mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-27 11:20:58 +01:00
cc3116a938
The last half year I've been working on a replacement TTY layer for the FreeBSD kernel. The new TTY layer was designed to improve the following: - Improved driver model: The old TTY layer has a driver model that is not abstract enough to make it friendly to use. A good example is the output path, where the device drivers directly access the output buffers. This means that an in-kernel PPP implementation must always convert network buffers into TTY buffers. If a PPP implementation would be built on top of the new TTY layer (still needs a hooks layer, though), it would allow the PPP implementation to directly hand the data to the TTY driver. - Improved hotplugging: With the old TTY layer, it isn't entirely safe to destroy TTY's from the system. This implementation has a two-step destructing design, where the driver first abandons the TTY. After all threads have left the TTY, the TTY layer calls a routine in the driver, which can be used to free resources (unit numbers, etc). The pts(4) driver also implements this feature, which means posix_openpt() will now return PTY's that are created on the fly. - Improved performance: One of the major improvements is the per-TTY mutex, which is expected to improve scalability when compared to the old Giant locking. Another change is the unbuffered copying to userspace, which is both used on TTY device nodes and PTY masters. Upgrading should be quite straightforward. Unlike previous versions, existing kernel configuration files do not need to be changed, except when they reference device drivers that are listed in UPDATING. Obtained from: //depot/projects/mpsafetty/... Approved by: philip (ex-mentor) Discussed: on the lists, at BSDCan, at the DevSummit Sponsored by: Snow B.V., the Netherlands dcons(4) fixed by: kan
70 lines
1.9 KiB
Plaintext
70 lines
1.9 KiB
Plaintext
#
|
|
# The following are some default rules for devfs(5) mounts.
|
|
# The format is very simple. Empty lines and lines beginning
|
|
# with a hash '#' are ignored. If the hash mark occurs anywhere
|
|
# other than the beginning of a line, it and any subsequent
|
|
# characters will be ignored. A line in between brackets '[]'
|
|
# denotes the beginning of a ruleset. In the brackets should
|
|
# be a name for the rule and its ruleset number. Any other lines
|
|
# will be considered to be the 'action' part of a rule
|
|
# passed to the devfs(8) command. These will be passed
|
|
# "as-is" to the devfs(8) command with the exception that
|
|
# any references to other rulesets will be expanded first. These
|
|
# references must include a dollar sign '$' in front of the
|
|
# name to be expanded properly.
|
|
#
|
|
# $FreeBSD$
|
|
#
|
|
|
|
# Very basic and secure ruleset: Hide everything.
|
|
# Used as a basis for other rules.
|
|
#
|
|
[devfsrules_hide_all=1]
|
|
add hide
|
|
|
|
# Basic devices typically necessary.
|
|
# Requires: devfsrules_hide_all
|
|
#
|
|
[devfsrules_unhide_basic=2]
|
|
add path null unhide
|
|
add path zero unhide
|
|
add path crypto unhide
|
|
add path random unhide
|
|
add path urandom unhide
|
|
|
|
# Devices typically needed to support logged-in users.
|
|
# Requires: devfsrules_hide_all
|
|
#
|
|
[devfsrules_unhide_login=3]
|
|
add path 'ptyp*' unhide
|
|
add path 'ptyq*' unhide
|
|
add path 'ptyr*' unhide
|
|
add path 'ptys*' unhide
|
|
add path 'ptyP*' unhide
|
|
add path 'ptyQ*' unhide
|
|
add path 'ptyR*' unhide
|
|
add path 'ptyS*' unhide
|
|
add path 'ttyp*' unhide
|
|
add path 'ttyq*' unhide
|
|
add path 'ttyr*' unhide
|
|
add path 'ttys*' unhide
|
|
add path 'ttyP*' unhide
|
|
add path 'ttyQ*' unhide
|
|
add path 'ttyR*' unhide
|
|
add path 'ttyS*' unhide
|
|
add path ptmx unhide
|
|
add path pts unhide
|
|
add path 'pts/*' unhide
|
|
add path fd unhide
|
|
add path 'fd/*' unhide
|
|
add path stdin unhide
|
|
add path stdout unhide
|
|
add path stderr unhide
|
|
|
|
# Devices usually found in a jail.
|
|
#
|
|
[devfsrules_jail=4]
|
|
add include $devfsrules_hide_all
|
|
add include $devfsrules_unhide_basic
|
|
add include $devfsrules_unhide_login
|