can find.
If the initiator discovers too many targets for it to handle
(currently more than 16), then truncate to the maximum with a loud
warning message, rather than aborting.
In practice, this means that multiple targets can now be used with the
NetBSD iSCSI initiator.
% ls -laR /mnt/inspiron1300.wherever.co.uk/
total 192
drwxr-xr-x 2 agc agc 512 Dec 11 08:53 .
drwxr-xr-x 2 root wheel 0 Jan 1 1970 ..
drwxr-xr-x 2 agc agc 512 Dec 11 08:53 target0
drwxr-xr-x 2 agc agc 512 Dec 11 08:53 target1
/mnt/inspiron1300.wherever.co.uk/target0:
total 576
drwxr-xr-x 2 agc agc 512 Dec 11 08:53 .
drwxr-xr-x 2 agc agc 512 Dec 11 08:53 ..
lrw-r--r-- 1 agc agc 44 Dec 11 08:53 hostname -> inspiron1300.wherever.co.uk
lrw-r--r-- 1 agc agc 9 Dec 11 08:53 ip -> 10.4.0.42
lrw-r--r-- 1 agc agc 16 Dec 11 08:53 product -> NetBSD iSCSI
-rw-r--r-- 1 agc agc 104857600 Dec 11 08:53 storage
lrw-r--r-- 1 agc agc 43 Dec 11 08:53 targetname -> iqn.1994-04.org.netbsd.iscsi-target:target0
lrw-r--r-- 1 agc agc 8 Dec 11 08:53 vendor -> NetBSD
lrw-r--r-- 1 agc agc 4 Dec 11 08:53 version -> 0
/mnt/inspiron1300.wherever.co.uk/target1:
total 576
drwxr-xr-x 2 agc agc 512 Dec 11 08:53 .
drwxr-xr-x 2 agc agc 512 Dec 11 08:53 ..
lrw-r--r-- 1 agc agc 44 Dec 11 08:53 hostname -> inspiron1300.wherever.co.uk
lrw-r--r-- 1 agc agc 0 Dec 11 08:53 ip ->
lrw-r--r-- 1 agc agc 16 Dec 11 08:53 product -> NetBSD iSCSI
-rw-r--r-- 1 agc agc 52428800 Dec 11 08:53 storage
lrw-r--r-- 1 agc agc 43 Dec 11 08:53 targetname -> iqn.1994-04.org.netbsd.iscsi-target:target1
lrw-r--r-- 1 agc agc 8 Dec 11 08:53 vendor -> NetBSD
lrw-r--r-- 1 agc agc 4 Dec 11 08:53 version -> 0
%
Ok, ok, a few more words about it: stop holding puffs_cc as a holy
value and passing it around to almost every possible place (popquiz:
which kernel variable does this remind you of?). Instead, pass
the natural choice, puffs_usermount, and fetch puffs_cc via
puffs_cc_getcc() only in routines which actually need it. This
not only simplifies code, but (thanks to the introduction of
puffs_cc_getcc()) enables constructs which weren't previously sanely
possible, say layering as a curious example.
There's still a little to do on this front, but this was the major
fs interface blast.
and we need to add 1 to it to get the size of the LUN.
Revert Max LBA calculation when returning the Maximum LBA from the target
to the iinitiator, following an email conversation with Jonathan Kollasch,
who points out a number of things:
+ the NetBSD scsipi driver reads the value returned by the drive and adds
one to it, so that standard SCSI drives return the 0-based Max LBA in a
READ CAPACITY command.
+ it is up to the initiator to add 1 to the Max LBA to find out the size
of the LUN (Jonathan verified this by using the UNH iSCSI initiator on
to a NetBSD target)
+ an analogous change to the NetBSD target (revision 1.34 of
disk.c) is needed.
libpuffs.
With a round of applause to Antti Kantee for helping out with puffs
debugging, and a huge thank you to Greg Oster, who has fixed numerous
bugs over the last week (unfortunately, the bugs are all mine), and
provided enthusiasm and drive.
Right now, the initiator is fulling working for only a single target,
and should be considered to be in a state of flux. Having said that,
Greg completed a run of build.sh with the storage on the iSCSI target,
and found times to be within 0.5% of direct attached storage. Cache
effects apply.
The initiator should be portable to everything that uses the FUSE
interface. That's right - a portable iSCSI initiator.
Storage (LUNs exported by the target) is, at the present time,
presented as a regular file called "storage". This will likely
change in the future.
% priv obj/iscsifs -u agc inspiron1300 /mnt &
[1] 13158
inspiron1300.wherever.co.uk: 10.4.0.42:3260,1 iqn.1994-04.org.netbsd.iscsi-target:target0
inspiron1300.wherever.co.uk: 10.4.0.42:3260,1 iqn.1994-04.org.netbsd.iscsi-target:target1
% ls -al /mnt/inspiron1300.wherever.co.uk/target0/
total 576
drwxr-xr-x 2 agc agc 512 Nov 8 21:07 .
drwxr-xr-x 2 agc agc 512 Nov 8 21:07 ..
lrw-r--r-- 1 agc agc 44 Nov 8 21:07 hostname -> inspiron1300.wherever.co.uk
lrw-r--r-- 1 agc agc 9 Nov 8 21:07 ip -> 10.4.0.42
lrw-r--r-- 1 agc agc 16 Nov 8 21:07 product -> NetBSD iSCSI
-rw-r--r-- 1 agc agc 104857088 Nov 8 21:07 storage
lrw-r--r-- 1 agc agc 43 Nov 8 21:07 targetname -> iqn.1994-04.org.netbsd.iscsi-target:target0
lrw-r--r-- 1 agc agc 8 Nov 8 21:07 vendor -> NetBSD
lrw-r--r-- 1 agc agc 4 Nov 8 21:07 version -> 0
FFS needs a block device, and so vnconfig can be used to sit on top of
the regular file.
% mount -vv | grep iscsifs
/dev/puffs on /mnt type puffs|refuse:iscsifs (nosuid, nodev, fsid: 0xcb04/0x6acb, reads: sync 0 async 0, writes: sync 0 async 0)
% priv vnconfig vnd0 /mnt/inspiron1300.wherever.co.uk/target0/storage
% priv mount /dev/vnd0a /iscsi
% df
Filesystem 1K-blocks Used Avail %Cap Mounted on
/dev/dk0 28101396 21491182 5205146 80% /
kernfs 1 1 0 100% /kern
procfs 4 4 0 100% /proc
ptyfs 1 1 0 100% /dev/pts
/dev/puffs 0 0 0 100% /mnt
/dev/vnd0a 99214 8209 86045 8% /iscsi
% mount -vv | grep iscsi
/dev/puffs on /mnt type puffs|refuse:iscsifs (nosuid, nodev, fsid: 0xcb04/0x6acb, reads: sync 0 async 0, writes: sync 0 async 0)
/dev/vnd0a on /iscsi type ffs (local, fsid: 0xe00/0x78b, reads: sync 1 async 0, writes: sync 2 async 0)
servers. Calling daemon() (i.e. fork()ing) inside a library can
cause nice surprises for e.g. threaded programs. As discussed with
Greg Oster & others.
avoid wasting unbelievable amounts of memory, set the blocksize to
something more believable. Should fix the memset-part to act only
up to the size the file is extended to, though.
This utility uses FreeBSD's libfetch (updated for NetBSD, and to quieten
lint) to provide a BSD-licensed ftp/http/https file system similar to the
old alex utility. The full URL is used as the path underneath the "/ian"
mountpoint.
Sample use as follows:
[19:09:38] agc@inspiron1300 ...examples/refuse/ian 126 > priv ian/obj/ian /ian
[19:09:55] agc@inspiron1300 ...examples/refuse/ian 127 > cat /ian/ftp://localhost/motd
NetBSD 4.99.27 (INSPIRON) #4: Tue Aug 7 13:04:33 BST 2007
Welcome to NetBSD!
This system is running a development snapshot of the NetBSD operating system,
also known as NetBSD-current. It is highly possible for it to contain serious
bugs, regressions, broken features or other problems. Please bear this in mind
and use the system with care.
You are encouraged to test this version as thoroughly as possible. Should you
encounter any problem, please report it back to the development team using the
send-pr(1) utility (requires a working MTA). If yours is not properly set up,
use the web interface at: http://www.netbsd.org/support/send-pr.html
Thank you for helping us test and improve NetBSD.
[19:10:17] agc@inspiron1300 ...examples/refuse/ian 128 > df
Filesystem 1K-blocks Used Avail %Cap Mounted on
/dev/dk0 28101396 19491972 7204356 73% /
kernfs 1 1 0 100% /kern
procfs 4 4 0 100% /proc
ptyfs 1 1 0 100% /dev/pts
/dev/puffs 0 0 0 100% /ian
[19:10:21] agc@inspiron1300 ...examples/refuse/ian 129 > ls -al /ian/ftp://localhost/motd
-rw------- 1 root wheel 705 Aug 28 19:10 /ian/ftp://localhost/motd
[19:10:42] agc@inspiron1300 ...examples/refuse/ian 130 > ls -al ~ftp/motd
-rw-r--r-- 1 ftp ftp 705 Aug 27 21:33 /home/ftp/motd
[19:10:53] agc@inspiron1300 ...examples/refuse/ian 131 >
this one, since it's a good exercise ..
Add icfs, which does the same thing as the refuse-based icfs agc
added earlier this week, i.e. null-mounts & converts the entire
namespace to lowercase. However, it's a fun comparison, since this
is implemented in a completely different fashion from the refuse
version.
This file system is based on librefuse and puffs.
The icfs(8) utility can be used to mount an existing directory on a
new mount point. icfs makes use of the virtdir(3) virtual directory
routines. Underneath those virtual directories, the individual
directory entries will be displayed as an exact mirror of the original
directory, except that any capital letters in the original entry's
name will be substituted with an entry name consisting entirely of
lower-case letters.
This is an unusual example of a refuse-based file system which provides
lesser functionality than the file system it sits on.
dmesgfs is another example file system, which displays the device tree
information gained from dmesg(8) as a directory hierarchy. The information
can be displayed in files, or as targets of symbolic links.
% l /mnt/mainbus0
total 320
drwxr-xr-x 2 agc agc 512 May 21 22:21 .
drwxr-xr-x 2 root wheel 0 Jan 1 1970 ..
drwxr-xr-x 2 agc agc 512 May 21 22:21 acpi0
lrwxr-xr-x 1 agc agc 41 May 21 22:21 cpu0 -> cpu0 at mainbus0 apid 0: (boot processor)
lrwxr-xr-x 1 agc agc 40 May 21 22:21 ioapic -> ioapic at mainbus0 apid 1 not configured
drwxr-xr-x 2 agc agc 512 May 21 22:21 pci0
% l /mnt/mainbus0/pci0/piixide0/atabus1/atapibus0
total 256
drwxr-xr-x 2 agc agc 512 May 21 22:21 .
drwxr-xr-x 2 agc agc 512 May 21 22:21 ..
lrwxr-xr-x 1 agc agc 31 May 21 22:21 Description -> atapibus0 at atabus1: 2 targets
lrwxr-xr-x 1 agc agc 104 May 21 22:21 cd0 -> cd0 at atapibus0 drive 0: <VMware Virtual IDE CDROM Drive, 1000000000000000000, 0000000> cdrom removable
%
Introduce a parameter -r to control the root node type. For example
"dtfs -r 'lnk /etc' /puffs" mounts dtfs with the root node as a
symbolic link to /etc:
jojonaru# ./dtfs -r 'lnk /etc' /puffs
jojonaru# ls -l /puffs
lrw-rw-rw- 1 root wheel 4 May 17 14:06 /puffs -> /etc
jojonaru# cd /puffs
jojonaru# pwd
/etc
jojonaru#
Extra credit for figuring out how to unmount this file system with
umount(8).
Likewise, "dtfs -r 'chr 2 12' /puffs" makes /puffs (i386) /dev/zero etcetc.
intermediate directories have already been created. If not, then
create the intermediate directories. This means that callers don't
need to create the intermediate directories themselves.
When reading a virtual directory, don't return a zero-length
virtual directory entry.
mp3-based files according to artist, genre or year.
Three virtual directories are made available under the mount point -
artists/
genre/
year/
and then virtual directory entries (see virtdir(3)) are created under
these heading directories.
The pkgsrc/audio/id3 package is needed for this file system to function
properly.
Two shell scripts, id3info.sh and id3db.sh, are included to build up
the music database for id3fs to use to build up its virtual
directories.
librefuse-based file systems.
These are especially useful for file systems which present virtual
directory hierarchies to the caller.
The routines build up and manage an array of virtual directory
entries, indexed upon full pathname within the file system. This is
analogous to the way refuse indexes its own entries. Routines are
available to add, delete, and find entries. Each entry can be one of
3 types - file ('f'), directory ('d') or symbolic link ('l'). Each
entry can also be associated with a target, which is a character
string allocated upon addition. This can be useful for virtual
directory entries of the symbolic link type.
The virtual directory entries can be traversed as an ordered list
(the entries are ordered alphabetically), or can be accessed by
directory component, using routines analogous to opendir(3), readdir(3),
and closedir(3).
only take the bare essentials, which currently means removing
"maxreqlen" from the argument list (all current callers I'm aware
of set it as 0 anyway). Introduce puffs_init(), which provides a
context for setting various parameters and puffs_domount(), which
can be used to mount the file system. Keep puffs_mount() as a
shortcut for the above two for simple file systems.
Bump development ABI version to 13. After all, it's Friday the 13th.
Watch out! Bad things can happen on Friday the 13th. --No carrier--
accessors for interesting data in it. Namely, you can now get
pu->pu_privdata with puffs_getspecific(), pu->pu_pn_root with
puffs_set/getroot() and pu->pu_maxreqlen with puffs_getmaxreqlen().
the BSD world as a "union" file system.
This fanout file system takes a number of directories and makes them
available under a single mount point.
This is more of an example file sytsem than anything else, but is used
as the basis of a number of other file systems which will be forthcoming
"real soon now".
hierarchy in the in-memory nodes. This allows us to easily do
reclaim, since we don't have to worry about reclaiming a node which
has alive children which might want to dotdot lookup later on.
Add a little layering experiment, which both exercises the
componentname modification feature of libpuffs and tries to do
layering (just a little too hardcoded for comfort, fow now). This
simply uses the puffs nullfs to present all data and paths in rot13.
You can even mount it twice for extra fun.
requests and centralizing them all. The result is that some of these
are not used on some architectures, but the documentation was updated
to reflect that.
- makes sysctl_proc_find() just lookup the process,
- use KAUTH_PROCESS_CANSEE requests to determine if the caller is
allowed to view the target process' corename, stop flags, and
rlimits,
- use explicit kauth(9) calls with KAUTH_PROCESS_CORENAME,
KAUTH_REQ_PROCESS_RESOURCE_NICE, KAUTH_REQ_PROCESS_RESOURCE_RLIMIT,
and KAUTH_PROCESS_STOPFLAG when modifying the aforementioned.
- sync man-page and example skeleton secmodel with reality.
okay yamt@
this is a pullup candidate.
sftp code to accomplish something close to sshfs. this basically
works, but there are some issues with directory grovelers still,
e.g. so untar won't work. but it works for browsing mailboxes,
transferring large files, etcetc.
a fs hierarchy. This is currently ro, lacking features, and very
much unfinished in every other possible sense. Should investigate
if this can share code with sbin/sysctl so that everything must
not be rewritten.
allowed. It takes three int * arguments indicating domain, type, and
protocol. Replace previous KAUTH_REQ_NETWORK_SOCKET_RAWSOCK with it (but
keep it still).
Places that used to explicitly check for privileged context now don't
need it anymore, so I replaced these with XXX comment indiacting it for
future reference.
Documented and updated examples as well.
how to use libpuffs
this is not installed into the binary distribution just yet
*) you can call it either "Delectable Test File System" or
"Detrempe File System", depending on what you think will result
in more puffing
used to manage network interfaces.
Add four sub-actions to fulfill generic needs for now, until a more
carefully defined usage of the interface is documented: get, set,
getpriv, and setpriv.
credentials on sockets, at least not anytime soon, this is a way to check
if we can "look" at a socket. Later on when (and if) we do have socket
credentials, the interface usage remains the same because we pass the
socket.
This also fixes sysctl for inet/inet6 pcblist.
No setuid programs in /var -> mount -o nodev,nosuid
Adding "noexec" in various places may cause too much damage
(e.g. for running DEINSTALL scripts from /var/db/pkg, configure
scripts, etc).
Inspired by OpenBSD's afterboot(8) manpage.
* We now use hash tables instead of a list to store the in kernel
fingerprints.
* Fingerprint methods handling has been made more flexible, it is now
even simpler to add new methods.
* the loader no longer passes in magic numbers representing the
fingerprint method so veriexecctl is not longer kernel specific.
* fingerprint methods can be tailored out using options in the kernel
config file.
* more fingerprint methods added - rmd160, sha256/384/512
* veriexecctl can now report the fingerprint methods supported by the
running kernel.
* regularised the naming of some portions of veriexec.
agc