Date: Wed, 6 May 2009 22:56:10 GMT From: Marko Zec <zec@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 161689 for review Message-ID: <200905062256.n46MuAnE055819@repoman.freebsd.org>
index | next in thread | raw e-mail
http://perforce.freebsd.org/chv.cgi?CH=161689 Change 161689 by zec@zec_tpx32 on 2009/05/06 22:55:55 Another integ vc -> vc2. Affected files ... .. //depot/projects/vimage-commit2/src/sys/compat/svr4/svr4_stat.c#7 integrate .. //depot/projects/vimage-commit2/src/sys/kern/init_main.c#9 integrate .. //depot/projects/vimage-commit2/src/sys/kern/kern_exit.c#9 integrate .. //depot/projects/vimage-commit2/src/sys/kern/kern_fork.c#9 integrate .. //depot/projects/vimage-commit2/src/sys/kern/kern_jail.c#19 integrate .. //depot/projects/vimage-commit2/src/sys/kern/kern_linker.c#12 integrate .. //depot/projects/vimage-commit2/src/sys/kern/kern_prot.c#6 integrate .. //depot/projects/vimage-commit2/src/sys/kern/kern_vimage.c#27 integrate .. //depot/projects/vimage-commit2/src/sys/sys/sysctl.h#20 integrate .. //depot/projects/vimage-commit2/src/sys/sys/vimage.h#51 integrate Differences ... ==== //depot/projects/vimage-commit2/src/sys/compat/svr4/svr4_stat.c#7 (text+ko) ==== @@ -412,6 +412,7 @@ struct thread *td; struct svr4_sys_systeminfo_args *uap; { + INIT_VPROCG(TD_TO_VPROCG(td)); char *str = NULL; int error = 0; register_t *retval = td->td_retval; ==== //depot/projects/vimage-commit2/src/sys/kern/init_main.c#9 (text+ko) ==== @@ -454,7 +454,9 @@ p->p_ucred->cr_ruidinfo = uifind(0); p->p_ucred->cr_prison = NULL; /* Don't jail it. */ #ifdef VIMAGE - p->p_ucred->cr_vimage = LIST_FIRST(&vimage_head); + P_TO_VIMAGE(p) = LIST_FIRST(&vimage_head); + refcount_acquire(&P_TO_VIMAGE(p)->vi_ucredrefc); + LIST_FIRST(&vprocg_head)->nprocs++; #endif #ifdef AUDIT audit_cred_kproc0(p->p_ucred); ==== //depot/projects/vimage-commit2/src/sys/kern/kern_exit.c#9 (text+ko) ==== @@ -70,6 +70,7 @@ #include <sys/sdt.h> #include <sys/shm.h> #include <sys/sem.h> +#include <sys/vimage.h> #ifdef KTRACE #include <sys/ktrace.h> #endif @@ -737,6 +738,7 @@ nfound++; PROC_SLOCK(p); if (p->p_state == PRS_ZOMBIE) { + INIT_VPROCG(P_TO_VPROCG(p)); if (rusage) { *rusage = p->p_ru; calcru(p, &rusage->ru_utime, &rusage->ru_stime); @@ -837,6 +839,9 @@ uma_zfree(proc_zone, p); sx_xlock(&allproc_lock); nprocs--; +#ifdef VIMAGE + vprocg->nprocs--; +#endif sx_xunlock(&allproc_lock); return (0); } ==== //depot/projects/vimage-commit2/src/sys/kern/kern_fork.c#9 (text+ko) ==== @@ -350,6 +350,9 @@ * are hard-limits as to the number of processes that can run. */ nprocs++; +#ifdef VIMAGE + P_TO_VPROCG(p1)->nprocs++; +#endif /* * Find an unused process ID. We remember a range of unused IDs ==== //depot/projects/vimage-commit2/src/sys/kern/kern_jail.c#19 (text+ko) ==== @@ -2219,6 +2219,10 @@ if (cred2->cr_prison != cred1->cr_prison) return (ESRCH); } +#ifdef VIMAGE + if (cred2->cr_vimage->v_procg != cred1->cr_vimage->v_procg) + return (ESRCH); +#endif return (0); } ==== //depot/projects/vimage-commit2/src/sys/kern/kern_linker.c#12 (text+ko) ==== @@ -992,6 +992,12 @@ if ((error = priv_check(td, PRIV_KLD_LOAD)) != 0) return (error); +#ifdef VIMAGE + /* Only the default vimage is permitted to kldload modules. */ + if (!IS_DEFAULT_VIMAGE(TD_TO_VIMAGE(td))) + return (EPERM); +#endif + /* * It's possible that kldloaded module will attach a new ifnet, * so vnet context must be set when this ocurs. @@ -1063,6 +1069,12 @@ if ((error = priv_check(td, PRIV_KLD_UNLOAD)) != 0) return (error); +#ifdef VIMAGE + /* Only the default vimage is permitted to kldunload modules. */ + if (!IS_DEFAULT_VIMAGE(TD_TO_VIMAGE(td))) + return (EPERM); +#endif + CURVNET_SET(TD_TO_VNET(td)); KLD_LOCK(); lf = linker_find_file_by_id(fileid); ==== //depot/projects/vimage-commit2/src/sys/kern/kern_prot.c#6 (text+ko) ==== @@ -1824,6 +1824,9 @@ */ if (jailed(cr)) prison_free(cr->cr_prison); +#ifdef VIMAGE + refcount_release(&cr->cr_vimage->vi_ucredrefc); +#endif #ifdef AUDIT audit_cred_destroy(cr); #endif @@ -1859,6 +1862,10 @@ uihold(dest->cr_ruidinfo); if (jailed(dest)) prison_hold(dest->cr_prison); +#ifdef VIMAGE + KASSERT(src->cr_vimage != NULL, ("cr_vimage == NULL")); + refcount_acquire(&dest->cr_vimage->vi_ucredrefc); +#endif #ifdef AUDIT audit_cred_copy(src, dest); #endif ==== //depot/projects/vimage-commit2/src/sys/kern/kern_vimage.c#27 (text+ko) ==== @@ -59,6 +59,10 @@ struct vimage_list_head vimage_head; struct vnet_list_head vnet_head; struct vprocg_list_head vprocg_head; +#else +#ifndef VIMAGE_GLOBALS +struct vprocg vprocg_0; +#endif #endif void ==== //depot/projects/vimage-commit2/src/sys/sys/sysctl.h#20 (text+ko) ==== @@ -459,6 +459,10 @@ TD_TO_VNET(curthread)->mod_data[oidp->oid_v_mod]; \ arg1 = cp + (size_t) arg1; \ break; \ + case V_PROCG: \ + cp = (char *) TD_TO_VPROCG(curthread); \ + arg1 = cp + (size_t) arg1; \ + break; \ default: \ panic("unsupported module id %d", oidp->oid_v_subs); \ } \ ==== //depot/projects/vimage-commit2/src/sys/sys/vimage.h#51 (text+ko) ==== @@ -138,15 +138,6 @@ void vnet_mod_deregister(const struct vnet_modinfo *); void vnet_mod_deregister_multi(const struct vnet_modinfo *, void *, char *); -int vi_td_ioctl(u_long, struct vi_req *, struct thread *); -int vi_if_move(struct vi_req *, struct ifnet *, struct vimage *); -void if_reassign_common(struct ifnet *, struct vnet *, const char *); - -struct vimage *vnet2vimage(struct vnet *); -struct vimage *vimage_by_name(struct vimage *, char *); -char *vnet_name(struct vnet *); -int vi_child_of(struct vimage *, struct vimage *); - #endif /* !VIMAGE_GLOBALS */ #ifdef VIMAGE_GLOBALS @@ -299,16 +290,8 @@ LIST_HEAD(vprocg_list_head, vprocg); extern struct vprocg_list_head vprocg_head; #define INIT_VPROCG(arg) struct vprocg *vprocg = (arg); -#define VPROCG_ITERLOOP_BEGIN() \ - struct vprocg *vprocg_iter; \ - LIST_FOREACH(vprocg_iter, &vprocg_head, vprocg_le) { - -#define VPROCG_ITERLOOP_END() \ - } #else #define INIT_VPROCG(arg) -#define VPROCG_ITERLOOP_BEGIN() -#define VPROCG_ITERLOOP_END() #endif #ifdef VIMAGE @@ -341,27 +324,6 @@ #define V_hostname VPROCG(hostname) #define V_domainname VPROCG(domainname) -#define V_morphing_symlinks VPROCG(morphing_symlinks) - -struct vi_req { - int req_action; /* What to do with this reqest? */ - u_short vi_proc_count; /* current number of processes */ - u_short vi_child_count; /* current number of child vnets */ - int vi_if_count; /* current number network interfaces */ - int vi_sock_count; - char vi_name[MAXPATHLEN]; - char vi_if_xname[MAXPATHLEN]; /* XXX should be IFNAMSIZ */ -}; - -#define VI_CREATE 0x00000001 -#define VI_DESTROY 0x00000002 -#define VI_MODIFY 0x00000004 -#define VI_SWITCHTO 0x00000008 -#define VI_IFACE 0x00000010 - -#define VI_GET 0x00000100 -#define VI_GETNEXT 0x00000200 -#define VI_GETNEXT_RECURSE 0x00000300 /* * Size-guards for the vimage structures.help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200905062256.n46MuAnE055819>