| Age | Commit message (Collapse) | Author |
|---|
|
Handle multiple request types as recommended by the Mach Server
Writer's Guide section 4, subsection "Handling Multiple Request
Types". This avoids initializing the reply message in every X_server
function.
* trans/proxy-defpager.c (proxy_defpager_demuxer): Improve the demuxer
function.
* trans/streamio.c (demuxer): Likewise.
|
|
Various realworld tests would otherwise think they can write to /, while
they actually can't.
* trans/fakeroot.c (netfs_report_access): Call file_check_access instead of
returning O_RDWR|O_EXEC when faking mode too.
|
|
So we will always be able to re-open them.
* trans/fakeroot.c (netfs_S_dir_lookup): Call real_from_fake_mode() on modes
before calling the underlying filesystem's dir_lookup.
|
|
libtrivfs contains two ways of managing more than one port class and
bucket. There is the old way of using a statically allocated array
with explicit length, and the new way with dynamically allocated
vectors.
Converting all users to the new way of handling multiple classes
and/or buckets, we can simplify the code in libtrivfs. In many cases,
the code will be simpler and more expressive for the user.
This also fixes a severe bug. As no classes are given to
`trivfs_startup', they are created and inserted into the dynamic
vector of classes. The helper function `allowed', however, used the
first item of the previously used static array, which is NULL. This
circumvented the typecheck, allowing the default pager protocol to be
spoken over control ports, likely resulting in a crash.
* trans/proxy-defpager.c: Convert to dynamic classes and buckets.
|
|
libtrivfs contains two ways of managing more than one port class and
bucket. There is the old way of using a statically allocated array
with explicit length, and the new way with dynamically allocated
vectors.
Converting all users to the new way of handling multiple classes
and/or buckets, we can simplify the code in libtrivfs. In many cases,
the code will be simpler and more expressive for the user.
This also fixes a mild bug. The classes and buckets given to
`trivfs_startup' end up in the dynamic vectors too, making the object
lookup code use the more complicated code path.
* trans/password.c: Convert to dynamic classes and buckets.
|
|
libtrivfs contains two ways of managing more than one port class and
bucket. There is the old way of using a statically allocated array
with explicit length, and the new way with dynamically allocated
vectors.
Converting all users to the new way of handling multiple classes
and/or buckets, we can simplify the code in libtrivfs. In many cases,
the code will be simpler and more expressive for the user.
This also fixes a mild bug. The classes and buckets given to
`trivfs_startup' end up in the dynamic vectors too, making the object
lookup code use the more complicated code path.
* trans/new-fifo.c: Convert to dynamic classes and buckets.
|
|
libtrivfs contains two ways of managing more than one port class and
bucket. There is the old way of using a statically allocated array
with explicit length, and the new way with dynamically allocated
vectors.
Converting all users to the new way of handling multiple classes
and/or buckets, we can simplify the code in libtrivfs. In many cases,
the code will be simpler and more expressive for the user.
This also fixes a severe bug. As no classes are given to
`trivfs_startup', they are created and inserted into the dynamic
vector of classes. The server function `trivfs_S_fsys_forward',
however, used the first item of the previously used static array,
which is NULL. This circumvented the typecheck.
* trans/magic.c: Convert to dynamic classes and buckets.
|
|
libtrivfs contains two ways of managing more than one port class and
bucket. There is the old way of using a statically allocated array
with explicit length, and the new way with dynamically allocated
vectors.
Converting all users to the new way of handling multiple classes
and/or buckets, we can simplify the code in libtrivfs. In many cases,
the code will be simpler and more expressive for the user.
This also fixes a mild bug. The classes and buckets given to
`trivfs_startup' end up in the dynamic vectors too, making the object
lookup code use the more complicated code path.
* trans/ifsock.c: Convert to dynamic classes and buckets.
|
|
libtrivfs contains two ways of managing more than one port class and
bucket. There is the old way of using a statically allocated array
with explicit length, and the new way with dynamically allocated
vectors.
Converting all users to the new way of handling multiple classes
and/or buckets, we can simplify the code in libtrivfs. In many cases,
the code will be simpler and more expressive for the user.
This also fixes a mild bug. The classes and buckets given to
`trivfs_startup' end up in the dynamic vectors too, making the object
lookup code use the more complicated code path.
* trans/crash.c: Convert to dynamic classes and buckets.
|
|
We should not wait for a writer in that case, since that will be ourself.
* trans/fifo.c (open_hook): Do not wait for a writer when flags contains
O_WRITE.
|
|
Otherwise some scripts may try to modify system files just because they find
they seem to be able to.
* trans/fakeroot.c (netfs_report_access): When FAKE_MODE is not set on
`np', call file_check_access on the underlying node instead of returning
O_RDWR|O_EXEC.
|
|
Fakeroot does not support faking them anyway, and they may change on the
underlying fs, e.g. when creating a local socket.
* trans/fakeroot.c (netfs_validate_stat): Return S_IFMT part of st_mode as
provided by underlying filesystem.
|
|
As well as other potential mode changes which are indeed supposed to still
work as root.
* trans/fakeroot.c (netfs_attempt_chmod): Always set S_IRUSR and S_IWUSR in
real_mode, and set S_IXUSR also when this is a directory.
|
|
Huge thanks to Svante Signell for having tracked the bug.
* trans/fakeroot.c (netfs_attempt_chmod): Make the file_chmod call
additionally include the modes from nn->openmodes.
|
|
* trans/fakeroot.c (check_openmodes): Make comment clearer about missing new
openmodes.
|
|
Thanks Svante Signell for the investigation and proposed patch.
* trans/fakeroot.c (new_node): Assert that `openmodes' includes only
O_RDWR|O_EXEC
(check_openmodes): Likewise with `newmodes'.
(netfs_S_dir_lookup): Keep only O_RDWR|O_EXEC from `flags' when calling
new_node.
|
|
* trans/fakeroot.c (netfs_set_translator): New function.
|
|
|
|
* trans/fakeroot.c (new_node): Initialize faked field to FAKE_DEFAULT.
|
|
Their faked field was not initialized.
Thanks a lot to Svante Signell for the investigation
* trans/fakeroot.c (new_node): Initialize faked field of nn to 0.
(netfs_attempt_mkfile): Call set_default_attributes on newly-allocated node,
and if the real mode is not the same as the requested mode, fake the mode.
|
|
`fsysServer' is only used by the symlink translator which does not use
libports. Therefor, it is not necessary to use the default payload to
port translation function.
* trans/Makefile (fsys-MIGSFLAGS): Disable the default payload to port
translation function.
|
|
* trans/Makefile (device_reply-MIGSFLAGS): Define MACH_PAYLOAD_TO_PORT.
|
|
* trans/Makefile (password-MIGSFLAGS): Add mutator.
|
|
* trans/Makefile (ifsock-MIGSFLAGS): Add mutator.
|
|
* trans/fakeroot.c (netfs_demuxer): Make the demuxer payload-aware.
|
|
* trans/mtab.c (struct mtab): Add a hash table to keep track of seen
ports.
(mtab_mark_as_seen): New function that records the identity port of a
given node in the hash table and reports whether it has been there
before.
(mtab_populate): Use the new function to avoid running in circles.
(main, open_hook): Initialize hash table.
(close_hook): Free ports and destroy hash table.
|
|
Fixes https://savannah.gnu.org/bugs/?15806 .
* trans/hello-mt.c (trivfs_append_args): Escape contents.
* trans/hello.c (trivfs_append_args): Likewise.
|
|
Make the memory_object parameter of default_pager_object_create
polymorphic. This fixes https://savannah.gnu.org/bugs/?26751 .
* hurd/default_pager.defs (default_pager_object_create): Make
memory_object parameter polymorphic.
* mach-defpager/default_pager.c (S_default_pager_object_create):
Adjust accordingly.
* trans/proxy-defpager.c (S_default_pager_object_create): Likewise.
|
|
* trans/mtab.c (main): Use setnullauth to drop privileges.
|
|
POSIX requires write access to the socket, not read access, to be able
to connect to it.
* trans/ifsock.c (S_ifsock_getsockaddr): Test for O_WRITE instead of
O_READ.
|
|
Found using the Clang Static Analyzer.
* trans/fakeroot.c (new_node): Do not leak a pointer to freed memory.
Store NULL at *np instead. This fixes a node use-after-free in
netfs_S_dir_lookup.
|
|
When using fat nodes, expressions of the form E->nn can be rewritten
as netfs_node_netnode (E). This is much faster as it only involves a
offset calculation. For reference, I used the following semantic
patch to create the patch:
@@
expression E;
@@
- E->nn
+ netfs_node_netnode (E)
* trans/fakeroot.c: Use netfs_node_netnode instead of np->nn.
|
|
Previously, fakeroot stored netnodes in the hash table. But we are
not interested in a cache for netnodes, we need a node cache. So
fakeroot kept pointers to the associated node object in each netnode
object.
Use fat netfs nodes, which combine node and netnode objects.
* trans/fakeroot.c (struct netnode): Remove np.
(idport_ihash): Fix ihash location pointer offset.
(new_node): Allocate fat nodes, store the node pointer in the hash
table.
(netfs_node_norefs): Adjust accordingly.
(netfs_S_dir_lookup): Likewise.
|
|
* trans/mtab.c (main): Fix initialization of mtab in one-shot mode.
|
|
As of recently, fakeroot would fail to create symlinks:
% fakeroot-hurd ln -s foo a
ln: failed to create symbolic link ‘a’: Operation not permitted
Fix this by overriding fshelp_isowner.
Various netfs functions will call fshelp_isowner to check whether USER
is allowed to do some operation. As fakeroot is not running within
the fakeauth'ed environment, USER contains the real user.
I have no explanation why this ever worked.
* trans/fakeroot.c (fshelp_isowner): New function.
|
|
* trans/fakeroot.c (main): Use C99-style struct initialization to
initialize argp. This avoids a warning about missing field
initializers.
|
|
* trans/fakeroot.c (netfs_attempt_chown): Fix comparison between
signed and unsigned integer expressions.
|
|
A spurious semicolon caused a control flow bug in check_openmodes,
leading to a port leak.
* trans/fakeroot.c (check_openmodes): Remove spurious semicolon.
|
|
GNU libc has provided the 'crypt' function in libcrypt for a long time,
making this check unnecessary.
* configure.ac: Remove libcrypt check and 'LIBCRYPT' substitution.
* config.make.in (LIBCRYPT): Remove.
* trans/Makefile (password-LDLIBS): Change $(LIBCRYPT) to -lcrypt.
* utils/Makefile (login-LDLIBS, addauth-LDLIBS, setauth-LDLIBS):
Likewise.
|
|
This enables the compiler to check that the server function
declarations match MIGs expectations. Fix a few oddities along the
way.
* console-client/trans.c: Include MIG-generated server header file(s).
* console/console.c: Likewise. Also, fix declarations.
* console/mutations.h (TIOCTL_IMPORTS): Just use libnetfs/priv.h.
* console/priv.h: Delete now unused file.
* ext2fs/storeinfo.c: Include MIG-generated server header file(s).
* fatfs/inode.c: Likewise.
* fatfs/main.c: Likewise. Also, fix declaration.
* isofs/inode.c: Likewise.
* libdiskfs/boot-start.c: Likewise.
* libdiskfs/file-chg.c: Include the correct MIG-generated server header file.
* libdiskfs/file-chmod.c: Include MIG-generated server header file(s).
* libdiskfs/file-get-fs-opts.c: Likewise.
* libdiskfs/init-startup.c: Likewise.
* libnetfs/file-get-children.c: Likewise.
* libnetfs/file-getcontrol.c: Include the correct MIG-generated server
header file.
* libnetfs/file-set-translator.c: Include MIG-generated server header file(s).
* libnetfs/fsstubs.c: Likewise.
* libtrivfs/file-access.c: Likewise.
* libtrivfs/file-chauthor.c: Likewise.
* libtrivfs/file-chflags.c: Likewise.
* libtrivfs/file-chg.c: Likewise.
* libtrivfs/file-chmod.c: Likewise.
* libtrivfs/file-chown.c: Likewise.
* libtrivfs/file-exec.c: Likewise.
* libtrivfs/file-get-children.c: Likewise.
* libtrivfs/file-get-fs-options.c: Likewise.
* libtrivfs/file-get-source.c: Likewise.
* libtrivfs/file-get-storage-info.c: Likewise.
* libtrivfs/file-get-trans.c: Likewise.
* libtrivfs/file-get-transcntl.c: Likewise.
* libtrivfs/file-getcontrol.c: Likewise.
* libtrivfs/file-getfh.c: Likewise.
* libtrivfs/file-getlinknode.c: Likewise.
* libtrivfs/file-lock.c: Likewise.
* libtrivfs/file-reparent.c: Likewise.
* libtrivfs/file-set-size.c: Likewise.
* libtrivfs/file-set-trans.c: Likewise.
* libtrivfs/file-statfs.c: Likewise.
* libtrivfs/file-sync.c: Likewise.
* libtrivfs/file-syncfs.c: Likewise.
* libtrivfs/file-utimes.c: Likewise.
* libtrivfs/fsys-forward.c: Likewise.
* libtrivfs/fsys-get-options.c: Likewise.
* libtrivfs/fsys-getroot.c: Likewise.
* libtrivfs/fsys-goaway.c: Likewise.
* libtrivfs/fsys-set-options.c: Likewise.
* libtrivfs/fsys-stubs.c: Likewise.
* libtrivfs/fsys-syncfs.c: Likewise.
* libtrivfs/io-async-icky.c: Likewise.
* libtrivfs/io-async.c: Likewise.
* libtrivfs/io-duplicate.c: Likewise.
* libtrivfs/io-identity.c: Likewise.
* libtrivfs/io-map.c: Likewise.
* libtrivfs/io-modes-get.c: Likewise.
* libtrivfs/io-modes-off.c: Likewise.
* libtrivfs/io-modes-on.c: Likewise.
* libtrivfs/io-modes-set.c: Likewise.
* libtrivfs/io-owner-get.c: Likewise.
* libtrivfs/io-owner-mod.c: Likewise.
* libtrivfs/io-pathconf.c: Likewise.
* libtrivfs/io-read.c: Likewise.
* libtrivfs/io-readable.c: Likewise.
* libtrivfs/io-reauthenticate.c: Likewise.
* libtrivfs/io-restrict-auth.c: Likewise.
* libtrivfs/io-revoke.c: Likewise.
* libtrivfs/io-seek.c: Likewise.
* libtrivfs/io-select.c: Likewise.
* libtrivfs/io-stat.c: Likewise.
* libtrivfs/io-stubs.c: Likewise.
* libtrivfs/io-version.c: Likewise.
* libtrivfs/io-write.c: Likewise.
* pfinet/tunnel.c: Likewise.
* storeio/io.c: Likewise.
* storeio/storeio.c: Likewise.
* term/users.c: Likewise.
* tmpfs/node.c: Likewise.
* trans/fakeroot.c: Likewise. Also, include all server headers that provide
the X_server_routine functions...
(netfs_demuxer): ... that were previously declared here.
* trans/fifo.c: Include MIG-generated server header file(s).
* trans/firmlink.c: Likewise.
* trans/hello-mt.c: Likewise.
* trans/hello.c: Likewise.
* trans/magic.c: Likewise.
* trans/mtab.c: Likewise.
* trans/new-fifo.c: Likewise.
* trans/null.c: Likewise.
* trans/proxy-defpager.c: Likewise.
* trans/streamio.c: Likewise.
* libdiskfs/fsmutations.h: Qualify the import with the libraries path.
Without this change, out-of-tree builds would no longer work.
* libnetfs/mutations.h: Likewise.
* libtrivfs/mig-mutate.h: Likewise.
|
|
* trans/Makefile: Add ifsock-MIGSFLAGS.
* trans/ifsock.c (S_ifsock_getsockaddr): Fix receiver lookup.
|
|
Previously, the mig mutator functions were in migsupport.c, preventing
them from being inlined into the mig-generated server functions. Put
them in mig-decls.h instead. Rename mutations.h to mig-mutate.h.
This is the naming convention used for pflocal.
* libtrivfs/fsmutations.h: Rename to mig-mutate.h, adopt imports.
* libtrivfs/Makefile: Adopt accordingly.
* libtrivfs/migsupport.c: Rename to mig-decls.h.
* libtrivfs/trivfs.h: Move dynamic classes/buckets declarations to
mig-decls.h, remove superfluous imports.
* exec/execmutations.h: Fix import.
* pfinet/mig-mutate.h: Likewise.
* trans/Makefile: Likewise.
|
|
|
|
Previously, map_device_to_path mapped unknown device strings to
"none". Return a copy of the original source string instead so that
e.g. nfs mount point points are properly handled.
* trans/mtab.c (map_device_to_path): Do not map unknown source strings
to "none".
|
|
Previously, the mtab translator would guess the source of a filesystem
translator from its last argument. This made all kinds of
non-filesystem translators appear in /proc/mounts, causing severe
problems due to umount --all removing vital passive translator
records.
Fix this by ignoring all translators that do not explicitly implement
file_get_source.
* trans/mtab.c (mtab_populate): Ignore translators that do not
implement file_get_source.
|
|
* hurd/fs.defs: Add file_get_children and file_get_source.
* hurd/fsys.defs: Remove fsys_get_children and fsys_get_source.
* libdiskfs/fsys-get-children.c: Rename and adapt accordingly.
* libdiskfs/fsys-get-source.c: Likewise.
* libnetfs/fsys-get-children.c: Likewise.
* libnetfs/fsys-get-source.c: Likewise.
* libtrivfs/fsys-get-children.c: Likewise.
* libtrivfs/fsys-get-source.c: Likewise.
* libdiskfs/diskfs.h: Adapt prototype and comment.
* libnetfs/netfs.h: Likewise.
* libtrivfs/trivfs.h: Likewise.
* libdiskfs/get-source.c: Adapt default implementation, provide
diskfs_disk_name by default.
* libnetfs/netfs.h: Adapt default implementation.
* libtrivfs/get-source.c: Likewise.
* libdiskfs/Makefile: Adapt accordingly.
* libnetfs/Makefile: Likewise.
* libtrivfs/Makefile: Likewise.
* trans/symlink.c: Likewise.
* trans/mtab.c: Likewise.
|
|
When a client finds a node from the hash table, it could happen that
another thread is still holding one reference on it before the current
thread has acquired its own. Simply checking for a non zero refcount isn't
enough, the new client must atomically acquire its own reference.
* trans/fakeroot.c (netfs_S_dir_lookup): Find and acquire node reference
while holding netfs_node_refcnt_lock.
|
|
* trans/fakeroot.c (netfs_S_dir_lookup): Fix node dereference.
|
|
Instead of the FAKE_REFERENCE flag, rework node caching so that nodes are
retained only if their attributes are actually changed. In addition, don't
remove unreferenced nodes from the hash table at protid release, since
their reference counter is unstable. Do it on node destruction, once the
reference counter has reached 0. This means lookups can return nodes not
referenced (other than by the hash table), a condition for which a check
is added. By never acquiring a reference on such nodes, their counter is
guaranteed to remain stable once unreferenced.
* trans/fakeroot.c (FAKE_REFERENCE): Remove macro.
(FAKE_DEFAULT): New macro.
(set_default_attributes): New function.
(set_faked_attribute): Likewise.
(netfs_node_norefs): Remove node from hash table, properly taking care
of all the locks involved.
(fakeroot_netfs_release_protid): Remove node handling code, merely call
netfs_release_protid.
(netfs_S_dir_lookup): Handle unreferenced nodes, call set_default_attributes
on node creation, remove call to netfs_attempt_chown.
(netfs_attempt_chown): Call set_faked_attribute instead of accessing faked
flags directly.
(netfs_attempt_chauthor): Likewise.
(netfs_attempt_chmod): Likewise.
(main): Likewise.
|
|
Unconditionally relay chmod requests instead of filtering those that
don't change the executable bit.
* trans/fakeroot.c (netfs_attempt_chmod): Unconditionally call file_chmod
with an unaltered mode.
|
