From owner-freebsd-hackers@freebsd.org Sun Oct 2 08:26:15 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A9188AC6A65 for ; Sun, 2 Oct 2016 08:26:15 +0000 (UTC) (envelope-from lars@e-new.0x20.net) Received: from mail.0x20.net (mail.0x20.net [IPv6:2001:aa8:fffb:1::3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "0x20.net", Issuer "StartCom Class 1 DV Server CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 63CF78CB for ; Sun, 2 Oct 2016 08:26:14 +0000 (UTC) (envelope-from lars@e-new.0x20.net) Received: from e-new.0x20.net (mail.0x20.net [IPv6:2001:aa8:fffb:1::3]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by mail.0x20.net (Postfix) with ESMTPS id C053B6E0081; Sun, 2 Oct 2016 10:26:11 +0200 (CEST) Received: from e-new.0x20.net (localhost [127.0.0.1]) by e-new.0x20.net (8.14.7/8.14.7) with ESMTP id u928QBik042046; Sun, 2 Oct 2016 10:26:11 +0200 (CEST) (envelope-from lars@e-new.0x20.net) Received: (from lars@localhost) by e-new.0x20.net (8.14.7/8.14.7/Submit) id u928Q9TQ041425; Sun, 2 Oct 2016 10:26:09 +0200 (CEST) (envelope-from lars) Date: Sun, 2 Oct 2016 10:26:09 +0200 From: Lars Engels To: Hans Petter Selasky Cc: Zaphod Beeblebrox , Eitan Adler , FreeBSD Hackers Subject: Re: Logitech G510s keyboard fail. Message-ID: <20161002082609.GC97879@e-new.0x20.net> References: <4300eab5-dafb-bce6-5b58-24d347202e23@selasky.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="/OCBIV6O7sl/38gM" Content-Disposition: inline In-Reply-To: <4300eab5-dafb-bce6-5b58-24d347202e23@selasky.org> X-Editor: VIM - Vi IMproved 7.4 X-Operation-System: FreeBSD 8.4-RELEASE-p23 User-Agent: Mutt/1.5.23 (2014-03-12) X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Oct 2016 08:26:15 -0000 --/OCBIV6O7sl/38gM Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Sep 28, 2016 at 10:01:18PM +0200, Hans Petter Selasky wrote: > On 09/28/16 20:46, Zaphod Beeblebrox wrote: > > Ok... that makes the keyboard attach. It still says the following on d= mesg: > > > > uhid1: > > on usbus0 > > hid_get_item: Number of items(991) truncated to 255 > > hid_get_item: Number of items(257) truncated to 255 > > hid_get_item: Number of items(991) truncated to 255 > > hid_get_item: Number of items(257) truncated to 255 > > hid_get_item: Number of items(991) truncated to 255 > > hid_get_item: Number of items(257) truncated to 255 > > > > How do I make this permanent? > > >=20 > Make a patch for sys/dev/usb/quirk/usb_quirk.c . Look at existing=20 > keyboard quirks. There are plenty of patches for the USB quirks coming in much faster than new FreeBSD releases are made. Would it be possible to swap out the quirks in a port? We could still have the quirks in base but if you install the port it would override them? --/OCBIV6O7sl/38gM Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQF8BAEBCgBmBQJX8MSgXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4RjQwMDE3RTRERjUzMTI1N0FGRTUxNDlF NTRDQjM3RDNBMDg5RDZEAAoJEOVMs306CJ1tNNAIAL4wLGbp50iAh+smKcdDk/hk mlJQdM5TxNDU4QJRPEoKaX4JtnCQn7Dyn+IsDbUQc4GntQQWzVrwcV2cATT8fzbB Z1QWhiVsCli6BhKWDxzK4c08trlXr9uoQzMYHPZW5OgF/f/riCyX7PG0az4GPpv1 hgGLoufp9qd0BPNVVHf9Uix5katGUhJ1myDDx5ppGBxCrS0bPBHde62gEYFg64hG aa70PTaOkYxZzV7q/+x9ybe/Vl9WUf1ZZKKbY+pHUJCEQdjeGEU1G43NoPi/hd64 eSMewsL0gWs9qeozPett8SvPqJIs+OTNYqhSyC9hxHhOd9QFYPLx6SfZ2tn8xWA= =xNCX -----END PGP SIGNATURE----- --/OCBIV6O7sl/38gM-- From owner-freebsd-hackers@freebsd.org Sun Oct 2 08:58:53 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7B9E2AC635A for ; Sun, 2 Oct 2016 08:58:53 +0000 (UTC) (envelope-from m.e.sanliturk@gmail.com) Received: from mail-yb0-x230.google.com (mail-yb0-x230.google.com [IPv6:2607:f8b0:4002:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 36EEF36F; Sun, 2 Oct 2016 08:58:53 +0000 (UTC) (envelope-from m.e.sanliturk@gmail.com) Received: by mail-yb0-x230.google.com with SMTP id 191so2062805ybv.3; Sun, 02 Oct 2016 01:58:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=WCOk7AZrraxvBIMiSHI4w7m8lraJ34UPgktCX8h872w=; b=SX69zaVSpFE8NgNCXl3j7A79rndIbWKe66z+f20QT926DGN74GSA6/VPYg1cNAZl6+ o7IYAdDS7+/lud3hdL6Z99V2BH8ug5yRf4RSJaztU6SSxNwWNIubjJg7tjCEnS4cX2MB fNBRG4kwWVuNjiu07SCD4NToErQeQVKolmkF/S4Zh5irF+FyxLXu+5+PGuS+UYuLVlnO DdpuQ+SpmVHxuCp0EVqTtZGg/zusIZT9HVD2yEqsU6ZmnHMDu6Gh7EicsgC2iiAuNevd +XOKV6Ql+eGzWsiIYrmjwRsfl8j1CJYFF/P2cllN06uQxPB8URbm6wLqsU6TH3htxAF1 CRAw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=WCOk7AZrraxvBIMiSHI4w7m8lraJ34UPgktCX8h872w=; b=TaZv0swyMXMQWxqgoJV5UzZ71ipUHtHHrYFkZy6N+AbcQ5s86ATkEUGuBTv4pQYBv7 UmkAnKL2XHfUzQuBX/fj2+vQqvno7u5BVmXu1Ib4vgmlDZy2PckCXNAkqJDnVG/iwHIY PHvUSlgusrHQ4qhrlco389ebvCnzYPgEgIYh+YVZG9DYgnuM857mRQRqYIc2pXxEem3B kzXcb6ru41VOeH5rJLjvvWe6ZB0JyCThjAPKxa5sqkqSBfIu9GZDclQ9c9fhxHUhyH/h sPGBoVrKKWY/1qtwgbzUivdj0Cc2sGZxqYyNYcHDQjp7fVJ1OeM+dQ/p69DhT7GIcTbN 1/0Q== X-Gm-Message-State: AA6/9RkFqbzL88uurH0VqbCbw47CSU8cZXEBW7rTPkSK7QPX5Sl9VZZeL7Cd+EVliUg5j+aCQJPkoKYcGn4oHg== X-Received: by 10.37.19.202 with SMTP id 193mr11187690ybt.3.1475398732440; Sun, 02 Oct 2016 01:58:52 -0700 (PDT) MIME-Version: 1.0 Received: by 10.37.88.214 with HTTP; Sun, 2 Oct 2016 01:58:51 -0700 (PDT) In-Reply-To: <20161002082609.GC97879@e-new.0x20.net> References: <4300eab5-dafb-bce6-5b58-24d347202e23@selasky.org> <20161002082609.GC97879@e-new.0x20.net> From: Mehmet Erol Sanliturk Date: Sun, 2 Oct 2016 01:58:51 -0700 Message-ID: Subject: Re: Logitech G510s keyboard fail. To: Lars Engels Cc: Hans Petter Selasky , Eitan Adler , Zaphod Beeblebrox , FreeBSD Hackers Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Oct 2016 08:58:53 -0000 On Sun, Oct 2, 2016 at 1:26 AM, Lars Engels wrote: > On Wed, Sep 28, 2016 at 10:01:18PM +0200, Hans Petter Selasky wrote: > > On 09/28/16 20:46, Zaphod Beeblebrox wrote: > > > Ok... that makes the keyboard attach. It still says the following on > dmesg: > > > > > > uhid1: addr 10> > > > on usbus0 > > > hid_get_item: Number of items(991) truncated to 255 > > > hid_get_item: Number of items(257) truncated to 255 > > > hid_get_item: Number of items(991) truncated to 255 > > > hid_get_item: Number of items(257) truncated to 255 > > > hid_get_item: Number of items(991) truncated to 255 > > > hid_get_item: Number of items(257) truncated to 255 > > > > > > How do I make this permanent? > > > > > > > Make a patch for sys/dev/usb/quirk/usb_quirk.c . Look at existing > > keyboard quirks. > > There are plenty of patches for the USB quirks coming in much faster > than new FreeBSD releases are made. Would it be possible to swap out the > quirks in a port? We could still have the quirks in base but if you > install the port it would override them? > I have another idea ( I am sorry that I can not do it now ) : Move all of the existent device definitions arrays into XML files . When a device is detected , load its definition from related XML file Find its "index" . By using that "index" , in a case statement do whatever is required such as obtained from now from internal arrays : load a driver , etc. This may have two parts : Existing device drivers in FreeBSD and XML definition specified above . These will be stored into FreeBSD base directories . If device definition is not found in FreeBSD base XML definition files , the system will look into following files defined below : If it is found , it will use it , if it is not found , it will not "panic" but display a proper error message ( in sufficient detail to be understandable by user ) . For user devices which they are not in the above XML files : System will search a predefined device directory in user space for a possible XML file having definition of the device dedicated to the device detected : In this file , a driver name should be specified . FreeBSD will load this driver into user space and execute it . Sources reading XML files is already present in the FreeBSD . The only required part is to decode loaded XML file with respect to elements . The above structure will allow the companies to produce related XML files and device drivers and let the users to use them without requiring modifications into FreeBSD base system . If they are not open source , it is the responsibility of the user whether she/he will use it or not use it . Such a structure will not require continuous modification in kernel sources , and recompiling them . It will move new device drivers into user space . Later on , on new releases , if it is found useful , such drivers may be moved into FreeBSD base . Thank you very much . Mehmet Erol Sanliturk From owner-freebsd-hackers@freebsd.org Mon Oct 3 17:48:41 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BD06AAF42D8 for ; Mon, 3 Oct 2016 17:48:41 +0000 (UTC) (envelope-from asomers@gmail.com) Received: from mail-wm0-x230.google.com (mail-wm0-x230.google.com [IPv6:2a00:1450:400c:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 55E1DAAA for ; Mon, 3 Oct 2016 17:48:41 +0000 (UTC) (envelope-from asomers@gmail.com) Received: by mail-wm0-x230.google.com with SMTP id f193so121371922wmg.0 for ; Mon, 03 Oct 2016 10:48:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:from:date:message-id:subject:to; bh=+/br9pSF4gdKcVlOAyS6kJ+u4wc9q46nx/MpC+q1G0A=; b=UvgRe+qjQXFjWpxzFN6YpeMqvpGW3BvLgn/auAmQvFg/9ZsMwtpt7zKA4P1BBLnTrI AuvuNJRRIIN70RXv+dcnrJ48zjsNvw6OlJxI/ftYtOUN3qHXiy4deDLjdl4EXqdK5lY7 3o9uDFU1QKyMbDz3O8rHbx819y/1U34FnHL16f0wC5zVf1hRXCC5Vv4iBq3hP8UyEBMT i2AXgAV4F13nVLGmPnkhrSDiek8BycyAlsO5SbXWPYYOFuw29PyRqQUProEzeagDwakG llOpwZQPd0N0lreV1Tyy/5Pea0ty+BhBALxKwFIw2hrfCuWLbduH7MTOKZx2M5fWYJpy 929w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:from:date:message-id:subject :to; bh=+/br9pSF4gdKcVlOAyS6kJ+u4wc9q46nx/MpC+q1G0A=; b=N+Qb2HNe6A7S3IWAsQjekhQe8toimzSgu0WyOXP44k+CIq5YaBc3PFFuEmBt6UExL1 1Con0JCE7GjQNc12qVSlWEgqD4E+r5yxkZKS7O0m4O+H2yKcNdj7Mhn1uB0smkiXiuUK TaKIipxsbEV3GpudG8HV8tXAJzYzeKwb063rz4zqtK2Q+bAUNp5xc3YnK/upim+rhLpd legaccCghKgr3mM26IP46/21aNaNl9kbinMC0GPrU2HWahw58C7WHhLa3r33FePjG9md m5AtoOsabnq6vnDp70QL9JBNEdrDoJlQnBhpLqfw/EpXbddFugGCMPeS8MAnc66+Cxma xY5g== X-Gm-Message-State: AA6/9RmZwGETkdXmNj/iwPOT2Pnr7CtPhzEo6gVu+7ooH22ufXxB33wyMkDMOdZ3acF9ahp+doA5iLGw8Il/CA== X-Received: by 10.195.17.226 with SMTP id gh2mr20485656wjd.15.1475516919629; Mon, 03 Oct 2016 10:48:39 -0700 (PDT) MIME-Version: 1.0 Sender: asomers@gmail.com Received: by 10.194.15.137 with HTTP; Mon, 3 Oct 2016 10:48:39 -0700 (PDT) From: Alan Somers Date: Mon, 3 Oct 2016 11:48:39 -0600 X-Google-Sender-Auth: J2FcG8kf7yNa170Z_nEUaZgBOXo Message-ID: Subject: Proper way to add vendor-specific syscalls? To: "freebsd-hackers@freebsd.org" Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Oct 2016 17:48:41 -0000 What's the proper way to add a vendor-specific syscall? The comments in kern/syscalls.master suggest that they should be put in the range from 151-180, but most of that range is actually occupied. Only five nosys slots are available. If I add syscalls to the end of the list, they'll likely collide with future standard syscalls. Should I just added ~100 nosys syscalls to the end of the list, and put my custom syscalls afterwards? Is there any penalty to lengthening the list? -Alan From owner-freebsd-hackers@freebsd.org Mon Oct 3 17:50:18 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2827FAF4446 for ; Mon, 3 Oct 2016 17:50:18 +0000 (UTC) (envelope-from badger@FreeBSD.org) Received: from sasl.smtp.pobox.com (pb-smtp2.pobox.com [64.147.108.71]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DB9B2E14 for ; Mon, 3 Oct 2016 17:50:17 +0000 (UTC) (envelope-from badger@FreeBSD.org) Received: from sasl.smtp.pobox.com (unknown [127.0.0.1]) by pb-smtp2.pobox.com (Postfix) with ESMTP id D334E415B7; Mon, 3 Oct 2016 13:48:22 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=subject:to :references:from:cc:message-id:date:mime-version:in-reply-to :content-type; s=sasl; bh=EVP55RLT5hAfoIp1di1Kk0a9RWA=; b=ykVmTQ kPtO2K9AGzobZ5w28VC9+ZojuWmR9ADx30Sg7pm1RWMefTjoZ74d68DTw2fjOwgM gZ4OnoTW+G6395Rq31IvLdR2LGKr+37W6+mraXfViZhqKgpbqXyL/GyGL0tkkAur Tj/+c54WGnjujrGMpwRASmBvFD1ILc84RHE5A= Received: from pb-smtp2.nyi.icgroup.com (unknown [127.0.0.1]) by pb-smtp2.pobox.com (Postfix) with ESMTP id CC514415B6; Mon, 3 Oct 2016 13:48:22 -0400 (EDT) Received: from [172.31.100.239] (unknown [76.164.8.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pb-smtp2.pobox.com (Postfix) with ESMTPSA id 5F29D415B3; Mon, 3 Oct 2016 13:48:22 -0400 (EDT) Subject: Re: Kqueue and threading To: freebsd-hackers@freebsd.org References: <111e0c35-7a4b-b6c7-ef1d-1a0d85112e61@digiware.nl> From: Eric Badger Cc: wjw@digiware.nl Message-ID: <4209b8d4-6674-a51d-dceb-81c3ecd179c2@FreeBSD.org> Date: Mon, 3 Oct 2016 12:48:03 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0 MIME-Version: 1.0 In-Reply-To: <111e0c35-7a4b-b6c7-ef1d-1a0d85112e61@digiware.nl> Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="3D4nSlAjJQtbUB3ovR0IQ2RN0FjcQx52D" X-Pobox-Relay-ID: 93D2DF34-8991-11E6-950A-EAAE7A1B28F4-46178211!pb-smtp2.pobox.com X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Oct 2016 17:50:18 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --3D4nSlAjJQtbUB3ovR0IQ2RN0FjcQx52D Content-Type: multipart/mixed; boundary="NJmlvC3pRPsoUetngw9qSPsiTUs965LJ9"; protected-headers="v1" From: Eric Badger To: freebsd-hackers@freebsd.org Cc: wjw@digiware.nl Message-ID: <4209b8d4-6674-a51d-dceb-81c3ecd179c2@FreeBSD.org> Subject: Re: Kqueue and threading References: <111e0c35-7a4b-b6c7-ef1d-1a0d85112e61@digiware.nl> In-Reply-To: <111e0c35-7a4b-b6c7-ef1d-1a0d85112e61@digiware.nl> --NJmlvC3pRPsoUetngw9qSPsiTUs965LJ9 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 10/01/2016 13:02, Willem Jan Withagen wrote: > Hi, > > Ceph uses a lot of threading, and for any part of it communication it > uses epoll(), which FreeBSD does not use. For that there was already a > EvenKqueue implementation. > > But I think I'm now running into: > The kqueue() system call creates a new kernel event queue and > returns a descriptor. The queue is not inherited by a child > created with fork(2). However, if rfork(2) is called without the > RFFDG flag, then the descriptor table is shared, which will allow > sharing of the kqueue between two processes. > > Kqueue descriptors are created and events are added, but then the > process starts other threads and expects the kqueue-id to be valid ther= e. > > However adding more events returns an error, also waiting on the ID for= > events to happen returns an error (descriptor invalid) > > Threading is done with 2 different constructions: > std::thread > and creating Workers > > Would any of these qualify with the quoted warning? and invalidate the > descriptor table? > > If not, how can I (easily) debug the reason why my descriptors go inval= id? > Sharing a kqueue between threads of a process works. Are the workers created using rfork without RFFDG as suggested in the manpage? I've never had reason to do this, but a quick test seems to indicate that it works as advertised. A normal fork closes the kqueue file descriptor. If you suspect that's what's happening, you might run "procstat -f {worker pid}" to see if file descriptors with a "k" (kqueue) in the "T" (type) column appear (if not, they were presumably closed on the fork). Eric --NJmlvC3pRPsoUetngw9qSPsiTUs965LJ9-- --3D4nSlAjJQtbUB3ovR0IQ2RN0FjcQx52D Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQGQBAEBCgB6BQJX8pnfXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQzQTlFODAxM0JDQTdDOTQ1ODI1Mzc3NTk2 MkU1MDA5NjVBM0YyNEFDExxiYWRnZXJAZnJlZWJzZC5vcmcACgkQYuUAllo/JKzc cQgA3/9zl9I4TZDdn+Gljbt7w/q/g0tiDoJudqogcNaR0cIwIl91dUh5KuchcuHd EdEwsVDoWoNDlESLdGpDo4dHnifVT1ax9tQKt4pdRwFd8/eg5GYvekZa3AnWTCFX m7VDE9osJpMKROoh+moLqufmkegH9iXtcsPRhpOExtou4zX9kZ8D6znmzn1DlMRS csO5ym8qxWl6Aeh2FRqoYwnezZw3qA0bYS+Rd0W2UyA8p8VF1eEAqXqNoAyW+DQ0 U6mv1LKcOsp1aDAVlVeuqJ/sQl25c53QjuFx0rLVJSiSO7haswCy9CBEUTIZBGiW PGJJr6SycNN6SgX2cZRu9SyzWA== =Q9ht -----END PGP SIGNATURE----- --3D4nSlAjJQtbUB3ovR0IQ2RN0FjcQx52D-- From owner-freebsd-hackers@freebsd.org Mon Oct 3 18:09:21 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DDF1BAF4933 for ; Mon, 3 Oct 2016 18:09:21 +0000 (UTC) (envelope-from slw@zxy.spb.ru) Received: from zxy.spb.ru (zxy.spb.ru [195.70.199.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9F3FCC75; Mon, 3 Oct 2016 18:09:21 +0000 (UTC) (envelope-from slw@zxy.spb.ru) Received: from slw by zxy.spb.ru with local (Exim 4.86 (FreeBSD)) (envelope-from ) id 1br7ft-0002Qx-4p; Mon, 03 Oct 2016 21:09:13 +0300 Date: Mon, 3 Oct 2016 21:09:13 +0300 From: Slawa Olhovchenkov To: Eric Badger Cc: freebsd-hackers@freebsd.org, wjw@digiware.nl Subject: Re: Kqueue and threading Message-ID: <20161003180913.GP54003@zxy.spb.ru> References: <111e0c35-7a4b-b6c7-ef1d-1a0d85112e61@digiware.nl> <4209b8d4-6674-a51d-dceb-81c3ecd179c2@FreeBSD.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4209b8d4-6674-a51d-dceb-81c3ecd179c2@FreeBSD.org> User-Agent: Mutt/1.5.24 (2015-08-30) X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: slw@zxy.spb.ru X-SA-Exim-Scanned: No (on zxy.spb.ru); SAEximRunCond expanded to false X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Oct 2016 18:09:22 -0000 On Mon, Oct 03, 2016 at 12:48:03PM -0500, Eric Badger wrote: > Sharing a kqueue between threads of a process works. Are the workers Can you comment PR207261? > created using rfork without RFFDG as suggested in the manpage? I've > never had reason to do this, but a quick test seems to indicate that it > works as advertised. A normal fork closes the kqueue file descriptor. If > you suspect that's what's happening, you might run "procstat -f {worker > pid}" to see if file descriptors with a "k" (kqueue) in the "T" (type) > column appear (if not, they were presumably closed on the fork). > > Eric > From owner-freebsd-hackers@freebsd.org Mon Oct 3 18:18:08 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BB66FAF4CA6 for ; Mon, 3 Oct 2016 18:18:08 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from kib.kiev.ua (kib.kiev.ua [IPv6:2001:470:d5e7:1::1]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3B6AF339; Mon, 3 Oct 2016 18:18:08 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from tom.home (kib@localhost [127.0.0.1]) by kib.kiev.ua (8.15.2/8.15.2) with ESMTPS id u93II37g000968 (version=TLSv1 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO); Mon, 3 Oct 2016 21:18:03 +0300 (EEST) (envelope-from kostikbel@gmail.com) DKIM-Filter: OpenDKIM Filter v2.10.3 kib.kiev.ua u93II37g000968 Received: (from kostik@localhost) by tom.home (8.15.2/8.15.2/Submit) id u93II35W000967; Mon, 3 Oct 2016 21:18:03 +0300 (EEST) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: tom.home: kostik set sender to kostikbel@gmail.com using -f Date: Mon, 3 Oct 2016 21:18:03 +0300 From: Konstantin Belousov To: Alan Somers Cc: "freebsd-hackers@freebsd.org" Subject: Re: Proper way to add vendor-specific syscalls? Message-ID: <20161003181803.GS38409@kib.kiev.ua> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.6.1 (2016-04-27) X-Spam-Status: No, score=-2.0 required=5.0 tests=ALL_TRUSTED,BAYES_00, DKIM_ADSP_CUSTOM_MED,FREEMAIL_FROM,NML_ADSP_CUSTOM_MED autolearn=no autolearn_force=no version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on tom.home X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Oct 2016 18:18:08 -0000 On Mon, Oct 03, 2016 at 11:48:39AM -0600, Alan Somers wrote: > What's the proper way to add a vendor-specific syscall? The comments > in kern/syscalls.master suggest that they should be put in the range > from 151-180, but most of that range is actually occupied. I think that the 'vendors' there means vendors of other BSD-derived systems and not e.g. an appliance vendors. > Only five > nosys slots are available. If I add syscalls to the end of the list, > they'll likely collide with future standard syscalls. Should I just > added ~100 nosys syscalls to the end of the list, and put my custom > syscalls afterwards? Is there any penalty to lengthening the list? Each nosys syscall increases the size of the default ABI syscalls table. On amd64 sizeof(struct sysent) == 48, adding 100 nosys entries would waste a page and some more. How many syscalls do you need ? You probably do not allow random modules loaded and implementing syscalls, so could you use e.g. range 210-219 ? If you look further, you will see lot of holes like 258-271, 281-288 etc. Current practice is to allocate new syscalls at the end of the table, which leaves there holes unused with high chance of never being collected. From owner-freebsd-hackers@freebsd.org Mon Oct 3 20:00:17 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 88D2BAF4828 for ; Mon, 3 Oct 2016 20:00:17 +0000 (UTC) (envelope-from asomers@gmail.com) Received: from mail-wm0-x233.google.com (mail-wm0-x233.google.com [IPv6:2a00:1450:400c:c09::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 20DADE41; Mon, 3 Oct 2016 20:00:17 +0000 (UTC) (envelope-from asomers@gmail.com) Received: by mail-wm0-x233.google.com with SMTP id f193so128036448wmg.0; Mon, 03 Oct 2016 13:00:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=5f2upL/wuXJdp2RSmHFxAiUa//aBq8rIUwYKdXa0j8o=; b=hZKjQxXEwoJOR94ukYY08la3Dcn6+zvihnqvi5+lvh9tWbBcvH4eCfqL080/9SdMWY 7O0wKnVkLLdnqBWq1+yPMi1bCnBK+4Ym6DMV+S7yDn3s1kyCCdSxncnHN7rjofULs18c 3NWx4nL3K4Ml2HN3XxpFX2zFXDPj/M0HGJHUAZx/Jw0JiMkk1P6nh0ulftohjR3o99vp xkOfz8MnGw/9K1hzZlvGbnbrI0WtT+hMBB9zK4Ouqil2pgjkp/aWZHC+id6hMjQ4NFl2 bXZbQ8opj7xv8YfqebUxfd90xUFq06qncJ6wTvXbdbqT1kEx0HxE7g0CdlJkVJn/JM6a EBSw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=5f2upL/wuXJdp2RSmHFxAiUa//aBq8rIUwYKdXa0j8o=; b=fpz31cdfDe3JSK6Ro+egg8F/MBaB9s1OHIIezfk1KJxS5NC6Rv3FqKoDv8UIKh9exA PBUPvUzayr2opUCgE+hikk5hxf42Vi/+R8UNjWMTFNTAqKIG8kqYiww2OM9rv0a7/Jf/ DRkNMR5w+k5UHjg19HKuGcK3QntY2BweWw85sZTfXvCWfcFV50TMvsu3N2wLpb0EizmL PIiflhkGe3ZbOczZS1K7M7LgOq6johUpa4vPNxzYvwXCCjL3elCsngOofPQZmvZVUJM5 zAuzafrwUbniw1gPlPh3x51WgsbFY/xP8jVRkmM6OHgJZQveGTJR+oJ6QGsn77IeYTZT uEKw== X-Gm-Message-State: AA6/9RlxkcLAF1uRvmAFToMXS6vMy4tcuVVxaZIu2JrnLGBLyjcA/kp2KFION1fUQS4iTVwwsyMc9FR0lAxQNw== X-Received: by 10.28.144.74 with SMTP id s71mr308052wmd.65.1475524815595; Mon, 03 Oct 2016 13:00:15 -0700 (PDT) MIME-Version: 1.0 Received: by 10.194.15.137 with HTTP; Mon, 3 Oct 2016 13:00:14 -0700 (PDT) In-Reply-To: <20161003181803.GS38409@kib.kiev.ua> References: <20161003181803.GS38409@kib.kiev.ua> From: alan somers Date: Mon, 3 Oct 2016 14:00:14 -0600 Message-ID: Subject: Re: Proper way to add vendor-specific syscalls? To: Konstantin Belousov Cc: Alan Somers , "freebsd-hackers@freebsd.org" Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Oct 2016 20:00:17 -0000 On Mon, Oct 3, 2016 at 12:18 PM, Konstantin Belousov wrote: > On Mon, Oct 03, 2016 at 11:48:39AM -0600, Alan Somers wrote: >> What's the proper way to add a vendor-specific syscall? The comments >> in kern/syscalls.master suggest that they should be put in the range >> from 151-180, but most of that range is actually occupied. > I think that the 'vendors' there means vendors of other BSD-derived > systems and not e.g. an appliance vendors. > >> Only five >> nosys slots are available. If I add syscalls to the end of the list, >> they'll likely collide with future standard syscalls. Should I just >> added ~100 nosys syscalls to the end of the list, and put my custom >> syscalls afterwards? Is there any penalty to lengthening the list? > > Each nosys syscall increases the size of the default ABI syscalls table. > On amd64 sizeof(struct sysent) == 48, adding 100 nosys entries would > waste a page and some more. > > How many syscalls do you need ? You probably do not allow random modules > loaded and implementing syscalls, so could you use e.g. range 210-219 ? > > If you look further, you will see lot of holes like 258-271, 281-288 > etc. Current practice is to allocate new syscalls at the end of the > table, which leaves there holes unused with high chance of never being > collected. Ok, it sounds like filling holes is the best method. Thanks for the advice, kib. -Alan From owner-freebsd-hackers@freebsd.org Mon Oct 3 23:38:44 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6F98AAF4BAB for ; Mon, 3 Oct 2016 23:38:44 +0000 (UTC) (envelope-from cedric.blancher@gmail.com) Received: from mail-pf0-x236.google.com (mail-pf0-x236.google.com [IPv6:2607:f8b0:400e:c00::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 420EAD96; Mon, 3 Oct 2016 23:38:44 +0000 (UTC) (envelope-from cedric.blancher@gmail.com) Received: by mail-pf0-x236.google.com with SMTP id 190so21750708pfv.0; Mon, 03 Oct 2016 16:38:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=0xLBzoFgBnUsdcVQerVHCsdhIxsQBuLXG9Zd19z1xto=; b=dMp+rJVkqJOyJn2aqh7EH+400h8ZP+QkTtoWTLHHZ3FmP72ffucSh7r/xl1yTeoPXT 6LV2dJhZoH08yHZedIeGV2BsYwaMONvkZxdWQ6d/pokjPhQsPllq1j7Ui834a7/No1TB zhCLQP2YypxlAEaFmTbP+OxVOVw0uc0Y+XoVMMk72LwJLvJvgZfN0hw82637l9oUMMqc 3tP1iX3xXlyYdIvKG24UPQt2Sujng4VCuFgJU4MRgm+lr2rYycqYhqTByNagNQE5TGMK dvwc++OeR5gNQcLk6qK4kSIn+jWNwuTjoFCByzYtVYHn0HArN1XXwBnJ9/oin60SXZam rC/w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=0xLBzoFgBnUsdcVQerVHCsdhIxsQBuLXG9Zd19z1xto=; b=G3Ok1YQ75gtOMQNQAwsIkahRN3G4I8CJ+WYws2hhULVqyRARysT7mem7pS9Q/EQAdc gs+Eg4fiI2Xh13aq64KuzkGCdKA081HIH3mV4/2PKK2xqHI5rJ0gmEQ1DsTHRHFlJLBR RA7asO7X3BJXO2LSdQE9YW4D63nKvlCdMhO5yA037aBOlTb9J01iRdsAa9QiB6MS0g1A rR0kYGksa8LrryXlwi6oCvjLg1lE7T5eLeDb38Otjr0F3A1P22HH68j9EAK/digx3rSe YwucVLobFN2+Mi0+5hliIoZyXFEyZ5P0L7q6szYGKfCJ/P7PUioNiV75dsSp/4MidjAm ja5g== X-Gm-Message-State: AA6/9Rm5c58QM3io7OzNJXv/296RVwOZf3zg72lZcmI9YbEP0M6Ux4lfAfamp8y0wuFK7gpi7YEl9XZBUuU0vw== X-Received: by 10.98.64.10 with SMTP id n10mr1116310pfa.96.1475537923817; Mon, 03 Oct 2016 16:38:43 -0700 (PDT) MIME-Version: 1.0 Received: by 10.66.217.136 with HTTP; Mon, 3 Oct 2016 16:38:43 -0700 (PDT) In-Reply-To: References: <20161003181803.GS38409@kib.kiev.ua> From: Cedric Blancher Date: Tue, 4 Oct 2016 01:38:43 +0200 Message-ID: Subject: Re: Proper way to add vendor-specific syscalls? To: alan somers Cc: Konstantin Belousov , "freebsd-hackers@freebsd.org" , Alan Somers Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Oct 2016 23:38:44 -0000 Why do you want to add new syscalls? The UNIX way is to add new ioctl() and be done. Typically new syscalls need committee approval, to prevent that every crazy idea gets a new syscall and thus litters that namespace. Ced On 3 October 2016 at 22:00, alan somers wrote: > On Mon, Oct 3, 2016 at 12:18 PM, Konstantin Belousov > wrote: >> On Mon, Oct 03, 2016 at 11:48:39AM -0600, Alan Somers wrote: >>> What's the proper way to add a vendor-specific syscall? The comments >>> in kern/syscalls.master suggest that they should be put in the range >>> from 151-180, but most of that range is actually occupied. >> I think that the 'vendors' there means vendors of other BSD-derived >> systems and not e.g. an appliance vendors. >> >>> Only five >>> nosys slots are available. If I add syscalls to the end of the list, >>> they'll likely collide with future standard syscalls. Should I just >>> added ~100 nosys syscalls to the end of the list, and put my custom >>> syscalls afterwards? Is there any penalty to lengthening the list? >> >> Each nosys syscall increases the size of the default ABI syscalls table. >> On amd64 sizeof(struct sysent) == 48, adding 100 nosys entries would >> waste a page and some more. >> >> How many syscalls do you need ? You probably do not allow random modules >> loaded and implementing syscalls, so could you use e.g. range 210-219 ? >> >> If you look further, you will see lot of holes like 258-271, 281-288 >> etc. Current practice is to allocate new syscalls at the end of the >> table, which leaves there holes unused with high chance of never being >> collected. > > Ok, it sounds like filling holes is the best method. Thanks for the > advice, kib. > > -Alan > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" -- Cedric Blancher [https://plus.google.com/u/0/+CedricBlancher/] Institute Pasteur From owner-freebsd-hackers@freebsd.org Tue Oct 4 00:03:10 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8CDADAF366B for ; Tue, 4 Oct 2016 00:03:10 +0000 (UTC) (envelope-from asomers@gmail.com) Received: from mail-wm0-x22c.google.com (mail-wm0-x22c.google.com [IPv6:2a00:1450:400c:c09::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 2D516D29 for ; Tue, 4 Oct 2016 00:03:10 +0000 (UTC) (envelope-from asomers@gmail.com) Received: by mail-wm0-x22c.google.com with SMTP id p138so180416642wmb.1 for ; Mon, 03 Oct 2016 17:03:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=kgiDkIwi9eJV6upLG/oZbeqUPFmusqmF7ED/9E0ZpaE=; b=x1TDgwXBRvdqnwUivKZSuLnA0yeft8dM45D+r45nwuP0SQ1KAplxGT+yIMgqmv1Eu/ kxsIhvJqG1UfSfah4jO/4SUIbFP1MhHFY+cDflWIdHk61zqA82me0KDcohmQ8P1484DT DVrOtSpKuCEW7UQg+z7NuUu4qvIcXJS8YbEkkshMtJAuhhGZhczBkaujye7F95D+kAwq MyOtUTMVtMthekwsWbpR5LieAYp/NGg57W1Onpa/bUa17YjJRNLzdePVWqiwYMbusk8I mu5R8NQ20zK6lB+5hRJ0ttjfhoShXHc7QTvpl9B49YpPWLAcJyBSJjzGdEDcZWH3U0Px y7nw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=kgiDkIwi9eJV6upLG/oZbeqUPFmusqmF7ED/9E0ZpaE=; b=ceeqMZqKyxcTi9/sQBt6ldSr/oec7L0kqNWHeslHrnH6Ih7EckiA7yfmUXrB6+1n58 ylTPuLenWfEZ20ikPLk2keSOrqkrR5mRCfvCd6bUt7MbyN02UyCT5YtRcs6vzER3UB1R FCYXhDSJo9TAQBs9Mkqi/xDpQvAXbrn6ZzGYTPhBdictPLbareNUKCM2DDzISg+TTy6R LebfRCeFGVyhQeMQuALXux0f/2rgomWhkNPVczD2Zwc1ioLV547YI8TUtG5nCybPQZF6 jxG4wwhWCFlB50t4KhmHLy7XMK+v3q/3ci8RIKoN6u4jORSijMvN60QHJiVBXeD3Al1W F/Ew== X-Gm-Message-State: AA6/9RnMBad8MsCsrUHLro9kCisUct95Bj4CNFqjahJA9GBTLz+vKPFjvQPAknkZc4mkWEKe/MjGJ3DqFpglDg== X-Received: by 10.194.86.201 with SMTP id r9mr432736wjz.5.1475539387889; Mon, 03 Oct 2016 17:03:07 -0700 (PDT) MIME-Version: 1.0 Sender: asomers@gmail.com Received: by 10.194.15.137 with HTTP; Mon, 3 Oct 2016 17:03:07 -0700 (PDT) In-Reply-To: References: <20161003181803.GS38409@kib.kiev.ua> From: Alan Somers Date: Mon, 3 Oct 2016 18:03:07 -0600 X-Google-Sender-Auth: 5k7Rwa9DMN1Mgl1oGBHRNNnk4rg Message-ID: Subject: Re: Proper way to add vendor-specific syscalls? To: Cedric Blancher Cc: Konstantin Belousov , "freebsd-hackers@freebsd.org" Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Oct 2016 00:03:10 -0000 In this case, I'm working with vendor-specific syscalls. They'll never be exposed outside of my organization, so I don't have to worry about polluting the FreeBSD namespace. I do, however, have to worry about FreeBSD additions interfering with the vendor-specific syscalls. -Alan On Mon, Oct 3, 2016 at 5:38 PM, Cedric Blancher wrote: > Why do you want to add new syscalls? The UNIX way is to add new > ioctl() and be done. > > Typically new syscalls need committee approval, to prevent that every > crazy idea gets a new syscall and thus litters that namespace. > > Ced > > On 3 October 2016 at 22:00, alan somers wrote: >> On Mon, Oct 3, 2016 at 12:18 PM, Konstantin Belousov >> wrote: >>> On Mon, Oct 03, 2016 at 11:48:39AM -0600, Alan Somers wrote: >>>> What's the proper way to add a vendor-specific syscall? The comments >>>> in kern/syscalls.master suggest that they should be put in the range >>>> from 151-180, but most of that range is actually occupied. >>> I think that the 'vendors' there means vendors of other BSD-derived >>> systems and not e.g. an appliance vendors. >>> >>>> Only five >>>> nosys slots are available. If I add syscalls to the end of the list, >>>> they'll likely collide with future standard syscalls. Should I just >>>> added ~100 nosys syscalls to the end of the list, and put my custom >>>> syscalls afterwards? Is there any penalty to lengthening the list? >>> >>> Each nosys syscall increases the size of the default ABI syscalls table. >>> On amd64 sizeof(struct sysent) == 48, adding 100 nosys entries would >>> waste a page and some more. >>> >>> How many syscalls do you need ? You probably do not allow random modules >>> loaded and implementing syscalls, so could you use e.g. range 210-219 ? >>> >>> If you look further, you will see lot of holes like 258-271, 281-288 >>> etc. Current practice is to allocate new syscalls at the end of the >>> table, which leaves there holes unused with high chance of never being >>> collected. >> >> Ok, it sounds like filling holes is the best method. Thanks for the >> advice, kib. >> >> -Alan >> _______________________________________________ >> freebsd-hackers@freebsd.org mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers >> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" > > > > -- > Cedric Blancher > [https://plus.google.com/u/0/+CedricBlancher/] > Institute Pasteur From owner-freebsd-hackers@freebsd.org Tue Oct 4 00:14:59 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 443F4AF3A07 for ; Tue, 4 Oct 2016 00:14:59 +0000 (UTC) (envelope-from cedric.blancher@gmail.com) Received: from mail-pa0-x22f.google.com (mail-pa0-x22f.google.com [IPv6:2607:f8b0:400e:c03::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 155071AD; Tue, 4 Oct 2016 00:14:59 +0000 (UTC) (envelope-from cedric.blancher@gmail.com) Received: by mail-pa0-x22f.google.com with SMTP id ik13so13290145pac.2; Mon, 03 Oct 2016 17:14:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=1/1qv5OOX0K8Yd2vLX9Ae+uSdp6T5ZpZkK2FT64rlbQ=; b=Q6hkE2bF8qePsGaKDqDgrHdg2CHBQhPb57Ub6X9PbZOQhlUU1KQLnC7wdAfJiURIB0 AVuKfeacTYIKkUc66MLrX6uHjPbI+6ibH4yZ+CpW0YYaBZtBzyQ9Z4ABzlOWPsNcNKx6 6TJZ4/uamhE9wUuXFeMYhYVlObWPgou1aRZ6lmMUOWnTsPwWDO3nhHsifcmb+b3Wowy7 uJ4hcrSzIoiKsN93tUWUoqRmG0kH/Z9brJPENoXXRbppek/JuU2RFr0pn/9O/biwt2pG zaXCpmrNLKPAIn4SMOjIy+nNWmcgj313oix3TRIv2wCgXRrmp+kYaIXh1mQsJ+M3tp1E 5h7w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=1/1qv5OOX0K8Yd2vLX9Ae+uSdp6T5ZpZkK2FT64rlbQ=; b=IEkrHp+TWGfWu1B3WfBc0/TR6NSiX4LFph5CF6YhxZSzwbyt3Vzt0Mc02n/x0GCC8F Y7q4MoGgLCv3HERuIlLpWKsngMOIEwAYAbao8hRtP/cyS1P/dUVwphpXI62/V4cabQKH CE1Yd9oNFm0+w5rDKorOmWmWqyALJJZ3XYpxcrcTv2eA4A4/iIv7srQd5IOwhZYYZiSf hGwB0OWv5Bw4IvyF0kwFG/X0zLfZ4gAUFmLf29m8RhnMXy/ljO+sT3tSSJa6WOlqWAw/ XnxhK8HFjxbxwCLeYSyhkJm96wsZi2ew7XRHfWUSNJqNNnKDvXgTCAwQfQG60iXnF/hq VP8w== X-Gm-Message-State: AA6/9Rk5XTnnyGxEF93eHvec9oTPx5HUfdFl3WMUZxXy2AjcBxfrlD0s3xf4PrNUjHqfb+SrzPFb6u2i/so6lA== X-Received: by 10.66.26.49 with SMTP id i17mr1054433pag.145.1475540098585; Mon, 03 Oct 2016 17:14:58 -0700 (PDT) MIME-Version: 1.0 Received: by 10.66.217.136 with HTTP; Mon, 3 Oct 2016 17:14:58 -0700 (PDT) In-Reply-To: References: <20161003181803.GS38409@kib.kiev.ua> From: Cedric Blancher Date: Tue, 4 Oct 2016 02:14:58 +0200 Message-ID: Subject: Re: Proper way to add vendor-specific syscalls? To: Alan Somers Cc: Konstantin Belousov , "freebsd-hackers@freebsd.org" Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Oct 2016 00:14:59 -0000 Why on earth do you need to add new syscalls? UNIX always handled such stuff via ioctl(). Why do you think an ioctl() is not sufficient in your case? Its basically the same as a syscall. Ced On 4 October 2016 at 02:03, Alan Somers wrote: > In this case, I'm working with vendor-specific syscalls. They'll > never be exposed outside of my organization, so I don't have to worry > about polluting the FreeBSD namespace. I do, however, have to worry > about FreeBSD additions interfering with the vendor-specific syscalls. > > -Alan > > On Mon, Oct 3, 2016 at 5:38 PM, Cedric Blancher > wrote: >> Why do you want to add new syscalls? The UNIX way is to add new >> ioctl() and be done. >> >> Typically new syscalls need committee approval, to prevent that every >> crazy idea gets a new syscall and thus litters that namespace. >> >> Ced >> >> On 3 October 2016 at 22:00, alan somers wrote: >>> On Mon, Oct 3, 2016 at 12:18 PM, Konstantin Belousov >>> wrote: >>>> On Mon, Oct 03, 2016 at 11:48:39AM -0600, Alan Somers wrote: >>>>> What's the proper way to add a vendor-specific syscall? The comments >>>>> in kern/syscalls.master suggest that they should be put in the range >>>>> from 151-180, but most of that range is actually occupied. >>>> I think that the 'vendors' there means vendors of other BSD-derived >>>> systems and not e.g. an appliance vendors. >>>> >>>>> Only five >>>>> nosys slots are available. If I add syscalls to the end of the list, >>>>> they'll likely collide with future standard syscalls. Should I just >>>>> added ~100 nosys syscalls to the end of the list, and put my custom >>>>> syscalls afterwards? Is there any penalty to lengthening the list? >>>> >>>> Each nosys syscall increases the size of the default ABI syscalls table. >>>> On amd64 sizeof(struct sysent) == 48, adding 100 nosys entries would >>>> waste a page and some more. >>>> >>>> How many syscalls do you need ? You probably do not allow random modules >>>> loaded and implementing syscalls, so could you use e.g. range 210-219 ? >>>> >>>> If you look further, you will see lot of holes like 258-271, 281-288 >>>> etc. Current practice is to allocate new syscalls at the end of the >>>> table, which leaves there holes unused with high chance of never being >>>> collected. >>> >>> Ok, it sounds like filling holes is the best method. Thanks for the >>> advice, kib. >>> >>> -Alan >>> _______________________________________________ >>> freebsd-hackers@freebsd.org mailing list >>> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers >>> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" >> >> >> >> -- >> Cedric Blancher >> [https://plus.google.com/u/0/+CedricBlancher/] >> Institute Pasteur -- Cedric Blancher [https://plus.google.com/u/0/+CedricBlancher/] Institute Pasteur From owner-freebsd-hackers@freebsd.org Tue Oct 4 00:59:09 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EC45CAF25E9 for ; Tue, 4 Oct 2016 00:59:09 +0000 (UTC) (envelope-from yaneurabeya@gmail.com) Received: from mail-oi0-x234.google.com (mail-oi0-x234.google.com [IPv6:2607:f8b0:4003:c06::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A6E039EC; Tue, 4 Oct 2016 00:59:09 +0000 (UTC) (envelope-from yaneurabeya@gmail.com) Received: by mail-oi0-x234.google.com with SMTP id r126so219038405oib.0; Mon, 03 Oct 2016 17:59:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=S+2Xl65ebkQSpRSJUyVw/kYcO6l4Ids4OMks8uVzDG0=; b=cxB5d59XPuOTiibMaqq+Ltj6f9oOsC4sK1qW11XwUbMEQq7/fGgaELraHsOQhkAPtz O91y6BdtS4U9AGTVsXP+kMRWE75vwTEwDFTLeDS8zRfx+72wj0RtUWb6uAZ+zct3S11d IZWQTR6FCoaQYmLRuHCN+orBVFSkaQexEH/YsH+KvZTEVczQthGqNC97nWReVRr6QpOy cw58WBoCgmmDMQq+5gqQVfpfwWgd/79W/ijItRWb/D7ug+jRfKRknyg8cCUpd0kJwocb pN0ZsEA58S57gdx0vSe3Bpgn/oUA7KkVIgTyzkVLG3X4C6RMV6ojPox+RZYj9bWz7FU4 E1uA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=S+2Xl65ebkQSpRSJUyVw/kYcO6l4Ids4OMks8uVzDG0=; b=iACqHcCxV3lEQzp5wWf2VFM3aJTIx3B6vfB2qgECvl81p8H+s4Viyd3nsUsLu0OsF6 jUgau8oq7zReUkYPzA9zwLZPNPXtJH5Nd2Fpj09ICm5vYDaUfGtexFDy8X3QBeB9bftB xUbLaljvxf1ZkFLCr5O7NSkbEW/QwGfZCYZKo4PKqp6/Cc32t0+dc2vcd6doSVIAhw0t 19Oy+ObKB0Y+vTCRw9KZyZKav5NB1BHGkR2Sxej5bybXHFrPdg9FenjldfH3kJnSKXOT 54g0er87vBd5HuI8IHtAlDva2QB3hAB1KHkZJn61a/PejYeljiQoTszdsG5kFUKvFF8a TN5w== X-Gm-Message-State: AA6/9RnIp1KQQNKP4jaL/DZelck3ZaD1ptX8AKT8PMyFpTdMPlf3VK9+hBOJ/6GcwEc33w== X-Received: by 10.202.188.134 with SMTP id m128mr703390oif.85.1475542748915; Mon, 03 Oct 2016 17:59:08 -0700 (PDT) Received: from [100.175.10.185] ([172.56.6.138]) by smtp.gmail.com with ESMTPSA id e22sm294444otc.16.2016.10.03.17.59.07 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 03 Oct 2016 17:59:08 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (1.0) Subject: Re: Proper way to add vendor-specific syscalls? From: Ngie Cooper X-Mailer: iPhone Mail (13G36) In-Reply-To: Date: Tue, 4 Oct 2016 09:59:04 +0900 Cc: Alan Somers , Konstantin Belousov , "freebsd-hackers@freebsd.org" Content-Transfer-Encoding: quoted-printable Message-Id: <29E3A158-C3E0-45F0-8275-A0030B7CB6D4@gmail.com> References: <20161003181803.GS38409@kib.kiev.ua> To: Cedric Blancher X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Oct 2016 00:59:10 -0000 > On Oct 4, 2016, at 09:14, Cedric Blancher wrot= e: >=20 > Why on earth do you need to add new syscalls? UNIX always handled such > stuff via ioctl(). >=20 > Why do you think an ioctl() is not sufficient in your case? Its > basically the same as a syscall. I can't speak to Alan's case, but sometimes vendors explicitly break binary c= ompatibility with standard syscalls and structures, but want to maintain bin= ary compatibility with older binaries, which means that they need to maintai= n 2 syscalls with different entry points, but a similar call path under the c= overs, eg having a 64 bit inode_t requires maintaining 2 copies of stat. One= that can deal with 32-bit inode_t and 64-bit inode_t. Cheers, -Ngie >> On 4 October 2016 at 02:03, Alan Somers wrote: >> In this case, I'm working with vendor-specific syscalls. They'll >> never be exposed outside of my organization, so I don't have to worry >> about polluting the FreeBSD namespace. I do, however, have to worry >> about FreeBSD additions interfering with the vendor-specific syscalls. >>=20 >> -Alan >>=20 >> On Mon, Oct 3, 2016 at 5:38 PM, Cedric Blancher >> wrote: >>> Why do you want to add new syscalls? The UNIX way is to add new >>> ioctl() and be done. >>>=20 >>> Typically new syscalls need committee approval, to prevent that every >>> crazy idea gets a new syscall and thus litters that namespace. >>>=20 >>> Ced >>>=20 >>>> On 3 October 2016 at 22:00, alan somers wrote: >>>> On Mon, Oct 3, 2016 at 12:18 PM, Konstantin Belousov >>>> wrote: >>>>> On Mon, Oct 03, 2016 at 11:48:39AM -0600, Alan Somers wrote: >>>>>> What's the proper way to add a vendor-specific syscall? The comments >>>>>> in kern/syscalls.master suggest that they should be put in the range >>>>>> from 151-180, but most of that range is actually occupied. >>>>> I think that the 'vendors' there means vendors of other BSD-derived >>>>> systems and not e.g. an appliance vendors. >>>>>=20 >>>>>> Only five >>>>>> nosys slots are available. If I add syscalls to the end of the list,= >>>>>> they'll likely collide with future standard syscalls. Should I just >>>>>> added ~100 nosys syscalls to the end of the list, and put my custom >>>>>> syscalls afterwards? Is there any penalty to lengthening the list? >>>>>=20 >>>>> Each nosys syscall increases the size of the default ABI syscalls tabl= e. >>>>> On amd64 sizeof(struct sysent) =3D=3D 48, adding 100 nosys entries wou= ld >>>>> waste a page and some more. >>>>>=20 >>>>> How many syscalls do you need ? You probably do not allow random modu= les >>>>> loaded and implementing syscalls, so could you use e.g. range 210-219 ?= >>>>>=20 >>>>> If you look further, you will see lot of holes like 258-271, 281-288 >>>>> etc. Current practice is to allocate new syscalls at the end of the >>>>> table, which leaves there holes unused with high chance of never being= >>>>> collected. >>>>=20 >>>> Ok, it sounds like filling holes is the best method. Thanks for the >>>> advice, kib. >>>>=20 >>>> -Alan >>>> _______________________________________________ >>>> freebsd-hackers@freebsd.org mailing list >>>> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers >>>> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.o= rg" >>>=20 >>>=20 >>>=20 >>> -- >>> Cedric Blancher >>> [https://plus.google.com/u/0/+CedricBlancher/] >>> Institute Pasteur >=20 >=20 >=20 > --=20 > Cedric Blancher > [https://plus.google.com/u/0/+CedricBlancher/] > Institute Pasteur > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"= From owner-freebsd-hackers@freebsd.org Mon Oct 3 23:35:40 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0C302AF4B6D for ; Mon, 3 Oct 2016 23:35:40 +0000 (UTC) (envelope-from cpruce@juniper.net) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id CC32ED7A for ; Mon, 3 Oct 2016 23:35:39 +0000 (UTC) (envelope-from cpruce@juniper.net) Received: by mailman.ysv.freebsd.org (Postfix) id C88BFAF4B6C; Mon, 3 Oct 2016 23:35:39 +0000 (UTC) Delivered-To: hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C6505AF4B6B for ; Mon, 3 Oct 2016 23:35:39 +0000 (UTC) (envelope-from cpruce@juniper.net) Received: from NAM03-DM3-obe.outbound.protection.outlook.com (mail-dm3nam03on0090.outbound.protection.outlook.com [104.47.41.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "Microsoft IT SSL SHA2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 84992D77 for ; Mon, 3 Oct 2016 23:35:38 +0000 (UTC) (envelope-from cpruce@juniper.net) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=junipernetworks.onmicrosoft.com; s=selector1-juniper-net; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=+JJMVplSoewosi0g54etE9Nx8dpzeplUUfRzzRbl9Ss=; b=kC2/J/wty2fv25AORywdVwnEOdOM6bi22dIzR3uzMrbAvMKdcC+PZz9jPlMGU0zynX9yQk1SdVEFt5hWmECaQrb8Gsr+29nfIi8N6IjAUQpJaG8IO/MHHBdsPbwNO92uN41TXPtbXupLGE25V7s/c7rzMn99obbIg55TLVe9pKI= Received: from DM2PR0501MB1582.namprd05.prod.outlook.com (10.160.133.148) by DM2PR0501MB1584.namprd05.prod.outlook.com (10.160.133.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.629.6; Mon, 3 Oct 2016 23:35:31 +0000 Received: from DM2PR0501MB1582.namprd05.prod.outlook.com ([10.160.133.148]) by DM2PR0501MB1582.namprd05.prod.outlook.com ([10.160.133.148]) with mapi id 15.01.0629.006; Mon, 3 Oct 2016 23:35:31 +0000 From: Cory Pruce To: "hackers@freebsd.org" Subject: Suspend to disk/ S4/ Hibernate Thread-Topic: Suspend to disk/ S4/ Hibernate Thread-Index: AQHSHc7UQT5Cj0fwgECSZsyFCqq/fw== Date: Mon, 3 Oct 2016 23:35:31 +0000 Message-ID: <2BFD2D1D-7300-4B8D-A165-09220B779E51@juniper.net> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=cpruce@juniper.net; x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [66.129.239.11] x-ms-office365-filtering-correlation-id: a19b4302-53da-4373-b0d9-08d3ebe5f70e x-microsoft-exchange-diagnostics: 1; DM2PR0501MB1584; 6:qT4J3LJKI0GakcvB/Z7CSIRwe27oSSl/oGvBqcsCSzw9fCARMS7L7J3+o2JTzgG9tz2hcjAD8j3jyFGWJxfMjUlFURPZOpw1L1RFZJWneJOlT1x5THHUPfMT4ixXlVJehJebUONo5Rj6HRV834jBDprQKKDW0lAkqGym1hpzKjeAQ5tpNphg3/1WR94EDi/TJgNn0vMhMx1QqEvVSkIu/pNXThskmHPD32lypR9iITYZhBOvPjsjLoqB8bTenhU42xT2O6uCTyJoPrvrQ34Ia+a44uW8xOG0FSDeGrdUbkqp04KoGIWzyDUPi73luLJ46HYdfMqJYLUz1hX/vXI48A==; 5:PbI/JV4GzQBTQX0bcVlfSUdcJK9vLOZg9z3Wlw3G966Apslmrt+gQ5SiC9oMVuyaA+H2qHG6DInbqwGQzF8n2jCwJa5SByQh2SaHpCFIUT/SAyoIVY8+8yl9vR7Vo/+yHsaIeH+ewl42sjKjd/S++w==; 24:7S5Wg1mI2b3wet1FjzonpnsBqMiqrxacjfIJkE3UMmRrgBxaJ/Ee4yHjheRHI9ru8SHo07j0VPppYDkcOlxfsl5VR8nCdrEmKjDrSyu1UNk=; 7:40vzv7pmhnkakB9GQULQerSyWBcXlB0ikmPmpgLI7EjQUD8TZ+iVoRXd1D6HbQ2F2mzjBwBHYfbxQilivlDZ8E3jnaTKvxuk+Fp+dprSdtGhxavK4rN/gcEtl4l3tjMql9tgcSlscbMpxedyZfhhUgvsf48jsESocYoDsVxBE2i4BdAP/m3wp+INKXHwzEHQDpGuAhkoEPwV/arM/HmHwP077BUMyhg2fPJLp2gVCl/3W5z11AsgNwBf3yJnIo3uYHySvWZkVag93t0A1cqauUudCOfdeLjm5wxerG/Eax2Z/leO1qWtKspjxmzeIrFT x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DM2PR0501MB1584; x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(21748063052155); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040176)(601004)(2401047)(5005006)(8121501046)(3002001)(10201501046)(6055026); SRVR:DM2PR0501MB1584; BCL:0; PCL:0; RULEID:; SRVR:DM2PR0501MB1584; x-forefront-prvs: 008421A8FF x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(979002)(6009001)(7916002)(189002)(199003)(77096005)(105586002)(92566002)(19580395003)(9326002)(5640700001)(102836003)(586003)(5660300001)(8676002)(19300405004)(3660700001)(110136003)(1730700003)(6116002)(81166006)(2906002)(122556002)(15650500001)(3846002)(83716003)(15975445007)(87936001)(8936002)(2420400007)(3280700002)(2501003)(81156014)(82746002)(68736007)(5002640100001)(16236675004)(11100500001)(10400500002)(36756003)(7846002)(54356999)(99286002)(229853001)(97736004)(50986999)(7736002)(101416001)(106356001)(19625215002)(66066001)(2351001)(189998001)(2900100001)(6916009)(107886002)(86362001)(558084003)(33656002)(106116001)(10710500007)(450100001)(104396002)(969003)(989001)(999001)(1009001)(1019001); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR0501MB1584; H:DM2PR0501MB1582.namprd05.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts) spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM MIME-Version: 1.0 X-OriginatorOrg: juniper.net X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Oct 2016 23:35:31.2413 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4 X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR0501MB1584 X-Mailman-Approved-At: Tue, 04 Oct 2016 01:13:25 +0000 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Oct 2016 23:35:40 -0000 SGksDQoNCkhhcyBhbnlvbmUgc3RhcnRlZCBvbiB0aGlzPyBJIHNlZSBhY3BpIGluIHRoZSBmcmVl YnNkIHNvdXJjZSBjb2RlIGFuZCB0aGF0IHN1c3BlbmQgdG8gcmFtIGlzIChtb3N0bHkpIGRvbmUu IEnigJl2ZSBiZWVuIGJyaWVmbHkgbG9va2luZyB0aHJvdWdoIGxpbnV4LTQuNeKAmXMga2VybmVs L3Bvd2VyLyogKG1vc3RseSBoaWJlcm5hdGUuYykuDQoNCkxldCBtZSBrbm93IGlmIGFueW9uZSBo YXMgaW5wdXQgb24gdGhpcy4NCg0KVGhhbmtzLA0KQ29yeQ0K From owner-freebsd-hackers@freebsd.org Tue Oct 4 02:09:53 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6C442AF49BF for ; Tue, 4 Oct 2016 02:09:53 +0000 (UTC) (envelope-from badger@FreeBSD.org) Received: from sasl.smtp.pobox.com (pb-smtp1.pobox.com [64.147.108.70]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3EC13A95 for ; Tue, 4 Oct 2016 02:09:52 +0000 (UTC) (envelope-from badger@FreeBSD.org) Received: from sasl.smtp.pobox.com (unknown [127.0.0.1]) by pb-smtp1.pobox.com (Postfix) with ESMTP id DA57344AC3; Mon, 3 Oct 2016 22:07:04 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=subject:to :references:cc:from:message-id:date:mime-version:in-reply-to :content-type; s=sasl; bh=LI3Z3eoR4xeTHE9PA0IkWVFzgxw=; b=GX69dm H38wTAq5i8DnU5oKJNBKD8Qg9bOOl+WBXRBGvMYvSAmMzOwDD/ATaRILay15Pa5j RqaFvdm0mgkhjbiJJfRryCBLicJVw7M1zhGenQ2TpvV0pwCmXGEMyMZtQZTJ7Rob 6EaYsX2YMXHFg5FBkBqlBV0FoVvPGkSyatGbE= Received: from pb-smtp1.nyi.icgroup.com (unknown [127.0.0.1]) by pb-smtp1.pobox.com (Postfix) with ESMTP id D31C144AC2; Mon, 3 Oct 2016 22:07:04 -0400 (EDT) Received: from [192.168.1.103] (unknown [24.7.205.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pb-smtp1.pobox.com (Postfix) with ESMTPSA id 5924D44AC1; Mon, 3 Oct 2016 22:07:04 -0400 (EDT) Subject: Re: Kqueue and threading To: Slawa Olhovchenkov References: <111e0c35-7a4b-b6c7-ef1d-1a0d85112e61@digiware.nl> <4209b8d4-6674-a51d-dceb-81c3ecd179c2@FreeBSD.org> <20161003180913.GP54003@zxy.spb.ru> Cc: freebsd-hackers@freebsd.org, wjw@digiware.nl From: Eric Badger Message-ID: <1b439846-86d0-457b-a8b9-537c409003f5@FreeBSD.org> Date: Mon, 3 Oct 2016 21:06:53 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0 MIME-Version: 1.0 In-Reply-To: <20161003180913.GP54003@zxy.spb.ru> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="xLe8SDDvWK3KqPl6SXjR9I7nkUuKAGLTK" X-Pobox-Relay-ID: 3EBE1874-89D7-11E6-8095-C26412518317-46178211!pb-smtp1.pobox.com X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Oct 2016 02:09:53 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --xLe8SDDvWK3KqPl6SXjR9I7nkUuKAGLTK Content-Type: multipart/mixed; boundary="kV7NJN9NOXnufkJPCKRbtVPHD8EijR1sH"; protected-headers="v1" From: Eric Badger To: Slawa Olhovchenkov Cc: freebsd-hackers@freebsd.org, wjw@digiware.nl Message-ID: <1b439846-86d0-457b-a8b9-537c409003f5@FreeBSD.org> Subject: Re: Kqueue and threading References: <111e0c35-7a4b-b6c7-ef1d-1a0d85112e61@digiware.nl> <4209b8d4-6674-a51d-dceb-81c3ecd179c2@FreeBSD.org> <20161003180913.GP54003@zxy.spb.ru> In-Reply-To: <20161003180913.GP54003@zxy.spb.ru> --kV7NJN9NOXnufkJPCKRbtVPHD8EijR1sH Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 10/03/2016 01:09 PM, Slawa Olhovchenkov wrote: > On Mon, Oct 03, 2016 at 12:48:03PM -0500, Eric Badger wrote: >=20 >> Sharing a kqueue between threads of a process works. Are the workers >=20 > Can you comment PR207261? Hmm, I don't think I have the netmap expertise to comment. Eric --kV7NJN9NOXnufkJPCKRbtVPHD8EijR1sH-- --xLe8SDDvWK3KqPl6SXjR9I7nkUuKAGLTK Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEwBAEBCAAaBQJX8w7EExxiYWRnZXJAZnJlZWJzZC5vcmcACgkQYuUAllo/JKzR Pgf+P6+z959BrehJHAXiSvT0NhFaaGQecjcLL+S1NRuaFlRwQTmLP/036PGC+xxl hKhC04sXzuKB0wIk0MAa3jRS7it1X3XBEXxCpLHJRBpLfcObF1T9AieJNxCKbiEU IrBW5+8bmxjTm/QtiHYI3bTq3ZGkRQn7rUI9krLNVx0tdmnjnBIj3T3CD2DJyEt8 TgNynXrTwa2+YkloUGBi3kmt1DaXqkfSB7GoH54+cCNUm52YHKN0dQDdV+szQ3aD fQycwTD3fjvnLFqd7OxjoYMh3vAZcQvyy1S7ur2Z65It86oMWQZJzBAyVdemNBzn xd8akBJFiihgrzTmkN8rslyctw== =t9qo -----END PGP SIGNATURE----- --xLe8SDDvWK3KqPl6SXjR9I7nkUuKAGLTK-- From owner-freebsd-hackers@freebsd.org Tue Oct 4 02:29:11 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9C91EAF43E5 for ; Tue, 4 Oct 2016 02:29:11 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vps1.elischer.org", Issuer "CA Cert Signing Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 82AE4695; Tue, 4 Oct 2016 02:29:11 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from julian-mbp3.pixel8networks.com (50-196-156-133-static.hfc.comcastbusiness.net [50.196.156.133]) (authenticated bits=0) by vps1.elischer.org (8.15.2/8.15.2) with ESMTPSA id u942Stdv042621 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Mon, 3 Oct 2016 19:29:03 -0700 (PDT) (envelope-from julian@freebsd.org) Subject: Re: Proper way to add vendor-specific syscalls? [Correct answer] :-) To: freebsd-hackers@freebsd.org, Alan Somers References: From: Julian Elischer Message-ID: <7f0a642b-9c05-3bb6-53ee-66424a26b661@freebsd.org> Date: Mon, 3 Oct 2016 19:28:50 -0700 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Thunderbird/45.3.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Oct 2016 02:29:11 -0000 On 3/10/2016 10:48 AM, Alan Somers wrote: > What's the proper way to add a vendor-specific syscall? The comments > in kern/syscalls.master suggest that they should be put in the range > from 151-180, but most of that range is actually occupied. Only five > nosys slots are available. If I add syscalls to the end of the list, > they'll likely collide with future standard syscalls. Should I just > added ~100 nosys syscalls to the end of the list, and put my custom > syscalls afterwards? Is there any penalty to lengthening the list? > > -Alan > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" the correct way is to allow them to dynamically allocate a syscall, (assuming they are in a module) see man modstat(2) the syscall number is in the modspecfic data. also see the SYSCALL_MODULE(2) man page read /usr/share/examples/kld/syscall and read both the module and the test program. key parts are: (in the module: the module needs something like: static int ddfenabled_offset = NO_SYSCALL; static struct sysent ddfenabled_sysent = { AS(ddfenabled_args), (sy_call_t *)ddfenabled, AUE_NULL, NULL, 0, 0, 0 }; SYSCALL_MODULE(ddfenabled, &ddfenabled_offset, &ddfenabled_sysent, ddload, NULL); the user code needs something like: static int ddfenabled_sysno = 0; /* * Module init */ int rlu_init(void) { struct module_stat mstat; int modid; /* Find some dedup-related syscalls */ if (ddfenabled_sysno == 0) { mstat.version = sizeof(mstat); if ((modid = modfind("ddfenabled")) == -1 || modstat(modid, &mstat) == -1) { return -1; } ddfenabled_sysno = mstat.data.intval; } return 0; } From owner-freebsd-hackers@freebsd.org Tue Oct 4 15:29:51 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 10CD4AF50D3 for ; Tue, 4 Oct 2016 15:29:51 +0000 (UTC) (envelope-from wjw@digiware.nl) Received: from smtp.digiware.nl (smtp.digiware.nl [IPv6:2001:4cb8:90:ffff::3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CF3BF78D; Tue, 4 Oct 2016 15:29:50 +0000 (UTC) (envelope-from wjw@digiware.nl) Received: from router.digiware.nl (localhost.digiware.nl [127.0.0.1]) by smtp.digiware.nl (Postfix) with ESMTP id 7E3A92A40E; Tue, 4 Oct 2016 17:29:46 +0200 (CEST) X-Virus-Scanned: amavisd-new at digiware.com Received: from smtp.digiware.nl ([127.0.0.1]) by router.digiware.nl (router.digiware.nl [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 26jRu5jhkAxv; Tue, 4 Oct 2016 17:29:45 +0200 (CEST) Received: from [192.168.101.51] (vpn.ecoracks.nl [176.74.240.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.digiware.nl (Postfix) with ESMTPSA id 7FFF32A40D; Tue, 4 Oct 2016 17:29:45 +0200 (CEST) Subject: Re: Kqueue and threading To: Eric Badger , freebsd-hackers@freebsd.org References: <111e0c35-7a4b-b6c7-ef1d-1a0d85112e61@digiware.nl> <4209b8d4-6674-a51d-dceb-81c3ecd179c2@FreeBSD.org> From: Willem Jan Withagen Message-ID: Date: Tue, 4 Oct 2016 17:29:41 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.3.0 MIME-Version: 1.0 In-Reply-To: <4209b8d4-6674-a51d-dceb-81c3ecd179c2@FreeBSD.org> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Oct 2016 15:29:51 -0000 On 3-10-2016 19:48, Eric Badger wrote: > On 10/01/2016 13:02, Willem Jan Withagen wrote: >> Hi, >> >> Ceph uses a lot of threading, and for any part of it >> communication it uses epoll(), which FreeBSD does not use. For >> that there was already a EvenKqueue implementation. >> >> But I think I'm now running into: The kqueue() system call >> creates a new kernel event queue and returns a descriptor. The >> queue is not inherited by a child created with fork(2). However, >> if rfork(2) is called without the RFFDG flag, then the descriptor >> table is shared, which will allow sharing of the kqueue between >> two processes. >> >> Kqueue descriptors are created and events are added, but then >> the process starts other threads and expects the kqueue-id to be >> valid there. >> >> However adding more events returns an error, also waiting on the >> ID for events to happen returns an error (descriptor invalid) >> >> Threading is done with 2 different constructions: std::thread and >> creating Workers >> >> Would any of these qualify with the quoted warning? and >> invalidate the descriptor table? >> >> If not, how can I (easily) debug the reason why my descriptors go >> invalid? >> > > Sharing a kqueue between threads of a process works. Are the > workers created using rfork without RFFDG as suggested in the > manpage? I've never had reason to do this, but a quick test seems > to indicate that it works as advertised. A normal fork closes the > kqueue file descriptor. If you suspect that's what's happening, you > might run "procstat -f {worker pid}" to see if file descriptors > with a "k" (kqueue) in the "T" (type) column appear (if not, they > were presumably closed on the fork). Yup, I know what the man page writes. :) But now the trick question is: how does the C++ worker/thread library function.... Some of the code actually does: std:move on a lambda-function, which should instantiate a complete fresh environment. And that would certainly qualify for expected closure of the kq descriptors. OTOH it keeps regular file descriptors available in the thread. I guess I'll have to start testing with a few simple C++ programs to get things clear. --WjW From owner-freebsd-hackers@freebsd.org Tue Oct 4 15:15:33 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E733CAF3A14 for ; Tue, 4 Oct 2016 15:15:33 +0000 (UTC) (envelope-from roger@purplecat.net) Received: from mx1.purplecat.net (mx1.purplecat.net [205.138.55.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.purplecat.net", Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A384463E for ; Tue, 4 Oct 2016 15:15:33 +0000 (UTC) (envelope-from roger@purplecat.net) Received: (qmail 72464 invoked by uid 89); 4 Oct 2016 15:14:53 -0000 Received: from unknown (HELO PCNDesktop) (support@purplecat.net@68.115.151.242) by mx1.purplecat.net with ESMTPA; 4 Oct 2016 15:14:53 -0000 Reply-To: From: "Roger Eddins" To: Subject: Reported version numbers of base openssl and sshd Date: Tue, 4 Oct 2016 11:16:32 -0400 Message-ID: <01eb01d21e52$4a7f1640$df7d42c0$@net> MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AdIeUkocLzB8V1XdS3SVKMzoplSnMg== Content-Language: en-us X-Mailman-Approved-At: Tue, 04 Oct 2016 15:35:08 +0000 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Oct 2016 15:15:34 -0000 Dear Maintainers, Thank you for your excellent efforts in maintaining the FreeBSD code base. Question: Could version number obfuscation be added to openssl and sshd or have the proper relative patch version number reported from the binaries in the base system? Reasoning: PCI compliance is becoming an extreme problem due to scanning false positives from certain vendors and a big time waster with older FreeBSD releases reporting the original base version number even after patch updates. This is requiring us to compile/run openssl port and openssh-portable creating a highly unnecessary maintenance burden on our admins when the package binaries would be sufficient if the these core base components would report the latest version number. OF course, blocking the scanning engines on certain ports is an easy trick but that doesn't solve the root cause of the problem. We have a snowflake type environment for custom hosting solutions so that hopefully gives a good picture of why using ports for these core components is so time consuming. If the official stance is to use openssl port and openssh-portable just so the FreeBSD OS can report back the latest version number to PCI scanning engines, sobeit but makes little sense at least in the context we exist in and interfacing with PCI compliance vendors. Thank you, Roger Eddins From owner-freebsd-hackers@freebsd.org Tue Oct 4 17:06:25 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 28475AF5212 for ; Tue, 4 Oct 2016 17:06:25 +0000 (UTC) (envelope-from adrian.chadd@gmail.com) Received: from mail-io0-x22c.google.com (mail-io0-x22c.google.com [IPv6:2607:f8b0:4001:c06::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E696D751; Tue, 4 Oct 2016 17:06:24 +0000 (UTC) (envelope-from adrian.chadd@gmail.com) Received: by mail-io0-x22c.google.com with SMTP id r30so34600222ioi.1; Tue, 04 Oct 2016 10:06:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=V74yMicDBLzmDKFQQJiHbA096ge0ZG7tuB2PIzRsAC8=; b=CNZyxUmZhJ8AzhhDl0ZRXSwgQ1+xuuA3HRdKb0zZj0zTA7cgrxiLfXuqlziIpmLATy Bc3cviVef9DajI9JoL7Zra6O+imxhcbxXIYgr7bjFka7MFvgpKdLJvLoRFcl/00SMWA0 etv6RwNPvFdMzkmZr+/sAEwEwaJi9dUQwkMJN+dyGXdpOhRZ5LTfmTxVdQjp5V9LoBgO zVIGqpspEURR5D6ZLY0qbYryTrwLDeNa5JxfMJqWKCYGvgqhSwwT3f1fjW8ziFyDnAhN +YbO7Nc3QTGzyvQO/Zcz/2VZkFS+FZE/rXhYevsokZtNldd4auvkgiA6vjJYy2WGshOh NV+w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=V74yMicDBLzmDKFQQJiHbA096ge0ZG7tuB2PIzRsAC8=; b=hZSRA1lqX8b222CEGHmuV/vf+UR2tHhIuezBesqQk6T6VSj8EODm5IGI7x/PsLBpkg jg1T5+SAJTtUkUCdDlzbl2Rwkf9sDvZlaIbdon3IXbNTrgqHkVAr6HtHCvcd5H7hKjlG aS7/Nxmw0774x1Wwu17OUF4/OBz0zWDASN5HmWsnG4NE7MD+IbsYbz9AU+37Eee5M3GW 7HsszkwKJIgZUZB28RkakTVZd8VwNBmEeRNTPltNcjDLO121zmImIwW1zLUlrEpJ6Kjr CUbwon50zKQtjbGjdGOrpGNHNzGbP9628tyI7PlwVbhNTbl0OHiqy0uwA/AczZrwmAyk CyKw== X-Gm-Message-State: AA6/9RmsSObm1CbIvOPcEn1dx4xhB4LVDgBl+oKM5EBA+/0xK8U3I6Sau20YScv+J/8XvoBUeWXlIGKd8wg1fQ== X-Received: by 10.107.181.211 with SMTP id e202mr5223245iof.99.1475600784018; Tue, 04 Oct 2016 10:06:24 -0700 (PDT) MIME-Version: 1.0 Received: by 10.36.141.129 with HTTP; Tue, 4 Oct 2016 10:06:23 -0700 (PDT) In-Reply-To: <1b439846-86d0-457b-a8b9-537c409003f5@FreeBSD.org> References: <111e0c35-7a4b-b6c7-ef1d-1a0d85112e61@digiware.nl> <4209b8d4-6674-a51d-dceb-81c3ecd179c2@FreeBSD.org> <20161003180913.GP54003@zxy.spb.ru> <1b439846-86d0-457b-a8b9-537c409003f5@FreeBSD.org> From: Adrian Chadd Date: Tue, 4 Oct 2016 10:06:23 -0700 Message-ID: Subject: Re: Kqueue and threading To: Eric Badger Cc: Slawa Olhovchenkov , "freebsd-hackers@freebsd.org" , Willem Jan Withagen Content-Type: text/plain; charset=UTF-8 X-Mailman-Approved-At: Tue, 04 Oct 2016 17:39:50 +0000 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Oct 2016 17:06:25 -0000 netmap is a special snowflake case, as the last time I checked a whole bunch of assumptions are made about the process/thread contexts doing the work. -adrian On 3 October 2016 at 19:06, Eric Badger wrote: > On 10/03/2016 01:09 PM, Slawa Olhovchenkov wrote: >> On Mon, Oct 03, 2016 at 12:48:03PM -0500, Eric Badger wrote: >> >>> Sharing a kqueue between threads of a process works. Are the workers >> >> Can you comment PR207261? > > Hmm, I don't think I have the netmap expertise to comment. > > Eric > From owner-freebsd-hackers@freebsd.org Tue Oct 4 18:23:03 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B1A9EAF5574 for ; Tue, 4 Oct 2016 18:23:03 +0000 (UTC) (envelope-from cpruce@juniper.net) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 7AF4A79E for ; Tue, 4 Oct 2016 18:23:03 +0000 (UTC) (envelope-from cpruce@juniper.net) Received: by mailman.ysv.freebsd.org (Postfix) id 7A51CAF5573; Tue, 4 Oct 2016 18:23:03 +0000 (UTC) Delivered-To: hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 79EE9AF5572 for ; Tue, 4 Oct 2016 18:23:03 +0000 (UTC) (envelope-from cpruce@juniper.net) Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on0124.outbound.protection.outlook.com [104.47.36.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "Microsoft IT SSL SHA2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 249DD79D for ; Tue, 4 Oct 2016 18:23:02 +0000 (UTC) (envelope-from cpruce@juniper.net) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=junipernetworks.onmicrosoft.com; s=selector1-juniper-net; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=eX1T2GRAb/2939WSSjHLnAbW19Jg0BPDAC35rHVdPms=; b=lNiXfRev70cV3CPTcKX8ihHFhqu6VNubhSJTP8i0QDzNykGSPjQZ/NGGSu3kOi2EVoGX1Yz2oagaZ44JUlDBKr5JenB+4xi5oMyPRYtx3JZIUvFlRIIPQdiriI0B5U++9a6ulrj4YHXlrkKlNRqHGJcEypm21jxCaHEhFSVfQbk= Received: from DM2PR0501MB1582.namprd05.prod.outlook.com (10.160.133.148) by DM2PR0501MB1584.namprd05.prod.outlook.com (10.160.133.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.629.6; Tue, 4 Oct 2016 17:49:01 +0000 Received: from DM2PR0501MB1582.namprd05.prod.outlook.com ([10.160.133.148]) by DM2PR0501MB1582.namprd05.prod.outlook.com ([10.160.133.148]) with mapi id 15.01.0629.020; Tue, 4 Oct 2016 17:49:01 +0000 From: Cory Pruce To: Joe Nosay CC: "hackers@freebsd.org" Subject: Re: Suspend to disk/ S4/ Hibernate Thread-Topic: Suspend to disk/ S4/ Hibernate Thread-Index: AQHSHc7UQT5Cj0fwgECSZsyFCqq/f6CYkcoA//+MbAA= Date: Tue, 4 Oct 2016 17:49:01 +0000 Message-ID: References: <2BFD2D1D-7300-4B8D-A165-09220B779E51@juniper.net> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=cpruce@juniper.net; x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [66.129.239.15] x-ms-office365-filtering-correlation-id: 0ceadbaf-a02b-4c96-e876-08d3ec7eb9d6 x-microsoft-exchange-diagnostics: 1; DM2PR0501MB1584; 6:BMRDhtFsN4kAUklORbCD9qzCXzt1+dzQwNCMXEwA5AiEmD3itg8mOg0ZjzObep0JGkzNTN+ueQxGfeFv4eqixyvRiD6nLNcIQ3UAy3xpWfybOiUa4M5tQEBSTu66dyP6rgGfD2159vMmOWzzZdURXAg+opdRKT1MZZHXe6Ibua/0Mbr6uaCxWUse8KR187mCGaG8z7MrOqSeS6AK//OUeFKV23yLlM+feuAzu60QxPf8dH20/VBDjE5/1SzBqwb2OmaAwDsPJgAYjPNF8RpcR5R4uTuvZHfWe64CQiw7s1HheRZ+nuixChD2xIQXhiFjimf950tIm8wB8/iv6ZEeJQ==; 5:5K+/Gp+qC/QV2mjcpq/0hEoNsSvycO+Aakr/x0zOAGmG95pVW2xbWyQcGBeGlLOk3EtC4eOOJbHMMT4uF8bV8bGb0iReTjqEyxUHMYArqmBAti5L/AQzifMK6sdqs2Tf8Gx3k7kz98zJOXnQMpmrZw==; 24:p0F4XCi0Yj34CbUdMBIX18AcsVibz4+/PwAKbBjPVMUnPYkFB1sCxbJC67mWGTJxLK/ghDEpY4qN2d2t9BYYEgedlOB2bukLsHnN2MX5ZSM=; 7:MXEIuv+igHVeTan3o2dTy35e+vbAfN8XNvXMU7zb5UamkW4rmhcaKmYobr4SEIXUxDaBgTq0ZywdId5I8TGAvwL1Dj8DUJ7L++ZnpU4niaomQJPcSN2L2bHl2wLazg9+x7yPS7pFez6q0I7X/b6aHcOZbYzzKUEbiYINAmdgP2G5eHUZwXiB9UXIGdNmsUgnX2IbUgQfwtIgQ+718S19oENg9USJg6OIAdg7f9MyxyC3V2J3so1smn9DMqjm2etgkORCThqNBczg7EBvoL6wYK07rYQ7XOskasYZJGC/7i+C3K2VtWOBWpwxA8htin75 x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DM2PR0501MB1584; x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(138986009662008)(75325880899374)(21748063052155); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040176)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6055026); SRVR:DM2PR0501MB1584; BCL:0; PCL:0; RULEID:; SRVR:DM2PR0501MB1584; x-forefront-prvs: 00851CA28B x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(979002)(7916002)(199003)(377454003)(189002)(24454002)(36756003)(10400500002)(54356999)(7846002)(76176999)(99286002)(4326007)(11100500001)(5002640100001)(16236675004)(6916009)(189998001)(86362001)(19625215002)(33656002)(2900100001)(1411001)(66066001)(7906003)(7736002)(106116001)(50986999)(10710500007)(106356001)(101416001)(97736004)(5660300001)(102836003)(3660700001)(19300405004)(110136003)(8676002)(19580395003)(77096005)(92566002)(105586002)(15975445007)(19617315012)(8936002)(3280700002)(2420400007)(87936001)(3846002)(82746002)(81156014)(19580405001)(2950100002)(6116002)(586003)(15650500001)(122556002)(81166006)(83716003)(2906002)(68736007)(104396002)(969003)(989001)(999001)(1009001)(1019001); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR0501MB1584; H:DM2PR0501MB1582.namprd05.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts) spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM MIME-Version: 1.0 X-OriginatorOrg: juniper.net X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Oct 2016 17:49:01.5934 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4 X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR0501MB1584 X-Mailman-Approved-At: Tue, 04 Oct 2016 19:08:59 +0000 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Oct 2016 18:23:03 -0000 WXVwLCBpdCBpcyBhIGNvbXBhcmF0aXZlIGFuYWx5c2lzLiBIaWJlcm5hdGUuYyBpcyBpbiB0aGUg bGludXgtNC41IHNvdXJjZSAoa2VybmVsL3Bvd2VyL2hpYmVybmF0ZS5jKS4NCg0KRG8geW91IG1l YW4gdGhlIGVtYWlsIHdpbGwgYm91bmNlPw0KDQpGcm9tOiBKb2UgTm9zYXkgPHN1cGVyYmlzcXVp dEBnbWFpbC5jb20+DQpEYXRlOiBUdWVzZGF5LCBPY3RvYmVyIDQsIDIwMTYgYXQgMTA6NDIgQU0N ClRvOiBDb3J5IFBydWNlIDxjcHJ1Y2VAanVuaXBlci5uZXQ+DQpDYzogImhhY2tlcnNAZnJlZWJz ZC5vcmciIDxoYWNrZXJzQGZyZWVic2Qub3JnPg0KU3ViamVjdDogUmU6IFN1c3BlbmQgdG8gZGlz ay8gUzQvIEhpYmVybmF0ZQ0KDQpUaGlzIHdpbGwgYm91bmNlIGZvciBvbmUuDQpXaGVyZSBpbiAi aGliZXJuYXRlLmMiID8NCkkgYXNzdW1lIHRoYXQgeW91IGFyZSBkb2luZyBhIGNvbXBhcmF0aXZl IGFuYWx5c2lzLg0KDQpPbiBNb24sIE9jdCAzLCAyMDE2IGF0IDc6MzUgUE0sIENvcnkgUHJ1Y2Ug PGNwcnVjZUBqdW5pcGVyLm5ldDxtYWlsdG86Y3BydWNlQGp1bmlwZXIubmV0Pj4gd3JvdGU6DQpI aSwNCg0KSGFzIGFueW9uZSBzdGFydGVkIG9uIHRoaXM/IEkgc2VlIGFjcGkgaW4gdGhlIGZyZWVi c2Qgc291cmNlIGNvZGUgYW5kIHRoYXQgc3VzcGVuZCB0byByYW0gaXMgKG1vc3RseSkgZG9uZS4g SeKAmXZlIGJlZW4gYnJpZWZseSBsb29raW5nIHRocm91Z2ggbGludXgtNC414oCZcyBrZXJuZWwv cG93ZXIvKiAobW9zdGx5IGhpYmVybmF0ZS5jKS4NCg0KTGV0IG1lIGtub3cgaWYgYW55b25lIGhh cyBpbnB1dCBvbiB0aGlzLg0KDQpUaGFua3MsDQpDb3J5DQpfX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fXw0KZnJlZWJzZC1oYWNrZXJzQGZyZWVic2Qub3JnPG1h aWx0bzpmcmVlYnNkLWhhY2tlcnNAZnJlZWJzZC5vcmc+IG1haWxpbmcgbGlzdA0KaHR0cHM6Ly9s aXN0cy5mcmVlYnNkLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2ZyZWVic2QtaGFja2Vycw0KVG8gdW5z dWJzY3JpYmUsIHNlbmQgYW55IG1haWwgdG8gImZyZWVic2QtaGFja2Vycy11bnN1YnNjcmliZUBm cmVlYnNkLm9yZzxtYWlsdG86ZnJlZWJzZC1oYWNrZXJzLXVuc3Vic2NyaWJlQGZyZWVic2Qub3Jn PiINCg0K From owner-freebsd-hackers@freebsd.org Tue Oct 4 22:21:49 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 76547AF5A0E for ; Tue, 4 Oct 2016 22:21:49 +0000 (UTC) (envelope-from yaneurabeya@gmail.com) Received: from mail-pf0-x230.google.com (mail-pf0-x230.google.com [IPv6:2607:f8b0:400e:c00::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 43D90F6D; Tue, 4 Oct 2016 22:21:49 +0000 (UTC) (envelope-from yaneurabeya@gmail.com) Received: by mail-pf0-x230.google.com with SMTP id i85so28753562pfa.3; Tue, 04 Oct 2016 15:21:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=ged8oFQjqOCXGMp/AYW72QFmHNkGV//Ph6sOpSI7kWM=; b=h81MTJvxxvmgxdO8Ca3Im38yIxIqN43A7kNaiO2mdH3+EjOkmkJUSHsrpDVY7uv9i5 n+u3DZOd/a0wAzmPV7+suKS9vFAM+wmUA0/S2rLqZhPmqdNH3elq2Wr8VLKQ1D2ws2U5 NiIGc9AFlNhAfvbsV/qZ6W6dBu6RzGSmQODC/IAnSAKSb9SILiFEssRVvRZ3jH2FgmyZ 9yPzoCoHjyr7fqyS2T1qcSFZirAzOu4eRXLhfaRUv5w3Bx/YzFKDpIbLRvnW5uorw0Uf rYDfax4s8VYidK7WXCHBjTNr4lu/PVl7/U+dForHQyEb+M3JVJ8sWjMNpJGs/VfZE7ZN aSHg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=ged8oFQjqOCXGMp/AYW72QFmHNkGV//Ph6sOpSI7kWM=; b=nCffh7sRYncpYrbUjY5cq8wdUmlYUuQAd4wFCO+CCoRI9dqPNzy8qr3SNv6frXw1qD eXbQQXuyaLyflWBqSo/68Y854foU68FLeZAXAIIwgmt43uaw0DZooXgdnFfzVhHeRF3Z 2CA/D2galQ+t0Cx+wHb3Dr/KDpJ5T8NnaWpk/C46Yye3VoYA0WfZYgGApqzAjltseydS 8IsHw/gCWJIxE/0cN9aaePogsSAQiLSVHalaQr5jhnLQy7xPc7GzSDxtwHVmGwn6r+Wa W5PSB2u3eFX6GaDM23klP/YstA021tAp4oEFOPjFW67fO9TYY2praWjNTZYr6OPa5Fv/ OIiA== X-Gm-Message-State: AA6/9Rlu8EMd+aLv52SrwvXZO1BDqZ1+2NdyoXw27tnbmr4NBLC5c0IuQzTBBxy2uP9BZg== X-Received: by 10.98.1.138 with SMTP id 132mr1500576pfb.69.1475619708692; Tue, 04 Oct 2016 15:21:48 -0700 (PDT) Received: from [192.168.100.50] (fp276ebe43.tkyc502.ap.nuro.jp. [39.110.190.67]) by smtp.gmail.com with ESMTPSA id p77sm20810374pfi.27.2016.10.04.15.21.47 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 04 Oct 2016 15:21:48 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (1.0) Subject: Re: Reported version numbers of base openssl and sshd From: Ngie Cooper X-Mailer: iPhone Mail (13G36) In-Reply-To: <01eb01d21e52$4a7f1640$df7d42c0$@net> Date: Wed, 5 Oct 2016 07:21:46 +0900 Cc: freebsd-hackers@freebsd.org, des@FreeBSD.org, jkim@FreeBSD.org Content-Transfer-Encoding: quoted-printable Message-Id: <2530D2B9-F7EA-4A12-A596-1B2BF4B83AAF@gmail.com> References: <01eb01d21e52$4a7f1640$df7d42c0$@net> To: roger@purplecat.net X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Oct 2016 22:21:49 -0000 (CCing the current maintainers for OpenSSL and ssh) > On Oct 5, 2016, at 00:16, Roger Eddins wrote: >=20 > Dear Maintainers, >=20 > Thank you for your excellent efforts in maintaining the FreeBSD code base.= =20 >=20 > Question: Could version number obfuscation be added to openssl and sshd o= r > have the proper relative patch version number reported from the binaries i= n > the base system? >=20 > Reasoning: PCI compliance is becoming an extreme problem due to scanning > false positives from certain vendors and a big time waster with older > FreeBSD releases reporting the original base version number even after pat= ch > updates. This is requiring us to compile/run openssl port and > openssh-portable creating a highly unnecessary maintenance burden on our > admins when the package binaries would be sufficient if the these core bas= e > components would report the latest version number. OF course, blocking th= e > scanning engines on certain ports is an easy trick but that doesn't solve > the root cause of the problem. We have a snowflake type environment for > custom hosting solutions so that hopefully gives a good picture of why usi= ng > ports for these core components is so time consuming. >=20 > If the official stance is to use openssl port and openssh-portable just so= > the FreeBSD OS can report back the latest version number to PCI scanning > engines, sobeit but makes little sense at least in the context we exist in= > and interfacing with PCI compliance vendors. I think this request sounds reasonable. I don't know how difficult it mi= ght be or what exactly you have in mind version number wise.. But I'm guessi= ng you have a straightforward idea that could be described. Thanks! -Ngie= From owner-freebsd-hackers@freebsd.org Tue Oct 4 22:30:55 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 89424AF41CC for ; Tue, 4 Oct 2016 22:30:55 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by mx1.freebsd.org (Postfix) with ESMTP id 17B49814; Tue, 4 Oct 2016 22:30:55 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Subject: Re: Reported version numbers of base openssl and sshd To: Ngie Cooper , roger@purplecat.net References: <01eb01d21e52$4a7f1640$df7d42c0$@net> <2530D2B9-F7EA-4A12-A596-1B2BF4B83AAF@gmail.com> Cc: freebsd-hackers@freebsd.org, des@FreeBSD.org From: Jung-uk Kim Message-ID: <9e7742fa-a995-b58f-8cd3-30d77d4fab6c@FreeBSD.org> Date: Tue, 4 Oct 2016 18:30:50 -0400 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0 MIME-Version: 1.0 In-Reply-To: <2530D2B9-F7EA-4A12-A596-1B2BF4B83AAF@gmail.com> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="HTW8oXIijwdqsQUrBg7FsMv90PU4CWDDI" X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Oct 2016 22:30:55 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --HTW8oXIijwdqsQUrBg7FsMv90PU4CWDDI Content-Type: multipart/mixed; boundary="oKAvrNIKLxHk4W1NQ8Po1R4drJVUPiTlm"; protected-headers="v1" From: Jung-uk Kim To: Ngie Cooper , roger@purplecat.net Cc: freebsd-hackers@freebsd.org, des@FreeBSD.org Message-ID: <9e7742fa-a995-b58f-8cd3-30d77d4fab6c@FreeBSD.org> Subject: Re: Reported version numbers of base openssl and sshd References: <01eb01d21e52$4a7f1640$df7d42c0$@net> <2530D2B9-F7EA-4A12-A596-1B2BF4B83AAF@gmail.com> In-Reply-To: <2530D2B9-F7EA-4A12-A596-1B2BF4B83AAF@gmail.com> --oKAvrNIKLxHk4W1NQ8Po1R4drJVUPiTlm Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 10/04/2016 18:21, Ngie Cooper wrote: > (CCing the current maintainers for OpenSSL and ssh) >=20 >> On Oct 5, 2016, at 00:16, Roger Eddins wrote: >> >> Dear Maintainers, >> >> Thank you for your excellent efforts in maintaining the FreeBSD code b= ase. =20 >> >> Question: Could version number obfuscation be added to openssl and ss= hd or >> have the proper relative patch version number reported from the binari= es in >> the base system? >> >> Reasoning: PCI compliance is becoming an extreme problem due to scann= ing >> false positives from certain vendors and a big time waster with older >> FreeBSD releases reporting the original base version number even after= patch >> updates. This is requiring us to compile/run openssl port and >> openssh-portable creating a highly unnecessary maintenance burden on o= ur >> admins when the package binaries would be sufficient if the these core= base >> components would report the latest version number. OF course, blockin= g the >> scanning engines on certain ports is an easy trick but that doesn't so= lve >> the root cause of the problem. We have a snowflake type environment f= or >> custom hosting solutions so that hopefully gives a good picture of why= using >> ports for these core components is so time consuming. >> >> If the official stance is to use openssl port and openssh-portable jus= t so >> the FreeBSD OS can report back the latest version number to PCI scanni= ng >> engines, sobeit but makes little sense at least in the context we exis= t in >> and interfacing with PCI compliance vendors. >=20 > I think this request sounds reasonable. I don't know how difficult = it might be or what exactly you have in mind version number wise.. But I'= m guessing you have a straightforward idea that could be described. As an OpenSSL maintainer for the base, I always try to merge the latest OpenSSL releases. For releng branches, so@ is in total control. Jung-uk Kim --oKAvrNIKLxHk4W1NQ8Po1R4drJVUPiTlm-- --HTW8oXIijwdqsQUrBg7FsMv90PU4CWDDI Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJX9C2eAAoJEHyflib82/FGsvkH/it4rbQWgdEIgVvAYAfFjLb8 HErCkNV8RMyovHNbtkvSCc9BKIn7Llpmu1gmhCwa2pEe8pMqjKOMDy0jiozzQKZm uJN9HnA+uPee6Gx5GBBPVSRve37X+ai4A13+YvygoPHv16ju8V8jbK2TkN+9KZH0 gZrlaDdfcpyIpXjTQA9K+ALqv1zOiLxJ2ipbXFofladHa6zK8HtlrT8DsGPiiNp4 4xg9/8O3uOHkUEBlR0tEGI3l236ELo9g+D8GcI08S/h66y5vS8mqWR5v8BV/cL0l zsmeODwS9z1lOe5kxiQNp36OMRHkraAiQak57xHCTkMgtNs53lZeqXeaLQ1jYZk= =pL2e -----END PGP SIGNATURE----- --HTW8oXIijwdqsQUrBg7FsMv90PU4CWDDI-- From owner-freebsd-hackers@freebsd.org Wed Oct 5 03:06:25 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AF5D2AF5525; Wed, 5 Oct 2016 03:06:25 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vps1.elischer.org", Issuer "CA Cert Signing Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 8F3DAB99; Wed, 5 Oct 2016 03:06:25 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from julian-mbp3.pixel8networks.com (50-196-156-133-static.hfc.comcastbusiness.net [50.196.156.133]) (authenticated bits=0) by vps1.elischer.org (8.15.2/8.15.2) with ESMTPSA id u9536HPF047484 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Tue, 4 Oct 2016 20:06:18 -0700 (PDT) (envelope-from julian@freebsd.org) To: FreeBSD Stable , freebsd From: Julian Elischer Subject: fix for use-after-free problem in 10.x Message-ID: <7b732876-8cc3-a638-7ff1-e664060d4907@freebsd.org> Date: Tue, 4 Oct 2016 20:06:12 -0700 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Thunderbird/45.3.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Oct 2016 03:06:25 -0000 In 11 and 12 the taskqueue code has been rewritten in this area but under 10 this bug still occurs. On our appliances this bug stops the system from mounting the ZFS root, so it is quite severe. Basically while the thread is sleeping during the ZFS mount of root (in the while loop), another thread can free the 'task' item it is checking in that while loop and it can be reused or filled with 'deadcode' etc., with the waiting code unaware of the change.. The fix is to refetch the item at the end of the queue each time around the loop. I don't really want to do the bigger change of MFCing the change in 11, as it is more extensive, though if someone else does, that's ok by me. (If it's ABI compatible) Any comments or suggestions? here's the fix in diff form: [robot@porridge /usr/src]$ p4 diff -du ... --- //depot/pbranches/jelischer/FreeBSD-PZ/10.3/sys/kern/subr_taskqueue.c 2016-09-27 09:14:59.000000000 -0700 +++ /usr/src/sys/kern/subr_taskqueue.c 2016-09-27 09:14:59.000000000 -0700 @@ -441,9 +441,10 @@ TQ_LOCK(queue); task = STAILQ_LAST(&queue->tq_queue, task, ta_link); - if (task != NULL) - while (task->ta_pending != 0) - TQ_SLEEP(queue, task, &queue->tq_mutex, PWAIT, "-", 0); + while (task != NULL && task->ta_pending != 0) { + TQ_SLEEP(queue, task, &queue->tq_mutex, PWAIT, "-", 0); + task = STAILQ_LAST(&queue->tq_queue, task, ta_link); + } taskqueue_drain_running(queue); KASSERT(STAILQ_EMPTY(&queue->tq_queue), ("taskqueue queue is not empty after draining")); From owner-freebsd-hackers@freebsd.org Wed Oct 5 04:57:31 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7B380AF6560; Wed, 5 Oct 2016 04:57:31 +0000 (UTC) (envelope-from kaduk@mit.edu) Received: from dmz-mailsec-scanner-5.mit.edu (dmz-mailsec-scanner-5.mit.edu [18.7.68.34]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id F2D4D3CD; Wed, 5 Oct 2016 04:57:30 +0000 (UTC) (envelope-from kaduk@mit.edu) X-AuditID: 12074422-653ff7000000380d-7f-57f4883283eb Received: from mailhub-auth-1.mit.edu ( [18.9.21.35]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by (Symantec Messaging Gateway) with SMTP id A0.22.14349.23884F75; Wed, 5 Oct 2016 00:57:22 -0400 (EDT) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-1.mit.edu (8.13.8/8.9.2) with ESMTP id u954vLvr023254; Wed, 5 Oct 2016 00:57:21 -0400 Received: from multics.mit.edu (system-low-sipb.mit.edu [18.187.2.37]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id u954vIIX020121 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Wed, 5 Oct 2016 00:57:20 -0400 Received: (from kaduk@localhost) by multics.mit.edu (8.12.9.20060308) id u954vHot001338; Wed, 5 Oct 2016 00:57:17 -0400 (EDT) Date: Wed, 5 Oct 2016 00:57:17 -0400 (EDT) From: Benjamin Kaduk X-X-Sender: kaduk@multics.mit.edu To: freebsd-hackers@FreeBSD.org cc: freebsd-current@FreeBSD.org Subject: Final call for 2016Q3 quarterly status reports Message-ID: User-Agent: Alpine 1.10 (GSO 962 2008-03-14) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrCIsWRmVeSWpSXmKPExsUixCmqrGvU8SXcoHOyjsWua6fZLea8+cBk sX3zP0YHZo8Zn+azBDBGcdmkpOZklqUW6dslcGVcWf6buaCHp+LvDMEGxhauLkZODgkBE4kD zbfYuhi5OIQE2pgkzr5fwwrhbGCU2NC1gBHCOcgk8f5TEyNIi5BAvcSZNXvYQWwWAS2Jlp55 LCA2m4CaxPoV15ghxipKbD41CcwWEZCX2Nf0HqyeGcjesnoyG4gtLGAu8ffXVbA4r4CDxPLb B8HqRQV0JFbvn8ICEReUODnzCQtEr5bE8unbWCYw8s9CkpqFJLWAkWkVo2xKbpVubmJmTnFq sm5xcmJeXmqRrqlebmaJXmpK6SZGUOCxuyjtYJz4z+sQowAHoxIPb8fmz+FCrIllxZW5hxgl OZiURHmXhn4JF+JLyk+pzEgszogvKs1JLT7EKMHBrCTCq9UClONNSaysSi3Kh0lJc7AoifN2 zTgQLiSQnliSmp2aWpBaBJOV4eBQkuD93AbUKFiUmp5akZaZU4KQZuLgBBnOAzT8civI8OKC xNzizHSI/ClGRSlx3gSQZgGQREZpHlwvODHsZlJ9xSgO9Iowr307UBUPMKnAdb8CGswENDhw yweQwSWJCCmpBkYZrgMTljxN8Go7ZRPy+0XmCbn/P7n7g+u2qfUqMi441rRt84lY58hK64Qr geWvS0638XEx8Z7KzylMljURr9Qz9GS4ecNkt46QuJiqtHUWv6vr+X4xlzKFaTuT1wmel594 rUFs8k6NgkuTIgTamE/6LghcnbC7fNGig3O3f213Om6iX1N8UImlOCPRUIu5qDgRALm+GZDn AgAA X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Oct 2016 04:57:31 -0000 Dear FreeBSD Community, The deadline for the submissions to the next FreeBSD Quarterly Status is October 9, 2016, for work done in July through September. This is the final call for submissions; please let us know if you are considering making a submission but are not sure that your submission will be ready by the deadline. Status report submissions do not have to be very long. They may be about anything happening in the FreeBSD project and community, and provide a great way to inform FreeBSD users and developers about what you're working on. Submission of reports is not restricted to committers. Anyone doing anything interesting and FreeBSD-related can -- and should -- write one! The preferred and easiest submission method is to use the XML generator [1] with the results emailed to the status report team at monthly at FreeBSD.org . There is also an XML template [2] which can be filled out manually and attached if preferred. For the expected content and style, please study our guidelines on how to write a good status report [3]. You can also review previous issues [4][5] for ideas on the style and format. We are looking forward to all of your 2016Q3 reports! Thanks, Ben (on behalf of monthly@) [1] https://www.FreeBSD.org/cgi/monthly.cgi [2] https://www.FreeBSD.org/news/status/report-sample.xml [3] https://www.FreeBSD.org/news/status/howto.html [4] https://www.FreeBSD.org/news/status/report-2016-01-2016-03.html [4] https://www.FreeBSD.org/news/status/report-2016-04-2016-06.html From owner-freebsd-hackers@freebsd.org Wed Oct 5 06:28:51 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C9D69AF6552 for ; Wed, 5 Oct 2016 06:28:51 +0000 (UTC) (envelope-from des@des.no) Received: from smtp.des.no (smtp.des.no [194.63.250.102]) by mx1.freebsd.org (Postfix) with ESMTP id 8AEAED7D for ; Wed, 5 Oct 2016 06:28:51 +0000 (UTC) (envelope-from des@des.no) Received: from desk.des.no (smtp.des.no [194.63.250.102]) by smtp.des.no (Postfix) with ESMTP id E9ED0E12B; Wed, 5 Oct 2016 06:28:49 +0000 (UTC) Received: by desk.des.no (Postfix, from userid 1001) id 90AD944A8B; Wed, 5 Oct 2016 08:28:49 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: "Roger Eddins" Cc: Subject: Re: Reported version numbers of base openssl and sshd References: <01eb01d21e52$4a7f1640$df7d42c0$@net> Date: Wed, 05 Oct 2016 08:28:49 +0200 In-Reply-To: <01eb01d21e52$4a7f1640$df7d42c0$@net> (Roger Eddins's message of "Tue, 4 Oct 2016 11:16:32 -0400") Message-ID: <86oa2z9un2.fsf@desk.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Oct 2016 06:28:51 -0000 "Roger Eddins" writes: > Question: Could version number obfuscation be added to openssl and sshd = or > have the proper relative patch version number reported from the binaries = in > the base system? > > Reasoning: PCI compliance is becoming an extreme problem due to scanning > false positives from certain vendors and a big time waster with older > FreeBSD releases reporting the original base version number even after pa= tch > updates. I've been asked this before. My answer was that either the tools or the people wielding them are deficient, and I haven't changed my mind. How do they handle RHEL? DES -- Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-hackers@freebsd.org Wed Oct 5 12:51:14 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DA42AAF3810 for ; Wed, 5 Oct 2016 12:51:14 +0000 (UTC) (envelope-from des@des.no) Received: from smtp.des.no (smtp.des.no [194.63.250.102]) by mx1.freebsd.org (Postfix) with ESMTP id A51EA17A for ; Wed, 5 Oct 2016 12:51:14 +0000 (UTC) (envelope-from des@des.no) Received: from desk.des.no (smtp.des.no [194.63.250.102]) by smtp.des.no (Postfix) with ESMTP id B02BAE8D9; Wed, 5 Oct 2016 12:51:12 +0000 (UTC) Received: by desk.des.no (Postfix, from userid 1001) id 5C78444ABD; Wed, 5 Oct 2016 14:51:12 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Roger Eddins Cc: freebsd-hackers@freebsd.org Subject: Re: Reported version numbers of base openssl and sshd References: <01eb01d21e52$4a7f1640$df7d42c0$@net> <86oa2z9un2.fsf@desk.des.no> <0ee9d33e-9be2-4fd7-abc2-2285cc4bd4a2@typeapp.com> Date: Wed, 05 Oct 2016 14:51:12 +0200 In-Reply-To: <0ee9d33e-9be2-4fd7-abc2-2285cc4bd4a2@typeapp.com> (Roger Eddins's message of "Wed, 05 Oct 2016 08:25:36 -0400") Message-ID: <86k2dn9cxr.fsf@desk.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Oct 2016 12:51:14 -0000 Roger Eddins writes: > [...] Across the board we are finding other processes in commerce > tools rejecting transactions due to version number deficiencies and > the problem is growing rapidly. My hope would be that the team would > reconsider the version number question as it is the biggest deficiency > we experience daily using the FreeBSD OS. Once again: how do they handle RHEL? Because Red Hat, the 800-pound gorilla of the Open Source world, does the same thing that we do: backport patches without bumping the version number. And in fact, they do *less* than we do, because for OpenSSL and OpenSSH, we havea version suffixes which should reflect the date of the last patch, so even an automated scanner *can* be taught to distinguish a vulnerable machine from a patched one - as long as secteam remembers to bump the suffix when they patch the software. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-hackers@freebsd.org Wed Oct 5 12:25:42 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E2ED5AF6D0E for ; Wed, 5 Oct 2016 12:25:42 +0000 (UTC) (envelope-from support@purplecat.net) Received: from mx1.purplecat.net (mx1.purplecat.net [205.138.55.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.purplecat.net", Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A3CB4E29 for ; Wed, 5 Oct 2016 12:25:42 +0000 (UTC) (envelope-from support@purplecat.net) Received: (qmail 11757 invoked by uid 89); 5 Oct 2016 12:25:39 -0000 Received: from unknown (HELO ?192.168.254.5?) (support@purplecat.net@65.37.86.141) by mx1.purplecat.net with ESMTPA; 5 Oct 2016 12:25:39 -0000 In-Reply-To: <86oa2z9un2.fsf@desk.des.no> References: <01eb01d21e52$4a7f1640$df7d42c0$@net> <86oa2z9un2.fsf@desk.des.no> X-Referenced-Uid: 205615 Thread-Topic: Re: Reported version numbers of base openssl and sshd X-Blue-Identity: !l=700&o=96477&fo=97711&pl=407&po=0&qs=PREFIX&f=HTML&n=Roger%20Eddins&e=support%40purplecat.net&m=!%3ANWI3NGY3NGYtOWI3YS00NmM2LThhYWMtNWRiMDVlMmM5OTZk%3ASU5CT1g%3D%3AMjA1NjE1%3AANSWERED&p=349&q=SHOW User-Agent: Type for Android MIME-Version: 1.0 Subject: Re: Reported version numbers of base openssl and sshd From: Roger Eddins Date: Wed, 05 Oct 2016 08:25:36 -0400 To: =?ISO-8859-1?Q?Dag-Erling_Sm=F8rgrav?= CC: freebsd-hackers@freebsd.org Message-ID: <0ee9d33e-9be2-4fd7-abc2-2285cc4bd4a2@typeapp.com> X-Mailman-Approved-At: Wed, 05 Oct 2016 12:53:52 +0000 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Oct 2016 12:25:43 -0000 Dag-Erling, I agree with your premise 100% and it's true the tool wielders are taking the easy road out by simply doing a version check but that road may make sense from a bandwidth and CPU standpoint for their systems and it comes down to perception more do than education. I think from an accuracy standpoint it would make more academic sense to report an updated version number or at least a build number so the scanners can make an intelligent decision. Across the board we are finding other processes in commerce tools rejecting transactions due to version number deficiencies and the problem is growing rapidly.  My hope would be that the team would reconsider the version number question as it is the biggest deficiency we experience daily using the FreeBSD OS. Standing on a principle is great in concept but practical application sometimes overrides principle from a common sense perspective. Thank you for your consideration on this important question. Roger Roger Eddins Purplecat Networks Inc. www.purplecat.net On Oct 5, 2016, 2:28 AM, at 2:28 AM, "Dag-Erling Smørgrav" wrote: >"Roger Eddins" writes: >> Question: Could version number obfuscation be added to openssl and >sshd or >> have the proper relative patch version number reported from the >binaries in >> the base system? >> >> Reasoning: PCI compliance is becoming an extreme problem due to >scanning >> false positives from certain vendors and a big time waster with older >> FreeBSD releases reporting the original base version number even >after patch >> updates. > >I've been asked this before. My answer was that either the tools or >the >people wielding them are deficient, and I haven't changed my mind. > >How do they handle RHEL? > >DES >-- >Dag-Erling Smørgrav - des@des.no From owner-freebsd-hackers@freebsd.org Wed Oct 5 13:23:08 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0FF7AAF5442 for ; Wed, 5 Oct 2016 13:23:08 +0000 (UTC) (envelope-from Vladimir.Terziev@bwinparty.com) Received: from mgate03.itsfogo.com (mgate03.itsfogo.com [195.72.134.149]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (Client CN "*.itsfogo.com", Issuer "thawte SSL CA - G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 9AD07B84 for ; Wed, 5 Oct 2016 13:23:07 +0000 (UTC) (envelope-from Vladimir.Terziev@bwinparty.com) From: Vladimir Terziev To: =?iso-8859-1?Q?Dag-Erling_Sm=F8rgrav?= , Roger Eddins CC: "freebsd-hackers@freebsd.org" Subject: Re: Reported version numbers of base openssl and sshd Thread-Topic: Reported version numbers of base openssl and sshd Thread-Index: AdIeUkocLzB8V1XdS3SVKMzoplSnMgAf5MMoAA1VJNr//+MOgA== Date: Wed, 5 Oct 2016 13:07:55 +0000 Message-ID: <61AE4EE6-3A98-4A32-AFC3-A117A9F7E3C4@bwinparty.com> References: <01eb01d21e52$4a7f1640$df7d42c0$@net> <86oa2z9un2.fsf@desk.des.no> <0ee9d33e-9be2-4fd7-abc2-2285cc4bd4a2@typeapp.com> <86k2dn9cxr.fsf@desk.des.no> In-Reply-To: <86k2dn9cxr.fsf@desk.des.no> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-mailer: Apple Mail (2.1510) x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [10.138.239.254] Content-Type: text/plain; charset="iso-8859-1" Content-ID: Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Mailman-Approved-At: Wed, 05 Oct 2016 13:45:01 +0000 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Oct 2016 13:23:08 -0000 In fact with RedHat the same issue exists. Every time we have an audit (not PCI only), we have to explain the auditors= the back-porting politics of RedHat and show them the change-log of the pa= ckages. Roger, you can follow similar way. Your FreeBSD systems are at certain secu= rity patch-level (uname -r). You can show that to the auditors along to a l= og of the changes this patch-level incorporates in it. Vladimir On Oct 5, 2016, at 3:51 PM, Dag-Erling Sm=F8rgrav wrote: > Roger Eddins writes: >> [...] Across the board we are finding other processes in commerce >> tools rejecting transactions due to version number deficiencies and >> the problem is growing rapidly. My hope would be that the team would >> reconsider the version number question as it is the biggest deficiency >> we experience daily using the FreeBSD OS. >=20 > Once again: how do they handle RHEL? Because Red Hat, the 800-pound > gorilla of the Open Source world, does the same thing that we do: > backport patches without bumping the version number. And in fact, they > do *less* than we do, because for OpenSSL and OpenSSH, we havea version > suffixes which should reflect the date of the last patch, so even an > automated scanner *can* be taught to distinguish a vulnerable machine > from a patched one - as long as secteam remembers to bump the suffix > when they patch the software. >=20 > DES > --=20 > Dag-Erling Sm=F8rgrav - des@des.no > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org= " From owner-freebsd-hackers@freebsd.org Wed Oct 5 13:28:29 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 075C2AF5480 for ; Wed, 5 Oct 2016 13:28:29 +0000 (UTC) (envelope-from peter@purplecat.net) Received: from mx1.purplecat.net (mx1.purplecat.net [205.138.55.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.purplecat.net", Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id AF364BF5 for ; Wed, 5 Oct 2016 13:28:28 +0000 (UTC) (envelope-from peter@purplecat.net) Received: (qmail 57249 invoked by uid 89); 5 Oct 2016 13:28:25 -0000 Received: from unknown (HELO PCNEDIT1) (support@purplecat.net@68.115.151.242) by mx1.purplecat.net with ESMTPA; 5 Oct 2016 13:28:25 -0000 Message-ID: <704AE3714816467C93438DCD1A7E2620@PCNEDIT1> From: To: =?UTF-8?Q?Dag-Erling_Sm=C3=B8rgrav?= Cc: References: <01eb01d21e52$4a7f1640$df7d42c0$@net> <86oa2z9un2.fsf@desk.des.no><0ee9d33e-9be2-4fd7-abc2-2285cc4bd4a2@typeapp.com> <86k2dn9cxr.fsf@desk.des.no> In-Reply-To: <86k2dn9cxr.fsf@desk.des.no> Subject: Re: Reported version numbers of base openssl and sshd Date: Wed, 5 Oct 2016 09:28:24 -0400 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="UTF-8"; reply-type=original Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal Importance: Normal X-Mailer: Microsoft Windows Live Mail 16.4.3528.331 X-MimeOLE: Produced By Microsoft MimeOLE V16.4.3528.331 X-Mailman-Approved-At: Wed, 05 Oct 2016 13:56:04 +0000 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Oct 2016 13:28:29 -0000 Dag-Erling, No doubt the scanners themselves are at primary fault, and we push back on them vigorously, typically recommending our customers change scanning companies for the worst cases, but this of course creates a lot of work. In some instances our answer has simply been to firewall off their scanning servers, which laughably results in a 'pass' from the pci compliance/audit monkeys. You are of course completely right about RHEL...And FreeBSD is so superior in so many ways, it's not even a question--but having proper version numbers reported would eliminate a lot of headaches for us (and give FreeBSD another plus). We would very much prefer ~not~ to display version information at all. Having that as a variable in a configuration file would be a plus. Perhaps one that defaults to actual versions running, with the ability to report "non of your business." Thanks for all you do for FreeBSD and its community. Sincerely, Peter Brezny Purplecat Networks, Inc. www.purplecat.net 828-250-9446 ... -----Original Message----- From: Dag-Erling Smørgrav Sent: Wednesday, October 5, 2016 8:51 AM To: Roger Eddins Cc: freebsd-hackers@freebsd.org Subject: Re: Reported version numbers of base openssl and sshd Roger Eddins writes: > [...] Across the board we are finding other processes in commerce > tools rejecting transactions due to version number deficiencies and > the problem is growing rapidly. My hope would be that the team would > reconsider the version number question as it is the biggest deficiency > we experience daily using the FreeBSD OS. Once again: how do they handle RHEL? Because Red Hat, the 800-pound gorilla of the Open Source world, does the same thing that we do: backport patches without bumping the version number. And in fact, they do *less* than we do, because for OpenSSL and OpenSSH, we havea version suffixes which should reflect the date of the last patch, so even an automated scanner *can* be taught to distinguish a vulnerable machine from a patched one - as long as secteam remembers to bump the suffix when they patch the software. DES -- Dag-Erling Smørgrav - des@des.no From owner-freebsd-hackers@freebsd.org Wed Oct 5 14:03:23 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 72204AF61EF; Wed, 5 Oct 2016 14:03:23 +0000 (UTC) (envelope-from avg@FreeBSD.org) Received: from citapm.icyb.net.ua (citapm.icyb.net.ua [212.40.38.140]) by mx1.freebsd.org (Postfix) with ESMTP id 49E9829A; Wed, 5 Oct 2016 14:03:22 +0000 (UTC) (envelope-from avg@FreeBSD.org) Received: from porto.starpoint.kiev.ua (porto-e.starpoint.kiev.ua [212.40.38.100]) by citapm.icyb.net.ua (8.8.8p3/ICyb-2.3exp) with ESMTP id RAA04133; Wed, 05 Oct 2016 17:03:20 +0300 (EEST) (envelope-from avg@FreeBSD.org) Received: from localhost ([127.0.0.1]) by porto.starpoint.kiev.ua with esmtp (Exim 4.34 (FreeBSD)) id 1brmn2-0008DK-Ev; Wed, 05 Oct 2016 17:03:20 +0300 To: freebsd-stable@FreeBSD.org, freebsd-current@FreeBSD.org, freebsd-hackers@FreeBSD.org From: Andriy Gapon Subject: iicsmb Message-ID: Date: Wed, 5 Oct 2016 17:02:44 +0300 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Oct 2016 14:03:23 -0000 Does anyone use iicsmb driver for any practical purposes? Or more broadly, does anyone have a system with an I2C controller behind which SMBus-compatible slaves are known to exist? -- Andriy Gapon From owner-freebsd-hackers@freebsd.org Wed Oct 5 14:30:27 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A16D3AF6A72 for ; Wed, 5 Oct 2016 14:30:27 +0000 (UTC) (envelope-from allanjude@freebsd.org) Received: from mx1.scaleengine.net (mx1.scaleengine.net [209.51.186.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 84DC732D for ; Wed, 5 Oct 2016 14:30:27 +0000 (UTC) (envelope-from allanjude@freebsd.org) Received: from [10.1.1.2] (unknown [10.1.1.2]) (Authenticated sender: allanjude.freebsd@scaleengine.com) by mx1.scaleengine.net (Postfix) with ESMTPSA id 45F4E1182B for ; Wed, 5 Oct 2016 14:30:20 +0000 (UTC) Subject: Re: Reported version numbers of base openssl and sshd To: freebsd-hackers@freebsd.org References: <01eb01d21e52$4a7f1640$df7d42c0$@net> <86oa2z9un2.fsf@desk.des.no> <0ee9d33e-9be2-4fd7-abc2-2285cc4bd4a2@typeapp.com> <86k2dn9cxr.fsf@desk.des.no> <704AE3714816467C93438DCD1A7E2620@PCNEDIT1> From: Allan Jude Message-ID: <884f33d9-e479-9294-fc9d-2a6f4d228e10@freebsd.org> Date: Wed, 5 Oct 2016 10:30:20 -0400 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0 MIME-Version: 1.0 In-Reply-To: <704AE3714816467C93438DCD1A7E2620@PCNEDIT1> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Oct 2016 14:30:27 -0000 On 2016-10-05 09:28, peter@purplecat.net wrote: > Dag-Erling, > > No doubt the scanners themselves are at primary fault, and we push back > on them vigorously, typically recommending our customers change scanning > companies for the worst cases, but this of course creates a lot of > work. In some instances our answer has simply been to firewall off > their scanning servers, which laughably results in a 'pass' from the pci > compliance/audit monkeys. > > You are of course completely right about RHEL...And FreeBSD is so > superior in so many ways, it's not even a question--but having proper > version numbers reported would eliminate a lot of headaches for us (and > give FreeBSD another plus). > > We would very much prefer ~not~ to display version information at all. > Having that as a variable in a configuration file would be a plus. > Perhaps one that defaults to actual versions running, with the ability > to report "non of your business." In the case of ssh, part of this is already controlled by a variable in /etc/ssh/sshd_config VersionAddendum FreeBSD-20140420 If you want to control the rest, you'd need to ask the upstream openssh project. They use the version number information in the banner message to enable compatibility tweaks. > > Thanks for all you do for FreeBSD and its community. > > > Sincerely, > > Peter Brezny > Purplecat Networks, Inc. > www.purplecat.net > 828-250-9446 > > > ... > -----Original Message----- From: Dag-Erling Smørgrav > Sent: Wednesday, October 5, 2016 8:51 AM > To: Roger Eddins > Cc: freebsd-hackers@freebsd.org > Subject: Re: Reported version numbers of base openssl and sshd > > Roger Eddins writes: >> [...] Across the board we are finding other processes in commerce >> tools rejecting transactions due to version number deficiencies and >> the problem is growing rapidly. My hope would be that the team would >> reconsider the version number question as it is the biggest deficiency >> we experience daily using the FreeBSD OS. > > Once again: how do they handle RHEL? Because Red Hat, the 800-pound > gorilla of the Open Source world, does the same thing that we do: > backport patches without bumping the version number. And in fact, they > do *less* than we do, because for OpenSSL and OpenSSH, we havea version > suffixes which should reflect the date of the last patch, so even an > automated scanner *can* be taught to distinguish a vulnerable machine > from a patched one - as long as secteam remembers to bump the suffix > when they patch the software. > > DES -- Allan Jude From owner-freebsd-hackers@freebsd.org Wed Oct 5 19:52:11 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C1BD2AF7149 for ; Wed, 5 Oct 2016 19:52:11 +0000 (UTC) (envelope-from cpruce@juniper.net) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 8E5D4B5A for ; Wed, 5 Oct 2016 19:52:11 +0000 (UTC) (envelope-from cpruce@juniper.net) Received: by mailman.ysv.freebsd.org (Postfix) id 8D7B7AF7146; Wed, 5 Oct 2016 19:52:11 +0000 (UTC) Delivered-To: hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8D1F2AF7145 for ; Wed, 5 Oct 2016 19:52:11 +0000 (UTC) (envelope-from cpruce@juniper.net) Received: from NAM01-BY2-obe.outbound.protection.outlook.com (mail-by2nam01on0132.outbound.protection.outlook.com [104.47.34.132]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "Microsoft IT SSL SHA2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 41999B59 for ; Wed, 5 Oct 2016 19:52:10 +0000 (UTC) (envelope-from cpruce@juniper.net) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=junipernetworks.onmicrosoft.com; s=selector1-juniper-net; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=zIULBhwD1jcrSttFCTvMjs6Y7Jw29J+trsJOgR+ofo8=; b=H5i6sK/+ydZSKmLHNMSGeVavUGLT+V4dsTV7fwJUVg6J0vW6k5AV3soEs80qe133QZn0VH0i+w22elXJm97QjHuvOYSUP/uMlp+1R2wP4x65IHVg2tdQBJxsq0d8yV0/asDm5u66qUZ8QbrMTJtts2dQN0NBAw/zAn9Lw/QtqIA= Received: from DM2PR0501MB1582.namprd05.prod.outlook.com (10.160.133.148) by DM2PR0501MB1581.namprd05.prod.outlook.com (10.160.133.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.629.6; Wed, 5 Oct 2016 19:17:18 +0000 Received: from DM2PR0501MB1582.namprd05.prod.outlook.com ([10.160.133.148]) by DM2PR0501MB1582.namprd05.prod.outlook.com ([10.160.133.148]) with mapi id 15.01.0629.020; Wed, 5 Oct 2016 19:17:18 +0000 From: Cory Pruce To: "hackers@freebsd.org" Subject: Memory Compression Thread-Topic: Memory Compression Thread-Index: AQHSHz0WDLEp64G640aQ0E+BhwdCjw== Date: Wed, 5 Oct 2016 19:17:17 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=cpruce@juniper.net; x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [66.129.239.11] x-ms-office365-filtering-correlation-id: 6590d18a-6fbe-48f2-aaba-08d3ed54392b x-microsoft-exchange-diagnostics: 1; DM2PR0501MB1581; 6:rYEOR5UhQXL1SQRpQD2IgEHFqGuJ0tsDgKjOBGK9WPhUmppkEcp6ASy51u+IJ2+bbGatwcOqXO51Eyy83U00imevDSr9g+YeST9LQwWzqvH2/ocUSU3FZr9fKY5MJSwzPwyajMmW9LOcD2e9EBeuYktMLzyGY0as4reUX4A08DjpBJRHwJEkvE4KlFT2uQKHm/rru/qYbEVnF7ADHZI6/3PCjslg9yLauVYQTL195e8zsEFYA6XlqCf9mm5EJw1ftYgmpjKfNcDosa9sU11WIdvEND2i2rsCvSguySsZgdQavxgdvjRGfvF3LRJSKIkUx08WCuL527CyNpPg1pa1mg==; 5:g6zt0GB7f/iSos/rZZsZm9wsR7lqN7GlEQu9+epwfFtdQSemYyN13zVEvQ8YLSUtGhfPVJE0d3j3RcJNzC7OKEDzKkv7bRzgDsv77cb6mIghbm3GUbFeJqPkrtze+kKION9gVEsYbuc08Pux768XAQ==; 24:KbiOTYKGNNLDF/FWDjZ7w3tQ6MZr6Hby75MVOvyTWFwh+3bxKScX2SQ6TIOQI6HheB5Ak+RYA0gSBX80BWLR0NuqzFfNPd9ZlsVgpzgpWaE=; 7:2GTHlxD3RlS2AGBRHt/lViihsfpabwu3cNzYDckJFz8M+hRm0a7gLf0Hzs4k1RHdMi4yVytlUkvK0g1R7SUw1DLxQ8YhvUjP/XkkaMznnbBnGE9YUw3uMKYFyyNdHVKRrA1taUCXovYu/o5Wee/zQ9JFj5qrLyzsdHkgQ4zGId9oFHNNh3P4BuCcrqDz+N+1uifCn0RwkJjs/mKAPWGNIrCfBu+o9cunG9Ln8YPzLhRN0dpphP7osSLxO0OLX7uDoOFuhxn23i5a4I15LYkeCotrHwXsuRa3em2cvUOKoxRBXO8k8/IiuOnMIwDr01x1 x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DM2PR0501MB1581; x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(21748063052155); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040176)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6055026); SRVR:DM2PR0501MB1581; BCL:0; PCL:0; RULEID:; SRVR:DM2PR0501MB1581; x-forefront-prvs: 008663486A x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(7916002)(199003)(189002)(54356999)(86362001)(6116002)(102836003)(16236675004)(7116003)(5640700001)(87936001)(8936002)(50986999)(7846002)(33656002)(68736007)(7736002)(97736004)(122556002)(92566002)(586003)(5660300001)(10400500002)(19625215002)(3660700001)(558084003)(9326002)(82746002)(189998001)(101416001)(3846002)(19300405004)(83716003)(106356001)(110136003)(229853001)(2906002)(2900100001)(5002640100001)(105586002)(107886002)(1730700003)(11100500001)(8676002)(6916009)(19580395003)(221733001)(36756003)(3480700004)(2501003)(15975445007)(106116001)(3280700002)(81166006)(77096005)(66066001)(99286002)(2351001)(450100001)(81156014)(104396002); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR0501MB1581; H:DM2PR0501MB1582.namprd05.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts) spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM MIME-Version: 1.0 X-OriginatorOrg: juniper.net X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Oct 2016 19:17:17.9919 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4 X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR0501MB1581 X-Mailman-Approved-At: Wed, 05 Oct 2016 20:44:27 +0000 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Oct 2016 19:52:11 -0000 SGksDQoNCkkgcmVjZWl2ZWQgd29yZCBmcm9tIGRlZkAgdGhhdCBhIHRlYW0gYXQgVUlVQyBoYWQg YmVlbiB3b3JraW5nIG9uIG1lbW9yeSBjb21wcmVzc2lvbiBmb3IgRnJlZUJTRC4gRG9lcyBhbnlv bmUgaGF2ZSBhbiB1cGRhdGUgb24gdGhpcz8NCg0KVGhhbmtzLA0KQ29yeQ0K From owner-freebsd-hackers@freebsd.org Wed Oct 5 23:59:17 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8B5DDB81B39; Wed, 5 Oct 2016 23:59:17 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vps1.elischer.org", Issuer "CA Cert Signing Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 5011BC7F; Wed, 5 Oct 2016 23:59:16 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from julian-mbp3.pixel8networks.com (50-196-156-133-static.hfc.comcastbusiness.net [50.196.156.133]) (authenticated bits=0) by vps1.elischer.org (8.15.2/8.15.2) with ESMTPSA id u95NxAoa051800 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Wed, 5 Oct 2016 16:59:14 -0700 (PDT) (envelope-from julian@freebsd.org) Subject: Re: fix for use-after-free problem in 10.x [review please]. To: FreeBSD Stable , freebsd References: <7b732876-8cc3-a638-7ff1-e664060d4907@freebsd.org> From: Julian Elischer Message-ID: <6eaa1131-e268-bfb4-9203-a93eaf296f6c@freebsd.org> Date: Wed, 5 Oct 2016 16:59:05 -0700 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Thunderbird/45.3.0 MIME-Version: 1.0 In-Reply-To: <7b732876-8cc3-a638-7ff1-e664060d4907@freebsd.org> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Oct 2016 23:59:17 -0000 Please review.. https://reviews.freebsd.org/D8160 Direct fix for stable/10 as bug is not present in 11+ in this form. Julian On 4/10/2016 8:06 PM, Julian Elischer wrote: > In 11 and 12 the taskqueue code has been rewritten in this area but > under 10 this bug still occurs. > > On our appliances this bug stops the system from mounting the ZFS > root, so it is quite severe. > Basically while the thread is sleeping during the ZFS mount of root > (in the while loop), another thread can free the 'task' item it is > checking in that while loop and it can be reused or filled with > 'deadcode' etc., with the waiting code unaware of the change.. The > fix is to refetch the item at the end of the queue each time around > the loop. > I don't really want to do the bigger change of MFCing the change in > 11, as it is more extensive, though if someone else does, that's ok > by me. (If it's ABI compatible) > > Any comments or suggestions? > > here's the fix in diff form: A slightly better fix is at https://reviews.freebsd.org/D8160 > > > [robot@porridge /usr/src]$ p4 diff -du ... > --- > //depot/pbranches/jelischer/FreeBSD-PZ/10.3/sys/kern/subr_taskqueue.c > 2016-09-27 09:14:59.000000000 -0700 > +++ /usr/src/sys/kern/subr_taskqueue.c 2016-09-27 > 09:14:59.000000000 -0700 > @@ -441,9 +441,10 @@ > > TQ_LOCK(queue); > task = STAILQ_LAST(&queue->tq_queue, task, ta_link); > - if (task != NULL) > - while (task->ta_pending != 0) > - TQ_SLEEP(queue, task, &queue->tq_mutex, > PWAIT, "-", 0); > + while (task != NULL && task->ta_pending != 0) { > + TQ_SLEEP(queue, task, &queue->tq_mutex, PWAIT, "-", 0); > + task = STAILQ_LAST(&queue->tq_queue, task, ta_link); > + } > taskqueue_drain_running(queue); > KASSERT(STAILQ_EMPTY(&queue->tq_queue), > ("taskqueue queue is not empty after draining")); > From owner-freebsd-hackers@freebsd.org Thu Oct 6 16:20:54 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A080BBE9E47 for ; Thu, 6 Oct 2016 16:20:54 +0000 (UTC) (envelope-from outro.pessoa@gmail.com) Received: from mail-wm0-x236.google.com (mail-wm0-x236.google.com [IPv6:2a00:1450:400c:c09::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 281E7EED; Thu, 6 Oct 2016 16:20:54 +0000 (UTC) (envelope-from outro.pessoa@gmail.com) Received: by mail-wm0-x236.google.com with SMTP id f193so299901144wmg.0; Thu, 06 Oct 2016 09:20:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=mudMvKIxrbwvR58jB7gaSVmqeUJMrIE9OKLT+U3Vi0w=; b=ASpQo8lhfvQvOHRNSRVe7HbHgfteZS1FSnGkfRKFJ1xDrf58NpEXqIhuuq7xygq9ei 6aPCAj6sKTJqmW3FkyO06V7sUU1R6F7oFxhyHDKkPQqRp4CYCzwstLfMIL2h4T85h0/8 siysTVFD/ce7ibt/kZTRTeMWpBqD4FzRrRdejSGUU6Rd9GlHodGrgRkIHq/+m8FX7EWx svumOi1alErqb5PRoChd7fmC1VHlyRnrWMt+rPK2k9ZQuyOfYFMKPzo3TENpkjIWkLRQ kqKpauQLyVDOMLxjhuLORWcGDRWwdvx/RD/sOg2jvvnDD1PX4aVQnQelBVNN9xX552KN RLuw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=mudMvKIxrbwvR58jB7gaSVmqeUJMrIE9OKLT+U3Vi0w=; b=R3ojd3JH/4Y4I2BZVbSQgR2xe38I4s4pIhZADIwPzKZIuVeDm9LVejQ3egPLRTzVP6 HYDBCUYvctC5e4jxS/eCorSL5cOH4IDbDgmb+NKDBiisewOEAJunAKEySVlpvFBuGt+z eIaUuxjCLWPhEC0S84GZ69M3wEd3v6m/PuCHewrVxJl9DlUITI71yPRcuBqpBXukWPKQ sHoKU8WuH1XJ1aK8gGVyI0r80WYci60YXLiL5JpvkLYR4jGEEP1a/V7jTumZVCnRxs/Q fRBiAtSUcYpTQWY7OFNG6EEFaLHHDoUSpk1yEtgU9pkaOWykpesHlqw8hL6rT5Ycai2g Mwow== X-Gm-Message-State: AA6/9Rltz2to/fK7xrlF6NEDyJKoZlhz2ryuZM6vuZ10PlFokOFBmzOpTGjxfkVLBEMShROAh/25mwSxRWSJMQ== X-Received: by 10.194.56.69 with SMTP id y5mr13029344wjp.4.1475770852483; Thu, 06 Oct 2016 09:20:52 -0700 (PDT) MIME-Version: 1.0 Received: by 10.28.154.139 with HTTP; Thu, 6 Oct 2016 09:20:51 -0700 (PDT) In-Reply-To: References: From: outro pessoa Date: Thu, 6 Oct 2016 12:20:51 -0400 Message-ID: Subject: Re: Delivery Status Notification (Failure) To: Joe Nosay , freebsd-hackers@freebsd.org, theraven@freebsd.org Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Oct 2016 16:20:54 -0000 Here is someone that wants to work on a particular module for the FreeBSD kernel. Could someone aide and assist him seeing that my means are limited at the moment. Many Thanks. On Thu, Oct 6, 2016 at 12:15 PM, Joe Nosay wrote: > theraven@FreeBSD.org > No, it bounced for me. > wait. > > On Thu, Oct 6, 2016 at 12:12 PM, Mail Delivery Subsystem < > mailer-daemon@googlemail.com> wrote: > >> Delivery to the following recipient failed permanently: >> >> theraven@freebsd.org >> >> Technical details of permanent failure: >> Google tried to deliver your message, but it was rejected by the server >> for the recipient domain freebsd.org by mx1.freebsd.org. >> [2001:1900:2254:206a::19:1]. >> >> The error that the other server returned was: >> 554 5.7.1 : Sender address rejected: Access >> denied >> >> >> ----- Original message ----- >> >> DKIM-Signature: v=3D1; a=3Drsa-sha256; c=3Drelaxed/relaxed; >> d=3Dgmail.com; s=3D20120113; >> h=3Dmime-version:in-reply-to:references:from:date:message-id:s >> ubject:to; >> bh=3D89HwNuIKz/os+mOcQI5kXnDb0qtQ+ti+D8S0ZJ1WAtU=3D; >> b=3DeiWRIB4hgbnz7+O8AaVlV87+Bntcekg0UidtdTyxe/x3I41tySuTQ5iAqO >> 6TYDtwDl >> dE4cYCnAzCXRK4r2kh37z7hdulm28vLhUSLw5km3jM5V+VOWHTecjIWV/ >> fa/5kWIhFHE >> 4Qt2Wb6BAKY23QFWVMjkwZ1pZxPet6rU2gNC2GCt1bLLG21KGxnS0bI8Z8d >> hJI22dITi >> hxDZZ/A8MzB7f0GfqqBgQyzPSOJa7ely+L0abfBriwCPhV3/xH+ITGcBdUk >> kYo5CvALe >> bHYSiAN4t1fbGrIudoFuYQW2hcUv2bNA/eo3s6ns+ >> X4H1VaKECcMgFDtXSzGzpj9/CH/ >> 1aaw=3D=3D >> X-Google-DKIM-Signature: v=3D1; a=3Drsa-sha256; c=3Drelaxed/relaxed; >> d=3D1e100.net; s=3D20130820; >> h=3Dx-gm-message-state:mime-version:in-reply-to:references:fro >> m:date >> :message-id:subject:to; >> bh=3D89HwNuIKz/os+mOcQI5kXnDb0qtQ+ti+D8S0ZJ1WAtU=3D; >> b=3Dl+/2G+H55TFAaUAxONRteN2ywUG1Qg9BbbKq5x3t/ejfRBHAs3bM1dGI6f >> bJ0n/FOK >> fT5oVKMTlhwcmN2W9nfwZSdz8LqYZrbd+uzpzlBubDfU3mVqesNN31RuGgo4qIz >> zrmUg >> jk9TMcJ0ClIysuPYS6P1PiopjQmg915gA3dh10w5s6GEEV8WpFwu4USCm9J >> Vrj6IqKgi >> 2vV40lKqYgcWzHakGEo82c6p6icBnP8Qr0rQEwHYIkdhOT9KRawB5w/ >> 1sq38HbCC/+7/ >> OWZKBl84FCoJVbAJbKFLCVCUD/pU1EbbTC5B/VVNN/HvjY/WPK9IIfgM2iD >> JqtRMuGCW >> USJQ=3D=3D >> X-Gm-Message-State: AA6/9RmSDgDMjM+H4QZPqm/7Dcbb+W >> 9FAsUo9PN9AFahxUR2IFAZR5IWpdt0WRq7HHBsmOzfBFR3hWk0SNKjRg=3D=3D >> X-Received: by 10.176.83.218 with SMTP id l26mr11265652uaa.39.1475770377 >> 286; >> Thu, 06 Oct 2016 09:12:57 -0700 (PDT) >> MIME-Version: 1.0 >> Received: by 10.103.137.129 with HTTP; Thu, 6 Oct 2016 09:12:56 -0700 >> (PDT) >> In-Reply-To: >> References: <2BFD2D1D-7300-4B8D-A165-09220B779E51@juniper.net> >> >> >> >> <3438C473-83DD-4F1A-8BB2-66E7A58A1683@juniper.net> < >> CA+WntOutLO0Et1-oDyCS-1_3JU2R5jnWecNvZZS_ozjdaDvFqA@mail.gmail.com> >> >> From: Joe Nosay >> Date: Thu, 6 Oct 2016 12:12:56 -0400 >> Message-ID: > ail.com> >> Subject: Fwd: Suspend to disk/ S4/ Hibernate >> To: theraven@freebsd.org >> Content-Type: multipart/alternative; boundary=3Df403045dd5601bbae2053 >> e34912e >> >> ---------- Forwarded message ---------- >> From: Cory Pruce >> Date: Thu, Oct 6, 2016 at 12:11 PM >> Subject: Re: Suspend to disk/ S4/ Hibernate >> To: Joe Nosay >> >> >> Yeah I spoke to def@ who said that it wasn=E2=80=99t implemented but a t= eam at >> UIUC >> might be working on it. Can you get in contact with theraven@? >> >> >> >> *From: *Joe Nosay >> *Date: *Thursday, October 6, 2016 at 9:07 AM >> *To: *Cory Pruce >> >> *Subject: *Re: Suspend to disk/ S4/ Hibernate >> >> >> >> https://wiki.freebsd.org/SummerOfCode2015/MemoryCompressionDeduplication >> >> A start for you. >> >> >> >> On Thu, Oct 6, 2016 at 11:44 AM, Cory Pruce wrote: >> >> I am actually looking more towards memory compression for pages now. Do >> you >> know of anyone working on this already? >> >> >> >> *From: *Joe Nosay >> *Date: *Thursday, October 6, 2016 at 8:34 AM >> >> >> *To: *Cory Pruce >> *Cc: *"hackers@freebsd.org" >> *Subject: *Re: Suspend to disk/ S4/ Hibernate >> >> >> >> It will bounce for me and not for you. >> >> That way the people know what I am doing publicly if you quote my words. >> >> From here: http://lxr.free-electrons.com/source/kernel/power/hibernate.c >> >> I will try to work with you on what little I may know, it is something. >> >> I will also need to see the FreeBSD kernel module that you are using. >> >> I am on a public computer and will follow you with pencil and paper. Thi= s >> way a solution will be worked out, okay. >> >> Thanks >> >> >> >> On Tue, Oct 4, 2016 at 1:49 PM, Cory Pruce wrote: >> >> Yup, it is a comparative analysis. Hibernate.c is in the linux-4.5 sourc= e >> (kernel/power/hibernate.c). >> >> >> >> Do you mean the email will bounce? >> >> >> >> *From: *Joe Nosay >> *Date: *Tuesday, October 4, 2016 at 10:42 AM >> *To: *Cory Pruce >> *Cc: *"hackers@freebsd.org" >> *Subject: *Re: Suspend to disk/ S4/ Hibernate >> >> >> >> This will bounce for one. >> >> >> ----- Message truncated ----- >> >> > From owner-freebsd-hackers@freebsd.org Thu Oct 6 16:59:59 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 64846AF6D63; Thu, 6 Oct 2016 16:59:59 +0000 (UTC) (envelope-from mokhi64@gmail.com) Received: from mail-wm0-x231.google.com (mail-wm0-x231.google.com [IPv6:2a00:1450:400c:c09::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 00074EEA; Thu, 6 Oct 2016 16:59:58 +0000 (UTC) (envelope-from mokhi64@gmail.com) Received: by mail-wm0-x231.google.com with SMTP id i130so17107086wmg.1; Thu, 06 Oct 2016 09:59:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:from:date:message-id:subject:to; bh=9bK84vYO3YSPpFpJe0K0/4kDhzeDLLQYL6uZFSgft5s=; b=bAb9+3B5Z1YIcr5lVn/JiQ4IJDqKAwhRNrzqrTWVqe5PXWwOtdRxArLRNbHrpXpcdW X5Ag149VR8Jxd4jQXS4G6L36S96/EyMj453yakQnKpZi91fBQU2vPVP2N6F55Rq80hof 5GOvxqa4hE4WtoYtuEIUSK8AhV+AyaTR0APOC2ii9pnp69FQnkhgxQXQ51s7tstEntru dqSbjyEpis6ndBOQ67PyENvPst7fwespqNLe/be3omHzb4KTKAKpa4LXcgeUnyHe9Uaj nUoEmdrLcow/nkLX1xGpgg74JlHnyVogeeaxRBIAEHdDuBx7WJaSfMg/+MT6Et9PIxMS mWiA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=9bK84vYO3YSPpFpJe0K0/4kDhzeDLLQYL6uZFSgft5s=; b=Ngr945BvzvayA5cOnEEYR10x0gOArrsxYi333yxC8gU323KWYcvY7vlHgjyDCjlBAL WGpWNqlyh2ASz+iRxHP2qrmDDzAdZ2DD7Q61P3g/p189tiKKpMQJEiHnjvQxDWkJrMwI FC3TH34d+NY+NCuNI+Glj/tRHs7Dly5YP2VANkbEK82UMa3tfPF8poptZbuJUDpN8wWD vZhGCDjxdWVY47MyQM0O/xIhtCJ12i5HtqLuZOYvfVX4d6pUhLifQ7mP1eyZBR+tJAkT H7iWzFO5JBu93RVk0WTHJi5Acas3Zjy/oON6lYofnZth7X+e8eKPxOZNWjdhAJkRw0jc qi8Q== X-Gm-Message-State: AA6/9Rl8gZoBOYdfTfW9lMgO9kmT00fmyqKw6nHPpk/vKa/Axew4vN+QrHo/6yAB9KJBDDxo7892J0nDCNanDQ== X-Received: by 10.28.220.212 with SMTP id t203mr16312156wmg.102.1475773197251; Thu, 06 Oct 2016 09:59:57 -0700 (PDT) MIME-Version: 1.0 Received: by 10.28.166.204 with HTTP; Thu, 6 Oct 2016 09:59:56 -0700 (PDT) From: mokhi Date: Thu, 6 Oct 2016 20:29:56 +0330 Message-ID: Subject: Using Audit Framework and praudit To: freebsd-hackers@freebsd.org, hackers@freebsd.org Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Oct 2016 16:59:59 -0000 Hi guys. For using "The audit framework", should I rebuild my kernel to use "praudit" to log exec or syscall events ? I used the way that handbook says to use praudit, but it only shows me logs on authentications with "su" and stop/starting "auditd" service, and there's no any other logs. Any ideas what other things should i do ? Best wishes, Mokhi. From owner-freebsd-hackers@freebsd.org Thu Oct 6 19:19:48 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EA7A8BECBB5 for ; Thu, 6 Oct 2016 19:19:48 +0000 (UTC) (envelope-from mpp302@gmail.com) Received: from mail-lf0-f43.google.com (mail-lf0-f43.google.com [209.85.215.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 7C62AB7E for ; Thu, 6 Oct 2016 19:19:48 +0000 (UTC) (envelope-from mpp302@gmail.com) Received: by mail-lf0-f43.google.com with SMTP id l131so24906579lfl.2 for ; Thu, 06 Oct 2016 12:19:48 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=Ez+0XQK9FbZuLe0bt7mWug/3GC+uOa7+PfiMS/BU1Bw=; b=Wdc8u+JFqhS6jA/kaYh+iKYMv7ZPh5hVzXoP1FD102lclyh8kwrjBzgV8TtGpJrxW1 h7G/Fs66pW3Zc3QakY9BMjgRFT3l5HODdizT78koQDHGVHA0PZ2sW740hwXQSz0s24sg HVpTLgmSRXzY4V28tfETtXHPverg1ilvYMF0Q7mf2yeHAFuFUcnsNGvrQgnXhPOmYBW+ r1irdPjBIldrNQuTSAl55UnnrdmfoTONaxNzL+dC7FBiiagmEkSZr7H42L3mLQfwWuBD 2oITZ5xucEVS8psrk/D8Xf4f19CWoSllHfpHkFqfrpumuFvKy66aW+nivR2FkSmkGtJV 7asA== X-Gm-Message-State: AA6/9Rl4766dVAAJFD8sCuXoraiszJc3a7enwXT6LR1lMgDSYBsrlCEs+Kr3BfI6xPM1YA== X-Received: by 10.25.72.14 with SMTP id v14mr7180035lfa.12.1475781284191; Thu, 06 Oct 2016 12:14:44 -0700 (PDT) Received: from [192.168.0.15] (87-207-152-10.dynamic.chello.pl. [87.207.152.10]) by smtp.gmail.com with ESMTPSA id f9sm2900082lji.19.2016.10.06.12.14.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 06 Oct 2016 12:14:42 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 10.0 \(3226\)) Subject: Re: Using Audit Framework and praudit From: Mateusz Piotrowski <0mp@FreeBSD.org> In-Reply-To: Date: Thu, 6 Oct 2016 21:14:41 +0200 Cc: mokhi Content-Transfer-Encoding: 7bit Message-Id: References: To: freebsd-hackers@freebsd.org X-Mailer: Apple Mail (2.3226) X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Oct 2016 19:19:49 -0000 Hi, On 6 Oct 2016, at 18:59, mokhi wrote: > For using "The audit framework", should I rebuild my kernel to use > "praudit" to log exec or syscall events ? > I used the way that handbook says to use praudit, but it only shows me > logs on authentications with "su" and stop/starting "auditd" service, > and there's no any other logs. I guess that there's no need to recompile anything since your praudit seems to be working as expected. > Any ideas what other things should i do ? Are you sure you've modified /etc/security/audit_control? It's the file where you can configure what events the system should log. See audit_control(5) and the handbook[1] for more details. Cheers, -m [1]: https://www.freebsd.org/doc/handbook/audit-config.html From owner-freebsd-hackers@freebsd.org Fri Oct 7 09:27:00 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 187C4C00434 for ; Fri, 7 Oct 2016 09:27:00 +0000 (UTC) (envelope-from mokhi64@gmail.com) Received: from mail-wm0-x233.google.com (mail-wm0-x233.google.com [IPv6:2a00:1450:400c:c09::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B2ED59FC; Fri, 7 Oct 2016 09:26:59 +0000 (UTC) (envelope-from mokhi64@gmail.com) Received: by mail-wm0-x233.google.com with SMTP id k125so20963807wma.1; Fri, 07 Oct 2016 02:26:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=f8G8ZKclOsWjBW4CIMCtDR2lfJT5MVpDhFHTI00K+SA=; b=T0vh+YdUdO9tq/fjgKDnfSbOA/GQmoCNg9K5EF9XY9RJ/LRB+U8XOLLM0roYJrdN1i +bGSR8s06ONTGAVqhghve1MxeR5o2YswxEbbRL8gqwY3p4SJzzh541J/S/CYihGb+93c tFEcYiaCutLk0ib1PhZGZPgvfMpUqwwhxKV/D172dStDSnSvvskSG5RWGEoL3GbPkWoL SWGUuVTbQvWcYxw4POZKKri/8HVi+8fxE3a4uzOlXOza6rAB3yZ/pag6qrtX32Qj8Eb6 S1P2ZaHNNO0ZoVRlbrlbQW0Q3jVkOTQ5iYSfvUWoI3qhhR8CsRvPZ3ft4LJTa/DwQtUC LxGg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=f8G8ZKclOsWjBW4CIMCtDR2lfJT5MVpDhFHTI00K+SA=; b=LkVoWrnsmICxtcEN1fnfmiGC1fAmjBi/8PpqA8rhtZOwIZi6ORbYyc12KmiXd8RO2i Wq0G487UoPjEhTR6xCRmOt2Ims2OtHX9aQua9O+uDtQmYe2XUHNFEb4xSg+GPKKuvh4M CadVRURX9d0uvUSPnfuraVfXDPQtjsn75una+BDGtYz+4DEUVOSQ2KFKH9TwJPojDcpA JAvGrOwFvUxKcFUnoTT1T47LUN3O2ATwp0zYSDdsxZPxkUUljzeqKSknlNpEsVrxsfjI zLKrBtNVCGfc7qBxMciedkCs+rB+dqNKWHoU5YuNuGXZlQ0WuY9Np8zRvr/N7ZCqd/a4 aipg== X-Gm-Message-State: AA6/9Rm26o4ePCloUreVJe92BZqglrkD+uuCngWU8mv9bE72tC3V0aFEqWbF6soMJzujBX3J2MSeFaf0ZJMacg== X-Received: by 10.28.220.212 with SMTP id t203mr19632736wmg.102.1475832417976; Fri, 07 Oct 2016 02:26:57 -0700 (PDT) MIME-Version: 1.0 Received: by 10.28.166.204 with HTTP; Fri, 7 Oct 2016 02:26:57 -0700 (PDT) In-Reply-To: References: From: mokhi Date: Fri, 7 Oct 2016 12:56:57 +0330 Message-ID: Subject: Re: Using Audit Framework and praudit To: Mateusz Piotrowski <0mp@freebsd.org> Cc: freebsd-hackers@freebsd.org Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Oct 2016 09:27:00 -0000 Hi, Thanks for the answer. I saw audit_control(5) and the handbook entry for audit. My `/etc/security/audit_control` and `/etc/security/audit_user` is pasted on [1] and [2] I guess my changes (flags:all) should make it auditing all events on success and fails. Would you please explain me my misunderstanding if there's any? Best wishes, Mokhi. ============================ [1] https://0x.co/7PE6HC [2] https://0x.co/AZ7ZTH From owner-freebsd-hackers@freebsd.org Fri Oct 7 14:05:31 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0B907C041E6 for ; Fri, 7 Oct 2016 14:05:31 +0000 (UTC) (envelope-from mokhi64@gmail.com) Received: from mail-wm0-x22e.google.com (mail-wm0-x22e.google.com [IPv6:2a00:1450:400c:c09::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A0BC06E2; Fri, 7 Oct 2016 14:05:30 +0000 (UTC) (envelope-from mokhi64@gmail.com) Received: by mail-wm0-x22e.google.com with SMTP id b201so41120434wmb.0; Fri, 07 Oct 2016 07:05:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=T4R+hA2q+nTxSVbZZ98ZeLU4P+PNnZrOaApv4+KWRlE=; b=RMt+YMDN0Wbir+dH5yIHzfS37EhZh0b8WfVTwYbm2Z3I/FZvyPXhAWFIGXk07no2F6 AF/1rcWVAp2flgIlA5ZPwO6yKDlej2xhCSHsPyZFEgggeJvRb/1uMoc2qTefpqDNzEo5 XTvWTF9IyKOWzV71qDWtE36EaqUtYBSv1F6JJIMqP6jgZn80mhJk7BAxCHtp7cp714RN DKUapaivE6pQ+jbFdhsGJP7gqj0CsC3vtZZ9ESPoyWPGSi/dVGlW5cgQb12xWUbaBTVQ rD9j6oy9BJKVHvveNMVFVVUZhZlPZiBXrf6tppshoKlTKauwIvCX+maHsppVgVWbdByk GKuw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=T4R+hA2q+nTxSVbZZ98ZeLU4P+PNnZrOaApv4+KWRlE=; b=kFzCj0JJK4ncKW1VcU+T/IwMJPujWlvPbk12MDXA8mP+rQ7VWr1DomswdFxOvpC3+1 nQYvxu76pieTKCuxIkjQ3FKNoflTeSfs687MDv+e3gSEGq93RETQvwvuepHEd0YRWOeM 1pO+tG/SsQarUfL0uyn/fqv+ua9iES9TefABgxyap7mQkCbDPuGeL9Xf4cUsX2MVBbN4 IuE8gLpVV5oMavKLg0wTY9FG+/2qv/yj47OhTer3dpwoUwfs4Vk00U4jPmoQINyXbgAg QOXfM18dzuvYZFrurfiLyajnaoItEVnXJkf/bQLHGIkFQaIu2Yebny6n7Kl4Fhg1iSMh UcGg== X-Gm-Message-State: AA6/9RmVvlRV+J5zlAMbRzrsZCuKV+wHxYxqs1S+5C1duvcUcoqMFK9ER0tvlGU6F3YAUGTPbhCw3mRRE0izqQ== X-Received: by 10.28.105.200 with SMTP id z69mr21284786wmh.117.1475849128889; Fri, 07 Oct 2016 07:05:28 -0700 (PDT) MIME-Version: 1.0 Received: by 10.28.166.204 with HTTP; Fri, 7 Oct 2016 07:05:28 -0700 (PDT) In-Reply-To: <543F6C07-9472-4B3C-8697-CD5AE1F17725@FreeBSD.org> References: <543F6C07-9472-4B3C-8697-CD5AE1F17725@FreeBSD.org> From: mokhi Date: Fri, 7 Oct 2016 17:35:28 +0330 Message-ID: Subject: Re: Using Audit Framework and praudit To: Mateusz Piotrowski <0mp@freebsd.org> Cc: freebsd-hackers@freebsd.org Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Oct 2016 14:05:31 -0000 My `/etc/security/audit_control` is similar to what you've suggested. But i can not see nothing when i do `praudit /dev/auditpipe` except when i do `su` on another terminal tab. Any ideas? Best wishes, Mokhi. From owner-freebsd-hackers@freebsd.org Fri Oct 7 14:25:01 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 65456C04868 for ; Fri, 7 Oct 2016 14:25:01 +0000 (UTC) (envelope-from mpp302@gmail.com) Received: from mail-lf0-f51.google.com (mail-lf0-f51.google.com [209.85.215.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E97AFF85 for ; Fri, 7 Oct 2016 14:25:00 +0000 (UTC) (envelope-from mpp302@gmail.com) Received: by mail-lf0-f51.google.com with SMTP id x79so42671206lff.0 for ; Fri, 07 Oct 2016 07:25:00 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=FbB3IO+IWsYbPKTrSWJ/SNFln0Sa2WG+PYpUdMIGMk4=; b=U8dTOeL25rlOul74pCFszgOBi5VQzEShMq95Go/XB6FSktCIa101NJl/1lzEh0iwiO rCuMWLMMmJvXMVm7nrH+YVQrwbWOv0YJMCaL5KaTaNpC1JBy47vAtUUnuaiw+s3EfMLh Hdaj5fncGL4Llqjo1tKOJKFm5q6palaINEi3TkzeVObw67RCIu5SegFgkJqrQQCssJSA NWVUWozZKe9mLeAzoFDGAlhEDvSEuBaPKL8WMJLeUFd9lAvCo7adika2LVQLaidDwtPZ SVAcaesvh978cC3Y66T5iU9x7glkRQ+8WJsvqek7SN5yD96bEN0VSIy1VfL4jijHE49j K5RA== X-Gm-Message-State: AA6/9RnxxhGxHBQGy/CHiqfVIKrnfDavTqzEDP1vKnIq9oJ3dTraR00ae60zWuSwnHbXLA== X-Received: by 10.46.71.85 with SMTP id u82mr8359526lja.19.1475850293237; Fri, 07 Oct 2016 07:24:53 -0700 (PDT) Received: from [192.168.0.15] (87-207-152-10.dynamic.chello.pl. [87.207.152.10]) by smtp.gmail.com with ESMTPSA id 75sm3606850lja.34.2016.10.07.07.24.51 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 07 Oct 2016 07:24:52 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 10.0 \(3226\)) Subject: Re: Using Audit Framework and praudit From: Mateusz Piotrowski <0mp@FreeBSD.org> In-Reply-To: Date: Fri, 7 Oct 2016 16:24:51 +0200 Cc: mokhi Content-Transfer-Encoding: 7bit Message-Id: <643DC08B-27A5-49E9-9474-08F0D57FE200@FreeBSD.org> References: <543F6C07-9472-4B3C-8697-CD5AE1F17725@FreeBSD.org> To: freebsd-hackers@freebsd.org X-Mailer: Apple Mail (2.3226) X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Oct 2016 14:25:01 -0000 On 7 Oct 2016, at 16:05, mokhi wrote: > My `/etc/security/audit_control` is similar to what you've suggested. > But i can not see nothing when i do `praudit /dev/auditpipe` except > when i do `su` on another terminal tab. Have you tried to restart auditd with `service auditd restart` or rebooting? If you have then I've got no idea what's wrong with your configuration. From owner-freebsd-hackers@freebsd.org Fri Oct 7 14:32:56 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D77CAC04B84 for ; Fri, 7 Oct 2016 14:32:56 +0000 (UTC) (envelope-from mokhi64@gmail.com) Received: from mail-lf0-x22c.google.com (mail-lf0-x22c.google.com [IPv6:2a00:1450:4010:c07::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 5C03564F; Fri, 7 Oct 2016 14:32:56 +0000 (UTC) (envelope-from mokhi64@gmail.com) Received: by mail-lf0-x22c.google.com with SMTP id x79so42888675lff.0; Fri, 07 Oct 2016 07:32:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=cTc2UAz9W1QNiatgKCCTvcvYmVmc+0UhVy3B3DB0XjU=; b=PTfPvSrrYD8P7YrAgYBBbZn+r9PrBVnXirO1fqeSKbJdOE//FQdqg0HxSeUVjBh0/1 UzEtn/1EOdpSyJPqmfNrEhD7+H+A7MyaWy3GjMZciYtSh5W9MFjR1u/Y1mHHBIj9s4oH 4c5xrscdESE5+LqmH0dkHZOZdcrWV2K13ApP4tBFS9DdKBa+MKRkt0R9SRNW3EQ9Y7PJ gdEI9wGbsH0xXY7u5VNCAwM+1xsrW7iE9Vaf2+HLEBHoztnO8eM0+oR8c1nuvfd040Oe FYl8BX3IQfWHLJvi93s/wzxD3AH5vAKvrHzzEdQR1ka0StYoCaUuVI8WYzauEq36hMIQ CQcg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=cTc2UAz9W1QNiatgKCCTvcvYmVmc+0UhVy3B3DB0XjU=; b=fdE614IqQCtCK/zqs3fAFDnrPi+oIxt+qKeliP5+Zn0F5BXMqv0ikYE91hClnLw7I8 zurBGhyx+prijJ1RdjJSejnMP2SsrEcdrtfPxb7kIA1Z//sw+WLHgt0MaWq/D1gwLHfM Ub1XDeb81nOZTl469Xm/IX9N7SQnRAeQKP3M7926xh1nMZISzMZ7Vg3dyZebyJCazCsR CiZpFVMKEPITI0H62K0D5RlLoreIzo9ohtLLAWcZBXZalAAgrRsF8hBxy5DQ4Xe3h+sQ 52jwBopG7Jd+Bs/VcFh65NLhsdol23USysBGTzNAPF7Exg4V5CGuK3kM+0Fy9QgQkbHR IYRA== X-Gm-Message-State: AA6/9Rn5kG3tnILBZxvAFEyQDKtCYBdtT2NCPFGgpDQt+HpcRYQVSQTsrvoJ6ukWkChE/qKOBxHo40ddPwDguw== X-Received: by 10.194.240.71 with SMTP id vy7mr16919613wjc.90.1475850774270; Fri, 07 Oct 2016 07:32:54 -0700 (PDT) MIME-Version: 1.0 Received: by 10.28.166.204 with HTTP; Fri, 7 Oct 2016 07:32:53 -0700 (PDT) In-Reply-To: <643DC08B-27A5-49E9-9474-08F0D57FE200@FreeBSD.org> References: <543F6C07-9472-4B3C-8697-CD5AE1F17725@FreeBSD.org> <643DC08B-27A5-49E9-9474-08F0D57FE200@FreeBSD.org> From: mokhi Date: Fri, 7 Oct 2016 18:02:53 +0330 Message-ID: Subject: Re: Using Audit Framework and praudit To: Mateusz Piotrowski <0mp@freebsd.org> Cc: freebsd-hackers@freebsd.org Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Oct 2016 14:32:56 -0000 I tried `service auditd restart`. But nothing changed. :( I'm using FreeBSD10.3 if it helps. From owner-freebsd-hackers@freebsd.org Fri Oct 7 14:49:21 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5E271C04F58 for ; Fri, 7 Oct 2016 14:49:21 +0000 (UTC) (envelope-from mpp302@gmail.com) Received: from mail-lf0-f48.google.com (mail-lf0-f48.google.com [209.85.215.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E3506D24 for ; Fri, 7 Oct 2016 14:49:20 +0000 (UTC) (envelope-from mpp302@gmail.com) Received: by mail-lf0-f48.google.com with SMTP id l131so43041324lfl.2 for ; Fri, 07 Oct 2016 07:49:19 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=4tCn6KoQA0yK/SM9obP/OzxW8aQvUrl6CEGlKbDMdWw=; b=lNjythslwhNwXCCeLIS4RzQ+q4/6SQc+R0Pel50z8vwIxLzaS9iB+Zr0cL6aju6Vwj DbIqbjB2lehoVaieRFaV7y4JU2nzhmxZoR5OYHIjwHLX/88EWnV7/Ko/KgA2OQbBRD4O I7qKu0dVck4vh/gzhSjrlQBtSPgo67mlKNCp/F1vw37VJ2ukoVXSmvXVs/ZtvwkFNlbz oomKULPXW8HyO1SM27jhVLOhcoIMZW0laHs5iGaQDSxCZEWa9ecpOnImsl+8yTv3gA8S n5TLVW8K/bCJdhekJhGu9zAM7kpHK3T9Qnq2pgn2hEAqY3V4tXQPTWPM3KFVvejznss7 2xRQ== X-Gm-Message-State: AA6/9Rmp+QyADEubYhDn8+0++5Mgv6feH2iYANbjzRqVntZWYhVjHIn2gmdvictiaRTpMA== X-Received: by 10.25.206.138 with SMTP id e132mr8563060lfg.39.1475845698652; Fri, 07 Oct 2016 06:08:18 -0700 (PDT) Received: from [192.168.0.15] (87-207-152-10.dynamic.chello.pl. [87.207.152.10]) by smtp.gmail.com with ESMTPSA id u18sm3537868lja.11.2016.10.07.06.08.17 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 07 Oct 2016 06:08:17 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 10.0 \(3226\)) Subject: Re: Using Audit Framework and praudit From: Mateusz Piotrowski <0mp@FreeBSD.org> In-Reply-To: Date: Fri, 7 Oct 2016 15:08:15 +0200 Cc: mokhi Content-Transfer-Encoding: 7bit Message-Id: <543F6C07-9472-4B3C-8697-CD5AE1F17725@FreeBSD.org> References: To: freebsd-hackers@freebsd.org X-Mailer: Apple Mail (2.3226) X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Oct 2016 14:49:21 -0000 Hi, On 7 Oct 2016, at 11:26, mokhi wrote: > I saw audit_control(5) and the handbook entry for audit. > > My `/etc/security/audit_control` and `/etc/security/audit_user` is > pasted on [1] and [2] > I guess my changes (flags:all) should make it auditing all events on > success and fails. > Would you please explain me my misunderstanding if there's any? > > [1] https://0x.co/7PE6HC > [2] https://0x.co/AZ7ZTH Sorry, I misunderstood your question - I thought you were asking about /dev/auditpipe. To be clear: - praudit is just a tool to print the audit trail files in a human readable format. It has nothing to do with the events you log. - /dev/auditpipe allows you monitor what is being logged in real-time. You may use it like this: `praudit /dev/auditpipe`. - auditd is an audit log management daemon. If you change configuration files in /etc/security then you should restart the daemon. If you modify /etc/security/audit_user specifically, you have to log in and log out (see audit_user(5)). This is how to change /etc/security/audit_control to audit everything you can: dir:/var/audit dist:off flags:all minfree:5 naflags:all policy:cnt,argv,arge,seq, filesz:2M expire-after:10M Then if I start auditd and begin monitoring what's being audited with praudit /dev/auditpipe, I get a constant stream of audit events which really slows my system. Does it help you? Cheers, -m From owner-freebsd-hackers@freebsd.org Fri Oct 7 15:47:27 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B26C3C043F2 for ; Fri, 7 Oct 2016 15:47:27 +0000 (UTC) (envelope-from mason@blisses.org) Received: from phlegethon.blisses.org (phlegethon.blisses.org [50.56.97.101]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9979CDF8 for ; Fri, 7 Oct 2016 15:47:27 +0000 (UTC) (envelope-from mason@blisses.org) Received: from blisses.org (cocytus.blisses.org [23.25.209.73]) by phlegethon.blisses.org (Postfix) with ESMTPSA id 1A862194EB5 for ; Fri, 7 Oct 2016 11:39:46 -0400 (EDT) Date: Fri, 7 Oct 2016 11:39:44 -0400 From: Mason Loring Bliss To: freebsd-hackers@freebsd.org Subject: Are those happy tears? Message-ID: <20161007153944.GT12690@blisses.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="Qa0ccP92Gc0Ko3P8" Content-Disposition: inline User-Agent: Mutt/1.5.23 (2014-03-12) X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Oct 2016 15:47:27 -0000 --Qa0ccP92Gc0Ko3P8 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable The full scene: David: [David tries talking to Monica with Teddy in his lap] Where are we going? Someplace nice? Are those happy tears? What's for dinner tonigh= t? Monica: You know you don't eat. David: Yes. But I like sitting at the table.=20 Anyway, I'd largely given up on my ThinkPad T420 running anything useful th= at included ZFS, between ZoL not having TRIM support yet and FreeBSD not sleeping and having random other issues, so I opted to start running my MacBook as my primary notebook and to install FreeBSD 11RC3 onto my ThinkPa= d, with an intent of filing bug reports to help explore out why it wouldn't restore the monitor from ACPI sleep. I just wanted to report that it appears that something changed between 11RC1 and 11RC3, as the laptop now sleeps and resumes properly. I'm psyched, because I'd bought the thing a year or more ago to run FreeBSD, and it hasn= 't actually managed to do so in a usable way prior to today. Thanks! :) --=20 Mason Loring Bliss (( "In the drowsy dark cave of the mind dreams mason@blisses.org )) build their nest with fragments dropped http://blisses.org/ (( from day's caravan." - Rabindranath Tagore --Qa0ccP92Gc0Ko3P8 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCgAGBQJX98HAAAoJEJ6yV3B27yVVeZQP/3trnrH7ySqNBBJiQVOn1WWh UXStrP7GO+rLyoUlD2fe5F1COFlvX3dJgdIlfxWhQ4exHiAepBN1AxueTu1cFaKO oPHpqNzNMRO0mFOv6hU8GJd7W0ZavJPS1G2oG8NowWs9HPRH9JtcX2EKmJym6OTq fat/kDuA41/H3sasVNOYk78HMhL3VE0vPEmLiq8Jc9oKNQ8Qjxxjma9FZKCDPrHN h6HZy/lMOIGbf+0sXNIfc/rRmph0T7pI14FGeM+IHXoWKhpoEwvLVOBW0pQ6kV5O YStYrG5L3Gz3QsKvwuXLksOjdYb2XAlPvSxwVjjwaiFFwXmcN3pOhiOG16hlKc2+ xl2Aes15ZGGId1EBAp//aKgQwbbSNTklnIwOLnwJEgWjj4Gywnt/VtmuswwdVYnN Mkb5Kp3hutG7h+Wgkas1CQAB0kyJSvKZe6TF5hFarArkkkq/+tJ7x4kmZy64Zig+ 2h5GjZnoFz9cWoARTk5GAqAc3WtxHWnskGVtUFHIpFA7LP+46P9cd8tMZR9MPLaa J1LqkxEaRB7SkpLPehi5aI13xSa4ZGScwP5YO9mX3Lq4a6uBxTc9s29h8W1SKgX6 TONpDsG9lau7hruqQWxuqdMMuEGtECqg2TF8KmkuMzCcBq34W/3vqKXMAF19agRO EpWjYfNFbFo8Ixmw9bFT =mk44 -----END PGP SIGNATURE----- --Qa0ccP92Gc0Ko3P8-- From owner-freebsd-hackers@freebsd.org Fri Oct 7 15:55:22 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4AC8CC04802 for ; Fri, 7 Oct 2016 15:55:22 +0000 (UTC) (envelope-from mokhi64@gmail.com) Received: from mail-wm0-x232.google.com (mail-wm0-x232.google.com [IPv6:2a00:1450:400c:c09::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E3804651; Fri, 7 Oct 2016 15:55:21 +0000 (UTC) (envelope-from mokhi64@gmail.com) Received: by mail-wm0-x232.google.com with SMTP id k125so40486496wma.1; Fri, 07 Oct 2016 08:55:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=AJLVHCQpE1uGZBh7/In75BiIo4zjteolSG2wqYrFtpU=; b=xGmpNlUNP42JvpuC6/mIvZCEiPAobq3ceOodEKzc7EcZ6rSzs7L+zJZAMN5j1N0k0c 1heQt2xkJCK8A/8aC0OcTdtKQ/hURbZj20zyA1t/IU/GowXDTbIG8hX5/fVpTd/f3NbP 5VF26LazEjAKqqobO84fwvsMtpfO2pnN6WouVDBCFtZyKarQ4zf2/gA4lt/YCGsxkD+p IzJwgTzUIXHpWC4gifIv7iJNGGch15UmLMUqSHzbeWI4n5frARZvIAkx8NYgC/vLK4Ex vd4xG8jqpzuU5DSJMsM4Im8i1jAS2jLZaxO2eBmXX/EdbK8fJxHUhAOE5OLf5gmHvS9J wfsg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=AJLVHCQpE1uGZBh7/In75BiIo4zjteolSG2wqYrFtpU=; b=KgZr4mOm6x6WoGlWAhZWNiBxCr0FnVkLM+3yYtVvUBWE8eWMcouOf0FnCsoM1FbrX7 mAHfStEULqgUB+kbAzK/WjF6IQhMi3W0S8NQx3IcQ/BpBsbisJv5Q4UHvCW1ZVIgW1J5 P25u3noYuKn2EY8S6qHD3WNGrnQql2nXlBKz3J8OxAvJSHLC7LaKoPWU+3au+p8Govdz nLYaWbHK5+gVtsZbjTMqnDpE9ZmeKr7cE+lKCPpyTmFMWFb8Ytke30E462V0e9zTfU7e pC393JfK+WSpz/7RJbwaW9nmJkuZ+sDrIcZK27NRzFYPhrw+6t/k1SkjCUkiABz/PPZG 5IEA== X-Gm-Message-State: AA6/9Rln9YkHBHjpcXfpxGOv586CQQEc2m3ZuFGqtA/Kc0u42Zvbtxseh4G5BPlzgYKc9uLu0QWb89pdOQweIA== X-Received: by 10.28.146.70 with SMTP id u67mr19701292wmd.102.1475855720202; Fri, 07 Oct 2016 08:55:20 -0700 (PDT) MIME-Version: 1.0 Received: by 10.28.166.204 with HTTP; Fri, 7 Oct 2016 08:55:19 -0700 (PDT) In-Reply-To: References: <543F6C07-9472-4B3C-8697-CD5AE1F17725@FreeBSD.org> <643DC08B-27A5-49E9-9474-08F0D57FE200@FreeBSD.org> From: mokhi Date: Fri, 7 Oct 2016 19:25:19 +0330 Message-ID: Subject: Re: Using Audit Framework and praudit To: Mateusz Piotrowski <0mp@freebsd.org> Cc: freebsd-hackers@freebsd.org Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Oct 2016 15:55:22 -0000 I just rebooted my system. No changes on behavior of `praudit /dev/auditpipe` (still just writes `su` events) Still do you think there's no need to rebuild kernel? Best wishes, Mokhi. From owner-freebsd-hackers@freebsd.org Fri Oct 7 16:12:38 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 97F6DC04E4D for ; Fri, 7 Oct 2016 16:12:38 +0000 (UTC) (envelope-from mokhi64@gmail.com) Received: from mail-wm0-x22a.google.com (mail-wm0-x22a.google.com [IPv6:2a00:1450:400c:c09::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 26D67DA; Fri, 7 Oct 2016 16:12:38 +0000 (UTC) (envelope-from mokhi64@gmail.com) Received: by mail-wm0-x22a.google.com with SMTP id b201so49149727wmb.0; Fri, 07 Oct 2016 09:12:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=fKHKCnFcSvl3XEabh91hR2JBNrC++gAVwvhzrDRWFqQ=; b=gAhFZFFu8Yg2hTEJ+19qjw8qfkMecV1I6/WVKYZeoF6VkIWZ6xRrgVjsGfv+PVvx3Z ABdfvpEj4F4jk1uvk/lV135QaLrwDlmmErKDImG8w2AEPHb4xj8RzAT4MXwStbFEtBZN tZ2uTDjLbsRZAxwNnzO4bH2aOZNw4hink2vfiXNWIClYfZCCr0c2eGMCyKPp5snKcygw MuTwKRnGKK6Dco9P0B+fqJVCU/ZPUk1pV8i/ibKBwPoRtBsbA0yMV8PXpptIhfLOc0CB Wwt1tftU74YboBUG6Bcs1WflnQSLgxjv68AD18Y5P9AVhn/rsR0PGJSMENjrT3pkfwy0 35KA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=fKHKCnFcSvl3XEabh91hR2JBNrC++gAVwvhzrDRWFqQ=; b=chG1q3einl8POC/jqXQg3gIM4O/zTbzGqrJZ4fHeAPRj7eNATQvxnJ33LComW6QL/L zDe6/zFgryB0vkCqwLtshrFOvfzozOIcUudJoLQaJ+zA8OrSyvyt06v9pwO7tBjUGmz8 MfeLbbne61xv1fNWn/xzUZZi8x4nxTA7RRxhojo/aQztg6fy+JLca5Hu7Bb07V1+ZcAM hopCM7Cyu0sKhWp4rzMt2WN/B49/z2iehRYMaCGL1wjJaXA2Hxz6cpwZ4pgrJeP9r+PF zTH03aiPW8FtTsOTPcTiID0Y9TzRwmftn97ZECPJEbdOCfdfjf69otOil6km5yxO91wd iOwA== X-Gm-Message-State: AA6/9RlbQne6oUe1ExYPRgBpvUSKwwe8CBDVbEqRkCxker1lr01L5FLDmLXfKpbgOcEANo+eZ0n2Qdg2M2vuwQ== X-Received: by 10.194.126.133 with SMTP id my5mr21439178wjb.47.1475856756204; Fri, 07 Oct 2016 09:12:36 -0700 (PDT) MIME-Version: 1.0 Received: by 10.28.166.204 with HTTP; Fri, 7 Oct 2016 09:12:35 -0700 (PDT) In-Reply-To: References: <543F6C07-9472-4B3C-8697-CD5AE1F17725@FreeBSD.org> <643DC08B-27A5-49E9-9474-08F0D57FE200@FreeBSD.org> From: mokhi Date: Fri, 7 Oct 2016 19:42:35 +0330 Message-ID: Subject: Re: Using Audit Framework and praudit To: Mateusz Piotrowski <0mp@freebsd.org> Cc: freebsd-hackers@freebsd.org Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Oct 2016 16:12:38 -0000 Ah, it works now :) I forgot to change `naflags` flag. Thanks for helps (and sorry if my fault made confusings) Best wishes, Mokhi. From owner-freebsd-hackers@freebsd.org Sat Oct 8 02:44:37 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6C0F0C04270 for ; Sat, 8 Oct 2016 02:44:37 +0000 (UTC) (envelope-from sameerhussain@protonmail.com) Received: from mail2.protonmail.ch (mail2.protonmail.ch [185.70.40.22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.protonmail.ch", Issuer "QuoVadis Global SSL ICA G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 03840E6D for ; Sat, 8 Oct 2016 02:44:36 +0000 (UTC) (envelope-from sameerhussain@protonmail.com) Received: from mail.protonmail.com (localhost [127.0.0.1]) by mail2.protonmail.ch (Postfix) with ESMTP id 173A4C42C6 for ; Fri, 7 Oct 2016 22:44:22 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=default; t=1475894662; bh=4XWJ1ZkCSy9Aocwg88yOzo16ecGc6yvqXMZDEgy0wDY=; h=Date:To:From:Reply-To:Subject:In-Reply-To:References:Feedback-ID: From; b=LawILgvkKy2keCncu/pr87BKoZjP2hAJj+nlO9buUhWtvoB7BC+JV4oVhmiQ7uU3x EjmYfmsSpr0RaQ6JTDk9M/xa0nbGkNSSmyd1e10LeFracERJGApFK7BdyNYFETjWrv 4Lf5FlnolftUwNwOK8cdvsb3bVU/TOEaxBoNM7uc= Date: Fri, 07 Oct 2016 22:44:21 -0400 To: "freebsd-hackers@freebsd.org" From: Sameerhussain Reply-To: Sameerhussain Subject: Fw: Re: Regarding Memory Compression Project. Message-ID: <5AUBSGfok5nm9g9Z9yDtftIfTrc6rX9gtxyaySFT7B_p5YWEQhXjmvJZyBNeNBvMiGgT8e8kpZ9k38bnJEdZtyltkIuKR_TLWX3hKcy2JWI=@protonmail.com> In-Reply-To: <1461358633.1629870.587000897.26AC8A8C@webmail.messagingengine.com> References: <1461358633.1629870.587000897.26AC8A8C@webmail.messagingengine.com> Feedback-ID: 2Ms5bEeirxFU0pkqxxFBccDynQQFiS37mwUGdABOnUgz38pvDirJ9sfs-pPMSXgwghlXBiewgs2Jy-ajll9jNw==:Ext:ProtonMail MIME-Version: 1.0 X-Spam-Status: No, score=-3.0 required=4.0 tests=ALL_TRUSTED,BAYES_00, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HTML_MESSAGE,MIME_BASE64_BLANKS, URIBL_BLOCKED autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail2.protonmail.ch Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: base64 X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Oct 2016 02:44:37 -0000 SGksCgpJIGhhdmUgdGFsa2VkIHRvIE1hcmsgRmVsZGVyIHJlZ2FyZGluZyBNZW1vcnkgQ29tcHJl c3Npb24uCgoKVGhhbmtzIGFuZCByZWdhcmRzLApTYW1lZXIgSHVzc2FpbgoKCk1ha2UgdGhpbmdz IHNpbXBsZSwgYnV0IG5vIHNpbXBsZXIgOi0pCgoKCi0tLS0tLS0tIE9yaWdpbmFsIE1lc3NhZ2Ug LS0tLS0tLS0KU3ViamVjdDogUmU6IFJlZ2FyZGluZyBNZW1vcnkgQ29tcHJlc3Npb24gUHJvamVj dC4KTG9jYWwgVGltZTogQXByaWwgMjMsIDIwMTYgMjoyNyBBTQpVVEMgVGltZTogQXByaWwgMjIs IDIwMTYgODo1NyBQTQpGcm9tOiBmZWxkQEZyZWVCU0Qub3JnClRvOiBTYW1lZXJodXNzYWluIDxz YW1lZXJodXNzYWluQHByb3Rvbm1haWwuY29tPgoKSGkgU2FtZWVyLAoKSSB0aGluayB5b3UgbWln aHQgaGF2ZSBiZXR0ZXIgc3VjY2VzcyBpZiB5b3UgcmVhY2ggb3V0IHRvIHRoZQpmcmVlYnNkLWhh Y2tlcnMgbWFpbGluZyBsaXN0LiBZb3Ugd2lsbCBmaW5kIGEgYmV0dGVyIGF1ZGllbmNlIGFuZApw b3NzaWJseSBzb21lIGludGVyZXN0ZWQgbWVudG9ycy4gSSBzdWdnZXN0ZWQgdGhlIG1lbW9yeSBj b21wcmVzc2lvbgpwcm9qZWN0IGJ1dCBoYXZlIG5vdCBoYWQgbXVjaCBmZWVkYmFjayBvdGhlciB0 aGFuICJtZW1vcnkgY29tcHJlc3Npb24Kd291bGQgYmUgcmVhbGx5IG5pY2UhIi4gSSBoYXZlbid0 IGhhZCBtdWNoIGx1Y2sgZ2V0dGluZyBvdGhlcnMgdG8gZW5nYWdlCndpdGggbWUgZGlyZWN0bHkg b24gdGhpcywgc28gbWF5YmUgaWYgeW91IHBvc3QgdG8gdGhlIGhhY2tlcnMgbGlzdAp5b3UnbGwg Z2FybmVyIG1vcmUgaW50ZXJlc3QuCgpJJ2xsIGxvb2sgZm9yIHlvdXIgcG9zdCBhbmQgcmVzcG9u ZCB0byBpdCBhcyB3ZWxsIHRvIGtlZXAgdGhlIHRocmVhZAphbGl2ZS4KCgpPbiBGcmksIEFwciAy MiwgMjAxNiwgYXQgMTE6MTIsIFNhbWVlcmh1c3NhaW4gd3JvdGU6Cj4gSGksCj4KPiBHZW50bHkg SSByZW1pbmQgeW91IG9mIG91ciBwcmV2aW91cyBjaGF0cy4KPgo+IFRoYW5rcyBhbmQgcmVnYXJk cywKPiBTYW1lZXIuCj4gTWFrZSB0aGluZ3Mgc2ltcGxlLCBidXQgbm90IHNpbXBsZXIgOi0pCgoK LS0KTWFyayBGZWxkZXIKcG9ydHMtc2VjdGVhbSBtZW1iZXIKZmVsZEBGcmVlQlNELm9yZw== From owner-freebsd-hackers@freebsd.org Sat Oct 8 12:36:25 2016 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A4D82AF75C0 for ; Sat, 8 Oct 2016 12:36:25 +0000 (UTC) (envelope-from oliver.pinter@hardenedbsd.org) Received: from mail-wm0-x234.google.com (mail-wm0-x234.google.com [IPv6:2a00:1450:400c:c09::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3A3378EC for ; Sat, 8 Oct 2016 12:36:25 +0000 (UTC) (envelope-from oliver.pinter@hardenedbsd.org) Received: by mail-wm0-x234.google.com with SMTP id b201so89186298wmb.0 for ; Sat, 08 Oct 2016 05:36:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hardenedbsd-org.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=PlIU+eEFuO1X71ulcYJb32kQlMN149jk4XphWhyE8NE=; b=fsNWP1i+C774Db51049bUZhVpAgVotHmfh9GeHBtUxrIlcR052CHT3l7S70b2MBgRf MA6dP1MHjpK++65RidKDw9QplLZeEV6erW16zIolXf1p40c1ocQffS3IOAcNSNMJu8Pl Yh2y2OOMN4ZqrIuJYa6tEH6H7/t242Ze+qtXYAyOkTue83zdvgyr20vWJR2va3CUDuxo 1BLVCdHIvD7vJLp57apHCvdmANGa6Gg3ADju+HnMvPVGKKEJ7fXCIFqLZELpazz3Ogtq TXVQjx8n8ZvgquQycU31BW+Z+PYyzPsgLxgIfYClm6wf4w9Za4LOD1s8ebyCBvEB/3q+ yNzw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=PlIU+eEFuO1X71ulcYJb32kQlMN149jk4XphWhyE8NE=; b=dXMfigBYsUtt++xKD0ssrEcQAmDMCUl54aJkbFJVTYDLU4DGOy5ksBqvhiZXmQ2Rft LA5VRxv+8+kfaxZOTEmQX7IUZu/PUWsf4CEsrOxPnHx3FEP92S14LgSsXvWeysYwMLFA poBZjvFFLyfOn/V+4YkUzoQs6xDnnZJjaKrfogXFjPDJvm8iK8bxqStMl9VmhnMsvsF6 XqJNeWQFx/v3s13qwE9iov7g8H+36vdZ+xonZsyezq75NDyQZ8hCbOGrUWal0wCsezXz qs4sdF5mNapN46wt5/N4VqiQ8tCJKLSwYL9ndif1G9+WlH0QbGIVy7PEwD0pX6Khn3U0 GAYw== X-Gm-Message-State: AA6/9RlfNwVbt5jGxYDRJFi1k/FuU8wWtD5GD8rSnN5ZEwXzM3vs8WheY6oBltMQgZasa1/dlTtgzl1elT5S+Oos X-Received: by 10.28.150.211 with SMTP id y202mr3248646wmd.6.1475930182900; Sat, 08 Oct 2016 05:36:22 -0700 (PDT) MIME-Version: 1.0 Received: by 10.80.146.35 with HTTP; Sat, 8 Oct 2016 05:36:22 -0700 (PDT) In-Reply-To: <7b732876-8cc3-a638-7ff1-e664060d4907@freebsd.org> References: <7b732876-8cc3-a638-7ff1-e664060d4907@freebsd.org> From: Oliver Pinter Date: Sat, 8 Oct 2016 14:36:22 +0200 Message-ID: Subject: Re: fix for use-after-free problem in 10.x To: Julian Elischer Cc: FreeBSD Stable , freebsd Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Oct 2016 12:36:25 -0000 On 10/5/16, Julian Elischer wrote: > In 11 and 12 the taskqueue code has been rewritten in this area but > under 10 this bug still occurs. > > On our appliances this bug stops the system from mounting the ZFS > root, so it is quite severe. > Basically while the thread is sleeping during the ZFS mount of root > (in the while loop), another thread can free the 'task' item it is > checking in that while loop and it can be reused or filled with > 'deadcode' etc., with the waiting code unaware of the change.. The fix > is to refetch the item at the end of the queue each time around the loop. > I don't really want to do the bigger change of MFCing the change in > 11, as it is more extensive, though if someone else does, that's ok by > me. (If it's ABI compatible) > > Any comments or suggestions? Yes, please commit them. This patch fixes the ZFS + GELI + INVARIANTS problem for us. There is the FreeBSD PR about the issue: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=209580 > > here's the fix in diff form: > > > [robot@porridge /usr/src]$ p4 diff -du ... > --- //depot/pbranches/jelischer/FreeBSD-PZ/10.3/sys/kern/subr_taskqueue.c > 2016-09-27 09:14:59.000000000 -0700 > +++ /usr/src/sys/kern/subr_taskqueue.c 2016-09-27 09:14:59.000000000 -0700 > @@ -441,9 +441,10 @@ > > TQ_LOCK(queue); > task = STAILQ_LAST(&queue->tq_queue, task, ta_link); > - if (task != NULL) > - while (task->ta_pending != 0) > - TQ_SLEEP(queue, task, &queue->tq_mutex, PWAIT, "-", > 0); > + while (task != NULL && task->ta_pending != 0) { > + TQ_SLEEP(queue, task, &queue->tq_mutex, PWAIT, "-", 0); > + task = STAILQ_LAST(&queue->tq_queue, task, ta_link); > + } > taskqueue_drain_running(queue); > KASSERT(STAILQ_EMPTY(&queue->tq_queue), > ("taskqueue queue is not empty after draining")); > > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" >