kernel - Add per-process capability-based restrictions

* This new system allows userland to set capability restrictions which
turns off numerous kernel features and root accesses. These restricti

kernel - Add per-process capability-based restrictions

* This new system allows userland to set capability restrictions which
turns off numerous kernel features and root accesses. These restrictions
are inherited by sub-processes recursively. Once set, restrictions cannot
be removed.

Basic restrictions that mimic an unadorned jail can be enabled without
creating a jail, but generally speaking real security also requires
creating a chrooted filesystem topology, and a jail is still needed
to really segregate processes from each other. If you do so, however,
you can (for example) disable mount/umount and most global root-only
features.

* Add new system calls and a manual page for syscap_get(2) and syscap_set(2)

* Add sys/caps.h

* Add the "setcaps" userland utility and manual page.

* Remove priv.9 and the priv_check infrastructure, replacing it with
a newly designed caps infrastructure.

* The intention is to add path restriction lists and similar features to
improve jailess security in the near future, and to optimize the
priv_check code.

show more ...

kernel: Remove <sys/mutex.h> from all files that don't need it (2/2).

98% of these were remains from porting from FreeBSD which could have
been removed after converting to lockmgr(), etc.

Due to an

kernel: Remove <sys/mutex.h> from all files that don't need it (2/2).

98% of these were remains from porting from FreeBSD which could have
been removed after converting to lockmgr(), etc.

Due to an issue in my checking earlier, not everything was cleaned up
correctly.

show more ...

usb4bsd: Cleanup pass0.

* Adjust indentation, whitespace and typos.

usb - Update bus/u4b

* Update bus/u4b from FreeBSD to commit 3121e258c76aa, 10 March 2015,
with the following commit message:

Lock softc before clearing bits.

* Some bits not updated. Som

usb - Update bus/u4b

* Update bus/u4b from FreeBSD to commit 3121e258c76aa, 10 March 2015,
with the following commit message:

Lock softc before clearing bits.

* Some bits not updated. Some changes around the MSI handling work
differently in DFly so I punted on that. And the serial/tty in FreeBSD
is a bit different, particular this 'pps' stuff.

* Numerous bits of code currently conditionalized out use ABI features
from FreeBSD, particularly RWTUN, which we do not yet have. Currently
non-critical, we can fix these as the related code gets used (if the
related code gets used).

Reviewed-by: Markus Pfeiffer

show more ...

usb4bsd: Sync with FreeBSD r276791 - revert broken 64bit DMA

* Revert a change that lead to an uninitialised value being used
for the number of bits in a DMA address.

usb4bsd: Sync with FreeBSD r276791

usb4bsd: Sync with FreeBSD r276791

* update usb_transfer.{c,h} so uaudio can be ported and tested

usb4bsd: sync if_axe

kernel - u4b - Implement doorbell

* Implement the doorbell properly.

* Use the doorbell to clear the previous transfer when reusing a transfer.
This is a horribly inefficient hack but it's better

kernel - u4b - Implement doorbell

* Implement the doorbell properly.

* Use the doorbell to clear the previous transfer when reusing a transfer.
This is a horribly inefficient hack but it's better than blowing up the
controller

(This is in addition to the xfer freeing fifo hack)

* We also seem to need to ring the doorbell when queueing transfers. This
should not be necessary.

* Enable ASP. This allows qTD bursts, making high speed busses more
efficient.

* NOTE: There are still problems with umass. With some USB sticks,
writing to the stick causes the cpu to stall for very long
periods of time. It is shown as 'interrupt' overhead but insofar
as I can tell it's actually the controller stalling the memory
bus for reasons unknown.

This does not happen with e.g. a SATA SSD connected through a USB
adapter.

show more ...

kernel - Hack fixes for EHCI issues in U4B

* These changes fix several issues with the U4B EHCI. Insertion and Removal
events through hubs no longer crash the controller and/or the machine.
And

kernel - Hack fixes for EHCI issues in U4B

* These changes fix several issues with the U4B EHCI. Insertion and Removal
events through hubs no longer crash the controller and/or the machine.
And heavy bulk traffic no longer crashes the controller or has weird
failures. Probing works more reliably as well.

* The main problem is the U4B design for QH/TD descriptors. It allocates
and frees them with the xfer. For the EHCI controller it rips out the
QH's from the chain and doesn't do the right interactions with the
controller to ensure that the controller is not still iterating through
the chain.

It is possible for the controller to wind up iterating through a long
chain of removed (finished or timed-out) QH's. If any of them are
kfree()'d or free/reallocated/reused before their time, BOOM! The
controller can chain right through into random memory and blow up.

* The first hack is to delay kfree()ing the xfer rollup buffer. I just
threw in a 256-slot delay. I'm not even doing it right (it isn't time-based
or doorbell-based). Note that linux uses the doorbell-based method,
where the structures are left intact until the next doorbell interrupt.

* The second hack is to issue doorbells (EHCI_CMD_IAAD) after every new
transfer is queued and after each transfer is removed. The doorbell is
PARTICULARLY important after a removal, because the controller can
wind up sitting on a removed QH indefinitely otherwise.

Removed chains can cause the controller to miss newly added chains, thus
the doorbell is needed for that reason as well.

Also reorder the cpu flushes a little when coding the above.

* Add numerous new structural fields and assertions to ensure that the
EHCI code doesn't try to remove requests from HW that were never queued
to HW. The U4B API's are *VERY* loose in this regard so I added a
double check.

* DragonFly: The ugen*.* devices need a dev d_open and d_close routine.
Our default d_open/d_close is not the same as FreeBSD's.

* Fix a major bug in usb_open() where the 'cpd' structure can get lost
if multiple open()'s occur on the same ugen device.

Allow multiple opens as long as the permissions are the same. This
is really a hack to fix an issue where 'usbconfig list' opens ugen0.1
twice (i.e. has two open descriptors on the same device).

Also properly NULL-out dev->si_drv2 on (last) close.

* Replace two cv_signal/cv_wait calls with wakeup/lksleep, and place a
timeout on the lksleep loop because the two places in question have
a SMP race which the locks don't handle. Basically the callback is
made BEFORE all the conditions potentially preventing an xfer from
being flagged as completed are met, so the cv_signal() was waking up
the waiter potentially before its time (and the lock is not held through
the whole thing so it doesn't interlock the race).

* In usbd_req_get_desc() reload the req fresh on each loop.

* In usbd_req_get_desc() increase the timeout from 0.5 seconds to 1 second.

show more ...

Sync sys/bus/u4b/* with FreeBSD

usb4bsd: Synchronise with FreeBSD r254159

usb4bsd: sync with FreeBSD svn r242385

Use C99 __func__ instead of __FUNCTION__.

Use NULL for pointers in a couple of places.

kernel: Remove some NULL checks after kmalloc(..., M_WAITOK).

usb4bsd: Fixes, fixes, fixes.

* Fix a panic when trying to free null pointer in usb_free_device.

* Fix a panic due to wrong assignment of locks.

* Fix kqueue handling.

* Add debug helpers.

Submi

usb4bsd: Fixes, fixes, fixes.

* Fix a panic when trying to free null pointer in usb_free_device.

* Fix a panic due to wrong assignment of locks.

* Fix kqueue handling.

* Add debug helpers.

Submitted-by: Markus Pfeiffer <markus.pfeiffer@morphism.de>

show more ...

usb4bsd: Cleanup pass.

* Adjust indentation, whitespace and typos.

* Uniformly use #if 0 to deactivate code instead of C comments.

usb4bsd: Perform the usual porting on the controller, storage and core code.

malloc -> kmalloc, printf -> kprintf, locking, and so forth.

Submitted-by: Markus Pfeiffer <markus.pfeiffer@morphism.de>

usb4bsd: Bring in FreeBSD's libusbhid, usbhidctl and USB kernel code.

In order to make it live peacefully along with our old USB code, name
all directories with new USB code *u4b* instead of *usb*.

usb4bsd: Bring in FreeBSD's libusbhid, usbhidctl and USB kernel code.

In order to make it live peacefully along with our old USB code, name
all directories with new USB code *u4b* instead of *usb*.

This is FreeBSD SVN r231881.

Submitted-by: Markus Pfeiffer <markus.pfeiffer@morphism.de>

show more ...