Commit Graph

2545 Commits

Author SHA1 Message Date
Jaakko Heinonen
47bcfb6422 Add a new function devfs_dev_exists() to be able to find out if a
specific devfs path already exists.

The function will be used from kern_conf.c to detect duplicate device
registrations. Callers must hold the devmtx mutex.

Reviewed by:	kib
2010-09-27 18:20:56 +00:00
Jaakko Heinonen
d318c565d7 Add reference counting for devfs paths containing user created symbolic
links. The reference counting is needed to be able to determine if a
specific devfs path exists. For true device file paths we can traverse
the cdevp_list but a separate directory list is needed for user created
symbolic links.

Add a new directory entry flag DE_USER to mark entries which should
unreference their parent directory on deletion.

A new function to traverse cdevp_list and the directory list will be
introduced in a separate commit.

Idea from:	kib
Reviewed by:	kib
2010-09-27 17:47:09 +00:00
Jaakko Heinonen
6adc52306a Modify devfs_fqpn() for future use in devfs path reference counting
code:

- Accept devfs_mount and devfs_dirent as the arguments instead of a
  vnode. This generalizes the function so that it can be used from
  contexts where vnode references are not available.
- Accept NULL cnp argument. No '/' will be appended, if a NULL cnp is
  provided.
- Make the function global and add its prototype to devfs.h.

Reviewed by:	kib
2010-09-21 16:49:02 +00:00
Rick Macklem
a212c01aac Fix nfsrv_freeallnfslocks() in the experimental NFSv4 server so that
it frees local locks correctly upon close. In order for
nfsrv_localunlock() to work correctly, the lock can no longer be in
the lockowner's stateid list. As such, nfsrv_freenfslock() has to
be called before nfsrv_localunlock(), to get rid of the lock structure
on the lockowner's stateid list. This only affected operation when
local locks (vfs.newnfs.enable_locallocks=1) are enabled, which is
not the default at this time.

MFC after:	1 week
2010-09-19 01:18:03 +00:00
Rick Macklem
c7aafc24c4 Fix the experimental NFSv4 server so that it performs local VOP_ADVLOCK()
unlock operations correctly. It was passing in F_SETLK instead of
F_UNLCK as the operation for the unlock case. This only affected
operation when local locking (vfs.newnfs.enable_locallocks=1) was enabled.

MFC after:	1 week
2010-09-19 01:05:19 +00:00
Jaakko Heinonen
8570d045e5 - For consistency, remove "." and ".." entries from de_dlist before
calling devfs_delete() (and thus possibly dropping dm_lock) in
  devfs_rmdir_empty().
- Assert that we don't return doomed entries from devfs_find(). [1]

Suggested by:	kib [1]
Reviewed by:	kib
2010-09-18 18:37:41 +00:00
Jaakko Heinonen
89d10571db Remove empty devfs directories automatically.
devfs_delete() now recursively removes empty parent directories unless
the DEVFS_DEL_NORECURSE flag is specified. devfs_delete() can't be
called anymore with a parent directory vnode lock held because the
possible parent directory deletion needs to lock the vnode. Thus we
unlock the parent directory vnode in devfs_remove() before calling
devfs_delete().

Call devfs_populate_vp() from devfs_symlink() and devfs_vptocnp() as now
directories can get removed.

Add a check for DE_DOOMED flag to devfs_populate_vp() because
devfs_delete() drops dm_lock before the VI_DOOMED vnode flag gets set.
This ensures that devfs_populate_vp() returns an error for directories
which are in progress of deletion.

Reviewed by:	kib
Discussed on:	freebsd-current (mostly silence)
2010-09-15 14:23:55 +00:00
Andriy Gapon
21bd3e2576 tmpfs, zfs + sendfile: mark page bits as valid after populating it with data
Otherwise, adding insult to injury, in addition to double-caching of data
we would always copy the data into a vnode's vm object page from backend.
This is specific to sendfile case only (VOP_READ with UIO_NOCOPY).

PR:		kern/141305
Reported by:	Wiktor Niesiobedzki <bsd@vink.pl>
Reviewed by:	alc
Tested by:	tools/regression/sockets/sendfile
MFC after:	2 weeks
2010-09-15 10:31:27 +00:00
Rick Macklem
2c6d0e01f8 This patch applies one of the two fixes suggested by
zack.kirsch at isilon.com for a race between nfsrv_freeopen()
and nfsrv_getlockfile() in the experimental NFS server that
he found during testing. Although nfsrv_freeopen() holds a
sleep lock on the lock file structure when called with
cansleep != 0, nfsrv_getlockfile() could still search the
list, once it acquired the NFSLOCKSTATE() mutex. I believe
that acquiring the mutex in nfsrv_freeopen() fixes the race.

MFC after:	2 weeks
2010-09-10 23:49:33 +00:00
Rick Macklem
37fe683250 Fix the NFSVNO_CMPFH() macro in the experimental NFS server so
that it works correctly for ZFS file handles. It is possible to
have two ZFS file handles that differ only in the bytes in the
fid_reserved field of the generic "struct fid" and comparing the
bytes in fid_data didn't catch this case. This patch changes the
macro to compare all bytes of "struct fid".

Tested by:	gull at gull.us
MFC after:	2 weeks
2010-09-10 23:18:45 +00:00
Rick Macklem
a8c0af5906 Fix the experimental NFS client so that it doesn't panic when
NFSv2,3 byte range locking is attempted. A fix that allows the
nlm_advlock() to work with both clients is in progress, but
may take a while. As such, I am doing this commit so that
the kernel doesn't panic in the meantime.

Submitted by:	jh
MFC after:	2 weeks
2010-09-09 15:45:11 +00:00
Ivan Voras
b2143ecb99 Avoid "Entry can disappear before we lock fdvp" panic.
PR:		150143
Submitted by:	Gleb Kurtsou <gk at FreeBSD.org>
Pretty sure it won't blow up: mckusick
MFC after:	2 weeks
2010-09-07 22:40:45 +00:00
John Baldwin
8e27c18282 Store the full timestamp when caching timestamps of files and
directories for purposes of validating name cache entries.  This
closes races where two updates to a file or directory within the same
second could result in stale entries in the name cache.  While here,
remove the 'n_expiry' field as it is no longer used.

Reviewed by:	rmacklem
MFC after:	1 week
2010-09-07 14:29:45 +00:00
Daichi GOTO
21f9b7b28a Allowed unionfs to use whiteout not supporting file system as
upper layer. Until now, unionfs prevents to use that kind of
file system as upper layer. This time, I changed to allow
that kind of file system as upper layer. By this change, you
can use whiteout not supporting file system (e.g., especially
for tmpfs) as upper layer. It's very useful for combination of
tmpfs as upper layer and read only file system as lower layer.

By difinition, without whiteout support from the file system
backing the upper layer, there is no way that delete and rename
operations on lower layer objects can be done.  EOPNOTSUPP is
returned for this kind of operations as generated by VOP_WHITEOUT()
along with any others which would make modifica tions to the
lower layer, such as chmod(1).

This change is suggested by ed.

Submitted by:	ed
2010-09-05 04:58:16 +00:00
Rick Macklem
848fd2c0e2 Change the code in ncl_bioread() in the experimental NFS
client to return an error when rabp is not set, so it
behaves the same way as the regular NFS client for this
case. It does not affect NFSv4, since nfs_getcacheblk()
only fails for "intr" mounts and NFSv4 can't use the
"intr" mount option.

MFC after:	2 weeks
2010-09-05 00:47:44 +00:00
Rick Macklem
0372f5f411 Disable use of the NLM in the experimental NFS client, since
it will crash the kernel because it uses the nfsmount and
nfsnode structures of the regular NFS client.

MFC after:	2 weeks
2010-09-05 00:10:18 +00:00
Ulf Lilleengen
0cc17ce608 - Remove duplicate comment.
PR:		kern/148820
Submitted by:	pluknet <pluknet - at - gmail.com>
2010-09-01 05:34:17 +00:00
Rick Macklem
2d0c83b139 Add a null_remove() function to nullfs, so that the v_usecount
of the lower level vnode is incremented to greater than 1 when
the upper level vnode's v_usecount is greater than one. This
is necessary for the NFS clients, so that they will do a silly
rename of the file instead of actually removing it when the
file is still in use. It is "racy", since the v_usecount is
incremented in many places in the kernel with
minimal synchronization, but an extraneous silly rename is
preferred to not doing a silly rename when it is required.
The only other file systems that currently check the value
of v_usecount in their VOP_REMOVE() functions are nwfs and
smbfs. These file systems choose to fail a remove when the
v_usecount is greater than 1 and I believe will function
more correctly with this patch, as well.

Tested by:	to.my.trociny at gmail.com
Submitted by:	to.my.trociny at gmail.com (earlier version)
Reviewed by:	kib
MFC after:	2 weeks
2010-08-31 01:16:45 +00:00
Rick Macklem
b5cb66df25 Add acquisition of a reference count on nfsv4root_lock to the
nfsd_recalldelegation() function, since this function is called
by nfsd threads when they are handling NFSv2 or NFSv3 RPCs, where
no reference count would have been acquired.

MFC after:	2 weeks
2010-08-28 23:50:09 +00:00
Rick Macklem
2ec3f92528 The timer routine in the experimental NFS server did not acquire
the correct mutex when checking nfsv4root_lock. Although this
could be fixed by adding mutex lock/unlock calls, zack.kirsch at
isilon.com suggested a better fix that uses a non-blocking
acquisition of a reference count on nfsv4root_lock. This fix
allows the weird NFSLOCKSTATE(); NFSUNLOCKSTATE(); synchronization
to be deleted. This patch applies this fix.

Tested by:	zack.kirsch at isilon.com
MFC after:	2 weeks
2010-08-28 21:41:18 +00:00
Jaakko Heinonen
4136388a18 Set de_dir for user created symbolic links. This will be needed to be
able to resolve their parent directories.
2010-08-26 16:01:29 +00:00
Edward Tomasz Napierala
81f6480d42 Revert r210194, adding a comment explaining why calls to chgproccnt()
in unionfs are actually needed.  I have a better fix in trasz_hrl p4 branch,
but now is not a good moment to commit it.

Reported by:	Alex Kozlov
2010-08-25 21:32:08 +00:00
Jaakko Heinonen
f5efcd64f4 Call devfs_populate_vp() from devfs_getattr(). It was possible that
fstat(2) returned stale information through an open file descriptor.
2010-08-25 15:29:12 +00:00
Jaakko Heinonen
0f6bb099ae Introduce and use devfs_populate_vp() to unlock a vnode before calling
devfs_populate(). This is a prerequisite for the automatic removal of
empty directories which will be committed in the future.

Reviewed by:	kib (previous version)
2010-08-22 16:08:12 +00:00
Ed Schouten
99d57a6bd8 Add support for whiteouts on tmpfs.
Right now unionfs only allows filesystems to be mounted on top of
another if it supports whiteouts. Even though I have sent a patch to
daichi@ to let unionfs work without it, we'd better also add support for
whiteouts to tmpfs.

This patch implements .vop_whiteout and makes necessary changes to
lookup() and readdir() to take them into account. We must also make sure
that when adding or removing a file, we honour the componentname's
DOWHITEOUT and ISWHITEOUT, to prevent duplicate filenames.

MFC after:	1 month
2010-08-22 05:36:06 +00:00
John Baldwin
3634d5b241 Add dedicated routines to toggle lockmgr flags such as LK_NOSHARE and
LK_CANRECURSE after a lock is created.  Use them to implement macros that
otherwise manipulated the flags directly.  Assert that the associated
lockmgr lock is exclusively locked by the current thread when manipulating
these flags to ensure the flag updates are safe.  This last change required
some minor shuffling in a few filesystems to exclusively lock a brand new
vnode slightly earlier.

Reviewed by:	kib
MFC after:	3 days
2010-08-20 19:46:50 +00:00
Jaakko Heinonen
96835d61b6 Call dev_rel() in error paths.
Reported by:	kib
Reviewed by:	kib
MFC after:	2 weeks
2010-08-19 16:39:00 +00:00
Jaakko Heinonen
64040d3978 Allow user created symbolic links to cover device files and directories
if the device file appears during or after the link creation.

User created symbolic links are now inserted at the head of the
directory entry list after the "." and ".." entries. A new directory
entry flag DE_COVERED indicates that an entry is covered by a symbolic
link.

PR:		kern/114057
Reviewed by:	kib
Idea from:	kib
Discussed on:	freebsd-current (mostly silence)
2010-08-12 15:29:07 +00:00
Robert Watson
be80264279 Properly bounds check ioctl/pioctl data arguments for Coda:
1. Use unsigned rather than signed lengths
2. Bound messages to/from Venus to VC_MAXMSGSIZE
3. Bound messages to/from general user processes to VC_MAXDATASIZE
4. Update comment regarding data limits for pioctl

Without (1) and (3), it may be possible for unprivileged user processes to
read sensitive portions of kernel memory.  This issue is only present if
the Coda kernel module is loaded and venus (the userspace Coda daemon) is
running and has /coda mounted.

As Coda is considered experimental and production use is warned against in
the coda(4) man page, and because Coda must be explicitly configured for a
configuration to be vulnerable, we won't be issuing a security advisory.
However, if you are using Coda, then you are advised to apply these fixes.

Reported by:	Dan J. Rosenberg <drosenberg at vsecurity.com>
Obtained from:	NetBSD (Christos Zoulas)
Security:	Kernel memory disclosure; no advisory as feature experimental
MFC after:	3 days
2010-08-07 08:08:14 +00:00
Konstantin Belousov
d3c5a40780 Enable shared lookups and externed shared ops for devfs.
In collaboration with:	pho
MFC after:	1 month
2010-08-06 09:46:53 +00:00
Konstantin Belousov
3979450b4c Add new make_dev_p(9) flag MAKEDEV_ETERNAL to inform devfs that created
cdev will never be destroyed. Propagate the flag to devfs vnodes as
VV_ETERNVALDEV. Use the flags to avoid acquiring devmtx and taking a
thread reference on such nodes.

In collaboration with:	pho
MFC after:	1 month
2010-08-06 09:42:15 +00:00
Konstantin Belousov
9968a42675 Enable shared locks for the devfs vnodes. Honor the locking mode
requested by lookup(). This should be a nop at the moment.

In collaboration with:	pho
MFC after:	1 month
2010-08-06 09:23:47 +00:00
Konstantin Belousov
3a6fc63c9f Initialize VV_ISTTY vnode flag on the devfs vnode creation instead of
doing it on each open.

In collaboration with:	pho
MFC after:	1 month
2010-08-06 09:06:55 +00:00
Rick Macklem
e3649d5a2f Modify the return value for nfscl_mustflush() from boolean_t,
which I mistakenly thought was correct w.r.t. style(9), back
to int and add the checks for != 0. This is just a stylistic
modification.

MFC after:	1 week
2010-08-03 01:49:28 +00:00
Rick Macklem
f92bbff248 Move sys/nfsclient/nfs_lock.c into sys/nfs and build it as a separate
module that can be used by both the regular and experimental nfs
clients. This fixes the problem reported by jh@ where /dev/nfslock
would be registered twice when both nfs clients were used.
I also defined the size of the lm_fh field to be the correct value,
as it should be the maximum size of an NFSv3 file handle.

Reviewed by:	jh
MFC after:	2 weeks
2010-07-24 22:11:11 +00:00
Rick Macklem
66c0f45a3d For the experimental NFSv4 server's dumplocks operation, add the
MPSAFE flag to cn_flags so that it doesn't panic. The panics weren't
seen since nfsdumpstate(8) is broken for the "-l" case, so this
was never done. I'll do a separate commit to fix nfsdumpstate(8).

Submitted by:	zack.kirsch at isilon.com
MFC after:	2 weeks
2010-07-19 23:33:42 +00:00
Rick Macklem
6ec1ef63d1 Add a call to nfscl_mustflush() in nfs_close() of the experimental
NFSv4 client, so that attributes are not acquired from the server
when a delegation for the file is held. This can reduce the number
of Getattr Ops significantly.

MFC after:	2 weeks
2010-07-18 22:35:46 +00:00
Edward Tomasz Napierala
dce36a0159 Fix build.
Submitted by:	Andreas Tobler <andreast-list at fgznet.ch>
2010-07-18 07:55:22 +00:00
Rick Macklem
5813b99c83 Change the nfscl_mustflush() function in the experimental NFSv4
client to return a boolean_t in order to make it more compatible
with style(9).

MFC after:	2 weeks
2010-07-18 00:24:01 +00:00
Edward Tomasz Napierala
b29d02f258 Remove updating process count by unionfs. It serves no purpose, unionfs just
needs root credentials for a moment.
2010-07-17 15:45:20 +00:00
Rick Macklem
2cf552b115 Patch the experimental NFSv4 server so that it acquires a reference
count on nfsv4rootfs_lock when dumping state, since these functions
are not called by nfsd threads. Without this reference count, it
is possible for an nfsd thread to acquire an exclusive lock on
nfsv4rootfs_lock while the dump is in progress and then change the
lists, potentially causing a crash.

Reported by:	zack.kirsch at isilon.com
MFC after:	2 weeks
2010-07-16 23:17:05 +00:00
John Baldwin
61e1c19319 Revert the previous commit. The race is not applicable to the lockmgr
implementation in 8.0 and later as its flags field does not hold dynamic
state such as waiters flags, but is only modified in lockinit() aside
from VN_LOCK_*().

Discussed with:	attilio
2010-07-16 19:52:03 +00:00
John Baldwin
dbfcf8cfea When the MNTK_EXTENDED_SHARED mount option was added, some filesystems were
changed to defer the setting of VN_LOCK_ASHARE() (which clears LK_NOSHARE
in the vnode lock's flags) until after they had determined if the vnode was
a FIFO.  This occurs after the vnode has been inserted a VFS hash or some
similar table, so it is possible for another thread to find this vnode via
vget() on an i-node number and block on the vnode lock.  If the lockmgr
interlock (vnode interlock for vnode locks) is not held when clearing the
LK_NOSHARE flag, then the lk_flags field can be clobbered.  As a result
the thread blocked on the vnode lock may never get woken up.  Fix this by
holding the vnode interlock while modifying the lock flags in this case.

MFC after:	3 days
2010-07-16 19:20:20 +00:00
Rick Macklem
866e6c5adb Delete comments related to soft clock interrupts that don't apply
to the FreeBSD port of the experimental NFSv4 server.

Submitted by:	zack.kirsch at isilon.com
MFC after:	2 weeks
2010-07-16 01:44:49 +00:00
John Baldwin
3c497facfb Retire the NFS access cache timestamp structure. It was used in VOP_OPEN()
to avoid sending multiple ACCESS/GETATTR RPCs during a single open()
between VOP_LOOKUP() and VOP_OPEN().  Now we always send the RPC in
VOP_LOOKUP() and not VOP_OPEN() in the cases that multiple RPCs could be
sent.

MFC after:	2 weeks
2010-07-15 19:40:48 +00:00
John Baldwin
f9b1a4a3b6 Merge 208603, 209946, and 209948 to the new NFS client:
Move attribute cache flushes from VOP_OPEN() to VOP_LOOKUP() to provide
more graceful recovery for stale filehandles and eliminate the need for
conditionally clearing the attribute cache in the !NMODIFIED case in
VOP_OPEN().

Reviewed by:	rmacklem
MFC after:	2 weeks
2010-07-15 19:21:48 +00:00
Rick Macklem
63f6e5bf6f This patch fixes a bug in the experimental NFSv4 server where it
released a reference count on nfsv4rootfs_lock erroneously when
administrative revocation of state was done.

Submitted by:	zack.kirsch at isilon.com
MFC after:	2 weeks
2010-07-15 03:02:10 +00:00
Rick Macklem
86836fcf1f For the experimental NFSv4 client, make sure that attributes that
predate the issue of a delegation are not cached once the delegation
is held. This is necessary, since cached attributes remain valid
while the delegation is held.

MFC after:	2 weeks
2010-07-13 23:14:39 +00:00
Rick Macklem
4bc59a660c For the experimental NFSv4 client, do not use cached attributes
that were invalidated, even when a delegation for the file is held.

MFC after:	2 weeks
2010-07-13 23:07:32 +00:00
Rick Macklem
95b1c51b6c Fix a bogus comment that mentions lru lists that don't exist.
Reported by:	zack.kirsch at isilon.com
MFC after:	2 weeks
2010-07-13 22:44:14 +00:00
Andriy Gapon
12b3a08d09 udf_vnops: cosmetic followup to r208671 - better looking code
Suggested by:	jhb
MFC after:	3 days
2010-06-22 08:22:25 +00:00
Alan Cox
61a2a5dcd2 Eliminate unnecessary page queues locking. 2010-06-18 22:12:12 +00:00
Alan Cox
8393d186b9 Eliminate unnecessary page queues locking. 2010-06-16 00:41:21 +00:00
Rick Macklem
a8437c97f1 Add MODULE_DEPEND() macros to the experimental NFS client and
server so that the modules will load when kernels are built with
none of the NFS* configuration options specified. I believe this
resolves the problems reported by PR kern/144458 and the email on
freebsd-stable@ posted by Dmitry Pryanishnikov on June 13.

Tested by:	kib
PR:		kern/144458
Reviewed by:	kib
MFC after:	1 week
2010-06-15 00:25:04 +00:00
Konstantin Belousov
b38f7723eb In NFS clients, instead of inconsistently using #ifdef
DIAGNOSTIC and #ifndef DIAGNOSTIC for debug assertions, prefer
KASSERT(). Also change one #ifdef DIAGNOSTIC in the new nfs server.

Submitted by:	Mikolaj Golub <to.my.trociny gmail com>
MFC after:	2 weeks
2010-06-13 05:24:27 +00:00
Andriy Gapon
1bdfff2252 fix a few cases where a string is passed via format argument instead of
via %s

Most of the cases looked harmless, but this is done for the sake of
correctness.  In one case it even allowed to drop an intermediate buffer.

Found by:	clang
MFC after:	2 week
2010-06-11 19:27:21 +00:00
Jaakko Heinonen
f40645c83d Add a new function devfs_parent_dirent() for resolving devfs parent
directory entry. Use the new function in devfs_fqpn(), devfs_lookupx()
and devfs_vptocnp() instead of manually resolving the parent entry.

Reviewed by:	kib
2010-06-09 15:29:12 +00:00
Jaakko Heinonen
59e0452e82 Don't try to call cdevsw d_close() method when devfs_close() is called
because of insmntque1() failure.

Found with:	stress2
Suggested and reviewed by:	kib
2010-06-01 18:57:21 +00:00
Andriy Gapon
6b3ee24839 udf_readlink: fix malloc call with uninitialized size parameter
Found by:	clang static analyzer
MFC after:	4 days
2010-05-31 09:08:44 +00:00
Rick Macklem
f8c5fbf7c1 Allow the experimental NFSv4 client to use cached attributes
when a write delegation is held. Also, add a missing
mtx_unlock() call for the ACL debugging code.

MFC after:	5 days
2010-05-18 05:18:21 +00:00
Rick Macklem
5ed9b96420 Add a sanity check for a negative args.fhsize to the experimental
NFS client.

MFC after:	5 days
2010-05-17 23:55:38 +00:00
Konstantin Belousov
de082cd17a Disable bypass for the vop_advlockpurge(). The vop is called after
vop_revoke(), the v_data is already destroyed.

Reported and tested by:	ed
2010-05-16 05:00:29 +00:00
Konstantin Belousov
c3fd23a2dc The thread_unsuspend() requires both process mutex and process spinlock
locked. Postpone the process unlock till the thread_unsuspend() is called.

Approved by:	des (procfs maintainer)
MFC after:	1 week
2010-05-10 15:19:12 +00:00
Konstantin Belousov
53731b3c44 For detach procfs ctl command, also clear P_STOPPED_TRACE process stop
flag, and for each thread, TDB_SUSPEND debug flag, same as it is done by
exit1() for orphaned debugee.

Approved by:	des (procfs maintainer)
MFC after:	1 week
2010-05-10 15:18:03 +00:00
Rick Macklem
c19f54267c Fix typos in macros.
PR:		kern/146375
Submitted by:	simon AT comsys.ntu-kpi.kiev.ua
MFC after:	1 week
2010-05-08 14:50:12 +00:00
Rick Macklem
23d9efa7a8 Patch the experimental NFS client so that it works for NFSv2
by adding the necessary mapping from NFSv3 procedure numbers
to NFSv2 procedure numbers when doing NFSv2 RPCs.

MFC after:	1 week
2010-05-08 01:24:18 +00:00
Alan Cox
03679e2334 Push down the page queues lock into vm_page_activate(). 2010-05-07 15:49:43 +00:00
Konstantin Belousov
d2ba618a63 Add MAKEDEV_NOWAIT flag to make_dev_credf(9), to create a device node
in a no-sleep context. If resource allocation cannot be done without
sleep, make_dev_credf() fails and returns NULL.

Reviewed by:	jh
MFC after:	2 weeks
2010-05-06 19:22:50 +00:00
Alan Cox
eb00b276ab Eliminate page queues locking around most calls to vm_page_free(). 2010-05-06 18:58:32 +00:00
Edward Tomasz Napierala
307d88b787 Style fixes and removal of unneeded variable.
Submitted by:	bde@
2010-05-06 18:43:19 +00:00
Alan Cox
5ac59343be Acquire the page lock around all remaining calls to vm_page_free() on
managed pages that didn't already have that lock held.  (Freeing an
unmanaged page, such as the various pmaps use, doesn't require the page
lock.)

This allows a change in vm_page_remove()'s locking requirements.  It now
expects the page lock to be held instead of the page queues lock.
Consequently, the page queues lock is no longer required at all by callers
to vm_page_rename().

Discussed with: kib
2010-05-05 18:16:06 +00:00
Edward Tomasz Napierala
b5f770bd86 Move checking against RLIMIT_FSIZE into one place, vn_rlimit_fsize().
Reviewed by:	kib
2010-05-05 16:44:25 +00:00
Alan Cox
e3ef0d2fcf Push down the acquisition of the page queues lock into vm_page_unwire().
Update the comment describing which lock should be held on entry to
vm_page_wire().

Reviewed by:	kib
2010-05-05 03:45:46 +00:00
Konstantin Belousov
fc0c3802f0 Lock the page around vm_page_activate() and vm_page_deactivate() calls
where it was missed. The wrapped fragments now protect wire_count with
page lock.

Reviewed by:	alc
2010-05-03 20:31:13 +00:00
Alan Cox
c5a648516e Acquire the page lock around vm_page_unwire() and vm_page_wire().
Reviewed by:	kib
2010-05-03 16:41:11 +00:00
Alan Cox
b88b6c9d80 It makes no sense for vm_page_sleep_if_busy()'s helper, vm_page_sleep(),
to unconditionally set PG_REFERENCED on a page before sleeping.  In many
cases, it's perfectly ok for the page to disappear, i.e., be reclaimed by
the page daemon, before the caller to vm_page_sleep() is reawakened.
Instead, we now explicitly set PG_REFERENCED in those cases where having
the page persist until the caller is awakened is clearly desirable.  Note,
however, that setting PG_REFERENCED on the page is still only a hint,
and not a guarantee that the page should persist.
2010-05-02 17:33:46 +00:00
Rick Macklem
8583f92fdf For the experimental NFS client, it should always flush dirty
buffers before closing the NFSv4 opens, as the comment states.
This patch deletes the call to nfscl_mustflush() which would
return 0 for the case where a delegation still exists, which
was incorrect and could cause crashes during recovery from
an expired lease.

MFC after:	1 week
2010-04-28 23:16:21 +00:00
Rick Macklem
cb8a84e08e Delete a diagnostic statement that is no longer useful from
the experimental NFS client.

MFC after:	1 week
2010-04-28 23:05:42 +00:00
Rick Macklem
23f929dfe8 An NFSv4 server will reply NFSERR_GRACE for non-recovery RPCs
during the grace period after startup. This grace period must
be at least the lease duration, which is typically 1-2 minutes.
It seems prudent for the experimental NFS client to wait a few
seconds before retrying such an RPC, so that the server isn't
flooded with non-recovery RPCs during recovery. This patch adds
an argument to nfs_catnap() to implement a 5 second delay
for this case.

MFC after:	1 week
2010-04-24 22:52:14 +00:00
Rick Macklem
67c5c2d2d8 When the experimental NFS client is handling an NFSv4 server reboot
with delegations enabled, the recovery could fail if the renew
thread is trying to return a delegation, since it will not do the
recovery. This patch fixes the above by having nfscl_recalldeleg()
fail with the I/O operations returning EIO, so that they will be
attempted later. Most of the patch consists of adding an argument
to various functions to indicate the delegation recall case where
this needs to be done.

MFC after:	1 week
2010-04-22 23:51:01 +00:00
Konstantin Belousov
5673e3cb08 The cache_enter(9) function shall not be called for doomed dvp.
Assert this.

In the reported panic, vdestroy() fired the assertion "vp has namecache
for ..", because pseudofs may end up doing cache_enter() with reclaimed
dvp, after dotdot lookup temporary unlocked dvp.
Similar problem exists in ufs_lookup() for "." lookup, when vnode
lock needs to be upgraded.

Verify that dvp is not reclaimed before calling cache_enter().

Reported and tested by:	pho
Reviewed by:	kan
MFC after:	2 weeks
2010-04-20 10:19:27 +00:00
Rick Macklem
a318bc273d For the experimental NFS client doing an NFSv4 mount,
set the NFSCLFLAGS_RECVRINPROG while doing recovery from an expired
lease in a manner similar to r206818 for server reboot recovery.
This will prevent the function that acquires stateids for I/O
operations from acquiring out of date stateids during recovery.
Also, fix up mutex locking on the nfsc_flags field.

MFC after:	1 week
2010-04-20 01:02:39 +00:00
Rick Macklem
7ea710b3b1 Avoid extraneous recovery cycles in the experimental NFS client
when an NFSv4 server reboots, by doing two things.
1 - Make the function that acquires a stateid for I/O operations
    block until recovery is complete, so that it doesn't acquire
    out of date stateids.
2 - Only allow a recovery once every 1/2 of a lease duration, since
    the NFSv4 server must provide a recovery grace period of at
    least a lease duration. This should avoid recoveries caused
    by an out of date stateid that was acquired for an I/O op.
    just before a recovery cycle started.

MFC after:	1 week
2010-04-18 22:21:23 +00:00
Jaakko Heinonen
17f820725e Revert r206560. The change doesn't work correctly in all cases with
multiple devfs mounts.
2010-04-16 07:02:28 +00:00
Rick Macklem
0ac68bd339 Add mutex lock calls to 2 cases in the experimental NFS client's
renew thread where they were missing.

MFC after:	1 week
2010-04-15 23:56:05 +00:00
Rick Macklem
55909abf07 The experimental NFS client was not filling in recovery credentials
for opens done locally in the client when a delegation for the file
was held. This could cause the client to crash in crsetgroups() when
recovering from a server crash/reboot. This patch fills in the
recovery credentials for this case, in order to avoid the client crash.
Also, add KASSERT()s to the credential copy functions, to catch any
other cases where the credentials aren't filled in correctly.

MFC after:	1 week
2010-04-15 22:57:30 +00:00
Jaakko Heinonen
70781bf94e - Ignore and report duplicate and empty device names in devfs_populate_loop()
instead of causing erratic behavior. Currently make_dev(9) can't fail, so
  there is no way to report an error to make_dev(9) callers.
- Disallow using "." and ".." in device path names. It didn't work previously
  but now it is reported rather than panicing.
- Treat multiple sequential slashes as single in device path names.

Discussed with:	pjd
2010-04-13 18:53:39 +00:00
Joel Dahl
d122d78412 Switch to our preferred 2-clause BSD license.
Approved by:	bp
2010-04-07 16:50:38 +00:00
Rick Macklem
2a45247c7a Harden the experimental NFS server a little, by adding range
checks on the length of the client's open/lock owner name. Also,
add free()'s for one case where they were missing and would
have caused a leak if NFSERR_BADXDR had been replied. Probably
never happens, but the leak is now plugged, just in case.

MFC after:	2 weeks
2010-04-06 01:14:49 +00:00
Robert Watson
f1853d0fc2 Synchronize Coda kernel module definitions in our coda.h to Coda 6's
coda.h:

- CodaFid typdef -> struct CodaFid throughout.
- Use unsigned int instead of unsigned long for venus_dirent and other
  cosmetic fixes.
- Introduce cuid_t and cgid_t and use instead of uid_t and gid_t in RPCs.
- Synchronize comments and macros.
- Use u_int32_t instead of unsigned long for coda_out_hdr.

With these changes, a 64-bit Coda kernel module now works with
coda6_client, whereas previous userspace and kernel versions of RPCs
differed sufficiently to prevent using the file system.  This has been
verified only with casual testing, but /coda is now usable for at least
basic operations on amd64.

MFC after:	1 week
2010-04-05 20:12:54 +00:00
Robert Watson
1c482201ef Correct definition of CIOC_KERNEL_VERSION Coda ioctl() for systems
where sizeof(int) != sizeof(sizeof(int)), or the ioctl will return
EINVAL.

MFC after:	3 days
2010-04-05 19:40:13 +00:00
Rick Macklem
54bde1faa5 Harden the experimental NFS server a little, by adding extra checks
in the readdir functions for non-positive byte count arguments.
For the negative case, set it to the maximum allowable, since it
was actually a large positive value (unsigned) on the wire.
Also, fix up the readdir function comment a bit.

Suggested by:	dillon AT apollo.backplane.com
MFC after:	2 weeks
2010-04-04 23:19:11 +00:00
Andriy Gapon
423b0fb7ad mountmsdosfs: reject too high value of bytes per cluster
Bytes per cluster are calcuated as bytes per sector times sectors per
cluster.  Too high value can overflow an internal variable with type
that can hold only values in valid range.  Trying to use a wider type
results in an attempt to read more than MAXBSIZE at once, a panic.
Unfortunately, it is FreeBSD newfs_msdos that  produces filesystems
with invalid parameters for certain types of media.

Reported by:	Fabian Keil <freebsd-listen@fabiankeil.de>,
		Paul B. Mahol <onemda@gmail.com>
Discussed with:	bde, kib
MFC after:	1 week
X-ToDo:		fix newfs_msdos
2010-04-02 15:22:23 +00:00
Konstantin Belousov
ea01588095 Add function vop_rename_fail(9) that performs needed cleanup for locks
and references of the VOP_RENAME(9) arguments. Use vop_rename_fail()
in deadfs_rename().

Tested by:	Mikolaj Golub
MFC after:	1 week
2010-04-02 14:03:01 +00:00
Rick Macklem
15b28cb82d For the experimental NFS server, add a call to free the lookup
path buffer for one case where it was missing when doing mkdir.
This could have conceivably resulted in a leak of a buffer, but
a leak was never observed during testing, so I suspect it would
have occurred rarely, if ever, in practice.

MFC after:	2 weeks
2010-04-02 02:19:28 +00:00
Rick Macklem
f61786cb60 Add SAVENAME to the cn_flags for all cases in the experimental
NFS server for the CREATE cn_nameiop where SAVESTART isn't set.
I was not aware that this needed to be done by the caller until
recently.

Tested by:	lampa AT fit.vutbr.cz (link case)
Submitted by:	lampa AT fit.vutbr.cz (link case)
MFC after:	2 weeks
2010-04-02 01:53:48 +00:00
Rick Macklem
a43fcbe34d This patch should fix handling of byte range locks locally
on the server for the experimental nfs server. When enabled
by setting vfs.newnfs.locallocks_enable to non-zero, the
experimental nfs server will now acquire byte range locks
on the file on behalf of NFSv4 clients, such that lock
conflicts between the NFSv4 clients and processes running
locally on the server, will be recognized and handled correctly.

MFC after:	2 weeks
2010-03-30 23:11:50 +00:00
Rick Macklem
7482701cd4 Patch the experimental NFS server in a manner analagous to r205661
for the regular NFS server, to ensure that ESTALE is
returned to the client for all errors returned by VFS_FHTOVP().

MFC after:	2 weeks
2010-03-26 01:35:19 +00:00
Rick Macklem
3dfe81c650 Fix the experimental NFS subsystem so that it uses the correct
preprocessor macro name for not requiring strict data alignment.

Suggested by:	marius
MFC after:	2 weeks
2010-03-24 02:02:02 +00:00
Jung-uk Kim
d04be5775f Fix a long standing regression of readdir(3) in fdescfs(5) introduced
in r1.48.  We were stopping at the first null pointer when multiple file
descriptors were opened and one in the middle was closed.  This restores
traditional behaviour of fdescfs.

MFC after:	3 days
2010-03-16 19:59:14 +00:00