Commit Graph

2148 Commits

Author SHA1 Message Date
Ulf Lilleengen
f7b8cfa890 - Support IEEE_P1282 and IEEE_1282 tags in the rock ridge extensions record.
PR:		kern/128942
Submitted by:	"J.R. Oldroyd" <fbsd - at - opal.com>
2008-11-26 13:09:45 +00:00
Daichi GOTO
16385727ce Simplify mode_t check treatment (suggested by trasz).
By semantical view, trasz's code is better than prior one.

Submitted by:	trasz
Reviewed by:	Masanori OZAWA <ozawa@ongs.co.jp>
2008-11-25 03:49:41 +00:00
Daichi GOTO
1e5da15a63 Fixes Unionfs socket issue reported as kern/118346.
PR:		118346
Submitted by:	Masanori OZAWA <ozawa@ongs.co.jp>
Discussed at:	devsummit Strassburg, EuroBSDCon2008
Discussed with:	rwatson, gnn, hrs
MFC after:	2 week
2008-11-25 03:18:35 +00:00
John Baldwin
66a6ea1de2 - Fix a typo in a comment.
- Whitespace fix.
- Remove #if 0'd BSD 4.x code for flushing busy buffers from a mountpoint
  during an unmount.  FreeBSD uses vflush() for this.
2008-11-18 23:19:43 +00:00
John Baldwin
77ddca67d5 When looking up the vnode for the device to mount the filesystem on,
ask NDINIT to return a locked vnode instead of letting it drop the
lock and return a referenced vnode and then relock the vnode a few
lines down.  This matches the behavior of other filesystem mount routines.
2008-11-18 23:18:37 +00:00
John Baldwin
1ea456e7a6 Remove copy/paste code from UFS to handle sparse blocks. While Rock
Ridge does support sparse files, the cd9660 code does not currently
support them.
2008-11-18 23:15:17 +00:00
John Baldwin
05b1d36516 Remove unused i_flags field and IN_ACCESS flag from cd9660 in-memory
i-nodes.  cd9660 doesn't support access times.
2008-11-18 23:13:40 +00:00
John Baldwin
2ff47c5f18 Remove unnecessary locking around vn_fullpath(). The vnode lock for the
vnode in question does not need to be held.  All the data structures used
during the name lookup are protected by the global name cache lock.
Instead, the caller merely needs to ensure a reference is held on the
vnode (such as vhold()) to keep it from being freed.

In the case of procfs' <pid>/file entry, grab the process lock while we
gain a new reference (via vhold()) on p_textvp to fully close races with
execve(2).

For the kern.proc.vmmap sysctl handler, use a shared vnode lock around
the call to VOP_GETATTR() rather than an exclusive lock.

MFC after:	1 month
2008-11-04 19:04:01 +00:00
John Baldwin
7265164f53 Don't pass WANTPARENT to the pathname lookup of the mount point for a
unionfs mount just so we can immediately drop the reference on the parent
directory vnode without using it.
2008-11-04 18:54:44 +00:00
Edward Tomasz Napierala
ea49f15447 Fix few missed accmode changes in coda.
Approved by:	rwatson (mentor)
2008-11-03 16:36:23 +00:00
Doug Rabson
a9148abd9d Implement support for RPCSEC_GSS authentication to both the NFS client
and server. This replaces the RPC implementation of the NFS client and
server with the newer RPC implementation originally developed
(actually ported from the userland sunrpc code) to support the NFS
Lock Manager.  I have tested this code extensively and I believe it is
stable and that performance is at least equal to the legacy RPC
implementation.

The NFS code currently contains support for both the new RPC
implementation and the older legacy implementation inherited from the
original NFS codebase. The default is to use the new implementation -
add the NFS_LEGACYRPC option to fall back to the old code. When I
merge this support back to RELENG_7, I will probably change this so
that users have to 'opt in' to get the new code.

To use RPCSEC_GSS on either client or server, you must build a kernel
which includes the KGSSAPI option and the crypto device. On the
userland side, you must build at least a new libc, mountd, mount_nfs
and gssd. You must install new versions of /etc/rc.d/gssd and
/etc/rc.d/nfsd and add 'gssd_enable=YES' to /etc/rc.conf.

As long as gssd is running, you should be able to mount an NFS
filesystem from a server that requires RPCSEC_GSS authentication. The
mount itself can happen without any kerberos credentials but all
access to the filesystem will be denied unless the accessing user has
a valid ticket file in the standard place (/tmp/krb5cc_<uid>). There
is currently no support for situations where the ticket file is in a
different place, such as when the user logged in via SSH and has
delegated credentials from that login. This restriction is also
present in Solaris and Linux. In theory, we could improve this in
future, possibly using Brooks Davis' implementation of variant
symlinks.

Supporting RPCSEC_GSS on a server is nearly as simple. You must create
service creds for the server in the form 'nfs/<fqdn>@<REALM>' and
install them in /etc/krb5.keytab. The standard heimdal utility ktutil
makes this fairly easy. After the service creds have been created, you
can add a '-sec=krb5' option to /etc/exports and restart both mountd
and nfsd.

The only other difference an administrator should notice is that nfsd
doesn't fork to create service threads any more. In normal operation,
there will be two nfsd processes, one in userland waiting for TCP
connections and one in the kernel handling requests. The latter
process will create as many kthreads as required - these should be
visible via 'top -H'. The code has some support for varying the number
of service threads according to load but initially at least, nfsd uses
a fixed number of threads according to the value supplied to its '-n'
option.

Sponsored by:	Isilon Systems
MFC after:	1 month
2008-11-03 10:38:00 +00:00
Robert Watson
2b7da2dbf1 Catch up with netsmb locking: explicit thread arguments no longer required. 2008-11-02 23:20:27 +00:00
Edward Tomasz Napierala
2a9e5e2e7c Remove the call to getinoquota() from ntfs_access. How did it get there?!
Approved by:	rwatson (mentor)
2008-11-02 11:49:19 +00:00
Edward Tomasz Napierala
15bc6b2bd8 Introduce accmode_t. This is required for NFSv4 ACLs - it will be neccessary
to add more V* constants, and the variables changed by this patch were often
being assigned to mode_t variables, which is 16 bit.

Approved by:	rwatson (mentor)
2008-10-28 13:44:11 +00:00
Dag-Erling Smørgrav
e11e3f187d Fix a number of style issues in the MALLOC / FREE commit. I've tried to
be careful not to fix anything that was already broken; the NFSv4 code is
particularly bad in this respect.
2008-10-23 20:26:15 +00:00
Dag-Erling Smørgrav
1ede983cc9 Retire the MALLOC and FREE macros. They are an abomination unto style(9).
MFC after:	3 months
2008-10-23 15:53:51 +00:00
Robert Watson
f17c6f031e The locking in portalfs's socket connect code is no less correct than
identical code in connect(2), so remove XXX that it might be incorrect.

MFC after:	3 days
2008-10-12 19:23:02 +00:00
Attilio Rao
0d7935fd01 Remove the struct thread unuseful argument from bufobj interface.
In particular following functions KPI results modified:
- bufobj_invalbuf()
- bufsync()

and BO_SYNC() "virtual method" of the buffer objects set.
Main consumers of bufobj functions are affected by this change too and,
in particular, functions which changed their KPI are:
- vinvalbuf()
- g_vfs_close()

Due to the KPI breakage, __FreeBSD_version will be bumped in a later
commit.

As a side note, please consider just temporary the 'curthread' argument
passing to VOP_SYNC() (in bufsync()) as it will be axed out ASAP

Reviewed by:	kib
Tested by:	Giovanni Trematerra <giovanni dot trematerra at gmail dot com>
2008-10-10 21:23:50 +00:00
Robert Watson
4759ebf015 Use soconnect2() rather than directly invoking uipc_connect2() to
interconnect two UNIX domain sockets.

MFC after:	3 days
2008-10-06 18:38:50 +00:00
Konstantin Belousov
9a1e630dfd Change the linprocfs <pid>/maps and procfs <pid>/map handlers to use
sbuf instead of doing uiomove. This allows for reads from non-zero
offsets to work.

Patch is forward-ported des@' one, and was adopted to current code
by dchagin@ and me.

Reviewed by:	des (linprocfs part)
PR:	kern/101453
MFC after:	1 week
2008-10-04 14:08:16 +00:00
Edward Tomasz Napierala
a37d6ec935 Fix Vflags abuse in fdescfs. There should be no functional changes.
Approved by:	rwatson (mentor)
2008-10-03 23:21:14 +00:00
Edward Tomasz Napierala
464119c422 Fix Vflags abuse in cd9660. There should be no functional changes.
Approved by:	rwatson (mentor)
2008-10-03 23:17:22 +00:00
Marko Zec
8b615593fc Step 1.5 of importing the network stack virtualization infrastructure
from the vimage project, as per plan established at devsummit 08/08:
http://wiki.freebsd.org/Image/Notes200808DevSummit

Introduce INIT_VNET_*() initializer macros, VNET_FOREACH() iterator
macros, and CURVNET_SET() context setting macros, all currently
resolving to NOPs.

Prepare for virtualization of selected SYSCTL objects by introducing a
family of SYSCTL_V_*() macros, currently resolving to their global
counterparts, i.e. SYSCTL_V_INT() == SYSCTL_INT().

Move selected #defines from sys/sys/vimage.h to newly introduced header
files specific to virtualized subsystems (sys/net/vnet.h,
sys/netinet/vinet.h etc.).

All the changes are verified to have zero functional impact at this
point in time by doing MD5 comparision between pre- and post-change
object files(*).

(*) netipsec/keysock.c did not validate depending on compile time options.

Implemented by:	julian, bz, brooks, zec
Reviewed by:	julian, bz, brooks, kris, rwatson, ...
Approved by:	julian (mentor)
Obtained from:	//depot/projects/vimage-commit2/...
X-MFC after:	never
Sponsored by:	NLnet Foundation, The FreeBSD Foundation
2008-10-02 15:37:58 +00:00
Konstantin Belousov
7818e0a545 Save previous content of the td_fpop before storing the current
filedescriptor into it. Make sure that td_fpop is NULL when calling
d_mmap from dev_pager_getpages().

Change guards against td_fpop field being non-NULL with private state
for another device, and against sudden clearing the td_fpop. This
could occur when either a driver method calls another driver through
the filedescriptor operation, or a page fault happen while driver is
writing to a memory backed by another driver.

Noted by:	rwatson
Tested by:	rnoland
MFC after:	3 days
2008-09-26 14:50:49 +00:00
Ed Schouten
d3ce832719 Remove unit2minor() use from kernel code.
When I changed kern_conf.c three months ago I made device unit numbers
equal to (unneeded) device minor numbers. We used to require
bitshifting, because there were eight bits in the middle that were
reserved for a device major number. Not very long after I turned
dev2unit(), minor(), unit2minor() and minor2unit() into macro's.
The unit2minor() and minor2unit() macro's were no-ops.

We'd better not remove these four macro's from the kernel, because there
is a lot of (external) code that may still depend on them. For now it's
harmless to remove all invocations of unit2minor() and minor2unit().

Reviewed by:	kib
2008-09-26 14:19:52 +00:00
David E. O'Brien
ae72afe0f2 The kernel implemented 'memcmp' is an alias for 'bcmp'. However, memcmp
and bcmp are not the same thing.  'man bcmp' states that the return is
"non-zero" if the two byte strings are not identical.  Where as,
'man memcmp' states that the return is the "difference between the
first two differing bytes (treated as unsigned char values" if the
two byte strings are not identical.

So provide a proper memcmp(9), but it is a C implementation not a tuned
assembly implementation.  Therefore bcmp(9) should be preferred over memcmp(9).
2008-09-23 14:45:10 +00:00
Ed Schouten
219cc94999 Already initialize the vfs timestamps inside the cdev upon allocation.
In the MPSAFE TTY branch I noticed the vfs timestamps inside devfs were
allocated with 0, where the getattr() routine bumps the timestamps to
boottime if the value is below 3600. The reason why it has been designed
like this, is because timestamps during boot are likely to be invalid.

This means that device nodes that are created on demand (posix_openpt())
have timestamps with a value of boottime, which is not what we want.
Solve this by calling vfs_timestamp() inside devfs_alloc().

Discussed with:	kib
2008-09-21 14:02:43 +00:00
Konstantin Belousov
caf8aec886 fdescfs, devfs, mqueuefs, nfs, portalfs, pseudofs, tmpfs and xfs
initialize the vattr structure in VOP_GETATTR() with VATTR_NULL(),
vattr_null() or by zeroing it. Remove these to allow preinitialization
of fields work in vn_stat(). This is needed to get birthtime initialized
correctly.

Submitted by:   Jaakko Heinonen <jh saunalahti fi>
Discussed on:   freebsd-fs
MFC after:	1 month
2008-09-20 19:50:52 +00:00
Konstantin Belousov
4c5a20e3da Initialize va_rdev to NODEV instead of 0 or VNOVAL in VOP_GETATTR().
NODEV is more appropriate when va_rdev doesn't have a meaningful value.

Submitted by:   Jaakko Heinonen <jh saunalahti fi>
Suggested by:   bde
Discussed on:   freebsd-fs
MFC after:	1 month
2008-09-20 19:49:15 +00:00
Konstantin Belousov
86dacdfe2b Initialize va_flags and va_filerev properly in VOP_GETATTR(). Don't
initialize va_vaflags and va_spare because they are not part of the
VOP_GETATTR() API. Also don't initialize birthtime to ctime or zero.

Submitted by:   Jaakko Heinonen <jh saunalahti fi>
Reviewed by:	bde
Discussed on:   freebsd-fs
MFC after:	1 month
2008-09-20 19:46:45 +00:00
Ed Schouten
19c5cd6288 Fix two small typo's in comments in the nullfs vnops code.
Submitted by:	Jille Timmermans <jille quis cx>
2008-09-11 20:15:34 +00:00
Xin LI
e08d55674d Reflect license change of NetBSD code.
Obtained from:	NetBSD
MFC after:	3 days
2008-09-03 18:53:48 +00:00
Konstantin Belousov
67c7bbf39c In rev. 1.17 (r33548) of msdosfs_fat.c, relative cluster numbers were
replaced by file relative sector numbers as the buffer block number when
zero-padding a file during extension. Revert the change, it causes wrong
blocks filled with zeroes on seeking beyond end of file.

PR:	kern/47628
Submitted by:	tegge
MFC after:	3 days
2008-09-01 13:18:16 +00:00
Attilio Rao
0359a12ead Decontextualize the couplet VOP_GETATTR / VOP_SETATTR as the passed thread
was always curthread and totally unuseful.

Tested by: Giovanni Trematerra <giovanni dot trematerra at gmail dot com>
2008-08-28 15:23:18 +00:00
Ed Schouten
bc093719ca Integrate the new MPSAFE TTY layer to the FreeBSD operating system.
The last half year I've been working on a replacement TTY layer for the
FreeBSD kernel. The new TTY layer was designed to improve the following:

- Improved driver model:

  The old TTY layer has a driver model that is not abstract enough to
  make it friendly to use. A good example is the output path, where the
  device drivers directly access the output buffers. This means that an
  in-kernel PPP implementation must always convert network buffers into
  TTY buffers.

  If a PPP implementation would be built on top of the new TTY layer
  (still needs a hooks layer, though), it would allow the PPP
  implementation to directly hand the data to the TTY driver.

- Improved hotplugging:

  With the old TTY layer, it isn't entirely safe to destroy TTY's from
  the system. This implementation has a two-step destructing design,
  where the driver first abandons the TTY. After all threads have left
  the TTY, the TTY layer calls a routine in the driver, which can be
  used to free resources (unit numbers, etc).

  The pts(4) driver also implements this feature, which means
  posix_openpt() will now return PTY's that are created on the fly.

- Improved performance:

  One of the major improvements is the per-TTY mutex, which is expected
  to improve scalability when compared to the old Giant locking.
  Another change is the unbuffered copying to userspace, which is both
  used on TTY device nodes and PTY masters.

Upgrading should be quite straightforward. Unlike previous versions,
existing kernel configuration files do not need to be changed, except
when they reference device drivers that are listed in UPDATING.

Obtained from:		//depot/projects/mpsafetty/...
Approved by:		philip (ex-mentor)
Discussed:		on the lists, at BSDCan, at the DevSummit
Sponsored by:		Snow B.V., the Netherlands
dcons(4) fixed by:	kan
2008-08-20 08:31:58 +00:00
Bjoern A. Zeeb
603724d3ab Commit step 1 of the vimage project, (network stack)
virtualization work done by Marko Zec (zec@).

This is the first in a series of commits over the course
of the next few weeks.

Mark all uses of global variables to be virtualized
with a V_ prefix.
Use macros to map them back to their global names for
now, so this is a NOP change only.

We hope to have caught at least 85-90% of what is needed
so we do not invalidate a lot of outstanding patches again.

Obtained from:	//depot/projects/vimage-commit2/...
Reviewed by:	brooks, des, ed, mav, julian,
		jamie, kris, rwatson, zec, ...
		(various people I forgot, different versions)
		md5 (with a bit of help)
Sponsored by:	NLnet Foundation, The FreeBSD Foundation
X-MFC after:	never
V_Commit_Message_Reviewed_By:	more people than the patch
2008-08-17 23:27:27 +00:00
Konstantin Belousov
f35db5f7ca Remove unnecessary locking around pointer fetch.
Requested by:   jhb
2008-08-12 19:34:45 +00:00
Robert Watson
4f7d1876d5 Introduce a new lock, hostname_mtx, and use it to synchronize access
to global hostname and domainname variables.  Where necessary, copy
to or from a stack-local buffer before performing copyin() or
copyout().  A few uses, such as in cd9660 and daemon_saver, remain
under-synchronized and will require further updates.

Correct a bug in which a failed copyin() of domainname would leave
domainname potentially corrupted.

MFC after:	3 weeks
2008-07-05 13:10:10 +00:00
Konstantin Belousov
813d71de08 The uniqdosname() function takes char[12] as it third argument.
Found by:	-fstack-protector
Reported by:	dougb
Tested by:	dougb, Rainer Hurling <rhurlin gwdg de>
MFC after:	3 days
2008-07-04 09:40:52 +00:00
Robert Watson
e54fdca237 Remove unused 'td' arguments from smbfs_hash_lock() and
smbfs_hash_unlock().

MFC after:	3 days
2008-07-01 07:51:16 +00:00
Oleksandr Tymoshenko
2da528a74f Get pointer to devfs_ruleset struct after garbage collection has been
performed. Otherwise if ruleset is used by given mountpoint and is empty
it's freed by devfs_ruleset_reap and pointer becomes bogus.

Submitted by:   Mateusz Guzik <mjguzik@gmail.com>
PR:             kern/124853
2008-06-22 14:34:38 +00:00
Konstantin Belousov
05427aafc6 Struct cdev is always the member of the struct cdev_priv. When devfs
needed to promote cdev to cdev_priv, the si_priv pointer was followed.

Use member2struct() to calculate address of the wrapping cdev_priv.
Rename si_priv to __si_reserved.

Tested by:	pho
Reviewed by:	ed
MFC after:	2 weeks
2008-06-16 17:34:59 +00:00
Konstantin Belousov
a0b454dc4b Do not redo the vnode tear-down work already done by insmntque() when
vnode cannot be put on the vnode list for mount.

Reported and tested by:	marck
Guilty party:	me
MFC after:	3 days
2008-06-15 18:40:58 +00:00
Ed Schouten
29d4cb241b Don't enforce unique device minor number policy anymore.
Except for the case where we use the cloner library (clone_create() and
friends), there is no reason to enforce a unique device minor number
policy. There are various drivers in the source tree that allocate unr
pools and such to provide minor numbers, without using them themselves.

Because we still need to support unique device minor numbers for the
cloner library, introduce a new flag called D_NEEDMINOR. All cdevsw's
that are used in combination with the cloner library should be marked
with this flag to make the cloning work.

This means drivers can now freely use si_drv0 to store their own flags
and state, making it effectively the same as si_drv1 and si_drv2. We
still keep the minor() and dev2unit() routines around to make drivers
happy.

The NTFS code also used the minor number in its hash table. We should
not do this anymore. If the si_drv0 field would be changed, it would no
longer end up in the same list.

Approved by:	philip (mentor)
2008-06-11 18:55:19 +00:00
Konstantin Belousov
ac8b6edd89 In cd9660_readdir vop, always initialize the idp->uio_off member.
The while loop that is assumed to initialize the uio_off later, may
be not entered at all, causing uninitialized value to be returned in
uio->uio_offset.

PR:  122925
Submitted by:	Jaakko Heinonen <jh saunalahti fi>
MFC after:	1 weeks
2008-06-11 12:46:09 +00:00
Konstantin Belousov
9e40a5f827 When devfs_allocv() committed to create new vnode, since de_vnode is NULL,
the dm_lock is held while the newly allocated vnode is locked. Since no
other threads may try to lock the new vnode yet, the LOR there cannot
result in the deadlock.

Shut down the witness warning to note this fact.

Tested by:	pho
Prodded by:	attilio
2008-06-05 09:15:47 +00:00
Ed Schouten
16151645c2 Revert the changes I made to devfs_setattr() in r179457.
As discussed with Robert Watson and John Baldwin, it would be better if
PTY's are created with proper permissions, turning grantpt() into a
no-op.

Bypassing security frameworks like MAC by passing NOCRED to
VOP_SETATTR() will only make things more complex.

Approved by:	philip (mentor)
2008-06-01 14:02:46 +00:00
Ed Schouten
34d1dcf0cc Merge back devfs changes from the mpsafetty branch.
In the mpsafetty branch, PTY's are allocated through the posix_openpt()
system call. The controller side of a PTY now uses its own file
descriptor type (just like sockets, vnodes, pipes, etc).

To remain compatible with existing FreeBSD and Linux C libraries, we can
still create PTY's by opening /dev/ptmx or /dev/ptyXX. These nodes
implement d_fdopen(). Devfs has been slightly changed here, to allow
finit() to be called from d_fdopen().

The routine grantpt() has also been moved into the kernel. This routine
is a little odd, because it needs to bypass standard UNIX permissions.
It needs to change the owner/group/mode of the slave device node, which
may often not be possible. The old implementation solved this by
spawning a setuid utility.

When VOP_SETATTR() is called with NOCRED, devfs_setattr() dereferences
ap->a_cred, causing a kernel panic. Change the de_{uid,gid,mode} code to
allow changes when a->a_cred is set to NOCRED.

Approved by:	philip (mentor)
2008-05-31 14:06:37 +00:00
Ulf Lilleengen
60af8a6a7a - Add locking to all filesystem operations in fdescfs and flag it as MPSAFE.
- Use proper synhronization primitives to protect the internal fdesc node cache
  used in fdescfs.
- Properly initialize and uninitalize hash.
- Remove unused functions.

Since fdescfs might recurse on itself, adding proper locking to it needed some
tricky workarounds in some parts to make it work. For instance, a descriptor in
fdescfs could refer to an open descriptor to itself, thus forcing the thread to
recurse on vnode locks. Because of this, other race conditions also had to be
fixed.

Tested by:	pho
Reviewed by:	kib (mentor)
Approved by:	kib (mentor)
2008-05-24 14:51:30 +00:00
Konstantin Belousov
772e245341 When vget() fails (because the vnode has been reclaimed), there is no
sense to loop trying to vget() the vnode again.

PR:	122977
Submitted by:	Arthur Hartwig <arthur.hartwig nokia com>
Tested by:	pho
Reviewed by:	jhb
MFC after:	1 week
2008-05-23 16:36:39 +00:00