svn commit: r295970 - stable/10/sys/fs/nullfs

2016-02-24 Thread Konstantin Belousov 
Author: kib
Date: Wed Feb 24 13:48:40 2016
New Revision: 295970
URL: https://svnweb.freebsd.org/changeset/base/295970

Log:
  MFC r295717:
  After nullfs rmdir operation, reclaim the directory vnode which was
  unlinked.  Otherwise the vnode stays cached, causing leak.  This is
  similar to r292961 for regular files.
  
  Approved by:  re (marius)

Modified:
  stable/10/sys/fs/nullfs/null_vnops.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/sys/fs/nullfs/null_vnops.c
==
--- stable/10/sys/fs/nullfs/null_vnops.cWed Feb 24 13:16:03 2016
(r295969)
+++ stable/10/sys/fs/nullfs/null_vnops.cWed Feb 24 13:48:40 2016
(r295970)
@@ -619,6 +619,14 @@ null_rename(struct vop_rename_args *ap)
return (null_bypass((struct vop_generic_args *)ap));
 }
 
+static int
+null_rmdir(struct vop_rmdir_args *ap)
+{
+
+   VTONULL(ap->a_vp)->null_flags |= NULLV_DROP;
+   return (null_bypass(&ap->a_gen));
+}
+
 /*
  * We need to process our own vnode lock and then clear the
  * interlock flag as it applies only to our vnode, not the
@@ -920,6 +928,7 @@ struct vop_vector null_vnodeops = {
.vop_reclaim =  null_reclaim,
.vop_remove =   null_remove,
.vop_rename =   null_rename,
+   .vop_rmdir =null_rmdir,
.vop_setattr =  null_setattr,
.vop_strategy = VOP_EOPNOTSUPP,
.vop_unlock =   null_unlock,
___
svn-src-stable-10@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-stable-10
To unsubscribe, send any mail to "svn-src-stable-10-unsubscr...@freebsd.org"

svn commit: r296010 - stable/10/usr.bin/truss

2016-02-24 Thread John Baldwin 
Author: jhb
Date: Wed Feb 24 22:01:45 2016
New Revision: 296010
URL: https://svnweb.freebsd.org/changeset/base/296010

Log:
  MFC 295636,295637:
  Fix issues with tracing Linux/i386 binaries.
  
  295636:
  Sign extend the error value for failing Linux/i386 system calls.  This
  restores the mapping of Linux errors to native FreeBSD errno values after
  the refactoring in r288424.
  
  295637:
  Correct the ABI name for Linux/i386 binaries under FreeBSD/i386.
  
  This allows truss to work for these binaries again after r288424.
  
  Approved by:  re (marius)

Modified:
  stable/10/usr.bin/truss/amd64-linux32.c
  stable/10/usr.bin/truss/i386-linux.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/usr.bin/truss/amd64-linux32.c
==
--- stable/10/usr.bin/truss/amd64-linux32.c Wed Feb 24 22:00:35 2016
(r296009)
+++ stable/10/usr.bin/truss/amd64-linux32.c Wed Feb 24 22:01:45 2016
(r296010)
@@ -116,6 +116,8 @@ amd64_linux32_fetch_retval(struct trussi
retval[0] = regs.r_rax & 0x;
retval[1] = regs.r_rdx & 0x;
*errorp = !!(regs.r_rflags & PSL_C);
+   if (*errorp)
+   retval[0] = (int)retval[0];
 
if (*errorp) {
for (i = 0; i < nitems(bsd_to_linux_errno); i++) {

Modified: stable/10/usr.bin/truss/i386-linux.c
==
--- stable/10/usr.bin/truss/i386-linux.cWed Feb 24 22:00:35 2016
(r296009)
+++ stable/10/usr.bin/truss/i386-linux.cWed Feb 24 22:01:45 2016
(r296010)
@@ -130,7 +130,7 @@ i386_linux_fetch_retval(struct trussinfo
 }
 
 static struct procabi i386_linux = {
-   "Linux ELF32",
+   "Linux ELF",
linux_syscallnames,
nitems(linux_syscallnames),
i386_linux_fetch_args,
___
svn-src-stable-10@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-stable-10
To unsubscribe, send any mail to "svn-src-stable-10-unsubscr...@freebsd.org"

svn commit: r296015 - in stable/10: share/man/man4 sys/dev/filemon sys/modules/filemon

2016-02-24 Thread Bryan Drewery 
Author: bdrewery
Date: Wed Feb 24 22:30:22 2016
New Revision: 296015
URL: https://svnweb.freebsd.org/changeset/base/296015

Log:
  MFC r294933,r294949,r294952,r294953,r294957,r294965,r294967,r294968,r295017,
  r295026,r295027,r295029,r295030,r295649:
  
r294933:
  Drop any previous fd when setting a new one.
r294949:
  filemon_ioctl: Handle error from devfs_get_cdevpriv(9).
r294952:
  filemon_ioctl: Lock the associated filemon handle before writing to it.
r294953:
  filemon_comment has nothing to do with wrappers so move it out of
  filemon_wrapper.c.
r294957:
  filemon_dtr: Lock the associated filemon handle before writing to it.
r294965:
  filemon: Use process_exit EVENTHANDLER to capture process exit.
r294967:
  filemon: Trace fork via process_fork event.
r294968:
  Follow-up r294967: Mark flags unused.
r295017:
  filemon: Use process_exec EVENTHANDLER to capture sys_execve.
r295026:
  filemon_open: Don't record a process to trace here.
r295027:
  filemon: Track the process pointer rather than a pid.
r295029:
  Document the purpose and non-purpose of filemon(4).
r295030:
  Note the double fork behavior with filemon.
r295649:
  filemon: Fix panic when fork1() is called from kproc_create().
  
  Approved by:  re (marius)

Modified:
  stable/10/share/man/man4/filemon.4
  stable/10/sys/dev/filemon/filemon.c
  stable/10/sys/dev/filemon/filemon_wrapper.c
  stable/10/sys/modules/filemon/Makefile
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/share/man/man4/filemon.4
==
--- stable/10/share/man/man4/filemon.4  Wed Feb 24 22:27:25 2016
(r296014)
+++ stable/10/share/man/man4/filemon.4  Wed Feb 24 22:30:22 2016
(r296015)
@@ -31,7 +31,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd June 14, 2013
+.Dd January 28, 2016
 .Dt FILEMON 4
 .Os
 .Sh NAME
@@ -49,6 +49,18 @@ responds to two
 .Xr ioctl 2
 calls.
 .Pp
+.Nm
+is not intended to be a security auditing tool.
+Many syscalls are not tracked and binaries of foreign ABI will not be fully
+audited.
+It is intended for auditing of processes for the purpose of determining its
+dependencies in an efficient and easily parsable format.
+An example of this is
+.Xr make 1
+which uses this module with
+.Sy .MAKE.MODE=meta
+to handle incremental builds more smartly.
+.Pp
 System calls are denoted using the following single letters:
 .Pp
 .Bl -tag -width indent -compact
@@ -172,3 +184,12 @@ A
 .Nm
 device appeared in
 .Fx 9.1 .
+.Sh BUGS
+Loading
+.Nm
+may reduce system performance for the noted syscalls.
+.Pp
+Only children of the set process are logged.
+Processes can escape being traced by double forking.
+This is not seen as a problem as the intended use is build monitoring, which
+does not make sense to have daemons for.

Modified: stable/10/sys/dev/filemon/filemon.c
==
--- stable/10/sys/dev/filemon/filemon.c Wed Feb 24 22:27:25 2016
(r296014)
+++ stable/10/sys/dev/filemon/filemon.c Wed Feb 24 22:30:22 2016
(r296015)
@@ -89,7 +89,7 @@ struct filemon {
TAILQ_ENTRY(filemon) link;  /* Link into the in-use list. */
struct sx   lock;   /* Lock mutex for this filemon. */
struct file *fp;/* Output file pointer. */
-   pid_t   pid;/* The process ID being monitored. */
+   struct proc *p; /* The process being monitored. */
charfname1[MAXPATHLEN]; /* Temporary filename buffer. */
charfname2[MAXPATHLEN]; /* Temporary filename buffer. */
charmsgbufr[1024];  /* Output message buffer. */
@@ -105,26 +105,45 @@ static struct cdev *filemon_dev;
 #include "filemon_wrapper.c"
 
 static void
+filemon_comment(struct filemon *filemon)
+{
+   int len;
+   struct timeval now;
+
+   getmicrotime(&now);
+
+   len = snprintf(filemon->msgbufr, sizeof(filemon->msgbufr),
+   "# filemon version %d\n# Target pid %d\n# Start %ju.%06ju\nV %d\n",
+   FILEMON_VERSION, curproc->p_pid, (uintmax_t)now.tv_sec,
+   (uintmax_t)now.tv_usec, FILEMON_VERSION);
+
+   filemon_output(filemon, filemon->msgbufr, len);
+}
+
+static void
 filemon_dtr(void *data)
 {
struct filemon *filemon = data;
 
if (filemon != NULL) {
-   struct file *fp = filemon->fp;
+   struct file *fp;
 
-   /* Get exclusive write access. */
+   /* Follow same locking order as filemon_pid_check. */
filemon_lock_write();
+   filemon_filemon_lock(filemon);
 
/* Remove from the in-use list. */
TAILQ_REMOVE(&filemons_inuse, filemon, link);
 
+   fp = filemon->fp;
filemon->fp = NULL;
-