freebsd-nq/sys/alpha/osf1/osf1_misc.c

1620 lines
32 KiB
C
Raw Normal View History

/* $NetBSD: osf1_misc.c,v 1.14 1998/05/20 16:34:29 chs Exp $ */
/*-
* Copyright (c) 1994, 1995 Carnegie-Mellon University.
* All rights reserved.
*
* Author: Chris G. Demetriou
*
* Permission to use, copy, modify and distribute this software and
* its documentation is hereby granted, provided that both the copyright
* notice and this permission notice appear in all copies of the
* software, derivative works or modified versions, and any portions
* thereof, and that both notices appear in supporting documentation.
*
* CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
* CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND
* FOR ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
*
* Carnegie Mellon requests users of this software to return to
*
* Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU
* School of Computer Science
* Carnegie Mellon University
* Pittsburgh PA 15213-3890
*
* any improvements or extensions that they make and grant Carnegie the
* rights to redistribute these changes.
*/
/*
* Additional Copyright (c) 1999 by Andrew Gallatin
*/
2003-06-10 17:10:18 +00:00
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
#include <sys/param.h>
#include <sys/systm.h>
#include <sys/bus.h>
#include <sys/exec.h>
#include <sys/fcntl.h>
#include <sys/filedesc.h>
#include <sys/imgact.h>
#include <sys/kernel.h>
#include <sys/lock.h>
#include <sys/malloc.h>
#include <sys/file.h> /* Must come after sys/malloc.h */
#include <sys/mman.h>
#include <sys/module.h>
#include <sys/mount.h>
#include <sys/mutex.h>
#include <sys/namei.h>
#include <sys/param.h>
#include <sys/proc.h>
#include <sys/reboot.h>
#include <sys/resource.h>
#include <sys/resourcevar.h>
#include <sys/selinfo.h>
#include <sys/pipe.h> /* Must come after sys/selinfo.h */
#include <sys/signal.h>
#include <sys/signalvar.h>
#include <sys/socket.h>
#include <sys/socketvar.h>
#include <sys/stat.h>
#include <sys/syscallsubr.h>
#include <sys/sysctl.h>
#include <sys/sysent.h>
#include <sys/sysproto.h>
#include <sys/systm.h>
#include <sys/unistd.h>
#include <sys/utsname.h>
#include <sys/vnode.h>
#include <sys/wait.h>
#include <vm/vm.h>
#include <vm/vm_kern.h>
#include <vm/vm_param.h>
#include <vm/pmap.h>
#include <vm/vm_map.h>
#include <vm/vm_extern.h>
#include <machine/cpu.h>
#include <machine/cpuconf.h>
#include <machine/fpu.h>
#include <machine/md_var.h>
#include <machine/pcb.h>
#include <machine/rpb.h>
#include <alpha/osf1/exec_ecoff.h>
#include <alpha/osf1/osf1_signal.h>
#include <alpha/osf1/osf1_proto.h>
#include <alpha/osf1/osf1_syscall.h>
#include <alpha/osf1/osf1_util.h>
#include <alpha/osf1/osf1.h>
static void cvtstat2osf1(struct stat *, struct osf1_stat *);
static int osf2bsd_pathconf(int *);
static const char osf1_emul_path[] = "/compat/osf1";
/*
* [ taken from the linux emulator ]
* Search an alternate path before passing pathname arguments on
* to system calls. Useful for keeping a separate 'emulation tree'.
*
* If cflag is set, we check if an attempt can be made to create
* the named file, i.e. we check if the directory it should
* be in exists.
*/
int
osf1_emul_find(struct thread *td, char *path, enum uio_seg pathseg,
char **pbuf, int create)
{
return (kern_alternate_path(td, osf1_emul_path, path, pathseg, pbuf,
create));
}
int
osf1_open(td, uap)
struct thread *td;
struct osf1_open_args *uap;
{
char *path;
int error;
CHECKALTEXIST(td, uap->path, &path);
/* XXX: translate flags */
error = kern_open(td, path, UIO_SYSSPACE, uap->flags, uap->mode);
free(path, M_TEMP);
return (error);
}
extern long totalphysmem;
int
osf1_getsysinfo(td, uap)
struct thread *td;
struct osf1_getsysinfo_args *uap;
{
int error, retval;
int ncpus = 1; /* XXX until SMP */
int ophysmem;
int unit;
long percpu;
long proctype;
struct osf1_cpu_info cpuinfo;
error = retval = 0;
switch(uap->op) {
case OSF_GET_MAX_UPROCS:
error = copyout(&maxprocperuid, uap->buffer,
sizeof(maxprocperuid));
retval = 1;
break;
case OSF_GET_PHYSMEM:
ophysmem = totalphysmem * (PAGE_SIZE >> 10);
error = copyout(&ophysmem, uap->buffer,
sizeof(ophysmem));
retval = 1;
break;
case OSF_GET_MAX_CPU:
case OSF_GET_CPUS_IN_BOX:
error = copyout(&ncpus, uap->buffer,
sizeof(ncpus));
retval = 1;
break;
case OSF_GET_IEEE_FP_CONTROL:
error = copyout(&td->td_pcb->pcb_fp_control,uap->buffer,
sizeof(td->td_pcb->pcb_fp_control));
retval = 1;
break;
case OSF_GET_CPU_INFO:
if (uap->nbytes < sizeof(cpuinfo))
error = EINVAL;
else {
bzero(&cpuinfo, sizeof(cpuinfo));
unit = alpha_pal_whami();
cpuinfo.current_cpu = unit;
cpuinfo.cpus_in_box = ncpus;
cpuinfo.cpu_type =
LOCATE_PCS(hwrpb, unit)->pcs_proc_type;
cpuinfo.ncpus = ncpus;
cpuinfo.cpus_present = ncpus;
cpuinfo.cpus_running = ncpus;
cpuinfo.cpu_binding = 1;
cpuinfo.cpu_ex_binding = 0;
cpuinfo.mhz = hwrpb->rpb_cc_freq / 1000000;
error = copyout(&cpuinfo, uap->buffer,
sizeof(cpuinfo));
retval = 1;
}
break;
case OSF_GET_PROC_TYPE:
if(uap->nbytes < sizeof(proctype))
error = EINVAL;
else {
unit = alpha_pal_whami();
proctype = LOCATE_PCS(hwrpb, unit)->pcs_proc_type;
error = copyout (&proctype, uap->buffer,
sizeof(percpu));
retval = 1;
}
break;
case OSF_GET_HWRPB: { /* note -- osf/1 doesn't have rpb_tbhint[8] */
unsigned long rpb_size;
rpb_size = (unsigned long)&hwrpb->rpb_tbhint -
(unsigned long)hwrpb;
if(uap->nbytes < rpb_size){
uprintf("nbytes = %ld, sizeof(struct rpb) = %ld\n",
uap->nbytes, rpb_size);
error = EINVAL;
}
else {
error = copyout(hwrpb, uap->buffer, rpb_size);
retval = 1;
}
}
break;
case OSF_GET_PLATFORM_NAME:
error = copyout(platform.model, uap->buffer,
strlen(platform.model));
retval = 1;
break;
default:
printf("osf1_getsysinfo called with unknown op=%ld\n", uap->op);
return EINVAL;
}
td->td_retval[0] = retval;
return(error);
}
int
osf1_setsysinfo(td, uap)
struct thread *td;
struct osf1_setsysinfo_args *uap;
{
int error;
error = 0;
switch(uap->op) {
case OSF_SET_IEEE_FP_CONTROL:
{
u_int64_t temp, *fp_control;
if ((error = copyin(uap->buffer, &temp, sizeof(temp))))
break;
fp_control = &td->td_pcb->pcb_fp_control;
*fp_control = temp & IEEE_TRAP_ENABLE_MASK;
break;
}
default:
uprintf("osf1_setsysinfo called with op=%ld\n", uap->op);
/*error = EINVAL;*/
}
return (error);
}
int
osf1_getrlimit(td, uap)
struct thread *td;
struct osf1_getrlimit_args *uap;
{
Locking for the per-process resource limits structure. - struct plimit includes a mutex to protect a reference count. The plimit structure is treated similarly to struct ucred in that is is always copy on write, so having a reference to a structure is sufficient to read from it without needing a further lock. - The proc lock protects the p_limit pointer and must be held while reading limits from a process to keep the limit structure from changing out from under you while reading from it. - Various global limits that are ints are not protected by a lock since int writes are atomic on all the archs we support and thus a lock wouldn't buy us anything. - All accesses to individual resource limits from a process are abstracted behind a simple lim_rlimit(), lim_max(), and lim_cur() API that return either an rlimit, or the current or max individual limit of the specified resource from a process. - dosetrlimit() was renamed to kern_setrlimit() to match existing style of other similar syscall helper functions. - The alpha OSF/1 compat layer no longer calls getrlimit() and setrlimit() (it didn't used the stackgap when it should have) but uses lim_rlimit() and kern_setrlimit() instead. - The svr4 compat no longer uses the stackgap for resource limits calls, but uses lim_rlimit() and kern_setrlimit() instead. - The ibcs2 compat no longer uses the stackgap for resource limits. It also no longer uses the stackgap for accessing sysctl's for the ibcs2_sysconf() syscall but uses kernel_sysctl() instead. As a result, ibcs2_sysconf() no longer needs Giant. - The p_rlimit macro no longer exists. Submitted by: mtm (mostly, I only did a few cleanups and catchups) Tested on: i386 Compiled on: alpha, amd64
2004-02-04 21:52:57 +00:00
struct rlimit bsd_rlim;
struct proc *p;
int which;
2002-12-14 01:56:26 +00:00
if (uap->which >= OSF1_RLIMIT_NLIMITS)
return (EINVAL);
2002-12-14 01:56:26 +00:00
if (uap->which <= OSF1_RLIMIT_LASTCOMMON)
Locking for the per-process resource limits structure. - struct plimit includes a mutex to protect a reference count. The plimit structure is treated similarly to struct ucred in that is is always copy on write, so having a reference to a structure is sufficient to read from it without needing a further lock. - The proc lock protects the p_limit pointer and must be held while reading limits from a process to keep the limit structure from changing out from under you while reading from it. - Various global limits that are ints are not protected by a lock since int writes are atomic on all the archs we support and thus a lock wouldn't buy us anything. - All accesses to individual resource limits from a process are abstracted behind a simple lim_rlimit(), lim_max(), and lim_cur() API that return either an rlimit, or the current or max individual limit of the specified resource from a process. - dosetrlimit() was renamed to kern_setrlimit() to match existing style of other similar syscall helper functions. - The alpha OSF/1 compat layer no longer calls getrlimit() and setrlimit() (it didn't used the stackgap when it should have) but uses lim_rlimit() and kern_setrlimit() instead. - The svr4 compat no longer uses the stackgap for resource limits calls, but uses lim_rlimit() and kern_setrlimit() instead. - The ibcs2 compat no longer uses the stackgap for resource limits. It also no longer uses the stackgap for accessing sysctl's for the ibcs2_sysconf() syscall but uses kernel_sysctl() instead. As a result, ibcs2_sysconf() no longer needs Giant. - The p_rlimit macro no longer exists. Submitted by: mtm (mostly, I only did a few cleanups and catchups) Tested on: i386 Compiled on: alpha, amd64
2004-02-04 21:52:57 +00:00
which = uap->which;
2002-12-14 01:56:26 +00:00
else if (uap->which == OSF1_RLIMIT_NOFILE)
Locking for the per-process resource limits structure. - struct plimit includes a mutex to protect a reference count. The plimit structure is treated similarly to struct ucred in that is is always copy on write, so having a reference to a structure is sufficient to read from it without needing a further lock. - The proc lock protects the p_limit pointer and must be held while reading limits from a process to keep the limit structure from changing out from under you while reading from it. - Various global limits that are ints are not protected by a lock since int writes are atomic on all the archs we support and thus a lock wouldn't buy us anything. - All accesses to individual resource limits from a process are abstracted behind a simple lim_rlimit(), lim_max(), and lim_cur() API that return either an rlimit, or the current or max individual limit of the specified resource from a process. - dosetrlimit() was renamed to kern_setrlimit() to match existing style of other similar syscall helper functions. - The alpha OSF/1 compat layer no longer calls getrlimit() and setrlimit() (it didn't used the stackgap when it should have) but uses lim_rlimit() and kern_setrlimit() instead. - The svr4 compat no longer uses the stackgap for resource limits calls, but uses lim_rlimit() and kern_setrlimit() instead. - The ibcs2 compat no longer uses the stackgap for resource limits. It also no longer uses the stackgap for accessing sysctl's for the ibcs2_sysconf() syscall but uses kernel_sysctl() instead. As a result, ibcs2_sysconf() no longer needs Giant. - The p_rlimit macro no longer exists. Submitted by: mtm (mostly, I only did a few cleanups and catchups) Tested on: i386 Compiled on: alpha, amd64
2004-02-04 21:52:57 +00:00
which = RLIMIT_NOFILE;
else
return (0);
Locking for the per-process resource limits structure. - struct plimit includes a mutex to protect a reference count. The plimit structure is treated similarly to struct ucred in that is is always copy on write, so having a reference to a structure is sufficient to read from it without needing a further lock. - The proc lock protects the p_limit pointer and must be held while reading limits from a process to keep the limit structure from changing out from under you while reading from it. - Various global limits that are ints are not protected by a lock since int writes are atomic on all the archs we support and thus a lock wouldn't buy us anything. - All accesses to individual resource limits from a process are abstracted behind a simple lim_rlimit(), lim_max(), and lim_cur() API that return either an rlimit, or the current or max individual limit of the specified resource from a process. - dosetrlimit() was renamed to kern_setrlimit() to match existing style of other similar syscall helper functions. - The alpha OSF/1 compat layer no longer calls getrlimit() and setrlimit() (it didn't used the stackgap when it should have) but uses lim_rlimit() and kern_setrlimit() instead. - The svr4 compat no longer uses the stackgap for resource limits calls, but uses lim_rlimit() and kern_setrlimit() instead. - The ibcs2 compat no longer uses the stackgap for resource limits. It also no longer uses the stackgap for accessing sysctl's for the ibcs2_sysconf() syscall but uses kernel_sysctl() instead. As a result, ibcs2_sysconf() no longer needs Giant. - The p_rlimit macro no longer exists. Submitted by: mtm (mostly, I only did a few cleanups and catchups) Tested on: i386 Compiled on: alpha, amd64
2004-02-04 21:52:57 +00:00
p = td->td_proc;
PROC_LOCK(p);
lim_rlimit(p, which, &bsd_rlim);
PROC_UNLOCK(p);
return (copyout(&bsd_rlim, uap->rlp, sizeof(bsd_rlim)));
}
int
osf1_setrlimit(td, uap)
struct thread *td;
struct osf1_setrlimit_args *uap;
{
Locking for the per-process resource limits structure. - struct plimit includes a mutex to protect a reference count. The plimit structure is treated similarly to struct ucred in that is is always copy on write, so having a reference to a structure is sufficient to read from it without needing a further lock. - The proc lock protects the p_limit pointer and must be held while reading limits from a process to keep the limit structure from changing out from under you while reading from it. - Various global limits that are ints are not protected by a lock since int writes are atomic on all the archs we support and thus a lock wouldn't buy us anything. - All accesses to individual resource limits from a process are abstracted behind a simple lim_rlimit(), lim_max(), and lim_cur() API that return either an rlimit, or the current or max individual limit of the specified resource from a process. - dosetrlimit() was renamed to kern_setrlimit() to match existing style of other similar syscall helper functions. - The alpha OSF/1 compat layer no longer calls getrlimit() and setrlimit() (it didn't used the stackgap when it should have) but uses lim_rlimit() and kern_setrlimit() instead. - The svr4 compat no longer uses the stackgap for resource limits calls, but uses lim_rlimit() and kern_setrlimit() instead. - The ibcs2 compat no longer uses the stackgap for resource limits. It also no longer uses the stackgap for accessing sysctl's for the ibcs2_sysconf() syscall but uses kernel_sysctl() instead. As a result, ibcs2_sysconf() no longer needs Giant. - The p_rlimit macro no longer exists. Submitted by: mtm (mostly, I only did a few cleanups and catchups) Tested on: i386 Compiled on: alpha, amd64
2004-02-04 21:52:57 +00:00
struct rlimit bsd_rlim;
int error, which;
2002-12-14 01:56:26 +00:00
if (uap->which >= OSF1_RLIMIT_NLIMITS)
return (EINVAL);
2002-12-14 01:56:26 +00:00
if (uap->which <= OSF1_RLIMIT_LASTCOMMON)
Locking for the per-process resource limits structure. - struct plimit includes a mutex to protect a reference count. The plimit structure is treated similarly to struct ucred in that is is always copy on write, so having a reference to a structure is sufficient to read from it without needing a further lock. - The proc lock protects the p_limit pointer and must be held while reading limits from a process to keep the limit structure from changing out from under you while reading from it. - Various global limits that are ints are not protected by a lock since int writes are atomic on all the archs we support and thus a lock wouldn't buy us anything. - All accesses to individual resource limits from a process are abstracted behind a simple lim_rlimit(), lim_max(), and lim_cur() API that return either an rlimit, or the current or max individual limit of the specified resource from a process. - dosetrlimit() was renamed to kern_setrlimit() to match existing style of other similar syscall helper functions. - The alpha OSF/1 compat layer no longer calls getrlimit() and setrlimit() (it didn't used the stackgap when it should have) but uses lim_rlimit() and kern_setrlimit() instead. - The svr4 compat no longer uses the stackgap for resource limits calls, but uses lim_rlimit() and kern_setrlimit() instead. - The ibcs2 compat no longer uses the stackgap for resource limits. It also no longer uses the stackgap for accessing sysctl's for the ibcs2_sysconf() syscall but uses kernel_sysctl() instead. As a result, ibcs2_sysconf() no longer needs Giant. - The p_rlimit macro no longer exists. Submitted by: mtm (mostly, I only did a few cleanups and catchups) Tested on: i386 Compiled on: alpha, amd64
2004-02-04 21:52:57 +00:00
which = uap->which;
2002-12-14 01:56:26 +00:00
else if (uap->which == OSF1_RLIMIT_NOFILE)
Locking for the per-process resource limits structure. - struct plimit includes a mutex to protect a reference count. The plimit structure is treated similarly to struct ucred in that is is always copy on write, so having a reference to a structure is sufficient to read from it without needing a further lock. - The proc lock protects the p_limit pointer and must be held while reading limits from a process to keep the limit structure from changing out from under you while reading from it. - Various global limits that are ints are not protected by a lock since int writes are atomic on all the archs we support and thus a lock wouldn't buy us anything. - All accesses to individual resource limits from a process are abstracted behind a simple lim_rlimit(), lim_max(), and lim_cur() API that return either an rlimit, or the current or max individual limit of the specified resource from a process. - dosetrlimit() was renamed to kern_setrlimit() to match existing style of other similar syscall helper functions. - The alpha OSF/1 compat layer no longer calls getrlimit() and setrlimit() (it didn't used the stackgap when it should have) but uses lim_rlimit() and kern_setrlimit() instead. - The svr4 compat no longer uses the stackgap for resource limits calls, but uses lim_rlimit() and kern_setrlimit() instead. - The ibcs2 compat no longer uses the stackgap for resource limits. It also no longer uses the stackgap for accessing sysctl's for the ibcs2_sysconf() syscall but uses kernel_sysctl() instead. As a result, ibcs2_sysconf() no longer needs Giant. - The p_rlimit macro no longer exists. Submitted by: mtm (mostly, I only did a few cleanups and catchups) Tested on: i386 Compiled on: alpha, amd64
2004-02-04 21:52:57 +00:00
which = RLIMIT_NOFILE;
else
return (0);
Locking for the per-process resource limits structure. - struct plimit includes a mutex to protect a reference count. The plimit structure is treated similarly to struct ucred in that is is always copy on write, so having a reference to a structure is sufficient to read from it without needing a further lock. - The proc lock protects the p_limit pointer and must be held while reading limits from a process to keep the limit structure from changing out from under you while reading from it. - Various global limits that are ints are not protected by a lock since int writes are atomic on all the archs we support and thus a lock wouldn't buy us anything. - All accesses to individual resource limits from a process are abstracted behind a simple lim_rlimit(), lim_max(), and lim_cur() API that return either an rlimit, or the current or max individual limit of the specified resource from a process. - dosetrlimit() was renamed to kern_setrlimit() to match existing style of other similar syscall helper functions. - The alpha OSF/1 compat layer no longer calls getrlimit() and setrlimit() (it didn't used the stackgap when it should have) but uses lim_rlimit() and kern_setrlimit() instead. - The svr4 compat no longer uses the stackgap for resource limits calls, but uses lim_rlimit() and kern_setrlimit() instead. - The ibcs2 compat no longer uses the stackgap for resource limits. It also no longer uses the stackgap for accessing sysctl's for the ibcs2_sysconf() syscall but uses kernel_sysctl() instead. As a result, ibcs2_sysconf() no longer needs Giant. - The p_rlimit macro no longer exists. Submitted by: mtm (mostly, I only did a few cleanups and catchups) Tested on: i386 Compiled on: alpha, amd64
2004-02-04 21:52:57 +00:00
error = copyin(uap->rlp, &bsd_rlim, sizeof(bsd_rlim));
if (error)
return (error);
return (kern_setrlimit(td, which, &bsd_rlim));
}
/*
* As linux says, this is a total guess.
*/
int
osf1_set_program_attributes(td, uap)
struct thread *td;
struct osf1_set_program_attributes_args *uap;
{
struct vmspace *vm = td->td_proc->p_vmspace;
vm->vm_taddr = (caddr_t)uap->text_start;
vm->vm_tsize = btoc(round_page(uap->text_len));
vm->vm_daddr = (caddr_t)uap->bss_start;
vm->vm_dsize = btoc(round_page(uap->bss_len));
return(KERN_SUCCESS);
}
int
osf1_mmap(td, uap)
struct thread *td;
struct osf1_mmap_args *uap;
{
struct mmap_args /* {
syscallarg(caddr_t) addr;
syscallarg(size_t) len;
syscallarg(int) prot;
syscallarg(int) flags;
syscallarg(int) fd;
syscallarg(long) pad;
syscallarg(off_t) pos;
} */ a;
int retval;
vm_map_t map;
vm_offset_t addr, len, newaddr;
GIANT_REQUIRED;
2002-12-14 01:56:26 +00:00
a.addr = uap->addr;
a.len = uap->len;
a.prot = uap->prot;
a.fd = uap->fd;
a.pad = 0;
a.pos = uap->pos;
2002-12-14 01:56:26 +00:00
a.flags = 0;
/*
* OSF/1's mmap, unlike FreeBSD's, does its best to map memory at the
* user's requested address, even if MAP_FIXED is not set. Here we
* try to replicate this behaviour as much as we can because some
* applications (like /sbin/loader) depend on having things put as
* close to where they've requested as possible.
*/
2002-12-14 01:56:26 +00:00
if (uap->addr != NULL)
addr = round_page((vm_offset_t)a.addr);
else
/*
* Try to use the apparent OSF/1 default placement of 0x10000 for
* NULL addrs, this helps to prevent non-64 bit clean binaries from
* SEGV'ing.
*/
addr = round_page((vm_offset_t)0x10000UL);
2002-12-14 01:56:26 +00:00
len = (vm_offset_t)a.len;
map = &td->td_proc->p_vmspace->vm_map;
if (!vm_map_findspace(map, addr, len, &newaddr)) {
2002-12-14 01:56:26 +00:00
a.addr = (caddr_t) newaddr;
a.flags |= (MAP_FIXED);
}
#ifdef DEBUG
else
uprintf("osf1_mmap:vm_map_findspace failed for: %p 0x%lx\n",
(caddr_t)addr, len);
#endif
2002-12-14 01:56:26 +00:00
if (uap->flags & OSF1_MAP_SHARED)
a.flags |= MAP_SHARED;
if (uap->flags & OSF1_MAP_PRIVATE)
a.flags |= MAP_PRIVATE;
2002-12-14 01:56:26 +00:00
switch (uap->flags & OSF1_MAP_TYPE) {
case OSF1_MAP_ANONYMOUS:
2002-12-14 01:56:26 +00:00
a.flags |= MAP_ANON;
break;
case OSF1_MAP_FILE:
2002-12-14 01:56:26 +00:00
a.flags |= MAP_FILE;
break;
default:
return (EINVAL);
}
2002-12-14 01:56:26 +00:00
if (uap->flags & OSF1_MAP_FIXED)
a.flags |= MAP_FIXED;
if (uap->flags & OSF1_MAP_HASSEMAPHORE)
a.flags |= MAP_HASSEMAPHORE;
if (uap->flags & OSF1_MAP_INHERIT)
2001-08-25 04:27:40 +00:00
return (EINVAL);
2002-12-14 01:56:26 +00:00
if (uap->flags & OSF1_MAP_UNALIGNED)
return (EINVAL);
/*
* Emulate an osf/1 bug: Apparently, mmap'ed segments are always
* readable even if the user doesn't or in PROT_READ. This causes
* some buggy programs to segv.
*/
2002-12-14 01:56:26 +00:00
a.prot |= PROT_READ;
retval = mmap(td, &a);
#ifdef DEBUG
uprintf(
"\nosf1_mmap: addr=%p (%p), len = 0x%lx, prot=0x%x, fd=%d, pad=0, pos=0x%lx",
2002-12-14 01:56:26 +00:00
uap->addr, a.addr,uap->len, uap->prot,
uap->fd, uap->pos);
printf(" flags = 0x%x\n",uap->flags);
#endif
return (retval);
}
int
osf1_msync(td, uap)
struct thread *td;
struct osf1_msync_args *uap;
{
struct msync_args a;
2002-12-14 01:56:26 +00:00
a.addr = uap->addr;
a.len = uap->len;
a.flags = 0;
2002-12-14 01:56:26 +00:00
if(uap->flags & OSF1_MS_ASYNC)
a.flags |= MS_ASYNC;
if(uap->flags & OSF1_MS_SYNC)
a.flags |= MS_SYNC;
if(uap->flags & OSF1_MS_INVALIDATE)
a.flags |= MS_INVALIDATE;
return(msync(td, &a));
}
struct osf1_stat {
int32_t st_dev;
u_int32_t st_ino;
u_int32_t st_mode;
u_int16_t st_nlink;
u_int32_t st_uid;
u_int32_t st_gid;
int32_t st_rdev;
u_int64_t st_size;
int32_t st_atime_sec;
int32_t st_spare1;
int32_t st_mtime_sec;
int32_t st_spare2;
int32_t st_ctime_sec;
int32_t st_spare3;
u_int32_t st_blksize;
int32_t st_blocks;
u_int32_t st_flags;
u_int32_t st_gen;
};
/*
* Get file status; this version follows links.
*/
/* ARGSUSED */
int
osf1_stat(td, uap)
struct thread *td;
struct osf1_stat_args *uap;
{
struct stat sb;
struct osf1_stat osb;
char *path;
int error;
CHECKALTEXIST(td, uap->path, &path);
error = kern_stat(td, path, UIO_SYSSPACE, &sb);
free(path, M_TEMP);
if (error)
return (error);
cvtstat2osf1(&sb, &osb);
2002-12-14 01:56:26 +00:00
error = copyout((caddr_t)&osb, (caddr_t)uap->ub, sizeof (osb));
return (error);
}
/*
* Get file status; this version does not follow links.
*/
/* ARGSUSED */
int
osf1_lstat(td, uap)
struct thread *td;
register struct osf1_lstat_args *uap;
{
struct stat sb;
struct osf1_stat osb;
char *path;
int error;
2001-01-24 10:27:11 +00:00
CHECKALTEXIST(td, uap->path, &path);
error = kern_lstat(td, path, UIO_SYSSPACE, &sb);
free(path, M_TEMP);
if (error)
return (error);
cvtstat2osf1(&sb, &osb);
2002-12-14 01:56:26 +00:00
error = copyout((caddr_t)&osb, (caddr_t)uap->ub, sizeof (osb));
return (error);
}
/*
* Return status information about a file descriptor.
*/
int
osf1_fstat(td, uap)
struct thread *td;
register struct osf1_fstat_args *uap;
{
struct osf1_stat oub;
struct stat ub;
int error;
error = kern_fstat(td, uap->fd, &ub);
if (error)
return (error);
cvtstat2osf1(&ub, &oub);
if (error == 0)
2002-12-14 01:56:26 +00:00
error = copyout((caddr_t)&oub, (caddr_t)uap->sb,
sizeof (oub));
return (error);
}
#define bsd2osf_dev(dev) (umajor(dev) << 20 | uminor(dev))
/*
* Convert from a stat structure to an osf1 stat structure.
*/
static void
cvtstat2osf1(st, ost)
struct stat *st;
struct osf1_stat *ost;
{
ost->st_dev = bsd2osf_dev(st->st_dev);
ost->st_ino = st->st_ino;
ost->st_mode = st->st_mode;
ost->st_nlink = st->st_nlink;
ost->st_uid = st->st_uid == -2 ? (u_int16_t) -2 : st->st_uid;
ost->st_gid = st->st_gid == -2 ? (u_int16_t) -2 : st->st_gid;
ost->st_rdev = bsd2osf_dev(st->st_rdev);
ost->st_size = st->st_size;
ost->st_atime_sec = st->st_atime;
ost->st_spare1 = 0;
ost->st_mtime_sec = st->st_mtime;
ost->st_spare2 = 0;
ost->st_ctime_sec = st->st_ctime;
ost->st_spare3 = 0;
ost->st_blksize = st->st_blksize;
ost->st_blocks = st->st_blocks;
ost->st_flags = st->st_flags;
ost->st_gen = st->st_gen;
}
int
osf1_mknod(td, uap)
struct thread *td;
struct osf1_mknod_args *uap;
{
printf("osf1_mknod no longer implemented\n");
return ENOSYS;
}
int
osf1_access(td, uap)
struct thread *td;
struct osf1_access_args *uap;
{
char *path;
int error;
CHECKALTEXIST(td, uap->path, &path);
error = kern_access(td, path, UIO_SYSSPACE, uap->flags);
free(path, M_TEMP);
return (error);
}
struct osf1_flock {
short l_type;
short l_whence;
off_t l_start;
off_t l_len;
pid_t l_pid;
};
int
osf1_fcntl(td, uap)
struct thread *td;
struct osf1_fcntl_args *uap;
{
int error;
long tmp;
struct osf1_flock osf_flock;
struct flock bsd_flock;
error = 0;
2002-12-14 01:56:26 +00:00
switch (uap->cmd) {
case F_SETFL:
/* need to translate flags here */
tmp = 0;
2002-12-14 01:56:26 +00:00
if ((long)uap->arg & OSF1_FNONBLOCK)
tmp |= FNONBLOCK;
2002-12-14 01:56:26 +00:00
if ((long)uap->arg & OSF1_FAPPEND)
tmp |= FAPPEND;
2002-12-14 01:56:26 +00:00
if ((long)uap->arg & OSF1_FDEFER)
tmp |= FDEFER;
2002-12-14 01:56:26 +00:00
if ((long)uap->arg & OSF1_FASYNC)
tmp |= FASYNC;
2002-12-14 01:56:26 +00:00
if ((long)uap->arg & OSF1_FCREAT)
tmp |= O_CREAT;
2002-12-14 01:56:26 +00:00
if ((long)uap->arg & OSF1_FTRUNC)
tmp |= O_TRUNC;
2002-12-14 01:56:26 +00:00
if ((long)uap->arg & OSF1_FEXCL)
tmp |= O_EXCL;
2002-12-14 01:56:26 +00:00
if ((long)uap->arg & OSF1_FNDELAY)
tmp |= FNDELAY;
2002-12-14 01:56:26 +00:00
if ((long)uap->arg & OSF1_FSYNC)
tmp |= FFSYNC;
error = kern_fcntl(td, uap->fd, F_SETFL, tmp);
break;
case F_SETLK:
case F_SETLKW:
case F_GETLK:
/*
* The OSF/1 flock stucture has a different order than
* the BSD one, but all else is the same. We must
* reorder the one we've gotten so that flock() groks it.
*/
error = copyin(uap->arg, &osf_flock, sizeof(osf_flock));
if (error)
return (error);
bsd_flock.l_type = osf_flock.l_type;
bsd_flock.l_whence = osf_flock.l_whence;
bsd_flock.l_start = osf_flock.l_start;
bsd_flock.l_len = osf_flock.l_len;
bsd_flock.l_pid = osf_flock.l_pid;
error = kern_fcntl(td, uap->fd, uap->cmd, (intptr_t)&bsd_flock);
/* if (error) {
printf("fcntl called with cmd=%d, args=0x%lx\n returns %d\n",uap->cmd,(long)uap->arg,error);
printf("bsd_flock.l_type = 0x%x\n", bsd_flock.l_type);
printf("bsd_flock.l_whence = 0x%x\n", bsd_flock.l_whence);
printf("bsd_flock.l_start = 0x%lx\n", bsd_flock.l_start);
printf("bsd_flock.l_len = 0x%lx\n", bsd_flock.l_len);
printf("bsd_flock.l_pid = 0x%x\n", bsd_flock.l_pid);
}
*/
if ((uap->cmd == F_GETLK) && !error) {
/*
* XXX: Why are we hardcoding F_UNLCK here instead of
* copying the structure members from bsd_flock?
*/
osf_flock.l_type = F_UNLCK;
error = copyout(&osf_flock, uap->arg,
sizeof(osf_flock));
}
break;
default:
error = kern_fcntl(td, uap->fd, uap->cmd, (intptr_t)uap->arg);
if ((uap->cmd == OSF1_F_GETFL) && !error ) {
tmp = td->td_retval[0] & O_ACCMODE;
if (td->td_retval[0] & FNONBLOCK)
tmp |= OSF1_FNONBLOCK;
if (td->td_retval[0] & FAPPEND)
tmp |= OSF1_FAPPEND;
if (td->td_retval[0] & FDEFER)
tmp |= OSF1_FDEFER;
if (td->td_retval[0] & FASYNC)
tmp |= OSF1_FASYNC;
if (td->td_retval[0] & O_CREAT)
tmp |= OSF1_FCREAT;
if (td->td_retval[0] & O_TRUNC)
tmp |= OSF1_FTRUNC;
if (td->td_retval[0] & O_EXCL)
tmp |= OSF1_FEXCL;
if (td->td_retval[0] & FNDELAY)
tmp |= OSF1_FNDELAY;
if (td->td_retval[0] & FFSYNC)
tmp |= OSF1_FSYNC;
td->td_retval[0] = tmp;
}
}
return (error);
}
#if 0
int
osf1_fcntl(td, uap)
struct thread *td;
struct osf1_fcntl_args *uap;
{
struct fcntl_args a;
long tmp;
int error;
2002-12-14 01:56:26 +00:00
a.fd = uap->fd;
2002-12-14 01:56:26 +00:00
switch (uap->cmd) {
case OSF1_F_DUPFD:
2002-12-14 01:56:26 +00:00
a.cmd = F_DUPFD;
a.arg = (long)uap->arg;
break;
case OSF1_F_GETFD:
2002-12-14 01:56:26 +00:00
a.cmd = F_GETFD;
a.arg = (long)uap->arg;
break;
case OSF1_F_SETFD:
2002-12-14 01:56:26 +00:00
a.cmd = F_SETFD;
a.arg = (long)uap->arg;
break;
case OSF1_F_GETFL:
2002-12-14 01:56:26 +00:00
a.cmd = F_GETFL;
a.arg = (long)uap->arg; /* ignored */
break;
case OSF1_F_SETFL:
2002-12-14 01:56:26 +00:00
a.cmd = F_SETFL;
tmp = 0;
2002-12-14 01:56:26 +00:00
if ((long)uap->arg & OSF1_FAPPEND)
tmp |= FAPPEND;
2002-12-14 01:56:26 +00:00
if ((long)uap->arg & OSF1_FNONBLOCK)
tmp |= FNONBLOCK;
2002-12-14 01:56:26 +00:00
if ((long)uap->arg & OSF1_FASYNC)
tmp |= FASYNC;
2002-12-14 01:56:26 +00:00
if ((long)uap->arg & OSF1_FSYNC)
tmp |= FFSYNC;
2002-12-14 01:56:26 +00:00
a.arg = tmp;
break;
default: /* XXX other cases */
return (EINVAL);
}
error = fcntl(td, &a);
if (error)
return error;
2002-12-14 01:56:26 +00:00
switch (uap->cmd) {
case OSF1_F_GETFL:
/* XXX */
break;
}
return error;
}
#endif
int
osf1_socket(td, uap)
struct thread *td;
struct osf1_socket_args *uap;
{
struct socket_args a;
2002-12-14 01:56:26 +00:00
if (uap->type > AF_LINK)
return (EINVAL); /* XXX After AF_LINK, divergence. */
2002-12-14 01:56:26 +00:00
a.domain = uap->domain;
a.type = uap->type;
a.protocol = uap->protocol;
return socket(td, &a);
}
int
osf1_sendto(td, uap)
struct thread *td;
register struct osf1_sendto_args *uap;
{
struct sendto_args a;
2002-12-14 01:56:26 +00:00
if (uap->flags & ~0x7f) /* unsupported flags */
return (EINVAL);
2002-12-14 01:56:26 +00:00
a.s = uap->s;
a.buf = uap->buf;
a.len = uap->len;
a.flags = uap->flags;
a.to = (caddr_t)uap->to;
a.tolen = uap->tolen;
return sendto(td, &a);
}
int
osf1_reboot(td, uap)
struct thread *td;
struct osf1_reboot_args *uap;
{
struct reboot_args a;
2002-12-14 01:56:26 +00:00
if (uap->opt & ~OSF1_RB_ALLFLAGS &&
uap->opt & (OSF1_RB_ALTBOOT|OSF1_RB_UNIPROC))
return (EINVAL);
2002-12-14 01:56:26 +00:00
a.opt = 0;
if (uap->opt & OSF1_RB_ASKNAME)
a.opt |= RB_ASKNAME;
if (uap->opt & OSF1_RB_SINGLE)
a.opt |= RB_SINGLE;
if (uap->opt & OSF1_RB_NOSYNC)
a.opt |= RB_NOSYNC;
if (uap->opt & OSF1_RB_HALT)
a.opt |= RB_HALT;
if (uap->opt & OSF1_RB_INITNAME)
a.opt |= RB_INITNAME;
if (uap->opt & OSF1_RB_DFLTROOT)
a.opt |= RB_DFLTROOT;
return reboot(td, &a);
}
int
osf1_lseek(td, uap)
struct thread *td;
struct osf1_lseek_args *uap;
{
struct lseek_args a;
2002-12-14 01:56:26 +00:00
a.fd = uap->fd;
a.pad = 0;
a.offset = uap->offset;
a.whence = uap->whence;
return lseek(td, &a);
}
/*
* OSF/1 defines _POSIX_SAVED_IDS, which means that our normal
* setuid() won't work.
*
* Instead, by P1003.1b-1993, setuid() is supposed to work like:
2002-04-05 00:08:38 +00:00
* If the process has appropriate [super-user] privileges, the
* setuid() function sets the real user ID, effective user
* ID, and the saved set-user-ID to uid.
2002-04-05 00:08:38 +00:00
* If the process does not have appropriate privileges, but uid
* is equal to the real user ID or the saved set-user-ID, the
* setuid() function sets the effective user ID to uid; the
* real user ID and saved set-user-ID remain unchanged by
* this function call.
*/
int
osf1_setuid(td, uap)
struct thread *td;
struct osf1_setuid_args *uap;
{
struct proc *p;
int error;
uid_t uid;
struct uidinfo *uip;
2001-05-25 20:56:28 +00:00
struct ucred *newcred, *oldcred;
p = td->td_proc;
2002-12-14 01:56:26 +00:00
uid = uap->uid;
newcred = crget();
uip = uifind(uid);
PROC_LOCK(p);
o Merge contents of struct pcred into struct ucred. Specifically, add the real uid, saved uid, real gid, and saved gid to ucred, as well as the pcred->pc_uidinfo, which was associated with the real uid, only rename it to cr_ruidinfo so as not to conflict with cr_uidinfo, which corresponds to the effective uid. o Remove p_cred from struct proc; add p_ucred to struct proc, replacing original macro that pointed. p->p_ucred to p->p_cred->pc_ucred. o Universally update code so that it makes use of ucred instead of pcred, p->p_ucred instead of p->p_pcred, cr_ruidinfo instead of p_uidinfo, cr_{r,sv}{u,g}id instead of p_*, etc. o Remove pcred0 and its initialization from init_main.c; initialize cr_ruidinfo there. o Restruction many credential modification chunks to always crdup while we figure out locking and optimizations; generally speaking, this means moving to a structure like this: newcred = crdup(oldcred); ... p->p_ucred = newcred; crfree(oldcred); It's not race-free, but better than nothing. There are also races in sys_process.c, all inter-process authorization, fork, exec, and exit. o Remove sigio->sio_ruid since sigio->sio_ucred now contains the ruid; remove comments indicating that the old arrangement was a problem. o Restructure exec1() a little to use newcred/oldcred arrangement, and use improved uid management primitives. o Clean up exit1() so as to do less work in credential cleanup due to pcred removal. o Clean up fork1() so as to do less work in credential cleanup and allocation. o Clean up ktrcanset() to take into account changes, and move to using suser_xxx() instead of performing a direct uid==0 comparision. o Improve commenting in various kern_prot.c credential modification calls to better document current behavior. In a couple of places, current behavior is a little questionable and we need to check POSIX.1 to make sure it's "right". More commenting work still remains to be done. o Update credential management calls, such as crfree(), to take into account new ruidinfo reference. o Modify or add the following uid and gid helper routines: change_euid() change_egid() change_ruid() change_rgid() change_svuid() change_svgid() In each case, the call now acts on a credential not a process, and as such no longer requires more complicated process locking/etc. They now assume the caller will do any necessary allocation of an exclusive credential reference. Each is commented to document its reference requirements. o CANSIGIO() is simplified to require only credentials, not processes and pcreds. o Remove lots of (p_pcred==NULL) checks. o Add an XXX to authorization code in nfs_lock.c, since it's questionable, and needs to be considered carefully. o Simplify posix4 authorization code to require only credentials, not processes and pcreds. Note that this authorization, as well as CANSIGIO(), needs to be updated to use the p_cansignal() and p_cansched() centralized authorization routines, as they currently do not take into account some desirable restrictions that are handled by the centralized routines, as well as being inconsistent with other similar authorization instances. o Update libkvm to take these changes into account. Obtained from: TrustedBSD Project Reviewed by: green, bde, jhb, freebsd-arch, freebsd-audit
2001-05-25 16:59:11 +00:00
oldcred = p->p_ucred;
if ((error = suser_cred(p->p_ucred, SUSER_ALLOWJAIL)) != 0 &&
uid != oldcred->cr_ruid && uid != oldcred->cr_svuid) {
PROC_UNLOCK(p);
uifree(uip);
crfree(newcred);
return (error);
}
crcopy(newcred, oldcred);
if (error == 0) {
o Merge contents of struct pcred into struct ucred. Specifically, add the real uid, saved uid, real gid, and saved gid to ucred, as well as the pcred->pc_uidinfo, which was associated with the real uid, only rename it to cr_ruidinfo so as not to conflict with cr_uidinfo, which corresponds to the effective uid. o Remove p_cred from struct proc; add p_ucred to struct proc, replacing original macro that pointed. p->p_ucred to p->p_cred->pc_ucred. o Universally update code so that it makes use of ucred instead of pcred, p->p_ucred instead of p->p_pcred, cr_ruidinfo instead of p_uidinfo, cr_{r,sv}{u,g}id instead of p_*, etc. o Remove pcred0 and its initialization from init_main.c; initialize cr_ruidinfo there. o Restruction many credential modification chunks to always crdup while we figure out locking and optimizations; generally speaking, this means moving to a structure like this: newcred = crdup(oldcred); ... p->p_ucred = newcred; crfree(oldcred); It's not race-free, but better than nothing. There are also races in sys_process.c, all inter-process authorization, fork, exec, and exit. o Remove sigio->sio_ruid since sigio->sio_ucred now contains the ruid; remove comments indicating that the old arrangement was a problem. o Restructure exec1() a little to use newcred/oldcred arrangement, and use improved uid management primitives. o Clean up exit1() so as to do less work in credential cleanup due to pcred removal. o Clean up fork1() so as to do less work in credential cleanup and allocation. o Clean up ktrcanset() to take into account changes, and move to using suser_xxx() instead of performing a direct uid==0 comparision. o Improve commenting in various kern_prot.c credential modification calls to better document current behavior. In a couple of places, current behavior is a little questionable and we need to check POSIX.1 to make sure it's "right". More commenting work still remains to be done. o Update credential management calls, such as crfree(), to take into account new ruidinfo reference. o Modify or add the following uid and gid helper routines: change_euid() change_egid() change_ruid() change_rgid() change_svuid() change_svgid() In each case, the call now acts on a credential not a process, and as such no longer requires more complicated process locking/etc. They now assume the caller will do any necessary allocation of an exclusive credential reference. Each is commented to document its reference requirements. o CANSIGIO() is simplified to require only credentials, not processes and pcreds. o Remove lots of (p_pcred==NULL) checks. o Add an XXX to authorization code in nfs_lock.c, since it's questionable, and needs to be considered carefully. o Simplify posix4 authorization code to require only credentials, not processes and pcreds. Note that this authorization, as well as CANSIGIO(), needs to be updated to use the p_cansignal() and p_cansched() centralized authorization routines, as they currently do not take into account some desirable restrictions that are handled by the centralized routines, as well as being inconsistent with other similar authorization instances. o Update libkvm to take these changes into account. Obtained from: TrustedBSD Project Reviewed by: green, bde, jhb, freebsd-arch, freebsd-audit
2001-05-25 16:59:11 +00:00
if (uid != oldcred->cr_ruid) {
change_ruid(newcred, uip);
setsugid(p);
}
o Merge contents of struct pcred into struct ucred. Specifically, add the real uid, saved uid, real gid, and saved gid to ucred, as well as the pcred->pc_uidinfo, which was associated with the real uid, only rename it to cr_ruidinfo so as not to conflict with cr_uidinfo, which corresponds to the effective uid. o Remove p_cred from struct proc; add p_ucred to struct proc, replacing original macro that pointed. p->p_ucred to p->p_cred->pc_ucred. o Universally update code so that it makes use of ucred instead of pcred, p->p_ucred instead of p->p_pcred, cr_ruidinfo instead of p_uidinfo, cr_{r,sv}{u,g}id instead of p_*, etc. o Remove pcred0 and its initialization from init_main.c; initialize cr_ruidinfo there. o Restruction many credential modification chunks to always crdup while we figure out locking and optimizations; generally speaking, this means moving to a structure like this: newcred = crdup(oldcred); ... p->p_ucred = newcred; crfree(oldcred); It's not race-free, but better than nothing. There are also races in sys_process.c, all inter-process authorization, fork, exec, and exit. o Remove sigio->sio_ruid since sigio->sio_ucred now contains the ruid; remove comments indicating that the old arrangement was a problem. o Restructure exec1() a little to use newcred/oldcred arrangement, and use improved uid management primitives. o Clean up exit1() so as to do less work in credential cleanup due to pcred removal. o Clean up fork1() so as to do less work in credential cleanup and allocation. o Clean up ktrcanset() to take into account changes, and move to using suser_xxx() instead of performing a direct uid==0 comparision. o Improve commenting in various kern_prot.c credential modification calls to better document current behavior. In a couple of places, current behavior is a little questionable and we need to check POSIX.1 to make sure it's "right". More commenting work still remains to be done. o Update credential management calls, such as crfree(), to take into account new ruidinfo reference. o Modify or add the following uid and gid helper routines: change_euid() change_egid() change_ruid() change_rgid() change_svuid() change_svgid() In each case, the call now acts on a credential not a process, and as such no longer requires more complicated process locking/etc. They now assume the caller will do any necessary allocation of an exclusive credential reference. Each is commented to document its reference requirements. o CANSIGIO() is simplified to require only credentials, not processes and pcreds. o Remove lots of (p_pcred==NULL) checks. o Add an XXX to authorization code in nfs_lock.c, since it's questionable, and needs to be considered carefully. o Simplify posix4 authorization code to require only credentials, not processes and pcreds. Note that this authorization, as well as CANSIGIO(), needs to be updated to use the p_cansignal() and p_cansched() centralized authorization routines, as they currently do not take into account some desirable restrictions that are handled by the centralized routines, as well as being inconsistent with other similar authorization instances. o Update libkvm to take these changes into account. Obtained from: TrustedBSD Project Reviewed by: green, bde, jhb, freebsd-arch, freebsd-audit
2001-05-25 16:59:11 +00:00
if (oldcred->cr_svuid != uid) {
change_svuid(newcred, uid);
setsugid(p);
}
}
o Merge contents of struct pcred into struct ucred. Specifically, add the real uid, saved uid, real gid, and saved gid to ucred, as well as the pcred->pc_uidinfo, which was associated with the real uid, only rename it to cr_ruidinfo so as not to conflict with cr_uidinfo, which corresponds to the effective uid. o Remove p_cred from struct proc; add p_ucred to struct proc, replacing original macro that pointed. p->p_ucred to p->p_cred->pc_ucred. o Universally update code so that it makes use of ucred instead of pcred, p->p_ucred instead of p->p_pcred, cr_ruidinfo instead of p_uidinfo, cr_{r,sv}{u,g}id instead of p_*, etc. o Remove pcred0 and its initialization from init_main.c; initialize cr_ruidinfo there. o Restruction many credential modification chunks to always crdup while we figure out locking and optimizations; generally speaking, this means moving to a structure like this: newcred = crdup(oldcred); ... p->p_ucred = newcred; crfree(oldcred); It's not race-free, but better than nothing. There are also races in sys_process.c, all inter-process authorization, fork, exec, and exit. o Remove sigio->sio_ruid since sigio->sio_ucred now contains the ruid; remove comments indicating that the old arrangement was a problem. o Restructure exec1() a little to use newcred/oldcred arrangement, and use improved uid management primitives. o Clean up exit1() so as to do less work in credential cleanup due to pcred removal. o Clean up fork1() so as to do less work in credential cleanup and allocation. o Clean up ktrcanset() to take into account changes, and move to using suser_xxx() instead of performing a direct uid==0 comparision. o Improve commenting in various kern_prot.c credential modification calls to better document current behavior. In a couple of places, current behavior is a little questionable and we need to check POSIX.1 to make sure it's "right". More commenting work still remains to be done. o Update credential management calls, such as crfree(), to take into account new ruidinfo reference. o Modify or add the following uid and gid helper routines: change_euid() change_egid() change_ruid() change_rgid() change_svuid() change_svgid() In each case, the call now acts on a credential not a process, and as such no longer requires more complicated process locking/etc. They now assume the caller will do any necessary allocation of an exclusive credential reference. Each is commented to document its reference requirements. o CANSIGIO() is simplified to require only credentials, not processes and pcreds. o Remove lots of (p_pcred==NULL) checks. o Add an XXX to authorization code in nfs_lock.c, since it's questionable, and needs to be considered carefully. o Simplify posix4 authorization code to require only credentials, not processes and pcreds. Note that this authorization, as well as CANSIGIO(), needs to be updated to use the p_cansignal() and p_cansched() centralized authorization routines, as they currently do not take into account some desirable restrictions that are handled by the centralized routines, as well as being inconsistent with other similar authorization instances. o Update libkvm to take these changes into account. Obtained from: TrustedBSD Project Reviewed by: green, bde, jhb, freebsd-arch, freebsd-audit
2001-05-25 16:59:11 +00:00
if (newcred->cr_uid != uid) {
change_euid(newcred, uip);
setsugid(p);
}
o Merge contents of struct pcred into struct ucred. Specifically, add the real uid, saved uid, real gid, and saved gid to ucred, as well as the pcred->pc_uidinfo, which was associated with the real uid, only rename it to cr_ruidinfo so as not to conflict with cr_uidinfo, which corresponds to the effective uid. o Remove p_cred from struct proc; add p_ucred to struct proc, replacing original macro that pointed. p->p_ucred to p->p_cred->pc_ucred. o Universally update code so that it makes use of ucred instead of pcred, p->p_ucred instead of p->p_pcred, cr_ruidinfo instead of p_uidinfo, cr_{r,sv}{u,g}id instead of p_*, etc. o Remove pcred0 and its initialization from init_main.c; initialize cr_ruidinfo there. o Restruction many credential modification chunks to always crdup while we figure out locking and optimizations; generally speaking, this means moving to a structure like this: newcred = crdup(oldcred); ... p->p_ucred = newcred; crfree(oldcred); It's not race-free, but better than nothing. There are also races in sys_process.c, all inter-process authorization, fork, exec, and exit. o Remove sigio->sio_ruid since sigio->sio_ucred now contains the ruid; remove comments indicating that the old arrangement was a problem. o Restructure exec1() a little to use newcred/oldcred arrangement, and use improved uid management primitives. o Clean up exit1() so as to do less work in credential cleanup due to pcred removal. o Clean up fork1() so as to do less work in credential cleanup and allocation. o Clean up ktrcanset() to take into account changes, and move to using suser_xxx() instead of performing a direct uid==0 comparision. o Improve commenting in various kern_prot.c credential modification calls to better document current behavior. In a couple of places, current behavior is a little questionable and we need to check POSIX.1 to make sure it's "right". More commenting work still remains to be done. o Update credential management calls, such as crfree(), to take into account new ruidinfo reference. o Modify or add the following uid and gid helper routines: change_euid() change_egid() change_ruid() change_rgid() change_svuid() change_svgid() In each case, the call now acts on a credential not a process, and as such no longer requires more complicated process locking/etc. They now assume the caller will do any necessary allocation of an exclusive credential reference. Each is commented to document its reference requirements. o CANSIGIO() is simplified to require only credentials, not processes and pcreds. o Remove lots of (p_pcred==NULL) checks. o Add an XXX to authorization code in nfs_lock.c, since it's questionable, and needs to be considered carefully. o Simplify posix4 authorization code to require only credentials, not processes and pcreds. Note that this authorization, as well as CANSIGIO(), needs to be updated to use the p_cansignal() and p_cansched() centralized authorization routines, as they currently do not take into account some desirable restrictions that are handled by the centralized routines, as well as being inconsistent with other similar authorization instances. o Update libkvm to take these changes into account. Obtained from: TrustedBSD Project Reviewed by: green, bde, jhb, freebsd-arch, freebsd-audit
2001-05-25 16:59:11 +00:00
p->p_ucred = newcred;
PROC_UNLOCK(p);
uifree(uip);
o Merge contents of struct pcred into struct ucred. Specifically, add the real uid, saved uid, real gid, and saved gid to ucred, as well as the pcred->pc_uidinfo, which was associated with the real uid, only rename it to cr_ruidinfo so as not to conflict with cr_uidinfo, which corresponds to the effective uid. o Remove p_cred from struct proc; add p_ucred to struct proc, replacing original macro that pointed. p->p_ucred to p->p_cred->pc_ucred. o Universally update code so that it makes use of ucred instead of pcred, p->p_ucred instead of p->p_pcred, cr_ruidinfo instead of p_uidinfo, cr_{r,sv}{u,g}id instead of p_*, etc. o Remove pcred0 and its initialization from init_main.c; initialize cr_ruidinfo there. o Restruction many credential modification chunks to always crdup while we figure out locking and optimizations; generally speaking, this means moving to a structure like this: newcred = crdup(oldcred); ... p->p_ucred = newcred; crfree(oldcred); It's not race-free, but better than nothing. There are also races in sys_process.c, all inter-process authorization, fork, exec, and exit. o Remove sigio->sio_ruid since sigio->sio_ucred now contains the ruid; remove comments indicating that the old arrangement was a problem. o Restructure exec1() a little to use newcred/oldcred arrangement, and use improved uid management primitives. o Clean up exit1() so as to do less work in credential cleanup due to pcred removal. o Clean up fork1() so as to do less work in credential cleanup and allocation. o Clean up ktrcanset() to take into account changes, and move to using suser_xxx() instead of performing a direct uid==0 comparision. o Improve commenting in various kern_prot.c credential modification calls to better document current behavior. In a couple of places, current behavior is a little questionable and we need to check POSIX.1 to make sure it's "right". More commenting work still remains to be done. o Update credential management calls, such as crfree(), to take into account new ruidinfo reference. o Modify or add the following uid and gid helper routines: change_euid() change_egid() change_ruid() change_rgid() change_svuid() change_svgid() In each case, the call now acts on a credential not a process, and as such no longer requires more complicated process locking/etc. They now assume the caller will do any necessary allocation of an exclusive credential reference. Each is commented to document its reference requirements. o CANSIGIO() is simplified to require only credentials, not processes and pcreds. o Remove lots of (p_pcred==NULL) checks. o Add an XXX to authorization code in nfs_lock.c, since it's questionable, and needs to be considered carefully. o Simplify posix4 authorization code to require only credentials, not processes and pcreds. Note that this authorization, as well as CANSIGIO(), needs to be updated to use the p_cansignal() and p_cansched() centralized authorization routines, as they currently do not take into account some desirable restrictions that are handled by the centralized routines, as well as being inconsistent with other similar authorization instances. o Update libkvm to take these changes into account. Obtained from: TrustedBSD Project Reviewed by: green, bde, jhb, freebsd-arch, freebsd-audit
2001-05-25 16:59:11 +00:00
crfree(oldcred);
return (0);
}
/*
* OSF/1 defines _POSIX_SAVED_IDS, which means that our normal
* setgid() won't work.
*
* If you change "uid" to "gid" in the discussion, above, about
* setuid(), you'll get a correct description of setgid().
*/
int
osf1_setgid(td, uap)
struct thread *td;
struct osf1_setgid_args *uap;
{
struct proc *p;
int error;
gid_t gid;
o Merge contents of struct pcred into struct ucred. Specifically, add the real uid, saved uid, real gid, and saved gid to ucred, as well as the pcred->pc_uidinfo, which was associated with the real uid, only rename it to cr_ruidinfo so as not to conflict with cr_uidinfo, which corresponds to the effective uid. o Remove p_cred from struct proc; add p_ucred to struct proc, replacing original macro that pointed. p->p_ucred to p->p_cred->pc_ucred. o Universally update code so that it makes use of ucred instead of pcred, p->p_ucred instead of p->p_pcred, cr_ruidinfo instead of p_uidinfo, cr_{r,sv}{u,g}id instead of p_*, etc. o Remove pcred0 and its initialization from init_main.c; initialize cr_ruidinfo there. o Restruction many credential modification chunks to always crdup while we figure out locking and optimizations; generally speaking, this means moving to a structure like this: newcred = crdup(oldcred); ... p->p_ucred = newcred; crfree(oldcred); It's not race-free, but better than nothing. There are also races in sys_process.c, all inter-process authorization, fork, exec, and exit. o Remove sigio->sio_ruid since sigio->sio_ucred now contains the ruid; remove comments indicating that the old arrangement was a problem. o Restructure exec1() a little to use newcred/oldcred arrangement, and use improved uid management primitives. o Clean up exit1() so as to do less work in credential cleanup due to pcred removal. o Clean up fork1() so as to do less work in credential cleanup and allocation. o Clean up ktrcanset() to take into account changes, and move to using suser_xxx() instead of performing a direct uid==0 comparision. o Improve commenting in various kern_prot.c credential modification calls to better document current behavior. In a couple of places, current behavior is a little questionable and we need to check POSIX.1 to make sure it's "right". More commenting work still remains to be done. o Update credential management calls, such as crfree(), to take into account new ruidinfo reference. o Modify or add the following uid and gid helper routines: change_euid() change_egid() change_ruid() change_rgid() change_svuid() change_svgid() In each case, the call now acts on a credential not a process, and as such no longer requires more complicated process locking/etc. They now assume the caller will do any necessary allocation of an exclusive credential reference. Each is commented to document its reference requirements. o CANSIGIO() is simplified to require only credentials, not processes and pcreds. o Remove lots of (p_pcred==NULL) checks. o Add an XXX to authorization code in nfs_lock.c, since it's questionable, and needs to be considered carefully. o Simplify posix4 authorization code to require only credentials, not processes and pcreds. Note that this authorization, as well as CANSIGIO(), needs to be updated to use the p_cansignal() and p_cansched() centralized authorization routines, as they currently do not take into account some desirable restrictions that are handled by the centralized routines, as well as being inconsistent with other similar authorization instances. o Update libkvm to take these changes into account. Obtained from: TrustedBSD Project Reviewed by: green, bde, jhb, freebsd-arch, freebsd-audit
2001-05-25 16:59:11 +00:00
struct ucred *newcred, *oldcred;
p = td->td_proc;
2002-12-14 01:56:26 +00:00
gid = uap->gid;
newcred = crget();
PROC_LOCK(p);
o Merge contents of struct pcred into struct ucred. Specifically, add the real uid, saved uid, real gid, and saved gid to ucred, as well as the pcred->pc_uidinfo, which was associated with the real uid, only rename it to cr_ruidinfo so as not to conflict with cr_uidinfo, which corresponds to the effective uid. o Remove p_cred from struct proc; add p_ucred to struct proc, replacing original macro that pointed. p->p_ucred to p->p_cred->pc_ucred. o Universally update code so that it makes use of ucred instead of pcred, p->p_ucred instead of p->p_pcred, cr_ruidinfo instead of p_uidinfo, cr_{r,sv}{u,g}id instead of p_*, etc. o Remove pcred0 and its initialization from init_main.c; initialize cr_ruidinfo there. o Restruction many credential modification chunks to always crdup while we figure out locking and optimizations; generally speaking, this means moving to a structure like this: newcred = crdup(oldcred); ... p->p_ucred = newcred; crfree(oldcred); It's not race-free, but better than nothing. There are also races in sys_process.c, all inter-process authorization, fork, exec, and exit. o Remove sigio->sio_ruid since sigio->sio_ucred now contains the ruid; remove comments indicating that the old arrangement was a problem. o Restructure exec1() a little to use newcred/oldcred arrangement, and use improved uid management primitives. o Clean up exit1() so as to do less work in credential cleanup due to pcred removal. o Clean up fork1() so as to do less work in credential cleanup and allocation. o Clean up ktrcanset() to take into account changes, and move to using suser_xxx() instead of performing a direct uid==0 comparision. o Improve commenting in various kern_prot.c credential modification calls to better document current behavior. In a couple of places, current behavior is a little questionable and we need to check POSIX.1 to make sure it's "right". More commenting work still remains to be done. o Update credential management calls, such as crfree(), to take into account new ruidinfo reference. o Modify or add the following uid and gid helper routines: change_euid() change_egid() change_ruid() change_rgid() change_svuid() change_svgid() In each case, the call now acts on a credential not a process, and as such no longer requires more complicated process locking/etc. They now assume the caller will do any necessary allocation of an exclusive credential reference. Each is commented to document its reference requirements. o CANSIGIO() is simplified to require only credentials, not processes and pcreds. o Remove lots of (p_pcred==NULL) checks. o Add an XXX to authorization code in nfs_lock.c, since it's questionable, and needs to be considered carefully. o Simplify posix4 authorization code to require only credentials, not processes and pcreds. Note that this authorization, as well as CANSIGIO(), needs to be updated to use the p_cansignal() and p_cansched() centralized authorization routines, as they currently do not take into account some desirable restrictions that are handled by the centralized routines, as well as being inconsistent with other similar authorization instances. o Update libkvm to take these changes into account. Obtained from: TrustedBSD Project Reviewed by: green, bde, jhb, freebsd-arch, freebsd-audit
2001-05-25 16:59:11 +00:00
oldcred = p->p_ucred;
if (((error = suser_cred(p->p_ucred, SUSER_ALLOWJAIL)) != 0 ) &&
gid != oldcred->cr_rgid && gid != oldcred->cr_svgid) {
PROC_UNLOCK(p);
crfree(newcred);
return (error);
}
crcopy(newcred, oldcred);
if (error == 0) {
o Merge contents of struct pcred into struct ucred. Specifically, add the real uid, saved uid, real gid, and saved gid to ucred, as well as the pcred->pc_uidinfo, which was associated with the real uid, only rename it to cr_ruidinfo so as not to conflict with cr_uidinfo, which corresponds to the effective uid. o Remove p_cred from struct proc; add p_ucred to struct proc, replacing original macro that pointed. p->p_ucred to p->p_cred->pc_ucred. o Universally update code so that it makes use of ucred instead of pcred, p->p_ucred instead of p->p_pcred, cr_ruidinfo instead of p_uidinfo, cr_{r,sv}{u,g}id instead of p_*, etc. o Remove pcred0 and its initialization from init_main.c; initialize cr_ruidinfo there. o Restruction many credential modification chunks to always crdup while we figure out locking and optimizations; generally speaking, this means moving to a structure like this: newcred = crdup(oldcred); ... p->p_ucred = newcred; crfree(oldcred); It's not race-free, but better than nothing. There are also races in sys_process.c, all inter-process authorization, fork, exec, and exit. o Remove sigio->sio_ruid since sigio->sio_ucred now contains the ruid; remove comments indicating that the old arrangement was a problem. o Restructure exec1() a little to use newcred/oldcred arrangement, and use improved uid management primitives. o Clean up exit1() so as to do less work in credential cleanup due to pcred removal. o Clean up fork1() so as to do less work in credential cleanup and allocation. o Clean up ktrcanset() to take into account changes, and move to using suser_xxx() instead of performing a direct uid==0 comparision. o Improve commenting in various kern_prot.c credential modification calls to better document current behavior. In a couple of places, current behavior is a little questionable and we need to check POSIX.1 to make sure it's "right". More commenting work still remains to be done. o Update credential management calls, such as crfree(), to take into account new ruidinfo reference. o Modify or add the following uid and gid helper routines: change_euid() change_egid() change_ruid() change_rgid() change_svuid() change_svgid() In each case, the call now acts on a credential not a process, and as such no longer requires more complicated process locking/etc. They now assume the caller will do any necessary allocation of an exclusive credential reference. Each is commented to document its reference requirements. o CANSIGIO() is simplified to require only credentials, not processes and pcreds. o Remove lots of (p_pcred==NULL) checks. o Add an XXX to authorization code in nfs_lock.c, since it's questionable, and needs to be considered carefully. o Simplify posix4 authorization code to require only credentials, not processes and pcreds. Note that this authorization, as well as CANSIGIO(), needs to be updated to use the p_cansignal() and p_cansched() centralized authorization routines, as they currently do not take into account some desirable restrictions that are handled by the centralized routines, as well as being inconsistent with other similar authorization instances. o Update libkvm to take these changes into account. Obtained from: TrustedBSD Project Reviewed by: green, bde, jhb, freebsd-arch, freebsd-audit
2001-05-25 16:59:11 +00:00
if (gid != oldcred->cr_rgid) {
change_rgid(newcred, gid);
setsugid(p);
}
if (oldcred->cr_svgid != gid) {
change_svgid(newcred, gid);
setsugid(p);
}
}
if (newcred->cr_groups[0] != gid) {
change_egid(newcred, gid);
setsugid(p);
}
o Merge contents of struct pcred into struct ucred. Specifically, add the real uid, saved uid, real gid, and saved gid to ucred, as well as the pcred->pc_uidinfo, which was associated with the real uid, only rename it to cr_ruidinfo so as not to conflict with cr_uidinfo, which corresponds to the effective uid. o Remove p_cred from struct proc; add p_ucred to struct proc, replacing original macro that pointed. p->p_ucred to p->p_cred->pc_ucred. o Universally update code so that it makes use of ucred instead of pcred, p->p_ucred instead of p->p_pcred, cr_ruidinfo instead of p_uidinfo, cr_{r,sv}{u,g}id instead of p_*, etc. o Remove pcred0 and its initialization from init_main.c; initialize cr_ruidinfo there. o Restruction many credential modification chunks to always crdup while we figure out locking and optimizations; generally speaking, this means moving to a structure like this: newcred = crdup(oldcred); ... p->p_ucred = newcred; crfree(oldcred); It's not race-free, but better than nothing. There are also races in sys_process.c, all inter-process authorization, fork, exec, and exit. o Remove sigio->sio_ruid since sigio->sio_ucred now contains the ruid; remove comments indicating that the old arrangement was a problem. o Restructure exec1() a little to use newcred/oldcred arrangement, and use improved uid management primitives. o Clean up exit1() so as to do less work in credential cleanup due to pcred removal. o Clean up fork1() so as to do less work in credential cleanup and allocation. o Clean up ktrcanset() to take into account changes, and move to using suser_xxx() instead of performing a direct uid==0 comparision. o Improve commenting in various kern_prot.c credential modification calls to better document current behavior. In a couple of places, current behavior is a little questionable and we need to check POSIX.1 to make sure it's "right". More commenting work still remains to be done. o Update credential management calls, such as crfree(), to take into account new ruidinfo reference. o Modify or add the following uid and gid helper routines: change_euid() change_egid() change_ruid() change_rgid() change_svuid() change_svgid() In each case, the call now acts on a credential not a process, and as such no longer requires more complicated process locking/etc. They now assume the caller will do any necessary allocation of an exclusive credential reference. Each is commented to document its reference requirements. o CANSIGIO() is simplified to require only credentials, not processes and pcreds. o Remove lots of (p_pcred==NULL) checks. o Add an XXX to authorization code in nfs_lock.c, since it's questionable, and needs to be considered carefully. o Simplify posix4 authorization code to require only credentials, not processes and pcreds. Note that this authorization, as well as CANSIGIO(), needs to be updated to use the p_cansignal() and p_cansched() centralized authorization routines, as they currently do not take into account some desirable restrictions that are handled by the centralized routines, as well as being inconsistent with other similar authorization instances. o Update libkvm to take these changes into account. Obtained from: TrustedBSD Project Reviewed by: green, bde, jhb, freebsd-arch, freebsd-audit
2001-05-25 16:59:11 +00:00
p->p_ucred = newcred;
PROC_UNLOCK(p);
o Merge contents of struct pcred into struct ucred. Specifically, add the real uid, saved uid, real gid, and saved gid to ucred, as well as the pcred->pc_uidinfo, which was associated with the real uid, only rename it to cr_ruidinfo so as not to conflict with cr_uidinfo, which corresponds to the effective uid. o Remove p_cred from struct proc; add p_ucred to struct proc, replacing original macro that pointed. p->p_ucred to p->p_cred->pc_ucred. o Universally update code so that it makes use of ucred instead of pcred, p->p_ucred instead of p->p_pcred, cr_ruidinfo instead of p_uidinfo, cr_{r,sv}{u,g}id instead of p_*, etc. o Remove pcred0 and its initialization from init_main.c; initialize cr_ruidinfo there. o Restruction many credential modification chunks to always crdup while we figure out locking and optimizations; generally speaking, this means moving to a structure like this: newcred = crdup(oldcred); ... p->p_ucred = newcred; crfree(oldcred); It's not race-free, but better than nothing. There are also races in sys_process.c, all inter-process authorization, fork, exec, and exit. o Remove sigio->sio_ruid since sigio->sio_ucred now contains the ruid; remove comments indicating that the old arrangement was a problem. o Restructure exec1() a little to use newcred/oldcred arrangement, and use improved uid management primitives. o Clean up exit1() so as to do less work in credential cleanup due to pcred removal. o Clean up fork1() so as to do less work in credential cleanup and allocation. o Clean up ktrcanset() to take into account changes, and move to using suser_xxx() instead of performing a direct uid==0 comparision. o Improve commenting in various kern_prot.c credential modification calls to better document current behavior. In a couple of places, current behavior is a little questionable and we need to check POSIX.1 to make sure it's "right". More commenting work still remains to be done. o Update credential management calls, such as crfree(), to take into account new ruidinfo reference. o Modify or add the following uid and gid helper routines: change_euid() change_egid() change_ruid() change_rgid() change_svuid() change_svgid() In each case, the call now acts on a credential not a process, and as such no longer requires more complicated process locking/etc. They now assume the caller will do any necessary allocation of an exclusive credential reference. Each is commented to document its reference requirements. o CANSIGIO() is simplified to require only credentials, not processes and pcreds. o Remove lots of (p_pcred==NULL) checks. o Add an XXX to authorization code in nfs_lock.c, since it's questionable, and needs to be considered carefully. o Simplify posix4 authorization code to require only credentials, not processes and pcreds. Note that this authorization, as well as CANSIGIO(), needs to be updated to use the p_cansignal() and p_cansched() centralized authorization routines, as they currently do not take into account some desirable restrictions that are handled by the centralized routines, as well as being inconsistent with other similar authorization instances. o Update libkvm to take these changes into account. Obtained from: TrustedBSD Project Reviewed by: green, bde, jhb, freebsd-arch, freebsd-audit
2001-05-25 16:59:11 +00:00
crfree(oldcred);
return (0);
}
/*
* The structures end up being the same... but we can't be sure that
* the other word of our iov_len is zero!
*/
struct osf1_iovec {
char *iov_base;
int iov_len;
};
static int
osf1_copyinuio(struct osf1_iovec *iovp, u_int iovcnt, struct uio **uiop)
{
struct osf1_iovec oiov;
struct iovec *iov;
struct uio *uio;
u_int iovlen;
int error, i;
*uiop = NULL;
if (iovcnt > UIO_MAXIOV)
return (EINVAL);
iovlen = iovcnt * sizeof(struct iovec);
uio = malloc(iovlen + sizeof *uio, M_IOV, M_WAITOK);
iov = (struct iovec *)(uio + 1);
for (i = 0; i < iovcnt; i++) {
error = copyin(&iovp[i], &oiov, sizeof(struct osf1_iovec));
if (error) {
free(uio, M_IOV);
return (error);
}
iov[i].iov_base = oiov.iov_base;
iov[i].iov_len = oiov.iov_len;
}
uio->uio_iov = iov;
uio->uio_iovcnt = iovcnt;
uio->uio_segflg = UIO_USERSPACE;
uio->uio_offset = -1;
uio->uio_resid = 0;
for (i = 0; i < iovcnt; i++) {
if (iov->iov_len > INT_MAX - uio->uio_resid) {
free(uio, M_IOV);
return (EINVAL);
}
uio->uio_resid += iov->iov_len;
iov++;
}
*uiop = uio;
return (0);
}
int
osf1_readv(td, uap)
struct thread *td;
struct osf1_readv_args *uap;
{
struct uio *auio;
int error;
error = osf1_copyinuio(uap->iovp, uap->iovcnt, &auio);
if (error)
return (error);
error = kern_readv(td, uap->fd, auio);
free(auio, M_IOV);
return (error);
}
int
osf1_writev(td, uap)
struct thread *td;
struct osf1_writev_args *uap;
{
struct uio *auio;
int error;
error = osf1_copyinuio(uap->iovp, uap->iovcnt, &auio);
if (error)
return (error);
error = kern_writev(td, uap->fd, auio);
free(auio, M_IOV);
return (error);
}
/*
* More of the stupid off_t padding!
*/
int
osf1_truncate(td, uap)
struct thread *td;
struct osf1_truncate_args *uap;
{
char *path;
int error;
CHECKALTEXIST(td, uap->path, &path);
error = kern_truncate(td, path, UIO_SYSSPACE, uap->length);
free(path, M_TEMP);
return (error);
}
int
osf1_ftruncate(td, uap)
struct thread *td;
struct osf1_ftruncate_args *uap;
{
struct ftruncate_args a;
2002-12-14 01:56:26 +00:00
a.fd = uap->fd;
a.pad = 0;
a.length = uap->length;
return ftruncate(td, &a);
}
static int
osf2bsd_pathconf(name)
int *name;
{
switch (*name) {
case _OSF1_PC_LINK_MAX:
case _OSF1_PC_MAX_CANON:
case _OSF1_PC_MAX_INPUT:
case _OSF1_PC_NAME_MAX:
*name -= 10;
break;
case _OSF1_PC_PATH_MAX:
case _OSF1_PC_PIPE_BUF:
*name -= 9;
case _OSF1_PC_NO_TRUNC:
*name = _PC_NO_TRUNC;
break;
case _OSF1_PC_CHOWN_RESTRICTED:
*name = _PC_CHOWN_RESTRICTED;
break;
case _OSF1_PC_VDISABLE:
*name = _PC_VDISABLE;
break;
default:
return (EINVAL);
}
return 0;
}
int
osf1_pathconf(td, uap)
struct thread *td;
struct osf1_pathconf_args *uap;
{
char *path;
int error;
if (osf2bsd_pathconf(&uap->name))
return (EINVAL);
CHECKALTEXIST(td, uap->path, &path);
error = kern_pathconf(td, path, UIO_SYSSPACE, uap->name);
free(path, M_TEMP);
return (error);
}
int
osf1_fpathconf(td, uap)
struct thread *td;
struct osf1_fpathconf_args *uap;
{
if (osf2bsd_pathconf(&uap->name))
return (EINVAL);
else
return (fpathconf(td, (void *)uap));
}
int
osf1_getrusage(td, uap)
struct thread *td;
struct osf1_getrusage_args *uap;
{
struct osf1_rusage oru;
Rework how we store process times in the kernel such that we always store the raw values including for child process statistics and only compute the system and user timevals on demand. - Fix the various kern_wait() syscall wrappers to only pass in a rusage pointer if they are going to use the result. - Add a kern_getrusage() function for the ABI syscalls to use so that they don't have to play stackgap games to call getrusage(). - Fix the svr4_sys_times() syscall to just call calcru() to calculate the times it needs rather than calling getrusage() twice with associated stackgap, etc. - Add a new rusage_ext structure to store raw time stats such as tick counts for user, system, and interrupt time as well as a bintime of the total runtime. A new p_rux field in struct proc replaces the same inline fields from struct proc (i.e. p_[isu]ticks, p_[isu]u, and p_runtime). A new p_crux field in struct proc contains the "raw" child time usage statistics. ruadd() has been changed to handle adding the associated rusage_ext structures as well as the values in rusage. Effectively, the values in rusage_ext replace the ru_utime and ru_stime values in struct rusage. These two fields in struct rusage are no longer used in the kernel. - calcru() has been split into a static worker function calcru1() that calculates appropriate timevals for user and system time as well as updating the rux_[isu]u fields of a passed in rusage_ext structure. calcru() uses a copy of the process' p_rux structure to compute the timevals after updating the runtime appropriately if any of the threads in that process are currently executing. It also now only locks sched_lock internally while doing the rux_runtime fixup. calcru() now only requires the caller to hold the proc lock and calcru1() only requires the proc lock internally. calcru() also no longer allows callers to ask for an interrupt timeval since none of them actually did. - calcru() now correctly handles threads executing on other CPUs. - A new calccru() function computes the child system and user timevals by calling calcru1() on p_crux. Note that this means that any code that wants child times must now call this function rather than reading from p_cru directly. This function also requires the proc lock. - This finishes the locking for rusage and friends so some of the Giant locks in exit1() and kern_wait() are now gone. - The locking in ttyinfo() has been tweaked so that a shared lock of the proctree lock is used to protect the process group rather than the process group lock. By holding this lock until the end of the function we now ensure that the process/thread that we pick to dump info about will no longer vanish while we are trying to output its info to the console. Submitted by: bde (mostly) MFC after: 1 month
2004-10-05 18:51:11 +00:00
struct rusage ru;
int error;
Rework how we store process times in the kernel such that we always store the raw values including for child process statistics and only compute the system and user timevals on demand. - Fix the various kern_wait() syscall wrappers to only pass in a rusage pointer if they are going to use the result. - Add a kern_getrusage() function for the ABI syscalls to use so that they don't have to play stackgap games to call getrusage(). - Fix the svr4_sys_times() syscall to just call calcru() to calculate the times it needs rather than calling getrusage() twice with associated stackgap, etc. - Add a new rusage_ext structure to store raw time stats such as tick counts for user, system, and interrupt time as well as a bintime of the total runtime. A new p_rux field in struct proc replaces the same inline fields from struct proc (i.e. p_[isu]ticks, p_[isu]u, and p_runtime). A new p_crux field in struct proc contains the "raw" child time usage statistics. ruadd() has been changed to handle adding the associated rusage_ext structures as well as the values in rusage. Effectively, the values in rusage_ext replace the ru_utime and ru_stime values in struct rusage. These two fields in struct rusage are no longer used in the kernel. - calcru() has been split into a static worker function calcru1() that calculates appropriate timevals for user and system time as well as updating the rux_[isu]u fields of a passed in rusage_ext structure. calcru() uses a copy of the process' p_rux structure to compute the timevals after updating the runtime appropriately if any of the threads in that process are currently executing. It also now only locks sched_lock internally while doing the rux_runtime fixup. calcru() now only requires the caller to hold the proc lock and calcru1() only requires the proc lock internally. calcru() also no longer allows callers to ask for an interrupt timeval since none of them actually did. - calcru() now correctly handles threads executing on other CPUs. - A new calccru() function computes the child system and user timevals by calling calcru1() on p_crux. Note that this means that any code that wants child times must now call this function rather than reading from p_cru directly. This function also requires the proc lock. - This finishes the locking for rusage and friends so some of the Giant locks in exit1() and kern_wait() are now gone. - The locking in ttyinfo() has been tweaked so that a shared lock of the proctree lock is used to protect the process group rather than the process group lock. By holding this lock until the end of the function we now ensure that the process/thread that we pick to dump info about will no longer vanish while we are trying to output its info to the console. Submitted by: bde (mostly) MFC after: 1 month
2004-10-05 18:51:11 +00:00
error = kern_getrusage(td, uap->who, &ru);
if (error)
return (error);
TV_CP(ru.ru_utime, oru.ru_utime);
TV_CP(ru.ru_stime, oru.ru_stime);
bcopy(&(ru.ru_first), &(oru.ru_first),
(&(oru.ru_last) - &(oru.ru_first)));
return (copyout((caddr_t)&oru, (caddr_t)uap->rusage,
sizeof (struct osf1_rusage)));
}
int
osf1_wait4(td, uap)
struct thread *td;
struct osf1_wait4_args *uap;
{
int error, status;
struct osf1_rusage oru;
Rework how we store process times in the kernel such that we always store the raw values including for child process statistics and only compute the system and user timevals on demand. - Fix the various kern_wait() syscall wrappers to only pass in a rusage pointer if they are going to use the result. - Add a kern_getrusage() function for the ABI syscalls to use so that they don't have to play stackgap games to call getrusage(). - Fix the svr4_sys_times() syscall to just call calcru() to calculate the times it needs rather than calling getrusage() twice with associated stackgap, etc. - Add a new rusage_ext structure to store raw time stats such as tick counts for user, system, and interrupt time as well as a bintime of the total runtime. A new p_rux field in struct proc replaces the same inline fields from struct proc (i.e. p_[isu]ticks, p_[isu]u, and p_runtime). A new p_crux field in struct proc contains the "raw" child time usage statistics. ruadd() has been changed to handle adding the associated rusage_ext structures as well as the values in rusage. Effectively, the values in rusage_ext replace the ru_utime and ru_stime values in struct rusage. These two fields in struct rusage are no longer used in the kernel. - calcru() has been split into a static worker function calcru1() that calculates appropriate timevals for user and system time as well as updating the rux_[isu]u fields of a passed in rusage_ext structure. calcru() uses a copy of the process' p_rux structure to compute the timevals after updating the runtime appropriately if any of the threads in that process are currently executing. It also now only locks sched_lock internally while doing the rux_runtime fixup. calcru() now only requires the caller to hold the proc lock and calcru1() only requires the proc lock internally. calcru() also no longer allows callers to ask for an interrupt timeval since none of them actually did. - calcru() now correctly handles threads executing on other CPUs. - A new calccru() function computes the child system and user timevals by calling calcru1() on p_crux. Note that this means that any code that wants child times must now call this function rather than reading from p_cru directly. This function also requires the proc lock. - This finishes the locking for rusage and friends so some of the Giant locks in exit1() and kern_wait() are now gone. - The locking in ttyinfo() has been tweaked so that a shared lock of the proctree lock is used to protect the process group rather than the process group lock. By holding this lock until the end of the function we now ensure that the process/thread that we pick to dump info about will no longer vanish while we are trying to output its info to the console. Submitted by: bde (mostly) MFC after: 1 month
2004-10-05 18:51:11 +00:00
struct rusage ru, *rup;
Rework how we store process times in the kernel such that we always store the raw values including for child process statistics and only compute the system and user timevals on demand. - Fix the various kern_wait() syscall wrappers to only pass in a rusage pointer if they are going to use the result. - Add a kern_getrusage() function for the ABI syscalls to use so that they don't have to play stackgap games to call getrusage(). - Fix the svr4_sys_times() syscall to just call calcru() to calculate the times it needs rather than calling getrusage() twice with associated stackgap, etc. - Add a new rusage_ext structure to store raw time stats such as tick counts for user, system, and interrupt time as well as a bintime of the total runtime. A new p_rux field in struct proc replaces the same inline fields from struct proc (i.e. p_[isu]ticks, p_[isu]u, and p_runtime). A new p_crux field in struct proc contains the "raw" child time usage statistics. ruadd() has been changed to handle adding the associated rusage_ext structures as well as the values in rusage. Effectively, the values in rusage_ext replace the ru_utime and ru_stime values in struct rusage. These two fields in struct rusage are no longer used in the kernel. - calcru() has been split into a static worker function calcru1() that calculates appropriate timevals for user and system time as well as updating the rux_[isu]u fields of a passed in rusage_ext structure. calcru() uses a copy of the process' p_rux structure to compute the timevals after updating the runtime appropriately if any of the threads in that process are currently executing. It also now only locks sched_lock internally while doing the rux_runtime fixup. calcru() now only requires the caller to hold the proc lock and calcru1() only requires the proc lock internally. calcru() also no longer allows callers to ask for an interrupt timeval since none of them actually did. - calcru() now correctly handles threads executing on other CPUs. - A new calccru() function computes the child system and user timevals by calling calcru1() on p_crux. Note that this means that any code that wants child times must now call this function rather than reading from p_cru directly. This function also requires the proc lock. - This finishes the locking for rusage and friends so some of the Giant locks in exit1() and kern_wait() are now gone. - The locking in ttyinfo() has been tweaked so that a shared lock of the proctree lock is used to protect the process group rather than the process group lock. By holding this lock until the end of the function we now ensure that the process/thread that we pick to dump info about will no longer vanish while we are trying to output its info to the console. Submitted by: bde (mostly) MFC after: 1 month
2004-10-05 18:51:11 +00:00
if (uap->rusage != NULL)
rup = &ru;
else
rup = NULL;
error = kern_wait(td, uap->pid, &status, uap->options, rup);
if (error)
return (error);
if (uap->status != NULL)
error = copyout(&status, uap->status, sizeof(status));
if (uap->rusage != NULL && error == 0) {
TV_CP(ru.ru_utime, oru.ru_utime);
TV_CP(ru.ru_stime, oru.ru_stime);
bcopy(&ru.ru_first, &oru.ru_first,
(&(oru.ru_last) - &(oru.ru_first)));
error = copyout(&oru, uap->rusage, sizeof (struct osf1_rusage));
}
return (error);
}
int
osf1_madvise(td, uap)
struct thread *td;
struct osf1_madvise_args *uap;
{
/* XXX */
return EINVAL;
}
int
osf1_execve(td, uap)
struct thread *td;
struct osf1_execve_args *uap;
{
struct image_args eargs;
char *path;
int error;
CHECKALTEXIST(td, uap->path, &path);
error = exec_copyin_args(&eargs, path, UIO_SYSSPACE, uap->argp,
uap->envp);
free(path, M_TEMP);
if (error == 0)
error = kern_execve(td, &eargs, NULL);
exec_free_args(&eargs);
return (error);
}
int
osf1_usleep_thread(td, uap)
struct thread *td;
struct osf1_usleep_thread_args *uap;
{
int error, s, timo;
struct osf1_timeval time;
struct timeval difftv, endtv, sleeptv, tv;
2002-12-14 01:56:26 +00:00
if ((error = copyin(uap->sleep, &time, sizeof time)))
return (error);
sleeptv.tv_sec = (u_long)time.tv_sec;
sleeptv.tv_usec = (u_long)time.tv_usec;
timo = tvtohz(&sleeptv);
/*
* Some callers use usleep(0) as a sort of thread-yield so make
* sure that the timeout is non-zero.
*/
if (timo == 0)
timo = 1;
s = splclock();
microtime(&tv);
splx(s);
tsleep(td, PUSER|PCATCH, "OSF/1", timo);
2002-12-14 01:56:26 +00:00
if (uap->slept != NULL) {
s = splclock();
microtime(&endtv);
timersub(&time, &endtv, &difftv);
splx(s);
if (tv.tv_sec < 0 || tv.tv_usec < 0)
tv.tv_sec = tv.tv_usec = 0;
TV_CP(difftv, time)
2002-12-14 01:56:26 +00:00
error = copyout(&time, uap->slept, sizeof time);
}
return (error);
}
int
osf1_gettimeofday(td, uap)
struct thread *td;
register struct osf1_gettimeofday_args *uap;
{
int error;
struct timeval atv;
struct timezone tz;
struct osf1_timeval otv;
error = 0;
if (uap->tp) {
microtime(&atv);
otv.tv_sec = atv.tv_sec;
otv.tv_usec = atv.tv_usec;
if ((error = copyout((caddr_t)&otv, (caddr_t)uap->tp,
sizeof (otv))))
return (error);
}
if (uap->tzp) {
tz.tz_minuteswest = tz_minuteswest;
tz.tz_dsttime = tz_dsttime;
error = copyout((caddr_t)&tz, (caddr_t)uap->tzp, sizeof (tz));
}
return (error);
}
int
osf1_select(td, uap)
struct thread *td;
register struct osf1_select_args *uap;
{
struct osf1_timeval otv;
struct timeval tv, *tvp;
int error;
if (uap->tv != NULL) {
error = copyin(uap->tv, &otv, sizeof(otv));
if (error)
return (error);
TV_CP(otv, tv);
tvp = &tv;
} else
tvp = NULL;
return (kern_select(td, uap->nd, uap->in, uap->ou, uap->ex, tvp));
}
int
osf1_setitimer(td, uap)
struct thread *td;
struct osf1_setitimer_args *uap;
{
struct itimerval itv, oitv;
struct osf1_itimerval otv;
int error;
error = copyin(uap->itv, &otv, sizeof(otv));
if (error) {
printf("%s(%d): error = %d\n", __FILE__, __LINE__, error);
return (error);
}
TV_CP(otv.it_interval, itv.it_interval);
TV_CP(otv.it_value, itv.it_value);
error = kern_setitimer(td, uap->which, &itv, &oitv);
if (error || uap->oitv == NULL)
return (error);
TV_CP(oitv.it_interval, otv.it_interval);
TV_CP(oitv.it_value, otv.it_value);
error = copyout(&otv, uap->oitv, sizeof(otv));
if (error)
printf("%s(%d): error = %d\n", __FILE__, __LINE__, error);
return (error);
}
int
osf1_getitimer(td, uap)
struct thread *td;
struct osf1_getitimer_args *uap;
{
struct itimerval itv;
struct osf1_itimerval otv;
int error;
error = kern_getitimer(td, uap->which, &itv);
if (error)
return (error);
TV_CP(itv.it_interval, otv.it_interval);
TV_CP(itv.it_value, otv.it_value);
error = copyout(&otv, uap->itv, sizeof(otv));
if (error)
printf("%s(%d): error = %d\n", __FILE__, __LINE__, error);
return (error);
}
int
osf1_proplist_syscall(td, uap)
struct thread *td;
struct osf1_proplist_syscall_args *uap;
{
return(EOPNOTSUPP);
}
int
osf1_ntpgettime(td, uap)
struct thread *td;
struct osf1_ntpgettime_args *uap;
{
return(ENOSYS);
}
int
osf1_ntpadjtime(td, uap)
struct thread *td;
struct osf1_ntpadjtime_args *uap;
{
return(ENOSYS);
}
int
osf1_setpgrp(td, uap)
struct thread *td;
struct osf1_setpgrp_args *uap;
{
return(setpgid(td, (struct setpgid_args *)uap));
}
int
osf1_uswitch(td, uap)
struct thread *td;
struct osf1_uswitch_args *uap;
{
struct proc *p;
int rv;
vm_map_entry_t entry;
vm_offset_t zero;
GIANT_REQUIRED;
p = td->td_proc;
zero = 0;
if (uap->cmd == OSF1_USC_GET) {
if (vm_map_lookup_entry(&(p->p_vmspace->vm_map), 0, &entry))
td->td_retval[0] = OSF1_USW_NULLP;
else
td->td_retval[0] = 0;
return(KERN_SUCCESS);
} else if (uap->cmd == OSF1_USC_SET)
if (uap->mask & OSF1_USW_NULLP) {
rv = vm_mmap(&(p->p_vmspace->vm_map), &zero, PAGE_SIZE,
VM_PROT_READ, VM_PROT_ALL,
MAP_PRIVATE | MAP_FIXED | MAP_ANON, OBJT_DEFAULT,
NULL, 0);
if (!rv)
return(KERN_SUCCESS);
else {
printf(
"osf1_uswitch:vm_mmap of zero page failed with status %d\n",
rv);
return(rv);
}
}
return(EINVAL);
}
int
osf1_classcntl(td, uap)
struct thread *td;
struct osf1_classcntl_args *uap;
{
return(EACCES); /* class scheduling not enabled */
}
struct osf1_tbl_loadavg
{
union {
long l[3];
double d[3];
} tl_avenrun;
int tl_lscale;
long tl_mach_factor[3]; /* ???? */
};
struct osf1_tbl_sysinfo {
long si_user;
long si_nice;
long si_sys;
long si_idle;
long si_hz;
long si_phz;
long si_boottime;
long wait;
};
#define TBL_LOADAVG 3
#define TBL_SYSINFO 12
int
osf1_table(td, uap)
struct thread *td;
struct osf1_table_args /*{
long id;
long index;
void *addr;
long nel;
u_long lel;
}*/ *uap;
{
int retval;
struct osf1_tbl_loadavg ld;
struct osf1_tbl_sysinfo si;
retval = 0;
switch(uap->id) {
case TBL_LOADAVG: /* xemacs wants this */
if ((uap->index != 0) || (uap->nel != 1))
retval = EINVAL;
bcopy(&averunnable, &ld, sizeof(averunnable));
ld.tl_lscale = (u_int)averunnable.fscale;
retval = copyout(&ld, uap->addr, sizeof(ld));
break;
case TBL_SYSINFO:
if ((uap->index != 0) || (uap->nel != 1))
retval = EINVAL;
bzero(&si, sizeof(si));
#if 0
si.si_user = cp_time[CP_USER];
si.si_nice = cp_time[CP_NICE];
si.si_sys = cp_time[CP_SYS];
si.si_idle = cp_time[CP_IDLE];
si.wait = cp_time[CP_INTR];
#endif
si.si_hz = hz;
si.si_phz = profhz;
si.si_boottime = boottime.tv_sec;
retval = copyout(&si, uap->addr, sizeof(si));
break;
default:
printf("osf1_table: %ld, %ld, %p, %ld %ld\n",
uap->id, uap->index, uap->addr, uap->nel, uap->lel);
retval = EINVAL;
}
return retval;
}
/*
* MPSAFE
*/
int
osf1_sysinfo(td, uap)
struct thread *td;
struct osf1_sysinfo_args /*{
int cmd;
char *buf;
long count;
}*/ *uap;
{
int name[2], retval;
size_t bytes, len;
char *string;
string = NULL;
switch(uap->cmd) {
case 1: /* OS */
string = "OSF1";
break;
case 2: /* hostname, from ogethostname */
len = uap->count;
name[0] = CTL_KERN;
name[1] = KERN_HOSTNAME;
mtx_lock(&Giant);
retval = userland_sysctl(td, name, 2, uap->buf, &len,
2004-10-14 10:43:47 +00:00
1, 0, 0, &bytes, 0);
mtx_unlock(&Giant);
td->td_retval[0] = bytes;
return(retval);
break;
case 3: /* release of osf1 */
string = "V4.0";
break;
case 4: /* minor version of osf1 */
string = "878";
break;
case 5: /* machine or arch */
case 6:
string = "alpha";
break;
case 7: /* serial number, real osf1 returns 0! */
string = "0";
break;
case 8: /* HW vendor */
string = "Digital";
break;
case 9: /* dunno, this is what du does.. */
return(ENOSYS);
break;
default:
return(EINVAL);
}
bytes = min(uap->count, strlen(string)+1);
copyout(string, uap->buf, bytes);
td->td_retval[0] = bytes;
return(0);
}