mbuf(9): Add m_copyback2() for a better m_copyback() The existing m_copyback() may extends the mbuf chain if necessary, but it doesn't return a value to indicate whether the allocation fails. In addition, it doesn't allow to specify the M_WAITOK/M_NOWAIT flag for mbuf allocation. Extend m_copyback() and name it m_copyback2() that has the 'how' parameter to specify M_WAITOK/M_NOWAIT flag and return an error code to indication the success/failure. Reimplement the original m_copyback() using m_copyback2() with how=M_NOWAIT. Referred-to: OpenBSD
kernel - Add per-process capability-based restrictions * This new system allows userland to set capability restrictions which turns off numerous kernel features and root accesses. These restrictions are inherited by sub-processes recursively. Once set, restrictions cannot be removed. Basic restrictions that mimic an unadorned jail can be enabled without creating a jail, but generally speaking real security also requires creating a chrooted filesystem topology, and a jail is still needed to really segregate processes from each other. If you do so, however, you can (for example) disable mount/umount and most global root-only features. * Add new system calls and a manual page for syscap_get(2) and syscap_set(2) * Add sys/caps.h * Add the "setcaps" userland utility and manual page. * Remove priv.9 and the priv_check infrastructure, replacing it with a newly designed caps infrastructure. * The intention is to add path restriction lists and similar features to improve jailess security in the near future, and to optimize the priv_check code.
Some additions and fixes related to fdatasync(2) and posix_fallocate(2). * Fix a small issue in VOP_FDATASYNC()'s definition in <sys/vfsops.h>. * Mention fdatasync() in fsync.2 (this basically syncs that manual page with FreeBSD, with a few adjustments). * Add a manual page for posix_fallocate() (from FreeBSD, with a few adjustments). * Mention fdatasync() in the list of reentrant functions in sigaction.2. * In pthread_testcancel.3, mention fdatasync() in the list of functions for which a cancellation point will occur. * Mention VOP_FDATASYNC() in VOP_FSYNC.9 (partly taken from FreeBSD). * Remove a compatibility define in the fsstress tool. Thanks to tkusumi for reviewing.
kernel - Rewrite the callout_*() API * Rewrite the entire API from scratch and improve compatibility with FreeBSD. This is not an attempt to achieve full API compatibility, as FreeBSD's API has unnecessary complexity that coders would frequently make mistakes interpreting. * Remove the IPI mechanisms in favor of fine-grained spin-locks instead. * Add some robustness features in an attempt to track down corrupted callwheel lists due to originating subsystems freeing structures out from under an active callout. * The code supports a full-blown type-stable/adhoc-reuse structural separation between the front-end and the back-end, but this feature is currently not operational and may be removed at some future point. Instead we currently just embed the struct _callout inside the struct callout. * Replace callout_stop_sync() with callout_cancel(). * callout_drain() is now implemented as a synchronous cancel instead of an asynchronous stop, which is closer to the FreeBSD API and expected operation for ported code (usb stack in particular). We will just have to fix any deadlocks which we come across. * Retain our callout_terminate() function as the 'better' way to stop using a callout, as it will not only cancel the callout but also de-flag the structure so it can no longer be used.
kernel: Remove puffs(4), putter(9) and associated libs and utilities. All of these were originally pushed and hooked into the build in non- working condition so that they would not go stale break building. The hope was that someone would pick up the work and fix the remaining issues, which never materialized. This has led to more harm than good, with people occasionally assuming that this code is functional. Also, the existence of /usr/include/fuse.h might lead configure checks into believing that we have a working implementation.
kernel/lockmgr: Add lockmgr_try(). It just adds LK_NOWAIT to the flags and returns whether the lock was obtained. It is similar to other functions such as spin_trylock() or FreeBSD's mtx_trylock() and can be used to port the latter. Note that like these functions, it returns TRUE if successful, while lockmgr() returns 0 if successful. This difference was the source of minor confusion and porting mistakes in the past. In fact, our driver porting document also didn't point out this difference. I will fix some of these little issues in a separate commit.
kernel - devfs cleanup * staticize two functions, remove *_fff() from manual pages (now static). * Adjust documentation. * Rename internal function from devfs_clone_bitmap_resize() to devfs_clone_bitmap_extend(). Document the slight weirdness in the extent of the passed-in 'newchunks' parameter, but do not change the API. Submitted-by: Aaron LI, with added code comments by Matt