411 Commits

Author SHA1 Message Date
kato
a629e89a7a Added DIAGNOSTIC routine to test inconsistency of vnode when cnp
points `.'.

Obtained from:	NetBSD
1997-08-15 02:36:28 +00:00
kato
8f18798bdf Deleted unused code which adjust UN_UNLOCK flag. 1997-08-15 02:35:00 +00:00
kato
9e0af5b4e3 If the user doesn't have read permission, union_copyup should not copy
a file to upper layer.

Reviewed by:	Naofumi Honda <honda@Kururu.math.sci.hokudai.ac.jp>
1997-08-14 03:57:46 +00:00
kato
a9c600c630 Backed out part of previous change. The example of -b mount in
manpage works again.
1997-08-14 03:52:27 +00:00
kato
d0850efd52 Fixed vnode corruption by undefined case in union_lookup(). When
uerror == 0 && lerror == EACCES, lowervp == NULLVP and union_allocvp
doesn't find existing union node and new union node is created.

Sicne it is dificult to cover all the case, union_lookup always
returns when union_lookup1() returns EACCES.

Submitted by:	Naofumi Honda <honda@Kururu.math.sci.hokudai.ac.jp>
Obtained from:	NetBSD/pc98
1997-08-12 07:18:59 +00:00
sef
47bfe6b362 Check permissions for fp regs as well as normal regs. 1997-08-12 05:23:51 +00:00
sef
ea579a477d Fix procfs security hole -- check permissions on meaningful I/Os (namely,
reading/writing of mem and regs).  Also have to check for the requesting
process being group KMEM -- this is a bit of a hack, but ps et al need it.

Reviewed by:	davidg
1997-08-12 04:34:30 +00:00
bde
9195bd1ec7 Removed unused #includes. 1997-08-02 14:33:27 +00:00
alex
ae52a72f07 More comment cleanup. 1997-06-26 17:12:59 +00:00
alex
7e141a0635 Typo police. 1997-06-26 16:13:56 +00:00
alex
f3cccc0874 Style fix my previous commit. 1997-06-26 16:12:53 +00:00
alex
793295a94d Block all write operations to /proc/1/* when securelevel > 0.
The additional check in procfs_ctl.c could be backed out, but
I'm leaving it in for good measure.

Reviewed by:	Theo de Raadt <deraadt@OpenBSD.org>
1997-06-21 16:09:49 +00:00
tegge
ddd2ab1026 Don't remove the controlling tty from the session if the vnode is being
cleaned. This should help for PR kern/3581.
1997-05-29 13:29:13 +00:00
peter
e803ad6c09 Fix some warnings (missing prototypes, wrong "generic" args etc)
umapfs uses one of nullfs's functions...
1997-05-25 04:50:02 +00:00
phk
0419930c72 Remove redundant check for vp == dvp (done in VFS before calling). 1997-05-17 18:32:53 +00:00
kato
eae849a5dd 1. Added cast and parenthesis in block size calculaion in
union_statfs().
2. staticized union vops.

Submitted by:	Doug Rabson <dfr@nlsystems.com>
1997-05-07 14:37:32 +00:00
joerg
d410fc5c91 Hide the kernel-only stuff inside #ifdef KERNEL.
XXX should be #ifdef _KERNEL
XXX^2 the !KERNEL part should probably be moved out into a publically
      visible header file anyway.
1997-05-07 13:23:04 +00:00
joerg
5c08287eea Oops. The function cd9660_mountroot() is gone, but i've committed an
even more bogus prototype for it in my previous commit.
1997-05-04 16:17:49 +00:00
joerg
8cea5b917d This mega-commit brings the following:
. It makes cd9660 root f/s working again.
. It makes CD9660 a new-style option.
. It adds support to mount an ISO9660 multi-session CD-ROM as the root
  filesystem (the last session actually, but that's what is expected
  behaviour).

Sigh.  The CDIOREADTOCENTRYS did a copyout() of its own, and thus has
been unusable for me for this work.  Too bad it didn't simply stuff
the max 100 entries into the struct ioc_read_toc_entry, but relied on
a user supplied data buffer instead. :-(  I now had to reinvent the
wheel, and created a CDIOREADTOCENTRY ioctl command that can be used
in a kernel context.

While doing this, i noticed the following bogosities in existing CD-ROM
drivers:

wcd:	This driver is likely to be totally bogus when someone tries
	two succeeding CDIOREADTOCENTRYS (or now CDIOREADTOCENTRY)
	commands with requesting MSF format, since it apparently
	operates on an internal table.

scd:	This driver apparently returns just a single TOC entry only for
	the CDIOREADTOCENTRYS command.

I have only been able to test the CDIOREADTOCENTRY command with the
cd(4) driver.  I hereby request the respective maintainers of the
other CD-ROM drivers to verify my code for their driver.  When it
comes to merging this CD-ROM multisession stuff into RELENG_2_2 i will
only consider drivers where i've got a confirmation that it actually
works.
1997-05-04 15:24:23 +00:00
kato
1cbadda822 Fixed panic message in union_lock(): union_link --> union_lock. 1997-05-03 01:55:19 +00:00
kato
7268d74c7c Access correct union mount point in union_access. Old vnode is saved
in savedvp variable and it is used for the argument of
MOUNTTOUNIONMOUNT().  I didn't realize ap->a_vp is modified before
MOUNTTOUNIONMOUNT(), so the change by revision 1.22 is incorrect.
1997-05-02 03:21:54 +00:00
sos
9642705516 Remove the dependancy on DEV_BSIZE, now specfs works on != 512byte
sector devices given that the fs uses a blocksize of at least a physical
sector size.
1997-05-01 19:12:22 +00:00
joerg
939a1f6d87 For multi-session CD-ROMs, we have to account for previous sessions as
well in volume_space_size.  Otherwise, NFS exports won't work.
1997-04-29 17:11:51 +00:00
joerg
57e93106aa Add support for ISO9660 multi-session CD-ROMs. This is just nothing
but searching the directory on something else than the default
location.

NB: this comprises an interface change to the mount_cd9660(8)
utility (commit will follow).  You need to rebuild both.

I've got similar patches for RELENG_2_2, should i commit them too?
1997-04-29 15:52:53 +00:00
kato
d9ec773b46 Revised fix for locking violation when unionfs calls vput with
UN_KLOCK flag.

When UN_KLOCK is set, VOP_UNLOCK should keep uppervp locked and clear
UN_ULOCK flag.  To do this, when UN_KLOCK is set, (1) union_unlock
clears UN_ULOCK and does not clear UN_KLOCK, (2) union_lock() does not
access uppervp and does not clear UN_KLOCK, and (3) callers of
vput/VOP_UNLOCK should clear UN_KLOCK.  For example, vput becomes:

	SETKLOCK(union_node);
	vput(vnode);
	CLEARKLOCK(union_node);

where SETKLOCK macro sets UN_KLOCK and CLEARKLOCK macro clears
UN_KLOCK.
1997-04-29 02:06:07 +00:00
alex
c38f6b729e Removed bogon from previous commit: doubly included sys/systm.h. 1997-04-27 21:32:21 +00:00
alex
ced78602fe Prevent debugger attachment to init when securelevel > 0.
Noticed by:	Brian Buchanan <brian@wasteland.calbbs.com>
1997-04-27 19:02:37 +00:00
kato
80b711702c Undo 1.29. 1997-04-27 10:49:37 +00:00
kato
f90d800c9a Do nothing instead of adjusting un_flags when (uppervp is locked) &&
(UN_ULOCK is not set) in union_lock.  This condition may indicate
race.  DIAGNOSTIC kernel still panic here.
1997-04-26 13:43:25 +00:00
kato
f18676ff22 Do not clear UN_ULOCK in certain case.
Our vput calls vm_object_deallocate() --> vm_object_terminate().  The
vm_object_terminate() calls vn_lock(), since UN_LOCKED has been
already cleared in union_unlock().  Then, union_lock locks upper vnode
when UN_ULOCK is not set.  The upper vnode is not unlocked when
UN_KLOCK is set in union_unlock(), thus, union_lock tries to lock
locked vnode and we get panic.
1997-04-26 04:09:40 +00:00
kato
e696227ac2 Dirty change in union_lock(). Sometimes upper vnode is locked without
UN_ULOCK flag.  This shows a locking violation but I couldn't find the
reason UN_ULOCK is not set or upper vnode is not unlocked.  I added
the code that detect this case and adjust un_flags.  DIAGNOSTIC kernel
doesn't adjust un_flags, but just panic here to help debug by kernel
hackers.
1997-04-21 15:32:24 +00:00
kato
e2eb0e3743 Replace VOP_LOCK with vn_lock. 1997-04-21 12:40:42 +00:00
dyson
5cd49302ac Fix both a problem with accessing backing objects, and also release
the process map on nonexistant pages.
PR:		kern/3327
Submitted by:	Tor Egge <Tor.Egge@idi.ntnu.no>
1997-04-20 17:12:11 +00:00
kato
47e567e3df Avoid `lock against myself' panic by following operation:
# mount -t union (or null) dir1 dir2
	# mount -t union (or null) dir2 dir1

The function namei in union_mount calls union_root.  The upper vnode
has been already locked and vn_lock in union_root causes above panic.

Add printf's included in `#ifdef DIAGNOSTIC' for EDEADLK cases.
1997-04-19 06:04:13 +00:00
kato
b38f98ddc9 Fix `locking against myself' panic by multi nullfs mount of same
directory pair.
1997-04-17 11:24:57 +00:00
kato
89de63b348 Use NULLVP instead of NULL. 1997-04-17 11:17:30 +00:00
kato
ff5e7e18c2 Do not set the uppervp to NULLVP in union_removed_upper. If lowervp
is NULLVP, union node will have neither uppervp nor lowervp.  This
causes page fault trap.

The union_removed_upper just remove union node from cache and it
doesn't set uppervp to NULLVP.  Since union node is removed from
cache, it will not be referenced.

The code that remove union node from cache was copied from
union_inactive.
1997-04-16 16:24:24 +00:00
kato
94dc06fdd4 Undo previous commit to avoid panic, and fix order of argument of
VOP_LINK().  The reason of strange behavior was wrong order of the
argument, that is, the operation

	# ln foo bar

in a union fs tried to do

	# ln bar foo

in ufs layer.

Now we can make a link in a union fs.
1997-04-16 03:08:34 +00:00
kato
071dc96075 Quick-hack to avoid `lock against myself' panic. It is not the real
fix!

The ufs_link() assumes that vnode is not unlocked and tries to lock it
in certain case.  Because union_link calls VOP_LINK after locking vnode,
vn_lock in ufs_link causes above panic.

Currently, I don't know the real fix for a locking violation in
union_link, but I think it is important to avoid panic.

A vnode is unlocked before calling VOP_LINK and is locked after it if
the vnode is not union fs.  Even though panic went away, the process
that access the union fs in which link was made will hang-up.

Hang-up can be easily reproduced by following operation:

	mount -t union a b
	cd b
	ln foo bar
	ls
1997-04-15 12:56:57 +00:00
bde
fec7811ef9 Removed more traces of ISODEVMAP. 1997-04-15 08:05:08 +00:00
phk
3320ec6530 Remove all traces of undocumented feature ISODEVMAP. 1997-04-14 18:15:47 +00:00
kato
69a13fa7d1 Fix `lockmgr: locking against myself' panic by multi union mount of
same directory pair.

If we do:
    mount -t union a b
    mount -t union a b
then, (1) namei tries to lock fs which has been already locked by
first union mount and (2) union_root() tries to lock locked fs.  To
avoid first deadlock condition, unlock vnode if lowerrootvp is union
node, and to avoid second case, union_mount returns EDEADLK when multi
union mount is detected.
1997-04-14 10:52:25 +00:00
kato
49921c887d Fix locking violation when accessing `..'.
Obtained from:	NetBSD
1997-04-14 05:13:55 +00:00
kato
e39250c28c Access correct union mount point in union_access. 1997-04-13 13:12:12 +00:00
phk
4292ccaf6d The function union_fsync tries to lock overlaying vnode object when
dolock is not set (that is, targetvp == overlaying vnode object).
Current code use FIXUP macro to do this, and never unlocks overlaying
vnode object in union_fsync.  So, the vnode object will be locked
twice and never unlocked.

PR:		3271
Submitted by:	kato
1997-04-13 06:29:13 +00:00
phk
69934522f7 The path name buffer, cn->cn_pnbuf, is FREEed by VOP_MKDIR when
relookup() in union_relookup() is succeeded.  However, if relookup()
returns non-zero value, that is relookup fails, VOP_MKDIR is never
called (c.f. union_mkshadow).  Thus, pathname buffer is never FREEed.

Reviewed by:	phk
Submitted by:	kato
PR:		3262
1997-04-13 06:27:09 +00:00
phk
6191d4d12f Though malloc allocates only cn.cn_namelen bytes for cn.cn_pnbuf in
union_vn_create(), following bcopy copies cn.cn_namlen + 1 bytes to
cn.cn_pnbuf

PR:		3255
Reviewed by:	phk
Submitted by:	kato
1997-04-13 06:25:03 +00:00
bde
5b0d745f8b Get the declaration of `struct dirent' from <sys/dirent.h>, not from
<sys/dir.h>, and use the new macro GENERIC_DIRSIZ() instead of DIRSIZ().

Removed unused #includes.
1997-04-10 15:05:38 +00:00
bde
bdb8ad15bd Get the declaration of `struct dirent' from <sys/dirent.h>, not from
<sys/dir.h>.

Removed unused #include.

Fixed type and order of struct members in pseudo-declaration of `struct
vop_readdir_args'.
1997-04-10 14:56:49 +00:00
bde
3990948507 Removed unused or apparently-unused #includes, especially of the
deprecated header <sys/dir.h>.
1997-04-10 14:35:32 +00:00