means that zero is returned, and the kernel keeps mounting (and it
probably ends up in a deadlock/memory corruption somewhere).
2) 'nentries' and 'gnentries' are int and user-controlled, and there's no
check to ensure they are greater than zero. Since they are used to
compute the size of two copyin's, a user can control the copied size
by giving a negative value (like 128-2^29), and thus overwrite kernel
memory.
Both triggerable from root only.
switches and put into separate functions
- always KASSERT(solocked(so)) even if not implemented
(for PRU_CONNECT2 only)
- replace calls to pr_generic() with req = PRU_CONNECT2 with calls to
pr_connect2()
- replace calls to pr_generic() with req = PRU_PURGEIF with calls to
pr_purgeif()
put common code from unp_connect2() (used by unp_connect() into
unp_connect1() and call out to it when needed
patch only briefly reviewed by rmind@
- Key is (type, pid, fd)
- Remove argument "p" from procfs_allocvp(). It is only used
when "type == PFSfd". Lookup the proc with proc_find() when
procfs_loadvnode() needs it.
- Use a vfs_vnode_iterator for procfs_revoke_vnodes().
find.
The filesystem ones all call genfs_eopnotsupp - right now I am only
implementing the plumbing and we can implement fallocate and/or
fdiscard for files later.
The device ones call spec_fallocate (which is also genfs_eopnotsupp)
and spec_fdiscard, which dispatches to the device-level op.
The fifo ones all call vn_fifo_bypass, which also ends up being
EOPNOTSUPP.
- Remove field kfs_value, it is always zero. Compute the hash from kt_tag.
- Remove stray definitions kernfs_revoke_sa and kernfs_revoke_sp.
While here, remove kfs_type from allocvp(), it is always kt->kt_tag.
|Make the spec_node table implementation private to spec_vnops.c.
|To retrieve a spec_node, two new lookup functions (by device or by mount)
|are implemented. Both return a referenced vnode, for an opened block device
|the opened vnode is returned so further diagnostic checks "vp == ... sd_bdevvp"
|will not fire. Otherwise any vnode matching the criteria gets returned.
|No objections on tech-kern.
The effect was that ls /kernfs appeared empty in most cases.
the vnode operations vector for active vnodes is unsafe because it
is not known whether deadfs or the original file system will be
called.
- Pass down LK_RETRY to the lock operation (hint for deadfs only).
- Change deadfs lock operation to return ENOENT if LK_RETRY is unset.
- Change all other lock operations to check for dead vnode once
the vnode is locked and unlock and return ENOENT in this case.
With these changes in place vnode lock operations will never succeed
after vclean() has marked the vnode as VI_XLOCK and before vclean()
has changed the operations vector.
Adresses PR kern/37706 (Forced unmount of file systems is unsafe)
Discussed on tech-kern.
Welcome to 6.99.33
into the hashlist and discards the now unneeded node it will raise a
panic "dead but not clean".
Reorder the initialization and use ungetnewvnode() to discard the node.
- Make these defines and functions private to vfs_vnode.c:
VC_MASK, VC_LOCK, DOCLOSE, VI_IANCTREDO and VI_INACTNOW
vclean() and vrelel()
- Remove the long time unused lwp argument from vrecycle().
- Remove vtryget(), it is responsible for ugly hacks and doesn't
look that effective.
Presented on tech-kern.
Welcome to 6.99.25
