From owner-freebsd-arch Wed Nov 29 22:33:37 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp01.primenet.com (smtp01.primenet.com [206.165.6.131]) by hub.freebsd.org (Postfix) with ESMTP id 6E7C437B400 for ; Wed, 29 Nov 2000 22:33:34 -0800 (PST) Received: (from daemon@localhost) by smtp01.primenet.com (8.9.3/8.9.3) id XAA16956; Wed, 29 Nov 2000 23:32:19 -0700 (MST) Received: from usr08.primenet.com(206.165.6.208) via SMTP by smtp01.primenet.com, id smtpdAAAIdaigE; Wed Nov 29 23:27:07 2000 Received: (from tlambert@localhost) by usr08.primenet.com (8.8.5/8.8.5) id XAA06955; Wed, 29 Nov 2000 23:28:13 -0700 (MST) From: Terry Lambert Message-Id: <200011300628.XAA06955@usr08.primenet.com> Subject: Re: HEADSUP user struct ucred -> xucred (Was: Re: serious problem with mutexs and userland visibility?) To: bright@wintelcom.net (Alfred Perlstein) Date: Thu, 30 Nov 2000 06:28:12 +0000 (GMT) Cc: arch@FreeBSD.ORG In-Reply-To: <20001129174905.S8051@fw.wintelcom.net> from "Alfred Perlstein" at Nov 29, 2000 05:49:05 PM X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > I recently locked down struct ucred, not a big deal, basically just > > a mutex in each struct to protect the refcount. > > > > Unfortunetly struct ucred is used by some userland utils and > > sys/ucred is included in sys/mount.h as well as sys/user.h, this > > creates somewhat of a problem, forcing all users of sys/ucred.h to > > include sys/mutex.g. > > > > I have a patch here that sort of takes care of this problem, the > > problem is that I had to add sys/mutex.h includes to both sys/mount.h > > and sys/user.h, this doesn't make me very happy. > > After a short discussion it has been determined that there will be > a xucred exported to userland following the concention of xsocket > and the various other xfoo structs exported to the kernel. > > Struct ucred will no longer be visible outside the kernel. > > Any userland things using struct ucred will need to use xucred. > > This will be the convention used to resolve mutex (or other MD > fields) in kernel exported structures in the future. This is a really gross way to handle this. The ucred structure is used by a lot of user space programs. You should do what several UNIX vendors have already done, and implement a MUTEX() declaration macro that differes in user and kernel space, and forces an alignment; then when you copy out, copy out everything _BUT_ the mutex portion to the user space, and no user space source or object code will need to change. So: #ifdef _KERNEL #define MUTEX(x) mutex_t x; #define UREF(x,y) (void *)&((x)->y) #else #define MUTEX(x) /* user space = no mutex*/ #define UREF(x,y) (void *)(x) #endif struct foo { MUTEX(save_foo_from_bad_programmers) int normal_foo_item_1; char normal_foo_item_2; ... }; ... struct foo *foop; ... copyout( UREF(foop, normal_foo_item_1), user_space_foo); It is much better to not impact user space code at all. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message