PERFORCE change 42706 for review
Peter Wemm
peter at FreeBSD.org
Mon Nov 17 15:34:14 PST 2003
http://perforce.freebsd.org/chv.cgi?CH=42706
Change 42706 by peter at peter_daintree on 2003/11/17 15:33:16
IFC @42705
Affected files ...
.. //depot/projects/hammer/kerberos5/include/krb5-private.h#4 delete
.. //depot/projects/hammer/lib/libc/posix1e/mac.c#6 integrate
.. //depot/projects/hammer/sbin/vinum/commands.c#9 integrate
.. //depot/projects/hammer/sbin/vinum/vinum.8#7 integrate
.. //depot/projects/hammer/share/man/man7/hier.7#10 integrate
.. //depot/projects/hammer/sys/compat/linux/linux_getcwd.c#6 integrate
.. //depot/projects/hammer/sys/dev/ath/if_ath.c#12 integrate
.. //depot/projects/hammer/sys/dev/random/harvest.c#4 integrate
.. //depot/projects/hammer/sys/dev/random/hash.c#4 integrate
.. //depot/projects/hammer/sys/dev/random/randomdev.c#9 integrate
.. //depot/projects/hammer/sys/dev/random/randomdev.h#2 integrate
.. //depot/projects/hammer/sys/dev/random/yarrow.c#5 integrate
.. //depot/projects/hammer/sys/i386/i386/vm_machdep.c#17 integrate
.. //depot/projects/hammer/sys/i386/include/sf_buf.h#2 integrate
.. //depot/projects/hammer/sys/kern/kern_prot.c#10 integrate
.. //depot/projects/hammer/sys/netgraph/ng_eiface.c#5 integrate
.. //depot/projects/hammer/sys/netgraph/ng_etf.c#2 integrate
.. //depot/projects/hammer/sys/netinet/raw_ip.c#12 integrate
.. //depot/projects/hammer/sys/pc98/pc98/sio.c#13 integrate
.. //depot/projects/hammer/usr.sbin/cdcontrol/cdcontrol.1#5 integrate
.. //depot/projects/hammer/usr.sbin/cdcontrol/cdcontrol.c#8 integrate
.. //depot/projects/hammer/usr.sbin/moused/moused.c#5 integrate
Differences ...
==== //depot/projects/hammer/lib/libc/posix1e/mac.c#6 (text+ko) ====
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $FreeBSD: src/lib/libc/posix1e/mac.c,v 1.10 2003/11/15 04:05:49 rwatson Exp $
+ * $FreeBSD: src/lib/libc/posix1e/mac.c,v 1.11 2003/11/17 19:48:35 rwatson Exp $
*/
#include <sys/types.h>
@@ -55,7 +55,7 @@
*
* XXXMAC: Not thread-safe.
*/
-LIST_HEAD(, label_default) label_default_head;
+static LIST_HEAD(, label_default) label_default_head;
struct label_default {
char *ld_name;
char *ld_labels;
==== //depot/projects/hammer/sbin/vinum/commands.c#9 (text+ko) ====
@@ -37,7 +37,7 @@
* advised of the possibility of such damage.
*
* $Id: commands.c,v 1.52 2003/05/08 00:33:57 grog Exp $
- * $FreeBSD: src/sbin/vinum/commands.c,v 1.53 2003/06/12 05:55:59 grog Exp $
+ * $FreeBSD: src/sbin/vinum/commands.c,v 1.54 2003/11/17 15:56:00 rwatson Exp $
*/
#include "vext.h"
@@ -1509,7 +1509,8 @@
if (error != 0)
perror("Can't save Vinum config");
find_object(objectname, &type); /* find the index of the volume */
- make_vol_dev(vol.volno, 1); /* and create the devices */
+ if (no_devfs)
+ make_vol_dev(vol.volno, 1); /* and create the devices */
if (vflag) {
vflag--; /* XXX don't give too much detail */
find_object(objectname, &type); /* point to the volume */
@@ -1654,7 +1655,8 @@
if (error != 0)
perror("Can't save Vinum config");
find_object(objectname, &type); /* find the index of the volume */
- make_vol_dev(vol.volno, 1); /* and create the devices */
+ if (no_devfs)
+ make_vol_dev(vol.volno, 1); /* and create the devices */
if (vflag) {
vflag--; /* XXX don't give too much detail */
find_object(objectname, &type); /* point to the volume */
@@ -1798,7 +1800,8 @@
if (error != 0)
perror("Can't save Vinum config");
find_object(objectname, &type); /* find the index of the volume */
- make_vol_dev(vol.volno, 1); /* and create the devices */
+ if (no_devfs)
+ make_vol_dev(vol.volno, 1); /* and create the devices */
if (vflag) {
vflag--; /* XXX don't give too much detail */
find_object(objectname, &type); /* point to the volume */
@@ -1942,7 +1945,8 @@
if (error != 0)
perror("Can't save Vinum config");
find_object(objectname, &type); /* find the index of the volume */
- make_vol_dev(vol.volno, 1); /* and create the devices */
+ if (no_devfs)
+ make_vol_dev(vol.volno, 1); /* and create the devices */
if (vflag) {
vflag--; /* XXX don't give too much detail */
find_object(objectname, &type); /* point to the volume */
@@ -2118,7 +2122,8 @@
if (error != 0)
perror("Can't save Vinum config");
find_object(objectname, &type); /* find the index of the volume */
- make_vol_dev(vol.volno, 1); /* and create the devices */
+ if (no_devfs)
+ make_vol_dev(vol.volno, 1); /* and create the devices */
if (vflag) {
vflag--; /* XXX don't give too much detail */
sflag = 0; /* no stats, please */
==== //depot/projects/hammer/sbin/vinum/vinum.8#7 (text+ko) ====
@@ -35,7 +35,7 @@
.\" advised of the possibility of such damage.
.\"
.\" $Id: vinum.8,v 1.15 2001/05/14 01:10:37 grog Exp grog $
-.\" $FreeBSD: src/sbin/vinum/vinum.8,v 1.64 2003/09/08 19:57:18 ru Exp $
+.\" $FreeBSD: src/sbin/vinum/vinum.8,v 1.65 2003/11/17 16:04:52 rwatson Exp $
.\"
.Dd May 5, 2003
.Dt VINUM 8
@@ -2647,3 +2647,10 @@
.Xr vinum 4
volumes cannot be used with GEOM based facilities like
.Xr gbde 8 .
+.Pp
+.Xr vinum 4
+is unable to function on devices with a block size other than
+.Dv DEV_BSIZE
+(512), so cannot be used on swap-backed
+.Xr md 4
+devices.
==== //depot/projects/hammer/share/man/man7/hier.7#10 (text+ko) ====
@@ -30,7 +30,7 @@
.\" SUCH DAMAGE.
.\"
.\" @(#)hier.7 8.1 (Berkeley) 6/5/93
-.\" $FreeBSD: src/share/man/man7/hier.7,v 1.89 2003/11/08 18:01:44 rwatson Exp $
+.\" $FreeBSD: src/share/man/man7/hier.7,v 1.90 2003/11/17 17:29:04 gordon Exp $
.\"
.Dd June 5, 1993
.Dt HIER 7
@@ -131,6 +131,16 @@
.It Pa ssl/
OpenSSL configuration files
.El
+.It Pa /lib/
+critical system libraries needed for binaries in
+.Pa /bin
+and
+.Pa /sbin
+.It Pa /libexec/
+critical system utilites needed for binaries in
+.Pa /bin
+and
+.Pa /sbin
.It Pa /mnt/
empty directory commonly used by
system administrators as a temporary mount point
==== //depot/projects/hammer/sys/compat/linux/linux_getcwd.c#6 (text+ko) ====
@@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/compat/linux/linux_getcwd.c,v 1.13 2003/06/10 21:27:39 obrien Exp $");
+__FBSDID("$FreeBSD: src/sys/compat/linux/linux_getcwd.c,v 1.14 2003/11/17 18:57:20 rwatson Exp $");
#include "opt_compat.h"
#include "opt_mac.h"
@@ -162,7 +162,11 @@
* At this point, lvp is locked and will be unlocked by the lookup.
* On successful return, *uvpp will be locked
*/
- error = VOP_LOOKUP(lvp, uvpp, &cn);
+#ifdef MAC
+ error = mac_check_vnode_lookup(td->td_ucred, lvp, &cn);
+ if (error == 0)
+#endif
+ error = VOP_LOOKUP(lvp, uvpp, &cn);
if (error) {
vput(lvp);
*lvpp = NULL;
==== //depot/projects/hammer/sys/dev/ath/if_ath.c#12 (text+ko) ====
@@ -35,7 +35,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/dev/ath/if_ath.c,v 1.32 2003/11/13 05:35:07 sam Exp $");
+__FBSDID("$FreeBSD: src/sys/dev/ath/if_ath.c,v 1.35 2003/11/17 19:15:09 sam Exp $");
/*
* Driver for the Atheros Wireless LAN controller.
@@ -490,8 +490,15 @@
DPRINTF(("ath_bmiss_proc: pending %u\n", pending));
KASSERT(ic->ic_opmode == IEEE80211_M_STA,
("unexpect operating mode %u", ic->ic_opmode));
- if (ic->ic_state == IEEE80211_S_RUN)
- ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
+ if (ic->ic_state == IEEE80211_S_RUN) {
+ /*
+ * Rather than go directly to scan state, try to
+ * reassociate first. If that fails then the state
+ * machine will drop us into scanning after timing
+ * out waiting for a probe response.
+ */
+ ieee80211_new_state(ic, IEEE80211_S_ASSOC, -1);
+ }
}
static u_int
@@ -1705,7 +1712,8 @@
wh->i_fc[1] &= ~IEEE80211_FC1_WEP;
memcpy(&whbuf, wh, sizeof(whbuf));
m_adj(m, IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN);
- memcpy(mtod(m, caddr_t), &whbuf, sizeof(whbuf));
+ wh = mtod(m, struct ieee80211_frame *);
+ memcpy(wh, &whbuf, sizeof(whbuf));
/*
* Also trim WEP ICV from the tail.
*/
@@ -2741,11 +2749,11 @@
}
if (ni->ni_txrate != orate) {
- printf("%s: %dM -> %dM (%d ok, %d err, %d retr)\n",
+ DPRINTF(("%s: %dM -> %dM (%d ok, %d err, %d retr)\n",
__func__,
(rs->rs_rates[orate] & IEEE80211_RATE_VAL) / 2,
(rs->rs_rates[ni->ni_txrate] & IEEE80211_RATE_VAL) / 2,
- an->an_tx_ok, an->an_tx_err, an->an_tx_retr);
+ an->an_tx_ok, an->an_tx_err, an->an_tx_retr));
}
if (ni->ni_txrate != orate || enough)
an->an_tx_ok = an->an_tx_err = an->an_tx_retr = 0;
==== //depot/projects/hammer/sys/dev/random/harvest.c#4 (text+ko) ====
@@ -1,5 +1,5 @@
/*-
- * Copyright (c) 2000 Mark R V Murray
+ * Copyright (c) 2000, 2001, 2002, 2003 Mark R V Murray
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,19 +26,19 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/dev/random/harvest.c,v 1.20 2003/08/24 17:54:21 obrien Exp $");
+__FBSDID("$FreeBSD: src/sys/dev/random/harvest.c,v 1.21 2003/11/17 23:02:21 markm Exp $");
#include <sys/param.h>
-#include <sys/systm.h>
-#include <sys/types.h>
-#include <sys/queue.h>
#include <sys/kthread.h>
#include <sys/lock.h>
+#include <sys/malloc.h>
#include <sys/mutex.h>
#include <sys/poll.h>
+#include <sys/queue.h>
+#include <sys/random.h>
#include <sys/selinfo.h>
#include <sys/sysctl.h>
-#include <sys/random.h>
+#include <sys/systm.h>
#include <machine/cpu.h>
==== //depot/projects/hammer/sys/dev/random/hash.c#4 (text+ko) ====
@@ -1,5 +1,5 @@
/*-
- * Copyright (c) 2000 Mark R V Murray
+ * Copyright (c) 2000, 2001, 2002, 2003 Mark R V Murray
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,7 +26,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/dev/random/hash.c,v 1.10 2003/08/24 17:54:21 obrien Exp $");
+__FBSDID("$FreeBSD: src/sys/dev/random/hash.c,v 1.11 2003/11/17 23:02:21 markm Exp $");
#include <sys/param.h>
#include <sys/systm.h>
==== //depot/projects/hammer/sys/dev/random/randomdev.c#9 (text+ko) ====
@@ -1,5 +1,5 @@
/*-
- * Copyright (c) 2000 Mark R V Murray
+ * Copyright (c) 2000, 2001, 2002, 2003 Mark R V Murray
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,7 +26,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/dev/random/randomdev.c,v 1.44 2003/11/09 09:17:21 tanimura Exp $");
+__FBSDID("$FreeBSD: src/sys/dev/random/randomdev.c,v 1.45 2003/11/17 23:02:21 markm Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -53,41 +53,40 @@
#include <dev/random/randomdev.h>
-static d_open_t random_open;
static d_close_t random_close;
static d_read_t random_read;
static d_write_t random_write;
static d_ioctl_t random_ioctl;
static d_poll_t random_poll;
-#define CDEV_MAJOR 2
-#define RANDOM_MINOR 3
+#define RANDOM_MINOR 0
+
+#define RANDOM_FIFO_MAX 256 /* How many events to queue up */
static struct cdevsw random_cdevsw = {
- .d_open = random_open,
.d_close = random_close,
.d_read = random_read,
.d_write = random_write,
.d_ioctl = random_ioctl,
.d_poll = random_poll,
.d_name = "random",
- .d_maj = CDEV_MAJOR,
};
static void random_kthread(void *);
static void random_harvest_internal(u_int64_t, void *, u_int, u_int, u_int, enum esource);
static void random_write_internal(void *, int);
-/* Ring buffer holding harvested entropy */
-static struct harvestring {
- volatile u_int head;
- volatile u_int tail;
- struct harvest data[HARVEST_RING_SIZE];
-} harvestring;
+MALLOC_DEFINE(M_ENTROPY, "entropy", "Entropy harvesting buffers");
+
+/* FIFO queues holding harvested entropy */
+static struct harvestfifo {
+ struct mtx lock;
+ int count;
+ STAILQ_HEAD(harvestlist, harvest) head;
+} harvestfifo[ENTROPYSOURCE];
static struct random_systat {
u_int seeded; /* 0 causes blocking 1 allows normal output */
- u_int burst; /* number of events to do before sleeping */
struct selinfo rsel; /* For poll(2) */
} random_systat;
@@ -109,8 +108,6 @@
return sysctl_handle_int(oidp, oidp->oid_arg1, oidp->oid_arg2, req);
}
-RANDOM_CHECK_UINT(burst, 0, 20);
-
SYSCTL_NODE(_kern, OID_AUTO, random, CTLFLAG_RW,
0, "Random Number Generator");
SYSCTL_NODE(_kern_random, OID_AUTO, sys, CTLFLAG_RW,
@@ -118,9 +115,6 @@
SYSCTL_PROC(_kern_random_sys, OID_AUTO, seeded,
CTLTYPE_INT|CTLFLAG_RW, &random_systat.seeded, 1,
random_check_boolean, "I", "Seeded State");
-SYSCTL_PROC(_kern_random_sys, OID_AUTO, burst,
- CTLTYPE_INT|CTLFLAG_RW, &random_systat.burst, 20,
- random_check_uint_burst, "I", "Harvest Burst Size");
SYSCTL_NODE(_kern_random_sys, OID_AUTO, harvest, CTLFLAG_RW,
0, "Entropy Sources");
SYSCTL_PROC(_kern_random_sys_harvest, OID_AUTO, ethernet,
@@ -138,28 +132,10 @@
/* ARGSUSED */
static int
-random_open(dev_t dev __unused, int flags, int fmt __unused, struct thread *td)
-{
- int error;
-
- if (flags & FWRITE) {
- error = suser(td);
- if (error)
- return (error);
- error = securelevel_gt(td->td_ucred, 0);
- if (error)
- return (error);
- }
- return 0;
-}
-
-/* ARGSUSED */
-static int
random_close(dev_t dev __unused, int flags, int fmt __unused, struct thread *td)
{
if (flags & FWRITE) {
- if (!(suser(td) ||
- securelevel_gt(td->td_ucred, 0)))
+ if (suser(td) == 0 && securelevel_gt(td->td_ucred, 0) == 0)
random_reseed();
}
return 0;
@@ -250,7 +226,8 @@
static int
random_modevent(module_t mod __unused, int type, void *data __unused)
{
- int error;
+ int error, i;
+ struct harvest *np;
switch(type) {
case MOD_LOAD:
@@ -261,15 +238,13 @@
*/
random_systat.seeded = 1;
- /* Number of envents to process off the harvest
- * queue before giving it a break and sleeping
- */
- random_systat.burst = 20;
+ /* Initialise the harvest fifos */
+ for (i = 0; i < ENTROPYSOURCE; i++) {
+ STAILQ_INIT(&harvestfifo[i].head);
+ harvestfifo[i].count = 0;
+ mtx_init(&harvestfifo[i].lock, "entropy harvest", NULL, MTX_DEF);
+ }
- /* Initialise the harvest ringbuffer */
- harvestring.head = 0;
- harvestring.tail = 0;
-
if (bootverbose)
printf("random: <entropy source>\n");
random_dev = make_dev(&random_cdevsw, RANDOM_MINOR, UID_ROOT,
@@ -298,6 +273,16 @@
random_kthread_control = -1;
tsleep((void *)&random_kthread_control, PUSER, "term", 0);
+ /* Destroy the harvest fifos */
+ for (i = 0; i < ENTROPYSOURCE; i++) {
+ while (!STAILQ_EMPTY(&harvestfifo[i].head)) {
+ np = STAILQ_FIRST(&harvestfifo[i].head);
+ STAILQ_REMOVE_HEAD(&harvestfifo[i].head, next);
+ free(np, M_ENTROPY);
+ }
+ mtx_destroy(&harvestfifo[i].lock);
+ }
+
random_deinit();
destroy_dev(random_dev);
@@ -318,51 +303,53 @@
static void
random_kthread(void *arg __unused)
{
- struct harvest *event;
- u_int newtail, burst;
+ struct harvest *event = NULL;
+ int found, active;
+ enum esource source;
+
+ /* Process until told to stop */
+ for (; random_kthread_control == 0;) {
+
+ active = 0;
+
+ /* Cycle through all the entropy sources */
+ for (source = 0; source < ENTROPYSOURCE; source++) {
- /* Drain the harvest queue (in 'burst' size chunks,
- * if 'burst' > 0. If 'burst' == 0, then completely
- * drain the queue.
- */
- for (burst = 0; ; burst++) {
+ found = 0;
- if ((harvestring.tail == harvestring.head) ||
- (random_systat.burst && burst == random_systat.burst)) {
- tsleep(&harvestring, PUSER, "-", hz/10);
- burst = 0;
+ /* Lock up queue draining */
+ mtx_lock(&harvestfifo[source].lock);
- }
- else {
+ if (!STAILQ_EMPTY(&harvestfifo[source].head)) {
- /* Suck a harvested entropy event out of the queue and
- * hand it to the event processor
- */
+ /* Get a harvested entropy event */
+ harvestfifo[source].count--;
+ event = STAILQ_FIRST(&harvestfifo[source].head);
+ STAILQ_REMOVE_HEAD(&harvestfifo[source].head,
+ next);
+ active = found = 1;
- newtail = (harvestring.tail + 1) & HARVEST_RING_MASK;
- event = &harvestring.data[harvestring.tail];
+ }
- /* Bump the ring counter. This action is assumed
- * to be atomic.
- */
- harvestring.tail = newtail;
+ /* Unlock the queue */
+ mtx_unlock(&harvestfifo[source].lock);
- random_process_event(event);
+ /* Deal with the event and dispose of it */
+ if (found) {
+ random_process_event(event);
+ free(event, M_ENTROPY);
+ }
}
- /* Is the thread scheduled for a shutdown? */
- if (random_kthread_control != 0) {
-#ifdef DEBUG
- printf("Random kthread setting terminate\n");
-#endif
- random_set_wakeup_exit(&random_kthread_control);
- /* NOTREACHED */
- break;
- }
+ /* Found nothing, so don't belabour the issue */
+ if (!active)
+ tsleep(&harvestfifo, PUSER, "-", hz/10);
}
+ random_set_wakeup_exit(&random_kthread_control);
+ /* NOTREACHED */
}
/* Entropy harvesting routine. This is supposed to be fast; do
@@ -372,34 +359,38 @@
random_harvest_internal(u_int64_t somecounter, void *entropy, u_int count,
u_int bits, u_int frac, enum esource origin)
{
- struct harvest *pharvest;
- u_int newhead;
+ struct harvest *event;
- newhead = (harvestring.head + 1) & HARVEST_RING_MASK;
+ /* Lock the particular fifo */
+ mtx_lock(&harvestfifo[origin].lock);
- if (newhead != harvestring.tail) {
+ /* Don't make the harvest queues too big - memory is precious */
+ if (harvestfifo[origin].count < RANDOM_FIFO_MAX) {
+
+ event = malloc(sizeof(struct harvest), M_ENTROPY, M_NOWAIT);
- /* Add the harvested data to the ring buffer */
+ /* If we can't malloc() a buffer, tough */
+ if (event) {
- pharvest = &harvestring.data[harvestring.head];
+ /* Add the harvested data to the fifo */
+ harvestfifo[origin].count++;
+ event->somecounter = somecounter;
+ event->size = count;
+ event->bits = bits;
+ event->frac = frac;
+ event->source = origin;
- /* Stuff the harvested data into the ring */
- pharvest->somecounter = somecounter;
- count = count > HARVESTSIZE ? HARVESTSIZE : count;
- memcpy(pharvest->entropy, entropy, count);
- pharvest->size = count;
- pharvest->bits = bits;
- pharvest->frac = frac;
- pharvest->source =
- origin < ENTROPYSOURCE ? origin : RANDOM_START;
+ /* XXXX Come back and make this dynamic! */
+ count = count > HARVESTSIZE ? HARVESTSIZE : count;
+ memcpy(event->entropy, entropy, count);
- /* Bump the ring counter. This action is assumed
- * to be atomic.
- */
- harvestring.head = newhead;
+ STAILQ_INSERT_TAIL(&harvestfifo[origin].head, event, next);
+ }
}
+ mtx_unlock(&harvestfifo[origin].lock);
+
}
static void
==== //depot/projects/hammer/sys/dev/random/randomdev.h#2 (text+ko) ====
@@ -23,7 +23,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
- * $FreeBSD: src/sys/dev/random/randomdev.h,v 1.3 2002/03/03 19:44:22 markm Exp $
+ * $FreeBSD: src/sys/dev/random/randomdev.h,v 1.4 2003/11/17 23:02:21 markm Exp $
*/
/* This header contains only those definitions that are global
@@ -46,14 +46,17 @@
SYSCTL_DECL(_kern_random);
+MALLOC_DECLARE(M_ENTROPY);
+
/* These are used to queue harvested packets of entropy. The entropy
* buffer size is pretty arbitrary.
*/
struct harvest {
- u_int64_t somecounter; /* fast counter for clock jitter */
+ uintmax_t somecounter; /* fast counter for clock jitter */
u_char entropy[HARVESTSIZE]; /* the harvested entropy */
u_int size, bits, frac; /* stats about the entropy */
enum esource source; /* stats about the entropy */
+ STAILQ_ENTRY(harvest) next; /* next item on the list */
};
void random_init(void);
==== //depot/projects/hammer/sys/dev/random/yarrow.c#5 (text+ko) ====
@@ -1,5 +1,5 @@
/*-
- * Copyright (c) 2000 Mark R V Murray
+ * Copyright (c) 2000, 2001, 2002, 2003 Mark R V Murray
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -26,15 +26,16 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/dev/random/yarrow.c,v 1.42 2003/08/24 17:54:21 obrien Exp $");
+__FBSDID("$FreeBSD: src/sys/dev/random/yarrow.c,v 1.43 2003/11/17 23:02:21 markm Exp $");
#include <sys/param.h>
-#include <sys/systm.h>
#include <sys/kernel.h>
#include <sys/lock.h>
+#include <sys/malloc.h>
#include <sys/mutex.h>
#include <sys/random.h>
#include <sys/sysctl.h>
+#include <sys/systm.h>
#include <crypto/rijndael/rijndael.h>
#include <crypto/sha2/sha2.h>
@@ -43,8 +44,6 @@
#include <dev/random/randomdev.h>
#include <dev/random/yarrow.h>
-/* #define DEBUG */
-
RANDOM_CHECK_UINT(gengateinterval, 4, 64);
RANDOM_CHECK_UINT(bins, 2, 16);
RANDOM_CHECK_UINT(fastthresh, BLOCKSIZE/4, BLOCKSIZE);
@@ -164,10 +163,6 @@
u_int i;
enum esource j;
-#ifdef DEBUG
- printf("Reseed type %d\n", fastslow);
-#endif
-
/* The reseed task must not be jumped on */
mtx_lock(&random_reseed_mtx);
@@ -240,10 +235,6 @@
/* Release the reseed mutex */
mtx_unlock(&random_reseed_mtx);
-#ifdef DEBUG
- printf("Reseed finish\n");
-#endif
-
/* Unblock the device if it was blocked due to being unseeded */
random_unblock();
}
@@ -315,10 +306,6 @@
u_int i;
u_char temp[KEYSIZE];
-#ifdef DEBUG
- printf("Generator gate\n");
-#endif
-
for (i = 0; i < KEYSIZE; i += sizeof(random_state.counter)) {
random_state.counter[0]++;
yarrow_encrypt(&random_state.key, random_state.counter,
@@ -328,9 +315,6 @@
yarrow_encrypt_init(&random_state.key, temp);
memset((void *)temp, 0, KEYSIZE);
-#ifdef DEBUG
- printf("Generator gate finish\n");
-#endif
}
/* Helper routine to perform explicit reseeds */
==== //depot/projects/hammer/sys/i386/i386/vm_machdep.c#17 (text+ko) ====
@@ -41,7 +41,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/i386/i386/vm_machdep.c,v 1.218 2003/11/16 23:40:06 alc Exp $");
+__FBSDID("$FreeBSD: src/sys/i386/i386/vm_machdep.c,v 1.219 2003/11/17 18:22:24 alc Exp $");
#include "opt_npx.h"
#ifdef PC98
@@ -100,17 +100,24 @@
static void sf_buf_init(void *arg);
SYSINIT(sock_sf, SI_SUB_MBUF, SI_ORDER_ANY, sf_buf_init, NULL)
+LIST_HEAD(sf_head, sf_buf);
+
/*
- * Expanded sf_freelist head. Really an SLIST_HEAD() in disguise, with the
- * sf_freelist head with the sf_lock mutex.
+ * A hash table of active sendfile(2) buffers
*/
-static struct {
- SLIST_HEAD(, sf_buf) sf_head;
- struct mtx sf_lock;
-} sf_freelist;
+static struct sf_head *sf_buf_active;
+static u_long sf_buf_hashmask;
+
+#define SF_BUF_HASH(m) (((m) - vm_page_array) & sf_buf_hashmask)
+static struct sf_head sf_buf_freelist;
static u_int sf_buf_alloc_want;
+/*
+ * A lock used to synchronize access to the hash table and free list
+ */
+static struct mtx sf_buf_lock;
+
extern int _ucodesel, _udatasel;
/*
@@ -575,16 +582,17 @@
vm_offset_t sf_base;
int i;
- mtx_init(&sf_freelist.sf_lock, "sf_bufs list lock", NULL, MTX_DEF);
- SLIST_INIT(&sf_freelist.sf_head);
+ sf_buf_active = hashinit(nsfbufs, M_TEMP, &sf_buf_hashmask);
+ LIST_INIT(&sf_buf_freelist);
sf_base = kmem_alloc_nofault(kernel_map, nsfbufs * PAGE_SIZE);
sf_bufs = malloc(nsfbufs * sizeof(struct sf_buf), M_TEMP,
M_NOWAIT | M_ZERO);
for (i = 0; i < nsfbufs; i++) {
sf_bufs[i].kva = sf_base + i * PAGE_SIZE;
- SLIST_INSERT_HEAD(&sf_freelist.sf_head, &sf_bufs[i], free_list);
+ LIST_INSERT_HEAD(&sf_buf_freelist, &sf_bufs[i], list_entry);
}
sf_buf_alloc_want = 0;
+ mtx_init(&sf_buf_lock, "sf_buf", NULL, MTX_DEF);
}
/*
@@ -593,13 +601,21 @@
struct sf_buf *
sf_buf_alloc(struct vm_page *m)
{
+ struct sf_head *hash_list;
struct sf_buf *sf;
int error;
- mtx_lock(&sf_freelist.sf_lock);
- while ((sf = SLIST_FIRST(&sf_freelist.sf_head)) == NULL) {
+ hash_list = &sf_buf_active[SF_BUF_HASH(m)];
+ mtx_lock(&sf_buf_lock);
+ LIST_FOREACH(sf, hash_list, list_entry) {
+ if (sf->m == m) {
+ sf->ref_count++;
+ goto done;
+ }
+ }
+ while ((sf = LIST_FIRST(&sf_buf_freelist)) == NULL) {
sf_buf_alloc_want++;
- error = msleep(&sf_freelist, &sf_freelist.sf_lock, PVM|PCATCH,
+ error = msleep(&sf_buf_freelist, &sf_buf_lock, PVM|PCATCH,
"sfbufa", 0);
sf_buf_alloc_want--;
@@ -607,14 +623,15 @@
* If we got a signal, don't risk going back to sleep.
*/
if (error)
- break;
+ goto done;
}
- if (sf != NULL) {
- SLIST_REMOVE_HEAD(&sf_freelist.sf_head, free_list);
- sf->m = m;
- pmap_qenter(sf->kva, &sf->m, 1);
- }
- mtx_unlock(&sf_freelist.sf_lock);
+ LIST_REMOVE(sf, list_entry);
+ LIST_INSERT_HEAD(hash_list, sf, list_entry);
+ sf->ref_count = 1;
+ sf->m = m;
+ pmap_qenter(sf->kva, &sf->m, 1);
+done:
+ mtx_unlock(&sf_buf_lock);
return (sf);
}
@@ -628,8 +645,19 @@
struct vm_page *m;
sf = args;
- pmap_qremove((vm_offset_t)addr, 1);
+ mtx_lock(&sf_buf_lock);
m = sf->m;
+ sf->ref_count--;
+ if (sf->ref_count == 0) {
+ pmap_qremove((vm_offset_t)addr, 1);
+ sf->m = NULL;
+ LIST_REMOVE(sf, list_entry);
+ LIST_INSERT_HEAD(&sf_buf_freelist, sf, list_entry);
+ if (sf_buf_alloc_want > 0)
+ wakeup_one(&sf_buf_freelist);
+ }
+ mtx_unlock(&sf_buf_lock);
+
vm_page_lock_queues();
vm_page_unwire(m, 0);
/*
@@ -640,12 +668,6 @@
if (m->wire_count == 0 && m->object == NULL)
vm_page_free(m);
vm_page_unlock_queues();
- sf->m = NULL;
- mtx_lock(&sf_freelist.sf_lock);
- SLIST_INSERT_HEAD(&sf_freelist.sf_head, sf, free_list);
- if (sf_buf_alloc_want > 0)
- wakeup_one(&sf_freelist);
- mtx_unlock(&sf_freelist.sf_lock);
}
/*
==== //depot/projects/hammer/sys/i386/include/sf_buf.h#2 (text+ko) ====
@@ -23,7 +23,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $FreeBSD: src/sys/i386/include/sf_buf.h,v 1.1 2003/11/16 06:11:25 alc Exp $
+ * $FreeBSD: src/sys/i386/include/sf_buf.h,v 1.2 2003/11/17 18:22:23 alc Exp $
*/
#ifndef _MACHINE_SF_BUF_H_
@@ -34,9 +34,10 @@
struct vm_page;
struct sf_buf {
- SLIST_ENTRY(sf_buf) free_list; /* list of free buffer slots */
+ LIST_ENTRY(sf_buf) list_entry; /* list of buffers */
struct vm_page *m; /* currently mapped page */
vm_offset_t kva; /* va of mapping */
+ int ref_count; /* usage of this mapping */
};
static __inline vm_offset_t
==== //depot/projects/hammer/sys/kern/kern_prot.c#10 (text+ko) ====
@@ -44,7 +44,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/kern/kern_prot.c,v 1.177 2003/10/23 21:20:34 jhb Exp $");
+__FBSDID("$FreeBSD: src/sys/kern/kern_prot.c,v 1.178 2003/11/17 20:20:53 rwatson Exp $");
#include "opt_compat.h"
#include "opt_mac.h"
@@ -1323,6 +1323,46 @@
return (0);
}
+/*
+ * 'see_other_gids' determines whether or not visibility of processes
+ * and sockets with credentials holding different real gids is possible
+ * using a variety of system MIBs.
+ * XXX: data declarations should be together near the beginning of the file.
+ */
+static int see_other_gids = 1;
+SYSCTL_INT(_security_bsd, OID_AUTO, see_other_gids, CTLFLAG_RW,
+ &see_other_gids, 0,
+ "Unprivileged processes may see subjects/objects with different real gid");
+
+/*
+ * Determine if u1 can "see" the subject specified by u2, according to the
+ * 'see_other_gids' policy.
+ * Returns: 0 for permitted, ESRCH otherwise
+ * Locks: none
+ * References: *u1 and *u2 must not change during the call
+ * u1 may equal u2, in which case only one reference is required
+ */
+static int
+cr_seeothergids(struct ucred *u1, struct ucred *u2)
+{
+ int i, match;
+
+ if (!see_other_gids) {
+ match = 0;
+ for (i = 0; i < u1->cr_ngroups; i++) {
+ if (groupmember(u1->cr_groups[i], u2))
+ match = 1;
+ if (match)
+ break;
+ }
+ if (!match) {
+ if (suser_cred(u1, PRISON_ROOT) != 0)
+ return (ESRCH);
+ }
+ }
+ return (0);
+}
+
/*-
* Determine if u1 "can see" the subject specified by u2.
* Returns: 0 for permitted, an errno value otherwise
@@ -1343,6 +1383,8 @@
#endif
if ((error = cr_seeotheruids(u1, u2)))
return (error);
+ if ((error = cr_seeothergids(u1, u2)))
+ return (error);
return (0);
}
@@ -1400,8 +1442,9 @@
if ((error = mac_check_proc_signal(cred, proc, signum)))
return (error);
#endif
- error = cr_seeotheruids(cred, proc->p_ucred);
- if (error)
+ if ((error = cr_seeotheruids(cred, proc->p_ucred)))
+ return (error);
+ if ((error = cr_seeothergids(cred, proc->p_ucred)))
return (error);
/*
@@ -1508,6 +1551,8 @@
#endif
if ((error = cr_seeotheruids(td->td_ucred, p->p_ucred)))
return (error);
+ if ((error = cr_seeothergids(td->td_ucred, p->p_ucred)))
+ return (error);
if (td->td_ucred->cr_ruid == p->p_ucred->cr_ruid)
return (0);
if (td->td_ucred->cr_uid == p->p_ucred->cr_ruid)
@@ -1569,6 +1614,8 @@
#endif
if ((error = cr_seeotheruids(td->td_ucred, p->p_ucred)))
return (error);
+ if ((error = cr_seeothergids(td->td_ucred, p->p_ucred)))
+ return (error);
/*
* Is p's group set a subset of td's effective group set? This
@@ -1648,6 +1695,8 @@
#endif
if (cr_seeotheruids(cred, so->so_cred))
return (ENOENT);
+ if (cr_seeothergids(cred, so->so_cred))
+ return (ENOENT);
return (0);
>>> TRUNCATED FOR MAIL (1000 lines) <<<
More information about the p4-projects
mailing list