Commit Graph

528 Commits

Author SHA1 Message Date
archie
71ccd37e95 Let kse_wakeup() take a KSE mailbox pointer argument.
Reviewed by:	julian
2002-10-02 16:48:16 +00:00
jmallett
5e2521cc22 Back our kernel support for reliable signal queues.
Requested by:	rwatson, phk, and many others
2002-10-01 17:15:53 +00:00
jmallett
42bfe0bd45 First half of implementation of ksiginfo, signal queues, and such. This
gets signals operating based on a TailQ, and is good enough to run X11,
GNOME, and do job control.  There are some intricate parts which could be
more refined to match the sigset_t versions, but those require further
evaluation of directions in which our signal system can expand and contract
to fit our needs.

After this has been in the tree for a while, I will make in kernel API
changes, most notably to trapsignal(9) and sendsig(9), to use ksiginfo
more robustly, such that we can actually pass information with our
(queued) signals to the userland.  That will also result in using a
struct ksiginfo pointer, rather than a signal number, in a lot of
kern_sig.c, to refer to an individual pending signal queue member, but
right now there is no defined behaviour for such.

CODAFS is unfinished in this regard because the logic is unclear in
some places.

Sponsored by:	New Gold Technology
Reviewed by:	bde, tjr, jake [an older version, logic similar]
2002-09-30 20:20:22 +00:00
archie
cc5aeddbc3 Make the following name changes to KSE related functions, etc., to better
represent their purpose and minimize namespace conflicts:

	kse_fn_t		-> kse_func_t
	struct thread_mailbox	-> struct kse_thr_mailbox
	thread_interrupt()	-> kse_thr_interrupt()
	kse_yield()		-> kse_release()
	kse_new()		-> kse_create()

Add missing declaration of kse_thr_interrupt() to <sys/kse.h>.
Regenerate the various generated syscall files. Minor style fixes.

Reviewed by:	julian
2002-09-25 18:10:42 +00:00
jeff
1c72c345a2 - Hold the vn lock over vm_mmap(). 2002-09-25 02:42:04 +00:00
mini
5ca43e8167 Back out last commit. Linux uses the old 4.3BSD sockaddr format. 2002-09-24 07:03:01 +00:00
jhb
78b1ef4a43 Ok, make this compile for real this time. recvfrom_args doesn't have a
fromlen member, instead it has a fromlenaddr pointer member.  Set it to
NULL.
2002-09-23 21:05:41 +00:00
jhb
c8c9794780 Use correct variable name so that previous commit actually compiles. 2002-09-23 20:58:59 +00:00
mini
e70bcb646c Don't use compatability syscall wrappers in emulation code.
This is needed for the COMPAT_FREEBSD3 option split.

Reviewed by:	alfred, jake
2002-09-23 06:17:54 +00:00
jake
3b4eef4d8d Use the fields in the sysentvec and in the vm map header in place of the
constants VM_MIN_ADDRESS, VM_MAXUSER_ADDRESS, USRSTACK and PS_STRINGS.
This is mainly so that they can be variable even for the native abi, based
on different machine types.  Get stack protections from the sysentvec too.
This makes it trivial to map the stack non-executable for certain abis, on
machines that support it.
2002-09-21 22:07:17 +00:00
mdodd
2539e3d8a0 Remove NVIDIA ioctl bits. They will be provided in a kernel module. 2002-09-20 19:19:58 +00:00
phk
48b03f7c07 Put an XXX comment here to point somebody in the right direction. 2002-09-20 17:55:47 +00:00
imp
6de5d1911e Current uses struct thread *td rather than struct proc *p. 2002-09-20 04:30:00 +00:00
mdodd
7622a47a60 Pass flags to msync() accounting for differences in the definition of
MS_SYNC on FreeBSD and Linux.

Submitted by:	 Christian Zander <zander@minion.de>
2002-09-19 19:02:54 +00:00
mdodd
2b21905959 This patch extends the FreeBSD Linux compatibility layer to support
NVIDIA API calls; more specifically, it adds an ioctl() handler for
the range of possible NVIDIA ioctl numbers.

Submitted by:	 Christian Zander <zander@minion.de>
2002-09-19 18:56:55 +00:00
julian
c69b2fd9b6 Completely redo thread states.
Reviewed by:	davidxu@freebsd.org
2002-09-11 08:13:56 +00:00
peter
f1fb4b1419 Tidy up some loose ends that bde pointed out. caddr_t bad, ok?
Move fill_kinfo_proc to before we copy the results instead of after
the copy and too late.

There is still more to do here.
2002-09-07 22:31:44 +00:00
peter
409bdb78cb The true value of how the kernel was configured for KSTACK_PAGES was not
available at module compile time.  Do not #include the bogus
opt_kstack_pages.h at this point and instead refer to the variables that
are also exported via sysctl.
2002-09-07 22:15:47 +00:00
peter
ed691e12be Fix a missing line in a cut/paste error. 2002-09-07 07:13:08 +00:00
peter
a2b0903e65 Collect the a.out coredump code into the calling functions.
XXX why does pecoff dump in a.out format?
2002-09-07 01:23:51 +00:00
bde
e91b2d1175 Do not cast from a pointer to an integer of a possibly different size.
This fixes a warning on i386's with 64-bit longs.
2002-09-05 12:30:54 +00:00
bde
e42044f1d8 Include <sys/malloc.h> instead of depending on namespace pollution 2
layers deep in <sys/proc.h> or <sys/vnode.h>.

Removed unused includes.  Sorted includes.
2002-09-05 08:13:20 +00:00
marcel
731863afd4 Implement LINUX_TIOCSCTTY.
PR: kern/42404
2002-09-05 02:51:25 +00:00
iedowse
6ce9cb5a55 Use the new kern_*() functions to avoid using the stack gap in
linux_fcntl*() and linux_getcwd().
2002-09-02 22:46:05 +00:00
iedowse
f05afebc6e Use the new kern_* functions to avoid the need to store arguments
in the stack gap. This converts most VFS and signal related system
calls, as well as select().

Discussed on:	-arch
Approved by:	marcel
2002-09-01 22:30:27 +00:00
jake
5a4a57e355 Added fields for VM_MIN_ADDRESS, PS_STRINGS and stack protections to
sysentvec.  Initialized all fields of all sysentvecs, which will allow
them to be used instead of constants in more places.  Provided stack
fixup routines for emulations that previously used the default.
2002-09-01 21:41:24 +00:00
iedowse
8a03c5e588 Add a new function linux_emul_convpath(), which is a version of
linux_emul_find() that does not use stack gap storage but instead
always returns the resulting path in a malloc'd kernel buffer.
Implement linux_emul_find() in terms of this function. Also add
LCONVPATH* macros that wrap linux_emul_convpath in the same way
that the CHECKALT* macros wrap linux_emul_find().
2002-09-01 21:15:37 +00:00
jake
e032213bae Make this compile. 2002-08-31 19:33:59 +00:00
dillon
201028bf92 Implement data, text, and vmem limit checking in the elf loader and svr4
compat code.  Clean up accounting for multiple segments.  Part 1/2.

Submitted by:	Andrey Alekseyev <uitm@zenon.net> (with some modifications)
MFC after:	3 days
2002-08-30 18:09:46 +00:00
archie
447e501114 Replace (ab)uses of "NULL" where "0" is really meant. 2002-08-22 21:24:01 +00:00
sobomax
8df6eb246b Increase size of ifnet.if_flags from 16 bits (short) to 32 bits (int). To avoid
breaking application ABI use unused ifreq.ifru_flags[1] for upper 16 bits in
SIOCSIFFLAGS and SIOCGIFFLAGS ioctl's.

Reviewed by:	-hackers, -net
2002-08-18 07:05:00 +00:00
rwatson
006212bdce In continuation of early fileop credential changes, modify fo_ioctl() to
accept an 'active_cred' argument reflecting the credential of the thread
initiating the ioctl operation.

- Change fo_ioctl() to accept active_cred; change consumers of the
  fo_ioctl() interface to generally pass active_cred from td->td_ucred.
- In fifofs, initialize filetmp.f_cred to ap->a_cred so that the
  invocations of soo_ioctl() are provided access to the calling f_cred.
  Pass ap->a_td->td_ucred as the active_cred, but note that this is
  required because we don't yet distinguish file_cred and active_cred
  in invoking VOP's.
- Update kqueue_ioctl() for its new argument.
- Update pipe_ioctl() for its new argument, pass active_cred rather
  than td_ucred to MAC for authorization.
- Update soo_ioctl() for its new argument.
- Update vn_ioctl() for its new argument, use active_cred rather than
  td->td_ucred to authorize VOP_IOCTL() and the associated VOP_GETATTR().

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-17 02:36:16 +00:00
rwatson
11d64cc5ba Make similar changes to fo_stat() and fo_poll() as made earlier to
fo_read() and fo_write(): explicitly use the cred argument to fo_poll()
as "active_cred" using the passed file descriptor's f_cred reference
to provide access to the file credential.  Add an active_cred
argument to fo_stat() so that implementers have access to the active
credential as well as the file credential.  Generally modify callers
of fo_stat() to pass in td->td_ucred rather than fp->f_cred, which
was redundantly provided via the fp argument.  This set of modifications
also permits threads to perform these operations on behalf of another
thread without modifying their credential.

Trickle this change down into fo_stat/poll() implementations:

- badfo_poll(), badfo_stat(): modify/add arguments.
- kqueue_poll(), kqueue_stat(): modify arguments.
- pipe_poll(), pipe_stat(): modify/add arguments, pass active_cred to
  MAC checks rather than td->td_ucred.
- soo_poll(), soo_stat(): modify/add arguments, pass fp->f_cred rather
  than cred to pru_sopoll() to maintain current semantics.
- sopoll(): moidfy arguments.
- vn_poll(), vn_statfile(): modify/add arguments, pass new arguments
  to vn_stat().  Pass active_cred to MAC and fp->f_cred to VOP_POLL()
  to maintian current semantics.
- vn_close(): rename cred to file_cred to reflect reality while I'm here.
- vn_stat(): Add active_cred and file_cred arguments to vn_stat()
  and consumers so that this distinction is maintained at the VFS
  as well as 'struct file' layer.  Pass active_cred instead of
  td->td_ucred to MAC and to VOP_GETATTR() to maintain current semantics.

- fifofs: modify the creation of a "filetemp" so that the file
  credential is properly initialized and can be used in the socket
  code if desired.  Pass ap->a_td->td_ucred as the active
  credential to soo_poll().  If we teach the vnop interface about
  the distinction between file and active credentials, we would use
  the active credential here.

Note that current inconsistent passing of active_cred vs. file_cred to
VOP's is maintained.  It's not clear why GETATTR would be authorized
using active_cred while POLL would be authorized using file_cred at
the file system level.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-16 12:52:03 +00:00
rwatson
643a80b7c4 In order to better support flexible and extensible access control,
make a series of modifications to the credential arguments relating
to file read and write operations to cliarfy which credential is
used for what:

- Change fo_read() and fo_write() to accept "active_cred" instead of
  "cred", and change the semantics of consumers of fo_read() and
  fo_write() to pass the active credential of the thread requesting
  an operation rather than the cached file cred.  The cached file
  cred is still available in fo_read() and fo_write() consumers
  via fp->f_cred.  These changes largely in sys_generic.c.

For each implementation of fo_read() and fo_write(), update cred
usage to reflect this change and maintain current semantics:

- badfo_readwrite() unchanged
- kqueue_read/write() unchanged
  pipe_read/write() now authorize MAC using active_cred rather
  than td->td_ucred
- soo_read/write() unchanged
- vn_read/write() now authorize MAC using active_cred but
  VOP_READ/WRITE() with fp->f_cred

Modify vn_rdwr() to accept two credential arguments instead of a
single credential: active_cred and file_cred.  Use active_cred
for MAC authorization, and select a credential for use in
VOP_READ/WRITE() based on whether file_cred is NULL or not.  If
file_cred is provided, authorize the VOP using that cred,
otherwise the active credential, matching current semantics.

Modify current vn_rdwr() consumers to pass a file_cred if used
in the context of a struct file, and to always pass active_cred.
When vn_rdwr() is used without a file_cred, pass NOCRED.

These changes should maintain current semantics for read/write,
but avoid a redundant passing of fp->f_cred, as well as making
it more clear what the origin of each credential is in file
descriptor read/write operations.

Follow-up commits will make similar changes to other file descriptor
operations, and modify the MAC framework to pass both credentials
to MAC policy modules so they can implement either semantic for
revocation.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-15 20:55:08 +00:00
rwatson
6cd8cdbb46 On MAC check failure for readdir, use 'goto out' to use the common exit
handling, rather than returning directly to prevent leaking of vnode
reference/lock.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-15 15:46:10 +00:00
jeff
f27fab59d6 - Add the missing td argument to vn_lock that I missed in my last commit. 2002-08-13 20:34:30 +00:00
jeff
b9d8279278 - Hold the vnode lock throughout execve.
- Set VV_TEXT in the top level execve code.
 - Fixup the image activators to deal with the newly locked vnode.
2002-08-13 06:55:28 +00:00
rwatson
75fae3e68f Enforce MAC policies for the locally implemented vnode services in
SVR4 emulation relating to readdir() and fd_revoke().  All other
services appear to be implemented by simply wrapping existing
FreeBSD native system call implementations, so don't require local
instrumentation in the emulator module.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-12 01:42:21 +00:00
rwatson
15d7db7273 Another fix that wasn't pulled in from the MAC branch: the
struct mount is not cached as *mp at this point, so use
vp->v_mount directly, following the check that it's non-NULL.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-12 01:24:26 +00:00
rwatson
a55c80f8db Fix missing parens in MAC readdir() check. This fix was in the MAC
branch, but apparently didn't get moved over when it was made.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-12 01:18:33 +00:00
jeff
da7d3beee0 - Replace v_flag with v_iflag and v_vflag
- v_vflag is protected by the vnode lock and is used when synchronization
   with VOP calls is needed.
 - v_iflag is protected by interlock and is used for dealing with vnode
   management issues.  These flags include X/O LOCK, FREE, DOOMED, etc.
 - All accesses to v_iflag and v_vflag have either been locked or marked with
   mp_fixme's.
 - Many ASSERT_VOP_LOCKED calls have been added where the locking was not
   clear.
 - Many functions in vfs_subr.c were restructured to provide for stronger
   locking.

Idea stolen from:	BSD/OS
2002-08-04 10:29:36 +00:00
rwatson
7ec05cb86a Introduce support for Mandatory Access Control and extensible
kernel access control.

Invoke appropriate MAC entry points for a number of VFS-related
operations in the Linux ABI module.  In particular, handle uselib
in a manner similar to open() (more work is probably needed here),
as well as handle statfs(), and linux readdir()-like calls.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 22:23:02 +00:00
peter
6a546fdfbe Regenerate 2002-07-20 02:56:34 +00:00
peter
7a65b1270d Infrastructure tweaks to allow having both an Elf32 and an Elf64 executable
handler in the kernel at the same time.  Also, allow for the
exec_new_vmspace() code to build a different sized vmspace depending on
the executable environment.  This is a big help for execing i386 binaries
on ia64.   The ELF exec code grows the ability to map partial pages when
there is a page size difference, eg: emulating 4K pages on 8K or 16K
hardware pages.

Flesh out the i386 emulation support for ia64.  At this point, the only
binary that I know of that fails is cvsup, because the cvsup runtime
tries to execute code in pages not marked executable.

Obtained from:  dfr (mostly, many tweaks from me).
2002-07-20 02:56:12 +00:00
robert
99d6adbb23 Move the switch statement labels for the explicit 64-bit
command arguments into the correct function, linux_fcntl64(),
and thus out of the scope of a compilation for the alpha
platform.

Requested by:	obrien
2002-07-09 19:25:43 +00:00
robert
5455e35270 Enable emulation of the F_GETLK64, F_SETLK64, and F_SETLKW64
lock commands arguments to linux_fcntl64().
2002-07-09 15:57:12 +00:00
robert
67058f29f6 The comment marked with XXX was right: emulate SVR4 for
ELF binaries branded with ELFOSABI_SYSV, this is reported
to work and brandelf(1) puts this type into files if "SVR4"
was specified.
2002-07-09 14:59:27 +00:00
julian
eb010f76be Part 1 of KSE-III
The ability to schedule multiple threads per process
(one one cpu) by making ALL system calls optionally asynchronous.
to come: ia64 and power-pc patches, patches for gdb, test program (in tools)

Reviewed by:	Almost everyone who counts
	(at various times, peter, jhb, matt, alfred, mini, bernd,
	and a cast of thousands)

	NOTE: this is still Beta code, and contains lots of debugging stuff.
	expect slight instability in signals..
2002-06-29 17:26:22 +00:00
arr
f2c0771e92 - Remove the Giant acquisition from linux_socket_ioctl() as it was really
there to protect fdrop() (which in turn can call vrele()), however,
  fdrop_locked() grabs Giant for us, so we do not have to.

Reviewed by:	jhb
Inspired by:	alc
2002-06-26 15:53:11 +00:00
rwatson
41e8d625b2 Add a comment about how we should use vn_open() here instead of directly
invoking VOP_OPEN().  This would reduce code redundancy with the rest
of the kernel, and also is required for MAC to work properly.
2002-06-14 07:24:01 +00:00