From owner-freebsd-arch@FreeBSD.ORG  Sun Feb 27 19:39:10 2005
Return-Path: <owner-freebsd-arch@FreeBSD.ORG>
Delivered-To: freebsd-arch@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id B4D5C16A4D2; Sun, 27 Feb 2005 19:39:10 +0000 (GMT)
Received: from critter.freebsd.dk (f170.freebsd.dk [212.242.86.170])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id D0E6E43D6B; Sun, 27 Feb 2005 19:39:09 +0000 (GMT)
	(envelope-from phk@critter.freebsd.dk)
Received: from critter.freebsd.dk (localhost [127.0.0.1])
	by critter.freebsd.dk (8.13.1/8.13.1) with ESMTP id j1RJd8Jr040565;
	Sun, 27 Feb 2005 20:39:08 +0100 (CET)
	(envelope-from phk@critter.freebsd.dk)
To: arch@freebsd.org, current@freebsd.org
From: Poul-Henning Kamp <phk@phk.freebsd.dk>
Date: Sun, 27 Feb 2005 20:39:08 +0100
Message-ID: <40564.1109533148@critter.freebsd.dk>
Sender: phk@critter.freebsd.dk
Subject: [REVIEW/TEST] device liberation patches.
X-BeenThere: freebsd-arch@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussion related to FreeBSD architecture
	<freebsd-arch.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
	<mailto:freebsd-arch-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-arch>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Help: <mailto:freebsd-arch-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
	<mailto:freebsd-arch-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 27 Feb 2005 19:39:11 -0000


This patch decouples entirely the userland and kernel concept of
major+minor device number.

Userland will see a copy of the devfs inode number and the kernel
will see what it always saw.

After this patch goes into -current in the middle of march, we can
do away with the notion of major device numbers, and remove the 256
limit on number of device drivers and get rid of the stupid hole
in the minor number field and finally stand a chance to get the
locking of devices (struct cdev) hammered into a sensible format.

If anything breaks when running with this patch, a device major/minor
is passed through some covert channel between userland to the kernel
where it shouldn't be.

Such channels very likely implement security risks in relation to
jails/chroot, so they should be fixed properly and not just worked
around.

Poul-Henning

Index: fs/devfs/devfs_devs.c
===================================================================
RCS file: /home/ncvs/src/sys/fs/devfs/devfs_devs.c,v
retrieving revision 1.33
diff -u -r1.33 devfs_devs.c
--- fs/devfs/devfs_devs.c	10 Feb 2005 12:22:17 -0000	1.33
+++ fs/devfs/devfs_devs.c	27 Feb 2005 19:16:35 -0000
@@ -424,3 +424,32 @@
 	if (ino < devfs_nextino)
 		devfs_nextino = ino;
 }
+
+/*
+ * Helper sysctl for devname(3).  We're given a struct cdev * and return
+ * the name, if any, registered by the device driver.
+ */
+static int
+sysctl_devname(SYSCTL_HANDLER_ARGS)
+{
+	int error;
+	dev_t ud;
+	struct cdev *dev, **dp;
+
+	error = SYSCTL_IN(req, &ud, sizeof (ud));
+	if (error)
+		return (error);
+	if (ud == NODEV)
+		return(EINVAL);
+	dp = devfs_itod(ud);
+	if (dp == NULL)
+		return(ENOENT);
+	dev = *dp;
+	if (dev == NULL)
+		return(ENOENT);
+	return(SYSCTL_OUT(req, dev->si_name, strlen(dev->si_name) + 1));
+	return (error);
+}
+
+SYSCTL_PROC(_kern, OID_AUTO, devname, CTLTYPE_OPAQUE|CTLFLAG_RW|CTLFLAG_ANYBODY,
+	NULL, 0, sysctl_devname, "", "devname(3) handler");
Index: fs/devfs/devfs_vnops.c
===================================================================
RCS file: /home/ncvs/src/sys/fs/devfs/devfs_vnops.c,v
retrieving revision 1.105
diff -u -r1.105 devfs_vnops.c
--- fs/devfs/devfs_vnops.c	22 Feb 2005 18:17:31 -0000	1.105
+++ fs/devfs/devfs_vnops.c	27 Feb 2005 19:16:35 -0000
@@ -441,7 +441,7 @@
 		vap->va_mtime = dev->si_mtime;
 		fix(dev->si_ctime);
 		vap->va_ctime = dev->si_ctime;
-		vap->va_rdev = dev->si_udev;
+		vap->va_rdev = de->de_inode;
 	}
 	vap->va_gen = 0;
 	vap->va_flags = 0;
Index: kern/kern_conf.c
===================================================================
RCS file: /home/ncvs/src/sys/kern/kern_conf.c,v
retrieving revision 1.172
diff -u -r1.172 kern_conf.c
--- kern/kern_conf.c	22 Feb 2005 15:51:07 -0000	1.172
+++ kern/kern_conf.c	27 Feb 2005 19:16:35 -0000
@@ -800,30 +800,3 @@
 	free(cd, M_DEVBUF);
 	*cdp = NULL;
 }
-
-/*
- * Helper sysctl for devname(3).  We're given a struct cdev * and return
- * the name, if any, registered by the device driver.
- */
-static int
-sysctl_devname(SYSCTL_HANDLER_ARGS)
-{
-	int error;
-	dev_t ud;
-	struct cdev *dev;
-
-	error = SYSCTL_IN(req, &ud, sizeof (ud));
-	if (error)
-		return (error);
-	if (ud == NODEV)
-		return(EINVAL);
-	dev = findcdev(ud);
-	if (dev == NULL)
-		error = ENOENT;
-	else
-		error = SYSCTL_OUT(req, dev->si_name, strlen(dev->si_name) + 1);
-	return (error);
-}
-
-SYSCTL_PROC(_kern, OID_AUTO, devname, CTLTYPE_OPAQUE|CTLFLAG_RW|CTLFLAG_ANYBODY,
-	NULL, 0, sysctl_devname, "", "devname(3) handler");
-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.