From owner-freebsd-audit@FreeBSD.ORG Sat May 1 15:30:29 2004 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7BF9916A4CE; Sat, 1 May 2004 15:30:29 -0700 (PDT) Received: from melusine.cuivre.fr.eu.org (melusine.cuivre.fr.eu.org [82.225.155.84]) by mx1.FreeBSD.org (Postfix) with ESMTP id C4D2643D3F; Sat, 1 May 2004 15:30:28 -0700 (PDT) (envelope-from thomas@FreeBSD.ORG) Received: by melusine.cuivre.fr.eu.org (Postfix, from userid 1000) id 3EE9F2C3D0; Sun, 2 May 2004 00:30:31 +0200 (CEST) Date: Sun, 2 May 2004 00:30:31 +0200 From: Thomas Quinot To: current@freebsd.org, audit@freebsd.org, phk@freebsd.org, pb@freebsd.org Message-ID: <20040501223031.GA10624@melusine.cuivre.fr.eu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-message-flag: WARNING! Using Outlook can damage your computer. User-Agent: Mutt/1.5.6i Subject: Mounting root through devfs X-BeenThere: freebsd-audit@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Security Audit List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 May 2004 22:30:29 -0000 Hi all, The attached patch defines a new platform-independant kernel option, DEVFS_ROOTDEV, which allows devfs to be used by the kernel to look up the root filesystem. An interesting use of this option is to mount a root file system by FFS volume label (using GEOM_VOL), without needing to know what hardware identifier will be assigned to it. I have tested this patch successfully on a Soekris 4801 box mounting its root fs from a CompactFlash card. In such a situation, it is convenient to mount devices using volume names, because some flash media behave as ATA masters, and get identified as ad0, whereas others behave as slaves and are, of course, ad1. Review, testing and comments would be very much appreciated. If I understand the comment just above the definition of g_dev_clone, integration of this patch would allow removal of a questionable hack. Thanks, Thomas. Index: kern/vfs_mount.c =================================================================== RCS file: /home/ncvs/src/sys/kern/vfs_mount.c,v retrieving revision 1.125 diff -u -r1.125 vfs_mount.c --- kern/vfs_mount.c 5 Apr 2004 21:03:36 -0000 1.125 +++ kern/vfs_mount.c 1 May 2004 22:18:26 -0000 @@ -1446,19 +1446,65 @@ /* * Convert a given name to the dev_t of the disk-like device - * it refers to. + * it refers to. If DEVFS_ROOTDEV is defined, a temporary mount + * of devfs is performed, and a lookup is done therein. */ dev_t getdiskbyname(char *name) { - char *cp; - dev_t dev; + char *cp = name; + dev_t dev = NODEV; + +#ifdef DEVFS_ROOTDEV + struct thread *td = curthread; + struct vfsconf *vfsp; + struct mount *mp = NULL; + struct vnode *vroot = NULL; + struct nameidata nid; + int error; +#endif - cp = name; if (!bcmp(cp, "/dev/", 5)) cp += 5; - dev = NODEV; +#ifdef DEVFS_ROOTDEV + for (vfsp = vfsconf; vfsp; vfsp = vfsp->vfc_next) + if (!strcmp(vfsp->vfc_name, "devfs")) + break; + if (vfsp == NULL) + goto devfs_rootdev_cleanup; + error = vfs_mount_alloc(NULLVP, vfsp, "/dev", td, &mp); + if (error) + goto devfs_rootdev_cleanup; + mp->mnt_flag |= MNT_RDONLY; + + error = VFS_NMOUNT(mp, NULL, curthread); + if (error) + goto devfs_rootdev_cleanup; + VFS_START(mp, 0, td); + VFS_ROOT(mp, &vroot); + VOP_UNLOCK(vroot, 0, td); + + NDINIT(&nid, LOOKUP, NOCACHE|FOLLOW, UIO_SYSSPACE, cp, curthread); + nid.ni_startdir = vroot; + nid.ni_pathlen = strlen(cp); + nid.ni_cnd.cn_nameptr = cp; + + error = lookup(&nid); + if (error) + goto devfs_rootdev_cleanup; + dev = vn_todev (nid.ni_vp); + NDFREE(&nid, 0); + +devfs_rootdev_cleanup: + if (vroot != NULL) { + VFS_UNMOUNT(mp, 0, td); + } + if (mp != NULL) { + vfs_mount_destroy(mp, td); + } +#else EVENTHANDLER_INVOKE(dev_clone, cp, strlen(cp), &dev); +#endif return (dev); } Index: conf/options =================================================================== RCS file: /home/ncvs/src/sys/conf/options,v retrieving revision 1.446 diff -u -r1.446 options --- conf/options 30 Apr 2004 21:16:51 -0000 1.446 +++ conf/options 1 May 2004 22:03:58 -0000 @@ -543,6 +543,7 @@ INIT_PATH opt_init_path.h ROOTDEVNAME opt_rootdevname.h +DEVFS_ROOTDEV opt_rootdevname.h FDC_DEBUG opt_fdc.h PCFCLOCK_VERBOSE opt_pcfclock.h Index: conf/NOTES =================================================================== RCS file: /home/ncvs/src/sys/conf/NOTES,v retrieving revision 1.1223 diff -u -r1.1223 NOTES --- conf/NOTES 30 Apr 2004 21:16:51 -0000 1.1223 +++ conf/NOTES 1 May 2004 22:05:11 -0000 @@ -136,6 +136,11 @@ # options ROOTDEVNAME=\"ufs:da0s2e\" +# +# The kernel can use the devfs information provided by driver to loo +# up the root device name, if this option is set. +options DEVFS_ROOTDEV + ##################################################################### # Scheduler options: -- Thomas.Quinot@Cuivre.FR.EU.ORG From owner-freebsd-audit@FreeBSD.ORG Sat May 1 23:55:40 2004 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7317116A4CE; Sat, 1 May 2004 23:55:40 -0700 (PDT) Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.86.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id A0E4943D49; Sat, 1 May 2004 23:55:39 -0700 (PDT) (envelope-from phk@phk.freebsd.dk) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.12.11/8.12.11) with ESMTP id i426tcmV030609; Sun, 2 May 2004 08:55:38 +0200 (CEST) (envelope-from phk@phk.freebsd.dk) To: Thomas Quinot From: "Poul-Henning Kamp" In-Reply-To: Your message of "Sun, 02 May 2004 00:30:31 +0200." <20040501223031.GA10624@melusine.cuivre.fr.eu.org> Date: Sun, 02 May 2004 08:55:38 +0200 Message-ID: <30608.1083480938@critter.freebsd.dk> cc: pb@FreeBSD.ORG cc: current@FreeBSD.ORG cc: audit@FreeBSD.ORG Subject: Re: Mounting root through devfs X-BeenThere: freebsd-audit@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Security Audit List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 May 2004 06:55:40 -0000 In message <20040501223031.GA10624@melusine.cuivre.fr.eu.org>, Thomas Quinot writes: >Review, testing and comments would be very much appreciated. > >If I understand the comment just above the definition of g_dev_clone, >integration of this patch would allow removal of a questionable hack. yes, this looks a fair bit but less but not quite not questionable than the current root-mounting hack :-) I'll try to look over this later in the week when I have a moment. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.