Commit Graph

1117 Commits

Author SHA1 Message Date
David Greenman
e47bda0730 Fix from PR #2757:
execve() clears the P_SUGID process flag in execve() if the binary
executed does not have suid or sgid permission bits set.

This also happens when the effective uid is different from the real
uid or the effective gid is different from the real gid. Under
these circumstances, the process still has set id privileges and
the P_SUGID flag should not be cleared.

Submitted by:	Tor Egge <Tor.Egge@idt.ntnu.no>
1997-02-19 03:51:34 +00:00
Garrett Wollman
d8392c6c39 uipc_mbuf.c: do a better job of counting how often we have to wait
for memory, or are denied a cluster.

uipc_socket2.c: define some generic ``operation-not-supported'' entry points
for pr_usrreqs.
1997-02-18 20:43:07 +00:00
Bruce Evans
a8687b6dcd Added some ufs #includes so that this compiles with option LOCKF_DEBUG.
Moving this all from ufs wasn't a good move.  At least the debugging
routines depend on the file system.

Cleaned up the LOCKF_DEBUG #includes.
1997-02-18 14:37:26 +00:00
Bruce Evans
78fd7b3d49 Fixed namei caching for LOOKUPs. It was broken for lstat() and olstat().
Successful lstat()s purged an existing entry as well as not caching the
result.

This bug was introduced in Lite1 by setting the LOCKPARENT flag for
[o]lstat() in order to support the inherit-attributes-from-parent-
directory misfeature for symlinks.  LOCKPARENT was previously only set
for CREATEs and DELETEs.  It is now set for LOOKUPs, but only for
[o]lstat(), so the problem wasn't very noticeable.
1997-02-18 06:46:41 +00:00
Bruce Evans
25ed2ac223 Changed #ifdef COMPAT_PRELITE2' to #ifndef NO_COMPAT_PRELITE2' so that
the old VFS_VFSCONF sysctl is enabled by default.

Initialize the vfc_vfsops field to non-NULL in sysctl_ovfs_conf()
so that the old VFS_VFSCONF sysctl actually works.  The old (still
current) getvfsent.c uses this "kernel-only" field to decide which
vfs's are configured (the old implementation returned null entries
for unconfigured vfs's).
1997-02-18 04:58:11 +00:00
David Greenman
70e534e78f Pass P_SUGID on to the child of a fork(). It was possible to get rlogin
to coredump previously since it (somewhat uniquely) is setuid and forks
without execing, and thus without passing P_SUGID the child could
coredump and possibly divulge sensitive information (such as encrypted
passwords from the passwd database).
1997-02-17 10:58:46 +00:00
Garrett Wollman
30f700e9c7 Provide an alternative mbuf cluster allocator which permits use of
clusters greater than one page in length by calling contigmalloc1().
This uses a helper process `mclalloc' to do the allocation if
the system runs out at interrupt time to avoid calling contigmalloc
at high spl.  It is not yet clear to me whether this works.
1997-02-13 19:41:40 +00:00
Garrett Wollman
5bee01c83f For large values of sb_max or MCLBYTES, it was possible for the expression
sb_max * MCLBYTES / (MSIZE + MCLBYTES)
used in sbreserve() to overflow, causing all socket creation attempts
to fail.  Force the calculation to use u_quad_t's, which makes overflow
less likely.
1997-02-13 18:05:46 +00:00
Mike Pritchard
61f84e5b27 Don't depend on FIFO being defined to enable mkfifo.
It is now always compiled.

Submitted by:	bde
1997-02-12 16:55:32 +00:00
Bruce Evans
b52748bee5 Restored some lost function return types. 1997-02-12 14:00:00 +00:00
Mike Pritchard
72a5ee14de Add function protypes for the new Lite2 unionfs functions. 1997-02-12 07:54:22 +00:00
Mike Pritchard
820d8cf44a Comment out a call to the #ifdef DIAGNOSTIC routine
vfs_bufstats().  This routine was not imported in the
Lite2 merge.
1997-02-12 06:46:11 +00:00
Garrett Wollman
1e49bd9cd3 Fix spelling of net.inet.ip.forwarding.
Add ARP_PROXYALL to defunct options.
1997-02-10 19:19:16 +00:00
David Nugent
184989c210 Fix off by one error in setlogin() syscall.
Don't overwrite session login unless the call is going to succeed.
1997-02-10 06:18:20 +00:00
John Dyson
996c772f58 This is the kernel Lite/2 commit. There are some requisite userland
changes, so don't expect to be able to run the kernel as-is (very well)
without the appropriate Lite/2 userland changes.

The system boots and can mount UFS filesystems.

Untested: ext2fs, msdosfs, NFS
Known problems: Incorrect Berkeley ID strings in some files.
		Mount_std mounts will not work until the getfsent
		library routine is changed.

Reviewed by:	various people
Submitted by:	Jeffery Hsu <hsu@freebsd.org>
1997-02-10 02:22:35 +00:00
Bruce Evans
30c8c5e8fa Fixed EXTRAVNODES ifdef.
Updated warnings about obsolete options.
1997-01-27 12:48:15 +00:00
Bruce Evans
b3c5c18d36 Set the soft openfiles limit to maxfiles instead of to NOFILE.
The limit is now only used by init, so it may as well be "infinite".
Don't use RLIM_INFINITY, since setrlimit() doesn't allow setting
that value.  Use maxfiles instead of RLIM_INFINITY for the hard
limit for the same reason.

Similarly for the maxprocesses limits (use the "infinite" value of
maxproc instead if MAXUPRC and RLIM_INFINITY).

NOFILES, MAXUPRC, CHILD_MAX and OPEN_MAX are no longer used in
/usr/src and should go away.  Their values are almost guaranteed to
be wrong now that login.conf exists, so anything that uses the values
is broken.  Unfortunately, there are probably a lot of ports that
depend on them being defined.

The global limits maxfilesperproc and maxprocperuid should go away
too.
1997-01-27 12:43:36 +00:00
John Dyson
7e64cb7a96 Remove some dead code from trapwrite.
Submitted by:	Stephen McKay <syssgm@devetir.qld.gov.au>
1997-01-23 01:30:59 +00:00
David Nugent
1273ebf576 Copy process resource settings before modifying.
Candidate for 2.2.
1997-01-21 16:37:01 +00:00
Bruce Evans
713aa001e2 Updated generated files. 1997-01-16 15:59:31 +00:00
Bruce Evans
ac0ad63f37 Reduced #include spam in <sys/sysproto.h> and fixed things that depended
on it.

makesyscalls.sh:
This parsed $Id$.  Fixed(?) to parse $FreeBSD$.  The output is wrong when
the id is not expanded in the source file.

syscalls.master:
Fixed declaration of sigsuspend().  There are still some bogons and
spam involving sigset_t.
Use `struct foo *' instead of the equivalent `foo_t *' for some nfs and
lfs syscalls so that <sys/sysproto.h> doesn't depend on <sys/mount.h>.
1997-01-16 15:58:32 +00:00
Bruce Evans
f7b630a403 Added file kern_opt.c for putting warnings about defunct options in.
Warn about recently removed option EXTRAVNODES and about other rubbish
that hasn't been put in opt_defunct.h yet.
1997-01-16 13:31:55 +00:00
Bruce Evans
5131d64e0c Removed option EXTRAVNODES. All versions of FreeBSD-2.x have a sysctl
variable `kern.maxvnodes' which gives much better control over vnode
allocation than EXTRAVNODES (except in -current between 1995/10/28 and
1996/11/12, kern.maxvnodes was read-only and thus useless).
1997-01-16 13:16:10 +00:00
David Greenman
649c409d03 Fix bug related to map entry allocations where a sleep might be attempted
when allocating memory for network buffers at interrupt time. This is due
to inadequate checking for the new mcl_map. Fixed by merging mb_map and
mcl_map into a single mb_map.

Reviewed by:	wollman
1997-01-15 20:46:02 +00:00
Bruce Evans
16a02c1105 Removed redundant spl0()'s from kernel processes. They were work-arounds
for a bug in fork().
1997-01-15 19:05:08 +00:00
Bruce Evans
3e2bca9e04 Fixed interrupt unmasking for child processes which I broke in
rev.1.10 two years ago.  Children continued to run at splhigh()
after returning from vm_fork().  This mainly affected kernel
processes and init.  For ordinary processes, interrupts are normally
unmasked a few instructions later after fork() returns (it may be
important for syscall() not to reschedule the child processes).
Kernel processes had workarounds for the problem.  Init manages to
start because some routines "know" that it is safe to go to sleep
despite their caller starting them at a high ipl.  Then its ipl
gets fixed on its first normal return from a syscall.
1997-01-15 18:58:42 +00:00
Jordan K. Hubbard
1130b656e5 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
John Hay
885bd8e459 Update our kernel ntp code to the latest from David Mills. The main change
is the addition of the FLL code, which is used by the latest versions of
xntpd. The kernel PPS code is also updated, although I can't test that yet.
1996-12-30 18:26:28 +00:00
David Greenman
675526e892 Delete bogus inconsistency check that could cause a gratuitous panic. I
had added this years ago when I didn't understand all the subtilties of
the flock code.
1996-12-29 09:22:34 +00:00
John Dyson
8b612c4b4a This commit is the embodiment of some VFS read clustering improvements.
Firstly, now our read-ahead clustering is on a file descriptor basis and not
on a per-vnode basis.  This will allow multiple processes reading the
same file to take advantage of read-ahead clustering.  Secondly, there
previously was a problem with large reads still using the ramp-up
algorithm.  Of course, that was bogus, and now we read the entire
"chunk" off of the disk in one operation.   The read-ahead clustering
algorithm should use less CPU than the previous also (I hope :-)).

NOTE:  THAT LKMS MUST BE REBUILT!!!
1996-12-29 02:45:28 +00:00
Joerg Wunsch
e9822d926c Make DFLDSIZ and MAXDSIZ fully-supported options.
"Don't forget to do a ``make depend''" :-)
1996-12-22 23:17:09 +00:00
Poul-Henning Kamp
15cfc283d8 Make this compile in the kernel too, major cosmetic cleanup. 1996-12-22 10:27:25 +00:00
Bruce Evans
b8b6f5017f Fixed nonexistent checking of lock types for F_GETLK.
Found by:	NIST-PCTS
1996-12-19 19:59:51 +00:00
Bruce Evans
bb65f5a1cc Fixed lseek() on named pipes. It always succeeded but should always fail.
Broke locking on named pipes in the same way as locking on non-vnodes
(wrong errno).  This will be fixed later.

The fix involves negative logic.  Named pipes are now distinguished from
other types of files with vnodes, and there is additional code to handle
vnodes and named pipes in the same way only where that makes sense (not
for lseek, locking or TIOCSCTTY).
1996-12-19 19:42:37 +00:00
Bruce Evans
78f64bccfd Fixed setpgid(). Negative pgids were accepted.
Found by:	NIST-PCTS
1996-12-19 13:28:47 +00:00
Bruce Evans
a88bd8aae4 Fixed arg checking in if_advlock(). Invalid args were accepted in an
optimized case.  Preposterous lengths weren't checked for.

Found by:	NIST-PCTS
1996-12-19 13:22:30 +00:00
Bruce Evans
959c02787e Only handle copyin/out/etc faults when not in an interrupt handler.
This makes unexpected faults (in an interrupt handler) more likely
to crash properly.  It could be done even better (more robustly and
more efficiently) using lazy fault handling.
1996-12-18 19:12:01 +00:00
Alexander Langer
37b688c466 Typo fix. 1996-12-17 00:46:07 +00:00
Bruce Evans
1fbf1f7140 Fixed garbage being returned for constant int values, e.g., for
KERN_SAVED_IDS.

Should be in 2.2.

Reviewed by:	phk
Found by:	NIST-PCTS
1996-12-15 14:38:46 +00:00
Bruce Evans
e408eccfc7 Fixed magic and wrong numbers in calibration of nullfunc_loop_profiled()
and removed related debugging code.  Now this part of the calibration is
almost as machine-independent as gprof generally.
1996-12-13 12:59:28 +00:00
Bruce Evans
f7f70b3d0f Fixed a null pointer panic in ADDENTRY(). Unloading the lkm and joy
modules sort of works now.  Their devswitch entries aren't cleaned
up, so accessing them after they have been unloaded causes a panic
in spec_open().

Submitted by:	durian@plutotech.com (Mike Durian), IIRC
1996-12-06 12:47:05 +00:00
Julian Elischer
ed5b7817a4 Add comments to hard-to-follow File descriptor handling code 1996-12-05 22:41:13 +00:00
John Dyson
3596818baa Clean-up of the new buffer kva allocation code. Also, there was an
error in the !BOUNCE_BUFFERS case.
1996-12-05 04:28:52 +00:00
Bruce Evans
4eb73cdaff Removed all references to b_cylinder (aka b_cylin). It was evil and
hasn't been used for a year or two since disksort() started sorting
on b_pblkno.
1996-12-01 16:34:41 +00:00
Bruce Evans
4958bbd175 Don't allow empty pathnames. POSIX standard.
Most of the standard utilities that depended on (or were broken in
a different way by) the old behaviour of interpreting "" as "."
were fixed a year or two ago.  There is still a fairly harmless
bug in tar and a harmless bug in gzip.  Tar apparently replaces
"/" by "" when it strips leading slashes.
1996-12-01 16:05:44 +00:00
John Dyson
621d520e2f Fix a problem with the new buffer_map management code. Additionally,
decrease the size of buffer_map to approx 2/3 of what it used to be
(buffer_map can be smaller now.)  The original commit of these changes
increased the size of buffer_map to the point where the system would
not boot on large systems -- now large systems with large caches will
have even less problems than before.
1996-12-01 15:46:40 +00:00
Søren Schmidt
7cb29d3394 This update adds the support for != 512 byte sector SCSI devices to
the sd & od drivers. There is also slight changes to fdisk & newfs
in order to comply with different sectorsizes.
Currently sectors of size 512, 1024 & 2048 are supported, the only
restriction beeing in fdisk, which hunts for the sectorsize of
the device.
This is based on patches to od.c and the other system files by
John Gumb & Barry Scott, minor changes and the sd.c patches by
me.
There also exist some patches for the msdos filesys code, but I
havn't been able to test those (yet).

	John Gumb (john@talisker.demon.co.uk)
	Barry Scott (barry@scottb.demon.co.uk)
1996-12-01 11:25:38 +00:00
John Dyson
09e0c6ccdd Implement a new totally dynamic (up to MAXPHYS) buffer kva allocation
scheme.  Additionally, add the capability for checking for unexpected
kernel page faults.  The maximum amount of kva space for buffers hasn't
been decreased from where it is, but it will now be possible to do so.

This scheme manages the kva space similar to the buffers themselves.  If
there isn't enough kva space because of usage or fragementation, buffers
will be reclaimed until a buffer allocation is successful.  This scheme
should be very resistant to fragmentation problems until/if the LFS code
is fixed and uses the bogus buffer locking scheme -- but a 'fixed' LFS
is not likely to use such a scheme.

Now there should be NO problem allocating buffers up to MAXPHYS.
1996-11-30 22:41:49 +00:00
David Greenman
add2e5d0f4 Check for error return from uiomove to prevent looping endlessly in
soreceive(). Closes PR#2114.

Submitted by:	wpaul
1996-11-29 19:03:42 +00:00
Bruce Evans
e6eeb36daf Fixed sigaction() for SIGKILL and SIGSTOP. Reading the old action now
succeeds.  Writing an action now succeeds iff the handler isn't changed.
(POSIX allows attempts to change the handler to be ignored or cause an
error.  Changing other parts of the action is allowed (except attempts
to mask unmaskable signals are silently ignored as usual).)

Found by:	NIST-PCTS
1996-11-29 18:01:55 +00:00