Commit Graph

15 Commits

Author SHA1 Message Date
Robert Watson
011376308f o Introduce pr_mtx into struct prison, providing protection for the
mutable contents of struct prison (hostname, securelevel, refcount,
  pr_linux, ...)
o Generally introduce mtx_lock()/mtx_unlock() calls throughout kern/
  so as to enforce these protections, in particular, in kern_mib.c
  protection sysctl access to the hostname and securelevel, as well as
  kern_prot.c access to the securelevel for access control purposes.
o Rewrite linux emulator abstractions for accessing per-jail linux
  mib entries (osname, osrelease, osversion) so that they don't return
  a pointer to the text in the struct linux_prison, rather, a copy
  to an array passed into the calls.  Likewise, update linprocfs to
  use these primitives.
o Update in_pcb.c to always use prison_getip() rather than directly
  accessing struct prison.

Reviewed by:	jhb
2001-12-03 16:12:27 +00:00
Robert Watson
ce17880650 o Replace reference to 'struct proc' with 'struct thread' in 'struct
sysctl_req', which describes in-progress sysctl requests.  This permits
  sysctl handlers to have access to the current thread, permitting work
  on implementing td->td_ucred, migration of suser() to using struct
  thread to derive the appropriate ucred, and allowing struct thread to be
  passed down to other code, such as network code where td is not currently
  available (and curproc is used).

o Note: netncp and netsmb are not updated to reflect this change, as they
  are not currently KSE-adapted.

Reviewed by:		julian
Obtained from:	TrustedBSD Project
2001-11-08 02:13:18 +00:00
Marcel Moolenaar
5002a60f9b Round of cleanups and enhancements. These include (in random order):
o  Introduce private types for use in linux syscalls for two reasons:
   1. establish type independence for ease in porting and,
   2. provide a visual queue as to which syscalls have proper
      prototypes to further cleanup the i386/alpha split.
   Linuxulator types are prefixed by 'l_'. void and char have not
   been "virtualized".

o  Provide dummy functions for all syscalls and remove dummy functions
   or implementations of truely obsolete syscalls.

o  Sanitize the shm*, sem* and msg* syscalls.

o  Make a first attempt to implement the linux_sysctl syscall. At this
   time it only returns one MIB (KERN_VERSION), but most importantly,
   it tells us when we need to add additional sysctls :-)

o  Bump the kenel version up to 2.4.2 (this is not the same as the
   KERN_VERSION MIB, BTW).

o  Implement new syscalls, of which most are specific to i386. Our
   syscall table is now up to date with Linux 2.4.2. Some highlights:
   -  Implement the 32-bit uid_t and gid_t bases syscalls.
   -  Implement a couple of 64-bit file size/offset bases syscalls.

o  Fix or improve numerous syscalls and prototypes.

o  Reduce style(9) violations while I'm here. Especially indentation
   inconsistencies within the same file are addressed. Re-indenting
   did not obfuscate actual changes to the extend that it could not
   be combined.

NOTE: I spend some time testing these changes and found that if there
      were regressions, they were not caused by these changes AFAICT.
      It was observed that installing a RH 7.1 runtime environment
      did make matters worse. Hangs and/or reboots have been observed
      with and without these changes, so when it failed to make life
      better in cases it doesn't look like it made it worse.
2001-09-08 19:07:04 +00:00
Peter Wemm
67b6051349 Bah, back out part of previous commit. I got too carried away.
linux_debug_map[] is referred to from elsewhere.
2001-06-15 08:18:24 +00:00
Peter Wemm
ec0b1e6727 Fix warning:
239: warning: no previous prototype for `linux_debug'
2001-06-15 07:48:21 +00:00
Robert Watson
91421ba234 o Move per-process jail pointer (p->pr_prison) to inside of the subject
credential structure, ucred (cr->cr_prison).
o Allow jail inheritence to be a function of credential inheritence.
o Abstract prison structure reference counting behind pr_hold() and
  pr_free(), invoked by the similarly named credential reference
  management functions, removing this code from per-ABI fork/exit code.
o Modify various jail() functions to use struct ucred arguments instead
  of struct proc arguments.
o Introduce jailed() function to determine if a credential is jailed,
  rather than directly checking pointers all over the place.
o Convert PRISON_CHECK() macro to prison_check() function.
o Move jail() function prototypes to jail.h.
o Emulate the P_JAILED flag in fill_kinfo_proc() and no longer set the
  flag in the process flags field itself.
o Eliminate that "const" qualifier from suser/p_can/etc to reflect
  mutex use.

Notes:

o Some further cleanup of the linux/jail code is still required.
o It's now possible to consider resolving some of the process vs
  credential based permission checking confusion in the socket code.
o Mutex protection of struct prison is still not present, and is
  required to protect the reference count plus some fields in the
  structure.

Reviewed by:	freebsd-arch
Obtained from:	TrustedBSD Project
2001-02-21 06:39:57 +00:00
Jonathan Lemon
2459336973 Allow debugging output to be controlled on a per-syscall granularity.
Also clean up debugging output in a slightly more uniform fashion.

The default behavior remains the same (all debugging output is turned on)
2001-02-16 16:40:43 +00:00
Marcel Moolenaar
7ec9743293 Remove call to bzero after MALLOC and instead add M_ZERO
to MALLOC.
2000-12-05 06:44:22 +00:00
Marcel Moolenaar
bc34729c47 Fix typo in license. 2000-08-25 07:32:24 +00:00
Marcel Moolenaar
607d46ef28 Update include directives. 2000-08-22 01:32:14 +00:00
Poul-Henning Kamp
77978ab8bc Previous commit changing SYSCTL_HANDLER_ARGS violated KNF.
Pointed out by:	bde
2000-07-04 11:25:35 +00:00
Poul-Henning Kamp
82d9ae4e32 Style police catches up with rev 1.26 of src/sys/sys/sysctl.h:
Sanitize SYSCTL_HANDLER_ARGS so that simplistic tools can grog our
sources:

        -sysctl_vm_zone SYSCTL_HANDLER_ARGS
        +sysctl_vm_zone (SYSCTL_HANDLER_ARGS)
2000-07-03 09:35:31 +00:00
Marcel Moolenaar
759eb4613e Return Linux kernel version 2.2.12 by default. This is in line
with linux_base-6.1.
2000-01-10 13:09:08 +00:00
Peter Wemm
280652828b $Id$ -> $FreeBSD$ 1999-08-28 02:16:32 +00:00
Marcel Moolenaar
c6dfea0ebd Add sysctl variables for the Linuxulator. These reside under `compat.linux' as
discussed on current.

The following variables are defined (for now):

    osname (defaults to "Linux")
        Allow users to change the name of the OS as returned by uname(2),
        specially added for all those Linux Netscape users and statistics
        maniacs :-) We now have what we all wanted!

    osrelease (defaults to "2.2.5")
        Allow users to change the version of the OS as returned by uname(2).
        Since -current supports glibc2.1 now, change the default to 2.2.5
        (was 2.0.36).

    oss_version (defaults to 198144 [0x030600])
        This one will be used by the OSS_GETVERSION ioctl (PR 12917) which I
        can commit now that we have the MIB. The default version number is the
        lowest version possible with the current 'encoding'.

A note about imprisoned processes (see jail(2)):
  These variables are copy-on-write (as suggested by phk). This means that
  imprisoned processes will use the system wide value unless it is written/set
  by the process. From that moment on, a copy local to the prison will be
  used.

A note about the implementation:
  I choose to add a single pointer to struct prison, because I didn't like the
  idea of changing struct prison every time I come up with a new variable. As
  a side effect, the extra storage is only needed when a variable is set from
  within the prison. This also minimizes kernel bloat when the Linuxulator is
  not used; both compiled in or as a module.

Reviewed by: bde (first version only) and phk
1999-08-27 19:47:41 +00:00