mirror of
https://github.com/opnsense/src.git
synced 2026-06-11 09:41:03 -04:00
Convert the primary ACL allocator from malloc(9) to using a UMA zone instead.
Also introduce an aclinit function which will be used to create the UMA zone for use by file systems at system start up. MFC after: 1 month Discussed with: rwatson
This commit is contained in:
Christian S.J. Peron
parent
fa973e67a4
commit
d1dfd92177
6 changed files with 65 additions and 29 deletions
|
|
@ -53,8 +53,9 @@ __FBSDID("$FreeBSD$");
|
|||
#include <sys/stat.h>
|
||||
#include <sys/acl.h>
|
||||
|
||||
MALLOC_DEFINE(M_ACL, "acl", "access control list");
|
||||
#include <vm/uma.h>
|
||||
|
||||
uma_zone_t acl_zone;
|
||||
static int vacl_set_acl(struct thread *td, struct vnode *vp,
|
||||
acl_type_t type, struct acl *aclp);
|
||||
static int vacl_get_acl(struct thread *td, struct vnode *vp,
|
||||
|
|
@ -1021,3 +1022,14 @@ __acl_aclcheck_fd(struct thread *td, struct __acl_aclcheck_fd_args *uap)
|
|||
mtx_unlock(&Giant);
|
||||
return (error);
|
||||
}
|
||||
|
||||
/* ARGUSED */
|
||||
|
||||
static void
|
||||
aclinit(void *dummy __unused)
|
||||
{
|
||||
|
||||
acl_zone = uma_zcreate("ACL UMA zone", sizeof(struct acl),
|
||||
NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, 0);
|
||||
}
|
||||
SYSINIT(acls, SI_SUB_ACL, SI_ORDER_FIRST, aclinit, NULL)
|
||||
|
|
|
|||
|
|
@ -53,8 +53,9 @@ __FBSDID("$FreeBSD$");
|
|||
#include <sys/stat.h>
|
||||
#include <sys/acl.h>
|
||||
|
||||
MALLOC_DEFINE(M_ACL, "acl", "access control list");
|
||||
#include <vm/uma.h>
|
||||
|
||||
uma_zone_t acl_zone;
|
||||
static int vacl_set_acl(struct thread *td, struct vnode *vp,
|
||||
acl_type_t type, struct acl *aclp);
|
||||
static int vacl_get_acl(struct thread *td, struct vnode *vp,
|
||||
|
|
@ -1021,3 +1022,14 @@ __acl_aclcheck_fd(struct thread *td, struct __acl_aclcheck_fd_args *uap)
|
|||
mtx_unlock(&Giant);
|
||||
return (error);
|
||||
}
|
||||
|
||||
/* ARGUSED */
|
||||
|
||||
static void
|
||||
aclinit(void *dummy __unused)
|
||||
{
|
||||
|
||||
acl_zone = uma_zcreate("ACL UMA zone", sizeof(struct acl),
|
||||
NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, 0);
|
||||
}
|
||||
SYSINIT(acls, SI_SUB_ACL, SI_ORDER_FIRST, aclinit, NULL)
|
||||
|
|
|
|||
|
|
@ -53,8 +53,9 @@ __FBSDID("$FreeBSD$");
|
|||
#include <sys/stat.h>
|
||||
#include <sys/acl.h>
|
||||
|
||||
MALLOC_DEFINE(M_ACL, "acl", "access control list");
|
||||
#include <vm/uma.h>
|
||||
|
||||
uma_zone_t acl_zone;
|
||||
static int vacl_set_acl(struct thread *td, struct vnode *vp,
|
||||
acl_type_t type, struct acl *aclp);
|
||||
static int vacl_get_acl(struct thread *td, struct vnode *vp,
|
||||
|
|
@ -1021,3 +1022,14 @@ __acl_aclcheck_fd(struct thread *td, struct __acl_aclcheck_fd_args *uap)
|
|||
mtx_unlock(&Giant);
|
||||
return (error);
|
||||
}
|
||||
|
||||
/* ARGUSED */
|
||||
|
||||
static void
|
||||
aclinit(void *dummy __unused)
|
||||
{
|
||||
|
||||
acl_zone = uma_zcreate("ACL UMA zone", sizeof(struct acl),
|
||||
NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, 0);
|
||||
}
|
||||
SYSINIT(acls, SI_SUB_ACL, SI_ORDER_FIRST, aclinit, NULL)
|
||||
|
|
|
|||
|
|
@ -35,6 +35,10 @@
|
|||
#ifndef _SYS_ACL_H_
|
||||
#define _SYS_ACL_H_
|
||||
|
||||
#include <sys/param.h>
|
||||
#include <sys/queue.h>
|
||||
#include <vm/uma.h>
|
||||
|
||||
/*
|
||||
* POSIX.1e ACL types and related constants.
|
||||
*/
|
||||
|
|
@ -112,6 +116,8 @@ typedef struct acl_t_struct *acl_t;
|
|||
|
||||
#ifdef _KERNEL
|
||||
|
||||
extern uma_zone_t acl_zone;
|
||||
|
||||
/*
|
||||
* POSIX.1e ACLs are capable of expressing the read, write, and execute
|
||||
* bits of the POSIX mode field. We provide two masks: one that defines
|
||||
|
|
@ -121,13 +127,6 @@ typedef struct acl_t_struct *acl_t;
|
|||
#define ACL_OVERRIDE_MASK (S_IRWXU | S_IRWXG | S_IRWXO)
|
||||
#define ACL_PRESERVE_MASK (~ACL_OVERRIDE_MASK)
|
||||
|
||||
/*
|
||||
* Storage for ACLs and support structures.
|
||||
*/
|
||||
#ifdef MALLOC_DECLARE
|
||||
MALLOC_DECLARE(M_ACL);
|
||||
#endif
|
||||
|
||||
/*
|
||||
* File system independent code to move back and forth between POSIX mode
|
||||
* and POSIX.1e ACL representations.
|
||||
|
|
|
|||
|
|
@ -131,6 +131,7 @@ enum sysinit_sub_id {
|
|||
SI_SUB_MBUF = 0x2700000, /* mbuf subsystem */
|
||||
SI_SUB_INTR = 0x2800000, /* interrupt threads */
|
||||
SI_SUB_SOFTINTR = 0x2800001, /* start soft interrupt thread */
|
||||
SI_SUB_ACL = 0x2900000, /* start for filesystem ACLs */
|
||||
SI_SUB_DEVFS = 0x2F00000, /* devfs ready for devices */
|
||||
SI_SUB_INIT_IF = 0x3000000, /* prep for net interfaces */
|
||||
SI_SUB_NETGRAPH = 0x3010000, /* Let Netgraph initialize */
|
||||
|
|
|
|||
|
|
@ -318,7 +318,7 @@ ufs_access(ap)
|
|||
|
||||
#ifdef UFS_ACL
|
||||
if ((vp->v_mount->mnt_flag & MNT_ACLS) != 0) {
|
||||
MALLOC(acl, struct acl *, sizeof(*acl), M_ACL, M_WAITOK);
|
||||
acl = uma_zalloc(acl_zone, M_WAITOK);
|
||||
error = VOP_GETACL(vp, ACL_TYPE_ACCESS, acl, ap->a_cred,
|
||||
ap->a_td);
|
||||
switch (error) {
|
||||
|
|
@ -342,7 +342,7 @@ ufs_access(ap)
|
|||
error = vaccess(vp->v_type, ip->i_mode, ip->i_uid,
|
||||
ip->i_gid, ap->a_mode, ap->a_cred, NULL);
|
||||
}
|
||||
FREE(acl, M_ACL);
|
||||
uma_zfree(acl_zone, acl);
|
||||
} else
|
||||
#endif /* !UFS_ACL */
|
||||
error = vaccess(vp->v_type, ip->i_mode, ip->i_uid, ip->i_gid,
|
||||
|
|
@ -1400,8 +1400,8 @@ ufs_mkdir(ap)
|
|||
#ifdef UFS_ACL
|
||||
acl = dacl = NULL;
|
||||
if ((dvp->v_mount->mnt_flag & MNT_ACLS) != 0) {
|
||||
MALLOC(acl, struct acl *, sizeof(*acl), M_ACL, M_WAITOK);
|
||||
MALLOC(dacl, struct acl *, sizeof(*dacl), M_ACL, M_WAITOK);
|
||||
acl = uma_zalloc(acl_zone, M_WAITOK);
|
||||
dacl = uma_zalloc(acl_zone, M_WAITOK);
|
||||
|
||||
/*
|
||||
* Retrieve default ACL from parent, if any.
|
||||
|
|
@ -1431,16 +1431,16 @@ ufs_mkdir(ap)
|
|||
*/
|
||||
ip->i_mode = dmode;
|
||||
DIP_SET(ip, i_mode, dmode);
|
||||
FREE(acl, M_ACL);
|
||||
FREE(dacl, M_ACL);
|
||||
uma_zfree(acl_zone, acl);
|
||||
uma_zfree(acl_zone, dacl);
|
||||
dacl = acl = NULL;
|
||||
break;
|
||||
|
||||
default:
|
||||
UFS_VFREE(tvp, ip->i_number, dmode);
|
||||
vput(tvp);
|
||||
FREE(acl, M_ACL);
|
||||
FREE(dacl, M_ACL);
|
||||
uma_zfree(acl_zone, acl);
|
||||
uma_zfree(acl_zone, dacl);
|
||||
return (error);
|
||||
}
|
||||
} else {
|
||||
|
|
@ -1510,13 +1510,13 @@ ufs_mkdir(ap)
|
|||
break;
|
||||
|
||||
default:
|
||||
FREE(acl, M_ACL);
|
||||
FREE(dacl, M_ACL);
|
||||
uma_zfree(acl_zone, acl);
|
||||
uma_zfree(acl_zone, dacl);
|
||||
dacl = acl = NULL;
|
||||
goto bad;
|
||||
}
|
||||
FREE(acl, M_ACL);
|
||||
FREE(dacl, M_ACL);
|
||||
uma_zfree(acl_zone, acl);
|
||||
uma_zfree(acl_zone, dacl);
|
||||
dacl = acl = NULL;
|
||||
}
|
||||
#endif /* !UFS_ACL */
|
||||
|
|
@ -1582,9 +1582,9 @@ bad:
|
|||
} else {
|
||||
#ifdef UFS_ACL
|
||||
if (acl != NULL)
|
||||
FREE(acl, M_ACL);
|
||||
uma_zfree(acl_zone, acl);
|
||||
if (dacl != NULL)
|
||||
FREE(dacl, M_ACL);
|
||||
uma_zfree(acl_zone, dacl);
|
||||
#endif
|
||||
dp->i_effnlink--;
|
||||
dp->i_nlink--;
|
||||
|
|
@ -2231,7 +2231,7 @@ ufs_makeinode(mode, dvp, vpp, cnp)
|
|||
#ifdef UFS_ACL
|
||||
acl = NULL;
|
||||
if ((dvp->v_mount->mnt_flag & MNT_ACLS) != 0) {
|
||||
MALLOC(acl, struct acl *, sizeof(*acl), M_ACL, M_WAITOK);
|
||||
acl = uma_zalloc(acl_zone, M_WAITOK);
|
||||
|
||||
/*
|
||||
* Retrieve default ACL for parent, if any.
|
||||
|
|
@ -2266,14 +2266,14 @@ ufs_makeinode(mode, dvp, vpp, cnp)
|
|||
*/
|
||||
ip->i_mode = mode;
|
||||
DIP_SET(ip, i_mode, mode);
|
||||
FREE(acl, M_ACL);
|
||||
uma_zfree(acl_zone, acl);
|
||||
acl = NULL;
|
||||
break;
|
||||
|
||||
default:
|
||||
UFS_VFREE(tvp, ip->i_number, mode);
|
||||
vput(tvp);
|
||||
FREE(acl, M_ACL);
|
||||
uma_zfree(acl_zone, acl);
|
||||
acl = NULL;
|
||||
return (error);
|
||||
}
|
||||
|
|
@ -2339,10 +2339,10 @@ ufs_makeinode(mode, dvp, vpp, cnp)
|
|||
break;
|
||||
|
||||
default:
|
||||
FREE(acl, M_ACL);
|
||||
uma_zfree(acl_zone, acl);
|
||||
goto bad;
|
||||
}
|
||||
FREE(acl, M_ACL);
|
||||
uma_zfree(acl_zone, acl);
|
||||
}
|
||||
#endif /* !UFS_ACL */
|
||||
ufs_makedirentry(ip, cnp, &newdir);
|
||||
|
|
|
|||
Loading…
Reference in a new issue