From owner-svn-src-stable@FreeBSD.ORG Mon Feb 16 16:36:32 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4F428106564A; Mon, 16 Feb 2009 16:36:32 +0000 (UTC) (envelope-from luigi@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 3DC478FC18; Mon, 16 Feb 2009 16:36:32 +0000 (UTC) (envelope-from luigi@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n1GGaWLZ067187; Mon, 16 Feb 2009 16:36:32 GMT (envelope-from luigi@svn.freebsd.org) Received: (from luigi@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n1GGaWDO067186; Mon, 16 Feb 2009 16:36:32 GMT (envelope-from luigi@svn.freebsd.org) Message-Id: <200902161636.n1GGaWDO067186@svn.freebsd.org> From: Luigi Rizzo Date: Mon, 16 Feb 2009 16:36:32 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org X-SVN-Group: stable-7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r188679 - stable/7/sys/netinet X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Feb 2009 16:36:33 -0000 Author: luigi Date: Mon Feb 16 16:36:31 2009 New Revision: 188679 URL: http://svn.freebsd.org/changeset/base/188679 Log: make the dependency on lock.h and mutex.h explicit instead of inheriting them from net/if.h Modified: stable/7/sys/netinet/ip_dummynet.c Modified: stable/7/sys/netinet/ip_dummynet.c ============================================================================== --- stable/7/sys/netinet/ip_dummynet.c Mon Feb 16 15:32:12 2009 (r188678) +++ stable/7/sys/netinet/ip_dummynet.c Mon Feb 16 16:36:31 2009 (r188679) @@ -62,7 +62,9 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include +#include #include #include #include @@ -70,7 +72,7 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include /* IFNAMSIZ, struct ifaddr, ifq head, lock.h mutex.h */ +#include /* IFNAMSIZ, struct ifaddr, ifq head */ #include #include #include /* ip_len, ip_off */ From owner-svn-src-stable@FreeBSD.ORG Mon Feb 16 16:48:50 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1898B10656CC; Mon, 16 Feb 2009 16:48:50 +0000 (UTC) (envelope-from luigi@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id EEA158FC15; Mon, 16 Feb 2009 16:48:49 +0000 (UTC) (envelope-from luigi@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n1GGmn2m068532; Mon, 16 Feb 2009 16:48:49 GMT (envelope-from luigi@svn.freebsd.org) Received: (from luigi@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n1GGmnYQ068531; Mon, 16 Feb 2009 16:48:49 GMT (envelope-from luigi@svn.freebsd.org) Message-Id: <200902161648.n1GGmnYQ068531@svn.freebsd.org> From: Luigi Rizzo Date: Mon, 16 Feb 2009 16:48:49 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org X-SVN-Group: stable-7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r188680 - stable/7/sys/netinet X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Feb 2009 16:48:52 -0000 Author: luigi Date: Mon Feb 16 16:48:49 2009 New Revision: 188680 URL: http://svn.freebsd.org/changeset/base/188680 Log: various cleanup (mostly MFC, one not applicable to head): - remove 3 unneeded headers (this is not applicable to head); - replace netinet/if_ether.h with net/ethernet.h which is really needed; - add missing #ifdef SYSCTL_NODE / #endif - use the 'ch' argument instead of &layer3_chain when adding entries to a table; - remove an assigment within a conditional; - properly initialize a couple of variables - use a constant format string in a log message - remove unnecessary braces and simplify the error messages in IP_FW_NAT_* handler Modified: stable/7/sys/netinet/ip_fw2.c Modified: stable/7/sys/netinet/ip_fw2.c ============================================================================== --- stable/7/sys/netinet/ip_fw2.c Mon Feb 16 16:36:31 2009 (r188679) +++ stable/7/sys/netinet/ip_fw2.c Mon Feb 16 16:48:49 2009 (r188680) @@ -48,8 +48,6 @@ __FBSDID("$FreeBSD$"); #include #include -#include -#include #include #include #include @@ -58,12 +56,12 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include #include #include #include #include +#include /* for ETHERTYPE_IP */ #include #include #include @@ -94,8 +92,6 @@ __FBSDID("$FreeBSD$"); #include #endif -#include /* XXX for ETHERTYPE_IP */ - #include /* XXX for in_cksum */ #ifdef MAC @@ -111,11 +107,10 @@ __FBSDID("$FreeBSD$"); * Rules in set RESVD_SET can only be deleted explicitly. */ static u_int32_t set_disable; - static int fw_verbose; +static struct callout ipfw_timeout; static int verbose_limit; -static struct callout ipfw_timeout; static uma_zone_t ipfw_dyn_rule_zone; /* @@ -176,6 +171,9 @@ SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, ve &verbose_limit, 0, "Set upper limit of matches of ipfw rules logged"); SYSCTL_UINT(_net_inet_ip_fw, OID_AUTO, default_rule, CTLFLAG_RD, NULL, IPFW_DEFAULT_RULE, "The default/max possible rule number."); +SYSCTL_UINT(_net_inet_ip_fw, OID_AUTO, tables_max, CTLFLAG_RD, + NULL, IPFW_TABLES_MAX, "The maximum number of tables."); +#endif /* SYSCTL_NODE */ /* * Description of dynamic rules. @@ -252,6 +250,7 @@ static u_int32_t static_len; /* size in static u_int32_t dyn_count; /* # of dynamic rules */ static u_int32_t dyn_max = 4096; /* max # of dynamic rules */ +#ifdef SYSCTL_NODE SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_buckets, CTLFLAG_RW, &dyn_buckets, 0, "Number of dyn. buckets"); SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, curr_dyn_buckets, CTLFLAG_RD, @@ -276,17 +275,19 @@ SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dy &dyn_short_lifetime, 0, "Lifetime of dyn. rules for other situations"); SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_keepalive, CTLFLAG_RW, &dyn_keepalive, 0, "Enable keepalives for dyn. rules"); +#endif /* SYSCTL_NODE */ #ifdef INET6 /* * IPv6 specific variables */ +#ifdef SYSCTL_NODE SYSCTL_DECL(_net_inet6_ip6); +#endif /* SYSCTL_NODE */ static struct sysctl_ctx_list ip6_fw_sysctl_ctx; static struct sysctl_oid *ip6_fw_sysctl_tree; #endif /* INET6 */ -#endif /* SYSCTL_NODE */ static int fw_deny_unknown_exthdrs = 1; @@ -1773,6 +1774,7 @@ add_table_entry(struct ip_fw_chain *ch, { struct radix_node_head *rnh; struct table_entry *ent; + struct radix_node *rn; if (tbl >= IPFW_TABLES_MAX) return (EINVAL); @@ -1784,14 +1786,14 @@ add_table_entry(struct ip_fw_chain *ch, ent->addr.sin_len = ent->mask.sin_len = 8; ent->mask.sin_addr.s_addr = htonl(mlen ? ~((1 << (32 - mlen)) - 1) : 0); ent->addr.sin_addr.s_addr = addr & ent->mask.sin_addr.s_addr; - IPFW_WLOCK(&layer3_chain); - if (rnh->rnh_addaddr(&ent->addr, &ent->mask, rnh, (void *)ent) == - NULL) { - IPFW_WUNLOCK(&layer3_chain); + IPFW_WLOCK(ch); + rn = rnh->rnh_addaddr(&ent->addr, &ent->mask, rnh, (void *)ent); + if (rn == NULL) { + IPFW_WUNLOCK(ch); free(ent, M_IPFW_TBL); return (EEXIST); } - IPFW_WUNLOCK(&layer3_chain); + IPFW_WUNLOCK(ch); return (0); } @@ -2205,6 +2207,7 @@ ipfw_chk(struct ip_fw_args *args) if (m->m_flags & M_SKIP_FIREWALL) return (IP_FW_PASS); /* accept */ + dst_ip.s_addr = 0; /* make sure it is initialized */ pktlen = m->m_pkthdr.len; args->f_id.fib = M_GETFIB(m); /* note mbuf not altered) */ proto = args->f_id.proto = 0; /* mark f_id invalid */ @@ -2662,7 +2665,7 @@ check_body: uint32_t a = (cmd->opcode == O_IP_DST_LOOKUP) ? dst_ip.s_addr : src_ip.s_addr; - uint32_t v; + uint32_t v = 0; match = lookup_table(chain, cmd->arg1, a, &v); @@ -3714,8 +3717,8 @@ zero_entry(struct ip_fw_chain *chain, u_ continue; clear_counters(rule, log_only); } - msg = log_only ? "ipfw: All logging counts reset.\n" : - "ipfw: Accounting cleared.\n"; + msg = log_only ? "logging counts reset" : + "Accounting cleared"; } else { int cleared = 0; /* @@ -3736,13 +3739,18 @@ zero_entry(struct ip_fw_chain *chain, u_ IPFW_WUNLOCK(chain); return (EINVAL); } - msg = log_only ? "ipfw: Entry %d logging count reset.\n" : - "ipfw: Entry %d cleared.\n"; + msg = log_only ? "logging count reset" : "cleared"; } IPFW_WUNLOCK(chain); - if (fw_verbose) - log(LOG_SECURITY | LOG_NOTICE, msg, rulenum); + if (fw_verbose) { + int lev = LOG_SECURITY | LOG_NOTICE; + + if (rulenum) + log(lev, "ipfw: Entry %d %s.\n", rulenum, msg); + else + log(lev, "ipfw: %s.\n", msg); + } return (0); } @@ -4357,49 +4365,44 @@ ipfw_ctl(struct sockopt *sopt) break; case IP_FW_NAT_CFG: - { if (IPFW_NAT_LOADED) error = ipfw_nat_cfg_ptr(sopt); else { - printf("IP_FW_NAT_CFG: ipfw_nat not present, please load it.\n"); + printf("IP_FW_NAT_CFG: %s\n", + "ipfw_nat not present, please load it"); error = EINVAL; } - } - break; + break; case IP_FW_NAT_DEL: - { if (IPFW_NAT_LOADED) error = ipfw_nat_del_ptr(sopt); else { - printf("IP_FW_NAT_DEL: ipfw_nat not present, please load it.\n"); - printf("ipfw_nat not loaded: %d\n", sopt->sopt_name); + printf("IP_FW_NAT_DEL: %s\n", + "ipfw_nat not present, please load it"); error = EINVAL; } - } - break; + break; case IP_FW_NAT_GET_CONFIG: - { if (IPFW_NAT_LOADED) error = ipfw_nat_get_cfg_ptr(sopt); else { - printf("IP_FW_NAT_GET_CFG: ipfw_nat not present, please load it.\n"); + printf("IP_FW_NAT_GET_CFG: %s\n", + "ipfw_nat not present, please load it"); error = EINVAL; } - } - break; + break; case IP_FW_NAT_GET_LOG: - { if (IPFW_NAT_LOADED) error = ipfw_nat_get_log_ptr(sopt); else { - printf("IP_FW_NAT_GET_LOG: ipfw_nat not present, please load it.\n"); + printf("IP_FW_NAT_GET_LOG: %s\n", + "ipfw_nat not present, please load it"); error = EINVAL; } - } - break; + break; default: printf("ipfw: ipfw_ctl invalid option %d\n", sopt->sopt_name); From owner-svn-src-stable@FreeBSD.ORG Mon Feb 16 18:24:49 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6E778106566B; Mon, 16 Feb 2009 18:24:49 +0000 (UTC) (envelope-from ume@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 4A5DB8FC15; Mon, 16 Feb 2009 18:24:49 +0000 (UTC) (envelope-from ume@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n1GIOnoK079454; Mon, 16 Feb 2009 18:24:49 GMT (envelope-from ume@svn.freebsd.org) Received: (from ume@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n1GIOnO3079452; Mon, 16 Feb 2009 18:24:49 GMT (envelope-from ume@svn.freebsd.org) Message-Id: <200902161824.n1GIOnO3079452@svn.freebsd.org> From: Hajimu UMEMOTO Date: Mon, 16 Feb 2009 18:24:49 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org X-SVN-Group: stable-7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r188690 - in stable/7/lib/libc: . net string X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Feb 2009 18:24:50 -0000 Author: ume Date: Mon Feb 16 18:24:48 2009 New Revision: 188690 URL: http://svn.freebsd.org/changeset/base/188690 Log: MFH 188316: Shutup warning for DNAME RR. PR: bin/127591 Submitted by: "Eugene M. Kim" <20080111.freebsd.org__at__ab.ote.we.lv> Modified: stable/7/lib/libc/ (props changed) stable/7/lib/libc/net/getaddrinfo.c stable/7/lib/libc/net/gethostbydns.c stable/7/lib/libc/string/ffsll.c (props changed) stable/7/lib/libc/string/flsll.c (props changed) Modified: stable/7/lib/libc/net/getaddrinfo.c ============================================================================== --- stable/7/lib/libc/net/getaddrinfo.c Mon Feb 16 18:07:23 2009 (r188689) +++ stable/7/lib/libc/net/getaddrinfo.c Mon Feb 16 18:24:48 2009 (r188690) @@ -1884,7 +1884,8 @@ getanswer(const querybuf *answer, int an } } else if (type != qtype) { #ifdef DEBUG - if (type != T_KEY && type != T_SIG) + if (type != T_KEY && type != T_SIG && + type != ns_t_dname) syslog(LOG_NOTICE|LOG_AUTH, "gethostby*.getanswer: asked for \"%s %s %s\", got type \"%s\"", qname, p_class(C_IN), p_type(qtype), Modified: stable/7/lib/libc/net/gethostbydns.c ============================================================================== --- stable/7/lib/libc/net/gethostbydns.c Mon Feb 16 18:07:23 2009 (r188689) +++ stable/7/lib/libc/net/gethostbydns.c Mon Feb 16 18:24:48 2009 (r188690) @@ -294,7 +294,7 @@ gethostanswer(const querybuf *answer, in continue; } if (type != qtype) { - if (type != T_SIG) + if (type != T_SIG && type != ns_t_dname) syslog(LOG_NOTICE|LOG_AUTH, "gethostby*.gethostanswer: asked for \"%s %s %s\", got type \"%s\"", qname, p_class(C_IN), p_type(qtype), From owner-svn-src-stable@FreeBSD.ORG Mon Feb 16 18:32:29 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B0F1C1065839; Mon, 16 Feb 2009 18:32:28 +0000 (UTC) (envelope-from ume@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 901EF8FC16; Mon, 16 Feb 2009 18:32:28 +0000 (UTC) (envelope-from ume@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n1GIWSHP080360; Mon, 16 Feb 2009 18:32:28 GMT (envelope-from ume@svn.freebsd.org) Received: (from ume@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n1GIWSpr080358; Mon, 16 Feb 2009 18:32:28 GMT (envelope-from ume@svn.freebsd.org) Message-Id: <200902161832.n1GIWSpr080358@svn.freebsd.org> From: Hajimu UMEMOTO Date: Mon, 16 Feb 2009 18:32:28 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-6@freebsd.org X-SVN-Group: stable-6 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r188691 - in stable/6/lib/libc: . inet net sys X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Feb 2009 18:32:35 -0000 Author: ume Date: Mon Feb 16 18:32:28 2009 New Revision: 188691 URL: http://svn.freebsd.org/changeset/base/188691 Log: MFH 188316: Shutup warning for DNAME RR. PR: bin/127591 Submitted by: "Eugene M. Kim" <20080111.freebsd.org__at__ab.ote.we.lv> Modified: stable/6/lib/libc/ (props changed) stable/6/lib/libc/inet/inet_net_pton.c (props changed) stable/6/lib/libc/net/getaddrinfo.c stable/6/lib/libc/net/gethostbydns.c stable/6/lib/libc/sys/ (props changed) Modified: stable/6/lib/libc/net/getaddrinfo.c ============================================================================== --- stable/6/lib/libc/net/getaddrinfo.c Mon Feb 16 18:24:48 2009 (r188690) +++ stable/6/lib/libc/net/getaddrinfo.c Mon Feb 16 18:32:28 2009 (r188691) @@ -1686,7 +1686,8 @@ getanswer(const querybuf *answer, int an } } else if (type != qtype) { #ifdef DEBUG - if (type != T_KEY && type != T_SIG) + if (type != T_KEY && type != T_SIG && + type != ns_t_dname) syslog(LOG_NOTICE|LOG_AUTH, "gethostby*.getanswer: asked for \"%s %s %s\", got type \"%s\"", qname, p_class(C_IN), p_type(qtype), Modified: stable/6/lib/libc/net/gethostbydns.c ============================================================================== --- stable/6/lib/libc/net/gethostbydns.c Mon Feb 16 18:24:48 2009 (r188690) +++ stable/6/lib/libc/net/gethostbydns.c Mon Feb 16 18:32:28 2009 (r188691) @@ -298,7 +298,7 @@ gethostanswer(const querybuf *answer, in continue; } if (type != qtype) { - if (type != T_SIG) + if (type != T_SIG && type != ns_t_dname) syslog(LOG_NOTICE|LOG_AUTH, "gethostby*.gethostanswer: asked for \"%s %s %s\", got type \"%s\"", qname, p_class(C_IN), p_type(qtype), From owner-svn-src-stable@FreeBSD.ORG Mon Feb 16 20:04:58 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 388BD106566B; Mon, 16 Feb 2009 20:04:58 +0000 (UTC) (envelope-from emax@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 2423F8FC24; Mon, 16 Feb 2009 20:04:58 +0000 (UTC) (envelope-from emax@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n1GK4wVf090682; Mon, 16 Feb 2009 20:04:58 GMT (envelope-from emax@svn.freebsd.org) Received: (from emax@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n1GK4vwb090681; Mon, 16 Feb 2009 20:04:57 GMT (envelope-from emax@svn.freebsd.org) Message-Id: <200902162004.n1GK4vwb090681@svn.freebsd.org> From: Maksim Yevmenkin Date: Mon, 16 Feb 2009 20:04:57 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org X-SVN-Group: stable-7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r188696 - in stable/7/sys: . contrib/pf dev/ath/ath_hal dev/cxgb dev/kbdmux X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Feb 2009 20:04:59 -0000 Author: emax Date: Mon Feb 16 20:04:57 2009 New Revision: 188696 URL: http://svn.freebsd.org/changeset/base/188696 Log: MFC r188603 Since r188030 the error value for attach is returned, this means if kbdmux fails to attach (possibly due to disable hints) then we get called back for unload. Correctly handle the case where the keyboard isnt found rather than calling panic. Submitted by: thompsa Modified: stable/7/sys/ (props changed) stable/7/sys/contrib/pf/ (props changed) stable/7/sys/dev/ath/ath_hal/ (props changed) stable/7/sys/dev/cxgb/ (props changed) stable/7/sys/dev/kbdmux/kbdmux.c Modified: stable/7/sys/dev/kbdmux/kbdmux.c ============================================================================== --- stable/7/sys/dev/kbdmux/kbdmux.c Mon Feb 16 19:18:14 2009 (r188695) +++ stable/7/sys/dev/kbdmux/kbdmux.c Mon Feb 16 20:04:57 2009 (r188696) @@ -1367,15 +1367,14 @@ kbdmux_modevent(module_t mod, int type, panic("kbd_get_switch(" KEYBOARD_NAME ") == NULL"); kbd = kbd_get_keyboard(kbd_find_keyboard(KEYBOARD_NAME, 0)); - if (kbd == NULL) - panic("kbd_get_keyboard(kbd_find_keyboard(" KEYBOARD_NAME ", 0)) == NULL"); - - (*sw->disable)(kbd); + if (kbd != NULL) { + (*sw->disable)(kbd); #ifdef KBD_INSTALL_CDEV - kbd_detach(kbd); + kbd_detach(kbd); #endif - (*sw->term)(kbd); - kbd_delete_driver(&kbdmux_kbd_driver); + (*sw->term)(kbd); + kbd_delete_driver(&kbdmux_kbd_driver); + } error = 0; break; From owner-svn-src-stable@FreeBSD.ORG Mon Feb 16 21:56:17 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EB7D7106564A; Mon, 16 Feb 2009 21:56:17 +0000 (UTC) (envelope-from cperciva@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id D47538FC13; Mon, 16 Feb 2009 21:56:17 +0000 (UTC) (envelope-from cperciva@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n1GLuHUC095724; Mon, 16 Feb 2009 21:56:17 GMT (envelope-from cperciva@svn.freebsd.org) Received: (from cperciva@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n1GLuHkd095723; Mon, 16 Feb 2009 21:56:17 GMT (envelope-from cperciva@svn.freebsd.org) Message-Id: <200902162156.n1GLuHkd095723@svn.freebsd.org> From: Colin Percival Date: Mon, 16 Feb 2009 21:56:17 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org X-SVN-Group: stable-7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r188699 - head/contrib/telnet/telnetd releng/7.0 releng/7.0/contrib/telnet/telnetd releng/7.0/sys/conf releng/7.1 releng/7.1/contrib/telnet/telnetd releng/7.1/sys/conf stable/7/contrib/... X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Feb 2009 21:56:20 -0000 Author: cperciva Date: Mon Feb 16 21:56:17 2009 New Revision: 188699 URL: http://svn.freebsd.org/changeset/base/188699 Log: Correctly scrub telnetd's environment. Approved by: so (cperciva) Security: FreeBSD-SA-09:05.telnetd Modified: stable/7/contrib/telnet/telnetd/sys_term.c Changes in other areas also in this revision: Modified: head/contrib/telnet/telnetd/sys_term.c releng/7.0/UPDATING releng/7.0/contrib/telnet/telnetd/sys_term.c releng/7.0/sys/conf/newvers.sh releng/7.1/UPDATING releng/7.1/contrib/telnet/telnetd/sys_term.c releng/7.1/sys/conf/newvers.sh Modified: stable/7/contrib/telnet/telnetd/sys_term.c ============================================================================== --- stable/7/contrib/telnet/telnetd/sys_term.c Mon Feb 16 21:42:41 2009 (r188698) +++ stable/7/contrib/telnet/telnetd/sys_term.c Mon Feb 16 21:56:17 2009 (r188699) @@ -1285,8 +1285,18 @@ scrub_env(void) char **cpp, **cpp2; const char **p; - - for (cpp2 = cpp = environ; *cpp; cpp++) { + char ** new_environ; + size_t count; + + /* Allocate space for scrubbed environment. */ + for (count = 1, cpp = environ; *cpp; count++, cpp++) + continue; + if ((new_environ = malloc(count * sizeof(char *))) == NULL) { + environ = NULL; + return; + } + + for (cpp2 = new_environ, cpp = environ; *cpp; cpp++) { int reject_it = 0; for(p = rej; *p; p++) @@ -1300,10 +1310,15 @@ scrub_env(void) for(p = acc; *p; p++) if(strncmp(*cpp, *p, strlen(*p)) == 0) break; - if(*p != NULL) - *cpp2++ = *cpp; + if(*p != NULL) { + if ((*cpp2++ = strdup(*cpp)) == NULL) { + environ = new_environ; + return; + } + } } *cpp2 = NULL; + environ = new_environ; } /* From owner-svn-src-stable@FreeBSD.ORG Tue Feb 17 15:41:41 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8B2B91065677; Tue, 17 Feb 2009 15:41:41 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 774F88FC18; Tue, 17 Feb 2009 15:41:41 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n1HFffOx018868; Tue, 17 Feb 2009 15:41:41 GMT (envelope-from jhb@svn.freebsd.org) Received: (from jhb@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n1HFffIZ018867; Tue, 17 Feb 2009 15:41:41 GMT (envelope-from jhb@svn.freebsd.org) Message-Id: <200902171541.n1HFffIZ018867@svn.freebsd.org> From: John Baldwin Date: Tue, 17 Feb 2009 15:41:41 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org X-SVN-Group: stable-7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r188714 - stable/7/sys/sys X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Feb 2009 15:41:43 -0000 Author: jhb Date: Tue Feb 17 15:41:41 2009 New Revision: 188714 URL: http://svn.freebsd.org/changeset/base/188714 Log: MFC 1.39: Include in in the kernel so that curthread is always defined. Modified: stable/7/sys/sys/sx.h Modified: stable/7/sys/sys/sx.h ============================================================================== --- stable/7/sys/sys/sx.h Tue Feb 17 15:39:16 2009 (r188713) +++ stable/7/sys/sys/sx.h Tue Feb 17 15:41:41 2009 (r188714) @@ -34,9 +34,10 @@ #include #include -#include #ifdef _KERNEL +#include +#include #include #endif From owner-svn-src-stable@FreeBSD.ORG Tue Feb 17 15:54:09 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6C8351065678; Tue, 17 Feb 2009 15:54:09 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 59EA58FC19; Tue, 17 Feb 2009 15:54:09 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n1HFs9wt019931; Tue, 17 Feb 2009 15:54:09 GMT (envelope-from jhb@svn.freebsd.org) Received: (from jhb@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n1HFs994019930; Tue, 17 Feb 2009 15:54:09 GMT (envelope-from jhb@svn.freebsd.org) Message-Id: <200902171554.n1HFs994019930@svn.freebsd.org> From: John Baldwin Date: Tue, 17 Feb 2009 15:54:09 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org X-SVN-Group: stable-7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r188716 - in stable/7/cddl/contrib/opensolaris: . lib/libdtrace/common X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Feb 2009 15:54:10 -0000 Author: jhb Date: Tue Feb 17 15:54:09 2009 New Revision: 188716 URL: http://svn.freebsd.org/changeset/base/188716 Log: MFC: Correct the sense of the "use32" terenary operator so that it uses 'lib32' for 32-bit binaries on amd64 and 'lib' for 64-bit binaries. Remove an #ifdef __i386__ that defined use32 to the wrong value on i386 to workaround the bug in the terenary operator. Modified: stable/7/cddl/contrib/opensolaris/ (props changed) stable/7/cddl/contrib/opensolaris/lib/libdtrace/common/dt_link.c Modified: stable/7/cddl/contrib/opensolaris/lib/libdtrace/common/dt_link.c ============================================================================== --- stable/7/cddl/contrib/opensolaris/lib/libdtrace/common/dt_link.c Tue Feb 17 15:47:13 2009 (r188715) +++ stable/7/cddl/contrib/opensolaris/lib/libdtrace/common/dt_link.c Tue Feb 17 15:54:09 2009 (r188716) @@ -1739,15 +1739,11 @@ dtrace_program_link(dtrace_hdl_t *dtp, d * Arches which are 32-bit only just use the normal * library path. */ -#if defined(__i386__) - int use_32 = 1; /* use /usr/lib/... -sson */ -#else int use_32 = 0; #endif -#endif (void) snprintf(drti, sizeof (drti), "/usr/lib%s/dtrace/drti.o", - use_32 ? "":"32"); + use_32 ? "32":""); len = snprintf(&tmp, 1, fmt, dtp->dt_ld_path, file, tfile, drti) + 1; From owner-svn-src-stable@FreeBSD.ORG Tue Feb 17 15:58:42 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8F6E8106564A; Tue, 17 Feb 2009 15:58:42 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 7C5B48FC0C; Tue, 17 Feb 2009 15:58:42 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n1HFwgSG020071; Tue, 17 Feb 2009 15:58:42 GMT (envelope-from jhb@svn.freebsd.org) Received: (from jhb@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n1HFwgPq020070; Tue, 17 Feb 2009 15:58:42 GMT (envelope-from jhb@svn.freebsd.org) Message-Id: <200902171558.n1HFwgPq020070@svn.freebsd.org> From: John Baldwin Date: Tue, 17 Feb 2009 15:58:42 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org X-SVN-Group: stable-7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r188717 - in stable/7/sys: . compat/linprocfs contrib/pf dev/ath/ath_hal dev/cxgb X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Feb 2009 15:58:44 -0000 Author: jhb Date: Tue Feb 17 15:58:42 2009 New Revision: 188717 URL: http://svn.freebsd.org/changeset/base/188717 Log: MFC: Fix a bug in the previous change to the mtab handler: use the path returned by vn_fullpath() when vn_fullpath() succeeds instead of when it fails. Modified: stable/7/sys/ (props changed) stable/7/sys/compat/linprocfs/linprocfs.c stable/7/sys/contrib/pf/ (props changed) stable/7/sys/dev/ath/ath_hal/ (props changed) stable/7/sys/dev/cxgb/ (props changed) Modified: stable/7/sys/compat/linprocfs/linprocfs.c ============================================================================== --- stable/7/sys/compat/linprocfs/linprocfs.c Tue Feb 17 15:54:09 2009 (r188716) +++ stable/7/sys/compat/linprocfs/linprocfs.c Tue Feb 17 15:58:42 2009 (r188717) @@ -317,7 +317,7 @@ linprocfs_domtab(PFS_FILL_ARGS) error = namei(&nd); lep = linux_emul_path; if (error == 0) { - if (vn_fullpath(td, nd.ni_vp, &dlep, &flep) != 0) + if (vn_fullpath(td, nd.ni_vp, &dlep, &flep) == 0) lep = dlep; vrele(nd.ni_vp); VFS_UNLOCK_GIANT(NDHASGIANT(&nd)); From owner-svn-src-stable@FreeBSD.ORG Tue Feb 17 19:57:53 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 217BE106564A; Tue, 17 Feb 2009 19:57:53 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 0BFF58FC15; Tue, 17 Feb 2009 19:57:53 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n1HJvrfd026148; Tue, 17 Feb 2009 19:57:53 GMT (envelope-from jhb@svn.freebsd.org) Received: (from jhb@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n1HJvqk8026145; Tue, 17 Feb 2009 19:57:52 GMT (envelope-from jhb@svn.freebsd.org) Message-Id: <200902171957.n1HJvqk8026145@svn.freebsd.org> From: John Baldwin Date: Tue, 17 Feb 2009 19:57:52 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org X-SVN-Group: stable-7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r188727 - in stable/7: sys sys/contrib/pf sys/dev/ath/ath_hal sys/dev/cxgb sys/kern sys/modules/sem sys/sys tools/regression/posixsem usr.bin/procstat X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Feb 2009 19:57:53 -0000 Author: jhb Date: Tue Feb 17 19:57:52 2009 New Revision: 188727 URL: http://svn.freebsd.org/changeset/base/188727 Log: MFC: Rework the lifetime management of the kernel implementation of POSIX semaphores. Specifically, semaphores are now represented as new file descriptor type that is set to close on exec. This removes the need for all of the manual process reference counting (and fork, exec, and exit event handlers) as the normal file descriptor operations handle all of that for us nicely. It is also suggested as one possible implementation in the spec and at least one other OS (OS X) uses this approach. Refer to the original commit for more details on specific bug fixes, etc. A notable difference in this MFC relative to the original commit to HEAD is that the MAC entry points are unchanged to preserve the ABI for MAC policy modules. fstat() on a POSIX semaphore in 7 uses the mac_check_posix_sem_getvalue() hook to determine access as that is the closest match to stat() of the available hooks. Discussed with: rwatson (MAC bits (or lack thereof)) Added: stable/7/tools/regression/posixsem/ - copied from r180059, head/tools/regression/posixsem/ Modified: stable/7/sys/ (props changed) stable/7/sys/contrib/pf/ (props changed) stable/7/sys/dev/ath/ath_hal/ (props changed) stable/7/sys/dev/cxgb/ (props changed) stable/7/sys/kern/kern_descrip.c stable/7/sys/kern/uipc_sem.c stable/7/sys/modules/sem/Makefile stable/7/sys/sys/file.h stable/7/sys/sys/ksem.h stable/7/sys/sys/user.h stable/7/usr.bin/procstat/ (props changed) stable/7/usr.bin/procstat/procstat_files.c Modified: stable/7/sys/kern/kern_descrip.c ============================================================================== --- stable/7/sys/kern/kern_descrip.c Tue Feb 17 19:37:04 2009 (r188726) +++ stable/7/sys/kern/kern_descrip.c Tue Feb 17 19:57:52 2009 (r188727) @@ -2933,6 +2933,10 @@ sysctl_kern_proc_filedesc(SYSCTL_HANDLER kif->kf_type = KF_TYPE_MQUEUE; break; + case DTYPE_SEM: + kif->kf_type = KF_TYPE_SEM; + break; + default: kif->kf_type = KF_TYPE_UNKNOWN; break; @@ -3070,6 +3074,8 @@ file_type_to_name(short type) return ("crpt"); case DTYPE_MQUEUE: return ("mque"); + case DTYPE_SEM: + return ("ksem"); default: return ("unkn"); } Modified: stable/7/sys/kern/uipc_sem.c ============================================================================== --- stable/7/sys/kern/uipc_sem.c Tue Feb 17 19:37:04 2009 (r188726) +++ stable/7/sys/kern/uipc_sem.c Tue Feb 17 19:57:52 2009 (r188727) @@ -38,583 +38,592 @@ __FBSDID("$FreeBSD$"); #include "opt_posix.h" #include -#include -#include -#include +#include +#include +#include +#include +#include #include #include +#include +#include +#include +#include #include #include #include -#include -#include -#include -#include -#include -#include +#include #include -#include +#include #include -#include +#include +#include #include -#include -#include -#include -#include +#include +#include +#include +#include +#include #include -static int sem_count_proc(struct proc *p); -static struct ksem *sem_lookup_byname(const char *name); -static int sem_create(struct thread *td, const char *name, - struct ksem **ksret, mode_t mode, unsigned int value); -static void sem_free(struct ksem *ksnew); -static int sem_perm(struct thread *td, struct ksem *ks); -static void sem_enter(struct proc *p, struct ksem *ks); -static int sem_leave(struct proc *p, struct ksem *ks); -static void sem_exechook(void *arg, struct proc *p, - struct image_params *imgp); -static void sem_exithook(void *arg, struct proc *p); -static void sem_forkhook(void *arg, struct proc *p1, struct proc *p2, - int flags); -static int sem_hasopen(struct thread *td, struct ksem *ks); - -static int kern_sem_close(struct thread *td, semid_t id); -static int kern_sem_post(struct thread *td, semid_t id); -static int kern_sem_wait(struct thread *td, semid_t id, int tryflag, - struct timespec *abstime); -static int kern_sem_init(struct thread *td, int dir, unsigned int value, - semid_t *idp); -static int kern_sem_open(struct thread *td, int dir, const char *name, - int oflag, mode_t mode, unsigned int value, semid_t *idp); -static int kern_sem_unlink(struct thread *td, const char *name); +/* + * TODO + * + * - Resource limits? + * - Update fstat(1) + * - Replace global sem_lock with mtx_pool locks? + * - Add a MAC check_create() hook for creating new named semaphores. + */ #ifndef SEM_MAX #define SEM_MAX 30 #endif -#define SEM_MAX_NAMELEN 14 - -#define SEM_TO_ID(x) ((intptr_t)(x)) -#define ID_TO_SEM(x) id_to_sem(x) - -/* - * Available semaphores go here, this includes sem_init and any semaphores - * created via sem_open that have not yet been unlinked. - */ -LIST_HEAD(, ksem) ksem_head = LIST_HEAD_INITIALIZER(&ksem_head); +#ifdef SEM_DEBUG +#define DP(x) printf x +#else +#define DP(x) +#endif -/* - * Semaphores still in use but have been sem_unlink()'d go here. - */ -LIST_HEAD(, ksem) ksem_deadhead = LIST_HEAD_INITIALIZER(&ksem_deadhead); +struct ksem_mapping { + char *km_path; + Fnv32_t km_fnv; + struct ksem *km_ksem; + LIST_ENTRY(ksem_mapping) km_link; +}; +static MALLOC_DEFINE(M_KSEM, "ksem", "semaphore file descriptor"); +static LIST_HEAD(, ksem_mapping) *ksem_dictionary; +static struct sx ksem_dict_lock; +static struct mtx ksem_count_lock; static struct mtx sem_lock; -static MALLOC_DEFINE(M_SEM, "sems", "semaphore data"); +static u_long ksem_hash; +static int ksem_dead; + +#define KSEM_HASH(fnv) (&ksem_dictionary[(fnv) & ksem_hash]) static int nsems = 0; SYSCTL_DECL(_p1003_1b); -SYSCTL_INT(_p1003_1b, OID_AUTO, nsems, CTLFLAG_RD, &nsems, 0, ""); +SYSCTL_INT(_p1003_1b, OID_AUTO, nsems, CTLFLAG_RD, &nsems, 0, + "Number of active kernel POSIX semaphores"); -static eventhandler_tag sem_exit_tag, sem_exec_tag, sem_fork_tag; +static int kern_sem_wait(struct thread *td, semid_t id, int tryflag, + struct timespec *abstime); +static int ksem_access(struct ksem *ks, struct ucred *ucred); +static struct ksem *ksem_alloc(struct ucred *ucred, mode_t mode, + unsigned int value); +static int ksem_create(struct thread *td, const char *path, + semid_t *semidp, mode_t mode, unsigned int value, + int flags); +static void ksem_drop(struct ksem *ks); +static int ksem_get(struct thread *td, semid_t id, struct file **fpp); +static struct ksem *ksem_hold(struct ksem *ks); +static void ksem_insert(char *path, Fnv32_t fnv, struct ksem *ks); +static struct ksem *ksem_lookup(char *path, Fnv32_t fnv); +static void ksem_module_destroy(void); +static int ksem_module_init(void); +static int ksem_remove(char *path, Fnv32_t fnv, struct ucred *ucred); +static int sem_modload(struct module *module, int cmd, void *arg); -#ifdef SEM_DEBUG -#define DP(x) printf x -#else -#define DP(x) -#endif +static fo_rdwr_t ksem_read; +static fo_rdwr_t ksem_write; +static fo_ioctl_t ksem_ioctl; +static fo_poll_t ksem_poll; +static fo_kqfilter_t ksem_kqfilter; +static fo_stat_t ksem_stat; +static fo_close_t ksem_closef; + +/* File descriptor operations. */ +static struct fileops ksem_ops = { + .fo_read = ksem_read, + .fo_write = ksem_write, + .fo_ioctl = ksem_ioctl, + .fo_poll = ksem_poll, + .fo_kqfilter = ksem_kqfilter, + .fo_stat = ksem_stat, + .fo_close = ksem_closef, + .fo_flags = DFLAG_PASSABLE +}; -static __inline void -sem_ref(struct ksem *ks) +FEATURE(posix_sem, "POSIX semaphores"); + +static int +ksem_read(struct file *fp, struct uio *uio, struct ucred *active_cred, + int flags, struct thread *td) { - mtx_assert(&sem_lock, MA_OWNED); - ks->ks_ref++; - DP(("sem_ref: ks = %p, ref = %d\n", ks, ks->ks_ref)); + return (EOPNOTSUPP); } -static __inline void -sem_rel(struct ksem *ks) +static int +ksem_write(struct file *fp, struct uio *uio, struct ucred *active_cred, + int flags, struct thread *td) { - mtx_assert(&sem_lock, MA_OWNED); - DP(("sem_rel: ks = %p, ref = %d\n", ks, ks->ks_ref - 1)); - if (--ks->ks_ref == 0) - sem_free(ks); + return (EOPNOTSUPP); } -static __inline -struct ksem * -id_to_sem(semid_t id) +static int +ksem_ioctl(struct file *fp, u_long com, void *data, + struct ucred *active_cred, struct thread *td) { - struct ksem *ks; - mtx_assert(&sem_lock, MA_OWNED); - DP(("id_to_sem: id = %0x,%p\n", id, (struct ksem *)id)); - LIST_FOREACH(ks, &ksem_head, ks_entry) { - DP(("id_to_sem: ks = %p\n", ks)); - if (ks == (struct ksem *)id) - return (ks); - } - return (NULL); + return (EOPNOTSUPP); } -static struct ksem * -sem_lookup_byname(const char *name) +static int +ksem_poll(struct file *fp, int events, struct ucred *active_cred, + struct thread *td) { - struct ksem *ks; - mtx_assert(&sem_lock, MA_OWNED); - LIST_FOREACH(ks, &ksem_head, ks_entry) - if (ks->ks_name != NULL && strcmp(ks->ks_name, name) == 0) - return (ks); - return (NULL); + return (EOPNOTSUPP); } static int -sem_create(struct thread *td, const char *name, struct ksem **ksret, - mode_t mode, unsigned int value) +ksem_kqfilter(struct file *fp, struct knote *kn) { - struct ksem *ret; - struct proc *p; - struct ucred *uc; - size_t len; + + return (EOPNOTSUPP); +} + +static int +ksem_stat(struct file *fp, struct stat *sb, struct ucred *active_cred, + struct thread *td) +{ + struct ksem *ks; +#ifdef MAC int error; +#endif - DP(("sem_create\n")); - p = td->td_proc; - uc = td->td_ucred; - if (value > SEM_VALUE_MAX) - return (EINVAL); - ret = malloc(sizeof(*ret), M_SEM, M_WAITOK | M_ZERO); - if (name != NULL) { - len = strlen(name); - if (len > SEM_MAX_NAMELEN) { - free(ret, M_SEM); - return (ENAMETOOLONG); - } + ks = fp->f_data; - /* Name must start with a '/' but not contain one. */ - if (*name != '/' || len < 2 || index(name + 1, '/') != NULL) { - free(ret, M_SEM); - return (EINVAL); - } - ret->ks_name = malloc(len + 1, M_SEM, M_WAITOK); - strcpy(ret->ks_name, name); - } else { - ret->ks_name = NULL; - } - ret->ks_mode = mode; - ret->ks_value = value; - ret->ks_ref = 1; - ret->ks_waiters = 0; - ret->ks_uid = uc->cr_uid; - ret->ks_gid = uc->cr_gid; - ret->ks_onlist = 0; - cv_init(&ret->ks_cv, "sem"); - LIST_INIT(&ret->ks_users); #ifdef MAC - mac_init_posix_sem(ret); - mac_create_posix_sem(uc, ret); + /* + * XXX: This isn't quite right, but adding a new stat() hook + * would break the ABI. This seems to be the closest match of + * the existing MAC hooks for POSIX semaphores in 7. + */ + error = mac_check_posix_sem_getvalue(active_cred, ks); + if (error) + return (error); #endif - if (name != NULL) - sem_enter(td->td_proc, ret); - *ksret = ret; - mtx_lock(&sem_lock); - nsems++; - if (nsems > p31b_getcfg(CTL_P1003_1B_SEM_NSEMS_MAX)) { - sem_leave(td->td_proc, ret); - sem_free(ret); - error = ENFILE; - } else - error = 0; - mtx_unlock(&sem_lock); - return (error); + + /* + * Attempt to return sanish values for fstat() on a semaphore + * file descriptor. + */ + bzero(sb, sizeof(*sb)); + sb->st_mode = S_IFREG | ks->ks_mode; /* XXX */ + + sb->st_atimespec = ks->ks_atime; + sb->st_ctimespec = ks->ks_ctime; + sb->st_mtimespec = ks->ks_mtime; + sb->st_birthtimespec = ks->ks_birthtime; + sb->st_uid = ks->ks_uid; + sb->st_gid = ks->ks_gid; + + return (0); } -#ifndef _SYS_SYSPROTO_H_ -struct ksem_init_args { - unsigned int value; - semid_t *idp; -}; -int ksem_init(struct thread *td, struct ksem_init_args *uap); -#endif -int -ksem_init(struct thread *td, struct ksem_init_args *uap) +static int +ksem_closef(struct file *fp, struct thread *td) { + struct ksem *ks; - return (kern_sem_init(td, UIO_USERSPACE, uap->value, uap->idp)); + ks = fp->f_data; + fp->f_data = NULL; + ksem_drop(ks); + + return (0); } -static int -kern_sem_init(struct thread *td, int dir, unsigned int value, semid_t *idp) +/* + * ksem object management including creation and reference counting + * routines. + */ +static struct ksem * +ksem_alloc(struct ucred *ucred, mode_t mode, unsigned int value) { struct ksem *ks; - semid_t id; - int error; - error = sem_create(td, NULL, &ks, S_IRWXU | S_IRWXG, value); - if (error) - return (error); - id = SEM_TO_ID(ks); - if (dir == UIO_USERSPACE) { - error = copyout(&id, idp, sizeof(id)); - if (error) { - mtx_lock(&sem_lock); - sem_rel(ks); - mtx_unlock(&sem_lock); - return (error); - } - } else { - *idp = id; + mtx_lock(&ksem_count_lock); + if (nsems == p31b_getcfg(CTL_P1003_1B_SEM_NSEMS_MAX) || ksem_dead) { + mtx_unlock(&ksem_count_lock); + return (NULL); } - mtx_lock(&sem_lock); - LIST_INSERT_HEAD(&ksem_head, ks, ks_entry); - ks->ks_onlist = 1; - mtx_unlock(&sem_lock); - return (error); + nsems++; + mtx_unlock(&ksem_count_lock); + ks = malloc(sizeof(*ks), M_KSEM, M_WAITOK | M_ZERO); + ks->ks_uid = ucred->cr_uid; + ks->ks_gid = ucred->cr_gid; + ks->ks_mode = mode; + ks->ks_value = value; + cv_init(&ks->ks_cv, "ksem"); + vfs_timestamp(&ks->ks_birthtime); + ks->ks_atime = ks->ks_mtime = ks->ks_ctime = ks->ks_birthtime; + refcount_init(&ks->ks_ref, 1); +#ifdef MAC + mac_init_posix_sem(ks); + mac_create_posix_sem(ucred, ks); +#endif + + return (ks); } -#ifndef _SYS_SYSPROTO_H_ -struct ksem_open_args { - char *name; - int oflag; - mode_t mode; - unsigned int value; - semid_t *idp; -}; -int ksem_open(struct thread *td, struct ksem_open_args *uap); +static struct ksem * +ksem_hold(struct ksem *ks) +{ + + refcount_acquire(&ks->ks_ref); + return (ks); +} + +static void +ksem_drop(struct ksem *ks) +{ + + if (refcount_release(&ks->ks_ref)) { +#ifdef MAC + mac_destroy_posix_sem(ks); #endif -int -ksem_open(struct thread *td, struct ksem_open_args *uap) + cv_destroy(&ks->ks_cv); + free(ks, M_KSEM); + mtx_lock(&ksem_count_lock); + nsems--; + mtx_unlock(&ksem_count_lock); + } +} + +/* + * Determine if the credentials have sufficient permissions for read + * and write access. + */ +static int +ksem_access(struct ksem *ks, struct ucred *ucred) { - char name[SEM_MAX_NAMELEN + 1]; - size_t done; int error; - error = copyinstr(uap->name, name, SEM_MAX_NAMELEN + 1, &done); + error = vaccess(VREG, ks->ks_mode, ks->ks_uid, ks->ks_gid, + VREAD | VWRITE, ucred, NULL); if (error) - return (error); - DP((">>> sem_open start\n")); - error = kern_sem_open(td, UIO_USERSPACE, - name, uap->oflag, uap->mode, uap->value, uap->idp); - DP(("<<< sem_open end\n")); + error = priv_check_cred(ucred, PRIV_SEM_WRITE, 0); return (error); } -static int -kern_sem_open(struct thread *td, int dir, const char *name, int oflag, - mode_t mode, unsigned int value, semid_t *idp) +/* + * Dictionary management. We maintain an in-kernel dictionary to map + * paths to semaphore objects. We use the FNV hash on the path to + * store the mappings in a hash table. + */ +static struct ksem * +ksem_lookup(char *path, Fnv32_t fnv) { - struct ksem *ksnew, *ks; - int error; - semid_t id; - - ksnew = NULL; - mtx_lock(&sem_lock); - ks = sem_lookup_byname(name); + struct ksem_mapping *map; - /* - * If we found it but O_EXCL is set, error. - */ - if (ks != NULL && (oflag & O_EXCL) != 0) { - mtx_unlock(&sem_lock); - return (EEXIST); + LIST_FOREACH(map, KSEM_HASH(fnv), km_link) { + if (map->km_fnv != fnv) + continue; + if (strcmp(map->km_path, path) == 0) + return (map->km_ksem); } - /* - * If we didn't find it... - */ - if (ks == NULL) { - /* - * didn't ask for creation? error. - */ - if ((oflag & O_CREAT) == 0) { - mtx_unlock(&sem_lock); - return (ENOENT); - } + return (NULL); +} - /* - * We may block during creation, so drop the lock. - */ - mtx_unlock(&sem_lock); - error = sem_create(td, name, &ksnew, mode, value); - if (error != 0) - return (error); - id = SEM_TO_ID(ksnew); - if (dir == UIO_USERSPACE) { - DP(("about to copyout! %d to %p\n", id, idp)); - error = copyout(&id, idp, sizeof(id)); - if (error) { - mtx_lock(&sem_lock); - sem_leave(td->td_proc, ksnew); - sem_rel(ksnew); - mtx_unlock(&sem_lock); - return (error); - } - } else { - DP(("about to set! %d to %p\n", id, idp)); - *idp = id; - } +static void +ksem_insert(char *path, Fnv32_t fnv, struct ksem *ks) +{ + struct ksem_mapping *map; - /* - * We need to make sure we haven't lost a race while - * allocating during creation. - */ - mtx_lock(&sem_lock); - ks = sem_lookup_byname(name); - if (ks != NULL) { - /* we lost... */ - sem_leave(td->td_proc, ksnew); - sem_rel(ksnew); - /* we lost and we can't loose... */ - if ((oflag & O_EXCL) != 0) { - mtx_unlock(&sem_lock); - return (EEXIST); - } - } else { - DP(("sem_create: about to add to list...\n")); - LIST_INSERT_HEAD(&ksem_head, ksnew, ks_entry); - DP(("sem_create: setting list bit...\n")); - ksnew->ks_onlist = 1; - DP(("sem_create: done, about to unlock...\n")); - } - } else { + map = malloc(sizeof(struct ksem_mapping), M_KSEM, M_WAITOK); + map->km_path = path; + map->km_fnv = fnv; + map->km_ksem = ksem_hold(ks); + LIST_INSERT_HEAD(KSEM_HASH(fnv), map, km_link); +} + +static int +ksem_remove(char *path, Fnv32_t fnv, struct ucred *ucred) +{ + struct ksem_mapping *map; + int error; + + LIST_FOREACH(map, KSEM_HASH(fnv), km_link) { + if (map->km_fnv != fnv) + continue; + if (strcmp(map->km_path, path) == 0) { #ifdef MAC - error = mac_check_posix_sem_open(td->td_ucred, ks); - if (error) - goto err_open; + error = mac_check_posix_sem_unlink(ucred, map->km_ksem); + if (error) + return (error); #endif - /* - * if we aren't the creator, then enforce permissions. - */ - error = sem_perm(td, ks); - if (error) - goto err_open; - sem_ref(ks); - mtx_unlock(&sem_lock); - id = SEM_TO_ID(ks); - if (dir == UIO_USERSPACE) { - error = copyout(&id, idp, sizeof(id)); - if (error) { - mtx_lock(&sem_lock); - sem_rel(ks); - mtx_unlock(&sem_lock); + error = ksem_access(map->km_ksem, ucred); + if (error) return (error); - } - } else { - *idp = id; + LIST_REMOVE(map, km_link); + ksem_drop(map->km_ksem); + free(map->km_path, M_KSEM); + free(map, M_KSEM); + return (0); } - sem_enter(td->td_proc, ks); - mtx_lock(&sem_lock); - sem_rel(ks); } -err_open: - mtx_unlock(&sem_lock); - return (error); + + return (ENOENT); } +/* Other helper routines. */ static int -sem_perm(struct thread *td, struct ksem *ks) +ksem_create(struct thread *td, const char *name, semid_t *semidp, mode_t mode, + unsigned int value, int flags) { - struct ucred *uc; + struct filedesc *fdp; + struct ksem *ks; + struct file *fp; + char *path; + semid_t semid; + Fnv32_t fnv; + int error, fd; + + if (value > SEM_VALUE_MAX) + return (EINVAL); + + fdp = td->td_proc->p_fd; + mode = (mode & ~fdp->fd_cmask) & ACCESSPERMS; + error = falloc(td, &fp, &fd); + if (error) { + if (name == NULL) + error = ENOSPC; + return (error); + } /* - * XXXRW: This permission routine appears to be incorrect. If the - * user matches, we shouldn't go on to the group if the user - * permissions don't allow the action? Not changed for now. To fix, - * change from a series of if (); if (); to if () else if () else... + * Go ahead and copyout the file descriptor now. This is a bit + * premature, but it is a lot easier to handle errors as opposed + * to later when we've possibly created a new semaphore, etc. */ - uc = td->td_ucred; - DP(("sem_perm: uc(%d,%d) ks(%d,%d,%o)\n", - uc->cr_uid, uc->cr_gid, - ks->ks_uid, ks->ks_gid, ks->ks_mode)); - if ((uc->cr_uid == ks->ks_uid) && (ks->ks_mode & S_IWUSR) != 0) - return (0); - if ((uc->cr_gid == ks->ks_gid) && (ks->ks_mode & S_IWGRP) != 0) - return (0); - if ((ks->ks_mode & S_IWOTH) != 0) - return (0); - return (priv_check(td, PRIV_SEM_WRITE)); -} + semid = fd; + error = copyout(&semid, semidp, sizeof(semid)); + if (error) { + fdclose(fdp, fp, fd, td); + fdrop(fp, td); + return (error); + } -static void -sem_free(struct ksem *ks) -{ + if (name == NULL) { + /* Create an anonymous semaphore. */ + ks = ksem_alloc(td->td_ucred, mode, value); + if (ks == NULL) + error = ENOSPC; + else + ks->ks_flags |= KS_ANONYMOUS; + } else { + path = malloc(MAXPATHLEN, M_KSEM, M_WAITOK); + error = copyinstr(name, path, MAXPATHLEN, NULL); + + /* Require paths to start with a '/' character. */ + if (error == 0 && path[0] != '/') + error = EINVAL; + if (error) { + fdclose(fdp, fp, fd, td); + fdrop(fp, td); + free(path, M_KSEM); + return (error); + } + fnv = fnv_32_str(path, FNV1_32_INIT); + sx_xlock(&ksem_dict_lock); + ks = ksem_lookup(path, fnv); + if (ks == NULL) { + /* Object does not exist, create it if requested. */ + if (flags & O_CREAT) { + ks = ksem_alloc(td->td_ucred, mode, value); + if (ks == NULL) + error = ENFILE; + else { + ksem_insert(path, fnv, ks); + path = NULL; + } + } else + error = ENOENT; + } else { + /* + * Object already exists, obtain a new + * reference if requested and permitted. + */ + if ((flags & (O_CREAT | O_EXCL)) == + (O_CREAT | O_EXCL)) + error = EEXIST; + else { #ifdef MAC - mac_destroy_posix_sem(ks); + error = mac_check_posix_sem_open(td->td_ucred, + ks); + if (error == 0) #endif - nsems--; - if (ks->ks_onlist) - LIST_REMOVE(ks, ks_entry); - if (ks->ks_name != NULL) - free(ks->ks_name, M_SEM); - cv_destroy(&ks->ks_cv); - free(ks, M_SEM); -} + error = ksem_access(ks, td->td_ucred); + } + if (error == 0) + ksem_hold(ks); +#ifdef INVARIANTS + else + ks = NULL; +#endif + } + sx_xunlock(&ksem_dict_lock); + if (path) + free(path, M_KSEM); + } -static __inline struct kuser * -sem_getuser(struct proc *p, struct ksem *ks) -{ - struct kuser *k; + if (error) { + KASSERT(ks == NULL, ("ksem_create error with a ksem")); + fdclose(fdp, fp, fd, td); + fdrop(fp, td); + return (error); + } + KASSERT(ks != NULL, ("ksem_create w/o a ksem")); - LIST_FOREACH(k, &ks->ks_users, ku_next) - if (k->ku_pid == p->p_pid) - return (k); - return (NULL); -} + fp->f_data = ks; + fp->f_flag = FREAD | FWRITE; + fp->f_type = DTYPE_SEM; + fp->f_ops = &ksem_ops; -static int -sem_hasopen(struct thread *td, struct ksem *ks) -{ - - return ((ks->ks_name == NULL && sem_perm(td, ks) == 0) - || sem_getuser(td->td_proc, ks) != NULL); + FILEDESC_XLOCK(fdp); + if (fdp->fd_ofiles[fd] == fp) + fdp->fd_ofileflags[fd] |= UF_EXCLOSE; + FILEDESC_XUNLOCK(fdp); + fdrop(fp, td); + + return (0); } static int -sem_leave(struct proc *p, struct ksem *ks) +ksem_get(struct thread *td, semid_t id, struct file **fpp) { - struct kuser *k; + struct ksem *ks; + struct file *fp; + int error; - DP(("sem_leave: ks = %p\n", ks)); - k = sem_getuser(p, ks); - DP(("sem_leave: ks = %p, k = %p\n", ks, k)); - if (k != NULL) { - LIST_REMOVE(k, ku_next); - sem_rel(ks); - DP(("sem_leave: about to free k\n")); - free(k, M_SEM); - DP(("sem_leave: returning\n")); - return (0); + error = fget(td, id, &fp); + if (error) + return (EINVAL); + if (fp->f_type != DTYPE_SEM) { + fdrop(fp, td); + return (EINVAL); } - return (EINVAL); + ks = fp->f_data; + if (ks->ks_flags & KS_DEAD) { + fdrop(fp, td); + return (EINVAL); + } + *fpp = fp; + return (0); } -static void -sem_enter(struct proc *p, struct ksem *ks) +/* System calls. */ +#ifndef _SYS_SYSPROTO_H_ +struct ksem_init_args { + unsigned int value; + semid_t *idp; +}; +#endif +int +ksem_init(struct thread *td, struct ksem_init_args *uap) { - struct kuser *ku, *k; - ku = malloc(sizeof(*ku), M_SEM, M_WAITOK); - ku->ku_pid = p->p_pid; - mtx_lock(&sem_lock); - k = sem_getuser(p, ks); - if (k != NULL) { - mtx_unlock(&sem_lock); - free(ku, M_TEMP); - return; - } - LIST_INSERT_HEAD(&ks->ks_users, ku, ku_next); - sem_ref(ks); - mtx_unlock(&sem_lock); + return (ksem_create(td, NULL, uap->idp, S_IRWXU | S_IRWXG, uap->value, + 0)); } #ifndef _SYS_SYSPROTO_H_ -struct ksem_unlink_args { - char *name; +struct ksem_open_args { + char *name; + int oflag; + mode_t mode; + unsigned int value; + semid_t *idp; }; -int ksem_unlink(struct thread *td, struct ksem_unlink_args *uap); #endif int -ksem_unlink(struct thread *td, struct ksem_unlink_args *uap) +ksem_open(struct thread *td, struct ksem_open_args *uap) { - char name[SEM_MAX_NAMELEN + 1]; - size_t done; - int error; - error = copyinstr(uap->name, name, SEM_MAX_NAMELEN + 1, &done); - return (error ? error : - kern_sem_unlink(td, name)); + if ((uap->oflag & ~(O_CREAT | O_EXCL)) != 0) + return (EINVAL); + return (ksem_create(td, uap->name, uap->idp, uap->mode, uap->value, + uap->oflag)); } -static int -kern_sem_unlink(struct thread *td, const char *name) +#ifndef _SYS_SYSPROTO_H_ +struct ksem_unlink_args { + char *name; +}; +#endif +int +ksem_unlink(struct thread *td, struct ksem_unlink_args *uap) { - struct ksem *ks; + char *path; + Fnv32_t fnv; int error; - mtx_lock(&sem_lock); - ks = sem_lookup_byname(name); - if (ks != NULL) { -#ifdef MAC - error = mac_check_posix_sem_unlink(td->td_ucred, ks); - if (error) { - mtx_unlock(&sem_lock); - return (error); - } -#endif - error = sem_perm(td, ks); - } else - error = ENOENT; - DP(("sem_unlink: '%s' ks = %p, error = %d\n", name, ks, error)); - if (error == 0) { - LIST_REMOVE(ks, ks_entry); - LIST_INSERT_HEAD(&ksem_deadhead, ks, ks_entry); - sem_rel(ks); + path = malloc(MAXPATHLEN, M_TEMP, M_WAITOK); + error = copyinstr(uap->name, path, MAXPATHLEN, NULL); + if (error) { + free(path, M_TEMP); + return (error); } - mtx_unlock(&sem_lock); + + fnv = fnv_32_str(path, FNV1_32_INIT); + sx_xlock(&ksem_dict_lock); + error = ksem_remove(path, fnv, td->td_ucred); + sx_xunlock(&ksem_dict_lock); + free(path, M_TEMP); + return (error); } #ifndef _SYS_SYSPROTO_H_ struct ksem_close_args { - semid_t id; + semid_t id; }; -int ksem_close(struct thread *td, struct ksem_close_args *uap); #endif int ksem_close(struct thread *td, struct ksem_close_args *uap) { - - return (kern_sem_close(td, uap->id)); -} - -static int -kern_sem_close(struct thread *td, semid_t id) -{ struct ksem *ks; + struct file *fp; int error; - error = EINVAL; - mtx_lock(&sem_lock); - ks = ID_TO_SEM(id); - - /* - * This is not a valid operation for unnamed sems. - */ - if (ks != NULL && ks->ks_name != NULL) *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-src-stable@FreeBSD.ORG Tue Feb 17 21:02:36 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C121F10656C6; Tue, 17 Feb 2009 21:02:35 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id B69FE8FC0A; Tue, 17 Feb 2009 21:02:35 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n1HL2ZUN027564; Tue, 17 Feb 2009 21:02:35 GMT (envelope-from jhb@svn.freebsd.org) Received: (from jhb@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n1HL2ZZJ027560; Tue, 17 Feb 2009 21:02:35 GMT (envelope-from jhb@svn.freebsd.org) Message-Id: <200902172102.n1HL2ZZJ027560@svn.freebsd.org> From: John Baldwin Date: Tue, 17 Feb 2009 21:02:35 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org X-SVN-Group: stable-7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r188730 - in stable/7: share/man/man9 sys sys/contrib/pf sys/dev/ath/ath_hal sys/dev/cxgb sys/kern X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Feb 2009 21:02:38 -0000 Author: jhb Date: Tue Feb 17 21:02:35 2009 New Revision: 188730 URL: http://svn.freebsd.org/changeset/base/188730 Log: MFC: Permit Giant to be passed as the explicit interlock either to msleep/mtx_sleep or the various cv_*wait*() routines. Modified: stable/7/share/man/man9/ (props changed) stable/7/share/man/man9/condvar.9 stable/7/share/man/man9/sleep.9 stable/7/sys/ (props changed) stable/7/sys/contrib/pf/ (props changed) stable/7/sys/dev/ath/ath_hal/ (props changed) stable/7/sys/dev/cxgb/ (props changed) stable/7/sys/kern/kern_condvar.c stable/7/sys/kern/kern_synch.c Modified: stable/7/share/man/man9/condvar.9 ============================================================================== --- stable/7/share/man/man9/condvar.9 Tue Feb 17 20:35:11 2009 (r188729) +++ stable/7/share/man/man9/condvar.9 Tue Feb 17 21:02:35 2009 (r188730) @@ -136,9 +136,27 @@ When a thread waits on a condition, .Fa lock is atomically released before the thread is blocked, then reacquired before the function call returns. +In addition, the thread will fully drop the +.Va Giant +mutex +(even if recursed) +while the it is suspended and will reacquire the +.Va Giant +mutex before the function returns. The .Fn cv_wait_unlock function does not reacquire the lock before returning. +Note that the +.Va Giant +mutex may be specified as +.Fa lock . +However, +.Va Giant +may not be used as +.Fa lock +for the +.Fn cv_wait_unlock +function. All waiters must pass the same .Fa lock in conjunction with Modified: stable/7/share/man/man9/sleep.9 ============================================================================== --- stable/7/share/man/man9/sleep.9 Tue Feb 17 20:35:11 2009 (r188729) +++ stable/7/share/man/man9/sleep.9 Tue Feb 17 21:02:35 2009 (r188730) @@ -153,6 +153,12 @@ mutex while the thread is suspended and will reacquire the .Va Giant mutex before the function returns. +Note that the +.Va Giant +mutex may be specified as the lock to drop. +In that case, however, the +.Dv PDROP +flag is not allowed. .Pp To avoid lost wakeups, either a lock should be used to protect against races, Modified: stable/7/sys/kern/kern_condvar.c ============================================================================== --- stable/7/sys/kern/kern_condvar.c Tue Feb 17 20:35:11 2009 (r188729) +++ stable/7/sys/kern/kern_condvar.c Tue Feb 17 21:02:35 2009 (r188730) @@ -100,6 +100,7 @@ _cv_wait(struct cv *cvp, struct lock_obj int lock_state; td = curthread; + lock_state = 0; #ifdef KTRACE if (KTRPOINT(td, KTR_CSW)) ktrcsw(1, 0); @@ -126,11 +127,13 @@ _cv_wait(struct cv *cvp, struct lock_obj DROP_GIANT(); sleepq_add(cvp, lock, cvp->cv_description, SLEEPQ_CONDVAR, 0); - if (class->lc_flags & LC_SLEEPABLE) - sleepq_release(cvp); - lock_state = class->lc_unlock(lock); - if (class->lc_flags & LC_SLEEPABLE) - sleepq_lock(cvp); + if (lock != &Giant.lock_object) { + if (class->lc_flags & LC_SLEEPABLE) + sleepq_release(cvp); + lock_state = class->lc_unlock(lock); + if (class->lc_flags & LC_SLEEPABLE) + sleepq_lock(cvp); + } sleepq_wait(cvp); #ifdef KTRACE @@ -138,8 +141,10 @@ _cv_wait(struct cv *cvp, struct lock_obj ktrcsw(0, 0); #endif PICKUP_GIANT(); - class->lc_lock(lock, lock_state); - WITNESS_RESTORE(lock, lock_witness); + if (lock != &Giant.lock_object) { + class->lc_lock(lock, lock_state); + WITNESS_RESTORE(lock, lock_witness); + } } /* @@ -160,6 +165,8 @@ _cv_wait_unlock(struct cv *cvp, struct l CV_ASSERT(cvp, lock, td); WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, lock, "Waiting on \"%s\"", cvp->cv_description); + KASSERT(lock != &Giant.lock_object, + ("cv_wait_unlock cannot be used with Giant")); class = LOCK_CLASS(lock); if (cold || panicstr) { @@ -210,6 +217,7 @@ _cv_wait_sig(struct cv *cvp, struct lock td = curthread; p = td->td_proc; + lock_state = 0; #ifdef KTRACE if (KTRPOINT(td, KTR_CSW)) ktrcsw(1, 0); @@ -237,11 +245,13 @@ _cv_wait_sig(struct cv *cvp, struct lock sleepq_add(cvp, lock, cvp->cv_description, SLEEPQ_CONDVAR | SLEEPQ_INTERRUPTIBLE, 0); - if (class->lc_flags & LC_SLEEPABLE) - sleepq_release(cvp); - lock_state = class->lc_unlock(lock); - if (class->lc_flags & LC_SLEEPABLE) - sleepq_lock(cvp); + if (lock != &Giant.lock_object) { + if (class->lc_flags & LC_SLEEPABLE) + sleepq_release(cvp); + lock_state = class->lc_unlock(lock); + if (class->lc_flags & LC_SLEEPABLE) + sleepq_lock(cvp); + } rval = sleepq_wait_sig(cvp); #ifdef KTRACE @@ -249,8 +259,10 @@ _cv_wait_sig(struct cv *cvp, struct lock ktrcsw(0, 0); #endif PICKUP_GIANT(); - class->lc_lock(lock, lock_state); - WITNESS_RESTORE(lock, lock_witness); + if (lock != &Giant.lock_object) { + class->lc_lock(lock, lock_state); + WITNESS_RESTORE(lock, lock_witness); + } return (rval); } @@ -270,6 +282,7 @@ _cv_timedwait(struct cv *cvp, struct loc td = curthread; rval = 0; + lock_state = 0; #ifdef KTRACE if (KTRPOINT(td, KTR_CSW)) ktrcsw(1, 0); @@ -297,11 +310,13 @@ _cv_timedwait(struct cv *cvp, struct loc sleepq_add(cvp, lock, cvp->cv_description, SLEEPQ_CONDVAR, 0); sleepq_set_timeout(cvp, timo); - if (class->lc_flags & LC_SLEEPABLE) - sleepq_release(cvp); - lock_state = class->lc_unlock(lock); - if (class->lc_flags & LC_SLEEPABLE) - sleepq_lock(cvp); + if (lock != &Giant.lock_object) { + if (class->lc_flags & LC_SLEEPABLE) + sleepq_release(cvp); + lock_state = class->lc_unlock(lock); + if (class->lc_flags & LC_SLEEPABLE) + sleepq_lock(cvp); + } rval = sleepq_timedwait(cvp); #ifdef KTRACE @@ -309,8 +324,10 @@ _cv_timedwait(struct cv *cvp, struct loc ktrcsw(0, 0); #endif PICKUP_GIANT(); - class->lc_lock(lock, lock_state); - WITNESS_RESTORE(lock, lock_witness); + if (lock != &Giant.lock_object) { + class->lc_lock(lock, lock_state); + WITNESS_RESTORE(lock, lock_witness); + } return (rval); } @@ -333,6 +350,7 @@ _cv_timedwait_sig(struct cv *cvp, struct td = curthread; p = td->td_proc; rval = 0; + lock_state = 0; #ifdef KTRACE if (KTRPOINT(td, KTR_CSW)) ktrcsw(1, 0); @@ -361,11 +379,13 @@ _cv_timedwait_sig(struct cv *cvp, struct sleepq_add(cvp, lock, cvp->cv_description, SLEEPQ_CONDVAR | SLEEPQ_INTERRUPTIBLE, 0); sleepq_set_timeout(cvp, timo); - if (class->lc_flags & LC_SLEEPABLE) - sleepq_release(cvp); - lock_state = class->lc_unlock(lock); - if (class->lc_flags & LC_SLEEPABLE) - sleepq_lock(cvp); + if (lock != &Giant.lock_object) { + if (class->lc_flags & LC_SLEEPABLE) + sleepq_release(cvp); + lock_state = class->lc_unlock(lock); + if (class->lc_flags & LC_SLEEPABLE) + sleepq_lock(cvp); + } rval = sleepq_timedwait_sig(cvp); #ifdef KTRACE @@ -373,8 +393,10 @@ _cv_timedwait_sig(struct cv *cvp, struct ktrcsw(0, 0); #endif PICKUP_GIANT(); - class->lc_lock(lock, lock_state); - WITNESS_RESTORE(lock, lock_witness); + if (lock != &Giant.lock_object) { + class->lc_lock(lock, lock_state); + WITNESS_RESTORE(lock, lock_witness); + } return (rval); } Modified: stable/7/sys/kern/kern_synch.c ============================================================================== --- stable/7/sys/kern/kern_synch.c Tue Feb 17 20:35:11 2009 (r188729) +++ stable/7/sys/kern/kern_synch.c Tue Feb 17 21:02:35 2009 (r188730) @@ -139,6 +139,9 @@ _sleep(void *ident, struct lock_object * ident == &lbolt, ("sleeping without a lock")); KASSERT(p != NULL, ("msleep1")); KASSERT(ident != NULL && TD_IS_RUNNING(td), ("msleep")); + if (priority & PDROP) + KASSERT(lock != NULL && lock != &Giant.lock_object, + ("PDROP requires a non-Giant lock")); if (lock != NULL) class = LOCK_CLASS(lock); else @@ -180,7 +183,8 @@ _sleep(void *ident, struct lock_object * td->td_tid, p->p_pid, p->p_comm, wmesg, ident); DROP_GIANT(); - if (lock != NULL && !(class->lc_flags & LC_SLEEPABLE)) { + if (lock != NULL && lock != &Giant.lock_object && + !(class->lc_flags & LC_SLEEPABLE)) { WITNESS_SAVE(lock, lock_witness); lock_state = class->lc_unlock(lock); } else @@ -231,7 +235,7 @@ _sleep(void *ident, struct lock_object * ktrcsw(0, 0); #endif PICKUP_GIANT(); - if (lock != NULL && !(priority & PDROP)) { + if (lock != NULL && lock != &Giant.lock_object && !(priority & PDROP)) { class->lc_lock(lock, lock_state); WITNESS_RESTORE(lock, lock_witness); } From owner-svn-src-stable@FreeBSD.ORG Tue Feb 17 21:35:54 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 82E50106568D; Tue, 17 Feb 2009 21:35:54 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 651568FC1A; Tue, 17 Feb 2009 21:35:54 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n1HLZsJF028341; Tue, 17 Feb 2009 21:35:54 GMT (envelope-from jhb@svn.freebsd.org) Received: (from jhb@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n1HLZs40028338; Tue, 17 Feb 2009 21:35:54 GMT (envelope-from jhb@svn.freebsd.org) Message-Id: <200902172135.n1HLZs40028338@svn.freebsd.org> From: John Baldwin Date: Tue, 17 Feb 2009 21:35:54 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org X-SVN-Group: stable-7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r188734 - in stable/7/sys: . contrib/pf dev/ath/ath_hal dev/cxgb kern X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Feb 2009 21:35:56 -0000 Author: jhb Date: Tue Feb 17 21:35:54 2009 New Revision: 188734 URL: http://svn.freebsd.org/changeset/base/188734 Log: MFC: Use shared vnode locks instead of exclusive vnode locks for the access(), chdir(), chroot(), eaccess(), fchdir(), fpathconf(), fstat(), fstatfs(), lseek() (when figuring out the current size of the file in the SEEK_END case), pathconf(), readlink(), and statfs() system calls. Modified: stable/7/sys/ (props changed) stable/7/sys/contrib/pf/ (props changed) stable/7/sys/dev/ath/ath_hal/ (props changed) stable/7/sys/dev/cxgb/ (props changed) stable/7/sys/kern/kern_descrip.c stable/7/sys/kern/vfs_syscalls.c stable/7/sys/kern/vfs_vnops.c Modified: stable/7/sys/kern/kern_descrip.c ============================================================================== --- stable/7/sys/kern/kern_descrip.c Tue Feb 17 21:35:17 2009 (r188733) +++ stable/7/sys/kern/kern_descrip.c Tue Feb 17 21:35:54 2009 (r188734) @@ -1261,7 +1261,7 @@ fpathconf(struct thread *td, struct fpat if (vp != NULL) { int vfslocked; vfslocked = VFS_LOCK_GIANT(vp->v_mount); - vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); + vn_lock(vp, LK_SHARED | LK_RETRY, td); error = VOP_PATHCONF(vp, uap->name, td->td_retval); VOP_UNLOCK(vp, 0, td); VFS_UNLOCK_GIANT(vfslocked); Modified: stable/7/sys/kern/vfs_syscalls.c ============================================================================== --- stable/7/sys/kern/vfs_syscalls.c Tue Feb 17 21:35:17 2009 (r188733) +++ stable/7/sys/kern/vfs_syscalls.c Tue Feb 17 21:35:54 2009 (r188734) @@ -296,8 +296,8 @@ kern_statfs(struct thread *td, char *pat int error; struct nameidata nd; - NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE | AUDITVNODE1, - pathseg, path, td); + NDINIT(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF | MPSAFE | + AUDITVNODE1, pathseg, path, td); error = namei(&nd); if (error) return (error); @@ -378,7 +378,7 @@ kern_fstatfs(struct thread *td, int fd, return (error); vp = fp->f_vnode; vfslocked = VFS_LOCK_GIANT(vp->v_mount); - vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); + vn_lock(vp, LK_SHARED | LK_RETRY, td); #ifdef AUDIT AUDIT_ARG(vnode, vp, ARG_VNODE1); #endif @@ -746,7 +746,7 @@ fchdir(td, uap) VREF(vp); fdrop(fp, td); vfslocked = VFS_LOCK_GIANT(vp->v_mount); - vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); + vn_lock(vp, LK_SHARED | LK_RETRY, td); AUDIT_ARG(vnode, vp, ARG_VNODE1); error = change_dir(vp, td); while (!error && (mp = vp->v_mountedhere) != NULL) { @@ -754,7 +754,7 @@ fchdir(td, uap) if (vfs_busy(mp, 0, 0, td)) continue; tvfslocked = VFS_LOCK_GIANT(mp); - error = VFS_ROOT(mp, LK_EXCLUSIVE, &tdp, td); + error = VFS_ROOT(mp, LK_SHARED, &tdp, td); vfs_unbusy(mp, td); if (error) { VFS_UNLOCK_GIANT(tvfslocked); @@ -810,8 +810,8 @@ kern_chdir(struct thread *td, char *path struct vnode *vp; int vfslocked; - NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | AUDITVNODE1 | MPSAFE, - pathseg, path, td); + NDINIT(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF | AUDITVNODE1 | + MPSAFE, pathseg, path, td); if ((error = namei(&nd)) != 0) return (error); vfslocked = NDHASGIANT(&nd); @@ -896,8 +896,8 @@ chroot(td, uap) error = priv_check(td, PRIV_VFS_CHROOT); if (error) return (error); - NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE | AUDITVNODE1, - UIO_USERSPACE, uap->path, td); + NDINIT(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF | MPSAFE | + AUDITVNODE1, UIO_USERSPACE, uap->path, td); error = namei(&nd); if (error) goto error; @@ -1779,7 +1779,7 @@ lseek(td, uap) offset += fp->f_offset; break; case L_XTND: - vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); + vn_lock(vp, LK_SHARED | LK_RETRY, td); error = VOP_GETATTR(vp, &vattr, cred, td); VOP_UNLOCK(vp, 0, td); if (error) @@ -1936,8 +1936,8 @@ kern_access(struct thread *td, char *pat tmpcred->cr_uid = cred->cr_ruid; tmpcred->cr_groups[0] = cred->cr_rgid; td->td_ucred = tmpcred; - NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE | AUDITVNODE1, - pathseg, path, td); + NDINIT(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF | MPSAFE | + AUDITVNODE1, pathseg, path, td); if ((error = namei(&nd)) != 0) goto out1; vfslocked = NDHASGIANT(&nd); @@ -2308,8 +2308,8 @@ kern_pathconf(struct thread *td, char *p struct nameidata nd; int error, vfslocked; - NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | MPSAFE | AUDITVNODE1, - pathseg, path, td); + NDINIT(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF | MPSAFE | + AUDITVNODE1, pathseg, path, td); if ((error = namei(&nd)) != 0) return (error); vfslocked = NDHASGIANT(&nd); @@ -2360,8 +2360,8 @@ kern_readlink(struct thread *td, char *p struct nameidata nd; int vfslocked; - NDINIT(&nd, LOOKUP, NOFOLLOW | LOCKLEAF | MPSAFE | AUDITVNODE1, - pathseg, path, td); + NDINIT(&nd, LOOKUP, NOFOLLOW | LOCKSHARED | LOCKLEAF | MPSAFE | + AUDITVNODE1, pathseg, path, td); if ((error = namei(&nd)) != 0) return (error); NDFREE(&nd, NDF_ONLY_PNBUF); Modified: stable/7/sys/kern/vfs_vnops.c ============================================================================== --- stable/7/sys/kern/vfs_vnops.c Tue Feb 17 21:35:17 2009 (r188733) +++ stable/7/sys/kern/vfs_vnops.c Tue Feb 17 21:35:54 2009 (r188734) @@ -610,7 +610,7 @@ vn_statfile(fp, sb, active_cred, td) int error; vfslocked = VFS_LOCK_GIANT(vp->v_mount); - vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); + vn_lock(vp, LK_SHARED | LK_RETRY, td); error = vn_stat(vp, sb, active_cred, fp->f_cred, td); VOP_UNLOCK(vp, 0, td); VFS_UNLOCK_GIANT(vfslocked); From owner-svn-src-stable@FreeBSD.ORG Tue Feb 17 21:59:54 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B80451065673; Tue, 17 Feb 2009 21:59:54 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 8A2268FC08; Tue, 17 Feb 2009 21:59:54 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n1HLxstE028842; Tue, 17 Feb 2009 21:59:54 GMT (envelope-from jhb@svn.freebsd.org) Received: (from jhb@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n1HLxsdo028840; Tue, 17 Feb 2009 21:59:54 GMT (envelope-from jhb@svn.freebsd.org) Message-Id: <200902172159.n1HLxsdo028840@svn.freebsd.org> From: John Baldwin Date: Tue, 17 Feb 2009 21:59:54 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org X-SVN-Group: stable-7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r188735 - in stable/7/sys: . contrib/pf dev/ath/ath_hal dev/cxgb kern security/audit X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Feb 2009 21:59:55 -0000 Author: jhb Date: Tue Feb 17 21:59:54 2009 New Revision: 188735 URL: http://svn.freebsd.org/changeset/base/188735 Log: MFC: Use shared vnode locks for auditing vnode arguments. Modified: stable/7/sys/ (props changed) stable/7/sys/contrib/pf/ (props changed) stable/7/sys/dev/ath/ath_hal/ (props changed) stable/7/sys/dev/cxgb/ (props changed) stable/7/sys/kern/vfs_syscalls.c stable/7/sys/security/audit/audit_arg.c Modified: stable/7/sys/kern/vfs_syscalls.c ============================================================================== --- stable/7/sys/kern/vfs_syscalls.c Tue Feb 17 21:35:54 2009 (r188734) +++ stable/7/sys/kern/vfs_syscalls.c Tue Feb 17 21:59:54 2009 (r188735) @@ -2525,7 +2525,7 @@ fchflags(td, uap) return (error); vfslocked = VFS_LOCK_GIANT(fp->f_vnode->v_mount); #ifdef AUDIT - vn_lock(fp->f_vnode, LK_EXCLUSIVE | LK_RETRY, td); + vn_lock(fp->f_vnode, LK_SHARED | LK_RETRY, td); AUDIT_ARG(vnode, fp->f_vnode, ARG_VNODE1); VOP_UNLOCK(fp->f_vnode, 0, td); #endif @@ -2665,7 +2665,7 @@ fchmod(td, uap) return (error); vfslocked = VFS_LOCK_GIANT(fp->f_vnode->v_mount); #ifdef AUDIT - vn_lock(fp->f_vnode, LK_EXCLUSIVE | LK_RETRY, td); + vn_lock(fp->f_vnode, LK_SHARED | LK_RETRY, td); AUDIT_ARG(vnode, fp->f_vnode, ARG_VNODE1); VOP_UNLOCK(fp->f_vnode, 0, td); #endif @@ -2822,7 +2822,7 @@ fchown(td, uap) return (error); vfslocked = VFS_LOCK_GIANT(fp->f_vnode->v_mount); #ifdef AUDIT - vn_lock(fp->f_vnode, LK_EXCLUSIVE | LK_RETRY, td); + vn_lock(fp->f_vnode, LK_SHARED | LK_RETRY, td); AUDIT_ARG(vnode, fp->f_vnode, ARG_VNODE1); VOP_UNLOCK(fp->f_vnode, 0, td); #endif @@ -3035,7 +3035,7 @@ kern_futimes(struct thread *td, int fd, return (error); vfslocked = VFS_LOCK_GIANT(fp->f_vnode->v_mount); #ifdef AUDIT - vn_lock(fp->f_vnode, LK_EXCLUSIVE | LK_RETRY, td); + vn_lock(fp->f_vnode, LK_SHARED | LK_RETRY, td); AUDIT_ARG(vnode, fp->f_vnode, ARG_VNODE1); VOP_UNLOCK(fp->f_vnode, 0, td); #endif Modified: stable/7/sys/security/audit/audit_arg.c ============================================================================== --- stable/7/sys/security/audit/audit_arg.c Tue Feb 17 21:35:54 2009 (r188734) +++ stable/7/sys/security/audit/audit_arg.c Tue Feb 17 21:59:54 2009 (r188735) @@ -633,7 +633,7 @@ audit_arg_file(struct proc *p, struct fi */ vp = fp->f_vnode; vfslocked = VFS_LOCK_GIANT(vp->v_mount); - vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, curthread); + vn_lock(vp, LK_SHARED | LK_RETRY, curthread); audit_arg_vnode(vp, ARG_VNODE1); VOP_UNLOCK(vp, 0, curthread); VFS_UNLOCK_GIANT(vfslocked); @@ -851,7 +851,7 @@ audit_sysclose(struct thread *td, int fd vp = fp->f_vnode; vfslocked = VFS_LOCK_GIANT(vp->v_mount); - vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); + vn_lock(vp, LK_SHARED | LK_RETRY, td); audit_arg_vnode(vp, ARG_VNODE1); VOP_UNLOCK(vp, 0, td); VFS_UNLOCK_GIANT(vfslocked); From owner-svn-src-stable@FreeBSD.ORG Tue Feb 17 22:46:31 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 26D3E1065674; Tue, 17 Feb 2009 22:46:31 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 130A98FC0C; Tue, 17 Feb 2009 22:46:31 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n1HMkUZB029941; Tue, 17 Feb 2009 22:46:30 GMT (envelope-from jhb@svn.freebsd.org) Received: (from jhb@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n1HMkUeQ029936; Tue, 17 Feb 2009 22:46:30 GMT (envelope-from jhb@svn.freebsd.org) Message-Id: <200902172246.n1HMkUeQ029936@svn.freebsd.org> From: John Baldwin Date: Tue, 17 Feb 2009 22:46:30 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org X-SVN-Group: stable-7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r188738 - in stable/7/sys: . contrib/pf dev/ath/ath_hal dev/cxgb dev/hwpmc fs/procfs kern X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Feb 2009 22:46:32 -0000 Author: jhb Date: Tue Feb 17 22:46:30 2009 New Revision: 188738 URL: http://svn.freebsd.org/changeset/base/188738 Log: MFC: Remove unnecessary locking around vn_fullpath(). This also includes closing some races between procfs' /file and execve(2) and using a shared vnode lock for the VOP_GETATTR() in the kern.proc.vmmap sysctl handler. Modified: stable/7/sys/ (props changed) stable/7/sys/contrib/pf/ (props changed) stable/7/sys/dev/ath/ath_hal/ (props changed) stable/7/sys/dev/cxgb/ (props changed) stable/7/sys/dev/hwpmc/hwpmc_mod.c stable/7/sys/fs/procfs/procfs.c stable/7/sys/fs/procfs/procfs_map.c stable/7/sys/kern/kern_descrip.c stable/7/sys/kern/kern_proc.c Modified: stable/7/sys/dev/hwpmc/hwpmc_mod.c ============================================================================== --- stable/7/sys/dev/hwpmc/hwpmc_mod.c Tue Feb 17 22:25:19 2009 (r188737) +++ stable/7/sys/dev/hwpmc/hwpmc_mod.c Tue Feb 17 22:46:30 2009 (r188738) @@ -669,9 +669,7 @@ pmc_getfilename(struct vnode *v, char ** td = curthread; *fullpath = "unknown"; *freepath = NULL; - vn_lock(v, LK_CANRECURSE | LK_EXCLUSIVE | LK_RETRY, td); vn_fullpath(td, v, fullpath, freepath); - VOP_UNLOCK(v, 0, td); } /* Modified: stable/7/sys/fs/procfs/procfs.c ============================================================================== --- stable/7/sys/fs/procfs/procfs.c Tue Feb 17 22:25:19 2009 (r188737) +++ stable/7/sys/fs/procfs/procfs.c Tue Feb 17 22:46:30 2009 (r188738) @@ -70,17 +70,13 @@ procfs_doprocfile(PFS_FILL_ARGS) char *fullpath = "unknown"; char *freepath = NULL; struct vnode *textvp; - int err; + PROC_LOCK(p); textvp = p->p_textvp; - VI_LOCK(textvp); - vholdl(textvp); - err = vn_lock(textvp, LK_EXCLUSIVE | LK_INTERLOCK, td); - vdrop(textvp); - if (err) - return (err); + vhold(textvp); + PROC_UNLOCK(p); vn_fullpath(td, textvp, &fullpath, &freepath); - VOP_UNLOCK(textvp, 0, td); + vdrop(textvp); sbuf_printf(sb, "%s", fullpath); if (freepath) free(freepath, M_TEMP); Modified: stable/7/sys/fs/procfs/procfs_map.c ============================================================================== --- stable/7/sys/fs/procfs/procfs_map.c Tue Feb 17 22:25:19 2009 (r188737) +++ stable/7/sys/fs/procfs/procfs_map.c Tue Feb 17 22:46:30 2009 (r188738) @@ -190,10 +190,9 @@ procfs_doprocmap(PFS_FILL_ARGS) shadow_count = obj->shadow_count; VM_OBJECT_UNLOCK(obj); if (vp != NULL) { - vfslocked = VFS_LOCK_GIANT(vp->v_mount); - vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); vn_fullpath(td, vp, &fullpath, &freepath); - vput(vp); + vfslocked = VFS_LOCK_GIANT(vp->v_mount); + vrele(vp); VFS_UNLOCK_GIANT(vfslocked); } } else { Modified: stable/7/sys/kern/kern_descrip.c ============================================================================== --- stable/7/sys/kern/kern_descrip.c Tue Feb 17 22:25:19 2009 (r188737) +++ stable/7/sys/kern/kern_descrip.c Tue Feb 17 22:46:30 2009 (r188738) @@ -2836,10 +2836,9 @@ export_vnode_for_sysctl(struct vnode *vp freepath = NULL; fullpath = "-"; FILEDESC_SUNLOCK(fdp); - vfslocked = VFS_LOCK_GIANT(vp->v_mount); - vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, curthread); vn_fullpath(curthread, vp, &fullpath, &freepath); - vput(vp); + vfslocked = VFS_LOCK_GIANT(vp->v_mount); + vrele(vp); VFS_UNLOCK_GIANT(vfslocked); strlcpy(kif->kf_path, fullpath, sizeof(kif->kf_path)); if (freepath != NULL) @@ -3001,10 +3000,9 @@ sysctl_kern_proc_filedesc(SYSCTL_HANDLER freepath = NULL; fullpath = "-"; FILEDESC_SUNLOCK(fdp); - vfslocked = VFS_LOCK_GIANT(vp->v_mount); - vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, curthread); vn_fullpath(curthread, vp, &fullpath, &freepath); - vput(vp); + vfslocked = VFS_LOCK_GIANT(vp->v_mount); + vrele(vp); VFS_UNLOCK_GIANT(vfslocked); strlcpy(kif->kf_path, fullpath, sizeof(kif->kf_path)); Modified: stable/7/sys/kern/kern_proc.c ============================================================================== --- stable/7/sys/kern/kern_proc.c Tue Feb 17 22:25:19 2009 (r188737) +++ stable/7/sys/kern/kern_proc.c Tue Feb 17 22:46:30 2009 (r188738) @@ -1475,12 +1475,11 @@ sysctl_kern_proc_ovmmap(SYSCTL_HANDLER_A kve->kve_shadow_count = obj->shadow_count; VM_OBJECT_UNLOCK(obj); if (vp != NULL) { - vfslocked = VFS_LOCK_GIANT(vp->v_mount); - vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, - curthread); vn_fullpath(curthread, vp, &fullpath, &freepath); cred = curthread->td_ucred; + vfslocked = VFS_LOCK_GIANT(vp->v_mount); + vn_lock(vp, LK_SHARED | LK_RETRY, curthread); if (VOP_GETATTR(vp, &va, cred, curthread) == 0) { kve->kve_fileid = va.va_fileid; kve->kve_fsid = va.va_fsid; From owner-svn-src-stable@FreeBSD.ORG Tue Feb 17 22:49:59 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 017DA106564A; Tue, 17 Feb 2009 22:49:59 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id E31498FC08; Tue, 17 Feb 2009 22:49:58 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n1HMnwXe030038; Tue, 17 Feb 2009 22:49:58 GMT (envelope-from jhb@svn.freebsd.org) Received: (from jhb@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n1HMnwAG030037; Tue, 17 Feb 2009 22:49:58 GMT (envelope-from jhb@svn.freebsd.org) Message-Id: <200902172249.n1HMnwAG030037@svn.freebsd.org> From: John Baldwin Date: Tue, 17 Feb 2009 22:49:58 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org X-SVN-Group: stable-7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r188739 - stable/7/sys/kern X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Feb 2009 22:50:00 -0000 Author: jhb Date: Tue Feb 17 22:49:58 2009 New Revision: 188739 URL: http://svn.freebsd.org/changeset/base/188739 Log: The previous MFC only fixed the old kern.proc.vmmap sysctl. Fix the new one as well to not hold the vnode lock for vn_fullpath() and only use a shared vnode lock for VOP_GETATTR(). Modified: stable/7/sys/kern/kern_proc.c Modified: stable/7/sys/kern/kern_proc.c ============================================================================== --- stable/7/sys/kern/kern_proc.c Tue Feb 17 22:46:30 2009 (r188738) +++ stable/7/sys/kern/kern_proc.c Tue Feb 17 22:49:58 2009 (r188739) @@ -1646,12 +1646,11 @@ sysctl_kern_proc_vmmap(SYSCTL_HANDLER_AR kve->kve_shadow_count = obj->shadow_count; VM_OBJECT_UNLOCK(obj); if (vp != NULL) { - vfslocked = VFS_LOCK_GIANT(vp->v_mount); - vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, - curthread); vn_fullpath(curthread, vp, &fullpath, &freepath); cred = curthread->td_ucred; + vfslocked = VFS_LOCK_GIANT(vp->v_mount); + vn_lock(vp, LK_SHARED | LK_RETRY, curthread); if (VOP_GETATTR(vp, &va, cred, curthread) == 0) { kve->kve_fileid = va.va_fileid; kve->kve_fsid = va.va_fsid; From owner-svn-src-stable@FreeBSD.ORG Wed Feb 18 00:30:14 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3E0C6106564A; Wed, 18 Feb 2009 00:30:14 +0000 (UTC) (envelope-from peterjeremy@optushome.com.au) Received: from fallbackmx10.syd.optusnet.com.au (fallbackmx10.syd.optusnet.com.au [211.29.132.251]) by mx1.freebsd.org (Postfix) with ESMTP id 54E828FC12; Wed, 18 Feb 2009 00:30:13 +0000 (UTC) (envelope-from peterjeremy@optushome.com.au) Received: from mail18.syd.optusnet.com.au (mail18.syd.optusnet.com.au [211.29.132.199]) by fallbackmx10.syd.optusnet.com.au (8.13.1/8.13.1) with ESMTP id n1I0Feos004235; Wed, 18 Feb 2009 11:15:41 +1100 Received: from server.vk2pj.dyndns.org (c122-106-216-167.belrs3.nsw.optusnet.com.au [122.106.216.167]) by mail18.syd.optusnet.com.au (8.13.1/8.13.1) with ESMTP id n1I0FX4r010359 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 18 Feb 2009 11:15:34 +1100 X-Bogosity: Ham, spamicity=0.000000 Received: from server.vk2pj.dyndns.org (localhost.vk2pj.dyndns.org [127.0.0.1]) by server.vk2pj.dyndns.org (8.14.3/8.14.3) with ESMTP id n1I0FXP9003253; Wed, 18 Feb 2009 11:15:33 +1100 (EST) (envelope-from peter@server.vk2pj.dyndns.org) Received: (from peter@localhost) by server.vk2pj.dyndns.org (8.14.3/8.14.3/Submit) id n1I0FXpx003252; Wed, 18 Feb 2009 11:15:33 +1100 (EST) (envelope-from peter) Date: Wed, 18 Feb 2009 11:15:33 +1100 From: Peter Jeremy To: John Baldwin Message-ID: <20090218001533.GA3214@server.vk2pj.dyndns.org> References: <200902121437.n1CEbwUe058325@svn.freebsd.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="TB36FDmn/VVEgNH/" Content-Disposition: inline In-Reply-To: <200902121437.n1CEbwUe058325@svn.freebsd.org> X-PGP-Key: http://members.optusnet.com.au/peterjeremy/pubkey.asc User-Agent: Mutt/1.5.19 (2009-01-05) Cc: svn-src-stable@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org, svn-src-stable-7@freebsd.org, Phil Kim Subject: Re: svn commit: r188514 - in stable/7/sys: . contrib/pf dev/cxgb libkern X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Feb 2009 00:30:14 -0000 --TB36FDmn/VVEgNH/ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2009-Feb-12 14:37:58 +0000, John Baldwin wrote: >Log: > MFC: Add simple locking for the in-kernel iconv code. This breaks building LIBICONV: Given a config file comprising include GENERIC options LIBICONV you get: cc -c -O2 -frename-registers -pipe -fno-strict-aliasing -march=3Dnocona -st= d=3Dc99 -g -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -W= missing-prototypes -Wpointer-arith -Winline -Wcast-qual -Wundef -Wno-point= er-sign -fformat-extensions -nostdinc -I. -I/home/pjeremy/xxx/src/sys -I/h= ome/pjeremy/xxx/src/sys/contrib/altq -D_KERNEL -DHAVE_KERNEL_OPTION_HEADERS= -include opt_global.h -fno-common -finline-limit=3D8000 --param inline-uni= t-growth=3D100 --param large-function-growth=3D1000 -mcmodel=3Dkernel -mno= -red-zone -mfpmath=3D387 -mno-sse -mno-sse2 -mno-mmx -mno-3dnow -msoft-fl= oat -fno-asynchronous-unwind-tables -ffreestanding -Werror /home/pjeremy/x= xx/src/sys/libkern/iconv.c /home/pjeremy/xxx/src/sys/libkern/iconv.c: In function 'iconv_mod_unload': /home/pjeremy/xxx/src/sys/libkern/iconv.c:92: error: 'curthread' undeclared= (first use in this function) /home/pjeremy/xxx/src/sys/libkern/iconv.c:92: error: (Each undeclared ident= ifier is reported only once /home/pjeremy/xxx/src/sys/libkern/iconv.c:92: error: for each function it a= ppears in.) /home/pjeremy/xxx/src/sys/libkern/iconv.c: In function 'iconv_sysctl_add': /home/pjeremy/xxx/src/sys/libkern/iconv.c:401: error: 'curthread' undeclare= d (first use in this function) /home/pjeremy/xxx/src/sys/libkern/iconv.c: In function 'iconv_converter_han= dler': /home/pjeremy/xxx/src/sys/libkern/iconv.c:452: error: 'curthread' undeclare= d (first use in this function) *** Error code 1 Stop in /var/obj/home/pjeremy/xxx/src/sys/LIBICONV. I think you need to include to get curthread. (This should probably be documented in sx(9)). --=20 Peter Jeremy --TB36FDmn/VVEgNH/ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.10 (FreeBSD) iEYEARECAAYFAkmbUyUACgkQ/opHv/APuIdVcwCgmHxNJqcSUdjk27AMgyY2aai+ Z08An1wYeZH24EmoIJfKcXcS6V6k9OSm =vITA -----END PGP SIGNATURE----- --TB36FDmn/VVEgNH/-- From owner-svn-src-stable@FreeBSD.ORG Wed Feb 18 08:18:08 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EC7EE106566C; Wed, 18 Feb 2009 08:18:07 +0000 (UTC) (envelope-from bms@incunabulum.net) Received: from out5.smtp.messagingengine.com (out5.smtp.messagingengine.com [66.111.4.29]) by mx1.freebsd.org (Postfix) with ESMTP id B79358FC15; Wed, 18 Feb 2009 08:18:07 +0000 (UTC) (envelope-from bms@incunabulum.net) Received: from compute1.internal (compute1.internal [10.202.2.41]) by out1.messagingengine.com (Postfix) with ESMTP id 86E38299991; Wed, 18 Feb 2009 03:18:06 -0500 (EST) Received: from heartbeat2.messagingengine.com ([10.202.2.161]) by compute1.internal (MEProxy); Wed, 18 Feb 2009 03:18:06 -0500 X-Sasl-enc: 9VbU2RwHv594ZFsVm+gAl7DYpB7x1cGKod1xWkeizewT 1234945086 Received: from [192.168.123.18] (82-35-112-254.cable.ubr07.dals.blueyonder.co.uk [82.35.112.254]) by mail.messagingengine.com (Postfix) with ESMTPSA id A5E4720617; Wed, 18 Feb 2009 03:18:05 -0500 (EST) Message-ID: <499BC43B.6030701@incunabulum.net> Date: Wed, 18 Feb 2009 08:18:03 +0000 From: Bruce Simpson User-Agent: Thunderbird 2.0.0.19 (Windows/20081209) MIME-Version: 1.0 To: John Baldwin References: <200902171957.n1HJvqk8026145@svn.freebsd.org> In-Reply-To: <200902171957.n1HJvqk8026145@svn.freebsd.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: svn-src-stable@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org, svn-src-stable-7@freebsd.org Subject: Re: svn commit: r188727 - in stable/7: sys sys/contrib/pf sys/dev/ath/ath_hal sys/dev/cxgb sys/kern sys/modules/sem sys/sys tools/regression/posixsem usr.bin/procstat X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Feb 2009 08:18:09 -0000 John Baldwin wrote: > Author: jhb > Date: Tue Feb 17 19:57:52 2009 > New Revision: 188727 > URL: http://svn.freebsd.org/changeset/base/188727 > > Log: > MFC: Rework the lifetime management of the kernel implementation of POSIX > semaphores. Specifically, semaphores are now represented as new file > descriptor type that is set to close on exec. This removes the need for > all of the manual process reference counting (and fork, exec, and exit > event handlers) as the normal file descriptor operations handle all of > that for us nicely. It is also suggested as one possible implementation > in the spec and at least one other OS (OS X) uses this approach. FYI: This change *may* fix Python 2.6's 'multiprocessing' module on FreeBSD 7-STABLE, which is known to have problems there; it depends on POSIX semaphores to synchronize its IPC between different fork()'s of the Python interpreter. If anyone else has an interest in ths they may wish to test, if not, I will try to get around to it eventually. cheers BMS From owner-svn-src-stable@FreeBSD.ORG Wed Feb 18 14:16:39 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8956A1065672; Wed, 18 Feb 2009 14:16:39 +0000 (UTC) (envelope-from bms@incunabulum.net) Received: from out5.smtp.messagingengine.com (out5.smtp.messagingengine.com [66.111.4.29]) by mx1.freebsd.org (Postfix) with ESMTP id 580178FC1D; Wed, 18 Feb 2009 14:16:39 +0000 (UTC) (envelope-from bms@incunabulum.net) Received: from compute1.internal (compute1.internal [10.202.2.41]) by out1.messagingengine.com (Postfix) with ESMTP id DB159296C91; Wed, 18 Feb 2009 09:16:38 -0500 (EST) Received: from heartbeat1.messagingengine.com ([10.202.2.160]) by compute1.internal (MEProxy); Wed, 18 Feb 2009 09:16:38 -0500 X-Sasl-enc: NNQeH852CdtHgW9b8FhEL6vsmen6LLBVmvpFlyne7xXq 1234966598 Received: from empiric.lon.incunabulum.net (82-35-112-254.cable.ubr07.dals.blueyonder.co.uk [82.35.112.254]) by mail.messagingengine.com (Postfix) with ESMTPSA id 01F3C30711; Wed, 18 Feb 2009 09:16:37 -0500 (EST) Message-ID: <499C1843.90008@incunabulum.net> Date: Wed, 18 Feb 2009 14:16:35 +0000 From: Bruce Simpson User-Agent: Thunderbird 2.0.0.19 (X11/20081209) MIME-Version: 1.0 To: John Baldwin References: <200902171957.n1HJvqk8026145@svn.freebsd.org> <499BC43B.6030701@incunabulum.net> In-Reply-To: <499BC43B.6030701@incunabulum.net> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: svn-src-stable@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org, svn-src-stable-7@freebsd.org Subject: Re: svn commit: r188727 - in stable/7: sys sys/contrib/pf sys/dev/ath/ath_hal sys/dev/cxgb sys/kern sys/modules/sem sys/sys tools/regression/posixsem usr.bin/procstat X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Feb 2009 14:16:40 -0000 Bruce Simpson wrote: > .... > FYI: > This change *may* fix Python 2.6's 'multiprocessing' module on FreeBSD > 7-STABLE, which is known to have problems there; it depends on POSIX > semaphores to synchronize its IPC between different fork()'s of the > Python interpreter. > If anyone else has an interest in ths they may wish to test, if not, I > will try to get around to it eventually. I just tested this and Python 2.5 still dumps core in sem_open() when called from semlock_new() in _multiprocessing.so, this is with the most recent back-port of multiprocessing to Python 2.5: http://pypi.python.org/pypi/multiprocessing cheers BMS From owner-svn-src-stable@FreeBSD.ORG Wed Feb 18 15:10:50 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4BC3D1065676; Wed, 18 Feb 2009 15:10:50 +0000 (UTC) (envelope-from jhb@freebsd.org) Received: from cyrus.watson.org (cyrus.watson.org [65.122.17.42]) by mx1.freebsd.org (Postfix) with ESMTP id 192D78FC21; Wed, 18 Feb 2009 15:10:50 +0000 (UTC) (envelope-from jhb@freebsd.org) Received: from server.baldwin.cx (pool-98-109-39-197.nwrknj.fios.verizon.net [98.109.39.197]) by cyrus.watson.org (Postfix) with ESMTPSA id 6DF9D46B2D; Wed, 18 Feb 2009 10:10:49 -0500 (EST) Received: from localhost (john@localhost [127.0.0.1]) (authenticated bits=0) by server.baldwin.cx (8.14.3/8.14.3) with ESMTP id n1IFAhsM043449; Wed, 18 Feb 2009 10:10:43 -0500 (EST) (envelope-from jhb@freebsd.org) From: John Baldwin To: Peter Jeremy Date: Wed, 18 Feb 2009 09:48:52 -0500 User-Agent: KMail/1.9.7 References: <200902121437.n1CEbwUe058325@svn.freebsd.org> <20090218001533.GA3214@server.vk2pj.dyndns.org> In-Reply-To: <20090218001533.GA3214@server.vk2pj.dyndns.org> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200902180948.52908.jhb@freebsd.org> X-Greylist: Sender succeeded SMTP AUTH authentication, not delayed by milter-greylist-2.0.2 (server.baldwin.cx [127.0.0.1]); Wed, 18 Feb 2009 10:10:43 -0500 (EST) X-Virus-Scanned: ClamAV 0.94.2/9001/Tue Feb 17 23:29:20 2009 on server.baldwin.cx X-Virus-Status: Clean X-Spam-Status: No, score=-4.4 required=4.2 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.1.3 X-Spam-Checker-Version: SpamAssassin 3.1.3 (2006-06-01) on server.baldwin.cx Cc: svn-src-stable@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org, svn-src-stable-7@freebsd.org, Phil Kim Subject: Re: svn commit: r188514 - in stable/7/sys: . contrib/pf dev/cxgb libkern X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Feb 2009 15:10:51 -0000 On Tuesday 17 February 2009 7:15:33 pm Peter Jeremy wrote: > On 2009-Feb-12 14:37:58 +0000, John Baldwin wrote: > >Log: > > MFC: Add simple locking for the in-kernel iconv code. > > This breaks building LIBICONV: Given a config file comprising > include GENERIC > options LIBICONV > > you get: > cc -c -O2 -frename-registers -pipe -fno-strict-aliasing -march=nocona -std=c99 -g -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -Wundef -Wno-pointer-sign -fformat-extensions -nostdinc -I. -I/home/pjeremy/xxx/src/sys -I/home/pjeremy/xxx/src/sys/contrib/altq -D_KERNEL -DHAVE_KERNEL_OPTION_HEADERS -include opt_global.h -fno-common -finline-limit=8000 --param inline-unit-growth=100 --param large-function-growth=1000 -mcmodel=kernel -mno-red-zone -mfpmath=387 -mno-sse -mno-sse2 -mno-mmx -mno-3dnow -msoft-float -fno-asynchronous-unwind-tables -ffreestanding -Werror /home/pjeremy/xxx/src/sys/libkern/iconv.c > /home/pjeremy/xxx/src/sys/libkern/iconv.c: In function 'iconv_mod_unload': > /home/pjeremy/xxx/src/sys/libkern/iconv.c:92: error: 'curthread' undeclared (first use in this function) > /home/pjeremy/xxx/src/sys/libkern/iconv.c:92: error: (Each undeclared identifier is reported only once > /home/pjeremy/xxx/src/sys/libkern/iconv.c:92: error: for each function it appears in.) > /home/pjeremy/xxx/src/sys/libkern/iconv.c: In function 'iconv_sysctl_add': > /home/pjeremy/xxx/src/sys/libkern/iconv.c:401: error: 'curthread' undeclared (first use in this function) > /home/pjeremy/xxx/src/sys/libkern/iconv.c: In function 'iconv_converter_handler': > /home/pjeremy/xxx/src/sys/libkern/iconv.c:452: error: 'curthread' undeclared (first use in this function) > *** Error code 1 > > Stop in /var/obj/home/pjeremy/xxx/src/sys/LIBICONV. > > I think you need to include to get curthread. (This should > probably be documented in sx(9)). This was fixed by the MFC to yesterday to include in the _KERNEL section. I had missed this since the build worked fine with LINT and the module build. -- John Baldwin From owner-svn-src-stable@FreeBSD.ORG Wed Feb 18 15:10:56 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 029C210656E3; Wed, 18 Feb 2009 15:10:55 +0000 (UTC) (envelope-from jhb@freebsd.org) Received: from cyrus.watson.org (cyrus.watson.org [65.122.17.42]) by mx1.freebsd.org (Postfix) with ESMTP id B6D558FC1D; Wed, 18 Feb 2009 15:10:55 +0000 (UTC) (envelope-from jhb@freebsd.org) Received: from server.baldwin.cx (pool-98-109-39-197.nwrknj.fios.verizon.net [98.109.39.197]) by cyrus.watson.org (Postfix) with ESMTPSA id 53B5F46B35; Wed, 18 Feb 2009 10:10:55 -0500 (EST) Received: from localhost (john@localhost [127.0.0.1]) (authenticated bits=0) by server.baldwin.cx (8.14.3/8.14.3) with ESMTP id n1IFAhsN043449; Wed, 18 Feb 2009 10:10:49 -0500 (EST) (envelope-from jhb@freebsd.org) From: John Baldwin To: Bruce Simpson Date: Wed, 18 Feb 2009 09:49:32 -0500 User-Agent: KMail/1.9.7 References: <200902171957.n1HJvqk8026145@svn.freebsd.org> <499BC43B.6030701@incunabulum.net> In-Reply-To: <499BC43B.6030701@incunabulum.net> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200902180949.32691.jhb@freebsd.org> X-Greylist: Sender succeeded SMTP AUTH authentication, not delayed by milter-greylist-2.0.2 (server.baldwin.cx [127.0.0.1]); Wed, 18 Feb 2009 10:10:49 -0500 (EST) X-Virus-Scanned: ClamAV 0.94.2/9001/Tue Feb 17 23:29:20 2009 on server.baldwin.cx X-Virus-Status: Clean X-Spam-Status: No, score=-4.4 required=4.2 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.1.3 X-Spam-Checker-Version: SpamAssassin 3.1.3 (2006-06-01) on server.baldwin.cx Cc: svn-src-stable@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org, svn-src-stable-7@freebsd.org Subject: Re: svn commit: r188727 - in stable/7: sys sys/contrib/pf sys/dev/ath/ath_hal sys/dev/cxgb sys/kern sys/modules/sem sys/sys tools/regression/posixsem usr.bin/procstat X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Feb 2009 15:10:59 -0000 On Wednesday 18 February 2009 3:18:03 am Bruce Simpson wrote: > John Baldwin wrote: > > Author: jhb > > Date: Tue Feb 17 19:57:52 2009 > > New Revision: 188727 > > URL: http://svn.freebsd.org/changeset/base/188727 > > > > Log: > > MFC: Rework the lifetime management of the kernel implementation of POSIX > > semaphores. Specifically, semaphores are now represented as new file > > descriptor type that is set to close on exec. This removes the need for > > all of the manual process reference counting (and fork, exec, and exit > > event handlers) as the normal file descriptor operations handle all of > > that for us nicely. It is also suggested as one possible implementation > > in the spec and at least one other OS (OS X) uses this approach. > > FYI: > This change *may* fix Python 2.6's 'multiprocessing' module on FreeBSD > 7-STABLE, which is known to have problems there; it depends on POSIX > semaphores to synchronize its IPC between different fork()'s of the > Python interpreter. > > If anyone else has an interest in ths they may wish to test, if not, I > will try to get around to it eventually. When Kris tested it, it made things significantly better. I'm not sure if it resolved all the issues though. -- John Baldwin From owner-svn-src-stable@FreeBSD.ORG Wed Feb 18 15:11:02 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EED4810657B0; Wed, 18 Feb 2009 15:11:01 +0000 (UTC) (envelope-from jhb@freebsd.org) Received: from cyrus.watson.org (cyrus.watson.org [65.122.17.42]) by mx1.freebsd.org (Postfix) with ESMTP id 9A3588FC22; Wed, 18 Feb 2009 15:11:01 +0000 (UTC) (envelope-from jhb@freebsd.org) Received: from server.baldwin.cx (pool-98-109-39-197.nwrknj.fios.verizon.net [98.109.39.197]) by cyrus.watson.org (Postfix) with ESMTPSA id 3C07C46B2C; Wed, 18 Feb 2009 10:11:01 -0500 (EST) Received: from localhost (john@localhost [127.0.0.1]) (authenticated bits=0) by server.baldwin.cx (8.14.3/8.14.3) with ESMTP id n1IFAhsO043449; Wed, 18 Feb 2009 10:10:55 -0500 (EST) (envelope-from jhb@freebsd.org) From: John Baldwin To: Bruce Simpson Date: Wed, 18 Feb 2009 10:05:28 -0500 User-Agent: KMail/1.9.7 References: <200902171957.n1HJvqk8026145@svn.freebsd.org> <499BC43B.6030701@incunabulum.net> <499C1843.90008@incunabulum.net> In-Reply-To: <499C1843.90008@incunabulum.net> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200902181005.28625.jhb@freebsd.org> X-Greylist: Sender succeeded SMTP AUTH authentication, not delayed by milter-greylist-2.0.2 (server.baldwin.cx [127.0.0.1]); Wed, 18 Feb 2009 10:10:55 -0500 (EST) X-Virus-Scanned: ClamAV 0.94.2/9001/Tue Feb 17 23:29:20 2009 on server.baldwin.cx X-Virus-Status: Clean X-Spam-Status: No, score=-4.4 required=4.2 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.1.3 X-Spam-Checker-Version: SpamAssassin 3.1.3 (2006-06-01) on server.baldwin.cx Cc: svn-src-stable@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org, svn-src-stable-7@freebsd.org Subject: Re: svn commit: r188727 - in stable/7: sys sys/contrib/pf sys/dev/ath/ath_hal sys/dev/cxgb sys/kern sys/modules/sem sys/sys tools/regression/posixsem usr.bin/procstat X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Feb 2009 15:11:04 -0000 On Wednesday 18 February 2009 9:16:35 am Bruce Simpson wrote: > Bruce Simpson wrote: > > .... > > FYI: > > This change *may* fix Python 2.6's 'multiprocessing' module on FreeBSD > > 7-STABLE, which is known to have problems there; it depends on POSIX > > semaphores to synchronize its IPC between different fork()'s of the > > Python interpreter. > > If anyone else has an interest in ths they may wish to test, if not, I > > will try to get around to it eventually. > > I just tested this and Python 2.5 still dumps core in sem_open() when > called from semlock_new() in _multiprocessing.so, this is with the most > recent back-port of multiprocessing to Python 2.5: > http://pypi.python.org/pypi/multiprocessing Do you have a core dump with symbols? If so, can you get the trace? -- John Baldwin From owner-svn-src-stable@FreeBSD.ORG Wed Feb 18 15:17:54 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4A05C106564A; Wed, 18 Feb 2009 15:17:54 +0000 (UTC) (envelope-from bms@incunabulum.net) Received: from out5.smtp.messagingengine.com (out5.smtp.messagingengine.com [66.111.4.29]) by mx1.freebsd.org (Postfix) with ESMTP id 051E38FC08; Wed, 18 Feb 2009 15:17:53 +0000 (UTC) (envelope-from bms@incunabulum.net) Received: from compute1.internal (compute1.internal [10.202.2.41]) by out1.messagingengine.com (Postfix) with ESMTP id 6DF7C299E41; Wed, 18 Feb 2009 10:17:53 -0500 (EST) Received: from heartbeat2.messagingengine.com ([10.202.2.161]) by compute1.internal (MEProxy); Wed, 18 Feb 2009 10:17:53 -0500 X-Sasl-enc: B0Y9+LqUJBjGs1uhX5G4nWGIcdTbuVUZ4YabfwmQTFfL 1234970272 Received: from empiric.lon.incunabulum.net (82-35-112-254.cable.ubr07.dals.blueyonder.co.uk [82.35.112.254]) by mail.messagingengine.com (Postfix) with ESMTPSA id 2EAFE2C721; Wed, 18 Feb 2009 10:17:52 -0500 (EST) Message-ID: <499C269D.7030406@incunabulum.net> Date: Wed, 18 Feb 2009 15:17:49 +0000 From: Bruce Simpson User-Agent: Thunderbird 2.0.0.19 (X11/20081209) MIME-Version: 1.0 To: John Baldwin References: <200902171957.n1HJvqk8026145@svn.freebsd.org> <499BC43B.6030701@incunabulum.net> <499C1843.90008@incunabulum.net> <200902181005.28625.jhb@freebsd.org> In-Reply-To: <200902181005.28625.jhb@freebsd.org> Content-Type: multipart/mixed; boundary="------------030408070501040503000606" Cc: svn-src-stable@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org, svn-src-stable-7@freebsd.org Subject: Re: svn commit: r188727 - in stable/7: sys sys/contrib/pf sys/dev/ath/ath_hal sys/dev/cxgb sys/kern sys/modules/sem sys/sys tools/regression/posixsem usr.bin/procstat X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Feb 2009 15:17:54 -0000 This is a multi-part message in MIME format. --------------030408070501040503000606 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit John Baldwin wrote: > ... > >> I just tested this and Python 2.5 still dumps core in sem_open() when >> called from semlock_new() in _multiprocessing.so, this is with the most >> recent back-port of multiprocessing to Python 2.5: >> http://pypi.python.org/pypi/multiprocessing >> > > Do you have a core dump with symbols? If so, can you get the trace? > Here you are... have runtime ELF symbols but no line numbers. I had to comment out some stuff in its "setup.py" to persuade the _multiprocessing C shim to use sem_open() (remove freebsd7 and/or freebsd8 from that file before "python setup.py config" and "python setup.py build"). I was running the Doc/includes/mp_benchmarks.py file which ships with multiprocessing. multiprocessing is part of Python 2.6 base now, so likely what is Not OK in the backport, would need to be forward-ported when it is happy with sem_open() in Python 2.5. cheers BMS --------------030408070501040503000606 Content-Type: text/plain; name="sch" Content-Transfer-Encoding: base64 Content-Disposition: inline; filename="sch" KGdkYikgYnQKIzAgIDB4MDAwMDAwMDgwMGE5ZWM3YyBpbiBrc2VtX29wZW4gKCkgZnJvbSAv bGliL2xpYmMuc28uNwojMSAgMHgwMDAwMDAwODAwYTk1MDRkIGluIHNlbV9vcGVuICgpIGZy b20gL2xpYi9saWJjLnNvLjcKIzIgIDB4MDAwMDAwMDgwMTMxODQyYyBpbiBzZW1sb2NrX25l dyAoKQogICBmcm9tIC91c3IvbG9jYWwvbGliL3B5dGhvbjIuNS9zaXRlLXBhY2thZ2VzL211 bHRpcHJvY2Vzc2luZy0yLjYuMS4xLXB5Mi41LWZyZWVic2QtNy4xLVNUQUJMRS1hbWQ2NC5l Z2cvbXVsdGlwcm9jZXNzaW5nL19tdWx0aXByb2Nlc3Npbmcuc28KIzMgIDB4MDAwMDAwMDAw MDQ0YmM3MyBpbiBQeVR5cGVfSXNTdWJ0eXBlICgpCiM0ICAweDAwMDAwMDAwMDA0MTUxZDMg aW4gUHlPYmplY3RfQ2FsbCAoKQojNSAgMHgwMDAwMDAwMDAwNDZlNTViIGluIFB5RXZhbF9F dmFsRnJhbWVFeCAoKQojNiAgMHgwMDAwMDAwMDAwNDcxNzRjIGluIFB5RXZhbF9FdmFsQ29k ZUV4ICgpCiM3ICAweDAwMDAwMDAwMDA0YWZiZGEgaW4gUHlDbGFzc01ldGhvZF9OZXcgKCkK IzggIDB4MDAwMDAwMDAwMDQxNTFkMyBpbiBQeU9iamVjdF9DYWxsICgpCiM5ICAweDAwMDAw MDAwMDA0MWFlMGQgaW4gUHlDbGFzc19Jc1N1YmNsYXNzICgpCiMxMCAweDAwMDAwMDAwMDA0 MTUxZDMgaW4gUHlPYmplY3RfQ2FsbCAoKQojMTEgMHgwMDAwMDAwMDAwNDZlNTViIGluIFB5 RXZhbF9FdmFsRnJhbWVFeCAoKQojMTIgMHgwMDAwMDAwMDAwNDcxNzRjIGluIFB5RXZhbF9F dmFsQ29kZUV4ICgpCiMxMyAweDAwMDAwMDAwMDA0YWZiZGEgaW4gUHlDbGFzc01ldGhvZF9O ZXcgKCkKIzE0IDB4MDAwMDAwMDAwMDQxNTFkMyBpbiBQeU9iamVjdF9DYWxsICgpCiMxNSAw eDAwMDAwMDAwMDA0MWFlMGQgaW4gUHlDbGFzc19Jc1N1YmNsYXNzICgpCiMxNiAweDAwMDAw MDAwMDA0MTUxZDMgaW4gUHlPYmplY3RfQ2FsbCAoKQojMTcgMHgwMDAwMDAwMDAwNDRmOTM4 IGluIF9QeVR5cGVfTG9va3VwICgpCiMxOCAweDAwMDAwMDAwMDA0NGJjYjggaW4gUHlUeXBl X0lzU3VidHlwZSAoKQojMTkgMHgwMDAwMDAwMDAwNDE1MWQzIGluIFB5T2JqZWN0X0NhbGwg KCkKIzIwIDB4MDAwMDAwMDAwMDQ2ZTU1YiBpbiBQeUV2YWxfRXZhbEZyYW1lRXggKCkKIzIx IDB4MDAwMDAwMDAwMDQ3MTc0YyBpbiBQeUV2YWxfRXZhbENvZGVFeCAoKQojMjIgMHgwMDAw MDAwMDAwNGFmYmRhIGluIFB5Q2xhc3NNZXRob2RfTmV3ICgpCiMyMyAweDAwMDAwMDAwMDA0 MTUxZDMgaW4gUHlPYmplY3RfQ2FsbCAoKQojMjQgMHgwMDAwMDAwMDAwNDFhZTBkIGluIFB5 Q2xhc3NfSXNTdWJjbGFzcyAoKQojMjUgMHgwMDAwMDAwMDAwNDE1MWQzIGluIFB5T2JqZWN0 X0NhbGwgKCkKIzI2IDB4MDAwMDAwMDAwMDQ0ZjkzOCBpbiBfUHlUeXBlX0xvb2t1cCAoKQoj MjcgMHgwMDAwMDAwMDAwNDRiY2I4IGluIFB5VHlwZV9Jc1N1YnR5cGUgKCkKIzI4IDB4MDAw MDAwMDAwMDQxNTFkMyBpbiBQeU9iamVjdF9DYWxsICgpCiMyOSAweDAwMDAwMDAwMDA0NmU1 NWIgaW4gUHlFdmFsX0V2YWxGcmFtZUV4ICgpCiMzMCAweDAwMDAwMDAwMDA0NzE3NGMgaW4g UHlFdmFsX0V2YWxDb2RlRXggKCkKIzMxIDB4MDAwMDAwMDAwMDQ2ZmVmNCBpbiBQeUV2YWxf RXZhbEZyYW1lRXggKCkKIzMyIDB4MDAwMDAwMDAwMDQ3MDZmZCBpbiBQeUV2YWxfRXZhbEZy YW1lRXggKCkKIzMzIDB4MDAwMDAwMDAwMDQ3MTc0YyBpbiBQeUV2YWxfRXZhbENvZGVFeCAo KQojMzQgMHgwMDAwMDAwMDAwNDcxODYyIGluIFB5RXZhbF9FdmFsQ29kZSAoKQojMzUgMHgw MDAwMDAwMDAwNDhhZTAyIGluIFB5X0NvbXBpbGVTdHJpbmcgKCkKIzM2IDB4MDAwMDAwMDAw MDQ4YWVkNiBpbiBQeVJ1bl9GaWxlRXhGbGFncyAoKQojMzcgMHgwMDAwMDAwMDAwNDhjMzcz IGluIFB5UnVuX1NpbXBsZUZpbGVFeEZsYWdzICgpCiMzOCAweDAwMDAwMDAwMDA0MTIyMTkg aW4gUHlfTWFpbiAoKQojMzkgMHgwMDAwMDAwMDAwNDExODk3IGluIG1haW4gKCkK --------------030408070501040503000606-- From owner-svn-src-stable@FreeBSD.ORG Wed Feb 18 15:55:05 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E79DA106566C; Wed, 18 Feb 2009 15:55:05 +0000 (UTC) (envelope-from jhb@freebsd.org) Received: from cyrus.watson.org (cyrus.watson.org [65.122.17.42]) by mx1.freebsd.org (Postfix) with ESMTP id B45598FC16; Wed, 18 Feb 2009 15:55:05 +0000 (UTC) (envelope-from jhb@freebsd.org) Received: from server.baldwin.cx (pool-98-109-39-197.nwrknj.fios.verizon.net [98.109.39.197]) by cyrus.watson.org (Postfix) with ESMTPSA id 5989946B03; Wed, 18 Feb 2009 10:55:05 -0500 (EST) Received: from localhost (john@localhost [127.0.0.1]) (authenticated bits=0) by server.baldwin.cx (8.14.3/8.14.3) with ESMTP id n1IFsrIV043674; Wed, 18 Feb 2009 10:54:59 -0500 (EST) (envelope-from jhb@freebsd.org) From: John Baldwin To: Bruce Simpson Date: Wed, 18 Feb 2009 10:54:35 -0500 User-Agent: KMail/1.9.7 References: <200902171957.n1HJvqk8026145@svn.freebsd.org> <200902181005.28625.jhb@freebsd.org> <499C269D.7030406@incunabulum.net> In-Reply-To: <499C269D.7030406@incunabulum.net> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200902181054.35709.jhb@freebsd.org> X-Greylist: Sender succeeded SMTP AUTH authentication, not delayed by milter-greylist-2.0.2 (server.baldwin.cx [127.0.0.1]); Wed, 18 Feb 2009 10:54:59 -0500 (EST) X-Virus-Scanned: ClamAV 0.94.2/9002/Wed Feb 18 06:16:50 2009 on server.baldwin.cx X-Virus-Status: Clean X-Spam-Status: No, score=-4.4 required=4.2 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.1.3 X-Spam-Checker-Version: SpamAssassin 3.1.3 (2006-06-01) on server.baldwin.cx Cc: svn-src-stable@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org, svn-src-stable-7@freebsd.org Subject: Re: svn commit: r188727 - in stable/7: sys sys/contrib/pf sys/dev/ath/ath_hal sys/dev/cxgb sys/kern sys/modules/sem sys/sys tools/regression/posixsem usr.bin/procstat X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Feb 2009 15:55:06 -0000 On Wednesday 18 February 2009 10:17:49 am Bruce Simpson wrote: > John Baldwin wrote: > > ... > > > >> I just tested this and Python 2.5 still dumps core in sem_open() when > >> called from semlock_new() in _multiprocessing.so, this is with the most > >> recent back-port of multiprocessing to Python 2.5: > >> http://pypi.python.org/pypi/multiprocessing > >> > > > > Do you have a core dump with symbols? If so, can you get the trace? > > > > Here you are... have runtime ELF symbols but no line numbers. > > I had to comment out some stuff in its "setup.py" to persuade the > _multiprocessing C shim to use sem_open() (remove freebsd7 and/or > freebsd8 from that file before "python setup.py config" and "python > setup.py build"). > > I was running the Doc/includes/mp_benchmarks.py file which ships with > multiprocessing. > > multiprocessing is part of Python 2.6 base now, so likely what is Not OK > in the backport, would need to be forward-ported when it is happy with > sem_open() in Python 2.5. Hmm, by symbols I meant having things built with debug symbols (i.e. "-g"). Also, do you have 'sem.ko' loaded? The only reason I can think of why you would get a core dump in ksem_open() itself would be if you got a SIGSYS because the module wasn't loaded. -- John Baldwin From owner-svn-src-stable@FreeBSD.ORG Wed Feb 18 20:12:09 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1CAD510656F8; Wed, 18 Feb 2009 20:12:09 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id F0ADE8FC22; Wed, 18 Feb 2009 20:12:08 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n1IKC8lY073586; Wed, 18 Feb 2009 20:12:08 GMT (envelope-from jamie@svn.freebsd.org) Received: (from jamie@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n1IKC88S073575; Wed, 18 Feb 2009 20:12:08 GMT (envelope-from jamie@svn.freebsd.org) Message-Id: <200902182012.n1IKC88S073575@svn.freebsd.org> From: Jamie Gritton Date: Wed, 18 Feb 2009 20:12:08 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org X-SVN-Group: stable-7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r188761 - in stable/7: lib/libc lib/libc/string lib/libc/sys sys sys/contrib/pf sys/dev/ath/ath_hal sys/dev/cxgb sys/kern sys/net sys/netinet sys/netinet6 sys/sys X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Feb 2009 20:12:10 -0000 Author: jamie Date: Wed Feb 18 20:12:08 2009 New Revision: 188761 URL: http://svn.freebsd.org/changeset/base/188761 Log: MFC: r188144: Standardize the various prison_foo_ip[46] functions and prison_if to return zero on success and an error code otherwise. The possible errors are EADDRNOTAVAIL if an address being checked for doesn't match the prison, and EAFNOSUPPORT if the prison doesn't have any addresses in that address family. For most callers of these functions, use the returned error code instead of e.g. a hard-coded EADDRNOTAVAIL or EINVAL. Always include a jailed() check in these functions, where a non-jailed cred always returns success (and makes no changes). Remove the explicit jailed() checks that preceded many of the function calls. r188146: Don't allow creating a socket with a protocol family that the current jail doesn't support. This involves a new function prison_check_af, like prison_check_ip[46] but that checks only the family. With this change, most of the errors generated by jailed sockets shouldn't ever occur, at least until jails are changeable. r188148: Remove redundant calls of prison_local_ip4 in in_pcbbind_setup, and of prison_local_ip6 in in6_pcbbind. r188149: Call prison_if from rtm_get_jailed, instead of splitting it out into prison_check_ip4 and prison_check_ip6. As prison_if includes a jailed() check, remove that check before calling rtm_get_jailed. r188151: Don't bother null-checking the thread pointer before the prison checks in udp6_connect (td is already dereferenced elsewhere without such a check). This makes the conversion from a sockaddr to a sockaddr_in6 always happen, so convert once at the beginning of the function rather than twice in the middle. Approved by: bz (mentor) Modified: stable/7/lib/libc/ (props changed) stable/7/lib/libc/string/ffsll.c (props changed) stable/7/lib/libc/string/flsll.c (props changed) stable/7/lib/libc/sys/send.2 stable/7/sys/ (props changed) stable/7/sys/contrib/pf/ (props changed) stable/7/sys/dev/ath/ath_hal/ (props changed) stable/7/sys/dev/cxgb/ (props changed) stable/7/sys/kern/kern_jail.c stable/7/sys/kern/uipc_socket.c stable/7/sys/net/if.c stable/7/sys/net/rtsock.c stable/7/sys/netinet/in.c stable/7/sys/netinet/in_pcb.c stable/7/sys/netinet/raw_ip.c stable/7/sys/netinet/tcp_usrreq.c stable/7/sys/netinet/udp_usrreq.c stable/7/sys/netinet6/in6.c stable/7/sys/netinet6/in6_pcb.c stable/7/sys/netinet6/in6_src.c stable/7/sys/netinet6/raw_ip6.c stable/7/sys/netinet6/udp6_usrreq.c stable/7/sys/sys/jail.h Modified: stable/7/lib/libc/sys/send.2 ============================================================================== --- stable/7/lib/libc/sys/send.2 Wed Feb 18 19:59:27 2009 (r188760) +++ stable/7/lib/libc/sys/send.2 Wed Feb 18 20:12:08 2009 (r188761) @@ -28,7 +28,7 @@ .\" From: @(#)send.2 8.2 (Berkeley) 2/21/94 .\" $FreeBSD$ .\" -.Dd September 13, 2006 +.Dd February 5, 2009 .Dt SEND 2 .Os .Sh NAME @@ -190,7 +190,7 @@ receiver is not listening on the remote The remote host was down. .It Bq Er ENETDOWN The remote network was down. -.It Bq Er EPERM +.It Bq Er EADDRNOTAVAIL The process using a .Dv SOCK_RAW socket was jailed and the source Modified: stable/7/sys/kern/kern_jail.c ============================================================================== --- stable/7/sys/kern/kern_jail.c Wed Feb 18 19:59:27 2009 (r188760) +++ stable/7/sys/kern/kern_jail.c Wed Feb 18 20:12:08 2009 (r188761) @@ -230,7 +230,7 @@ prison_check_conflicting_ips(struct pris if ((p->pr_ip4s >= 1 && pr->pr_ip4s > 1) || (p->pr_ip4s > 1 && pr->pr_ip4s >= 1)) { for (i = 0; i < p->pr_ip4s; i++) { - if (_prison_check_ip4(pr, &p->pr_ip4[i])) + if (_prison_check_ip4(pr, &p->pr_ip4[i]) == 0) return (EINVAL); } } @@ -239,7 +239,7 @@ prison_check_conflicting_ips(struct pris if ((p->pr_ip6s >= 1 && pr->pr_ip6s > 1) || (p->pr_ip6s > 1 && pr->pr_ip6s >= 1)) { for (i = 0; i < p->pr_ip6s; i++) { - if (_prison_check_ip6(pr, &p->pr_ip6[i])) + if (_prison_check_ip6(pr, &p->pr_ip6[i]) == 0) return (EINVAL); } } @@ -841,9 +841,10 @@ prison_proc_free(struct prison *pr) * Pass back primary IPv4 address of this jail. * * If not jailed return success but do not alter the address. Caller has to - * make sure to intialize it correctly (INADDR_ANY). + * make sure to intialize it correctly (e.g. INADDR_ANY). * - * Returns 0 on success, 1 on error. Address returned in NBO. + * Returns 0 on success, EAFNOSUPPORT if the jail doesn't allow IPv4. + * Address returned in NBO. */ int prison_get_ip4(struct ucred *cred, struct in_addr *ia) @@ -857,7 +858,7 @@ prison_get_ip4(struct ucred *cred, struc return (0); if (cred->cr_prison->pr_ip4 == NULL) - return (1); + return (EAFNOSUPPORT); ia->s_addr = cred->cr_prison->pr_ip4[0].s_addr; return (0); @@ -867,8 +868,9 @@ prison_get_ip4(struct ucred *cred, struc * Make sure our (source) address is set to something meaningful to this * jail. * - * Returns 0 on success, 1 on error. Address passed in in NBO and returned - * in NBO. + * Returns 0 if not jailed or if address belongs to jail, EADDRNOTAVAIL if + * the address doesn't belong, or EAFNOSUPPORT if the jail doesn't allow IPv4. + * Address passed in in NBO and returned in NBO. */ int prison_local_ip4(struct ucred *cred, struct in_addr *ia) @@ -881,7 +883,7 @@ prison_local_ip4(struct ucred *cred, str if (!jailed(cred)) return (0); if (cred->cr_prison->pr_ip4 == NULL) - return (1); + return (EAFNOSUPPORT); ia0.s_addr = ntohl(ia->s_addr); if (ia0.s_addr == INADDR_LOOPBACK) { @@ -889,25 +891,23 @@ prison_local_ip4(struct ucred *cred, str return (0); } - /* - * In case there is only 1 IPv4 address, bind directly. - */ - if (ia0.s_addr == INADDR_ANY && cred->cr_prison->pr_ip4s == 1) { - ia->s_addr = cred->cr_prison->pr_ip4[0].s_addr; + if (ia0.s_addr == INADDR_ANY) { + /* + * In case there is only 1 IPv4 address, bind directly. + */ + if (cred->cr_prison->pr_ip4s == 1) + ia->s_addr = cred->cr_prison->pr_ip4[0].s_addr; return (0); } - if (ia0.s_addr == INADDR_ANY || prison_check_ip4(cred, ia)) - return (0); - - return (1); + return (_prison_check_ip4(cred->cr_prison, ia)); } /* * Rewrite destination address in case we will connect to loopback address. * - * Returns 0 on success, 1 on error. Address passed in in NBO and returned - * in NBO. + * Returns 0 on success, EAFNOSUPPORT if the jail doesn't allow IPv4. + * Address passed in in NBO and returned in NBO. */ int prison_remote_ip4(struct ucred *cred, struct in_addr *ia) @@ -919,7 +919,8 @@ prison_remote_ip4(struct ucred *cred, st if (!jailed(cred)) return (0); if (cred->cr_prison->pr_ip4 == NULL) - return (1); + return (EAFNOSUPPORT); + if (ntohl(ia->s_addr) == INADDR_LOOPBACK) { ia->s_addr = cred->cr_prison->pr_ip4[0].s_addr; return (0); @@ -932,23 +933,22 @@ prison_remote_ip4(struct ucred *cred, st } /* - * Check if given address belongs to the jail referenced by cred. + * Check if given address belongs to the jail referenced by cred/prison. * - * Returns 1 if address belongs to jail, 0 if not. Address passed in in NBO. + * Returns 0 if not jailed or if address belongs to jail, EADDRNOTAVAIL if + * the address doesn't belong, or EAFNOSUPPORT if the jail doesn't allow IPv4. + * Address passed in in NBO. */ static int _prison_check_ip4(struct prison *pr, struct in_addr *ia) { int i, a, z, d; - if (pr->pr_ip4 == NULL) - return (0); - /* * Check the primary IP. */ if (pr->pr_ip4[0].s_addr == ia->s_addr) - return (1); + return (0); /* * All the other IPs are sorted so we can do a binary search. @@ -963,9 +963,10 @@ _prison_check_ip4(struct prison *pr, str else if (d < 0) a = i + 1; else - return (1); + return (0); } - return (0); + + return (EADDRNOTAVAIL); } int @@ -976,7 +977,9 @@ prison_check_ip4(struct ucred *cred, str KASSERT(ia != NULL, ("%s: ia is NULL", __func__)); if (!jailed(cred)) - return (1); + return (0); + if (cred->cr_prison->pr_ip4 == NULL) + return (EAFNOSUPPORT); return (_prison_check_ip4(cred->cr_prison, ia)); } @@ -987,9 +990,9 @@ prison_check_ip4(struct ucred *cred, str * Pass back primary IPv6 address for this jail. * * If not jailed return success but do not alter the address. Caller has to - * make sure to intialize it correctly (IN6ADDR_ANY_INIT). + * make sure to intialize it correctly (e.g. IN6ADDR_ANY_INIT). * - * Returns 0 on success, 1 on error. + * Returns 0 on success, EAFNOSUPPORT if the jail doesn't allow IPv6. */ int prison_get_ip6(struct ucred *cred, struct in6_addr *ia6) @@ -1001,7 +1004,8 @@ prison_get_ip6(struct ucred *cred, struc if (!jailed(cred)) return (0); if (cred->cr_prison->pr_ip6 == NULL) - return (1); + return (EAFNOSUPPORT); + bcopy(&cred->cr_prison->pr_ip6[0], ia6, sizeof(struct in6_addr)); return (0); } @@ -1012,7 +1016,8 @@ prison_get_ip6(struct ucred *cred, struc * v6only should be set based on (inp->inp_flags & IN6P_IPV6_V6ONLY != 0) * when needed while binding. * - * Returns 0 on success, 1 on error. + * Returns 0 if not jailed or if address belongs to jail, EADDRNOTAVAIL if + * the address doesn't belong, or EAFNOSUPPORT if the jail doesn't allow IPv6. */ int prison_local_ip6(struct ucred *cred, struct in6_addr *ia6, int v6only) @@ -1024,32 +1029,32 @@ prison_local_ip6(struct ucred *cred, str if (!jailed(cred)) return (0); if (cred->cr_prison->pr_ip6 == NULL) - return (1); + return (EAFNOSUPPORT); + if (IN6_IS_ADDR_LOOPBACK(ia6)) { bcopy(&cred->cr_prison->pr_ip6[0], ia6, sizeof(struct in6_addr)); return (0); } - /* - * In case there is only 1 IPv6 address, and v6only is true, then - * bind directly. - */ - if (v6only != 0 && IN6_IS_ADDR_UNSPECIFIED(ia6) && - cred->cr_prison->pr_ip6s == 1) { - bcopy(&cred->cr_prison->pr_ip6[0], ia6, - sizeof(struct in6_addr)); + if (IN6_IS_ADDR_UNSPECIFIED(ia6)) { + /* + * In case there is only 1 IPv6 address, and v6only is true, + * then bind directly. + */ + if (v6only != 0 && cred->cr_prison->pr_ip6s == 1) + bcopy(&cred->cr_prison->pr_ip6[0], ia6, + sizeof(struct in6_addr)); return (0); } - if (IN6_IS_ADDR_UNSPECIFIED(ia6) || prison_check_ip6(cred, ia6)) - return (0); - return (1); + + return (_prison_check_ip6(cred->cr_prison, ia6)); } /* * Rewrite destination address in case we will connect to loopback address. * - * Returns 0 on success, 1 on error. + * Returns 0 on success, EAFNOSUPPORT if the jail doesn't allow IPv6. */ int prison_remote_ip6(struct ucred *cred, struct in6_addr *ia6) @@ -1061,7 +1066,8 @@ prison_remote_ip6(struct ucred *cred, st if (!jailed(cred)) return (0); if (cred->cr_prison->pr_ip6 == NULL) - return (1); + return (EAFNOSUPPORT); + if (IN6_IS_ADDR_LOOPBACK(ia6)) { bcopy(&cred->cr_prison->pr_ip6[0], ia6, sizeof(struct in6_addr)); @@ -1075,23 +1081,21 @@ prison_remote_ip6(struct ucred *cred, st } /* - * Check if given address belongs to the jail referenced by cred. + * Check if given address belongs to the jail referenced by cred/prison. * - * Returns 1 if address belongs to jail, 0 if not. + * Returns 0 if not jailed or if address belongs to jail, EADDRNOTAVAIL if + * the address doesn't belong, or EAFNOSUPPORT if the jail doesn't allow IPv6. */ static int _prison_check_ip6(struct prison *pr, struct in6_addr *ia6) { int i, a, z, d; - if (pr->pr_ip6 == NULL) - return (0); - /* * Check the primary IP. */ if (IN6_ARE_ADDR_EQUAL(&pr->pr_ip6[0], ia6)) - return (1); + return (0); /* * All the other IPs are sorted so we can do a binary search. @@ -1106,9 +1110,10 @@ _prison_check_ip6(struct prison *pr, str else if (d < 0) a = i + 1; else - return (1); + return (0); } - return (0); + + return (EADDRNOTAVAIL); } int @@ -1119,18 +1124,63 @@ prison_check_ip6(struct ucred *cred, str KASSERT(ia6 != NULL, ("%s: ia6 is NULL", __func__)); if (!jailed(cred)) - return (1); + return (0); + if (cred->cr_prison->pr_ip6 == NULL) + return (EAFNOSUPPORT); return (_prison_check_ip6(cred->cr_prison, ia6)); } #endif /* + * Check if a jail supports the given address family. + * + * Returns 0 if not jailed or the address family is supported, EAFNOSUPPORT + * if not. + */ +int +prison_check_af(struct ucred *cred, int af) +{ + int error; + + KASSERT(cred != NULL, ("%s: cred is NULL", __func__)); + + + if (!jailed(cred)) + return (0); + + error = 0; + switch (af) + { +#ifdef INET + case AF_INET: + if (cred->cr_prison->pr_ip4 == NULL) + error = EAFNOSUPPORT; + break; +#endif +#ifdef INET6 + case AF_INET6: + if (cred->cr_prison->pr_ip6 == NULL) + error = EAFNOSUPPORT; + break; +#endif + case AF_LOCAL: + case AF_ROUTE: + break; + default: + if (jail_socket_unixiproute_only) + error = EAFNOSUPPORT; + } + return (error); +} + +/* * Check if given address belongs to the jail referenced by cred (wrapper to * prison_check_ip[46]). * - * Returns 1 if address belongs to jail, 0 if not. IPv4 Address passed in in - * NBO. + * Returns 0 if not jailed or if address belongs to jail, EADDRNOTAVAIL if + * the address doesn't belong, or EAFNOSUPPORT if the jail doesn't allow + * the address family. IPv4 Address passed in in NBO. */ int prison_if(struct ucred *cred, struct sockaddr *sa) @@ -1141,35 +1191,31 @@ prison_if(struct ucred *cred, struct soc #ifdef INET6 struct sockaddr_in6 *sai6; #endif - int ok; + int error; KASSERT(cred != NULL, ("%s: cred is NULL", __func__)); KASSERT(sa != NULL, ("%s: sa is NULL", __func__)); - ok = 0; - switch(sa->sa_family) + error = 0; + switch (sa->sa_family) { #ifdef INET case AF_INET: sai = (struct sockaddr_in *)sa; - if (prison_check_ip4(cred, &sai->sin_addr)) - ok = 1; + error = prison_check_ip4(cred, &sai->sin_addr); break; - #endif #ifdef INET6 case AF_INET6: sai6 = (struct sockaddr_in6 *)sa; - if (prison_check_ip6(cred, (struct in6_addr *)&sai6->sin6_addr)) - ok = 1; + error = prison_check_ip6(cred, &sai6->sin6_addr); break; - #endif default: - if (!jail_socket_unixiproute_only) - ok = 1; + if (jailed(cred) && jail_socket_unixiproute_only) + error = EAFNOSUPPORT; } - return (ok); + return (error); } /* Modified: stable/7/sys/kern/uipc_socket.c ============================================================================== --- stable/7/sys/kern/uipc_socket.c Wed Feb 18 19:59:27 2009 (r188760) +++ stable/7/sys/kern/uipc_socket.c Wed Feb 18 20:12:08 2009 (r188761) @@ -345,15 +345,8 @@ socreate(int dom, struct socket **aso, i prp->pr_usrreqs->pru_attach == pru_attach_notsupp) return (EPROTONOSUPPORT); - if (jailed(cred) && jail_socket_unixiproute_only && - prp->pr_domain->dom_family != PF_LOCAL && - prp->pr_domain->dom_family != PF_INET && -#ifdef INET6 - prp->pr_domain->dom_family != PF_INET6 && -#endif - prp->pr_domain->dom_family != PF_ROUTE) { + if (prison_check_af(cred, prp->pr_domain->dom_family) != 0) return (EPROTONOSUPPORT); - } if (prp->pr_type != type) return (EPROTOTYPE); Modified: stable/7/sys/net/if.c ============================================================================== --- stable/7/sys/net/if.c Wed Feb 18 19:59:27 2009 (r188760) +++ stable/7/sys/net/if.c Wed Feb 18 20:12:08 2009 (r188761) @@ -2196,8 +2196,7 @@ again: TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { struct sockaddr *sa = ifa->ifa_addr; - if (jailed(curthread->td_ucred) && - !prison_if(curthread->td_ucred, sa)) + if (prison_if(curthread->td_ucred, sa) != 0) continue; addrs++; #ifdef COMPAT_43 Modified: stable/7/sys/net/rtsock.c ============================================================================== --- stable/7/sys/net/rtsock.c Wed Feb 18 19:59:27 2009 (r188760) +++ stable/7/sys/net/rtsock.c Wed Feb 18 20:12:08 2009 (r188761) @@ -329,55 +329,48 @@ rtm_get_jailed(struct rt_addrinfo *info, struct rtentry *rt, union sockaddr_union *saun, struct ucred *cred) { + /* First, see if the returned address is part of the jail. */ + if (prison_if(cred, rt->rt_ifa->ifa_addr) == 0) { + info->rti_info[RTAX_IFA] = rt->rt_ifa->ifa_addr; + return (0); + } + switch (info->rti_info[RTAX_DST]->sa_family) { #ifdef INET case AF_INET: { struct in_addr ia; + struct ifaddr *ifa; + int found; + found = 0; /* - * 1. Check if the returned address is part of the jail. + * Try to find an address on the given outgoing interface + * that belongs to the jail. */ - ia = ((struct sockaddr_in *)rt->rt_ifa->ifa_addr)->sin_addr; - if (prison_check_ip4(cred, &ia) != 0) { - info->rti_info[RTAX_IFA] = rt->rt_ifa->ifa_addr; - - } else { - struct ifaddr *ifa; - int found; - - found = 0; - + TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { + struct sockaddr *sa; + sa = ifa->ifa_addr; + if (sa->sa_family != AF_INET) + continue; + ia = ((struct sockaddr_in *)sa)->sin_addr; + if (prison_check_ip4(cred, &ia) == 0) { + found = 1; + break; + } + } + if (!found) { /* - * 2. Try to find an address on the given outgoing - * interface that belongs to the jail. + * As a last resort return the 'default' jail address. */ - TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { - struct sockaddr *sa; - sa = ifa->ifa_addr; - if (sa->sa_family != AF_INET) - continue; - ia = ((struct sockaddr_in *)sa)->sin_addr; - if (prison_check_ip4(cred, &ia) != 0) { - found = 1; - break; - } - } - if (!found) { - /* - * 3. As a last resort return the 'default' - * jail address. - */ - if (prison_get_ip4(cred, &ia) != 0) - return (ESRCH); - } - bzero(&saun->sin, sizeof(struct sockaddr_in)); - saun->sin.sin_len = sizeof(struct sockaddr_in); - saun->sin.sin_family = AF_INET; - saun->sin.sin_addr.s_addr = ia.s_addr; - info->rti_info[RTAX_IFA] = - (struct sockaddr *)&saun->sin; + if (prison_get_ip4(cred, &ia) != 0) + return (ESRCH); } + bzero(&saun->sin, sizeof(struct sockaddr_in)); + saun->sin.sin_len = sizeof(struct sockaddr_in); + saun->sin.sin_family = AF_INET; + saun->sin.sin_addr.s_addr = ia.s_addr; + info->rti_info[RTAX_IFA] = (struct sockaddr *)&saun->sin; break; } #endif @@ -385,54 +378,40 @@ rtm_get_jailed(struct rt_addrinfo *info, case AF_INET6: { struct in6_addr ia6; + struct ifaddr *ifa; + int found; + found = 0; /* - * 1. Check if the returned address is part of the jail. + * Try to find an address on the given outgoing interface + * that belongs to the jail. */ - bcopy(&((struct sockaddr_in6 *)rt->rt_ifa->ifa_addr)->sin6_addr, - &ia6, sizeof(struct in6_addr)); - if (prison_check_ip6(cred, &ia6) != 0) { - info->rti_info[RTAX_IFA] = rt->rt_ifa->ifa_addr; - } else { - struct ifaddr *ifa; - int found; - - found = 0; - + TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { + struct sockaddr *sa; + sa = ifa->ifa_addr; + if (sa->sa_family != AF_INET6) + continue; + bcopy(&((struct sockaddr_in6 *)sa)->sin6_addr, + &ia6, sizeof(struct in6_addr)); + if (prison_check_ip6(cred, &ia6) == 0) { + found = 1; + break; + } + } + if (!found) { /* - * 2. Try to find an address on the given outgoing - * interface that belongs to the jail. + * As a last resort return the 'default' jail address. */ - TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { - struct sockaddr *sa; - sa = ifa->ifa_addr; - if (sa->sa_family != AF_INET6) - continue; - bcopy(&((struct sockaddr_in6 *)sa)->sin6_addr, - &ia6, sizeof(struct in6_addr)); - if (prison_check_ip6(cred, &ia6) != 0) { - found = 1; - break; - } - } - if (!found) { - /* - * 3. As a last resort return the 'default' - * jail address. - */ - if (prison_get_ip6(cred, &ia6) != 0) - return (ESRCH); - } - bzero(&saun->sin6, sizeof(struct sockaddr_in6)); - saun->sin6.sin6_len = sizeof(struct sockaddr_in6); - saun->sin6.sin6_family = AF_INET6; - bcopy(&ia6, &saun->sin6.sin6_addr, - sizeof(struct in6_addr)); - if (sa6_recoverscope(&saun->sin6) != 0) + if (prison_get_ip6(cred, &ia6) != 0) return (ESRCH); - info->rti_info[RTAX_IFA] = - (struct sockaddr *)&saun->sin6; } + bzero(&saun->sin6, sizeof(struct sockaddr_in6)); + saun->sin6.sin6_len = sizeof(struct sockaddr_in6); + saun->sin6.sin6_family = AF_INET6; + bcopy(&ia6, &saun->sin6.sin6_addr, sizeof(struct in6_addr)); + if (sa6_recoverscope(&saun->sin6) != 0) + return (ESRCH); + info->rti_info[RTAX_IFA] = (struct sockaddr *)&saun->sin6; break; } #endif @@ -585,9 +564,10 @@ route_output(struct mbuf *m, struct sock case RTM_GET: report: RT_LOCK_ASSERT(rt); - if (jailed(curthread->td_ucred) && - ((rt->rt_flags & RTF_HOST) == 0 || - !prison_if(curthread->td_ucred, rt_key(rt)))) { + if ((rt->rt_flags & RTF_HOST) == 0 + ? jailed(curthread->td_ucred) + : prison_if(curthread->td_ucred, + rt_key(rt)) != 0) { RT_UNLOCK(rt); senderr(ESRCH); } @@ -600,17 +580,11 @@ route_output(struct mbuf *m, struct sock if (ifp) { info.rti_info[RTAX_IFP] = ifp->if_addr->ifa_addr; - if (jailed(curthread->td_ucred)) { - error = rtm_get_jailed( - &info, ifp, rt, &saun, - curthread->td_ucred); - if (error != 0) { - RT_UNLOCK(rt); - senderr(ESRCH); - } - } else { - info.rti_info[RTAX_IFA] = - rt->rt_ifa->ifa_addr; + error = rtm_get_jailed(&info, ifp, rt, + &saun, curthread->td_ucred); + if (error != 0) { + RT_UNLOCK(rt); + senderr(error); } if (ifp->if_flags & IFF_POINTOPOINT) info.rti_info[RTAX_BRD] = @@ -1230,9 +1204,9 @@ sysctl_dumpentry(struct radix_node *rn, if (w->w_op == NET_RT_FLAGS && !(rt->rt_flags & w->w_arg)) return 0; - if (jailed(w->w_req->td->td_ucred) && - ((rt->rt_flags & RTF_HOST) == 0 || - !prison_if(w->w_req->td->td_ucred, rt_key(rt)))) + if ((rt->rt_flags & RTF_HOST) == 0 + ? jailed(w->w_req->td->td_ucred) + : prison_if(w->w_req->td->td_ucred, rt_key(rt)) != 0) return (0); bzero((caddr_t)&info, sizeof(info)); info.rti_info[RTAX_DST] = rt_key(rt); @@ -1293,8 +1267,8 @@ sysctl_iflist(int af, struct walkarg *w) while ((ifa = TAILQ_NEXT(ifa, ifa_link)) != NULL) { if (af && af != ifa->ifa_addr->sa_family) continue; - if (jailed(w->w_req->td->td_ucred) && - !prison_if(w->w_req->td->td_ucred, ifa->ifa_addr)) + if (prison_if(w->w_req->td->td_ucred, + ifa->ifa_addr) != 0) continue; info.rti_info[RTAX_IFA] = ifa->ifa_addr; info.rti_info[RTAX_NETMASK] = ifa->ifa_netmask; @@ -1341,8 +1315,8 @@ sysctl_ifmalist(int af, struct walkarg * TAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) { if (af && af != ifma->ifma_addr->sa_family) continue; - if (jailed(w->w_req->td->td_ucred) && - !prison_if(w->w_req->td->td_ucred, ifma->ifma_addr)) + if (prison_if(w->w_req->td->td_ucred, + ifma->ifma_addr) != 0) continue; info.rti_info[RTAX_IFA] = ifma->ifma_addr; info.rti_info[RTAX_GATEWAY] = Modified: stable/7/sys/netinet/in.c ============================================================================== --- stable/7/sys/netinet/in.c Wed Feb 18 19:59:27 2009 (r188760) +++ stable/7/sys/netinet/in.c Wed Feb 18 20:12:08 2009 (r188761) @@ -255,7 +255,7 @@ in_control(struct socket *so, u_long cmd if (iap->ia_ifp == ifp && iap->ia_addr.sin_addr.s_addr == dst.s_addr) { if (td == NULL || prison_check_ip4( - td->td_ucred, &dst)) + td->td_ucred, &dst) == 0) ia = iap; break; } @@ -264,8 +264,8 @@ in_control(struct socket *so, u_long cmd iap = ifatoia(ifa); if (iap->ia_addr.sin_family == AF_INET) { if (td != NULL && - !prison_check_ip4(td->td_ucred, - &iap->ia_addr.sin_addr)) + prison_check_ip4(td->td_ucred, + &iap->ia_addr.sin_addr) != 0) continue; ia = iap; break; Modified: stable/7/sys/netinet/in_pcb.c ============================================================================== --- stable/7/sys/netinet/in_pcb.c Wed Feb 18 19:59:27 2009 (r188760) +++ stable/7/sys/netinet/in_pcb.c Wed Feb 18 20:12:08 2009 (r188761) @@ -296,7 +296,10 @@ in_pcbbind_setup(struct inpcb *inp, stru return (EINVAL); if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0) wild = INPLOOKUP_WILDCARD; - if (nam) { + if (nam == NULL) { + if ((error = prison_local_ip4(cred, &laddr)) != 0) + return (error); + } else { sin = (struct sockaddr_in *)nam; if (nam->sa_len != sizeof (*sin)) return (EINVAL); @@ -308,8 +311,9 @@ in_pcbbind_setup(struct inpcb *inp, stru if (sin->sin_family != AF_INET) return (EAFNOSUPPORT); #endif - if (prison_local_ip4(cred, &sin->sin_addr)) - return (EINVAL); + error = prison_local_ip4(cred, &sin->sin_addr); + if (error) + return (error); if (sin->sin_port != *lportp) { /* Don't allow the port to change. */ if (*lportp != 0) @@ -365,8 +369,6 @@ in_pcbbind_setup(struct inpcb *inp, stru t->inp_cred->cr_uid)) return (EADDRINUSE); } - if (prison_local_ip4(cred, &sin->sin_addr)) - return (EADDRNOTAVAIL); t = in_pcblookup_local(pcbinfo, sin->sin_addr, lport, wild, cred); if (t && (t->inp_vflag & INP_TIMEWAIT)) { @@ -400,9 +402,6 @@ in_pcbbind_setup(struct inpcb *inp, stru u_short first, last; int count; - if (prison_local_ip4(cred, &laddr)) - return (EINVAL); - if (inp->inp_flags & INP_HIGHPORT) { first = ipport_hifirstauto; /* sysctl */ last = ipport_hilastauto; @@ -485,8 +484,6 @@ in_pcbbind_setup(struct inpcb *inp, stru wild, cred)); } } - if (prison_local_ip4(cred, &laddr)) - return (EINVAL); *laddrp = laddr.s_addr; *lportp = lport; return (0); @@ -606,7 +603,7 @@ in_pcbladdr(struct inpcb *inp, struct in if (sa->sa_family != AF_INET) continue; sin = (struct sockaddr_in *)sa; - if (prison_check_ip4(cred, &sin->sin_addr)) { + if (prison_check_ip4(cred, &sin->sin_addr) == 0) { ia = (struct in_ifaddr *)ifa; break; } @@ -617,8 +614,7 @@ in_pcbladdr(struct inpcb *inp, struct in } /* 3. As a last resort return the 'default' jail address. */ - if (prison_get_ip4(cred, laddr) != 0) - error = EADDRNOTAVAIL; + error = prison_get_ip4(cred, laddr); goto done; } @@ -643,7 +639,7 @@ in_pcbladdr(struct inpcb *inp, struct in /* Jailed. */ /* 1. Check if the iface address belongs to the jail. */ sin = (struct sockaddr_in *)sro.ro_rt->rt_ifa->ifa_addr; - if (prison_check_ip4(cred, &sin->sin_addr)) { + if (prison_check_ip4(cred, &sin->sin_addr) == 0) { ia = (struct in_ifaddr *)sro.ro_rt->rt_ifa; laddr->s_addr = ia->ia_addr.sin_addr.s_addr; goto done; @@ -659,7 +655,7 @@ in_pcbladdr(struct inpcb *inp, struct in if (sa->sa_family != AF_INET) continue; sin = (struct sockaddr_in *)sa; - if (prison_check_ip4(cred, &sin->sin_addr)) { + if (prison_check_ip4(cred, &sin->sin_addr) == 0) { ia = (struct in_ifaddr *)ifa; break; } @@ -670,8 +666,7 @@ in_pcbladdr(struct inpcb *inp, struct in } /* 3. As a last resort return the 'default' jail address. */ - if (prison_get_ip4(cred, laddr) != 0) - error = EADDRNOTAVAIL; + error = prison_get_ip4(cred, laddr); goto done; } @@ -721,7 +716,8 @@ in_pcbladdr(struct inpcb *inp, struct in if (sa->sa_family != AF_INET) continue; sin = (struct sockaddr_in *)sa; - if (prison_check_ip4(cred, &sin->sin_addr)) { + if (prison_check_ip4(cred, + &sin->sin_addr) == 0) { ia = (struct in_ifaddr *)ifa; break; } @@ -733,8 +729,7 @@ in_pcbladdr(struct inpcb *inp, struct in } /* 3. As a last resort return the 'default' jail address. */ - if (prison_get_ip4(cred, laddr) != 0) - error = EADDRNOTAVAIL; + error = prison_get_ip4(cred, laddr); goto done; } @@ -767,7 +762,7 @@ in_pcbconnect_setup(struct inpcb *inp, s struct sockaddr_in *sin = (struct sockaddr_in *)nam; struct in_ifaddr *ia; struct inpcb *oinp; - struct in_addr laddr, faddr, jailia; + struct in_addr laddr, faddr; u_short lport, fport; int error; @@ -800,15 +795,11 @@ in_pcbconnect_setup(struct inpcb *inp, s * choose the broadcast address for that interface. */ if (faddr.s_addr == INADDR_ANY) { - if (cred != NULL && jailed(cred)) { - if (prison_get_ip4(cred, &jailia) != 0) - return (EADDRNOTAVAIL); - faddr.s_addr = jailia.s_addr; - } else { - faddr = - IA_SIN(TAILQ_FIRST(&in_ifaddrhead))-> - sin_addr; - } + faddr = + IA_SIN(TAILQ_FIRST(&in_ifaddrhead))->sin_addr; + if (cred != NULL && + (error = prison_get_ip4(cred, &faddr)) != 0) + return (error); } else if (faddr.s_addr == (u_long)INADDR_BROADCAST && (TAILQ_FIRST(&in_ifaddrhead)->ia_ifp->if_flags & IFF_BROADCAST)) @@ -1290,7 +1281,8 @@ in_pcblookup_hash(struct inpcbinfo *pcbi injail = jailed(inp->inp_cred); if (injail) { - if (!prison_check_ip4(inp->inp_cred, &laddr)) + if (prison_check_ip4(inp->inp_cred, + &laddr) != 0) continue; } else { if (local_exact != NULL) Modified: stable/7/sys/netinet/raw_ip.c ============================================================================== --- stable/7/sys/netinet/raw_ip.c Wed Feb 18 19:59:27 2009 (r188760) +++ stable/7/sys/netinet/raw_ip.c Wed Feb 18 20:12:08 2009 (r188761) @@ -265,10 +265,8 @@ rip_input(struct mbuf *m, int off) continue; if (inp->inp_faddr.s_addr != ip->ip_src.s_addr) continue; - if (jailed(inp->inp_cred)) { - if (!prison_check_ip4(inp->inp_cred, &ip->ip_dst)) - continue; - } + if (prison_check_ip4(inp->inp_cred, &ip->ip_dst) != 0) + continue; if (last) { struct mbuf *n; @@ -295,10 +293,8 @@ rip_input(struct mbuf *m, int off) if (inp->inp_faddr.s_addr && inp->inp_faddr.s_addr != ip->ip_src.s_addr) continue; - if (jailed(inp->inp_cred)) { - if (!prison_check_ip4(inp->inp_cred, &ip->ip_dst)) - continue; - } + if (prison_check_ip4(inp->inp_cred, &ip->ip_dst) != 0) + continue; if (last) { struct mbuf *n; @@ -358,14 +354,12 @@ rip_output(struct mbuf *m, struct socket ip->ip_off = 0; ip->ip_p = inp->inp_ip_p; ip->ip_len = m->m_pkthdr.len; - if (jailed(inp->inp_cred)) { - if (prison_get_ip4(inp->inp_cred, &ip->ip_src) != 0) { - INP_RUNLOCK(inp); - m_freem(m); - return (EPERM); - } - } else { - ip->ip_src = inp->inp_laddr; + ip->ip_src = inp->inp_laddr; + error = prison_get_ip4(inp->inp_cred, &ip->ip_src); + if (error != 0) { + INP_RUNLOCK(inp); + m_freem(m); + return (error); } ip->ip_dst.s_addr = dst; ip->ip_ttl = inp->inp_ip_ttl; @@ -376,10 +370,11 @@ rip_output(struct mbuf *m, struct socket } INP_RLOCK(inp); ip = mtod(m, struct ip *); - if (!prison_check_ip4(inp->inp_cred, &ip->ip_src)) { + error = prison_check_ip4(inp->inp_cred, &ip->ip_src); + if (error != 0) { INP_RUNLOCK(inp); m_freem(m); - return (EPERM); + return (error); } /* @@ -783,12 +778,14 @@ rip_bind(struct socket *so, struct socka { struct sockaddr_in *addr = (struct sockaddr_in *)nam; struct inpcb *inp; + int error; if (nam->sa_len != sizeof(*addr)) return (EINVAL); - if (!prison_check_ip4(td->td_ucred, &addr->sin_addr)) - return (EADDRNOTAVAIL); + error = prison_check_ip4(td->td_ucred, &addr->sin_addr); + if (error != 0) + return (error); if (TAILQ_EMPTY(&ifnet) || (addr->sin_family != AF_INET && addr->sin_family != AF_IMPLINK) || Modified: stable/7/sys/netinet/tcp_usrreq.c ============================================================================== --- stable/7/sys/netinet/tcp_usrreq.c Wed Feb 18 19:59:27 2009 (r188760) +++ stable/7/sys/netinet/tcp_usrreq.c Wed Feb 18 20:12:08 2009 (r188761) @@ -462,8 +462,8 @@ tcp_usr_connect(struct socket *so, struc if (sinp->sin_family == AF_INET && IN_MULTICAST(ntohl(sinp->sin_addr.s_addr))) return (EAFNOSUPPORT); - if (prison_remote_ip4(td->td_ucred, &sinp->sin_addr) != 0) - return (EINVAL); + if ((error = prison_remote_ip4(td->td_ucred, &sinp->sin_addr)) != 0) + return (error); TCPDEBUG0; INP_INFO_WLOCK(&tcbinfo); @@ -528,10 +528,9 @@ tcp6_usr_connect(struct socket *so, stru in6_sin6_2_sin(&sin, sin6p); inp->inp_vflag |= INP_IPV4; inp->inp_vflag &= ~INP_IPV6; - if (prison_remote_ip4(td->td_ucred, &sin.sin_addr) != 0) { - error = EINVAL; + if ((error = prison_remote_ip4(td->td_ucred, + &sin.sin_addr)) != 0) goto out; - } if ((error = tcp_connect(tp, (struct sockaddr *)&sin, td)) != 0) goto out; error = tcp_output_connect(so, nam); @@ -540,10 +539,8 @@ tcp6_usr_connect(struct socket *so, stru inp->inp_vflag &= ~INP_IPV4; inp->inp_vflag |= INP_IPV6; inp->inp_inc.inc_isipv6 = 1; - if (prison_remote_ip6(td->td_ucred, &sin6p->sin6_addr) != 0) { - error = EINVAL; + if ((error = prison_remote_ip6(td->td_ucred, &sin6p->sin6_addr)) != 0) goto out; - } if ((error = tcp6_connect(tp, nam, td)) != 0) goto out; error = tcp_output_connect(so, nam); Modified: stable/7/sys/netinet/udp_usrreq.c ============================================================================== --- stable/7/sys/netinet/udp_usrreq.c Wed Feb 18 19:59:27 2009 (r188760) +++ stable/7/sys/netinet/udp_usrreq.c Wed Feb 18 20:12:08 2009 (r188761) @@ -938,10 +938,9 @@ udp_output(struct inpcb *inp, struct mbu * Jail may rewrite the destination address, so let it do *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-src-stable@FreeBSD.ORG Thu Feb 19 16:01:01 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 05BEA10656CE; Thu, 19 Feb 2009 16:01:01 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id DD0F08FC1D; Thu, 19 Feb 2009 16:01:00 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n1JG10vN001673; Thu, 19 Feb 2009 16:01:00 GMT (envelope-from kib@svn.freebsd.org) Received: (from kib@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n1JG10YG001669; Thu, 19 Feb 2009 16:01:00 GMT (envelope-from kib@svn.freebsd.org) Message-Id: <200902191601.n1JG10YG001669@svn.freebsd.org> From: Konstantin Belousov Date: Thu, 19 Feb 2009 16:01:00 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org X-SVN-Group: stable-7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r188817 - in stable/7/sys: . cddl/contrib/opensolaris/uts/common/fs cddl/contrib/opensolaris/uts/common/fs/zfs contrib/pf dev/ath/ath_hal dev/cxgb X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Feb 2009 16:01:02 -0000 Author: kib Date: Thu Feb 19 16:01:00 2009 New Revision: 188817 URL: http://svn.freebsd.org/changeset/base/188817 Log: Unbreak ZFS after the r188610: MFC r182781 (by pjd): Catch up after last insmntque() changes: - The vnode has to be locked exclusively before calling insmntque(). - Until I find a way to handle insmntque() failures use VV_FORCEINSMQ flag to force insmntque() to always succeed. MFC r182824 (by pjd): Lock vnode exclusively around insmntque(). MFC r182840 (by pjd): Initialize vp, so we don't call VOP_UNLOCK() with NULL vnode pointer. Tested by: cy, pjd No objections by: pjd Modified: stable/7/sys/ (props changed) stable/7/sys/cddl/contrib/opensolaris/uts/common/fs/gfs.c stable/7/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_ctldir.c stable/7/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c stable/7/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_znode.c stable/7/sys/contrib/pf/ (props changed) stable/7/sys/dev/ath/ath_hal/ (props changed) stable/7/sys/dev/cxgb/ (props changed) Modified: stable/7/sys/cddl/contrib/opensolaris/uts/common/fs/gfs.c ============================================================================== --- stable/7/sys/cddl/contrib/opensolaris/uts/common/fs/gfs.c Thu Feb 19 15:37:43 2009 (r188816) +++ stable/7/sys/cddl/contrib/opensolaris/uts/common/fs/gfs.c Thu Feb 19 16:01:00 2009 (r188817) @@ -358,6 +358,7 @@ gfs_file_create(size_t size, vnode_t *pv fp = kmem_zalloc(size, KM_SLEEP); error = getnewvnode("zfs", vfsp, ops, &vp); ASSERT(error == 0); + vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, curthread); vp->v_data = (caddr_t)fp; /* @@ -368,7 +369,9 @@ gfs_file_create(size_t size, vnode_t *pv fp->gfs_size = size; fp->gfs_type = GFS_FILE; + vp->v_vflag |= VV_FORCEINSMQ; error = insmntque(vp, vfsp); + vp->v_vflag &= ~VV_FORCEINSMQ; KASSERT(error == 0, ("insmntque() failed: error %d", error)); /* Modified: stable/7/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_ctldir.c ============================================================================== --- stable/7/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_ctldir.c Thu Feb 19 15:37:43 2009 (r188816) +++ stable/7/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_ctldir.c Thu Feb 19 16:01:00 2009 (r188817) @@ -176,6 +176,8 @@ zfsctl_create(zfsvfs_t *zfsvfs) vp->v_vflag &= ~VV_ROOT; zfsvfs->z_ctldir = vp; + + VOP_UNLOCK(vp, 0, curthread); } /* @@ -789,6 +791,7 @@ zfsctl_mknode_snapdir(vnode_t *pvp) mutex_init(&sdp->sd_lock, NULL, MUTEX_DEFAULT, NULL); avl_create(&sdp->sd_snaps, snapentry_compare, sizeof (zfs_snapentry_t), offsetof(zfs_snapentry_t, se_node)); + VOP_UNLOCK(vp, 0, curthread); return (vp); } @@ -862,6 +865,7 @@ zfsctl_snapshot_mknode(vnode_t *pvp, uin &zfsctl_ops_snapshot, NULL, NULL, MAXNAMELEN, NULL, NULL); zcp = vp->v_data; zcp->zc_id = objset; + VOP_UNLOCK(vp, 0, curthread); return (vp); } Modified: stable/7/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c ============================================================================== --- stable/7/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c Thu Feb 19 15:37:43 2009 (r188816) +++ stable/7/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c Thu Feb 19 16:01:00 2009 (r188817) @@ -1303,12 +1303,6 @@ top: } } out: - - if (error == 0) { - *vpp = ZTOV(zp); - vn_lock(*vpp, LK_EXCLUSIVE | LK_RETRY, td); - } - if (dl) zfs_dirent_unlock(dl); @@ -1588,8 +1582,6 @@ top: zfs_log_create(zilog, tx, TX_MKDIR, dzp, zp, dirname); dmu_tx_commit(tx); - vn_lock(*vpp, LK_EXCLUSIVE | LK_RETRY, curthread); - zfs_dirent_unlock(dl); ZFS_EXIT(zfsvfs); @@ -2773,7 +2765,6 @@ out: if (error == 0) { zfs_log_symlink(zilog, tx, TX_SYMLINK, dzp, zp, name, link); *vpp = ZTOV(zp); - vn_lock(*vpp, LK_EXCLUSIVE | LK_RETRY, td); } dmu_tx_commit(tx); Modified: stable/7/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_znode.c ============================================================================== --- stable/7/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_znode.c Thu Feb 19 15:37:43 2009 (r188816) +++ stable/7/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_znode.c Thu Feb 19 16:01:00 2009 (r188817) @@ -113,6 +113,7 @@ zfs_znode_cache_constructor(void *buf, v if (cdrarg != NULL) { error = getnewvnode("zfs", vfsp, &zfs_vnodeops, &vp); ASSERT(error == 0); + vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, curthread); zp->z_vnode = vp; vp->v_data = (caddr_t)zp; vp->v_vnlock->lk_flags |= LK_CANRECURSE; @@ -348,7 +349,9 @@ zfs_znode_alloc(zfsvfs_t *zfsvfs, dmu_bu if (vp == NULL) return (zp); + vp->v_vflag |= VV_FORCEINSMQ; error = insmntque(vp, zfsvfs->z_vfs); + vp->v_vflag &= ~VV_FORCEINSMQ; KASSERT(error == 0, ("insmntque() failed: error %d", error)); vp->v_type = IFTOVT((mode_t)zp->z_phys->zp_mode); @@ -535,8 +538,10 @@ zfs_mknode(znode_t *dzp, vattr_t *vap, u *zpp = zp; } else { - if (ZTOV(zp) != NULL) + if (ZTOV(zp) != NULL) { ZTOV(zp)->v_count = 0; + VOP_UNLOCK(ZTOV(zp), 0, curthread); + } dmu_buf_rele(dbp, NULL); zfs_znode_free(zp); } @@ -598,14 +603,18 @@ zfs_zget(zfsvfs_t *zfsvfs, uint64_t obj_ &zp->z_vnode); ASSERT(err == 0); vp = ZTOV(zp); + vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, curthread); vp->v_data = (caddr_t)zp; vp->v_vnlock->lk_flags |= LK_CANRECURSE; vp->v_vnlock->lk_flags &= ~LK_NOSHARE; vp->v_type = IFTOVT((mode_t)zp->z_phys->zp_mode); if (vp->v_type == VDIR) zp->z_zn_prefetch = B_TRUE; /* z_prefetch default is enabled */ + vp->v_vflag |= VV_FORCEINSMQ; err = insmntque(vp, zfsvfs->z_vfs); + vp->v_vflag &= ~VV_FORCEINSMQ; KASSERT(err == 0, ("insmntque() failed: error %d", err)); + VOP_UNLOCK(vp, 0, curthread); } mutex_exit(&zp->z_lock); ZFS_OBJ_HOLD_EXIT(zfsvfs, obj_num); @@ -621,6 +630,8 @@ zfs_zget(zfsvfs_t *zfsvfs, uint64_t obj_ zfs_znode_dmu_init(zp); ZFS_OBJ_HOLD_EXIT(zfsvfs, obj_num); *zpp = zp; + if ((vp = ZTOV(zp)) != NULL) + VOP_UNLOCK(vp, 0, curthread); return (0); } From owner-svn-src-stable@FreeBSD.ORG Thu Feb 19 21:29:31 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 15529106566C; Thu, 19 Feb 2009 21:29:31 +0000 (UTC) (envelope-from luigi@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 028A28FC15; Thu, 19 Feb 2009 21:29:31 +0000 (UTC) (envelope-from luigi@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n1JLTUCF008298; Thu, 19 Feb 2009 21:29:30 GMT (envelope-from luigi@svn.freebsd.org) Received: (from luigi@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n1JLTUq4008297; Thu, 19 Feb 2009 21:29:30 GMT (envelope-from luigi@svn.freebsd.org) Message-Id: <200902192129.n1JLTUq4008297@svn.freebsd.org> From: Luigi Rizzo Date: Thu, 19 Feb 2009 21:29:30 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org X-SVN-Group: stable-7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r188830 - stable/7/sys/netinet X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Feb 2009 21:29:32 -0000 Author: luigi Date: Thu Feb 19 21:29:30 2009 New Revision: 188830 URL: http://svn.freebsd.org/changeset/base/188830 Log: correct the spelling of a log message (missing "All "); on passing, rename a variable within a macro to reduce the chance of shadowing other variables with the same name Modified: stable/7/sys/netinet/ip_fw2.c Modified: stable/7/sys/netinet/ip_fw2.c ============================================================================== --- stable/7/sys/netinet/ip_fw2.c Thu Feb 19 20:45:37 2009 (r188829) +++ stable/7/sys/netinet/ip_fw2.c Thu Feb 19 21:29:30 2009 (r188830) @@ -2219,15 +2219,15 @@ ipfw_chk(struct ip_fw_args *args) * pointer might become stale after other pullups (but we never use it * this way). */ -#define PULLUP_TO(len, p, T) \ +#define PULLUP_TO(_len, p, T) \ do { \ - int x = (len) + sizeof(T); \ + int x = (_len) + sizeof(T); \ if ((m)->m_len < x) { \ args->m = m = m_pullup(m, x); \ if (m == NULL) \ goto pullup_failed; \ } \ - p = (mtod(m, char *) + (len)); \ + p = (mtod(m, char *) + (_len)); \ } while (0) /* @@ -3717,7 +3717,7 @@ zero_entry(struct ip_fw_chain *chain, u_ continue; clear_counters(rule, log_only); } - msg = log_only ? "logging counts reset" : + msg = log_only ? "All logging counts reset" : "Accounting cleared"; } else { int cleared = 0; From owner-svn-src-stable@FreeBSD.ORG Fri Feb 20 00:39:39 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D9B8C10656DF; Fri, 20 Feb 2009 00:39:39 +0000 (UTC) (envelope-from luigi@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id C40338FC23; Fri, 20 Feb 2009 00:39:39 +0000 (UTC) (envelope-from luigi@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n1K0ddKA011951; Fri, 20 Feb 2009 00:39:39 GMT (envelope-from luigi@svn.freebsd.org) Received: (from luigi@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n1K0ddVa011946; Fri, 20 Feb 2009 00:39:39 GMT (envelope-from luigi@svn.freebsd.org) Message-Id: <200902200039.n1K0ddVa011946@svn.freebsd.org> From: Luigi Rizzo Date: Fri, 20 Feb 2009 00:39:39 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org X-SVN-Group: stable-7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r188836 - stable/7/sbin/ipfw X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Feb 2009 00:39:42 -0000 Author: luigi Date: Fri Feb 20 00:39:39 2009 New Revision: 188836 URL: http://svn.freebsd.org/changeset/base/188836 Log: MFC: sync the ipfw code with the version in HEAD. The only new feature is that now one can write "table all {flush | list}" to act on all tables. Just for the records, there is one difference which probably has no practical importance; two "tos" flags are represented differently now: @@ -182,8 +182,8 @@ static struct _s_x f_iptos[] = { { "throughput", IPTOS_THROUGHPUT}, { "reliability", IPTOS_RELIABILITY}, { "mincost", IPTOS_MINCOST}, - { "congestion", IPTOS_CE}, - { "ecntransport", IPTOS_ECT}, + { "congestion", IPTOS_ECN_CE}, + { "ecntransport", IPTOS_ECN_ECT0}, { "ip tos option", 0}, { NULL, 0 } }; IPTOS_ECT = IPTOS_ECN_ECT0 = 2 so 'ecntransport' is the same. IPTOS_CE = 1, IPTOS_ECN_CE = 3 so 'congestion' is represented by a different codepoint, but this also reflects a different specification (RFC3168 obsoletes RFC2481) so the change is just adopting the new spec. Added: stable/7/sbin/ipfw/altq.c (contents, props changed) stable/7/sbin/ipfw/dummynet.c (contents, props changed) stable/7/sbin/ipfw/ipfw2.h (contents, props changed) stable/7/sbin/ipfw/ipv6.c (contents, props changed) stable/7/sbin/ipfw/main.c (contents, props changed) stable/7/sbin/ipfw/nat.c (contents, props changed) Modified: stable/7/sbin/ipfw/Makefile stable/7/sbin/ipfw/ipfw.8 stable/7/sbin/ipfw/ipfw2.c Modified: stable/7/sbin/ipfw/Makefile ============================================================================== --- stable/7/sbin/ipfw/Makefile Fri Feb 20 00:05:33 2009 (r188835) +++ stable/7/sbin/ipfw/Makefile Fri Feb 20 00:39:39 2009 (r188836) @@ -1,8 +1,8 @@ # $FreeBSD$ PROG= ipfw -SRCS= ipfw2.c -WARNS?= 0 +SRCS= ipfw2.c dummynet.c ipv6.c main.c nat.c altq.c +WARNS?= 2 MAN= ipfw.8 .include Added: stable/7/sbin/ipfw/altq.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ stable/7/sbin/ipfw/altq.c Fri Feb 20 00:39:39 2009 (r188836) @@ -0,0 +1,150 @@ +/* + * Copyright (c) 2002-2003 Luigi Rizzo + * Copyright (c) 1996 Alex Nash, Paul Traina, Poul-Henning Kamp + * Copyright (c) 1994 Ugen J.S.Antsilevich + * + * Idea and grammar partially left from: + * Copyright (c) 1993 Daniel Boulet + * + * Redistribution and use in source forms, with and without modification, + * are permitted provided that this entire comment appears intact. + * + * Redistribution in binary form may occur without any restrictions. + * Obviously, it would be nice if you gave credit where credit is due + * but requiring it would be too onerous. + * + * This software is provided ``AS IS'' without any warranties of any kind. + * + * NEW command line interface for IP firewall facility + * + * $FreeBSD$ + * + * altq interface + */ + +#include +#include +#include + +#include "ipfw2.h" + +#include +#include +#include +#include +#include +#include +#include +#include + +#include /* IFNAMSIZ */ +#include +#include + +/* + * Map between current altq queue id numbers and names. + */ +static TAILQ_HEAD(, pf_altq) altq_entries = + TAILQ_HEAD_INITIALIZER(altq_entries); + +void +altq_set_enabled(int enabled) +{ + int pffd; + + pffd = open("/dev/pf", O_RDWR); + if (pffd == -1) + err(EX_UNAVAILABLE, + "altq support opening pf(4) control device"); + if (enabled) { + if (ioctl(pffd, DIOCSTARTALTQ) != 0 && errno != EEXIST) + err(EX_UNAVAILABLE, "enabling altq"); + } else { + if (ioctl(pffd, DIOCSTOPALTQ) != 0 && errno != ENOENT) + err(EX_UNAVAILABLE, "disabling altq"); + } + close(pffd); +} + +static void +altq_fetch(void) +{ + struct pfioc_altq pfioc; + struct pf_altq *altq; + int pffd; + unsigned int mnr; + static int altq_fetched = 0; + + if (altq_fetched) + return; + altq_fetched = 1; + pffd = open("/dev/pf", O_RDONLY); + if (pffd == -1) { + warn("altq support opening pf(4) control device"); + return; + } + bzero(&pfioc, sizeof(pfioc)); + if (ioctl(pffd, DIOCGETALTQS, &pfioc) != 0) { + warn("altq support getting queue list"); + close(pffd); + return; + } + mnr = pfioc.nr; + for (pfioc.nr = 0; pfioc.nr < mnr; pfioc.nr++) { + if (ioctl(pffd, DIOCGETALTQ, &pfioc) != 0) { + if (errno == EBUSY) + break; + warn("altq support getting queue list"); + close(pffd); + return; + } + if (pfioc.altq.qid == 0) + continue; + altq = safe_calloc(1, sizeof(*altq)); + *altq = pfioc.altq; + TAILQ_INSERT_TAIL(&altq_entries, altq, entries); + } + close(pffd); +} + +u_int32_t +altq_name_to_qid(const char *name) +{ + struct pf_altq *altq; + + altq_fetch(); + TAILQ_FOREACH(altq, &altq_entries, entries) + if (strcmp(name, altq->qname) == 0) + break; + if (altq == NULL) + errx(EX_DATAERR, "altq has no queue named `%s'", name); + return altq->qid; +} + +const char * +altq_qid_to_name(u_int32_t qid) +{ + struct pf_altq *altq; + + altq_fetch(); + TAILQ_FOREACH(altq, &altq_entries, entries) + if (qid == altq->qid) + break; + if (altq == NULL) + return NULL; + return altq->qname; +} + +void +print_altq_cmd(ipfw_insn_altq *altqptr) +{ + if (altqptr) { + const char *qname; + + qname = altq_qid_to_name(altqptr->qid); + if (qname == NULL) + printf(" altq ?<%u>", altqptr->qid); + else + printf(" altq %s", qname); + } +} Added: stable/7/sbin/ipfw/dummynet.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ stable/7/sbin/ipfw/dummynet.c Fri Feb 20 00:39:39 2009 (r188836) @@ -0,0 +1,719 @@ +/* + * Copyright (c) 2002-2003 Luigi Rizzo + * Copyright (c) 1996 Alex Nash, Paul Traina, Poul-Henning Kamp + * Copyright (c) 1994 Ugen J.S.Antsilevich + * + * Idea and grammar partially left from: + * Copyright (c) 1993 Daniel Boulet + * + * Redistribution and use in source forms, with and without modification, + * are permitted provided that this entire comment appears intact. + * + * Redistribution in binary form may occur without any restrictions. + * Obviously, it would be nice if you gave credit where credit is due + * but requiring it would be too onerous. + * + * This software is provided ``AS IS'' without any warranties of any kind. + * + * NEW command line interface for IP firewall facility + * + * $FreeBSD$ + * + * dummynet support + */ + +#include +#include +#include +/* XXX there are several sysctl leftover here */ +#include + +#include "ipfw2.h" + +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include /* inet_ntoa */ + +static struct _s_x dummynet_params[] = { + { "plr", TOK_PLR }, + { "noerror", TOK_NOERROR }, + { "buckets", TOK_BUCKETS }, + { "dst-ip", TOK_DSTIP }, + { "src-ip", TOK_SRCIP }, + { "dst-port", TOK_DSTPORT }, + { "src-port", TOK_SRCPORT }, + { "proto", TOK_PROTO }, + { "weight", TOK_WEIGHT }, + { "all", TOK_ALL }, + { "mask", TOK_MASK }, + { "droptail", TOK_DROPTAIL }, + { "red", TOK_RED }, + { "gred", TOK_GRED }, + { "bw", TOK_BW }, + { "bandwidth", TOK_BW }, + { "delay", TOK_DELAY }, + { "pipe", TOK_PIPE }, + { "queue", TOK_QUEUE }, + { "flow-id", TOK_FLOWID}, + { "dst-ipv6", TOK_DSTIP6}, + { "dst-ip6", TOK_DSTIP6}, + { "src-ipv6", TOK_SRCIP6}, + { "src-ip6", TOK_SRCIP6}, + { "dummynet-params", TOK_NULL }, + { NULL, 0 } /* terminator */ +}; + +static int +sort_q(const void *pa, const void *pb) +{ + int rev = (co.do_sort < 0); + int field = rev ? -co.do_sort : co.do_sort; + long long res = 0; + const struct dn_flow_queue *a = pa; + const struct dn_flow_queue *b = pb; + + switch (field) { + case 1: /* pkts */ + res = a->len - b->len; + break; + case 2: /* bytes */ + res = a->len_bytes - b->len_bytes; + break; + + case 3: /* tot pkts */ + res = a->tot_pkts - b->tot_pkts; + break; + + case 4: /* tot bytes */ + res = a->tot_bytes - b->tot_bytes; + break; + } + if (res < 0) + res = -1; + if (res > 0) + res = 1; + return (int)(rev ? res : -res); +} + +static void +list_queues(struct dn_flow_set *fs, struct dn_flow_queue *q) +{ + int l; + int index_printed, indexes = 0; + char buff[255]; + struct protoent *pe; + + if (fs->rq_elements == 0) + return; + + if (co.do_sort != 0) + heapsort(q, fs->rq_elements, sizeof *q, sort_q); + + /* Print IPv4 flows */ + index_printed = 0; + for (l = 0; l < fs->rq_elements; l++) { + struct in_addr ina; + + /* XXX: Should check for IPv4 flows */ + if (IS_IP6_FLOW_ID(&(q[l].id))) + continue; + + if (!index_printed) { + index_printed = 1; + if (indexes > 0) /* currently a no-op */ + printf("\n"); + indexes++; + printf(" " + "mask: 0x%02x 0x%08x/0x%04x -> 0x%08x/0x%04x\n", + fs->flow_mask.proto, + fs->flow_mask.src_ip, fs->flow_mask.src_port, + fs->flow_mask.dst_ip, fs->flow_mask.dst_port); + + printf("BKT Prot ___Source IP/port____ " + "____Dest. IP/port____ " + "Tot_pkt/bytes Pkt/Byte Drp\n"); + } + + printf("%3d ", q[l].hash_slot); + pe = getprotobynumber(q[l].id.proto); + if (pe) + printf("%-4s ", pe->p_name); + else + printf("%4u ", q[l].id.proto); + ina.s_addr = htonl(q[l].id.src_ip); + printf("%15s/%-5d ", + inet_ntoa(ina), q[l].id.src_port); + ina.s_addr = htonl(q[l].id.dst_ip); + printf("%15s/%-5d ", + inet_ntoa(ina), q[l].id.dst_port); + printf("%4llu %8llu %2u %4u %3u\n", + align_uint64(&q[l].tot_pkts), + align_uint64(&q[l].tot_bytes), + q[l].len, q[l].len_bytes, q[l].drops); + if (co.verbose) + printf(" S %20llu F %20llu\n", + align_uint64(&q[l].S), align_uint64(&q[l].F)); + } + + /* Print IPv6 flows */ + index_printed = 0; + for (l = 0; l < fs->rq_elements; l++) { + if (!IS_IP6_FLOW_ID(&(q[l].id))) + continue; + + if (!index_printed) { + index_printed = 1; + if (indexes > 0) + printf("\n"); + indexes++; + printf("\n mask: proto: 0x%02x, flow_id: 0x%08x, ", + fs->flow_mask.proto, fs->flow_mask.flow_id6); + inet_ntop(AF_INET6, &(fs->flow_mask.src_ip6), + buff, sizeof(buff)); + printf("%s/0x%04x -> ", buff, fs->flow_mask.src_port); + inet_ntop( AF_INET6, &(fs->flow_mask.dst_ip6), + buff, sizeof(buff) ); + printf("%s/0x%04x\n", buff, fs->flow_mask.dst_port); + + printf("BKT ___Prot___ _flow-id_ " + "______________Source IPv6/port_______________ " + "_______________Dest. IPv6/port_______________ " + "Tot_pkt/bytes Pkt/Byte Drp\n"); + } + printf("%3d ", q[l].hash_slot); + pe = getprotobynumber(q[l].id.proto); + if (pe != NULL) + printf("%9s ", pe->p_name); + else + printf("%9u ", q[l].id.proto); + printf("%7d %39s/%-5d ", q[l].id.flow_id6, + inet_ntop(AF_INET6, &(q[l].id.src_ip6), buff, sizeof(buff)), + q[l].id.src_port); + printf(" %39s/%-5d ", + inet_ntop(AF_INET6, &(q[l].id.dst_ip6), buff, sizeof(buff)), + q[l].id.dst_port); + printf(" %4llu %8llu %2u %4u %3u\n", + align_uint64(&q[l].tot_pkts), + align_uint64(&q[l].tot_bytes), + q[l].len, q[l].len_bytes, q[l].drops); + if (co.verbose) + printf(" S %20llu F %20llu\n", + align_uint64(&q[l].S), + align_uint64(&q[l].F)); + } +} + +static void +print_flowset_parms(struct dn_flow_set *fs, char *prefix) +{ + int l; + char qs[30]; + char plr[30]; + char red[90]; /* Display RED parameters */ + + l = fs->qsize; + if (fs->flags_fs & DN_QSIZE_IS_BYTES) { + if (l >= 8192) + sprintf(qs, "%d KB", l / 1024); + else + sprintf(qs, "%d B", l); + } else + sprintf(qs, "%3d sl.", l); + if (fs->plr) + sprintf(plr, "plr %f", 1.0 * fs->plr / (double)(0x7fffffff)); + else + plr[0] = '\0'; + if (fs->flags_fs & DN_IS_RED) /* RED parameters */ + sprintf(red, + "\n\t %cRED w_q %f min_th %d max_th %d max_p %f", + (fs->flags_fs & DN_IS_GENTLE_RED) ? 'G' : ' ', + 1.0 * fs->w_q / (double)(1 << SCALE_RED), + SCALE_VAL(fs->min_th), + SCALE_VAL(fs->max_th), + 1.0 * fs->max_p / (double)(1 << SCALE_RED)); + else + sprintf(red, "droptail"); + + printf("%s %s%s %d queues (%d buckets) %s\n", + prefix, qs, plr, fs->rq_elements, fs->rq_size, red); +} + +void +ipfw_list_pipes(void *data, uint nbytes, int ac, char *av[]) +{ + int rulenum; + void *next = data; + struct dn_pipe *p = (struct dn_pipe *) data; + struct dn_flow_set *fs; + struct dn_flow_queue *q; + int l; + + if (ac > 0) + rulenum = strtoul(*av++, NULL, 10); + else + rulenum = 0; + for (; nbytes >= sizeof *p; p = (struct dn_pipe *)next) { + double b = p->bandwidth; + char buf[30]; + char prefix[80]; + + if (SLIST_NEXT(p, next) != (struct dn_pipe *)DN_IS_PIPE) + break; /* done with pipes, now queues */ + + /* + * compute length, as pipe have variable size + */ + l = sizeof(*p) + p->fs.rq_elements * sizeof(*q); + next = (char *)p + l; + nbytes -= l; + + if ((rulenum != 0 && rulenum != p->pipe_nr) || co.do_pipe == 2) + continue; + + /* + * Print rate (or clocking interface) + */ + if (p->if_name[0] != '\0') + sprintf(buf, "%s", p->if_name); + else if (b == 0) + sprintf(buf, "unlimited"); + else if (b >= 1000000) + sprintf(buf, "%7.3f Mbit/s", b/1000000); + else if (b >= 1000) + sprintf(buf, "%7.3f Kbit/s", b/1000); + else + sprintf(buf, "%7.3f bit/s ", b); + + sprintf(prefix, "%05d: %s %4d ms ", + p->pipe_nr, buf, p->delay); + print_flowset_parms(&(p->fs), prefix); + if (co.verbose) + printf(" V %20llu\n", align_uint64(&p->V) >> MY_M); + + q = (struct dn_flow_queue *)(p+1); + list_queues(&(p->fs), q); + } + for (fs = next; nbytes >= sizeof *fs; fs = next) { + char prefix[80]; + + if (SLIST_NEXT(fs, next) != (struct dn_flow_set *)DN_IS_QUEUE) + break; + l = sizeof(*fs) + fs->rq_elements * sizeof(*q); + next = (char *)fs + l; + nbytes -= l; + + if (rulenum != 0 && ((rulenum != fs->fs_nr && co.do_pipe == 2) || + (rulenum != fs->parent_nr && co.do_pipe == 1))) { + continue; + } + + q = (struct dn_flow_queue *)(fs+1); + sprintf(prefix, "q%05d: weight %d pipe %d ", + fs->fs_nr, fs->weight, fs->parent_nr); + print_flowset_parms(fs, prefix); + list_queues(fs, q); + } +} + +/* + * Delete pipe or queue i + */ +int +ipfw_delete_pipe(int pipe_or_queue, int i) +{ + struct dn_pipe p; + + memset(&p, 0, sizeof p); + if (pipe_or_queue == 1) + p.pipe_nr = i; /* pipe */ + else + p.fs.fs_nr = i; /* queue */ + i = do_cmd(IP_DUMMYNET_DEL, &p, sizeof p); + if (i) { + i = 1; + warn("rule %u: setsockopt(IP_DUMMYNET_DEL)", i); + } + return i; +} + +void +ipfw_config_pipe(int ac, char **av) +{ + struct dn_pipe p; + int i; + char *end; + void *par = NULL; + + memset(&p, 0, sizeof p); + + av++; ac--; + /* Pipe number */ + if (ac && isdigit(**av)) { + i = atoi(*av); av++; ac--; + if (co.do_pipe == 1) + p.pipe_nr = i; + else + p.fs.fs_nr = i; + } + while (ac > 0) { + double d; + int tok = match_token(dummynet_params, *av); + ac--; av++; + + switch(tok) { + case TOK_NOERROR: + p.fs.flags_fs |= DN_NOERROR; + break; + + case TOK_PLR: + NEED1("plr needs argument 0..1\n"); + d = strtod(av[0], NULL); + if (d > 1) + d = 1; + else if (d < 0) + d = 0; + p.fs.plr = (int)(d*0x7fffffff); + ac--; av++; + break; + + case TOK_QUEUE: + NEED1("queue needs queue size\n"); + end = NULL; + p.fs.qsize = strtoul(av[0], &end, 0); + if (*end == 'K' || *end == 'k') { + p.fs.flags_fs |= DN_QSIZE_IS_BYTES; + p.fs.qsize *= 1024; + } else if (*end == 'B' || + _substrcmp2(end, "by", "bytes") == 0) { + p.fs.flags_fs |= DN_QSIZE_IS_BYTES; + } + ac--; av++; + break; + + case TOK_BUCKETS: + NEED1("buckets needs argument\n"); + p.fs.rq_size = strtoul(av[0], NULL, 0); + ac--; av++; + break; + + case TOK_MASK: + NEED1("mask needs mask specifier\n"); + /* + * per-flow queue, mask is dst_ip, dst_port, + * src_ip, src_port, proto measured in bits + */ + par = NULL; + + bzero(&p.fs.flow_mask, sizeof(p.fs.flow_mask)); + end = NULL; + + while (ac >= 1) { + uint32_t *p32 = NULL; + uint16_t *p16 = NULL; + uint32_t *p20 = NULL; + struct in6_addr *pa6 = NULL; + uint32_t a; + + tok = match_token(dummynet_params, *av); + ac--; av++; + switch(tok) { + case TOK_ALL: + /* + * special case, all bits significant + */ + p.fs.flow_mask.dst_ip = ~0; + p.fs.flow_mask.src_ip = ~0; + p.fs.flow_mask.dst_port = ~0; + p.fs.flow_mask.src_port = ~0; + p.fs.flow_mask.proto = ~0; + n2mask(&(p.fs.flow_mask.dst_ip6), 128); + n2mask(&(p.fs.flow_mask.src_ip6), 128); + p.fs.flow_mask.flow_id6 = ~0; + p.fs.flags_fs |= DN_HAVE_FLOW_MASK; + goto end_mask; + + case TOK_DSTIP: + p32 = &p.fs.flow_mask.dst_ip; + break; + + case TOK_SRCIP: + p32 = &p.fs.flow_mask.src_ip; + break; + + case TOK_DSTIP6: + pa6 = &(p.fs.flow_mask.dst_ip6); + break; + + case TOK_SRCIP6: + pa6 = &(p.fs.flow_mask.src_ip6); + break; + + case TOK_FLOWID: + p20 = &p.fs.flow_mask.flow_id6; + break; + + case TOK_DSTPORT: + p16 = &p.fs.flow_mask.dst_port; + break; + + case TOK_SRCPORT: + p16 = &p.fs.flow_mask.src_port; + break; + + case TOK_PROTO: + break; + + default: + ac++; av--; /* backtrack */ + goto end_mask; + } + if (ac < 1) + errx(EX_USAGE, "mask: value missing"); + if (*av[0] == '/') { + a = strtoul(av[0]+1, &end, 0); + if (pa6 == NULL) + a = (a == 32) ? ~0 : (1 << a) - 1; + } else + a = strtoul(av[0], &end, 0); + if (p32 != NULL) + *p32 = a; + else if (p16 != NULL) { + if (a > 0xFFFF) + errx(EX_DATAERR, + "port mask must be 16 bit"); + *p16 = (uint16_t)a; + } else if (p20 != NULL) { + if (a > 0xfffff) + errx(EX_DATAERR, + "flow_id mask must be 20 bit"); + *p20 = (uint32_t)a; + } else if (pa6 != NULL) { + if (a > 128) + errx(EX_DATAERR, + "in6addr invalid mask len"); + else + n2mask(pa6, a); + } else { + if (a > 0xFF) + errx(EX_DATAERR, + "proto mask must be 8 bit"); + p.fs.flow_mask.proto = (uint8_t)a; + } + if (a != 0) + p.fs.flags_fs |= DN_HAVE_FLOW_MASK; + ac--; av++; + } /* end while, config masks */ +end_mask: + break; + + case TOK_RED: + case TOK_GRED: + NEED1("red/gred needs w_q/min_th/max_th/max_p\n"); + p.fs.flags_fs |= DN_IS_RED; + if (tok == TOK_GRED) + p.fs.flags_fs |= DN_IS_GENTLE_RED; + /* + * the format for parameters is w_q/min_th/max_th/max_p + */ + if ((end = strsep(&av[0], "/"))) { + double w_q = strtod(end, NULL); + if (w_q > 1 || w_q <= 0) + errx(EX_DATAERR, "0 < w_q <= 1"); + p.fs.w_q = (int) (w_q * (1 << SCALE_RED)); + } + if ((end = strsep(&av[0], "/"))) { + p.fs.min_th = strtoul(end, &end, 0); + if (*end == 'K' || *end == 'k') + p.fs.min_th *= 1024; + } + if ((end = strsep(&av[0], "/"))) { + p.fs.max_th = strtoul(end, &end, 0); + if (*end == 'K' || *end == 'k') + p.fs.max_th *= 1024; + } + if ((end = strsep(&av[0], "/"))) { + double max_p = strtod(end, NULL); + if (max_p > 1 || max_p <= 0) + errx(EX_DATAERR, "0 < max_p <= 1"); + p.fs.max_p = (int)(max_p * (1 << SCALE_RED)); + } + ac--; av++; + break; + + case TOK_DROPTAIL: + p.fs.flags_fs &= ~(DN_IS_RED|DN_IS_GENTLE_RED); + break; + + case TOK_BW: + NEED1("bw needs bandwidth or interface\n"); + if (co.do_pipe != 1) + errx(EX_DATAERR, "bandwidth only valid for pipes"); + /* + * set clocking interface or bandwidth value + */ + if (av[0][0] >= 'a' && av[0][0] <= 'z') { + int l = sizeof(p.if_name)-1; + /* interface name */ + strncpy(p.if_name, av[0], l); + p.if_name[l] = '\0'; + p.bandwidth = 0; + } else { + p.if_name[0] = '\0'; + p.bandwidth = strtoul(av[0], &end, 0); + if (*end == 'K' || *end == 'k') { + end++; + p.bandwidth *= 1000; + } else if (*end == 'M') { + end++; + p.bandwidth *= 1000000; + } + if ((*end == 'B' && + _substrcmp2(end, "Bi", "Bit/s") != 0) || + _substrcmp2(end, "by", "bytes") == 0) + p.bandwidth *= 8; + if (p.bandwidth < 0) + errx(EX_DATAERR, "bandwidth too large"); + } + ac--; av++; + break; + + case TOK_DELAY: + if (co.do_pipe != 1) + errx(EX_DATAERR, "delay only valid for pipes"); + NEED1("delay needs argument 0..10000ms\n"); + p.delay = strtoul(av[0], NULL, 0); + ac--; av++; + break; + + case TOK_WEIGHT: + if (co.do_pipe == 1) + errx(EX_DATAERR,"weight only valid for queues"); + NEED1("weight needs argument 0..100\n"); + p.fs.weight = strtoul(av[0], &end, 0); + ac--; av++; + break; + + case TOK_PIPE: + if (co.do_pipe == 1) + errx(EX_DATAERR,"pipe only valid for queues"); + NEED1("pipe needs pipe_number\n"); + p.fs.parent_nr = strtoul(av[0], &end, 0); + ac--; av++; + break; + + default: + errx(EX_DATAERR, "unrecognised option ``%s''", av[-1]); + } + } + if (co.do_pipe == 1) { + if (p.pipe_nr == 0) + errx(EX_DATAERR, "pipe_nr must be > 0"); + if (p.delay > 10000) + errx(EX_DATAERR, "delay must be < 10000"); + } else { /* co.do_pipe == 2, queue */ + if (p.fs.parent_nr == 0) + errx(EX_DATAERR, "pipe must be > 0"); + if (p.fs.weight >100) + errx(EX_DATAERR, "weight must be <= 100"); + } + if (p.fs.flags_fs & DN_QSIZE_IS_BYTES) { + size_t len; + long limit; + + len = sizeof(limit); + if (sysctlbyname("net.inet.ip.dummynet.pipe_byte_limit", + &limit, &len, NULL, 0) == -1) + limit = 1024*1024; + if (p.fs.qsize > limit) + errx(EX_DATAERR, "queue size must be < %ldB", limit); + } else { + size_t len; + long limit; + + len = sizeof(limit); + if (sysctlbyname("net.inet.ip.dummynet.pipe_slot_limit", + &limit, &len, NULL, 0) == -1) + limit = 100; + if (p.fs.qsize > limit) + errx(EX_DATAERR, "2 <= queue size <= %ld", limit); + } + if (p.fs.flags_fs & DN_IS_RED) { + size_t len; + int lookup_depth, avg_pkt_size; + double s, idle, weight, w_q; + struct clockinfo ck; + int t; + + if (p.fs.min_th >= p.fs.max_th) + errx(EX_DATAERR, "min_th %d must be < than max_th %d", + p.fs.min_th, p.fs.max_th); + if (p.fs.max_th == 0) + errx(EX_DATAERR, "max_th must be > 0"); + + len = sizeof(int); + if (sysctlbyname("net.inet.ip.dummynet.red_lookup_depth", + &lookup_depth, &len, NULL, 0) == -1) + errx(1, "sysctlbyname(\"%s\")", + "net.inet.ip.dummynet.red_lookup_depth"); + if (lookup_depth == 0) + errx(EX_DATAERR, "net.inet.ip.dummynet.red_lookup_depth" + " must be greater than zero"); + + len = sizeof(int); + if (sysctlbyname("net.inet.ip.dummynet.red_avg_pkt_size", + &avg_pkt_size, &len, NULL, 0) == -1) + + errx(1, "sysctlbyname(\"%s\")", + "net.inet.ip.dummynet.red_avg_pkt_size"); + if (avg_pkt_size == 0) + errx(EX_DATAERR, + "net.inet.ip.dummynet.red_avg_pkt_size must" + " be greater than zero"); + + len = sizeof(struct clockinfo); + if (sysctlbyname("kern.clockrate", &ck, &len, NULL, 0) == -1) + errx(1, "sysctlbyname(\"%s\")", "kern.clockrate"); + + /* + * Ticks needed for sending a medium-sized packet. + * Unfortunately, when we are configuring a WF2Q+ queue, we + * do not have bandwidth information, because that is stored + * in the parent pipe, and also we have multiple queues + * competing for it. So we set s=0, which is not very + * correct. But on the other hand, why do we want RED with + * WF2Q+ ? + */ + if (p.bandwidth==0) /* this is a WF2Q+ queue */ + s = 0; + else + s = (double)ck.hz * avg_pkt_size * 8 / p.bandwidth; + + /* + * max idle time (in ticks) before avg queue size becomes 0. + * NOTA: (3/w_q) is approx the value x so that + * (1-w_q)^x < 10^-3. + */ + w_q = ((double)p.fs.w_q) / (1 << SCALE_RED); + idle = s * 3. / w_q; + p.fs.lookup_step = (int)idle / lookup_depth; + if (!p.fs.lookup_step) + p.fs.lookup_step = 1; + weight = 1 - w_q; + for (t = p.fs.lookup_step; t > 1; --t) + weight *= 1 - w_q; + p.fs.lookup_weight = (int)(weight * (1 << SCALE_RED)); + } + i = do_cmd(IP_DUMMYNET_CONFIGURE, &p, sizeof p); + if (i) + err(1, "setsockopt(%s)", "IP_DUMMYNET_CONFIGURE"); +} Modified: stable/7/sbin/ipfw/ipfw.8 ============================================================================== --- stable/7/sbin/ipfw/ipfw.8 Fri Feb 20 00:05:33 2009 (r188835) +++ stable/7/sbin/ipfw/ipfw.8 Fri Feb 20 00:39:39 2009 (r188836) @@ -1,7 +1,7 @@ .\" .\" $FreeBSD$ .\" -.Dd August 5, 2007 +.Dd September 27, 2008 .Dt IPFW 8 .Os .Sh NAME @@ -49,9 +49,13 @@ .Nm .Cm table Ar number Cm delete Ar addr Ns Op / Ns Ar masklen .Nm -.Cm table Ar number Cm flush +.Cm table +.Brq Ar number | all +.Cm flush .Nm -.Cm table Ar number Cm list +.Cm table +.Brq Ar number | all +.Cm list .Pp .Nm .Brq Cm pipe | queue @@ -537,7 +541,7 @@ A match is only declared with the specif This can be useful for a number of applications such as random packet drop or (in conjunction with -.Xr dummynet 4 ) +.Nm dummynet ) to simulate the effect of multiple paths leading to out-of-order packet delivery. .Pp @@ -553,7 +557,7 @@ with a .Dv LOG_SECURITY facility. The logging only occurs if the sysctl variable -.Em net.inet.ip.fw.verbose +.Va net.inet.ip.fw.verbose is set to 1 (which is the default when the kernel is compiled with .Dv IPFIREWALL_VERBOSE ) @@ -564,7 +568,7 @@ parameter. If no .Cm logamount is specified, the limit is taken from the sysctl variable -.Em net.inet.ip.fw.verbose_limit . +.Va net.inet.ip.fw.verbose_limit . In both cases, a value of 0 removes the logging limit. .Pp Once the limit is reached, logging can be re-enabled by @@ -666,7 +670,7 @@ and .Nm .Cm disable Ar altq . The usage of -.Em net.inet.ip.fw.one_pass +.Va net.inet.ip.fw.one_pass is irrelevant to ALTQ traffic shaping, as the actual rule action is followed always after adding an ALTQ tag. .El @@ -760,7 +764,7 @@ see the Section for further information. .It Cm pipe Ar pipe_nr Pass packet to a -.Xr dummynet 4 +.Nm dummynet .Dq pipe (for bandwidth limitation, delay, etc.). See the @@ -770,12 +774,12 @@ The search terminates; however, on exit the .Xr sysctl 8 variable -.Em net.inet.ip.fw.one_pass +.Va net.inet.ip.fw.one_pass is not set, the packet is passed again to the firewall code starting from the next rule. .It Cm queue Ar queue_nr Pass packet to a -.Xr dummynet 4 +.Nm dummynet .Dq queue (for bandwidth limitation using WF2Q+). .It Cm reject @@ -841,12 +845,12 @@ Divert packet into netgraph with given The search terminates. If packet is later returned from netgraph it is either accepted or continues with the next rule, depending on -.Em net.inet.ip.fw.one_pass +.Va net.inet.ip.fw.one_pass sysctl variable. .It Cm ngtee Ar cookie A copy of packet is diverted into netgraph, original packet is either accepted or continues with the next rule, depending on -.Em net.inet.ip.fw.one_pass +.Va net.inet.ip.fw.one_pass sysctl variable. See .Xr ng_ipfw 4 @@ -1193,7 +1197,7 @@ Matches ICMP packets whose ICMP type is .Ar types . The list may be specified as any combination of individual types (numeric) separated by commas. -.Em Ranges are not allowed. +.Em Ranges are not allowed . The supported ICMP types are: .Pp echo reply @@ -1231,7 +1235,7 @@ Matches ICMP6 packets whose ICMP6 type i *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-src-stable@FreeBSD.ORG Fri Feb 20 07:10:33 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 839C1106566C; Fri, 20 Feb 2009 07:10:33 +0000 (UTC) (envelope-from maxim@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 7150F8FC0C; Fri, 20 Feb 2009 07:10:33 +0000 (UTC) (envelope-from maxim@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n1K7AXu1019622; Fri, 20 Feb 2009 07:10:33 GMT (envelope-from maxim@svn.freebsd.org) Received: (from maxim@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n1K7AX1E019621; Fri, 20 Feb 2009 07:10:33 GMT (envelope-from maxim@svn.freebsd.org) Message-Id: <200902200710.n1K7AX1E019621@svn.freebsd.org> From: Maxim Konovalov Date: Fri, 20 Feb 2009 07:10:33 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org X-SVN-Group: stable-7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r188841 - stable/7/usr.bin/stat X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Feb 2009 07:10:34 -0000 Author: maxim Date: Fri Feb 20 07:10:33 2009 New Revision: 188841 URL: http://svn.freebsd.org/changeset/base/188841 Log: MFC r188481: print an octal representation of suid, sgid and sticky bits with -x flag. Modified: stable/7/usr.bin/stat/ (props changed) stable/7/usr.bin/stat/stat.c Modified: stable/7/usr.bin/stat/stat.c ============================================================================== --- stable/7/usr.bin/stat/stat.c Fri Feb 20 06:10:12 2009 (r188840) +++ stable/7/usr.bin/stat/stat.c Fri Feb 20 07:10:33 2009 (r188841) @@ -108,7 +108,7 @@ __FBSDID("$FreeBSD$"); #define LINUX_FORMAT \ " File: \"%N\"%n" \ " Size: %-11z FileType: %HT%n" \ - " Mode: (%04OLp/%.10Sp) Uid: (%5u/%8Su) Gid: (%5g/%8Sg)%n" \ + " Mode: (%OMp%03OLp/%.10Sp) Uid: (%5u/%8Su) Gid: (%5g/%8Sg)%n" \ "Device: %Hd,%Ld Inode: %i Links: %l%n" \ "Access: %Sa%n" \ "Modify: %Sm%n" \ From owner-svn-src-stable@FreeBSD.ORG Fri Feb 20 07:17:08 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 122F41065672; Fri, 20 Feb 2009 07:17:07 +0000 (UTC) (envelope-from maxim@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 325968FC1C; Fri, 20 Feb 2009 07:17:07 +0000 (UTC) (envelope-from maxim@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n1K7H6NG019774; Fri, 20 Feb 2009 07:17:06 GMT (envelope-from maxim@svn.freebsd.org) Received: (from maxim@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n1K7H6fi019773; Fri, 20 Feb 2009 07:17:06 GMT (envelope-from maxim@svn.freebsd.org) Message-Id: <200902200717.n1K7H6fi019773@svn.freebsd.org> From: Maxim Konovalov Date: Fri, 20 Feb 2009 07:17:06 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org X-SVN-Group: stable-7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r188842 - in stable/7/sys: . contrib/pf dev/ath/ath_hal dev/cxgb net X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Feb 2009 07:17:09 -0000 Author: maxim Date: Fri Feb 20 07:17:06 2009 New Revision: 188842 URL: http://svn.freebsd.org/changeset/base/188842 Log: MFC r188575: don't leak a device unit number. Modified: stable/7/sys/ (props changed) stable/7/sys/contrib/pf/ (props changed) stable/7/sys/dev/ath/ath_hal/ (props changed) stable/7/sys/dev/cxgb/ (props changed) stable/7/sys/net/if_vlan.c Modified: stable/7/sys/net/if_vlan.c ============================================================================== --- stable/7/sys/net/if_vlan.c Fri Feb 20 07:10:33 2009 (r188841) +++ stable/7/sys/net/if_vlan.c Fri Feb 20 07:17:06 2009 (r188842) @@ -740,6 +740,7 @@ vlan_clone_create(struct if_clone *ifc, ether_ifdetach(ifp); vlan_unconfig(ifp); if_free_type(ifp, IFT_ETHER); + ifc_free_unit(ifc, unit); free(ifv, M_VLAN); return (error); From owner-svn-src-stable@FreeBSD.ORG Fri Feb 20 07:23:00 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5672B106566B; Fri, 20 Feb 2009 07:23:00 +0000 (UTC) (envelope-from maxim@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 440BC8FC1A; Fri, 20 Feb 2009 07:23:00 +0000 (UTC) (envelope-from maxim@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n1K7MwQV019968; Fri, 20 Feb 2009 07:22:58 GMT (envelope-from maxim@svn.freebsd.org) Received: (from maxim@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n1K7Mwga019967; Fri, 20 Feb 2009 07:22:58 GMT (envelope-from maxim@svn.freebsd.org) Message-Id: <200902200722.n1K7Mwga019967@svn.freebsd.org> From: Maxim Konovalov Date: Fri, 20 Feb 2009 07:22:58 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org X-SVN-Group: stable-7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r188843 - stable/7/share/misc X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Feb 2009 07:23:01 -0000 Author: maxim Date: Fri Feb 20 07:22:58 2009 New Revision: 188843 URL: http://svn.freebsd.org/changeset/base/188843 Log: MFC r188749,188759: DragonFly 2.2.0. Modified: stable/7/share/misc/ (props changed) stable/7/share/misc/bsd-family-tree Modified: stable/7/share/misc/bsd-family-tree ============================================================================== --- stable/7/share/misc/bsd-family-tree Fri Feb 20 07:17:06 2009 (r188842) +++ stable/7/share/misc/bsd-family-tree Fri Feb 20 07:22:58 2009 (r188843) @@ -226,7 +226,7 @@ FreeBSD 5.2 | | | | 6.4 | | | | | | | | | | | FreeBSD 7.1 | | | | - | | | | | | + | | | | | DragonFly 2.2.0 | V | | | | | | | | | FreeBSD 8 -current | NetBSD -current OpenBSD -current | @@ -495,6 +495,7 @@ DragonFly 2.0.0 2008-07-21 [DFB] OpenBSD 4.4 2008-11-01 [OBD] FreeBSD 6.4 2008-11-28 [FBD] FreeBSD 7.1 2009-01-04 [FBD] +DragonFly 2.2.0 2009-02-17 [DFB] Bibliography ------------------------ From owner-svn-src-stable@FreeBSD.ORG Sat Feb 21 12:56:23 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 500E81065673; Sat, 21 Feb 2009 12:56:23 +0000 (UTC) (envelope-from kris@FreeBSD.org) Received: from dhcp-172-28-77-108.eur.corp.google.com (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id D5B8D8FC23; Sat, 21 Feb 2009 12:56:20 +0000 (UTC) (envelope-from kris@FreeBSD.org) Message-ID: <499FF9F2.3030408@FreeBSD.org> Date: Sat, 21 Feb 2009 12:56:18 +0000 From: Kris Kennaway User-Agent: Thunderbird 2.0.0.19 (Macintosh/20081209) MIME-Version: 1.0 To: John Baldwin References: <200902171957.n1HJvqk8026145@svn.freebsd.org> <499BC43B.6030701@incunabulum.net> <200902180949.32691.jhb@freebsd.org> In-Reply-To: <200902180949.32691.jhb@freebsd.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: svn-src-stable-7@freebsd.org, svn-src-stable@freebsd.org, svn-src-all@freebsd.org, Bruce Simpson , src-committers@freebsd.org Subject: Re: svn commit: r188727 - in stable/7: sys sys/contrib/pf sys/dev/ath/ath_hal sys/dev/cxgb sys/kern sys/modules/sem sys/sys tools/regression/posixsem usr.bin/procstat X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Feb 2009 12:56:24 -0000 John Baldwin wrote: > On Wednesday 18 February 2009 3:18:03 am Bruce Simpson wrote: >> John Baldwin wrote: >>> Author: jhb >>> Date: Tue Feb 17 19:57:52 2009 >>> New Revision: 188727 >>> URL: http://svn.freebsd.org/changeset/base/188727 >>> >>> Log: >>> MFC: Rework the lifetime management of the kernel implementation of > POSIX >>> semaphores. Specifically, semaphores are now represented as new file >>> descriptor type that is set to close on exec. This removes the need for >>> all of the manual process reference counting (and fork, exec, and exit >>> event handlers) as the normal file descriptor operations handle all of >>> that for us nicely. It is also suggested as one possible implementation >>> in the spec and at least one other OS (OS X) uses this approach. >> FYI: >> This change *may* fix Python 2.6's 'multiprocessing' module on FreeBSD >> 7-STABLE, which is known to have problems there; it depends on POSIX >> semaphores to synchronize its IPC between different fork()'s of the >> Python interpreter. >> >> If anyone else has an interest in ths they may wish to test, if not, I >> will try to get around to it eventually. > > When Kris tested it, it made things significantly better. I'm not sure if it > resolved all the issues though. > Some of the self-tests still failed, but there was confusion about whether the tests were broken or the kernel. Kris From owner-svn-src-stable@FreeBSD.ORG Sat Feb 21 19:19:12 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4F3911065673; Sat, 21 Feb 2009 19:19:12 +0000 (UTC) (envelope-from sam@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 3CFBD8FC15; Sat, 21 Feb 2009 19:19:12 +0000 (UTC) (envelope-from sam@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n1LJJC2A073389; Sat, 21 Feb 2009 19:19:12 GMT (envelope-from sam@svn.freebsd.org) Received: (from sam@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n1LJJCs2073388; Sat, 21 Feb 2009 19:19:12 GMT (envelope-from sam@svn.freebsd.org) Message-Id: <200902211919.n1LJJCs2073388@svn.freebsd.org> From: Sam Leffler Date: Sat, 21 Feb 2009 19:19:12 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org X-SVN-Group: stable-7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r188898 - stable/7/share/man/man4 X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Feb 2009 19:19:13 -0000 Author: sam Date: Sat Feb 21 19:19:11 2009 New Revision: 188898 URL: http://svn.freebsd.org/changeset/base/188898 Log: fix cross-refs to wlandebug PR: docs/131927 Submitted by: David Horn Modified: stable/7/share/man/man4/wlan.4 Modified: stable/7/share/man/man4/wlan.4 ============================================================================== --- stable/7/share/man/man4/wlan.4 Sat Feb 21 16:39:26 2009 (r188897) +++ stable/7/share/man/man4/wlan.4 Sat Feb 21 19:19:11 2009 (r188898) @@ -101,7 +101,7 @@ For example, enables debugging messages related to scanning for an access point, adhoc neighbor, or an unoccupied channel when operation as an access point. The -.Xr 80211debug +.Xr wlandebug tool provides a more user-friendly mechanism for doing the same thing. .Pp Many drivers will also display the contents of each 802.11 frame @@ -135,7 +135,8 @@ was used to be compatible with .Xr wlan_tkip 4 , .Xr wlan_wep 4 , .Xr wlan_xauth 4 , -.Xr zyd 4 +.Xr zyd 4 , +.Xr wlandebug 8 .Sh STANDARDS More information can be found in the IEEE 802.11 Standard. .Sh HISTORY