This patch employs one solution to resolve two independent but related
issues. Both issues are the result of one fundamental aspect of the
way VM's memory mapping works: VM uses its cache to map in blocks for
memory-mapped file regions, and for blocks already in the VM cache, VM
does not go to the file system before mapping them in. To preserve
consistency between the FS and VM caches, VM relies on being informed
about all updates to file contents through the block cache. The two
issues are both the result of VM not being properly informed about
such updates:
1. Once a file system provides libminixfs with an inode association
(inode number + inode offset) for a disk block, this association
is not broken until a new inode association is provided for it.
If a block is freed and reallocated as a metadata (non-inode)
block, its old association is maintained, and may be supplied to
VM's secondary cache. Due to reuse of inodes, it is possible
that the same inode association becomes valid for an actual file
block again. In that case, when that new file is memory-mapped,
under certain circumstances, VM may end up using the metadata
block to satisfy a page fault on the file, due to the stale inode
association. The result is a corrupted memory mapping, with the
application seeing data other than the current file contents
mapped in at the file block.
2. When a hole is created in a file, the underlying block is freed
from the device, but VM is not informed of this update, and thus,
if VM's cache contains the block with its previous inode
association, this block will remain there. As a result, if an
application subsequently memory-maps the file, VM will map in the
old block at the position of the hole, rather than an all-zeroes
block. Thus, again, the result is a corrupted memory mapping.
This patch resolves both issues by making the file system inform the
minixfs library about blocks being freed, so that libminixfs can
break the inode association for that block, both in its own cache and
in the VM cache. Since libminixfs does not know whether VM has the
block in its cache or not, it makes a call to VM for each block being
freed. Thus, this change introduces more calls to VM, but it solves
the correctness issues at hand; optimizations may be introduced
later. On the upside, all freed blocks are now marked as clean,
which should result in fewer blocks being written back to the device,
and the blocks are removed from the caches entirely, which should
result in slightly better cache usage.
This patch is necessary but not sufficient to resolve the situation
with respect to memory mapping of file holes in general. Therefore,
this patch extends test 74 with a (rather particular but effective)
test for the first issue, but not yet with a test for the second one.
This fixes#90.
Change-Id: Iad8b134d2f88a884f15d3fc303e463280749c467
The new syslogd(8) does not create log files that do not already
exist, and thus, we adopt the NetBSD way of creating them.
Change-Id: Icd7fdba362726696df6a52dd55c049fd2bfcc2d3
The primary reason for the import is a likely GPL taint of the
original MINIX3 syslogd. As a result, this import may still
have some rough edges.
Change-Id: I5c8d26eca10fc2dd50ecc9eab44a1d483cf068a9
This patch adds support for Unix98 pseudo terminals, that is,
posix_openpt(3), grantpt(3), unlockpt(3), /dev/ptmx, and /dev/pts/.
The latter is implemented with a new pseudo file system, PTYFS.
In effect, this patch adds secure support for unprivileged pseudo
terminal allocation, allowing programs such as tmux(1) to be used by
non-root users as well. Test77 has been extended with new tests, and
no longer needs to run as root.
The new functionality is optional. To revert to the old behavior,
remove the "ptyfs" entry from /etc/fstab.
Technical nodes:
o The reason for not implementing the NetBSD /dev/ptm approach is that
implementing the corresponding ioctl (TIOCPTMGET) would require
adding a number of extremely hairy exceptions to VFS, including the
PTY driver having to create new file descriptors for its own device
nodes.
o PTYFS is required for Unix98 PTYs in order to avoid that the PTY
driver has to be aware of old-style PTY naming schemes and even has
to call chmod(2) on a disk-backed file system. PTY cannot be its
own PTYFS since a character driver may currently not also be a file
system. However, PTYFS may be subsumed into a DEVFS in the future.
o The Unix98 PTY behavior differs somewhat from NetBSD's, in that
slave nodes are created on ptyfs only upon the first call to
grantpt(3). This approach obviates the need to revoke access as
part of the grantpt(3) call.
o Shutting down PTY may leave slave nodes on PTYFS, but once PTY is
restarted, these leftover slave nodes will be removed before they
create a security risk. Unmounting PTYFS will make existing PTY
slaves permanently unavailable, and absence of PTYFS will block
allocation of new Unix98 PTYs until PTYFS is (re)mounted.
Change-Id: I822b43ba32707c8815fd0f7d5bb7a438f51421c1
Removes the following man pages:
* awk.1x -- for a version of awk we no longer have
* kermit.1x -- seems gone altogether
* macros.1x -- not useful for anyone anymore
Moves the following man pages:
* mined.1x -- Moved to minix/commands/mined/mined.1
and reformatted to use the mdoc macros instead of the
Minix macros so that it displays properly.
Removes /usr/man/man1x from the directory tree.
closes#44
Change-Id: I59b8bd54cf5cba6d188e51e99a92b36e90c275c1
Bochs has switched from port base 0x240 to 0x300 for its default
NE2000 ISA configuration, and QEMU is using the same settings.
Change-Id: Ide6cdb14321eb4324d0bf6d6314c5970b3493e95
The expected argument name would include the instance number, which
is not only redundant in many cases (FOOETHn_n=arg.., "n" being the
instance number) and conflicted with what netconf(8) does, but some
drivers need to be able to see the arguments for all instances of its
driver type--for example, dp8390 needs to know how many earlier
instances have been configured to use PCI.
Change-Id: I4830b823352722f554a032979464aba8b08fc166
This patch adds (very limited) support for memory-mapping pages on
file systems that are mounted on the special "none" device and that
do not implement PEEK support by themselves. This includes hgfs,
vbfs, and procfs.
The solution is implemented in libvtreefs, and consists of allocating
pages, filling them with content by calling the file system's READ
functionality, passing the pages to VM, and freeing them again. A new
VM flag is used to indicate that these pages should be mapped in only
once, and thus not cached beyond their single use. This prevents
stale data from getting mapped in without the involvement of the file
system, which would be problematic on file systems where file contents
may become outdated at any time. No VM caching means no sharing and
poor performance, but mmap no longer fails on these file systems.
Compared to a libc-based approach, this patch retains the on-demand
nature of mmap. Especially tail(1) is known to map in a large file
area only to use a small portion of it.
All file systems now need to be given permission for the SETCACHEPAGE
and CLEARCACHE calls to VM.
A very basic regression test is added to test74.
Change-Id: I17afc4cb97315b515cad1542521b98f293b6b559
With the import of Xorg, a proper separation between login-time and sub
shell-time of the environment setup is necessary.
Instead of re-developping this from scratch, I am taking the opportunity
to import the NetBSD default environment.
Change-Id: Ib6a8fbd9c2f407ccd59be57a52ef9df21c2c9ce7
- Adding missing fields for PCI device lookup
- Adding the domain (for now set to zero) as part of the slot name
Change-Id: Iebaf3b21f6ab5024738cbc1dea66d5ad3ada175d
We have to use SOCK_SEQPACKET instead of SOCK_STREAM for client/server
communication, because UDS does things with control messages that tmux
does not expect.
Change-Id: I3edb1875d61fb976cf6485c650f4fd4b82fa354c
/etc/profile enables by default tabcompletion, as well as emacs mode,
in order to keep the old MINIX ash behavior.
Note: The shell now refuses to source a script without a relative or
absolute path.
This means:
- '. myscript.sh' fails, while
- '. ./myscript.sh' succeeds
Change-Id: I0be89b0747bd005e4c05cadb937af86883627dc6
. add /sbin to tests $PATH for ping
. take disable file mmap item from default boot menu
. ask for feedback in motd
. fix ext2fs on arm (the memory alloced with STATICINIT is flaky on arm)
Change-Id: I7525207074d62abc47ed3891139f6ef7ef6025be
- This improves the user messages.
- This update the pkgsrc checkout rules to point to the new repository,
as well as the new work process we are introducing.
- This introduces rules for the MINIX sources, as we don't have the
space anymore to distribute them by default on the official ISO.
Change-Id: Id1867286bd15efc46bad1d906c1ca1b3a883b064
The bin user doesn't need an actual home folder to run the tests. As
such this account should not be used in 'su - bin'. To be noted that
'su bin' still works as expected, and allow to run the minix test set
as usual.
Change-Id: I21fd178bf3b7b28849f05ef24930b553094cc851
We used to have an account "ast" as a token to Andrew S. Tannebaum,
the creator of MINIX. The account was disable by default, with no
possible way to login.
It seems it generates more confusion than it is worth, so this removes it.
The default skeleton user profile is still stored into /etc/ast instead
of the usual /etc/skel.
Change-Id: I71818c0bb9580cdecfa9621f8693586fc48d17cb
This concerns all services, a.k.a drivers, filesystem drivers, network
(inet, lwip, uds) servers, and the system servers.
Change-Id: I626fd15c795e15af42df2d10d47fb4a703665d63
/bin/false is often used by PKGSRC packages which create unpriviledged
users as part of their install process.
This fixes the generation and installation of such packages.
Change-Id: Ie2a590c56c86dc40a61e3c08d14f5443ebe4f58c