OpenBSD/src R9pG8Kf — sys/kern vfs_subr.c spec_vnops.c, sys/nfs nfs_vnops.c nfs_syscalls.c
eliminate bremfree macro, just an alias for bufcache_take.
ok claudio miod
OpenBSD/src W8BiOus — sys/kern vfs_syscalls.c vfs_vnops.c, sys/nfs nfs_serv.c nfs_vnops.c
remove VATTR_NULL() define, directly call vattr_null()
There used to be a predefined null vattr for !DIAGNOSTIC
but that was removed in vnode.h rev 1.84 in 2007.
ok semarie@ miod@
OpenBSD/src 6ez00fX — sys/miscfs/fifofs fifo_vnops.c, sys/msdosfs msdosfs_vfsops.c msdosfs_vnops.c
Put the bowels of the various VOP_PRINT routines under
defined(DEBUG) || defined(DIAGNOSTIC) || defined(VFSLCKDEBUG)
as they won't be used otherwise.
Shaves a few bytes off installation kernels.
ok kn@ semarie@
remove unneeded semicolons after switch statements
Ensure that file names passed back by readdir do not include a '/'
character. The '/' char is the path separator and is not allowed in
any filename.
NFS specific report by Apple Security Engineering and Architecture (SEAR).
Input from guenther@ and millert@
from claudio@; OK beck@ miod@
msdos already transfroms for Windows long names a '/' char into '?'.
Do the same for the 8.3 case as well.
This is not ideal since now it is possible that two files in the same
directory have the same name but the msdos code already does a lot of
this and so the problem already exists.
from claudio@; OK beck@ miod@
Do a basic sanity check that dirents returned via fuse are kind of sane.
[9 lines not shown] Ensure that file names passed back by readdir do not include a '/'
character. The '/' char is the path separator and is not allowed in
any filename.
NFS specific report by Apple Security Engineering and Architecture (SEAR).
Input from guenther@ and millert@
from claudio@; OK beck@ miod@
msdos already transfroms for Windows long names a '/' char into '?'.
Do the same for the 8.3 case as well.
This is not ideal since now it is possible that two files in the same
directory have the same name but the msdos code already does a lot of
this and so the problem already exists.
from claudio@; OK beck@ miod@
Do a basic sanity check that dirents returned via fuse are kind of sane.
[9 lines not shown] Ensure that file names passed back by readdir do not include a '/'
character. The '/' char is the path separator and is not allowed in
any filename.
NFS specific report by Apple Security Engineering and Architecture (SEAR).
Input from guenther@ and millert@
OK beck@ miod@
After calling m_freem() on nmi_mrep (or nmi_mreq) set the pointer to NULL.
Only do this if struct nfsm_info doesn't have local scope.
In some cases the caller would perfrom another m_freem and double free
the mbuf and Bad Things(TM) would happen.
Reported by Claes M Nyberg on bugs@; with & ok miod@
remove unused nfs_null()
ok miod@ mlarkin@
remove unneeded nfs_getreq() prototype
nfs_getreq() is in nfs_socket.c and not called from nfs_vnops.c
vfs: VOP_REMOVE: move vnode unlocking and ref dropping to FS-indep part
while here, ensure all vop_remove field are set, and always call the function.
the change is very conservative: it only adds vnode ref drop/unlock where it was
absent because it should be unreachable (and if it wasn't, it should fix
things).
ok miod@
remove unneeded includes
ok miod@ mpi@
Constify NFS data whenever possible. Also make a few more const data static.
ok jsg@ semarie@
Convert all the NFS macros (in nfsm_subs.h) into inline functions with the
appropriate extra arguments.
This (hopefully) completes the unmessyfication work started by thib@ a long,
long time ago (in a galaxy far away).
The conversion logic has been:
- nfsm_dissect has been turned into an rvalue expression, leaving the
cast operation up to its caller.
- macros which had three different exit paths (return, goto nfsmout or
fallthrough) have been split so that no macros have more than two exit paths.
- then they have been modified to return a value, which lets the caller
figure out what exit path is needed.
- local variables abused by the macros are now local variables of the new
inline functions.
This single commit is the sum of 25 intermediate diffs, which have all been
carefully reviewed by (at least) jsg@ and semarie@.
[3 lines not shown] correct indentation
no functional change, found by smatch warnings
ok miod@ bluhm@
Move the "no (hard) linking directories" and "no cross-mount links"
checks from all the filesystems that support hardlinks at all into
the VFS layer. Simplify, EPERM description in link(2).
ok miod@ mpi@
Don't redeclare s, it's already there.
noticed by miod@
ok kettenis@
Fix missing splbio() needed in nfs
ok claudio@ kettenis@
Delete obsolete /* ARGSUSED */ lint comments.
ok miod@ millert@
Put more struct vnode fields under splbio().
Buffer cache related struct vnode fields can be accessed in interrupt
context. Be more consistent with the use of splbio().
OK mpi@
Remove unused VOP_POLL().
OK mpi@
Add vnode parameter to VOP_STRATEGY()
Pass the device vnode as a parameter to VOP_STRATEGY() to allow calling
the correct vop_strategy callback. Now the vnode is also available
in the callback.
OK mpi@
OpenBSD/src uboVljS — sys/isofs/cd9660 cd9660_vnops.c, sys/miscfs/fifofs fifo_vnops.c
vfs: merge *_badop to vop_generic_badop
It replaces spec_badop, fifo_badop, dead_badop and mfs_badop, which
are only calls to panic(9), to one unique function vop_generic_badop().
No intented behaviour changes (outside the panic message which isn't
the same).
ok mpi@
spelling
In the previous commit, check tv_nsec, not tv_sec as VNOVAL is a
valid valuse of tv_sec but an invalid value for tv_nsec.
Noticed by guenther@. ok beck@ deraadt@
nfs_create: after an exclusive create rpc, make sure to update
timestamps.
This issue was iscovered after rsync 3.2 changed behaviour on an NFS
mounted partition.. Change lifted from NetBSD (r 1.204).
ok beck@, kn@, deraadt@
kernel: use gettime(9)/getuptime(9) in lieu of time_second(9)/time_uptime(9)
time_second(9) and time_uptime(9) are widely used in the kernel to
quickly get the system UTC or system uptime as a time_t. However,
time_t is 64-bit everywhere, so it is not generally safe to use them
on 32-bit platforms: you have a split-read problem if your hardware
cannot perform atomic 64-bit reads.
This patch replaces time_second(9) with gettime(9), a safer successor
interface, throughout the kernel. Similarly, time_uptime(9) is replaced
with getuptime(9).
There is a performance cost on 32-bit platforms in exchange for
eliminating the split-read problem: instead of two register reads you
now have a lockless read loop to pull the values from the timehands.
This is really not *too* bad in the grand scheme of things, but
compared to what we were doing before it is several times slower.
There is no performance cost on 64-bit (__LP64__) platforms.
[6 lines not shown]OpenBSD/src 23LLjmM — sys/isofs/cd9660 cd9660_vnops.c cd9660_extern.h, sys/nfs nfs_vnops.c
struct vops is not modified during runtime so use const which moves each
into read-only data segment.
OK deraadt@ tedu@
vwaitforio(9): tsleep(9) -> tsleep_nsec(9); ok visa@
Check for negative length integers in NFS server. A malicious
client could crash the server.
from bluhm@; OK tedu@
Check for negative length integers in NFS client. A malicious
server could confuse the client file system code.
from bluhm@; OK beck@
Check for negative length in NFS strings. This affects both, the
client and server.
from bluhm@; OK beck@
OpenBSD 6.3 errata 029
