Hi,
I noticed build failure in _.amd64.FIRECRACKER when giving # make -j6 tinderbox TARGETS=amd64
--- kernel.full --- linking kernel.full ld: error: undefined symbol: memdesc_ccb >>> referenced by subr_bus_dma.c:466 (/usr/src/sys/kern/subr_bus_dma.c:466) >>> subr_bus_dma.o:(bus_dmamap_load_ccb) *** [kernel.full] Error code 1
ld: error: undefined symbol: arp_ifinit
this issue is fixed in latest code in a commit last week https://github.com/freebsd/freebsd-src/commit/5684c8783b64e33f0dab058126b36776adcc8e82
In D20967#934539, @bz wrote:
updated the variable declaration and scope considering NO-INET, NO-INET6, NO-IP.
In D20967#934400, @bz wrote:Someone should do (at least) an amd64 universe build for this to make sure the NO-INET NO-INET6 NO-IP (do we still have that) builds are surviving.
- ident GENERIC + include LINT-NOINET + include LINT-NOINET6 + include LINT-NOIP + ident MYKERNEL
Melifaro's point about avoiding parsing in the kernel is a good one. What do you think could be improved here?
Hi,
thanks for the comments.
I'll test my patch and wil apply the suggested changes in man page.
Thanks
In D20967#632260, @dch wrote:This appears to have been accepted but not merged - it would be great to have it get into 13.0 if there's still time
In D26243#587330, @asomers wrote:Isn't audit_nfsarg_vnode1 the problem? You already know the path when you call AUDIT_ARG_UPATH1_VP, right?
In D26243#587132, @mjg wrote:Audit support for regular lookup starts with AUDIT_ARG_UPATH1_VP/AUDIT_ARG_UPATH2_VP without any vnodes locked. Later on visited vnodes get added with AUDIT_ARG_VNODE1/AUDIT_ARG_VNODE2 which only performs VOP_GETATTR (i.e. does *NOT* resolve any paths). Your code should follow the same scheme.
As you can see path resolving routines can take vnode locks on their own (modulo the smr case). This means they can't be called with locked vnodes to begin with, as otherwise you risk violating global lock ordering and consequently deadlocking the kernel.
The VOP_ISLOCKED routine is not entirely legal to call if you don't hold the lock. The name is perhaps misleading, but it can only reliably tell you that you have an exclusive lock or that *SOMEONE* has a shared lock (and it may be you). Or to put it differently, if you don't have the vnode locked but someone else has it shared locked, you will get non-0 and that's how you get the panic. Regardless of this problem, adding the call reduces performance and most notably suggests a bug on its own.
So the question is why are you calling here with any vnodes locked.
I feel vfs_cache.c changes for making vn_fullpath_global work for optionally locked vnode are causing the trouble. Though I'm not sure what's the problem. I request Mateusz Guzik, @mjg to have a look at my vfs_cache.c changes. I would be grateful for your time.
I created a new review - D26243. Sorry for the trouble.
It was earlier being reviewed on D25869. But due to change of base revision, It was showing changes which were not mine. So, I created a new review here.
It looks like your most recent change rebased the base revision. That makes it very hard to see which changes are from you and which aren't. Could you please either un-rebase it or, if that's not possible, open a new review?
Regarding code duplication in vn_fullpath_dir_locked:
I modified vn_fullpath_dir(and removed vn_fullpath_dir_locked) for optionally locked vnode here in git commit: https://github.com/shivankgarg98/freebsd/commit/418c1c2a6de9989fe7a541f6111ee2c3f2786c7b
It works fine NFSv4=3 case but somehow breaks nfsrvd_open to result in an error.{and hence can't open/create a regular file from client}.
Using two completely separate functions reduces the scope of error. Also prevent any mutation to the current code path for not locked vnodes, while allowing it to work for locked vnodes.
follow-up on suggested changes.
removing unlocking/relocking implementation for vnode for auditing path, instead, define separate functions in vfs_cache.c for locked vnode as argument.
Thanks for all suggestions. I have incorporated them into my code. There is just a directory vnode unlocking/relocking issue not done yet.
follow up on changes suggested by asomers@
Please re-review it,
I updated the diff after removing the vnode_mount macro as suggested by Rick.
fix errors shown by mandoc -Tlint for mac_ipacl.4
fix the license and copyrights
Hi, @0mp thanks for the suggestion :).
I have a few doubts:
fix style issues
fix copyright issue
add #ifdef INET and #ifdef in INET6
fix indentation and style issues
add mac_ipacl entry in kernel conf and modules Makefile
Add copyright and license.
Add a man page for mac_ipacl
indentation and style changes,
moved subnet check code from rules_check to parser,
correct the diff file