From owner-freebsd-audit Sun Jun 30 0:45:50 2002 Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B85CB37B401; Sun, 30 Jun 2002 00:45:45 -0700 (PDT) Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.86.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id ECFE043E09; Sun, 30 Jun 2002 00:45:44 -0700 (PDT) (envelope-from phk@critter.freebsd.dk) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.12.3/8.12.2) with ESMTP id g5U7hX6I038221; Sun, 30 Jun 2002 09:43:33 +0200 (CEST) (envelope-from phk@critter.freebsd.dk) To: Juli Mallett Cc: Garance A Drosihn , audit@FreeBSD.ORG, current@FreeBSD.ORG, Kirk McKusick Subject: Re: libufs, a library for dealing with UFS from userland. In-Reply-To: Your message of "Sat, 29 Jun 2002 20:36:42 PDT." <20020629203642.A9605@FreeBSD.ORG> Date: Sun, 30 Jun 2002 09:43:33 +0200 Message-ID: <38220.1025423013@critter.freebsd.dk> From: Poul-Henning Kamp Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG In message <20020629203642.A9605@FreeBSD.ORG>, Juli Mallett writes: >* Garance A Drosihn escriuréres >> At 5:37 AM -0700 6/29/02, Juli Mallett wrote: >> >I get identical output from dumpfs and libufs-dumpfs currently >> >and I can toggle softdep flags fine with tunefs. I'd like to >> >commit this by the coming Tuesday as I will be out of town >> >from Tuesday morning and will not have any way to further >> >work on this, etc. >> >> When do you get back into town? > >Unknown. We are in no rush on this, so just take your time. Feel free to take the precaution of email'ing me the code/patch so that I can take over if you fail to get back for a very long time. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Jun 30 6:16:26 2002 Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D6DF937B400 for ; Sun, 30 Jun 2002 06:16:20 -0700 (PDT) Received: from mailsrv.otenet.gr (mailsrv.otenet.gr [195.170.0.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id B387D43E13 for ; Sun, 30 Jun 2002 06:16:19 -0700 (PDT) (envelope-from keramida@FreeBSD.org) Received: from hades.hell.gr (patr530-b143.otenet.gr [212.205.244.151]) by mailsrv.otenet.gr (8.12.4/8.12.4) with ESMTP id g5UDGElm012658 for ; Sun, 30 Jun 2002 16:16:16 +0300 (EEST) Received: from hades.hell.gr (hades [127.0.0.1]) by hades.hell.gr (8.12.4/8.12.4) with ESMTP id g5UDGGeh061493 for ; Sun, 30 Jun 2002 16:16:16 +0300 (EEST) (envelope-from keramida@FreeBSD.org) Received: (from charon@localhost) by hades.hell.gr (8.12.4/8.12.4/Submit) id g5U41eKG017652 for audit@FreeBSD.org; Sun, 30 Jun 2002 07:01:40 +0300 (EEST) (envelope-from keramida@FreeBSD.org) Date: Sun, 30 Jun 2002 07:01:40 +0300 From: Giorgos Keramidas To: audit@FreeBSD.org Subject: sysconf(_SC_CLK_TCK) [NetBSD: basesrc/lib/libc/gen] Message-ID: <20020630040139.GC1223@hades.hell.gr> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Operating-System: FreeBSD 5.0-CURRENT i386 X-PGP-Fingerprint: C1EB 0653 DB8B A557 3829 00F9 D60F 941A 3186 03B6 X-Phone: +30-944-116520 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hello all, Does the following change look like a nice thing to make to our libc too? I'm asking before trying to make a diff that does this, because the log mentions that the standards do not require this to return the value of HZ, and it's probably improper if programs depend on this being == HZ. Date: Sun, 23 Jun 2002 22:19:03 +0300 (EEST) From: "Perry E. Metzger" Subject: CVS commit: basesrc/lib/libc/gen To: source-changes@netbsd.org Modified Files: basesrc/lib/libc/gen: sysconf.c Log Message: make sysconf(_SC_CLK_TCK) return the kernel hz value, instead of a fixed constant, as is done on Solaris, Linux, etc. Technically, standards don't *require* this, but having it return a constant is a violation of the spirit, and screws up programs that (perhaps improperly) assume that it will return kernel hz. ----- End forwarded message ----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Jun 30 12:34:38 2002 Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A02E537B405 for ; Sun, 30 Jun 2002 12:33:55 -0700 (PDT) Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.139.170]) by mx1.FreeBSD.org (Postfix) with ESMTP id A0EEA43E2F for ; Sun, 30 Jun 2002 12:33:53 -0700 (PDT) (envelope-from mark@grimreaper.grondar.org) Received: from storm.FreeBSD.org.uk (uucp@localhost [127.0.0.1]) by storm.FreeBSD.org.uk (8.12.5/8.12.5) with ESMTP id g5UJXq8c002677 for ; Sun, 30 Jun 2002 20:33:52 +0100 (BST) (envelope-from mark@grimreaper.grondar.org) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.12.5/8.12.5/Submit) with UUCP id g5UJXqN1002676 for audit@FreeBSD.ORG; Sun, 30 Jun 2002 20:33:52 +0100 (BST) Received: from grimreaper.grondar.org (localhost [127.0.0.1]) by grimreaper.grondar.org (8.12.5/8.12.5) with ESMTP id g5UJOL07070228 for ; Sun, 30 Jun 2002 20:24:21 +0100 (BST) (envelope-from mark@grimreaper.grondar.org) Message-Id: <200206301924.g5UJOL07070228@grimreaper.grondar.org> To: audit@FreeBSD.ORG Subject: lib/csu cleanup #2 - review please (commit candidate) References: <200206231830.g5NIUAa4045990@grimreaper.grondar.org> In-Reply-To: <200206231830.g5NIUAa4045990@grimreaper.grondar.org> ; from Mark Murray "Fri, 21 Jun 2002 16:58:06 BST." MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----- =_aaaaaaaaaa0" Content-ID: <70203.1025464768.0@grimreaper.grondar.org> Date: Sun, 30 Jun 2002 20:24:21 +0100 From: Mark Murray Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG ------- =_aaaaaaaaaa0 Content-Type: text/plain; charset="us-ascii" Content-ID: <70203.1025464768.1@grimreaper.grondar.org> I said in a previous mail: > Please check out the following diffs to lib/csu/*/crt1.c. > > I've been carrying a lot of this for nearly a year now with > no problems at all on my laptop or SMP servers. > > There are two separate reasons for the cleanup: WARNS/lint > fixes, and diff-reduction between all of the crt1.c's. > > For the i386-elf version, there are a lot of whitespace diffs > that will be committed separately. > > Also for the i386-elf one, a macro containing GCC-specific > __asm() code has been turned into an inline function. This > makes for neater (IMO) code, and makes it possible to lint. In response to some useful comments from Bruce and David, I've cleaned this up, tested it on i386-elf (on my laptop) and extended it to the other architectures a lot more (limited testing, so please help out!). Here is the latest incarnaton. Review please? I did the diff with "cvs ... diff ... -bB ... " to minimise the whitespace diffs in i386-elf/crt1.c (Which I will commit separately; it has 4-space indents instead of tabs, and I'd like to fix that). M -- o Mark Murray \_ O.\_ Warning: this .sig is umop ap!sdn ------- =_aaaaaaaaaa0 Content-Type: text/plain; charset="us-ascii" Content-ID: <70203.1025464768.2@grimreaper.grondar.org> Content-Description: lib/csu/*/crt1.c fixes Index: alpha/crt1.c =================================================================== RCS file: /home/ncvs/src/lib/csu/alpha/crt1.c,v retrieving revision 1.13 diff -u -d -B -b -r1.13 crt1.c --- alpha/crt1.c 25 Jun 2002 18:01:12 -0000 1.13 +++ alpha/crt1.c 30 Jun 2002 12:05:26 -0000 @@ -35,11 +35,14 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#ifndef lint #ifndef __GNUC__ #error "GCC is needed to compile this file" #endif +#endif /* lint */ #include + #include "libc_private.h" #include "crtbrand.c" @@ -43,17 +46,13 @@ #include "libc_private.h" #include "crtbrand.c" -struct Struct_Obj_Entry; -struct ps_strings; - -#pragma weak _DYNAMIC extern int _DYNAMIC; +#pragma weak _DYNAMIC -extern void _init(void); extern void _fini(void); +extern void _init(void); extern int main(int, char **, char **); -extern void _start(char **, void (*)(void), struct Struct_Obj_Entry *, - struct ps_strings *); +extern void _start(char **, void (*)(void), ...); #ifdef GCRT extern void _mcleanup(void); @@ -67,17 +66,14 @@ /* The entry function. */ void -_start(char **ap, - void (*cleanup)(void), /* from shared loader */ - struct Struct_Obj_Entry *obj __unused, /* from shared loader */ - struct ps_strings *ps_strings __unused) +_start(char **ap, void (*cleanup)(void), ...) { int argc; char **argv; char **env; const char *s; - argc = * (long *) ap; + argc = *(long *)(void *)ap; argv = ap + 1; env = ap + 2 + argc; environ = env; Index: i386-elf/crt1.c =================================================================== RCS file: /home/ncvs/src/lib/csu/i386-elf/crt1.c,v retrieving revision 1.7 diff -u -d -B -b -r1.7 crt1.c --- i386-elf/crt1.c 29 Mar 2002 22:43:41 -0000 1.7 +++ i386-elf/crt1.c 30 Jun 2002 12:23:33 -0000 @@ -23,12 +23,14 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#ifndef lint #ifndef __GNUC__ #error "GCC is needed to compile this file" #endif +#endif /* lint */ -#include #include + #include "libc_private.h" #include "crtbrand.c" @@ -32,11 +34,15 @@ #include "libc_private.h" #include "crtbrand.c" +extern int _DYNAMIC; +#pragma weak _DYNAMIC + typedef void (*fptr)(void); extern void _fini(void); extern void _init(void); extern int main(int, char **, char **); +extern void _start(char *, ...); #ifdef GCRT extern void _mcleanup(void); @@ -45,33 +51,35 @@ extern int etext; #endif -extern int _DYNAMIC; -#pragma weak _DYNAMIC +char **environ; +const char *__progname = ""; -#ifdef __i386__ -#define get_rtld_cleanup() \ - ({ fptr __value; \ - __asm__("movl %%edx,%0" : "=rm"(__value)); \ - __value; }) +static __inline fptr +get_rtld_cleanup(void) +{ + fptr retval; + +#ifdef __GNUC__ + __asm__("movl %%edx,%0" : "=rm"(retval)); #else -#error "This file only supports the i386 architecture" + retval = (fptr)0; /* XXXX Fix this for other compilers */ #endif + return(retval); +} -char **environ; -const char *__progname = ""; - +/* The entry function. */ void -_start(char *arguments, ...) +_start(char *ap, ...) { - fptr rtld_cleanup; + fptr cleanup; int argc; char **argv; char **env; const char *s; - rtld_cleanup = get_rtld_cleanup(); - argv = &arguments; - argc = * (int *) (argv - 1); + cleanup = get_rtld_cleanup(); + argv = ≈ + argc = *(long *)(void *)(argv - 1); env = argv + argc + 1; environ = env; if (argc > 0 && argv[0] != NULL) { @@ -82,7 +90,7 @@ } if (&_DYNAMIC != NULL) - atexit(rtld_cleanup); + atexit(cleanup); #ifdef GCRT atexit(_mcleanup); Index: ia64/crt1.c =================================================================== RCS file: /home/ncvs/src/lib/csu/ia64/crt1.c,v retrieving revision 1.7 diff -u -d -B -b -r1.7 crt1.c --- ia64/crt1.c 29 Mar 2002 22:43:41 -0000 1.7 +++ ia64/crt1.c 30 Jun 2002 19:09:00 -0000 @@ -31,23 +31,23 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#ifndef lint #ifndef __GNUC__ #error "GCC is needed to compile this file" #endif +#endif /* lint */ #include #include "libc_private.h" #include "crtbrand.c" -struct Struct_Obj_Entry; -struct ps_strings; - #pragma weak _DYNAMIC extern int _DYNAMIC; -extern void _init(void); extern void _fini(void); +extern void _init(void); extern int main(int, char **, char **); +extern void _start(char **, const void *, void (*)(void)); #ifdef GCRT extern void _mcleanup(void); @@ -59,17 +59,10 @@ char **environ; const char *__progname = ""; -/* The entry function. */ -void -_start(char **ap, - struct ps_strings *ps_strings, - void (*cleanup)(void)) +static __inline void +fix_gp(void) { - int argc; - char **argv; - char **env; - const char *s; - +#ifdef __GNUC__ /* Calculate gp */ __asm __volatile(" \ movl gp=@gprel(1f) ; \ @@ -78,8 +71,21 @@ ;; ; \ sub gp=r14,gp ; \ ;; "); +#endif +} - argc = * (long *) ap; +/* The entry function. */ +/* ARGSUSED */ +void +_start(char **ap, const void *junk __unused, void (*cleanup)(void)) +{ + int argc; + char **argv; + char **env; + const char *s; + + fix_gp(); + argc = *(long *)(void *)ap; argv = ap + 1; env = ap + 2 + argc; environ = env; Index: powerpc/crt1.c =================================================================== RCS file: /home/ncvs/src/lib/csu/powerpc/crt1.c,v retrieving revision 1.8 diff -u -d -B -b -r1.8 crt1.c --- powerpc/crt1.c 29 Mar 2002 22:43:41 -0000 1.8 +++ powerpc/crt1.c 30 Jun 2002 18:54:56 -0000 @@ -38,11 +38,14 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#ifndef lint #ifndef __GNUC__ #error "GCC is needed to compile this file" #endif +#endif /* lint */ #include + #include "libc_private.h" #include "crtbrand.c" @@ -46,15 +49,16 @@ #include "libc_private.h" #include "crtbrand.c" -struct Struct_Obj_Entry; -struct ps_strings; - -#pragma weak _DYNAMIC extern int _DYNAMIC; +#pragma weak _DYNAMIC + +struct ps_strings; -extern void _init(void); extern void _fini(void); +extern void _init(void); extern int main(int, char **, char **); +extern void _start(int, char **, char **, const void *, void (*)(void), + struct ps_strings *); #ifdef GCRT extern void _mcleanup(void); @@ -72,18 +76,15 @@ * First 5 arguments are specified by the PowerPC SVR4 ABI. * The last argument, ps_strings, is a BSD extension. */ +/* ARGSUSED */ void -_start(argc, argv, envp, obj, cleanup, ps_strings) - int argc; - char **argv, **envp; - const struct Struct_Obj_Entry *obj; /* from shared loader */ - void (*cleanup)(void); /* from shared loader */ - struct ps_strings *ps_strings; /* BSD extension */ +_start(int argc, char **argv, char **env, const void *junk __unused, + void (*cleanup)(void), + struct ps_strings *ps_strings) { - char *namep; const char *s; - environ = envp; + environ = env; if (argc > 0 && argv[0] != NULL) { __progname = argv[0]; @@ -106,7 +107,7 @@ monstartup(&eprol, &etext); #endif _init(); - exit( main(argc, argv, envp) ); + exit( main(argc, argv, env) ); } #ifdef GCRT Index: sparc64/crt1.c =================================================================== RCS file: /home/ncvs/src/lib/csu/sparc64/crt1.c,v retrieving revision 1.8 diff -u -d -B -b -r1.8 crt1.c --- sparc64/crt1.c 29 Apr 2002 20:25:29 -0000 1.8 +++ sparc64/crt1.c 30 Jun 2002 19:13:04 -0000 @@ -29,11 +29,14 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#ifndef lint #ifndef __GNUC__ #error "GCC is needed to compile this file" #endif +#endif /* lint */ #include + #include "libc_private.h" #include "crtbrand.c" @@ -37,17 +40,17 @@ #include "libc_private.h" #include "crtbrand.c" -struct Struct_Obj_Entry; -struct ps_strings; - -#pragma weak _DYNAMIC extern int _DYNAMIC; +#pragma weak _DYNAMIC + +typedef void (*fptr)(void); -extern void _init(void); extern void _fini(void); +extern void _init(void); extern int main(int, char **, char **); -extern void __sparc64_sigtramp_setup(void); -extern void __sparc64_utrap_setup(void); +extern void _start(char **, void (*)(void), ...); +extern void __sparc_sigtramp_setup(void); +extern void __sparc_utrap_setup(void); #ifdef GCRT extern void _mcleanup(void); @@ -59,6 +62,23 @@ char **environ; const char *__progname = ""; +static __inline fptr +get_term(void) +{ + fptr retval; + +#if 0 +#ifdef __GNUC__ + __asm__ volatile("mov %%g1,%0" : "=r"(retval)); +#else + retval = (fptr)0; /* XXXX Fix this for other compilers */ +#endif +#else + retval = (fptr)0; /* XXXX temporary */ +#endif + return(retval); +} + /* The entry function. */ /* * @@ -71,25 +91,20 @@ * but for now we do not use it here. */ void -_start(char **ap, - void (*cleanup)(void), /* from shared loader */ - struct Struct_Obj_Entry *obj, /* from shared loader */ - struct ps_strings *ps_strings) +_start(char **ap, void (*cleanup)(void), ...) { + void (*term)(void); int argc; char **argv; char **env; const char *s; -#if 0 - void (*term)(void); /* Grab %g1 before it gets used for anything by the compiler. */ /* Sparc ELF psABI specifies a termination routine (if any) will be in %g1 */ - __asm__ volatile("mov %%g1,%0" : "=r"(term)); -#endif + term = get_term(); - argc = * (long *) ap; + argc = *(long *)(void *)ap; argv = ap + 1; env = ap + 2 + argc; environ = env; @@ -102,14 +117,13 @@ __sparc_sigtramp_setup(); __sparc_utrap_setup(); -#if 0 + /* * If the kernel or a shared library wants us to call * a termination function, arrange to do so. */ if (term) atexit(term); -#endif if (&_DYNAMIC != NULL) atexit(cleanup); ------- =_aaaaaaaaaa0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Jun 30 22:41: 7 2002 Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1405237B400; Sun, 30 Jun 2002 22:41:05 -0700 (PDT) Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id CEE9E43E09; Sun, 30 Jun 2002 22:41:03 -0700 (PDT) (envelope-from bde@zeta.org.au) Received: from bde.zeta.org.au (bde.zeta.org.au [203.2.228.102]) by mailman.zeta.org.au (8.9.3/8.8.7) with ESMTP id PAA15236; Mon, 1 Jul 2002 15:41:00 +1000 Date: Mon, 1 Jul 2002 15:46:45 +1000 (EST) From: Bruce Evans X-X-Sender: bde@gamplex.bde.org To: Giorgos Keramidas Cc: audit@FreeBSD.ORG Subject: Re: sysconf(_SC_CLK_TCK) [NetBSD: basesrc/lib/libc/gen] In-Reply-To: <20020630040139.GC1223@hades.hell.gr> Message-ID: <20020701142849.U6692-100000@gamplex.bde.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, 30 Jun 2002, Giorgos Keramidas wrote: > Does the following change look like a nice thing to make to our libc > too? I'm asking before trying to make a diff that does this, because > the log mentions that the standards do not require this to return the > value of HZ, and it's probably improper if programs depend on this > being == HZ. It's not only improper; it is just wrong. sysconf(_SC_CLK_TCK) has nothing to do with the clock that has frequency hz Hz. It is fuzzily related to the clock that has frequency stathz Hz. Under FreeBSD, sysconf(_SC_CLK_TCK) is always 128; stathz is always 128 on i386's except in early versions of FreeBSD-2 it was the same as hz and in FreeBSD-1 it didn't exist; stathz is different from 128 on some arches (e.g., on sparc64's it is the same as hz which may be user-configurable (default 100); hz is very arch-dependent and/or user-configurable (e.g., it is user-configurable on i386's (default 100), and decided by the hardware on alphas (usually 1024?)). > Date: Sun, 23 Jun 2002 22:19:03 +0300 (EEST) > From: "Perry E. Metzger" > Subject: CVS commit: basesrc/lib/libc/gen > To: source-changes@netbsd.org > > Modified Files: > basesrc/lib/libc/gen: sysconf.c > > Log Message: > make sysconf(_SC_CLK_TCK) return the kernel hz value, instead of a > fixed constant, as is done on Solaris, Linux, etc. > > Technically, standards don't *require* this, but having it return a > constant is a violation of the spirit, and screws up programs that > (perhaps improperly) assume that it will return kernel hz. NetBSD should probably use stathz in preference to hz. The correct value for sysconf(_SC_CLK_TCK) is currently 1000000 or some multiple of that. Any other value causes gratuitous loss of precision due to double rounding in the one interface where sysconf(_SC_CLK_TCK) is used, namely times(3) (NetBSD also changed libc/gen/times.c to go with the above commit). times(3) is implemented using getrusage(2). The kernel starts with the total process time which has a precision of 2^-64 seconds in -current (1 usec in RELENG_4). It converts this to usec, so the precision is reduced to 1 usec in both -current and RELENG_4. The time is accurate to about 1 usec on current hardware, so 1 usec is adequate precision. The kernel then subdivides the total process time into user, system and interrupt portions according to the number of user, system and interrupt statclock ticks that occurred while the process was running. These ticks have a resolution of 1/stathz seconds, so the subdivision is fuzzy. The subdivision is a little less fuzzy in -current, since interrupt handling is pessimized by switching to a different process, so there are no interrupt ticks except for interrupt tasks. The kernel then reports the subdivided time to userland using getrusage(). times(3) just scales the subdivided time into units of 1/sysconf(_SC_CLK_TCK) seconds (it actually uses CLK_TCK instead of sysconf(_SC_CLK_TCK) in FreeBSD; this is fixed in NetBSD). It loses accuracy by up to 1000000/syscons(_SC_CLK_TCK) (typically 7812) usec. This is not very important, since statistical errors in the subdivision may lose even more accuracy. However, it would be nice if the sum of the user and system times were as accurate as possible. Changing sysconf(_SC_CLK_TCK) to stathz now would mainly prepare for changing it to a more sensible value later (clock_t needs to have more than 32 bits before sysconf(_SC_CLK_TCK) can have a sensibly large value), and this change can wait until 32 bit arches are not supported. No one uses times(3) anyway -- its man page says that it was obsoleted by getrusage(2) long ago. Note that CLK_TCK needs to be changed to sysconf(_SC_CLK_TCK) to go with this change, or better removed (it was knwn to be a mistake in the first version of POSIX and was removed in POSIX.1-2001). Note that changing CLK_TCK breaks binary compatibility, and removing breaks source compatibility with crufty sources starting with libc/gen/times.c. There are similar issues for ISO C's CLOCKS_PER_SEC. fanf pointed to a discussion in comp.std.c about C99's breakage of CLOCKS_PER_SEC. C99 requires it to be a constant expression, so it can't be #defined as sysconf(_SC_CLK_TCK). Nothing seems to have come of the discussion. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Jul 1 11:41:48 2002 Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4AE6C37B400; Mon, 1 Jul 2002 11:41:44 -0700 (PDT) Received: from numeri.campus.luth.se (numeri.campus.luth.se [130.240.197.103]) by mx1.FreeBSD.org (Postfix) with ESMTP id 22E5343E0A; Mon, 1 Jul 2002 11:41:43 -0700 (PDT) (envelope-from k@numeri.campus.luth.se) Received: (from k@localhost) by numeri.campus.luth.se (8.11.6/8.11.6) id g61IffF50336; Mon, 1 Jul 2002 20:41:41 +0200 (CEST) (envelope-from k) Date: Mon, 1 Jul 2002 20:41:40 +0200 From: Johan Karlsson To: freebsd-audit@freebsd.org Cc: sheldonh@freebsd.org Subject: accounting to appen only file Message-ID: <20020701204140.A49191@numeri.campus.luth.se> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="PNTmBPCT7hxwcZjr" Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --PNTmBPCT7hxwcZjr Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hi I would like to get your comments on the attached patch. It changes the opening of the accounting file to be opened in append mode. According to acct(5) the file should only be appended to. See PR 7169 for more details. I have been running with the equivalent patch on stable for a while and it works as supposed for me. However, since I'm not that familiar with the vn code I would like to get feedback if this might be harmfull in any way. /Johan K -- Johan Karlsson mailto:johan@freebsd.org --PNTmBPCT7hxwcZjr Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="acct.diff" Index: src/sys/kern//kern_acct.c =================================================================== RCS file: /home/ncvs/src/sys/kern/kern_acct.c,v retrieving revision 1.44 diff -u -r1.44 kern_acct.c --- src/sys/kern//kern_acct.c 16 May 2002 21:28:11 -0000 1.44 +++ src/sys/kern//kern_acct.c 30 Jun 2002 19:39:55 -0000 @@ -119,6 +119,9 @@ struct nameidata nd; int error, flags; + /* Open file for append writing only */ + flags = FWRITE | FAPPEND; + /* Make sure that the caller is root. */ error = suser(td); if (error) @@ -126,20 +129,19 @@ mtx_lock(&Giant); /* - * If accounting is to be started to a file, open that file for - * writing and make sure it's a 'normal'. + * If accounting is to be started to a file, open that file + * and make sure it's a 'normal'. */ if (SCARG(uap, path) != NULL) { NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_USERSPACE, SCARG(uap, path), td); - flags = FWRITE; error = vn_open(&nd, &flags, 0); if (error) goto done2; NDFREE(&nd, NDF_ONLY_PNBUF); VOP_UNLOCK(nd.ni_vp, 0, td); if (nd.ni_vp->v_type != VREG) { - vn_close(nd.ni_vp, FWRITE, td->td_ucred, td); + vn_close(nd.ni_vp, flags, td->td_ucred, td); error = EACCES; goto done2; } @@ -151,7 +153,7 @@ */ if (acctp != NULLVP || savacctp != NULLVP) { callout_stop(&acctwatch_callout); - error = vn_close((acctp != NULLVP ? acctp : savacctp), FWRITE, + error = vn_close((acctp != NULLVP ? acctp : savacctp), flags, td->td_ucred, td); acctp = savacctp = NULLVP; } --PNTmBPCT7hxwcZjr-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Jul 1 16:59:55 2002 Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0986037B401; Mon, 1 Jul 2002 16:59:52 -0700 (PDT) Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6FB9C43E0A; Mon, 1 Jul 2002 16:59:51 -0700 (PDT) (envelope-from des@ofug.org) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 0225C5349; Tue, 2 Jul 2002 01:59:48 +0200 (CEST) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: audit@freebsd.org Subject: Full OpenSSH patch for -STABLE From: Dag-Erling Smorgrav Date: 02 Jul 2002 01:59:47 +0200 Message-ID: Lines: 27 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.2 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I won't post this one, it's 2.5 MB. You can get it online at: http://people.freebsd.org/~des/software/openssh-20020701.diff Notes: - Privilege separation is disabled as it breaks Kerberos ticket passing and possibly other features upon which at least some -STABLE users depend. I will enable privsep once the Kerberos issue (and any other issues that may crop up) have been resolved, which probably means "some time after the next OpenSSH release". - The patch updates some PAM modules, and changes pam_std_option() in a way that breaks the PAM library / module interface, though only FreeBSD's own modules are affected since pam_std_option() is a FreeBSD hack. This should make PAM much more useful in -STABLE, particularly as applies to OpenSSH, without going all the way and converting the entire userland to PAM like I've done in -CURRENT. - The patch is not 100% complete; there are still a few nits like what value to pick for VersionAddendum (since this version will not be entirely identical to the one in -CURRENT) and I'm not entirely done fixing pam_ssh(8). DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Jul 1 23:58:48 2002 Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BC2E737B400; Mon, 1 Jul 2002 23:58:45 -0700 (PDT) Received: from axl.seasidesoftware.co.za (axl.seasidesoftware.co.za [196.31.7.201]) by mx1.FreeBSD.org (Postfix) with ESMTP id B056F43E0A; Mon, 1 Jul 2002 23:58:44 -0700 (PDT) (envelope-from sheldonh@starjuice.net) Received: from sheldonh by axl.seasidesoftware.co.za with local (Exim 3.36 #1) id 17PHdf-000Nbf-00; Tue, 02 Jul 2002 08:59:51 +0200 Date: Tue, 2 Jul 2002 08:59:51 +0200 From: Sheldon Hearn To: Johan Karlsson Cc: freebsd-audit@freebsd.org Subject: Re: accounting to appen only file Message-ID: <20020702065951.GA90729@starjuice.net> Mail-Followup-To: Johan Karlsson , freebsd-audit@freebsd.org References: <20020701204140.A49191@numeri.campus.luth.se> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020701204140.A49191@numeri.campus.luth.se> User-Agent: Mutt/1.5.1i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On (2002/07/01 20:41), Johan Karlsson wrote: > + /* Open file for append writing only */ > + flags = FWRITE | FAPPEND; > + > /* Make sure that the caller is root. */ > error = suser(td); > if (error) > @@ -126,20 +129,19 @@ > > mtx_lock(&Giant); > /* > - * If accounting is to be started to a file, open that file for > - * writing and make sure it's a 'normal'. > + * If accounting is to be started to a file, open that file > + * and make sure it's a 'normal'. > */ > if (SCARG(uap, path) != NULL) { > NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_USERSPACE, SCARG(uap, path), > td); > - flags = FWRITE; Am I right in thinking that it's okay to move the setting of flags outside Giant because flags is allocated on the stack? I'm no kernel guy, but that was the only thing that worried me. If nobody with more clue says otherwise in the next couple of days, I'd say go ahead. Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Tue Jul 2 6:18: 6 2002 Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8271937B400; Tue, 2 Jul 2002 06:18:02 -0700 (PDT) Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4F64D43E2F; Tue, 2 Jul 2002 06:18:01 -0700 (PDT) (envelope-from bde@zeta.org.au) Received: from bde.zeta.org.au (bde.zeta.org.au [203.2.228.102]) by mailman.zeta.org.au (8.9.3/8.8.7) with ESMTP id XAA01797; Tue, 2 Jul 2002 23:17:58 +1000 Date: Tue, 2 Jul 2002 23:23:48 +1000 (EST) From: Bruce Evans X-X-Sender: bde@gamplex.bde.org To: Johan Karlsson Cc: freebsd-audit@FreeBSD.ORG, Subject: Re: accounting to appen only file In-Reply-To: <20020701204140.A49191@numeri.campus.luth.se> Message-ID: <20020702224153.U12090-100000@gamplex.bde.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > I have been running with the equivalent patch on stable > for a while and it works as supposed for me. However, since > I'm not that familiar with the vn code I would like to get > feedback if this might be harmfull in any way. > Index: src/sys/kern//kern_acct.c > =================================================================== > RCS file: /home/ncvs/src/sys/kern/kern_acct.c,v > retrieving revision 1.44 > diff -u -r1.44 kern_acct.c > --- src/sys/kern//kern_acct.c 16 May 2002 21:28:11 -0000 1.44 > +++ src/sys/kern//kern_acct.c 30 Jun 2002 19:39:55 -0000 > @@ -119,6 +119,9 @@ > struct nameidata nd; > int error, flags; > > + /* Open file for append writing only */ > + flags = FWRITE | FAPPEND; > + This has some style bugs: excessive commenting, an unterminated sentence, and some less than useful code restructuring (moving the initialization of `flags'. (This file is excessively commented in several places. I think the comments in acct_process() are just to show that it was implemented in a clean room starting from documentation.) > /* Make sure that the caller is root. */ > error = suser(td); Excessive commenting in old code. > if (error) > @@ -126,20 +129,19 @@ > > mtx_lock(&Giant); > /* > - * If accounting is to be started to a file, open that file for > - * writing and make sure it's a 'normal'. > + * If accounting is to be started to a file, open that file > + * and make sure it's a 'normal'. > */ > if (SCARG(uap, path) != NULL) { > NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_USERSPACE, SCARG(uap, path), > td); > - flags = FWRITE; I would just change FWRITE globally to FWRITE | FAPPEND (and adjust the comment to say "appending"). That would be a little chummy with the implementation, but so is the existing and new code, and fixing this is beyond the scope of the PR. > error = vn_open(&nd, &flags, 0); Note that the flags variable was only used to discard some changes made by vn_open(). At least in the direct descendant of vn_open(), these changes are limited to clearing O_CREAT and O_TRUNC, but we really shouldn't assume this. Strictly, we should record returned flags for use late like the `file' layer would do. > if (error) > goto done2; > NDFREE(&nd, NDF_ONLY_PNBUF); > VOP_UNLOCK(nd.ni_vp, 0, td); > if (nd.ni_vp->v_type != VREG) { > - vn_close(nd.ni_vp, FWRITE, td->td_ucred, td); > + vn_close(nd.ni_vp, flags, td->td_ucred, td); This fixes an error case to use the returned flags. > error = EACCES; > goto done2; > } > @@ -151,7 +153,7 @@ > */ > if (acctp != NULLVP || savacctp != NULLVP) { > callout_stop(&acctwatch_callout); > - error = vn_close((acctp != NULLVP ? acctp : savacctp), FWRITE, > + error = vn_close((acctp != NULLVP ? acctp : savacctp), flags, Here using the returned flags is (logically) worse than using hard-coded flags, since we are closing a different file so we should strictly use the flags that were returned when we opened that file, nit the flags for the file that we just opened. > td->td_ucred, td); > acctp = savacctp = NULLVP; > } I think FAPPEND should be spelled O_APPEND in the above. The former spelling is currently not used anywhere in *.c under /sys except in alpha/osf1. It should be only compatibility cruft for userland. I doubt that vn_close() actually cares about the FAPPEND flag. There are some more FWRITE's in acctwatch(). These are only for closes, so the correctness of the above patches depends on vn_close() not caring. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Tue Jul 2 7:13:46 2002 Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A5DFA37B400; Tue, 2 Jul 2002 07:13:39 -0700 (PDT) Received: from numeri.campus.luth.se (numeri.campus.luth.se [130.240.197.103]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5E4FF43E2F; Tue, 2 Jul 2002 07:13:34 -0700 (PDT) (envelope-from k@numeri.campus.luth.se) Received: (from k@localhost) by numeri.campus.luth.se (8.11.6/8.11.6) id g62EDSQ92570; Tue, 2 Jul 2002 16:13:28 +0200 (CEST) (envelope-from k) Date: Tue, 2 Jul 2002 16:13:27 +0200 From: Johan Karlsson To: Bruce Evans Cc: freebsd-audit@FreeBSD.ORG, sheldonh@FreeBSD.ORG Subject: Re: accounting to appen only file Message-ID: <20020702161327.A90890@numeri.campus.luth.se> References: <20020701204140.A49191@numeri.campus.luth.se> <20020702224153.U12090-100000@gamplex.bde.org> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="azLHFNyN32YCQGCU" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20020702224153.U12090-100000@gamplex.bde.org>; from bde@zeta.org.au on Tue, Jul 02, 2002 at 11:23:48PM +1000 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --azLHFNyN32YCQGCU Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Tue, Jul 02, 2002 at 23:23 (+1000) +0000, Bruce Evans wrote: > Note that the flags variable was only used to discard some changes made > by vn_open(). At least in the direct descendant of vn_open(), these changes > are limited to clearing O_CREAT and O_TRUNC, but we really shouldn't assume > this. Strictly, we should record returned flags for use late like the `file' > layer would do. I have implemented a variant of this, please see the attached patch. take care /Johan K -- Johan Karlsson mailto:johan@FreeBSD.org --azLHFNyN32YCQGCU Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="acct.diff2" Index: kern_acct.c =================================================================== RCS file: /home/ncvs/src/sys/kern/kern_acct.c,v retrieving revision 1.44 diff -u -r1.44 kern_acct.c --- kern_acct.c 16 May 2002 21:28:11 -0000 1.44 +++ kern_acct.c 2 Jul 2002 14:04:12 -0000 @@ -83,10 +83,11 @@ static struct callout acctwatch_callout; /* - * Accounting vnode pointer, and saved vnode pointer. + * Accounting vnode pointer, saved vnode pointer, and its flags. */ static struct vnode *acctp; static struct vnode *savacctp; +static int acctflags, saveacctflags; /* * Values associated with enabling and disabling accounting @@ -127,19 +128,19 @@ mtx_lock(&Giant); /* * If accounting is to be started to a file, open that file for - * writing and make sure it's a 'normal'. + * appending and make sure it's a 'normal'. */ if (SCARG(uap, path) != NULL) { NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_USERSPACE, SCARG(uap, path), td); - flags = FWRITE; + flags = FWRITE | O_APPEND; error = vn_open(&nd, &flags, 0); if (error) goto done2; NDFREE(&nd, NDF_ONLY_PNBUF); VOP_UNLOCK(nd.ni_vp, 0, td); if (nd.ni_vp->v_type != VREG) { - vn_close(nd.ni_vp, FWRITE, td->td_ucred, td); + vn_close(nd.ni_vp, flags, td->td_ucred, td); error = EACCES; goto done2; } @@ -151,7 +152,8 @@ */ if (acctp != NULLVP || savacctp != NULLVP) { callout_stop(&acctwatch_callout); - error = vn_close((acctp != NULLVP ? acctp : savacctp), FWRITE, + error = vn_close((acctp != NULLVP ? acctp : savacctp), + (acctp != NULLVP ? acctflags : saveacctflags), td->td_ucred, td); acctp = savacctp = NULLVP; } @@ -163,6 +165,7 @@ * free space watcher. */ acctp = nd.ni_vp; + acctflags = flags; callout_init(&acctwatch_callout, 0); acctwatch(NULL); done2: @@ -316,13 +319,14 @@ if (savacctp != NULLVP) { if (savacctp->v_type == VBAD) { - (void) vn_close(savacctp, FWRITE, NOCRED, NULL); + (void) vn_close(savacctp, saveacctflags, NOCRED, NULL); savacctp = NULLVP; return; } (void)VFS_STATFS(savacctp->v_mount, &sb, (struct thread *)0); if (sb.f_bavail > acctresume * sb.f_blocks / 100) { acctp = savacctp; + acctflags = savacctflags; savacctp = NULLVP; log(LOG_NOTICE, "Accounting resumed\n"); } @@ -330,13 +334,14 @@ if (acctp == NULLVP) return; if (acctp->v_type == VBAD) { - (void) vn_close(acctp, FWRITE, NOCRED, NULL); + (void) vn_close(acctp, acctflags, NOCRED, NULL); acctp = NULLVP; return; } (void)VFS_STATFS(acctp->v_mount, &sb, (struct thread *)0); if (sb.f_bavail <= acctsuspend * sb.f_blocks / 100) { savacctp = acctp; + savacctflags = acctflags; acctp = NULLVP; log(LOG_NOTICE, "Accounting suspended\n"); } --azLHFNyN32YCQGCU-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Jul 3 4:51:15 2002 Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C0FEB37B400 for ; Wed, 3 Jul 2002 04:51:12 -0700 (PDT) Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by mx1.FreeBSD.org (Postfix) with ESMTP id 26BDB43E4A for ; Wed, 3 Jul 2002 04:51:12 -0700 (PDT) (envelope-from des@ofug.org) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 16154534A; Wed, 3 Jul 2002 13:51:09 +0200 (CEST) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: Mark Murray Cc: audit@FreeBSD.ORG Subject: Re: lib/csu cleanup #2 - review please (commit candidate) References: <200206231830.g5NIUAa4045990@grimreaper.grondar.org> <200206301924.g5UJOL07070228@grimreaper.grondar.org> From: Dag-Erling Smorgrav Date: 03 Jul 2002 13:51:07 +0200 In-Reply-To: <200206301924.g5UJOL07070228@grimreaper.grondar.org> Message-ID: Lines: 12 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.2 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Mark Murray writes: > In response to some useful comments from Bruce and David, I've > cleaned this up, tested it on i386-elf (on my laptop) and extended > it to the other architectures a lot more (limited testing, so > please help out!). My Miata just survived two buildworlds in a row with the patch (and a reboot in between), so I'd say Alpha is go mission. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Jul 3 10: 0:11 2002 Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6D0DA37B400 for ; Wed, 3 Jul 2002 10:00:04 -0700 (PDT) Received: from dragon.nuxi.com (trang.nuxi.com [66.92.13.169]) by mx1.FreeBSD.org (Postfix) with ESMTP id CF4A043E42 for ; Wed, 3 Jul 2002 10:00:03 -0700 (PDT) (envelope-from obrien@NUXI.com) Received: from dragon.nuxi.com (obrien@localhost [127.0.0.1]) by dragon.nuxi.com (8.12.5/8.12.2) with ESMTP id g63H03Xu008663; Wed, 3 Jul 2002 10:00:03 -0700 (PDT) (envelope-from obrien@dragon.nuxi.com) Received: (from obrien@localhost) by dragon.nuxi.com (8.12.5/8.12.5/Submit) id g63Gxvos008640; Wed, 3 Jul 2002 09:59:57 -0700 (PDT) Date: Wed, 3 Jul 2002 09:59:56 -0700 From: "David O'Brien" To: Mark Murray Cc: audit@FreeBSD.ORG Subject: Re: lib/csu cleanup #2 - review please (commit candidate) Message-ID: <20020703095956.A8415@dragon.nuxi.com> Reply-To: audit@FreeBSD.ORG Mail-Followup-To: David O'Brien , Mark Murray , audit@FreeBSD.ORG References: <200206231830.g5NIUAa4045990@grimreaper.grondar.org> <200206301924.g5UJOL07070228@grimreaper.grondar.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200206301924.g5UJOL07070228@grimreaper.grondar.org>; from mark@grondar.za on Sun, Jun 30, 2002 at 08:24:21PM +0100 X-Operating-System: FreeBSD 5.0-CURRENT Organization: The NUXI BSD group X-Pgp-Rsa-Fingerprint: B7 4D 3E E9 11 39 5F A3 90 76 5D 69 58 D9 98 7A X-Pgp-Rsa-Keyid: 1024/34F9F9D5 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, Jun 30, 2002 at 08:24:21PM +0100, Mark Murray wrote: > In response to some useful comments from Bruce and David, I've > cleaned this up, tested it on i386-elf (on my laptop) and extended > it to the other architectures a lot more (limited testing, so > please help out!). But you didn't answer these questions: > Index: alpha/crt1.c > =================================================================== > RCS file: /home/ncvs/src/lib/csu/alpha/crt1.c,v ... > +#ifndef lint > + > #ifndef __GNUC__ > #error "GCC is needed to compile this file" > #endif Please change Lint to note the #error but to continue processing. I've pondered it and cannot find a good reason for Lint to "obey" #error. > -_start(char *arguments, ...) > +_start(char *ap, ...) Why do we need to rename "arguments"? > +extern int _DYNAMIC; > +#pragma weak _DYNAMIC Why? IMO #pragma's should come as early as possible. (#also sorts before `e'xtern) New questions: > -_start(char **ap, > - void (*cleanup)(void), /* from shared loader */ > - struct Struct_Obj_Entry *obj __unused, /* from shared loader */ > - struct ps_strings *ps_strings __unused) > +_start(char **ap, void (*cleanup)(void), ...) Why take a more exact prototype and definition to a lesser one? > - fptr rtld_cleanup; > + fptr cleanup; ... > - rtld_cleanup = get_rtld_cleanup(); > + cleanup = get_rtld_cleanup(); Why do we need to rename this? (you also have a ^I above) > diffs in i386-elf/crt1.c (Which I will commit separately; it > has 4-space indents instead of tabs, and I'd like to fix that). Why? This is not abandoned code. Our practice is to leave existing style alone when making small changes. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Jul 3 10:16: 1 2002 Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 13A8837B400 for ; Wed, 3 Jul 2002 10:15:58 -0700 (PDT) Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.139.170]) by mx1.FreeBSD.org (Postfix) with ESMTP id 08AD943E42 for ; Wed, 3 Jul 2002 10:15:53 -0700 (PDT) (envelope-from mark@grimreaper.grondar.org) Received: from storm.FreeBSD.org.uk (uucp@localhost [127.0.0.1]) by storm.FreeBSD.org.uk (8.12.5/8.12.5) with ESMTP id g63HFpCE079121 for ; Wed, 3 Jul 2002 18:15:51 +0100 (BST) (envelope-from mark@grimreaper.grondar.org) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.12.5/8.12.5/Submit) with UUCP id g63HFpGa079120 for audit@FreeBSD.ORG; Wed, 3 Jul 2002 18:15:51 +0100 (BST) Received: from grimreaper.grondar.org (localhost [127.0.0.1]) by grimreaper.grondar.org (8.12.5/8.12.5) with ESMTP id g63HAjii001037 for ; Wed, 3 Jul 2002 18:10:45 +0100 (BST) (envelope-from mark@grimreaper.grondar.org) Message-Id: <200207031710.g63HAjii001037@grimreaper.grondar.org> To: audit@FreeBSD.ORG Subject: Re: lib/csu cleanup #2 - review please (commit candidate) References: <20020703095956.A8415@dragon.nuxi.com> In-Reply-To: <20020703095956.A8415@dragon.nuxi.com> ; from "David O'Brien" "Wed, 03 Jul 2002 09:59:56 PDT." Date: Wed, 03 Jul 2002 18:10:44 +0100 From: Mark Murray Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > On Sun, Jun 30, 2002 at 08:24:21PM +0100, Mark Murray wrote: > > In response to some useful comments from Bruce and David, I've > > cleaned this up, tested it on i386-elf (on my laptop) and extended > > it to the other architectures a lot more (limited testing, so > > please help out!). > > But you didn't answer these questions: > > > Index: alpha/crt1.c > > =================================================================== > > RCS file: /home/ncvs/src/lib/csu/alpha/crt1.c,v > ... > > +#ifndef lint > > + > > #ifndef __GNUC__ > > #error "GCC is needed to compile this file" > > #endif > > Please change Lint to note the #error but to continue processing. I've > pondered it and cannot find a good reason for Lint to "obey" #error. That would violate lint(1) POLA. I guess an option could be added at some stage to do this. > > -_start(char *arguments, ...) > > +_start(char *ap, ...) > > Why do we need to rename "arguments"? To make it the same as all the others. > > +extern int _DYNAMIC; > > +#pragma weak _DYNAMIC > > Why? IMO #pragma's should come as early as possible. > (#also sorts before `e'xtern) I put these in the same place in all files. Which way round they came, and exactly where they came was pot luck, really. > New questions: > > > -_start(char **ap, > > - void (*cleanup)(void), /* from shared loader */ > > - struct Struct_Obj_Entry *obj __unused, /* from shared loader */ > > - struct ps_strings *ps_strings __unused) > > +_start(char **ap, void (*cleanup)(void), ...) > > Why take a more exact prototype and definition to a lesser one? Because I could see no reason to clutter the file with unused structure declarations, just so that unused arguments could be instantiated. Call it a code cleanup. The code has been verified to work in a make world. > > - fptr rtld_cleanup; > > + fptr cleanup; > ... > > - rtld_cleanup = get_rtld_cleanup(); > > + cleanup = get_rtld_cleanup(); > > Why do we need to rename this? (you also have a ^I above) The ^I's have been fixed. The rtld_cleanup's were renamed to be the same as a similarly used variable in all the other files. > > diffs in i386-elf/crt1.c (Which I will commit separately; it > > has 4-space indents instead of tabs, and I'd like to fix that). > > Why? This is not abandoned code. Our practice is to leave existing > style alone when making small changes. Oops. Sorry. I already did this, as I thought it was uncontested. I can do the cleanups if you like. As I said in the explanation, I was reducing the diffs between all the versions of crt1.c as far as was sane/reasonable. I also discussed this with you in SF last time I was there. M -- o Mark Murray \_ O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Jul 4 2:27:45 2002 Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D8AED37B400 for ; Thu, 4 Jul 2002 02:27:39 -0700 (PDT) Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9509A43E31 for ; Thu, 4 Jul 2002 02:27:38 -0700 (PDT) (envelope-from bde@zeta.org.au) Received: from bde.zeta.org.au (bde.zeta.org.au [203.2.228.102]) by mailman.zeta.org.au (8.9.3/8.8.7) with ESMTP id TAA31471; Thu, 4 Jul 2002 19:27:21 +1000 Date: Thu, 4 Jul 2002 19:33:21 +1000 (EST) From: Bruce Evans X-X-Sender: bde@gamplex.bde.org To: Mark Murray Cc: audit@FreeBSD.ORG Subject: Re: lib/csu cleanup #2 - review please (commit candidate) In-Reply-To: <200207031710.g63HAjii001037@grimreaper.grondar.org> Message-ID: <20020704192057.V21375-100000@gamplex.bde.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, 3 Jul 2002, Mark Murray wrote: > [Mark Murray didn't write] > > But you didn't answer these questions: > > ... > > > +#ifndef lint > > > + > > > #ifndef __GNUC__ > > > #error "GCC is needed to compile this file" > > > #endif > > > > Please change Lint to note the #error but to continue processing. I've > > pondered it and cannot find a good reason for Lint to "obey" #error. > > That would violate lint(1) POLA. I guess an option could be added at some > stage to do this. Continuing processing would be good in some cases but not here. The whole point of this #error is to prevent an error cascade from continuing processing. Perhaps the scope of this #error is too large. Only about 5 lines of asms in this file need gcc. > ... > > New questions: > > > > > -_start(char **ap, > > > - void (*cleanup)(void), /* from shared loader */ > > > - struct Struct_Obj_Entry *obj __unused, /* from shared loader */ > > > - struct ps_strings *ps_strings __unused) > > > +_start(char **ap, void (*cleanup)(void), ...) > > > > Why take a more exact prototype and definition to a lesser one? > > Because I could see no reason to clutter the file with unused > structure declarations, just so that unused arguments could be > instantiated. Call it a code cleanup. The code has been verified > to work in a make world. Hrmph. My review said that the i386 code should probably be changed to be more like the alpha code here, not the reverse. There are no varargs functions here. Declaring and implementing a non-varargs function as varargs gives machine-dependent breakage, e.g., passing the args in the wrong place on only some machines. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Jul 4 3:16: 7 2002 Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E9B5B37B407 for ; Thu, 4 Jul 2002 03:16:00 -0700 (PDT) Received: from mail.musha.org (daemon.musha.org [218.44.187.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id EF33643E4A for ; Thu, 4 Jul 2002 03:15:59 -0700 (PDT) (envelope-from knu@iDaemons.org) Received: from daemon.musha.org (daemon.local.idaemons.org [192.168.1.1]) by mail.musha.org (Postfix) with ESMTP id 6ECB64D81A for ; Thu, 4 Jul 2002 19:15:58 +0900 (JST) Date: Thu, 04 Jul 2002 19:15:58 +0900 Message-ID: <86sn2zpzmp.wl@daemon.musha.org> From: "Akinori MUSHA" To: audit@FreeBSD.org Subject: suidperl User-Agent: Wanderlust/2.9.13 (Unchained Melody) SEMI/1.14.4 (Hosorogi) LIMIT/1.14.7 (Fujiidera) APEL/10.3 Emacs/21.2 (i386--freebsd) MULE/5.0 (SAKAKI) Organization: Associated I. Daemons X-PGP-Public-Key: finger knu@FreeBSD.org X-PGP-Fingerprint: 081D 099C 1705 861D 4B70 B04A 920B EFC7 9FD9 E1EE MIME-Version: 1.0 (generated by SEMI 1.14.4 - "Hosorogi") Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Here's a patch that fixes suidperl and ENABLE_SUIDPERL. Currently you cannot easily enable suidperl even by hand, because perl, perl5, perl5.6.1 and suidperl are hardlinks to each other. (`chmod 4555 /usr/bin/suidperl' also affects /usr/bin/perl) Index: src/usr.bin/Makefile =================================================================== RCS file: /home/ncvs/src/usr.bin/Makefile,v retrieving revision 1.213 diff -u -r1.213 Makefile --- src/usr.bin/Makefile 3 Jul 2002 19:23:50 -0000 1.213 +++ src/usr.bin/Makefile 4 Jul 2002 10:14:19 -0000 @@ -146,6 +146,7 @@ split \ stat \ su \ + suidperl \ symorder \ systat \ tabs \ Index: src/usr.bin/perl/Makefile =================================================================== RCS file: /home/ncvs/src/usr.bin/perl/Makefile,v retrieving revision 1.5 diff -u -r1.5 Makefile --- src/usr.bin/perl/Makefile 7 Jun 2002 18:55:42 -0000 1.5 +++ src/usr.bin/perl/Makefile 4 Jul 2002 09:20:54 -0000 @@ -4,7 +4,6 @@ NOMAN= WARNS?= 6 LINKS= ${BINDIR}/perl ${BINDIR}/perl5 \ - ${BINDIR}/perl ${BINDIR}/perl5.6.1 \ - ${BINDIR}/perl ${BINDIR}/suidperl + ${BINDIR}/perl ${BINDIR}/perl5.6.1 .include Index: src/usr.bin/suidperl/Makefile =================================================================== RCS file: src/usr.bin/suidperl/Makefile diff -N src/usr.bin/suidperl/Makefile --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ src/usr.bin/suidperl/Makefile 4 Jul 2002 10:08:12 -0000 @@ -0,0 +1,15 @@ +# $FreeBSD$ + +.PATH: ${.CURDIR}/../perl + +PROG= suidperl +SRCS= perl.c +NOMAN= +WARNS?= 6 + +BINOWN= root +.if defined(ENABLE_SUIDPERL) +BINMODE=4555 +.endif + +.include -- / /__ __ Akinori.org / MUSHA.org / ) ) ) ) / FreeBSD.org / Ruby-lang.org Akinori MUSHA aka / (_ / ( (__( @ iDaemons.org / and.or.jp "When I leave I don't know what I'm hoping to find When I leave I don't know what I'm leaving behind.." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Jul 4 3:56: 6 2002 Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A702637B400 for ; Thu, 4 Jul 2002 03:56:02 -0700 (PDT) Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.139.170]) by mx1.FreeBSD.org (Postfix) with ESMTP id C52B143E3B for ; Thu, 4 Jul 2002 03:56:00 -0700 (PDT) (envelope-from mark@grimreaper.grondar.org) Received: from storm.FreeBSD.org.uk (uucp@localhost [127.0.0.1]) by storm.FreeBSD.org.uk (8.12.5/8.12.5) with ESMTP id g64AtqCE009043; Thu, 4 Jul 2002 11:55:52 +0100 (BST) (envelope-from mark@grimreaper.grondar.org) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.12.5/8.12.5/Submit) with UUCP id g64AtpOE009042; Thu, 4 Jul 2002 11:55:51 +0100 (BST) Received: from grimreaper.grondar.org (localhost [127.0.0.1]) by grimreaper.grondar.org (8.12.5/8.12.5) with ESMTP id g64ApNii029382; Thu, 4 Jul 2002 11:51:23 +0100 (BST) (envelope-from mark@grimreaper.grondar.org) Message-Id: <200207041051.g64ApNii029382@grimreaper.grondar.org> To: Bruce Evans Cc: audit@FreeBSD.ORG Subject: Re: lib/csu cleanup #2 - review please (commit candidate) References: <20020704192057.V21375-100000@gamplex.bde.org> In-Reply-To: <20020704192057.V21375-100000@gamplex.bde.org> ; from Bruce Evans "Thu, 04 Jul 2002 19:33:21 +1000." Date: Thu, 04 Jul 2002 11:51:22 +0100 From: Mark Murray Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > > Because I could see no reason to clutter the file with unused > > structure declarations, just so that unused arguments could be > > instantiated. Call it a code cleanup. The code has been verified > > to work in a make world. > > Hrmph. My review said that the i386 code should probably be changed > to be more like the alpha code here, not the reverse. There are no > varargs functions here. Declaring and implementing a non-varargs > function as varargs gives machine-dependent breakage, e.g., passing > the args in the wrong place on only some machines. Your review was Hard To Read(tm), and explained how things worked, without really giving a particularly strong direction for how things should proceed. Quoted: > Why do we need to rename "arguments"? Presumably for consistency with the other crt1.c's. But ap is not a very good name, sepecially here -- it often means the varargs pointer, but that is not what it (starts as) here. The code uses a hand rolled version of va_arg() to handle "...". That probably wouldn't work on more complicated arches. The corresponding alpha code doesn't even use "...". That is more correct, since we don't have a normal varargs setup (which might have some args in registers) -- we have an array of "char **"'s which has been initialized using suword() to write a long into each char ** (this all assumes that longs can hold "char **"'s, and some other things. I'm surprised it works for i386's with 64-bit longs). Distilling: o "ap" is not a very good name. o code uses hand-rolled va_arg() equivalent code that may not work on other (nonexistent) arches. o alpha may be more correct Questions: o if the alpha method is more correct, what are the needed i386 changes to remove the '...'? o What is so important about these unused argments anyway? o What could be done to make all the crt1.c's the same? M -- o Mark Murray \_ O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Jul 4 4:49:52 2002 Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8A94E37B400 for ; Thu, 4 Jul 2002 04:49:51 -0700 (PDT) Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4B1D943E09 for ; Thu, 4 Jul 2002 04:49:50 -0700 (PDT) (envelope-from bde@zeta.org.au) Received: from bde.zeta.org.au (bde.zeta.org.au [203.2.228.102]) by mailman.zeta.org.au (8.9.3/8.8.7) with ESMTP id VAA10630; Thu, 4 Jul 2002 21:49:44 +1000 Date: Thu, 4 Jul 2002 21:55:45 +1000 (EST) From: Bruce Evans X-X-Sender: bde@gamplex.bde.org To: Mark Murray Cc: audit@FreeBSD.ORG Subject: Re: lib/csu cleanup #2 - review please (commit candidate) In-Reply-To: <200207041051.g64ApNii029382@grimreaper.grondar.org> Message-ID: <20020704215102.A21853-100000@gamplex.bde.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, 4 Jul 2002, Mark Murray wrote: > > > Because I could see no reason to clutter the file with unused > > > structure declarations, just so that unused arguments could be > > > instantiated. Call it a code cleanup. The code has been verified > > > to work in a make world. > > > > Hrmph. My review said that the i386 code should probably be changed > > to be more like the alpha code here, not the reverse. There are no > > varargs functions here. Declaring and implementing a non-varargs > > function as varargs gives machine-dependent breakage, e.g., passing > > the args in the wrong place on only some machines. > > Your review was Hard To Read(tm), and explained how things worked, > without really giving a particularly strong direction for how things > should proceed. Quoted: Sigh. I've already given more than enough expanations. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Jul 4 5:11:55 2002 Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C352D37B400 for ; Thu, 4 Jul 2002 05:11:53 -0700 (PDT) Received: from dilbert.robbins.dropbear.id.au (215.c.011.mel.iprimus.net.au [210.50.218.215]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8F7DC43E3B for ; Thu, 4 Jul 2002 05:11:51 -0700 (PDT) (envelope-from tim@robbins.dropbear.id.au) Received: from dilbert.robbins.dropbear.id.au (tim@localhost [127.0.0.1]) by dilbert.robbins.dropbear.id.au (8.12.3/8.12.3) with ESMTP id g64CBkcT053800; Thu, 4 Jul 2002 22:11:46 +1000 (EST) (envelope-from tim@dilbert.robbins.dropbear.id.au) Received: (from tim@localhost) by dilbert.robbins.dropbear.id.au (8.12.3/8.12.3/Submit) id g64CAV8e053759; Thu, 4 Jul 2002 22:10:31 +1000 (EST) Date: Thu, 4 Jul 2002 22:10:31 +1000 From: Tim Robbins To: Akinori MUSHA Cc: audit@FreeBSD.ORG Subject: Re: suidperl Message-ID: <20020704221031.A53275@dilbert.robbins.dropbear.id.au> References: <86sn2zpzmp.wl@daemon.musha.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <86sn2zpzmp.wl@daemon.musha.org>; from knu@iDaemons.org on Thu, Jul 04, 2002 at 07:15:58PM +0900 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, Jul 04, 2002 at 07:15:58PM +0900, Akinori MUSHA wrote: > Index: src/usr.bin/suidperl/Makefile > =================================================================== > RCS file: src/usr.bin/suidperl/Makefile > diff -N src/usr.bin/suidperl/Makefile > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ src/usr.bin/suidperl/Makefile 4 Jul 2002 10:08:12 -0000 > @@ -0,0 +1,15 @@ > +# $FreeBSD$ > + > +.PATH: ${.CURDIR}/../perl > + > +PROG= suidperl > +SRCS= perl.c > +NOMAN= > +WARNS?= 6 > + > +BINOWN= root > +.if defined(ENABLE_SUIDPERL) > +BINMODE=4555 > +.endif This is unsafe: $ ln -s /bin/sh /tmp/perl $ env PATH=/tmp:$PATH /usr/bin/perl # id uid=1001(tim) euid=0(root) gid=1001(tim) groups=1001(tim), 0(wheel) Tim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Jul 4 5:15:43 2002 Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D235B37B400 for ; Thu, 4 Jul 2002 05:15:40 -0700 (PDT) Received: from south.nanolink.com (south.nanolink.com [217.75.134.10]) by mx1.FreeBSD.org (Postfix) with SMTP id 5A29B43E31 for ; Thu, 4 Jul 2002 05:15:39 -0700 (PDT) (envelope-from roam@ringlet.net) Received: (qmail 52709 invoked by uid 85); 4 Jul 2002 12:28:08 -0000 Received: from unknown (HELO straylight.ringlet.net) (212.116.140.125) by south.nanolink.com with SMTP; 4 Jul 2002 12:28:05 -0000 Received: (qmail 3746 invoked by uid 1000); 4 Jul 2002 12:14:13 -0000 Date: Thu, 4 Jul 2002 15:14:13 +0300 From: Peter Pentchev To: Tim Robbins Cc: Akinori MUSHA , audit@FreeBSD.ORG Subject: Re: suidperl Message-ID: <20020704121413.GB382@straylight.oblivion.bg> Mail-Followup-To: Tim Robbins , Akinori MUSHA , audit@FreeBSD.ORG References: <86sn2zpzmp.wl@daemon.musha.org> <20020704221031.A53275@dilbert.robbins.dropbear.id.au> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="vkogqOf2sHV7VnPd" Content-Disposition: inline In-Reply-To: <20020704221031.A53275@dilbert.robbins.dropbear.id.au> User-Agent: Mutt/1.5.1i X-Virus-Scanned: by Nik's Monitoring Daemon (AMaViS perl-11d ) Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --vkogqOf2sHV7VnPd Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jul 04, 2002 at 10:10:31PM +1000, Tim Robbins wrote: > On Thu, Jul 04, 2002 at 07:15:58PM +0900, Akinori MUSHA wrote: >=20 > > Index: src/usr.bin/suidperl/Makefile > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > > RCS file: src/usr.bin/suidperl/Makefile > > diff -N src/usr.bin/suidperl/Makefile > > --- /dev/null 1 Jan 1970 00:00:00 -0000 > > +++ src/usr.bin/suidperl/Makefile 4 Jul 2002 10:08:12 -0000 > > @@ -0,0 +1,15 @@ > > +# $FreeBSD$ > > + > > +.PATH: ${.CURDIR}/../perl > > + > > +PROG=3D suidperl > > +SRCS=3D perl.c > > +NOMAN=3D > > +WARNS?=3D 6 > > + > > +BINOWN=3D root > > +.if defined(ENABLE_SUIDPERL) > > +BINMODE=3D4555 > > +.endif >=20 > This is unsafe: >=20 > $ ln -s /bin/sh /tmp/perl > $ env PATH=3D/tmp:$PATH /usr/bin/perl > # id > uid=3D1001(tim) euid=3D0(root) gid=3D1001(tim) groups=3D1001(tim), 0(whee= l) Are you sure that you do not have suidperl still hardlinked to 'perl', exactly the hardlink that the first part of knu's patch removes? :) G'luck, Peter --=20 Peter Pentchev roam@ringlet.net roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 If I had finished this sentence, --vkogqOf2sHV7VnPd Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE9JDwU7Ri2jRYZRVMRAsXPAKCf2t/KhMx1ksgl3bdDt3frUxOWpQCfZSdl hI4/MWrrRtmDYpS5oCux2Ds= =Gugd -----END PGP SIGNATURE----- --vkogqOf2sHV7VnPd-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Jul 4 5:51:31 2002 Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 23C4337B401 for ; Thu, 4 Jul 2002 05:51:30 -0700 (PDT) Received: from dilbert.robbins.dropbear.id.au (215.c.011.mel.iprimus.net.au [210.50.218.215]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6562A43E09 for ; Thu, 4 Jul 2002 05:51:28 -0700 (PDT) (envelope-from tim@robbins.dropbear.id.au) Received: from dilbert.robbins.dropbear.id.au (tim@localhost [127.0.0.1]) by dilbert.robbins.dropbear.id.au (8.12.3/8.12.3) with ESMTP id g64CpQcT055224; Thu, 4 Jul 2002 22:51:26 +1000 (EST) (envelope-from tim@dilbert.robbins.dropbear.id.au) Received: (from tim@localhost) by dilbert.robbins.dropbear.id.au (8.12.3/8.12.3/Submit) id g64CoAGY055169; Thu, 4 Jul 2002 22:50:10 +1000 (EST) Date: Thu, 4 Jul 2002 22:50:09 +1000 From: Tim Robbins To: Peter Pentchev Cc: Akinori MUSHA , audit@FreeBSD.ORG Subject: Re: suidperl Message-ID: <20020704225009.A54167@dilbert.robbins.dropbear.id.au> References: <86sn2zpzmp.wl@daemon.musha.org> <20020704221031.A53275@dilbert.robbins.dropbear.id.au> <20020704121413.GB382@straylight.oblivion.bg> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20020704121413.GB382@straylight.oblivion.bg>; from roam@ringlet.net on Thu, Jul 04, 2002 at 03:14:13PM +0300 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, Jul 04, 2002 at 03:14:13PM +0300, Peter Pentchev wrote: > Are you sure that you do not have suidperl still hardlinked to 'perl', > exactly the hardlink that the first part of knu's patch removes? :) I just turned on the suid bit on /usr/bin/perl to test. The code in src/usr.bin/perl/perl.c isn't safe to run suid (or any time the effective user does not trust whoever set the PATH variable) because it runs arbitrary programs from directories in PATH. In any case, the way /usr/bin/perl relies on PATH to find the interpreter is unsafe to a lesser degree even with the suid bit turned off. Tim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Jul 4 8:35:13 2002 Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C296037B400; Thu, 4 Jul 2002 08:35:11 -0700 (PDT) Received: from mail.musha.org (daemon.musha.org [218.44.187.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 64FFA43E09; Thu, 4 Jul 2002 08:35:10 -0700 (PDT) (envelope-from knu@iDaemons.org) Received: from daemon.musha.org (daemon.local.idaemons.org [192.168.1.1]) by mail.musha.org (Postfix) with ESMTP id D25224D801; Fri, 5 Jul 2002 00:35:04 +0900 (JST) Date: Fri, 05 Jul 2002 00:35:04 +0900 Message-ID: <86r8ijpkuv.wl@daemon.musha.org> From: "Akinori MUSHA" To: Tim Robbins Cc: Peter Pentchev , audit@FreeBSD.ORG Subject: Re: suidperl In-Reply-To: <20020704225009.A54167@dilbert.robbins.dropbear.id.au> References: <86sn2zpzmp.wl@daemon.musha.org> <20020704221031.A53275@dilbert.robbins.dropbear.id.au> <20020704121413.GB382@straylight.oblivion.bg> User-Agent: Wanderlust/2.9.13 (Unchained Melody) SEMI/1.14.4 (Hosorogi) LIMIT/1.14.7 (Fujiidera) APEL/10.3 Emacs/21.2 (i386--freebsd) MULE/5.0 (SAKAKI) Organization: Associated I. Daemons X-PGP-Public-Key: finger knu@FreeBSD.org X-PGP-Fingerprint: 081D 099C 1705 861D 4B70 B04A 920B EFC7 9FD9 E1EE MIME-Version: 1.0 (generated by SEMI 1.14.4 - "Hosorogi") Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG At Thu, 4 Jul 2002 22:50:09 +1000, Tim Robbins wrote: > In any case, the way /usr/bin/perl relies on PATH to find the interpreter > is unsafe to a lesser degree even with the suid bit turned off. Indeed. We must add the same check that the real suidperl has to the wrapper. By the way, do we really need a perl wrapper in the first place? I suppose we can tweak ports/lang/perl5 to create symlinks (for example) when NO_PERL_SYMLINKS is not defined. -- / /__ __ Akinori.org / MUSHA.org / ) ) ) ) / FreeBSD.org / Ruby-lang.org Akinori MUSHA aka / (_ / ( (__( @ iDaemons.org / and.or.jp "When I leave I don't know what I'm hoping to find When I leave I don't know what I'm leaving behind.." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Jul 5 10:25:55 2002 Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 393B137B400; Fri, 5 Jul 2002 10:25:54 -0700 (PDT) Received: from dragon.nuxi.com (trang.nuxi.com [66.92.13.169]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9A93543E31; Fri, 5 Jul 2002 10:25:53 -0700 (PDT) (envelope-from obrien@NUXI.com) Received: from dragon.nuxi.com (obrien@localhost [127.0.0.1]) by dragon.nuxi.com (8.12.5/8.12.2) with ESMTP id g65HProi074897; Fri, 5 Jul 2002 10:25:53 -0700 (PDT) (envelope-from obrien@dragon.nuxi.com) Received: (from obrien@localhost) by dragon.nuxi.com (8.12.5/8.12.5/Submit) id g65HPee7074892; Fri, 5 Jul 2002 10:25:40 -0700 (PDT) Date: Fri, 5 Jul 2002 10:25:40 -0700 From: "David O'Brien" To: Akinori MUSHA Cc: Tim Robbins , Peter Pentchev , audit@FreeBSD.ORG Subject: Re: suidperl Message-ID: <20020705102540.A74822@dragon.nuxi.com> Reply-To: audit@FreeBSD.ORG Mail-Followup-To: David O'Brien , Akinori MUSHA , Tim Robbins , Peter Pentchev , audit@FreeBSD.ORG References: <86sn2zpzmp.wl@daemon.musha.org> <20020704221031.A53275@dilbert.robbins.dropbear.id.au> <20020704121413.GB382@straylight.oblivion.bg> <20020704225009.A54167@dilbert.robbins.dropbear.id.au> <86r8ijpkuv.wl@daemon.musha.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <86r8ijpkuv.wl@daemon.musha.org>; from knu@iDaemons.org on Fri, Jul 05, 2002 at 12:35:04AM +0900 X-Operating-System: FreeBSD 5.0-CURRENT Organization: The NUXI BSD group X-Pgp-Rsa-Fingerprint: B7 4D 3E E9 11 39 5F A3 90 76 5D 69 58 D9 98 7A X-Pgp-Rsa-Keyid: 1024/34F9F9D5 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Fri, Jul 05, 2002 at 12:35:04AM +0900, Akinori MUSHA wrote: > By the way, do we really need a perl wrapper in the first place? I > suppose we can tweak ports/lang/perl5 to create symlinks (for example) > when NO_PERL_SYMLINKS is not defined. This question really needs to be decided on. Not being a Perl-head I don't feel qualified to have an opinion. But we do seem to be lacking a little leadership here. If we are going to have a wrapper, using `mailwrapper' may be better as it is more exact and does not depend on one's PATH setting. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Jul 6 1: 1: 1 2002 Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EAE7537B400 for ; Sat, 6 Jul 2002 01:00:55 -0700 (PDT) Received: from mail.rpi.edu (mail.rpi.edu [128.113.22.40]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4D5C843E3B for ; Sat, 6 Jul 2002 01:00:55 -0700 (PDT) (envelope-from drosih@rpi.edu) Received: from [128.113.24.47] (gilead.netel.rpi.edu [128.113.24.47]) by mail.rpi.edu (8.12.1/8.12.1) with ESMTP id g6680cdg108572; Sat, 6 Jul 2002 04:00:53 -0400 Mime-Version: 1.0 X-Sender: drosih@mail.rpi.edu Message-Id: Date: Sat, 6 Jul 2002 04:00:37 -0400 To: freebsd-print@bostonradio.org From: Garance A Drosihn Subject: Rewritten 'lpc topq', new 'lpc bottomq' Cc: freebsd-audit@freebsd.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Scanned-By: MIMEDefang 2.3 (www dot roaringpenguin dot com slash mimedefang) Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG During the semester crunch at RPI, we can easily get 50 or more jobs in a queue. Sometimes when operators want to re-order jobs in the queue, they just want to "move the top job to the end of the queue", as opposed to "move the bottom 49 jobs to the top". It seemed like it would be simple to look at lpc's topq command and duplicate it into a bottomq command. This turned out to be another thread-pulling exercise, and the result is a patch that's over 1,100 lines long. I suspect that is a bit too much to send in a message, but anyone interested in checking over the patch can find it at: http://people.freebsd.org/~gad/lpr/lpc-topq.diff Part of this update is meant to set the stage for later updates. So this rewrites the topq command, and adds a bottomq command, but I hope to soon add a "move" command (to move jobs from one queue to a different queue), and perhaps a "hold" command (to prevent a job from printing, without having to removing it). Not sure exactly *when* I'll get to those, but I hope it will be "soon". This also attempts to implement some generic routines for matching a bunch of jobs based on user criteria. The old 'lpc topq' command recognized (approximately): \d+ = a jobnumber (matching all jobs with that number) \w+ = a user name (matching all jobs from that user) \w+:\d+ = job number from a specific hostname (not documented) \d+\w+ = job number from a specific hostname (not documented) (no separator between the two) After picking up a number of good ideas from Garrett Wollman, the one I implemented will now recognize: \d+ = jobnumber \w+ = userid \d+-\d+ = jobrange (a range of job numbers) @\w+ = all jobs from the given hostname And the user can combine them: jobrange:userid userid:jobrange jobrange@hostname userid@hostname userid:jobrange@hostname etc... with two special-cases for compatibility: jobrangeHostname (ie, with no separator) hostname:jobnumber -- only if "hostname" includes a period. Garrett also encouraged me to look into the fnmatch routine, which turned out to be available on all the platforms I care about. Due to that, the "userid" and "hostname" can be specifed as a pattern, such as: topq lp @*freebsd.org or bottomq lp dros[ie]hn (for the operator who notices I have two accounts, one with an "e" and one with an "i"...) Right now this generic-job-matching stuff is only used in 'lpc topq' and 'lpc bottomq', but my intent is to change 'lpq' and 'lprm' to use it (after waiting to see how well it works...). The end-result of a topq command should be about the same after this patch, but the messages to the user will be printed in a different order (and IMO, less confusing). With the previous implementation, if you typed: topq lp 1 20 300 it would say: moved 300freefall.freebsd.org moved 020freefall.freebsd.org moved 001freefall.freebsd.org The new one says: moved 001freefall.freebsd.org moved 020freefall.freebsd.org moved 300freefall.freebsd.org Ie, it moves the jobs in the same order that you specified them. There's a number of other cosmetic improvements to the messages, and a variety of improvements to the code (less memory-leaking going on, some improved attention to security trivia, etc). The previous implementation of 'topq' is left as 'xtopq', in case anyone wants to do a side-by-side comparison of how they work. If you want to do that, I'd recommend that you 'lpc stop' two print queues. Put a bunch of jobs in one, then 'cp -p' them to the second queue. Then you can do a 'topq' on one queue and a 'xtopq' on the other, and do lpq's on the two to make sure the final result is the same. I do not expect to do any more work on this until Wednesday (which is why I'm posting it now), but then I'll look it over a few more times and will probably try to commit it to -current next weekend. -- Garance Alistair Drosehn = gad@gilead.netel.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message