Date: Tue, 28 Jul 2009 20:07:59 GMT From: Andre Oppermann <andre@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 166695 for review Message-ID: <200907282007.n6SK7xA2026688@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=166695 Change 166695 by andre@andre_flirtbox on 2009/07/28 20:07:57 IFC. Affected files ... .. //depot/projects/tcp_reass/amd64/amd64/machdep.c#9 integrate .. //depot/projects/tcp_reass/boot/forth/loader.conf#6 integrate .. //depot/projects/tcp_reass/cddl/contrib/opensolaris/uts/common/fs/zfs/sys/zfs_znode.h#4 integrate .. //depot/projects/tcp_reass/compat/freebsd32/freebsd32_misc.c#7 integrate .. //depot/projects/tcp_reass/compat/linux/linux_mib.c#5 integrate .. //depot/projects/tcp_reass/conf/NOTES#9 integrate .. //depot/projects/tcp_reass/conf/files#12 integrate .. //depot/projects/tcp_reass/dev/ata/ata-all.c#8 integrate .. //depot/projects/tcp_reass/dev/usb/usbdevs#6 integrate .. //depot/projects/tcp_reass/dev/usb/wlan/if_uath.c#5 integrate .. //depot/projects/tcp_reass/i386/i386/machdep.c#8 integrate .. //depot/projects/tcp_reass/kern/kern_jail.c#10 integrate .. //depot/projects/tcp_reass/kern/kern_vimage.c#10 integrate .. //depot/projects/tcp_reass/kern/uipc_socket.c#10 integrate .. //depot/projects/tcp_reass/modules/Makefile#10 integrate .. //depot/projects/tcp_reass/modules/if_epair/Makefile#1 branch .. //depot/projects/tcp_reass/net/if.c#13 integrate .. //depot/projects/tcp_reass/net/if_epair.c#3 integrate .. //depot/projects/tcp_reass/net/if_ethersubr.c#10 integrate .. //depot/projects/tcp_reass/net/if_var.h#9 integrate .. //depot/projects/tcp_reass/net/netisr.h#5 integrate .. //depot/projects/tcp_reass/net80211/ieee80211_hwmp.c#3 integrate .. //depot/projects/tcp_reass/net80211/ieee80211_ioctl.h#9 integrate .. //depot/projects/tcp_reass/net80211/ieee80211_mesh.c#3 integrate .. //depot/projects/tcp_reass/net80211/ieee80211_mesh.h#3 integrate .. //depot/projects/tcp_reass/netinet/if_ether.c#8 integrate .. //depot/projects/tcp_reass/netinet/in.c#9 integrate .. //depot/projects/tcp_reass/netinet/ipfw/ip_fw2.c#7 integrate .. //depot/projects/tcp_reass/netinet/sctp_auth.c#5 integrate .. //depot/projects/tcp_reass/netinet/sctp_indata.c#7 integrate .. //depot/projects/tcp_reass/netinet/sctp_sysctl.c#6 integrate .. //depot/projects/tcp_reass/netinet/sctp_sysctl.h#5 integrate .. //depot/projects/tcp_reass/netinet/sctp_uio.h#5 integrate .. //depot/projects/tcp_reass/netinet/sctputil.c#7 integrate .. //depot/projects/tcp_reass/netinet/sctputil.h#5 integrate .. //depot/projects/tcp_reass/netinet/tcp_input.c#17 integrate .. //depot/projects/tcp_reass/netinet/tcp_syncache.c#8 integrate .. //depot/projects/tcp_reass/netinet6/in6.c#8 integrate .. //depot/projects/tcp_reass/sys/jail.h#7 integrate .. //depot/projects/tcp_reass/sys/vimage.h#10 integrate Differences ... ==== //depot/projects/tcp_reass/amd64/amd64/machdep.c#9 (text+ko) ==== @@ -39,7 +39,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/sys/amd64/amd64/machdep.c,v 1.705 2009/07/09 09:34:11 kib Exp $"); +__FBSDID("$FreeBSD: src/sys/amd64/amd64/machdep.c,v 1.706 2009/07/27 13:51:55 rpaulo Exp $"); #include "opt_atalk.h" #include "opt_atpic.h" @@ -213,7 +213,10 @@ */ sysenv = getenv("smbios.system.product"); if (sysenv != NULL) { - if (strncmp(sysenv, "MacBook", 7) == 0) { + if (strncmp(sysenv, "MacBook1,1", 10) == 0 || + strncmp(sysenv, "MacBookPro1,1", 13) == 0 || + strncmp(sysenv, "MacBookPro1,2", 13) == 0 || + strncmp(sysenv, "Macmini1,1", 10) == 0) { if (bootverbose) printf("Disabling LEGACY_USB_EN bit on " "Intel ICH.\n"); ==== //depot/projects/tcp_reass/boot/forth/loader.conf#6 (text+ko) ==== @@ -6,7 +6,7 @@ # # All arguments must be in double quotes. # -# $FreeBSD: src/sys/boot/forth/loader.conf,v 1.142 2009/06/15 18:22:41 marius Exp $ +# $FreeBSD: src/sys/boot/forth/loader.conf,v 1.143 2009/07/26 12:20:07 bz Exp $ ############################################################## ### Basic configuration options ############################ @@ -190,6 +190,7 @@ if_disc_load="NO" # Discard device if_ef_load="NO" # pseudo-device providing support for multiple # ethernet frame types +if_epair_load="NO" # Virtual b-t-b Ethernet-like interface pair if_faith_load="NO" # IPv6-to-IPv4 TCP relay capturing interface if_gif_load="NO" # generic tunnel interface if_gre_load="NO" # encapsulating network device ==== //depot/projects/tcp_reass/cddl/contrib/opensolaris/uts/common/fs/zfs/sys/zfs_znode.h#4 (text+ko) ==== @@ -78,7 +78,11 @@ /* * Is ID ephemeral? */ +#ifdef TODO #define IS_EPHEMERAL(x) (x > MAXUID) +#else +#define IS_EPHEMERAL(x) (0) +#endif /* * Should we use FUIDs? ==== //depot/projects/tcp_reass/compat/freebsd32/freebsd32_misc.c#7 (text+ko) ==== @@ -25,7 +25,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/sys/compat/freebsd32/freebsd32_misc.c,v 1.92 2009/06/27 13:58:44 rwatson Exp $"); +__FBSDID("$FreeBSD: src/sys/compat/freebsd32/freebsd32_misc.c,v 1.93 2009/07/27 16:03:04 jhb Exp $"); #include "opt_compat.h" #include "opt_inet.h" @@ -1416,8 +1416,8 @@ defined(COMPAT_FREEBSD6) || defined(COMPAT_FREEBSD7) switch (uap->which) { case 0: - return (freebsd32_semctl(td, - (struct freebsd32_semctl_args *)&uap->a2)); + return (freebsd7_freebsd32_semctl(td, + (struct freebsd7_freebsd32_semctl_args *)&uap->a2)); default: return (semsys(td, (struct semsys_args *)uap)); } @@ -1580,8 +1580,8 @@ defined(COMPAT_FREEBSD6) || defined(COMPAT_FREEBSD7) switch (uap->which) { case 0: - return (freebsd32_msgctl(td, - (struct freebsd32_msgctl_args *)&uap->a2)); + return (freebsd7_freebsd32_msgctl(td, + (struct freebsd7_freebsd32_msgctl_args *)&uap->a2)); case 2: return (freebsd32_msgsnd(td, (struct freebsd32_msgsnd_args *)&uap->a2)); @@ -1751,12 +1751,12 @@ return (sysent[SYS_shmget].sy_call(td, &ap)); } case 4: { /* shmctl */ - struct freebsd32_shmctl_args ap; + struct freebsd7_freebsd32_shmctl_args ap; ap.shmid = uap->a2; ap.cmd = uap->a3; ap.buf = PTRIN(uap->a4); - return (freebsd32_shmctl(td, &ap)); + return (freebsd7_freebsd32_shmctl(td, &ap)); } case 1: /* oshmctl */ default: ==== //depot/projects/tcp_reass/compat/linux/linux_mib.c#5 (text+ko) ==== @@ -27,7 +27,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/sys/compat/linux/linux_mib.c,v 1.36 2009/05/27 14:11:23 jamie Exp $"); +__FBSDID("$FreeBSD: src/sys/compat/linux/linux_mib.c,v 1.37 2009/07/25 14:48:57 jamie Exp $"); #include <sys/param.h> #include <sys/kernel.h> @@ -237,12 +237,14 @@ { struct prison *pr = obj; struct vfsoptlist *opts = data; + int jsys; - if (vfs_flagopt(opts, "nolinux", NULL, 0)) + if (vfs_copyopt(opts, "linux", &jsys, sizeof(jsys)) == 0 && + jsys == JAIL_SYS_INHERIT) return (0); /* * Inherit a prison's initial values from its parent - * (different from NULL which also inherits changes). + * (different from JAIL_SYS_INHERIT which also inherits changes). */ return linux_alloc_prison(pr, NULL); } @@ -252,11 +254,16 @@ { struct vfsoptlist *opts = data; char *osname, *osrelease; - int error, len, osrel, oss_version; + int error, jsys, len, osrel, oss_version; /* Check that the parameters are correct. */ - (void)vfs_flagopt(opts, "linux", NULL, 0); - (void)vfs_flagopt(opts, "nolinux", NULL, 0); + error = vfs_copyopt(opts, "linux", &jsys, sizeof(jsys)); + if (error != ENOENT) { + if (error != 0) + return (error); + if (jsys != JAIL_SYS_NEW && jsys != JAIL_SYS_INHERIT) + return (EINVAL); + } error = vfs_getopt(opts, "linux.osname", (void **)&osname, &len); if (error != ENOENT) { if (error != 0) @@ -296,33 +303,40 @@ struct prison *pr = obj; struct vfsoptlist *opts = data; char *osname, *osrelease; - int error, gotversion, len, nolinux, oss_version, yeslinux; + int error, gotversion, jsys, len, oss_version; /* Set the parameters, which should be correct. */ - yeslinux = vfs_flagopt(opts, "linux", NULL, 0); - nolinux = vfs_flagopt(opts, "nolinux", NULL, 0); + error = vfs_copyopt(opts, "linux", &jsys, sizeof(jsys)); + if (error == ENOENT) + jsys = -1; error = vfs_getopt(opts, "linux.osname", (void **)&osname, &len); if (error == ENOENT) osname = NULL; else - yeslinux = 1; + jsys = JAIL_SYS_NEW; error = vfs_getopt(opts, "linux.osrelease", (void **)&osrelease, &len); if (error == ENOENT) osrelease = NULL; else - yeslinux = 1; + jsys = JAIL_SYS_NEW; error = vfs_copyopt(opts, "linux.oss_version", &oss_version, sizeof(oss_version)); - gotversion = (error == 0); - yeslinux |= gotversion; - if (nolinux) { - /* "nolinux": inherit the parent's Linux info. */ + if (error == ENOENT) + gotversion = 0; + else { + gotversion = 1; + jsys = JAIL_SYS_NEW; + } + switch (jsys) { + case JAIL_SYS_INHERIT: + /* "linux=inherit": inherit the parent's Linux info. */ mtx_lock(&pr->pr_mtx); osd_jail_del(pr, linux_osd_jail_slot); mtx_unlock(&pr->pr_mtx); - } else if (yeslinux) { + break; + case JAIL_SYS_NEW: /* - * "linux" or "linux.*": + * "linux=new" or "linux.*": * the prison gets its own Linux info. */ error = linux_alloc_prison(pr, &lpr); @@ -348,9 +362,7 @@ return (0); } -SYSCTL_JAIL_PARAM_NODE(linux, "Jail Linux parameters"); -SYSCTL_JAIL_PARAM(, nolinux, CTLTYPE_INT | CTLFLAG_RW, - "BN", "Jail w/ no Linux parameters"); +SYSCTL_JAIL_PARAM_SYS_NODE(linux, CTLFLAG_RW, "Jail Linux parameters"); SYSCTL_JAIL_PARAM_STRING(_linux, osname, CTLFLAG_RW, LINUX_MAX_UTSNAME, "Jail Linux kernel OS name"); SYSCTL_JAIL_PARAM_STRING(_linux, osrelease, CTLFLAG_RW, LINUX_MAX_UTSNAME, @@ -371,15 +383,22 @@ /* See if this prison is the one with the Linux info. */ lpr = linux_find_prison(pr, &ppr); - i = (ppr == pr); + i = (ppr == pr) ? JAIL_SYS_NEW : JAIL_SYS_INHERIT; error = vfs_setopt(opts, "linux", &i, sizeof(i)); if (error != 0 && error != ENOENT) goto done; - i = !i; - error = vfs_setopt(opts, "nolinux", &i, sizeof(i)); - if (error != 0 && error != ENOENT) - goto done; if (i) { + error = vfs_setopts(opts, "linux.osname", lpr->pr_osname); + if (error != 0 && error != ENOENT) + goto done; + error = vfs_setopts(opts, "linux.osrelease", lpr->pr_osrelease); + if (error != 0 && error != ENOENT) + goto done; + error = vfs_setopt(opts, "linux.oss_version", + &lpr->pr_oss_version, sizeof(lpr->pr_oss_version)); + if (error != 0 && error != ENOENT) + goto done; + } else { /* * If this prison is inheriting its Linux info, report * empty/zero parameters. @@ -394,17 +413,6 @@ sizeof(lpr->pr_oss_version)); if (error != 0 && error != ENOENT) goto done; - } else { - error = vfs_setopts(opts, "linux.osname", lpr->pr_osname); - if (error != 0 && error != ENOENT) - goto done; - error = vfs_setopts(opts, "linux.osrelease", lpr->pr_osrelease); - if (error != 0 && error != ENOENT) - goto done; - error = vfs_setopt(opts, "linux.oss_version", - &lpr->pr_oss_version, sizeof(lpr->pr_oss_version)); - if (error != 0 && error != ENOENT) - goto done; } error = 0; ==== //depot/projects/tcp_reass/conf/NOTES#9 (text+ko) ==== @@ -1,4 +1,4 @@ -# $FreeBSD: src/sys/conf/NOTES,v 1.1550 2009/07/11 15:02:45 rpaulo Exp $ +# $FreeBSD: src/sys/conf/NOTES,v 1.1553 2009/07/26 12:20:07 bz Exp $ # # NOTES -- Lines that can be cut/pasted into kernel and hints configs. # @@ -784,6 +784,10 @@ # included for testing and benchmarking purposes. device disc +# The `epair' device implements a virtual back-to-back connected Ethernet +# like interface pair. +device epair + # The `edsc' device implements a minimal Ethernet interface, # which discards all packets sent and receives none. device edsc @@ -1638,6 +1642,18 @@ device twe # 3ware ATA RAID # +# Serial ATA host controllers: +# +# ahci: Advanced Host Controller Interface (AHCI) compatible +# siis: SiliconImage SiI3124/SiI3132/SiI3531 controllers +# +# These drivers are part of cam(4) subsystem. They supersede less featured +# ata(4) subsystem drivers, supporting same hardware. + +device ahci +device siis + +# # The 'ATA' driver supports all ATA and ATAPI devices, including PC Card # devices. You only need one "device ata" for it to find all # PCI and PC Card ATA/ATAPI devices on modern machines. ==== //depot/projects/tcp_reass/conf/files#12 (text+ko) ==== @@ -1,4 +1,4 @@ -# $FreeBSD: src/sys/conf/files,v 1.1456 2009/07/24 13:50:29 jhb Exp $ +# $FreeBSD: src/sys/conf/files,v 1.1457 2009/07/26 12:20:07 bz Exp $ # # The long compile-with and dependency lines are required because of # limitations in config: backslash-newline doesn't work in strings, and @@ -2202,6 +2202,7 @@ net/if_edsc.c optional edsc net/if_ef.c optional ef net/if_enc.c optional enc ipsec inet | enc ipsec inet6 +net/if_epair.c optional epair net/if_ethersubr.c optional ether \ compile-with "${NORMAL_C} -I$S/contrib/pf" net/if_faith.c optional faith ==== //depot/projects/tcp_reass/dev/ata/ata-all.c#8 (text+ko) ==== @@ -25,7 +25,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/sys/dev/ata/ata-all.c,v 1.306 2009/07/16 19:48:39 mav Exp $"); +__FBSDID("$FreeBSD: src/sys/dev/ata/ata-all.c,v 1.307 2009/07/26 14:04:48 mav Exp $"); #include "opt_ata.h" #include <sys/param.h> @@ -711,7 +711,7 @@ struct ata_channel *ch = device_get_softc(dev); struct ata_device *atadev; device_t *children; - device_t child; + device_t child, master = NULL; int nchildren, i, n = ch->devices; if (bootverbose) @@ -748,6 +748,15 @@ unit = (device_get_unit(dev) << 1) + i; #endif if ((child = ata_add_child(dev, atadev, unit))) { + /* + * PATA slave should be identified first, to allow + * device cable detection on master to work properly. + */ + if (i == 0 && (n & ATA_PORTMULTIPLIER) == 0 && + (n & ((ATA_ATA_MASTER | ATA_ATAPI_MASTER) << 1)) != 0) { + master = child; + continue; + } if (ata_getparam(atadev, 1)) { device_delete_child(dev, child); free(atadev, M_ATA); @@ -757,6 +766,13 @@ free(atadev, M_ATA); } } + if (master) { + atadev = device_get_softc(master); + if (ata_getparam(atadev, 1)) { + device_delete_child(dev, master); + free(atadev, M_ATA); + } + } bus_generic_probe(dev); bus_generic_attach(dev); mtx_unlock(&Giant); ==== //depot/projects/tcp_reass/dev/usb/usbdevs#6 (text+ko) ==== @@ -1,4 +1,4 @@ -$FreeBSD: src/sys/dev/usb/usbdevs,v 1.418 2009/06/26 21:47:37 delphij Exp $ +$FreeBSD: src/sys/dev/usb/usbdevs,v 1.419 2009/07/27 20:17:20 weongyo Exp $ /* $NetBSD: usbdevs,v 1.392 2004/12/29 08:38:44 imp Exp $ */ /*- @@ -1179,6 +1179,8 @@ product DLINK2 WUA1340 0x3c04 WUA-1340 product DLINK2 DWA111 0x3c06 DWA-111 product DLINK2 DWA110 0x3c07 DWA-110 +product DLINK2 DWA120_NF 0x3c0d DWA-120 (no firmware) +product DLINK2 DWA120 0x3c0e DWA-120 /* DMI products */ product DMI CFSM_RW 0xa109 CF/SM Reader/Writer ==== //depot/projects/tcp_reass/dev/usb/wlan/if_uath.c#5 (text+ko) ==== @@ -49,7 +49,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/sys/dev/usb/wlan/if_uath.c,v 1.16 2009/06/23 02:19:59 thompsa Exp $"); +__FBSDID("$FreeBSD: src/sys/dev/usb/wlan/if_uath.c,v 1.17 2009/07/27 20:17:20 weongyo Exp $"); /*- * Driver for Atheros AR5523 USB parts. @@ -180,6 +180,7 @@ UATH_DEV(DLINK, DWLAG122), UATH_DEV(DLINK, DWLAG132), UATH_DEV(DLINK, DWLG132), + UATH_DEV(DLINK2, DWA120), UATH_DEV(GIGASET, AR5523), UATH_DEV(GIGASET, SMCWUSBTG), UATH_DEV(GLOBALSUN, AR5523_1), ==== //depot/projects/tcp_reass/i386/i386/machdep.c#8 (text+ko) ==== @@ -38,7 +38,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/sys/i386/i386/machdep.c,v 1.686 2009/06/23 22:42:39 jeff Exp $"); +__FBSDID("$FreeBSD: src/sys/i386/i386/machdep.c,v 1.687 2009/07/27 13:51:55 rpaulo Exp $"); #include "opt_apic.h" #include "opt_atalk.h" @@ -257,7 +257,10 @@ */ sysenv = getenv("smbios.system.product"); if (sysenv != NULL) { - if (strncmp(sysenv, "MacBook", 7) == 0) { + if (strncmp(sysenv, "MacBook1,1", 10) == 0 || + strncmp(sysenv, "MacBookPro1,1", 13) == 0 || + strncmp(sysenv, "MacBookPro1,2", 13) == 0 || + strncmp(sysenv, "Macmini1,1", 10) == 0) { if (bootverbose) printf("Disabling LEGACY_USB_EN bit on " "Intel ICH.\n"); ==== //depot/projects/tcp_reass/kern/kern_jail.c#10 (text+ko) ==== @@ -27,7 +27,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/sys/kern/kern_jail.c,v 1.112 2009/07/17 14:48:21 jamie Exp $"); +__FBSDID("$FreeBSD: src/sys/kern/kern_jail.c,v 1.113 2009/07/25 14:48:57 jamie Exp $"); #include "opt_compat.h" #include "opt_ddb.h" @@ -120,29 +120,26 @@ */ static char *pr_flag_names[] = { [0] = "persist", - "host", -#ifdef INET - "ip4", -#endif -#ifdef INET6 - [3] = "ip6", -#endif -#ifdef VIMAGE - [4] = "vnet", -#endif }; static char *pr_flag_nonames[] = { [0] = "nopersist", - "nohost", +}; + +struct jailsys_flags { + const char *name; + unsigned disable; + unsigned new; +} pr_flag_jailsys[] = { + { "host", 0, PR_HOST }, +#ifdef VIMAGE + { "vnet", 0, PR_VNET }, +#endif #ifdef INET - "noip4", + { "ip4", PR_IP4_USER | PR_IP4_DISABLE, PR_IP4_USER }, #endif #ifdef INET6 - [3] = "noip6", -#endif -#ifdef VIMAGE - [4] = "novnet", + { "ip6", PR_IP6_USER | PR_IP6_DISABLE, PR_IP6_USER }, #endif }; @@ -478,7 +475,8 @@ unsigned long hid; size_t namelen, onamelen; int created, cuflags, descend, enforce, error, errmsg_len, errmsg_pos; - int gotchildmax, gotenforce, gothid, gotslevel, fi, jid, len, level; + int gotchildmax, gotenforce, gothid, gotslevel; + int fi, jid, jsys, len, level; int childmax, slevel, vfslocked; #if defined(INET) || defined(INET6) int ii, ij; @@ -569,6 +567,34 @@ vfs_flagopt(opts, pr_flag_nonames[fi], &ch_flags, 1 << fi); } ch_flags |= pr_flags; + for (fi = 0; fi < sizeof(pr_flag_jailsys) / sizeof(pr_flag_jailsys[0]); + fi++) { + error = vfs_copyopt(opts, pr_flag_jailsys[fi].name, &jsys, + sizeof(jsys)); + if (error == ENOENT) + continue; + if (error != 0) + goto done_free; + switch (jsys) { + case JAIL_SYS_DISABLE: + if (!pr_flag_jailsys[fi].disable) { + error = EINVAL; + goto done_free; + } + pr_flags |= pr_flag_jailsys[fi].disable; + break; + case JAIL_SYS_NEW: + pr_flags |= pr_flag_jailsys[fi].new; + break; + case JAIL_SYS_INHERIT: + break; + default: + error = EINVAL; + goto done_free; + } + ch_flags |= + pr_flag_jailsys[fi].new | pr_flag_jailsys[fi].disable; + } if ((flags & (JAIL_CREATE | JAIL_UPDATE | JAIL_ATTACH)) == JAIL_CREATE && !(pr_flags & PR_PERSIST)) { error = EINVAL; @@ -684,16 +710,18 @@ #ifdef INET error = vfs_getopt(opts, "ip4.addr", &op, &ip4s); if (error == ENOENT) - ip4s = -1; + ip4s = (pr_flags & PR_IP4_DISABLE) ? 0 : -1; else if (error != 0) goto done_free; else if (ip4s & (sizeof(*ip4) - 1)) { error = EINVAL; goto done_free; } else { - ch_flags |= PR_IP4_USER; - pr_flags |= PR_IP4_USER; - if (ip4s > 0) { + ch_flags |= PR_IP4_USER | PR_IP4_DISABLE; + if (ip4s == 0) + pr_flags |= PR_IP4_USER | PR_IP4_DISABLE; + else { + pr_flags = (pr_flags & ~PR_IP4_DISABLE) | PR_IP4_USER; ip4s /= sizeof(*ip4); if (ip4s > jail_max_af_ips) { error = EINVAL; @@ -745,16 +773,18 @@ #ifdef INET6 error = vfs_getopt(opts, "ip6.addr", &op, &ip6s); if (error == ENOENT) - ip6s = -1; + ip6s = (pr_flags & PR_IP6_DISABLE) ? 0 : -1; else if (error != 0) goto done_free; else if (ip6s & (sizeof(*ip6) - 1)) { error = EINVAL; goto done_free; } else { - ch_flags |= PR_IP6_USER; - pr_flags |= PR_IP6_USER; - if (ip6s > 0) { + ch_flags |= PR_IP6_USER | PR_IP6_DISABLE; + if (ip6s == 0) + pr_flags |= PR_IP6_USER | PR_IP6_DISABLE; + else { + pr_flags = (pr_flags & ~PR_IP6_DISABLE) | PR_IP6_USER; ip6s /= sizeof(*ip6); if (ip6s > jail_max_af_ips) { error = EINVAL; @@ -1968,6 +1998,19 @@ if (error != 0 && error != ENOENT) goto done_deref; } + for (fi = 0; fi < sizeof(pr_flag_jailsys) / sizeof(pr_flag_jailsys[0]); + fi++) { + i = pr->pr_flags & + (pr_flag_jailsys[fi].disable | pr_flag_jailsys[fi].new); + i = pr_flag_jailsys[fi].disable && + (i == pr_flag_jailsys[fi].disable) ? JAIL_SYS_DISABLE + : (i == pr_flag_jailsys[fi].new) ? JAIL_SYS_NEW + : JAIL_SYS_INHERIT; + error = + vfs_setopt(opts, pr_flag_jailsys[fi].name, &i, sizeof(i)); + if (error != 0 && error != ENOENT) + goto done_deref; + } for (fi = 0; fi < sizeof(pr_allow_names) / sizeof(pr_allow_names[0]); fi++) { if (pr_allow_names[fi] == NULL) @@ -2614,6 +2657,7 @@ } } if (pr->pr_ip4s == 0) { + pr->pr_flags |= PR_IP4_DISABLE; free(pr->pr_ip4, M_PRISON); pr->pr_ip4 = NULL; } @@ -2918,6 +2962,7 @@ } } if (pr->pr_ip6s == 0) { + pr->pr_flags |= PR_IP6_DISABLE; free(pr->pr_ip6, M_PRISON); pr->pr_ip6 = NULL; } @@ -4035,7 +4080,7 @@ "B", "Jail persistence"); #ifdef VIMAGE SYSCTL_JAIL_PARAM(, vnet, CTLTYPE_INT | CTLFLAG_RDTUN, - "B", "Virtual network stack"); + "E,jailsys", "Virtual network stack"); #endif SYSCTL_JAIL_PARAM(, dying, CTLTYPE_INT | CTLFLAG_RD, "B", "Jail is in the process of shutting down"); @@ -4046,9 +4091,7 @@ SYSCTL_JAIL_PARAM(_children, max, CTLTYPE_INT | CTLFLAG_RW, "I", "Maximum number of child jails"); -SYSCTL_JAIL_PARAM_NODE(host, "Jail host info"); -SYSCTL_JAIL_PARAM(, nohost, CTLTYPE_INT | CTLFLAG_RW, - "BN", "Jail w/ no host info"); +SYSCTL_JAIL_PARAM_SYS_NODE(host, CTLFLAG_RW, "Jail host info"); SYSCTL_JAIL_PARAM_STRING(_host, hostname, CTLFLAG_RW, MAXHOSTNAMELEN, "Jail hostname"); SYSCTL_JAIL_PARAM_STRING(_host, domainname, CTLFLAG_RW, MAXHOSTNAMELEN, @@ -4062,16 +4105,12 @@ SYSCTL_JAIL_PARAM(_cpuset, id, CTLTYPE_INT | CTLFLAG_RD, "I", "Jail cpuset ID"); #ifdef INET -SYSCTL_JAIL_PARAM_NODE(ip4, "Jail IPv4 address virtualization"); -SYSCTL_JAIL_PARAM(, noip4, CTLTYPE_INT | CTLFLAG_RW, - "BN", "Jail w/ no IP address virtualization"); +SYSCTL_JAIL_PARAM_SYS_NODE(ip4, CTLFLAG_RW, "Jail IPv4 address virtualization"); SYSCTL_JAIL_PARAM_STRUCT(_ip4, addr, CTLFLAG_RW, sizeof(struct in_addr), "S,in_addr,a", "Jail IPv4 addresses"); #endif #ifdef INET6 -SYSCTL_JAIL_PARAM_NODE(ip6, "Jail IPv6 address virtualization"); -SYSCTL_JAIL_PARAM(, noip6, CTLTYPE_INT | CTLFLAG_RW, - "BN", "Jail w/ no IP address virtualization"); +SYSCTL_JAIL_PARAM_SYS_NODE(ip6, CTLFLAG_RW, "Jail IPv6 address virtualization"); SYSCTL_JAIL_PARAM_STRUCT(_ip6, addr, CTLFLAG_RW, sizeof(struct in6_addr), "S,in6_addr,a", "Jail IPv6 addresses"); #endif @@ -4102,6 +4141,7 @@ #if defined(INET) || defined(INET6) int ii; #endif + unsigned jsf; #ifdef INET6 char ip6buf[INET6_ADDRSTRLEN]; #endif @@ -4128,6 +4168,16 @@ fi++) if (pr_flag_names[fi] != NULL && (pr->pr_flags & (1 << fi))) db_printf(" %s", pr_flag_names[fi]); + for (fi = 0; fi < sizeof(pr_flag_jailsys) / sizeof(pr_flag_jailsys[0]); + fi++) { + jsf = pr->pr_flags & + (pr_flag_jailsys[fi].disable | pr_flag_jailsys[fi].new); + db_printf(" %-16s= %s\n", pr_flag_jailsys[fi].name, + pr_flag_jailsys[fi].disable && + (jsf == pr_flag_jailsys[fi].disable) ? "disable" + : (jsf == pr_flag_jailsys[fi].new) ? "new" + : "inherit"); + } db_printf(" allow = %x", pr->pr_allow); for (fi = 0; fi < sizeof(pr_allow_names) / sizeof(pr_allow_names[0]); fi++) ==== //depot/projects/tcp_reass/kern/kern_vimage.c#10 (text+ko) ==== @@ -29,7 +29,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/sys/kern/kern_vimage.c,v 1.17 2009/07/23 20:46:49 rwatson Exp $"); +__FBSDID("$FreeBSD: src/sys/kern/kern_vimage.c,v 1.18 2009/07/26 11:29:26 bz Exp $"); #include "opt_ddb.h" @@ -68,61 +68,6 @@ struct vnet_list_head vnet_head; struct vnet *vnet0; -/* - * Move an ifnet to or from another vnet, specified by the jail id. - */ -int -vi_if_move(struct thread *td, struct ifnet *ifp, char *ifname, int jid) -{ - struct ifnet *t_ifp; - struct prison *pr; - struct vnet *new_vnet; - int error; - - sx_slock(&allprison_lock); - pr = prison_find_child(td->td_ucred->cr_prison, jid); - sx_sunlock(&allprison_lock); - if (pr == NULL) - return (ENXIO); - prison_hold_locked(pr); - mtx_unlock(&pr->pr_mtx); - if (ifp != NULL) { - /* SIOCSIFVNET */ - new_vnet = pr->pr_vnet; - } else { - /* SIOCSIFRVNET */ - new_vnet = TD_TO_VNET(td); - CURVNET_SET(pr->pr_vnet); - ifp = ifunit(ifname); - CURVNET_RESTORE(); - if (ifp == NULL) { - prison_free(pr); - return (ENXIO); - } - } - - error = 0; - if (new_vnet != ifp->if_vnet) { - /* - * Check for naming clashes in target vnet. Not locked so races - * are possible. - */ - CURVNET_SET_QUIET(new_vnet); - t_ifp = ifunit(ifname); - CURVNET_RESTORE(); - if (t_ifp != NULL) - error = EEXIST; - else { - /* Detach from curvnet and attach to new_vnet. */ - if_vmove(ifp, new_vnet); - - /* Report the new if_xname back to the userland */ - sprintf(ifname, "%s", ifp->if_xname); - } - } - prison_free(pr); - return (error); -} struct vnet * vnet_alloc(void) ==== //depot/projects/tcp_reass/kern/uipc_socket.c#10 (text+ko) ==== @@ -95,7 +95,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/sys/kern/uipc_socket.c,v 1.338 2009/07/19 17:40:45 rwatson Exp $"); +__FBSDID("$FreeBSD: src/sys/kern/uipc_socket.c,v 1.339 2009/07/28 19:43:27 julian Exp $"); #include "opt_inet.h" #include "opt_inet6.h" @@ -438,6 +438,7 @@ so->so_options = head->so_options &~ SO_ACCEPTCONN; so->so_linger = head->so_linger; so->so_state = head->so_state | SS_NOFDREF; + so->so_fibnum = head->so_fibnum; so->so_proto = head->so_proto; so->so_cred = crhold(head->so_cred); #ifdef MAC ==== //depot/projects/tcp_reass/modules/Makefile#10 (text+ko) ==== @@ -1,4 +1,4 @@ -# $FreeBSD: src/sys/modules/Makefile,v 1.622 2009/07/21 12:32:46 mav Exp $ +# $FreeBSD: src/sys/modules/Makefile,v 1.623 2009/07/26 12:20:07 bz Exp $ .include <bsd.own.mk> @@ -109,6 +109,7 @@ if_disc \ if_edsc \ if_ef \ + if_epair \ if_faith \ if_gif \ if_gre \ ==== //depot/projects/tcp_reass/net/if.c#13 (text+ko) ==== @@ -27,7 +27,7 @@ * SUCH DAMAGE. * * @(#)if.c 8.5 (Berkeley) 1/9/95 - * $FreeBSD: src/sys/net/if.c,v 1.357 2009/07/23 20:46:49 rwatson Exp $ + * $FreeBSD: src/sys/net/if.c,v 1.358 2009/07/26 11:29:26 bz Exp $ */ #include "opt_compat.h" @@ -894,6 +894,94 @@ CURVNET_RESTORE(); } + +/* + * Move an ifnet to or from another child prison/vnet, specified by the jail id. + */ +static int +if_vmove_loan(struct thread *td, struct ifnet *ifp, char *ifname, int jid) +{ + struct prison *pr; + struct ifnet *difp; + + /* Try to find the prison within our visibility. */ + sx_slock(&allprison_lock); + pr = prison_find_child(td->td_ucred->cr_prison, jid); + sx_sunlock(&allprison_lock); + if (pr == NULL) + return (ENXIO); + prison_hold_locked(pr); + mtx_unlock(&pr->pr_mtx); + + /* Do not try to move the iface from and to the same prison. */ + if (pr->pr_vnet == ifp->if_vnet) { + prison_free(pr); + return (EEXIST); + } + + /* Make sure the named iface does not exists in the dst. prison/vnet. */ + /* XXX Lock interfaces to avoid races. */ + CURVNET_SET(pr->pr_vnet); + difp = ifunit(ifname); + CURVNET_RESTORE(); + if (difp != NULL) { + prison_free(pr); + return (EEXIST); + } + + /* Move the interface into the child jail/vnet. */ + if_vmove(ifp, pr->pr_vnet); + + /* Report the new if_xname back to the userland. */ + sprintf(ifname, "%s", ifp->if_xname); + + prison_free(pr); + return (0); +} + +static int +if_vmove_reclaim(struct thread *td, char *ifname, int jid) +{ + struct prison *pr; + struct vnet *vnet_dst; + struct ifnet *ifp; + + /* Try to find the prison within our visibility. */ + sx_slock(&allprison_lock); + pr = prison_find_child(td->td_ucred->cr_prison, jid); + sx_sunlock(&allprison_lock); + if (pr == NULL) + return (ENXIO); + prison_hold_locked(pr); + mtx_unlock(&pr->pr_mtx); + + /* Make sure the named iface exists in the source prison/vnet. */ + CURVNET_SET(pr->pr_vnet); + ifp = ifunit(ifname); /* XXX Lock to avoid races. */ + if (ifp == NULL) { + CURVNET_RESTORE(); + prison_free(pr); + return (ENXIO); + } + + /* Do not try to move the iface from and to the same prison. */ + vnet_dst = TD_TO_VNET(td); + if (vnet_dst == ifp->if_vnet) { + CURVNET_RESTORE(); + prison_free(pr); + return (EEXIST); + } + + /* Get interface back from child jail/vnet. */ + if_vmove(ifp, vnet_dst); + CURVNET_RESTORE(); + + /* Report the new if_xname back to the userland. */ + sprintf(ifname, "%s", ifp->if_xname); + + prison_free(pr); + return (0); +} #endif /* VIMAGE */ /* @@ -1990,7 +2078,7 @@ error = priv_check(td, PRIV_NET_SETIFVNET); if (error) return (error); - error = vi_if_move(td, ifp, ifr->ifr_name, ifr->ifr_jid); + error = if_vmove_loan(td, ifp, ifr->ifr_name, ifr->ifr_jid); break; #endif @@ -2184,7 +2272,7 @@ error = priv_check(td, PRIV_NET_SETIFVNET); if (error) return (error); - return (vi_if_move(td, NULL, ifr->ifr_name, ifr->ifr_jid)); + return (if_vmove_reclaim(td, ifr->ifr_name, ifr->ifr_jid)); #endif case SIOCIFCREATE: case SIOCIFCREATE2: ==== //depot/projects/tcp_reass/net/if_epair.c#3 (text+ko) ==== @@ -1,5 +1,6 @@ /*- * Copyright (c) 2008 The FreeBSD Foundation + * Copyright (c) 2009 Bjoern A. Zeeb <bz@FreeBSD.org> * All rights reserved. * * This software was developed by CK Software GmbH under sponsorship @@ -28,22 +29,26 @@ */ /* - * A pair of virtual ethernet interfaces directly connected with - * a virtual cross-over cable. + * A pair of virtual back-to-back connected ethernet like interfaces + * (``two interfaces with a virtual cross-over cable''). + * * This is mostly intended to be used to provide connectivity between * different virtual network stack instances. */ /* * Things to re-think once we have more experience: - * - ifp->if_reassign function once we can test with vimage. - * - Real random etheraddrs that are checked to be uniquish; - * in case we bridge we may need this or let the user handle that case? - * - netisr and callback logic. - * - netisr queue lengths. + * - ifp->if_reassign function once we can test with vimage. Depending on + * how if_vomve() is going to be improved. + * - Real random etheraddrs that are checked to be uniquish; we would need + * to re-do them in case we move the interface between network stacks + * in a private if_reassign function. + * In case we bridge to a real interface/network or between indepedent >>> TRUNCATED FOR MAIL (1000 lines) <<<
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200907282007.n6SK7xA2026688>