From: dlg <dlg@openbsd.org>
Date: Sun, 6 Nov 2022 13:03:52 +0000 (+0000)
Subject: make /dev/pf a clonable device.
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=39a5cc30bcf39f1b59b166978c9a0f335ad4d190;p=openbsd

make /dev/pf a clonable device.

this provides a 1:1 relationship of pfopen() calls to pfclose()
calls. in turn, this makes it a lot easier to track stuff allocated
by a process and then clean it up if that process goes away
unexpectedly. the unique dev_t provided by the cloning machinery
gives us a good identifier to track this state with too.

discussed with h2k22
ok sashan@
deraadt@ agrees this is a good time to put this in
---

diff --git a/sys/net/pf_ioctl.c b/sys/net/pf_ioctl.c
index b540afc6fe2..ef4f18e730d 100644
--- a/sys/net/pf_ioctl.c
+++ b/sys/net/pf_ioctl.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pf_ioctl.c,v 1.385 2022/08/06 15:57:58 bluhm Exp $ */
+/*	$OpenBSD: pf_ioctl.c,v 1.386 2022/11/06 13:03:52 dlg Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -54,6 +54,7 @@
 #include <sys/proc.h>
 #include <sys/rwlock.h>
 #include <sys/syslog.h>
+#include <sys/specdev.h>
 #include <uvm/uvm_extern.h>
 
 #include <crypto/md5.h>
@@ -265,16 +266,17 @@ pfattach(int num)
 int
 pfopen(dev_t dev, int flags, int fmt, struct proc *p)
 {
-	if (minor(dev) >= 1)
+	int unit = minor(dev);
+
+	if (unit & ((1 << CLONE_SHIFT) - 1))
 		return (ENXIO);
+
 	return (0);
 }
 
 int
 pfclose(dev_t dev, int flags, int fmt, struct proc *p)
 {
-	if (minor(dev) >= 1)
-		return (ENXIO);
 	return (0);
 }
 
diff --git a/sys/sys/conf.h b/sys/sys/conf.h
index 73b7b14862b..e651732824c 100644
--- a/sys/sys/conf.h
+++ b/sys/sys/conf.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: conf.h,v 1.159 2022/09/02 20:06:56 miod Exp $	*/
+/*	$OpenBSD: conf.h,v 1.160 2022/11/06 13:03:52 dlg Exp $	*/
 /*	$NetBSD: conf.h,v 1.33 1996/05/03 20:03:32 christos Exp $	*/
 
 /*-
@@ -358,7 +358,7 @@ extern struct cdevsw cdevsw[];
 	dev_init(c,n,open), dev_init(c,n,close), (dev_type_read((*))) enodev, \
 	(dev_type_write((*))) enodev, dev_init(c,n,ioctl), \
 	(dev_type_stop((*))) enodev, 0, \
-	(dev_type_mmap((*))) enodev }
+	(dev_type_mmap((*))) enodev, 0, D_CLONE }
 
 /* open, close, read, write, ioctl, kqfilter */
 #define	cdev_usbdev_init(c,n) { \