aboutsummaryrefslogtreecommitdiff
path: root/sys/miscfs/procfs
Commit message (Collapse)AuthorAgeFilesLines
* - FDESC, FIFO, NULL, PORTAL, PROC, UMAP and UNION fileRuslan Ermilov2001-05-2315-3629/+0
| | | | | | | | | | | | | | | | | | systems were repo-copied from sys/miscfs to sys/fs. - Renamed the following file systems and their modules: fdesc -> fdescfs, portal -> portalfs, union -> unionfs. - Renamed corresponding kernel options: FDESC -> FDESCFS, PORTAL -> PORTALFS, UNION -> UNIONFS. - Install header files for the above file systems. - Removed bogus -I${.CURDIR}/../../sys CFLAGS from userland Makefiles. Notes: svn path=/head/; revision=77031
* Introduce a global lock for the vm subsystem (vm_mtx).Alfred Perlstein2001-05-192-1/+12
| | | | | | | | | | | | | | | | | | | | | | vm_mtx does not recurse and is required for most low level vm operations. faults can not be taken without holding Giant. Memory subsystems can now call the base page allocators safely. Almost all atomic ops were removed as they are covered under the vm mutex. Alpha and ia64 now need to catch up to i386's trap handlers. FFS and NFS have been tested, other filesystems will need minor changes (grabbing the vm lock when twiddling page properties). Reviewed (partially) by: jake, jhb Notes: svn path=/head/; revision=76827
* GC prototype for procfs_bmap() missed during a previous commit.John Baldwin2001-05-111-1/+0
| | | | Notes: svn path=/head/; revision=76491
* Undo part of the tangle of having sys/lock.h and sys/mutex.h included inMark Murray2001-05-019-26/+56
| | | | | | | | | | | | | | other "system" header files. Also help the deprecation of lockmgr.h by making it a sub-include of sys/lock.h and removing sys/lockmgr.h form kernel .c files. Sort sys/*.h includes where possible in affected files. OK'ed by: bde (with reservations) Notes: svn path=/head/; revision=76166
* Add a vop_stdbmap(), and make it part of the default vop vector.Poul-Henning Kamp2001-04-291-31/+0
| | | | | | | | | Make 7 filesystems which don't really know about VOP_BMAP rely on the default vector, rather than more or less complete local vop_nopbmap() implementations. Notes: svn path=/head/; revision=76131
* Revert consequences of changes to mount.h, part 2.Greg Lehey2001-04-292-4/+0
| | | | | | | Requested by: bde Notes: svn path=/head/; revision=76117
* Change the pfind() and zpfind() functions to lock the process that theyJohn Baldwin2001-04-246-55/+50
| | | | | | | | | find before releasing the allproc lock and returning. Reviewed by: -smp, dfr, jake Notes: svn path=/head/; revision=75893
* Correct #includes to work with fixed sys/mount.h.Greg Lehey2001-04-233-0/+6
| | | | Notes: svn path=/head/; revision=75858
* - Various style fixes.John Baldwin2001-03-291-7/+3
| | | | | | | | | | - Fix a silly bug so that we return the actual error code if a procfs attach fails rather than always returning 0. Reported by: bde Notes: svn path=/head/; revision=74996
* Convert the allproc and proctree locks from lockmgr locks to sx locks.John Baldwin2001-03-282-13/+14
| | | | Notes: svn path=/head/; revision=74927
* Catch up to header include changes:John Baldwin2001-03-283-0/+3
| | | | | | | | - <sys/mutex.h> now requires <sys/systm.h> - <sys/mutex.h> and <sys/sx.h> now require <sys/lock.h> Notes: svn path=/head/; revision=74914
* Proc locking identical to that of linprocfs' vnops except that we hold theJohn Baldwin2001-03-071-18/+59
| | | | | | | proc lock while calling psignal. Notes: svn path=/head/; revision=73920
* Protect read to p_pptr with proc lock rather than proctree lock.John Baldwin2001-03-071-2/+2
| | | | Notes: svn path=/head/; revision=73919
* Proc locking. Lock around psignal() and also ensure both an exclusiveJohn Baldwin2001-03-071-20/+34
| | | | | | | | | proctree lock and the process lock are held when updating p_pptr and p_oppid. When we are just reaading p_pptr we only need the proc lock and not a proctree lock as well. Notes: svn path=/head/; revision=73918
* Protect p_flag with the proc lock.John Baldwin2001-03-073-3/+18
| | | | Notes: svn path=/head/; revision=73906
* Remove the copyinstr call which was trying to copy the pathname in fromDoug Rabson2001-03-031-3/+0
| | | | | | | | | | | | user space. It has already been copied in and mp->mnt_stat.f_mntonname has already been initialised by the caller. This fixes a panic on the alpha caused by the fact that the variable 'size' wasn't initialised because the call to copyinstr() bailed out with an EFAULT error. Notes: svn path=/head/; revision=73383
* o Move per-process jail pointer (p->pr_prison) to inside of the subjectRobert Watson2001-02-211-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | credential structure, ucred (cr->cr_prison). o Allow jail inheritence to be a function of credential inheritence. o Abstract prison structure reference counting behind pr_hold() and pr_free(), invoked by the similarly named credential reference management functions, removing this code from per-ABI fork/exit code. o Modify various jail() functions to use struct ucred arguments instead of struct proc arguments. o Introduce jailed() function to determine if a credential is jailed, rather than directly checking pointers all over the place. o Convert PRISON_CHECK() macro to prison_check() function. o Move jail() function prototypes to jail.h. o Emulate the P_JAILED flag in fill_kinfo_proc() and no longer set the flag in the process flags field itself. o Eliminate that "const" qualifier from suser/p_can/etc to reflect mutex use. Notes: o Some further cleanup of the linux/jail code is still required. o It's now possible to consider resolving some of the process vs credential based permission checking confusion in the socket code. o Mutex protection of struct prison is still not present, and is required to protect the reference count plus some fields in the structure. Reviewed by: freebsd-arch Obtained from: TrustedBSD Project Notes: svn path=/head/; revision=72786
* Change and clean the mutex lock interface.Bosko Milekic2001-02-092-19/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | mtx_enter(lock, type) becomes: mtx_lock(lock) for sleep locks (MTX_DEF-initialized locks) mtx_lock_spin(lock) for spin locks (MTX_SPIN-initialized) similarily, for releasing a lock, we now have: mtx_unlock(lock) for MTX_DEF and mtx_unlock_spin(lock) for MTX_SPIN. We change the caller interface for the two different types of locks because the semantics are entirely different for each case, and this makes it explicitly clear and, at the same time, it rids us of the extra `type' argument. The enter->lock and exit->unlock change has been made with the idea that we're "locking data" and not "entering locked code" in mind. Further, remove all additional "flags" previously passed to the lock acquire/release routines with the exception of two: MTX_QUIET and MTX_NOSWITCH The functionality of these flags is preserved and they can be passed to the lock/unlock routines by calling the corresponding wrappers: mtx_{lock, unlock}_flags(lock, flag(s)) and mtx_{lock, unlock}_spin_flags(lock, flag(s)) for MTX_DEF and MTX_SPIN locks, respectively. Re-inline some lock acq/rel code; in the sleep lock case, we only inline the _obtain_lock()s in order to ensure that the inlined code fits into a cache line. In the spin lock case, we inline recursion and actually only perform a function call if we need to spin. This change has been made with the idea that we generally tend to avoid spin locks and that also the spin locks that we do have and are heavily used (i.e. sched_lock) do recurse, and therefore in an effort to reduce function call overhead for some architectures (such as alpha), we inline recursion for this case. Create a new malloc type for the witness code and retire from using the M_DEV type. The new type is called M_WITNESS and is only declared if WITNESS is enabled. Begin cleaning up some machdep/mutex.h code - specifically updated the "optimized" inlined code in alpha/mutex.h and wrote MTX_LOCK_SPIN and MTX_UNLOCK_SPIN asm macros for the i386/mutex.h as we presently need those. Finally, caught up to the interface changes in all sys code. Contributors: jake, jhb, jasone (in no particular order) Notes: svn path=/head/; revision=72200
* Mechanical change to use <sys/queue.h> macro API instead ofPoul-Henning Kamp2001-02-041-1/+1
| | | | | | | | | | fondling implementation details. Created with: sed(1) Reviewed by: md5(1) Notes: svn path=/head/; revision=71999
* - Catch up to proc flag changes.John Baldwin2001-01-241-2/+6
| | | | Notes: svn path=/head/; revision=71569
* Use macro API to <sys/queue.h>Poul-Henning Kamp2000-12-311-4/+4
| | | | Notes: svn path=/head/; revision=70536
* Protect proc.p_pptr and proc.p_children/p_sibling with theJake Burkholder2000-12-232-0/+16
| | | | | | | | | | | proctree_lock. linprocfs not locked pending response from informal maintainer. Reviewed by: jhb, -smp@ Notes: svn path=/head/; revision=70317
* o Tighten restrictions on use of /proc/pid/ctl and move access checksRobert Watson2000-12-131-4/+10
| | | | | | | | | | in ctl to using centralized p_can() inter-process access control interface. Reviewed by: sef Notes: svn path=/head/; revision=69958
* - Change the allproc_lock to use a macro, ALLPROC_LOCK(how), insteadJake Burkholder2000-12-131-1/+4
| | | | | | | | | | | of explicit calls to lockmgr. Also provides macros for the flags pased to specify shared, exclusive or release which map to the lockmgr flags. This is so that the use of lockmgr can be easily replaced with optimized reader-writer locks. - Add some locking that I missed the first time. Notes: svn path=/head/; revision=69947
* Add a module version (so that linprocfs can properly depend on procfs)Dag-Erling Smørgrav2000-12-091-0/+1
| | | | Notes: svn path=/head/; revision=69798
* Protect p_stat with the sched_lock.John Baldwin2000-12-021-1/+18
| | | | | | | Reviewed by: jake Notes: svn path=/head/; revision=69507
* More paranoia against overflowsEivind Eklund2000-11-081-18/+45
| | | | Notes: svn path=/head/; revision=68505
* Fix overflow from jail hostname.Eivind Eklund2000-11-011-1/+1
| | | | | | | Bug found by: Esa Etelavuori <eetelavu@cc.hut.fi> Notes: svn path=/head/; revision=68199
* return correct type for process directory entries, DT_DIR not DT_REGAlfred Perlstein2000-10-051-1/+1
| | | | Notes: svn path=/head/; revision=66701
* Remove a comment that has been not only obsolete but patently wrong for theDag-Erling Smørgrav2000-09-041-8/+0
| | | | | | | last 31 revisions (almost three years). Notes: svn path=/head/; revision=65445
* o Simplify if/then clause equating ESRCH with ENOENT when hiding a processRobert Watson2000-09-011-5/+2
| | | | | | | Submitted by: des Notes: svn path=/head/; revision=65339
* o Make procfs use vaccess() for procfs_access() DAC and super-user checks,Robert Watson2000-09-011-28/+4
| | | | | | | | | | rather than implementing its own {uid,gid,other} checks against vnode mode. Similar change to linprocfs currently under review. Obtained from: TrustedBSD Project Notes: svn path=/head/; revision=65331
* o Centralize inter-process access control, introducing:Robert Watson2000-08-306-21/+38
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | int p_can(p1, p2, operation, privused) which allows specification of subject process, object process, inter-process operation, and an optional call-by-reference privused flag, allowing the caller to determine if privilege was required for the call to succeed. This allows jail, kern.ps_showallprocs and regular credential-based interaction checks to occur in one block of code. Possible operations are P_CAN_SEE, P_CAN_SCHED, P_CAN_KILL, and P_CAN_DEBUG. p_can currently breaks out as a wrapper to a series of static function checks in kern_prot, which should not be invoked directly. o Commented out capabilities entries are included for some checks. o Update most inter-process authorization to make use of p_can() instead of manual checks, PRISON_CHECK(), P_TRESPASS(), and kern.ps_showallprocs. o Modify suser{,_xxx} to use const arguments, as it no longer modifies process flags due to the disabling of ASU. o Modify some checks/errors in procfs so that ENOENT is returned instead of ESRCH, further improving concealment of processes that should not be visible to other processes. Also introduce new access checks to improve hiding of processes for procfs_lookup(), procfs_getattr(), procfs_readdir(). Correct a bug reported by bp concerning not handling the CREATE case in procfs_lookup(). Remove volatile flag in procfs that caused apparently spurious qualifier warnigns (approved by bde). o Add comment noting that ktrace() has not been updated, as its access control checks are different from ptrace(), whereas they should probably be the same. Further discussion should happen on this topic. Reviewed by: bde, green, phk, freebsd-security, others Approved by: bde Obtained from: TrustedBSD Project Notes: svn path=/head/; revision=65237
* Introduce vop_stdinactive() and make it the default if no vop_inactivePoul-Henning Kamp2000-08-181-24/+0
| | | | | | | | | is declared. Sort and prune a few vop_op[]. Notes: svn path=/head/; revision=64819
* Remove unneeded #include <sys/kernel.h>Poul-Henning Kamp2000-04-291-1/+0
| | | | Notes: svn path=/head/; revision=59760
* Move procfs_fullpath() to vfs_cache.c, with a rename to textvp_fullpath().Brian Feldman2000-04-263-99/+2
| | | | | | | | | | | | | There's no excuse to have code in synthetic filestores that allows direct references to the textvp anymore. Feature requested by: msmith Feature agreed to by: warner Move requested by: phk Move agreed to by: bde Notes: svn path=/head/; revision=59652
* Quiet an unused variable warning by commenting out a variable declarationBrian Feldman2000-04-221-1/+1
| | | | | | | that goes with a commented out statement. Notes: svn path=/head/; revision=59522
* There's no reason to make "file" 0500 rather than 0555.Brian Feldman2000-04-221-1/+3
| | | | Notes: svn path=/head/; revision=59482
* Welcome back our old friend from procfs, "file"!Brian Feldman2000-04-223-19/+155
| | | | Notes: svn path=/head/; revision=59481
* Change #ifdef KERNEL to #ifdef _KERNEL in the public headers. "KERNEL"Peter Wemm1999-12-291-2/+2
| | | | | | | | | is an application space macro and the applications are supposed to be free to use it as they please (but cannot). This is consistant with the other BSD's who made this change quite some time ago. More commits to come. Notes: svn path=/head/; revision=55206
* Fix typo "," vs ";"Peter Wemm1999-12-271-1/+1
| | | | | | | | PR: 15696 Submitted by: Takashi Okumura <taka@cs.pitt.edu> Notes: svn path=/head/; revision=55153
* Include vm/vm_extern.h to get at prototypesEivind Eklund1999-12-201-0/+1
| | | | Notes: svn path=/head/; revision=54908
* Second pass commit to introduce new ACL and Extended Attribute systemRobert Watson1999-12-191-0/+2
| | | | | | | | | | calls, vnops, vfsops, both in /kern, and to individual file systems that require a vfsop_ array entry. Reviewed by: eivind Notes: svn path=/head/; revision=54803
* Introduce NDFREE (and remove VOP_ABORTOP)Eivind Eklund1999-12-151-21/+0
| | | | Notes: svn path=/head/; revision=54655
* Don't simulate a pseudo address-space beyond VM_MAXUSER_ADDRESS thatPeter Wemm1999-12-111-40/+0
| | | | | | | | | | | | | | maps onto the upages. We used to use this extensively, particularly for ps and gdb. Both of these have been "fixed". ps gets the p_stats via eproc along with all the other stats, and gdb uses the regs, fpregs etc files. Once apon a time the UPAGES were mapped here, but that changed back in January '96. This essentially kills my revisions 1.16 and 1.17. The 2-page "hole" above the stack can be reclaimed now. Notes: svn path=/head/; revision=54424
* Remove unused #includes.Poul-Henning Kamp1999-12-086-6/+0
| | | | | | | Obtained from: http://bogon.freebsd.dk/include Notes: svn path=/head/; revision=54292
* Add a sysctl to control if argv is disclosed to the world:Poul-Henning Kamp1999-11-261-1/+1
| | | | | | | | | | kern.ps_argsopen It defaults to 1 which means that all users can see all argvs in ps(1). Reviewed by: Warner Notes: svn path=/head/; revision=53709
* Introduce the new functionPoul-Henning Kamp1999-11-217-20/+7
| | | | | | | | | | | | | | | | | p_trespass(struct proc *p1, struct proc *p2) which returns zero or an errno depending on the legality of p1 trespassing on p2. Replace kern_sig.c:CANSIGNAL() with call to p_trespass() and one extra signal related check. Replace procfs.h:CHECKIO() macros with calls to p_trespass(). Only show command lines to process which can trespass on the target process. Notes: svn path=/head/; revision=53518
* s/p_cred->pc_ucred/p_ucred/gPoul-Henning Kamp1999-11-212-2/+2
| | | | Notes: svn path=/head/; revision=53503
* A process should be able to examine itself.Sean Eric Fagan1999-11-201-2/+3
| | | | Notes: svn path=/head/; revision=53467
generated by cgit v1.3 (git 2.53.0) at 2026-03-11 19:00:22 +0000