the vnode operations vector for active vnodes is unsafe because it
is not known whether deadfs or the original file system will be
called.
- Pass down LK_RETRY to the lock operation (hint for deadfs only).
- Change deadfs lock operation to return ENOENT if LK_RETRY is unset.
- Change all other lock operations to check for dead vnode once
the vnode is locked and unlock and return ENOENT in this case.
With these changes in place vnode lock operations will never succeed
after vclean() has marked the vnode as VI_XLOCK and before vclean()
has changed the operations vector.
Adresses PR kern/37706 (Forced unmount of file systems is unsafe)
Discussed on tech-kern.
Welcome to 6.99.33
since there is no definition of CRYPTO_ALGORITHM_ALL!
XXX The description of the arguments for crypto_register() needs further
updates, too, but that will be left for another day.
- Make these defines and functions private to vfs_vnode.c:
VC_MASK, VC_LOCK, DOCLOSE, VI_IANCTREDO and VI_INACTNOW
vclean() and vrelel()
- Remove the long time unused lwp argument from vrecycle().
- Remove vtryget(), it is responsible for ugly hacks and doesn't
look that effective.
Presented on tech-kern.
Welcome to 6.99.25
- 'struct edid_info' in edidvar.h uses 'struct videomode' so
videomode.h needs to be included too.
- edid_print takes a pointer to 'struct edid_info' so add the & operator.
OK by wiz@
- Remove defunct cprng_strong_getflags/setflags.
- Remove defunct cprng_strong_ready.
- Document CPRNG_HARD.
- Omit cprng_strong structure, which is now opaque.
- Specify what can sleep and under what conditions.
- Be a little more consistent about some markup.
This is not the whole story (select/kqueue stuff for /dev/random is
still omitted), and I plan to change it some more (to split
cprng_strong into one routine that unconditionally guarantees as many
bytes as you asked, and another routine that may block or return
partial reads), but this will do until I find the time for those.
consttime_memequal is the same as the old consttime_bcmp.
explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots,
so please let me know.
rndsink(9):
- Simplify API.
- Simplify locking scheme.
- Add a man page.
- Avoid races in destruction.
- Avoid races in requesting entropy now and scheduling entropy later.
Periodic distribution of entropy to sinks reduces the need for the
last one, but this way we don't need to rely on periodic distribution
(e.g., in a future tickless NetBSD).
rndsinks_lock should probably eventually merge with the rndpool lock,
but we'll put that off for now.
cprng(9):
- Make struct cprng_strong opaque.
- Move rndpseudo.c parts that futz with cprng guts to subr_cprng.c.
- Fix kevent locking. (Is kevent locking documented anywhere?)
- Stub out rump cprng further until we can rumpify rndsink instead.
- Strip code to grovel through struct cprng_strong in fstat.
