Don't hand all the argv options to fuse_main() - it's only interested
in the ones we haven't parsed ourselves.
These changes make the initiator compile and perform discovery successfully
on FreeBSD 6.3. Full login doesn't work yet due to a KSE related bug.
- Add a KAUTH_PROCESS_SCHEDULER action, to handle scheduler related
requests, and add specific requests for set/get scheduler policy and
set/get scheduler parameters.
- Add a KAUTH_PROCESS_KEVENT_FILTER action, to handle kevent(2) related
requests.
- Add a KAUTH_DEVICE_TTY_STI action to handle requests to TIOCSTI.
- Add requests for the KAUTH_PROCESS_CANSEE action, indicating what
process information is being looked at (entry itself, args, env,
open files).
- Add requests for the KAUTH_PROCESS_RLIMIT action indicating set/get.
- Add requests for the KAUTH_PROCESS_CORENAME action indicating set/get.
- Make bsd44 secmodel code handle the newly added rqeuests appropriately.
All of the above make it possible to issue finer-grained kauth(9) calls in
many places, removing some KAUTH_GENERIC_ISSUSER requests.
- Remove the "CAN" from KAUTH_PROCESS_CAN{KTRACE,PROCFS,PTRACE,SIGNAL}.
Discussed with christos@ and yamt@.
Been running in my tree for over a month at least.
Reviewed and okay yamt@, and special thanks to him as well as rittera@
for making this possible through fixing NDIS to not call fork1() with
l1 != curlwp.
can find.
If the initiator discovers too many targets for it to handle
(currently more than 16), then truncate to the maximum with a loud
warning message, rather than aborting.
In practice, this means that multiple targets can now be used with the
NetBSD iSCSI initiator.
% ls -laR /mnt/inspiron1300.wherever.co.uk/
total 192
drwxr-xr-x 2 agc agc 512 Dec 11 08:53 .
drwxr-xr-x 2 root wheel 0 Jan 1 1970 ..
drwxr-xr-x 2 agc agc 512 Dec 11 08:53 target0
drwxr-xr-x 2 agc agc 512 Dec 11 08:53 target1
/mnt/inspiron1300.wherever.co.uk/target0:
total 576
drwxr-xr-x 2 agc agc 512 Dec 11 08:53 .
drwxr-xr-x 2 agc agc 512 Dec 11 08:53 ..
lrw-r--r-- 1 agc agc 44 Dec 11 08:53 hostname -> inspiron1300.wherever.co.uk
lrw-r--r-- 1 agc agc 9 Dec 11 08:53 ip -> 10.4.0.42
lrw-r--r-- 1 agc agc 16 Dec 11 08:53 product -> NetBSD iSCSI
-rw-r--r-- 1 agc agc 104857600 Dec 11 08:53 storage
lrw-r--r-- 1 agc agc 43 Dec 11 08:53 targetname -> iqn.1994-04.org.netbsd.iscsi-target:target0
lrw-r--r-- 1 agc agc 8 Dec 11 08:53 vendor -> NetBSD
lrw-r--r-- 1 agc agc 4 Dec 11 08:53 version -> 0
/mnt/inspiron1300.wherever.co.uk/target1:
total 576
drwxr-xr-x 2 agc agc 512 Dec 11 08:53 .
drwxr-xr-x 2 agc agc 512 Dec 11 08:53 ..
lrw-r--r-- 1 agc agc 44 Dec 11 08:53 hostname -> inspiron1300.wherever.co.uk
lrw-r--r-- 1 agc agc 0 Dec 11 08:53 ip ->
lrw-r--r-- 1 agc agc 16 Dec 11 08:53 product -> NetBSD iSCSI
-rw-r--r-- 1 agc agc 52428800 Dec 11 08:53 storage
lrw-r--r-- 1 agc agc 43 Dec 11 08:53 targetname -> iqn.1994-04.org.netbsd.iscsi-target:target1
lrw-r--r-- 1 agc agc 8 Dec 11 08:53 vendor -> NetBSD
lrw-r--r-- 1 agc agc 4 Dec 11 08:53 version -> 0
%
Ok, ok, a few more words about it: stop holding puffs_cc as a holy
value and passing it around to almost every possible place (popquiz:
which kernel variable does this remind you of?). Instead, pass
the natural choice, puffs_usermount, and fetch puffs_cc via
puffs_cc_getcc() only in routines which actually need it. This
not only simplifies code, but (thanks to the introduction of
puffs_cc_getcc()) enables constructs which weren't previously sanely
possible, say layering as a curious example.
There's still a little to do on this front, but this was the major
fs interface blast.
and we need to add 1 to it to get the size of the LUN.
Revert Max LBA calculation when returning the Maximum LBA from the target
to the iinitiator, following an email conversation with Jonathan Kollasch,
who points out a number of things:
+ the NetBSD scsipi driver reads the value returned by the drive and adds
one to it, so that standard SCSI drives return the 0-based Max LBA in a
READ CAPACITY command.
+ it is up to the initiator to add 1 to the Max LBA to find out the size
of the LUN (Jonathan verified this by using the UNH iSCSI initiator on
to a NetBSD target)
+ an analogous change to the NetBSD target (revision 1.34 of
disk.c) is needed.
libpuffs.
With a round of applause to Antti Kantee for helping out with puffs
debugging, and a huge thank you to Greg Oster, who has fixed numerous
bugs over the last week (unfortunately, the bugs are all mine), and
provided enthusiasm and drive.
Right now, the initiator is fulling working for only a single target,
and should be considered to be in a state of flux. Having said that,
Greg completed a run of build.sh with the storage on the iSCSI target,
and found times to be within 0.5% of direct attached storage. Cache
effects apply.
The initiator should be portable to everything that uses the FUSE
interface. That's right - a portable iSCSI initiator.
Storage (LUNs exported by the target) is, at the present time,
presented as a regular file called "storage". This will likely
change in the future.
% priv obj/iscsifs -u agc inspiron1300 /mnt &
[1] 13158
inspiron1300.wherever.co.uk: 10.4.0.42:3260,1 iqn.1994-04.org.netbsd.iscsi-target:target0
inspiron1300.wherever.co.uk: 10.4.0.42:3260,1 iqn.1994-04.org.netbsd.iscsi-target:target1
% ls -al /mnt/inspiron1300.wherever.co.uk/target0/
total 576
drwxr-xr-x 2 agc agc 512 Nov 8 21:07 .
drwxr-xr-x 2 agc agc 512 Nov 8 21:07 ..
lrw-r--r-- 1 agc agc 44 Nov 8 21:07 hostname -> inspiron1300.wherever.co.uk
lrw-r--r-- 1 agc agc 9 Nov 8 21:07 ip -> 10.4.0.42
lrw-r--r-- 1 agc agc 16 Nov 8 21:07 product -> NetBSD iSCSI
-rw-r--r-- 1 agc agc 104857088 Nov 8 21:07 storage
lrw-r--r-- 1 agc agc 43 Nov 8 21:07 targetname -> iqn.1994-04.org.netbsd.iscsi-target:target0
lrw-r--r-- 1 agc agc 8 Nov 8 21:07 vendor -> NetBSD
lrw-r--r-- 1 agc agc 4 Nov 8 21:07 version -> 0
FFS needs a block device, and so vnconfig can be used to sit on top of
the regular file.
% mount -vv | grep iscsifs
/dev/puffs on /mnt type puffs|refuse:iscsifs (nosuid, nodev, fsid: 0xcb04/0x6acb, reads: sync 0 async 0, writes: sync 0 async 0)
% priv vnconfig vnd0 /mnt/inspiron1300.wherever.co.uk/target0/storage
% priv mount /dev/vnd0a /iscsi
% df
Filesystem 1K-blocks Used Avail %Cap Mounted on
/dev/dk0 28101396 21491182 5205146 80% /
kernfs 1 1 0 100% /kern
procfs 4 4 0 100% /proc
ptyfs 1 1 0 100% /dev/pts
/dev/puffs 0 0 0 100% /mnt
/dev/vnd0a 99214 8209 86045 8% /iscsi
% mount -vv | grep iscsi
/dev/puffs on /mnt type puffs|refuse:iscsifs (nosuid, nodev, fsid: 0xcb04/0x6acb, reads: sync 0 async 0, writes: sync 0 async 0)
/dev/vnd0a on /iscsi type ffs (local, fsid: 0xe00/0x78b, reads: sync 1 async 0, writes: sync 2 async 0)
servers. Calling daemon() (i.e. fork()ing) inside a library can
cause nice surprises for e.g. threaded programs. As discussed with
Greg Oster & others.
avoid wasting unbelievable amounts of memory, set the blocksize to
something more believable. Should fix the memset-part to act only
up to the size the file is extended to, though.
This utility uses FreeBSD's libfetch (updated for NetBSD, and to quieten
lint) to provide a BSD-licensed ftp/http/https file system similar to the
old alex utility. The full URL is used as the path underneath the "/ian"
mountpoint.
Sample use as follows:
[19:09:38] agc@inspiron1300 ...examples/refuse/ian 126 > priv ian/obj/ian /ian
[19:09:55] agc@inspiron1300 ...examples/refuse/ian 127 > cat /ian/ftp://localhost/motd
NetBSD 4.99.27 (INSPIRON) #4: Tue Aug 7 13:04:33 BST 2007
Welcome to NetBSD!
This system is running a development snapshot of the NetBSD operating system,
also known as NetBSD-current. It is highly possible for it to contain serious
bugs, regressions, broken features or other problems. Please bear this in mind
and use the system with care.
You are encouraged to test this version as thoroughly as possible. Should you
encounter any problem, please report it back to the development team using the
send-pr(1) utility (requires a working MTA). If yours is not properly set up,
use the web interface at: http://www.netbsd.org/support/send-pr.html
Thank you for helping us test and improve NetBSD.
[19:10:17] agc@inspiron1300 ...examples/refuse/ian 128 > df
Filesystem 1K-blocks Used Avail %Cap Mounted on
/dev/dk0 28101396 19491972 7204356 73% /
kernfs 1 1 0 100% /kern
procfs 4 4 0 100% /proc
ptyfs 1 1 0 100% /dev/pts
/dev/puffs 0 0 0 100% /ian
[19:10:21] agc@inspiron1300 ...examples/refuse/ian 129 > ls -al /ian/ftp://localhost/motd
-rw------- 1 root wheel 705 Aug 28 19:10 /ian/ftp://localhost/motd
[19:10:42] agc@inspiron1300 ...examples/refuse/ian 130 > ls -al ~ftp/motd
-rw-r--r-- 1 ftp ftp 705 Aug 27 21:33 /home/ftp/motd
[19:10:53] agc@inspiron1300 ...examples/refuse/ian 131 >
this one, since it's a good exercise ..
Add icfs, which does the same thing as the refuse-based icfs agc
added earlier this week, i.e. null-mounts & converts the entire
namespace to lowercase. However, it's a fun comparison, since this
is implemented in a completely different fashion from the refuse
version.
This file system is based on librefuse and puffs.
The icfs(8) utility can be used to mount an existing directory on a
new mount point. icfs makes use of the virtdir(3) virtual directory
routines. Underneath those virtual directories, the individual
directory entries will be displayed as an exact mirror of the original
directory, except that any capital letters in the original entry's
name will be substituted with an entry name consisting entirely of
lower-case letters.
This is an unusual example of a refuse-based file system which provides
lesser functionality than the file system it sits on.
dmesgfs is another example file system, which displays the device tree
information gained from dmesg(8) as a directory hierarchy. The information
can be displayed in files, or as targets of symbolic links.
% l /mnt/mainbus0
total 320
drwxr-xr-x 2 agc agc 512 May 21 22:21 .
drwxr-xr-x 2 root wheel 0 Jan 1 1970 ..
drwxr-xr-x 2 agc agc 512 May 21 22:21 acpi0
lrwxr-xr-x 1 agc agc 41 May 21 22:21 cpu0 -> cpu0 at mainbus0 apid 0: (boot processor)
lrwxr-xr-x 1 agc agc 40 May 21 22:21 ioapic -> ioapic at mainbus0 apid 1 not configured
drwxr-xr-x 2 agc agc 512 May 21 22:21 pci0
% l /mnt/mainbus0/pci0/piixide0/atabus1/atapibus0
total 256
drwxr-xr-x 2 agc agc 512 May 21 22:21 .
drwxr-xr-x 2 agc agc 512 May 21 22:21 ..
lrwxr-xr-x 1 agc agc 31 May 21 22:21 Description -> atapibus0 at atabus1: 2 targets
lrwxr-xr-x 1 agc agc 104 May 21 22:21 cd0 -> cd0 at atapibus0 drive 0: <VMware Virtual IDE CDROM Drive, 1000000000000000000, 0000000> cdrom removable
%
Introduce a parameter -r to control the root node type. For example
"dtfs -r 'lnk /etc' /puffs" mounts dtfs with the root node as a
symbolic link to /etc:
jojonaru# ./dtfs -r 'lnk /etc' /puffs
jojonaru# ls -l /puffs
lrw-rw-rw- 1 root wheel 4 May 17 14:06 /puffs -> /etc
jojonaru# cd /puffs
jojonaru# pwd
/etc
jojonaru#
Extra credit for figuring out how to unmount this file system with
umount(8).
Likewise, "dtfs -r 'chr 2 12' /puffs" makes /puffs (i386) /dev/zero etcetc.
intermediate directories have already been created. If not, then
create the intermediate directories. This means that callers don't
need to create the intermediate directories themselves.
When reading a virtual directory, don't return a zero-length
virtual directory entry.
mp3-based files according to artist, genre or year.
Three virtual directories are made available under the mount point -
artists/
genre/
year/
and then virtual directory entries (see virtdir(3)) are created under
these heading directories.
The pkgsrc/audio/id3 package is needed for this file system to function
properly.
Two shell scripts, id3info.sh and id3db.sh, are included to build up
the music database for id3fs to use to build up its virtual
directories.
librefuse-based file systems.
These are especially useful for file systems which present virtual
directory hierarchies to the caller.
The routines build up and manage an array of virtual directory
entries, indexed upon full pathname within the file system. This is
analogous to the way refuse indexes its own entries. Routines are
available to add, delete, and find entries. Each entry can be one of
3 types - file ('f'), directory ('d') or symbolic link ('l'). Each
entry can also be associated with a target, which is a character
string allocated upon addition. This can be useful for virtual
directory entries of the symbolic link type.
The virtual directory entries can be traversed as an ordered list
(the entries are ordered alphabetically), or can be accessed by
directory component, using routines analogous to opendir(3), readdir(3),
and closedir(3).
only take the bare essentials, which currently means removing
"maxreqlen" from the argument list (all current callers I'm aware
of set it as 0 anyway). Introduce puffs_init(), which provides a
context for setting various parameters and puffs_domount(), which
can be used to mount the file system. Keep puffs_mount() as a
shortcut for the above two for simple file systems.
Bump development ABI version to 13. After all, it's Friday the 13th.
Watch out! Bad things can happen on Friday the 13th. --No carrier--
accessors for interesting data in it. Namely, you can now get
pu->pu_privdata with puffs_getspecific(), pu->pu_pn_root with
puffs_set/getroot() and pu->pu_maxreqlen with puffs_getmaxreqlen().
the BSD world as a "union" file system.
This fanout file system takes a number of directories and makes them
available under a single mount point.
This is more of an example file sytsem than anything else, but is used
as the basis of a number of other file systems which will be forthcoming
"real soon now".
hierarchy in the in-memory nodes. This allows us to easily do
reclaim, since we don't have to worry about reclaiming a node which
has alive children which might want to dotdot lookup later on.
Add a little layering experiment, which both exercises the
componentname modification feature of libpuffs and tries to do
layering (just a little too hardcoded for comfort, fow now). This
simply uses the puffs nullfs to present all data and paths in rot13.
You can even mount it twice for extra fun.
requests and centralizing them all. The result is that some of these
are not used on some architectures, but the documentation was updated
to reflect that.
- makes sysctl_proc_find() just lookup the process,
- use KAUTH_PROCESS_CANSEE requests to determine if the caller is
allowed to view the target process' corename, stop flags, and
rlimits,
- use explicit kauth(9) calls with KAUTH_PROCESS_CORENAME,
KAUTH_REQ_PROCESS_RESOURCE_NICE, KAUTH_REQ_PROCESS_RESOURCE_RLIMIT,
and KAUTH_PROCESS_STOPFLAG when modifying the aforementioned.
- sync man-page and example skeleton secmodel with reality.
okay yamt@
this is a pullup candidate.
