Age | Commit message (Collapse) | Author |
|
- setup FIFOs for USER and GROUP if not existing
- only check for translators if file exists
- create the group if needed
|
|
Setup the translator:
echo HELLOWORLD > /hello && \
settrans -cga /hello $(realpath ~/Dev/hurd/trans/checkperms) --groupname=user
Create the FIFOs:
USER=root
GROUP=user
mkdir -p /run/$USER/request-permission
mkdir -p /run/$USER/grant-permission
mkfifo /run/$USER/request-permission/$GROUP
mkfifo /run/$USER/grant-permission/$GROUP
Setup the permission-granting program in a separate shell:
USER=root
GROUP=user
while true; do
PID="$(cat /run/$USER/request-permission/$GROUP)"
echo Process $PID tries to access file /hello but is not in the required group $GROUP.
ps-hurd -p $PID -aeux
if [[ "$(read -e -p 'Grant permission and add group "'$GROUP'" for 5 minutes? [y/N]> '; echo $REPLY)" == [Yy]* ]]; then
addauth -p $PID -g $GROUP
echo 0 > /run/$USER/grant-permission/$GROUP
(sleep 300 && rmauth -p $PID -g $GROUP 2>/dev/null) &
else
echo 1 > /run/$USER/grant-permission/$GROUP
fi
done
Access the translator as user without the required group and with the group:
su - user --shell /bin/bash -c 'cat /hello'
cat /hello & # accept the request in the permission granting program
|
|
as convenience for printing a backtrace without erroring out.
|
|
Message-Id: <20211228055114.173039-1-damien@zamaudio.com>
|
|
This disables the rump buffer cache and avoids any magic translation that
rump would do.
* rumpdisk/block-rump.c (translate_name): Use `/dev/r%sd' format instead of
`/dev/%sd'.
Message-Id: <20211226113857.150525-4-damien@zamaudio.com>
|
|
This ensures memory pages are allocated before written to.
Message-Id: <20211226113857.150525-6-damien@zamaudio.com>
|
|
This locks all memory in bootstrap processes so that
disk driver dependencies don't get swapped out.
Message-Id: <20211226113857.150525-5-damien@zamaudio.com>
|
|
This works around a faulty HAVE_REGISTER_T in rump so the rump.h
header can be included without errors.
Message-Id: <20211226113857.150525-2-damien@zamaudio.com>
|
|
* pci-arbiter/Makefile:
* Add device_map.c to sources
* pci-arbiter/device_map.c:
* pci-arbiter/device_map.h:
* New module for device mapping
* Relies on libpciaccess mapping methods
* pci-arbiter/func_files.c:
* io_region_file(): Use the new device mapping module
* pci-arbiter/netfs_impl.c:
* Implements netfs_get_filemap():
* Uses the device mapping module to map the region to the
arbiter space
* Calls the kernel RPC vm_region_create_proxy() to obtain the
memory object proxy
* Only region files are mapped for now
Message-Id: <20211219112647.11512-4-jlledom@mailfence.com>
|
|
* libnetfs/iostubs.c: implement io_map
Message-Id: <20211219112647.11512-3-jlledom@mailfence.com>
|
|
Provide the user with a new callback so they can implement file
mapping over file system nodes.
* libnetfs/netfs.h: Add prototype for netfs_get_filemap
* libnetfs/file-map.c: netfs_get_filemap definition
* libnetfs/Makefile: add file-map.c to sources
Message-Id: <20211224172132.15058-2-jlledom@mailfence.com>
|
|
comm was not recognized by Hurd's ps as a format spec, but is required by
POSIX to display the command name (like "exe", but without the full path).
|
|
* acpi/acpi.c (acpi_get_tables): Factorize code.
|
|
* acpi/acpi.c (acpi_get_num_tables): Do not ignore mmap failure.
|
|
* acpi/acpi.c (acpi_get_num_tables, acpi_get_tables): Munmap is not needed,
because when mmap_phys_acpi_header returns non-zero, no mmap is performed.
|
|
These were writing to an array and then never using it. Maybe they were
useful for debugging.
Message-Id: <87sfvtmn6r.fsf@autistici.org>
|
|
Listing /dev/vcs which is translated by /hurd/console gives the following:
$ ls /dev/vcs
ls: reading directory '/dev/vcs': Invalid argument
1 2 3 4 5 6
That error is probably harmless but annoying.
It is caused by netfs_get_dirents the last time it is called during
listing, because it calls mmap with size = 0.
* console/console.c (netfs_get_dirents): Do not call mmap when size is 0.
|
|
* libnetfs/netfs.h: Ditto.
|
|
* libdirmgt: Remove directory.
|
|
* libtreefs: Remove directory.
|
|
The dependency on libtirpc is already optional in the Makefiles, we do
not need to fail configure when it is missing.
* configure.ac: Do not fail when libtirpc is not available.
|
|
This reverts commit 517edb7fe7c614a683e18671afc52de8cabe8fdf.
It seems to be actually breaking access to the disk.
|
|
* rumpdisk/block-rump.c (rumpdisk_device_read): Memset the buffer
after allocating it.
|
|
This disables the rump buffer cache and avoids any magic translation that
rump would do.
* rumpdisk/block-rump.c (translate_name): Use `/dev/r%sd' format instead of
`/dev/%sd'.
|
|
Sun RPC is being phased out from glibc.
* configure.ac: Detect libtirpc.pc, subst libtirpc_CFLAGS and libtirpc_LIBS.
* config.make.in: Subst libtirpc_CFLAGS and libtirpc_LIBS.
* nfs/Makefile, nfsd/Makefile: Include libtirpc_CFLAGS and libtirpc_LIBS
* nfs/mount.c: Include <rpc/xdr.h>
* nfsd/main.c: Likewise.
* nfsd/ops.c: Likewise.
* nfsd/cache.c: Undef TRUE/FALSE after including rpc/ headers.
* nfsd/loop.c: Likewise.
|
|
* rumpdisk/block-rump.c (rumpdisk_device_read): Use
vm_allocate/vm_deallocate instead of mmap/munmap.
|
|
* rumpdisk/block-rump.c (rumpdisk_device_write): Call vm_deallocate
after writing the data.
|
|
* mach-defpager/main.c (main): After mlockall, report error from errno, not the value returned by mlockall.
|
|
recnum_t is 32bit while offsets are 64bit. We need to detect the
otherwise-silent truncation of the address. This happens here at 2TiB
for 512-byte sectors.
* libstore/device.c (dev_read, dev_write): Return EOVERFLOW on addresses
that are larger than what the device interface can handle.
|
|
glibc is removing its malloc hooks, but gnumach now has support for
mlockall, which we can just use instead of kalloc/kfree.
* mach-defpager/main.c (main): Call mlockall.
* mach-defpager/kalloc.c: Remove.
* mach-defpager/kalloc.h: Remove.
* mach-defpager/default_pager.c: Use malloc/free instead of
kalloc/kfree.
* mach-defpager/setup.c: Likewise.
|
|
Gnumach's 0650a4ee30e3 implements support for high bits being set in the
mask parameter of vm_map. This allowed to remove the rmh kludge in the
dynamic linker. Exec now can and should use the mask for excluding parts of
the memory layout.
|
|
disk_cache_block_is_ref calls hurd_ihash_find which is very expensive, so
better disable the checks from record_global_poke and record_indir_poke
unless building a debugging version.
|
|
|
|
libdiskfs' dosync goes through the cache to flush nodes to the disk.
We thus have to flush a node to the disk before removing it from the
cache in diskfs_try_dropping_softrefs.
|
|
When truncating a node with inline data, it's safer to really frob the inline
data, to make sure ext2fs does not wrongly interprete it as block numbers.
|
|
We may end up with an arbitrary series of bootstrap translators, which
can know about each other through devices, and thus do not need any
particular order except dependencies. The actual bootstrap order can
thus be arbitrary (provided it respects dependencies), so better not
hardcode it.
|
|
We do not actually want to shut everything down. For instance, we still have
to be able to start the acpi translator to perform the actual shutdown.
What we however have to do is syncing the disks.
|
|
machdev installs the trivfs translator, not the netfs translator,
and thus pci-arbiter would only show up as the pci device, not the pci
filesystem.
|
|
|
|
libdiskfs was passing its own proc port, thus confusing the fsys_init
call in rumpdisk.
|
|
|
|
In diskfs_set_translator we need to truncate the existing node before
allocating the block for the translator.
|
|
e2fsck does not like seeing both blocks for the symlink and for the
translation entry.
This fixes the disappearance of /dev/urandom.
|
|
Returning an error will deallocate the RPC references.
Reported-by: Sergey Bugaev <bugaevc@gmail.com>
|
|
The delayed copy actually needs write access.
|
|
This makes libmachdev follow the exec case, and make sure to be waiting
for all bootstrap processes by waiting for the FS process.
Message-Id: <20210711012042.77920-1-damien@zamaudio.com>
|
|
Fix several issues with reference counting in
rootdir_make_translated_node ():
* Grab an additional reference while still holding the lock.
* Give the node an additional reference for being pointed to
by the ops.
* Reference the existing node if we find it on the second try,
not only if we find it on the first try.
* Dereference, not just clean, the created node if it turns out
to be unneeded.
Fixes a crash with the following backtrace:
#2 0x010855c8 in __assert_fail_backtrace (
assertion=0x1051148 "! (r.hard == 1 && r.weak == 0) || !\"refcount detected use-after-free!\"",
file=0x1050cec "../../libshouldbeinlibc/refcount.h", line=170, function=0x1051220 <__PRETTY_FUNCTION__.3> "refcounts_ref")
at ../../libshouldbeinlibc/assert-backtrace.c:64
#3 0x01050358 in refcounts_ref (result=0x0, ref=0x15009a0) at ../../libshouldbeinlibc/refcount.h:170
#4 netfs_nref (np=0x15008f0) at ../../libnetfs/nref.c:26
#5 0x0804c9f4 in rootdir_make_translated_node (dir_hook=0x10001990, entry_hook=0x8055180 <__compound_literal.8>)
at ../../procfs/rootdir.c:674
#6 0x0804ace3 in procfs_dir_lookup (hook=0x10001c10, name=0x2857efc "mounts", np=0x2855d68) at ../../procfs/procfs_dir.c:88
#7 0x0804a410 in procfs_lookup (np=0x10001c40, name=0x2857efc "mounts", npp=0x2855d68) at ../../procfs/procfs.c:185
#8 0x0804cae5 in dircat_lookup (hook=0x10001d50, name=0x2857efc "mounts", np=0x2855d68) at ../../procfs/dircat.c:76
#9 0x0804a410 in procfs_lookup (np=0x10001d80, name=0x2857efc "mounts", npp=0x2855d68) at ../../procfs/procfs.c:185
#10 0x0804a96f in netfs_attempt_lookup (user=0x1401c60, dir=0x10001d80, name=0x2857efc "mounts", np=0x2855d68)
at ../../procfs/netfs.c:212
#11 0x0103fd5b in netfs_S_dir_lookup (dircred=<optimized out>, filename=<optimized out>, flags=<optimized out>,
mode=<optimized out>, do_retry=<optimized out>, retry_name=<optimized out>, retry_port=<optimized out>,
retry_port_type=<optimized out>) at ../../libnetfs/dir-lookup.c:175
Message-Id: <20210524154340.264885-2-bugaevc@gmail.com>
|
|
If no output width limit has been set explicitly, and we're not printing
to a tty, do not limit output width.
In particular, this fixes grepping ps output.
Message-Id: <20210518122150.1490468-1-bugaevc@gmail.com>
|
|
* utils/settrans.c (main): When file_set_translator fails, make the
just-started translator go away.
|
|
Clarify this in the documentation, and fix the storeio implementation.
Message-Id: <20210508153144.332832-2-bugaevc@gmail.com>
|