From owner-freebsd-audit Sun Feb 25 10: 1:36 2001 Delivered-To: freebsd-audit@freebsd.org Received: from freesbee.wheel.dk (freesbee.wheel.dk [193.162.159.97]) by hub.freebsd.org (Postfix) with ESMTP id CA03937B401; Sun, 25 Feb 2001 10:01:24 -0800 (PST) (envelope-from jesper@skriver.dk) Received: by freesbee.wheel.dk (Postfix, from userid 1001) id ABE653E60; Sun, 25 Feb 2001 19:01:23 +0100 (CET) Date: Sun, 25 Feb 2001 19:01:23 +0100 From: Jesper Skriver To: audit@FreeBSD.org, Jonathan Lemon Subject: please review: MFC of "react to ICMP unreachables" Message-ID: <20010225190123.A33539@skriver.dk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG The below is a combination of what PHK originally committed (based on my PR's), my and jlemon's later extensions. I hope to get this in before 4.3-RELEASE Suggestion to commit message MFC: src/sys/sys/protosw.h: rev 1.32 src/sys/netinet/ip_icmp.c: rev 1.48, 1.52 & 1.53 src/sys/netinet/ip_input.c: rev 1.155 src/sys/netinet/tcp_subr.c: rev 1.95, 1.86, 1.88 & 1.92 src/sys/netinet/tcp_var.h: rev 1.62 & 1.63 src/sys/netinet/udp_usrreq.c: rev 1.80 src/sys/netinet/in_pcb.c: rev 1.70, 1.71 & 1.76 src/sys/netinet/in_pcb.h: rev 1.35 Allow ICMP unreachables which map into PRC_UNREACH_ADMIN_PROHIB to reset TCP connections which are in the SYN_SENT state, if the sequence number in the echoed ICMP reply is correct. This behavior can be controlled by the sysctl net.inet.tcp.icmp_may_rst. Currently, only subtypes 2,3,10,11,12 are treated as such (port, protocol and administrative unreachables). Assocaiate an error code with these resets which is reported to the user application: ENETRESET. /Jesper -- Jesper Skriver, jesper(at)skriver(dot)dk - CCIE #5456 Work: Network manager @ AS3292 (Tele Danmark DataNetworks) Private: FreeBSD committer @ AS2109 (A much smaller network ;-) One Unix to rule them all, One Resolver to find them, One IP to bring them all and in the zone to bind them. Index: src/sys/netinet/in_pcb.c =================================================================== RCS file: /home/ncvs/src/sys/netinet/in_pcb.c,v retrieving revision 1.59.2.6 diff -u -r1.59.2.6 in_pcb.c --- src/sys/netinet/in_pcb.c 2001/02/24 18:36:01 1.59.2.6 +++ src/sys/netinet/in_pcb.c 2001/02/25 16:48:53 @@ -62,6 +62,8 @@ #include #include #include +#include +#include #ifdef INET6 #include #include @@ -642,15 +644,20 @@ * cmds that are uninteresting (e.g., no error in the map). * Call the protocol specific routine (if any) to report * any errors for each matching socket. + * + * If tcp_seq_check != 0 it also checks if tcp_sequence is + * a valid TCP sequence number for the session. */ void -in_pcbnotify(head, dst, fport_arg, laddr, lport_arg, cmd, notify) +in_pcbnotify(head, dst, fport_arg, laddr, lport_arg, cmd, notify, tcp_sequence, tcp_seq_check) struct inpcbhead *head; struct sockaddr *dst; u_int fport_arg, lport_arg; struct in_addr laddr; int cmd; void (*notify) __P((struct inpcb *, int)); + u_int32_t tcp_sequence; + int tcp_seq_check; { register struct inpcb *inp, *oinp; struct in_addr faddr; @@ -679,6 +686,17 @@ inp = inp->inp_list.le_next; continue; } + /* + * If tcp_seq_check is set, then skip sessions where + * the sequence number is not one of a unacknowledged + * packet. + * + * If it doesn't match, we break the loop, as only a + * single session can match on src/dst ip addresses + * and TCP port numbers. + */ + if ((tcp_seq_check == 1) && (tcp_seq_vs_sess(inp, tcp_sequence) == 0)) + break; oinp = inp; inp = inp->inp_list.le_next; if (notify) Index: src/sys/netinet/in_pcb.h =================================================================== RCS file: /home/ncvs/src/sys/netinet/in_pcb.h,v retrieving revision 1.32.2.1 diff -u -r1.32.2.1 in_pcb.h --- src/sys/netinet/in_pcb.h 2001/02/24 18:36:01 1.32.2.1 +++ src/sys/netinet/in_pcb.h 2001/02/25 16:53:39 @@ -291,7 +291,8 @@ struct in_addr, u_int, struct in_addr, u_int, int, struct ifnet *)); void in_pcbnotify __P((struct inpcbhead *, struct sockaddr *, - u_int, struct in_addr, u_int, int, void (*)(struct inpcb *, int))); + u_int, struct in_addr, u_int, int, void (*)(struct inpcb *, int), + u_int32_t, int)); void in_pcbnotifyall __P((struct inpcbhead *, struct sockaddr *, int, void (*)(struct inpcb *, int))); void in_pcbrehash __P((struct inpcb *)); Index: src/sys/netinet/ip_icmp.c =================================================================== RCS file: /home/ncvs/src/sys/netinet/ip_icmp.c,v retrieving revision 1.39.2.4 diff -u -r1.39.2.4 ip_icmp.c --- src/sys/netinet/ip_icmp.c 2001/02/24 21:35:18 1.39.2.4 +++ src/sys/netinet/ip_icmp.c 2001/02/25 17:10:29 @@ -324,33 +324,34 @@ switch (code) { case ICMP_UNREACH_NET: case ICMP_UNREACH_HOST: - case ICMP_UNREACH_PROTOCOL: - case ICMP_UNREACH_PORT: case ICMP_UNREACH_SRCFAIL: - code += PRC_UNREACH_NET; + case ICMP_UNREACH_NET_UNKNOWN: + case ICMP_UNREACH_HOST_UNKNOWN: + case ICMP_UNREACH_ISOLATED: + case ICMP_UNREACH_TOSNET: + case ICMP_UNREACH_TOSHOST: + case ICMP_UNREACH_HOST_PRECEDENCE: + case ICMP_UNREACH_PRECEDENCE_CUTOFF: + code = PRC_UNREACH_NET; break; case ICMP_UNREACH_NEEDFRAG: code = PRC_MSGSIZE; break; - case ICMP_UNREACH_NET_UNKNOWN: - case ICMP_UNREACH_NET_PROHIB: - case ICMP_UNREACH_TOSNET: - code = PRC_UNREACH_NET; + /* + * RFC 1122, Sections 3.2.2.1 and 4.2.3.9. + * Treat subcodes 2,3 as immediate RST + */ + case ICMP_UNREACH_PROTOCOL: + case ICMP_UNREACH_PORT: + code = PRC_UNREACH_ADMIN_PROHIB; break; - case ICMP_UNREACH_HOST_UNKNOWN: - case ICMP_UNREACH_ISOLATED: + case ICMP_UNREACH_NET_PROHIB: case ICMP_UNREACH_HOST_PROHIB: - case ICMP_UNREACH_TOSHOST: - code = PRC_UNREACH_HOST; - break; - case ICMP_UNREACH_FILTER_PROHIB: - case ICMP_UNREACH_HOST_PRECEDENCE: - case ICMP_UNREACH_PRECEDENCE_CUTOFF: - code = PRC_UNREACH_PORT; + code = PRC_UNREACH_ADMIN_PROHIB; break; default: Index: src/sys/netinet/ip_input.c =================================================================== RCS file: /home/ncvs/src/sys/netinet/ip_input.c,v retrieving revision 1.130.2.13 diff -u -r1.130.2.13 ip_input.c --- src/sys/netinet/ip_input.c 2001/02/07 01:03:13 1.130.2.13 +++ src/sys/netinet/ip_input.c 2001/02/25 17:10:29 @@ -1427,7 +1427,7 @@ EHOSTUNREACH, EHOSTUNREACH, ECONNREFUSED, ECONNREFUSED, EMSGSIZE, EHOSTUNREACH, 0, 0, 0, 0, 0, 0, - ENOPROTOOPT + ENOPROTOOPT, ENETRESET }; /* Index: src/sys/netinet/tcp_subr.c =================================================================== RCS file: /home/ncvs/src/sys/netinet/tcp_subr.c,v retrieving revision 1.73.2.7 diff -u -r1.73.2.7 tcp_subr.c --- src/sys/netinet/tcp_subr.c 2001/02/24 18:36:01 1.73.2.7 +++ src/sys/netinet/tcp_subr.c 2001/02/25 17:10:30 @@ -135,6 +135,10 @@ SYSCTL_INT(_net_inet_tcp, OID_AUTO, pcbcount, CTLFLAG_RD, &tcbinfo.ipi_count, 0, "Number of active PCBs"); +static int icmp_may_rst = 1; +SYSCTL_INT(_net_inet_tcp, OID_AUTO, icmp_may_rst, CTLFLAG_RW, &icmp_may_rst, 0, + "Certain ICMP unreachable messages may abort connections in SYN_SENT"); + static void tcp_cleartaocache __P((void)); static void tcp_notify __P((struct inpcb *, int)); @@ -956,13 +960,18 @@ struct sockaddr *sa; void *vip; { - register struct ip *ip = vip; - register struct tcphdr *th; + struct ip *ip = vip; + struct tcphdr *th; void (*notify) __P((struct inpcb *, int)) = tcp_notify; + tcp_seq tcp_sequence = 0; + int tcp_seq_check = 0; if (cmd == PRC_QUENCH) notify = tcp_quench; - else if (cmd == PRC_MSGSIZE) + else if (icmp_may_rst && cmd == PRC_UNREACH_ADMIN_PROHIB && ip) { + tcp_seq_check = 1; + notify = tcp_drop_syn_sent; + } else if (cmd == PRC_MSGSIZE) notify = tcp_mtudisc; else if (PRC_IS_REDIRECT(cmd)) { /* @@ -981,8 +990,10 @@ if (ip) { th = (struct tcphdr *)((caddr_t)ip + (IP_VHL_HL(ip->ip_vhl) << 2)); + if (tcp_seq_check == 1) + tcp_sequence = ntohl(th->th_seq); in_pcbnotify(&tcb, sa, th->th_dport, ip->ip_src, th->th_sport, - cmd, notify); + cmd, notify, tcp_sequence, tcp_seq_check); } else in_pcbnotifyall(&tcb, sa, cmd, notify); } @@ -1071,6 +1082,30 @@ #endif /* INET6 */ /* + * Check if the supplied TCP sequence number is a sequence number + * for a sent but unacknowledged packet on the given TCP session. + */ +int +tcp_seq_vs_sess(inp, tcp_sequence) + struct inpcb *inp; + tcp_seq tcp_sequence; +{ + struct tcpcb *tp = intotcpcb(inp); + /* + * If the sequence number is less than that of the last + * unacknowledged packet, or greater than that of the + * last sent, the given sequence number is not that + * of a sent but unacknowledged packet for this session. + */ + if (SEQ_LT(tcp_sequence, tp->snd_una) || + SEQ_GT(tcp_sequence, tp->snd_max)) { + return(0); + } else { + return(1); + } +} + +/* * When a source quench is received, close congestion window * to one segment. We will gradually open it again as we proceed. */ @@ -1083,6 +1118,22 @@ if (tp) tp->snd_cwnd = tp->t_maxseg; +} + +/* + * When a specific ICMP unreachable message is received and the + * connection state is SYN-SENT, drop the connection. This behavior + * is controlled by the icmp_may_rst sysctl. + */ +void +tcp_drop_syn_sent(inp, errno) + struct inpcb *inp; + int errno; +{ + struct tcpcb *tp = intotcpcb(inp); + + if (tp && tp->t_state == TCPS_SYN_SENT) + tcp_drop(tp, errno); } /* Index: src/sys/netinet/tcp_var.h =================================================================== RCS file: /home/ncvs/src/sys/netinet/tcp_var.h,v retrieving revision 1.56.2.2 diff -u -r1.56.2.2 tcp_var.h --- src/sys/netinet/tcp_var.h 2000/08/16 06:14:23 1.56.2.2 +++ src/sys/netinet/tcp_var.h 2001/02/25 17:21:49 @@ -384,10 +384,12 @@ void tcp_input __P((struct mbuf *, int, int)); void tcp_mss __P((struct tcpcb *, int)); int tcp_mssopt __P((struct tcpcb *)); +void tcp_drop_syn_sent __P((struct inpcb *, int)); void tcp_mtudisc __P((struct inpcb *, int)); struct tcpcb * tcp_newtcpcb __P((struct inpcb *)); int tcp_output __P((struct tcpcb *)); +int tcp_seq_vs_sess __P((struct inpcb *, tcp_seq)); void tcp_quench __P((struct inpcb *, int)); void tcp_respond __P((struct tcpcb *, void *, struct tcphdr *, struct mbuf *, tcp_seq, tcp_seq, int)); Index: src/sys/netinet/udp_usrreq.c =================================================================== RCS file: /home/ncvs/src/sys/netinet/udp_usrreq.c,v retrieving revision 1.64.2.7 diff -u -r1.64.2.7 udp_usrreq.c --- src/sys/netinet/udp_usrreq.c 2001/02/24 21:35:18 1.64.2.7 +++ src/sys/netinet/udp_usrreq.c 2001/02/25 16:52:45 @@ -526,7 +526,7 @@ if (ip) { uh = (struct udphdr *)((caddr_t)ip + (ip->ip_hl << 2)); in_pcbnotify(&udb, sa, uh->uh_dport, ip->ip_src, uh->uh_sport, - cmd, notify); + cmd, notify, 0, 0); } else in_pcbnotifyall(&udb, sa, cmd, notify); } Index: src/sys/sys/protosw.h =================================================================== RCS file: /home/ncvs/src/sys/sys/protosw.h,v retrieving revision 1.28 diff -u -r1.28 protosw.h --- src/sys/sys/protosw.h 1999/12/29 04:24:45 1.28 +++ src/sys/sys/protosw.h 2001/02/25 16:48:53 @@ -269,8 +269,9 @@ #define PRC_TIMXCEED_INTRANS 18 /* packet lifetime expired in transit */ #define PRC_TIMXCEED_REASS 19 /* lifetime expired on reass q */ #define PRC_PARAMPROB 20 /* header incorrect */ +#define PRC_UNREACH_ADMIN_PROHIB 21 /* packet administrativly prohibited */ -#define PRC_NCMDS 21 +#define PRC_NCMDS 22 #define PRC_IS_REDIRECT(cmd) \ ((cmd) >= PRC_REDIRECT_NET && (cmd) <= PRC_REDIRECT_TOSHOST) @@ -282,7 +283,7 @@ "NET-UNREACH", "HOST-UNREACH", "PROTO-UNREACH", "PORT-UNREACH", "#12", "SRCFAIL-UNREACH", "NET-REDIRECT", "HOST-REDIRECT", "TOSNET-REDIRECT", "TOSHOST-REDIRECT", "TX-INTRANS", "TX-REASS", - "PARAMPROB" + "PARAMPROB", "ADMIN-UNREACH" }; #endif To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Feb 28 20:12:43 2001 Delivered-To: freebsd-audit@freebsd.org Received: from bazooka.unixfreak.org (bazooka.unixfreak.org [63.198.170.138]) by hub.freebsd.org (Postfix) with ESMTP id AEB9B37B719 for ; Wed, 28 Feb 2001 20:12:35 -0800 (PST) (envelope-from dima@unixfreak.org) Received: from hornet.unixfreak.org (hornet [63.198.170.140]) by bazooka.unixfreak.org (Postfix) with ESMTP id 9F3D63E09 for ; Wed, 28 Feb 2001 20:12:34 -0800 (PST) To: audit@freebsd.org Subject: Propagating the nodump flag Date: Wed, 28 Feb 2001 20:12:34 -0800 From: Dima Dorfman Message-Id: <20010301041234.9F3D63E09@bazooka.unixfreak.org> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Some time ago, on -arch, phk proposed that the nodump flag should be propagated if it's set on a directory (see 'inheriting the "nodump" flag ?' around Dec. 2000). This was generally considered a good idea, however, the patch to the kernel he proposed was thought an ugly hack. In addition, jeroen pointed out that NetBSD had implemented this functionality the Right Way(tm), in dump(8). Attached below is a port of NetBSD's patch to FreeBSD's dump(8). The patch is probably more complex than it should have been due to dump's obscure tree-walker. For the technical details of what it does, see: http://lists.openresources.com/NetBSD/tech-kern/msg00453.html (note that the patch there is not identical to the one below, and should not be used; the reference is provided for its excellent technical explanation of the patch). I've been using this on two of my hosts for a while, and it works as expected. Given the additional fact that NetBSD has had this for almost two years, and that the patch below looks very similar to the one they applied, I doubt it significantly breaks anything. Comments? Reviews? Thanks in advance Dima Dorfman dima@unixfreak.org Index: traverse.c =================================================================== RCS file: /st/src/FreeBSD/src/sbin/dump/traverse.c,v retrieving revision 1.11 diff -u -r1.11 traverse.c --- traverse.c 2000/04/14 06:14:59 1.11 +++ traverse.c 2001/02/20 01:39:06 @@ -74,9 +74,11 @@ typedef long fsizeT; #endif -static int dirindir __P((ino_t ino, daddr_t blkno, int level, long *size)); +static int dirindir __P((ino_t ino, daddr_t blkno, int level, long *size, + long *tapesize, int nodump)); static void dmpindir __P((ino_t ino, daddr_t blk, int level, fsizeT *size)); -static int searchdir __P((ino_t ino, daddr_t blkno, long size, long filesize)); +static int searchdir __P((ino_t ino, daddr_t blkno, long size, long filesize, + long *tapesize, int nodump)); /* * This is an estimation of the number of TP_BSIZE blocks in the file. @@ -152,10 +154,14 @@ dp = getino(ino); if ((mode = (dp->di_mode & IFMT)) == 0) continue; - SETINO(ino, usedinomap); + /* + * All dirs go in dumpdirmap; only inodes that are to + * be dumped go in usedinomap and dumpinomap, however. + */ if (mode == IFDIR) SETINO(ino, dumpdirmap); if (WANTTODUMP(dp)) { + SETINO(ino, usedinomap); SETINO(ino, dumpinomap); if (mode != IFREG && mode != IFDIR && mode != IFLNK) *tapesize += 1; @@ -192,9 +198,10 @@ long *tapesize; { register struct dinode *dp; - register int i, isdir; + register int i, isdir, nodump; register char *map; register ino_t ino; + struct dinode di; long filesize; int ret, change = 0; @@ -204,24 +211,34 @@ isdir = *map++; else isdir >>= 1; - if ((isdir & 1) == 0 || TSTINO(ino, dumpinomap)) + /* + * If a directory has been removed from usedinomap, it + * either has the nodump flag set, or has inherited + * it. Although a directory can't be in dumpinomap if + * it isn't in usedinomap, we have to go through it to + * propagate the nodump flag. + */ + nodump = (TSTINO(ino, usedinomap) == 0); + if ((isdir & 1) == 0 || (TSTINO(ino, dumpinomap) && !nodump)) continue; dp = getino(ino); - filesize = dp->di_size; + di = *dp; /* inode buf may change in searchdir(). */ + filesize = di.di_size; for (ret = 0, i = 0; filesize > 0 && i < NDADDR; i++) { - if (dp->di_db[i] != 0) - ret |= searchdir(ino, dp->di_db[i], + if (di.di_db[i] != 0) + ret |= searchdir(ino, di.di_db[i], (long)dblksize(sblock, dp, i), - filesize); + filesize, tapesize, nodump); if (ret & HASDUMPEDFILE) filesize = 0; else filesize -= sblock->fs_bsize; } for (i = 0; filesize > 0 && i < NIADDR; i++) { - if (dp->di_ib[i] == 0) + if (di.di_ib[i] == 0) continue; - ret |= dirindir(ino, dp->di_ib[i], i, &filesize); + ret |= dirindir(ino, di.di_ib[i], i, &filesize, + tapesize, nodump); } if (ret & HASDUMPEDFILE) { SETINO(ino, dumpinomap); @@ -229,12 +246,15 @@ change = 1; continue; } - if ((ret & HASSUBDIRS) == 0) { + if (nodump) { + if (ret & HASSUBDIRS) + change = 1; /* subdirs inherit nodump */ + CLRINO(ino, dumpdirmap); + } else if ((ret & HASSUBDIRS) == 0) if (!TSTINO(ino, dumpinomap)) { CLRINO(ino, dumpdirmap); change = 1; } - } } return (change); } @@ -245,11 +265,13 @@ * require the directory to be dumped. */ static int -dirindir(ino, blkno, ind_level, filesize) +dirindir(ino, blkno, ind_level, filesize, tapesize, nodump) ino_t ino; daddr_t blkno; int ind_level; long *filesize; + long *tapesize; + int nodump; { int ret = 0; register int i; @@ -261,7 +283,7 @@ blkno = idblk[i]; if (blkno != 0) ret |= searchdir(ino, blkno, sblock->fs_bsize, - *filesize); + *filesize, tapesize, nodump); if (ret & HASDUMPEDFILE) *filesize = 0; else @@ -273,7 +295,8 @@ for (i = 0; *filesize > 0 && i < NINDIR(sblock); i++) { blkno = idblk[i]; if (blkno != 0) - ret |= dirindir(ino, blkno, ind_level, filesize); + ret |= dirindir(ino, blkno, ind_level, filesize, + tapesize, nodump); } return (ret); } @@ -284,13 +307,16 @@ * contains any subdirectories. */ static int -searchdir(ino, blkno, size, filesize) +searchdir(ino, blkno, size, filesize, tapesize, nodump) ino_t ino; daddr_t blkno; register long size; long filesize; + long *tapesize; + int nodump; { register struct direct *dp; + register struct dinode *ip; register long loc, ret = 0; char dblk[MAXBSIZE]; @@ -311,16 +337,30 @@ continue; if (dp->d_name[1] == '.' && dp->d_name[2] == '\0') continue; - } - if (TSTINO(dp->d_ino, dumpinomap)) { - ret |= HASDUMPEDFILE; - if (ret & HASSUBDIRS) - break; } - if (TSTINO(dp->d_ino, dumpdirmap)) { - ret |= HASSUBDIRS; - if (ret & HASDUMPEDFILE) - break; + if (nodump) { + ip = getino(dp->d_ino); + if (TSTINO(dp->d_ino, dumpinomap)) { + CLRINO(dp->d_ino, dumpinomap); + CLRINO(dp->d_ino, usedinomap); + *tapesize -= blockest(ip); + } + /* Add back to dumpdirmap to propagate nodump. */ + if ((ip->di_mode & IFMT) == IFDIR) { + SETINO(dp->d_ino, dumpdirmap); + ret |= HASSUBDIRS; + } + } else { + if (TSTINO(dp->d_ino, dumpinomap)) { + ret |= HASDUMPEDFILE; + if (ret & HASSUBDIRS) + break; + } + if (TSTINO(dp->d_ino, dumpdirmap)) { + ret |= HASSUBDIRS; + if (ret & HASDUMPEDFILE) + break; + } } } return (ret); To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Mar 1 5:30:36 2001 Delivered-To: freebsd-audit@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 2BFB437B719 for ; Thu, 1 Mar 2001 05:30:34 -0800 (PST) (envelope-from des@ofug.org) Received: (from des@localhost) by flood.ping.uio.no (8.9.3/8.9.3) id OAA80098; Thu, 1 Mar 2001 14:30:30 +0100 (CET) (envelope-from des@ofug.org) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: Dima Dorfman Cc: audit@FreeBSD.ORG Subject: Re: Propagating the nodump flag References: <20010301041234.9F3D63E09@bazooka.unixfreak.org> From: Dag-Erling Smorgrav Date: 01 Mar 2001 14:30:30 +0100 In-Reply-To: Dima Dorfman's message of "Wed, 28 Feb 2001 20:12:34 -0800" Message-ID: Lines: 21 User-Agent: Gnus/5.0802 (Gnus v5.8.2) Emacs/20.4 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Dima Dorfman writes: > Attached below is a port of NetBSD's patch to FreeBSD's dump(8). The > patch is probably more complex than it should have been due to dump's > obscure tree-walker. For the technical details of what it does, see: > http://lists.openresources.com/NetBSD/tech-kern/msg00453.html (note > that the patch there is not identical to the one below, and should not > be used; the reference is provided for its excellent technical > explanation of the patch). 1) does our dump(8) have useful functionality that NetBSD's doesn't? 2) does NetBSD's dump(8) have useful functionality that ours doesn't? If the answers to these questions are "no" and "yes" respectively, as I suspect they may be, we should just replace our dump(8) with NetBSD's. If the answers are "yes" and "yes", we should merge evrything NetBSD's dump(8) does that ours doesn't into our dump(8) and strive to keep the diffs between the two as small as possible. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Mar 1 8:16:41 2001 Delivered-To: freebsd-audit@freebsd.org Received: from harmony.village.org (rover.bsdimp.com [204.144.255.66]) by hub.freebsd.org (Postfix) with ESMTP id 363DC37B719 for ; Thu, 1 Mar 2001 08:16:39 -0800 (PST) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.11.1/8.11.1) with ESMTP id f21GGSd49414; Thu, 1 Mar 2001 09:16:30 -0700 (MST) (envelope-from imp@harmony.village.org) Message-Id: <200103011616.f21GGSd49414@harmony.village.org> To: Dag-Erling Smorgrav Subject: Re: Propagating the nodump flag Cc: Dima Dorfman , audit@FreeBSD.ORG In-reply-to: Your message of "01 Mar 2001 14:30:30 +0100." References: <20010301041234.9F3D63E09@bazooka.unixfreak.org> Date: Thu, 01 Mar 2001 09:16:28 -0700 From: Warner Losh Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message Dag-Erling Smorgrav writes: : 1) does our dump(8) have useful functionality that NetBSD's doesn't? : 2) does NetBSD's dump(8) have useful functionality that ours doesn't? : : If the answers to these questions are "no" and "yes" respectively, as : I suspect they may be, we should just replace our dump(8) with : NetBSD's. If the answers are "yes" and "yes", we should merge : evrything NetBSD's dump(8) does that ours doesn't into our dump(8) and : strive to keep the diffs between the two as small as possible. I have changes to our dump that uses wall -g rather than making it setgid. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Mar 1 18: 6:35 2001 Delivered-To: freebsd-audit@freebsd.org Received: from harmony.village.org (rover.bsdimp.com [204.144.255.66]) by hub.freebsd.org (Postfix) with ESMTP id 9825A37B718 for ; Thu, 1 Mar 2001 18:06:22 -0800 (PST) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.11.1/8.11.1) with ESMTP id f2226Md53114 for ; Thu, 1 Mar 2001 19:06:22 -0700 (MST) (envelope-from imp@harmony.village.org) Message-Id: <200103020206.f2226Md53114@harmony.village.org> To: audit@freebsd.org Subject: PATH_MAX vs MAXPATHLEN Date: Thu, 01 Mar 2001 19:06:21 -0700 From: Warner Losh Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Here's a patch that changes MAXPATHLEN to PATH_MAX in src/bin. Plus fixes disordering of one include file. I believe that these changes are correct, but wanted another set of eyes on them. Comments? Warner Index: cp/cp.c =================================================================== RCS file: /home/imp/FreeBSD/CVS/src/bin/cp/cp.c,v retrieving revision 1.24 diff -u -r1.24 cp.c --- cp/cp.c 1999/11/28 09:34:21 1.24 +++ cp/cp.c 2001/03/02 02:01:16 @@ -69,6 +69,7 @@ #include #include #include +#include #include #include #include @@ -177,7 +178,7 @@ /* Save the target base in "to". */ target = argv[--argc]; - if (strlen(target) > MAXPATHLEN) + if (strlen(target) > PATH_MAX) errx(1, "%s: name too long", target); (void)strcpy(to.p_path, target); to.p_end = to.p_path + strlen(to.p_path); @@ -318,7 +319,7 @@ if (*p != '/' && target_mid[-1] != '/') *target_mid++ = '/'; *target_mid = 0; - if (target_mid - to.p_path + nlen > MAXPATHLEN) { + if (target_mid - to.p_path + nlen > PATH_MAX) { warnx("%s%s: name too long (not copied)", to.p_path, p); badcp = rval = 1; Index: cp/extern.h =================================================================== RCS file: /home/imp/FreeBSD/CVS/src/bin/cp/extern.h,v retrieving revision 1.9 diff -u -r1.9 extern.h --- cp/extern.h 1999/08/27 23:13:39 1.9 +++ cp/extern.h 2001/03/02 01:55:20 @@ -37,7 +37,7 @@ typedef struct { char *p_end; /* pointer to NULL at end of path */ char *target_end; /* pointer to end of target base */ - char p_path[MAXPATHLEN + 1]; /* pointer to the start of a path */ + char p_path[PATH_MAX]; /* pointer to the start of a path */ } PATH_T; extern PATH_T to; Index: cp/utils.c =================================================================== RCS file: /home/imp/FreeBSD/CVS/src/bin/cp/utils.c,v retrieving revision 1.28 diff -u -r1.28 utils.c --- cp/utils.c 2000/10/10 01:48:18 1.28 +++ cp/utils.c 2001/03/02 02:01:31 @@ -50,6 +50,7 @@ #include #include #include +#include #include #include #include @@ -209,7 +210,7 @@ int exists; { int len; - char link[MAXPATHLEN]; + char link[PATH_MAX]; if ((len = readlink(p->fts_path, link, sizeof(link) - 1)) == -1) { warn("readlink: %s", p->fts_path); Index: ed/ed.h =================================================================== RCS file: /home/imp/FreeBSD/CVS/src/bin/ed/ed.h,v retrieving revision 1.13 diff -u -r1.13 ed.h --- ed/ed.h 1999/08/27 23:14:13 1.13 +++ ed/ed.h 2001/03/02 02:02:11 @@ -28,11 +28,9 @@ * $FreeBSD: src/bin/ed/ed.h,v 1.13 1999/08/27 23:14:13 peter Exp $ */ -#include /* for MAXPATHLEN */ +#include #include -#if defined(sun) || defined(__NetBSD__) -# include -#endif +#include #include #include #include @@ -43,10 +41,6 @@ #define ERR (-2) #define EMOD (-3) #define FATAL (-4) - -#ifndef MAXPATHLEN -# define MAXPATHLEN 255 /* _POSIX_PATH_MAX */ -#endif #define MINBUFSZ 512 /* minimum buffer size - must be > 0 */ #define SE_MAX 30 /* max subexpressions in a regular expression */ Index: ed/main.c =================================================================== RCS file: /home/imp/FreeBSD/CVS/src/bin/ed/main.c,v retrieving revision 1.17 diff -u -r1.17 main.c --- ed/main.c 2000/11/27 06:26:48 1.17 +++ ed/main.c 2001/03/02 01:57:44 @@ -96,7 +96,7 @@ int sigflags = 0; /* if set, signals received while mutex set */ int sigactive = 0; /* if set, signal handlers are enabled */ -char old_filename[MAXPATHLEN + 1] = ""; /* default filename */ +char old_filename[PATH_MAX] = ""; /* default filename */ long current_addr; /* current address in editor buffer */ long addr_last; /* last address in editor buffer */ int lineno; /* script line number */ @@ -950,7 +950,7 @@ return NULL; if (n) printf("%s\n", shcmd + 1); return shcmd; - } else if (n - 1 > MAXPATHLEN) { + } else if (n - 1 > PATH_MAX) { sprintf(errmsg, "filename too long"); return NULL; } @@ -961,7 +961,7 @@ return NULL; } #endif - REALLOC(file, filesz, MAXPATHLEN + 1, NULL); + REALLOC(file, filesz, PATH_MAX, NULL); for (n = 0; *ibufp != '\n';) file[n++] = *ibufp++; file[n] = '\0'; @@ -1338,7 +1338,7 @@ } -/* strip_escapes: return copy of escaped string of at most length MAXPATHLEN */ +/* strip_escapes: return copy of escaped string of at most length PATH_MAX */ char * strip_escapes(s) char *s; @@ -1348,7 +1348,7 @@ int i = 0; - REALLOC(file, filesz, MAXPATHLEN + 1, NULL); + REALLOC(file, filesz, PATH_MAX, NULL); while (i < filesz - 1 /* Worry about a possible trailing escape */ && (file[i++] = (*s == '\\') ? *++s : *s)) s++; @@ -1391,7 +1391,7 @@ sigflags &= ~(1 << (signo - 1)); if (addr_last && write_file("ed.hup", "w", 1, addr_last) < 0 && (s = getenv("HOME")) != NULL && - (n = strlen(s)) + 8 <= MAXPATHLEN && /* "ed.hup" + '/' */ + (n = strlen(s)) + 8 <= PATH_MAX && /* "ed.hup" + '/' */ (hup = (char *) malloc(n + 10)) != NULL) { strcpy(hup, s); if (hup[n - 1] != '/') Index: ed/re.c =================================================================== RCS file: /home/imp/FreeBSD/CVS/src/bin/ed/re.c,v retrieving revision 1.15 diff -u -r1.15 re.c --- ed/re.c 1999/08/27 23:14:15 1.15 +++ ed/re.c 2001/03/02 01:57:53 @@ -40,7 +40,7 @@ extern int patlock; -char errmsg[MAXPATHLEN + 40] = ""; +char errmsg[PATH_MAX + 40] = ""; /* get_compiled_pattern: return pointer to compiled pattern from command buffer */ Index: ln/ln.c =================================================================== RCS file: /home/imp/FreeBSD/CVS/src/bin/ln/ln.c,v retrieving revision 1.18 diff -u -r1.18 ln.c --- ln/ln.c 2000/08/17 16:08:06 1.18 +++ ln/ln.c 2001/03/02 01:58:09 @@ -50,6 +50,7 @@ #include #include +#include #include #include #include @@ -145,7 +146,7 @@ { struct stat sb; int ch, exists, first; - char *p, path[MAXPATHLEN]; + char *p, path[PATH_MAX]; if (!sflag) { /* If target doesn't exist, quit now. */ Index: ls/print.c =================================================================== RCS file: /home/imp/FreeBSD/CVS/src/bin/ls/print.c,v retrieving revision 1.36 diff -u -r1.36 print.c --- ls/print.c 2000/07/04 23:09:23 1.36 +++ ls/print.c 2001/03/02 01:58:36 @@ -50,6 +50,7 @@ #include #include #include +#include #include #include #include @@ -495,7 +496,7 @@ FTSENT *p; { int lnklen; - char name[MAXPATHLEN + 1], path[MAXPATHLEN + 1]; + char name[PATH_MAX], path[PATH_MAX]; if (p->fts_level == FTS_ROOTLEVEL) (void)snprintf(name, sizeof(name), "%s", p->fts_name); Index: mv/mv.c =================================================================== RCS file: /home/imp/FreeBSD/CVS/src/bin/mv/mv.c,v retrieving revision 1.27 diff -u -r1.27 mv.c --- mv/mv.c 2000/07/20 18:30:00 1.27 +++ mv/mv.c 2001/03/02 02:02:56 @@ -57,6 +57,7 @@ #include #include #include +#include #include #include #include @@ -81,7 +82,7 @@ register char *p, *endp; struct stat sb; int ch; - char path[MAXPATHLEN]; + char path[PATH_MAX]; while ((ch = getopt(argc, argv, "fiv")) != -1) switch (ch) { @@ -136,7 +137,7 @@ while (p != *argv && p[-1] != '/') --p; - if ((baselen + (len = strlen(p))) >= MAXPATHLEN) { + if ((baselen + (len = strlen(p))) >= PATH_MAX) { warnx("%s: destination pathname too long", *argv); rval = 1; } else { @@ -200,7 +201,7 @@ if (errno == EXDEV) { struct statfs sfs; - char path[MAXPATHLEN]; + char path[PATH_MAX]; /* Can't mv(1) a mount point. */ if (realpath(from, path) == NULL) { Index: pax/pax.h =================================================================== RCS file: /home/imp/FreeBSD/CVS/src/bin/pax/pax.h,v retrieving revision 1.8 diff -u -r1.8 pax.h --- pax/pax.h 1999/08/27 23:14:45 1.8 +++ pax/pax.h 2001/03/02 01:59:15 @@ -50,7 +50,7 @@ #define DEVBLK 8192 /* default read blksize for devices */ #define FILEBLK 10240 /* default read blksize for files */ #define PAXPATHLEN 3072 /* maximum path length for pax. MUST be */ - /* longer than the system MAXPATHLEN */ + /* longer than the system PATH_MAX */ /* * Pax modes of operation Index: ps/ps.c =================================================================== RCS file: /home/imp/FreeBSD/CVS/src/bin/ps/ps.c,v retrieving revision 1.34 diff -u -r1.34 ps.c --- ps/ps.c 2001/01/24 12:59:50 1.34 +++ ps/ps.c 2001/03/02 01:59:21 @@ -229,7 +229,7 @@ /* FALLTHROUGH */ case 't': { struct stat sb; - char *ttypath, pathbuf[MAXPATHLEN]; + char *ttypath, pathbuf[PATH_MAX]; if (strcmp(optarg, "co") == 0) ttypath = _PATH_CONSOLE; Index: pwd/pwd.c =================================================================== RCS file: /home/imp/FreeBSD/CVS/src/bin/pwd/pwd.c,v retrieving revision 1.11 diff -u -r1.11 pwd.c --- pwd/pwd.c 2000/11/26 08:50:12 1.11 +++ pwd/pwd.c 2001/03/02 01:59:36 @@ -46,6 +46,7 @@ #endif /* not lint */ #include +#include #include #include #include @@ -60,7 +61,7 @@ { int ch; char *p; - char buf[MAXPATHLEN]; + char buf[PATH_MAX]; /* * Flags for pwd are a bit strange. The POSIX 1003.2B/D9 document Index: rcp/rcp.c =================================================================== RCS file: /home/imp/FreeBSD/CVS/src/bin/rcp/rcp.c,v retrieving revision 1.26 diff -u -r1.26 rcp.c --- rcp/rcp.c 2000/02/24 21:21:15 1.26 +++ rcp/rcp.c 2001/03/02 02:03:55 @@ -58,6 +58,8 @@ #include #include #include +#include +#include #include #include #include @@ -66,7 +68,6 @@ #include #include #include -#include #include "pathnames.h" #include "extern.h" @@ -513,7 +514,7 @@ { DIR *dirp; struct dirent *dp; - char *last, *vect[1], path[MAXPATHLEN]; + char *last, *vect[1], path[PATH_MAX]; if (!(dirp = opendir(name))) { run_err("%s: %s", name, strerror(errno)); @@ -546,7 +547,7 @@ continue; if (!strcmp(dp->d_name, ".") || !strcmp(dp->d_name, "..")) continue; - if (strlen(name) + 1 + strlen(dp->d_name) >= MAXPATHLEN - 1) { + if (strlen(name) + 1 + strlen(dp->d_name) >= PATH_MAX) { run_err("%s/%s: name too long", name, dp->d_name); continue; } Index: sh/histedit.c =================================================================== RCS file: /home/imp/FreeBSD/CVS/src/bin/sh/histedit.c,v retrieving revision 1.14 diff -u -r1.14 histedit.c --- sh/histedit.c 2000/04/20 09:49:15 1.14 +++ sh/histedit.c 2001/03/02 02:00:45 @@ -43,6 +43,7 @@ #endif /* not lint */ #include +#include #include #include #include @@ -179,7 +180,7 @@ static int active = 0; struct jmploc jmploc; struct jmploc *volatile savehandler; - char editfile[MAXPATHLEN + 1]; + char editfile[PATH_MAX]; FILE *efp; #ifdef __GNUC__ /* Avoid longjmp clobbering */ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Mar 1 23:37: 2 2001 Delivered-To: freebsd-audit@freebsd.org Received: from harmony.village.org (rover.bsdimp.com [204.144.255.66]) by hub.freebsd.org (Postfix) with ESMTP id 485C037B718 for ; Thu, 1 Mar 2001 23:37:00 -0800 (PST) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.11.1/8.11.1) with ESMTP id f227avd55031; Fri, 2 Mar 2001 00:36:57 -0700 (MST) (envelope-from imp@harmony.village.org) Message-Id: <200103020736.f227avd55031@harmony.village.org> To: Dima Dorfman Subject: Re: Propagating the nodump flag Cc: audit@FreeBSD.ORG In-reply-to: Your message of "Wed, 28 Feb 2001 20:12:34 PST." <20010301041234.9F3D63E09@bazooka.unixfreak.org> References: <20010301041234.9F3D63E09@bazooka.unixfreak.org> Date: Fri, 02 Mar 2001 00:36:57 -0700 From: Warner Losh Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <20010301041234.9F3D63E09@bazooka.unixfreak.org> Dima Dorfman writes: : Comments? Reviews? These patches look generally good. I didn't check them for perfect accuracy because they touch a part of dump that makes my head hurt every time I look at the code. It seems reasonable to me. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Mar 2 8: 5:25 2001 Delivered-To: freebsd-audit@freebsd.org Received: from cypherpunks.ai (cypherpunks.ai [209.88.68.47]) by hub.freebsd.org (Postfix) with ESMTP id BC7D137B71A for ; Fri, 2 Mar 2001 08:05:22 -0800 (PST) (envelope-from jeroen@vangelderen.org) Received: from vangelderen.org (grolsch.ai [209.88.68.214]) by cypherpunks.ai (Postfix) with ESMTP id 782FF5A; Fri, 2 Mar 2001 12:05:03 -0400 (AST) Message-ID: <3A9FC4AF.898358C6@vangelderen.org> Date: Fri, 02 Mar 2001 12:05:03 -0400 From: "Jeroen C. van Gelderen" X-Mailer: Mozilla 4.73 [en] (X11; I; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Dag-Erling Smorgrav Cc: Dima Dorfman , audit@FreeBSD.ORG Subject: Re: Propagating the nodump flag References: <20010301041234.9F3D63E09@bazooka.unixfreak.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Dag-Erling Smorgrav wrote: > > Dima Dorfman writes: > > Attached below is a port of NetBSD's patch to FreeBSD's dump(8). The > > patch is probably more complex than it should have been due to dump's > > obscure tree-walker. For the technical details of what it does, see: > > http://lists.openresources.com/NetBSD/tech-kern/msg00453.html (note > > that the patch there is not identical to the one below, and should not > > be used; the reference is provided for its excellent technical > > explanation of the patch). > > 1) does our dump(8) have useful functionality that NetBSD's doesn't? Yes. > 2) does NetBSD's dump(8) have useful functionality that ours doesn't? Yes. > If the answers to these questions are "no" and "yes" respectively, as > I suspect they may be, we should just replace our dump(8) with > NetBSD's. If the answers are "yes" and "yes", we should merge > evrything NetBSD's dump(8) does that ours doesn't into our dump(8) and > strive to keep the diffs between the two as small as possible. I once [1] merged the NetBSD and FreeBSD versions of dump. The patches were not deemed acceptable [2] but David O'Brien said [3] he would handle committing the nodump changes within a week. As a result I canned the project but the nodump changes never actually got comitted for whatever reason. The patch is still linked to from [1]. It basically has all the NetBSD functionality + FreeBSD specific tweaks as the NetBSD version of dump(1) is much more up to date. It tries to reduce the diffs from the NetBSD version as much as possible at the cost of bigger diffs against our own dump(1). [1] http://www.freebsd.org/cgi/getmsg.cgi?fetch=55466+0+/usr/local/www/db/text/2000/freebsd-arch/20001217.freebsd-arch [2] http://www.FreeBSD.org/cgi/getmsg.cgi?fetch=70863+73575+/usr/local/www/db/text/2000/freebsd-arch/20001217.freebsd-arch [3] http://www.FreeBSD.org/cgi/getmsg.cgi?fetch=70863+73575+/usr/local/www/db/text/2000/freebsd-arch/20001217.freebsd-arch Cheers, Jeroen -- Jeroen C. van Gelderen - jeroen@vangelderen.org "If I could save the Union without freeing any slave I would do it; and if I could save it by freeing some and leaving others alone I would also do that." -- Abraham Lincoln, August 22, 1862 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Mar 2 9:51: 9 2001 Delivered-To: freebsd-audit@freebsd.org Received: from gw.nectar.com (gw.nectar.com [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id D3CA337B71A for ; Fri, 2 Mar 2001 09:51:06 -0800 (PST) (envelope-from nectar@nectar.com) Received: from hamlet.nectar.com (hamlet.nectar.com [10.0.1.102]) by gw.nectar.com (Postfix) with ESMTP id 27CA418C97; Fri, 2 Mar 2001 11:51:06 -0600 (CST) Received: (from nectar@localhost) by hamlet.nectar.com (8.11.2/8.9.3) id f22Hp6U63057; Fri, 2 Mar 2001 11:51:06 -0600 (CST) (envelope-from nectar@spawn.nectar.com) Date: Fri, 2 Mar 2001 11:51:06 -0600 From: "Jacques A. Vidrine" To: Warner Losh Cc: audit@freebsd.org Subject: Re: PATH_MAX vs MAXPATHLEN Message-ID: <20010302115105.A63024@hamlet.nectar.com> References: <200103020206.f2226Md53114@harmony.village.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200103020206.f2226Md53114@harmony.village.org>; from imp@harmony.village.org on Thu, Mar 01, 2001 at 07:06:21PM -0700 X-Url: http://www.nectar.com/ Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, Mar 01, 2001 at 07:06:21PM -0700, Warner Losh wrote: > > Here's a patch that changes MAXPATHLEN to PATH_MAX in src/bin. Plus > fixes disordering of one include file. I believe that these changes > are correct, but wanted another set of eyes on them. > > Comments? I think (strlen(path) > PATH_MAX) is now an off-by-one error, considering the thread of yesterday. It is definately so in some of the code you included (e.g. `char p_path[PATH_MAX]'). These are probably just the result of doing s/MAXPATHLEN + 1/PATH_MAX/ in definitions, but s/MAXPATHLEN/PATH_MAX/ in comparisons. Cheers, -- Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Mar 2 10:14:14 2001 Delivered-To: freebsd-audit@freebsd.org Received: from harmony.village.org (rover.bsdimp.com [204.144.255.66]) by hub.freebsd.org (Postfix) with ESMTP id B51EA37B719 for ; Fri, 2 Mar 2001 10:14:11 -0800 (PST) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.11.1/8.11.1) with ESMTP id f22IE3d58463; Fri, 2 Mar 2001 11:14:06 -0700 (MST) (envelope-from imp@harmony.village.org) Message-Id: <200103021814.f22IE3d58463@harmony.village.org> To: "Jacques A. Vidrine" Subject: Re: PATH_MAX vs MAXPATHLEN Cc: audit@FreeBSD.ORG In-reply-to: Your message of "Fri, 02 Mar 2001 11:51:06 CST." <20010302115105.A63024@hamlet.nectar.com> References: <20010302115105.A63024@hamlet.nectar.com> <200103020206.f2226Md53114@harmony.village.org> Date: Fri, 02 Mar 2001 11:14:02 -0700 From: Warner Losh Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <20010302115105.A63024@hamlet.nectar.com> "Jacques A. Vidrine" writes: : I think (strlen(path) > PATH_MAX) is now an off-by-one error, : considering the thread of yesterday. It is definately so in : some of the code you included (e.g. `char p_path[PATH_MAX]'). It was an off by one error yesterday too :-). : These are probably just the result of doing s/MAXPATHLEN + 1/PATH_MAX/ : in definitions, but s/MAXPATHLEN/PATH_MAX/ in comparisons. But I didn't do anything like that... BTW, which code fragment are we talking about? Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Mar 2 10:20:21 2001 Delivered-To: freebsd-audit@freebsd.org Received: from harmony.village.org (rover.bsdimp.com [204.144.255.66]) by hub.freebsd.org (Postfix) with ESMTP id C612737B719 for ; Fri, 2 Mar 2001 10:20:18 -0800 (PST) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.11.1/8.11.1) with ESMTP id f22IKGd58516; Fri, 2 Mar 2001 11:20:16 -0700 (MST) (envelope-from imp@harmony.village.org) Message-Id: <200103021820.f22IKGd58516@harmony.village.org> Subject: Re: PATH_MAX vs MAXPATHLEN Cc: "Jacques A. Vidrine" , audit@FreeBSD.ORG In-reply-to: Your message of "Fri, 02 Mar 2001 11:14:02 MST." <200103021814.f22IE3d58463@harmony.village.org> References: <200103021814.f22IE3d58463@harmony.village.org> <20010302115105.A63024@hamlet.nectar.com> <200103020206.f2226Md53114@harmony.village.org> Date: Fri, 02 Mar 2001 11:20:16 -0700 From: Warner Losh Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <200103021814.f22IE3d58463@harmony.village.org> Warner Losh writes: : It was an off by one error yesterday too :-). Actually, I took a look at the patch, and you are right, this is a problem. I've corrected the patch. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Mar 2 10:25: 7 2001 Delivered-To: freebsd-audit@freebsd.org Received: from gw.nectar.com (gw.nectar.com [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id 44E0337B718 for ; Fri, 2 Mar 2001 10:25:03 -0800 (PST) (envelope-from nectar@nectar.com) Received: from hamlet.nectar.com (hamlet.nectar.com [10.0.1.102]) by gw.nectar.com (Postfix) with ESMTP id 5527918C97; Fri, 2 Mar 2001 12:25:02 -0600 (CST) Received: (from nectar@localhost) by hamlet.nectar.com (8.11.2/8.9.3) id f22IP2q63097; Fri, 2 Mar 2001 12:25:02 -0600 (CST) (envelope-from nectar@spawn.nectar.com) Date: Fri, 2 Mar 2001 12:25:02 -0600 From: "Jacques A. Vidrine" To: Warner Losh Cc: audit@freebsd.org Subject: Re: PATH_MAX vs MAXPATHLEN Message-ID: <20010302122502.B63024@hamlet.nectar.com> References: <20010302115105.A63024@hamlet.nectar.com> <200103020206.f2226Md53114@harmony.village.org> <20010302115105.A63024@hamlet.nectar.com> <200103021814.f22IE3d58463@harmony.village.org> <200103020206.f2226Md53114@harmony.village.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200103020206.f2226Md53114@harmony.village.org>; from imp@harmony.village.org on Thu, Mar 01, 2001 at 07:06:21PM -0700 X-Url: http://www.nectar.com/ Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, Mar 02, 2001 at 11:14:02AM -0700, Warner Losh wrote: > In message <20010302115105.A63024@hamlet.nectar.com> "Jacques A. Vidrine" writes: > : I think (strlen(path) > PATH_MAX) is now an off-by-one error, > : considering the thread of yesterday. It is definately so in > : some of the code you included (e.g. `char p_path[PATH_MAX]'). > > It was an off by one error yesterday too :-). No, `yesterday' PATH_MAX didn't include room for the NUL terminator. > : These are probably just the result of doing s/MAXPATHLEN + 1/PATH_MAX/ > : in definitions, but s/MAXPATHLEN/PATH_MAX/ in comparisons. > > But I didn't do anything like that... BTW, which code fragment are we > talking about? I'll include the ones that looked suspect to me below. Comments follow the fragment in question. On Thu, Mar 01, 2001 at 07:06:21PM -0700, Warner Losh wrote: > --- cp/cp.c 1999/11/28 09:34:21 1.24 > +++ cp/cp.c 2001/03/02 02:01:16 > @@ -177,7 +178,7 @@ > > /* Save the target base in "to". */ > target = argv[--argc]; > - if (strlen(target) > MAXPATHLEN) > + if (strlen(target) > PATH_MAX) > errx(1, "%s: name too long", target); > (void)strcpy(to.p_path, target); > to.p_end = to.p_path + strlen(to.p_path); Here, you've changed p_path from MAXPATHLEN+1 to PATH_MAX (in another chunk below), so the comparison should now be (strlen(target) >= PATH_MAX). > @@ -318,7 +319,7 @@ > if (*p != '/' && target_mid[-1] != '/') > *target_mid++ = '/'; > *target_mid = 0; > - if (target_mid - to.p_path + nlen > MAXPATHLEN) { > + if (target_mid - to.p_path + nlen > PATH_MAX) { > warnx("%s%s: name too long (not copied)", > to.p_path, p); > badcp = rval = 1; I haven't looked carefully, but this probably has the same issue. > --- cp/extern.h 1999/08/27 23:13:39 1.9 > +++ cp/extern.h 2001/03/02 01:55:20 > @@ -37,7 +37,7 @@ > typedef struct { > char *p_end; /* pointer to NULL at end of path */ > char *target_end; /* pointer to end of target base */ > - char p_path[MAXPATHLEN + 1]; /* pointer to the start of a path */ > + char p_path[PATH_MAX]; /* pointer to the start of a path */ > } PATH_T; > extern PATH_T to; This is what I was talking about earlier. > --- ed/main.c 2000/11/27 06:26:48 1.17 > +++ ed/main.c 2001/03/02 01:57:44 > @@ -96,7 +96,7 @@ > int sigflags = 0; /* if set, signals received while mutex set */ > int sigactive = 0; /* if set, signal handlers are enabled */ > > -char old_filename[MAXPATHLEN + 1] = ""; /* default filename */ > +char old_filename[PATH_MAX] = ""; /* default filename */ > long current_addr; /* current address in editor buffer */ > long addr_last; /* last address in editor buffer */ > int lineno; /* script line number */ > @@ -950,7 +950,7 @@ > return NULL; > if (n) printf("%s\n", shcmd + 1); > return shcmd; > - } else if (n - 1 > MAXPATHLEN) { > + } else if (n - 1 > PATH_MAX) { > sprintf(errmsg, "filename too long"); > return NULL; > } Same issue: should now be (n > PATH_MAX). > @@ -961,7 +961,7 @@ > return NULL; > } > #endif > - REALLOC(file, filesz, MAXPATHLEN + 1, NULL); > + REALLOC(file, filesz, PATH_MAX, NULL); > for (n = 0; *ibufp != '\n';) > file[n++] = *ibufp++; > file[n] = '\0'; Et cetera... basically one byte less is getting allocated here and there, but the length checks have not been updated to reflect this. [snip the rest -- the issues are the same] Cheers, -- Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Mar 2 10:30:46 2001 Delivered-To: freebsd-audit@freebsd.org Received: from harmony.village.org (rover.bsdimp.com [204.144.255.66]) by hub.freebsd.org (Postfix) with ESMTP id D6BB037B718 for ; Fri, 2 Mar 2001 10:30:43 -0800 (PST) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.11.1/8.11.1) with ESMTP id f22IUed58587; Fri, 2 Mar 2001 11:30:40 -0700 (MST) (envelope-from imp@harmony.village.org) Message-Id: <200103021830.f22IUed58587@harmony.village.org> To: "Jacques A. Vidrine" Subject: Re: PATH_MAX vs MAXPATHLEN Cc: audit@freebsd.org In-reply-to: Your message of "Fri, 02 Mar 2001 12:25:02 CST." <20010302122502.B63024@hamlet.nectar.com> References: <20010302122502.B63024@hamlet.nectar.com> <20010302115105.A63024@hamlet.nectar.com> <200103020206.f2226Md53114@harmony.village.org> <20010302115105.A63024@hamlet.nectar.com> <200103021814.f22IE3d58463@harmony.village.org> <200103020206.f2226Md53114@harmony.village.org> Date: Fri, 02 Mar 2001 11:30:40 -0700 From: Warner Losh Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <20010302122502.B63024@hamlet.nectar.com> "Jacques A. Vidrine" writes: : Here, you've changed p_path from MAXPATHLEN+1 to PATH_MAX (in another : chunk below), so the comparison should now be (strlen(target) >= PATH_MAX). : : I haven't looked carefully, but this probably has the same issue. Yes. I've changed both of these to use strlcpy or check as appropriate. : Same issue: should now be (n > PATH_MAX). I think that's right. : > @@ -961,7 +961,7 @@ : > return NULL; : > } : > #endif : > - REALLOC(file, filesz, MAXPATHLEN + 1, NULL); : > + REALLOC(file, filesz, PATH_MAX, NULL); : > for (n = 0; *ibufp != '\n';) : > file[n++] = *ibufp++; : > file[n] = '\0'; : : Et cetera... basically one byte less is getting allocated here and : there, but the length checks have not been updated to reflect this. But there are no length tests with the REALLOC stuff. But I'll go back to the original source and take a look to be sure. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Mar 2 19:11:18 2001 Delivered-To: freebsd-audit@freebsd.org Received: from bazooka.unixfreak.org (bazooka.unixfreak.org [63.198.170.138]) by hub.freebsd.org (Postfix) with ESMTP id E4B4D37B718 for ; Fri, 2 Mar 2001 19:11:15 -0800 (PST) (envelope-from dima@unixfreak.org) Received: from hornet.unixfreak.org (hornet [63.198.170.140]) by bazooka.unixfreak.org (Postfix) with ESMTP id 7AEFB3E0C; Fri, 2 Mar 2001 19:11:15 -0800 (PST) To: Warner Losh Cc: audit@FreeBSD.ORG Subject: Re: Propagating the nodump flag In-Reply-To: <200103020736.f227avd55031@harmony.village.org>; from imp@harmony.village.org on "Fri, 02 Mar 2001 00:36:57 -0700" Date: Fri, 02 Mar 2001 19:11:15 -0800 From: Dima Dorfman Message-Id: <20010303031115.7AEFB3E0C@bazooka.unixfreak.org> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Warner Losh writes: > In message <20010301041234.9F3D63E09@bazooka.unixfreak.org> Dima Dorfman writ > es: > : Comments? Reviews? > > These patches look generally good. I didn't check them for perfect > accuracy because they touch a part of dump that makes my head hurt > every time I look at the code. It seems reasonable to me. Thanks, Warner. I've also attached a manual page update which I accidently left out of the patch I posted. The updated patch can be found at http://www.unixfreak.org/~dima/home/nodump2.diff; the only difference is the update to the man page. If someone could commit this, I'd appreciate it. Thanks again Dima Dorfman dima@unixfreak.org Index: dump.8 =================================================================== RCS file: /st/src/FreeBSD/src/sbin/dump/dump.8,v retrieving revision 1.31 diff -u -r1.31 dump.8 --- dump.8 2000/12/18 15:16:10 1.31 +++ dump.8 2001/03/03 03:03:44 @@ -243,6 +243,20 @@ .El .Pp .Nm Dump +honors the user +.Dq nodump +flag +.Pq Dv UF_NODUMP +on regular files and directories. If a directory is marked +.Dq nodump , +the latter and all files and directories under it will not be backed +up. That is, +.Nm +propagates the +.Dq nodump +flag on directories. +.Pp +.Nm Dump requires operator intervention on these conditions: end of tape, end of dump, To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Mar 2 19:17:58 2001 Delivered-To: freebsd-audit@freebsd.org Received: from bazooka.unixfreak.org (bazooka.unixfreak.org [63.198.170.138]) by hub.freebsd.org (Postfix) with ESMTP id 9C04837B71A for ; Fri, 2 Mar 2001 19:17:56 -0800 (PST) (envelope-from dima@unixfreak.org) Received: from hornet.unixfreak.org (hornet [63.198.170.140]) by bazooka.unixfreak.org (Postfix) with ESMTP id 78C1E3E09; Fri, 2 Mar 2001 19:17:56 -0800 (PST) To: "Jeroen C. van Gelderen" Cc: Dag-Erling Smorgrav , audit@FreeBSD.ORG Subject: Re: Propagating the nodump flag In-Reply-To: <3A9FC4AF.898358C6@vangelderen.org>; from jeroen@vangelderen.org on "Fri, 02 Mar 2001 12:05:03 -0400" Date: Fri, 02 Mar 2001 19:17:56 -0800 From: Dima Dorfman Message-Id: <20010303031756.78C1E3E09@bazooka.unixfreak.org> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG "Jeroen C. van Gelderen" writes: > I once [1] merged the NetBSD and FreeBSD versions of dump. The > patches were not deemed acceptable [2] but David O'Brien said [3] > he would handle committing the nodump changes within a week. As > a result I canned the project but the nodump changes never > actually got comitted for whatever reason. Well, I suppose now's a good time as any for somebody to change that :-). I like the idea of reducing diffs between the BSDs, but it looks like merging all of NetBSD's changes to dump will require some more discussion, while this--the nodump propagation--seems to be something almost everybody agrees on. Also, my patch isn't terribly long, and tries to avoid adding unnecessary deltas; just whatever's needed to properly implement the feature. I've posted a URL to the patch along with a man page entry that I forgot to post last time in my reply to Warner. Regards Dima Dorfman dima@unixfreak.org > [1] http://www.freebsd.org/cgi/getmsg.cgi?fetch=55466+0+/usr/local/www/db/tex > t/2000/freebsd-arch/20001217.freebsd-arch > [2] http://www.FreeBSD.org/cgi/getmsg.cgi?fetch=70863+73575+/usr/local/www/db > /text/2000/freebsd-arch/20001217.freebsd-arch > [3] http://www.FreeBSD.org/cgi/getmsg.cgi?fetch=70863+73575+/usr/local/www/db > /text/2000/freebsd-arch/20001217.freebsd-arch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Mar 3 7:57: 2 2001 Delivered-To: freebsd-audit@freebsd.org Received: from mailout01.sul.t-online.com (mailout01.sul.t-online.com [194.25.134.80]) by hub.freebsd.org (Postfix) with ESMTP id 81E1137B71B; Sat, 3 Mar 2001 07:56:52 -0800 (PST) (envelope-from alex@big.endian.de) Received: from fwd03.sul.t-online.com by mailout01.sul.t-online.com with smtp id 14ZEOp-0001o4-03; Sat, 03 Mar 2001 16:56:51 +0100 Received: from neutron.cichlids.com (520050424122-0001@[62.158.38.62]) by fmrl03.sul.t-online.com with esmtp id 14ZEOk-0fzX3QC; Sat, 3 Mar 2001 16:56:46 +0100 Received: from cichlids.cichlids.com (cichlids.cichlids.com [192.168.0.10]) by neutron.cichlids.com (Postfix) with ESMTP id 7A830AB44; Sat, 3 Mar 2001 16:57:10 +0100 (CET) Received: by cichlids.cichlids.com (Postfix, from userid 1001) id 6BA4914A66; Sat, 3 Mar 2001 16:56:41 +0100 (CET) Date: Sat, 3 Mar 2001 16:56:40 +0100 To: audit@freebsd.org, dfr@freebsd.org, sheldonh@freebsd.org Subject: two new manpages for review: module.9, DECLARE_MODULE.9 Message-ID: <20010303165640.A8210@cichlids.cichlids.com> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="yrj/dFKFPuw6o+aM" Content-Disposition: inline User-Agent: Mutt/1.2.5i X-PGP-Fingerprint: 44 28 CA 4C 46 5B D3 A8 A8 E3 BA F3 4E 60 7D 7F X-PGP-at: finger alex@big.endian.de X-Verwirrung: Dieser Header dient der allgemeinen Verwirrung. From: alex@big.endian.de (Alexander Langer) X-Sender: 520050424122-0001@t-dialin.net Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --yrj/dFKFPuw6o+aM Content-Type: text/plain; charset=us-ascii Content-Disposition: inline [followup to audit@freebsd.org, please] Hi! I have written two new manpages and I'd like to hear some comments about them (mdoc stuff, technical errors and enhancements, suggestions[1]). Thanks! Alex [1] ecspecially module.9, which is similar to driver.9, but somehow - uhm - short. I don't know what it could contain, but I think it's a good start... -- cat: /home/alex/.sig: No such file or directory --yrj/dFKFPuw6o+aM Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="module.9" .\" -*- nroff -*- .\" .\" Copyright (c) 2000 Alexander Langer .\" .\" All rights reserved. .\" .\" This program is free software. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" .\" THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY EXPRESS OR .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. .\" IN NO EVENT SHALL THE DEVELOPERS BE LIABLE FOR ANY DIRECT, INDIRECT, .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" .\" $FreeBSD$ .\" .Dd March 01, 2001 .Dt MODULE 9 .Os FreeBSD .Sh NAME .Nm driver .Nd structure describing a kernel module .Sh SYNOPSIS .Bd -literal #include #include modeventhand_t foo_handler; static moduledata_t mod_data= { "foo", foo_handler, 0 }; DECLARE_MODULE(foo, mod_data, SI_SUB_EXEC, SI_ORDER_ANY); typedef int (*modeventhand_t)(module_t mod, int /*modeventtype_t*/ what, void *arg); .Ed .Sh DESCRIPTION Each module in the kernel is described by a .Dv module_t structure. The structure contains the name of the device, a unique id number, a pointer to an event handler function and to an argument, which is given to the event handler, as well as some kernel internal data. .Pp The .Dv DECLARE_MODULE macro (see .Xr DECLARE_MODULE 9 ) registers the module with the system. When the module is loaded, the event handler function is called with the .Fa what argument set to .Dv MOD_LOAD . On unload, .Fa what is set to .Dv MOD_UNLOAD . When the system is shutting down, .Fa what contains the value of .Dv MOD_SHUTDOWN .Sh SEE ALSO .Xr DECLARE_MODULE 9 , .Xr CDEV_MODULE 9 , .Xr DRIVER_MODULE 9 , .Xr SYSCALL_MODULE 9 , .Xr MODULE_VERSION 9 , .Xr MODULE_DEPEND 9 , .Xr /usr/share/examples/kld .Sh AUTHORS This man page was written by .An Alexander Langer Ar alex@FreeBSD.org . --yrj/dFKFPuw6o+aM Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="DECLARE_MODULE.9" .\" -*- nroff -*- .\" .\" Copyright (c) 2000 Alexander Langer .\" .\" All rights reserved. .\" .\" This program is free software. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" .\" THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY EXPRESS OR .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. .\" IN NO EVENT SHALL THE DEVELOPERS BE LIABLE FOR ANY DIRECT, INDIRECT, .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" .\" $FreeBSD$ .\" .Dd March 03, 2001 .Dt DECLARE_MODULE 9 .Os .Sh NAME .Nm DECLARE_MODULE .Nd kernel module declaration macro .Sh SYNOPSIS .Fd #include .Fn DECLARE_MODULE "name" "moduledata_t data" "sub" "order" .Sh DESCRIPTION The .Fn DECLARE_MODULE macro declares a generic kernel module. It is used to register the module with the system, using the .Fn SYSINIT macro. .Fn DECLARE_MODULE is usually used within other macros, such as .Xr DRIVER_MODULE 9 , .Xr CDEV_MODULE 9 and .Xr SYSCALL_MODULE 9 . However, it can be called directly of course, for example in order to implement dynamic sysctls. .Pp The arguments to .Fn DECLARE_MODULE : .Pp .Fa name is the name of the module, which will be used in the .Fn SYSINIT call to identify the module. .Pp .Fa data is a pointer to the .Dv moduledata_t structure, which contains two main items, the official name of the module name, which will be used in the .Dv module_t structure and a pointer to the event handler function of type .Dv modeventhand_t . .Pp .Fa sub is an argument directed to the .Fn SYSINIT macro. Valid values for this are contained in the .Dv sysstem_sub_id enumeration (see .Pa kernel.h ) and specify the type of system startup interfaces. The .Xr DRIVER_MODULE 9 macro uses a value of .Dv SI_SUB_DRIVERS here for example, since these modules contain a driver for a device. For kernel modules that are loaded at runtime, a value of .Dv SI_SUB_EXEC is common. .Pp The .Fa order value is another argument for .Fn SYSINIT . It represents the KLDs order of initialization within the subsystem. Valid values are defined in the .Dv sysinit_elem_order enumeration .Pa ( kernel.h ) . .Sh SEE ALSO .Xr module 9 , .Xr CDEV_MODULE 9 , .Xr DRIVER_MODULE 9 , .Xr SYSCALL_MODULE 9 , .Pa /usr/include/sys/kernel.h , .Pa /usr/share/examples/kld .Sh AUTHORS This manual page was written by .An Alexander Langer Aq alex@FreeBSD.org , inspired by the KLD Facility Programming Tutorial by .An Andrew Reiter Aq arr@watson.org . --yrj/dFKFPuw6o+aM-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Mar 3 15: 0:57 2001 Delivered-To: freebsd-audit@freebsd.org Received: from obsecurity.dyndns.org (adsl-63-207-60-158.dsl.lsan03.pacbell.net [63.207.60.158]) by hub.freebsd.org (Postfix) with ESMTP id 1A29837B719 for ; Sat, 3 Mar 2001 15:00:50 -0800 (PST) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id C9E4566D2E; Sat, 3 Mar 2001 15:00:49 -0800 (PST) Date: Sat, 3 Mar 2001 15:00:49 -0800 From: Kris Kennaway To: audit@FreeBSD.org Subject: rand() patches Message-ID: <20010303150049.A33806@mollari.cthul.hu> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="2oS5YaxWCcQjTEyO" Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --2oS5YaxWCcQjTEyO Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Please review the following patches which replace all uses of rand() (and one of random() which I came across) with stronger variants. Even the "fixed" version of rand() in -current is too weak (because of interface constraints with rand_r()) to be used here. Kris Index: bin/ed/cbc.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/bin/ed/cbc.c,v retrieving revision 1.12 diff -u -r1.12 cbc.c --- bin/ed/cbc.c 1999/08/27 23:14:12 1.12 +++ bin/ed/cbc.c 2001/02/27 18:38:17 @@ -57,12 +57,6 @@ =20 =20 /* - * Define a divisor for rand() that yields a uniform distribution in the - * range 0-255. - */ -#define RAND_DIV (((unsigned) RAND_MAX + 1) >> 8) - -/* * BSD and System V systems offer special library calls that do * block move_liness and fills, so if possible we take advantage of them */ @@ -125,9 +119,8 @@ MEMZERO(ivec, 8); =20 /* initialize the padding vector */ - srand((unsigned) time((time_t *) 0)); for (i =3D 0; i < 8; i++) - CHAR(pvec, i) =3D (char) (rand()/RAND_DIV); + CHAR(pvec, i) =3D (char) (arc4random() % 256); #endif } =20 Index: contrib/opie/libopie/newseed.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/contrib/opie/libopie/newseed.c,v retrieving revision 1.3 diff -u -r1.3 newseed.c --- contrib/opie/libopie/newseed.c 2000/04/10 11:18:54 1.3 +++ contrib/opie/libopie/newseed.c 2001/02/27 18:15:19 @@ -16,6 +16,9 @@ */ =20 #include "opie_cfg.h" +#if HAVE_STDLIB_H +#include +#endif /* HAVE_STDLIB_H */ #if HAVE_TIME_H #include #endif /* HAVE_TIME_H */ @@ -84,12 +87,6 @@ =20 { { - time_t now; - time(&now); - srand(now); - } - - { struct utsname utsname; =20 if (uname(&utsname) < 0) { @@ -101,7 +98,7 @@ } utsname.nodename[2] =3D 0; =20 - sprintf(seed, "%s%04d", utsname.nodename, (rand() % 9999) + 1); + sprintf(seed, "%s%04d", utsname.nodename, (arc4random() % 9999) + 1); return 0; } } Index: contrib/opie/libopie/randomchallenge.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/contrib/opie/libopie/randomchallenge.c,v retrieving revision 1.1.1.3 diff -u -r1.1.1.3 randomchallenge.c --- contrib/opie/libopie/randomchallenge.c 2000/04/10 11:09:41 1.1.1.3 +++ contrib/opie/libopie/randomchallenge.c 2001/02/27 18:16:48 @@ -25,6 +25,9 @@ Created at NRL for OPIE 2.2 from opiesubr2.c */ =20 +#if HAVE_STDLIB_H +#include +#endif /* HAVE_STDLIB_H */ #include "opie_cfg.h" #include "opie.h" =20 @@ -41,5 +44,5 @@ if (opienewseed(buf)) strcpy(buf, "ke4452"); =20 - sprintf(prompt, "otp-%s %d %s ext", algids[MDX], (rand() % 499) + 1, buf= ); + sprintf(prompt, "otp-%s %d %s ext", algids[MDX], (arc4random() % 499) + = 1, buf); } Index: usr.bin/newkey/generic.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/usr.bin/newkey/generic.c,v retrieving revision 1.3 diff -u -r1.3 generic.c --- usr.bin/newkey/generic.c 1999/08/28 01:04:33 1.3 +++ usr.bin/newkey/generic.c 2001/02/27 18:26:42 @@ -57,18 +57,9 @@ unsigned char *pass; { int i; - int rseed; - struct timeval tv; =20 - (void)gettimeofday(&tv, (struct timezone *)NULL); - rseed =3D tv.tv_sec + tv.tv_usec; - for (i =3D 0; i < 8; i++) { - rseed ^=3D (rseed << 8) | pass[i]; - } - srand(rseed); - for (i =3D 0; i < seedsize; i++) { - seed[i] =3D (rand() & 0xff) ^ pass[i % 8]; + seed[i] =3D (arc4random() & 0xff) ^ pass[i % 8]; } } =20 Index: usr.sbin/pw/pw_user.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/usr.sbin/pw/pw_user.c,v retrieving revision 1.44 diff -u -r1.44 pw_user.c --- usr.sbin/pw/pw_user.c 2000/12/29 18:04:49 1.44 +++ usr.sbin/pw/pw_user.c 2001/02/27 19:05:05 @@ -55,7 +55,6 @@ #define LOGNAMESIZE (MAXLOGNAME-1) #endif =20 -static int randinit; static char locked_str[] =3D "*LOCKED*"; =20 static int print_user(struct passwd * pwd, int pretty, int v7); @@ -1013,16 +1012,8 @@ /* * Calculate a salt value */ - if (!randinit) { - randinit =3D 1; -#ifdef __FreeBSD__ - srandomdev(); -#else - srandom((unsigned long) (time(NULL) ^ getpid())); -#endif - } for (i =3D 0; i < 8; i++) - salt[i] =3D chars[random() % 63]; + salt[i] =3D chars[arc4random() % 63]; salt[i] =3D '\0'; =20 return strcpy(buf, crypt(password, salt)); @@ -1086,15 +1077,7 @@ =20 switch (cnf->default_password) { case -1: /* Random password */ - if (!randinit) { - randinit =3D 1; -#ifdef __FreeBSD__ - srandomdev(); -#else - srandom((unsigned long) (time(NULL) ^ getpid())); -#endif - } - l =3D (random() % 8 + 8); /* 8 - 16 chars */ + l =3D (arc4random() % 8 + 8); /* 8 - 16 chars */ pw_getrand(rndbuf, l); for (i =3D 0; i < l; i++) pwbuf[i] =3D chars[rndbuf[i] % (sizeof(chars)-1)]; --2oS5YaxWCcQjTEyO Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6oXehWry0BWjoQKURAkCMAKDNLq+JHgc4pDinfX0uLAMzOdcpVACgsqvB myoUVfNBLywOchUtN8R1GFk= =D+tQ -----END PGP SIGNATURE----- --2oS5YaxWCcQjTEyO-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Mar 3 15:13:43 2001 Delivered-To: freebsd-audit@freebsd.org Received: from obsecurity.dyndns.org (adsl-63-207-60-158.dsl.lsan03.pacbell.net [63.207.60.158]) by hub.freebsd.org (Postfix) with ESMTP id B26E037B718; Sat, 3 Mar 2001 15:13:35 -0800 (PST) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id D60FF66D2E; Sat, 3 Mar 2001 15:13:34 -0800 (PST) Date: Sat, 3 Mar 2001 15:13:34 -0800 From: Kris Kennaway To: audit@FreeBSD.org Cc: cracauer@freebsd.org, bde@freebsd.org Subject: -Wnon-const-format patches, Pt 1 Message-ID: <20010303151334.A33979@mollari.cthul.hu> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="MGYHOYXEY6WxJCY8" Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --MGYHOYXEY6WxJCY8 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable These are the patches I have so far for format string warnings with -Wnon-const-format, covering the bin/ tree. Please review (especially whether I've got all the __printflike/__printf0like attributes correct -- the difference being whether the function gracefully handles a NULL format string, like the err() family, or through explicit checks). More to follow, but I don't want to overwhelm people. Kris Index: rcp/extern.h =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/bin/rcp/extern.h,v retrieving revision 1.5 diff -u -r1.5 extern.h --- rcp/extern.h 1999/08/27 23:14:57 1.5 +++ rcp/extern.h 2001/03/03 23:05:33 @@ -46,6 +46,6 @@ void lostconn __P((int)); void nospace __P((void)); int okname __P((char *)); -void run_err __P((const char *, ...)); +void run_err __P((const char *, ...)) __printflike(1,2); int susystem __P((char *, int)); void verifydir __P((char *)); Index: rcp/rcp.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/bin/rcp/rcp.c,v retrieving revision 1.26 diff -u -r1.26 rcp.c --- rcp/rcp.c 2000/02/24 21:21:15 1.26 +++ rcp/rcp.c 2001/03/03 23:05:57 @@ -106,10 +106,11 @@ =20 #ifdef KERBEROS int kerberos __P((char **, char *, char *, char *)); -void oldw __P((const char *, ...)); +void oldw __P((const char *, ...)) __printflike(1,2); #endif int response __P((void)); void rsource __P((char *, struct stat *)); +void run_err __P((const char *, ...)) __printflike(1,2); void sink __P((int, char *[])); void source __P((int, char *[])); void tolocal __P((int, char *[])); Index: sh/error.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/bin/sh/error.c,v retrieving revision 1.15 diff -u -r1.15 error.c --- sh/error.c 1999/11/29 19:10:58 1.15 +++ sh/error.c 2001/03/01 09:58:29 @@ -70,7 +70,7 @@ char *commandname; =20 =20 -static void exverror __P((int, char *, va_list)); +static void exverror __P((int, char *, va_list)) __printf0like(2,0); =20 /* * Called to raise an exception. Since C doesn't include exceptions, we Index: sh/error.h =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/bin/sh/error.h,v retrieving revision 1.12 diff -u -r1.12 error.h --- sh/error.h 2000/04/20 09:49:15 1.12 +++ sh/error.h 2001/03/01 09:56:15 @@ -91,8 +91,8 @@ =20 void exraise __P((int)); void onint __P((void)); -void error __P((char *, ...)); -void exerror __P((int, char *, ...)); +void error __P((char *, ...)) __printf0like(1,2); +void exerror __P((int, char *, ...)) __printf0like(2,3); char *errmsg __P((int, int)); =20 =20 Index: sh/mknodes.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/bin/sh/mknodes.c,v retrieving revision 1.11 diff -u -r1.11 mknodes.c --- sh/mknodes.c 1999/11/29 19:11:01 1.11 +++ sh/mknodes.c 2001/03/01 09:58:58 @@ -112,7 +112,7 @@ static int nextfield __P((char *)); static void skipbl __P((void)); static int readline __P((void)); -static void error __P((const char *, ...)); +static void error __P((const char *, ...)) __printf0like(1,2); static char *savestr __P((const char *)); =20 =20 Index: sh/output.h =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/bin/sh/output.h,v retrieving revision 1.8 diff -u -r1.8 output.h --- sh/output.h 1999/08/27 23:15:22 1.8 +++ sh/output.h 2001/03/03 23:09:14 @@ -68,11 +68,11 @@ void flushall __P((void)); void flushout __P((struct output *)); void freestdout __P((void)); -void outfmt __P((struct output *, char *, ...)); -void out1fmt __P((char *, ...)); -void dprintf __P((char *, ...)); -void fmtstr __P((char *, int, char *, ...)); -void doformat __P((struct output *, char *, va_list)); +void outfmt __P((struct output *, char *, ...)) __printflike(2,3); +void out1fmt __P((char *, ...)) __printflike(1,2); +void dprintf __P((char *, ...)) __printflike(1,2); +void fmtstr __P((char *, int, char *, ...)) __printflike(3,4); +void doformat __P((struct output *, char *, va_list)) __printflike(2,0); int xwrite __P((int, char *, int)); int xioctl __P((int, unsigned long, char *)); =20 Index: sh/show.h =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/bin/sh/show.h,v retrieving revision 1.8 diff -u -r1.8 show.h --- sh/show.h 2000/04/20 11:39:11 1.8 +++ sh/show.h 2001/03/03 23:09:51 @@ -36,7 +36,7 @@ =20 void showtree __P((union node *)); #ifdef DEBUG -void sh_trace __P((const char *, ...)); +void sh_trace __P((const char *, ...)) __printflike(1,2); void trargs __P((char **)); void trputc __P((int)); void trputs __P((char *)); Index: sh/bltin/bltin.h =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/bin/sh/bltin/bltin.h,v retrieving revision 1.10 diff -u -r1.10 bltin.h --- sh/bltin/bltin.h 1999/08/27 23:15:30 1.10 +++ sh/bltin/bltin.h 2001/03/01 10:00:22 @@ -85,7 +85,7 @@ =20 #ifdef __STDC__ pointer stalloc(int); -void error(char *, ...); +void error(char *, ...) __printf0like(1,2); #else pointer stalloc(); void error(); --MGYHOYXEY6WxJCY8 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6oXqeWry0BWjoQKURAvxtAJ9Ew3eeQvYLiAbcNm48ckCQhSX5OQCg28JU nFhtB7Jb6gCHE6eXX59zO1I= =StU4 -----END PGP SIGNATURE----- --MGYHOYXEY6WxJCY8-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Mar 3 15:21:17 2001 Delivered-To: freebsd-audit@freebsd.org Received: from obsecurity.dyndns.org (adsl-63-207-60-158.dsl.lsan03.pacbell.net [63.207.60.158]) by hub.freebsd.org (Postfix) with ESMTP id 7BE9737B718; Sat, 3 Mar 2001 15:21:09 -0800 (PST) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 38D4366D2E; Sat, 3 Mar 2001 15:21:09 -0800 (PST) Date: Sat, 3 Mar 2001 15:21:09 -0800 From: Kris Kennaway To: audit@FreeBSD.org, developers@FreeBSD.org Subject: Time to MFC patches! Message-ID: <20010303152108.A34339@mollari.cthul.hu> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="6TrnltStXW4iwmi0" Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --6TrnltStXW4iwmi0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hi all, If anyone has committed bug fixes/audit patches to -current, now is the time to merge them to 4.x (the code freeze for 4.3 is on Monday). I believe I've merged all of mine, but have lost track of any others committed. If anyone knows of unmerged patches they can't commit, please let me know. If you could all take the time to search through /home/ncvs/CVSROOT/commitlogs for commits you've made over the past 4 months which may not have been merged, it would be much appreciated. Kris --6TrnltStXW4iwmi0 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6oXxkWry0BWjoQKURAnv0AJ0YZMNFSsxziYf/6NmvFrm+4qlSLQCg6/uW VkyxJy0+czpW279HYBDxmEI= =68PE -----END PGP SIGNATURE----- --6TrnltStXW4iwmi0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message