Commit Graph

382 Commits

Author SHA1 Message Date
Archie Cobbs
2127f26023 Examine all occurrences of sprintf(), strcat(), and str[n]cpy()
for possible buffer overflow problems. Replaced most sprintf()'s
with snprintf(); for others cases, added terminating NUL bytes where
appropriate, replaced constants like "16" with sizeof(), etc.

These changes include several bug fixes, but most changes are for
maintainability's sake. Any instance where it wasn't "immediately
obvious" that a buffer overflow could not occur was made safer.

Reviewed by:	Bruce Evans <bde@zeta.org.au>
Reviewed by:	Matthew Dillon <dillon@apollo.backplane.com>
Reviewed by:	Mike Spengler <mks@networkcs.com>
1998-12-04 22:54:57 +00:00
Eivind Eklund
9fcdafaefc Staticize. 1998-11-26 18:50:24 +00:00
Bruce Evans
1e1c37f1cd Return ENOTTY instead of EBADF for ioctls on dead vnodes. This fixes
tcsetpgrp() on controlling terminals that are no longer associated
with the session of the calling process, not to mention ioctl.2.
1998-11-22 09:19:07 +00:00
Bruce Evans
c25ded316f Finished updating module event handlers to be compatible with
modeventhand_t.
1998-11-15 15:33:52 +00:00
Peter Wemm
5187e87901 "fix" a warning that has been bugging me for ages. Eliminate a couple
of temporary variables since they are only used once and their types
were the cause of the warnings.
1998-11-09 09:21:25 +00:00
Peter Wemm
497e02e364 Delete stray extern declaration for non-existing variables. 1998-11-09 07:03:04 +00:00
Peter Wemm
8c14bf40a1 Change the #ifdef UNION code into a callable hook. Arrange to have this
set up when unionfs is present, either statically or as a kld module.
1998-11-03 08:01:48 +00:00
Peter Wemm
40c8cfe552 Use TAILQ macros for clean/dirty block list processing. Set b_xflags
rather than abusing the list next pointer with a magic number.
1998-10-31 15:31:29 +00:00
David Greenman
730075613a Added a second argument, "activate" to the vm_page_unwire() call so that
the caller can select either inactive or active queue to put the page on.
1998-10-28 13:37:02 +00:00
Bruce Evans
569555b969 Removed redundant bitrotted checks for major numbers instead of updating
them.
1998-10-26 08:53:13 +00:00
Søren Schmidt
4d075b334c Make devfs update the atime timestamp so that 'w' works when using
options DEVFS.
1998-09-30 20:33:46 +00:00
Poul-Henning Kamp
649c00db71 various nits that didn't make it through the brucefilter. 1998-09-12 20:21:54 +00:00
Bruce Evans
9754189a91 Oops, don't assume that the environment is normal in devfs_mount().
It isn't for the hidden mountpoint.  The static vfs's haven't been
attached then, so mp->mnt_vfc can't be valid.
1998-09-08 16:59:37 +00:00
Bruce Evans
8994ca3ce9 Removed statically configured mount type numbers (MOUNT_*) and all
references to them.

The change a couple of days ago to ignore these numbers in statically
configured vfsconf structs was slightly premature because the cd9660,
cfs, devfs, ext2fs, nfs vfs's still used MOUNT_* instead of the number
in their vfsconf struct.
1998-09-07 13:17:06 +00:00
Poul-Henning Kamp
0375c9f2b8 Add a new vnode op, VOP_FREEBLKS(), which filesystems can use to inform
device drivers about sectors no longer in use.

Device-drivers receive the call through d_strategy, if they have
D_CANFREE in d_flags.

This allows flash based devices to erase the sectors and avoid
pointlessly carrying them around in compactions.

Reviewed by:	Kirk Mckusick, bde
Sponsored by:	M-Systems (www.m-sys.com)
1998-09-05 14:13:12 +00:00
Doug Rabson
e69763a315 Cosmetic changes to the PAGE_XXX macros to make them consistent with
the other objects in vm.
1998-09-04 08:06:57 +00:00
Poul-Henning Kamp
a9ea5c0c51 sort the prototypes 1998-08-25 17:48:54 +00:00
Poul-Henning Kamp
07fe032454 Last commit managed to get mangled somehow. 1998-08-24 18:23:18 +00:00
Poul-Henning Kamp
1d9b3ba13d Remove the last remaining evidence of B_TAPE.
Reclaim 3 unused bits in b_flags
1998-08-24 17:47:25 +00:00
Bruce Evans
4e9a89772a Enabled Lite2 fix for reading from dead ttys. 1998-08-23 11:43:29 +00:00
Bruce Evans
86a14a7a0a Use [u]intptr_t instead of [u_]long for casts between pointers and
integers.  Don't forget to cast to (void *) as well.
1998-08-16 01:21:52 +00:00
Bruce Evans
89785a1654 Fixed printf format errors. 1998-07-30 17:40:45 +00:00
Alexander Langer
f35f7d0dfd Style fixes and a bug fix: don't remove the exit handler if unmount
fails.

Submitted by:	bde
1998-07-27 22:47:17 +00:00
Alexander Langer
3f47ee5c4d A better solution to the rm_at_exit problem: Register the exit function
during first mount.  Unregister the exit function at last unmount.

Concept by:	sef
Reviewed by:	sef
Implemented by:	alex
1998-07-27 01:07:01 +00:00
Alexander Langer
ca2be56ff9 Override the default VFS LKM dispatch functions so that a module
unload function can be provided (this is necessary to unregister
the at_exit handler).
1998-07-25 15:52:44 +00:00
Bruce Evans
15c7382561 Cast pointers to [u]intptr_t instead of to [unsigned] long. 1998-07-15 04:17:55 +00:00
Bruce Evans
a23d65bfc8 Cast pointers to uintptr_t/intptr_t instead of to u_long/long,
respectively.  Most of the longs should probably have been
u_longs, but this changes is just to prevent warnings about
casts between pointers and integers of different sizes, not
to fix poorly chosen types.
1998-07-15 02:32:35 +00:00
Bruce Evans
ac1e407b32 Fixed printf format errors. 1998-07-11 07:46:16 +00:00
Bruce Evans
96eb19e1a3 Quick fix for type mismatches which were fatal if longs aren't 32
bits.  We used a private, wrong, version of `struct dirent' to help
break getdirentries(), and we use a silly check that the size of this
struct is a power of 2 to help break mount() if getdirentries() would
not work.  This fix just changes the struct to match `struct dirent'
(except for the name length).
1998-07-07 04:08:44 +00:00
Julian Elischer
6312920c20 DEVFS completely bypasses the cdevsw and bdevsw tables now.
Each devfs node has (and has had fro a while) a pointer directly to
the correct cdefsw entry so just use it instead of doing the lookup.

There are several other places in the kernel that still use the tables
however, so they can't go away yet..
1998-07-05 23:10:22 +00:00
Julian Elischer
f7ea2f55d1 There is no such thing any more as "struct bdevsw".
There is only cdevsw (which should be renamed in a later edit to deventry
or something). cdevsw contains the union of what were in both bdevsw an
cdevsw entries.  The bdevsw[] table stiff exists and is a second pointer
to the cdevsw entry of the device. it's major is in d_bmaj rather than
d_maj. some cleanup still to happen (e.g. dsopen now gets two pointers
to the same cdevsw struct instead of one to a bdevsw and one to a cdevsw).

rawread()/rawwrite() went away as part of this though it's not strictly
the same  patch, just that it involves all the same lines in the drivers.

cdroms no longer have write() entries (they did have rawwrite (?)).
tapes no longer have support for bdev operations.

Reviewed by: Eivind Eklund and Mike Smith
	Changes suggested by eivind.
1998-07-04 22:30:26 +00:00
Julian Elischer
fd5d1124e2 VOP_STRATEGY grows an (struct vnode *) argument
as the value in b_vp is often not really what you want.
(and needs to be frobbed). more cleanups will follow this.
Reviewed by: Bruce Evans <bde@freebsd.org>
1998-07-04 20:45:42 +00:00
Dmitrij Tejblum
6bfc1a02b1 Remove "not hungly" panics. Cookies now used by the linux and ibcs2
emulators. The emulators assume that filesystem may just ignore cookies, and
handle this case correctly. So we just ignore cookies.

Also sync *_readdir "prototypes" with reality.
1998-06-25 16:54:41 +00:00
Bruce Evans
e5b19842ef Removed unused includes. 1998-06-21 14:53:44 +00:00
Bruce Evans
a395dbb153 Avoid a 64-bit division in procfs_readdir(). Fixed related overflows.
Check args using the same expression as in fdesc and kernfs.  The check
was actually already correct, modulo overflow.  It could be tightened
up to either allow huge (aligned) offsets, treating them as EOF, or
disallow all offsets beyond EOF.

Didn't fix invalid address calculation &foo[i] where i may be out of
bounds.

Didn't fix shooting of foot using a private unportable dirent struct.
1998-06-14 12:53:39 +00:00
Bruce Evans
ecf723aa39 Avoid a 64-bit division in kernfs_readdir(). Fixed related overflows
and arg checking.
1998-06-14 12:34:42 +00:00
Bruce Evans
a41878a77a Avoid a 64-bit division in fdesc_readdir(). Fixed related overflows
and missing arg checking.

Panic instead of returning bogus error codes or forgetting to check
all cases if fdesc_readdir() gets called for a non-directory.  This
can't happen.
1998-06-14 08:46:41 +00:00
Doug Rabson
9d8b200937 Make these files compile. 1998-06-10 21:21:31 +00:00
Alexander Langer
6ead682113 ENOPNOTSUPP --> EOPNOTSUPP
PR:		6906
Submitted by:	Steven G. Kargl <kargl@troutmask.apl.washington.edu>
1998-06-10 19:56:06 +00:00
Peter Wemm
7a204420d3 Don't silently accept attempts to change flags where they are not
supported.
1998-06-10 06:34:57 +00:00
Doug Rabson
ecbb00a262 This commit fixes various 64bit portability problems required for
FreeBSD/alpha.  The most significant item is to change the command
argument to ioctl functions from int to u_long.  This change brings us
inline with various other BSD versions.  Driver writers may like to
use (__FreeBSD_version == 300003) to detect this change.

The prototype FreeBSD/alpha machdep will follow in a couple of days
time.
1998-06-07 17:13:14 +00:00
John Dyson
cf2819ccb8 Make flushing dirty pages work correctly on filesystems that
unexpectedly do not complete writes even with sync I/O requests.
This should help the behavior of mmaped files when using
softupdates (and perhaps in other circumstances also.)
1998-05-21 07:47:58 +00:00
Tor Egge
afc6ea238f Disallow reading the current kernel stack. Only the user structure and
the current registers should be accessible.
Reviewed by:	David Greenman <dg@root.com>
1998-05-19 00:00:14 +00:00
Søren Schmidt
0e1e9fdca6 Cleanup after Garret, include unpch.h to get at various macros.. 1998-05-17 09:37:39 +00:00
Mike Smith
7be2d30077 In the words of the submitter:
---------
Make callers of namei() responsible for releasing references or locks
instead of having the underlying filesystems do it.  This eliminates
redundancy in all terminal filesystems and makes it possible for stacked
transport layers such as umapfs or nullfs to operate correctly.

Quality testing was done with testvn, and lat_fs from the lmbench suite.

Some NFS client testing courtesy of Patrik Kudo.

vop_mknod and vop_symlink still release the returned vpp.  vop_rename
still releases 4 vnode arguments before it returns.  These remaining cases
will be corrected in the next set of patches.
---------

Submitted by:	Michael Hancock <michaelh@cet.co.jp>
1998-05-07 04:58:58 +00:00
Mike Smith
79cc756d8b As described by the submitter:
Reverse the VFS_VRELE patch.  Reference counting of vnodes does not need
to be done per-fs.  I noticed this while fixing vfs layering violations.
Doing reference counting in generic code is also the preference cited by
John Heidemann in recent discussions with him.

The implementation of alternative vnode management per-fs is still a valid
requirement for some filesystems but will be revisited sometime later,
most likely using a different framework.

Submitted by:	Michael Hancock <michaelh@cet.co.jp>
1998-05-06 05:29:41 +00:00
John Dyson
c0877f103f Tighten up management of memory and swap space during map allocation,
deallocation cycles.  This should provide a measurable improvement
on swap and memory allocation on loaded systems.  It is unlikely a
complete solution.  Also, provide more map info with procfs.
Chuck Cranor spurred on this improvement.
1998-04-29 04:28:22 +00:00
Julian Elischer
c0bab11dfe Make the devfs SLICE option a standard type option.
(hopefully it will go away eventually anyhow)
1998-04-20 03:57:41 +00:00
Julian Elischer
3e425b968d Add changes and code to implement a functional DEVFS.
This code will be turned on with the TWO options
DEVFS and SLICE. (see LINT)
Two labels PRE_DEVFS_SLICE and POST_DEVFS_SLICE will deliniate these changes.

/dev will be automatically mounted by init (thanks phk)
on bootup. See /sys/dev/slice/slice.4 for more info.
All code should act the same without these options enabled.

Mike Smith, Poul Henning Kamp, Soeren, and a few dozen others

This code does not support the following:
bad144 handling.
Persistance. (My head is still hurting from the last time we discussed this)
ATAPI flopies are not handled by the SLICE code yet.

When this code is running, all major numbers are arbitrary and COULD
be dynamically assigned. (this is not done, for POLA only)
Minor numbers for disk slices ARE arbitray and dynamically assigned.
1998-04-19 23:32:49 +00:00
Dag-Erling Smørgrav
dc73342347 Seventy-odd "its" / "it's" typos in comments fixed as per kern/6108. 1998-04-17 22:37:19 +00:00