with procfs's cmdline - from the PR:
The cmdline implementation in procfs is bogus. It's possible that
part of the fix is a workaround of a UVM problem - that is, when
(internally) accessing the top of the process VM (the end of the
args) a request for I/0 of a PAGE_SIZE'd block starting at less
than a PAGE_SIZE from the end of the mem space returns EINVAL
rather than the data that is available. Whether this is a bug
in UVM or not depends upon how it is defined to work, and I was
unable to determine that. (Simon Burge found that problem, and
provided the basis of the workaround/fix).
Then, the cmdline function is unable to read more than one
page of args, and a good thing too, as the way it is written
attempting to get more than that would reference into lala land.
And, on an attempt to read a lot of data when the above is
fixed, most of the data won't be returned, only the final block
of any read.
Tested on alpha, pmax, i386 and sparc.
a set of flags ("flags"). Two flags are defined, UPDATE_WAIT and
UPDATE_DIROP.
Under the old semantics, VOP_UPDATE would block if waitfor were set,
under the assumption that directory operations should be done
synchronously. At least LFS and FFS+softdep do not make this
assumption; FFS+softdep got around the problem by enclosing all relevant
calls to VOP_UPDATE in a "if(!DOINGSOFTDEP(vp))", while LFS simply
ignored waitfor, one of the reasons why NFS-serving an LFS filesystem
did not work properly.
Under the new semantics, the UPDATE_DIROP flag is a hint to the
fs-specific update routine that the call comes from a dirop routine, and
should be wait for, or not, accordingly.
Closes PR#8996.
in vfs_detach(). vfs_done may free global filesystem's resources,
typically those allocated in respective filesystem's init function.
Needed so those filesystems which went in via LKM have a chance to
clean after themselves before unloading. This fixes random panics
when LKM for filesystem using pools was loaded and unloaded several
times.
For each leaf filesystem, add appropriate vfs_done routine.
UFS code, and I forgot to rename the "ihash" variable, causing
weird effects, because 3/4th of the UFS hash table would become
unreachable after procfs was loaded as an LKM.
process is about to exec a sugid binary.
To speed up things, use hashing for vnode allocation, like other filesystems
do. This avoids walking the whole procfs node list in the revoke case too.
default, as the copyright on the main file (ffs_softdep.c) is such
that is has been put into gnusrc. options SOFTDEP will pull this
in. This code also contains the trickle syncer.
Bump version number to 1.4O
not set, unlock the vnode before calling the device's close routine and
relock it after it returns. tty close routines will sleep waiting for
buffers to drain, which won't happen often times as the other side needs
to grab the vnode lock first.
Make all unmount routines lock the device vnode before calling VOP_CLOSE().
Problem turned out to be due to improper handling of reads beyond EOF:
they should just return without error with the uio unchanged, and the
caller will recognize this as a zero-byte return (EOF).
The previous fix to protect directory reads against bogus uio_offset
values returned EINVAL, which broke mount -o union, which only
union'ed in the lower directory if the upper directory cleanly
returned EOF.
While we're here, protect kernfs as well.
call with F_FSCTL set and F_SETFL calls generate calls to a new
fileop fo_fcntl. Add genfs_fcntl() and soo_fcntl() which return 0
for F_SETFL and EOPNOTSUPP otherwise. Have all leaf filesystems
use genfs_fcntl().
Reviewed by: thorpej
Tested by: wrstuden
exists is bogus. The goal here is to produce a synthetic link count
which won't confuse fts and similar routines which "know" that
directories with a link count of 2 don't have subdirectories (and
thus, they can avoid having to stat every entry in the directory
looking for subdirectories which aren't there).
We know that non-UNIX filesystem implementations may return a link
count of `1' for directories with an indeterminate number of
subdirectories; if either the upper or lower layer returns a link
count of `1', return a link count of 1. If both layers return a link
count of 2, return a link count of 2; otherwise, return the sum of the
link count of both layers.
Also, fix PR7430: unionfs ignores read-only mounts. Check for
MNT_RDONLY in union_lookup (more-or-less as in layer_lookup) as well
as union_access() and union_setattr().
Note that a read-only union layer may still cause side effects on the
underlying filesystems... Most notably, we'll still attempt to create
shadow directories in the upper layer. Also, of course, we'll
side-effect atimes in the lower layer.
"panic: lockmgr: using decommisioned lock"
(only if DIAGNOSTIC)
The problem turned out to be due to the way LK_DRAIN was (not) handled
in union_lock; it just got passed through to the lock on the upper
vnode (which got marked as decommissioned, instead of that happening
to the union vnode. When the upper vnode was next locked (typically
when it was released), it went kaboom.
and PID allocation MP-safe. A new process state is added: SDEAD. This
state indicates that a process is dead, but not yet a zombie (has not
yet been processed by the process reaper).
SDEAD processes exist on both the zombproc list (via p_list) and deadproc
(via p_hash; the proc has been removed from the pidhash earlier in the exit
path). When the reaper deals with a process, it changes the state to
SZOMB, so that wait4 can process it.
Add a P_ZOMBIE() macro, which treats a proc in SZOMB or SDEAD as a zombie,
and update various parts of the kernel to reflect the new state.
getnewvnode now checks this bit, and it if's set makes sure a vnode's not
locked before removing it from the free list.
Closes PR 7954 by Alan Barrett <apb@iafrica.com>.
Update coda to new struct lock in struct vnode.
make fdescfs, kernfs, portalfs, and procfs actually lock their vnodes.
It's not that hard.
Make unionfs set v_vnlock = NULL so any overlayed fs will call its
VOP_LOCK.
the functionality of nullfs. The latter is now just a mount & unmount
routine, and a few tables. umapfs borrow most of this infrastructure.
Both fs's are now nfs-exportable.
All layered fs's share a common format to private mount & private
vnode structs (which a particular fs can extend).
Also add genfs_noerr_rele(), a vnode op which will vrele/vput
operand vnodes appropriately.
umap_unlock()) so as to not explicitly depend on nullfs being compiled
into the kernel.
umap_bypass won't be too slow as there are no credentials in these two ops
to need mapping.
count is 0, wait for use count to drain before finishing the close.
This is necessary in order for multiple processes to safely share file
descriptor tables.
deadlock in VOP_FSYNC() if the unreferenced vnode picked for
reclamation happened to be stacked on top of a vnode the process
already had locked. This could happen if the same filesystem was
accessed both through a union mount and directly; it seemed to happen
most frequently when the direct access was through NFS.
Avoid this deadlock by changing vinvalbuf to pass a new FSYNC_RECLAIM
flag bit to VOP_FSYNC() to indicate that a reclaim is in progress and
only a `shallow' fsync is necessary.
Do nothing in *_fsync() in umapfs, nullfs, and unionfs when
FSYNC_RECLAIM is set; the underlying vnodes will shortly be released
in *_reclaim and may be reclaimed (and fsync'ed) later.
Fix group mapping so members of group 0 get other group-ids mapped as well.
Avoid rename panic by checking (*this_vp_p) against NULLVP before
dereferencing it (same change as to NULLFS some time ago).
array of ARG_MAX size. ARG_MAX is currently 256k, which causes a rather
serious stack overflow (kernel stacks are not very large, usually 8k).
Fixes memory corruption problems observed after accessig /proc/1/cmdline
during tests. Problem in my case manifested itself as massive lossage
in ffs_sync(), resulting in a crash, and sometimes, pooched file systems.
XXX This could, and probably should, be rewritten to use a much smaller
temporary buffer, and a loop around uiomove().
- Don't error out on P_SYSTEM or SZOMB processes; instead, do what ps(1)
would do, i.e. the p_comm in parenthesis.
- Use uvm_io() (or procfs_rwmem() if !UVM) to read the target process's
psstrings and argument vector. Using copyin() is problematic, because
it operates on the current processes! That is, the old code would
always get the `cmdline' of the process reading the file, not that of
the target process.
to pass down a locked node. Modify union_copyup() to call VOP_CLOSE
locked nodes.
Also fix a bug in union_copyup() where a lock on the lower vnode would
only be released if VOP_OPEN didn't fail.
with UVM and seperate I&D-Cache). Mostly by Michael Hitch, but pass struct
proc * instead of the pmap. Reason: said machine will need a method to do
the syncing operation for "curproc", too; this way more code can be shared.
stop null_node_create() from locking the nullfs mountpoint multiple
times. Avoids a guaranteed, repeatably "locking against myself" panic
during mount of a nullfs filesystem. nullfs filesystems are still as
buggy as ever (e.g., see PR# 4907) but this you at least mount them.
not in the kernel, genfs_lease_check() is simply a no-op. This allows
LKM'd file systems to be exported (previously did not work properly
due to a compile-time decision based on -DNFSSERVER).
- defopt NFSSERVER
as with user-land programs, include files are installed by each directory
in the tree that has includes to install. (This allows more flexibility
as to what gets installed, makes 'partial installs' easier, and gives us
more options as to which machines' includes get installed at any given
time.) The old SYS_INCLUDES={symlinks,copies} behaviours are _both_
still supported, though at least one bug in the 'symlinks' case is
fixed by this change. Include files can't be build before installation,
so directories that have includes as targets (e.g. dev/pci) have to move
those targets into a different Makefile.
(1) Fix a typo that caused a NULL pointer deref.
(2) union_copyup() locks the vnode, so unlock it before calling relookup().
PR #5272, MINOURA, Makoto <minoura@kw.netlaputa.ne.jp>.
vn, with a 0 component. If the upper fs was a unionfs,
union_whiteout() would deref compnent to get a struct proc, and panic.
struct proc was only being passed to FIXUP, which never used it. It
turns out this happened a lot. I ripped most of the unneeded code
out, and left in the few places that really did need the proc handle.
(thus causing s_leader to become NULL) by storing the session ID separately
in the session structure. Export the session ID to userspace in the
eproc structure.
Submitted by Tom Proett <proett@nas.nasa.gov>.
UVM was written by chuck cranor <chuck@maria.wustl.edu>, with some
minor portions derived from the old Mach code. i provided some help
getting swap and paging working, and other bug fixes/ideas. chuck
silvers <chuq@chuq.com> also provided some other fixes.
this is the rest of the MI portion changes.
this will be KNF'd shortly. :-)
msgbuf. Note that old 'dmesg' and 'syslogd' binaries will continue running,
though old 'dmesg' binaries will output a few bytes of junk at the start of
the buffer, and will miss a few bytes at the end of the buffer.
not included in a kernel without procfs, and it seems wrong to pull
all of procfs_subr.c in for just that one function. Perhaps this
should go into a new file instead?
FreeBSD by Sean Eric Fagan, but a bit different. This makes the checks
in the same places as sef's FreeBSD patch, but does not hardcode the
"kmem" group into the kernel, and also does a check identical to the
(3) and (4) checks in the NetBSD ptrace(2):
(1) it's not owned by you, or is set-id on exec (unless
you're root), or
(2) it's init, which controls the security level of the
entire system, and the system was not compiled with
permanently insecure mode turned on.
* Did not check for P_SUGID on ATTACH.
* Did not check for tracing of init on ATTACH.
* Did not turn off single-step mode on RUN or DETACH.
* Might have screwed up reparenting in some cases.
* Allowed anyone to detach the process.
'const char *', and 'void *', respectively. The second arg is taken directly
from user arguments, and is const there, so must be const in the prototypes
and functions. The third arg is also taken directly from user arguments.
It doesn't have to be changed, but since it's cleaner to keep the type
the same as the user arg's type, and I'm already making the 'const char *'
change...
* Change the argument names to vop_link so they actually make sense.
* Implement vop_link and vop_symlink for all file systems, so they do proper
cleanup.
* Require the file system to decide whether or not linking and unlinking of
directories is allowed, and disable it for all current file systems.
* Change the argument names to vop_link so they actually make sense.
* Implement vop_link and vop_symlink for all file systems, so they do proper
cleanup.
* Require the file system to decide whether or not linking and unlinking of
directories is allowed, and disable it for all current file systems.
method of caching names has a totally bogus interface. kill *ALL*
caching of names when going through a lofs, because that's the only
way to make sure things always work right. Also, XXX the possibly-bogus
check i keep whining about. it's almost certainly wrong, but it's
too weird to modify significantly; even jsp didn't want to touch it...