Commit Graph

233 Commits

Author SHA1 Message Date
Bruce Evans
ed1ab0dea2 Always mark st_ctime for update upon successful completion of
chown().  Previously, it wasn't marked for null chown()'s.  We
permit null chown()s as a special case of "appropriate privilege"
- everyone has enough priviilege to not change ids (this is a better
argument than the one I gave for rev.1.13, that null changes aren't
really changes).  However, POSIX.1 requires the update independently
of whether anything has changed.

Clear both the setuid and the setgid bits upon successful completion
of non-null chown()s by non-root.  Previously, the setuid bit was
only changed for non-null changes of the uid, etc.  POSIX.1 requires
clearing both unless the call was made by a process with "appropriate
privilege", in which case altering the bits is implementation-defined.
We define appropriate privilege as `process is root, or the change
is null', and the implementation-defined behaviour as not altering
the bits.   There is no interpretation that permits clearing only
one of the bits.

Reviewed by:	jdp
1997-07-13 16:26:40 +00:00
Bruce Evans
7e88aafca7 Use the correct size for a sector in the search for a label in
readdisklabel().  Sectors may be larger than DEV_BSIZE.
1997-07-13 15:53:20 +00:00
Bruce Evans
0dd8d85b1c Removed semicolon from the end of a #define. 1997-07-13 15:43:54 +00:00
Bruce Evans
3f9d0d120a Fixed comment about i_spare. 1997-07-13 15:40:31 +00:00
John Dyson
6b195d32a1 Fix a problem with the VN device. Specifically, the VN device can
cause a problem of spiraling death due to buffer resource limitations.
The vfs_bio code in general had little ability to handle buffer resource
management, and now it does.  Also, there are a lot more knobs for tuning the
vfs_bio code now.  The knobs came free because of the need that there
always be some immediately available buffers (non-delayed or locked) for
use.  Note that the buffer cache code is much less likely to get bogged
down with lots of delayed writes, even more so than before.
1997-06-15 17:56:53 +00:00
Julian Elischer
50dab48a5b Submitted by: Whistle Communications (archie Cobbs)
These changes add the ability to specify that a UFS file/directory
cannot be unlinked. This is basically a scaled back version
of the IMMUTABLE flag. The reason is to allow an administrator
to create a directory hierarchy that a group of users
can arbitrarily add/delete files from, but that the hierarchy
itself is safe from removal by them.
If the NOUNLINK definition is set to 0
then this results in no change to what happens normally.
(and results in identical binary (in the kernel)).
It can be proven that if this bit is never set by the admin,
no new behaviour is introduced..
Several "good idea" comments from reviewers plus one grumble
about creeping featurism.

This code is in production in 2.2 based systems
1997-06-02 06:24:52 +00:00
Peter Wemm
8413abe4c7 Fix warnings (from LINT). Missing static prototype, missing vm includes
for vnode_pager_setsize().
1997-05-25 04:57:11 +00:00
Poul-Henning Kamp
f10c6b8f35 Shrink struct inode by 20 bytes, so that malloc wastes less space.
Pointed out by:	bde
1997-05-22 07:30:55 +00:00
Poul-Henning Kamp
8a40593f4d Remove redundant check for vp == dvp (done in VFS before calling). 1997-05-17 18:32:53 +00:00
Jordan K. Hubbard
0f10d94d32 Mount MFS read/write as in days of yore. 1997-04-28 09:15:18 +00:00
Bruce Evans
401116d519 Use smalllblktosize() instead of multiplying small block numbers
by fs->fs_bsize.  The macro is usually faster and makes it clearer
that the multiplication can't overflow.
1997-04-10 13:17:09 +00:00
Bruce Evans
95e7aeb4e1 Removed nested include of <ufs/ufs/dir.h>. Use the pre-Lite2 hack of
defining doff_t both here and in <ufs/ufs/dir.h> so that this file
is independent of <ufs/ufs/dir.h>.  It still has old prerequisites
<sys/param.h> and <ufs/ufs/quota.h>, and a new Lite2 prerequisite of
<sys/lock.h>, sigh.

This might fix lsof, which was broken by namespace pollution giving
conflicting definitions of DIRBLKSIZ.
1997-04-01 08:02:00 +00:00
Peter Wemm
6c14d95d0d Treat symlinks as first class citizens with their own uid/gid rather than
as shadows of their containing directory.  This should solve the problem
of users not being able to delete their symlinks from /tmp once and for
all.

Symlinks do not have modes though, they are accessable to everything that
can read the directory (as before).  They are made to show this fact at
lstat time (they appear as mode 0777 always, since that's how the the
lookup routines in the kernel treat them).

More commits will follow, eg: add a real lchown() syscall and man pages.
1997-03-31 12:02:53 +00:00
Bruce Evans
fce002fdef Don't include <sys/ioctl.h> in the kernel. Stage 1: don't include
it when it is not used.  In most cases, the reasons for including it
went away when the special ioctl headers became self-sufficient.
1997-03-24 11:25:10 +00:00
Bruce Evans
90b42d7e40 Fixed corrupted newline and corrupted tab in previous commit. 1997-03-24 03:19:37 +00:00
Guido van Rooij
8f89943eda Add generation number randomization. Newly created filesystems wil now
automatically have random generation numbers. The kenel way of handling those
also changed. Further it is advised to run fsirand on all your nfs exported
filesystems. the code is mostly copied from OpenBSD, with the randomization
chanegd to use /dev/urandom
Reviewed by:	Garrett
Obtained from: OpenBSD
1997-03-23 20:08:22 +00:00
Bruce Evans
3ac4d1ef0c Don't #include <sys/fcntl.h> in <sys/file.h> if KERNEL is defined.
Fixed everything that depended on getting fcntl.h stuff from the wrong
place.  Most things don't depend on file.h stuff at all.
1997-03-23 03:37:54 +00:00
Bruce Evans
84232bd337 Merged the rest of lfs from Lite2. It compiles (uncleanly) but is as
unlikely to work as before.
1997-03-23 00:45:27 +00:00
Bruce Evans
20cb3c714b Merged enough of lfs from Lite2 for mkdep of LINT to work again. 1997-03-22 09:33:55 +00:00
Bruce Evans
774fce94c0 Removed volatile' from declaration of time', and removed the resulting
null casts.  `time' is nonvolatile for accesses within a region locked
by splclock()/splx().  Accesses outside such a region are invalid, and
splx() must have the side effect of potentially changing all global
variables (since there are hundreds of sort of volatile variables like
`time'), so declaring `time' as volatile didn't have any real benefits.
1997-03-22 08:03:51 +00:00
Bruce Evans
3c81694426 Fixed some invalid (non-atomic) accesses to `time', mostly ones of the
form `tv = time'.  Use a new function gettime().  The current version
just forces atomicicity without fixing precision or efficiency bugs.
Simplified some related valid accesses by using the central function.
1997-03-22 06:53:45 +00:00
Bruce Evans
c16cb2c78b Backed out rev.1.27, which broke unmounting of mfs and caused panics
on shutdown.

Should not have been in 2.2 (the buggy last minute change, that is).
1997-03-22 03:59:46 +00:00
Peter Wemm
c5d5416c2d MAXDIRSIZE is (or would be) used in fsck. It's a sanity check. 1997-03-18 19:52:17 +00:00
Peter Wemm
cc9d89901f Restore the lost MNT_LOCAL flag twiddle. Lite2 has a different mechanism
of setting it (compiled into vfs_conf.c), but we have a dynamic system
in place.  This could probably be better done via a runtime configure
flag in the VFS_SET() VFS declaration, perhaps VFCF_LOCAL, and have the
VFS code propagate this down into MNT_LOCAL at mount time.  The other FS's
would need to be updated, havinf UFS and MSDOSFS filesystems without
MNT_LOCAL breaks a few things..  the man page rebuild scans for local
filesystems and currently fails, I suspect that other tools like find
and tar with their "local filesystem only" modes might be affected.
1997-03-18 19:50:12 +00:00
Søren Schmidt
6ae8358759 Fix support for != 512 byte sector devices.
Restores the use of SBLOCK instead of the BSOFF/sectorsize calculation.
Using SBLOCK is bogus however in that it uses DEV_BSIZE instead of
the actual sector size, but that is taken care of in other places.
Changing the SBLOCK would be better, but it affects the system
in other places, and doing it this way makes it possible to
use filesystems that was made before the lite2 merge.
1997-03-15 18:58:10 +00:00
Mike Pritchard
d0ad3d988a Update a number of routines to reflect the actual name
of the routine that caused the panic.
1997-03-09 06:10:36 +00:00
Mike Pritchard
5ace3b260a Update a number of panic messages to reflect the actual name
of the routine that caused the panic.
1997-03-09 06:00:44 +00:00
Mike Smith
789962659e Supply the mount point given to mfs_mount when getting a vnode for the
mount.  This may have been a contributor to the 'null v_mount in
fsync()' problem

This is another, perhaps slightly less urgent, 2.2 last-minute candidate.

Reviewed by:	sef
1997-03-05 01:57:54 +00:00
Bruce Evans
e4c4150e70 Fixed connection of vfs.ffs node to the sysctl tree. 1997-03-04 18:35:15 +00:00
Bruce Evans
9bdc993298 Removed unused flag IN_RECURSE and unused struct member i_lockcount. 1997-03-03 16:25:46 +00:00
Bruce Evans
0d4c2cc0c7 Removed useless setting of IN_RECURSE. The (anti) locking for this needs
to be done in a different way, if at all.
1997-03-03 16:23:15 +00:00
Peter Wemm
6875d25465 Back out part 1 of the MCFH that changed $Id$ to $FreeBSD$. We are not
ready for it yet.
1997-02-22 09:48:43 +00:00
Bruce Evans
d314500e7e This now uses queue macros. Include <sys/queue.h> if !KERNEL to preserve
the documented interface.
1997-02-18 15:03:17 +00:00
Bruce Evans
c626216f51 Removed FIFO ifdef again (see rev.1.5). 1997-02-13 00:42:10 +00:00
Mike Pritchard
724ab19569 Add function prototypes for most of the new Lite2 functions.
Also made a few of the miscfs routines static to be
consistent.  Some modules simply required some additional
#includes to remove -Wall warnings.
1997-02-12 06:52:51 +00:00
Mike Pritchard
812ac98e83 Correct the new Lite2 #ifdef DIAGNOSTIC ffs_checkblk routine
to not return without setting a return value when it
can't read a block error or detects a bad cylinder group,
since the caller is expecting a return value.
It will now panic at this point, since the thing
to do in this case would be to return a "bad block"
status to the caller, and the caller will panic
anyways when that happens.

Also updated to panic strings in this routine to read
"ffs_checkblk: ..." instead of "checkblk: ...".
1997-02-10 17:05:30 +00:00
Mike Pritchard
04a0d5e517 Make this compile after the Lite2 merge.
A non-existent variable was being used.
1997-02-10 16:29:32 +00:00
Mike Pritchard
d2b52eb257 Make ffs_subr.c compile when DIAGNOSTIC is defined.
It looks like this was broken before the Lite2 merge :-(.
VOP_BMAP was being called with the wrong number of arguments.
1997-02-10 16:27:53 +00:00
John Dyson
996c772f58 This is the kernel Lite/2 commit. There are some requisite userland
changes, so don't expect to be able to run the kernel as-is (very well)
without the appropriate Lite/2 userland changes.

The system boots and can mount UFS filesystems.

Untested: ext2fs, msdosfs, NFS
Known problems: Incorrect Berkeley ID strings in some files.
		Mount_std mounts will not work until the getfsent
		library routine is changed.

Reviewed by:	various people
Submitted by:	Jeffery Hsu <hsu@freebsd.org>
1997-02-10 02:22:35 +00:00
Jordan K. Hubbard
1130b656e5 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
John Dyson
8b612c4b4a This commit is the embodiment of some VFS read clustering improvements.
Firstly, now our read-ahead clustering is on a file descriptor basis and not
on a per-vnode basis.  This will allow multiple processes reading the
same file to take advantage of read-ahead clustering.  Secondly, there
previously was a problem with large reads still using the ramp-up
algorithm.  Of course, that was bogus, and now we read the entire
"chunk" off of the disk in one operation.   The read-ahead clustering
algorithm should use less CPU than the previous also (I hope :-)).

NOTE:  THAT LKMS MUST BE REBUILT!!!
1996-12-29 02:45:28 +00:00
John Dyson
b68a757139 Significant performance improvement for mmap'ed files. This commit
makes MADV_SEQUENTIAL much more effective.  I suggest that
we start using MADV_SEQUENTIAL on system utilities that mmap
their input files, and the I/O is predominantely sequential.
Below is a test with 'cmp' on two relatively large binary files,
where the files are so large that the caching is ineffective:

+ ls -l t1.xxx t2.xxx
-rw-r--r--  1 root  wheel  65598384 Dec 10 12:13 t1.xxx
-rw-r--r--  1 root  wheel  65598384 Dec 10 12:14 t2.xxx

+ time cmp t1.xxx t2.xxx
3.78user 0.70system 1:33.43elapsed 4%CPU

+ time cmpmadv t1.xxx t2.xxx
4.21user 1.05system 0:30.93elapsed 17%CPU

This change is as a result of an observation made by BDE.
1996-12-11 05:17:23 +00:00
Bruce Evans
4eb73cdaff Removed all references to b_cylinder (aka b_cylin). It was evil and
hasn't been used for a year or two since disksort() started sorting
on b_pblkno.
1996-12-01 16:34:41 +00:00
Søren Schmidt
7cb29d3394 This update adds the support for != 512 byte sector SCSI devices to
the sd & od drivers. There is also slight changes to fdisk & newfs
in order to comply with different sectorsizes.
Currently sectors of size 512, 1024 & 2048 are supported, the only
restriction beeing in fdisk, which hunts for the sectorsize of
the device.
This is based on patches to od.c and the other system files by
John Gumb & Barry Scott, minor changes and the sd.c patches by
me.
There also exist some patches for the msdos filesys code, but I
havn't been able to test those (yet).

	John Gumb (john@talisker.demon.co.uk)
	Barry Scott (barry@scottb.demon.co.uk)
1996-12-01 11:25:38 +00:00
Julian Elischer
3f6f17ee1e Submitted by: Archie and me.
We encountered an interesting situation where the superblock for
a file system got written to disk with the "fs_fmod" flag set to
one. It appears that this flag is normally supposed to be cleared
during ffs_sync(), but we experienced a crash, or some other weird
occurrence that left it on the disk set to 1.

Later this partition was mounted read-only... and the fs_fmod
field was never cleared, causing ffs_sync() to panic "rofs mod"
when trying to unmount that filesystem (ffs_vfsops.c: line 790).

fix:
set this bit to 0 when you load the superblock from disk.
(see more complete mail on this to hackers)
1996-11-13 01:45:56 +00:00
David Greenman
e75838f701 Eliminate an unnecessary synchronous write (and an 8K bcopy+bzero) when
truncating/deleting large files.

Reviewed by:	mckusick, dyson
Submitted by:	Kirk McKusick <mckusick@mckusick.com>, modified for
		FreeBSD by me.
1996-11-05 08:19:40 +00:00
Jeffrey Hsu
78769fbc6a struct mfsnode bloated in size by 12 bytes, so reduce spare padding by 3 longs.
We now only have 4 spare bytes before hitting the dreaded 32 byte threshold.
1996-11-04 20:53:02 +00:00
Bruce Evans
206e5b7e27 Fixed some races and misleading comments in ufs_rename().
1. When a directory is renamed to an existing (empty) directory,
it is possible for the target vnode to become the source vnode
underneath you (because another process may complete the same
rename).  It was assumed that this can't happen, and the bogus
errno EINVAL was returned.  This was fairly harmless.

Fix: return ENOENT instead, as if the source directory was renamed
a little earlier.

2. The same metamorphosis is possible for non-directories.  It was
assumed that this can't happen, and the code for handling "just
removing a link name" happened to be used.  This would have worked
except for fatal bugs in the link name removal - the link name was
assumed to still be there, and a null pointer was followed.

Fix: check the result of relookup().  This fixes PR 1930.

Notes:

(a) POSIX seems to say that removing link names shall have no effect.
BSD (4.4Lite2 at least) does something reasonable instead.

(b) The relookup() may find a file unrelated to the original.
Removing this isn't correct.  Consider 3 existing files A, B and
C, and concurrent renames: AB = rename(A, B), another AB, and
CA = rename("c", "a").  If rename() is atomic, then only the
following results are possible:

	AB, AB (fails), CA: A = original C, B = original A, C = gone
	AB, CA, AB:         A = gone,       B = original C, C = gone
	CA, AB, AB (fails): A = gone,       B = original C, C = gone

but ufs_rename() can give:

	A,AB,CA,B (sorta):  A = gone,       B = original A, C = gone

This usually doesn't matter, since getting into a race is usually
an error.
---

These fixes should be in 2.1.6 and 2.2.
1996-11-04 16:05:51 +00:00
Bruce Evans
ccb174975a Fixed lblktosize(). It overflowed at 2G. This bug only affected
ufs_read() and ufs_write().

Found by: looking at warnings for comparing the result of lblktosize()
(which is usually daddr_t = long) with file sizes (which are u_quad_t
for ufs).  File sizes should probably be off_t's to avoid warnings
when the are compared with file offsets, so the fixed lblktosize()
casts to off_t instead of u_quad_t.

Added definition of smalllblksize().  It is the same as the old
lblksize() and is more efficient for small block numbers on 32-bit
machines.

Use smalllblktosize() instead of its expansion in blksize() and
dblksize().  This keeps the line length short and makes it more
obvious that the shift can't overflow.
1996-10-12 22:12:51 +00:00
Bruce Evans
253c0899b2 Don't include <sys/conf.h> for the kernel in disk-related headers.
It is needed for implementation details but very little of it is
needed for the interface.  Include it in the few places that didn't
already include it.

Include <sys/ioccom.h> in <sys/disklabel.h> (as already in
<sys/diskslice.h>) so that all the disk-related headers are almost
self-sufficient.
1996-09-20 17:39:44 +00:00