[REVIEW/TEST] device liberation patches.

From: Poul-Henning Kamp (phk_at_phk.freebsd.dk)
Date: 02/27/05

  • Next message: Garance A Drosihn: "Re: Bug in #! processing - One More Time" 
    To: arch@freebsd.org, current@freebsd.org
Date: Sun, 27 Feb 2005 20:39:08 +0100

    This patch decouples entirely the userland and kernel concept of
    major+minor device number.

    Userland will see a copy of the devfs inode number and the kernel
    will see what it always saw.

    After this patch goes into -current in the middle of march, we can
    do away with the notion of major device numbers, and remove the 256
    limit on number of device drivers and get rid of the stupid hole
    in the minor number field and finally stand a chance to get the
    locking of devices (struct cdev) hammered into a sensible format.

    If anything breaks when running with this patch, a device major/minor
    is passed through some covert channel between userland to the kernel
    where it shouldn't be.

    Such channels very likely implement security risks in relation to
    jails/chroot, so they should be fixed properly and not just worked
    around.

    Poul-Henning

    Index: fs/devfs/devfs_devs.c
    ===================================================================
    RCS file: /home/ncvs/src/sys/fs/devfs/devfs_devs.c,v
    retrieving revision 1.33
    diff -u -r1.33 devfs_devs.c
    --- fs/devfs/devfs_devs.c 10 Feb 2005 12:22:17 -0000 1.33
    +++ fs/devfs/devfs_devs.c 27 Feb 2005 19:16:35 -0000
    @@ -424,3 +424,32 @@
             if (ino < devfs_nextino)
                     devfs_nextino = ino;
     }
    +
    +/*
    + * Helper sysctl for devname(3). We're given a struct cdev * and return
    + * the name, if any, registered by the device driver.
    + */
    +static int
    +sysctl_devname(SYSCTL_HANDLER_ARGS)
    +{
    + int error;
    + dev_t ud;
    + struct cdev *dev, **dp;
    +
    + error = SYSCTL_IN(req, &ud, sizeof (ud));
    + if (error)
    + return (error);
    + if (ud == NODEV)
    + return(EINVAL);
    + dp = devfs_itod(ud);
    + if (dp == NULL)
    + return(ENOENT);
    + dev = *dp;
    + if (dev == NULL)
    + return(ENOENT);
    + return(SYSCTL_OUT(req, dev->si_name, strlen(dev->si_name) + 1));
    + return (error);
    +}
    +
    +SYSCTL_PROC(_kern, OID_AUTO, devname, CTLTYPE_OPAQUE|CTLFLAG_RW|CTLFLAG_ANYBODY,
    + NULL, 0, sysctl_devname, "", "devname(3) handler");
    Index: fs/devfs/devfs_vnops.c
    ===================================================================
    RCS file: /home/ncvs/src/sys/fs/devfs/devfs_vnops.c,v
    retrieving revision 1.105
    diff -u -r1.105 devfs_vnops.c
    --- fs/devfs/devfs_vnops.c 22 Feb 2005 18:17:31 -0000 1.105
    +++ fs/devfs/devfs_vnops.c 27 Feb 2005 19:16:35 -0000
    @@ -441,7 +441,7 @@
                     vap->va_mtime = dev->si_mtime;
                     fix(dev->si_ctime);
                     vap->va_ctime = dev->si_ctime;
    - vap->va_rdev = dev->si_udev;
    + vap->va_rdev = de->de_inode;
             }
             vap->va_gen = 0;
             vap->va_flags = 0;
    Index: kern/kern_conf.c
    ===================================================================
    RCS file: /home/ncvs/src/sys/kern/kern_conf.c,v
    retrieving revision 1.172
    diff -u -r1.172 kern_conf.c
    --- kern/kern_conf.c 22 Feb 2005 15:51:07 -0000 1.172
    +++ kern/kern_conf.c 27 Feb 2005 19:16:35 -0000
    @@ -800,30 +800,3 @@
             free(cd, M_DEVBUF);
             *cdp = NULL;
     }
    -
    -/*
    - * Helper sysctl for devname(3). We're given a struct cdev * and return
    - * the name, if any, registered by the device driver.
    - */
    -static int
    -sysctl_devname(SYSCTL_HANDLER_ARGS)
    -{
    - int error;
    - dev_t ud;
    - struct cdev *dev;
    -
    - error = SYSCTL_IN(req, &ud, sizeof (ud));
    - if (error)
    - return (error);
    - if (ud == NODEV)
    - return(EINVAL);
    - dev = findcdev(ud);
    - if (dev == NULL)
    - error = ENOENT;
    - else
    - error = SYSCTL_OUT(req, dev->si_name, strlen(dev->si_name) + 1);
    - return (error);
    -}
    -
    -SYSCTL_PROC(_kern, OID_AUTO, devname, CTLTYPE_OPAQUE|CTLFLAG_RW|CTLFLAG_ANYBODY,
    - NULL, 0, sysctl_devname, "", "devname(3) handler"); 

    -- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
_______________________________________________
freebsd-arch@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-arch
To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org"
  • Next message: Garance A Drosihn: "Re: Bug in #! processing - One More Time"

    Relevant Pages

    • Re: Evaluation of High Precision Event Timer Driver for userland timer facility
      ... I wrote a patch to add following features into acpi_hpet timer driver ... than not, requires kernel privileges. ... Without userland access to the timekeeping hardware, ...
      (freebsd-current)
    • [REVIEW/TEST] device liberation patches.
      ... Userland will see a copy of the devfs inode number and the kernel ... After this patch goes into -current in the middle of march, ... diff -u -r1.105 devfs_vnops.c ...
      (freebsd-arch)
    • [REVIEW/TEST] device liberation patches.
      ... Userland will see a copy of the devfs inode number and the kernel ... After this patch goes into -current in the middle of march, ... diff -u -r1.105 devfs_vnops.c ...
      (freebsd-current)
    • Re: Toshiba Tecra S1 ACPI Patch
      ... You just compile the kernel with this patch, ... diff -Bru 2.6/drivers/acpi/events/evregion.c ... extern const struct acpi_predefined_names ...
      (comp.os.linux.portable)
    • Re: ggate fails on 6.2-RC.
      ... highlights a datatype problem between the kernel and userland, ... even with that patch, I can't get ggate to stay up. ...
      (freebsd-stable)