From owner-p4-projects@FreeBSD.ORG  Fri Oct  2 22:34:34 2009
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 2277B1065758; Fri,  2 Oct 2009 22:34:34 +0000 (UTC)
Delivered-To: perforce@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id AC0711065670
	for <perforce@freebsd.org>; Fri,  2 Oct 2009 22:34:33 +0000 (UTC)
	(envelope-from trasz@freebsd.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 9A04E8FC1A
	for <perforce@freebsd.org>; Fri,  2 Oct 2009 22:34:33 +0000 (UTC)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id n92MYXB8091751
	for <perforce@freebsd.org>; Fri, 2 Oct 2009 22:34:33 GMT
	(envelope-from trasz@freebsd.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.14.3/8.14.3/Submit) id n92MYXeK091749
	for perforce@freebsd.org; Fri, 2 Oct 2009 22:34:33 GMT
	(envelope-from trasz@freebsd.org)
Date: Fri, 2 Oct 2009 22:34:33 GMT
Message-Id: <200910022234.n92MYXeK091749@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	trasz@freebsd.org using -f
From: Edward Tomasz Napierala <trasz@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 169165 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Oct 2009 22:34:34 -0000

http://perforce.freebsd.org/chv.cgi?CH=169165

Change 169165 by trasz@trasz_victim on 2009/10/02 22:34:12

	IFC.

Affected files ...

.. //depot/projects/soc2009/trasz_limits/etc/rc.d/routing#5 integrate
.. //depot/projects/soc2009/trasz_limits/sys/kern/init_main.c#15 integrate
.. //depot/projects/soc2009/trasz_limits/sys/kern/kern_exec.c#8 integrate
.. //depot/projects/soc2009/trasz_limits/sys/kern/uipc_socket.c#11 integrate
.. //depot/projects/soc2009/trasz_limits/sys/vm/vm_mmap.c#8 integrate
.. //depot/projects/soc2009/trasz_limits/tools/regression/mmap/mmap.c#2 integrate

Differences ...

==== //depot/projects/soc2009/trasz_limits/etc/rc.d/routing#5 (text+ko) ====

@@ -2,7 +2,7 @@
 #
 # Configure routing and miscellaneous network tunables
 #
-# $FreeBSD: src/etc/rc.d/routing,v 1.151 2009/10/02 02:28:59 hrs Exp $
+# $FreeBSD: src/etc/rc.d/routing,v 1.152 2009/10/02 20:19:53 hrs Exp $
 #
 
 # PROVIDE: routing
@@ -13,26 +13,80 @@
 . /etc/network.subr
 
 name="routing"
-start_cmd="routing_start"
+start_cmd="routing_start doall"
 stop_cmd="routing_stop"
 extra_commands="options static"
-static_cmd="static_start"
-options_cmd="options_start"
+static_cmd="routing_start static"
+options_cmd="routing_start options"
+
+afcheck()
+{
+	case $_af in
+	""|inet|inet6|ipx|atm)
+		;;
+	*)
+		err 1 "Unsupported address family: $_af."
+		;;
+	esac
+}
 
 routing_start()
 {
-	static_start "$@"
-	options_start "$@"
+	local _cmd _af _a
+	_cmd=$1
+	_af=$2
+
+	afcheck
+
+	case $_af in
+	inet|inet6|ipx|atm)
+		setroutes $_cmd $_af
+		;;
+	"")
+		for _a in inet inet6 ipx atm; do
+			afexists $_a && setroutes $_cmd $_a
+		done
+		;;
+	esac
+	[ -n "${_ropts_initdone}" ] && echo '.'
 }
 
 routing_stop()
 {
-	local _af
+	local _af _a
+	_af=$1
+
+	afcheck
+
+	case $_af in
+	inet|inet6|ipx|atm)
+		eval static_${_af} delete
+		eval routing_stop_${_af}
+		;;
+	"")
+		for _a in inet inet6 ipx atm; do
+			afexists $_a || continue
+			eval static_${_a} delete
+			eval routing_stop_${_a}
+		done
+		;;
+	esac
+}
 
-	static_stop "$@"
-	for _af in inet inet6; do
-		afexists ${_af} && eval routing_stop_${_af}
-	done
+setroutes()
+{
+	case $1 in
+	static)
+		static_$2 add
+		;;
+	options)
+		options_$2
+		;;
+	doall)
+		static_$2 add
+		options_$2
+		;;
+	esac
 }
 
 routing_stop_inet()
@@ -50,47 +104,16 @@
 	done
 }
 
-static_start()
+routing_stop_atm()
 {
-	local _af
-	_af=$1
-
-	case ${_af} in
-	inet|inet6|atm)
-		do_static add ${_af}
-		;;
-	"")
-		do_static add inet inet6 atm
-		;;
-	esac
+	return 0
 }
 
-static_stop()
+routing_stop_ipx()
 {
-	local _af
-	_af=$1
-
-	case ${_af} in
-	inet|inet6|atm)
-		do_static delete ${_af}
-		;;
-	"")
-		do_static delete inet inet6 atm
-		;;
-	esac
+	return 0
 }
 
-do_static()
-{
-	local _af _action
-	_action=$1
-
-	shift
-	for _af in "$@"; do
-		afexists ${_af} && eval static_${_af} ${_action}
-	done
-}
-
 static_inet()
 {
 	local _action
@@ -233,6 +256,10 @@
 	fi
 }
 
+static_ipx()
+{
+}
+
 _ropts_initdone=
 ropts_init()
 {
@@ -242,16 +269,6 @@
 	fi
 }
 
-options_start()
-{
-	local _af
-
-	for _af in inet inet6 ipx; do
-		afexists ${_af} && eval options_${_af}
-	done
-	 [ -n "${_ropts_initdone}" ] && echo '.'
-}
-
 options_inet()
 {
 	if checkyesno icmp_bmcastecho; then
@@ -322,6 +339,10 @@
 	fi
 }
 
+options_atm()
+{
+}
+
 options_ipx()
 {
 	if checkyesno ipxgateway_enable; then

==== //depot/projects/soc2009/trasz_limits/sys/kern/init_main.c#15 (text+ko) ====

@@ -42,7 +42,7 @@
  */
 
 #include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/kern/init_main.c,v 1.305 2009/10/01 10:53:12 avg Exp $");
+__FBSDID("$FreeBSD: src/sys/kern/init_main.c,v 1.306 2009/10/02 17:48:51 bz Exp $");
 
 #include "opt_ddb.h"
 #include "opt_init_path.h"
@@ -510,6 +510,11 @@
 	pmap_pinit0(vmspace_pmap(&vmspace0));
 	p->p_vmspace = &vmspace0;
 	vmspace0.vm_refcnt = 1;
+
+	/*
+	 * proc0 is not expected to enter usermode, so there is no special
+	 * handling for sv_minuser here, like is done for exec_new_vmspace().
+	 */
 	vm_map_init(&vmspace0.vm_map, p->p_sysent->sv_minuser,
 	    p->p_sysent->sv_maxuser);
 	vmspace0.vm_map.pmap = vmspace_pmap(&vmspace0);

==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_exec.c#8 (text+ko) ====

@@ -25,7 +25,7 @@
  */
 
 #include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/kern/kern_exec.c,v 1.338 2009/09/09 10:52:36 kib Exp $");
+__FBSDID("$FreeBSD: src/sys/kern/kern_exec.c,v 1.339 2009/10/02 17:48:51 bz Exp $");
 
 #include "opt_hwpmc_hooks.h"
 #include "opt_kdtrace.h"
@@ -122,6 +122,11 @@
 SYSCTL_ULONG(_kern, OID_AUTO, ps_arg_cache_limit, CTLFLAG_RW, 
     &ps_arg_cache_limit, 0, "");
 
+static int map_at_zero = 0;
+TUNABLE_INT("security.bsd.map_at_zero", &map_at_zero);
+SYSCTL_INT(_security_bsd, OID_AUTO, map_at_zero, CTLFLAG_RW, &map_at_zero, 0,
+    "Permit processes to map an object at virtual address 0.");
+
 static int
 sysctl_kern_ps_strings(SYSCTL_HANDLER_ARGS)
 {
@@ -1002,7 +1007,7 @@
 	int error;
 	struct proc *p = imgp->proc;
 	struct vmspace *vmspace = p->p_vmspace;
-	vm_offset_t stack_addr;
+	vm_offset_t sv_minuser, stack_addr;
 	vm_map_t map;
 	u_long ssiz;
 
@@ -1018,13 +1023,17 @@
 	 * not disrupted
 	 */
 	map = &vmspace->vm_map;
-	if (vmspace->vm_refcnt == 1 && vm_map_min(map) == sv->sv_minuser &&
+	if (map_at_zero)
+		sv_minuser = sv->sv_minuser;
+	else
+		sv_minuser = MAX(sv->sv_minuser, PAGE_SIZE);
+	if (vmspace->vm_refcnt == 1 && vm_map_min(map) == sv_minuser &&
 	    vm_map_max(map) == sv->sv_maxuser) {
 		shmexit(vmspace);
 		pmap_remove_pages(vmspace_pmap(vmspace));
 		vm_map_remove(map, vm_map_min(map), vm_map_max(map));
 	} else {
-		error = vmspace_exec(p, sv->sv_minuser, sv->sv_maxuser);
+		error = vmspace_exec(p, sv_minuser, sv->sv_maxuser);
 		if (error)
 			return (error);
 		vmspace = p->p_vmspace;

==== //depot/projects/soc2009/trasz_limits/sys/kern/uipc_socket.c#11 (text+ko) ====

@@ -95,7 +95,7 @@
  */
 
 #include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/kern/uipc_socket.c,v 1.344 2009/09/15 22:23:45 andre Exp $");
+__FBSDID("$FreeBSD: src/sys/kern/uipc_socket.c,v 1.345 2009/10/02 21:31:15 rwatson Exp $");
 
 #include "opt_inet.h"
 #include "opt_inet6.h"
@@ -970,9 +970,6 @@
 	 * must use a signed comparison of space and resid.  On the other
 	 * hand, a negative resid causes us to loop sending 0-length
 	 * segments to the protocol.
-	 *
-	 * Also check to make sure that MSG_EOR isn't used on SOCK_STREAM
-	 * type sockets since that's an error.
 	 */
 	if (resid < 0) {
 		error = EINVAL;

==== //depot/projects/soc2009/trasz_limits/sys/vm/vm_mmap.c#8 (text+ko) ====

@@ -41,7 +41,7 @@
  */
 
 #include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/vm/vm_mmap.c,v 1.235 2009/09/27 14:49:51 simon Exp $");
+__FBSDID("$FreeBSD: src/sys/vm/vm_mmap.c,v 1.236 2009/10/02 17:51:46 bz Exp $");
 
 #include "opt_compat.h"
 #include "opt_hwpmc_hooks.h"
@@ -97,14 +97,6 @@
     "Maximum number of memory-mapped files per process");
 
 /*
- * 'mmap_zero' determines whether or not MAP_FIXED mmap() requests for
- * virtual address zero are permitted.
- */
-static int mmap_zero;
-SYSCTL_INT(_security_bsd, OID_AUTO, mmap_zero, CTLFLAG_RW, &mmap_zero, 0,
-    "Processes may map an object at virtual address zero");
-
-/*
  * Set the maximum number of vm_map_entry structures per process.  Roughly
  * speaking vm_map_entry structures are tiny, so allowing them to eat 1/100
  * of our KVM malloc space still results in generous limits.  We want a
@@ -277,13 +269,6 @@
 		if (addr & PAGE_MASK)
 			return (EINVAL);
 
-		/*
-		 * Mapping to address zero is only permitted if
-		 * mmap_zero is enabled.
-		 */
-		if (addr == 0 && !mmap_zero)
-			return (EINVAL);
-
 		/* Address range must be all in user VM space. */
 		if (addr < vm_map_min(&vms->vm_map) ||
 		    addr + size > vm_map_max(&vms->vm_map))

==== //depot/projects/soc2009/trasz_limits/tools/regression/mmap/mmap.c#2 (text+ko) ====

@@ -23,7 +23,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $FreeBSD: src/tools/regression/mmap/mmap.c,v 1.1 2009/09/27 21:03:33 bz Exp $
+ * $FreeBSD: src/tools/regression/mmap/mmap.c,v 1.2 2009/10/02 17:53:48 bz Exp $
  */
 
 #include <sys/param.h>
@@ -36,7 +36,7 @@
 
 const struct tests {
 	void	*addr;
-	int	ok[2];	/* Depending on security.bsd.mmap_zero {0, !=0}. */
+	int	ok[2];	/* Depending on security.bsd.map_at_zero {0, !=0}. */
 } tests[] = {
 	{ (void *)0,			{ 0, 1 } }, /* Test sysctl. */
 	{ (void *)1,			{ 0, 0 } },
@@ -54,37 +54,37 @@
 {
 	void *p;
 	size_t len;
-	int i, error, mib[3], mmap_zero;
+	int i, error, mib[3], map_at_zero;
 
 	error = 0;
 
-	/* Get the current sysctl value of security.bsd.mmap_zero. */
+	/* Get the current sysctl value of security.bsd.map_at_zero. */
 	len = sizeof(mib) / sizeof(*mib);
-	if (sysctlnametomib("security.bsd.mmap_zero", mib, &len) == -1)
-		err(1, "sysctlnametomib(security.bsd.mmap_zero)");
+	if (sysctlnametomib("security.bsd.map_at_zero", mib, &len) == -1)
+		err(1, "sysctlnametomib(security.bsd.map_at_zero)");
 
-	len = sizeof(mmap_zero);
-	if (sysctl(mib, 3, &mmap_zero, &len, NULL, 0) == -1)
-		err(1, "sysctl(security.bsd.mmap_zero)");
+	len = sizeof(map_at_zero);
+	if (sysctl(mib, 3, &map_at_zero, &len, NULL, 0) == -1)
+		err(1, "sysctl(security.bsd.map_at_zero)");
 
 	/* Normalize to 0 or 1 for array access. */
-	mmap_zero = !!mmap_zero;
+	map_at_zero = !!map_at_zero;
 
 	for (i=0; i < (sizeof(tests) / sizeof(*tests)); i++) {
 		p = mmap((void *)tests[i].addr, PAGE_SIZE,
 		    PROT_READ | PROT_WRITE | PROT_EXEC, MAP_ANON | MAP_FIXED,
 		    -1, 0);
 		if (p == MAP_FAILED) {
-			if (tests[i].ok[mmap_zero] != 0)
+			if (tests[i].ok[map_at_zero] != 0)
 				error++;
 			warnx("%s: mmap(%p, ...) failed.",
-			    (tests[i].ok[mmap_zero] == 0) ? "OK " : "ERR",
+			    (tests[i].ok[map_at_zero] == 0) ? "OK " : "ERR",
 			     tests[i].addr);
 		} else {
-			if (tests[i].ok[mmap_zero] != 1)
+			if (tests[i].ok[map_at_zero] != 1)
 				error++;
 			warnx("%s: mmap(%p, ...) succeeded: p=%p",
-			    (tests[i].ok[mmap_zero] == 1) ? "OK " : "ERR",
+			    (tests[i].ok[map_at_zero] == 1) ? "OK " : "ERR",
 			    tests[i].addr, p);
 		}
 	}