Commit Graph

42 Commits

Author SHA1 Message Date
pjd
cb36b2a5c4 Add missing privilege check when setting the dump device. Before that change it
was possible for a regular user to setup the dump device if he had write access
to the given device. In theory it is a security issue as user might get access
to kernel's memory after provoking kernel crash, but in practise it is not
recommended to give regular users direct access to storage devices.

Rework the code so that we do privileges check within the set_dumper() function
to avoid similar problems in the future.

Discussed with:	secteam
2014-11-11 04:48:09 +00:00
eadler
f6cee57728 null.c: uio is unused
Mark another parameter as unused

Reported by:	rpaulo
2014-04-30 06:40:30 +00:00
eadler
e89dc3aeaa null.c: fix ordering
Use a consistent ordering of full -> null -> zero (alphabetical) in null.c

Reported by:	mjg
2014-04-30 06:30:37 +00:00
eadler
219138f390 Add a /dev/full device.
/dev/full is similar to /dev/zero except it always returns
ENOSPC when you attempt to write to it.

Reviewed by:	jhibbits
Discussed with:	rpaulo
2014-04-30 06:20:48 +00:00
alfred
4a74d2e51a Provide a device name in the sysctl tree for programs to query the
state of crashdump target devices.

This will be used to add a "-l" (ell) flag to dumpon(8) to list the
currently configured dumpdev.

Reviewed by:	phk
2012-11-01 17:01:05 +00:00
gnn
a2848bd240 Fix for PR 138526.
Add the ability for /dev/null and /dev/zero to accept
being set into non blocking mode via fcntl().  This
brings the code into compliance with IEEE Std 1003.1-2001
as referenced in another PR, 94729.

Reviewed by:	jhb
MFC after:	1 week
2012-01-11 15:00:16 +00:00
mdf
3d3b036f95 Move the ZERO_REGION_SIZE to a machine-dependent file, as on many
architectures (i386, for example) the virtual memory space may be
constrained enough that 2MB is a large chunk.  Use 64K for arches
other than amd64 and ia64, with special handling for sparc64 due to
differing hardware.

Also commit the comment changes to kmem_init_zero_region() that I
missed due to not saving the file.  (Darn the unfamiliar development
environment).

Arch maintainers, please feel free to adjust ZERO_REGION_SIZE as you
see fit.

Requested by:	alc
MFC after:	1 week
MFC with:	r221853
2011-05-13 19:35:01 +00:00
mdf
9465c34001 Usa a globally visible region of zeros for both /dev/zero and the md
device.  There are likely other kernel uses of "blob of zeros" than can
be converted.

Reviewed by:	alc
MFC after:	1 week
2011-05-13 18:48:00 +00:00
kib
328786e473 Mark /dev/zero and /dev/null as eternal.
In collaboration with:	pho
MFC after:	1 month
2010-08-06 09:47:48 +00:00
ed
d8177c8433 Remove unneeded minor numbers from /dev/null and /dev/zero. 2009-09-06 09:59:02 +00:00
rwatson
10d0d9cf47 Sweep kernel replacing suser(9) calls with priv(9) calls, assigning
specific privilege names to a broad range of privileges.  These may
require some future tweaking.

Sponsored by:           nCircle Network Security, Inc.
Obtained from:          TrustedBSD Project
Discussed on:           arch@
Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri,
                        Alex Lyashkov <umka at sevcity dot net>,
                        Skip Ford <skip dot ford at verizon dot net>,
                        Antoine Brodin <antoine dot brodin at laposte dot net>
2006-11-06 13:42:10 +00:00
phk
906adb895a Use dynamic major number allocation. 2005-02-27 22:01:09 +00:00
markm
e056e8d396 Go back to the historical minor numbers. Add a module version while
I'm here.

Asked for minor numbers by:	jhb
2004-08-02 19:59:41 +00:00
markm
1a5b1bba74 YA oops. Remove code that was being tested locally. 2004-08-01 18:22:44 +00:00
markm
a6c822020d Break out the MI part of the /dev/[k]mem and /dev/io drivers into
their own directory and module, leaving the MD parts in the MD
area (the MD parts _are_ part of the modules). /dev/mem and /dev/io
are now loadable modules, thus taking us one step further towards
a kernel created entirely out of modules. Of course, there is nothing
preventing the kernel from having these statically compiled.
2004-08-01 11:40:54 +00:00
phk
5c95d686a1 Do a pass over all modules in the kernel and make them return EOPNOTSUPP
for unknown events.

A number of modules return EINVAL in this instance, and I have left
those alone for now and instead taught MOD_QUIESCE to accept this
as "didn't do anything".
2004-07-15 08:26:07 +00:00
markm
850ccbe37b Micro-tweaking. 2004-06-20 13:50:50 +00:00
phk
dfd1f7fd50 Do the dreaded s/dev_t/struct cdev */
Bump __FreeBSD_version accordingly.
2004-06-16 09:47:26 +00:00
phk
ad925439e0 Device megapatch 4/6:
Introduce d_version field in struct cdevsw, this must always be
initialized to D_VERSION.

Flip sense of D_NOGIANT flag to D_NEEDGIANT, this involves removing
four D_NOGIANT flags and adding 145 D_NEEDGIANT flags.
2004-02-21 21:10:55 +00:00
markm
a7a106c73c Shorten the code by removing one "do-nothing" function, replacing it
with nullop(), which is in kern_conf.c.
2003-11-01 09:31:54 +00:00
markm
715845d8e6 Mark as __unused some arguments that are, erm, unused. 2003-10-18 09:16:01 +00:00
phk
f98b551eb1 Return ENOIOCTL for unknown ioctls, don't use noioctl to return ENODEV. 2003-09-27 12:27:23 +00:00
phk
7099deadda The present defaults for the open and close for device drivers which
provide no methods does not make any sense, and is not used by any
driver.

It is a pretty hard to come up with even a theoretical concept of
a device driver which would always fail open and close with ENODEV.

Change the defaults to be nullopen() and nullclose() which simply
does nothing.

Remove explicit initializations to these from the drivers which
already used them.
2003-09-27 12:01:01 +00:00
obrien
c63dab466c Use __FBSDID().
Also some minor style cleanups.
2003-08-24 17:55:58 +00:00
phk
6f774ee5f2 /dev/null and /dev/zero does not need Giant 2003-06-24 19:50:48 +00:00
phk
0ae911eb0e Gigacommit to improve device-driver source compatibility between
branches:

Initialize struct cdevsw using C99 sparse initializtion and remove
all initializations to default values.

This patch is automatically generated and has been tested by compiling
LINT with all the fields in struct cdevsw in reverse order on alpha,
sparc64 and i386.

Approved by:    re(scottl)
2003-03-03 12:15:54 +00:00
phk
ff24404b37 Don't use evil casts in cdevsw initialization. 2003-03-02 19:17:51 +00:00
markm
fe3c734ec8 Warns and lint fix. Nearly all trivial stuff. 2003-02-27 18:07:11 +00:00
imp
cf874b345d Back out M_* changes, per decision of the TRB.
Approved by: trb
2003-02-19 05:47:46 +00:00
alfred
bf8e8a6e8f Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0.
Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
2003-01-21 08:56:16 +00:00
markm
40044052d8 Everywhere else, an argument passed to a device containing flags
is called "flags". Make it so here.
2002-09-21 17:28:17 +00:00
markm
becaa16e96 Modernise the cdevsw WRT to (unused) kqueue. 2002-08-02 11:24:43 +00:00
phk
5b960672bf Rename DIOCGKERNELDUMP to DIOCSKERNELDUMP as it strictly speaking
is a "set" not a "get" operation.

Sponsored by:	DARPA & NAI Labs.
2002-04-09 10:04:09 +00:00
phk
33405073ec Move generic disk ioctls from <sys/disklabel.h> to <sys/disk.h>.
Sponsored by:	DARPA & NAI Labs
2002-04-08 09:20:07 +00:00
jhb
dc2e474f79 Change the suser() API to take advantage of td_ucred as well as do a
general cleanup of the API.  The entire API now consists of two functions
similar to the pre-KSE API.  The suser() function takes a thread pointer
as its only argument.  The td_ucred member of this thread must be valid
so the only valid thread pointers are curthread and a few kernel threads
such as thread0.  The suser_cred() function takes a pointer to a struct
ucred as its first argument and an integer flag as its second argument.
The flag is currently only used for the PRISON_ROOT flag.

Discussed on:	smp@
2002-04-01 21:31:13 +00:00
phk
ef82a51634 Here follows the new kernel dumping infrastructure.
Caveats:

The new savecore program is not complete in the sense that it emulates
enough of the old savecores features to do the job, but implements none
of the options yet.

I would appreciate if a userland hacker could help me out getting savecore
to do what we want it to do from a users point of view, compression,
email-notification, space reservation etc etc.  (send me email if
you are interested).

Currently, savecore will scan all devices marked as "swap" or "dump" in
/etc/fstab _or_ any devices specified on the command-line.

All architectures but i386 lack an implementation of dumpsys(), but
looking at the i386 version it should be trivial for anybody familiar
with the platform(s) to provide this function.

Documentation is quite sparse at this time, more to come.

Details:

ATA and SCSI drivers should work as the dump formatting code has been
removed.  The IDA, TWE and AAC have not yet been converted.

Dumpon now opens the device and uses ioctl(DIOCGKERNELDUMP) to set
the device as dumpdev.  To implement the "off" argument, /dev/null
is used as the device.

Savecore will fail if handed any options since they are not (yet)
implemented.  All devices marked "dump" or "swap" in /etc/fstab
will be scanned and dumps found will be saved to diskfiles
named from the MD5 hash of the header record.  The header record
is dumped in readable format in the .info file.  The kernel
is not saved.  Only complete dumps will be saved.

All maintainer rights for this code are disclaimed: feel free to
improve and extend.

Sponsored by:   DARPA, NAI Labs
2002-03-31 22:37:00 +00:00
phk
c47745e977 Send the remains (such as I have located) of "block major numbers" to
the bit-bucket.
2001-03-26 12:41:29 +00:00
dwmalone
dd75d1d73b Convert more malloc+bzero to malloc+M_ZERO.
Submitted by:	josh@zipperup.org
Submitted by:	Robert Drehmel <robd@gmx.net>
2000-12-08 21:51:06 +00:00
jhb
27c334b71b During a verbose boot, call the null device 'null' rather than 'null0' to
be more consistent with the rest of the kernel.
2000-10-06 00:46:29 +00:00
jhb
030e1f307a Move sys/dev/nulldev to sys/dev/null to be more consistent with naming
under sys/dev.
2000-10-02 20:16:37 +00:00
markm
edc351fc59 Small style change; make function names less likely to clash with
existing names. "null" is too common a string; use "null_".
2000-07-09 12:29:24 +00:00
markm
58318db808 New machine independant /dev/null and /dev/zero driver. This device is
severely stripped down compared with its predecessor, and is measurably
a _lot_ faster.

Many thanks to Jeroen van Gelderen for lots of good ideas.

There is still a problem with this; it is written as a mudule, and as
such is theoretically unloadable. However, there is no refcounting done
as I would prefer to do that a'la device_busy(9), rather than some
"home-rolled" scheme. The point is pretty moot, as /dev/null is
effectively compulsory.

Reviewed by:	dfr
2000-06-25 08:32:39 +00:00