membar_ops(3): Clarify language about membar_datadep_consumer.
I must have deleted a sentence about the temptation to pair it with
membar_producer in some earlier revision; let's write a new such
sentence.
crypto(4): Nix spurious mutex_exit; add missing bounds checks.
Consistently use `foo = kmem_alloc(n * sizeof(*foo), ...)' instead of
`sizeof(struct whatever_foo_is)'. Makes it easier for a reader to
notice a discrepancy this way.
Move CRYPTODEV_OPS_MAX to cryptodev_internal.h so it can be used by
the compat ocryptodev.c shims too. I think this is waaaaaaaaaaaaay
too high, by the way. For example, it looks like qat(4) puts a limit
of 16384 on the number of sessions. Other devices like hifn(4) look
like they're limited to numbers of sessions ranging from 2 to around
256.
PR kern/60281: crypto(4): bugs in reference counting and test
crypto(4): Omit needless locking in fcrypt_dtor.
We must have exclusive access to the object for this function to work
at all, so if removing the locks appeared to cause issues, it would
necessarily happen only because there is a bug somewhere else.
PR kern/60281: crypto(4): bugs in reference counting and test
crypto(4): Disentangle initialization and attachment goo.
Lotta unnecessary boilerplate deleted here!
Disable module unloading: can't be done safely. Explain precisely
why it can't be done safely.
This also fixes annoying `crypto: unable to register devsw, error 17'
messages in rump dmesg by having exactly one path to devsw_attach.
PR kern/60281: crypto(4): bugs in reference counting and test
crypto(4): Fix missing membars on reference count release.
If two threads A and B both hold references, we need to ensure that
memory ops in thread A happen before memory free in thread B in:
thread A thread B notes
-------- -------- -----
memory ops
atomic_dec(&refcnt) goes from 2 to 1
atomic_dec(&refcnt) goes from 1 to 0
memory free
This requires a membar_release in thread A before the atomic_dec (or
atomic_dec with memory_order_release), and a membar_acquire in thread
B after the atomic_dec is found to have brought the reference count
down to zero (or atomic_dec wiht memory_order_acquire).
kern/60281: crypto(4): bugs in reference counting and test
crypto(4): Take reference _before_ releasing the lock.
Otherwise nothing ensures the object will still exist by the time we
try to take the reference.
Also guard against too many references, since this is only a 32-bit
reference count.
PR kern/60281: crypto(4): bugs in reference counting and test
crypto(4): Make test more reliable, and test more.
1. New thread to concurrently create and destroy sessions.
(There should really be multiple threads to concurrently compete
with each other to create and destroy sessions, but this is
already surfacing more crashes, as I expected.)
2. Handle EBUSY in CIOCFSESSION in case there is a concurrent
CIOCCRYPT, as we are trying to test.
3. Handle CIOCCRYPT failure if a concurrent CIOCFSESSION beat us to
it, as we are trying to test
4. Dump core if the threads get stuck for too long.
5. Provide stack traces from the test program or rump server if they
dump core.
PR kern/60281: crypto(4): bugs in reference counting and test
Pull up following revision(s) (requested by hgutch in ticket #292):
external/mit/xorg/tools/fc-cache/Makefile: revision 1.24
Build fc-cache tool with -std=gnu99 instead of -std=c99 to get necessary
function prototypes on gcc-14/glibc build hosts.
Pull up following revision(s) (requested by isaki in ticket #1268):
etc/etc.luna68k/MAKEDEV.conf: revision 1.12
luna68k: Add missing audio devices to MAKEDEV.
Pull up following revision(s) (requested by isaki in ticket #291):
etc/etc.luna68k/MAKEDEV.conf: revision 1.12
luna68k: Add missing audio devices to MAKEDEV.
Pull up following revision(s) (requested by riastradh in ticket #289):
usr.bin/ruptime/ruptime.c: revision 1.16
usr.sbin/inetd/ratelimit.c: revision 1.3
fix a couple of "allocate too little" issues GCC 14 pointed out.
both ruptime and inetd allocate a less-than-struct-sized space and
assign it to a struct pointer. neither of them actually use more
than the allocated memory, but this is still dodgy and technically
wrong. just allocate the right size.
Pull up following revision(s) (requested by christos in ticket #288):
crypto/external/bsd/openssh/dist/sshd-session.c: revision 1.13
crypto/external/bsd/openssh/dist/sshd-auth.c: revision 1.6
PR/60270: Jose Luis Duran: Add back accidentally removed probes.
PR bin/60275 discard even less arriving signals
Avoid signals arriving immediately after a fork() (or vfork())
by blocking everything (everything possible) while the fork()
happens, in the parent, for (close to) the minimum possible time,
in the child, until it has its state init'd enough that it is
safe for signals to arrive.
Further, if a signal does arrive (in a child) which was trapped
in the parent, but hasn't been cleaned up fully yet, instead of
simply ignoring it, send it to ourselves, after setting its state
to SIG_DFL (which is what would eventually happen to a trapped
signal anyway). If that doesn't kill us, then we will end up
(harmlessly) setting the state to SIG_DFL again later as would happen
if the signal hadn't arrived in this short window; we cannot record that
it happened to avoid that, as we might be in a vforked child, and
anything recorded by that would be visible back in the parent later
(where the signal action was not changed).
[12 lines not shown]
Pull up following revision(s) (requested by mrg in ticket #2012):
sys/fs/cd9660/cd9660_rrip.c: revision 1.19
cd9660: make sure that NM records are at least 5 bytes long.
avoids an integer underflow when this length has 5 subtracted from it
for a later path.
Reported by Adam Crosser, Praetorian
Pull up following revision(s) (requested by mrg in ticket #1267):
sys/fs/cd9660/cd9660_rrip.c: revision 1.19
cd9660: make sure that NM records are at least 5 bytes long.
avoids an integer underflow when this length has 5 subtracted from it
for a later path.
Reported by Adam Crosser, Praetorian
build.sh: Make MAKEVERBOSE tests consistent.
- Use "${MAKEVERBOSE}" to avoid trouble in case it has spaces or
asterisks or whatever in the environment.
- Default to 2 if it's not defined or empty.
Should fix build.sh pkg=... without any -N argument or any
MAKEVERBOSE set in the environment.
