| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
https://git.savannah.gnu.org/cgit/hurd/gnumach.git/commit/?id=5447f965f1e109f7ac9aeb91c0e3906969a4adb8
provides more context.
Message-Id: <ZBFkAXCYcj27UXRo@mars.tail36e24.ts.net>
|
| |
|
|
|
| |
Also add -Werror=old-style-definition to enforce new code.
Message-Id: <ZBZ+8xf7GHy2RT/h@jupiter.tail36e24.ts.net>
|
| | |
|
| |
|
|
|
|
|
| |
In case the new task notification gets late, the task may have terminated
already, and thus a dead name gets provided in the notification. We should
just ignore this, otherwise the task hashing would get collisions on all
such dead tasks ports.
|
| |
|
|
|
| |
The error handling code would already deallocate them, thus leading to
duplicate deallocation, spurious destroy, and later on port mixup.
|
| |
|
|
|
| |
In case the task dies very early and thus the notification arrives very
early.
|
| |
|
|
| |
For coherency with the existing RPCs
|
| |
|
|
| |
And add proc_complete_reauthentication ()
|
| |
|
|
|
|
|
|
|
|
| |
Now that it's completely unused.
procinfo.owner is now simply set to the first UID that a process has.
proc_setowner () is kept for compatibility, but now does nothing.
The clients still try to call it, though, for compatibility with older
proc server versions.
|
| |
|
|
|
| |
This is a new RPC to atomically change the UIDs of a process, recreate its
process port, and reassign a different task to it.
|
| |
|
|
|
| |
If the allocation failed, we want to leave the p_ids pointer as it was, and
properly propagate the error code.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The previous scheme was to check that PROC1 has the UID that is designated
as PROC2's "owner". This is extremely problematic for several reasons,
including:
* The UIDs and the owner of a process are set separately and can easily get out
of sync. While S_proc_setowner () checks that the new owner is among the UIDs
that the process has, this invariant is violated after the process is given a
new set of UIDs with S_proc_reauthenticate (). In particular, this happens
during execution of a SUID binary: the process is reauthenticated to a
different set of UIDs first, and its owner is udpated later, if at all.
* In the Hurd, a process can have multiple UIDs. Having to designate just one
of them as the owner means the other UIDs get ignored for the purpose of
permission checking. One particularly problematic case is a SUID process that
temporarily lowers its effective UID: glibc sets the first effective UID as
the process owner, giving just about anyone access to the task.
Resolve this by ignoring the owner for the purpose of permission checking, and
relying solely on the authenticated UIDs. Roughly speaking, PROC1 can get
complete access to PROC2 if the UIDs PROC1 has form a superset of the UIDs that
PROC2 has; in other words, the access is only allowed when it would not result
in PROC1 getting access to UIDs it doesn't have already. Of course, root is
still allowed to access any process.
In particular, this means that:
* a process can access another process if they have the same auth;
* a process that has "more auth" can access one that has "less auth", but not
the other way around;
* a SUID-root process that has lowered its effective UIDs can only be accessed
by root.
Another important point here is that the UIDs in question are both effective
and available UIDs that a process has. Normally, available UIDs are ignored for
the purpose of permission checking (and that is their whole point). However,
POSIX description of kill(2) has the following clause:
> For a process to have permission to send a signal to a process designated by
> pid, unless the sending process has appropriate privileges, the real or
> effective user ID of the sending process shall match the real or saved
> set-user-ID of the receiving process.
Which I read as saying that the real (i.e. available) UID(s) of PROC1 should be
used for evaluating whether kill(2) can succeed, not only its effective UID(s).
|
| |
|
|
|
| |
This is in preparation for using the UID's to evaluate permissions
in a different way.
|
| |
|
|
| |
We can simply override proc_dead_name () to handle dead-name notifications.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
mach_port_destroy () is a dangerous API that has to be used with extreme care.
Namely, it destroys not one user reference, but *all* user references that a
task has for a port name. Different parts of a program may all keep separate
references on a port without coordinating it with each other (which is the
whole idea behind reference counting). If one part of a program decides to
destroy a port with mach_port_destroy () without informing others, others may
still believe they hold a reference and will continue to use the name as if it
still refered to the now-destroyed port right. This consitutes a port
use-after-free, even if their use is also deallocating their reference.
In the particular case of the proc server, this manifested itself as
S_proc_reassign () destroying all user references to the task port right before
the task port right is deallocated again in the dead-name notification handler.
|
| |
|
|
| |
Reported-by: Etienne Brateau <etienne.brateau@gmail.com>
|
| |
|
|
|
| |
This follows mig's cf4bcc3f1435 ("Also add const qualifiers on server
side")
|
| |
|
|
| |
No actual behavior change.
|
| |
|
|
| |
* proc/wait.c (WNOWAIT): Define if not already defined.
|
| |
|
|
| |
* proc/wait.c (S_proc_mark_cont): Set p_status to __W_CONTINUED.
|
| |
|
|
|
| |
* proc/wait.c (S_proc_waitid): When options contains WNOWAIT, do not set
p_waited or complete child death.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
proc_wait assumes that the caller always wants WEXITED, but waitid()
does not. The new proc_waitid RPC requires the caller to specify at
least one of WEXITED, WSTOPPED, or WCONTINUED.
* hurd/process.defs (proc_waitid): New RPC.
* hurd/process_reply.defs (proc_waitid): New RPC.
* hurd/process_request.defs (proc_waitid): New RPC.
* proc/proc.h (struct proc): Add p_continued field.
* proc/wait.c (WCONTINUED, WEXITED): Define if not already defined.
(S_proc_wait): Rename implementation to S_proc_waitid, and modify to
stop assuming WEXITED. Add support for WCONTINUED.
(S_proc_wait): Reimplement by just calling S_proc_waitid with an
additional WEXITED.
(proc_mark_stop): Clear p_continued.
(proc_mark_cont): Set p_continued, clear p_waited, wake any waiting
parent.
|
| |
|
|
|
| |
* proc/wait.c (S_proc_mark_cont): When parent has not set nostopcld,
send a SIGCHLD with CLD_CONTINUED.
|
| |
|
|
|
|
|
|
| |
* proc/stubs.c (send_signal): Add a sigcode argument.
* proc/proc.h (send_signal): Declare the sigcode argument.
* proc/pgrp.c (leave_pgrp): Specify a null sigcode.
* proc/wait.c (alert_parent): Use CLD_EXITED for SIGCHLD on exit.
(S_proc_mark_stop): Use CLD_STOPPED for SIGCHLD on stop.
|
| |
|
|
|
| |
* proc/stubs.c (send_signal): Add missing warning in union inside
mach_msg_header_t.
|
| |
|
|
|
|
|
|
|
|
| |
* doc/hurd.texi: Index pthread.h instead of cthreads.h
* libports/Makefile (SRCS): Drop stubs.c.
* libports/stubs.c: Remove file.
* mach-defpager/default_pager.c (default_pager): Drop disabled cthreads
calls.
* pfinet/kmem_cache.c: Fix comment.
* proc/stubs.c: Fix comments.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
which will be the default in gcc-10.
* acpi/acpifs.h (fs, acpifs_maptime): Add extern qualifier.
* boot/private.h (verbose): Likewise.
* eth-multiplexer/netfs_impl.h (multiplexer_maptime): Likewise.
* eth-multiplexer/vdev.h (port_bucket, vdev_portclass): Likewise.
* exec/priv.h (port_bucket, execboot_portclass): Likewise.
* ext2fs/ext2fs.h (sblock, sblock_dirty, block_size, log2_block_size,
log2_dev_blocks_per_fs_block, log2_stat_blocks_per_fs_block,
zeroblock, frag_size, frags_per_block, inodes_per_block,
itb_per_group, db_per_group, desc_per_block, addr_per_block,
groups_count, node_to_page_lock, generation_lock, next_generation,
group_desc_image, global_pokel, modified_global_blocks,
use_xattr_translator_records): Likewise.
* hostmux/hostmux.h (hostmux_maptime): Likewise.
* isofs/isofs.h (host_name, mounted_on, disk_image, disk_image_len,
logical_block_size, sblock): Likewise.
* libdiskfs/diskfs.h (diskfs_shortcut_symlink, diskfs_shortcut_chrdev,
diskfs_shortcut_blkdev, diskfs_shortcut_fifo, diskfs_shortcut_ifsock,
diskfs_create_symlink_hook, diskfs_read_symlink_hook): Likewise.
* libnetfs/callbacks.h (_netfs_translator_callback1,
_netfs_translator_callback2): Likewise.
* libnetfs/priv.h (netfs_mtime): Likewise.
* libpager/priv.h (_pager_class): Likewise.
* libtrivfs/trivfs.h (trivfs_check_access_hook, trivfs_check_open_hook,
trivfs_open_hook, trivfs_protid_create_hook, trivfs_peropen_create_hook,
trivfs_protid_destroy_hook, trivfs_peropen_destroy_hook,
trivfs_getroot_hook): Likewise.
* lwip/lwip-hurd.h (lwip_bucket, socketport_class, addrport_class,
shutdown_notify_class, lwip_protid_portclasses, lwip_cntl_portclasses,
lwip_bootstrap_portclass, fsys_identity, lwipcntl, lwip_owner,
lwip_group): Likewise.
* lwip/port/include/netif/hurdtunif.h (tunnel_cntlclass, tunnel_class):
Likewise.
* nfs/nfs.h (main_udp_socket, hostname, mapped_time): Likewise.
* nfsd/nfsd.h (mapped_time, authserver): Likewise.
* pci-arbiter/pcifs.h (fs, pcifs_maptime): Likewise.
* pci-arbiter/startup.h (pci_shutdown_notify_class,
arrange_shutdown_notification): Likewise.
* pfinet/pfinet.h (pfinet_bucket, addrport_class, socketport_class,
fsys_identity, pfinetctl, pfinet_owner, pfinet_group): Likewise.
* pflocal/sserver.h (sock_port_bucket): Likewise.
* proc/proc.h (authserver, self_proc, init_proc, startup_proc, proc_bucket,
proc_class, generic_port_class, exc_class, generic_port, kernel_proc,
global_lock): Likewise.
* term/term.h (termstate, termflags, global_lock, carrier_alert,
select_alert, pty_select_alert, term_bucket, tty_cntl_class,
tty_class, cttyid_class, pty_class, pty_cntl_class, termctl, ptyctl,
inputq, rawq, outputq, remote_input_mode, external_processing,
term_owner, term_group, term_mode, bottom): Likewise.
* usermux/usermux.h (usermux_maptime): Likewise.
* utils/msgids.h (msgid_argp): Likewise.
* libdiskfs/priv.h (_diskfs_mtime): Remove definition.
* lwip/options.h (lwip_argp): Add prototype.
* mach-defpager/priv.h (partitions): Name structure.
(all_partitions): Add extern qualifier.
* acpi/main.c (acpifs_maptime, fs): New variables.
* exec/main.c (port_bucket, execboot_portclass): Likewise.
* ext2fs/ext2fs.c (sblock, sblock_dirty, block_size, log2_block_size,
log2_dev_blocks_per_fs_block, log2_stat_blocks_per_fs_block,
frag_size, frags_per_block, inodes_per_block, itb_per_group,
db_per_group, desc_per_block, addr_per_block, groups_count,
next_generation, group_desc_image, global_pokel,
use_xattr_translator_records): Likewise.
* isofs/main.c (host_name, mounted_on, logical_block_size, sblock):
Likewise.
* libpager/pager-create.c (_pager_class): Likewise.
* lwip/port/netif/hurdtunif.c (tunnel_cntlclass, tunnel_class):
Likewise.
* mach-defpager/default_pager.c (all_partitions): Likewise.
* nfs/main.c (main_udp_socket, hostname, mapped_time): Likewise.
* nfsd/main.c (mapped_time, authserver): Likewise.
* pci-arbiter/main.c (fs, pcifs_maptime): Likewise.
* pci-arbiter/startup.c (*pci_shutdown_notify_class): Likewise.
* pfinet/main.c (pfinetctl, pfinet_owner, pfinet_group, pfinet_bucket,
addrport_class, socketport_class, fsys_identity): Likewise.
* proc/main.c (authserver, self_proc, init_proc, startup_proc,
proc_bucket, proc_class, generic_port_class, exc_class, generic_port,
kernel_proc, global_lock): Likewise.
* term/main.c (termstate, termflags, global_lock, carrier_alert,
select_alert, pty_select_alert, term_bucket, tty_cntl_class,
tty_class, cttyid_class, pty_class, pty_cntl_class, termctl, ptyctl,
outputq, remote_input_mode, external_processing, term_owner,
term_group, term_mode, bottom): Likewise.
* usermux/usermux.c (usermux_mapped_time): Rename to usermux_maptime.
* lwip/main.c: Include "options.h".
(lwip_argp, netif_list): Remove declarations.
(lwip_bucket, socketport_class, addrport_class, shutdown_notify_class,
lwip_cntl_portclasses, lwip_bootstrap_portclass, lwip_owner, lwip_group,
fsys_identity, lwipcntl): New variables.
* eth-multiplexer/multiplexer.c (multiplexer_maptime): Add variable.
* hostmux/hostmux.c (hostmux_mapped_time): Rename variable to hostmux_maptime
* libdiskfs/extra-version.c: Rename file to...
* libdiskfs/priv.c: ... new file.
(diskfs_shortcut_symlink, diskfs_shortcut_chrdev,
diskfs_shortcut_blkdev, diskfs_shortcut_fifo, diskfs_shortcut_ifsock,
diskfs_create_symlink_hook, diskfs_read_symlink_hook): Add weak
variables.
* libdiskfs/Makefile (OTHERSRCS): Replace extra-version.c with priv.c.
* libtrivfs/priv.c: New file.
* libtrivfs/Makefile (OTHERSRCS): Add priv.c
* libcons/extra-version.c: Rename file to...
* libcons/priv.c: ... new file.
* libcons/Makefile (SRCS): Replace extra-version.c with priv.c.
Fix build with #
|
| |
|
|
|
| |
* proc/info.c (S_proc_getprocinfo): Only set last_processor field when
err == 0.
|
| |
|
|
| |
proc/info.c (S_proc_getprocinfo): Fix filling last_processor member.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Read last_processor (new member) from thread_info structures, and fill stat
structure with this.
* configure.ac: Check whether thread_sched_info structure includes
`last_processor' member.
* proc/info.c (S_proc_getprocinfo)
[HAVE_STRUCT_THREAD_SCHED_INFO_LAST_PROCESSOR]: Set `last_processor' field.
* procfs/process.c (process_file_gc_stat)
[HAVE_STRUCT_THREAD_SCHED_INFO_LAST_PROCESSOR]: Set last processor proc
field to `thsi->last_processor'.
[!HAVE_STRUCT_THREAD_SCHED_INFO_LAST_PROCESSOR]: Set last processor proc
field to 0.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* boot/boot.c: Replace char* with data_t.
* console-client/trans.c: Likewise.
* exec/exec.c: Likewise.
* ext2fs/storeinfo.c: Likewise.
* fatfs/inode.c: Likewise.
* fatfs/main.c: Likewise.
* isofs/inode.c: Likewise.
* libdiskfs/boot-start.c: Likewise.
* libdiskfs/dir-readdir.c: Likewise.
* libdiskfs/file-exec.c: Likewise.
* libdiskfs/file-get-fs-opts.c: Likewise.
* libdiskfs/file-get-trans.c: Likewise.
* libdiskfs/file-getfh.c: Likewise.
* libdiskfs/file-set-trans.c: Likewise.
* libdiskfs/fsys-forward.c: Likewise.
* libdiskfs/fsys-getfile.c: Likewise.
* libdiskfs/fsys-options.c: Likewise.
* libdiskfs/io-read.c: Likewise.
* libdiskfs/io-write.c: Likewise.
* libnetfs/dir-readdir.c: Likewise.
* libnetfs/file-exec.c: Likewise.
* libnetfs/file-get-fs-options.c: Likewise.
* libnetfs/file-get-storage-info.c: Likewise.
* libnetfs/file-get-translator.c: Likewise.
* libnetfs/file-set-translator.c: Likewise.
* libnetfs/fsstubs.c: Likewise.
* libnetfs/fsys-get-options.c: Likewise.
* libnetfs/fsys-set-options.c: Likewise.
* libnetfs/fsysstubs.c: Likewise.
* libnetfs/io-read.c: Likewise.
* libnetfs/io-write.c: Likewise.
* libtrivfs/dir-readdir.c: Likewise.
* libtrivfs/file-get-fs-options.c: Likewise.
* libtrivfs/file-get-storage-info.c: Likewise.
* libtrivfs/file-get-trans.c: Likewise.
* libtrivfs/file-getfh.c: Likewise.
* libtrivfs/file-set-trans.c: Likewise.
* libtrivfs/fsys-forward.c: Likewise.
* libtrivfs/fsys-get-options.c: Likewise.
* libtrivfs/fsys-set-options.c: Likewise.
* libtrivfs/fsys-stubs.c: Likewise.
* libtrivfs/io-read.c: Likewise.
* libtrivfs/io-write.c: Likewise.
* pfinet/io-ops.c: Likewise.
* pfinet/pfinet-ops.c: Likewise.
* pfinet/socket-ops.c: Likewise.
* pfinet/tunnel.c: Likewise.
* pflocal/io.c: Likewise.
* pflocal/pf.c: Likewise.
* pflocal/socket.c: Likewise.
* proc/info.c: Likewise.
* startup/startup.c: Likewise.
* storeio/io.c: Likewise.
* term/users.c: Likewise.
* tmpfs/node.c: Likewise.
* trans/crash.c: Likewise.
* trans/fakeroot.c: Likewise.
* trans/fifo.c: Likewise.
* trans/firmlink.c: Likewise.
* trans/hello-mt.c: Likewise.
* trans/hello.c: Likewise.
* trans/mtab.c: Likewise.
* trans/new-fifo.c: Likewise.
* trans/null.c: Likewise.
* trans/proxy-defpager.c: Likewise.
* trans/streamio.c: Likewise.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* libdiskfs/boot-start.c (diskfs_start_bootstrap): Fix printf format.
* libfshelp/delegate.c: Include <alloca.h> and <stdlib.h>.
* libfshelp/start-translator-long.c: Include <stdlib.h>.
* libshouldbeinlibc/ugids-verify-auth.c (server_verify_make_auth): Fix
prototypes for password_check_group and password_check_user.
* libstore/argp.c: Include <stdlib.h>.
* libstore/task.c: Include <stdlib.h>.
* exec/exec.c: Include <mach/vm_param.h>.
* libbpf/bpf_impl.c: Include <stdlib.h>.
* proc/info.c (S_proc_getloginpids): Remove local variables leader_task
and leader_sub.
* proc/main.c (main): Remove local variable original_argv.
* boot/boot.c (task_died, S_mach_notify_new_task): Fix printf format.
* exec/elfcore.c: Include <alloca.h> and <mach/vm_param.h>.
* trans/crash.c: Include <hurd/msg.h>.
* trans/random.c: Include <signal.h>.
* utils/login.c: Include <signal.h>.
* utils/id.c: Include <hurd/msg.h>.
* utils/devprobe.c: Include <stdlib.h>.
* utils/addauth.c: Include <hurd/msg.h>.
* utils/frobauth-mod.c: Include <hurd/msg.h>.
* utils/storeread.c: Include <stdlib.h>.
* utils/msgport.c: Include <hurd/msg.h>.
* sutils/clookup.c (file_name_lookup_carefully): Fix lookup function
prototype, make head and tail const.
* utils/rpcscan.c: Include <stdlib.h>.
* sutils/bless.c: Include <stdlib.h>.
* fstests/fstests.c: Include <stdlib.h>.
* startup/startup.c (argz_task_insert_right): Fix printf format.
* init/init.c: Include <stdlib.h>.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
by adding proc_set/get_exe to the proc server, making
exec call proc_set_exe, and libps call proc_get_exe. procfs can then just
retrieve the information to make the "exe" symlink.
* hurd/process.defs (proc_set_exe, proc_get_exe): New RPCs.
* hurd/process_request.defs: Likewise.
* hurd/process_reply.defs: Add skips for proc_set_exe and proc_get_exe RPCs.
* proc/proc.h (struct proc): Add `exe' field.
* proc/info.c (S_proc_set_exe, S_proc_get_exe): New functions.
* proc/mgt.c (process_has_exited): Free p->exe.
(S_proc_child): Duplicate parent `exe' into child's `exe'.
* exec/exec.c (do_exec): Call proc_set_exe when a filename is available.
* libps/ps.h (struct proc_stat): Add `exe_vm_alloced', `exe', and `exe_len'
field.
(PSTAT_EXE): New macro.
(PSTAT_USER_BASE): Change value to make room.
(proc_stat_exe, proc_stat_exe_len): New macros.
* libps/procstat.c (proc_stat_set_flags): Handle PSTAT_EXE case by calling
proc_get_exe.
* libps/spec.c (ps_get_exe): New function.
(ps_exe_getter): New structure.
(ps_fmt_spec): Add "Exe" specification.
* procfs/process.c (process_file_symlink_make_node, process_file_gc_exe): New
functions.
(procfs_dir_entry): Add "exe" entry.
* startup/startup.c (launch_core_servers): Set exe paths for startup, auth,
proc, and fs servers.
(frob_kernel_process): Set exe path for kernel task.
(S_startup_essential_task): Set exe path for exec server.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* hurd/process.defs (proc_set_entry, proc_get_entry): New RPCs.
* hurd/process_reply.defs: Add skips for proc_set_entry, proc_get_entry.
* hurd/process_request.defs: Likewise.
* exec/exec.c (do_exec): Call proc_set_entry.
* proc/proc.h (proc): Add p_entry field.
* proc/mgt.c (S_proc_set_entry, S_proc_get_entry): New RPC
implementations.
* exec/elfcore.c (dump_core): Add at_entry note, call proc_get_entry to
get it, and write it with WRITE_NOTE.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
free (NULL) is a nop, therefore it is not necessary to check that
first. Simplify the code accordingly. This commit is the result of
the following semantic patch:
@@
identifier X;
@@
-if (X) free (X);
+free (X);
* console-client/console.c: Simplify accordingly.
* console-client/driver.c: Likewise.
* console-client/vga.c: Likewise.
* ftpfs/dir.c: Likewise.
* libftpconn/unix.c: Likewise.
* libps/fmt.c: Likewise.
* libps/proclist.c: Likewise.
* libstore/mvol.c: Likewise.
* nfs/ops.c: Likewise.
* proc/host.c: Likewise.
* sutils/fstab.c: Likewise.
|
| |
|
|
|
| |
Our variants print stack traces on failures. This will make locating
errors much easier.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, the early server bootstrap relied upon a specific task
layout to determine the kernels task port. Explicitly pass it from
the kernel instead.
* boot/boot.c (default_boot_script): Add '--kernel-task' parameter to
ext2fs.
(main): New bootscript variable 'kernel-task'.
* libdiskfs/boot-start.c (diskfs_kernel_task): Declaration variable.
(diskfs_start_bootstrap): If '--kernel-task' was given to us, pass it
along to startup.
* libdiskfs/opts-std-startup.c (diskfs_kernel_task): New variable.
(startup_options): Add '--kernel-task' option.
(parse_startup_opt): Handle option.
* proc/main.c (kernel_task): New variable.
(OPT_KERNEL_TASK): New macro.
(options): New variable.
(parse_opt): New function.
(main): Parse options. Use 'kernel_task' if provided.
* release/servers.boot: Add '--kernel-task' parameter to ext2fs.
* startup/startup.c (OPT_KERNEL_TASK): New macro.
(options): Add '--kernel-task' option.
(kernel_task): New variable.
(insert_ports_fnc_t): New declaration.
(run): Add argument for a function that inserts rights into the newly
created task and adds arguments to the argument vector.
(argz_task_insert_right): New function.
(proc_insert_ports): Likewise.
(parse_opt): New function.
(main): Pass the kernel's task port to proc.
(frob_kernel_process): Use the kernel's task port.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, a Subhurd's tasks were shown as weird processes in the
Motherhurd. This change connects the proc server in the Motherhurd
with the proc server in the Subhurd, embedding the Subhurd's process
hierarchy. Subhurd's processes can now be inspected and debugged like
any other process.
* NEWS: Update.
* boot/boot.c (mach_msg_forward): New function.
(boot_demuxer): Forward messages arriving on the new task notification
port from the proc server, and forward them to the proc server inside
the Subhurd via the notification port.
* proc/info.c (S_proc_task2proc): Relay request for processes in a task
namespace to the Subhurd's proc server.
(S_proc_pid2proc): Likewise.
(S_proc_getprocargs): Likewise.
(S_proc_getprocenv): Likewise.
(S_proc_getprocinfo): Likewise. Translate PIDs.
(S_proc_getloginid): Likewise.
(S_proc_getloginpids): Likewise.
* proc/mgt.c (namespace_is_subprocess): New function.
(namespace_translate_pids): Likewise.
* proc/msg.c (S_proc_getmsgport): Relay request for processes in a task
namespace to the Subhurd's proc server.
* proc/pgrp.c (S_proc_getsid): Likewise. Translate PIDs.
(S_proc_getsessionpids): Likewise.
(S_proc_getsessionpgids): Likewise.
(S_proc_getpgrppids): Likewise.
* proc/proc.h (namespace_is_subprocess): New prototype.
(namespace_translate_pids): Likewise.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, the RPC definitions of two procedures of the process
subsystem assume that the rights are created from a receive right.
Similarly, 'proc_getmsgport' assumes that the right is to be copied.
This needlessly limits the ability to relay the RPC in server code.
This fixes this. The protocol is unchanged, only the generated server
stubs assume an additional parameter for the type.
* hurd/process.defs (proc_getmsgport): Make 'msgport' parameter
polymorphic.
(proc_task2proc): Make 'proc' parameter polymorphic.
(proc_pid2proc): Likewise.
* hurd/process_reply.defs (proc_getmsgport): Likewise.
(proc_task2proc_reply): Likewise.
(proc_pid2proc_reply): Likewise.
* proc/info.c (S_proc_task2proc): Adapt server function.
(S_proc_pid2proc): Likewise.
* proc/msg.c (S_proc_getmsgport): Likewise.
|
| |
|
|
|
|
| |
* proc/mgt.c (namespace_find_root): New function.
(process_has_exited): Use new function.
* proc/proc.h (namespace_find_root): New declaration.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, there was a spurious copy of PID 1 in the process table,
usually PID 8. PID 1, usually a sysvinit compatible process, needs to
be PID 1 even though it is not actually the first process on the Hurd.
To this end, PID 1 is reserved, and the task is later supplied to proc
via proc_set_init_task once startup starts sysvinit.
Fixes 8d16db0cc28b2d911aee918d5c3582ad29ddfeed.
* proc/mgt.c (S_proc_set_init_task): Check if sysvinit's task already
made it into the process table, and remove it if so.
|
| |
|
|
|
|
|
| |
* proc/main.c (main): Initialize 'kernel_proc' and use it to register
for new-task notifications.
* proc/mgt.c (S_mach_notify_new_task): Adapt receiver check.
* proc/proc.h (kernel_proc): New variable.
|
| |
|
|
|
|
|
|
| |
This way, we can print diagnostics earlier.
* proc/main.c (open_console): New function.
(main): Call the new function as soon as we have the master device
port.
|
| |
|
|
|
|
| |
* boot/boot.c (S_mach_notify_new_task): The send rights are now indeed
moved to the target task, adjust accordingly.
* proc/mgt.c (S_mach_notify_new_task): Likewise.
|
| |
|
|
|
|
| |
* proc/mgt.c (S_mach_notify_new_task): Fix receiver handling, fix port
leak.
* proc/mig-mutate.h: Mutate the task notification protocol.
|
| |
|
|
|
|
|
| |
* libports/manage-multithread.c (adjust_priorities): Avoid displaying
error messages if we do not have the privileged processor set port by
treating this error condition like EPERM.
* proc/main.c (increase_priority, main): Likewise.
|
| |
|
|
|
| |
* proc/mgt.c (S_proc_mark_important): Fix checking whether the
receiver is a child of startup.
|
| |
|
|
|
|
|
|
| |
* proc/main.c: Fix references to the startup server in code and
comments.
* proc/mgt.c: Likewise.
* proc/msg.c: Likewise.
* proc/proc.h: Likewise.
|
| |
|
|
|
|
| |
* boot/boot.c (S_io_reauthenticate): Keep calling auth_server_authenticate
while it returns EINTR.
* proc/mgt.c (S_proc_reauthenticate): Likewise.
|
