Commit Graph

1398 Commits

Author SHA1 Message Date
tjr
a3493bb58a Fix comment containing vop_readdir_args contents: a_cookies is really
u_long ** not u_long *.
2004-02-23 01:43:00 +00:00
tjr
aeed6d0ca3 cookies is an array of u_long, not u_int, so MALLOC() it accordingly.
Allocating it with the wrong size could have caused corruption on
64-bit architectures.
2004-02-23 01:40:46 +00:00
bde
4159786890 Fixed a serious off by 1 error. The cluster-in-use bitmap was overrun
by 1 u_int if the number of clusters was 1 more than a multiple of
(8 * sizeof(u_int)).  The bitmap is malloced and large (often huge), so
fatal overrun probably only occurred if the number of clusters was 1
more than 1 multiple of PAGE_SIZE/8.
2004-02-21 22:47:19 +00:00
phk
5551e292d8 Device megapatch 6/6:
This is what we came here for:  Hang dev_t's from their cdevsw,
refcount cdevsw and dev_t and generally keep track of things a lot
better than we used to:

Hold a cdevsw reference around all entrances into the device driver,
this will be necessary to safely determine when we can unload driver
code.

Hold a dev_t reference while the device is open.

KASSERT that we do not enter the driver on a non-referenced dev_t.

Remove old D_NAG code, anonymous dev_t's are not a problem now.

When destroy_dev() is called on a referenced dev_t, move it to
dead_cdevsw's list.  When the refcount drops, free it.

Check that cdevsw->d_version is correct.  If not, set all methods
to the dead_*() methods to prevent entrance into driver.  Print
warning on console to this effect.  The device driver may still
explode if it is also incompatible with newbus, but in that case
we probably didn't get this far in the first place.
2004-02-21 21:57:26 +00:00
phk
39fb4aef3d Device megapatch 5/6:
Remove the unused second argument from udev2dev().

Convert all remaining users of makedev() to use udev2dev().  The
semantic difference is that udev2dev() will only locate a pre-existing
dev_t, it will not line makedev() create a new one.

Apart from the tiny well controlled windown in D_PSEUDO drivers,
there should no longer be any "anonymous" dev_t's in the system
now, only dev_t's created with make_dev() and make_dev_alias()
2004-02-21 21:32:15 +00:00
phk
ad925439e0 Device megapatch 4/6:
Introduce d_version field in struct cdevsw, this must always be
initialized to D_VERSION.

Flip sense of D_NOGIANT flag to D_NEEDGIANT, this involves removing
four D_NOGIANT flags and adding 145 D_NEEDGIANT flags.
2004-02-21 21:10:55 +00:00
phk
df260dfa17 Report the correct length for symlink entries. 2004-02-19 19:09:52 +00:00
tjr
ab89ce797c Use size_t or ssize_t wherever appropriate instead of casting from int *
to size_t *, which is incorrect because they may have different widths.
This caused some subtle forms of corruption, the mostly frequently
reported one being that the last character of a filename was sometimes
duplicated on amd64.
2004-02-19 09:56:58 +00:00
trhodes
768a8affab Do not place dirmask in unnamed padding. Move it to the bottom of this
list where it should have been added originally.

Prodded by:	bde
2004-02-17 16:53:41 +00:00
tjr
e426f6c0bc If the "next free cluster" field of the FSInfo block is 0xFFFFFFFF,
it means that the correct value is unknown. Since this value is just
a hint to improve performance, initially assume that the first non-reserved
cluster is free, then correct this assumption if necessary before writing
the FSInfo block back to disk.

PR:		62826
MFC after:	2 weeks
2004-02-17 08:51:49 +00:00
phk
758f11d127 White-space align a struct definition.
Move a SYSINIT to the file where it belongs.
2004-02-15 21:43:08 +00:00
bde
4dca0a78ca Fixed some style bugs:
- don't unlock the vnode after vinvalbuf() only to have to relock it
  almost immediately.
- don't refer to devices classified by vn_isdisk() as block devices.
2004-02-14 04:41:13 +00:00
bde
c40486fc06 MFffs (ffs_vfsops.c 1.227: clean up open mode bandaid). This reduces
gratuitous differences with ffs a little.
2004-02-12 17:54:58 +00:00
nectar
a96542610a Fix a panic in pseudofs(9) that could occur when doing an I/O
operation with a large request or large offset.

Reported by:	Joel Ray Holveck <joelh@piquan.org>
Submitted by:	des
2004-02-10 21:06:47 +00:00
tjr
40b810244f Fixes problems that occurred when a file was removed and a directory
created with the same name, and vice versa:
- Immediately recycle vnodes of files & directories that have been deleted
or renamed.
- When looking an entry in the VFS name cache or smbfs's private
cache, make sure the vnode type is consistent with the type of file
the server thinks it is, and re-create the vnode if it isn't.

The alternative to this is to recycle vnodes unconditionally when their
use count drops to 0, but this would make all the caching we do
mostly useless.

PR:		62342
MFC after:	2 weeks
2004-02-10 05:53:02 +00:00
jhb
279b2b8278 Locking for the per-process resource limits structure.
- struct plimit includes a mutex to protect a reference count.  The plimit
  structure is treated similarly to struct ucred in that is is always copy
  on write, so having a reference to a structure is sufficient to read from
  it without needing a further lock.
- The proc lock protects the p_limit pointer and must be held while reading
  limits from a process to keep the limit structure from changing out from
  under you while reading from it.
- Various global limits that are ints are not protected by a lock since
  int writes are atomic on all the archs we support and thus a lock
  wouldn't buy us anything.
- All accesses to individual resource limits from a process are abstracted
  behind a simple lim_rlimit(), lim_max(), and lim_cur() API that return
  either an rlimit, or the current or max individual limit of the specified
  resource from a process.
- dosetrlimit() was renamed to kern_setrlimit() to match existing style of
  other similar syscall helper functions.
- The alpha OSF/1 compat layer no longer calls getrlimit() and setrlimit()
  (it didn't used the stackgap when it should have) but uses lim_rlimit()
  and kern_setrlimit() instead.
- The svr4 compat no longer uses the stackgap for resource limits calls,
  but uses lim_rlimit() and kern_setrlimit() instead.
- The ibcs2 compat no longer uses the stackgap for resource limits.  It
  also no longer uses the stackgap for accessing sysctl's for the
  ibcs2_sysconf() syscall but uses kernel_sysctl() instead.  As a result,
  ibcs2_sysconf() no longer needs Giant.
- The p_rlimit macro no longer exists.

Submitted by:	mtm (mostly, I only did a few cleanups and catchups)
Tested on:	i386
Compiled on:	alpha, amd64
2004-02-04 21:52:57 +00:00
cperciva
b9ee343f9e Fix style(9) of my previous commit.
Noticed by: nate
Approved by: nate, rwatson (mentor)
2004-01-21 18:03:54 +00:00
cperciva
f2970382f1 Allow devfs path rules to work on directories. Without this fix,
devfs rule add path fd unhide
is a no-op, while it should unhide the fd subdirectory.

Approved by: phk, rwatson (mentor)
PR: kern/60897
2004-01-21 16:43:29 +00:00
kan
1968ea331b Spell magic '16' number as IO_SEQSHIFT. 2004-01-19 20:03:43 +00:00
green
c684933315 Do not allow operations which cause known file-system corruption. 2004-01-16 22:55:25 +00:00
green
f5f86e003a Remove a warning. 2004-01-16 22:54:33 +00:00
green
b67f04e53c Fix an upper-vnode leak created in revision 1.52. When an upper-layer
file has been removed, it should be purged from the cache, but it need
not be removed from the directory stack causing corruption; instead,
it will simply be removed once the last references and holds on it
are dropped at the end of the unlink/rmdir system calls, and the
normal !UN_CACHED VOP_INACTIVE() handler for unionfs finishes it off.

This is easily reproduced by repeated "echo >file; rm file" on a
unionfs mount.  Strangely, "echo -n >file; rm file" didn't make
it happen.
2004-01-16 16:31:01 +00:00
tjr
17a33cbd75 Fix an inverted test for NOPEN in the unused function smb_smb_flush(). 2004-01-12 14:43:49 +00:00
truckman
5be717c021 Don't try to unlock the directory vnode in null_lookup() if the lock is
shared with the underlying file system and the lookup in the underlying
file system did the unlock for us.
2004-01-11 23:44:32 +00:00
tjr
c2134f4017 Restore closing of SMB find handle in smbfs_close(). 2004-01-10 03:45:30 +00:00
rwatson
b3dbc3d2f9 Lock p->p_textvp before calling vn_fullpath() on it. Note the
potential lock order concern due to the vnode lock held
simultaneously by the caller into procfs.

Reported by:	kuriyama
Approved by:	des
2004-01-07 17:58:51 +00:00
tjr
b872c27d4a In smbfs_inactive(), only invalidate the node's attribute cache if we
had to send a file close request to the server.
2004-01-04 00:57:22 +00:00
tjr
6bccc23255 Pass ACL, extended attribute and MAC vnode ops down the vnode stack. 2004-01-03 00:36:46 +00:00
phk
5b996ad186 Improve on POLA by populating DEVFS before doing devfs(8) rule ioctls.
PR:	60687
Spotted by:	Colin Percival <cperciva@daemonology.net>
2004-01-02 19:02:28 +00:00
bde
a3659bc228 Fixed some (most) style bugs in rev.1.33. Mainly 4-char indentation
(msdosfs uses normal 8-char indentation almost everywhere else),
too-long lines, and minor English usage errors.  The verbose formal
comment before the new function is still abnormal.
2003-12-29 11:59:05 +00:00
bde
783363bac1 Fixed some minor style bugs in rev.1.144. All related to msdosfs_advlock()
(mainly unsorting).  There were no changes related to the dirty flag
here.  The reference NetBSD implementation put msdosfs_advlock() in a
different place.  This commit only moves its declarations and changes
some of the function body to be like the NetBSD version.
2003-12-29 10:12:02 +00:00
bde
e56230b222 Fixed style bugs in rev.1.112. The bugs started with obscure magic
numbers in comments (Apple PR numbers?) and didn't improve.
2003-12-29 09:50:42 +00:00
bde
7d91626477 v_vxproc was a bogus name for a thread (pointer). 2003-12-28 09:12:56 +00:00
trhodes
7dde93f1df Make msdosfs support the dirty flag in FAT16 and FAT32.
Enable lockf support.

PR:		55861
Submitted by:	Jun Su <junsu@m-net.arbornet.org> (original version)
Reviewed by:	make universe
2003-12-26 17:19:19 +00:00
tjr
64493776c7 Make oldsize in smbfs_getattr() 64 bits wide instead of 32 to avoid
truncation when files are larger than 4GB.
2003-12-22 12:33:31 +00:00
tjr
7750c90c2f Avoid sign extension when casting signed characters to unsigned wide
characters in ntfs_u28(). This fixes the conversion of filenames containing
single-byte characters with the high bit set.
2003-12-16 01:52:54 +00:00
fjoe
ab0bce9d34 Make msdosfs long filenames matching case insensitive again.
PR:		59765
Submitted by:	Ryuichiro Imura <imura@ryu16.org>
2003-12-08 08:32:20 +00:00
des
ef7fbaac4f Constify, and add an API function to find a named node in a directory. 2003-12-07 17:41:19 +00:00
des
0864edfb36 Minor whitespace and style issues. 2003-12-07 17:40:00 +00:00
des
04b082fdc5 Remove useless SMP check code. 2003-12-07 17:37:44 +00:00
scottl
2b68e67c6d Re-arrange and consolidate some random debugging stuff 2003-12-07 05:04:49 +00:00
kan
23ba01be79 Fix vnode locking in fdesc_setattr. Lock vnode before invoking
VOP_SETATTR on it.

Approved by:	re@ (rwatson)
2003-11-19 04:14:42 +00:00
truckman
24b3a6d135 Use "fip->fi_readers == 0 && fip->fi_writers == 0" as the condition for
disposing fifo resources in fifo_cleanup() instead using of
"vp->v_usecount == 1".  There may be other references to the vnode, for
instance by nullfs, at the time fifo_open() or fifo_close() is called,
which could cause a resource leak.

Don't bother grabbing the vnode interlock in fifo_cleanup() since it no
longer accesses v_usecount.
2003-11-16 01:11:11 +00:00
das
6a3319096a - A sanity check in unionfs verifies that lookups of '.' return the
vnode of the parent.  However, this check should not be performed if
  the lookup failed.  This change should fix "union_lookup returning
  . not same as startdir" panics people were seeing.  The bug was
  introduced by an incomplete import of a NetBSD delta in rev 1.38.
- Move the aforementioned check out from DIAGNOSTIC.  Performance
  is the least of our unionfs worries.
- Minor reorganization.

PR:		53004
MFC after:	1 week
2003-11-14 08:23:13 +00:00
phk
6b409c68f0 Initialize b_iooffset correctly. 2003-11-13 09:58:09 +00:00
phk
c6eb0ef360 Don't mess around with spare fields of public structures. 2003-11-12 09:54:07 +00:00
phk
b24e482da1 Don't mess about with spare fields in public structures. 2003-11-12 09:52:10 +00:00
rwatson
77ed6e2d1c Modify the MAC Framework so that instead of embedding a (struct label)
in various kernel objects to represent security data, we embed a
(struct label *) pointer, which now references labels allocated using
a UMA zone (mac_label.c).  This allows the size and shape of struct
label to be varied without changing the size and shape of these kernel
objects, which become part of the frozen ABI with 5-STABLE.  This opens
the door for boot-time selection of the number of label slots, and hence
changes to the bound on the number of simultaneous labeled policies
at boot-time instead of compile-time.  This also makes it easier to
embed label references in new objects as required for locking/caching
with fine-grained network stack locking, such as inpcb structures.

This change also moves us further in the direction of hiding the
structure of kernel objects from MAC policy modules, not to mention
dramatically reducing the number of '&' symbols appearing in both the
MAC Framework and MAC policy modules, and improving readability.

While this results in minimal performance change with MAC enabled, it
will observably shrink the size of a number of critical kernel data
structures for the !MAC case, and should have a small (but measurable)
performance benefit (i.e., struct vnode, struct socket) do to memory
conservation and reduced cost of zeroing memory.

NOTE: Users of MAC must recompile their kernel and all MAC modules as a
result of this change.  Because this is an API change, third party
MAC modules will also need to be updated to make less use of the '&'
symbol.

Suggestions from:	bmilekic
Obtained from:		TrustedBSD Project
Sponsored by:		DARPA, Network Associates Laboratories
2003-11-12 03:14:31 +00:00
truckman
2305818240 If fifo_open() is interrupted, fifo_close() may not get called, causing
a resource leak.  Move the resource deallocation code from fifo_close()
to a new function, fifo_cleanup(), and call fifo_cleanup() from
fifo_close() and the appropriate places in fifo_open().

Tested by: 	Lukas Ertl
Pointy hat to:	truckman
2003-11-10 22:21:00 +00:00
tanimura
7eade05dfa - Implement selwakeuppri() which allows raising the priority of a
thread being waken up.  The thread waken up can run at a priority as
  high as after tsleep().

- Replace selwakeup()s with selwakeuppri()s and pass appropriate
  priorities.

- Add cv_broadcastpri() which raises the priority of the broadcast
  threads.  Used by selwakeuppri() if collision occurs.

Not objected in:	-arch, -current
2003-11-09 09:17:26 +00:00