Commit Graph

881 Commits

Author SHA1 Message Date
peter
0a45ae1ddc Move the ia32_sigtramp.S file back under amd64/. This interfaces closely
with the sendsig code in the MD area.  It is not safe to assume that all
the register conventions will be the same.  Also, the way of producing
32 bit code (.code32 directives) in this file is amd64 specific.
2003-12-11 01:09:51 +00:00
peter
90628de204 Assimilate ia64 back into the fold with the common freebsd32/ia32 code.
The split-up code is derived from the ia64 code originally.

Note that I have only compile-tested this, not actually run-tested it.
The ia64 side of the force is missing some significant chunks of signal
delivery code.
2003-12-11 01:05:09 +00:00
peter
6a3f22c928 Use the correct syscall table limit 2003-12-10 23:16:32 +00:00
peter
a767a6c392 Regen 2003-12-10 22:33:45 +00:00
peter
25170ce26a Add missing extattr_list_fd(), extattr_list_file(), extattr_list_link()
and kse_switchin() syscall slots.
2003-12-10 22:33:27 +00:00
peter
3db2893823 The osigpending, oaccept, orecvfrom and ogetdirentries entries were
accidently being compiled in as standard.  These are part of the
set of unimplemented COMPAT_43 syscall set.
2003-12-10 22:31:46 +00:00
des
98e94a9c10 Use mp_ncpus instead of the hw.ncpu sysctl. 2003-12-07 17:38:20 +00:00
kan
75a6d15c52 Do not call VOP_GETATTR in getdents function. It does not serve any
purpose and the resulting vattr structure was ignored. In addition,
the VOP_GETATTR call was made with no vnode lock held, resulting in
vnode locking violation panic with debug kernels.

Reported by:	truckman

Approved by:	re@ (rwatson)
2003-11-19 04:12:32 +00:00
rwatson
9ade8a4b03 Add a MAC check for VOP_LOOKUP() in the Linux getwcd() implementation.
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-11-17 18:57:20 +00:00
sobomax
a621621dc9 Pull latest changes from OpenBSD:
- improve sysinfo(2) syscall;
- add dummy fadvise64(2) syscall;
- add dummy *xattr(2) family of syscalls;
- add protos for the syscalls 222-225, 238-249 and 253-267;
- add exit_group(2) syscall, which is currently just wired to exit(2).

Obtained from:  OpenBSD
MFC after:      2 weeks
2003-11-16 15:07:10 +00:00
dwmalone
3e991a3b59 Use kern_sendit rather than sendit for the Linux send* syscalls.
This means we can avoid using the stack gap for most send* syscalls
now (it is still used in the IP_HDRINCL case).
2003-11-09 17:04:04 +00:00
peter
b652116ae9 Move a MD 32 bit binary support routine into the MD areas. exec_setregs
is highly MD in an emulation environment since it operates on the host
environment.  Although the setregs functions are really for exec support
rather than signals, they deal with the same sorts of context and include
files.  So I put it there rather than create yet another file.
2003-11-08 07:43:44 +00:00
peter
4de1c73f10 Regen 2003-11-08 07:31:49 +00:00
peter
742af7ab5a "implement" vfork(). Add comments next to the other syscalls that need
to be implemented.  This is enough to run i386 /bin/tcsh.  /bin/sh is still
not happy because of some strange job control problem.
2003-11-08 07:31:30 +00:00
peter
1854ebc0e3 Remove some duplicated comments that refer to npx. XXX The setregs
function is actually MD (not MI) though..
2003-11-08 03:35:06 +00:00
peter
0084fd36b8 Point the description of the fpu data in the context structures to
i386/include/npx.h instead of the host's machine/npx.h (which might not
exist)
2003-11-08 02:36:05 +00:00
peter
39c76d997c Dont write to the stackgap directly in execve(). 2003-11-07 21:27:13 +00:00
jhb
b6b663a274 Regen. 2003-11-07 20:30:30 +00:00
jhb
08067cd608 Sync with global syscalls.master by marking ptrace(), dup(), pipe(),
ktrace(), freebsd32_sigaltstack(), sysarch(), issetugid(), utrace(), and
freebsd32_sigaction() as MP safe.
2003-11-07 20:29:53 +00:00
anholt
b48d224277 Prevent leaking of fsid to non-root users in linux_statfs and linux_fstatfs.
Matches native syscalls now.

PR:		kern/58793
Submitted by:	David P. Reese Jr. <daver@gomerbud.com>
MFC after:	1 week
2003-11-05 23:52:54 +00:00
fjoe
160f13825c Back out the following revisions:
1.36      +73 -60    src/sys/compat/linux/linux_ipc.c
1.83      +102 -48   src/sys/kern/sysv_shm.c
1.8       +4 -0      src/sys/sys/syscallsubr.h

That change was intended to support vmware3, but
wantrem parameter is useless because vmware3 uses SYSV shared memory
to talk with X server and X server is native application.
The patch worked because check for wantrem was not valid
(wantrem and SHMSEG_REMOVED was never checked for SHMSEG_ALLOCATED segments).

Add kern.ipc.shm_allow_removed (integer, rw) sysctl (default 0) which when set
to 1 allows to return removed segments in
shm_find_segment_by_shmid() and shm_find_segment_by_shmidx().

MFC after:	1 week
2003-11-05 01:53:10 +00:00
brooks
f1e94c6f29 Replace the if_name and if_unit members of struct ifnet with new members
if_xname, if_dname, and if_dunit. if_xname is the name of the interface
and if_dname/unit are the driver name and instance.

This change paves the way for interface renaming and enhanced pseudo
device creation and configuration symantics.

Approved By:	re (in principle)
Reviewed By:	njl, imp
Tested On:	i386, amd64, sparc64
Obtained From:	NetBSD (if_xname)
2003-10-31 18:32:15 +00:00
peter
8e63ac0e38 Oops, forgot to save these in the editor. Add CTASSERTS for signal and
context related things.
2003-10-30 02:43:19 +00:00
peter
11bf308b70 Add CTASSERT()'s to check that the sizes of our replicas of the 32 bit
structures come out the right size.

Fix the ones that broke.  stat32 had some missing fields from the end
and statfs32 was broken due to the strange definition of MNAMELEN
(which is dependent on sizeof(long))

I'm not sure if this fixes any actual problems or not.
2003-10-30 02:40:30 +00:00
tjr
39d2858393 Reject negative ngrp arguments in linux_setgroups() and linux_setgroups16();
stops users being able to cause setgroups to clobber the kernel stack by
copying in data past the end of the linux_gidset array.
2003-10-21 11:00:33 +00:00
sam
3d2d2c4fd8 fix build: linux_to_bsd_msf_lba is no longer used because of previous commit 2003-10-20 17:56:10 +00:00
tjr
f2b3ceb410 Fix some security bugs in the SVR4 emulator:
- Return NULL instead of returning memory outside of the stackgap
  in stackgap_alloc() (FreeBSD-SA-00:42.linux)
- Check for stackgap_alloc() returning NULL in svr4_emul_find(),
  and clean_pipe().
- Avoid integer overflow on large nfds argument in svr4_sys_poll()
- Reject negative nbytes argument in svr4_sys_getdents()
- Don't copy out past the end of the struct componentname
  pathname buffer in svr4_sys_resolvepath()
- Reject out-of-range signal numbers in svr4_sys_sigaction(),
  svr4_sys_signal(), and svr4_sys_kill().
- Don't malloc() user-specified lengths in show_ioc() and
  show_strbuf(), place arbitrary limits instead.
- Range-check lengths in si_listen(), ti_getinfo(), ti_bind(),
  svr4_do_putmsg(), svr4_do_getmsg(), svr4_stream_ti_ioctl().

Some fixes obtain from OpenBSD.
2003-10-20 10:38:48 +00:00
sos
82da7f6b49 We dont support CDROMREADAUDIO anymore. 2003-10-20 09:51:00 +00:00
cognet
18fc7b26c7 Various style and type fixes in my last commit.
Suggested by:	mux
2003-10-20 04:10:20 +00:00
cognet
82c805f917 Implement partially /proc/<pid>/maps.
It looks enough to make SImics run.

Reviewed by:	des
2003-10-19 14:13:51 +00:00
iwasaki
324480cbaf Fix some problems in linux_sendmsg() and linux_recvmsg().
- Allocate storage for uap->msg always because it is copyin()'ed in
   native sendmsg().
 - Convert sockopt level from Linux to FreeBSD after native recvmsg() calling.
 - Some cleanups.

Tested with:	Oracle 9i shared server connection mode.

MFC after:	1 week
2003-10-11 15:08:32 +00:00
gallatin
8f2de8390a make kernel_sysctl()'s args match its prototype in order to fix the
alpha build
2003-10-08 18:05:59 +00:00
des
9af19ad623 Fix a (fortunately harmless) signed / unsigned bug. 2003-09-30 13:35:19 +00:00
peter
8ecb3577d8 Add sysentvec->sv_fixlimits() hook so that we can catch cases on 64 bit
systems where the data/stack/etc limits are too big for a 32 bit process.

Move the 5 or so identical instances of ELF_RTLD_ADDR() into imgact_elf.c.

Supply an ia32_fixlimits function.  Export the clip/default values to
sysctl under the compat.ia32 heirarchy.

Have mmap(0, ...) respect the current p->p_limits[RLIMIT_DATA].rlim_max
value rather than the sysctl tweakable variable.  This allows mmap to
place mappings at sensible locations when limits have been reduced.

Have the imgact_elf.c ld-elf.so.1 placement algorithm use the same
method as mmap(0, ...) now does.

Note that we cannot remove all references to the sysctl tweakable
maxdsiz etc variables because /etc/login.conf specifies a datasize
of 'unlimited'.  And that causes exec etc to fail since it can no
longer find space to mmap things.
2003-09-25 01:10:26 +00:00
des
1dcdf9246c Previous commit contained too-smart-for-its-own-good code that might
produce incorrect (though harmless) output on single-CPU systems.
2003-09-22 16:05:11 +00:00
des
111a6744cd Fake multi-cpu statistics for proc/stat by dividing the totals by the
number of CPUs.

PR:		kern/27522
2003-09-22 15:52:32 +00:00
des
5dcdf0638c Fix some broken comments. 2003-09-09 19:22:55 +00:00
des
ea3cbbe49d Add cwd, root and statm (modeled on a 2.4.20 kernel). De-obfuscate
linprocfs_init() a little and remove some gratuitous whitespace.
2003-09-09 08:19:06 +00:00
bde
8319013e49 Restored a non-egregious cast so that this file compiles on i386's
with 64-bit longs again.  This was fixed in rev.1.42 but the fix
rotted non-fatally in rev.1.105 and fatally in rev.1.137.

Many more non-egregrious casts are strictly required for conversions
from semi-opaque types to pointers, but we avoid most of them by using
types that are almost certain to be compatible with uintptr_t for
representing pointers (e.g., vm_offset_t).  Here we don't really want
the u_longs, but we have them because a.out.h and its support code
doesn't use typedefs (it uses unsigned in V7 and unsigned long in
FreeBSD) and is too obsolete to fix now.
2003-09-07 13:03:13 +00:00
peter
e95056563d Switch to using the emulator in the common compat area.
Still work-in-progress.
2003-08-23 00:04:53 +00:00
peter
aecc3981a1 Initial sweep at dividing up the generic 32bit-on-64bit kernel support
from the ia32 specific stuff.  Some of this still needs to move to the MI
freebsd32 area, and some needs to move to the MD area.  This is still
work-in-progress.
2003-08-22 23:19:02 +00:00
peter
e2c08ea16b Initial sweep to de-i386-ify this 2003-08-22 23:07:28 +00:00
peter
2c79c9e29b Regen 2003-08-22 22:52:04 +00:00
peter
763024f66d Begin attempting to consolidate the two different i386 emulations
on ia64 and amd64.  I'm attempting to keep the generic 32bit-on-64bit
binary support seperate from the i386 support and the MD backend support.
2003-08-22 22:51:48 +00:00
peter
ba0d622c9f Regen 2003-08-21 03:48:50 +00:00
peter
96b31600a1 This is too funny for words. Swap syscalls 416 and 417 around. It works
better that way when sigaction() and sigreturn() do the right thing.
2003-08-21 03:48:05 +00:00
des
1bccee947e Whitespace cleanup. 2003-08-18 13:30:15 +00:00
marcel
7db6a715d6 Cleanup <machine/cpu.h> by moving MD prototypes to <machine/md_var.h>
like we have on other platforms. Move savectx() to <machine/pcb.h>.
A lot of files got these MD prototypes through the indirect inclusion
of <machine/cpu.h> and now need to include <machine/md_var.h>. The
number of which is unexpectedly large...

osf1_misc.c especially is tricky because szsigcode is redefined in
one of the osf1 header files. Reordering of the include files was
needed.

linprocfs.c now needs an explicit extern declaration.

Tested with: LINT
2003-08-17 06:42:08 +00:00
phk
3655029882 Remove dangling extern reference to swap_pager_full 2003-08-06 18:40:49 +00:00
des
f907274e33 Add support for multiple CPUs to cpuinfo. 2003-08-04 10:55:22 +00:00
des
8760f74f82 Try to make 'uname -a' look more like it does on Linux:
- cut the version string at the newline, suppressing information about
   who built the kernel and in what directory.  Most of this information
   was already lost to truncation.

 - on i386, return the precise CPU class (if known) rather than just
   "i386".  Linux software which uses this information to select
   which binary to run often does not know what to make of "i386".
2003-07-29 10:03:15 +00:00
phk
6221ef9078 Add a "int fd" argument to VOP_OPEN() which in the future will
contain the filedescriptor number on opens from userland.

The index is used rather than a "struct file *" since it conveys a bit
more information, which may be useful to in particular fdescfs and /dev/fd/*

For now pass -1 all over the place.
2003-07-26 07:32:23 +00:00
obrien
02a4f42b9a Use __FBSDID().
Brought to you by:	a boring talk at Ottawa Linux Symposium
2003-07-25 21:19:19 +00:00
phk
5fa40a3265 Add a new function swap_pager_status() which reports the total size of the
paging space and how much of it is in use (in pages).

Use this interface from the Linuxolator instead of groping around in the
internals of the swap_pager.
2003-07-18 10:26:09 +00:00
marcel
ea0a6b417a Don't map LINUX_POSIX_VDISABLE to _POSIX_VDISABLE and vice versa for
the VMIN and VTIME members of the c_cc array. These members are not
special control characters. By not excluding these members we
changed the noncanonical mode input processing when both members
were 0 on entry (=LINUX_POSIX_VDISABLE) as we would remap them to 255
(=_POSIX_VDISABLE). See termios(4) case A for how that screws up
your terminal I/O.

PR: 23173
Originator: Bjarne Blichfeldt <bbl@dk.damgaard.com>
Patch by: Boris Nikolaus <bn@dali.tellique.de> (original submission)
	  Philipp Mergenthaler <philipp.mergenthaler@stud.uni-karlsruhe.de>
Reminders by: Joseph Holland King <gte743n@cad.gatech.edu>
MFC after: 5 days
2003-06-28 19:32:07 +00:00
phk
c81c59299b Add a f_vnode field to struct file.
Several of the subtypes have an associated vnode which is used for
stuff like the f*() functions.

By giving the vnode a speparate field, a number of checks for the specific
subtype can be replaced simply with a check for f_vnode != NULL, and
we can later free f_data up to subtype specific use.

At this point in time, f_data still points to the vnode, so any code I
might have overlooked will still work.
2003-06-22 08:41:43 +00:00
davidxu
abb4420bbe Rename P_THREADED to P_SA. P_SA means a process is using scheduler
activations.
2003-06-15 00:31:24 +00:00
obrien
349c6025d0 Use __FBSDID(). 2003-06-10 21:44:29 +00:00
obrien
f72cbcf207 Use __FBSDID(). 2003-06-10 21:29:12 +00:00
phk
e582dcfe26 Put definition of struct svr4_sockcache_entry in a .h file rather than
having two independent definitions in two .c files.
Fiddle surrounding details to match.

Found by:       FlexeLint
2003-05-31 20:33:18 +00:00
peter
a32db9797c Regenerate. 2003-05-31 06:51:04 +00:00
peter
3afe1a4377 Make this compile with WITNESS enabled. It wants the syscall names. 2003-05-31 06:49:53 +00:00
peter
99d1672b3d Deal with the user VM space expanding. 32 bit applications do not like
having their stack at the 512GB mark.  Give 4GB of user VM space for 32
bit apps.  Note that this is significantly more than on i386 which gives
only about 2.9GB of user VM to a process (1GB for kernel, plus page
table pages which eat user VM space).

Approved by: re (blanket)
2003-05-23 05:07:33 +00:00
peter
12d7e4bee6 Collect the nastiness for preserving the kernel MSR_GSBASE around the
load_gs() calls into a single place that is less likely to go wrong.

Eliminate the per-process context switching of MSR_GSBASE, because it
should be constant for a single cpu.  Instead, save/restore it during
the loading of the new %gs selector for the new process.

Approved by:	re (amd64/* blanket)
2003-05-15 00:23:40 +00:00
peter
c177f59bbf Regen
Approved by: re (amd64 blanket)
2003-05-14 04:11:25 +00:00
peter
770abdbb9c Add BASIC i386 binary support for the amd64 kernel. This is largely
stolen from the ia64/ia32 code (indeed there was a repocopy), but I've
redone the MD parts and added and fixed a few essential syscalls.  It
is sufficient to run i386 binaries like /bin/ls, /usr/bin/id (dynamic)
and p4.  The ia64 code has not implemented signal delivery, so I had
to do that.

Before you say it, yes, this does need to go in a common place.  But
we're in a freeze at the moment and I didn't want to risk breaking ia64.
I will sort this out after the freeze so that the common code is in a
common place.

On the AMD64 side, this required adding segment selector context switch
support and some other support infrastructure.  The %fs/%gs etc code
is hairy because loading %gs will clobber the kernel's current MSR_GSBASE
setting.  The segment selectors are not used by the kernel, so they're only
changed at context switch time or when changing modes.  This still needs
to be optimized.

Approved by:	re (amd64/* blanket)
2003-05-14 04:10:49 +00:00
jhb
89a4eb17de - Merge struct procsig with struct sigacts.
- Move struct sigacts out of the u-area and malloc() it using the
  M_SUBPROC malloc bucket.
- Add a small sigacts_*() API for managing sigacts structures: sigacts_alloc(),
  sigacts_free(), sigacts_copy(), sigacts_share(), and sigacts_shared().
- Remove the p_sigignore, p_sigacts, and p_sigcatch macros.
- Add a mutex to struct sigacts that protects all the members of the struct.
- Add sigacts locking.
- Remove Giant from nosys(), kill(), killpg(), and kern_sigaction() now
  that sigacts is locked.
- Several in-kernel functions such as psignal(), tdsignal(), trapsignal(),
  and thread_stopped() are now MP safe.

Reviewed by:	arch@
Approved by:	re (rwatson)
2003-05-13 20:36:02 +00:00
phk
154b84916c Don't #define memset() to bzero(), it is far too prone to bite somebody.
Approved by:	re/scottl
2003-05-12 05:08:38 +00:00
mbr
98d5255d63 Change the semantics of sysv shm emulation to take a additional
argument to the functions shm{at,ctl}1 and shm_find_segment_by_shmid{x}.
The BSD semantics didn't allow the usage of shared segment after
being marked for removal through IPC_RMID.

The patch involves the following functions:
  - shmat
  - shmctl
  - shm_find_segment_by_shmid
  - shm_find_segment_by_shmidx
  - linux_shmat
  - linux_shmctl

Submitted by:	Orlando Bassotto <orlando.bassotto@ieo-research.it>
Reviewed by:	marcel
2003-05-05 09:22:58 +00:00
mbr
4567946ab2 Initialize tbuf in newstat_copyout() too.
Reviewed by:	phk
2003-04-29 17:03:22 +00:00
kan
9468fdaf14 Deprecate machine/limits.h in favor of new sys/limits.h.
Change all in-tree consumers to include <sys/limits.h>

Discussed on:	standards@
Partially submitted by: Craig Rodrigues <rodrigc@attbi.com>
2003-04-29 13:36:06 +00:00
mbr
284d69d7b0 Do the same thing for stat64_copyout() as we already
do for newstat_copyout().

Lie about disk drives which are character devices
in FreeBSD but block devices under Linux.

PR:		37227
Submitted by:	Vladimir B. Grebenschikov <vova@sw.ru>
Reviewed by:	phk
MFC after:	2 weeks
2003-04-29 12:36:03 +00:00
jhb
bf4af0c27e Argh! We want to return the old signal set when the error return is zero
(i.e. success), not non-zero (failure).

Submitted by:	tegge
Pointy hat to:	jhb
2003-04-28 19:43:11 +00:00
jhb
10710f6bc9 Use a switch to convert the Linux sigprocmask flags to the equivalent
FreeBSD flags instead of just adding one to the Linux flags.  This should
be identical to the previous version except that I have at least one report
of this patch fixing problems people were having with Linux apps after my
last commit to this file.  It is safer to use the switch then to make
assumptions about the flag values anyways, esp. since we currently use
MD defines for the values of the flags and this is MI code.

Tested by:	Michael Class <michael_class@gmx.net>
2003-04-25 19:26:18 +00:00
jhb
dcf45ed625 Regen. 2003-04-25 15:59:44 +00:00
jhb
011ef0f3d8 Oops, the thr_* and jail_attach() syscall entries should be NOPROTO rather
than STD.
2003-04-25 15:59:18 +00:00
anholt
066321f1e0 Add an ioctl handler for the DRM. This removes the need for the DRM_LINUX
option, which has been a source of frustration for many users.
2003-04-24 23:36:35 +00:00
jhb
968ad4dbc6 Regen. 2003-04-24 20:50:57 +00:00
jhb
4d35246c8d Fix the thr_create() entry by adding a trailing \. Also, sync up the
MP safe flag for thr_* with the main table.
2003-04-24 20:49:46 +00:00
jhb
3df03e8316 Fix a lock order reversal. Unlock the proc before calling fget().
Reported by:	kris
2003-04-23 18:13:26 +00:00
jhb
146e8aecec - Replace inline implementations of sigprocmask() with calls to
kern_sigprocmask() in the various binary compatibility emulators.
- Replace calls to sigsuspend(), sigaltstack(), sigaction(), and
  sigprocmask() that used the stackgap with calls to the corresponding
  kern_sig*() functions instead without using the stackgap.
2003-04-22 18:23:49 +00:00
jhb
dea441a540 The proc lock is sufficient to test p_state against PRS_ZOMBIE, so don't
needlessly lock sched_lock.
2003-04-17 22:09:08 +00:00
jhb
5921ce0c8b Don't hold the proc lock while performing sigset conversions on local
variables.
2003-04-17 22:07:56 +00:00
jhb
e7a906488e Use local struct proc variables to reduce repeated td->td_proc dereferences
and improve readability.
2003-04-17 22:02:47 +00:00
jhb
c4dbd4b4f2 P_SHOULDSTOP used to be p_stat == SSTOP and needed the sched_lock, now it
is protected by the proc lock and doesnt' need sched_lock, so adjust the
locking appropriately.
2003-04-17 21:58:45 +00:00
phk
6dd4776ecc Don't include <sys/disklabel.h> 2003-04-16 20:57:35 +00:00
jhb
373f7eda61 Explicitly cast a l_ulong to an unsigned long to make all arch's happy
with the printf format.
2003-04-16 20:43:10 +00:00
jhb
277277d989 Fix printf format in a debug printf. 2003-04-16 20:07:48 +00:00
jhb
2adf0f9f0c Fix multiple printf warnings on Alpha:
- Prefer long long to quad_t to match printf args.
- Use uintmax_t and %j to print segsz_t and vm_size_t values.
- Fix others in Alpha-specific code.
2003-04-16 19:46:26 +00:00
mike
75859ca578 o In struct prison, add an allprison linked list of prisons (protected
by allprison_mtx), a unique prison/jail identifier field, two path
  fields (pr_path for reporting and pr_root vnode instance) to store
  the chroot() point of each jail.
o Add jail_attach(2) to allow a process to bind to an existing jail.
o Add change_root() to perform the chroot operation on a specified
  vnode.
o Generalize change_dir() to accept a vnode, and move namei() calls
  to callers of change_dir().
o Add a new sysctl (security.jail.list) which is a group of
  struct xprison instances that represent a snapshot of active jails.

Reviewed by:	rwatson, tjr
2003-04-09 02:55:18 +00:00
phk
87ed8009e2 Add #include <sys/conf.h> so we don't rely on <sys/disk.h> doing it. 2003-04-01 12:34:47 +00:00
phk
81a4ff8159 Don't include <sys/buf.h> needlessly. 2003-04-01 09:02:58 +00:00
jeff
5f8f1497c8 - Add thr and umtx system calls. 2003-04-01 01:15:56 +00:00
jeff
23844ff023 - Add a placeholder for sigwait 2003-03-31 23:36:40 +00:00
jeff
46e6ba39f1 - Move p->p_sigmask to td->td_sigmask. Signal masks will be per thread with
a follow on commit to kern_sig.c
 - signotify() now operates on a thread since unmasked pending signals are
   stored in the thread.
 - PS_NEEDSIGCHK moves to TDF_NEEDSIGCHK.
2003-03-31 22:49:17 +00:00
phk
b01c30ec02 Fix an XXX: and implement LINUX_BLKGETSIZE correctly. 2003-03-28 08:58:11 +00:00
jhb
72a1a2619c Add a cleanup function to destroy the osname_lock and call it on module
unload.

Submitted by:	gallatin
Reported by:	Martin Karlsson <mk-freebsd@bredband.net>
2003-03-26 18:29:44 +00:00
jhb
38bdc5fff0 Sync up linux and svr compat elf fixup functions for exec(). These
functions are now all basically identical except that alpha linux uses
Elf64 arguments and svr4 and i386 linux use Elf32.  The fixups include
changing the first argument to be a register_t ** to match the prototype
for fixup functions, asserting that the process in the image_params struct
is always curproc and removing unnecessary locking to read credentials as a
result, and a few style fixes.
2003-03-21 19:49:34 +00:00
jhb
b8b062b09b Use td->td_ucred instead of td->td_proc->p_ucred. 2003-03-20 21:17:40 +00:00
phk
afab808bc4 Backout the getcwd changes, a more comprehensive effort will be needed. 2003-03-20 10:40:45 +00:00
phk
90f136c592 (This commit certainly increases the need for a wash&clean of vfs_cache.c,
but I decided that it was important for this patch to not bit-rot, and
since it is mainly moving code around, the total amount of entropy is
epsilon /phk)

This is a patch to move the common parts of linux_getcwd() back into
kern/vfs_cache.c so that the standard FreeBSD libc getcwd() can use it's
extended functionality.  The linux syscall linux_getcwd() in
compat/linux/linux_getcwd.c has been rewritten to use it too.  It should
be possible to simplify libc's getcwd() after this.  No doubt this code
needs some cleaning up, since I've left in the sysctl variables I used
for debugging.

PR:	48169
Submitted by:	James Whitwell <abacau@yahoo.com.au>
2003-03-17 12:21:08 +00:00
jhb
34c953a772 - Change the linux_[gs]et_os{name, release, s_version}() functions to
take a thread instead of a proc for their first argument.
- Add a mutex to protect the system-wide Linux osname, osrelease, and
  oss_version variables.
- Change linux_get_prison() to take a thread instead of a proc for its
  first argument and to use td_ucred rather than p_ucred.  This is ok
  because a thread's prison does not change even though it's ucred might.
- Also, change linux_get_prison() to return a struct prison * instead of
  a struct linux_prison * since it returns with the struct prison locked
  and this makes it easier to safely unlock the prison when we are done
  messing with it.
2003-03-13 22:45:43 +00:00
des
3c182bd3cd Clean up whitespace and remove register keyword. 2003-03-03 09:17:12 +00:00
des
021faa11ac More caddr_t removal, in conjunction with copy{in,out}(9) this time.
Also clean up some egregious casts and incorrect use of sizeof.
2003-03-03 09:14:26 +00:00
des
2756b6c964 More low-hanging fruit: kill caddr_t in calls to wakeup(9) / [mt]sleep(9). 2003-03-02 16:54:40 +00:00
des
7b016a11e6 Clean up whitespace, s/register //, refrain from strong urge to ANSIfy. 2003-03-02 15:56:49 +00:00
des
765ebc59b4 uiomove-related caddr_t -> void * (just the low-hanging fruit) 2003-03-02 15:50:23 +00:00
ume
5820529758 Add M_WAITOK 2003-02-20 11:24:55 +00:00
imp
cf874b345d Back out M_* changes, per decision of the TRB.
Approved by: trb
2003-02-19 05:47:46 +00:00
tjr
6ebeaa8ec8 Use the proc lock to protect p_realtimer instead of Giant, and obtain
sched_lock around accesses to p_stats->p_timer[] to avoid a potential
race with hardclock. getitimer(), setitimer() and the realitexpire()
callout are now Giant-free.
2003-02-17 10:03:02 +00:00
phk
4bfb37f22e Remove #include <sys/dkstat.h> 2003-02-16 14:13:23 +00:00
tjr
6ff2b5ed6a Add MPSAFE comment to linux_sigpending(). 2003-02-16 02:33:12 +00:00
tjr
5c16d0c538 Obtain proc lock around modification of p_siglist in linux_wait4(). 2003-02-14 08:59:49 +00:00
dwmalone
7901f87059 1) Linux_sendto was trashing the BSD sockaddr it put in the stackgap,
so be more careful about calling stackgap_init.

    Tested by: Fred Souza <fred@storming.org>

2) Linux_sendmsg was forgetting to fill out the bsd_args struct.

    Reviewed by: ume

3) The args to linux_connect have differently named types on alpha and
i386, so add a cast to stop gcc complaining.

    Spotted by: peter
2003-02-08 09:26:31 +00:00
ume
f1aeff9dcb Avoid undefined symbol error with an IPv4 only kernel.
Reported by:	"Sergey A. Osokin" <osa@freebsd.org.ru>
2003-02-05 11:05:45 +00:00
ume
9689f0580d Add IPv6 support for Linuxlator.
Reviewed by:	dwmalone
MFC after:	10 days
2003-02-03 17:43:20 +00:00
alfred
b5c0015ac9 Consolidate MIN/MAX macros into one place (param.h).
Submitted by: Hiten Pandya <hiten@unixdaemons.com>
2003-02-02 13:17:30 +00:00
alfred
bf8e8a6e8f Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0.
Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
2003-01-21 08:56:16 +00:00
dillon
5a2a297c7b Add missing #include
Submitted by:	"Sam Leffler" <sam@errno.com>
2003-01-14 21:31:31 +00:00
dillon
e08a8297e2 Apply bandaid to bring svr4_sys_waitsys() in line with exit1(). This
routine really need to be gutted and merged with exit1().

Reviewed by:	jhb
2003-01-13 22:44:23 +00:00
dillon
ccd5574cc6 Bow to the whining masses and change a union back into void *. Retain
removal of unnecessary casts and throw in some minor cleanups to see if
anyone complains, just for the hell of it.
2003-01-13 00:33:17 +00:00
dillon
ddf9ef103e Change struct file f_data to un_data, a union of the correct struct
pointer types, and remove a huge number of casts from code using it.

Change struct xfile xf_data to xun_data (ABI is still compatible).

If we need to add a #define for f_data and xf_data we can, but I don't
think it will be necessary.  There are no operational changes in this
commit.
2003-01-12 01:37:13 +00:00
alfred
6f979f7e5f Add function linux_msg() for regulating output from the linux emulation
code, make the emulator use it.

Rename unsupported_msg() to unimplemented_syscall().  Rename some arguments
for clarity

Fixup grammar.

Requested by: bde
2003-01-02 02:19:10 +00:00
alfred
8ae9cf91c8 When complaining about obsolete/unimplemented syscalls output the process
name to make things more clear for the user.

PR: 46661
MFC After: 3 days
2003-01-01 01:42:57 +00:00
rwatson
22c41db3e5 Synchronize to kern/syscalls.master:1.139.
Obtained from:	TrustedBSD Project
2002-12-29 20:33:26 +00:00
hsu
82e1e3bab0 SMP locking for ifnet list. 2002-12-22 05:35:03 +00:00
marcel
3c86a795f0 Regen: swapoff 2002-12-16 00:49:36 +00:00
marcel
4451a382e7 Change swapoff from MNOPROTO to UNIMPL. The former doesn't work. 2002-12-16 00:48:52 +00:00
dillon
b43fb3e920 This is David Schultz's swapoff code which I am finally able to commit.
This should be considered highly experimental for the moment.

Submitted by:	David Schultz <dschultz@uclink.Berkeley.EDU>
MFC after:	3 weeks
2002-12-15 19:17:57 +00:00
alfred
d070c0a52d SCARGS removal take II. 2002-12-14 01:56:26 +00:00
alfred
4f48184fb2 Backout removal SCARGS, the code freeze is only "selectively" over. 2002-12-13 22:41:47 +00:00
alfred
d19b4e039d Remove SCARGS.
Reviewed by: md5
2002-12-13 22:27:25 +00:00
iedowse
fe6446a055 Fix emulation of the fcntl64() syscall. In Linux, this is exactly
the same as fcntl() except that it supports the new 64-bit file
locking commands (LINUX_F_GETLK64 etc) that use the `flock64'
structure. We had been interpreting all flock structures passed to
fcntl64() as `struct flock64' instead of only the ones from F_*64
commands.

The glibc in linux_base-7 uses fcntl64() by default, but the bug
was often non-fatal since the misinterpretation typically only
causes junk to appear in the `l_len' field and most junk values are
accepted as valid range lengths. The result is occasional EINVAL
errors from F_SETLK and a few bytes after the supplied `struct
flock' getting clobbered during F_GETLK.

PR:		kern/37656
Reviewed by:	marcel
Approved by:	re
MFC after:	1 week
2002-12-08 18:30:44 +00:00
deischen
54d9a4c0f7 Regenerate after adding syscalls. 2002-11-16 23:48:14 +00:00
deischen
280e9bbfe8 Add *context() syscalls to ia64 32-bit compatability table as requested
in kern/syscalls.master.
2002-11-16 15:15:17 +00:00
rwatson
6c4f4d26f4 Bring in two sets of changes:
(1) Permit userland applications to request a change of label atomic
    with an execve() via mac_execve().  This is required for the
    SEBSD port of SELinux/FLASK.  Attempts to invoke this without
    MAC compiled in result in ENOSYS, as with all other MAC system
    calls.  Complexity, if desired, is present in policy modules,
    rather than the framework.

(2) Permit policies to have access to both the label of the vnode
    being executed as well as the interpreter if it's a shell
    script or related UNIX nonsense.  Because we can't hold both
    vnode locks at the same time, cache the interpreter label.
    SEBSD relies on this because it supports secure transitioning
    via shell script executables.  Other policies might want to
    take both labels into account during an integrity or
    confidentiality decision at execve()-time.

Approved by:	re
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-11-05 17:51:56 +00:00
rwatson
e05e16efa1 Remove reference to struct execve_args from struct imgact, which
describes an image activation instance.  Instead, make use of the
existing fname structure entry, and introduce two new entries,
userspace_argv, and userspace_envv.  With the addition of
mac_execve(), this divorces the image structure from the specifics
of the execve() system call, removes a redundant pointer, etc.
No semantic change from current behavior, but it means that the
structure doesn't depend on syscalls.master-generated includes.

There seems to be some redundant initialization of imgact entries,
which I have maintained, but which could probably use some cleaning
up at some point.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-11-05 01:59:56 +00:00
rwatson
3f3d082989 Sync to src/sys/kern/syscalls.master 2002-11-02 23:55:30 +00:00
julian
8aebe48934 Remove the process state PRS_WAIT.
It is never used. I left it there from pre-KSE days as I didn't know
if I'd need it or not but now I know I don't.. It's functionality
is in TDI_IWAIT in the thread.
2002-10-21 22:27:36 +00:00
peter
a75c662939 Stake a claim on 418 (__xstat), 419 (__xfstat), 420 (__xlstat) 2002-10-19 22:25:31 +00:00
peter
6f9d4eb337 Grab 416/417 real estate before I get burned while testing again.
This is for the not-quite-ready signal/fpu abi stuff.  It may not see
the light of day, but I'm certainly not going to be able to validate it
when getting shot in the foot due to syscall number conflicts.
2002-10-19 22:09:23 +00:00
marcel
d8d309f454 Implement the CDROMREADAUDIO ioctl. 2002-10-19 21:11:43 +00:00
rwatson
f3cd77cf07 Add a placeholder for the execve_mac() system call, similar to SELinux's
execve_secure() system call, which permits a process to pass in a label
for a label change during exec.  This permits SELinux to change the
label for the resulting exec without a race following a manual label
change on the process.  Because this interface uses our general purpose
MAC label abstraction, we call it execve_mac(), and wrap our port of
SELinux's execve_secure() around it with appropriate sid mappings.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-19 21:06:57 +00:00
robert
b00c7ffed8 Replace the conventional usage of strncpy() by using strlcpy(). 2002-10-17 22:27:21 +00:00
robert
ec6b5086a5 - Use strlcpy() rather than strncpy() to copy NUL terminated
strings.
 - Pass the correct buffer size to getcredhostname().
2002-10-17 22:00:30 +00:00
sobomax
591d270f4c - Add support for IPC_64 extensions into shmctl(2), semctl(2) and msgctl(2);
- add wrappers for mmap2(2) and ftruncate64(2) system calls;
- don't spam console with printf's when VFAT_READDIR_BOTH ioctl(2) is invoked;
- add support for SOUND_MIXER_READ_STEREODEVS ioctl(2);
- make msgctl(IPC_STAT) and IPC_SET actually working by converting from
  BSD msqid_ds to Linux and vice versa;
- properly return EINVAL if semget(2) is called with nsems being negative.

Reviewed by:	marcel
Approved by:	marcel
Tested with:	LSB runtime test
2002-10-11 11:43:09 +00:00
peter
b3c87d7052 re-regen. Sigh. 2002-10-09 22:40:41 +00:00
peter
f7a3aba232 Sigh. Fix fat-fingering of diff. I knew this was going to happen. 2002-10-09 22:40:02 +00:00
peter
8a5224b1c2 regenerate. sendfile stuff and other recently picked up stubs. 2002-10-09 22:28:48 +00:00
peter
54a5ebbeb2 Try and deal with the #ifdef COMPAT_FREEBSD4 sendfile stuff. This would
have been a lot easier if do_sendfile() was usable externally.
2002-10-09 22:27:24 +00:00
peter
641a3d5cb3 Try and patch up some tab-to-space spammage. 2002-10-09 22:14:35 +00:00
peter
dbe70a6b44 Add placeholder stubs for nsendfile, mac_syscall, ksem_close, ksem_post,
ksem_wait, ksem_trywait, ksem_init, ksem_open, ksem_unlink, ksem_getvalue,
ksem_destroy, __mac_get_pid, __mac_get_link, __mac_set_link,
extattr_set_link, extattr_get_link, extattr_delete_link.
2002-10-09 22:10:23 +00:00
rwatson
1f2df65750 Integrate mac_check_socket_send() and mac_check_socket_receive()
checks from the MAC tree: allow policies to perform access control
for the ability of a process to send and receive data via a socket.
At some point, we might also pass in additional address information
if an explicit address is requested on send.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-06 14:39:15 +00:00
archie
9301eb9484 Let kse_wakeup() take a KSE mailbox pointer argument.
Reviewed by:	julian
2002-10-02 16:48:16 +00:00
jmallett
7a693db242 Back our kernel support for reliable signal queues.
Requested by:	rwatson, phk, and many others
2002-10-01 17:15:53 +00:00
jmallett
0341f71df1 First half of implementation of ksiginfo, signal queues, and such. This
gets signals operating based on a TailQ, and is good enough to run X11,
GNOME, and do job control.  There are some intricate parts which could be
more refined to match the sigset_t versions, but those require further
evaluation of directions in which our signal system can expand and contract
to fit our needs.

After this has been in the tree for a while, I will make in kernel API
changes, most notably to trapsignal(9) and sendsig(9), to use ksiginfo
more robustly, such that we can actually pass information with our
(queued) signals to the userland.  That will also result in using a
struct ksiginfo pointer, rather than a signal number, in a lot of
kern_sig.c, to refer to an individual pending signal queue member, but
right now there is no defined behaviour for such.

CODAFS is unfinished in this regard because the logic is unclear in
some places.

Sponsored by:	New Gold Technology
Reviewed by:	bde, tjr, jake [an older version, logic similar]
2002-09-30 20:20:22 +00:00
archie
904b65e85d Make the following name changes to KSE related functions, etc., to better
represent their purpose and minimize namespace conflicts:

	kse_fn_t		-> kse_func_t
	struct thread_mailbox	-> struct kse_thr_mailbox
	thread_interrupt()	-> kse_thr_interrupt()
	kse_yield()		-> kse_release()
	kse_new()		-> kse_create()

Add missing declaration of kse_thr_interrupt() to <sys/kse.h>.
Regenerate the various generated syscall files. Minor style fixes.

Reviewed by:	julian
2002-09-25 18:10:42 +00:00
jeff
65328ea561 - Hold the vn lock over vm_mmap(). 2002-09-25 02:42:04 +00:00
mini
7a31c08874 Back out last commit. Linux uses the old 4.3BSD sockaddr format. 2002-09-24 07:03:01 +00:00
jhb
fa58184de8 Ok, make this compile for real this time. recvfrom_args doesn't have a
fromlen member, instead it has a fromlenaddr pointer member.  Set it to
NULL.
2002-09-23 21:05:41 +00:00
jhb
2a11973f91 Use correct variable name so that previous commit actually compiles. 2002-09-23 20:58:59 +00:00
mini
e206834961 Don't use compatability syscall wrappers in emulation code.
This is needed for the COMPAT_FREEBSD3 option split.

Reviewed by:	alfred, jake
2002-09-23 06:17:54 +00:00
jake
2b71a04b1e Use the fields in the sysentvec and in the vm map header in place of the
constants VM_MIN_ADDRESS, VM_MAXUSER_ADDRESS, USRSTACK and PS_STRINGS.
This is mainly so that they can be variable even for the native abi, based
on different machine types.  Get stack protections from the sysentvec too.
This makes it trivial to map the stack non-executable for certain abis, on
machines that support it.
2002-09-21 22:07:17 +00:00
mdodd
557fe83a62 Remove NVIDIA ioctl bits. They will be provided in a kernel module. 2002-09-20 19:19:58 +00:00
phk
e5427d6bd3 Put an XXX comment here to point somebody in the right direction. 2002-09-20 17:55:47 +00:00
imp
42910e6e7c Current uses struct thread *td rather than struct proc *p. 2002-09-20 04:30:00 +00:00
mdodd
0c5a203325 Pass flags to msync() accounting for differences in the definition of
MS_SYNC on FreeBSD and Linux.

Submitted by:	 Christian Zander <zander@minion.de>
2002-09-19 19:02:54 +00:00
mdodd
e6b61cc65a This patch extends the FreeBSD Linux compatibility layer to support
NVIDIA API calls; more specifically, it adds an ioctl() handler for
the range of possible NVIDIA ioctl numbers.

Submitted by:	 Christian Zander <zander@minion.de>
2002-09-19 18:56:55 +00:00
julian
5702a380a5 Completely redo thread states.
Reviewed by:	davidxu@freebsd.org
2002-09-11 08:13:56 +00:00
peter
21b23e4fe8 Tidy up some loose ends that bde pointed out. caddr_t bad, ok?
Move fill_kinfo_proc to before we copy the results instead of after
the copy and too late.

There is still more to do here.
2002-09-07 22:31:44 +00:00
peter
267650898e The true value of how the kernel was configured for KSTACK_PAGES was not
available at module compile time.  Do not #include the bogus
opt_kstack_pages.h at this point and instead refer to the variables that
are also exported via sysctl.
2002-09-07 22:15:47 +00:00
peter
52b123c1cb Fix a missing line in a cut/paste error. 2002-09-07 07:13:08 +00:00
peter
9688aed888 Collect the a.out coredump code into the calling functions.
XXX why does pecoff dump in a.out format?
2002-09-07 01:23:51 +00:00
bde
b307c79502 Do not cast from a pointer to an integer of a possibly different size.
This fixes a warning on i386's with 64-bit longs.
2002-09-05 12:30:54 +00:00
bde
1441f3f82d Include <sys/malloc.h> instead of depending on namespace pollution 2
layers deep in <sys/proc.h> or <sys/vnode.h>.

Removed unused includes.  Sorted includes.
2002-09-05 08:13:20 +00:00
marcel
0e9ab9c4f6 Implement LINUX_TIOCSCTTY.
PR: kern/42404
2002-09-05 02:51:25 +00:00
iedowse
2271d6f41d Use the new kern_*() functions to avoid using the stack gap in
linux_fcntl*() and linux_getcwd().
2002-09-02 22:46:05 +00:00
iedowse
07f07ebc49 Use the new kern_* functions to avoid the need to store arguments
in the stack gap. This converts most VFS and signal related system
calls, as well as select().

Discussed on:	-arch
Approved by:	marcel
2002-09-01 22:30:27 +00:00
jake
ce650f8c33 Added fields for VM_MIN_ADDRESS, PS_STRINGS and stack protections to
sysentvec.  Initialized all fields of all sysentvecs, which will allow
them to be used instead of constants in more places.  Provided stack
fixup routines for emulations that previously used the default.
2002-09-01 21:41:24 +00:00
iedowse
285c5385d5 Add a new function linux_emul_convpath(), which is a version of
linux_emul_find() that does not use stack gap storage but instead
always returns the resulting path in a malloc'd kernel buffer.
Implement linux_emul_find() in terms of this function. Also add
LCONVPATH* macros that wrap linux_emul_convpath in the same way
that the CHECKALT* macros wrap linux_emul_find().
2002-09-01 21:15:37 +00:00
jake
ffe6f08557 Make this compile. 2002-08-31 19:33:59 +00:00
dillon
85479bded2 Implement data, text, and vmem limit checking in the elf loader and svr4
compat code.  Clean up accounting for multiple segments.  Part 1/2.

Submitted by:	Andrey Alekseyev <uitm@zenon.net> (with some modifications)
MFC after:	3 days
2002-08-30 18:09:46 +00:00
archie
7a233d4c9f Replace (ab)uses of "NULL" where "0" is really meant. 2002-08-22 21:24:01 +00:00
sobomax
f6cebc0606 Increase size of ifnet.if_flags from 16 bits (short) to 32 bits (int). To avoid
breaking application ABI use unused ifreq.ifru_flags[1] for upper 16 bits in
SIOCSIFFLAGS and SIOCGIFFLAGS ioctl's.

Reviewed by:	-hackers, -net
2002-08-18 07:05:00 +00:00
rwatson
3246fbf45f In continuation of early fileop credential changes, modify fo_ioctl() to
accept an 'active_cred' argument reflecting the credential of the thread
initiating the ioctl operation.

- Change fo_ioctl() to accept active_cred; change consumers of the
  fo_ioctl() interface to generally pass active_cred from td->td_ucred.
- In fifofs, initialize filetmp.f_cred to ap->a_cred so that the
  invocations of soo_ioctl() are provided access to the calling f_cred.
  Pass ap->a_td->td_ucred as the active_cred, but note that this is
  required because we don't yet distinguish file_cred and active_cred
  in invoking VOP's.
- Update kqueue_ioctl() for its new argument.
- Update pipe_ioctl() for its new argument, pass active_cred rather
  than td_ucred to MAC for authorization.
- Update soo_ioctl() for its new argument.
- Update vn_ioctl() for its new argument, use active_cred rather than
  td->td_ucred to authorize VOP_IOCTL() and the associated VOP_GETATTR().

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-17 02:36:16 +00:00
rwatson
2b82cd24f1 Make similar changes to fo_stat() and fo_poll() as made earlier to
fo_read() and fo_write(): explicitly use the cred argument to fo_poll()
as "active_cred" using the passed file descriptor's f_cred reference
to provide access to the file credential.  Add an active_cred
argument to fo_stat() so that implementers have access to the active
credential as well as the file credential.  Generally modify callers
of fo_stat() to pass in td->td_ucred rather than fp->f_cred, which
was redundantly provided via the fp argument.  This set of modifications
also permits threads to perform these operations on behalf of another
thread without modifying their credential.

Trickle this change down into fo_stat/poll() implementations:

- badfo_poll(), badfo_stat(): modify/add arguments.
- kqueue_poll(), kqueue_stat(): modify arguments.
- pipe_poll(), pipe_stat(): modify/add arguments, pass active_cred to
  MAC checks rather than td->td_ucred.
- soo_poll(), soo_stat(): modify/add arguments, pass fp->f_cred rather
  than cred to pru_sopoll() to maintain current semantics.
- sopoll(): moidfy arguments.
- vn_poll(), vn_statfile(): modify/add arguments, pass new arguments
  to vn_stat().  Pass active_cred to MAC and fp->f_cred to VOP_POLL()
  to maintian current semantics.
- vn_close(): rename cred to file_cred to reflect reality while I'm here.
- vn_stat(): Add active_cred and file_cred arguments to vn_stat()
  and consumers so that this distinction is maintained at the VFS
  as well as 'struct file' layer.  Pass active_cred instead of
  td->td_ucred to MAC and to VOP_GETATTR() to maintain current semantics.

- fifofs: modify the creation of a "filetemp" so that the file
  credential is properly initialized and can be used in the socket
  code if desired.  Pass ap->a_td->td_ucred as the active
  credential to soo_poll().  If we teach the vnop interface about
  the distinction between file and active credentials, we would use
  the active credential here.

Note that current inconsistent passing of active_cred vs. file_cred to
VOP's is maintained.  It's not clear why GETATTR would be authorized
using active_cred while POLL would be authorized using file_cred at
the file system level.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-16 12:52:03 +00:00
rwatson
44404e4547 In order to better support flexible and extensible access control,
make a series of modifications to the credential arguments relating
to file read and write operations to cliarfy which credential is
used for what:

- Change fo_read() and fo_write() to accept "active_cred" instead of
  "cred", and change the semantics of consumers of fo_read() and
  fo_write() to pass the active credential of the thread requesting
  an operation rather than the cached file cred.  The cached file
  cred is still available in fo_read() and fo_write() consumers
  via fp->f_cred.  These changes largely in sys_generic.c.

For each implementation of fo_read() and fo_write(), update cred
usage to reflect this change and maintain current semantics:

- badfo_readwrite() unchanged
- kqueue_read/write() unchanged
  pipe_read/write() now authorize MAC using active_cred rather
  than td->td_ucred
- soo_read/write() unchanged
- vn_read/write() now authorize MAC using active_cred but
  VOP_READ/WRITE() with fp->f_cred

Modify vn_rdwr() to accept two credential arguments instead of a
single credential: active_cred and file_cred.  Use active_cred
for MAC authorization, and select a credential for use in
VOP_READ/WRITE() based on whether file_cred is NULL or not.  If
file_cred is provided, authorize the VOP using that cred,
otherwise the active credential, matching current semantics.

Modify current vn_rdwr() consumers to pass a file_cred if used
in the context of a struct file, and to always pass active_cred.
When vn_rdwr() is used without a file_cred, pass NOCRED.

These changes should maintain current semantics for read/write,
but avoid a redundant passing of fp->f_cred, as well as making
it more clear what the origin of each credential is in file
descriptor read/write operations.

Follow-up commits will make similar changes to other file descriptor
operations, and modify the MAC framework to pass both credentials
to MAC policy modules so they can implement either semantic for
revocation.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-15 20:55:08 +00:00
rwatson
1aa234e4f7 On MAC check failure for readdir, use 'goto out' to use the common exit
handling, rather than returning directly to prevent leaking of vnode
reference/lock.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-15 15:46:10 +00:00
jeff
f5d2a2635e - Add the missing td argument to vn_lock that I missed in my last commit. 2002-08-13 20:34:30 +00:00
jeff
a996673e12 - Hold the vnode lock throughout execve.
- Set VV_TEXT in the top level execve code.
 - Fixup the image activators to deal with the newly locked vnode.
2002-08-13 06:55:28 +00:00
rwatson
a4eb7ce808 Enforce MAC policies for the locally implemented vnode services in
SVR4 emulation relating to readdir() and fd_revoke().  All other
services appear to be implemented by simply wrapping existing
FreeBSD native system call implementations, so don't require local
instrumentation in the emulator module.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-12 01:42:21 +00:00
rwatson
72f5246f78 Another fix that wasn't pulled in from the MAC branch: the
struct mount is not cached as *mp at this point, so use
vp->v_mount directly, following the check that it's non-NULL.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-12 01:24:26 +00:00
rwatson
d6f287a5ac Fix missing parens in MAC readdir() check. This fix was in the MAC
branch, but apparently didn't get moved over when it was made.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-12 01:18:33 +00:00
jeff
02517b6731 - Replace v_flag with v_iflag and v_vflag
- v_vflag is protected by the vnode lock and is used when synchronization
   with VOP calls is needed.
 - v_iflag is protected by interlock and is used for dealing with vnode
   management issues.  These flags include X/O LOCK, FREE, DOOMED, etc.
 - All accesses to v_iflag and v_vflag have either been locked or marked with
   mp_fixme's.
 - Many ASSERT_VOP_LOCKED calls have been added where the locking was not
   clear.
 - Many functions in vfs_subr.c were restructured to provide for stronger
   locking.

Idea stolen from:	BSD/OS
2002-08-04 10:29:36 +00:00
rwatson
b246ee0a3c Introduce support for Mandatory Access Control and extensible
kernel access control.

Invoke appropriate MAC entry points for a number of VFS-related
operations in the Linux ABI module.  In particular, handle uselib
in a manner similar to open() (more work is probably needed here),
as well as handle statfs(), and linux readdir()-like calls.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 22:23:02 +00:00
peter
c93c6004b2 Regenerate 2002-07-20 02:56:34 +00:00
peter
cc7b2e4248 Infrastructure tweaks to allow having both an Elf32 and an Elf64 executable
handler in the kernel at the same time.  Also, allow for the
exec_new_vmspace() code to build a different sized vmspace depending on
the executable environment.  This is a big help for execing i386 binaries
on ia64.   The ELF exec code grows the ability to map partial pages when
there is a page size difference, eg: emulating 4K pages on 8K or 16K
hardware pages.

Flesh out the i386 emulation support for ia64.  At this point, the only
binary that I know of that fails is cvsup, because the cvsup runtime
tries to execute code in pages not marked executable.

Obtained from:  dfr (mostly, many tweaks from me).
2002-07-20 02:56:12 +00:00
robert
14d150fb7b Move the switch statement labels for the explicit 64-bit
command arguments into the correct function, linux_fcntl64(),
and thus out of the scope of a compilation for the alpha
platform.

Requested by:	obrien
2002-07-09 19:25:43 +00:00
robert
e6ff14fd0c Enable emulation of the F_GETLK64, F_SETLK64, and F_SETLKW64
lock commands arguments to linux_fcntl64().
2002-07-09 15:57:12 +00:00
robert
1b293bfa42 The comment marked with XXX was right: emulate SVR4 for
ELF binaries branded with ELFOSABI_SYSV, this is reported
to work and brandelf(1) puts this type into files if "SVR4"
was specified.
2002-07-09 14:59:27 +00:00
julian
aa2dc0a5d9 Part 1 of KSE-III
The ability to schedule multiple threads per process
(one one cpu) by making ALL system calls optionally asynchronous.
to come: ia64 and power-pc patches, patches for gdb, test program (in tools)

Reviewed by:	Almost everyone who counts
	(at various times, peter, jhb, matt, alfred, mini, bernd,
	and a cast of thousands)

	NOTE: this is still Beta code, and contains lots of debugging stuff.
	expect slight instability in signals..
2002-06-29 17:26:22 +00:00
arr
614440e53d - Remove the Giant acquisition from linux_socket_ioctl() as it was really
there to protect fdrop() (which in turn can call vrele()), however,
  fdrop_locked() grabs Giant for us, so we do not have to.

Reviewed by:	jhb
Inspired by:	alc
2002-06-26 15:53:11 +00:00
rwatson
6231c89ca3 Add a comment about how we should use vn_open() here instead of directly
invoking VOP_OPEN().  This would reduce code redundancy with the rest
of the kernel, and also is required for MAC to work properly.
2002-06-14 07:24:01 +00:00
alfred
6995a6ac42 catch up with ktrace changes, KTRPOINT takes a 'struct thread' not
'struct proc' now.
2002-06-11 21:14:02 +00:00
jhb
fbebc83b5b Catch up to changes in ktrace API. 2002-06-07 05:37:18 +00:00
schweikh
28bcbfe85d Fix typo in the BSD copyright: s/withough/without/
Spotted and suggested by:	des
MFC after:	3 weeks
2002-06-02 20:05:59 +00:00
tanimura
e6fa9b9e92 Back out my lats commit of locking down a socket, it conflicts with hsu's work.
Requested by:	hsu
2002-05-31 11:52:35 +00:00
alfred
4320d2c0b9 correct commented out preprocessor test for i386 to __i386__ 2002-05-30 07:28:43 +00:00
bde
a361c10d4b Fixed a printf format error. It was old and should have been detected by
gcc-2.9x, but somehow wasn't fixed already.
2002-05-25 10:48:03 +00:00
tanimura
92d8381dd5 Lock down a socket, milestone 1.
o Add a mutex (sb_mtx) to struct sockbuf. This protects the data in a
  socket buffer. The mutex in the receive buffer also protects the data
  in struct socket.

o Determine the lock strategy for each members in struct socket.

o Lock down the following members:

  - so_count
  - so_options
  - so_linger
  - so_state

o Remove *_locked() socket APIs.  Make the following socket APIs
  touching the members above now require a locked socket:

 - sodisconnect()
 - soisconnected()
 - soisconnecting()
 - soisdisconnected()
 - soisdisconnecting()
 - sofree()
 - soref()
 - sorele()
 - sorwakeup()
 - sotryfree()
 - sowakeup()
 - sowwakeup()

Reviewed by:	alfred
2002-05-20 05:41:09 +00:00
jhb
b6d6774e76 Change p_can{debug,see,sched,signal}()'s first argument to be a thread
pointer instead of a proc pointer and require the process pointed to
by the second argument to be locked.  We now use the thread ucred reference
for the credential checks in p_can*() as a result.  p_canfoo() should now
no longer need Giant.
2002-05-19 00:14:50 +00:00
marcel
8b792f5cab In msgrcv(), set msgtyp correctly. Hardwiring 0 as the message type
yields incorrect behaviour. The hardwiring was present in the very
first commit that implemented msgrcv() (revision 1.4) and hasn't been
changed since. The native implementation was complete at that time,
so there doesn't seem to be a reason for the hardwiring from a
technical point of view.

Submitted by: Reinier Bezuidenhout <rbezuide@yahoo.com>
2002-05-18 07:53:56 +00:00
dd
1a506b7f47 sysctl -w -> sysctl 2002-05-11 06:06:11 +00:00
peter
336f78b18a Zap some stale unused headers, including one machine/psl.h (which is
a stub on alpha).  Compile tested on alpha and x86.
2002-05-01 02:17:33 +00:00
rwatson
6a296a3a5e Add an XXX: linux_uselib() should be using vn_open() rather than invoking
VOP_OPEN() and doing lots of manual checking.  This would further
centralize use of the name functions, and once the MAC code is integrated,
meaning few extraneous MAC checks scattered all over the place.  I don't
have time to fix this now, but want to make sure it doesn't get
forgotten.  Anyone interested in fixing this should feel free.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-04-20 14:43:34 +00:00
jhb
2ebbf84d61 - Lock proctree_lock instead of pgrpsess_lock.
- Exclusively lock proctree_lock while calling leavepgrp().
2002-04-16 17:04:21 +00:00
jhb
2c33307035 Rework logic of syscalls that modify process credentials as described in
rev 1.152 of sys/kern/kern_prot.c.
2002-04-13 23:11:23 +00:00
jhb
511ba1872b - p_cansee() needs the target process locked.
- We need the proc lock held for more of procfs_doprocstatus().
2002-04-13 23:09:41 +00:00
jhb
afc32a4ae3 Use proc lock to protect p_ucred pointer while we deference it to read a
few values.
2002-04-11 21:00:38 +00:00
jhb
b129a4a7ca Use td_ucred in a few spots. 2002-04-11 21:00:05 +00:00
dfr
cfb2ec9f72 Initial support for executing IA-32 binaries. This will not compile
without a few patches for the rest of the kernel to allow the image
activator to override exec_copyout_strings and setregs.

None of the syscall argument translation has been done. Possibly, this
translation layer can be shared with any platform that wants to support
running ILP32 binaries on an LP64 host (e.g. sparc32 binaries?)
2002-04-10 19:34:51 +00:00
jhb
97bce5a40f - Change fill_kinfo_proc() to require that the process is locked when it
is called.
- Change sysctl_out_proc() to require that the process is locked when it
  is called and to drop the lock before it returns.  If this proves too
  complex we can change sysctl_out_proc() to simply acquire the lock at
  the very end and have the calling code drop the lock right after it
  returns.
- Lock the process we are going to export before the p_cansee() in the
  loop in sysctl_kern_proc() and hold the lock until we call
  sysctl_out_proc().
- Don't call p_cansee() on the process about to be exported twice in
  the aforementioned loop.
2002-04-09 20:10:46 +00:00
bde
14ae95f735 Moved signal handling and rescheduling from userret() to ast() so that
they aren't in the usual path of execution for syscalls and traps.
The main complication for this is that we have to set flags to control
ast() everywhere that changes the signal mask.

Avoid locking in userret() in most of the remaining cases.

Submitted by:	luoqi (first part only, long ago, reorganized by me)
Reminded by:	dillon
2002-04-04 17:49:48 +00:00
jhb
dc2e474f79 Change the suser() API to take advantage of td_ucred as well as do a
general cleanup of the API.  The entire API now consists of two functions
similar to the pre-KSE API.  The suser() function takes a thread pointer
as its only argument.  The td_ucred member of this thread must be valid
so the only valid thread pointers are curthread and a few kernel threads
such as thread0.  The suser_cred() function takes a pointer to a struct
ucred as its first argument and an integer flag as its second argument.
The flag is currently only used for the PRISON_ROOT flag.

Discussed on:	smp@
2002-04-01 21:31:13 +00:00
alfred
3fad1fa6c0 Protect proc struct (p_args and p_comm) when doing procfs IO that pulls
data from it.

Submitted by: Jonathan Mini <mini@haikugeek.com>
2002-03-29 19:12:40 +00:00
alfred
c513408927 Make the reference counting of 'struct pargs' SMP safe.
There is still some locations where the PROC lock should be held
in order to prevent inconsistent views from outside (like the
proc->p_fd fix for kern/vfs_syscalls.c:checkdirs()) that can be
fixed later.

Submitted by: Jonathan Mini <mini@haikugeek.com>
2002-03-27 21:36:18 +00:00
bde
646f25a549 Fixed some style bugs in the removal of __P(()). Tabs before "__P(("
were not removed.
2002-03-24 04:04:50 +00:00
jeff
453d388794 Remove references to vm_zone.h and switch over to the new uma API. 2002-03-20 10:35:22 +00:00
alfred
61bf661405 Remove __P. 2002-03-20 05:48:58 +00:00
jhb
3706cd3509 Simple p_ucred -> td_ucred changes to start using the per-thread ucred
reference.
2002-02-27 18:32:23 +00:00
robert
b8e607ed84 Use the updated getcredhostname() function. 2002-02-27 16:47:27 +00:00
robert
9df3ba1f33 - Use the new getcredhostname function in the SVR4 uname system call.
- Remove spurious empty line.

Reviewed by:	phk
2002-02-27 15:12:56 +00:00
robert
99ec5ad86f Use the getcredhostname function to fill the hostname into
the linux_newuname_args structure.  This should fix the case
of jailed linux processes not using the jail's hostname.

PR:		35336
Reviewed by:	phk
2002-02-27 15:06:33 +00:00
julian
d49d5fdd17 remove "discards qualifier" erro by not potentially writing to
a const *.
2002-02-26 23:38:34 +00:00
tanimura
a09da29859 Lock struct pgrp, session and sigio.
New locks are:

- pgrpsess_lock which locks the whole pgrps and sessions,
- pg_mtx which protects the pgrp members, and
- s_mtx which protects the session members.

Please refer to sys/proc.h for the coverage of these locks.

Changes on the pgrp/session interface:

- pgfind() needs the pgrpsess_lock held.

- The caller of enterpgrp() is responsible to allocate a new pgrp and
  session.

- Call enterthispgrp() in order to enter an existing pgrp.

- pgsignal() requires a pgrp lock held.

Reviewed by:	jhb, alfred
Tested on:	cvsup.jp.FreeBSD.org
		(which is a quad-CPU machine running -current)
2002-02-23 11:12:57 +00:00
alfred
139cdbc604 fix file descriptor leak.
Submitted by: Mark Santcroos <marks@ripe.net>
2002-02-20 17:06:37 +00:00
bde
3247dc600a Garbage collect options AVM_A1_PCI, AVM_A1_PCMCIA, DEBUG_LINUX, DEV_APM,
GUS_DMA, GUS_DMA2, GUS_IRQ, OLTR_NO_BULLSEYE_MAC, OLTR_NO_HAWKEYE_MAC,
OLTR_NO_TMS_MAC and PCIC_RESUME_RESET.
2002-02-15 10:19:39 +00:00
peter
7562301aac Attempt to unmangle some code touched in the previous commit. 2002-02-07 22:36:19 +00:00
julian
b5eb64d6f0 Pre-KSE/M3 commit.
this is a low-functionality change that changes the kernel to access the main
thread of a process via the linked list of threads rather than
assuming that it is embedded in the process. It IS still embeded there
but remove all teh code that assumes that in preparation for the next commit
which will actually move it out.

Reviewed by: peter@freebsd.org, gallatin@cs.duke.edu, benno rice,
2002-02-07 20:58:47 +00:00
alfred
e4eec6ad45 include sys/lock.h and sys/mutex.h to make compile.
Noticed by: Vincent Poy <vince@oahu.WURLDLINK.NET>
2002-01-30 23:28:25 +00:00
marcel
5a61ac7f11 Have SIOCGIFCONF return all (if any) AF_INET addresses for the
interfaces we encounter. In Linux, all addresses are returned for
which gifconf handlers are installed. This boils down to AF_DECnet
and AF_INET. We care mostly about AF_INET for now. Adding additional
families is simple enough.

Returning the addresses is important for RPC clients to function
properly. Andrew found in some reference code that the logic that
handles the retransmission looks for an interface that's up and has
an AF_INET address. This obviously failed as we didn't return any
addresses at all.

Note also that with this change we don't return interfaces that don't
have AF_INET addresses, whereas before we returned any interface
present in the system. This is in line with what Linux does (modulo
interfaces with only AF_DECnet addresses of course :-)

Reported by: "Andrew Atrens" <atrens@nortelnetworks.com>
MFC after: 1 week
2002-01-29 06:00:11 +00:00
gallatin
a91be5985c Linux/alpha uses the same BSDish return mechanism we do for
getpid, getuid, getgid and pipe, since they bootstrapped from
OSF/1 and never cleaned up.  Switch to the native syscalls
on alpha so that the above functions work

MFC after: 7 days
2002-01-23 22:46:14 +00:00
tanimura
37250d53cb Lock the caller process if the pid passed to getsid() or getpgid()
equals to zero.
2002-01-19 06:34:58 +00:00
tanimura
dbbd2af1a3 For getsid(), return the sid stored in struct session. This prevents
panic in case where a session has no session leader.

Inspired by:	Solaris 8
2002-01-19 05:31:51 +00:00
alfred
ed9e04f068 Make compile, remove extra fdrop() calls.
Change name of function to what it's supposed to be (s/sys/do)
2002-01-19 03:52:17 +00:00
alfred
832c019c2c make compile, add missing { and variable declaration. 2002-01-19 03:48:38 +00:00
alfred
3bdb474052 Semi-backout previous fgetvp change, we need the struct file pointer
to perform relative offset calculations, so use fget instead.
2002-01-19 03:45:14 +00:00
alfred
2199df01e8 fix typo, there's uap, just fd 2002-01-16 01:31:19 +00:00
marcel
8a8dd3588a Reinstate linux_ifname. Although the Linuxulator doesn't use it
itself, it's used outside the Linuxulator. Reimplement the
function so that its behaviour matches the current renaming
scheme. It's probably better to formalize these interdependencies.
2002-01-15 03:10:33 +00:00
alfred
1f82bc18d1 Replace ffind_* with fget calls.
Make fget MPsafe.

Make fgetvp and fgetsock use the fget subsystem to reduce code bloat.

Push giant down in fpathconf().
2002-01-14 00:13:45 +00:00