Commit Graph

1605 Commits

Author SHA1 Message Date
green
da8d4a51f1 When taking event callbacks (like process_exit) out from under Giant, those
which do not lock Giant themselves will be exposed.  Unbreak pfs_exit().
2004-03-14 15:57:45 +00:00
phk
5c532f7fd4 When I was a kid my work table was one cluttered mess an cleaning it up
were a rather overwhelming task.  I soon learned that if you don't know
where you're going to store something, at least try to pile it next to
something slightly related in the hope that a pattern emerges.

Apply the same principle to the ffs/snapshot/softupdates code which have
leaked into specfs:  Add yet a buf-quasi-method and call it from the
only two places I can see it can make a difference and implement the
magic in ffs_softdep.c where it belongs.

It's not pretty, but at least it's one less layer violated.
2004-03-11 18:50:33 +00:00
phk
eeb7579130 Remove unused second arg to vfinddev().
Don't call addaliasu() on VBLK nodes.
2004-03-11 16:33:11 +00:00
phk
263999b14d Don't call devsw() more than we need to, and in particular do not expose
ourselves to device removal by not checking for it the second time.

Use count_dev(dev) rather than vcount(vp)
2004-03-10 20:56:28 +00:00
scottl
be64b495ab Change __FUNCTION__ to __func__
Submitted by:	Stefan Farfeleder
2004-03-03 07:43:34 +00:00
rwatson
b0b5f961bd Rename dup_sockaddr() to sodupsockaddr() for consistency with other
functions in kern_socket.c.

Rename the "canwait" field to "mflags" and pass M_WAITOK and M_NOWAIT
in from the caller context rather than "1" or "0".

Correct mflags pass into mac_init_socket() from previous commit to not
include M_ZERO.

Submitted by:	sam
2004-03-01 03:14:23 +00:00
phk
4666e8d5fb Do not attempt to open NODEV 2004-02-24 09:59:35 +00:00
tjr
a3493bb58a Fix comment containing vop_readdir_args contents: a_cookies is really
u_long ** not u_long *.
2004-02-23 01:43:00 +00:00
tjr
aeed6d0ca3 cookies is an array of u_long, not u_int, so MALLOC() it accordingly.
Allocating it with the wrong size could have caused corruption on
64-bit architectures.
2004-02-23 01:40:46 +00:00
bde
4159786890 Fixed a serious off by 1 error. The cluster-in-use bitmap was overrun
by 1 u_int if the number of clusters was 1 more than a multiple of
(8 * sizeof(u_int)).  The bitmap is malloced and large (often huge), so
fatal overrun probably only occurred if the number of clusters was 1
more than 1 multiple of PAGE_SIZE/8.
2004-02-21 22:47:19 +00:00
phk
5551e292d8 Device megapatch 6/6:
This is what we came here for:  Hang dev_t's from their cdevsw,
refcount cdevsw and dev_t and generally keep track of things a lot
better than we used to:

Hold a cdevsw reference around all entrances into the device driver,
this will be necessary to safely determine when we can unload driver
code.

Hold a dev_t reference while the device is open.

KASSERT that we do not enter the driver on a non-referenced dev_t.

Remove old D_NAG code, anonymous dev_t's are not a problem now.

When destroy_dev() is called on a referenced dev_t, move it to
dead_cdevsw's list.  When the refcount drops, free it.

Check that cdevsw->d_version is correct.  If not, set all methods
to the dead_*() methods to prevent entrance into driver.  Print
warning on console to this effect.  The device driver may still
explode if it is also incompatible with newbus, but in that case
we probably didn't get this far in the first place.
2004-02-21 21:57:26 +00:00
phk
39fb4aef3d Device megapatch 5/6:
Remove the unused second argument from udev2dev().

Convert all remaining users of makedev() to use udev2dev().  The
semantic difference is that udev2dev() will only locate a pre-existing
dev_t, it will not line makedev() create a new one.

Apart from the tiny well controlled windown in D_PSEUDO drivers,
there should no longer be any "anonymous" dev_t's in the system
now, only dev_t's created with make_dev() and make_dev_alias()
2004-02-21 21:32:15 +00:00
phk
ad925439e0 Device megapatch 4/6:
Introduce d_version field in struct cdevsw, this must always be
initialized to D_VERSION.

Flip sense of D_NOGIANT flag to D_NEEDGIANT, this involves removing
four D_NOGIANT flags and adding 145 D_NEEDGIANT flags.
2004-02-21 21:10:55 +00:00
phk
df260dfa17 Report the correct length for symlink entries. 2004-02-19 19:09:52 +00:00
tjr
ab89ce797c Use size_t or ssize_t wherever appropriate instead of casting from int *
to size_t *, which is incorrect because they may have different widths.
This caused some subtle forms of corruption, the mostly frequently
reported one being that the last character of a filename was sometimes
duplicated on amd64.
2004-02-19 09:56:58 +00:00
trhodes
768a8affab Do not place dirmask in unnamed padding. Move it to the bottom of this
list where it should have been added originally.

Prodded by:	bde
2004-02-17 16:53:41 +00:00
tjr
e426f6c0bc If the "next free cluster" field of the FSInfo block is 0xFFFFFFFF,
it means that the correct value is unknown. Since this value is just
a hint to improve performance, initially assume that the first non-reserved
cluster is free, then correct this assumption if necessary before writing
the FSInfo block back to disk.

PR:		62826
MFC after:	2 weeks
2004-02-17 08:51:49 +00:00
phk
758f11d127 White-space align a struct definition.
Move a SYSINIT to the file where it belongs.
2004-02-15 21:43:08 +00:00
bde
4dca0a78ca Fixed some style bugs:
- don't unlock the vnode after vinvalbuf() only to have to relock it
  almost immediately.
- don't refer to devices classified by vn_isdisk() as block devices.
2004-02-14 04:41:13 +00:00
bde
c40486fc06 MFffs (ffs_vfsops.c 1.227: clean up open mode bandaid). This reduces
gratuitous differences with ffs a little.
2004-02-12 17:54:58 +00:00
nectar
a96542610a Fix a panic in pseudofs(9) that could occur when doing an I/O
operation with a large request or large offset.

Reported by:	Joel Ray Holveck <joelh@piquan.org>
Submitted by:	des
2004-02-10 21:06:47 +00:00
tjr
40b810244f Fixes problems that occurred when a file was removed and a directory
created with the same name, and vice versa:
- Immediately recycle vnodes of files & directories that have been deleted
or renamed.
- When looking an entry in the VFS name cache or smbfs's private
cache, make sure the vnode type is consistent with the type of file
the server thinks it is, and re-create the vnode if it isn't.

The alternative to this is to recycle vnodes unconditionally when their
use count drops to 0, but this would make all the caching we do
mostly useless.

PR:		62342
MFC after:	2 weeks
2004-02-10 05:53:02 +00:00
jhb
279b2b8278 Locking for the per-process resource limits structure.
- struct plimit includes a mutex to protect a reference count.  The plimit
  structure is treated similarly to struct ucred in that is is always copy
  on write, so having a reference to a structure is sufficient to read from
  it without needing a further lock.
- The proc lock protects the p_limit pointer and must be held while reading
  limits from a process to keep the limit structure from changing out from
  under you while reading from it.
- Various global limits that are ints are not protected by a lock since
  int writes are atomic on all the archs we support and thus a lock
  wouldn't buy us anything.
- All accesses to individual resource limits from a process are abstracted
  behind a simple lim_rlimit(), lim_max(), and lim_cur() API that return
  either an rlimit, or the current or max individual limit of the specified
  resource from a process.
- dosetrlimit() was renamed to kern_setrlimit() to match existing style of
  other similar syscall helper functions.
- The alpha OSF/1 compat layer no longer calls getrlimit() and setrlimit()
  (it didn't used the stackgap when it should have) but uses lim_rlimit()
  and kern_setrlimit() instead.
- The svr4 compat no longer uses the stackgap for resource limits calls,
  but uses lim_rlimit() and kern_setrlimit() instead.
- The ibcs2 compat no longer uses the stackgap for resource limits.  It
  also no longer uses the stackgap for accessing sysctl's for the
  ibcs2_sysconf() syscall but uses kernel_sysctl() instead.  As a result,
  ibcs2_sysconf() no longer needs Giant.
- The p_rlimit macro no longer exists.

Submitted by:	mtm (mostly, I only did a few cleanups and catchups)
Tested on:	i386
Compiled on:	alpha, amd64
2004-02-04 21:52:57 +00:00
cperciva
b9ee343f9e Fix style(9) of my previous commit.
Noticed by: nate
Approved by: nate, rwatson (mentor)
2004-01-21 18:03:54 +00:00
cperciva
f2970382f1 Allow devfs path rules to work on directories. Without this fix,
devfs rule add path fd unhide
is a no-op, while it should unhide the fd subdirectory.

Approved by: phk, rwatson (mentor)
PR: kern/60897
2004-01-21 16:43:29 +00:00
kan
1968ea331b Spell magic '16' number as IO_SEQSHIFT. 2004-01-19 20:03:43 +00:00
green
c684933315 Do not allow operations which cause known file-system corruption. 2004-01-16 22:55:25 +00:00
green
f5f86e003a Remove a warning. 2004-01-16 22:54:33 +00:00
green
b67f04e53c Fix an upper-vnode leak created in revision 1.52. When an upper-layer
file has been removed, it should be purged from the cache, but it need
not be removed from the directory stack causing corruption; instead,
it will simply be removed once the last references and holds on it
are dropped at the end of the unlink/rmdir system calls, and the
normal !UN_CACHED VOP_INACTIVE() handler for unionfs finishes it off.

This is easily reproduced by repeated "echo >file; rm file" on a
unionfs mount.  Strangely, "echo -n >file; rm file" didn't make
it happen.
2004-01-16 16:31:01 +00:00
tjr
17a33cbd75 Fix an inverted test for NOPEN in the unused function smb_smb_flush(). 2004-01-12 14:43:49 +00:00
truckman
5be717c021 Don't try to unlock the directory vnode in null_lookup() if the lock is
shared with the underlying file system and the lookup in the underlying
file system did the unlock for us.
2004-01-11 23:44:32 +00:00
tjr
c2134f4017 Restore closing of SMB find handle in smbfs_close(). 2004-01-10 03:45:30 +00:00
rwatson
b3dbc3d2f9 Lock p->p_textvp before calling vn_fullpath() on it. Note the
potential lock order concern due to the vnode lock held
simultaneously by the caller into procfs.

Reported by:	kuriyama
Approved by:	des
2004-01-07 17:58:51 +00:00
tjr
b872c27d4a In smbfs_inactive(), only invalidate the node's attribute cache if we
had to send a file close request to the server.
2004-01-04 00:57:22 +00:00
tjr
6bccc23255 Pass ACL, extended attribute and MAC vnode ops down the vnode stack. 2004-01-03 00:36:46 +00:00
phk
5b996ad186 Improve on POLA by populating DEVFS before doing devfs(8) rule ioctls.
PR:	60687
Spotted by:	Colin Percival <cperciva@daemonology.net>
2004-01-02 19:02:28 +00:00
bde
a3659bc228 Fixed some (most) style bugs in rev.1.33. Mainly 4-char indentation
(msdosfs uses normal 8-char indentation almost everywhere else),
too-long lines, and minor English usage errors.  The verbose formal
comment before the new function is still abnormal.
2003-12-29 11:59:05 +00:00
bde
783363bac1 Fixed some minor style bugs in rev.1.144. All related to msdosfs_advlock()
(mainly unsorting).  There were no changes related to the dirty flag
here.  The reference NetBSD implementation put msdosfs_advlock() in a
different place.  This commit only moves its declarations and changes
some of the function body to be like the NetBSD version.
2003-12-29 10:12:02 +00:00
bde
e56230b222 Fixed style bugs in rev.1.112. The bugs started with obscure magic
numbers in comments (Apple PR numbers?) and didn't improve.
2003-12-29 09:50:42 +00:00
bde
7d91626477 v_vxproc was a bogus name for a thread (pointer). 2003-12-28 09:12:56 +00:00
trhodes
7dde93f1df Make msdosfs support the dirty flag in FAT16 and FAT32.
Enable lockf support.

PR:		55861
Submitted by:	Jun Su <junsu@m-net.arbornet.org> (original version)
Reviewed by:	make universe
2003-12-26 17:19:19 +00:00
tjr
64493776c7 Make oldsize in smbfs_getattr() 64 bits wide instead of 32 to avoid
truncation when files are larger than 4GB.
2003-12-22 12:33:31 +00:00
tjr
7750c90c2f Avoid sign extension when casting signed characters to unsigned wide
characters in ntfs_u28(). This fixes the conversion of filenames containing
single-byte characters with the high bit set.
2003-12-16 01:52:54 +00:00
fjoe
ab0bce9d34 Make msdosfs long filenames matching case insensitive again.
PR:		59765
Submitted by:	Ryuichiro Imura <imura@ryu16.org>
2003-12-08 08:32:20 +00:00
des
ef7fbaac4f Constify, and add an API function to find a named node in a directory. 2003-12-07 17:41:19 +00:00
des
0864edfb36 Minor whitespace and style issues. 2003-12-07 17:40:00 +00:00
des
04b082fdc5 Remove useless SMP check code. 2003-12-07 17:37:44 +00:00
scottl
2b68e67c6d Re-arrange and consolidate some random debugging stuff 2003-12-07 05:04:49 +00:00
kan
23ba01be79 Fix vnode locking in fdesc_setattr. Lock vnode before invoking
VOP_SETATTR on it.

Approved by:	re@ (rwatson)
2003-11-19 04:14:42 +00:00
truckman
24b3a6d135 Use "fip->fi_readers == 0 && fip->fi_writers == 0" as the condition for
disposing fifo resources in fifo_cleanup() instead using of
"vp->v_usecount == 1".  There may be other references to the vnode, for
instance by nullfs, at the time fifo_open() or fifo_close() is called,
which could cause a resource leak.

Don't bother grabbing the vnode interlock in fifo_cleanup() since it no
longer accesses v_usecount.
2003-11-16 01:11:11 +00:00
das
6a3319096a - A sanity check in unionfs verifies that lookups of '.' return the
vnode of the parent.  However, this check should not be performed if
  the lookup failed.  This change should fix "union_lookup returning
  . not same as startdir" panics people were seeing.  The bug was
  introduced by an incomplete import of a NetBSD delta in rev 1.38.
- Move the aforementioned check out from DIAGNOSTIC.  Performance
  is the least of our unionfs worries.
- Minor reorganization.

PR:		53004
MFC after:	1 week
2003-11-14 08:23:13 +00:00
phk
6b409c68f0 Initialize b_iooffset correctly. 2003-11-13 09:58:09 +00:00
phk
c6eb0ef360 Don't mess around with spare fields of public structures. 2003-11-12 09:54:07 +00:00
phk
b24e482da1 Don't mess about with spare fields in public structures. 2003-11-12 09:52:10 +00:00
rwatson
77ed6e2d1c Modify the MAC Framework so that instead of embedding a (struct label)
in various kernel objects to represent security data, we embed a
(struct label *) pointer, which now references labels allocated using
a UMA zone (mac_label.c).  This allows the size and shape of struct
label to be varied without changing the size and shape of these kernel
objects, which become part of the frozen ABI with 5-STABLE.  This opens
the door for boot-time selection of the number of label slots, and hence
changes to the bound on the number of simultaneous labeled policies
at boot-time instead of compile-time.  This also makes it easier to
embed label references in new objects as required for locking/caching
with fine-grained network stack locking, such as inpcb structures.

This change also moves us further in the direction of hiding the
structure of kernel objects from MAC policy modules, not to mention
dramatically reducing the number of '&' symbols appearing in both the
MAC Framework and MAC policy modules, and improving readability.

While this results in minimal performance change with MAC enabled, it
will observably shrink the size of a number of critical kernel data
structures for the !MAC case, and should have a small (but measurable)
performance benefit (i.e., struct vnode, struct socket) do to memory
conservation and reduced cost of zeroing memory.

NOTE: Users of MAC must recompile their kernel and all MAC modules as a
result of this change.  Because this is an API change, third party
MAC modules will also need to be updated to make less use of the '&'
symbol.

Suggestions from:	bmilekic
Obtained from:		TrustedBSD Project
Sponsored by:		DARPA, Network Associates Laboratories
2003-11-12 03:14:31 +00:00
truckman
2305818240 If fifo_open() is interrupted, fifo_close() may not get called, causing
a resource leak.  Move the resource deallocation code from fifo_close()
to a new function, fifo_cleanup(), and call fifo_cleanup() from
fifo_close() and the appropriate places in fifo_open().

Tested by: 	Lukas Ertl
Pointy hat to:	truckman
2003-11-10 22:21:00 +00:00
tanimura
7eade05dfa - Implement selwakeuppri() which allows raising the priority of a
thread being waken up.  The thread waken up can run at a priority as
  high as after tsleep().

- Replace selwakeup()s with selwakeuppri()s and pass appropriate
  priorities.

- Add cv_broadcastpri() which raises the priority of the broadcast
  threads.  Used by selwakeuppri() if collision occurs.

Not objected in:	-arch, -current
2003-11-09 09:17:26 +00:00
scottl
aa058296bc Add hooks for translating directories entries using the iconv methods.
Submitted by: imura@ryu16.org
2003-11-05 06:56:08 +00:00
scottl
c7d964d2ce Add udf_UncompressUnicodeByte() for processing cs0 strings in a way that the
iconv mehtods can handle

Submitted by: imura@ryu16.org
2003-11-05 06:55:23 +00:00
kan
36d60f3bb7 Remove mntvnode_mtx and replace it with per-mountpoint mutex.
Introduce two new macros MNT_ILOCK(mp)/MNT_IUNLOCK(mp) to
operate on this mutex transparently.

Eventually new mutex will be protecting more fields in
struct mount, not only vnode list.

Discussed with: jeff
2003-11-05 04:30:08 +00:00
kan
618baf4714 Take care not to call vput if thread used in corresponding vget
wasn't curthread, i.e. when we receive a thread pointer to use
as a function argument. Use VOP_UNLOCK/vrele in these cases.

The only case there td != curthread known at the moment is
boot() calling sync with thread0 pointer.

This fixes the panic on shutdown people have reported.
2003-11-02 04:52:53 +00:00
kan
6f80626bbb Remove now unused variable. 2003-11-01 15:04:50 +00:00
kan
bc70c0727c Temporarily undo parts of the stuct mount locking commit by jeff.
It is unsafe to hold a mutex across vput/vrele calls.

This will be redone when a better locking strategy is agreed upon.

Discussed with: jeff
2003-11-01 05:51:54 +00:00
kan
3d10139f9f Do not bother walking mount point vnode list just to calculate
the number of vnodes. Use precomputed mp->mnt_nvnodelistsize
value instead.
2003-11-01 04:36:50 +00:00
phk
6b3ae2c6aa Remember to check the DE_WHITEOUT flag in the case where a cloned
device is hidden by a devfs(8) rule.

Spotted by:	 Adam Nowacki <ptnowak@bsk.vectranet.pl>
2003-10-20 15:08:10 +00:00
phk
c096f8aa94 When a driver successfully created a device on demand, we can directly
pick up the DEVFS inode number from the dev_t and find our directory
entry from that, we don't need to scan the directory to find it.

This also solves an issue with on-demand devices in subdirectories.

Submitted by:	cognet
2003-10-20 07:04:09 +00:00
mux
d16b904dfe Remove debug printf(). 2003-10-19 14:33:00 +00:00
phk
4b7ade98cd Initialize b_iooffset before calling strategy 2003-10-18 19:48:21 +00:00
phk
4c2cb3f397 DuH!
bp->b_iooffset (the spot on the disk), not bp->b_offset (the offset in
the file)
2003-10-18 14:10:28 +00:00
phk
4f15f97a05 Initialize b_offset before calling VOP_SPECSTRATEGY() 2003-10-18 11:08:33 +00:00
phk
7279dea9d5 Initialize b_offset before calling VOP_STRATEGY/VOP_SPECSTRATEGY.
Remove various comments of KASSERTS and comments about B_PHYS which
does not apply anymore.
2003-10-18 11:06:15 +00:00
phk
6b528c7911 Convert some if(bla) panic("foo") to KASSERTS to improve grep-ability. 2003-10-18 09:32:39 +00:00
phk
c7ba6f536a Introduce a new optional memberfunction for cdevsw, fdopen() which
passes the fdidx from VOP_OPEN down.

This is for all I know the final API for this functionality, but
the locking semantics for messing with the filedescriptor from
the device driver are not settled at this time.
2003-10-15 20:00:59 +00:00
bde
871953665f Include <sys/mutex.h>. Don't depend on namespace pollution in <sys/vnode.h>.
Fixed a nearby style bug.  The include of vcoda.h used angle brackets and
was not used.
2003-10-05 07:44:45 +00:00
jeff
f2649d6926 - Check the XLOCK prior to inspecting v_data. 2003-10-05 06:44:53 +00:00
jeff
9f28715adc - Check XLOCK prior to accessing v_data. 2003-10-05 06:43:30 +00:00
jeff
c38cbc3847 - Don't cache_purge() in cd9660_reclaim. vclean() does it for us so
this is redundant.
2003-10-05 02:45:36 +00:00
jeff
177916fba6 - Don't cache_purge() in *_reclaim routines. vclean() does it for us so
this is redundant.
2003-10-05 02:43:30 +00:00
alc
44ee8e2211 Synchronize access to a vm page's valid field using the containing
vm object's lock.
2003-10-04 23:37:38 +00:00
jeff
c95a875344 - Make proper use of the mntvnode_mtx. We do not need the loop label
because we do not drop the mntvnode_mtx.  If this code had ever executed
   and hit the loop condition it would have spun forever.
2003-10-04 13:16:54 +00:00
jeff
449c7a515c - Acquire the vnode interlock prior to droping the mntvnode_mtx. This does
not eliminate races where the vnode could be reclaimed and end up with
   a NULL v_data pointer but Giant is protecting us from that at the moment.
2003-10-04 12:52:37 +00:00
alc
ab85e7e065 Synchronize access to a page's valid field by using the lock from its
containing object.
2003-10-04 09:20:00 +00:00
jeff
849854f240 - Remove the backtrace() call from the *_vinvalbuf() functions. Thanks to a
stack trace supplied by phk, I now understand what's going on here.  The
   check for VI_XLOCK stops us from calling vinvalbuf once the vnode has been
   partially torn down in vclean().  It is not clear that this would cause
   a problem.  Document this in nfs_bio.c, which is where the other two
   filesystems copied this code from.
2003-10-04 08:51:50 +00:00
nectar
1857c0891b Introduce a uiomove_frombuf helper routine that handles computing and
validating the offset within a given memory buffer before handing the
real work off to uiomove(9).

Use uiomove_frombuf in procfs to correct several issues with
integer arithmetic that could result in underflows/overflows.  As a
side-effect, the code is significantly simplified.

Add additional sanity checks when computing a memory allocation size
in pfs_read.

Submitted by:	rwatson  (original uiomove_frombuf -- bugs are mine :-)
Reported by:	Joost Pol <joost@pine.nl>  (integer underflows/overflows)
2003-10-02 15:00:55 +00:00
rwatson
ff22b8b38f Add a new column to the procfs map to hold the name of the mapped
file for vnode mappings.  Note that this uses vn_fullpath() and may
be somewhat unreliable, although not too unreliable for shared
libraries.  For non-vnode mappings, just print "-" for the field.

Obtained from:	TrustedBSD Projects
Sponsored by:	DARPA, AFRL, Network Associates Laboratories
2003-09-29 20:53:19 +00:00
phk
53154ee13f forgot to remove static declaration of fdesc_poll() 2003-09-27 12:34:41 +00:00
phk
e6071cdd15 fdesc_poll() called seltrue() to do the default thing, this is pointlessly
wrong when we have a default in vop_nopoll() which does the right thing.
2003-09-27 12:24:42 +00:00
bde
a91f57834d Fixed some style bugs in previous commit. Mainly, forward-declare
struct msdosfsmount so that this file has the same prerequisites as
it used to.  The new prerequistite was a meta-style bug.  It required
many style bugs (unsorted includes ...) elsewhere.

Formatted prototypes in KNF.  Resisted urge to sort all the prototypes,
to minimise differences with NetBSD.  (NetBSD has reformatted the
prototypes but has not sorted them and  still uses __P(()).)
2003-09-27 01:18:27 +00:00
fjoe
571ef024e3 - Support for multibyte charsets in LIBICONV.
- CD9660_ICONV, NTFS_ICONV and MSDOSFS_ICONV kernel options
(with corresponding modules).
- kiconv(3) for loadable charset conversion tables support.

Submitted by:	Ryuichiro Imura <imura@ryu16.org>
2003-09-26 20:26:25 +00:00
tjr
00e44cc5a7 Allow the [, ], and = characters in non-8.3 filenames since they
are allowed by Windows (ref: MS KB article 120138).

XXX From my reading of the CIFS specification, it's not clear that
clients need to validate filenames at all.

PR:		57123
Submitted by:	Paul Coucher
MFC after:	1 month
2003-09-26 12:11:08 +00:00
jeff
4d0b3883a4 - Remove interlock protection around VI_XLOCK. The interlock is not
sufficient to guarantee that this race is not hit.  The XLOCK will likely
   have to be redesigned due to the way reference counting and mutexes work
   in FreeBSD.  We currently can not be guaranteed that xlock was not set
   and cleared while we were blocked on the interlock while waiting to check
   for XLOCK.  This would lead us to reference a vnode which was not the
   vnode we requested.
 - Add a backtrace() call inside of INVARIANTS in the hopes of finding out if
   this condition is ever hit.  It should not, since we should be retaining
   a reference to the vnode in these cases.  The reference would be sufficient
   to block recycling.
2003-09-19 23:37:49 +00:00
tjr
019aab9477 Move an overly verbose message under #ifdef CODA_VERBOSE. 2003-09-13 01:13:56 +00:00
tjr
b6905f75ee Move an annoying printf() call that gets triggered every time an
operation is interrupted (with ^C or ^Z) under CODA_VERBOSE.
2003-09-10 01:41:15 +00:00
tjr
ffc45a6f38 Add support for the Coda 6.x venus<->kernel interface. This extends
FIDs to be 128-bits wide and adds support for realms.

Add a new CODA_COMPAT_5 option, which requests support for the old
Coda 5.x interface instead of the new one.

Create a new coda5.ko module that supports the 5.x interface, and make
the existing coda.ko module use the new 6.x interface. These modules
cannot both be loaded at the same time.

Obtained from:	Jan Harkes & the coda-6.0.2 distribution,
		NetBSD (drochner) (CODA_COMPAT_5 option).
2003-09-07 07:43:10 +00:00
marcel
3a01d6b42e The valid field in struct vm_page can be of type unsigned long when
32K pages are selected. In spec_getpages() change the printf format
specifier and add an explicit cast so that we always print the field
as a long type.
2003-08-28 01:52:14 +00:00
alc
62095d6563 Use the requested page's object field instead of the vnode's. In some
cases, the vnode's object field is not initialized leading to a NULL
pointer dereference when the object is locked.

Tested by:	rwatson
2003-08-22 17:50:32 +00:00
des
fe9e1d3126 Add pfs_visible() checks to pfs_getattr() and pfs_getextattr(). This
also fixes pfs_access() since it relies on VOP_GETATTR() which will call
pfs_getattr().  This prevents jailed processes from discovering the
existence, start time and ownership of processes outside the jail.

PR:		kern/48156
2003-08-19 10:26:41 +00:00
jhb
ed04867a82 Spell the name of the lock right in addition to getting the type right.
Submitted by:	Kim Culhan <kimc@w8hd.org>
2003-08-18 19:23:01 +00:00
jhb
97d2d15dc7 The allproc lock is a sx lock, not a mutex, so fix the assertion. This
asserts that the sx lock is held, but does not specify if the lock is held
shared or exclusive, thus either type of lock satisfies the assertion.
2003-08-18 18:02:33 +00:00
des
6169ee96f2 Rework pfs_iterate() a bit to eliminate a bug related to process
directories.  Previously, pfs_iterate() would return -1 when it
reached the end of the process list while processing a process
directory node, even if the parent directory contained further nodes
(which is the case for the linprocfs root directory, where the process
directory node is actually first in the list).  With this patch,
pfs_iterate() will continue to traverse the parent directory's node
list after exhausting the process list (as was the intention all
along).  The code should hopefully be easier to read as well.

While I'm here, have pfs_iterate() assert that the allproc lock is
held.
2003-08-18 13:36:09 +00:00
phk
cdcca2ab04 Do not call VOP_BMAP() on our own vnodes.
It is particularly silly when all it does is a minor piece of math.
2003-08-17 23:00:30 +00:00
rwatson
941eda46ed Add p_candebug() check to access a process map file in procfs; limit
access to map information for processes that you wouldn't otherwise
have debug rights on.

Tested by:	bms
2003-08-14 15:26:44 +00:00
trhodes
0c5ae3a9aa Add a '-M mask' option so that users can have different
masks for files and directories.  This should make some
of the Midnight Commander users happy.

Remove an extra ')' in the manual page.

PR:		35699
Submitted by:	Eugene Grosbein <eugen@grosbein.pp.ru> (original version)
Tested by:	simon
2003-08-12 20:06:56 +00:00
jhb
37641f86f1 Consistently use the BSD u_int and u_short instead of the SYSV uint and
ushort.  In most of these files, there was a mixture of both styles and
this change just makes them self-consistent.

Requested by:	bde (kern_ktrace.c)
2003-08-07 15:04:27 +00:00
phk
c7517b9717 Don't drop giant around ->d_strategy(), too much code explodes. 2003-08-06 06:49:18 +00:00
phk
aa4433feb6 Only drop Giant around the drivers ->d_strategy() if the buffer is not
marked to prevent this.
2003-08-05 06:43:56 +00:00
phk
6221ef9078 Add a "int fd" argument to VOP_OPEN() which in the future will
contain the filedescriptor number on opens from userland.

The index is used rather than a "struct file *" since it conveys a bit
more information, which may be useful to in particular fdescfs and /dev/fd/*

For now pass -1 all over the place.
2003-07-26 07:32:23 +00:00
tjr
7abd31ac6d Revise and improve ntfs_subr.c 1.30: read only a single cluster at a time
in ntfs_writentvattr_plain and ntfs_readntvattr_plain, and purge the boot
block from the buffer cache if isn't exactly one cluster long. These two
changes work around the same buffer cache bug that ntfs_subr.c 1.30 tried
to, but in a different way. This may decrease throughput by reading smaller
amounts of data from the disk at a time, but may increase it by avoiding
bogus writes of clean buffers.
Problem (re)reported by Karel J. Bosschaart on -current.
2003-07-26 02:21:49 +00:00
peter
44b5ea3111 size_t != int. Make this compile on 64 bit platforms (eg: amd64).
Also, "u_short value; if (value > 0xffff)" can never be true.
2003-07-24 01:59:18 +00:00
trhodes
992424e04c If bread() returns a zero-length buffer, as can happen after a
failed write, return an error instead of looping forever.

PR:		37035
Submitted by:	das
2003-07-03 14:54:47 +00:00
tjr
8b83d54b5e XXX Copy workaround from UFS: open device for write access even if
the user requests a read-only mount. This is necessary because we
don't do the VOP_OPEN again if they upgrade a read-only mount to
read-write.

Fixes lockup when creating files on msdosfs mounts that have been
mounted read-only then upgraded to read-write. The exact cause of
the lockup is not known, but it is likely to be the kernel getting
stuck in an infinite loop trying to write dirty buffers to a device
without write permission.

Reported/tested by andreas, discussed with phk.
2003-06-29 03:05:59 +00:00
trhodes
df35e60f9f Fix a bug where a truncate operation involving truncate() or ftruncate() on
an MSDOSFS file system either failed, silently corrupted the file, or
sometimes corrupted the neighboring file.

PR:		53695
Submitted by:	Ariff Abdullah <skywizard@MyBSD.org.my> (original version)
MFC:		3 days
2003-06-27 15:46:38 +00:00
jmg
2a193b6cda change dev_t to struct cdev * to match ufs. This fixes fstat for cd9660
and msdosfs.

Reviewed by:	bde
2003-06-24 22:11:20 +00:00
phk
c81c59299b Add a f_vnode field to struct file.
Several of the subtypes have an associated vnode which is used for
stuff like the f*() functions.

By giving the vnode a speparate field, a number of checks for the specific
subtype can be replaced simply with a check for f_vnode != NULL, and
we can later free f_data up to subtype specific use.

At this point in time, f_data still points to the vnode, so any code I
might have overlooked will still work.
2003-06-22 08:41:43 +00:00
jmg
5580f80679 fix grammar in comment 2003-06-20 23:29:04 +00:00
tjr
3d49bbe5fe Merge from NetBSD src/sys/ntfs/ntfs_subr.c 1.5 & 1.30 (jdolecek):
- Avoid calling bread() with different sizes on the same blkno.
  Although the buffer cache is designed to handle differing size
  buffers, it erroneously tries to write the incorrectly-sized buffer
  buffer back to disk before reading the correctly-sized one, even
  when it's not dirty. This behaviour caused a panic for read-only
  NTFS mounts when INVARIANTS was enabled ("bundirty: buffer x still
  on queue y"), reported by NAKAJI Hiroyuki.
- Fix a bug in the code handling holes: a variable was incremented
  instead of decremented, which could cause an infinite loop.
2003-06-20 14:52:52 +00:00
alc
ec69a73039 Lock the vm object when freeing a vm page. 2003-06-19 17:56:12 +00:00
alc
12db87194b Lock the vm object when freeing a vm page. 2003-06-19 03:38:05 +00:00
alc
4ebb4520c2 Lock the vm object when freeing a vm page. 2003-06-19 03:08:10 +00:00
tjr
6d534d8e04 Send the close request to the SMB server in smbfs_inactive(), instead of
smbfs_close(). This fixes paging to and from mmap()'d regions of smbfs
files after the descriptor has been closed, and makes thttpd, GNU ld,
and perhaps more things work that depend on being able to do this.

PR:		48291
2003-06-17 12:58:02 +00:00
tjr
4d4c4aa564 Set f_mntfromname[] to "fdescfs" instead of "fdesc" for consistency
with other synthetic filesystems, which have f_mntfromname the same
as f_fstypename. Noticed by Sean Kelly on -current.
2003-06-17 09:00:15 +00:00
tjr
35c71928a0 MFp4: Fix two bugs causing possible deadlocks or panics, and one nit:
- Emulate lock draining (LK_DRAIN) in null_lock() to avoid deadlocks
  when the vnode is being recycled.
- Don't allow null_nodeget() to return a nullfs vnode from the wrong
  mount when multiple nullfs's are mounted. It's unclear why these checks
  were removed in null_subr.c 1.35, but they are definitely necessary.
  Without the checks, trying to unmount a nullfs mount will erroneously
  return EBUSY, and forcibly unmounting with -f will cause a panic.
- Bump LOG2_SIZEVNODE up to 8, since vnodes are >256 bytes now. The old
  value (7) didn't cause any problems, but made the hash algorithm
  suboptimal.

These changes fix nullfs enough that a parallel buildworld succeeds.

Submitted by:	tegge (partially; LK_DRAIN)
Tested by:	kris
2003-06-17 08:52:45 +00:00
truckman
78ee1563af Partially back out rev 1.87 by nuking fifo_inactive() and moving the
resource deallocation back to fifo_close().  This eliminates any
stale data that might be stuck in the socket buffers after all the
readers and writers have closed the fifo.

Tested by: Thorsten Schroeder <ths@katjusha.de>
2003-06-16 17:17:09 +00:00
phk
55d514176c In specfs::vop_specstratey(), assert that the vnode and buffer agree about
the device.
2003-06-15 20:31:04 +00:00
phk
ad04f29757 I have not had any reports of trouble for a long time, so remove the
gentle versions of the vop_strategy()/vop_specstrategy() mismatch methods
and use vop_panic() instead.
2003-06-15 19:49:14 +00:00
phk
6fcb2a2262 Take 2: Remove _both_ KASSERTS. 2003-06-15 19:16:34 +00:00
phk
0eac6a3d06 Duh! I misread my handwritte notes: We do _not_ want to asser that
vp == bp->b_vp in specfs, that was the entire point of VOP_SPECSTRATEGY().
2003-06-15 19:14:03 +00:00
phk
24cc9156fe Add the same KASSERT to all VOP_STRATEGY and VOP_SPECSTRATEGY implementations
to check that the buffer points to the correct vnode.
2003-06-15 18:53:00 +00:00
phk
9be0707ac8 Remove in toto coda_strategy which incorrectly implemented vop_panic(); 2003-06-15 18:45:15 +00:00
das
0ddc73e815 Fix some style problems, some of which are old, some new, and some
inherited from UFS.

Requested by:	bde, njl
2003-06-15 02:21:13 +00:00
davidxu
abb4420bbe Rename P_THREADED to P_SA. P_SA means a process is using scheduler
activations.
2003-06-15 00:31:24 +00:00
das
a2b7687523 If someone tries to mount a union filesystem with another unionfs as
the upper layer, fail gracefully instead of panicing.

MFC after:	3 days
2003-06-14 23:56:27 +00:00
das
9ae3e0241b Introduce malloc types M_UNDCACHE and M_UNPATH for important
unionfs-related data structures to aid in debugging memory leaks.
Use NULL and NULLVP instead of 0 as appropriate.

MFC after: 3 days
2003-06-14 23:48:20 +00:00
das
c07dc83d2b Factor out the process of freeing ``directory caches'', which unionfs
directory vnodes use to refer to their constituent vnodes, into
union_dircache_free().  Also s/union_dircache/union_dircache_get/ and
tweak the structure of union_dircache_r().

MFC after:	3 days
2003-06-14 23:27:29 +00:00
tjr
6b8ecd0152 Don't follow smbnode n_parent pointer when NREFPARENT flag is not set
in smb_fphelp(): the parent vnode may have already been recycled
since we don't hold a reference to it. Fixes a panic when rebooting
with mdconfig -t vnode devices referring to vnodes on a smbfs mount.
2003-06-14 15:24:54 +00:00
das
7b9c701694 Plug a serious memory leak. The -STABLE equivalent of this patch has
been tested extensively, but -CURRENT testing has been hampered by a
number of panics that also occur without the patch.  Since the
destabilizing changes between 4.X and 5.X are external to unionfs,
I believe this patch applies equally well to both.

Thanks to scrappy for assistance testing these and other changes.

MFC after:	4 days
2003-06-13 08:59:37 +00:00
truckman
6f638a7438 Clean up the fifo_open() implementation:
Restructure the error handling portion of the resource allocation
        code to eliminate duplicated code.

        Test for the O_NONBLOCK && fi_readers == 0 case before incrementing
        fi_writers and modifying the the socket flag to avoid having to
        undo these operations in this error case.

        Restructure and simplify the code that handles blocking opens.

There should be no change to functionality.
2003-06-13 06:58:11 +00:00
phk
fd139fd7d0 Initialize struct vfsops C99-sparsely.
Submitted by:   hmp
Reviewed by:	phk
2003-06-12 20:48:38 +00:00
obrien
a63f21d732 Use __FBSDID(). 2003-06-11 00:34:37 +00:00
obrien
f72cbcf207 Use __FBSDID(). 2003-06-10 21:29:12 +00:00
truckman
c2bcb3a19e Don't unlock the parent directory vnode twice if the ISDOTDOT flag
is set.
2003-06-01 09:16:26 +00:00
truckman
0c845cdfd3 Fix up locking problems in fifo_open() and fifo_close():
Sleep on the vnode interlock while waiting for another
	caller to increment fi_readers or fi_writers.  Hold the
	vnode interlock while incrementing fi_readers or fi_writers
	to prevent a wakeup from being missed.

	Only access fi_readers and fi_writers while holding the vnode
	lock.  Previously fifo_close() decremented their values without
	holding a lock.

	Move resource deallocation from fifo_close() to fifo_inactive(),
	which allows the VOP_CLOSE() call in the error return path in
	fifo_open() to be removed.  Fifo_open() was calling VOP_CLOSE()
	with the vnode lock held, in violation the current vnode locking
	API.  Also the way fifo_close() used vrefcnt() to decide whether
	to deallocate resources was bogus according to comments in the
	vrefcnt() implementation.

Reviewed by:	bde
2003-06-01 06:24:32 +00:00
phk
2048912526 Remove unused variable(s).
Found by:       FlexeLint
2003-05-31 20:29:34 +00:00
phk
bebda81688 emove unused variable(s).
Found by:       FlexeLint
2003-05-31 20:19:13 +00:00
phk
557d80921b Remove unused variable.
Found by:       FlexeLint
2003-05-31 19:34:52 +00:00
phk
2ebd6ca61c Use temporary variable to avoid double expansion of macro with side effects.
Found by:       FlexeLint
2003-05-31 18:46:45 +00:00
phk
ed8b540a0c Remove unused variable.
Found by:       FlexeLint
2003-05-31 18:45:32 +00:00
rwatson
f0516000a7 Clean up proc locking in procfs: make sure the proc lock is held before
entering sys_process.c debugging primitives, or we violate assertions.
Also, be more careful about releasing the process lock around calls
to uiomove() which may sleep waiting for paging machinations or
related notions.  We may want to defer the uiomove() in at least
one case, but jhb will look into that at a later date.

Reported by:	Philippe Charnier <charnier@xp11.frmug.org>
Reviewed by:	jhb
2003-05-05 15:12:51 +00:00
scottl
6308131b25 Eliminate the separate malloc type for the sparing table. 2003-05-04 07:41:07 +00:00
scottl
a8f90ab7cb Add a missing __inline. Strange that gcc never complained about it.
Implement udf_readlblks() in terms of RDSECTOR.
2003-05-04 07:40:29 +00:00
scottl
8ab5276136 Correctly calculate the size of the extent that should be read in
udf_readatoffset().  This should fixe problems with reading udf filesystems
created with mkisofs.
2003-05-04 07:39:11 +00:00
scottl
35f9e645cf Implement the node cache as a hash table. 2003-05-04 03:40:11 +00:00
des
8ed712ead1 Instead of recording the Unix time in a process when it starts, record the
uptime.  Where necessary, convert it back to Unix time by adding boottime
to it.  This fixes a potential problem in the accounting code, which would
compute the elapsed time incorrectly if the Unix time was stepped during
the lifetime of the process.
2003-05-01 16:59:23 +00:00
kan
9468fdaf14 Deprecate machine/limits.h in favor of new sys/limits.h.
Change all in-tree consumers to include <sys/limits.h>

Discussed on:	standards@
Partially submitted by: Craig Rodrigues <rodrigc@attbi.com>
2003-04-29 13:36:06 +00:00
jhb
58bf1340a6 Fail to mount a device if the bytes per sector in the BPB is less than
DEV_BSIZE or if the number of FAT sectors is zero.
2003-04-24 18:19:19 +00:00
jhb
82ad2123a7 - Always call faultin() in _PHOLD() if PS_INMEM is clear. This closes a
race where a thread could assume that a process was swapped in by
  PHOLD() when it actually wasn't fully swapped in yet.
- In faultin(), always msleep() if PS_SWAPPINGIN is set instead of doing
  this check after bumping p_lock in the PS_INMEM == 0 case.  Also,
  sched_lock is only needed for setting and clearning swapping PS_*
  flags and the swap thread inhibitor.
- Don't set and clear the thread swap inhibitor in the same loops as the
  pmap_swapin/out_thread() since we have to do it under sched_lock.
  Instead, mimic the treatment of the PS_INMEM flag and use separate loops
  to set the inhibitors when clearing PS_INMEM and clear the inhibitors
  when setting PS_INMEM.
- swapout() now returns with the proc lock held as it holds the lock
  while adjusting the swapping-related PS_* flags so that the proc lock
  can be used to test those flags.
- Only use the proc lock to check the swapping-related PS_* flags in
  several places.
- faultin() no longer requires sched_lock to be held by callers.
- Rename PS_SWAPPING to PS_SWAPPINGOUT to be less ambiguous now that we
  have PS_SWAPPINGIN.
2003-04-22 20:00:26 +00:00
jhb
5ca5fe3105 - Use a local variable to close a minor race when determining if the wmesg
printed out needs a prefix such as when a thread is blocked on a lock.
- Use another local variable to close another race for the td_wmesg and
  td_wchan members of struct thread.
2003-04-17 22:16:58 +00:00
jhb
92bdce0b61 Protect p_flag with the proc lock. The sched_lock is not needed to turn
off P_STOPPED_SIG in p_flag.
2003-04-17 22:14:30 +00:00
jhb
d4a3f193d0 - P_SHOULDSTOP just needs proc lock now, so don't acquire sched_lock unless
it is needed.
- Add a proc lock assertion.
2003-04-17 22:13:46 +00:00
jhb
9d63461efb Add a proc lock assertion and move another assertion up to the top of the
function.
2003-04-17 22:12:12 +00:00
imp
3fa3337492 It appears that msdosfs_init() is called multiple times. This happens
on my system where I preload msdosfs and have it in my kernel.
There's likely another bug that's causing msdosfs_init() to be called
multiple times, but this makes that harmless.
2003-04-10 00:13:12 +00:00
jeff
b6f2f0c90a - smb_td_intr takes a thread as an argument not a proc. 2003-04-01 09:24:12 +00:00
jeff
a0a1f8446c - smb_proc_intr is now spelled smb_td_intr.
Noticed by:	phk
Pointy hat to:	jeffr
2003-04-01 09:23:24 +00:00
tjr
5c91df4e54 Specify the M_WAITOK flag explicitly in the MALLOC call to silence a
runtime warning ("Bad malloc flags: 0").
2003-04-01 02:47:09 +00:00
tjr
3bc3a08256 Give the M_WAITOK flag explicitly to the MALLOC call to silence a runtime
warning ("Bad malloc flags: 0").
2003-04-01 02:42:02 +00:00
jeff
46e6ba39f1 - Move p->p_sigmask to td->td_sigmask. Signal masks will be per thread with
a follow on commit to kern_sig.c
 - signotify() now operates on a thread since unmasked pending signals are
   stored in the thread.
 - PS_NEEDSIGCHK moves to TDF_NEEDSIGCHK.
2003-03-31 22:49:17 +00:00
tjr
b32dc762c0 Deregister the dev_clone event handler we registered - don't touch the
handlers installed by other devices.
2003-03-27 12:47:53 +00:00
jhb
98a481610a Replace the at_fork, at_exec, and at_exit functions with the slightly more
flexible process_fork, process_exec, and process_exit eventhandlers.  This
reduces code duplication and also means that I don't have to go duplicate
the eventhandler locking three more times for each of at_fork, at_exec, and
at_exit.

Reviewed by:	phk, jake, almost complete silence on arch@
2003-03-24 21:15:35 +00:00
bde
3933bc0c41 Better fix for the problem addressed by rev.1.79: don't loop in
fifo_open() waiting for another reader or writer if one arrived and
departed while we were waiting (or a little earlier).

Rev.1.79 broke blocking opens of fifos by making them time out after 1
second.  This was bad for at least apsfilter.

Tested by:	"Simon 'corecode' Schubert" <corecode@corecode.ath.cx>,
		Alexander Leidinger <Alexander@leidinger.net>,
		phk
MFC after:	4 weeks
2003-03-24 11:03:42 +00:00
tjr
c7f6ce0200 Make udf_allocv() return an unlocked vnode instead of a locked one
to avoid a "locking against myself" panic when udf_hashins() tries
to lock it again. Lock the vnode in udf_hashins() before adding it to
the hash bucket.
2003-03-16 11:19:54 +00:00
jeff
459181e3ed - Add a lock for protecting against msleep(bp, ...) wakeup(bp) races.
- Create a new function bdone() which sets B_DONE and calls wakup(bp). This
   is suitable for use as b_iodone for buf consumers who are not going
   through the buf cache.
 - Create a new function bwait() which waits for the buf to be done at a set
   priority and with a specific wmesg.
 - Replace several cases where the above functionality was implemented
   without locking with the new functions.
2003-03-13 07:31:45 +00:00
kan
378cd3b05d Rename vfs_stdsync function to vfs_stdnosync which matches more
closely what function is really doing. Update all existing consumers
to use the new name.

Introduce a new vfs_stdsync function, which iterates over mount
point's vnodes and call FSYNC on each one of them in turn.

Make nwfs and smbfs use this new function instead of rolling their
own identical sync implementations.

Reviewed by:	jeff
2003-03-11 22:15:10 +00:00
tjr
97181668db Set f_fstypename in coda_nb_statfs(). 2003-03-07 09:18:15 +00:00
tjr
82ed5e94ee Add a temporary workaround for a deadlock in Coda venus 5.3.19 that
occurs when mounting the filesystem. The problem is that venus issues
the mount() syscall, which calls vfs_mount(), which calls coda_root()
which attempts to communicate with venus.
2003-03-06 10:48:03 +00:00
tjr
96122ae0b7 Remove fragments of support for the FreeBSD 3.x and 4.x branches. 2003-03-06 10:38:18 +00:00
tjr
0f6cf6df5b VOP_PATHCONF returns a register_t, not an int. Noticed by phk. 2003-03-05 22:30:02 +00:00
tjr
ca36cee9d8 Add prototype for coda_pathconf() that I missed in the previous commit. 2003-03-05 13:48:51 +00:00
tjr
d259328b0f Add a minimal implementation of VOP_PATHCONF to silence warning
messages from ls(1).
2003-03-05 10:23:51 +00:00
tjr
2f065a9318 Handle the case where a_uio->uio_td == NULL properly in coda_readlink().
This happens when called from lookup().
2003-03-05 09:52:04 +00:00
jeff
4de0ae322c - Add a new 'flags' parameter to getblk().
- Define one flag GB_LOCK_NOWAIT that tells getblk() to pass the LK_NOWAIT
   flag to the initial BUF_LOCK().  This will eventually be used in cases
   were we want to use a buffer only if it is not currently in use.
 - Convert all consumers of the getblk() api to use this extra parameter.

Reviwed by:	arch
Not objected to by:	mckusick
2003-03-04 00:04:44 +00:00
njl
5a225ad933 Finish cleanup of vprint() which was begun with changing v_tag to a string.
Remove extraneous uses of vop_null, instead defering to the default op.
Rename vnode type "vfs" to the more descriptive "syncer".
Fix formatting for various filesystems that use vop_print.
2003-03-03 19:15:40 +00:00
phk
b67232b68c Make nokqfilter() return the correct return value.
Ditch the D_KQFILTER flag which was used to prevent calling NULL pointers.
2003-03-03 16:24:47 +00:00
phk
0ae911eb0e Gigacommit to improve device-driver source compatibility between
branches:

Initialize struct cdevsw using C99 sparse initializtion and remove
all initializations to default values.

This patch is automatically generated and has been tested by compiling
LINT with all the fields in struct cdevsw in reverse order on alpha,
sparc64 and i386.

Approved by:    re(scottl)
2003-03-03 12:15:54 +00:00
des
aae392dae2 Get rid of caddr_t. 2003-03-02 22:23:45 +00:00
des
2756b6c964 More low-hanging fruit: kill caddr_t in calls to wakeup(9) / [mt]sleep(9). 2003-03-02 16:54:40 +00:00
des
7b016a11e6 Clean up whitespace, s/register //, refrain from strong urge to ANSIfy. 2003-03-02 15:56:49 +00:00
des
765ebc59b4 uiomove-related caddr_t -> void * (just the low-hanging fruit) 2003-03-02 15:50:23 +00:00
des
12921dbf82 wakeup(9) and msleep(9) take void * arguments, not caddr_t. 2003-03-02 15:13:06 +00:00
phk
4ad4dab84a NODEVFS cleanup:
Replace devfs_{create,destroy} hooks with direct function calls.
2003-03-02 13:35:30 +00:00
tjr
3ba9ae5707 Copy some VM changes from smbfs_putpages() to nwfs_putpages(): lock
page queues, use vm_page_undirty().
2003-02-27 11:35:22 +00:00
tjr
8e7930f85b Fix vnode corruption bug when trying to rename files across filesystems.
Similar to the bug fixed in smbfs_vnops.c rev 1.33.
2003-02-27 08:26:17 +00:00
tjr
6678adc1b5 Sync nwfs_access() with smbfs_access(): use vaccess() instead of checking
permissions ourself, fixes problem with VAPPEND.
2003-02-27 07:46:01 +00:00
tjr
57c00309f9 Catch up with recent netncp changes: ncp_chkintr() takes a thread, not
a proc, as its second argument.
2003-02-27 06:49:46 +00:00
julian
3fc9836d46 Change the process flags P_KSES to be P_THREADED.
This is just a cosmetic change but I've been meaning to do it for about a year.
2003-02-27 02:05:19 +00:00
phk
fb3bbc64b1 msg 2003-02-26 21:01:26 +00:00
tjr
ddfb65b48a Do not call smbfs_attr_cacheremove() in the EXDEV case in smbfs_rename().
One of the vnodes is on different mount and is possibly on a different
kind of filesystem; treating it as an smbfs vnode then writing to it
will probably corrupt it.

PR:		48381
MFC after:	1 month
2003-02-19 11:54:35 +00:00
imp
cf874b345d Back out M_* changes, per decision of the TRB.
Approved by: trb
2003-02-19 05:47:46 +00:00
phk
ab4aed671a Use the SI_CANDELETE flag on the dev_t rather than the D_CANFREE flag
on the cdevsw to determine ability to handle the BIO_DELETE request.
2003-02-11 12:49:58 +00:00
jeff
87e306ad71 - Cleanup unlocked accesses to buf flags by introducing a new b_vflag member
that is protected by the vnode lock.
 - Move B_SCANNED into b_vflags and call it BV_SCANNED.
 - Create a vop_stdfsync() modeled after spec's sync.
 - Replace spec_fsync, msdos_fsync, and hpfs_fsync with the stdfsync and some
   fs specific processing.  This gives all of these filesystems proper
   behavior wrt MNT_WAIT/NOWAIT and the use of the B_SCANNED flag.
 - Annotate the locking in buf.h
2003-02-09 11:28:35 +00:00
tjr
22a31ae0e6 Revert removal of vnode and VFS stubs; bp asserts that they are needed. 2003-02-08 05:48:04 +00:00
tjr
aad36936f1 Garbage-collect stub VFS ops, use the defaults instead. 2003-02-07 14:34:29 +00:00
tjr
58993bafc3 Garbage-collect stub vnode ops, use the defaults instead. 2003-02-07 14:33:10 +00:00
tjr
f1e2506f98 Add missing permission checks to the smbfs VOP_SETATTR vnode op for the
case where the caller requests to change access or modification times.

MFC after:	3 days
2003-02-04 08:30:53 +00:00
phk
3692879cc8 Split the global timezone structure into two integer fields to
prevent the compiler from optimizing assignments into byte-copy
operations which might make access to the individual fields non-atomic.

Use the individual fields throughout, and don't bother locking them with
Giant: it is no longer needed.

Inspired by:    tjr
2003-02-03 19:49:35 +00:00
tjr
60ef21c151 Use vaccess() instead of rolling our own access checks. This fixes a bug
where requests to open a file in append mode were always denied, and
will also be useful when capabilities and auditing are implemented.
2003-02-03 09:04:34 +00:00
phk
98a90e953d NODEVFS cleanup: remove #ifdefs. 2003-01-29 22:36:45 +00:00
tjr
c3d51c2ad4 Escape the backslash in badchars so that smbfs_pathcheck() correctly
rejects pathnames with backslashes in them (and to avoid a syntax error).

Found by:	FlexeLint
2003-01-29 13:41:52 +00:00
tjr
7c38f578b5 Do not allow a cached vnode to be shared among multiple mounts of the same
kind of pseudofs-based filesystem. Fixes (at least) one problem where
when procfs is mounted mupltiple times, trying to unmount one will often
cause the wrong one to get unmounted, and other problem where mounting
one procfs on top of another caused the kernel to lock up.

Reviewed by:		des
2003-01-28 09:21:42 +00:00
alfred
bf8e8a6e8f Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0.
Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
2003-01-21 08:56:16 +00:00
rwatson
38a289515c GC an unused reference to vop_refreshlabel_desc; reference to
opt_mac.h was removed previously so it was never compiled in.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-01-21 04:05:37 +00:00
phk
24596ddb76 Originally when DEVFS was added, a global variable "devfs_present"
was used to control code which were conditional on DEVFS' precense
since this avoided the need for large-scale source pollution with
#include "opt_geom.h"

Now that we approach making DEVFS standard, replace these tests
with an #ifdef to facilitate mechanical removal once DEVFS becomes
non-optional.

No functional change by this commit.
2003-01-19 11:03:07 +00:00
tjr
3139065797 Fake up a struct componentname to pass to VOP_WHITEOUT instead of passing
NULL. union_whiteout() expects the componentname argument to be non-NULL.
Fixes a NULL dereference panic when an existing union mount becomes the
upper layer of a new union mount.
2003-01-18 01:01:20 +00:00
phk
7558240f56 Even if the permissions deny it, a process should be allowed to
access its controlling terminal.

In essense, history dictates that any process is allowed to open
/dev/tty for RW, irrespective of credential, because by definition
it is it's own controlling terminal.

Before DEVFS we relied on a hacky half-device thing (kern/tty_tty.c)
which did the magic deep down at device level, which at best was
disgusting from an architectural point of view.

My first shot at this was to use the cloning mechanism to simply
give people the right tty when they ask for /dev/tty, that's why
you get this, slightly counter intuitive result:

        syv# ls -l /dev/tty `tty`
        crw--w----  1 u1  tty    5,   0 Jan 13 22:14 /dev/tty
        crw--w----  1 u1  tty    5,   0 Jan 13 22:14 /dev/ttyp0

Trouble is, when user u1 su(1)'s to user u2, he cannot open
/dev/ttyp0 anymore because he doesn't have permission to do so.

The above fix allows him to do that.

The interesting side effect is that one was previously only able
to access the controlling tty by indirection:
        date > /dev/tty
but not by name:
        date > `tty`

This is now possible, and that feels a lot more like DTRT.

PR:             46635
MFC candidate:  could be.
2003-01-13 22:20:36 +00:00
dillon
ccd5574cc6 Bow to the whining masses and change a union back into void *. Retain
removal of unnecessary casts and throw in some minor cleanups to see if
anyone complains, just for the hell of it.
2003-01-13 00:33:17 +00:00
dillon
ddf9ef103e Change struct file f_data to un_data, a union of the correct struct
pointer types, and remove a huge number of casts from code using it.

Change struct xfile xf_data to xun_data (ABI is still compatible).

If we need to add a #define for f_data and xf_data we can, but I don't
think it will be necessary.  There are no operational changes in this
commit.
2003-01-12 01:37:13 +00:00
dd
7c8a733a05 Add symlink support to devfs_rule_matchpath(). This allows the user
to unhide symlinks as well as hide them.
2003-01-11 02:36:20 +00:00
phk
06eb9ef336 Don't override the vop_lock, vop_unlock and vop_isunlocked methods.
Previously all filesystems which relied on specfs to do devices
would have private overrides for vop_std*, so the vop_no* overrides
here had no effect.  I overlooked the transitive nature of the vop
vectors when I removed the vop_std* in those filesystems.

Removing the override here restores device node locking to it's
previous modus operandi.

Spotted by:	bde
2003-01-05 19:14:44 +00:00
phk
dc4b3da26a Don't take the detour over VOP_STRATEGY from spec_getpages, call our
own strategy directly.
2003-01-05 10:03:57 +00:00
phk
759be6dc01 Split out the vnode and buf arguments to the internal strategy worker
routine instead of doing evil casts.
2003-01-05 09:55:26 +00:00
tjr
41e4abf4cc Repair vnode locking in portal_lookup(). Specifically, lock the file
vnode, and unlock the parent directory vnode if LOCKPARENT is not set.

Obtained from:	NetBSD (rev. 1.34)
2003-01-05 00:46:01 +00:00
phk
131885aa2f Temporarily introduce a new VOP_SPECSTRATEGY operation while I try
to sort out disk-io from file-io in the vm/buffer/filesystem space.

The intent is to sort VOP_STRATEGY calls into those which operate
on "real" vnodes and those which operate on VCHR vnodes.  For
the latter kind, the call will be changed to VOP_SPECSTRATEGY,
possibly conditionally for those places where dual-use happens.

Add a default VOP_SPECSTRATEGY method which will call the normal
VOP_STRATEGY.  First time it is called it will print debugging
information.  This will only happen if a normal vnode is passed
to VOP_SPECSTRATEGY by mistake.

Add a real VOP_SPECSTRATEGY in specfs, which does what VOP_STRATEGY
does on a VCHR vnode today.

Add a new VOP_STRATEGY method in specfs to catch instances where
the conversion to VOP_SPECSTRATEGY has not yet happened.  Handle
the request just like we always did, but first time called print
debugging information.

Apart up to two instances of console messages per boot, this amounts
to a glorified no-op commit.

If you get any of the messages on your console I would very much
like a copy of them mailed to phk@freebsd.org
2003-01-04 22:10:36 +00:00
phk
1be94e2477 resort vnode ops list 2003-01-04 20:32:03 +00:00
phk
d15bf2fa1d Replace spec_bmap() with vop_panic: We should never BMAP a device backed
vnode only filesystem backed vnodes.
2003-01-04 11:29:44 +00:00
phk
157437ec08 Since Jeffr made the std* functions the default in rev 1.63 of
kern/vfs_defaults.c it is wrong for the individual filesystems to use
the std* functions as that prevents override of the default.

Found by:       src/tools/tools/vop_table
2003-01-04 08:47:19 +00:00
phk
daf6948653 Convert calls to BUF_STRATEGY to VOP_STRATEGY calls. This is a no-op since
all BUF_STRATEGY did in the first place was call VOP_STRATEGY.
2003-01-03 06:32:15 +00:00
phk
00ede7aab1 Remove unused second argument from DEV_STRATEGY(). 2003-01-03 05:57:35 +00:00
schweikh
86f7487fb6 Fix typos, mostly s/ an / a / where appropriate and a few s/an/and/
Add FreeBSD Id tag where missing.
2002-12-30 21:18:15 +00:00
phk
816919ad39 There is some sort of race/deadlock which I have not identified
here.  It manifests itself by sendmail hanging in "fifoow" during
boot on a diskless machine with sendmail disabled.

Giving the sleep a 1sec timout breaks the deadlock, but does not solve
the underlying problem.

XXX comment applied.
2002-12-29 10:32:16 +00:00
dillon
fd92c8a195 Abstract-out the constants for the sequential heuristic.
No operational changes.

MFC after:	1 day
2002-12-28 20:37:50 +00:00
rwatson
b6609bcea8 Trim left-over and unused vop_refreshlabel() bits from devfs.
Reported by:	bde
2002-12-28 05:39:25 +00:00
tjr
fdf35b6cdb Remove redundant check for negative or zero v_usecount; vrele() already
checks that.
2002-12-15 04:32:41 +00:00
tjr
ade731b9ae Keep trying to flush the vnode list for the mount while some are still
busy and we are making progress towards making them not busy. This is
needed because smbfs vnodes reference their parent directory but may
appear after their parent in the mount's vnode list; one pass over the
list is not sufficient in this case.

This stops attempts to unmount idle smbfs mounts failing with EBUSY.
2002-12-13 23:44:00 +00:00
tjr
81e4753c41 Fix build with SMB_VNODE_DEBUG defined; use td_proc->p_pid instead of
the nonexistent td_pid.
2002-12-13 10:25:08 +00:00
tjr
99f5994bb4 Store a reference to the parent directory's vnode in struct smbnode,
not to the parent's smbnode, which may be freed during the lifetime
of the child if the mount is forcibly unmounted. umount -f should now
work properly (ie. not panic) on smbfs mounts.
2002-12-13 10:15:01 +00:00
rwatson
c5caffe9c4 Remove dm_root entry from struct devfs_mount. It's never set, and is
unused.  Replace it with a dm_mount back-pointer to the struct mount
that the devfs_mount is associated with.  Export that pointer to MAC
Framework entry points, where all current policies don't use the
pointer.  This permits the SEBSD port of SELinux's FLASK/TE to compile
out-of-the-box on 5.0-CURRENT with full file system labeling support.

Approved by:	re (murray)
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-12-09 03:44:28 +00:00
alfred
533541c47b Fix instances of macros with improperly parenthasized arguments.
Verified by: md5
2002-11-09 12:55:07 +00:00
jhb
27637bef6c Cast a pointer to a uintptr_t to quiet a warning. 2002-11-07 22:35:45 +00:00
jhb
1ca1a3af68 Third argument to copyinstr() is a pointer to a size_t, not a pointer to a
u_int.
2002-11-07 22:33:28 +00:00
mckusick
60cacd7086 Add debug.doslowdown to enable/disable niced slowdown on I/O. Default
to off until locking interference issues get sorted out.

Sponsored by:   DARPA & NAI Labs.
2002-11-04 07:29:20 +00:00
peter
c56ef69f56 Unbreak MNT_UPDATE when running with cd as root. Detect mountroot by
checking for "path == NULL" (like ffs) rather than MNT_ROOT.  Otherwise
when you try and do an update or mountd does an NFS export, the remount
fails because the code tries to mount a fresh rootfs and gets an EBUSY.
The same bug is in 4.x (which is where I found it).

Sanity check by: mux
2002-11-02 20:16:55 +00:00
phk
85539f2f6c Put a KASSERT in specfs::strategy() to check that the incoming buffer
has a valid b_iocmd.  Valid is any one of BIO_{READ,WRITE,DELETE}.

I have seen at least one case where the bio_cmd field was zero once the
request made it into GEOM.  Putting the KASSERT here allows us to spot
the culprit in the backtrace.
2002-11-01 15:32:12 +00:00
semenu
8f7162cbd9 Fix winChkName() to match when the last slot contains nothing but the
terminating zero (it was treated as length missmatch). The mtools create
such slots if the name len is the product of 13 (max number of unicode
chars fitting in directory slot).

MFC after:	1 week
2002-10-29 01:03:44 +00:00
mux
81cc70c469 In VOP_LOOKUP, don't deny DELETE and RENAME operations
when ISLASTCN is not set.  The actual file which is being
looked up may live in a different filesystem.
2002-10-26 18:16:19 +00:00
rwatson
312cab0dee Slightly change the semantics of vnode labels for MAC: rather than
"refreshing" the label on the vnode before use, just get the label
right from inception.  For single-label file systems, set the label
in the generic VFS getnewvnode() code; for multi-label file systems,
leave the labeling up to the file system.  With UFS1/2, this means
reading the extended attribute during vfs_vget() as the inode is
pulled off disk, rather than hitting the extended attributes
frequently during operations later, improving performance.  This
also corrects sematics for shared vnode locks, which were not
previously present in the system.  This chances the cache
coherrency properties WRT out-of-band access to label data, but in
an acceptable form.  With UFS1, there is a small race condition
during automatic extended attribute start -- this is not present
with UFS2, and occurs because EAs aren't available at vnode
inception.  We'll introduce a work around for this shortly.

Approved by:	re
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-26 14:38:24 +00:00
mckusick
6b1611bd94 Within ufs, the ffs_sync and ffs_fsync functions did not always
check for and/or report I/O errors. The result is that a VFS_SYNC
or VOP_FSYNC called with MNT_WAIT could loop infinitely on ufs in
the presence of a hard error writing a disk sector or in a filesystem
full condition. This patch ensures that I/O errors will always be
checked and returned.  This patch also ensures that every call to
VFS_SYNC or VOP_FSYNC with MNT_WAIT set checks for and takes
appropriate action when an error is returned.

Sponsored by:   DARPA & NAI Labs.
2002-10-25 00:20:37 +00:00
mckusick
305e5868f3 This checkin reimplements the io-request priority hack in a way
that works in the new threaded kernel. It was commented out of
the disksort routine earlier this year for the reasons given in
kern/subr_disklabel.c (which is where this code used to reside
before it moved to kern/subr_disk.c):

----------------------------
revision 1.65
date: 2002/04/22 06:53:20;  author: phk;  state: Exp;  lines: +5 -0
Comment out Kirks io-request priority hack until we can do this in a
civilized way which doesn't cause grief.

The problem is that it is not generally safe to cast a "struct bio
*" to a "struct buf *".  Things like ccd, vinum, ata-raid and GEOM
constructs bio's which are not entrails of a struct buf.

Also, curthread may or may not have anything to do with the I/O request
at hand.

The correct solution can either be to tag struct bio's with a
priority derived from the requesting threads nice and have disksort
act on this field, this wouldn't address the "silly-seek syndrome"
where two equal processes bang the diskheads from one edge to the
other of the disk repeatedly.

Alternatively, and probably better: a sleep should be introduced
either at the time the I/O is requested or at the time it is completed
where we can be sure to sleep in the right thread.

The sleep also needs to be in constant timeunits, 1/hz can be practicaly
any sub-second size, at high HZ the current code practically doesn't
do anything.
----------------------------

As suggested in this comment, it is no longer located in the disk sort
routine, but rather now resides in spec_strategy where the disk operations
are being queued by the thread that is associated with the process that
is really requesting the I/O. At that point, the disk queues are not
visible, so the I/O for positively niced processes is always slowed
down whether or not there is other activity on the disk.

On the issue of scaling HZ, I believe that the current scheme is
better than using a fixed quantum of time. As machines and I/O
subsystems get faster, the resolution on the clock also rises.
So, ten years from now we will be slowing things down for shorter
periods of time, but the proportional effect on the system will
be about the same as it is today. So, I view this as a feature
rather than a drawback. Hence this patch sticks with using HZ.

Sponsored by:	DARPA & NAI Labs.
Reviewed by:	Poul-Henning Kamp <phk@critter.freebsd.dk>
2002-10-22 00:59:49 +00:00
jhb
0fd9c5367a Grrr, s/PBP/BPB/ here as well.
Noticed by:	peter
2002-10-21 20:52:51 +00:00
jhb
6dc6d20297 Spell the BPB member of the 7.10 bootsector as bsBPB rather than bsPBP to
be like all the other bootsectors.  Apple has done the same it seems.
2002-10-21 19:00:50 +00:00
rwatson
58072098f1 Missed a case of _POSIX_MAC_PRESENT -> _PC_MAC_PRESENT rename.
Pointed out by:	phk
2002-10-20 22:50:43 +00:00
phk
51e0dc5ceb '&' not used for pointers to functions.
Spotted by:	FlexeLint
2002-10-20 21:31:16 +00:00