summaryrefslogtreecommitdiffstats
path: root/sys/fs
Commit message (Collapse)AuthorAgeFilesLines
* Add calls to the experimental nfs client for the case of an "intr" mount,rmacklem2009-07-121-1/+16
| | | | | | | so that signals that aren't supposed to terminate RPCs in progress are masked off during the RPC. Approved by: re (kensmith), kib (mentor)
* Fix the handling of dotdot in lookup for the experimental nfs clientrmacklem2009-07-121-0/+2
| | | | | | in a manner analagous to the change in r195294 for the regular nfs client. Approved by: re (kensmith), kib (mentor)
* Since the nfscl_getclose() function both decremented open counts and,rmacklem2009-07-093-183/+178
| | | | | | | | | | | | | optionally, created a separate list of NFSv4 opens to be closed, it was possible for the associated OpenOwner to be free'd before the Open was closed. The problem was that the Open was taken off the OpenOwner list before the Close RPC was done and OpenOwners can be free'd once the list is empty. This patch separates out the case of doing the Close RPC into a separate function called nfscl_doclose() and simplifies nfsrpc_doclose() so that it closes a single open instead of a list of them. This avoids removing the Open from the OpenOwner list before doing the Close RPC. Approved by: re (kensmith), kib (mentor)
* Fix poll(2) and select(2) for named pipes to return "ready for read"kib2009-07-071-20/+14
| | | | | | | | | | | | | | | | | when all writers, observed by reader, exited. Use writer generation counter for fifo, and store the snapshot of the fifo generation in the f_seqcount field of struct file, that is otherwise unused for fifos. Set FreeBSD-undocumented POLLINIGNEOF flag only when file f_seqcount is equal to fifo' fi_wgen, and revert r89376. Fix POLLINIGNEOF for sockets and pipes, and return POLLHUP for them. Note that the patch does not fix not returning POLLHUP for fifos. PR: kern/94772 Submitted by: bde (original version) Reviewed by: rwatson, jilles Approved by: re (kensmith) MFC after: 6 weeks (might be)
* In vn_vget_ino() and their inline equivalents, mnt_ref() the mount pointkib2009-07-021-0/+2
| | | | | | | | | | | around the sequence that drop vnode lock and then busies the mount point. Not having vlocked node or direct reference to the mp allows for the forced unmount to proceed, making mp unmounted or reused. Tested by: pho Reviewed by: jeff Approved by: re (kensmith) MFC after: 2 weeks
* Change the type of uio_resid member of struct uio from int to ssize_t.kib2009-06-253-5/+5
| | | | | | | | Note that this does not actually enable full-range i/o requests for 64 architectures, and is done now to update KBI only. Tested by: pho Reviewed by: jhb, bde (as part of the review of the bigger patch)
* Add a new global rwlock, in_ifaddr_lock, which will synchronize use of therwatson2009-06-251-0/+4
| | | | | | | | | | | | | | | | | | | in_ifaddrhead and INADDR_HASH address lists. Previously, these lists were used unsynchronized as they were effectively never changed in steady state, but we've seen increasing reports of writer-writer races on very busy VPN servers as core count has gone up (and similar configurations where address lists change frequently and concurrently). For the time being, use rwlocks rather than rmlocks in order to take advantage of their better lock debugging support. As a result, we don't enable ip_input()'s read-locking of INADDR_HASH until an rmlock conversion is complete and a performance analysis has been done. This means that one class of reader-writer races still exists. MFC after: 6 weeks Reviewed by: bz
* Implement global and per-uid accounting of the anonymous memory. Addkib2009-06-232-4/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | rlimit RLIMIT_SWAP that limits the amount of swap that may be reserved for the uid. The accounting information (charge) is associated with either map entry, or vm object backing the entry, assuming the object is the first one in the shadow chain and entry does not require COW. Charge is moved from entry to object on allocation of the object, e.g. during the mmap, assuming the object is allocated, or on the first page fault on the entry. It moves back to the entry on forks due to COW setup. The per-entry granularity of accounting makes the charge process fair for processes that change uid during lifetime, and decrements charge for proper uid when region is unmapped. The interface of vm_pager_allocate(9) is extended by adding struct ucred *, that is used to charge appropriate uid when allocation if performed by kernel, e.g. md(4). Several syscalls, among them is fork(2), may now return ENOMEM when global or per-uid limits are enforced. In collaboration with: pho Reviewed by: alc Approved by: re (kensmith)
* Add explicit struct ucred * argument for VOP_VPTOCNP, to be used bykib2009-06-211-1/+2
| | | | | | | | | | vn_open_cred in default implementation. Valid struct ucred is needed for audit and MAC, and curthread credentials may be wrong. This further requires modifying the interface of vn_fullpath(9), but it is out of scope of this change. Reviewed by: rwatson
* In non-debugging mode make this define (void)0 instead of nothing. Thisrdivacky2009-06-211-3/+3
| | | | | | | | | | helps to catch bugs like the below with clang. if (cond); <--- note the trailing ; something(); Approved by: ed (mentor) Discussed on: current@
* Replace RPCAUTH_UNIXGIDS with NFS_MAXGRPS so that nfscbd.c will build.rmacklem2009-06-202-3/+3
| | | | Approved by: kib (mentor)
* Improve nested jail awareness of devfs by handling credentials.ed2009-06-201-0/+22
| | | | | | | | | | | | | | | | | | Now that we start to use credentials on character devices more often (because of MPSAFE TTY), move the prison-checks that are in place in the TTY code into devfs. Instead of strictly comparing the prisons, use the more common prison_check() function to compare credentials. This means that pseudo-terminals are only visible in devfs by processes within the same jail and parent jails. Even though regular users in parent jails can now interact with pseudo-terminals from child jails, this seems to be the right approach. These processes are also capable of interacting with the jailed processes anyway, through signals for example. Reviewed by: kib, rwatson (older version)
* Change the size of the nfsc_groups[] array in the experimental nfsrmacklem2009-06-202-5/+5
| | | | | | | | client to RPCAUTH_UNIXGIDS + 1 (17), since that is what can go on the wire for AUTH_SYS authentication. Reviewed by: brooks Approved by: kib (mentor)
* Rework the credential code to support larger values of NGROUPS andbrooks2009-06-197-31/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | NGROUPS_MAX, eliminate ABI dependencies on them, and raise the to 1024 and 1023 respectively. (Previously they were equal, but under a close reading of POSIX, NGROUPS_MAX was defined to be too large by 1 since it is the number of supplemental groups, not total number of groups.) The bulk of the change consists of converting the struct ucred member cr_groups from a static array to a pointer. Do the equivalent in kinfo_proc. Introduce new interfaces crcopysafe() and crsetgroups() for duplicating a process credential before modifying it and for setting group lists respectively. Both interfaces take care for the details of allocating groups array. crsetgroups() takes care of truncating the group list to the current maximum (NGROUPS) if necessary. In the future, crsetgroups() may be responsible for insuring invariants such as sorting the supplemental groups to allow groupmember() to be implemented as a binary search. Because we can not change struct xucred without breaking application ABIs, we leave it alone and introduce a new XU_NGROUPS value which is always 16 and is to be used or NGRPS as appropriate for things such as NFS which need to use no more than 16 groups. When feasible, truncate the group list rather than generating an error. Minor changes: - Reduce the number of hand rolled versions of groupmember(). - Do not assign to both cr_gid and cr_groups[0]. - Modify ipfw to cache ucreds instead of part of their contents since they are immutable once referenced by more than one entity. Submitted by: Isilon Systems (initial implementation) X-MFC after: never PR: bin/113398 kern/133867
* Fix some of the style errors in *getpages().alc2009-06-181-18/+13
|
* Add the SVC_RELEASE(xprt), as required by r194407.rmacklem2009-06-172-0/+2
| | | | Approved by: kib (mentor)
* Add explicit includes for jail.h to the files that need them andbz2009-06-171-0/+1
| | | | remove the "hidden" one from vimage.h.
* Fix handling of ".." in nfs_lookup() for the forced dismount casermacklem2009-06-171-14/+36
| | | | | | by cribbing the change made to the regular nfs client in r194358. Approved by: kib (mentor)
* Add the explicit include of vimage.h to another five .c files stillbz2009-06-171-0/+1
| | | | | | | missing it. Remove the "hidden" kernel only include of vimage.h from ip_var.h added with the very first Vimage commit r181803 to avoid further kernel poisoning.
* Remove the "int *" typecast for the aresid argument to vn_rdwr()rmacklem2009-06-162-2/+2
| | | | | | | | and change the type of the argument from size_t to int. This should avoid issues on 64bit architectures. Suggested by: kib Approved by: kib (mentor)
* Eliminate unnecessary variables.alc2009-06-131-4/+2
|
* Rename the host-related prison fields to be the same as the host.*jamie2009-06-131-1/+2
| | | | | | | parameters they represent, and the variables they replaced, instead of abbreviated versions of them. Approved by: bz (mentor)
* Use getcredhostuuid instead of accessing the prison directly.jamie2009-06-131-5/+1
| | | | Approved by: bz (mentor)
* Update the inline version of vn_get_ino() for ".." lookups to match thejhb2009-06-121-6/+8
| | | | | | recentish changes to vn_get_ino(). MFC after: 1 week
* This commit is analagous to r193952, but for the experimental nfsrmacklem2009-06-101-8/+15
| | | | | | | | | | | subsystem. Add a test for VI_DOOMED just after ncl_upgrade_vnlock() in ncl_bioread_check_cons(). This is required since it is possible for the vnode to be vgonel()'d while in ncl_upgrade_vnlock() when a forced dismount is in progress. Also, move the check for VI_DOOMED in ncl_vinvalbuf() down to after ncl_upgrade_vnlock() and replace the out of date comment for it. Approved by: kib (mentor)
* For cd9660_ioctl, check for recycled vnode after locking it.kib2009-06-101-0/+4
| | | | | Noted by: Jaakko Heinonen <jh saunalahti fi> MFC after: 2 weeks
* Fix r193923 by noting that type of a_fp is struct file *, not int.kib2009-06-102-2/+2
| | | | | | | It was assumed that r193923 was trivial change that cannot be done wrong. MFC after: 2 weeks
* s/a_fdidx/a_fp/ for VOP_OPEN comments that inline struct vop_open_argskib2009-06-103-3/+3
| | | | | | | definition. Discussed with: bde MFC after: 2 weeks
* Remove unused VOP_IOCTL and VOP_KQFILTER implementations for fifofs.kib2009-06-101-40/+2
| | | | MFC after: 2 weeks
* VOP_IOCTL takes unlocked vnode as an argument. Due to this, v_data maykib2009-06-103-14/+49
| | | | | | | | | | | | be NULL or derefenced memory may become free at arbitrary moment. Lock the vnode in cd9660, devfs and pseudofs implementation of VOP_IOCTL to prevent reclaim; check whether the vnode was already reclaimed after the lock is granted. Reported by: georg at dts su Reviewed by: des (pseudofs) MFC after: 2 weeks
* Since vn_lock() with the LK_RETRY flag never returns an errorrmacklem2009-06-091-7/+11
| | | | | | | | | for FreeBSD-CURRENT, the code that checked for and returned the error was broken. Change it to check for VI_DOOMED set after vn_lock() and return an error for that case. I believe this should only happen for forced dismounts. Approved by: kib (mentor)
* Fix nfscl_getcl() so that it doesn't crash when it is called tormacklem2009-06-081-20/+29
| | | | | | | do an NFSv4 Close operation with the cred argument NULL. Also, clarify what NULL arguments mean in the function's comment. Approved by: kib (mentor)
* Use #ifdef APPLE_MAC instead of #ifdef MAC to conditionalize Apple-specificrwatson2009-06-061-2/+2
| | | | | | | | | | behavior for unicode support in UDF so as not to conflict with the MAC Framework. Note that Apple's XNU kernel also uses #ifdef MAC for the MAC Framework. Suggested by: pjd MFC after: 3 days
* Drop Giant.des2009-06-061-12/+14
| | | | MFC after: 1 week
* Move "options MAC" from opt_mac.h to opt_global.h, as it's now in GENERICrwatson2009-06-055-9/+3
| | | | | | | | and used in a large number of files, but also because an increasing number of incorrect uses of MAC calls were sneaking in due to copy-and-paste of MAC-aware code without the associated opt_mac.h include. Discussed with: pjd
* Don't check MAC in the NFS server ACL set path, right now we aren'trwatson2009-06-051-4/+0
| | | | enforcing MAC for NFS clients.
* Re-add opt_mac.h include, which is required in order for MNT_MULTILABELrwatson2009-06-041-0/+2
| | | | | | | | to be set properly on devfs. Otherwise, it isn't possible to set labels on /dev nodes. Reported by: Sergio Rodriguez <sergiorr at yahoo.com> MFC after: 3 days
* nfs_write() can use the recently introduced vfs_bio_set_valid() instead ofalc2009-05-311-1/+1
| | | | | | vfs_bio_set_validclean(), thereby avoiding the page queues lock. Garbage collect vfs_bio_set_validclean(). Nothing uses it any longer.
* Unlock the pseudofs vnode before calling fill method for pfs_readlink().kib2009-05-311-1/+6
| | | | | | | | | The fill code may need to lock another vnode, e.g. procfs file implementation. Reviewed by: des Tested by: pho MFC after: 2 weeks
* Implement the bypass routine for VOP_VPTOCNP in nullfs.kib2009-05-311-1/+50
| | | | | | | | Among other things, this makes procfs <pid>/file working for executables started from nullfs mount. Tested by: pho PR: 94269, 104938
* Do not drop vnode interlock in null_checkvp(). null_lock() verifies thatkib2009-05-311-22/+7
| | | | | | | | | | | v_data is not-null before calling NULLVPTOLOWERVP(), and dropping the interlock allows for reclaim to clean v_data and free the memory. While there, remove unneeded semicolons and convert the infinite loops to panics. I have a will to remove null_checkvp() altogether, or leave it as a trivial stub, but not now. Reported and tested by: pho
* Lock the real null vnode lock before substitution of vp->v_vnlock.kib2009-05-311-3/+4
| | | | | | | | This should not really matter for correctness, since vp->v_lock is not locked before the call, and null_lock() holds the interlock, but makes the control flow for reclaim more clear. Tested by: pho
* Unbreak options VIMAGE kernel builds.zec2009-05-312-1/+2
| | | | Approved by: julian (mentor)
* Add a check to v_type == VREG for the recently modified code thatrmacklem2009-05-301-11/+11
| | | | | | | | does NFSv4 Closes in the experimental client's VOP_INACTIVE(). I also replaced a bunch of ap->a_vp with a local copy of vp, because I thought that made it more readable. Approved by: kib (mentor)
* Add VOP_ACCESSX, which can be used to query for newly added V*trasz2009-05-301-0/+27
| | | | | | | | permissions, such as VWRITE_ACL. For a filsystems that don't implement it, there is a default implementation, which works as a wrapper around VOP_ACCESS. Reviewed by: rwatson@
* Place hostnames and similar information fully under the prison system.jamie2009-05-294-20/+24
| | | | | | | | | | | | | | | | | The system hostname is now stored in prison0, and the global variable "hostname" has been removed, as has the hostname_mtx mutex. Jails may have their own host information, or they may inherit it from the parent/system. The proper way to read the hostname is via getcredhostname(), which will copy either the hostname associated with the passed cred, or the system hostname if you pass NULL. The system hostname can still be accessed directly (and without locking) at prison0.pr_host, but that should be avoided where possible. The "similar information" referred to is domainname, hostid, and hostuuid, which have also become prison parameters and had their associated global variables removed. Approved by: bz (mentor)
* Make *getpages()s' assertion on the state of each page's dirty bitsalc2009-05-282-2/+2
| | | | stricter.
* Use a temporary variable to avoid a duplicate strlen().des2009-05-281-2/+3
| | | | | Submitted by: kib MFC after: 1 week
* Fix handling of NFSv4 Close operations in ncl_inactive(). Onlyrmacklem2009-05-271-7/+13
| | | | | | | | do them for NFSv4 and flush writes to the server before doing the Close(s), as required. Also, use the a_td argument instead of curthread. Approved by: kib (mentor)
* Eliminate redundant setting of a page's valid bits and pointless clearingalc2009-05-271-2/+2
| | | | of the same page's dirty bits.
OpenPOWER on IntegriCloud