function call instead of a call through a function pointer.
Apparently powerpc ld.elf_so gets __hackish_return_address() wrong
if the call is done through a function pointer (digging deeper into
that stuff is beyond my interest).
Thanks to riz for providing access to a macppc for debugging.
Unthanks to the broken toolchain in the default installation which
wasted approximately 4 hours of time last night.
on all platforms except VAX and IA64. Add fast access via register for
AMD64, i386 and SH3 ports. Use this fast access in libpthread to replace
the stack based pthread_self(). Implement skeleton support for Alpha,
HPPA, PowerPC, SPARC and SPARC64, but leave it disabled.
Ports that support this feature provide __HAVE____LWP_GETPRIVATE_FAST in
machine/types.h and a corresponding __lwp_getprivate_fast in
machine/mcontext.h.
This material is based upon work partially supported by
The NetBSD Foundation under a contract with Joerg Sonnenberger.
module which is compiled -fno-optimize-sibling-calls instead of
trying to fool the optimizer in various ways in the trampoline.
thanks to yamt for the tip
for weak references. GCC 4.2+ and Clang require static, older GCC wants
extern. Change __weak_reference to include sym. This requires changes
the existing users to not reuse the name of the symbol, but avoids
further differences between GCC 4.1 and GCC 4.2+/clang.
open for the fd. Prevents collision with rumphijack.
Also, prevent potential hyperspace memory access.
Does someone want to write tests for this facility?
be hijacked. If it's not specified, the default is
"path=/rump,socket=all:nolocal".
So, if you're moof and want to relive your domain/os days (??),
you can do this:
pain-rustique:51:~> setenv RUMPHIJACK 'path=//'
pain-rustique:52:~> df //dev
Filesystem 1K-blocks Used Avail %Cap Mounted on
rumpfs 1 1 0 100% /
pain-rustique:53:~> df /dev
Filesystem 1K-blocks Used Avail %Cap Mounted on
/dev/wd0a 1019864 280640 688232 28% /
where you can mount a file system with a userspace server *without*
it having to go through puffs.
Say, you first start a server with ffs capability and map a host
ffs image into it:
rump_server -lrumpvfs -lrumpfs_ffs \
-d key=/ffsimg,hostpath=ffs2.img,size=e unix:///tmp/ffsserv
Then, configure your shell to talk to the rump server:
setenv RUMP_SERVER unix:///tmp/ffsserv
setenv LD_PRELOAD /usr/lib/librumphijack.so
Create a mountpoint and mount the file system:
pain-rustique:60:~> sh
$ cd /rump
$ ls
dev
$ ls -l
total 1
drwxr-xr-x 2 root wheel 512 Feb 17 18:00 dev
$ mkdir mnt
$ mount_ffs /ffsimg /rump/mnt
mount_ffs: Warning: realpath /ffsimg: No such file or directory
$ df -h mnt
Filesystem Size Used Avail %Cap Mounted on
/ffsimg 496M 380M 91M 80% /mnt
$ du -sckh *
192K dev
380M mnt
381M total
$ umount -R mnt
$ df -h mnt
Filesystem Size Used Avail %Cap Mounted on
rumpfs 1.0K 1.0K 0B 100% /
$
(note, you need -R to umount due to various degrees of unsuccesful
magic it attempts to perform without it)
distinct file descriptors, but the rump kernel thinks they are both
the same. Now, if either one is closed by the application, "both"
will be closed in the rump kernel. To fix this, maintain an
alias-mask. It's not a perfect solution, though (consider e.g.
F_SETFL). Maybe we should actually dup the fd and maintain a
mapping table?
Also, prevent the host from opening file descriptors onto the places
in the fd namespace that have been dupped.
These together fix "cat < /rump/foo" in a hijacked /bin/sh.
(the first one makes sure stdin is open in cat and the second one
makes sure it doesn't try to cat something from /usr/share/locale
instead of stdin)
/rump are hijacked to go to the rump server. So you can e.g. start
a hijacked shell and cd to /rump:
$ cd /rump
$ pwd
/rump
$ ls -l dev/null
crwxr-xr-x 1 root wheel 2, 2 Feb 17 12:35 dev/null
$ ls -l /dev/null
crw-rw-rw- 1 root wheel 2, 2 Dec 22 2009 /dev/null
$ chmod 0 /dev/null
chmod: /dev/null: Operation not permitted
$ chmod 0 dev/null
$ ls -l /rump/dev/null
c--------- 1 root wheel 2, 2 Feb 17 12:35 /rump/dev/null
(of course the rump server must have vfs loaded for that to work)
while for some cases attempting retry after server restart works
brilliantly (e.g. firefox), in other cases it's quite disasterous
(sshd doesn't like its file descriptors going missing and does not
attempt to reopen them, leading to a quite catastophic loop of
EBADF once the server does come back)
* rename RUMPHIJACK_RETRY to the slightly more sensible
RUMPHIJACK_RETRYCONNECT
rump tcp/ip stack:
* sshd likes to fork and then re-exec itself
==> trap execve() and augment the env with the current parameters
essential to a rump kernel (kernel communication fd, information
about dup2'd file descriptors)
* sshd likes to play lots of games with pipes, socketpairs and dup{,2}()
==> make sure we do not close essential rump client descriptors:
dup() them to a safe place, except for F_CLOSEM where we
simply leave them alone. also, partially solved by the above,
make sure the process's set of rump kernel descriptors persists
over exec()
* sshd likes to chdir() before exec
==> for unix-style rump_sp(7) sockets save the full path on the
initial exec and use it afterwards. thread the path through
the environment in execve()
expired it would assume that all input set descriptors had activity.
In case we get rv == 0 from the poll backend, zero out the fd sets
to signal that in fact no descriptors have activity.
Before this commit ssh was "jittery" when run through a rump tcp/ip
stack (interactive sessions kept blocking on stdin and you had to
"peddle" the connection). Now it works smoothly ... or at least
smoothly enough so that this commit could be done through a rump
tcp/ip stack:
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS
root ssh 125 0 tcp localhost.65517 cvs.netbsd.org.22
TCP/IP stack:
* mutt prepares to exec the smtp client: it forks and closes all
file descriptors
* when the next networking syscall is done, rumpclient detects that
the communication fd returned EBADF and does a reconnect,
gets descriptor 0 for the socket and descriptor 1 for kqueue
* mutt opens the mail file and implicitly assumes it'll get 0-2,
but in fact gets 2-4
* mutt execs the smtp agent which tries to read the mail from
stdin (rumpclient communication socket) and fails
Even if mutt correctly did dup2() things would go south when trying
to communicate with the kernel server the next time, since rumpclient
would actually be talking with some mail body instead (well, it
could work, but in that case you'd need to write *really* weird
mails ;).
Hence, prevent rumpclient from using the special fd's 0-2 for its
purposes.
Should fix mutt problem reported by Alexander Nasonov.
libc resolver uses it. Error out in case of rump fd kevent (TODO).
Fixes one more problem pointed out by Alexander Nasonov.
Also, implement dup().
(TODO: implement it along the fcntl path too)
to access, manage and manipulate device-mapper driver. Which opens us bunch
of new possibilities like
dm-multipath device target
dm-crypt device target
dm-ccd compatibility layer
With this import I'm bringing in dmctl tool for working with dm driver ,too.
I plan to replace gpl2 licensed dmsetup command with our dmctl tool in near
feature. It can also by placed to /rescue where we was not able to put
dmsetup because of licensing problems.
With libdm in tree we can now write RUMP atf test suite for dm driver to
ensure LVM subsystem stability as time goes.
Reviewed by: blymn@ and rmind@
Oked: by no objections on tech-userlevel@
it. I still don't have any idea what the ssp stuff is supposed to
do and how it's supposed to even begin to work. If someone wants
to change this now, run tests/lib/librumphijack before commit so
that I can avoid another multihour debugging session!
a wedge. This still lacks the proplibistic query of the sector
size and just assumes 512. It's good that we make asking a file's
size as simple as requiring one stat(), one open() and three (3)
different ioctls plus some proplist mumbojumbo. I'm surprised it's
available at all by means other than #wish.
code mostly from Taylor R Campbell, rant from me.
two or more syscall requests before any worker thread ran, we might
not have enough threads to handle the requests. In some scenarios
this could lead to a deadlock.
- Add libnpf(3) - a library to control NPF (configuration, ruleset, etc).
- Add NPF support for ftp-proxy(8).
- Add rc.d script for NPF.
- Convert npfctl(8) to use libnpf(3) and thus make it less depressive.
Note: next clean-up step should be a parser, once dholland@ will finish it.
- Add more documentation.
- Various fixes.
reconnect in case the connection to the server is lost. Default
to exactly one reattempt. This makes sense and additionally fixes
the dev/raidframe/smalldisk test which currently causes a server
panic when a certain raidctl command is run (without this fix the
test would timeout since the client kept attempting to reconnect).
the compiler loses information about the size of the object. So instead of
the hacky #define mess we did before, add a way to inject our function between
the user call and the system call.
NetBSD/emips port runs on Xilinx and Beecube FPGA systems and the
Giano system simulator.
eMIPS is a platform developed at Microsoft Research for researching
reconfigurable computing. eMIPS allows dynamic loading and scheduling
of application-specific circuits for the purpose of accelerating
computations based on the current workload.
NetBSD eMIPS support for NetBSD 4.x was written at Microsoft Research
by Alessandro Forin and Neil Pittman. Microsoft Corporation has
donated full copyright to The NetBSD Foundation.
Platform support for eMIPS is the first part of Microsoft's
contribution. The second part includes the hardware accelerator
framework and will be proposed on tech-kern soon.
with adding new calls and makes all existing fd-accepting hijacked
calls dual-kernel. It would be better to autogenerate the code
from syscalls.master, but this is easier for now.
the kernel server is lost, the client will now automatically attempt
to reconnect.
Among other things, this makes it possible to "reboot" and restart
the TCP/IP stack from under firefox without any perceivable less
of service. If pages were loading at the time the TCP/IP server
was killed, there may be some broken links, but nothing a ctrl-r
cannot fix.
pooka