In particular the 'read' part plays 'hunt the disklabel' in order to get a
label into a local buffer - from where it can be displayed/edited.
The 'write' part makes a separate scan of the disk looking for places to
write the label.
The main changes are:
- It can no longer write the first 8k of the mbr to the pbr (or v.v.)
- All labels on the disk (that it can find) get updated during a write
- With -A all the labels are displayed (inc. those deleted by -D)
- Addition of -D which will delete (by one's complimenting dk_magic{2}) and
existing labels before writing labels to the expected locations.
- -v gives some verbose output to stderr, -vv more etc
A better basis for processing incorrect endian labels, or labels from other
architectures.
This closes a hole pointed out by Thor Lancelot Simon on tech-kern ~3
years ago.
The problem was with running binaries from remote storage, where our
kernel (and Veriexec) has no control over any changes to files.
An attacker could, after the fingerprint has been verified and
program loaded to memory, inject malicious code into the backing
store on the remote storage, followed by a forced flush, causing
a page-in of the malicious data from backing store, bypassing
integrity checks.
Initial implementation by Brett Lymn.
link points to the process's current working directory, and the root
link points to the process's root directory. What else would you
expect?
For directories that are out of reach (caller is in a chroot, target
process is in a different chroot, etc), the links point to "/"
instead.
tmpfs' "API" and was already rotting.
Instead, merge all the relevant comments into the code. This includes
acknowledgements to Google's Summer of Code 2005 program (they were in the
AUTHORS section of tmpfs(9) before), so all the files need to be changed
to include this sentence alongside the title. (Note that this was not a
requirement of the program.)
- Remove all NFS related stuff from file system specific code.
- Drop the vfs_checkexp hook and generalize it in the new nfs_check_export
function, thus removing redundancy from all file systems.
- Move all NFS export-related stuff from kern/vfs_subr.c to the new
file sys/nfs/nfs_export.c. The former was becoming large and its code
is always compiled, regardless of the build options. Using the latter,
the code is only compiled in when NFSSERVER is enabled. While doing this,
also make some functions in nfs_subs.c conditional to NFSSERVER.
- Add a new command in nfssvc(2), called NFSSVC_SETEXPORTSLIST, that takes a
path and a set of export entries. At the moment it can only clear the
exports list or append entries, one by one, but it is done in a way that
allows setting the whole set of entries atomically in the future (see the
comment in mountd_set_exports_list or in doc/TODO).
- Change mountd(8) to use the nfssvc(2) system call instead of mount(2) so
that it becomes file system agnostic. In fact, all this whole thing was
done to remove a 'XXX' block from this utility!
- Change the mount*, newfs and fsck* userland utilities to not deal with NFS
exports initialization; done internally by the kernel when initializing
the NFS support for each file system.
- Implement an interface for VFS (called VFS hooks) so that several kernel
subsystems can run arbitrary code upon receipt of specific VFS events.
At the moment, this only provides support for unmount and is used to
destroy NFS exports lists from the file systems being unmounted, though it
has room for extension.
Thanks go to yamt@, chs@, thorpej@, wrstuden@ and others for their comments
and advice in the development of this patch.
dbj