add patch series

6 files changed, 574 insertions, 0 deletions

diff --git a/debian/patches/fixes0001-libtrivfs-fix-error-handling.patch b/debian/patches/fixes0001-libtrivfs-fix-error-handling.patch
new file mode 100644
index 00000000..2fc273c8
--- /dev/null
+++ b/debian/patches/fixes0001-libtrivfs-fix-error-handling.patch
@@ -0,0 +1,62 @@
+From f34b08c96d323403bb5f186c90181b9b21caf935 Mon Sep 17 00:00:00 2001
+From: Justus Winter <justus@gnupg.org>
+Date: Mon, 25 Apr 2016 00:48:56 +0200
+Subject: [PATCH hurd 1/5] libtrivfs: fix error handling
+
+* libtrivfs/times.c (trivfs_set_{a,m}time): Fix error handling.
+---
+ libtrivfs/times.c | 22 +++++++++++++++-------
+ 1 file changed, 15 insertions(+), 7 deletions(-)
+
+diff --git a/libtrivfs/times.c b/libtrivfs/times.c
+index 5f08cb1..42e668d 100644
+--- a/libtrivfs/times.c
++++ b/libtrivfs/times.c
+@@ -20,29 +20,37 @@
+ error_t
+ trivfs_set_atime (struct trivfs_control *cntl)
+ {
++  error_t err;
+   struct stat st;
+   time_value_t atime;
+   time_value_t mtime;
+-  
+-  io_stat (cntl->underlying, &st);
++
++  err = io_stat (cntl->underlying, &st);
++  if (err)
++    return err;
++
+   mtime.seconds = st.st_mtim.tv_sec;
+   mtime.microseconds = st.st_mtim.tv_nsec / 1000;
+   atime.microseconds = -1;
+-  file_utimes (cntl->underlying, atime, mtime);
+-  return 0;
++
++  return file_utimes (cntl->underlying, atime, mtime);
+ }
+ 
+ error_t
+ trivfs_set_mtime (struct trivfs_control *cntl)
+ {
++  error_t err;
+   struct stat st;
+   time_value_t atime;
+   time_value_t mtime;
+ 
+-  io_stat (cntl->underlying, &st);
++  err = io_stat (cntl->underlying, &st);
++  if (err)
++    return err;
++
+   atime.seconds = st.st_atim.tv_sec;
+   atime.microseconds = st.st_atim.tv_nsec / 1000;
+   mtime.microseconds = -1;
+-  file_utimes (cntl->underlying, atime, mtime);
+-  return 0;
++
++  return file_utimes (cntl->underlying, atime, mtime);
+ }
+-- 
+2.1.4
+
diff --git a/debian/patches/fixes0002-libtrivfs-fix-notion-of-privileged-user.patch b/debian/patches/fixes0002-libtrivfs-fix-notion-of-privileged-user.patch
new file mode 100644
index 00000000..88ea44af
--- /dev/null
+++ b/debian/patches/fixes0002-libtrivfs-fix-notion-of-privileged-user.patch
@@ -0,0 +1,108 @@
+From e97dac57ce18693e0b6360af3a9377b48ab13ad2 Mon Sep 17 00:00:00 2001
+From: Justus Winter <justus@gnupg.org>
+Date: Mon, 25 Apr 2016 01:38:45 +0200
+Subject: [PATCH hurd 2/5] libtrivfs: fix notion of privileged user
+
+Set 'is_root' if the node has been opened by the root user (this was
+the old behavior) or if it has been opened by the user the translator
+is executing under.
+
+This fixes the irritating bug that an unprivileged user cannot control
+her own trivfs-based translators.  It does not change how privileged
+trivfs translators work.
+
+* libtrivfs/io-reauthenticate.c (trivfs_S_io_reauthenticate): Use the
+new function to compute 'isroot'.
+* libtrivfs/io-restrict-auth.c (trivfs_S_io_restrict_auth): Likewise.
+* libtrivfs/open.c (trivfs_open): Likewise.
+* libtrivfs/priv.h (_is_privileged): New function.
+* libtrivfs/trivfs.h (struct peropen): Clarify what 'isroot' means.
+---
+ libtrivfs/io-reauthenticate.c | 3 +--
+ libtrivfs/io-restrict-auth.c  | 4 +---
+ libtrivfs/open.c              | 2 +-
+ libtrivfs/priv.h              | 9 +++++++++
+ libtrivfs/trivfs.h            | 3 ++-
+ 5 files changed, 14 insertions(+), 7 deletions(-)
+
+diff --git a/libtrivfs/io-reauthenticate.c b/libtrivfs/io-reauthenticate.c
+index 35775e5..72684e3 100644
+--- a/libtrivfs/io-reauthenticate.c
++++ b/libtrivfs/io-reauthenticate.c
+@@ -59,8 +59,7 @@ trivfs_S_io_reauthenticate (struct trivfs_protid *cred,
+     return err;
+ 
+   mach_port_deallocate (mach_task_self (), newright);
+-  if (idvec_contains (newcred->user->uids, 0))
+-    newcred->isroot = 1;
++  newcred->isroot = _is_privileged (newcred->user->uids);
+ 
+   newcred->hook = cred->hook;
+   newcred->po = cred->po;
+diff --git a/libtrivfs/io-restrict-auth.c b/libtrivfs/io-restrict-auth.c
+index cb4224d..6c807f1 100644
+--- a/libtrivfs/io-restrict-auth.c
++++ b/libtrivfs/io-restrict-auth.c
+@@ -109,11 +109,9 @@ trivfs_S_io_restrict_auth (struct trivfs_protid *cred,
+       return err;
+     }
+ 
+-  newcred->isroot = 0;
+   newcred->po = cred->po;
+   refcount_ref (&newcred->po->refcnt);
+-  if (cred->isroot && idvec_contains (user->uids, 0))
+-    newcred->isroot = 1;
++  newcred->isroot = cred->isroot && _is_privileged (user->uids);
+   newcred->user = user;
+   newcred->hook = cred->hook;
+ 
+diff --git a/libtrivfs/open.c b/libtrivfs/open.c
+index 97e70a1..35a9452 100644
+--- a/libtrivfs/open.c
++++ b/libtrivfs/open.c
+@@ -56,7 +56,7 @@ trivfs_open (struct trivfs_control *cntl,
+       if (! err)
+ 	{
+ 	  new->user = user;
+-	  new->isroot = idvec_contains (user->uids, 0);
++	  new->isroot = _is_privileged (user->uids);
+ 
+ 	  new->po = po;
+ 	  new->hook = 0;
+diff --git a/libtrivfs/priv.h b/libtrivfs/priv.h
+index d92fe33..4bdd4f7 100644
+--- a/libtrivfs/priv.h
++++ b/libtrivfs/priv.h
+@@ -21,6 +21,15 @@
+ #include <mach.h>
+ #include <hurd.h>
+ #include <hurd/ports.h>
++#include <idvec.h>
++#include <unistd.h>
+ #include "trivfs.h"
+ 
++/* Returns true if UIDS contains either 0 or our user id.  */
++static inline int
++_is_privileged (struct idvec *uids)
++{
++  return idvec_contains (uids, 0) || idvec_contains (uids, getuid ());
++}
++
+ #endif
+diff --git a/libtrivfs/trivfs.h b/libtrivfs/trivfs.h
+index d81c4f9..49cc765 100644
+--- a/libtrivfs/trivfs.h
++++ b/libtrivfs/trivfs.h
+@@ -30,7 +30,8 @@ struct trivfs_protid
+ {
+   struct port_info pi;
+   struct iouser *user;
+-  int isroot;
++  int isroot;			/* Opened by a privileged user, either
++				   root or our own user.  */
+   /* REALNODE will be null if this protid wasn't fully created (currently
+      only in the case where trivfs_protid_create_hook returns an error).  */
+   mach_port_t realnode;		/* restricted permissions */
+-- 
+2.1.4
+
diff --git a/debian/patches/fixes0003-utils-settrans-implement-active-translator-stacking.patch b/debian/patches/fixes0003-utils-settrans-implement-active-translator-stacking.patch
new file mode 100644
index 00000000..517dbd4d
--- /dev/null
+++ b/debian/patches/fixes0003-utils-settrans-implement-active-translator-stacking.patch
@@ -0,0 +1,88 @@
+From a997b1b4dec0c5de8165f34b66840d270b489788 Mon Sep 17 00:00:00 2001
+From: Justus Winter <justus@gnupg.org>
+Date: Sat, 23 Apr 2016 17:39:47 +0200
+Subject: [PATCH hurd 3/5] utils/settrans: implement active translator stacking
+
+* utils/settrans.c (OPT_STACK): New macro.
+(options): New option.
+(main): Handle new option.
+(open_node): Use different flags for the lookup of the underlying
+node.
+---
+ utils/settrans.c | 21 ++++++++++++++++++++-
+ 1 file changed, 20 insertions(+), 1 deletion(-)
+
+diff --git a/utils/settrans.c b/utils/settrans.c
+index e01906b..ee7cba5 100644
+--- a/utils/settrans.c
++++ b/utils/settrans.c
+@@ -47,6 +47,7 @@ const char *argp_program_version = STANDARD_HURD_VERSION (settrans);
+ #define STRINGIFY(arg) _STRINGIFY (arg)
+ 
+ #define OPT_CHROOT_CHDIR	-1
++#define OPT_STACK		-2
+ 
+ static struct argp_option options[] =
+ {
+@@ -66,6 +67,8 @@ static struct argp_option options[] =
+ 			     "(do not ask it to go away)"},
+   {"underlying",  'U', "NODE", 0, "Open NODE and hand it to the translator "
+ 				  "as the underlying node"},
++  {"stack", OPT_STACK, 0, 0, "Replace an existing translator, but keep it "
++			     "running, and put the new one on top"},
+ 
+   {"chroot",      'C', 0, 0,
+    "Instead of setting the node's translator, take following arguments up to"
+@@ -156,10 +159,12 @@ main(int argc, char *argv[])
+   int passive = 0, active = 0, keep_active = 0, pause = 0, kill_active = 0,
+       orphan = 0;
+   int start = 0;
++  int stack = 0;
+   char *pid_file = NULL;
+   int excl = 0;
+   int timeout = DEFAULT_TIMEOUT * 1000; /* ms */
+   char *underlying_node_name = NULL;
++  int underlying_lookup_flags;
+   char **chroot_command = 0;
+   char *chroot_chdir = "/";
+ 
+@@ -193,6 +198,11 @@ main(int argc, char *argv[])
+ 	  start = 1;
+ 	  active = 1;	/* start implies active */
+ 	  break;
++	case OPT_STACK:
++	  stack = 1;
++	  active = 1;	/* stack implies active */
++	  orphan = 1;	/* stack implies orphan */
++	  break;
+ 	case 'p': passive = 1; break;
+ 	case 'k': keep_active = 1; break;
+ 	case 'g': kill_active = 1; break;
+@@ -261,6 +271,14 @@ main(int argc, char *argv[])
+ 
+   argp_parse (&argp, argc, argv, ARGP_IN_ORDER, 0, 0);
+ 
++  if (stack)
++    {
++      underlying_node_name = node_name;
++      underlying_lookup_flags = lookup_flags && ~O_NOTRANS;
++    }
++  else
++    underlying_lookup_flags = lookup_flags;
++
+   if (!active && !passive && !chroot_command)
+     passive = 1;		/* By default, set the passive translator.  */
+ 
+@@ -341,7 +359,8 @@ main(int argc, char *argv[])
+ 	  if (underlying_node_name)
+ 	    {
+ 	      *underlying = file_name_lookup (underlying_node_name,
+-					      flags | lookup_flags, 0666);
++					      flags | underlying_lookup_flags,
++					      0666);
+ 	      if (! MACH_PORT_VALID (*underlying))
+ 		{
+ 		  /* For the error message.  */
+-- 
+2.1.4
+
diff --git a/debian/patches/fixes0004-Avoid-superfluous-locking-of-node.patch b/debian/patches/fixes0004-Avoid-superfluous-locking-of-node.patch
new file mode 100644
index 00000000..db4187ed
--- /dev/null
+++ b/debian/patches/fixes0004-Avoid-superfluous-locking-of-node.patch
@@ -0,0 +1,60 @@
+From 14647f8d3daeb5e18d77b40fd1d0c48e034903b5 Mon Sep 17 00:00:00 2001
+From: Justus Winter <justus@gnupg.org>
+Date: Mon, 25 Apr 2016 00:54:08 +0200
+Subject: [PATCH hurd 4/5] Avoid superfluous locking of node
+
+* libdiskfs/io-restrict-auth.c (diskfs_S_io_restrict_auth): Do not
+lock the associated node.  No operation here needs synchronization.
+* libnetfs/io-restrict-auth.c (netfs_S_io_restrict_auth): Likewise.
+---
+ libdiskfs/io-restrict-auth.c | 2 --
+ libnetfs/io-restrict-auth.c  | 3 ---
+ 2 files changed, 5 deletions(-)
+
+diff --git a/libdiskfs/io-restrict-auth.c b/libdiskfs/io-restrict-auth.c
+index 80c0b20..1c2c999 100644
+--- a/libdiskfs/io-restrict-auth.c
++++ b/libdiskfs/io-restrict-auth.c
+@@ -40,7 +40,6 @@ diskfs_S_io_restrict_auth (struct protid *cred,
+   if (err)
+     return err;
+ 
+-  pthread_mutex_lock (&cred->po->np->lock);
+   refcount_ref (&cred->po->refcnt);
+   err = diskfs_create_protid (cred->po, user, &newpi);
+   if (! err)
+@@ -51,7 +50,6 @@ diskfs_S_io_restrict_auth (struct protid *cred,
+     }
+   else
+     refcount_deref (&cred->po->refcnt);
+-  pthread_mutex_unlock (&cred->po->np->lock);
+ 
+   iohelp_free_iouser (user);
+   return err;
+diff --git a/libnetfs/io-restrict-auth.c b/libnetfs/io-restrict-auth.c
+index 79b7d09..89df671 100644
+--- a/libnetfs/io-restrict-auth.c
++++ b/libnetfs/io-restrict-auth.c
+@@ -42,19 +42,16 @@ netfs_S_io_restrict_auth (struct protid *user,
+   if (err)
+     return err;
+ 
+-  pthread_mutex_lock (&user->po->np->lock);
+   refcount_ref (&user->po->refcnt);
+   newpi = netfs_make_protid (user->po, new_user);
+   if (newpi)
+     {
+       *newport = ports_get_right (newpi);
+-      pthread_mutex_unlock (&user->po->np->lock);
+       *newporttype = MACH_MSG_TYPE_MAKE_SEND;
+     }
+   else
+     {
+       refcount_deref (&user->po->refcnt);
+-      pthread_mutex_unlock (&user->po->np->lock);
+       iohelp_free_iouser (new_user);
+       err = ENOMEM;
+     }
+-- 
+2.1.4
+
diff --git a/debian/patches/fixes0005-fstests-new-micro-benchmark.patch b/debian/patches/fixes0005-fstests-new-micro-benchmark.patch
new file mode 100644
index 00000000..47ea13d0
--- /dev/null
+++ b/debian/patches/fixes0005-fstests-new-micro-benchmark.patch
@@ -0,0 +1,251 @@
+From d0346ccdaf17c5fbb9e302b0a229efe66916be32 Mon Sep 17 00:00:00 2001
+From: Justus Winter <justus@gnupg.org>
+Date: Mon, 25 Apr 2016 00:59:01 +0200
+Subject: [PATCH hurd 5/5] fstests: new micro benchmark
+
+* fstests/Makefile: Build 'benchmark'.
+* fstests/benchmark.c: New file.
+---
+ fstests/Makefile    |   6 +-
+ fstests/benchmark.c | 208 ++++++++++++++++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 213 insertions(+), 1 deletion(-)
+ create mode 100644 fstests/benchmark.c
+
+diff --git a/fstests/Makefile b/fstests/Makefile
+index 6374242..8058247 100644
+--- a/fstests/Makefile
++++ b/fstests/Makefile
+@@ -19,7 +19,9 @@ dir := fstests
+ makemode := utilities
+ 
+ SRCS = fstests.c fdtests.c timertest.c opendisk.c
+-targets = timertest fstests # opendisk fdtests
++targets = timertest fstests benchmark # opendisk fdtests
++HURDLIBS = shouldbeinlibc
++benchmark-LDLIBS = -lpthread
+ 
+ include ../Makeconf
+ 
+@@ -27,3 +29,5 @@ timertest: timertest.o
+ fstests: fstests.o
+ opendisk: opendisk.o
+ fdtests: fdtests.o
++benchmark: benchmark.o \
++  ../libshouldbeinlibc/libshouldbeinlibc.a
+diff --git a/fstests/benchmark.c b/fstests/benchmark.c
+new file mode 100644
+index 0000000..a4c501e
+--- /dev/null
++++ b/fstests/benchmark.c
+@@ -0,0 +1,208 @@
++/* Performance testing.
++
++   Copyright (C) 2016 Free Software Foundation, Inc.
++
++   This file is part of the GNU Hurd.
++
++   The GNU Hurd is free software; you can redistribute it and/or
++   modify it under the terms of the GNU General Public License as
++   published by the Free Software Foundation; either version 2, or (at
++   your option) any later version.
++
++   The GNU Hurd is distributed in the hope that it will be useful, but
++   WITHOUT ANY WARRANTY; without even the implied warranty of
++   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
++   General Public License for more details.
++
++   You should have received a copy of the GNU General Public License
++   along with the GNU Hurd.  If not, see <http://www.gnu.org/licenses/>.  */
++
++#include <argp.h>
++#include <error.h>
++#include <fcntl.h>
++#include <hurd.h>
++#include <inttypes.h>
++#include <mach.h>
++#include <maptime.h>
++#include <pthread.h>
++#include <stdlib.h>
++#include <stdio.h>
++#include <string.h>
++#include <sys/mman.h>
++#include <sys/stat.h>
++#include <unistd.h>
++#include <version.h>
++
++static char *target_path = NULL;
++
++size_t iterations = 1l<<18;
++size_t threads = 2;
++
++const char *argp_program_version = STANDARD_HURD_VERSION (benchmark);
++
++static const struct argp_option options[] =
++{
++  {"iterations", 'n', "N", 0, "Repeat tests N times"},
++  {"threads", 't', "N", 0, "Run N threads"},
++  {}
++};
++
++/* Parse a command line option.	 */
++error_t parse_opt (int key, char *arg, struct argp_state *state)
++{
++  char *arg_end;
++  unsigned long *ptr = NULL;
++
++  switch (key)
++    {
++    case 't':
++      ptr = ptr ?: &threads;
++    case 'n':
++      ptr = ptr ?: &iterations;
++
++      *ptr = strtoul (arg, &arg_end, 10);
++      if (*arg == '\0' || *arg_end != '\0')
++	argp_error (state, "invalid integer: %s", arg);
++      break;
++
++    case ARGP_KEY_ARG:
++      target_path = strdup (arg);
++      if (! target_path)
++	argp_error (state, "Error while canonicalizing path");
++      break;
++
++    case ARGP_KEY_NO_ARGS:
++      argp_usage (state);
++      return EINVAL;
++
++    default:
++      return ARGP_ERR_UNKNOWN;
++    }
++  return 0;
++}
++
++static struct argp argp =
++  {
++    options,
++    parse_opt,
++    "TARGET\tFile name of a node with an active translator",
++    "A translator providing mtab compatible information about active "
++    "and passive translators below TARGET.",
++  };
++
++
++
++volatile struct mapped_time_value *mtime;
++
++struct worker_cookie
++{
++  pthread_t thread;
++  error_t (*dost) (void *);
++  error_t err;
++  size_t count;
++  struct timeval runtime;
++};
++
++void *
++worker_thread (void *cookie)
++{
++  error_t err = 0;
++  struct worker_cookie *args = cookie;
++  struct timeval start_time;
++  struct timeval end_time;
++  size_t count;
++
++  maptime_read (mtime, &start_time);
++
++  for (count = args->count; count; count--)
++    {
++      err = args->dost (cookie);
++      if (err)
++	break;
++    }
++
++  maptime_read (mtime, &end_time);
++  timersub (&end_time, &start_time, &args->runtime);
++
++  args->count = count;
++  args->err = err;
++  return NULL;
++}
++
++void
++print_stats (const char *id, size_t nt, size_t n, struct timeval *tv)
++{
++  double duration =
++    (tv->tv_sec + (tv->tv_usec / 1000000.)) / (double) nt;
++  fprintf (stderr,
++           "% 10s: %.2fs\t%fns\t%9.3f (1/s)\n",
++           id,
++           duration,
++           1000000000. * duration / n,
++           n / duration);
++}
++
++
++
++static error_t
++do_dir_lookup (void *cookie)
++{
++  file_t f;
++  f = file_name_lookup (target_path, 0, 0);
++  if (! MACH_PORT_VALID (f))
++    return errno;
++  mach_port_deallocate (mach_task_self (), f);
++  return 0;
++}
++
++
++
++int
++main (int argc, char *argv[])
++{
++  error_t err;
++  size_t i;
++  struct worker_cookie *cookies;
++  struct timeval accumulated_time = {0};
++
++  err = argp_parse (&argp, argc, argv, ARGP_IN_ORDER, 0, 0);
++  if (err)
++    error (1, err, "argument parsing");
++
++  fprintf (stderr, "N: %u (1<<%d)\n",
++	   iterations, __builtin_ffs (iterations) - 1);
++
++  err = maptime_map (0, NULL, &mtime);
++  if (err)
++    error (1, err, "maptime_map");
++
++  cookies = calloc (threads, sizeof *cookies);
++  if (cookies == NULL)
++    error (1, errno, "calloc");
++
++  for (i = 0; i < threads; i++)
++    {
++      cookies[i].count = iterations / threads;
++      cookies[i].dost = do_dir_lookup;
++      err = pthread_create (&cookies[i].thread, NULL,
++                            &worker_thread, &cookies[i]);
++      if (err)
++        error (2, err, "pthread_create");
++    }
++
++  for (i = 0; i < threads; i++)
++    {
++      err = pthread_join (cookies[i].thread, NULL);
++      if (err)
++        error (3, err, "pthread_join");
++
++      if (cookies[i].err)
++        error (3, err, "thread %d", i);
++
++      timeradd (&accumulated_time, &cookies[i].runtime, &accumulated_time);
++    }
++
++  print_stats ("dir_lookup", threads, iterations, &accumulated_time);
++
++  return 0;
++}
+-- 
+2.1.4
+
diff --git a/debian/patches/series b/debian/patches/series
index 052daf00..713f5073 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -45,3 +45,8 @@ fs_unification0004-YYY-Unify-the-short-circuit-translator-logic.patch
 fs_unification0005-libnetfs-treat-disconnected-shadow-roots-as-virtual-.patch
 shutdown0001-trans-add-shutdown-translator.patch
 shutdown0002-xxx-halt-hack.patch
+fixes0001-libtrivfs-fix-error-handling.patch
+fixes0002-libtrivfs-fix-notion-of-privileged-user.patch
+fixes0003-utils-settrans-implement-active-translator-stacking.patch
+fixes0004-Avoid-superfluous-locking-of-node.patch
+fixes0005-fstests-new-micro-benchmark.patch