Commit Graph

149 Commits

Author SHA1 Message Date
ad
25153c3ec9 PR kern/37706 (forced unmount of file systems is unsafe):
- Do reference counting for 'struct mount'. Each vnode associated with a
  mount takes a reference, and in turn the mount takes a reference to the
  vfsops.
- Now that mounts are reference counted, replace the overcomplicated mount
  locking inherited from 4.4BSD with a recursable rwlock.
2008-01-30 11:46:59 +00:00
ad
3490efcc63 Replace struct lock on vnodes with a simpler lock object built on
krwlock_t. This is a step towards removing lockmgr and simplifying
vnode locking. Discussed on tech-kern.
2008-01-30 09:50:19 +00:00
dholland
717e1785a5 Fix some race conditions in rename.
Introduce a per-FS rename lock and new vfsops to manipulate it.
Get this lock while renaming. Also add another relookup() in do_sys_rename,
which is a hack to kludge around some of the worst deficiencies of
ufs_rename.
reviewed-by: pooka (and an earlier rev by ad)
posted on tech-kern with no objections.
2008-01-28 14:31:15 +00:00
ad
1997a1e1f4 Remove VOP_LEASE. Discussed on tech-kern. 2008-01-25 14:32:11 +00:00
ad
02098ba8d6 Use vp->v_rdev, don't look at the union. 2008-01-15 18:11:25 +00:00
ad
4a780c9ae2 Merge vmlocking2 to head. 2008-01-02 11:48:20 +00:00
perry
b6a2ef7569 Convert many of the uses of __attribute__ to equivalent
__packed, __unused and __dead macros from cdefs.h
2007-12-25 18:33:32 +00:00
pooka
db06a930e6 Remove cn_lwp from struct componentname. curlwp should be used
from on.  The NDINIT() macro no longer takes the lwp parameter and
associates the credentials of the calling thread with the namei
structure.
2007-12-08 19:29:36 +00:00
pooka
4e38160d4d Do not "return 1" from kqfilter for errors. That value is passed
directly to the userland caller and results in a mysterious EPERM.
Instead, return EINVAL or something else sensible depending on the
case.
2007-12-05 17:19:46 +00:00
dsl
1696bf29ff Ensure the mount data is a 0-terminated string - otherwise namei() might
process garbage (or unmapped addresses).
2007-12-01 00:09:41 +00:00
pooka
61e8303e9d Remove the "struct lwp *" argument from all VFS and VOP interfaces.
The general trend is to remove it from all kernel interfaces and
this is a start.  In case the calling lwp is desired, curlwp should
be used.

quick consensus on tech-kern
2007-11-26 19:01:26 +00:00
plunky
8174b7b21a convert usage of insque/remque to queue(3) macros 2007-11-22 22:26:18 +00:00
ad
7dad9f7391 Merge from vmlocking:
- Split vnode::v_flag into three fields, depending on field locking.
- simple_lock -> kmutex in a few places.
- Fix some simple locking problems.
2007-10-10 20:42:20 +00:00
pooka
8d1f899239 * nuke the nameidata parameter from VFS_MOUNT(). Nobody on tech-kern
knew what it was supposed to be used for and wrstuden gave a go-ahead
* while rototilling, convert file systems which went easily to
  use VFS_PROTOS() instead of manually prototyping the methods
2007-07-31 21:14:15 +00:00
pooka
d9970c8066 Use eopnotsupp() instead of vfs_stdsuspendctl() and retire the latter. 2007-07-26 22:57:36 +00:00
pooka
606670f3e8 Initialize size and/or writesize when creating a vnode. 2007-07-23 11:27:45 +00:00
pooka
e24b0872a4 Make set_statvfs_info() take a parameter for the vfs name instead
of always retrieving it from mp->mnt_op->vfs_name

christos ok
2007-07-17 11:19:31 +00:00
dsl
34d9cdbea2 Update coda for VFS_MOUNT() change 2007-07-12 19:38:26 +00:00
dogcow
9403f9f12f make coda compile again. 2007-04-25 20:45:02 +00:00
gdt
664f30be9e Stop doing vref of vnodes on open (and vrele on close); this makes no
sense.

Improve coda_inactive, turning commented out DIAGNOSTIC checks into printfs.

minor style/comment fixes.
2007-04-15 14:10:28 +00:00
gdt
c27898729a In coda_{get,put}pages, drop and obtain v_uobj.vmobjlock rather than
v_interlock.  They are actually the same lock, but the former protects
the uvm object associated with the vnode, and the latter vnode
reference counts.   Explained to me by chs@.
2007-04-15 12:59:04 +00:00
gdt
6be5cb158f Based on suggestion from chs@, drop coda vnode interlock before
obtaining interlock on container vnode in coda_{get,put}pages.  This
is the only functional change in this commit.

Improve many comments.  In particular, note that the relationship
between VOP_OPEN and obtaining a container file (e.g. for getpages for
executables) is messy.

Add printfs for 'internal open' cases in coda_rdwr.  These have not
been triggered in my testing.  Note an apparent vref leak.
2007-04-15 12:45:39 +00:00
gdt
a648308ef6 Rewrite coda_{get,put}pages. Now copying files from coda with mmap
does not trigger assertions in uvm_fault, and executing files from
coda works as well.

Code very lightly reviewed by wrstuden@; scrutiny by those who
understand vnode and especially {get,put}pages would be appreciated.
2007-04-12 23:34:50 +00:00
gdt
3bcadc1a8e revert putpages part of last change. Thanks to pooka@ for pointing
out that the v_interlock in the previous code and v_uobj.vmobjlock are
really the same thing.
2007-04-09 21:38:18 +00:00
gdt
5fa91a46b1 Remove cruft. Update to current reality. 2007-04-08 13:50:51 +00:00
gdt
8f39b4fdf8 Further cleanups on coda vnode handling.
Re-enable mmap.  The problem is how uvm_fault handles page faults from
coda vnodes via container files, and executing a program caused the
same problem so disabling mmap only helped cp(1).

coda_open:
  rename variables to match vnode_if.src
  better comments about lock/reference state of vnodes
  keep lock on container file until after VOP_OPEN, which requires locked vp
  remove #if 0'd code to PNBUF_PUT

coda_link:
  rename variables to match vnode_if.src
  error out early if vp == dvp
  check return value on vn_lock, and add comment questoining the lock
  clarify lock handling, but unchanged logic
  remove #if 0'd code to PNBUF_PUT

coda_rmdir:
  error out early if vp == dvp
  remove #if 0'd code to PNBUF_PUT

coda_grab_vnode:
  add comments, and in particular question undocumented VFS_VGET semantics

coda_getpages:
  question calling VOP_OPEN, which requires a locked vnode, with the
  vnode we got (vop_getpages does not guarantee a locked vnode)

coda_putpages:
  remove inexplicable simple_unlock(&vp->v_interlock);
  add printf so we notice if this is ever called

  add comment explaining that the implementation will lead to trouble,
  because vnode_if.src says putpages is called with v_uobj.vmobjlock
  held and is supposed to unlock it

With these changes and an uncommitted change to uvm_fault not to panic
if uvm objects are not equal, coda seems stable again.
2007-04-08 00:21:59 +00:00
gdt
8830bbca9f Disable mmap for coda. When copying a file from coda to normal ffs, I
got a panic in uvm_fault from ffs_write.  I believe this is because cp
used mmap, the container file page was not in core, and uvm_fault
objected to the container file vnode and the coda vnode not matching.
I have long been plagued by crashes on cp from coda, and this was the
first time I got and understood a backtrace.

Clean up old comments that are no longer accurate.

Document refcounting better.

Note some questionable behaviors with XXX.

Clean up PNBUF_PUT and SAVESTART.  Only do this where vnodeops(9) says
we should, and do it on error also.

In symlink, vput parent and free namebuf even in error cases.
2007-04-06 22:28:12 +00:00
gdt
23959b33e1 Improve conformance to vnode locking rules in coda_lookup, by doing
the unlock parent, lock child, lock parent in the ISDOTDOT case.

Clean up and rewrite comments to match more closely current reality.

Sprinkle XXX where I'm not sure the current rules are being followed.

Reviewed by wrstuden@, who agreed that this is an improvement over the
current code, with concerns about LK_RETRY and whether the ISDOTDOT
locking is done soon enough.
2007-04-05 12:48:51 +00:00
christos
53524e44ef Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 2007-03-04 05:59:00 +00:00
ad
b07ec3fc38 Merge newlock2 to head. 2007-02-09 21:55:00 +00:00
hannken
1b9c6382e3 New file system suspension API to replace vn_start_write and vn_finished_write.
The suspension helpers are now put into file system specific operations.
This means every file system not supporting these helpers cannot be suspended
and therefore snapshots are no longer possible.

Implemented for file systems of type ffs.

The new API is enabled on a kernel option NEWVNGATE.  This option is
not enabled by default in any kernel config.

Presented and discussed on tech-kern with much input from
Bill Studenmund <wrstuden@netbsd.org> and YAMAMOTO Takashi <yamt@netbsd.org>.

Welcome to 4.99.9 (new vfs op vfs_suspendctl).
2007-01-19 14:49:08 +00:00
chs
c398ae9734 a smorgasbord of improvements to vnode locking and path lookup:
- LOCKPARENT is no longer relevant for lookup(), relookup() or VOP_LOOKUP().
   these now always return the parent vnode locked.  namei() works as before.
   lookup() and various other paths no longer acquire vnode locks in the
   wrong order via vrele().  fixes PR 32535.
   as a nice side effect, path lookup is also up to 25% faster.
 - the above allows us to get rid of PDIRUNLOCK.
 - also get rid of WANTPARENT (just use LOCKPARENT and unlock it).
 - remove an assumption in layer_node_find() that all file systems implement
   a recursive VOP_LOCK() (unionfs doesn't).
 - require that all file systems supply vfs_vptofh and vfs_fhtovp routines.
   fill in eopnotsupp() for file systems that don't support being exported
   and remove the checks for NULL.  (layerfs calls these without checking.)
 - in union_lookup1(), don't change refcounts in the ISDOTDOT case, just
   adjust which vnode is locked.  fixes PR 33374.
 - apply fixes for ufs_rename() from ufs_vnops.c rev. 1.61 to ext2fs_rename().
2006-12-09 16:11:50 +00:00
christos
168cd830d2 __unused removal on arguments; approved by core. 2006-11-16 01:32:37 +00:00
reinoud
0ce809091d Replace the LIST structure mp->mnt_vnodelist to a TAILQ structure since all
vnodes were synced and processed backwards. This meant that the last
accessed node was processed first and the earlierst last.

An extra benefit is the removal of the ugly hack from the Berkly days on
LFS.

In the proces, i've also replaced the various variations hand written loops
by the TAILQ_FOREACH() macro's.
2006-10-20 18:58:12 +00:00
christos
4d595fd7b1 - sprinkle __unused on function decls.
- fix a couple of unused bugs
- no more -Wno-unused for i386
2006-10-12 01:30:41 +00:00
christos
cb09e23ee7 fix incomplete initializer 2006-08-29 23:45:23 +00:00
christos
f62871cb73 Fix incomplete initializer 2006-08-29 23:43:12 +00:00
ad
3029ac48c7 - Use the LWP cached credentials where sane.
- Minor cosmetic changes.
2006-07-21 16:48:45 +00:00
elad
874fef3711 integrate kauth. 2006-05-14 21:19:33 +00:00
christos
08172fe2d0 COVERITY CID 1113: Don't use NULL for VOP_READDIR 2006-04-12 01:05:14 +00:00
christos
c904bed6a0 Coverity CID 2319: Plug memory leak. 2006-04-12 00:59:56 +00:00
he
22d273f6af Unbreak the build of this file on our 64-bit ports
by casting to or via intptr_t.
2006-04-05 06:55:26 +00:00
gdt
4d48cb3530 Update list of todo items, and note that old items are from 1998 and
thus likely no longer correct.
2006-04-04 13:20:39 +00:00
gdt
73e63e429a Check symlink count and pointer returned from userspace before
dereferencing it.  (I added this during search for the problem fixed by
the earlier readlink buffer allocation fix, and the checks have not
triggered.  Still, it's wrong of the kernel to use pointers from user
space without validation.)
2006-04-04 13:11:08 +00:00
gdt
e854a7f59c Add comments explaining how the 3 size variables for venus calls are
used.

Remove defect in size allocation for coda_readlink to avoid having
venus write outside malloced space by including pathname space before
allocation.

Add asserts that cred structure is non-NULL and non-FSCRED.

Check lwp against NULL before dereferencing it.

Assert that output pointer is non-NULL on a few venus returns.  This "can't
happen" but has been seen in crash dumps.

With these changes, the following work on a 345 MB coda volume.
(Before, a single invocation of tar or pax on this volume would
crash.)

$ for i in $(seq 1 10); do find . -type f -print0 |xargs -0 md5 > MD5.$i & done

Two copies of

$ for i in $(seq 1 10); do pax -w /coda/[redacted] >/dev/null & done


(lwp NULL check semi-reviewed by wrstuden@)
2006-03-15 14:30:56 +00:00
gdt
94a375ec39 Change type of 'inode' member of struct coda_open_out to ino_t. This
holds a host system inode denoting a container file, not a coda inode
type.  Tested with CVS coda on i386.  Reviewed by christos@.
2006-03-02 14:24:57 +00:00
yamt
ec5a93183a merge yamt-uio_vmspace branch.
- use vmspace rather than proc or lwp where appropriate.
  the latter is more natural to specify an address space.
  (and less likely to be abused for random purposes.)
- fix a swdmover race.
2006-03-01 12:38:10 +00:00
gdt
6fbdb2adf5 In coda_lookup, add LK_RETRY to locking of child vnode. The previous
code paniced if the first attempt to lock the vnode failed, and such
failures are not errors - just cause to wait.  gdt was regularly
hitting this panic.

Correct one of two identical panic messages.

Add XXX comments about

  ISDOTDOT locking rules not being followed

  questioning the practice of unlocking parent before locking child.
  (But, given that the vnode is referenced, it can't be deleted, so
  maybe this is fine.)

  Why is failured to unlock not a panic but failure to lock is?
2006-01-12 14:57:06 +00:00
perry
3d4ed1fbc7 __inline__ -> inline 2005-12-24 23:41:33 +00:00
christos
95e1ffb156 merge ktrace-lwp. 2005-12-11 12:16:03 +00:00