PERFORCE change 161689 for review

Wed May 6 22:56:13 UTC 2009

http://perforce.freebsd.org/chv.cgi?CH=161689

Change 161689 by zec at zec_tpx32 on 2009/05/06 22:55:55

	Another integ vc -> vc2.

Affected files ...

.. //depot/projects/vimage-commit2/src/sys/compat/svr4/svr4_stat.c#7 integrate
.. //depot/projects/vimage-commit2/src/sys/kern/init_main.c#9 integrate
.. //depot/projects/vimage-commit2/src/sys/kern/kern_exit.c#9 integrate
.. //depot/projects/vimage-commit2/src/sys/kern/kern_fork.c#9 integrate
.. //depot/projects/vimage-commit2/src/sys/kern/kern_jail.c#19 integrate
.. //depot/projects/vimage-commit2/src/sys/kern/kern_linker.c#12 integrate
.. //depot/projects/vimage-commit2/src/sys/kern/kern_prot.c#6 integrate
.. //depot/projects/vimage-commit2/src/sys/kern/kern_vimage.c#27 integrate
.. //depot/projects/vimage-commit2/src/sys/sys/sysctl.h#20 integrate
.. //depot/projects/vimage-commit2/src/sys/sys/vimage.h#51 integrate

Differences ...

==== //depot/projects/vimage-commit2/src/sys/compat/svr4/svr4_stat.c#7 (text+ko) ====

@@ -412,6 +412,7 @@
 	struct thread *td;
 	struct svr4_sys_systeminfo_args *uap;
 {
+	INIT_VPROCG(TD_TO_VPROCG(td));
 	char		*str = NULL;
 	int		error = 0;
 	register_t	*retval = td->td_retval;

==== //depot/projects/vimage-commit2/src/sys/kern/init_main.c#9 (text+ko) ====

@@ -454,7 +454,9 @@
 	p->p_ucred->cr_ruidinfo = uifind(0);
 	p->p_ucred->cr_prison = NULL;	/* Don't jail it. */
 #ifdef VIMAGE
-	p->p_ucred->cr_vimage = LIST_FIRST(&vimage_head);
+	P_TO_VIMAGE(p) =  LIST_FIRST(&vimage_head);
+	refcount_acquire(&P_TO_VIMAGE(p)->vi_ucredrefc);
+	LIST_FIRST(&vprocg_head)->nprocs++;
 #endif
 #ifdef AUDIT
 	audit_cred_kproc0(p->p_ucred);

==== //depot/projects/vimage-commit2/src/sys/kern/kern_exit.c#9 (text+ko) ====

@@ -70,6 +70,7 @@
 #include <sys/sdt.h>
 #include <sys/shm.h>
 #include <sys/sem.h>
+#include <sys/vimage.h>
 #ifdef KTRACE
 #include <sys/ktrace.h>
 #endif
@@ -737,6 +738,7 @@
 		nfound++;
 		PROC_SLOCK(p);
 		if (p->p_state == PRS_ZOMBIE) {
+			INIT_VPROCG(P_TO_VPROCG(p));
 			if (rusage) {
 				*rusage = p->p_ru;
 				calcru(p, &rusage->ru_utime, &rusage->ru_stime);
@@ -837,6 +839,9 @@
 			uma_zfree(proc_zone, p);
 			sx_xlock(&allproc_lock);
 			nprocs--;
+#ifdef VIMAGE
+			vprocg->nprocs--;
+#endif
 			sx_xunlock(&allproc_lock);
 			return (0);
 		}

==== //depot/projects/vimage-commit2/src/sys/kern/kern_fork.c#9 (text+ko) ====

@@ -350,6 +350,9 @@
 	 * are hard-limits as to the number of processes that can run.
 	 */
 	nprocs++;
+#ifdef VIMAGE
+	P_TO_VPROCG(p1)->nprocs++;
+#endif
 
 	/*
 	 * Find an unused process ID.  We remember a range of unused IDs

==== //depot/projects/vimage-commit2/src/sys/kern/kern_jail.c#19 (text+ko) ====

@@ -2219,6 +2219,10 @@
 		if (cred2->cr_prison != cred1->cr_prison)
 			return (ESRCH);
 	}
+#ifdef VIMAGE
+	if (cred2->cr_vimage->v_procg != cred1->cr_vimage->v_procg)
+		return (ESRCH);
+#endif
 
 	return (0);
 }

==== //depot/projects/vimage-commit2/src/sys/kern/kern_linker.c#12 (text+ko) ====

@@ -992,6 +992,12 @@
 	if ((error = priv_check(td, PRIV_KLD_LOAD)) != 0)
 		return (error);
 
+#ifdef VIMAGE
+	/* Only the default vimage is permitted to kldload modules. */
+	if (!IS_DEFAULT_VIMAGE(TD_TO_VIMAGE(td)))
+		return (EPERM);
+#endif
+
 	/*
 	 * It's possible that kldloaded module will attach a new ifnet,
 	 * so vnet context must be set when this ocurs.
@@ -1063,6 +1069,12 @@
 	if ((error = priv_check(td, PRIV_KLD_UNLOAD)) != 0)
 		return (error);
 
+#ifdef VIMAGE
+	/* Only the default vimage is permitted to kldunload modules. */
+	if (!IS_DEFAULT_VIMAGE(TD_TO_VIMAGE(td)))
+		return (EPERM);
+#endif
+
 	CURVNET_SET(TD_TO_VNET(td));
 	KLD_LOCK();
 	lf = linker_find_file_by_id(fileid);

==== //depot/projects/vimage-commit2/src/sys/kern/kern_prot.c#6 (text+ko) ====

@@ -1824,6 +1824,9 @@
 		 */
 		if (jailed(cr))
 			prison_free(cr->cr_prison);
+#ifdef VIMAGE
+		refcount_release(&cr->cr_vimage->vi_ucredrefc);
+#endif
 #ifdef AUDIT
 		audit_cred_destroy(cr);
 #endif
@@ -1859,6 +1862,10 @@
 	uihold(dest->cr_ruidinfo);
 	if (jailed(dest))
 		prison_hold(dest->cr_prison);
+#ifdef VIMAGE
+	KASSERT(src->cr_vimage != NULL, ("cr_vimage == NULL"));
+	refcount_acquire(&dest->cr_vimage->vi_ucredrefc);
+#endif
 #ifdef AUDIT
 	audit_cred_copy(src, dest);
 #endif

==== //depot/projects/vimage-commit2/src/sys/kern/kern_vimage.c#27 (text+ko) ====

@@ -59,6 +59,10 @@
 struct vimage_list_head vimage_head;
 struct vnet_list_head vnet_head;
 struct vprocg_list_head vprocg_head;
+#else
+#ifndef VIMAGE_GLOBALS
+struct vprocg vprocg_0;
+#endif
 #endif
 
 void

==== //depot/projects/vimage-commit2/src/sys/sys/sysctl.h#20 (text+ko) ====

@@ -459,6 +459,10 @@
 		    TD_TO_VNET(curthread)->mod_data[oidp->oid_v_mod];	\
 		arg1 = cp + (size_t) arg1;				\
 		break;							\
+	case V_PROCG:							\
+		cp = (char *) TD_TO_VPROCG(curthread);			\
+		arg1 = cp + (size_t) arg1;				\
+		break;							\
 	default:							\
 		panic("unsupported module id %d", oidp->oid_v_subs);	\
 	}								\

==== //depot/projects/vimage-commit2/src/sys/sys/vimage.h#51 (text+ko) ====

@@ -138,15 +138,6 @@
 void	vnet_mod_deregister(const struct vnet_modinfo *);
 void	vnet_mod_deregister_multi(const struct vnet_modinfo *, void *, char *);
 
-int vi_td_ioctl(u_long, struct vi_req *, struct thread *);
-int vi_if_move(struct vi_req *, struct ifnet *, struct vimage *);
-void if_reassign_common(struct ifnet *, struct vnet *, const char *);
-
-struct vimage *vnet2vimage(struct vnet *);
-struct vimage *vimage_by_name(struct vimage *, char *);
-char *vnet_name(struct vnet *);
-int vi_child_of(struct vimage *, struct vimage *);
-
 #endif /* !VIMAGE_GLOBALS */
 
 #ifdef VIMAGE_GLOBALS
@@ -299,16 +290,8 @@
 LIST_HEAD(vprocg_list_head, vprocg);
 extern struct vprocg_list_head vprocg_head;
 #define	INIT_VPROCG(arg)	struct vprocg *vprocg = (arg);
-#define	VPROCG_ITERLOOP_BEGIN()						\
-	struct vprocg *vprocg_iter;					\
-	LIST_FOREACH(vprocg_iter, &vprocg_head, vprocg_le) {
-  
-#define	VPROCG_ITERLOOP_END()						\
-	}	
 #else
 #define	INIT_VPROCG(arg)
-#define	VPROCG_ITERLOOP_BEGIN()
-#define	VPROCG_ITERLOOP_END()
 #endif
 
 #ifdef VIMAGE
@@ -341,27 +324,6 @@
 
 #define	V_hostname		VPROCG(hostname)
 #define	V_domainname		VPROCG(domainname)
-#define	V_morphing_symlinks	VPROCG(morphing_symlinks)
-
-struct vi_req {
-	int	req_action;		/* What to do with this reqest? */
-	u_short vi_proc_count;		/* current number of processes */
-	u_short vi_child_count;		/* current number of child vnets */
-	int	vi_if_count;		/* current number network interfaces */
-	int	vi_sock_count;
-	char	vi_name[MAXPATHLEN];
-	char	vi_if_xname[MAXPATHLEN]; /* XXX should be IFNAMSIZ */
-};
-
-#define	VI_CREATE		0x00000001
-#define	VI_DESTROY		0x00000002
-#define	VI_MODIFY		0x00000004
-#define	VI_SWITCHTO		0x00000008
-#define	VI_IFACE		0x00000010
-
-#define	VI_GET			0x00000100
-#define	VI_GETNEXT		0x00000200
-#define	VI_GETNEXT_RECURSE	0x00000300
 
 /*
  * Size-guards for the vimage structures.
