Home | History | Annotate | Download | only in kern
History log of /src/sys/kern/vfs_lockf.c
RevisionDateAuthorComments
 1.83  07-Dec-2024  riastradh vfs(9): Sprinkle SET_ERROR dtrace probes.

PR kern/58378: Kernel error code origination lacks dtrace probes
 1.82  07-Dec-2024  riastradh vfs(9): Sprinkle KNF.

No functional change intended.
 1.81  23-Sep-2023  ad branches: 1.81.6;
Repply this change with a couple of bugs fixed:

- Do away with separate pool_cache for some kernel objects that have no special
requirements and use the general purpose allocator instead. On one of my
test systems this makes for a small (~1%) but repeatable reduction in system
time during builds presumably because it decreases the kernel's cache /
memory bandwidth footprint a little.
- vfs_lockf: cache a pointer to the uidinfo and put mutex in the data segment.
 1.80  12-Sep-2023  ad Back out recent change to replace pool_cache with then general allocator.
Will return to this when I have time again.
 1.79  10-Sep-2023  ad - Do away with separate pool_cache for some kernel objects that have no special
requirements and use the general purpose allocator instead. On one of my
test systems this makes for a small (~1%) but repeatable reduction in system
time during builds presumably because it decreases the kernel's cache /
memory bandwidth footprint a little.
- vfs_lockf: cache a pointer to the uidinfo and put mutex in the data segment.
 1.78  25-Nov-2022  riastradh kern/vfs_lockf.c: Parenthesize to make arithmetic match check.

We verified start + (fl->fl_len - 1) would not overflow, but then
computed (start + fl->fl_len) - 1 instead, and it is possible for
start + fl->fl_len to overflow before we subtract 1.

Reported-by: syzbot+762480b00cb14085f63a@syzkaller.appspotmail.com
https://syzkaller.appspot.com/bug?id=d69313b2460a12715315f9f5f74fbe44b8bc38ba
 1.77  03-Aug-2022  riastradh kern/vfs_lockf.c: Fix overflow in overflow detection.

Reported-by: syzbot+cda9440741a1516747c8@syzkaller.appspotmail.com
https://syzkaller.appspot.com/bug?id=030eb71324790093d467799263cd0789e5097229
 1.76  01-Jul-2022  riastradh vfs(9): Avoid arithmetic overflow in lf_advlock.

syzbot+897abbbe59467cbf6e98@syzkaller.appspotmail.com
 1.75  16-Apr-2022  andvar fix various typos in comments and log messages.
 1.74  27-Jul-2021  manu Tie the maximum file lock per unprivilegied uid to kern.maxfiles

This makes the limit simple to raise at run time. While there, document
that fcntl(2) and flock(2) may return ENOMEM when this limit is reached.
 1.73  31-Jan-2011  dholland branches: 1.73.60; 1.73.72;
Fix build with LOCKF_DEBUG on LP64 platforms; from Alexander Nasonov
in PR 44490.
 1.72  05-Aug-2009  dsl branches: 1.72.4; 1.72.6; 1.72.8;
lockf() passes its arguments through to fcntl() but is supposed to
support -ve lengths (lock area before current offset).
Nothing in libc or the kernel allowed for this, so some random part
of the file would get locked (no idea which bits).
Although this could probably be fixed in libc, the stubs for posix file
locks for emulations could easily get into the kernel with -ve lengths.
So fixing in the kernel avoids those problems.
This also fixes PR/41620 (attempting to lock negative offsets) - which
is what I was looking into!
 1.71  10-Jun-2009  yamt don't make F_GETLK or the common case of F_UNLCK fail for per-user limit.
 1.70  10-Jun-2009  yamt lf_split: cv_destroy a condvar before clobbering it.
 1.69  11-Oct-2008  pooka branches: 1.69.4; 1.69.8; 1.69.10;
Move uidinfo to its own module in kern_uidinfo.c and include in rump.
No functional change to uidinfo.
 1.68  11-Aug-2008  yamt lf_setlock: g/c dead code.
 1.67  07-Aug-2008  skrll memcpy'ing a sleepq (TAILQ) doesn't work.

Re-init the condvar after memcpy'ing so that the TAILQ is valid.

regress/sys/kern/lockf now completes rather than failing in cv_wait_sig
with KASSERT(cv_has_waiters()).
 1.66  01-Aug-2008  skrll Improve the debug output ever so slightly.
 1.65  28-May-2008  ad branches: 1.65.4;
PR kern/38355 lockf deadlock detection is broken after vmlocking

- Fix it; tested with Sun's libMicro.
- Use pool_cache.
- Use a global lock, so the deadlock detection code is safer.
 1.64  24-Apr-2008  ad branches: 1.64.2; 1.64.4;
Merge proc::p_mutex and proc::p_smutex into a single adaptive mutex, since
we no longer need to guard against access from hardware interrupt handlers.

Additionally, if cloning a process with CLONE_SIGHAND, arrange to have the
child process share the parent's lock so that signal state may be kept in
sync. Partially addresses PR kern/37437.
 1.63  18-Mar-2008  mrg branches: 1.63.2;
need <sys/atomic.h> now.
 1.62  17-Mar-2008  rmind - Replace uihashtbl_lock and struct uidinfo::ui_lock with atomic operations.
This make uid_find(), chgproccnt(), chgsbsize() and lf_alloc(), lf_free()
functions lock-less.
- Increase the size of uihashtbl in case of MP system, as suggested by <ad>.
- Add HASH_SLIST type for hashinit().

Reviewed by <ad>.
 1.61  02-Jan-2008  ad branches: 1.61.2; 1.61.6;
Merge vmlocking2 to head.
 1.60  09-Jul-2007  ad branches: 1.60.8; 1.60.14; 1.60.16; 1.60.20;
Merge some of the less invasive changes from the vmlocking branch:

- kthread, callout, devsw API changes
- select()/poll() improvements
- miscellaneous MT safety improvements
 1.59  12-Mar-2007  ad branches: 1.59.2;
Pass an ipl argument to pool_init/POOL_INIT to be used when initializing
the pool's lock.
 1.58  04-Mar-2007  christos branches: 1.58.2;
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
 1.57  09-Feb-2007  ad branches: 1.57.2;
Merge newlock2 to head.
 1.56  17-Aug-2006  christos branches: 1.56.2;
Fix all the -D*DEBUG* code that it was rotting away and did not even compile.
Mostly from Arnaud Lacombe, many thanks!
 1.55  23-Jul-2006  ad Use the LWP cached credentials where sane.
 1.54  20-May-2006  yamt remove NOLOCKF and use normal NULL instead.
 1.53  20-May-2006  yamt remove an debug printf slipped into the previous.
 1.52  20-May-2006  yamt fix F_SETLKW deadlock detection, which has been broken since lwpify.
although this doesn't work for processes with multiple lwps, it's better
than not working at all.
 1.51  20-May-2006  yamt make lockfpool static.
 1.50  20-May-2006  yamt move lockf implementation details from sys/lockf.h to kern/vfs_lockf.c.
 1.49  14-May-2006  elad branches: 1.49.2;
integrate kauth.
 1.48  24-Dec-2005  perry branches: 1.48.4; 1.48.6; 1.48.8; 1.48.10; 1.48.12;
Remove leading __ from __(const|inline|signed|volatile) -- it is obsolete.
 1.47  11-Dec-2005  christos merge ktrace-lwp.
 1.46  28-Oct-2005  christos use ap->a_flags instead of fl->f_type; pointed out by: Devon H. O'Dell
 1.45  05-Jun-2005  thorpej branches: 1.45.2; 1.45.4;
Re-arrange slighty, eliminate prototypes that are unnecessary when using
ANSI function decls with "static".
 1.44  29-May-2005  christos - add const.
- remove unnecessary casts.
- add __UNCONST casts and mark them with XXXUNCONST as necessary.
 1.43  22-May-2005  christos No 0x in front of %p...
 1.42  09-May-2005  christos don't unlock twice.
 1.41  09-May-2005  christos lock all uses of uidhash. provide macros to lock and unlock. based on more
discussions with yamt.
 1.40  07-May-2005  christos PR/30154: YAMAMOTO Takashi: tcp_close locking botch
chgsbsize() as mentioned in the PR can be called from an interrupt context
via tcp_close(). Avoid calling uid_find() in chgsbsize().
- Instead of storing so_uid in struct socketvar, store *so_uidinfo
- Add a simple lock to struct uidinfo.
 1.39  25-Mar-2005  christos Don't free the wrong lock. Pointed out by Konrad Schroder
 1.38  20-Mar-2005  christos Keep track and limit the number of locks per uid. From OpenBSD
 1.37  26-Feb-2005  perry nuke trailing whitespace
 1.36  19-Nov-2004  peter branches: 1.36.4; 1.36.6;
Fix a typo, dependancy -> dependency

ok wiz@
 1.35  25-Apr-2004  simonb Initialise (most) pools from a link set instead of explicit calls
to pool_init. Untouched pools are ones that either in arch-specific
code, or aren't initialiased during initial system startup.

Convert struct session, ucred and lockf to pools.
 1.34  25-Oct-2003  christos fix uninitialized variable
 1.33  07-Aug-2003  agc Move UCB-licensed code from 4-clause to 3-clause licence.

Patches provided by Joel Baker in PR 22364, verified by myself.
 1.32  25-Jun-2003  yamt branches: 1.32.2;
revert rev.1.28. (free -> FREE changes)
pointed by David Laight on source-changes about similar changes.
 1.31  03-May-2003  fvdl Make gcc3 happy ("label at end of compound statement").
 1.30  03-May-2003  yamt get pointer to v_interlock directly
as we are not interested in the rest of the vnode here.
 1.29  01-May-2003  yamt - KNF.
- remove unneeded caddr_t casts.
 1.28  01-May-2003  yamt use FREE instead of free for MALLOC'ed memory.
 1.27  01-May-2003  yamt MP locking.
 1.26  01-May-2003  yamt remove a part of comment that isn't true anymore.
 1.25  01-May-2003  yamt ANSIfy.
 1.24  01-May-2003  yamt don't export lockf internal functions.
 1.23  05-Mar-2003  mycroft DANGER WILL ROBINSON!

We cannot store LWP pointers permanently in lock structures, for two reasons:
1) They are somewhat ephemeral. Dangling pointers are bad.
2) A different LWP may issue the unlock, and in this case, we were not actually
doing the unlock at all. This was causing processes to exit without undoing
fcntl(2) locks. Furthermore, the locks are process-specific to begin with,
so the test was just plain wrong.

Instead, we go back to storing a proc pointer for POSIX locks. In addition, we
add an extra pointer to the LWP, which is used in deadlock detection. After
the lock is granted, this pointer is 0ed and there is no reference to the LWP.

Now evolution can inc my mail again.
 1.22  01-Feb-2003  thorpej Add extensible malloc types, adapted from FreeBSD. This turns
malloc types into a structure, a pointer to which is passed around,
instead of an int constant. Allow the limit to be adjusted when the
malloc type is defined, or with a function call, as suggested by
Jonathan Stone.
 1.21  18-Jan-2003  thorpej Merge the nathanw_sa branch.
 1.20  22-Oct-2002  simonb "ovcase" is set but not used in lf_getblock(); remove it.
 1.19  04-Sep-2002  matt Use the queue macros from <sys/queue.h> instead of referring to the queue
members directly. Use *_FOREACH whenever possible.
 1.18  12-Nov-2001  lukem add RCSIDs
 1.17  22-Jul-2000  jdolecek branches: 1.17.2; 1.17.4; 1.17.8;
change the lf_advlock() arguments from

int lf_advlock __P((struct lockf **,
off_t, caddr_t, int, struct flock *, int));
to

int lf_advlock __P((struct vop_advlock_args *, struct lockf **, off_t));

This matches common usage and is also compatible with similar change
in FreeBSD (though they use u_quad_t as last arg).
 1.16  12-Jun-2000  sommerfeld branches: 1.16.2;
Fix several problems with lockf/fcntl byte range locks:
- document a data structure invariant in lockf.h
- add KASSERT() to check the invariant.
- be more consistent about dequeuing ourselves from the blocked list
after a tsleep().
- Fix two places where the invariant is violated.
- correct a few comments here and there
- If we're still following a lock dependancy chain after maxlockdepth
processes and haven't gotten back to the start, assume that we're in a
cycle anyway and return EDEADLK.

Fix is a superset of an existing fix in FreeBSD, but independantly
derived.

Fixes kern/3860.
 1.15  30-Mar-2000  augustss branches: 1.15.2;
Get rid of register declarations.
 1.14  04-Aug-1998  perry branches: 1.14.6; 1.14.12;
Abolition of bcopy, ovbcopy, bcmp, and bzero, phase one.
bcopy(x, y, z) -> memcpy(y, x, z)
ovbcopy(x, y, z) -> memmove(y, x, z)
bcmp(x, y, z) -> memcmp(x, y, z)
bzero(x, y) -> memset(x, 0, y)
 1.13  31-Jul-1998  perry fix sizeofs so they comply with the KNF style guide. yes, it is pedantic.
 1.12  01-Mar-1998  fvdl branches: 1.12.2;
Merge with Lite2 + local changes
 1.11  10-Apr-1997  jtk make it compile with -DLOCKF_DEBUG
 1.10  02-Apr-1997  kleink Moved the `unlocking a lock-free inode' shortcut behind
the l_whence and starting offset sanity checks.
 1.9  13-Oct-1996  christos backout previous kprintf change
 1.8  10-Oct-1996  christos printf -> kprintf, sprintf -> ksprintf
 1.7  04-Feb-1996  christos First pass at prototyping
 1.6  19-Mar-1995  mycroft Use %p.
 1.5  29-Jun-1994  cgd New RCS ID's, take two. they're more aesthecially pleasant, and use 'NetBSD'
 1.4  19-May-1994  mycroft Update to 4.4-Lite, plus some local changes.
 1.3  19-May-1994  cgd stupidity for prototypes...
 1.2  25-Apr-1994  cgd some prototype cleanup, eliminate/replace bogus types (e.g. quad and
u_quad) -> use better types (e.g. quad_t & u_quad_t in inodes),
some cleanup.
 1.1  09-Mar-1994  ws Make FFS optional
 1.12.2.1  08-Aug-1998  eeh Revert cdevsw mmap routines to return int.
 1.14.12.1  20-Nov-2000  bouyer Update thorpej_scsipi to -current as of a month ago
 1.14.6.1  27-Jun-2000  he Pull up revisions 1.15-1.16 (requested by sommerfeld):
Fix several problems with byte-range locks, including the one
reported in PR#3860.
 1.15.2.1  22-Jun-2000  minoura Sync w/ netbsd-1-5-base.
 1.16.2.1  30-Jul-2000  jdolecek Pullup from trunk (approved by thorpej):
Change lf_advlock() to:
int lf_advlock (struct vop_advlock_args *, struct lockf **, off_t)

This matches it's usage. Change inspired by FreeBSD, though we use
off_t instead u_quad_t as the last argument.

sys/lockf.h rev. 1.9
msdosfs/msdosfs_vnops.c rev. 1.99
kern/vfs_lockf.c rev. 1.17
miscfs/specfs/spec_vnops.c rev. 1.49
nfs/nfs_vnops.c rev. 1.115
ufs/ext2fs/ext2fs_vnops.c rev. 1.28
ufs/ufs/ufs_vnops.c rev. 1.72
 1.17.8.1  12-Nov-2001  thorpej Sync the thorpej-mips-cache branch with -current.
 1.17.4.2  10-Oct-2002  jdolecek sync kqueue with -current; this includes merge of gehenna-devsw branch,
merge of i386 MP branch, and part of autoconf rototil work
 1.17.4.1  10-Jan-2002  thorpej Sync kqueue branch with -current.
 1.17.2.6  11-Nov-2002  nathanw Catch up to -current
 1.17.2.5  17-Sep-2002  nathanw Catch up to -current.
 1.17.2.4  12-Jul-2002  nathanw No longer need to pull in lwp.h; proc.h pulls it in for us.
 1.17.2.3  24-Jun-2002  nathanw Curproc->curlwp renaming.

Change uses of "curproc->l_proc" back to "curproc", which is more like the
original use. Bare uses of "curproc" are now "curlwp".

"curproc" is now #defined in proc.h as ((curlwp) ? (curlwp)->l_proc) : NULL)
so that it is always safe to reference curproc (*de*referencing curproc
is another story, but that's always been true).
 1.17.2.2  14-Nov-2001  nathanw Catch up to -current.
 1.17.2.1  05-Mar-2001  nathanw Initial commit of scheduler activations and lightweight process support.
 1.32.2.7  10-Nov-2005  skrll Sync with HEAD. Here we go again...
 1.32.2.6  01-Apr-2005  skrll Sync with HEAD.
 1.32.2.5  04-Mar-2005  skrll Sync with HEAD.

Hi Perry!
 1.32.2.4  29-Nov-2004  skrll Sync with HEAD.
 1.32.2.3  21-Sep-2004  skrll Fix the sync with head I botched.
 1.32.2.2  18-Sep-2004  skrll Sync with HEAD.
 1.32.2.1  03-Aug-2004  skrll Sync with HEAD
 1.36.6.2  26-Mar-2005  yamt sync with head.
 1.36.6.1  19-Mar-2005  yamt sync with head. xen and whitespace. xen part is not finished.
 1.36.4.1  29-Apr-2005  kent sync with -current
 1.45.4.1  02-Nov-2005  yamt sync with head.
 1.45.2.6  24-Mar-2008  yamt sync with head.
 1.45.2.5  21-Jan-2008  yamt sync with head
 1.45.2.4  03-Sep-2007  yamt sync with head.
 1.45.2.3  26-Feb-2007  yamt sync with head.
 1.45.2.2  30-Dec-2006  yamt sync with head.
 1.45.2.1  21-Jun-2006  yamt sync with head.
 1.48.12.1  24-May-2006  tron Merge 2006-05-24 NetBSD-current into the "peter-altq" branch.
 1.48.10.2  06-May-2006  christos - Move kauth_cred_t declaration to <sys/types.h>
- Cleanup struct ucred; forward declarations that are unused.
- Don't include <sys/kauth.h> in any header, but include it in the c files
that need it.

Approved by core.
 1.48.10.1  08-Mar-2006  elad Adapt to kernel authorization KPI.
 1.48.8.3  03-Sep-2006  yamt sync with head.
 1.48.8.2  11-Aug-2006  yamt sync with head
 1.48.8.1  24-May-2006  yamt sync with head.
 1.48.6.1  01-Jun-2006  kardel Sync with head.
 1.48.4.1  09-Sep-2006  rpaulo sync with head
 1.49.2.1  19-Jun-2006  chap Sync with head.
 1.56.2.1  21-Oct-2006  ad Checkpoint work in progress on locking and per-LWP signals. Very much a
a work in progress and there is still a lot to do.
 1.57.2.2  24-Mar-2007  yamt sync with head.
 1.57.2.1  12-Mar-2007  rmind Sync with HEAD.
 1.58.2.4  13-May-2007  ad - Pass the error number and residual count to biodone(), and let it handle
setting error indicators. Prepare to eliminate B_ERROR.
- Add a flag argument to brelse() to be set into the buf's flags, instead
of doing it directly. Typically used to set B_INVAL.
- Add a "struct cpu_info *" argument to kthread_create(), to be used to
create bound threads. Change "bool mpsafe" to "int flags".
- Allow exit of LWPs in the IDL state when (l != curlwp).
- More locking fixes & conversion to the new API.
 1.58.2.3  13-Apr-2007  ad Use condition variables.
 1.58.2.2  13-Mar-2007  ad Pull in the initial set of changes for the vmlocking branch.
 1.58.2.1  13-Mar-2007  ad Sync with head.
 1.59.2.1  11-Jul-2007  mjf Sync with head.
 1.60.20.1  02-Jan-2008  bouyer Sync with HEAD
 1.60.16.1  04-Dec-2007  ad Pull the vmlocking changes into a new branch.
 1.60.14.1  18-Feb-2008  mjf Sync with HEAD.
 1.60.8.2  23-Mar-2008  matt sync with HEAD
 1.60.8.1  09-Jan-2008  matt sync with HEAD
 1.61.6.4  17-Jan-2009  mjf Sync with HEAD.
 1.61.6.3  28-Sep-2008  mjf Sync with HEAD.
 1.61.6.2  02-Jun-2008  mjf Sync with HEAD.
 1.61.6.1  03-Apr-2008  mjf Sync with HEAD.
 1.61.2.1  24-Mar-2008  keiichi sync with head.
 1.63.2.2  04-Jun-2008  yamt sync with head
 1.63.2.1  18-May-2008  yamt sync with head.
 1.64.4.2  18-Sep-2008  wrstuden Sync with wrstuden-revivesa-base-2.
 1.64.4.1  23-Jun-2008  wrstuden Sync w/ -current. 34 merge conflicts to follow.
 1.64.2.3  19-Aug-2009  yamt sync with head.
 1.64.2.2  20-Jun-2009  yamt sync with head
 1.64.2.1  04-May-2009  yamt sync with head.
 1.65.4.1  19-Oct-2008  haad Sync with HEAD.
 1.69.10.2  01-Jul-2009  snj branches: 1.69.10.2.2;
Pull up following revision(s) (requested by rmind in ticket #842):
sys/kern/vfs_lockf.c: revision 1.71
don't make F_GETLK or the common case of F_UNLCK fail for per-user limit.
 1.69.10.1  01-Jul-2009  snj Pull up following revision(s) (requested by rmind in ticket #840):
sys/kern/vfs_lockf.c: revision 1.70
lf_split: cv_destroy a condvar before clobbering it.
 1.69.10.2.2.1  21-Apr-2010  matt sync to netbsd-5
 1.69.8.1  23-Jul-2009  jym Sync with HEAD.
 1.69.4.3  05-Sep-2009  bouyer Pull up following revision(s) (requested by dsl in ticket #900):
sys/kern/vfs_lockf.c: revision 1.72
lockf() passes its arguments through to fcntl() but is supposed to
support -ve lengths (lock area before current offset).
Nothing in libc or the kernel allowed for this, so some random part
of the file would get locked (no idea which bits).
Although this could probably be fixed in libc, the stubs for posix file
locks for emulations could easily get into the kernel with -ve lengths.
So fixing in the kernel avoids those problems.
This also fixes PR/41620 (attempting to lock negative offsets) - which
is what I was looking into!
 1.69.4.2  01-Jul-2009  snj Pull up following revision(s) (requested by rmind in ticket #842):
sys/kern/vfs_lockf.c: revision 1.71
don't make F_GETLK or the common case of F_UNLCK fail for per-user limit.
 1.69.4.1  01-Jul-2009  snj Pull up following revision(s) (requested by rmind in ticket #840):
sys/kern/vfs_lockf.c: revision 1.70
lf_split: cv_destroy a condvar before clobbering it.
 1.72.8.1  08-Feb-2011  bouyer Sync with HEAD
 1.72.6.1  06-Jun-2011  jruoho Sync with HEAD.
 1.72.4.1  05-Mar-2011  rmind sync with head
 1.73.72.1  01-Aug-2021  thorpej Sync with HEAD.
 1.73.60.1  07-Sep-2021  martin Pull up following revision(s) (requested by manu in ticket #1343):

share/man/man7/sysctl.7: revision 1.153
sys/kern/vfs_lockf.c: revision 1.74
lib/libc/sys/fcntl.2: revision 1.46
lib/libc/sys/flock.2: revision 1.23

Tie the maximum file lock per unprivilegied uid to kern.maxfiles

This makes the limit simple to raise at run time. While there, document
that fcntl(2) and flock(2) may return ENOMEM when this limit is reached.
 1.81.6.1  02-Aug-2025  perseant Sync with HEAD

RSS XML Feed