Commit Graph

1155 Commits

Author SHA1 Message Date
mpp
230fe79baf Restore Bruce's original comment. It seems that "iff" = if and only if,
and is not a typo.  It is used other places in the kernel, too.
1997-03-22 20:34:21 +00:00
mpp
c1ad13c30b Fix a typo in a comment of a recent commit. 1997-03-22 16:52:19 +00:00
bde
60e1468128 Removed volatile' from declaration of time', and removed the resulting
null casts.  `time' is nonvolatile for accesses within a region locked
by splclock()/splx().  Accesses outside such a region are invalid, and
splx() must have the side effect of potentially changing all global
variables (since there are hundreds of sort of volatile variables like
`time'), so declaring `time' as volatile didn't have any real benefits.
1997-03-22 08:03:51 +00:00
bde
0bc1781701 Fixed some invalid (non-atomic) accesses to `time', mostly ones of the
form `tv = time'.  Use a new function gettime().  The current version
just forces atomicicity without fixing precision or efficiency bugs.
Simplified some related valid accesses by using the central function.
1997-03-22 06:53:45 +00:00
wpaul
cdd7ea4262 Add support to sendmsg()/recvmsg() for passing credentials between
processes using AF_LOCAL sockets. This hack is going to be used with
Secure RPC to duplicate a feature of STREAMS which has no real counterpart
in sockets (with STREAMS/TLI, you can apparently use t_getinfo() to learn
UID of a local process on the other side of a transport endpoint).

What happens is this: the client sets up a sendmsg() call with ancillary
data using the SCM_CREDS socket-level control message type. It does not
need to fill in the structure. When the kernel notices the data,
unp_internalize() fills in the cmesgcred structure with the sending
process' credentials (UID, EUID, GID, and ancillary groups). This data
is later delivered to the receiving process. The receiver can then
perform the follwing tests:

- Did the client send ancillary data?
	o Yes, proceed.
	o No, refuse to authenticate the client.

- The the client send data of type SCM_CREDS?
	o Yes, proceed.
	o No, refuse to authenticate the client.

- Is the cmsgcred structure the right size?
	o Yes, proceed.
	o No, signal a possible error.

The receiver can now inspect the credential information and use it to
authenticate the client.
1997-03-21 16:12:32 +00:00
bde
e90724566c Fixed null pointer panic in devtotty(). Fixed bounds checking in
devtotty().  devtotty() must check its arg carefully since the arg is
supplied as ioctl data.  This should fix PR3004.

Renamed devtotty() to snpdevtotty().
1997-03-16 19:11:40 +00:00
bde
caf27c1d17 Fixed the hash formula. Lite2 doesn't have phashinit(), so Lite2's hash
formula uses `& nchash'.  This is very broken when nchash is a prime
number instead of 1 less than a power of 2, but the Lite2 formula was
merged in.

Merged some cosmetic changes from Lite2, rev.1.21 and Lite1.  The merge
was difficult because the Lite2 code is essentially ours (phk's) except
where Lite2 improved or broke it.

Summary of the Lite2 changes:
- in the copyright, phk's rights have been transferred to the Regents.
  This change should be reviewed.
- nchENOENT went away; the "no" vnode is now simply 0.
- comments were improved.
- style was "improved".
- goto instead of Fanatism (sic) was considered bad :-).
- there are some small changes to support whiteouts.
- new cache entries are added in more cases.  More work is required
  near here to change the hash table size if kern.desiredvnodes is
  changed using sysctl.
- rescanning of the hash bucket in cache_purgevfs() was removed.  This
  change should be reviewed.
1997-03-08 15:22:14 +00:00
guido
d3df6f9beb Fix style bugs and other bugs in the NFS fix. 1997-03-08 15:14:30 +00:00
dyson
b86e098809 Remove unnecessary check for vp->v_mount being null. Pointed
out by BDE.
1997-03-07 14:40:54 +00:00
gpalmer
7293d8e7d6 Fix (I hope) the NFS hole. This is only compile tested.
Submitted by:	(partly) davids@SECNET.COM via BUGTRAQ
1997-03-07 07:42:41 +00:00
bde
e423a3a276 Try a no-wait malloc first in clist_alloc_cblocks(). If this fails, then
complain and blunder on.

Should be in 2.2, preferably with a better fix.
1997-03-05 16:45:01 +00:00
dg
1a326a5d28 Fixed splbio problems in vinvalbuf. Closes PR#2875, although fixed
differently by me.
1997-03-05 04:54:54 +00:00
msmith
7b27305852 Check that vp->v_mount is non-null in fsync() before dereferencing it to
obtain the mountpoint's MNT_ASYNC flag.

This is a Very Definite Last-Minute 2.2 Bugfix Candidate.

Reviewed by:	sef
1997-03-05 01:42:14 +00:00
bde
61a92b4f52 Attach vfs_sysctl() one level lower so that only the levels below
VFS_GENERIC aren't done in the FreeBSD way.  The previous commit
broke the nfs sysctls.
1997-03-04 18:31:56 +00:00
ache
3d43c6e015 Oops, fix typo. 1997-03-03 23:02:43 +00:00
ache
a06fb05366 Don't copy more than MAXLOGNAME bytes in getlogin() syscall,
it is stricter than padded s_login size check was there.
1997-03-03 22:46:16 +00:00
bde
5fc94677bd Merged Lite2's vfs_sysctl(). It doesn't fit very well into FreeBSD's
(phk's) sysctl framework, and I needed special code to disambiguate
the VFS_GENERIC node from the VFS_VFSCONF leaf, so I only converted
the leaves to the FreeBSD framework.  The error handling isn't quite
right.  CSRGS's sysctls seem to return ENOTDIR too much and FreeBSD's
sysctls don't agree with the man page.
1997-03-03 12:58:20 +00:00
ache
c030a5f0b6 Use MAXLOGNAME for stricter size check in setlogin() syscall instead of
sizeof of padded s_login array
1997-03-03 10:15:48 +00:00
bde
a42104c77d Restored some pre-Lite2-merge source-level compatibility to the mount()
and getvfsbyname() interfaces.  The new interfaces are now hidden from
applications unless _NEW_VFSCONF is defined.  The new vfsconf interfaces
don't work yet.
1997-03-02 17:53:37 +00:00
bde
6e31892943 Moved vfs sysctls to where Lite2 put them. No code changes yet. 1997-03-02 11:06:22 +00:00
wosch
9108e06194 Include copyright message from <sys/copyright.h> 1997-03-01 17:49:09 +00:00
bde
525cc9a831 Added a copyright and restored order. 1997-02-28 10:14:24 +00:00
bde
166500e69d Wrapped mi_switch() with splstatclock()/splx(). This fixes excessive
interrupt latency for certain cases involving for restarting stopped
processes.
1997-02-27 18:03:48 +00:00
bde
c7bf781727 Fixed loading of vfs's. The Lite2 merge added unnecessary compatibility
cruft and resulted in loading usually following a null pointer.  Use
something closer to the pre-Lite2 code, including not making a copy of
the new filesystem's config info.  Not making a copy also fixes a race
for loading and a memory leak for unloading.

Fixed unloading of vfs's.  maxvfsconf wasn't maintained.

Look up the vfs to unload by name instead of by number.  The numbers
should go away as soon as all mount utilities are converted.
1997-02-27 16:40:20 +00:00
bde
b19a6b276f Fixed Lite2 merge of spechash simplelocking. It was misplaced in
checkalias() and missing in vfinddev() and vcount().
1997-02-27 16:08:43 +00:00
dyson
c33087f4e0 Fix the previous simple_lock fix breakage in the combined
vput/vrele routine.  Fix a panic message.  Fix the vop_nounlock
routine so that "special" filesystems that use it work correctly.
1997-02-27 05:28:58 +00:00
dyson
b3686e776a Fix the simple_lock problem with the physical I/O buffer code, and
also fix the missing simple_unlock in vrele, and improve vrele/vput
by merging them into one routine.  BDE pointed these problems out.
1997-02-27 02:57:03 +00:00
bde
c19ef73557 Fixed unmounting of the root fs. vfs_unmountroot() wasn't fully updated
to do Lite2 locking and vfs_unmountall() wasn't as simple as the Lite2
version.
1997-02-26 15:35:42 +00:00
bde
4f04146c67 Merged some missing locking from Lite2:
- getnewvnode() and vref() were missing one simple_unlock() each.
- the Lite2 locking changes weren't merged at all in
  printlockedvnodes() or sysctl_vnode().  Merging these undid
  some KNF style regressions.
1997-02-25 19:33:23 +00:00
wollman
a6e3c2a3ce Create a new branch of the kernel MIB, kern.ipc, to store
all of the configurables and instrumentation related to
inter-process communication mechanisms.  Some variables,
like mbuf statistics, are instrumented here for the first
time.

For mbuf statistics: also keep track of m_copym() and
m_pullup() failures, and provide for the user's inspection
the compiled-in values of MSIZE, MHLEN, MCLBYTES, and MINCLSIZE.
1997-02-24 20:30:58 +00:00
peter
cdca48ec7b Regenerate to include correct Id string 1997-02-22 12:52:35 +00:00
peter
94b6d72794 Back out part 1 of the MCFH that changed $Id$ to $FreeBSD$. We are not
ready for it yet.
1997-02-22 09:48:43 +00:00
mpp
67fb7190df Support the installation of character devices via an lkm.
Closes PR# 1716

Submitted by:	jpt@magic.net
1997-02-22 01:20:57 +00:00
bde
301b9cec88 Improved select():
- avoid malloc() if the number of fds is small.
- pack the bits better so that `small' is quite large.
- don't waste time generating zero bits for null fd_set pointers or
  scanning these bits.

Possibly improved select():
- free malloc()ed storage before returning.  This is simpler and I
  think huge select()s aren't worth optimizing since they are rare,
  relative gain would be small and there would be tiny costs for all
  selects().

Reviewed by:	ache (first version by him too)
1997-02-20 11:51:52 +00:00
wollman
a81210e4a9 Make the operation of sonewconn1() a bit clearer by calling
pru_attach() before putting the new connection on the
connection queue.
1997-02-19 19:15:43 +00:00
dg
965388b530 Fix from PR #2757:
execve() clears the P_SUGID process flag in execve() if the binary
executed does not have suid or sgid permission bits set.

This also happens when the effective uid is different from the real
uid or the effective gid is different from the real gid. Under
these circumstances, the process still has set id privileges and
the P_SUGID flag should not be cleared.

Submitted by:	Tor Egge <Tor.Egge@idt.ntnu.no>
1997-02-19 03:51:34 +00:00
wollman
348a992441 uipc_mbuf.c: do a better job of counting how often we have to wait
for memory, or are denied a cluster.

uipc_socket2.c: define some generic ``operation-not-supported'' entry points
for pr_usrreqs.
1997-02-18 20:43:07 +00:00
bde
d407637813 Added some ufs #includes so that this compiles with option LOCKF_DEBUG.
Moving this all from ufs wasn't a good move.  At least the debugging
routines depend on the file system.

Cleaned up the LOCKF_DEBUG #includes.
1997-02-18 14:37:26 +00:00
bde
a962df746e Fixed namei caching for LOOKUPs. It was broken for lstat() and olstat().
Successful lstat()s purged an existing entry as well as not caching the
result.

This bug was introduced in Lite1 by setting the LOCKPARENT flag for
[o]lstat() in order to support the inherit-attributes-from-parent-
directory misfeature for symlinks.  LOCKPARENT was previously only set
for CREATEs and DELETEs.  It is now set for LOOKUPs, but only for
[o]lstat(), so the problem wasn't very noticeable.
1997-02-18 06:46:41 +00:00
bde
8f26a5330a Changed #ifdef COMPAT_PRELITE2' to #ifndef NO_COMPAT_PRELITE2' so that
the old VFS_VFSCONF sysctl is enabled by default.

Initialize the vfc_vfsops field to non-NULL in sysctl_ovfs_conf()
so that the old VFS_VFSCONF sysctl actually works.  The old (still
current) getvfsent.c uses this "kernel-only" field to decide which
vfs's are configured (the old implementation returned null entries
for unconfigured vfs's).
1997-02-18 04:58:11 +00:00
dg
2af96e689c Pass P_SUGID on to the child of a fork(). It was possible to get rlogin
to coredump previously since it (somewhat uniquely) is setuid and forks
without execing, and thus without passing P_SUGID the child could
coredump and possibly divulge sensitive information (such as encrypted
passwords from the passwd database).
1997-02-17 10:58:46 +00:00
wollman
1f8c9c194a Provide an alternative mbuf cluster allocator which permits use of
clusters greater than one page in length by calling contigmalloc1().
This uses a helper process `mclalloc' to do the allocation if
the system runs out at interrupt time to avoid calling contigmalloc
at high spl.  It is not yet clear to me whether this works.
1997-02-13 19:41:40 +00:00
wollman
8a5f6f3073 For large values of sb_max or MCLBYTES, it was possible for the expression
sb_max * MCLBYTES / (MSIZE + MCLBYTES)
used in sbreserve() to overflow, causing all socket creation attempts
to fail.  Force the calculation to use u_quad_t's, which makes overflow
less likely.
1997-02-13 18:05:46 +00:00
mpp
6ada6e6681 Don't depend on FIFO being defined to enable mkfifo.
It is now always compiled.

Submitted by:	bde
1997-02-12 16:55:32 +00:00
bde
ebd8d6ddd9 Restored some lost function return types. 1997-02-12 14:00:00 +00:00
mpp
11081f2076 Add function protypes for the new Lite2 unionfs functions. 1997-02-12 07:54:22 +00:00
mpp
d05d971648 Comment out a call to the #ifdef DIAGNOSTIC routine
vfs_bufstats().  This routine was not imported in the
Lite2 merge.
1997-02-12 06:46:11 +00:00
wollman
1791a7ff97 Fix spelling of net.inet.ip.forwarding.
Add ARP_PROXYALL to defunct options.
1997-02-10 19:19:16 +00:00
davidn
57d260df48 Fix off by one error in setlogin() syscall.
Don't overwrite session login unless the call is going to succeed.
1997-02-10 06:18:20 +00:00
dyson
10f666af84 This is the kernel Lite/2 commit. There are some requisite userland
changes, so don't expect to be able to run the kernel as-is (very well)
without the appropriate Lite/2 userland changes.

The system boots and can mount UFS filesystems.

Untested: ext2fs, msdosfs, NFS
Known problems: Incorrect Berkeley ID strings in some files.
		Mount_std mounts will not work until the getfsent
		library routine is changed.

Reviewed by:	various people
Submitted by:	Jeffery Hsu <hsu@freebsd.org>
1997-02-10 02:22:35 +00:00