Commit Graph

982 Commits

Author SHA1 Message Date
Poul-Henning Kamp
d018a84cbc Fix "echo > /dev/null" for non-root users which broke in previous commit. 2001-11-04 19:12:59 +00:00
Matthew Dillon
6b8bd2efc1 Add mnt_reservedvnlist so we can MFC to 4.x, in order to make all mount
structure changes now rather then piecemeal later on.  mnt_nvnodelist
currently holds all the vnodes under the mount point.  This will eventually
be split into a 'dirty' and 'clean' list.  This way we only break kld's once
rather then twice.  nvnodelist will eventually turn into the dirty list
and should remain compatible with the klds.
2001-11-04 18:55:42 +00:00
Poul-Henning Kamp
d7c95b6e27 B_ERROR is BIO_ERROR on -current.
Now it compiles, I don't know if it works.
2001-11-04 08:53:38 +00:00
Matthew Dillon
aa454a4b53 Fix a bug in CD9660 when vmiodirenable is turned on. CD9660 was assuming
that a buffer's b_blkno would be valid.  This is true when vmiodirenable
is turned off because the B_MALLOC'd buffer's data is invalidated when
the buffer is destroyed.  But when vmiodirenable is turned on a buffer
can be reconstituted from its VMIO backing store.  The reconstituted buffer
will have no knowledge of the physical block translation and the result is
serious directory corruption of the CDROM.

The solution is to fix cd9660_blkatoff() to always BMAP the buffer if
b_lblkno == b_blkno.

MFC after:	0 days
2001-11-04 06:18:55 +00:00
Poul-Henning Kamp
9607027339 Use vfs_timestamp() instead of getnanotime().
Add magic stuff copied from ufs_setattr().

Instructed by:	bde
2001-11-03 17:00:02 +00:00
Poul-Henning Kamp
93432a92a4 Use vfs_timestamp() instead of getnanotime() directly.
Fix some modes on directories and symlinks.

Instructed by:	bde
2001-11-03 16:53:24 +00:00
Dag-Erling Smørgrav
41aa8697b5 Reduce the number of #include dependencies by declaring some of the structs
used in pseudofs.h as opaque structs.
2001-11-03 03:07:09 +00:00
Matthew Dillon
0e9fe2127c Adjust printfs to be time_t agnostic. 2001-10-28 22:53:45 +00:00
Dag-Erling Smørgrav
1831900053 Add VOP_IOCTL support, and fix a bug that would cause a panic if a file or
symlink lacked a filler function.
2001-10-26 18:52:47 +00:00
Matthew Dillon
c72ccd014d Change the vnode list under the mount point from a LIST to a TAILQ
in preparation for an implementation of limiting code for kern.maxvnodes.

MFC after:	3 days
2001-10-23 01:21:29 +00:00
Dag-Erling Smørgrav
c193b945eb No, you may not /* FALLTHROUGH */. Not only will you return an incorrect
result, but you'd corrupt the kernel malloc() arena if it weren't for a
small but life-saving optimization in ioctl().

MFC after:	1 week
2001-10-22 16:13:38 +00:00
Dag-Erling Smørgrav
7c62990641 Move procfs_* from procfs_machdep.c into sys_process.c, and rename them to
proc_* in the process; procfs_machdep.c is no longer needed.

Run-tested on i386, build-tested on Alpha, untested on other platforms.
2001-10-21 23:57:24 +00:00
John Baldwin
dee2bb2540 Assert that a ucred is unshared before we remap its ids. 2001-10-20 03:30:34 +00:00
Dag-Erling Smørgrav
32c798f806 Argh! I updated the version number in the MODULE_DEPEND() thingamagook but
not in the actual MODULE_VERSION().  Pass me the pointy hat.
2001-10-19 18:23:51 +00:00
Dag-Erling Smørgrav
33802b9eff Switch to dynamic rather than static initialization.
This makes it possible (in theory) for nodes to be added and / or removed
from pseudofs filesystems at runtime.
2001-10-19 01:43:06 +00:00
Bruce Evans
4e567de4ae Fixed bitrot in a banal comment by removing the comment. 2001-10-13 06:57:59 +00:00
Bruce Evans
c95b982aed Backed out vestiges of the quick fixes for the transient breakage of
<sys/mount.h> in rev.1.106 of the latter (don't include <sys/socket.h>
just to work around bugs in <sys/mount.h>).
2001-10-13 06:41:41 +00:00
John Baldwin
bd78cece5d Change the kernel's ucred API as follows:
- crhold() returns a reference to the ucred whose refcount it bumps.
- crcopy() now simply copies the credentials from one credential to
  another and has no return value.
- a new crshared() primitive is added which returns true if a ucred's
  refcount is > 1 and false (0) otherwise.
2001-10-11 23:38:17 +00:00
John Baldwin
7106ca0d1a Add missing includes of sys/lock.h. 2001-10-11 17:52:20 +00:00
Dag-Erling Smørgrav
3da3249106 Dissociate ptrace from procfs.
Until now, the ptrace syscall was implemented as a wrapper that called
various functions in procfs depending on which ptrace operation was
requested.  Most of these functions were themselves wrappers around
procfs_{read,write}_{,db,fp}regs(), with only some extra error checks,
which weren't necessary in the ptrace case anyway.

This commit moves procfs_rwmem() from procfs_mem.c into sys_process.c
(renaming it to proc_rwmem() in the process), and implements ptrace()
directly in terms of procfs_{read,write}_{,db,fp}regs() instead of
having it fake up a struct uio and then call procfs_do{,db,fp}regs().

It also moves the prototypes for procfs_{read,write}_{,db,fp}regs()
and proc_rwmem() from proc.h to ptrace.h, and marks all procfs files
except procfs_machdep.c as "optional procfs" instead of "standard".
2001-10-07 20:08:42 +00:00
Dag-Erling Smørgrav
080cf92b85 Remove some useless preprocesor paranoia. 2001-10-07 19:41:19 +00:00
Dag-Erling Smørgrav
8d5f9fac24 In procfs_readdir(), when the directory being read was a process directory,
the target process was being held locked during the uiomove() call.  If the
process calling readdir() was the same as the target process (for instance
'ls /proc/curproc/'), and uiomove() caused a page fault, the result would
be a proc lock recursion.  I have no idea how long this has been broken -
possibly ever since pfind() was changed to lock the process it returns.

Also replace the one and only call to procfs_findtextvp() with a direct
test of td->td_proc->p_textvp.
2001-10-07 19:37:13 +00:00
Dag-Erling Smørgrav
b84ce33438 Add a PFS_DISABLED flag; pfs_visible() automatically returns 0 if it is set
on the node in question.  Also add two API functions for setting and clearing
this flag; setting it also reclaims all vnodes associated with the node.
2001-10-02 22:22:42 +00:00
Dag-Erling Smørgrav
b7004390b3 Only print "XXX (un)registered" message if bootverbose. 2001-10-02 22:21:07 +00:00
Dag-Erling Smørgrav
24efa9d3fa [the previous commit to pseudofs_vncache.c got the wrong log message]
YA pseudofs megacommit, part 2:

 - Merge the pfs_vnode and pfs_vdata structures, and make the vnode cache
   a doubly-linked list.  This eliminates the need to walk the list in
   pfs_vncache_free().

 - Add an exit callout which revokes vnodes associated with the process
   that just exited.  Since it needs to lock the cache when it does this,
   pfs_vncache_mutex needs MTX_RECURSE.
2001-10-01 04:26:33 +00:00
Dag-Erling Smørgrav
198bc14b1d YA pseudofs megacommit, part 1:
- Add a third callback to the pfs_node structure.  This one simply returns
   non-zero if the specified requesting process is allowed to access the
   specified node for the specified target process.  This is used in
   addition to the usual permission checks, e.g. when certain files don't
   make sense for certain (system) processes.

 - Make sure that pfs_lookup() and pfs_readdir() don't yap about files
   which aren't pfs_visible().  Also check pfs_visible() before performing
   reads and writes, to prevent the kind of races reported in SA-00:77 and
   SA-01:55 (fork a child, open /proc/child/ctl, have that child fork a
   setuid binary, and assume control of it).

 - Add some more trace points.
2001-10-01 04:22:20 +00:00
Dag-Erling Smørgrav
7d8f809f00 pseudofs.h:
- Rearrange the flag constants a little to simplify specifying and testing
    for readability and writeability.

pseudofs_vnops.c:

  - Track the aforementioned change.

  - Add checks to pfs_open() to prevent opening read-only files for writing
    or vice versa (pfs_{read,write} would block the actual reads and writes,
    but it's still a bug to allow the open() to succeed).  Also, return
    EOPNOTSUPP if the caller attempts to lock the file.

  - Add more trace points.
2001-09-30 19:41:29 +00:00
Poul-Henning Kamp
40739c02ae The behaviour of whiteout'ing symlinks were too confusing, instead
remove them when asked to.
2001-09-30 08:43:33 +00:00
Dag-Erling Smørgrav
80a3cef87d Pseudofs take 2:
- Remove hardcoded uid, gid, mode from struct pfs_node; make pfs_getattr()
   smart enough to get it right most of the time, and allow for callbacks
   to handle the remaining cases.  Rework the definition macros to match.

 - Add lots of (conditional) debugging output.

 - Fix a long-standing bug inherited from procfs: don't pretend to be a
   read-only file system.  Instead, return EOPNOTSUPP for operations we
   truly can't support and allow others to fail silently.  In particular,
   pfs_lookup() now treats CREATE as LOOKUP.  This may need more work.

 - In pfs_lookup(), if the parent node is process-dependent, check that
   the process in question still exists.

 - Implement pfs_open() - its only current function is to check that the
   process opening the file can see the process it belongs to.

 - Finish adding support for writeable nodes.

 - Bump module version number.

 - Introduce lots of new bugs.
2001-09-29 00:49:29 +00:00
Dag-Erling Smørgrav
b4056ade84 The previous commit introduced some references to "curproc" which should have
been references to "curthread".  Correct this.
2001-09-28 12:36:54 +00:00
Robert Watson
f86cf763ef o Modify generic specfs device open access control checks to use
securelevel_ge() instead of direct securelevel variable checks.

Obtained from:	TrustedBSD Project
2001-09-26 20:18:26 +00:00
Bill Fenner
bd5b9e17b0 Fix (typo? pasteo?): panic("ffs_mountroot..." -> panic("ntfs_mountroot...") 2001-09-26 00:36:33 +00:00
Dag-Erling Smørgrav
8712e867e1 Clean up my source tree to avoid getting hit too badly by the next KSE or
whatever mega-commit.  This goes some way towards adding support for
writeable files (needed by procfs).
2001-09-25 13:25:30 +00:00
Mike Barcroft
3273a63ed9 A process name may contain whitespace and unprintable characters,
so convert those characters to octal notation.  Also convert
backslashes to octal notation to avoid confusion.

Reviewed by:	des
MFC after:	1 week
2001-09-25 04:42:40 +00:00
John Baldwin
bce94723a4 Use the passed in thread to selrecord() instead of curthread. 2001-09-21 22:26:51 +00:00
Robert Watson
3f9e888ebe o Remove redundant securelevel/pid1 check in procfs_rw() -- this
protection is enforced at the invidual method layer using
  p_candebug().

Obtained from:	TrustedBSD Project
2001-09-18 19:53:10 +00:00
Julian Elischer
7405406837 fix typo
pointed out by: jhb
2001-09-13 21:59:40 +00:00
John Baldwin
f1cbf4f92c Restore these files to being portable:
- Use some simple #define's at the top of the files for proc -> thread
  changes instead of having lots of needless #ifdef's in the code.
- Don't try to use struct thread in !FreeBSD code.
- Don't use a few struct lwp's in some of the NetBSD code since it isn't
  in their HEAD.
The new diff relative to before KSE is now signficantly smaller and easier
to maintain.
2001-09-12 23:39:36 +00:00
Julian Elischer
b40ce4165d KSE Milestone 2
Note ALL MODULES MUST BE RECOMPILED
make the kernel aware that there are smaller units of scheduling than the
process. (but only allow one thread per process at this time).
This is functionally equivalent to teh previousl -current except
that there is a thread associated with each process.

Sorry john! (your next MFC will be a doosie!)

Reviewed by: peter@freebsd.org, dillon@freebsd.org

X-MFC after:    ha ha ha ha
2001-09-12 08:38:13 +00:00
Kris Kennaway
bf61e26696 Fix some signed/unsigned integer confusion, and add bounds checking of
arguments to some functions.

Obtained from:	NetBSD
Reviewed by:	peter
MFC after:	2 weeks
2001-09-10 11:28:07 +00:00
Semen Ustimenko
cc6b9b02be Stole unicode translation table from mount_msdos. Add kernel code
to support this translation.

MFC after:	2 weeks
2001-09-08 23:03:52 +00:00
Semen Ustimenko
0895d6c389 Fix opening particular file's attributes (as described in man page).
This is useful for debug purposes.

MFC after:	2 weeks
2001-09-08 22:59:12 +00:00
Semen Ustimenko
ebcc9d9c8c Reference devvp on ntnode creation and dereference on removal. Previous
code  lead to page faults becouse i_devvp went zero after VOP_RECLAIM, but
ntnode was reused (not reclaimed).

MFC after:	2 weeks
2001-09-08 22:57:03 +00:00
Semen Ustimenko
831aac011e Fix errors and warnings when compiling with NTFS_DEBUG > 1
MFC after:	2 weeks
2001-09-08 22:53:27 +00:00
Andrey A. Chernov
159247784c smbfs_advlock: simplify overflow checks (copy from kern_lockf.c)
minor formatting issues to minimize differences
2001-08-29 18:59:04 +00:00
Andrey A. Chernov
fcbe9614ef Cosmetique & style fixes from bde 2001-08-26 10:28:58 +00:00
Andrey A. Chernov
5215e1ea12 Copy from kern_lockf.c: remove extra check 2001-08-24 10:22:16 +00:00
Andrey A. Chernov
2a31175b6e Copy yet one check for SEEK_END overflow 2001-08-23 17:12:42 +00:00
Andrey A. Chernov
ea4313e351 Copy my newly introduced l_len<0 'oops' fix from kern_lockf.c 2001-08-23 16:06:14 +00:00
Andrey A. Chernov
e3e2c03de3 Copy POSIX l_len<0 handling from kern_lockf.c 2001-08-23 15:44:24 +00:00
Andrey A. Chernov
bbf6984cec Cosmetique: correct English in comments
non-cosmetique: add missing break; - original code was broken here
2001-08-23 14:45:31 +00:00
Andrey A. Chernov
fb2f187058 Move <machine/*> after <sys/*>
Pointed by:	bde
2001-08-23 13:27:58 +00:00
Andrey A. Chernov
4779017439 adv. lock:
copy EOVERFLOW handling code from main variant
fix type of 'size' arg
2001-08-23 08:54:22 +00:00
Boris Popov
798bb23e93 Use proper endian conversion.
Obtained from:	Mac OS X
MFC after:		1 week
2001-08-21 08:27:47 +00:00
Boris Popov
3419dc99dd Return proper length of _PC_NAME_MAX value if long names support is enabled.
Obtained from:	Mac OS X
MFC after:	1 week
2001-08-21 08:25:09 +00:00
Poul-Henning Kamp
12d1aec26f linux ls fails on DEVFS /dev because linux_getdents fails because
linux_getdents uses VOP_READDIR( ..., &ncookies, &cookies ) instead of
     VOP_READDIR( ..., NULL, NULL ) because it seems to need the offsets for
     linux_dirent and sizeof(dirent) != sizeof(linux_dirent)...

PR:	29467
Submitted by:	Michael Reifenberger <root@nihil.plaut.de>
Reviewed by:	phk
2001-08-14 06:42:32 +00:00
Robert Watson
7d69e57088 Remove dangling prototype for the now defunct procfs_kmemaccess()
call.

Obtained from:	TrustedBSD Project
2001-08-03 17:51:05 +00:00
Robert Watson
436b89d434 Collapse a Pmem case in with the other debugging files case for procfs,
as there are now "unusual" protection properties to Pmem that differ
from the other files.  While I'm at it, introduce proc locking for
the other files, which was previously present only in the Pmem case.

Obtained from:	TrustedBSD Project
2001-08-03 17:20:34 +00:00
Robert Watson
57de737e82 Remove read permission for group on the /proc/*/mem file, since kmem
no longer requires access.

Reviewed by:	tmm
Obtained from:	TrustedBSD Project
2001-08-03 17:15:40 +00:00
Robert Watson
f2e6be5865 Prior to support for almost all ps activity via sysctl, ps used procfs,
and so special-casing was introduced to provide extra procfs privilege
to the kmem group.  With the advent of non-setgid kmem ps, this code
is no longer required, and in fact, can is potentially harmful as it
allocates privilege to a gid that is increasingly less meaningful.
Knowledge of specific gid's in kernel is also generally bad precedent,
as the kernel security policy doesn't distinguish gid's specifically,
only uid 0.

This commit removes reference to kmem in procfs, both in terms of
access control decisions, and the applying of gid kmem to the
/proc/*/mem file, simplifying the associated code considerably.
Processes are still permitted to access the mem file based on
the debugging policy, so ps -e still works fine for normal
processes and use.

Reviewed by:	tmm
Obtained from:	TrustedBSD Project
2001-08-03 17:13:23 +00:00
Assar Westerlund
ac01ecd9fb remove support for creating files and directories from msdosfs_mknod 2001-07-19 19:15:42 +00:00
John Baldwin
7063595315 Grab the process lock around psignal().
Noticed by:	tanimura
2001-07-18 19:17:36 +00:00
Robert Watson
a0f75161f9 o Replace calls to p_can(..., P_CAN_xxx) with calls to p_canxxx().
The p_can(...) construct was a premature (and, it turns out,
  awkward) abstraction.  The individual calls to p_canxxx() better
  reflect differences between the inter-process authorization checks,
  such as differing checks based on the type of signal.  This has
  a side effect of improving code readability.
o Replace direct credential authorization checks in ktrace() with
  invocation of p_candebug(), while maintaining the special case
  check of KTR_ROOT.  This allows ktrace() to "play more nicely"
  with new mandatory access control schemes, as well as making its
  authorization checks consistent with other "debugging class"
  checks.
o Eliminate "privused" construct for p_can*() calls which allowed the
  caller to determine if privilege was required for successful
  evaluation of the access control check.  This primitive is currently
  unused, and as such, serves only to complicate the API.

Approved by:	({procfs,linprocfs} changes) des
Obtained from:	TrustedBSD Project
2001-07-05 17:10:46 +00:00
John Baldwin
4a370459cc - Update the vmmeter statistics for vnode pageins and pageouts in
getpages/putpages.
- Use vm_page_undirty() instead of messing with pages' dirty fields
  directly.
2001-07-04 19:55:01 +00:00
Matthew Dillon
0cddd8f023 With Alfred's permission, remove vm_mtx in favor of a fine-grained approach
(this commit is just the first stage).  Also add various GIANT_ macros to
formalize the removal of Giant, making it easy to test in a more piecemeal
fashion. These macros will allow us to test fine-grained locks to a degree
before removing Giant, and also after, and to remove Giant in a piecemeal
fashion via sysctl's on those subsystems which the authors believe can
operate without Giant.
2001-07-04 16:20:28 +00:00
John Baldwin
797c3dba25 Fix a mntvnode and vnode interlock reversal. 2001-06-28 03:52:04 +00:00
John Baldwin
805d90f763 Protect the mnt_vnode list with the mntvnode lock. 2001-06-28 03:50:17 +00:00
Dag-Erling Smørgrav
56fe60b131 #if 0 out pfs_null() to silence the warning about it not being referenced. 2001-06-15 12:30:46 +00:00
Peter Wemm
70439d2750 Fix warning: 568: warning: `portal_badop' defined but not used 2001-06-15 00:38:03 +00:00
Peter Wemm
f14f48a226 Fix warning (exposed NetBSD code):
94: warning: `ntfs_bmap' declared `static' but never defined
2001-06-15 00:32:07 +00:00
Peter Wemm
e75a45be56 Fix warnings (mostly harmless, due to struct bio being embedded in buf):
738: warning: passing arg 1 of `biodone' from incompatible pointer type
745: warning: passing arg 1 of `biodone' from incompatible pointer type
2001-06-15 00:30:27 +00:00
Peter Wemm
42c187b77e Fix warning: 552: warning: `fdesc_badop' defined but not used 2001-06-15 00:27:21 +00:00
Peter Wemm
13f961dbfd Warning fix: coda_fbsd.c:113: warning: unused variable `ret' 2001-06-15 00:02:27 +00:00
Boris Popov
4587152a71 Coda do not call vop_defaultop(), so add nesessary calls for VM objects.
Submitted by:	Greg Troxel <gdt@ir.bbn.com>
MFC after:	2 days
2001-06-14 09:28:30 +00:00
Matt Jacob
aa56d911a6 the last argument to copyinstr is of t ype size_t, not u_int 2001-06-13 18:58:11 +00:00
Peter Wemm
f41325db5f With this commit, I hereby pronounce gensetdefs past its use-by date.
Replace the a.out emulation of 'struct linker_set' with something
a little more flexible.  <sys/linker_set.h> now provides macros for
accessing elements and completely hides the implementation.

The linker_set.h macros have been on the back burner in various
forms since 1998 and has ideas and code from Mike Smith (SET_FOREACH()),
John Polstra (ELF clue) and myself (cleaned up API and the conversion
of the rest of the kernel to use it).

The macros declare a strongly typed set.  They return elements with the
type that you declare the set with, rather than a generic void *.

For ELF, we use the magic ld symbols (__start_<setname> and
__stop_<setname>).  Thanks to Richard Henderson <rth@redhat.com> for the
trick about how to force ld to provide them for kld's.

For a.out, we use the old linker_set struct.

NOTE: the item lists are no longer null terminated.  This is why
the code impact is high in certain areas.

The runtime linker has a new method to find the linker set
boundaries depending on which backend format is in use.

linker sets are still module/kld unfriendly and should never be used
for anything that may be modular one day.

Reviewed by:	eivind
2001-06-13 10:58:39 +00:00
Dag-Erling Smørgrav
21ceb6efa2 For some reason, though the module builds just fine without <sys/lock.h>,
LINT fails to build without it.
2001-06-11 15:04:48 +00:00
Dag-Erling Smørgrav
b27acc8dd1 Bail out if the fill function failed. 2001-06-10 21:39:01 +00:00
Dag-Erling Smørgrav
7005ce8a5f Whoops, some of my test code snuck in here. 2001-06-10 21:37:11 +00:00
Dag-Erling Smørgrav
497806b394 Argh. Fix braino in previous commit. 2001-06-10 18:54:04 +00:00
Dag-Erling Smørgrav
1828efef8d Add a 'flags' argument to the PFS_PROCDIR macro. 2001-06-10 18:52:55 +00:00
Dag-Erling Smørgrav
649ad985c9 Add support for process-dependent directories. This means that save for
the lack of a man page, pseudofs is mostly complete now.
2001-06-10 18:39:21 +00:00
Dag-Erling Smørgrav
1e4ebf4e8d Blah, not my day. This file needs <sys/mutex.h> now. 2001-06-10 10:42:55 +00:00
Dag-Erling Smørgrav
ec09e7f25c Remember to unlock the process pfind() returns. 2001-06-10 10:42:01 +00:00
Dag-Erling Smørgrav
49fa664f4e Add missing #include of <sys/mutex.h>. 2001-06-10 10:36:16 +00:00
Dag-Erling Smørgrav
31f73b3fcd Catch up with the change in sbuf_new's prototype. 2001-06-10 10:34:21 +00:00
Jonathan Lemon
2247e23a97 The kq write filter was hooked up to the wrong socket, and thus was
not behaving correctly.  Fix by attaching to the correct socket.

Also call so{rw}wakeup in addition to the fifo wakeup, so that any
kqfilters attached to the socket buffer get poked.
2001-06-06 17:38:36 +00:00
Seigo Tanimura
326f419bb9 Lock VM Giant prior to locking a vm map.
Spotted by:	Daniel Rock <D.Rock@t-online.de>
Tested by:	David Wolfskill <david@catwhisker.org>,
		Sean Eric Fagan <sef@kithrup.com>
2001-06-06 04:13:11 +00:00
Shafeeq Sinnamohideen
ba8aae1baf Now works again and as a module and with devfs.
Used the bpf & tun drivers as examples as to what is necessary for devfs.
2001-06-05 19:45:16 +00:00
Brian Somers
51716196a4 Support /dev/tun cloning. Ansify if_tun.c while I'm there.
Only tun0 -> tun32767 may now be opened as struct ifnet's if_unit
is a short.

It's now possible to open /dev/tun and get a handle back for an available
tun device (use devname to find out what you got).

The implementation uses rman by popular demand (and against my judgement)
to track opened devices and uses the new dev_depends() to ensure that
all make_dev()d devices go away before the module is unloaded.

Reviewed by:	phk
2001-06-01 15:51:10 +00:00
Ruslan Ermilov
4ccd754686 - VFS_SET(msdos) -> VFS_SET(msdosfs)
- msdos.ko -> msdosfs.ko
- mount_msdos(8) -> mount_msdosfs(8)
- "msdos" -> "msdosfs" compatibility glue in mount(8)
2001-06-01 10:57:26 +00:00
Poul-Henning Kamp
e33457d7eb Don't copy the trailing zero in readlink, it confuses namei().
PR:		27656
2001-05-26 20:07:57 +00:00
Ruslan Ermilov
8a8402d3a5 - sys/n[tw]fs moved to sys/fs/n[tw]fs
- /usr/include/n[tw]fs moved to /usr/include/fs/n[tw]fs
2001-05-26 11:57:45 +00:00
Poul-Henning Kamp
3344c5a17e Create a general facility for making dev_t's depend on another
dev_t.  The dev_depends(dev_t, dev_t) function is for tying them
to each other.

When destroy_dev() is called on a dev_t, all dev_t's depending
on it will also be destroyed (depth first order).

Rewrite the make_dev_alias() to use this dependency facility.

kern/subr_disk.c:
Make the disk mini-layer use dependencies to make sure all
relevant dev_t's are removed when the disk disappears.

Make the disk mini-layer precreate some magic sub devices
which the disk/slice/label code expects to be there.

kern/subr_disklabel.c:
Remove some now unneeded variables.

kern/subr_diskmbr.c:
Remove some ancient, commented out code.

kern/subr_diskslice.c:
Minor cleanup.  Use name from dev_t instead of dsname()
2001-05-26 08:27:58 +00:00
Robert Watson
b1fc0ec1a7 o Merge contents of struct pcred into struct ucred. Specifically, add the
real uid, saved uid, real gid, and saved gid to ucred, as well as the
  pcred->pc_uidinfo, which was associated with the real uid, only rename
  it to cr_ruidinfo so as not to conflict with cr_uidinfo, which
  corresponds to the effective uid.
o Remove p_cred from struct proc; add p_ucred to struct proc, replacing
  original macro that pointed.
  p->p_ucred to p->p_cred->pc_ucred.
o Universally update code so that it makes use of ucred instead of pcred,
  p->p_ucred instead of p->p_pcred, cr_ruidinfo instead of p_uidinfo,
  cr_{r,sv}{u,g}id instead of p_*, etc.
o Remove pcred0 and its initialization from init_main.c; initialize
  cr_ruidinfo there.
o Restruction many credential modification chunks to always crdup while
  we figure out locking and optimizations; generally speaking, this
  means moving to a structure like this:
        newcred = crdup(oldcred);
        ...
        p->p_ucred = newcred;
        crfree(oldcred);
  It's not race-free, but better than nothing.  There are also races
  in sys_process.c, all inter-process authorization, fork, exec, and
  exit.
o Remove sigio->sio_ruid since sigio->sio_ucred now contains the ruid;
  remove comments indicating that the old arrangement was a problem.
o Restructure exec1() a little to use newcred/oldcred arrangement, and
  use improved uid management primitives.
o Clean up exit1() so as to do less work in credential cleanup due to
  pcred removal.
o Clean up fork1() so as to do less work in credential cleanup and
  allocation.
o Clean up ktrcanset() to take into account changes, and move to using
  suser_xxx() instead of performing a direct uid==0 comparision.
o Improve commenting in various kern_prot.c credential modification
  calls to better document current behavior.  In a couple of places,
  current behavior is a little questionable and we need to check
  POSIX.1 to make sure it's "right".  More commenting work still
  remains to be done.
o Update credential management calls, such as crfree(), to take into
  account new ruidinfo reference.
o Modify or add the following uid and gid helper routines:
      change_euid()
      change_egid()
      change_ruid()
      change_rgid()
      change_svuid()
      change_svgid()
  In each case, the call now acts on a credential not a process, and as
  such no longer requires more complicated process locking/etc.  They
  now assume the caller will do any necessary allocation of an
  exclusive credential reference.  Each is commented to document its
  reference requirements.
o CANSIGIO() is simplified to require only credentials, not processes
  and pcreds.
o Remove lots of (p_pcred==NULL) checks.
o Add an XXX to authorization code in nfs_lock.c, since it's
  questionable, and needs to be considered carefully.
o Simplify posix4 authorization code to require only credentials, not
  processes and pcreds.  Note that this authorization, as well as
  CANSIGIO(), needs to be updated to use the p_cansignal() and
  p_cansched() centralized authorization routines, as they currently
  do not take into account some desirable restrictions that are handled
  by the centralized routines, as well as being inconsistent with other
  similar authorization instances.
o Update libkvm to take these changes into account.

Obtained from:	TrustedBSD Project
Reviewed by:	green, bde, jhb, freebsd-arch, freebsd-audit
2001-05-25 16:59:11 +00:00
Ruslan Ermilov
1166fb516b - sys/msdosfs moved to sys/fs/msdosfs
- msdos.ko renamed to msdosfs.ko
- /usr/include/msdosfs moved to /usr/include/fs/msdosfs
2001-05-25 08:14:14 +00:00
Ruslan Ermilov
c7b23e0fb4 Actually rename FDESC, PORTAL, UMAP and UNION file systems.
OK'ed by:	bp
2001-05-24 15:20:11 +00:00
Ruslan Ermilov
c99d12581a mount_umap(8) -> mount_umapfs(8). 2001-05-24 13:20:41 +00:00
Ruslan Ermilov
57a523ae6b mount_null(8) -> mount_nullfs(8). 2001-05-24 13:17:47 +00:00
John Baldwin
c7f52620e0 Don't acquire/release Giant around some of the places that need it in
spec_getpages().  Instead, assert that Giant is held by the caller.
2001-05-23 22:20:29 +00:00