This patch decouples entirely the userland and kernel concept of major+minor device number. Userland will see a copy of the devfs inode number and the kernel will see what it always saw. After this patch goes into -current in the middle of march, we can do away with the notion of major device numbers, and remove the 256 limit on number of device drivers and get rid of the stupid hole in the minor number field and finally stand a chance to get the locking of devices (struct cdev) hammered into a sensible format. If anything breaks when running with this patch, a device major/minor is passed through some covert channel between userland to the kernel where it shouldn't be. Such channels very likely implement security risks in relation to jails/chroot, so they should be fixed properly and not just worked around. Poul-Henning Index: fs/devfs/devfs_devs.c =================================================================== RCS file: /home/ncvs/src/sys/fs/devfs/devfs_devs.c,v retrieving revision 1.33 diff -u -r1.33 devfs_devs.c --- fs/devfs/devfs_devs.c 10 Feb 2005 12:22:17 -0000 1.33 +++ fs/devfs/devfs_devs.c 27 Feb 2005 19:16:35 -0000 _at__at_ -424,3 +424,32 _at__at_ if (ino < devfs_nextino) devfs_nextino = ino; } + +/* + * Helper sysctl for devname(3). We're given a struct cdev * and return + * the name, if any, registered by the device driver. + */ +static int +sysctl_devname(SYSCTL_HANDLER_ARGS) +{ + int error; + dev_t ud; + struct cdev *dev, **dp; + + error = SYSCTL_IN(req, &ud, sizeof (ud)); + if (error) + return (error); + if (ud == NODEV) + return(EINVAL); + dp = devfs_itod(ud); + if (dp == NULL) + return(ENOENT); + dev = *dp; + if (dev == NULL) + return(ENOENT); + return(SYSCTL_OUT(req, dev->si_name, strlen(dev->si_name) + 1)); + return (error); +} + +SYSCTL_PROC(_kern, OID_AUTO, devname, CTLTYPE_OPAQUE|CTLFLAG_RW|CTLFLAG_ANYBODY, + NULL, 0, sysctl_devname, "", "devname(3) handler"); Index: fs/devfs/devfs_vnops.c =================================================================== RCS file: /home/ncvs/src/sys/fs/devfs/devfs_vnops.c,v retrieving revision 1.105 diff -u -r1.105 devfs_vnops.c --- fs/devfs/devfs_vnops.c 22 Feb 2005 18:17:31 -0000 1.105 +++ fs/devfs/devfs_vnops.c 27 Feb 2005 19:16:35 -0000 _at__at_ -441,7 +441,7 _at__at_ vap->va_mtime = dev->si_mtime; fix(dev->si_ctime); vap->va_ctime = dev->si_ctime; - vap->va_rdev = dev->si_udev; + vap->va_rdev = de->de_inode; } vap->va_gen = 0; vap->va_flags = 0; Index: kern/kern_conf.c =================================================================== RCS file: /home/ncvs/src/sys/kern/kern_conf.c,v retrieving revision 1.172 diff -u -r1.172 kern_conf.c --- kern/kern_conf.c 22 Feb 2005 15:51:07 -0000 1.172 +++ kern/kern_conf.c 27 Feb 2005 19:16:35 -0000 _at__at_ -800,30 +800,3 _at__at_ free(cd, M_DEVBUF); *cdp = NULL; } - -/* - * Helper sysctl for devname(3). We're given a struct cdev * and return - * the name, if any, registered by the device driver. - */ -static int -sysctl_devname(SYSCTL_HANDLER_ARGS) -{ - int error; - dev_t ud; - struct cdev *dev; - - error = SYSCTL_IN(req, &ud, sizeof (ud)); - if (error) - return (error); - if (ud == NODEV) - return(EINVAL); - dev = findcdev(ud); - if (dev == NULL) - error = ENOENT; - else - error = SYSCTL_OUT(req, dev->si_name, strlen(dev->si_name) + 1); - return (error); -} - -SYSCTL_PROC(_kern, OID_AUTO, devname, CTLTYPE_OPAQUE|CTLFLAG_RW|CTLFLAG_ANYBODY, - NULL, 0, sysctl_devname, "", "devname(3) handler"); -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk_at_FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.Received on Sun Feb 27 2005 - 18:39:10 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:29 UTC