the vmnt. This is true except when last_dir resolves
to a directory on the parent vmnt of the file that was the result of
advance. For example,
# cd /
# echo foo > home
where home is on a different (sub) partition than / is (default
install). last_dir would resolve to / and advance would resolve to
/home.
With this change, last_dir resolves to the root node on the /home
partition, making the assumption valid again.
Lionel Sambuc [Mon, 19 Nov 2012 13:36:33 +0000 (14:36 +0100)]
etcforce and etcfiles fixup
The way etcfiles was re-implemented was wrong as it would overwrite the
password database. This patch adds back a proper etcfiles (safe) target,
and a etcforce (unsafe) target.
Ben Gras [Mon, 12 Nov 2012 18:15:10 +0000 (19:15 +0100)]
can't get_block(NO_DEV) any more
. 'anonymous' cache blocks (retrieved with NO_DEV as dev
parameter) were used to implement read()s from holes in
inodes that should return zeroes
. this is an awkward special case in the cache code though
and there's a more direct way to implement the same functionality:
instead of copying from a new, anonymous, zero block, to
the user target buffer, simply sys_safememset the user target
buffer directly. as this was the only use of this feature,
this is all that's needed to simplify the cache code a little.
Tomas Hruby [Wed, 14 Nov 2012 22:00:29 +0000 (22:00 +0000)]
ipc.h - IPC defined as functions again
- CHOOSETRAP define makes impossible to use some common words
like send, receive and notify in any other context, for
instance as members or structures
- any reasonable compiler inlines the static inline functions so
no extra function call overhead is introduced by this change
- this gets us back to the situation before the SYSCALL/SYSENTER
change. It is not perfect, but it used to work and still does.
Lionel Sambuc [Thu, 1 Nov 2012 21:55:12 +0000 (22:55 +0100)]
Cross compile on minix support
* Remade patch so it works with minix patch tool.
* New MINIX tar support -ox, so revert back to it
In fetch scripts, tar had been replaced by bsdtar as the prebvious
tar did not support the -o flag under minix, which is required to
prevent usage of tar file stored user and group information.
This introduces portability problems. As our new tar tool now
support that flag revert back to improve portability.
Lionel Sambuc [Fri, 26 Oct 2012 13:22:39 +0000 (15:22 +0200)]
Toolchain upgrade and portability improvements.
upgrade to NetBSD CVS release from 2012/10/17 12:00:00 UTC
Makefiles updates to imporve portability
Made sure to be consistent in the usage of braces/parenthesis at
least on a per file basis. For variables, it is recommended to
continue to use braces.
The tested targets are the followgin ones:
* tools
* distribution
* sets
* release
The remaining NetBSD targets have not been disabled nor tested
*at all*. Try them at your own risk, they may reboot the earth.
For all compliant Makefiles, objects and generated files are put in
MAKEOBJDIR, which means you can now keep objects between two branch
switching. Same for DESTDIR, please refer to build.sh options.
Regarding new or modifications of Makefiles a few things:
* Read share/mk/bsd.README
* If you add a subdirectory, add a Makefile in it, and have it called
by the parent through the SUBDIR variable.
* Do not add arbitrary inclusion which crosses to another branch of
the hierarchy; If you can't do without it, put a comment on why.
If possible, do not use inclusion at all.
* Use as much as possible the infrastructure, it is here to make
life easier, do not fight it.
Sets and package are now used to track files.
We have one set called "minix", composed of one package called "minix-sys"
Bumping libc files for unsupported architectures, to simplify merging.
A bunch of small fixes:
* in libutil update
* the macro in endian.h
* some undefined types due to clear separation from host.
* Fix a warning for cdbr.c
Some modification which were required for the new build system:
* inclusion path for const.h in sconst, still hacky
* Removed default malloc.c which conflicts on some occasions.
VFS: do not save device node for new regular files
The VFS/FS protocol does not require the file server to supply a
special device node number in response to a REQ_CREATE request, as
this call creates only regular files. Therefore, VFS should not
erroneously save this piece of information from the REQ_CREATE reply
either.