the allow command now takes an optional uid argument for the user
to be granted temporary god status on the fileserver for maintenance.
this was kenji okomotos idea, so thanks :)
remove wstatallow and writeallow flags. instead, we have global:
int allowed;
that contains the uid of the currently allowed user id or -1
if permission checking is globally disabled for the fileserver.
when zero, normal permission checking takes place.
added int isallowed(File*) function that returns non-zero when the
context is the console, or the allowed user. this is also used internally
by iaccess(), so all the extra code of in the callers of iaccess()
is gone now.
dont conflate allowed user with noauth flag and auto-allow on ream.
the installer already knows about noauth and allow flags so theres no
problem with bootstraping.
cinap_lenrek [Fri, 8 Aug 2014 21:28:47 +0000 (23:28 +0200)]
devmnt: fix potential race with mntflushfree(), remove mntstats, 0 vs nil cleanup
when mountmux() completes a request for another process, enforce odering
of the loads and stores to the request prior to writing q->done = 1
so mntflushfree() sees q->done != 0 only when the request has actually
completed. otherwise, the q->done = 1 store could have been reordered
before the load from q->z, reading from already freed request and causing
spurious wakeups.
the first Ureg* argument is passed to the note handler in the
RARG (BX) register, which was not loaded when returning to
userspace from syscall() thru forkret(). fix by returning thru
noteret() from syscall().
cinap_lenrek [Sat, 2 Aug 2014 00:30:19 +0000 (02:30 +0200)]
iostats: reimplement iostats as a 9p filter instead of duplicating exportfs
old iostats failed to work when builidng the kernel due to old bugs
that where already fixed in exportfs. instead of backporting the fixes,
reimplement iostats as a filter that sits between exportfs and the
process mount. from users perspective, theres no difference.
the result is much smaller and can handle everything that exportfs
can like /srv.
Xqdol() used to take quadratic time because of strcat(),
the code isnt really needed as list2str() aready does the
same thing in linear time without the strcat().
add estrdup() which uses emalloc() so allocation error are
catched.
move strdups() of name from callers into newvar().
avoid recursion of conclist(), and avoid copying of word
strings by providing Newword() function which doesnt copy
the word string.
pc64: preserve user extern registers R14 and R15 across syscalls, use Ureg.bp (RARG) for syscall number
the 6c compiler reserves R14 and R15 for extern register variables,
which is used by the kernel to hold the m and up pointers. until
now, the meaning of R14 and R15 was undefined for userspace and
extern register would not work as the kernel trashes R14 and R15
on syscalls. with this change, user extern registers R14 and R15
are zeroed on exec and otherwise preserved across syscalls. so
userspace *could* use them for per process variables like the
kernel does.
use Ureg.bp (RARG) for syscall number instead of Ureg.ax. this is
less confusing and mirrors the amd64 calling convention.
dont kill the calling process when demand load fails if fixfault()
is called from devproc. this happens when you delete the binary
of a running process and try to debug the process accessing uncached
pages thru /proc/$pid/mem file.
fixes to procctlmemio():
- fix missed unlock as txt2data() can error
- make sure the segment isnt freed by taking a reference (under p->seglock)
- access the page with segment locked (see comment)
- get rid of the segment stealer lock
other stuff:
- move txt2data() and data2txt() to segment.c
- add procpagecount() function
- make return type mcounseg() to ulong
instead of naming devices by ther dynamically assigned device address,
we hash device uniqueue fields from the device descriptor and produce
a 5 digit hex string that will identify the device across machines.
when there is a collision (less than 1% chance with 100 devices),
usbd will append the device address to the name to make it uniqueue
for this machine.
the hname is passed to drivers in the devid argument, which now has
the form addr:hname, where the colon and hname can be omited (for backwards
compatibility).
when the new behaviour isnt desired, nousbhname= environment variable
can be defined giving the old behaviour.
mischief [Thu, 26 Jun 2014 05:06:29 +0000 (22:06 -0700)]
upas/fs: disable imap mail fetch pipeline due to race
pipeline = 1 with a dovecot imap server causes FETCH and OK responses
get interleaved so some message bodies accidentally get merged together.
disabling it will make fetching mail over imap slower, but it works.