| Age | Commit message (Collapse) | Author |
|---|
|
There used to be a predefined null vattr for !DIAGNOSTIC
but that was removed in vnode.h rev 1.84 in 2007.
ok semarie@ miod@
|
|
accessed integer.
ok bluhm
|
|
not map nicely to UNVEIL_EXEC. But we don't know before calling
namei() if the path is a directory. Oh well, stick to UNVEIL_READ
for that case, it is going to be good enough for the typical case.
Worked out with jeremy after chrome/firefox Downloads directory issue.
|
|
for valid requests. This is because the nd.ni_unveil to namei() was
always UNVEIL_READ, regardless of the request amode. Building a
correct ni_unveil passes a new regression test, producing expected
results.
ok beck jeremy
|
|
Remove #if notyet/#endif chunk that references the never-defined STATFS_SOFTUPD.
ok jsg@
|
|
the latter supporting the ability to get timestamp resolution of
symlinks.
ok deraadt@ millert@
|
|
checks from all the filesystems that support hardlinks at all into
the VFS layer. Simplify, EPERM description in link(2).
ok miod@ mpi@
|
|
Softdep has been a no-op for some time now, this removes it to get
it out of the way.
Flensing mostly done in Talinn, with some help from krw@
ok deraadt@
|
|
Softdep is a significant impediment to progressing in the vfs layer
so we plan to get it out of the way. It is too clever for us to
continue maintaining as it is.
ok kettenis@ kn@ tobhe@ and most of the g2k23 room except bluhm@
|
|
time to delete the backwards compat padded functions in the kernel.
|
|
ok mpi@ miod@
|
|
to the padded syscalls going away.
|
|
ok guenther
|
|
This refactors the commin parts of sys_truncate() and sys_ftruncate()
into dotruncate(). If the new size of the file is larger than the
RLIMIT_FSIZE limit _and_ the file is being extended, not truncated,
return EFBIG. Adapted from a diff by Piotr Durlej.
With help from and OK by deraadt@ guenther@.
|
|
Ok deraadt@ guenther@
|
|
Ok deraat@
|
|
Switch libc and ld.so to the generic stubs for these calls.
WARNING: reboot to updated kernel before installing libc or ld.so!
Time for a story...
When gcc (back in 1.x days) first implemented long long, it didn't (always)
pass 64bit arguments in 'aligned' registers/stack slots, with the result that
argument offsets didn't match structure offsets. This affected the nine system
calls that pass off_t arguments:
ftruncate lseek mmap mquery pread preadv pwrite pwritev truncate
To avoid having to do custom ASM wrappers for those, BSD put an explicit pad
argument in so that the off_t argument would always start on a even slot and
thus be naturally aligned. Thus those odd wrappers in lib/libc/sys/ that use
__syscall() and pass an extra '0' argument.
The ABIs for different CPUs eventually settled how things should be passed on
each and gcc 2.x followed them. The only arch now where it helps is landisk,
which needs to skip the last argument register if it would be the first half of
a 64bit argument. So: add new syscalls without the pad argument and on landisk
do that skipping directly in the syscall handler in the kernel. Keep compat
support for the existing syscalls long enough for the transition.
ok deraadt@
|
|
it is a leftover from LOCKPARENT removal in NDINIT() (in rev 1.337)
ok mpi@
|
|
pass in the vnode to unveil_start_relative() like it is done for *at()
syscalls. This fixes an issue with fchdir() that actually did not correctly
reset this pointer when changing the working directory.
OK beck@
|
|
These traversed vnodes are a leftover from early times where realpath(3)
was still all done in userland.
OK semarie@
|
|
The code doesn't doesn't need it: the returned vnode is released
immediately. The string path is built from the namei() call using
REALPATH, during directories traversal.
Without LOCKLEAF, calling vrele() only is enough if namei() found a
file, instead of calling VOP_UNLOCK() + vrele().
ok claudio@ mpi@
|
|
function which need the lock (falloc, fdinsert, fdremove). In most cases
it is not correct to hold the lock while calling VFS functions or e.g.
closef since those aquire or release long lived VFS locks.
OK visa@ mvs@
|
|
if they are out of range, making it easier to isolate reason for EINVAL
ok cheloha
|
|
"syncprt" is unused since kern/vfs_syscalls.c r1.147 from 2008.
Adding new debug sysctls is a bit opaque and looking at kern/kern_sysctl.c
the only visible difference between used and stub ctldebug structs in the
debugvars[] array is their extern keyword, indicating that it is defined
elsewhere.
sys/sysctl.h declares all debugN members as extern upfront, but these
declarations are not needed.
Remove the unused debug sysctl, rename the only remaining one to something
meaningful and remove forward declarations from /sys/sysctl.h; this way,
adding new debug sysctls is a matter of adding extern and coming up with a
name, which is nicer to read on its own and better to grep for.
OK mpi
|
|
Adding "debug.my-knob" sysctls is really helpful to select different
code paths and/or log on demand during runtime without recompile,
but as this code is under DEBUG, lots of other noise comes with it
which is often undesired, at least when looking at specific subsystems
only.
Adding globals to the kernel and breaking into DDB to change them helps,
but that does not work over SSH, hence the need for debug sysctls.
Introduces DEBUG_SYSCTL to make use of the "debug" MIB without the rest of
DEBUG; it's DEBUG_SYSCTL and not SYSCTL_DEBUG because it's not a general
option for all of sysctl(2).
OK gnezdo
|
|
time_second(9) and time_uptime(9) are widely used in the kernel to
quickly get the system UTC or system uptime as a time_t. However,
time_t is 64-bit everywhere, so it is not generally safe to use them
on 32-bit platforms: you have a split-read problem if your hardware
cannot perform atomic 64-bit reads.
This patch replaces time_second(9) with gettime(9), a safer successor
interface, throughout the kernel. Similarly, time_uptime(9) is replaced
with getuptime(9).
There is a performance cost on 32-bit platforms in exchange for
eliminating the split-read problem: instead of two register reads you
now have a lockless read loop to pull the values from the timehands.
This is really not *too* bad in the grand scheme of things, but
compared to what we were doing before it is several times slower.
There is no performance cost on 64-bit (__LP64__) platforms.
With input from visa@, dlg@, and tedu@.
Several bugs squashed by visa@.
ok kettenis@
|
|
implementation file. Pushing the assignment of ps_uvpcwd down to
unveil_add() is required but it doesn't introduce any functional change.
ok mpi@ semarie@
|
|
file atomic. This also gets rid of the last kernel lock protected field
in the scope of struct file.
ok mpi@ visa@
|
|
toward MP-safety.
OK mpi@, anton@
|
|
intended for shm/fd passing, but for programs that may otherwise like
filesystem access.
ok beck deraadt kettenis
|
|
OK bluhm@
|
|
unmount this list is traversed and the dirty vnodes are flushed to
disk. Forced unmount expects that the list is empty after flushing,
otherwise the kernel panics with "dangling vnode". As the write
to disk can sleep, new vnodes may be inserted. If softdep is
enabled, resolving the dependencies creates new dirty vnodes and
inserts them to the list. To fix the panic, let insmntque() insert
new vnodes at the tail of the list. Then vflush() will still catch
them while traversing the list in forward direction.
OK tedu@ millert@ visa@
|
|
take a struct proc* instead of a struct process*, and vice versa making
unveil_lookup() take a process* instead of a proc*.
ok beck@
|
|
require this anymore since we now behave like posix.
Fixes a problem where a symlink to / would return ENOTDIR because
the parent could not be locked - noticed by Raimo Niskanen <raimo@erlang.org>
ok guenther@ deraadt@
|
|
sweep tree to correct NDIINT op and flags ahead of time. document
the requirement. This allows KERNELPATH to be used to bypass
unveil for crash dumps with nosuidcoredump=2 or 3
ok visa@ deraadt@ florian@
|
|
since realpath() is now a system call
ok deraadt@
|
|
the system call. Better use namei pool like sys___realpath() does.
OK semarie@ deraadt@
|
|
|
|
directory was written as "//". If there is no non-slash character
in the path name, use the spacial case for root.
found by gmake regression tests; OK naddy@ benno@
|
|
If parent and lookup vnode are equal, namei(9) locks them once but
reference counts twice.
from Moritz Buhl
|
|
serializing both read/write operations using the existing file mutex.
The vnode lock still grants exclusive write access to the offset; the
mutex is only used to make the actual write atomic and prevent any
concurrent reader from observing intermediate values.
ok mpi@ visa@
|
|
if the parent and the lookup vnode are equal, namei(9) reference
counts both. So release the parent vnode uncoditionally.
OK visa@
|
|
files into the common namei.h header.
OK deraadt@
|
|
|
|
It should return ENOENT in this case, but was returning EINVAL.
ok bluhm@ deraadt@
|
|
return expression.
|
|
sleeping, allowing the file offset to change. This is part of the
ongoing effort to protect the file offset using the vnode lock.
ok mpi@ visa@
|
|
|
|
to not succeed on final path components that do not exist.
The original implmentation succeeded in these cases.
ok bluhm@
|
|
https://marc.info/?l=openbsd-cvs&m=156277704122293&w=2
ok anton@
|
