From owner-freebsd-hackers@freebsd.org Sun Apr 25 10:20:46 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 637185FCC3F for ; Sun, 25 Apr 2021 10:20:46 +0000 (UTC) (envelope-from zlei.huang@gmail.com) Received: from mail-pg1-x52d.google.com (mail-pg1-x52d.google.com [IPv6:2607:f8b0:4864:20::52d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FSkZ51prHz3DHv for ; Sun, 25 Apr 2021 10:20:45 +0000 (UTC) (envelope-from zlei.huang@gmail.com) Received: by mail-pg1-x52d.google.com with SMTP id y32so38184036pga.11 for ; Sun, 25 Apr 2021 03:20:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:mime-version:subject:message-id:date:to; bh=YYQjxCgojh9O7S9bREOiY5PfB5fdIEyy/cGjzlKsZ80=; b=sQrMurQnHeVw6p0+zlcbjTwy9Icbw4GTL9kNBBFEpo+VURfAwF5LGytJP5kO6k1+yb K/Pf4DVz+qBRV5b28ZbZB1UqgaBWlxYv3PaYBNbM8I0Q7jhMVXzYz6kuk4QwGtdz5AFF Oqlrpj1optFWt16oUCBe6sPIt7NOy8dSsXysYjMLkZ32Uem062JeDd+XbxSkPNGM8L6k XBBnQ2hajAoW2gTJOQbKtij1Zuib+e5s4ElkzPjySUgt60IdJvnQNMqUxu2EB7bUsPxO spC84l/vgvFnw94fR2RepH/TrjWfyqppfkTtB4e4vAJ2UcRbZBGKPivkQsZ/B/5j9fLZ w2NQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:subject:message-id:date:to; bh=YYQjxCgojh9O7S9bREOiY5PfB5fdIEyy/cGjzlKsZ80=; b=eNbQWbAtQqGSPX2JtN/rfrlfx7qYi6ieamadDmmylv1iC1Vv4r1bGY43XKg4C5oKZF HNpoBeVtuRb6l1wiGX6OAvxRjU4fNfyAOPprbvKn21REhXqZ/afHM/0CI/RGZZExLIgr 0JHE6BqVXss4ZtAKdRyQQaHqGY1mBhXrZ5bPeOJVOyYYS7WIAUm4X/Vw3H8FlsumHTXp ZaRGuuXbUFJux4IPSVw6JIu4J86xjm9Sc14nqKOozyXFNjPQx/DZYkN4f8lM6MUpiYZH ChwkwhG1YIVqEQS2jbAXGSpOT2YluQL0Yg8OTZdHbXa22fktoljHYtTO/5PVc5iix6pa Mulw== X-Gm-Message-State: AOAM532jTxLgd/Y8k+iH/yQIRWK6ks+qcuS812Zt9e+hxvuiAfpMxO/T 087ksLje/52969KFpM+TcWsQvgI9Z5g= X-Google-Smtp-Source: ABdhPJw4Hkww5wxswxDlNaQVHgSrAnzA6WMVw0zlAqDzquHRbaU+WcvmVuGo5nLaLlSbhfL11/x7Lg== X-Received: by 2002:aa7:9046:0:b029:272:3729:e10a with SMTP id n6-20020aa790460000b02902723729e10amr5723692pfo.49.1619346043887; Sun, 25 Apr 2021 03:20:43 -0700 (PDT) Received: from [192.168.10.252] ([112.66.186.104]) by smtp.gmail.com with ESMTPSA id p10sm8972682pgn.85.2021.04.25.03.20.40 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 25 Apr 2021 03:20:43 -0700 (PDT) From: Zhenlei Huang Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\)) Subject: Are there any RFCs for address selection for IPv4 Message-Id: Date: Sun, 25 Apr 2021 18:20:37 +0800 To: freebsd-hackers@freebsd.org X-Mailer: Apple Mail (2.3608.120.23.2.4) X-Rspamd-Queue-Id: 4FSkZ51prHz3DHv X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=sQrMurQn; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of zleihuang@gmail.com designates 2607:f8b0:4864:20::52d as permitted sender) smtp.mailfrom=zleihuang@gmail.com X-Spamd-Result: default: False [-1.74 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; TO_DN_NONE(0.00)[]; MV_CASE(0.50)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::52d:from]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; RECEIVED_SPAMHAUS_PBL(0.00)[112.66.186.104:received]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::52d:from:127.0.2.255]; NEURAL_SPAM_SHORT(0.76)[0.764]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::52d:from]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Apr 2021 10:20:46 -0000 Hello hackers, For IPv6 there's RFC 6724 to clarify the default address selection = procedure,=20 both for source address selection and destination address selection. Are = there any RFCs like RFC 6724 that are for IPv4?=20 I'm exploring RFC 3927, consider this situation, a host configured with = link-local address on NIC and global unicast alias address on loopback interface, = and default route to=20 the link-local address of router (some ISPs do this). The current = implementation kernel will use the link-local address as the source address when initializing = a connection to=20 remote host via the default route. It seems wrong, as link-local address = are not=20 routable as per RFC 3927. So it is important if there's corresponding RFC clarify the source = address selection=20 for IPv4. Thanks :)= From owner-freebsd-hackers@freebsd.org Sun Apr 25 12:12:41 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id BF6655FFA61 for ; Sun, 25 Apr 2021 12:12:41 +0000 (UTC) (envelope-from gljennjohn@gmail.com) Received: from mail-ej1-x62d.google.com (mail-ej1-x62d.google.com [IPv6:2a00:1450:4864:20::62d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FSn380Fgsz3JtM for ; Sun, 25 Apr 2021 12:12:35 +0000 (UTC) (envelope-from gljennjohn@gmail.com) Received: by mail-ej1-x62d.google.com with SMTP id r20so30522631ejo.11 for ; Sun, 25 Apr 2021 05:12:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:cc:subject:message-id:in-reply-to:references:reply-to :mime-version:content-transfer-encoding; bh=WlXcOl/8WXts0s6xt1SxJfwNNh5fq0Wce5anJaj1QCM=; b=GHC8a4Bw38jvtRZwPIpGI+btQ5MxPwjoCrB0nIo3aEJxVmguSMiqsEjx+xnkBYunpN ErbNt+jwLYA/+/HJ1ubXkvB/rLAjxLCqzzSbbxgjL2Bp/uXFqAjDR01Mcf8R/WqUlwoK soxYGo3ZDIz9FPljCZu1PrLCppwbVU61BTATaKkvSjcLlMqREP9MBiQ6ue6+LAMFnjQQ ICMAlbL/BoVMqZG1wNG/CWLLKEq+ulh/7s4EKaoX3yPSAN/lLkuDZR8qKAH2+BJWy24a pe0GiDxvYNJi1+8DuVTJ66/APjVrryIqPgQzcTM4iSsk3agwldnQrAEt3UtH6OCwvhJE bR7Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:in-reply-to :references:reply-to:mime-version:content-transfer-encoding; bh=WlXcOl/8WXts0s6xt1SxJfwNNh5fq0Wce5anJaj1QCM=; b=Qgr2uRByvN2k3+DCkmHoocR5KTScfoqhYcXJdhwwSB/EXMeoPA1pYhiZ3sbH7xIIOw pLPlyTQxgq7eTZOigBd9sxPG73d0uMql/pgqpCdn4N6+iiB543tWApWclO2gffwPl+/R Hag6leVV5Tu2pDyGaHQ8GywvFVvvylueWmx/bmAZdDpW/1gV8tmei25kV9Ll/vBQo55q HdTJlvub/QOqUGqYvDDNMtyMZdpb5gvCcdZ7tNIYS4Gl3bzUgavyelK8zSVr2PtVTzV9 o8woNpEYjCvGJsQ21OQWjiR+MsbP7nowfmOKTDfKAE1kG1XLe5hx5R31ubzcANv/NMXf Q0LQ== X-Gm-Message-State: AOAM5315HE18JBy5dYKth39sbuhKL0xD0sqKaP+dr+wfLYZsl1+FZawj kxOeDyc7Exldr8MAtJKD1l0= X-Google-Smtp-Source: ABdhPJy/Ego8FtvqTG3WQ+B5ersFRp/5Cgx8r6WOfxStGJKQXHAlG03jDITQ3JsfJhEuz8q7G3XEvw== X-Received: by 2002:a17:907:75f6:: with SMTP id jz22mr4109163ejc.504.1619352754052; Sun, 25 Apr 2021 05:12:34 -0700 (PDT) Received: from ernst.home (pd9e23d76.dip0.t-ipconnect.de. [217.226.61.118]) by smtp.gmail.com with ESMTPSA id s11sm11884798edt.27.2021.04.25.05.12.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 25 Apr 2021 05:12:33 -0700 (PDT) Date: Sun, 25 Apr 2021 14:12:32 +0200 From: Gary Jennejohn To: Zhenlei Huang Cc: freebsd-hackers@freebsd.org Subject: Re: Are there any RFCs for address selection for IPv4 Message-ID: <20210425121232.0bdb424a@ernst.home> In-Reply-To: References: Reply-To: gljennjohn@gmail.com X-Mailer: Claws Mail 3.17.8 (GTK+ 2.24.33; amd64-portbld-freebsd14.0) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4FSn380Fgsz3JtM X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=GHC8a4Bw; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of gljennjohn@gmail.com designates 2a00:1450:4864:20::62d as permitted sender) smtp.mailfrom=gljennjohn@gmail.com X-Spamd-Result: default: False [-2.80 / 15.00]; HAS_REPLYTO(0.00)[gljennjohn@gmail.com]; RCVD_VIA_SMTP_AUTH(0.00)[]; RBL_SENDERSCORE_FAIL(0.00)[2a00:1450:4864:20::62d:query timed out]; TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; REPLYTO_ADDR_EQ_FROM(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; RBL_DBL_DONT_QUERY_IPS(0.00)[2a00:1450:4864:20::62d:from]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-0.997]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; RECEIVED_SPAMHAUS_PBL(0.00)[217.226.61.118:received]; FROM_HAS_DN(0.00)[]; NEURAL_SPAM_SHORT(0.19)[0.192]; NEURAL_HAM_LONG(-1.00)[-1.000]; TAGGED_RCPT(0.00)[]; FREEMAIL_REPLYTO(0.00)[gmail.com]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; MIME_GOOD(-0.10)[text/plain]; SPAMHAUS_ZRD(0.00)[2a00:1450:4864:20::62d:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::62d:from]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Apr 2021 12:12:41 -0000 On Sun, 25 Apr 2021 18:20:37 +0800 Zhenlei Huang wrote: > Hello hackers, > > For IPv6 there's RFC 6724 to clarify the default address selection procedure, > both for source address selection and destination address selection. Are there > any RFCs like RFC 6724 that are for IPv4? > > I'm exploring RFC 3927, consider this situation, a host configured with link-local > address on NIC and global unicast alias address on loopback interface, and default route to > the link-local address of router (some ISPs do this). The current implementation kernel > will use the link-local address as the source address when initializing a connection to > remote host via the default route. It seems wrong, as link-local address are not > routable as per RFC 3927. > > So it is important if there's corresponding RFC clarify the source address selection > for IPv4. > > Thanks :) > I'm no expert on this, but the router must have a public, routable adress to the internet, otherwise it can't function as a router. This address is (usually) provided by the ISP. It's using its pubic address to route packets to the internet and very probably NAT to handle packets from and to the LAN. So, the internal LAN does not have to use routable addresses. -- Gary Jennejohn From owner-freebsd-hackers@freebsd.org Sun Apr 25 13:40:55 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id E466A62359F for ; Sun, 25 Apr 2021 13:40:55 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from gndrsh.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FSq130Q5Qz3PH9 for ; Sun, 25 Apr 2021 13:40:54 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from gndrsh.dnsmgr.net (localhost [127.0.0.1]) by gndrsh.dnsmgr.net (8.13.3/8.13.3) with ESMTP id 13PDejBA093487; Sun, 25 Apr 2021 06:40:45 -0700 (PDT) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: (from freebsd-rwg@localhost) by gndrsh.dnsmgr.net (8.13.3/8.13.3/Submit) id 13PDej0b093486; Sun, 25 Apr 2021 06:40:45 -0700 (PDT) (envelope-from freebsd-rwg) From: "Rodney W. Grimes" Message-Id: <202104251340.13PDej0b093486@gndrsh.dnsmgr.net> Subject: Re: Are there any RFCs for address selection for IPv4 In-Reply-To: To: Zhenlei Huang Date: Sun, 25 Apr 2021 06:40:45 -0700 (PDT) CC: freebsd-hackers@freebsd.org X-Mailer: ELM [version 2.4ME+ PL121h (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-Rspamd-Queue-Id: 4FSq130Q5Qz3PH9 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of freebsd-rwg@gndrsh.dnsmgr.net has no SPF policy when checking 69.59.192.140) smtp.mailfrom=freebsd-rwg@gndrsh.dnsmgr.net X-Spamd-Result: default: False [-2.10 / 15.00]; RCVD_TLS_LAST(0.00)[]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; TAGGED_RCPT(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[dnsmgr.net]; AUTH_NA(1.00)[]; SPAMHAUS_ZRD(0.00)[69.59.192.140:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[69.59.192.140:from]; NEURAL_HAM_SHORT(-1.00)[-1.000]; RCPT_COUNT_TWO(0.00)[2]; R_SPF_NA(0.00)[no SPF record]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:13868, ipnet:69.59.192.0/19, country:US]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Apr 2021 13:40:56 -0000 > Hello hackers, > > For IPv6 there's RFC 6724 to clarify the default address selection procedure, > both for source address selection and destination address selection. Are there > any RFCs like RFC 6724 that are for IPv4? The important difference I think here is that in IPv6 it is very normal to have both a link local and a routable IP address on an interface. RFC 3927 speaks to this for IPv4 with: IPv4 Link-Local addresses are not suitable for communication with devices not directly connected to the same physical (or logical) link, and are only used where stable, routable addresses are not available (such as on ad hoc or isolated networks). This document does not recommend that IPv4 Link-Local addresses and routable addresses be configured simultaneously on the same interface. Though technically you have not put a global uniq unicast address on the outbound interface the fact your trying to route one via that interface to a loopback interface puts you into the situation your attempting to route global IP over a link local address. > > I'm exploring RFC 3927, consider this situation, a host configured with link-local > address on NIC and global unicast alias address on loopback interface, and default route to > the link-local address of router (some ISPs do this). The current implementation kernel > will use the link-local address as the source address when initializing a connection to > remote host via the default route. It seems wrong, as link-local address are not > routable as per RFC 3927. So your wanting the kernel to pick a source address on another interface for a packet going out a different interface, that is what seems wrong. Though I think this could be solved by applying a technique used in routers, and that is the concept of a host specific globally routeable IP address that should be used for all non-local packets. This is useful in complex multipath networks as the router is always accessable via that IP address no mater which interfaces are routing packets correctly as long as the routing protocols are maintaining a path to it. But before going down that road, why are you putting your desired globally routeable IP address on lo0 and not on the upstream interface which would eliminate this problem? Is it because you have a complex multipath network, or is it from an attempt to save some global IP's that would be needed to run these on the link? Or? > > So it is important if there's corresponding RFC clarify the source address selection > for IPv4. I do not believe you well find anything that speaks to this issue for IPv4, as your not really in the situation of RFC6724 which has to do with multiple IP addresses on the same interface. > Thanks :) > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" -- Rod Grimes rgrimes@freebsd.org From owner-freebsd-hackers@freebsd.org Sun Apr 25 16:07:24 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 89C52626CE7 for ; Sun, 25 Apr 2021 16:07:24 +0000 (UTC) (envelope-from zlei.huang@gmail.com) Received: from mail-pj1-x1030.google.com (mail-pj1-x1030.google.com [IPv6:2607:f8b0:4864:20::1030]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FStG34psYz3md5 for ; Sun, 25 Apr 2021 16:07:23 +0000 (UTC) (envelope-from zlei.huang@gmail.com) Received: by mail-pj1-x1030.google.com with SMTP id md17so197331pjb.0 for ; Sun, 25 Apr 2021 09:07:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=vt+kjhaWfnJ/FYOYKRH6z1tbvXwLHyOc53n4SNVW2X0=; b=R8cxSQgGJUO4fGCZJOZs42WyrIqEKqIslvwxKumP/EtNwKxQsi6Fw1CE70do5Jgq8p a2UwErBj7657LoFJz4eitEyS2yMhTXbEWKw2CMbcoItYaw5gPU/3wOrrgLQqKmAbAe99 ZvY0ZjBQ1fYOu5R/L7kDGyhxHZrGHNS6+/mr3dcPxGLqAwX7HBAMFWq67a+MQvM+ceye wDFzUMI7H3BZk4s/AtKVMZYOku/30m29P/uMl2jyCwPTNv2ntfxSqicl8mNqrBMRcO2u S9H9D7dAMx3sJCpO9PRzG2E4FGO5bz/jEdI5Dgz6+nlEbIx/1tTfUsXUkC5akZUcQFlb 5i9g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=vt+kjhaWfnJ/FYOYKRH6z1tbvXwLHyOc53n4SNVW2X0=; b=Y2nOiOVEcFn8QMoEhpX5A2RUytjbH4Sq/oWdtdGl6je18UBZkLmx0p8un/KgsmMkEQ EJyLLL5dY8H5krnOFRlmOB3/RIFoJQJZ8NxVUNnKJjoz29DHyl/TlZVYvuiGKyzlE6sp p5xXwRy3lS2aGmyZUJYX7oQ/nzJzxIKg8OLQvA/K5m4umsgsfLiggiJVz+r+j1G3ZJad 06K8hHv6VcA2lbmLZ7w97GTj2uNR/uf9rsnypWAtXHBOGjh+J6y0tJPBRoFE6VnSYg+b QeMG47agoTcWfQqhn/m2j7YwQLjYqpNG1X3bjkSwyScXzguPHTpceXHtOCIMyhlxx+bf T3qw== X-Gm-Message-State: AOAM531cFfl7lvKBDpyAaY7G+fJszrCoyHMUR05mp2hOPoYRymz87+NY daCwSbn1jpZqdiUQub2I749AQJjDVSU= X-Google-Smtp-Source: ABdhPJz5JQfNzvRJZcyoaUSeyDP7knpBI8sTKcFLd1D8zbpbskb6LQgKlOUyuErDlv5vB/iTp5FNVw== X-Received: by 2002:a17:902:8307:b029:ec:86a4:90fa with SMTP id bd7-20020a1709028307b02900ec86a490famr14347508plb.22.1619366841773; Sun, 25 Apr 2021 09:07:21 -0700 (PDT) Received: from [172.17.252.129] (ns1.oxydns.net. [45.32.91.63]) by smtp.gmail.com with ESMTPSA id p10sm9447690pgn.85.2021.04.25.09.07.16 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 25 Apr 2021 09:07:21 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\)) Subject: Re: Are there any RFCs for address selection for IPv4 From: Zhenlei Huang In-Reply-To: <202104251340.13PDej0b093486@gndrsh.dnsmgr.net> Date: Mon, 26 Apr 2021 00:07:03 +0800 Cc: freebsd-hackers@freebsd.org Content-Transfer-Encoding: quoted-printable Message-Id: References: <202104251340.13PDej0b093486@gndrsh.dnsmgr.net> To: "Rodney W. Grimes" X-Mailer: Apple Mail (2.3608.120.23.2.4) X-Rspamd-Queue-Id: 4FStG34psYz3md5 X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=R8cxSQgG; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of zleihuang@gmail.com designates 2607:f8b0:4864:20::1030 as permitted sender) smtp.mailfrom=zleihuang@gmail.com X-Spamd-Result: default: False [-3.50 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::1030:from]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::1030:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::1030:from]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Apr 2021 16:07:24 -0000 Hi Rod Grimes, > On Apr 25, 2021, at 9:40 PM, Rodney W. Grimes = wrote: >=20 >> Hello hackers, >>=20 >> For IPv6 there's RFC 6724 to clarify the default address selection = procedure,=20 >> both for source address selection and destination address selection. = Are there >> any RFCs like RFC 6724 that are for IPv4?=20 >=20 > The important difference I think here is that in IPv6 it is very = normal to > have both a link local and a routable IP address on an interface. RFC = 3927 > speaks to this for IPv4 with: > IPv4 Link-Local addresses are not suitable for communication with > devices not directly connected to the same physical (or logical) > link, and are only used where stable, routable addresses are not > available (such as on ad hoc or isolated networks). This document > does not recommend that IPv4 Link-Local addresses and routable > addresses be configured simultaneously on the same interface. >=20 > Though technically you have not put a global uniq unicast address on = the > outbound interface the fact your trying to route one via that = interface > to a loopback interface puts you into the situation your attempting > to route global IP over a link local address. =20 >>=20 >> I'm exploring RFC 3927, consider this situation, a host configured = with link-local >> address on NIC and global unicast alias address on loopback = interface, and default route to=20 >> the link-local address of router (some ISPs do this). The current = implementation kernel >> will use the link-local address as the source address when = initializing a connection to=20 >> remote host via the default route. It seems wrong, as link-local = address are not=20 >> routable as per RFC 3927. >=20 > So your wanting the kernel to pick a source address on another = interface > for a packet going out a different interface, that is what seems = wrong. I'm not sure if this is proper for IPv4, but in the IPv6 network stack, = FreeBSD's current implementation select global unicast address over link-local = address, in case the outgoing interface does not have any global unicast addresses. I'm wondering whether it makes sense also for IPv4. >=20 > Though I think this could be solved by applying a technique used in > routers, and that is the concept of a host specific globally routeable > IP address that should be used for all non-local packets. This is = useful > in complex multipath networks as the router is always accessable via > that IP address no mater which interfaces are routing packets = correctly > as long as the routing protocols are maintaining a path to it. >=20 > But before going down that road, why are you putting your desired = globally > routeable IP address on lo0 and not on the upstream interface which = would > eliminate this problem? Is it because you have a complex multipath = network, > or is it from an attempt to save some global IP's that would be needed > to run these on the link? Or? >=20 Reading RFC 3927 2.7, it states link-local addresses are not routable. = The router shall discard those packets from or to link-local addresses. Then it make no = sense for a host to select link-local address as source address when it initialize a = connection, except for=20 an edge case that the destination is also link-local address. >>=20 >> So it is important if there's corresponding RFC clarify the source = address selection=20 >> for IPv4. >=20 > I do not believe you well find anything that speaks to this issue for = IPv4, as > your not really in the situation of RFC6724 which has to do with = multiple IP > addresses on the same interface. >=20 >> Thanks :) >> _______________________________________________ >> freebsd-hackers@freebsd.org mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers >> To unsubscribe, send any mail to = "freebsd-hackers-unsubscribe@freebsd.org" >=20 > --=20 > Rod Grimes = rgrimes@freebsd.org Thanks, Zhenlei Huang From owner-freebsd-hackers@freebsd.org Sun Apr 25 17:56:11 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3FC775E1A5A for ; Sun, 25 Apr 2021 17:56:11 +0000 (UTC) (envelope-from phk@critter.freebsd.dk) Received: from phk.freebsd.dk (phk.freebsd.dk [130.225.244.222]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FSwgZ1QxGz3s2C for ; Sun, 25 Apr 2021 17:56:09 +0000 (UTC) (envelope-from phk@critter.freebsd.dk) Received: from critter.freebsd.dk (v-critter.freebsd.dk [192.168.55.3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by phk.freebsd.dk (Postfix) with ESMTPS id 568A88928F; Sun, 25 Apr 2021 17:56:02 +0000 (UTC) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.16.1/8.16.1) with ESMTPS id 13PHu16M008836 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Sun, 25 Apr 2021 17:56:02 GMT (envelope-from phk@critter.freebsd.dk) Received: (from phk@localhost) by critter.freebsd.dk (8.16.1/8.16.1/Submit) id 13PHu1Ok008835; Sun, 25 Apr 2021 17:56:01 GMT (envelope-from phk) To: Zhenlei Huang cc: "Rodney W. Grimes" , freebsd-hackers@freebsd.org Subject: Re: Are there any RFCs for address selection for IPv4 In-reply-to: From: "Poul-Henning Kamp" References: <202104251340.13PDej0b093486@gndrsh.dnsmgr.net> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <8833.1619373361.1@critter.freebsd.dk> Content-Transfer-Encoding: quoted-printable Date: Sun, 25 Apr 2021 17:56:01 +0000 Message-ID: <8834.1619373361@critter.freebsd.dk> X-Rspamd-Queue-Id: 4FSwgZ1QxGz3s2C X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of phk@critter.freebsd.dk designates 130.225.244.222 as permitted sender) smtp.mailfrom=phk@critter.freebsd.dk X-Spamd-Result: default: False [-3.00 / 15.00]; RCVD_TLS_ALL(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[130.225.244.222:from]; FREEFALL_USER(0.00)[phk]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; TAGGED_RCPT(0.00)[]; MIME_GOOD(-0.10)[text/plain]; ARC_NA(0.00)[]; DMARC_NA(0.00)[freebsd.dk]; SPAMHAUS_ZRD(0.00)[130.225.244.222:from:127.0.2.255]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FREEMAIL_TO(0.00)[gmail.com]; FORGED_SENDER(0.30)[phk@phk.freebsd.dk,phk@critter.freebsd.dk]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:1835, ipnet:130.225.0.0/16, country:EU]; FROM_NEQ_ENVFROM(0.00)[phk@phk.freebsd.dk,phk@critter.freebsd.dk]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Apr 2021 17:56:11 -0000 -------- Zhenlei Huang writes: > Reading RFC 3927 2.7, it states link-local addresses are not routable. T= he router shall > discard those packets from or to link-local addresses. Then it make no s= ense for a host > to select link-local address as source address when it initialize a conn= ection, except for = > an edge case that the destination is also link-local address. As I understand it, it only makes sense let the kernel select a LL address= under two conditions: A) The destination is also LL *or* multicast B) There is only one "UP" interfaces with an LLA. Implementing the second criteria runs into us putting a (IPv6)LL on the loopback interface. Does anybody know why we put a (ipv6)LL on loopback interfaces ? -- = Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe = Never attribute to malice what can adequately be explained by incompetence= . From owner-freebsd-hackers@freebsd.org Sun Apr 25 18:43:33 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D8E655E3174 for ; Sun, 25 Apr 2021 18:43:33 +0000 (UTC) (envelope-from mason@blisses.org) Received: from yangtze.blisses.org (yangtze.blisses.org [144.202.50.44]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FSxkD5mxCz3vZC for ; Sun, 25 Apr 2021 18:43:32 +0000 (UTC) (envelope-from mason@blisses.org) Received: from cocytus.blisses.org (cocytus.blisses.org [64.223.129.151]) by yangtze.blisses.org (Postfix) with ESMTP id 6D87217B288 for ; Sun, 25 Apr 2021 14:43:25 -0400 (EDT) Date: Sun, 25 Apr 2021 14:43:23 -0400 From: Mason Loring Bliss To: freebsd-hackers@freebsd.org Subject: Bug bounty framework? Message-ID: <20210425184323.GR18217@blisses.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="ssZxAlvqSOvXAj81" Content-Disposition: inline User-Agent: Mutt/1.10.1 (2018-07-13) X-Rspamd-Queue-Id: 4FSxkD5mxCz3vZC X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of mason@blisses.org designates 144.202.50.44 as permitted sender) smtp.mailfrom=mason@blisses.org X-Spamd-Result: default: False [-4.40 / 15.00]; SUBJECT_ENDS_QUESTION(1.00)[]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[144.202.50.44:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[144.202.50.44:from:127.0.2.255]; RCVD_TLS_LAST(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; DMARC_NA(0.00)[blisses.org]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; SIGNED_PGP(-2.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RCVD_COUNT_TWO(0.00)[2]; ASN(0.00)[asn:20473, ipnet:144.202.48.0/20, country:US]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Apr 2021 18:43:33 -0000 --ssZxAlvqSOvXAj81 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable I lack the free time and familiarity needed to fix some of the things I'd love to see fixed in FreeBSD, and I don't remember this idea coming up previously, so I wanted to see what folks think about a framework for bug bounties and similar. Not too long ago I found myself trying to work through how to get Poudriere to build things at an arbitrary prefix other than /usr/local and I offered a donation to the Foundation in exchange for a working solution. It seems that the process got much of the way there, and in any event I made the donation as thanks for the work that had gone into it. (I'd moved on to other things so I haven't exercised the stuff that was fixed. I'm hoping to give it another try sometime soon.) Recently, someone here noted that with FreeBSD 13 on Vultr VMs, reboots hang, and I observe this as well. I've got several systems where FreeBSD fails to load the kernel sporadically. There's an issue where FreeBSD on KVM stops using the EFI console and quietly switches to a text console, where you need to know this has happened to continue with installation. There's a now-understood (thanks, RhodiumToad) issue where geom tasting devices can consume them in a funny way that can't be undone without a reboot, inhibiting some methods of installation. VIMAGE has (at least historically) had a race that can lead to a system hang. I've observed or been bitten by all these things, and I'd love to find some way to participate in their remediation, and it seems like a useful notion would be giving people a chance to commit to contributing to bug bounties to be paid out to the Foundation when various things are fixed. It'd be a purely altrustic motivation for folks who put time into fixing things, as the fruits of their labour would be FreeBSD working better and the Foundation getting more donations, but then, I see the BSD world as existing based on altruism. (Take this and share! We hope you give back!) A useful tool for this would be a listing of projects that have accrued at least one backer and some way to define goals and results such that it's clear when the bounty has been earned. I'd love to hear thoughts about this. --=20 Mason Loring Bliss (( "In the drowsy dark cave of the mind dreams mason@blisses.org )) build their nest with fragments dropped http://blisses.org/ (( from day's caravan." - Rabindranath Tagore --ssZxAlvqSOvXAj81 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEEXtBZz1axB5rEDCEnrJXcHbvJVUFAmCFuEkACgkQnrJXcHbv JVXg6xAAsz5yVrvAMSa4ToAtXCsOWC2KeS21SKzqZix6xNxUCmMJ5mTKpMOcOXDD Y2gzLD4o4IIyoG2IKWCnUI/XtmPOkoTrKYDp3wBpKyUa9VLEebM3W6/2sO/6RGeX l9Z6VVMBSGAjb+HBcHnvjtQvsaQRJg6wUxAaP13C08PBEk7bnxWT3RE+EzRRpwWA EXzARSykvzqsnxzPnCA5ZC5XOQpSrG78Ax3VItecaFP176sDgWe2hQKf88w6EYGu zVquSQDzRFeFyPNldi/I7teSfq7UfCRFCCc2DG3nOHr4kEvaw4NlLn22/dWnDK8L yjQVcrz7yGFbLllouOWALi1KR4D8+7RpSDlgk8pzz3WQxMVKuwdGgRQorCUH3BEy 89DuswHDonSUMQcfQoYyryOXrUEwQU+pfNycJp7Za8XjxmC6xCWsb+L821BW7jXJ Ng1kJxoVhxpk2v2iOsxoiTGbPVKoiFEheA6rbzAe0IWKh9jAuN9USb2aw7LAfMHW +CyihWqxxi8xm7vQ62YXwMk/FPtT0fUPIOtDA8Tjq9ibuljp6FbcSlpGe54RdQwm 78DWuFE47HAeCkBRa+/NxKYn9ZINrqrYDOV1px6f3rFq4ziqy3+TKdEMwSrxaAiV UiTCL0r7ipZvWFF37GHySVTJAtyA8CrZFCcZl1SiBqXMixNxv4g= =2QBt -----END PGP SIGNATURE----- --ssZxAlvqSOvXAj81-- From owner-freebsd-hackers@freebsd.org Sun Apr 25 18:58:34 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id AD0B25E35ED for ; Sun, 25 Apr 2021 18:58:34 +0000 (UTC) (envelope-from mason@blisses.org) Received: from yangtze.blisses.org (yangtze.blisses.org [144.202.50.44]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FSy3Y5Pp1z3vhr for ; Sun, 25 Apr 2021 18:58:33 +0000 (UTC) (envelope-from mason@blisses.org) Received: from cocytus.blisses.org (cocytus.blisses.org [64.223.129.151]) by yangtze.blisses.org (Postfix) with ESMTP id C987C17B288 for ; Sun, 25 Apr 2021 14:58:32 -0400 (EDT) Date: Sun, 25 Apr 2021 14:58:31 -0400 From: Mason Loring Bliss To: freebsd-hackers@freebsd.org Subject: Mentoring framework? Message-ID: <20210425185831.GS18217@blisses.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="nWEzmRaGLXxZdI3i" Content-Disposition: inline User-Agent: Mutt/1.10.1 (2018-07-13) X-Rspamd-Queue-Id: 4FSy3Y5Pp1z3vhr X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of mason@blisses.org designates 144.202.50.44 as permitted sender) smtp.mailfrom=mason@blisses.org X-Spamd-Result: default: False [-4.40 / 15.00]; RCVD_TLS_LAST(0.00)[]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[144.202.50.44:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[144.202.50.44:from:127.0.2.255]; DMARC_NA(0.00)[blisses.org]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; SIGNED_PGP(-2.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; ASN(0.00)[asn:20473, ipnet:144.202.48.0/20, country:US]; SUBJECT_ENDS_QUESTION(1.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Apr 2021 18:58:34 -0000 --nWEzmRaGLXxZdI3i Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable I just wrote about some bugs that nettle me in my "bug bounties" post, sent just prior to my writing this. I'd like to throw out another idea as well. In the post I listed a number of things that I'd encountered that bother me, and in each case I've put some time into trying to either correct or work around the bugs. Between work and family my time is way more limited than I'd like, but I'd like to contribute, and something that occurs to me is the notion of formal mentoring. At work one of my roles involves mentoring junior engineers. We'll either tackle things they're working on, wherein I show them how I'd approach the issues they're trying to untangle and maybe highlight tools and techniques that might be new to them, or I'll share what I'm doing and narrate my actions and ideas as I work through puzzles that have landed on my plate. Either way, the end result is that they end up with more tools and techniques at their disposal, making them feel more powerful and competent. This would be a bit heavyweight for a volunteer project, but for FreeBSD, I can envision folks volunteering as mentors and corresponding via email about particular projects or bug hunts, or occasionally via IRC or somesuch. The underlying idea is that a hands-on donation of time from the folks in the mentoring role would be enough to energize folks like me to the point where bugs get fixed and the mentees start building up momentum on their own. As an example, for the bug I noted where a platform won't reliably boot the kernel, or for the bug that came up on the list a week or two ago where Vultr VMs hang on reboot, a mentor might help identify data collection tools and techniques and some idea of how to determine if a line of inquiry is producing usable results, after which the mentee could dig in with some notion of the short-term goal for the current stage of the investigation. I'd love thoughts and opinions. --=20 Mason Loring Bliss mason@blisses.org Ewige Blumenkraft! awake ? sleep : random() & 2 ? dream : sleep; -- Hamlet, Act III, Scene I --nWEzmRaGLXxZdI3i Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEEXtBZz1axB5rEDCEnrJXcHbvJVUFAmCFu9QACgkQnrJXcHbv JVXawBAA0lKHpiHwH2lHmuhMxK0uSPiU+XsfxphrsbkSX540oC65shFAK/bRkQzc 838y3k+J9oTQTucQxlSOy7Kyj35hAYs4jOGxsbUwWnLUKvy5F1KWZ2AR4Huit7XL lgtbptL68mFmVm87PlvvtSJwWiiw/VNa8QbRmCnIEvRl3R4IGeH0dFvG9JV/A4Sh /OlG9tq/lQGRr6LyJfT5JmDEXv6AGTipUJCY5up3aSkCVhaQUcDWjfNMxwF7SYZY Qe5tmBPLlO5/nQwUX8sFvFOBaDQjyxoGRJ0CopwF3dAoVr8mSbDYnq9iuI35hc19 avQYv3K6nH/FVfTyREzbrGUfL7D6cea53dFgS1BoG85Jv+UOIXvJax9isH56DEub 6GK4cUb3ydGc7S8uV00cQ7ywIlpG3DIOAgGC7WbNLKgBxSDN6W0M9VRf/x/paCvp 8fuYxvUO2JbuimW0sdoz4jJoZj3kpy0R58GLz3glougINTi1bJkcrzEbugxbyhsF VBJ8UWnN2Fo83LR7YYpyupfCRV1OnrkL8Wf9T0gSW2H+tCT9XDKomMXgF1qY5jCn iwUhOdjw6DSaIWqSpUYt+MPbPoZIJW+CGrpO8tnzaXADoCji1ys27FWsS/eN1lhm +aNsfK4gixscT5rSNksFrvuFEV+sAZ8wLkGJqpKYy3vcHMEZLQc= =VBC4 -----END PGP SIGNATURE----- --nWEzmRaGLXxZdI3i-- From owner-freebsd-hackers@freebsd.org Mon Apr 26 13:35:11 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A87955E07CD for ; Mon, 26 Apr 2021 13:35:11 +0000 (UTC) (envelope-from fernando.apesteguia@gmail.com) Received: from mail-qv1-f51.google.com (mail-qv1-f51.google.com [209.85.219.51]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FTQqy6l0jz3P3p for ; Mon, 26 Apr 2021 13:35:10 +0000 (UTC) (envelope-from fernando.apesteguia@gmail.com) Received: by mail-qv1-f51.google.com with SMTP id i11so21663821qvu.10 for ; Mon, 26 Apr 2021 06:35:10 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=lPj/kCZR3bQpnDDY7xbEmrs9jtnEuo4zfi6i5d50D50=; b=LDBgQM9vrdzqoXQiSOG6kuVT+Ydc+Fo3v1kezPLNuEAt55aazQ7/NzdkFTWM5sadCz qB686vXG4dP5YEzDMzovt+rRWyEDsq+LkeM4LYBHMBnRZ6anvPwbIAf6WG2k59A40KOi OJHP/LVcRj0ngnp7vsIUTeKf3wC9L0KrhrEIvGAkF6mhtfQjeY2W6GMTmHmsZ8GVxYZz ixHmcaDEtgE32w7aN2Owb+fL6wVC6X7V/1fdrQfE+5LHCFwlciHCiOyC7CSg3rDbilrW V8MIH+0Txv8ynwraw12aw8F9E+NEoRCNUmyTsGJ3fhnHvXVVEkcijUmWnKbeU6YPA84u F/SA== X-Gm-Message-State: AOAM533Kn77GGqu69bah+mdA4m5EfpmsEb0N2RjhYSoBJB+d+uipQoJh QuwIQ2Fs+Z37BtDZDzrgZUUv5IXyzrrm1Q== X-Google-Smtp-Source: ABdhPJz90lZ0u7Ll6EUiouA8v4vdCwcfxsBa8SAZWu6nxLCsyNnK3Emp8VH6wpUi4C+idmNyjOm5RA== X-Received: by 2002:a0c:8c03:: with SMTP id n3mr10503689qvb.32.1619444110014; Mon, 26 Apr 2021 06:35:10 -0700 (PDT) Received: from mail-yb1-f171.google.com (mail-yb1-f171.google.com. [209.85.219.171]) by smtp.gmail.com with ESMTPSA id a187sm10951598qkd.69.2021.04.26.06.35.09 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 26 Apr 2021 06:35:09 -0700 (PDT) Received: by mail-yb1-f171.google.com with SMTP id t94so11615549ybi.3 for ; Mon, 26 Apr 2021 06:35:09 -0700 (PDT) X-Received: by 2002:a05:6902:532:: with SMTP id y18mr25157851ybs.377.1619444109464; Mon, 26 Apr 2021 06:35:09 -0700 (PDT) MIME-Version: 1.0 From: =?UTF-8?Q?Fernando_Apestegu=C3=ADa?= Date: Mon, 26 Apr 2021 15:31:38 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Regular expression compilation fail in current To: FreeBSD Hackers Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 4FTQqy6l0jz3P3p X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of fernandoapesteguia@gmail.com designates 209.85.219.51 as permitted sender) smtp.mailfrom=fernandoapesteguia@gmail.com X-Spamd-Result: default: False [-2.38 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17:c]; RCVD_COUNT_THREE(0.00)[4]; TO_DN_ALL(0.00)[]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FORGED_SENDER(0.30)[fernape@freebsd.org,fernandoapesteguia@gmail.com]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; R_MIXED_CHARSET(0.62)[subject]; R_DKIM_NA(0.00)[]; TAGGED_FROM(0.00)[]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; ARC_NA(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[209.85.219.51:from]; TO_DOM_EQ_FROM_DOM(0.00)[]; FROM_NEQ_ENVFROM(0.00)[fernape@freebsd.org,fernandoapesteguia@gmail.com]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; DMARC_NA(0.00)[freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[209.85.219.51:from:127.0.2.255]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; RCVD_IN_DNSWL_NONE(0.00)[209.85.219.51:from]; RWL_MAILSPIKE_POSSIBLE(0.00)[209.85.219.51:from]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Apr 2021 13:35:11 -0000 Hi there, I'm working with this port PR https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255182 and the problem seems to boil down to a regular expression that does not compile on current but it does in 12.2. The minimum repro is this one: #include #include int main() { regex_t regexp; int ret = regcomp(®exp, "\\s*", REG_EXTENDED | REG_ICASE | REG_NOSUB); if ( ret != 0) { printf("regexp compilation failed: %d\n", ret); } return 0; } This one works in 12.2 but fails to compile the regexp in FreeBSD 14.0-CURRENT #11 main-n245984-15221c552b3c with error 5 REG_EESCAPE `\' applied to unescapable character. Any help is appreciated. Thanks! From owner-freebsd-hackers@freebsd.org Mon Apr 26 13:50:20 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 672CF5E0F69 for ; Mon, 26 Apr 2021 13:50:20 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from gndrsh.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FTR9R3HpDz3PT0 for ; Mon, 26 Apr 2021 13:50:19 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from gndrsh.dnsmgr.net (localhost [127.0.0.1]) by gndrsh.dnsmgr.net (8.13.3/8.13.3) with ESMTP id 13QDoBkb097897; Mon, 26 Apr 2021 06:50:11 -0700 (PDT) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: (from freebsd-rwg@localhost) by gndrsh.dnsmgr.net (8.13.3/8.13.3/Submit) id 13QDoA0E097896; Mon, 26 Apr 2021 06:50:10 -0700 (PDT) (envelope-from freebsd-rwg) From: "Rodney W. Grimes" Message-Id: <202104261350.13QDoA0E097896@gndrsh.dnsmgr.net> Subject: Re: Are there any RFCs for address selection for IPv4 In-Reply-To: <8834.1619373361@critter.freebsd.dk> To: Poul-Henning Kamp Date: Mon, 26 Apr 2021 06:50:10 -0700 (PDT) CC: Zhenlei Huang , "Rodney W. Grimes" , freebsd-hackers@freebsd.org X-Mailer: ELM [version 2.4ME+ PL121h (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-Rspamd-Queue-Id: 4FTR9R3HpDz3PT0 X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of freebsd-rwg@gndrsh.dnsmgr.net has no SPF policy when checking 69.59.192.140) smtp.mailfrom=freebsd-rwg@gndrsh.dnsmgr.net X-Spamd-Result: default: False [-0.60 / 15.00]; RCVD_TLS_LAST(0.00)[]; ARC_NA(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; TO_DN_SOME(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; TAGGED_RCPT(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[dnsmgr.net]; AUTH_NA(1.00)[]; SPAMHAUS_ZRD(0.00)[69.59.192.140:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[69.59.192.140:from]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_SPF_NA(0.00)[no SPF record]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:13868, ipnet:69.59.192.0/19, country:US]; FREEMAIL_CC(0.00)[gmail.com,gndrsh.dnsmgr.net,freebsd.org]; MAILMAN_DEST(0.00)[freebsd-hackers]; SUSPICIOUS_RECIPS(1.50)[] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Apr 2021 13:50:20 -0000 > Zhenlei Huang writes: > > > Reading RFC 3927 2.7, it states link-local addresses are not routable. The router shall > > discard those packets from or to link-local addresses. Then it make no sense for a host > > to select link-local address as source address when it initialize a connection, except for > > an edge case that the destination is also link-local address. > > As I understand it, it only makes sense let the kernel select a LL address under two > conditions: I take it you mean for IPv4 only? > A) The destination is also LL *or* multicast Agree, this is pretty clear from specs. > > B) There is only one "UP" interfaces with an LLA. This I am not clear on. RFC 3927 does bring up some of the problems, and possible solutions, for a multihomed situation with LL addresses. Section 3.2 > > Implementing the second criteria runs into us putting a (IPv6)LL > on the loopback interface. Huh? We already do that. > > Does anybody know why we put a (ipv6)LL on loopback interfaces ? I believe someplace in the bowls of all the IPv6 specs this is a requirement. I could not find it quickly though. Question: Should we allow a route to have a next hop of a LL(ipv4)? Reason: RFC3927 2.6.2: The host MUST NOT send a packet with an IPv4 Link-Local destination address to any router for forwarding. So, arguably, it is a violation to allow the default route to have a LL next hop for ipv4. For that matter, it is a violation to allow ANY ipv4 LL address to be the next hop in the routing table(s). -- Rod Grimes rgrimes@freebsd.org From owner-freebsd-hackers@freebsd.org Mon Apr 26 14:01:10 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 20D705E16D3 for ; Mon, 26 Apr 2021 14:01:10 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from gndrsh.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FTRPx397Rz3QKX for ; Mon, 26 Apr 2021 14:01:09 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from gndrsh.dnsmgr.net (localhost [127.0.0.1]) by gndrsh.dnsmgr.net (8.13.3/8.13.3) with ESMTP id 13QE17LN097949; Mon, 26 Apr 2021 07:01:07 -0700 (PDT) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: (from freebsd-rwg@localhost) by gndrsh.dnsmgr.net (8.13.3/8.13.3/Submit) id 13QE17Jb097948; Mon, 26 Apr 2021 07:01:07 -0700 (PDT) (envelope-from freebsd-rwg) From: "Rodney W. Grimes" Message-Id: <202104261401.13QE17Jb097948@gndrsh.dnsmgr.net> Subject: Re: Are there any RFCs for address selection for IPv4 In-Reply-To: To: Zhenlei Huang Date: Mon, 26 Apr 2021 07:01:07 -0700 (PDT) CC: "Rodney W. Grimes" , freebsd-hackers@freebsd.org X-Mailer: ELM [version 2.4ME+ PL121h (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-Rspamd-Queue-Id: 4FTRPx397Rz3QKX X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of freebsd-rwg@gndrsh.dnsmgr.net has no SPF policy when checking 69.59.192.140) smtp.mailfrom=freebsd-rwg@gndrsh.dnsmgr.net X-Spamd-Result: default: False [-2.10 / 15.00]; RCVD_TLS_LAST(0.00)[]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; TAGGED_RCPT(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[dnsmgr.net]; AUTH_NA(1.00)[]; SPAMHAUS_ZRD(0.00)[69.59.192.140:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[69.59.192.140:from]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_SPF_NA(0.00)[no SPF record]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:13868, ipnet:69.59.192.0/19, country:US]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Apr 2021 14:01:10 -0000 > Hi Rod Grimes, > > > > On Apr 25, 2021, at 9:40 PM, Rodney W. Grimes wrote: > > > >> Hello hackers, > >> > >> For IPv6 there's RFC 6724 to clarify the default address selection procedure, > >> both for source address selection and destination address selection. Are there > >> any RFCs like RFC 6724 that are for IPv4? > > > > The important difference I think here is that in IPv6 it is very normal to > > have both a link local and a routable IP address on an interface. RFC 3927 > > speaks to this for IPv4 with: > > IPv4 Link-Local addresses are not suitable for communication with > > devices not directly connected to the same physical (or logical) > > link, and are only used where stable, routable addresses are not > > available (such as on ad hoc or isolated networks). This document > > does not recommend that IPv4 Link-Local addresses and routable > > addresses be configured simultaneously on the same interface. > > > > Though technically you have not put a global uniq unicast address on the > > outbound interface the fact your trying to route one via that interface > > to a loopback interface puts you into the situation your attempting > > to route global IP over a link local address. > >> > >> I'm exploring RFC 3927, consider this situation, a host configured with link-local > >> address on NIC and global unicast alias address on loopback interface, and default route to > >> the link-local address of router (some ISPs do this). The current implementation kernel > >> will use the link-local address as the source address when initializing a connection to > >> remote host via the default route. It seems wrong, as link-local address are not > >> routable as per RFC 3927. > > > > So your wanting the kernel to pick a source address on another interface > > for a packet going out a different interface, that is what seems wrong. > > I'm not sure if this is proper for IPv4, but in the IPv6 network stack, FreeBSD's > current implementation select global unicast address over link-local address, in case > the outgoing interface does not have any global unicast addresses. > I'm wondering whether it makes sense also for IPv4. This is due to the fact that IPv6 is specified to have this type of behavior. In v6 we have the idea of scope, that does not exist in the v4 world, or at least at this time it does not. RFC3927 3.2 does discuss the idea of scope and v4. > > > > Though I think this could be solved by applying a technique used in > > routers, and that is the concept of a host specific globally routeable > > IP address that should be used for all non-local packets. This is useful > > in complex multipath networks as the router is always accessable via > > that IP address no mater which interfaces are routing packets correctly > > as long as the routing protocols are maintaining a path to it. > > > > But before going down that road, why are you putting your desired globally > > routeable IP address on lo0 and not on the upstream interface which would > > eliminate this problem? Is it because you have a complex multipath network, > > or is it from an attempt to save some global IP's that would be needed > > to run these on the link? Or? > > > > Reading RFC 3927 2.7, it states link-local addresses are not routable. The router shall > discard those packets from or to link-local addresses. Then it make no sense for a host > to select link-local address as source address when it initialize a connection, except for > an edge case that the destination is also link-local address. In my reply to Poul Henning I wrote that allowing a ipv4 LL address as a next hop may be a violation of RFC, and is the root cause of this address selection process. It wont fix your issue, as once you remove that route your host wont be able to send anything but link local packets. I am still unclear why your putting your IP address on lo0 and attempting/expecting that address to route over a link that is only configured with LL addresses. > > >> > >> So it is important if there's corresponding RFC clarify the source address selection > >> for IPv4. > > > > I do not believe you well find anything that speaks to this issue for IPv4, as > > your not really in the situation of RFC6724 which has to do with multiple IP > > addresses on the same interface. > > > >> Thanks :) > >> _______________________________________________ > >> freebsd-hackers@freebsd.org mailing list > >> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers > >> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" > > > > -- > > Rod Grimes rgrimes@freebsd.org > > Thanks, > Zhenlei Huang -- Rod Grimes rgrimes@freebsd.org From owner-freebsd-hackers@freebsd.org Mon Apr 26 14:16:27 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C0CEE5E1F88 for ; Mon, 26 Apr 2021 14:16:27 +0000 (UTC) (envelope-from ionut.mihalache1506@gmail.com) Received: from mail-io1-xd2f.google.com (mail-io1-xd2f.google.com [IPv6:2607:f8b0:4864:20::d2f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FTRlZ6mVKz3QlR for ; Mon, 26 Apr 2021 14:16:26 +0000 (UTC) (envelope-from ionut.mihalache1506@gmail.com) Received: by mail-io1-xd2f.google.com with SMTP id p8so3412453iol.11 for ; Mon, 26 Apr 2021 07:16:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=edlAU8ex+8vp0vyb+jPLfMDLQ4CewTaLOQHogwRb6KQ=; b=tiKbjmDgh6aMkK35SPyKsbYjCHw6zEvKN5a6BYNmR8XuOQra5ghZ9XfvB021CAxIsT 6CYrLlKjfKjdbqY1hGYkA0FwSkfj04arxXZsfrm2JDUQxuJ50f6ReUULAF24JlSoI6Bi ld3UN93sAeIaZhfdJGOWzQDojz/eXeKEGXTasrKmD8KDlG/Bp00O6E20X4qHVxrEKQCZ scl3VOqvsJhdAuJtFZgGCYjAzeuL58P/ciGLm8SWGsaJdof8JMDtpInn/UwfvVUrsjpK IOavWHvda4TNZwVHzzSLNVnp+NMyG7NJH6BfsRWfdNXlcaiU3sGkd+aWIqCNyhvzB26Y oQvw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=edlAU8ex+8vp0vyb+jPLfMDLQ4CewTaLOQHogwRb6KQ=; b=Krsb+vUp7y8X8JmQ7ZPw0q0pwf8kPmqJItihp9IpVE31BoZkR2NnjSPpco6XAeU0aF yKppzv7TrSKXH5hmqWpiNTpwW9r3HrkiB+cdfdl5YrUHChvl60ULVi8CO4WRvBPsT2HT BnCRH8+io6YLJvbudVAtGbOpP1rD3x3hArhIQB9hghbZUd0bdlhK0kq5PO2prDXkVqDN ykK0/i3Fjxa04DwYVBxAQGBTMjJdtUEONSqRreDwKZIlS431KzS0mr2xR5TGPQjO8tyC Jr6hnI5JqoiQdKNHZy/9IU3RIn2QP71JLlOPGHsjzICWmWMpvc2TztrlVw1ziOYGTOUD +K4w== X-Gm-Message-State: AOAM531j1/UvtaUlDVtfJc9vDboMWIXNJ1Ch7OUSZBmngwlKqUDt34yh 3OH6qs2ykpYkrVi45yGyJZKaKHk4eIryxPBOI/JMZWi6RoM= X-Google-Smtp-Source: ABdhPJwA9Pa83Z2j7c59d5e302m/2iUDnYm0J2l/uGDKLem1/NTbSsOxwFtnoLmlhv5IM7uwhVqnOJ3uMIPdtYQIV3w= X-Received: by 2002:a05:6638:379c:: with SMTP id w28mr7955379jal.81.1619446585623; Mon, 26 Apr 2021 07:16:25 -0700 (PDT) MIME-Version: 1.0 From: =?UTF-8?Q?Ionu=C8=9B_Mihalache?= Date: Mon, 26 Apr 2021 17:16:14 +0300 Message-ID: Subject: cap_sysctlbyname for hw.vmm.destroy To: freebsd-hackers@freebsd.org X-Rspamd-Queue-Id: 4FTRlZ6mVKz3QlR X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=tiKbjmDg; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of ionutmihalache1506@gmail.com designates 2607:f8b0:4864:20::d2f as permitted sender) smtp.mailfrom=ionutmihalache1506@gmail.com X-Spamd-Result: default: False [-3.29 / 15.00]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; TO_DN_NONE(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; R_MIXED_CHARSET(0.71)[subject]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::d2f:from]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::d2f:from:127.0.2.255]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::d2f:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Apr 2021 14:16:27 -0000 Hello, I am working on adding capsicum support for the bhyve snapshot feature. At the end of the suspend process, the guest should be destroyed and the code handles this part with a sysctlbyname call which is not working in capability mode. I don't know what is the problem but even when using cap_sysctlbyname I still get the same error code (EPERM). I tried the example from the documentation aswell [1] and still the same error code. What could be the problem? I have a FreeBSD13 host and a FreeBSD13 guest. [1] - https://www.freebsd.org/cgi/man.cgi?query=cap_sysctl&apropos=0&sektion=0&manpath=FreeBSD+13-current&arch=default&format=html From owner-freebsd-hackers@freebsd.org Mon Apr 26 14:25:00 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 158B25E2266 for ; Mon, 26 Apr 2021 14:25:00 +0000 (UTC) (envelope-from phk@critter.freebsd.dk) Received: from phk.freebsd.dk (phk.freebsd.dk [130.225.244.222]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FTRxR0Nchz3RCM for ; Mon, 26 Apr 2021 14:24:58 +0000 (UTC) (envelope-from phk@critter.freebsd.dk) Received: from critter.freebsd.dk (v-critter.freebsd.dk [192.168.55.3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by phk.freebsd.dk (Postfix) with ESMTPS id 762228928F; Mon, 26 Apr 2021 14:24:56 +0000 (UTC) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.16.1/8.16.1) with ESMTPS id 13QEOupZ076580 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Mon, 26 Apr 2021 14:24:56 GMT (envelope-from phk@critter.freebsd.dk) Received: (from phk@localhost) by critter.freebsd.dk (8.16.1/8.16.1/Submit) id 13QEOtr9076579; Mon, 26 Apr 2021 14:24:55 GMT (envelope-from phk) To: "Rodney W. Grimes" cc: Zhenlei Huang , freebsd-hackers@freebsd.org Subject: Re: Are there any RFCs for address selection for IPv4 In-reply-to: <202104261350.13QDoA0E097896@gndrsh.dnsmgr.net> From: "Poul-Henning Kamp" References: <202104261350.13QDoA0E097896@gndrsh.dnsmgr.net> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <76577.1619447095.1@critter.freebsd.dk> Date: Mon, 26 Apr 2021 14:24:55 +0000 Message-ID: <76578.1619447095@critter.freebsd.dk> X-Rspamd-Queue-Id: 4FTRxR0Nchz3RCM X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of phk@critter.freebsd.dk designates 130.225.244.222 as permitted sender) smtp.mailfrom=phk@critter.freebsd.dk X-Spamd-Result: default: False [-1.23 / 15.00]; RCVD_TLS_ALL(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[130.225.244.222:from]; FREEFALL_USER(0.00)[phk]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; TAGGED_RCPT(0.00)[]; MIME_GOOD(-0.10)[text/plain]; ARC_NA(0.00)[]; DMARC_NA(0.00)[freebsd.dk]; SPAMHAUS_ZRD(0.00)[130.225.244.222:from:127.0.2.255]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_SPAM_SHORT(0.77)[0.775]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FORGED_SENDER(0.30)[phk@phk.freebsd.dk,phk@critter.freebsd.dk]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:1835, ipnet:130.225.0.0/16, country:EU]; FROM_NEQ_ENVFROM(0.00)[phk@phk.freebsd.dk,phk@critter.freebsd.dk]; MAILMAN_DEST(0.00)[freebsd-hackers]; FREEMAIL_CC(0.00)[gmail.com,freebsd.org] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Apr 2021 14:25:00 -0000 -------- Rodney W. Grimes writes: > > Does anybody know why we put a (ipv6)LL on loopback interfaces ? > > I believe someplace in the bowls of all the IPv6 specs this > is a requirement. I could not find it quickly though. I'm not seeing Linux doing it for instance ? > Question: Should we allow a route to have a next hop of a LL(ipv4)? > Reason: RFC3927 2.6.2: > The host MUST NOT send a packet with an IPv4 Link-Local destination > address to any router for forwarding. > > So, arguably, it is a violation to allow the default route to have > a LL next hop for ipv4. For that matter, it is a violation to allow > ANY ipv4 LL address to be the next hop in the routing table(s). You are reading that wrong. It is OK to have a LL as next-hop. It is not OK to send a packet with dst=LL to any next-hop. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From owner-freebsd-hackers@freebsd.org Mon Apr 26 14:56:38 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2D7495E3360 for ; Mon, 26 Apr 2021 14:56:38 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from gndrsh.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FTSdw4Jcxz3jQR for ; Mon, 26 Apr 2021 14:56:36 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from gndrsh.dnsmgr.net (localhost [127.0.0.1]) by gndrsh.dnsmgr.net (8.13.3/8.13.3) with ESMTP id 13QEuXhD098220; Mon, 26 Apr 2021 07:56:33 -0700 (PDT) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: (from freebsd-rwg@localhost) by gndrsh.dnsmgr.net (8.13.3/8.13.3/Submit) id 13QEuXEa098219; Mon, 26 Apr 2021 07:56:33 -0700 (PDT) (envelope-from freebsd-rwg) From: "Rodney W. Grimes" Message-Id: <202104261456.13QEuXEa098219@gndrsh.dnsmgr.net> Subject: Re: Are there any RFCs for address selection for IPv4 In-Reply-To: <76578.1619447095@critter.freebsd.dk> To: Poul-Henning Kamp Date: Mon, 26 Apr 2021 07:56:33 -0700 (PDT) CC: "Rodney W. Grimes" , freebsd-hackers@freebsd.org X-Mailer: ELM [version 2.4ME+ PL121h (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-Rspamd-Queue-Id: 4FTSdw4Jcxz3jQR X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of freebsd-rwg@gndrsh.dnsmgr.net has no SPF policy when checking 69.59.192.140) smtp.mailfrom=freebsd-rwg@gndrsh.dnsmgr.net X-Spamd-Result: default: False [-1.00 / 15.00]; RCVD_TLS_LAST(0.00)[]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[dnsmgr.net]; RBL_DBL_DONT_QUERY_IPS(0.00)[69.59.192.140:from]; AUTH_NA(1.00)[]; NEURAL_SPAM_SHORT(0.10)[0.104]; SPAMHAUS_ZRD(0.00)[69.59.192.140:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_SPF_NA(0.00)[no SPF record]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:13868, ipnet:69.59.192.0/19, country:US]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Apr 2021 14:56:38 -0000 > -------- > Rodney W. Grimes writes: > > > > Does anybody know why we put a (ipv6)LL on loopback interfaces ? > > > > I believe someplace in the bowls of all the IPv6 specs this > > is a requirement. I could not find it quickly though. > > I'm not seeing Linux doing it for instance ? I'll investigate further and see if I can discover why we do this, if it is or isnt in spec, etc. > > > Question: Should we allow a route to have a next hop of a LL(ipv4)? > > Reason: RFC3927 2.6.2: > > The host MUST NOT send a packet with an IPv4 Link-Local destination > > address to any router for forwarding. > > > > So, arguably, it is a violation to allow the default route to have > > a LL next hop for ipv4. For that matter, it is a violation to allow > > ANY ipv4 LL address to be the next hop in the routing table(s). > > You are reading that wrong. Yep > > It is OK to have a LL as next-hop. > > It is not OK to send a packet with dst=LL to any next-hop. No, that is explicity forbidden: RFC 3927 at 2.7 paragraph 2: An IPv4 packet whose source and/or destination address is in the 169.254/16 prefix MUST NOT be sent to any router for forwarding, and any network device receiving such a packet MUST NOT forward it, regardless of the TTL in the IPv4 header. If dst=LL you must ARP for the destination is also in the spec some place, no routing allowed. Now if you had said dst != LL to any next-hop, that would be true. > -- > Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 > phk@FreeBSD.ORG | TCP/IP since RFC 956 > FreeBSD committer | BSD since 4.3-tahoe > Never attribute to malice what can adequately be explained by incompetence. > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" > -- Rod Grimes rgrimes@freebsd.org From owner-freebsd-hackers@freebsd.org Mon Apr 26 15:12:42 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7233D5E3370 for ; Mon, 26 Apr 2021 15:12:42 +0000 (UTC) (envelope-from phk@critter.freebsd.dk) Received: from phk.freebsd.dk (phk.freebsd.dk [130.225.244.222]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FTT0T4HRrz3kMb for ; Mon, 26 Apr 2021 15:12:41 +0000 (UTC) (envelope-from phk@critter.freebsd.dk) Received: from critter.freebsd.dk (v-critter.freebsd.dk [192.168.55.3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by phk.freebsd.dk (Postfix) with ESMTPS id 8B3A18928F; Mon, 26 Apr 2021 15:12:39 +0000 (UTC) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.16.1/8.16.1) with ESMTPS id 13QFCc7p076800 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Mon, 26 Apr 2021 15:12:39 GMT (envelope-from phk@critter.freebsd.dk) Received: (from phk@localhost) by critter.freebsd.dk (8.16.1/8.16.1/Submit) id 13QFCcHL076799; Mon, 26 Apr 2021 15:12:38 GMT (envelope-from phk) To: "Rodney W. Grimes" cc: freebsd-hackers@freebsd.org Subject: Re: Are there any RFCs for address selection for IPv4 In-reply-to: <202104261456.13QEuXEa098219@gndrsh.dnsmgr.net> From: "Poul-Henning Kamp" References: <202104261456.13QEuXEa098219@gndrsh.dnsmgr.net> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <76797.1619449958.1@critter.freebsd.dk> Date: Mon, 26 Apr 2021 15:12:38 +0000 Message-ID: <76798.1619449958@critter.freebsd.dk> X-Rspamd-Queue-Id: 4FTT0T4HRrz3kMb X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of phk@critter.freebsd.dk designates 130.225.244.222 as permitted sender) smtp.mailfrom=phk@critter.freebsd.dk X-Spamd-Result: default: False [-2.99 / 15.00]; RCVD_TLS_ALL(0.00)[]; ARC_NA(0.00)[]; FREEFALL_USER(0.00)[phk]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[freebsd.dk]; RBL_DBL_DONT_QUERY_IPS(0.00)[130.225.244.222:from]; SPAMHAUS_ZRD(0.00)[130.225.244.222:from:127.0.2.255]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.99)[-0.993]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FORGED_SENDER(0.30)[phk@phk.freebsd.dk,phk@critter.freebsd.dk]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:1835, ipnet:130.225.0.0/16, country:EU]; FROM_NEQ_ENVFROM(0.00)[phk@phk.freebsd.dk,phk@critter.freebsd.dk]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Apr 2021 15:12:42 -0000 -------- Rodney W. Grimes writes: > > It is OK to have a LL as next-hop. > > > > It is not OK to send a packet with dst=LL to any next-hop. > > No, that is explicity forbidden: > RFC 3927 at 2.7 paragraph 2: > > An IPv4 packet whose source and/or destination address is in the > 169.254/16 prefix MUST NOT be sent to any router for forwarding, and > any network device receiving such a packet MUST NOT forward it, > regardless of the TTL in the IPv4 header. Right the second criteria should be: It is not OK to send a packet with src=LL or dst=LL to any next-hop. But it /is/ OK to have a next-hop router on a LL, but it is no use, unless your host has another interface with a "real" IP on it. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From owner-freebsd-hackers@freebsd.org Mon Apr 26 15:35:54 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id E4E3D5E559C for ; Mon, 26 Apr 2021 15:35:54 +0000 (UTC) (envelope-from zlei.huang@gmail.com) Received: from mail-pl1-x633.google.com (mail-pl1-x633.google.com [IPv6:2607:f8b0:4864:20::633]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FTTWF6Pc6z3mCm for ; Mon, 26 Apr 2021 15:35:53 +0000 (UTC) (envelope-from zlei.huang@gmail.com) Received: by mail-pl1-x633.google.com with SMTP id b21so632128plz.0 for ; Mon, 26 Apr 2021 08:35:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:mime-version:subject:date:references:cc:to:message-id; bh=9Gxqs9fhtA/dPkbzpZkD76JEnwmaP+8EJKetcWHqNUo=; b=rWONd2XiaHFPHpEY94VMxrYgm+bb6fa/IX7IKTUOlkKd3yTR6pRwnr653bKxET74ly iXQH24ZXd2gIvnApYdhtzrpX9PYudAT+NpS1dUg/jfpFRIK9KC6VXmLeU2vVWKfY5VTh d6ioDDDW5dCzYzND3ZkIqo8up3L3y+q4NoZKLkbwcDYLoh3m6X/Xfe0AZOgnNSDWENFG JsC1ar2s16yHuLoxEOeJ+GVHDyqgkpdPrLLAJON5BZP4fumrjkjImmuoqxzaJfJIVa8/ 1ZQFMtbt5yYHHTGSt54ICeG7VK0W5i/PecnDvSzcJF93mABGgNwDESQ8VtNk6FErTLbM 6RZA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:subject:date:references:cc:to :message-id; bh=9Gxqs9fhtA/dPkbzpZkD76JEnwmaP+8EJKetcWHqNUo=; b=LCY2fmuYEpaVqE2dcdeX7oKgxcR7YnV78yLnhWyaJol3YGzk6CMnrGX+E+KZQfZseU 5QXQcqXsggodQHYOwXgH2ROVZlkCiJ6BaEoFk3yN0NJdleRwwKF3TPFSVHqT9DSZtCO7 FXQ6FRRlW8M7+N/2XWgJh/B7uk/GEuYAzdBriYpYLmgy5pkla/gBp5xKfCKGmv0GqI1K U5S9Buus7A2kQ8Kowk6oNknr1M58b3rx8MJ/OSOaWDU6GK1go1I/+PxnKhUdAXjhehP/ +bGC5OWqoydy1TXG2LFCCwD39qbMNQzR8UppDmcmD4mvaFY1geZHN0feG8zHxIiwPXwK zkzg== X-Gm-Message-State: AOAM5320MNFweSdMQVCOC8RQ0YMGofiZanqa5nBQraDwGUeYKa7kw3O5 1rj9nLl75e1gzBy3r1vuY1hboU4GO84= X-Google-Smtp-Source: ABdhPJyWfTZ5Uvx+rUyYTsiHRRq9tRyiDtpuPrPxtbX/3qwzIUmLbqPN5pmT+ogW5F6bNAM7SWdeZg== X-Received: by 2002:a17:902:b406:b029:ec:fbf2:4114 with SMTP id x6-20020a170902b406b02900ecfbf24114mr12098251plr.32.1619451352274; Mon, 26 Apr 2021 08:35:52 -0700 (PDT) Received: from [172.17.252.129] (ns1.oxydns.net. [45.32.91.63]) by smtp.gmail.com with ESMTPSA id w10sm121883pfq.184.2021.04.26.08.35.49 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 26 Apr 2021 08:35:51 -0700 (PDT) From: Zhenlei Huang Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\)) Subject: Fwd: Are there any RFCs for address selection for IPv4 Date: Mon, 26 Apr 2021 23:35:38 +0800 References: <202104261401.13QE17Jb097948@gndrsh.dnsmgr.net> Cc: freebsd-hackers@freebsd.org To: "Rodney W. Grimes" Message-Id: <937C7998-7689-4D27-88B4-96C53F0E6F97@gmail.com> X-Mailer: Apple Mail (2.3608.120.23.2.4) X-Rspamd-Queue-Id: 4FTTWF6Pc6z3mCm X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=rWONd2Xi; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of zleihuang@gmail.com designates 2607:f8b0:4864:20::633 as permitted sender) smtp.mailfrom=zleihuang@gmail.com X-Spamd-Result: default: False [-3.50 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; MV_CASE(0.50)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::633:from]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::633:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::633:from]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Apr 2021 15:35:55 -0000 > Begin forwarded message: >=20 > From: "Rodney W. Grimes" > Subject: Re: Are there any RFCs for address selection for IPv4 > Date: April 26, 2021 at 10:01:07 PM GMT+8 > To: Zhenlei Huang > Cc: "Rodney W. Grimes" , = freebsd-hackers@freebsd.org >=20 >> Hi Rod Grimes, >>=20 >>=20 >>> On Apr 25, 2021, at 9:40 PM, Rodney W. Grimes = wrote: >>>=20 >>>> Hello hackers, >>>>=20 >>>> For IPv6 there's RFC 6724 to clarify the default address selection = procedure,=20 >>>> both for source address selection and destination address = selection. Are there >>>> any RFCs like RFC 6724 that are for IPv4?=20 >>>=20 >>> The important difference I think here is that in IPv6 it is very = normal to >>> have both a link local and a routable IP address on an interface. = RFC 3927 >>> speaks to this for IPv4 with: >>> IPv4 Link-Local addresses are not suitable for communication with >>> devices not directly connected to the same physical (or logical) >>> link, and are only used where stable, routable addresses are not >>> available (such as on ad hoc or isolated networks). This document >>> does not recommend that IPv4 Link-Local addresses and routable >>> addresses be configured simultaneously on the same interface. >>>=20 >>> Though technically you have not put a global uniq unicast address on = the >>> outbound interface the fact your trying to route one via that = interface >>> to a loopback interface puts you into the situation your attempting >>> to route global IP over a link local address. =20 >>>>=20 >>>> I'm exploring RFC 3927, consider this situation, a host configured = with link-local >>>> address on NIC and global unicast alias address on loopback = interface, and default route to=20 >>>> the link-local address of router (some ISPs do this). The current = implementation kernel >>>> will use the link-local address as the source address when = initializing a connection to=20 >>>> remote host via the default route. It seems wrong, as link-local = address are not=20 >>>> routable as per RFC 3927. >>>=20 >>> So your wanting the kernel to pick a source address on another = interface >>> for a packet going out a different interface, that is what seems = wrong. >>=20 >> I'm not sure if this is proper for IPv4, but in the IPv6 network = stack, FreeBSD's >> current implementation select global unicast address over link-local = address, in case >> the outgoing interface does not have any global unicast addresses. >> I'm wondering whether it makes sense also for IPv4. >=20 > This is due to the fact that IPv6 is specified to have this type of > behavior. In v6 we have the idea of scope, that does not exist in > the v4 world, or at least at this time it does not. RFC3927 3.2 does > discuss the idea of scope and v4. I have got noticed the limitation of the current implementation of IPv4 = scope. Basically it confuses to have two or more interfaces all configured with = LL addresses. >=20 >>>=20 >>> Though I think this could be solved by applying a technique used in >>> routers, and that is the concept of a host specific globally = routeable >>> IP address that should be used for all non-local packets. This is = useful >>> in complex multipath networks as the router is always accessable via >>> that IP address no mater which interfaces are routing packets = correctly >>> as long as the routing protocols are maintaining a path to it. >>>=20 >>> But before going down that road, why are you putting your desired = globally >>> routeable IP address on lo0 and not on the upstream interface which = would >>> eliminate this problem? Is it because you have a complex multipath = network, >>> or is it from an attempt to save some global IP's that would be = needed >>> to run these on the link? Or? >>>=20 >>=20 >> Reading RFC 3927 2.7, it states link-local addresses are not = routable. The router shall >> discard those packets from or to link-local addresses. Then it make = no sense for a host >> to select link-local address as source address when it initialize a = connection, except for=20 >> an edge case that the destination is also link-local address. >=20 > In my reply to Poul Henning I wrote that allowing a ipv4 LL address > as a next hop may be a violation of RFC, and is the root cause of > this address selection process. For route I think it is valid to have a LL as next-hop. In the routing = world the next-hop would be 'translated' to layer 2 address, regardless the mean, ARP or NDP. I'm = recently working on a feature to make FreeBSD's IPv4 route have IPv6 address as next-hop = based on Alexander V. Chernikov 's work, and it works so far so good except the = default source address selection. The related RFC is RFC 5549 . >=20 > It wont fix your issue, as once you remove that route your host > wont be able to send anything but link local packets. I am still > unclear why your putting your IP address on lo0 and = attempting/expecting > that address to route over a link that is only configured with LL > addresses. By putting routable IP address to lo0 is just an example. For routers = there may be=20 routable IP addresses on other interface. I'm not able to completely = explain the motivation for such kind of config, but if it is valid to have a LL as next-hop, then it is OK for a router / = host to have one interface with only LL address and also have other routable IP addresses = on other interfaces.=20 >=20 >>=20 >>>>=20 >>>> So it is important if there's corresponding RFC clarify the source = address selection=20 >>>> for IPv4. >>>=20 >>> I do not believe you well find anything that speaks to this issue = for IPv4, as >>> your not really in the situation of RFC6724 which has to do with = multiple IP >>> addresses on the same interface. >>>=20 >>>> Thanks :) >>>> _______________________________________________ >>>> freebsd-hackers@freebsd.org mailing list >>>> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers >>>> To unsubscribe, send any mail to = "freebsd-hackers-unsubscribe@freebsd.org" >>>=20 >>> --=20 >>> Rod Grimes = rgrimes@freebsd.org >>=20 >> Thanks, >> Zhenlei Huang > --=20 > Rod Grimes = rgrimes@freebsd.org Zhenlei Huang From owner-freebsd-hackers@freebsd.org Mon Apr 26 17:40:06 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id ED5305E99D7 for ; Mon, 26 Apr 2021 17:40:06 +0000 (UTC) (envelope-from markjdb@gmail.com) Received: from mail-qk1-x730.google.com (mail-qk1-x730.google.com [IPv6:2607:f8b0:4864:20::730]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FTXGZ3pH3z3tSv for ; Mon, 26 Apr 2021 17:40:06 +0000 (UTC) (envelope-from markjdb@gmail.com) Received: by mail-qk1-x730.google.com with SMTP id z2so20341922qkb.9 for ; Mon, 26 Apr 2021 10:40:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to; bh=9kySJDUPuqASOo2DEGsCHjXGsIo9DS4rwXq+rXdb4yQ=; b=OcVRsNKBo0McAG9EmOHDHOaLRAu0LrmGnZ6lq72nYMi9/vnVvLh0MBQTYk5MxgF25u HxEoE53e0mssXHABLWyPToy8mTh+U9NRj2pbd6b5LwXc0lP5WGOhQQhUzWj44cvIHgjx VkHoAZ3pYSFbcs9zFL0Yk72Za9QV1nejy6YCZGPFcm6TveoJUKzc2MbRKQ/CXluw9oiK XDe/sqJipUquNpCnpcZn4UkYU289EDWCZSIBCxXiqmBjGUZJPp8wrJL3w4ZGK3meVnzh rZ5mnnKagNu9MqzpI3STZprcQsoIBh+24CyJVAHm52nzLdRMAxeWdJEI0wXlLE0gS9j7 BGeg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:from:to:cc:subject:message-id :references:mime-version:content-disposition :content-transfer-encoding:in-reply-to; bh=9kySJDUPuqASOo2DEGsCHjXGsIo9DS4rwXq+rXdb4yQ=; b=FK8Gl1BCZVpuuWx+qY8PS+gleSpen/OpE1D+gNYfqya9flyxA4T2g2eMtODJQOXgkO 2O1fwjPnwgAk14S0+0ga8HlmrvA5Q+/fGfaRLyJLC30S+5/PiTNLE+EFiFWGzzPJmnX4 NlOXfQKKgSKVF3m+Mkyl/M6BmOBqipLWXFcVxB+Rg1/8BAPb9AMC/BiO9+WMOTbosOmz va8MWNXoXSg0hzes1HplCd+J3TQKgPrGvvK44TgFrxVrUWDIZOOTa6+93F4wMNuTaCV5 cBVa3+GCftbgkU7npPmdc3a6yhtBBV99kSx1PhlyumwCEp0tpUYDh09hzCtvI+mdP8tE JuvQ== X-Gm-Message-State: AOAM530JZngZ9goJHvCmH+5hsyCY48vC2sMXTqMhDmj4glyCzq0XZaMV +VgotDxplxU1MbNbk+NLOHw= X-Google-Smtp-Source: ABdhPJyfC29G6MjvNCXWob9z6GQZEq+s/THxi4wTWUA4ZwL5LnrAXZGqfrXCK0PQMDV7EnGcZn9Z8w== X-Received: by 2002:a37:a48a:: with SMTP id n132mr18290747qke.199.1619458805933; Mon, 26 Apr 2021 10:40:05 -0700 (PDT) Received: from nuc ([142.126.164.150]) by smtp.gmail.com with ESMTPSA id f16sm4507775qtq.43.2021.04.26.10.40.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 26 Apr 2021 10:40:05 -0700 (PDT) Sender: Mark Johnston Date: Mon, 26 Apr 2021 13:39:52 -0400 From: Mark Johnston To: =?utf-8?B?SW9udcib?= Mihalache Cc: freebsd-hackers@freebsd.org Subject: Re: cap_sysctlbyname for hw.vmm.destroy Message-ID: References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-Rspamd-Queue-Id: 4FTXGZ3pH3z3tSv X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=OcVRsNKB; dmarc=none; spf=pass (mx1.freebsd.org: domain of markjdb@gmail.com designates 2607:f8b0:4864:20::730 as permitted sender) smtp.mailfrom=markjdb@gmail.com X-Spamd-Result: default: False [-2.70 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FREEMAIL_TO(0.00)[gmail.com]; FORGED_SENDER(0.30)[markj@freebsd.org,markjdb@gmail.com]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; FROM_NEQ_ENVFROM(0.00)[markj@freebsd.org,markjdb@gmail.com]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::730:from]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; TAGGED_RCPT(0.00)[]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; DMARC_NA(0.00)[freebsd.org]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::730:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::730:from]; MID_RHS_NOT_FQDN(0.50)[]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Apr 2021 17:40:07 -0000 On Mon, Apr 26, 2021 at 05:16:14PM +0300, Ionuț Mihalache wrote: > Hello, > > I am working on adding capsicum support for the bhyve snapshot feature. At > the end of the suspend process, the guest should be destroyed and the code > handles this part with a sysctlbyname call which is not working in > capability mode. I don't know what is the problem but even when using > cap_sysctlbyname I still get the same error code (EPERM). I tried the > example from the documentation aswell [1] and still the same error code. > What could be the problem? I have a FreeBSD13 host and a FreeBSD13 guest. I'm not sure why it would happen unless the casper process is somehow running as a non-root user. Can you share the code you're testing somewhere? From owner-freebsd-hackers@freebsd.org Mon Apr 26 19:50:10 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3A7525EE1FD for ; Mon, 26 Apr 2021 19:50:10 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from gndrsh.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FTb8d13qtz4W3L for ; Mon, 26 Apr 2021 19:50:08 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from gndrsh.dnsmgr.net (localhost [127.0.0.1]) by gndrsh.dnsmgr.net (8.13.3/8.13.3) with ESMTP id 13QJo6bd099258; Mon, 26 Apr 2021 12:50:06 -0700 (PDT) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: (from freebsd-rwg@localhost) by gndrsh.dnsmgr.net (8.13.3/8.13.3/Submit) id 13QJo623099257; Mon, 26 Apr 2021 12:50:06 -0700 (PDT) (envelope-from freebsd-rwg) From: "Rodney W. Grimes" Message-Id: <202104261950.13QJo623099257@gndrsh.dnsmgr.net> Subject: Re: Fwd: Are there any RFCs for address selection for IPv4 In-Reply-To: <937C7998-7689-4D27-88B4-96C53F0E6F97@gmail.com> To: Zhenlei Huang Date: Mon, 26 Apr 2021 12:50:06 -0700 (PDT) CC: "Rodney W. Grimes" , freebsd-hackers@freebsd.org X-Mailer: ELM [version 2.4ME+ PL121h (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-Rspamd-Queue-Id: 4FTb8d13qtz4W3L X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of freebsd-rwg@gndrsh.dnsmgr.net has no SPF policy when checking 69.59.192.140) smtp.mailfrom=freebsd-rwg@gndrsh.dnsmgr.net X-Spamd-Result: default: False [-2.10 / 15.00]; RCVD_TLS_LAST(0.00)[]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; TAGGED_RCPT(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[dnsmgr.net]; AUTH_NA(1.00)[]; SPAMHAUS_ZRD(0.00)[69.59.192.140:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[69.59.192.140:from]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_SPF_NA(0.00)[no SPF record]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:13868, ipnet:69.59.192.0/19, country:US]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Apr 2021 19:50:10 -0000 > > > Begin forwarded message: > > > > From: "Rodney W. Grimes" > > Subject: Re: Are there any RFCs for address selection for IPv4 > > Date: April 26, 2021 at 10:01:07 PM GMT+8 > > To: Zhenlei Huang > > Cc: "Rodney W. Grimes" , freebsd-hackers@freebsd.org > > > >> Hi Rod Grimes, > >> > >> > >>> On Apr 25, 2021, at 9:40 PM, Rodney W. Grimes wrote: > >>> > >>>> Hello hackers, > >>>> > >>>> For IPv6 there's RFC 6724 to clarify the default address selection procedure, > >>>> both for source address selection and destination address selection. Are there > >>>> any RFCs like RFC 6724 that are for IPv4? > >>> > >>> The important difference I think here is that in IPv6 it is very normal to > >>> have both a link local and a routable IP address on an interface. RFC 3927 > >>> speaks to this for IPv4 with: > >>> IPv4 Link-Local addresses are not suitable for communication with > >>> devices not directly connected to the same physical (or logical) > >>> link, and are only used where stable, routable addresses are not > >>> available (such as on ad hoc or isolated networks). This document > >>> does not recommend that IPv4 Link-Local addresses and routable > >>> addresses be configured simultaneously on the same interface. > >>> > >>> Though technically you have not put a global uniq unicast address on the > >>> outbound interface the fact your trying to route one via that interface > >>> to a loopback interface puts you into the situation your attempting > >>> to route global IP over a link local address. > >>>> > >>>> I'm exploring RFC 3927, consider this situation, a host configured with link-local > >>>> address on NIC and global unicast alias address on loopback interface, and default route to > >>>> the link-local address of router (some ISPs do this). The current implementation kernel > >>>> will use the link-local address as the source address when initializing a connection to > >>>> remote host via the default route. It seems wrong, as link-local address are not > >>>> routable as per RFC 3927. > >>> > >>> So your wanting the kernel to pick a source address on another interface > >>> for a packet going out a different interface, that is what seems wrong. > >> > >> I'm not sure if this is proper for IPv4, but in the IPv6 network stack, FreeBSD's > >> current implementation select global unicast address over link-local address, in case > >> the outgoing interface does not have any global unicast addresses. > >> I'm wondering whether it makes sense also for IPv4. > > > > This is due to the fact that IPv6 is specified to have this type of > > behavior. In v6 we have the idea of scope, that does not exist in > > the v4 world, or at least at this time it does not. RFC3927 3.2 does > > discuss the idea of scope and v4. > > I have got noticed the limitation of the current implementation of IPv4 scope. > Basically it confuses to have two or more interfaces all configured with LL addresses. Yes, as the expectation in IPv4 is that a subnet is generally only reachable on one interface and from one address and that all host on a subnet are rechable from any interface on that subnet, which does not work with the ipv4 LL logic as it is today. > > > >>> > >>> Though I think this could be solved by applying a technique used in > >>> routers, and that is the concept of a host specific globally routeable > >>> IP address that should be used for all non-local packets. This is useful > >>> in complex multipath networks as the router is always accessable via > >>> that IP address no mater which interfaces are routing packets correctly > >>> as long as the routing protocols are maintaining a path to it. > >>> > >>> But before going down that road, why are you putting your desired globally > >>> routeable IP address on lo0 and not on the upstream interface which would > >>> eliminate this problem? Is it because you have a complex multipath network, > >>> or is it from an attempt to save some global IP's that would be needed > >>> to run these on the link? Or? > >>> > >> > >> Reading RFC 3927 2.7, it states link-local addresses are not routable. The router shall > >> discard those packets from or to link-local addresses. Then it make no sense for a host > >> to select link-local address as source address when it initialize a connection, except for > >> an edge case that the destination is also link-local address. > > > > In my reply to Poul Henning I wrote that allowing a ipv4 LL address > > as a next hop may be a violation of RFC, and is the root cause of > > this address selection process. > > For route I think it is valid to have a LL as next-hop. In the routing world the next-hop would > be 'translated' to layer 2 address, regardless the mean, ARP or NDP. Poul correcting me, and I agree, my statment was rushed and wrong. > I'm recently working on > a feature to make FreeBSD's IPv4 route have IPv6 address as next-hop based on > Alexander V. Chernikov 's work, and it works so far so good except the default source > address selection. The related RFC is RFC 5549 . Ok. I think it might help to split this problem space over that which exists for a "host" and that which exists for a "multi-homed host", and that which exists for a "router". The host I would say just put the globally routable IP on the upstream interface and your done. For the multi-homed host there needs to be a way to specify that some v4 IP is that hosts globally reachable IP and should be used as the source when the current logic only finds a LL v4 address. This same logic should work for a router, but may not be desireable for some reason. > > > > > It wont fix your issue, as once you remove that route your host > > wont be able to send anything but link local packets. I am still > > unclear why your putting your IP address on lo0 and attempting/expecting > > that address to route over a link that is only configured with LL > > addresses. > > By putting routable IP address to lo0 is just an example. For routers there may be > routable IP addresses on other interface. I'm not able to completely explain the > motivation for such kind of config, but > if it is valid to have a LL as next-hop, then it is OK for a router / host to have one > interface with only LL address and also have other routable IP addresses on other > interfaces. But there is no guarantee that you can use those routeable IP addresses on the other interfaces as source addresses on a LL interface only. I now understand your problem space better, and I think the simplest solution is to have a way to say "this IP address" is my globally reachable IP address (it needs to be an address on SOME interface.) And this globally reachable IP address should be used for a NON local packet source address when the current logic would of ended at the LL selection. You often have such IP addresses when you configure full mesh multi-hop iBGP that are injected into OSPF or other interior protocol and thus are reachable via interface addresses. This address is often configured on a loopback device, and exported into the interior protocol. > >>>> So it is important if there's corresponding RFC clarify the source address selection > >>>> for IPv4. > >>> > >>> I do not believe you well find anything that speaks to this issue for IPv4, as > >>> your not really in the situation of RFC6724 which has to do with multiple IP > >>> addresses on the same interface. > >>> > >>>> Thanks :) > >>> Rod Grimes rgrimes@freebsd.org > >> Zhenlei Huang > > Rod Grimes rgrimes@freebsd.org > Zhenlei Huang -- Rod Grimes rgrimes@freebsd.org From owner-freebsd-hackers@freebsd.org Mon Apr 26 19:55:21 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0304A5EE52A for ; Mon, 26 Apr 2021 19:55:21 +0000 (UTC) (envelope-from linimon@portsmon.org) Received: from MTA-06-3.privateemail.com (mta-06-3.privateemail.com [198.54.127.59]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FTbGb6lRmz4Wcd for ; Mon, 26 Apr 2021 19:55:19 +0000 (UTC) (envelope-from linimon@portsmon.org) Received: from MTA-06.privateemail.com (localhost [127.0.0.1]) by MTA-06.privateemail.com (Postfix) with ESMTP id 235606004D; Mon, 26 Apr 2021 15:55:18 -0400 (EDT) Received: from APP-02 (unknown [10.50.14.152]) by MTA-06.privateemail.com (Postfix) with ESMTPA id 03DF160043; Mon, 26 Apr 2021 15:55:17 -0400 (EDT) Date: Mon, 26 Apr 2021 14:55:17 -0500 (CDT) From: "linimon@portsmon.org linimon@portsmon.org" To: Mason Loring Bliss , freebsd-hackers@freebsd.org Message-ID: <1219846208.215399.1619466917981@privateemail.com> In-Reply-To: <20210425184323.GR18217@blisses.org> References: <20210425184323.GR18217@blisses.org> Subject: Re: Bug bounty framework? MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Priority: 3 Importance: Normal X-Mailer: Open-Xchange Mailer v7.10.4-Rev21 X-Originating-Client: open-xchange-appsuite X-Virus-Scanned: ClamAV using ClamSMTP X-Rspamd-Queue-Id: 4FTbGb6lRmz4Wcd X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of linimon@portsmon.org designates 198.54.127.59 as permitted sender) smtp.mailfrom=linimon@portsmon.org X-Spamd-Result: default: False [-2.30 / 15.00]; RCVD_TLS_LAST(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; FREEFALL_USER(0.00)[linimon]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:198.54.127.32/27]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[portsmon.org]; RBL_DBL_DONT_QUERY_IPS(0.00)[198.54.127.59:from]; SPAMHAUS_ZRD(0.00)[198.54.127.59:from:127.0.2.255]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-1.00)[-0.997]; RCPT_COUNT_TWO(0.00)[2]; HAS_X_PRIO_THREE(0.00)[3]; RCVD_IN_DNSWL_NONE(0.00)[198.54.127.59:from]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:22612, ipnet:198.54.127.0/24, country:US]; SUBJECT_ENDS_QUESTION(1.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Apr 2021 19:55:21 -0000 > On 04/25/2021 1:43 PM Mason Loring Bliss wrote: > I don't remember this idea coming up previously, so I wanted to see what > folks think about a framework for bug bounties and similar. Actually it _has_ been discussed before, but not very recently. tl;dr: there's demand for it but no one has stepped up to do the work to set it up :-) There was a "general" open source bounty site started 6 or 7 years ago, but it failed to get off the ground. (I am not going to link to it -- the most recent email I got from it was an ad for home improvement work.) And I can't speak for the Foundation, but in order to remain tax-exempt in the US, it cannot be seen as a "pass-through" place for explicit work. i.e. MajorCompanyX can't pay the Foundation to pay someone to do work. Now myself I would think that bugfixes would fall outside of the worry-zone but again I am not associated with the Foundation. So all I can do is to offer you help setting up a wiki page or something. (In the past, I have shied away from setting up some framework myself, because it would then be a conflict of interest for me to take advantage of any of the offers.) mcl From owner-freebsd-hackers@freebsd.org Mon Apr 26 20:01:27 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1AEEC5EE93F for ; Mon, 26 Apr 2021 20:01:27 +0000 (UTC) (envelope-from linimon@portsmon.org) Received: from MTA-13-4.privateemail.com (mta-13-4.privateemail.com [198.54.127.109]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FTbPY4V5vz4Wq3 for ; Mon, 26 Apr 2021 20:01:20 +0000 (UTC) (envelope-from linimon@portsmon.org) Received: from mta-13.privateemail.com (localhost [127.0.0.1]) by mta-13.privateemail.com (Postfix) with ESMTP id B65EA80066; Mon, 26 Apr 2021 16:01:19 -0400 (EDT) Received: from APP-02 (unknown [10.50.14.152]) by mta-13.privateemail.com (Postfix) with ESMTPA id 97F358005C; Mon, 26 Apr 2021 16:01:19 -0400 (EDT) Date: Mon, 26 Apr 2021 15:01:19 -0500 (CDT) From: "linimon@portsmon.org linimon@portsmon.org" To: Mason Loring Bliss , freebsd-hackers@freebsd.org Message-ID: <1866645852.215610.1619467279581@privateemail.com> In-Reply-To: <20210425185831.GS18217@blisses.org> References: <20210425185831.GS18217@blisses.org> Subject: Re: Mentoring framework? MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Priority: 3 Importance: Normal X-Mailer: Open-Xchange Mailer v7.10.4-Rev21 X-Originating-Client: open-xchange-appsuite X-Virus-Scanned: ClamAV using ClamSMTP X-Rspamd-Queue-Id: 4FTbPY4V5vz4Wq3 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of linimon@portsmon.org designates 198.54.127.109 as permitted sender) smtp.mailfrom=linimon@portsmon.org X-Spamd-Result: default: False [-2.29 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:198.54.127.96/27:c]; RCVD_COUNT_THREE(0.00)[3]; NEURAL_HAM_SHORT(-0.99)[-0.995]; RCPT_COUNT_TWO(0.00)[2]; HAS_X_PRIO_THREE(0.00)[3]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; R_DKIM_NA(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[198.54.127.109:from]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:22612, ipnet:198.54.127.0/24, country:US]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FREEFALL_USER(0.00)[linimon]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; SUBJECT_ENDS_QUESTION(1.00)[]; DMARC_NA(0.00)[portsmon.org]; SPAMHAUS_ZRD(0.00)[198.54.127.109:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; BLOCKLISTDE_FAIL(0.00)[198.54.127.109:query timed out]; RCVD_IN_DNSWL_NONE(0.00)[198.54.127.109:from]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Apr 2021 20:01:27 -0000 > On 04/25/2021 1:58 PM Mason Loring Bliss wrote: > I'd like to contribute, and something that occurs to me is the notion of > formal mentoring. Here are my observations: email is a pretty slow way of doing this kind of thing. Yes, us old-timers are quite used to it, but it kind of lacks a "collaborative" feel. A lot of time this kind of work gets done on various IRC channels. They at least (usually) give quicker feedback. But koobs@ has been putting a lot of effort into getting Discord to be a first- class interactivity space for FreeBSD. So, let me suggest trying out one of the channels there, as see if it's more like what you are looking for. (disclaimer: I am not saying "this will solve all our problems". I'm saying that right now it has momentum and seems worth supporting.) mcl From owner-freebsd-hackers@freebsd.org Mon Apr 26 20:12:52 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 91C855EEC01 for ; Mon, 26 Apr 2021 20:12:52 +0000 (UTC) (envelope-from lwhsu@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FTbfr3hM4z4XCH for ; Mon, 26 Apr 2021 20:12:52 +0000 (UTC) (envelope-from lwhsu@freebsd.org) Received: from mail-yb1-f178.google.com (mail-yb1-f178.google.com [209.85.219.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) (Authenticated sender: lwhsu/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 719B8237EA for ; Mon, 26 Apr 2021 20:12:52 +0000 (UTC) (envelope-from lwhsu@freebsd.org) Received: by mail-yb1-f178.google.com with SMTP id s9so8139309ybe.5 for ; Mon, 26 Apr 2021 13:12:52 -0700 (PDT) X-Gm-Message-State: AOAM533iyrdn/QERzAsvRSqqwH8USe5PtgY5bkhBAbImX8khD0Xy3+or EU+IT3SX5b1xUlWYfJJ+h/T+P0PGUuTpAAnQfck= X-Google-Smtp-Source: ABdhPJy92P/yVj0YTqETf9x93GrIF8PVJv7LHdGcWzB30OzLiQfkswSRfzCNSkRLp0XXSjCukJdWGHBkg3kjnuGTabY= X-Received: by 2002:a25:3c01:: with SMTP id j1mr28565217yba.176.1619467972111; Mon, 26 Apr 2021 13:12:52 -0700 (PDT) MIME-Version: 1.0 References: <20210425184323.GR18217@blisses.org> <1219846208.215399.1619466917981@privateemail.com> In-Reply-To: <1219846208.215399.1619466917981@privateemail.com> From: Li-Wen Hsu Date: Tue, 27 Apr 2021 04:12:40 +0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Bug bounty framework? To: "linimon@portsmon.org linimon@portsmon.org" Cc: Mason Loring Bliss , FreeBSD Hackers Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Apr 2021 20:12:52 -0000 On Tue, Apr 27, 2021 at 3:55 AM linimon@portsmon.org linimon@portsmon.org wrote: > > > On 04/25/2021 1:43 PM Mason Loring Bliss wrote: > > I don't remember this idea coming up previously, so I wanted to see what > > folks think about a framework for bug bounties and similar. > > Actually it _has_ been discussed before, but not very recently. > > tl;dr: there's demand for it but no one has stepped up to do the work to > set it up :-) I feel it's mixing two different things? IIUC that "bug bounty" mostly means that an organization (usually a big company) has a prize to reward the people who report security issues, instead of selling the 0day to the dark net. :-) I'm not sure as an open source, we should have that, but I remember that I see some places there are rewards for reporting kernel security issues, including FreeBSD (and hope they forward the report to our security team.) For the idea the original post described sounds like having a reward for completing a specified task. It's more like a job posting for seeking freelancers. But there is one (or more) for open source projects. Here is an example I remember: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=204521#c3 https://www.bountysource.com/issues/75687739-new-driver-request-port-rtsx-from-openbsd-to-freebsd I guess leveraging those external services is better than setting up our own at this point? Bes, Li-Wen From owner-freebsd-hackers@freebsd.org Mon Apr 26 20:20:44 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 59D115EF85E for ; Mon, 26 Apr 2021 20:20:44 +0000 (UTC) (envelope-from yuripv@ftml.net) Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FTbqv42Dqz4Xbf for ; Mon, 26 Apr 2021 20:20:43 +0000 (UTC) (envelope-from yuripv@ftml.net) Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id 89BDD5C01D9 for ; Mon, 26 Apr 2021 16:20:42 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute3.internal (MEProxy); Mon, 26 Apr 2021 16:20:42 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ftml.net; h= subject:to:references:from:message-id:date:mime-version :in-reply-to:content-type:content-transfer-encoding; s=fm3; bh=Q 06kjZXh5UfUkF2/DzjhWo3koA0X+m37LNA9zV+4TrE=; b=U4EbrFOYgxHPV7NWP J1Fa0I3RgtckVVM3Fi8a9lUqagrlNU6uSPFYOCpHsPpEZag1bS6OQuvhn4w6rRFF FPFwa8IAoRhFSh00uf6J3Ex16gGoBpwo/VoQb4DDO+cwYVNch79iiqbx4jwLIdYu fv20eGx8ifrfiQ5uqtuyi3vBeFyJsLXA7XV5QahgYii3AU7z6hzIDsPHP+2rdk8k r/p+ehY5xzhGzF7b4zJm9nkndXcESo0ZqH9s8DzQi7g0SXSkD+sCy5TX+6N3JaWU VOKnWyTW80CCsyjNU7KaziFGhV4RKQjTodNIV0+WUiEewMmG9g6TFcrPTv3q337K BuGUA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; bh=Q06kjZXh5UfUkF2/DzjhWo3koA0X+m37LNA9zV+4T rE=; b=iexbc/amfOlf/+k6+MYeFiW1xiNkTwIlpntCpU1Fzo7ucrAnkAoCym4vc jIz7alF5WgXaHUu8ugjtCdpQQb4l542B5xbVUd0XiYKtfkOPj6jXKohc21mtzRvJ XF/E2c8+N2GcHkAro/2pF0P8QQCp93pHyNVPUizAsL9DsE3rrRjuY2WVj5PRzHTU Z2Yw6d/IKJc9vKCHBuf9Cx0eGJ7M7fdzSyioF7IDQ1r77pQ3H+GF+Es/2imbx/p2 qWgZsH93cjXhy+J1x/QUxtghZrRywaYDEQNVdmgAJ9RTTZnc7TtY/ko5T3bhq1kZ B7BGIyg+iqv1q4OeaiZ/SjYP3vKCw== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrvdduledgudegucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepuffvfhfhkffffgggjggtgfesthejredttdefjeenucfhrhhomhepjghurhhi ucfrrghnkhhovhcuoeihuhhrihhpvhesfhhtmhhlrdhnvghtqeenucggtffrrghtthgvrh hnpeeutdekgeegffffudfggeffveeukeduheejieeihefhgefhgfekfefgheegvdfgueen ucffohhmrghinhepfhhrvggvsghsugdrohhrghdpsghouhhnthihshhouhhrtggvrdgtoh hmnecukfhppeeluddrvdegtddruddvgedrvdegheenucevlhhushhtvghrufhiiigvpedt necurfgrrhgrmhepmhgrihhlfhhrohhmpeihuhhrihhpvhesfhhtmhhlrdhnvght X-ME-Proxy: Received: from [192.168.1.12] (unknown [91.240.124.245]) by mail.messagingengine.com (Postfix) with ESMTPA id F0EF11080064 for ; Mon, 26 Apr 2021 16:20:41 -0400 (EDT) Subject: Re: Bug bounty framework? To: FreeBSD Hackers References: <20210425184323.GR18217@blisses.org> <1219846208.215399.1619466917981@privateemail.com> From: Yuri Pankov Message-ID: <6944624e-fd6f-f8a5-6c65-8764b650d911@ftml.net> Date: Mon, 26 Apr 2021 23:20:40 +0300 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.10.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4FTbqv42Dqz4Xbf X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=ftml.net header.s=fm3 header.b=U4EbrFOY; dkim=pass header.d=messagingengine.com header.s=fm2 header.b=iexbc/am; dmarc=pass (policy=none) header.from=ftml.net; spf=pass (mx1.freebsd.org: domain of yuripv@ftml.net designates 66.111.4.26 as permitted sender) smtp.mailfrom=yuripv@ftml.net X-Spamd-Result: default: False [-3.10 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; RWL_MAILSPIKE_GOOD(0.00)[66.111.4.26:from]; FREEMAIL_FROM(0.00)[ftml.net]; R_SPF_ALLOW(-0.20)[+ip4:66.111.4.26]; RCVD_COUNT_THREE(0.00)[4]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[ftml.net:+,messagingengine.com:+]; DMARC_POLICY_ALLOW(-0.50)[ftml.net,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[ftml.net]; ASN(0.00)[asn:11403, ipnet:66.111.4.0/24, country:US]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[66.111.4.26:from]; SUBJECT_ENDS_QUESTION(1.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[ftml.net:s=fm3,messagingengine.com:s=fm2]; FREEFALL_USER(0.00)[yuripv]; FROM_HAS_DN(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[66.111.4.26:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[66.111.4.26:from:127.0.2.255]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Apr 2021 20:20:44 -0000 Li-Wen Hsu wrote: > On Tue, Apr 27, 2021 at 3:55 AM linimon@portsmon.org > linimon@portsmon.org wrote: >> >>> On 04/25/2021 1:43 PM Mason Loring Bliss wrote: >>> I don't remember this idea coming up previously, so I wanted to see what >>> folks think about a framework for bug bounties and similar. >> >> Actually it _has_ been discussed before, but not very recently. >> >> tl;dr: there's demand for it but no one has stepped up to do the work to >> set it up :-) > > I feel it's mixing two different things? IIUC that "bug bounty" > mostly means that an organization (usually a big company) has a prize > to reward the people who report security issues, instead of selling > the 0day to the dark net. :-) I'm not sure as an open source, we > should have that, but I remember that I see some places there are > rewards for reporting kernel security issues, including FreeBSD (and > hope they forward the report to our security team.) > > For the idea the original post described sounds like having a reward > for completing a specified task. It's more like a job posting for > seeking freelancers. But there is one (or more) for open source > projects. Here is an example I remember: > > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=204521#c3 > https://www.bountysource.com/issues/75687739-new-driver-request-port-rtsx-from-openbsd-to-freebsd > > I guess leveraging those external services is better than setting up > our own at this point? I think the problem is in "(or more)" -- both sides need to know where exactly to post/look for tasks. From owner-freebsd-hackers@freebsd.org Mon Apr 26 20:33:41 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 479325EF78B for ; Mon, 26 Apr 2021 20:33:41 +0000 (UTC) (envelope-from lwhsu@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FTc6s1b56z4Yh7 for ; Mon, 26 Apr 2021 20:33:41 +0000 (UTC) (envelope-from lwhsu@freebsd.org) Received: from mail-yb1-f182.google.com (mail-yb1-f182.google.com [209.85.219.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) (Authenticated sender: lwhsu/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 22FD323D4A for ; Mon, 26 Apr 2021 20:33:41 +0000 (UTC) (envelope-from lwhsu@freebsd.org) Received: by mail-yb1-f182.google.com with SMTP id p202so22879851ybg.8 for ; Mon, 26 Apr 2021 13:33:41 -0700 (PDT) X-Gm-Message-State: AOAM531Po77eIklkk5r1CEYlHUOdC+I4+1aF65QwwPt1BERfUsTb4Z5q XxelE12mXzoTHpKwrCFDhuPXYEs2iLir9Yk1v08= X-Google-Smtp-Source: ABdhPJyCRa1MEfAvEyTePC9df8QkHDFtMWpNc0D4azRx/tqDrTTp3G4eG7ykSSrhFgpHtDvdCdMz3Int/XUjUm3kHLs= X-Received: by 2002:a25:3c01:: with SMTP id j1mr28682664yba.176.1619469220707; Mon, 26 Apr 2021 13:33:40 -0700 (PDT) MIME-Version: 1.0 References: <20210425185831.GS18217@blisses.org> <1866645852.215610.1619467279581@privateemail.com> In-Reply-To: <1866645852.215610.1619467279581@privateemail.com> From: Li-Wen Hsu Date: Tue, 27 Apr 2021 04:33:29 +0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Mentoring framework? To: "linimon@portsmon.org linimon@portsmon.org" Cc: Mason Loring Bliss , FreeBSD Hackers Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Apr 2021 20:33:41 -0000 On Tue, Apr 27, 2021 at 4:01 AM linimon@portsmon.org linimon@portsmon.org wrote: > > > > On 04/25/2021 1:58 PM Mason Loring Bliss wrote: > > I'd like to contribute, and something that occurs to me is the notion of > > formal mentoring. > > Here are my observations: email is a pretty slow way of doing this kind of > thing. Yes, us old-timers are quite used to it, but it kind of lacks a > "collaborative" feel. > > A lot of time this kind of work gets done on various IRC channels. They at > least (usually) give quicker feedback. > > But koobs@ has been putting a lot of effort into getting Discord to be a first- > class interactivity space for FreeBSD. So, let me suggest trying out one of > the channels there, as see if it's more like what you are looking for. > > (disclaimer: I am not saying "this will solve all our problems". I'm saying that > right now it has momentum and seems worth supporting.) Yes there is no silver bullet, and IRC and discord are great tools for fast respon time. But please remember, they are not very good to keep things permanent, to let knowledge accumulated. So, my suggestion is, trying to use mailing list as possible, because the archived mails can also help others, not just two or few people, it can maximize the impact of the people who answer the questions. I like to use IRC, but sometimes I found that the "right people" are not always available, and it is more difficult when it comes to time zone issues. If it happens to find the right person, and get the issue resolved. It is awesome and it will be good to have those experiences be kept. For that purpose, the document is still the best thing, I think in the open source world, things are more in an asynchronized way, and documents can solve the issue that the mentor and mentee can't be in the same time and space. And I believe that's also a good way to make contributions. In short, the "mentoring program" begins when you send a mail to a mailing list, you just need to describe your issues more clear, and be a bit patient to wait for others to reply. And once the issue has been resolved, sort it and put it to the official documents, we have docs.freebsd.org, wiki.freebsd.org, and man pages, all for different (and may overlap) purposes. Best, Li-Wen From owner-freebsd-hackers@freebsd.org Mon Apr 26 20:36:16 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 34A185EFDD9 for ; Mon, 26 Apr 2021 20:36:16 +0000 (UTC) (envelope-from mason@blisses.org) Received: from yangtze.blisses.org (yangtze.blisses.org [144.202.50.44]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FTc9p74yLz4YXK; Mon, 26 Apr 2021 20:36:14 +0000 (UTC) (envelope-from mason@blisses.org) Received: from cocytus.blisses.org (cocytus.blisses.org [64.223.129.151]) by yangtze.blisses.org (Postfix) with ESMTP id E4C7917B288; Mon, 26 Apr 2021 16:36:06 -0400 (EDT) Date: Mon, 26 Apr 2021 16:36:05 -0400 From: Mason Loring Bliss To: "linimon@portsmon.org linimon@portsmon.org" , Li-Wen Hsu Cc: freebsd-hackers@freebsd.org Subject: Re: Bug bounty framework? Message-ID: <20210426203604.GU18217@blisses.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="uX7BrQs69PbBafpd" Content-Disposition: inline In-Reply-To: <1219846208.215399.1619466917981@privateemail.com> User-Agent: Mutt/1.10.1 (2018-07-13) X-Rspamd-Queue-Id: 4FTc9p74yLz4YXK X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of mason@blisses.org designates 144.202.50.44 as permitted sender) smtp.mailfrom=mason@blisses.org X-Spamd-Result: default: False [-4.40 / 15.00]; RCVD_TLS_LAST(0.00)[]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; DMARC_NA(0.00)[blisses.org]; RBL_DBL_DONT_QUERY_IPS(0.00)[144.202.50.44:from]; SPAMHAUS_ZRD(0.00)[144.202.50.44:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; SIGNED_PGP(-2.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; ASN(0.00)[asn:20473, ipnet:144.202.48.0/20, country:US]; SUBJECT_ENDS_QUESTION(1.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Apr 2021 20:36:16 -0000 --uX7BrQs69PbBafpd Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Apr 26, 2021 at 02:55:17PM -0500, linimon@portsmon.org linimon@port= smon.org wrote: > And I can't speak for the Foundation, but in order to remain tax-exempt in > the US, it cannot be seen as a "pass-through" place for explicit work. i= =2Ee. > MajorCompanyX can't pay the Foundation to pay someone to do work. Oh, hrm. I'll write to Foundation folks (if they don't see and respond here) to see if something like this would be an acceptable structure legally. I hadn't thought about it from that angle. On Tue, Apr 27, 2021 at 04:12:40AM +0800, Li-Wen Hsu wrote: > I feel it's mixing two different things? IIUC that "bug bounty" > mostly means that an organization (usually a big company) has a prize > to reward the people who report security issues, That was probably not the right terminology for me to use, but it felt close. Another analogy would be a walkathon, where kids sign people up to donate to a charity with the donation being some amount per lap or per mile or however it's measured. I wouldn't have an opinion on a traditional bug bounty, where individuals are rewarded monetarily for reporting bugs. This'd be more a feel-good motivation for folks participating in getting defects fixed - "I helped get this done, and the Foundation benefitted directly as a result." A page on the wiki would probably be sufficient to track these things, since there's no contract involved, if there's interest. I'd be happy to volunteer time to help curate such a thing. I'd love to hear from the Foundation, though, so I'll make contact. --=20 Mason Loring Bliss mason@blisses.org http://blisses.org/ = =20 For more enjoyment and greater efficiency, consumption is being standardize= d. --uX7BrQs69PbBafpd Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEEXtBZz1axB5rEDCEnrJXcHbvJVUFAmCHJDIACgkQnrJXcHbv JVUwRxAAiWy9LTIMKvOCft5C/XapKAYUb6495qjuU8KARp2JHNfAmbarMzagICRY RCc5hecjjhu95O8c6B3Oi3Iqyyv/yngDaj2GavFoX3hjEssT1q0YXdWyzq12bzUi HS1eHdOJ+tK/NXB46ENg0S7IQZpnMkZAn4o0xGJvMVQnff0kElCPaqGNaiL2mjJk 87WG7nA/8UusIzHWmE/zbSXxlwAk2QcHK8Zmi6nTowV/nLtRiKz+Ds1FwzgFGoRl gtDlmawdsL0UD1RzDDSx4GicrguHWFG8wlf0wP8ANdIAJQ/vcG+3Pc7QienC3BqO oapj1Cb2hp1vK2EzcEyDr1jtjhKW1oDdbWfxqEexpIeP1zHnqA1f5cxJdRcsCE1n Kid93el39OHuLelpBmHnifUZc0zb7bARmX1whJLl8wM4sjDuN05x5PRKcb4QWep8 8gWky71mwJbsXUais3BkROep4ReQhFvsaaa/ziyMvyxVuEp8CV9c/O8YiN+4L/LU UsbKC84WoAQG1CkvHbeqkvSy88uYbq57Z0+XCaMx6Fj21GykjxMc/UIV2K+6p+/z s230K66oVVkQkBrEpAgQ9SA7DDmBERnSJeJk7obvfMbstBSsQmiIIYCTvg7nAME3 KgVsxQZ9Jwm+PnCJDa9rzrCXd2G34CPtxEm8cdOe6l4Ajhyg5Us= =vDk1 -----END PGP SIGNATURE----- --uX7BrQs69PbBafpd-- From owner-freebsd-hackers@freebsd.org Mon Apr 26 20:36:59 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 656975F00B0 for ; Mon, 26 Apr 2021 20:36:59 +0000 (UTC) (envelope-from lwhsu@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FTcBg2KQdz4Yln for ; Mon, 26 Apr 2021 20:36:59 +0000 (UTC) (envelope-from lwhsu@freebsd.org) Received: from mail-yb1-f178.google.com (mail-yb1-f178.google.com [209.85.219.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) (Authenticated sender: lwhsu/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 3E16423E1C for ; Mon, 26 Apr 2021 20:36:59 +0000 (UTC) (envelope-from lwhsu@freebsd.org) Received: by mail-yb1-f178.google.com with SMTP id 82so66588999yby.7 for ; Mon, 26 Apr 2021 13:36:59 -0700 (PDT) X-Gm-Message-State: AOAM533d/sUeYqg+6SP9KtXV+0d5FbQRANksVtDgyCydyv0KR31CLblo yrRjo8NjzQnLyNorDzRbcMAaUvqhFC4urMuJL+A= X-Google-Smtp-Source: ABdhPJyKX9cUbrsg86JtULNSo11BCFtqmUE1T4Lg0MaBXjG5fCSWmyAkfp+nQFZqPuMbyGYSfg49AuN/o0QxrU8MHZI= X-Received: by 2002:a25:3816:: with SMTP id f22mr12559513yba.405.1619469418871; Mon, 26 Apr 2021 13:36:58 -0700 (PDT) MIME-Version: 1.0 References: <20210425184323.GR18217@blisses.org> <1219846208.215399.1619466917981@privateemail.com> <6944624e-fd6f-f8a5-6c65-8764b650d911@ftml.net> In-Reply-To: <6944624e-fd6f-f8a5-6c65-8764b650d911@ftml.net> From: Li-Wen Hsu Date: Tue, 27 Apr 2021 04:36:47 +0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Bug bounty framework? To: Yuri Pankov Cc: FreeBSD Hackers Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Apr 2021 20:36:59 -0000 On Tue, Apr 27, 2021 at 4:20 AM Yuri Pankov wrote: > > Li-Wen Hsu wrote: > > For the idea the original post described sounds like having a reward > > for completing a specified task. It's more like a job posting for > > seeking freelancers. But there is one (or more) for open source > > projects. Here is an example I remember: > > > > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=204521#c3 > > https://www.bountysource.com/issues/75687739-new-driver-request-port-rtsx-from-openbsd-to-freebsd > > > > I guess leveraging those external services is better than setting up > > our own at this point? > > I think the problem is in "(or more)" -- both sides need to know where > exactly to post/look for tasks. Indeed, I think we can have a recommended list of the trustworthy places, put it on the project's homepage or wiki first? Li-Wen From owner-freebsd-hackers@freebsd.org Mon Apr 26 22:09:37 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D51475F2895 for ; Mon, 26 Apr 2021 22:09:37 +0000 (UTC) (envelope-from linimon@portsmon.org) Received: from MTA-13-4.privateemail.com (mta-13-4.privateemail.com [198.54.127.109]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FTfFX5zLNz4dGq; Mon, 26 Apr 2021 22:09:36 +0000 (UTC) (envelope-from linimon@portsmon.org) Received: from mta-13.privateemail.com (localhost [127.0.0.1]) by mta-13.privateemail.com (Postfix) with ESMTP id D3A0680065; Mon, 26 Apr 2021 18:09:34 -0400 (EDT) Received: from APP-06 (unknown [10.50.14.156]) by mta-13.privateemail.com (Postfix) with ESMTPA id ADEEC8005C; Mon, 26 Apr 2021 18:09:34 -0400 (EDT) Date: Mon, 26 Apr 2021 17:09:34 -0500 (CDT) From: "linimon@portsmon.org linimon@portsmon.org" To: Mason Loring Bliss , Li-Wen Hsu Cc: freebsd-hackers@freebsd.org Message-ID: <274068464.228944.1619474974660@privateemail.com> In-Reply-To: <20210426203604.GU18217@blisses.org> References: <1219846208.215399.1619466917981@privateemail.com> <20210426203604.GU18217@blisses.org> Subject: Re: Bug bounty framework? MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Priority: 3 Importance: Normal X-Mailer: Open-Xchange Mailer v7.10.4-Rev21 X-Originating-Client: open-xchange-appsuite X-Virus-Scanned: ClamAV using ClamSMTP X-Rspamd-Queue-Id: 4FTfFX5zLNz4dGq X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of linimon@portsmon.org designates 198.54.127.109 as permitted sender) smtp.mailfrom=linimon@portsmon.org X-Spamd-Result: default: False [-2.30 / 15.00]; RCVD_TLS_LAST(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; FREEFALL_USER(0.00)[linimon]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:198.54.127.96/27]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[portsmon.org]; ARC_NA(0.00)[]; SPAMHAUS_ZRD(0.00)[198.54.127.109:from:127.0.2.255]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[198.54.127.109:from]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; HAS_X_PRIO_THREE(0.00)[3]; RCVD_IN_DNSWL_NONE(0.00)[198.54.127.109:from]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:22612, ipnet:198.54.127.0/24, country:US]; SUBJECT_ENDS_QUESTION(1.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Apr 2021 22:09:37 -0000 > On 04/26/2021 3:36 PM Mason Loring Bliss wrote: > Another analogy would be a walkathon, where kids sign people up to > donate to a charity with the donation being some amount per lap or > per mile or however it's measured. I like this idea. And, no one has ever suggested it before. mcl From owner-freebsd-hackers@freebsd.org Mon Apr 26 23:11:11 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0BE945F3D8C for ; Mon, 26 Apr 2021 23:11:11 +0000 (UTC) (envelope-from bsd-lists@bsdforge.com) Received: from udns.ultimatedns.net (static-24-113-41-81.wavecable.com [24.113.41.81]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "ultimatedns.net", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FTgcZ5l19z4gqJ; Mon, 26 Apr 2021 23:11:10 +0000 (UTC) (envelope-from bsd-lists@bsdforge.com) Received: from ultimatedns.net (localhost [127.0.0.1]) by udns.ultimatedns.net (8.16.1/8.16.1) with ESMTP id 13QNBHeY046705; Mon, 26 Apr 2021 16:11:23 -0700 (PDT) (envelope-from bsd-lists@bsdforge.com) MIME-Version: 1.0 Date: Mon, 26 Apr 2021 16:11:17 -0700 From: Chris To: Li-Wen Hsu Cc: "linimon@portsmon.org linimon@portsmon.org" , FreeBSD Hackers Subject: Re: Mentoring framework? In-Reply-To: References: <20210425185831.GS18217@blisses.org> <1866645852.215610.1619467279581@privateemail.com> User-Agent: UDNSMS/17.0 Message-ID: X-Sender: bsd-lists@bsdforge.com Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4FTgcZ5l19z4gqJ X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Apr 2021 23:11:11 -0000 On 2021-04-26 13:33, Li-Wen Hsu wrote: > On Tue, Apr 27, 2021 at 4:01 AM linimon@portsmon.org > linimon@portsmon.org wrote: >> >> >> > On 04/25/2021 1:58 PM Mason Loring Bliss wrote: >> > I'd like to contribute, and something that occurs to me is the notion of >> > formal mentoring. >> >> Here are my observations: email is a pretty slow way of doing this kind of >> thing. Yes, us old-timers are quite used to it, but it kind of lacks a >> "collaborative" feel. >> >> A lot of time this kind of work gets done on various IRC channels. They at >> least (usually) give quicker feedback. >> >> But koobs@ has been putting a lot of effort into getting Discord to be a >> first- >> class interactivity space for FreeBSD. So, let me suggest trying out one >> of >> the channels there, as see if it's more like what you are looking for. >> >> (disclaimer: I am not saying "this will solve all our problems". I'm >> saying that >> right now it has momentum and seems worth supporting.) > > Yes there is no silver bullet, and IRC and discord are great tools for > fast respon time. > > But please remember, they are not very good to keep things permanent, > to let knowledge accumulated. > > So, my suggestion is, trying to use mailing list as possible, because > the archived mails can also help others, not just two or few people, > it can maximize the impact of the people who answer the questions. > > I like to use IRC, but sometimes I found that the "right people" are > not always available, and it is more difficult when it comes to time > zone issues. If it happens to find the right person, and get the issue > resolved. It is awesome and it will be good to have those experiences > be kept. For that purpose, the document is still the best thing, I > think in the open source world, things are more in an asynchronized > way, and documents can solve the issue that the mentor and mentee > can't be in the same time and space. And I believe that's also a good > way to make contributions. > > In short, the "mentoring program" begins when you send a mail to a > mailing list, you just need to describe your issues more clear, and be > a bit patient to wait for others to reply. And once the issue has been > resolved, sort it and put it to the official documents, we have > docs.freebsd.org, wiki.freebsd.org, and man pages, all for different > (and may overlap) purposes. +100% I would have to agree that mailing list(s) are probably the best approach 1) Those with any real tenure are already on them because "hey, that's they way we did everything back then" 2) base/ports/bugs already have lists So maybe add some flag to bugzilla? Add an additional (bounty) list? --Chris > > Best, > Li-Wen > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" From owner-freebsd-hackers@freebsd.org Tue Apr 27 03:14:41 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7A7335FC4A8 for ; Tue, 27 Apr 2021 03:14:41 +0000 (UTC) (envelope-from marklmi@yahoo.com) Received: from sonic303-23.consmr.mail.gq1.yahoo.com (sonic303-23.consmr.mail.gq1.yahoo.com [98.137.64.204]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FTn1X00VRz4tmg for ; Tue, 27 Apr 2021 03:14:39 +0000 (UTC) (envelope-from marklmi@yahoo.com) X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1619493278; bh=OSFlEEq6gc+l1T2w3wdxIqPQz+atalXafVjhoFraxuv=; h=X-Sonic-MF:Subject:From:Date:To:From:Subject; b=etAHotYbeiM1u2OrWY978NUYcuxc3t9Xncs94szrIrVs59gMZzvSg2tdKpBSavfehrubl3SAv2qVVrZQLbpJjchTovqtmh+3BMkbi7nCTJYtROxnxrCPpfh2mknkvvONXIYMOJuBZ+klmJnw5jCkchKoylB+04uNhyPVwA7GdweB/qFupv6pYiEAEOPD1OqFIYycwquiAO9x+asz15yLA5LiThIRK8opJC2wMzDKfxpVUzbs92zGOOINeYIMPtrpX52HoZWzzqVz2W/LN7GYd7WzYsHKo3qutbFtLsd/L7BvXl8dZF5dLIONkdFQe1gqpjEYICaQzH6fHI75ctmhCA== X-YMail-OSG: 7eaDbf8VM1kN.XuPVM2KXdKQgC2o6ZHyXYw9ZDoDyf7WPzDAjVP5lh0hNfgstoJ qzduQvGcw9adu5knwH4Y90h8nUtzeDzjeILCtTK1uRg2XrbarYYWEvgnh5Eie3bz2or3rZAKbIXx jWw5ufyozMra6LThQKwTUSy2pNY66zSQ43IgyCcMqgWo7W0YFTCSLtJ2Mgjdq_AfKfWWjziLB9sw z59x5TIkjQ59UX4StREk9bKLTEFgoj8i3omEM1RvN4mZXrMMv9F1jTPmjJVyI_.lX5MaaoEpxbU. P3mXDoAjDlje.kC8X8SAqsGLegcCAdBw6ZSo3TPZf3k4etTdRzBre3zV3_oqNXOAnbjx6UuFnH1t yzMYOU75wSuQjtIzizRko_bnkFEauX2f.W8wrC8fvBpr8tv4LgT2EmFZdDwP5n3LKt1JXaxhQqOj yx84_a52fh3jZKRdUYlL5fhs.u3uXNDCjWeFqrNyoGrHQzwRX6ETa3sNIRYyTnQ81jsJNYvOilnv 9wYPwWYcJixh.x3HQN_lITPN_64cnZCqgLiCgUKdmtzkwwqnq_GcrSykZUgIAjvPj.GkDUeXD3Yo SxOlt5GvogguVm29KoxNsnXb7vImh2mceJLLCdH23kYVoowy29z.py9xgNI8f_3Lezpo2IzejxsI TE5lZsoZcRNgPTIgApL677NZr3YGf6Q3DIhv6Mj_26n5rp.PtY_cIBdHo_B.v6rO.Nt9oTMeKk9V DxTKaPpwe6_r0aZfN5bZUl8WyMc8CGXP2G1TbEGCeRfZUPqPn0F0RWunhxG9gFu80Dz9tZo5dsD3 CXdNphmTeZylGDV4XzIPizDboXNcbXfCaBoNshtJVJuZ.7fsKnaszKH182.fPpQyM3Rh9uG3E9yS 2kYi2Fx.zKAcxALlJVPvmXWFjIRV9Zffu7fHakKoLgc9.vbd5BYt7Uj0N0rd8Q3NJsVtakb3MHEH 5.QAhuQpeMCNVPOuORZrbNXjeGq1FY3I4BM7BVu1zt82IS1i0MDwwVQiHm5pT6CYguWOZCB.zZE5 WLEKx.sNb9s9FFUsbURTCPayD4p1TCyiMm238FSzDEhTbcTHEvEeVR2K6pGN.g7oeBzlLgGV0VFm 7VszqyZ6QZSEwzaUeVqdQnrFJYSVgLCfN4NLHdRPYe5Y0LynjHjhL2XxdhRUOF6WrraLgrK4BWvm DF6smxeySQZgzimAnV6i5W8ZnjCma1NsPtSEIcInCvtc1kP8vVh3RNiJioitZd.5cZzYnkNXbiia RpHhmAKlSRgER6iX_utHb3JFWtJifuIvn4VaHpwpcG2wh_p2Wa2b9DZ5ES_0FDW_6y0.D70R4Iun VKV0twXs8o2Z37Ye68wObkfCG7hWArDWtWpFRoyoD5lwbQR.YGvwuN02U2pR.D.JrctopbK7eatA Olp8FgVF_7u2PE5stW1k91WMs2qT2NNFDQTlXN_ZYhjoG0cuij4796pNJRS3qzZl46jrJjJ693cI NhTTiv9ue3fcIj1NQ8kVm1_w8bS27OGIUypR52WmKqMv7aRu1lwPrrxQO74K3Yk33Ca9X__DVQCU GceWebBhnmrFntk7_1P3lWShQXls7F20Q53j4GMOPl2BBcUbabLtXLJPtt6YTYjSnkbDYHHovqg4 2t7FK7wkYVRplSKGCxh9rtcQ_JSeKnUYMzPtdDuyfDgQAtCprJofw4Ct4L7iDXCHlRm3kz4BzqAd ojq7dEdCNzXgoeJuLPEy40VUf7Fd62pNUBza4dc8biSgoO8ghwA4thFSePSPdvkkEKOzBw8eT.NQ EaMrrBOwCA58s9lNrkGuCVER8eZv4h1u4J7GEEbrVDESBmUjK3z2Z885h1eoxuqGuSSr62a.mA_v EiMeNUpy09YQ7HIdRdO1iljAldG6EJT5VJbqsKvr2diYzbU37o2l_3.F.1q5O.d20ySefubGTB4E 6moR29OjoJ_opCJhCjhJ9pHH9APXPz41tVzKBCumgpjdskt4xRBMa0anANc2U8j0gvbD7uCx23yG _IEqn4uedpe1tvQBSl_Q4TOIbmhrHuHX82Hjjau9izzk0cJxFn.ssS..Dzsb.Tmxx8RceSG_Bgap 4V2uHR0AfXUQKfbDong96_tz9GFNS4DnPXI5kEYA6sYFiz3vYXWpXuv64bP7JjNdi6NyPCZnaprn bJ_gdFxUkzsKKN8YiURxTZusxrwNk55VBk4Yx_XpLt5_blYOay4GbFsAG7LrZ8xrCFJ1tg.R1QNe shjIFw.B3rU6Ew5ZZEldYAwc7.hwvVTGvtqZfbywkwNo25Od0UNTfH7E7AFM3b1cuSwyX5MUddb9 gW1hc2zSXKYY8OpwM_tsNArfiGE3vlf7Vqmb1ZuEkFQj8lSPgqBE6EQw5MD4Z6qDIyAdShKRNzzm xtfXCJrRA0l7TqA0W5P5.dyid0XXaNALBYWyyqTCH6E6wGYRPIFD4vRVQCmGD5_BPicnB_DsI__b 9cihdy8EtyuqdrGWL3hrBWrFdCReKpIaM9ZmPbZ6IHWp4B8tfbZU2lSJKoBlalXztbRXvNshiYoA .q1odrj2iOULl7k.JNyfrrBq.itB12D26WxCmNRahikWrmm8o8fFYu1OAfwE3cBJibvVMLERNy_k az.2FMzSO X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic303.consmr.mail.gq1.yahoo.com with HTTP; Tue, 27 Apr 2021 03:14:38 +0000 Received: by kubenode559.mail-prod1.omega.gq1.yahoo.com (VZM Hermes SMTP Server) with ESMTPA ID 9c8ef822901342ad466328a017443a2c; Tue, 27 Apr 2021 03:14:33 +0000 (UTC) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.60.0.2.21\)) Subject: Re: Regular expression compilation fail in current From: Mark Millard In-Reply-To: Date: Mon, 26 Apr 2021 20:14:32 -0700 Cc: FreeBSD Hackers Content-Transfer-Encoding: quoted-printable Message-Id: References: To: =?utf-8?Q?Fernando_Apestegu=C3=ADa?= X-Mailer: Apple Mail (2.3654.60.0.2.21) X-Rspamd-Queue-Id: 4FTn1X00VRz4tmg X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.50 / 15.00]; FREEMAIL_FROM(0.00)[yahoo.com]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ptr:yahoo.com]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[yahoo.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[yahoo.com,reject]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[yahoo.com]; ASN(0.00)[asn:36647, ipnet:98.137.64.0/20, country:US]; RBL_DBL_DONT_QUERY_IPS(0.00)[98.137.64.204:from]; DWL_DNSWL_NONE(0.00)[yahoo.com:dkim]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[yahoo.com:s=s2048]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; SPAMHAUS_ZRD(0.00)[98.137.64.204:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[98.137.64.204:from]; RWL_MAILSPIKE_POSSIBLE(0.00)[98.137.64.204:from]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Apr 2021 03:14:41 -0000 On 2021-Apr-26, at 06:31, Fernando Apestegu=C3=ADa wrote: > Hi there, >=20 > I'm working with this port PR > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D255182 >=20 > and the problem seems to boil down to a regular expression that does > not compile on current but it does in 12.2. >=20 > The minimum repro is this one: >=20 > #include > #include >=20 > int > main() > { > regex_t regexp; > int ret =3D regcomp(®exp, "\\s*", REG_EXTENDED | REG_ICASE | > REG_NOSUB); Here is my stab at notes for this . . . It is not all that uncommon for error cases to be initially mistreated but later toolchains to reject instead of mistreating the same. I suspect that is what is going on here. But the details seem to be as follows. Using C++11's raw_characters notation to specify string content, "\\s*" is: R"%(\s*)%" In other words, the content of the string is just: \s* (3 characters, plus a terminating '\0' present). It is this later string contant that the regcomp 2nd parameter points to and that leads to the error report. The "s" is not valid after the backslash for Basic Regular Expressions or for Extended Regular Expressions. ( = https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap09.html = ) REG_EESCAPE is described at: https://pubs.opengroup.org/onlinepubs/9699919799/functions/regcomp.html as: QUOTE REG_EESCAPE Trailing character in pattern. END QUOTE In other words: an extra backslash not paired with anything valid just after it --so it is tailing whatever was before it. If you meant the parameter received to point in memory to: \\s* ( 4 characters, plus a terminating '\0' after it, a.k.a. R"%(\\s*)%" ) you likely want the C-string: "\\\\s*" as the argument, shown below: regcomp(®exp, "\\\\s*", REG_EXTENDED | REG_ICASE | REG_NOSUB) If you meant some other character sequence in memory, I'd have to know what it was to try to back-translate it to C-source that would produce the correct content in the memory pointed to. > if ( ret !=3D 0) { > printf("regexp compilation failed: %d\n", ret); > } >=20 > return 0; > } >=20 > This one works in 12.2 It might not be rejected, but was does it do? And is that conformant with: https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap09.html ? > but fails to compile the regexp in FreeBSD > 14.0-CURRENT #11 main-n245984-15221c552b3c with error 5 REG_EESCAPE > `\' applied to unescapable character. >=20 > Any help is appreciated. Note: While I used C++11's notation as one way of indicating string content, no C standard has the notation to my knowledge. =3D=3D=3D Mark Millard marklmi at yahoo.com ( dsl-only.net went away in early 2018-Mar) From owner-freebsd-hackers@freebsd.org Tue Apr 27 07:15:24 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id E85C9623051 for ; Tue, 27 Apr 2021 07:15:24 +0000 (UTC) (envelope-from 6yearold@gmail.com) Received: from mail-lf1-f51.google.com (mail-lf1-f51.google.com [209.85.167.51]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FTtMJ5txPz3MNW; Tue, 27 Apr 2021 07:15:24 +0000 (UTC) (envelope-from 6yearold@gmail.com) Received: by mail-lf1-f51.google.com with SMTP id b23so9584969lfv.8; Tue, 27 Apr 2021 00:15:24 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=+Zr/HpG4tfFz3bjR07K/Se1gNHqJV8UjlAmCS6RK5D4=; b=FV/mUz9hMf/2Eqhc9Mz5/8jt+bXkvaxhqzi8idgdAUGVyUkIuWdlIww4S+RBGLJk+r l9ANqEq6rLneGTnMiB/ISbJ3JCfwEd74sX/BSW1VAR/M8StkkAfXajTtcpgFnmB6srbS MmMO/Hly04INXhl1QlgpmvVo0+2Gyu3DlBVcIOmnc/Nvj5lX397XQvzk1Ibl69hF51QW orTd4X5/1q4IIwsjWDeTuXKoNy1ybrETYXn59SxeWLTI8O0h5T0afGpJSqkqkA3KnMCS ukSmZbPM/mbPdbCn8wddpj4ETGFjq6+A+4GD4CSKPnOkt9lgOswUE4FIJo+Ub4yChdVh nTng== X-Gm-Message-State: AOAM533zt3Rhypx0bcoYvn3fsZNR4XzBtW7yIl03o5NSBL97FIlLEcVo HavJ+Y5W4RmyP31EwLwZnFa/eEen1K8bIQ== X-Google-Smtp-Source: ABdhPJzfmce+1DDj32PHcWbbLoLs0BljgzLkhkdjTfKuwWfZBNEE9vO+jn5F88q/Fl49B6jDwoZWWQ== X-Received: by 2002:a19:ad4a:: with SMTP id s10mr5323495lfd.345.1619507722775; Tue, 27 Apr 2021 00:15:22 -0700 (PDT) Received: from mail-lf1-f46.google.com (mail-lf1-f46.google.com. [209.85.167.46]) by smtp.gmail.com with ESMTPSA id l25sm1638046lfe.188.2021.04.27.00.15.22 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 27 Apr 2021 00:15:22 -0700 (PDT) Received: by mail-lf1-f46.google.com with SMTP id x20so61862527lfu.6; Tue, 27 Apr 2021 00:15:22 -0700 (PDT) X-Received: by 2002:a05:6512:b25:: with SMTP id w37mr15833174lfu.272.1619507722368; Tue, 27 Apr 2021 00:15:22 -0700 (PDT) MIME-Version: 1.0 References: <20210425184323.GR18217@blisses.org> <1219846208.215399.1619466917981@privateemail.com> In-Reply-To: From: Gleb Popov Date: Tue, 27 Apr 2021 10:14:56 +0300 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Bug bounty framework? To: Li-Wen Hsu Cc: FreeBSD Hackers X-Rspamd-Queue-Id: 4FTtMJ5txPz3MNW X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Apr 2021 07:15:25 -0000 On Mon, Apr 26, 2021 at 11:12 PM Li-Wen Hsu wrote: > > > For the idea the original post described sounds like having a reward > for completing a specified task. It's more like a job posting for > seeking freelancers. But there is one (or more) for open source > projects. Here is an example I remember: > > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=204521#c3 > > https://www.bountysource.com/issues/75687739-new-driver-request-port-rtsx-from-openbsd-to-freebsd > > I guess leveraging those external services is better than setting up > our own at this point? > > Bes, > Li-Wen > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" > Speaking of bountysource.com, it is a TERRIBLE site. I was the one who posted the rtsx driver bounty, and after a while it turned out that BountySource quietly takes money from your balance as a "fee for inactivity". I lost about $100 before noticing this. From now I won't trust in any general-purpose bug-bounting site unless it runs as a smart contract for a block chain. It'd be great if the Foundation implemented an ability to mention Bugzilla PRs when making a donation. From owner-freebsd-hackers@freebsd.org Tue Apr 27 08:41:45 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7EF18625B6D for ; Tue, 27 Apr 2021 08:41:45 +0000 (UTC) (envelope-from 6yearold@gmail.com) Received: from mail-lj1-f182.google.com (mail-lj1-f182.google.com [209.85.208.182]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FTwGw5yJRz3h3j for ; Tue, 27 Apr 2021 08:41:44 +0000 (UTC) (envelope-from 6yearold@gmail.com) Received: by mail-lj1-f182.google.com with SMTP id s9so9366151ljj.6 for ; Tue, 27 Apr 2021 01:41:44 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=DZjswjYmjsBFvbZKVUi3/qvOyGWDaWagV1vuh1AMNso=; b=puUKr1F+9GgJPSPFa9z4r80cjPxI+ZTtUhGHrQxcqlSUTaRlcrUrdh265C4wV/C3Bz gY/tVpHTy7yExMFiG9ju0CgOO16EsqK8d0dvizwWF8CNqH3PPqJzJx+gDNJRu8kXCaHE b/84M0lMDGC/cZgTz3kGkkdHfLoeMjbTuxWiC77igW40j+P8Y5Xet4uWIGMT7p3gqygu HCDIStMpuv5BJUjyEJ98nE5MgW0MRIGqkcptm4UyLNOPjz/pKCLrkY5xZyxT4E4R6DB/ g6OFNP1sCFIqdQ2ekWyOR1lJ46T5r9/1GrXPj9N+F0psg4T72BAyEUOWjmk2xISwIuSW ptpg== X-Gm-Message-State: AOAM530oTWK9+cPNst1Om1b1dD7mV0VTgH5gaBLkkOpFgqZH1MZwqggA PAlk9uFHFxcFTtGukrMYbwsNsBdDY/0RMQ== X-Google-Smtp-Source: ABdhPJxE1On9R81ADPNu3v1ZGNBmSny61zV+BGMNPAJZ00IexrIPn/h1HKTpdF1dVkTMxPvEyS42WA== X-Received: by 2002:a2e:a369:: with SMTP id i9mr15934144ljn.273.1619512902906; Tue, 27 Apr 2021 01:41:42 -0700 (PDT) Received: from mail-lf1-f51.google.com (mail-lf1-f51.google.com. [209.85.167.51]) by smtp.gmail.com with ESMTPSA id x12sm1661204lfe.123.2021.04.27.01.41.42 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 27 Apr 2021 01:41:42 -0700 (PDT) Received: by mail-lf1-f51.google.com with SMTP id x19so62125400lfa.2 for ; Tue, 27 Apr 2021 01:41:42 -0700 (PDT) X-Received: by 2002:a05:6512:b25:: with SMTP id w37mr16078241lfu.272.1619512902231; Tue, 27 Apr 2021 01:41:42 -0700 (PDT) MIME-Version: 1.0 From: Gleb Popov Date: Tue, 27 Apr 2021 11:41:16 +0300 X-Gmail-Original-Message-ID: Message-ID: Subject: ACLs are not reflected in FS extended attributes To: freebsd-hackers X-Rspamd-Queue-Id: 4FTwGw5yJRz3h3j X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of 6yearold@gmail.com designates 209.85.208.182 as permitted sender) smtp.mailfrom=6yearold@gmail.com X-Spamd-Result: default: False [-3.00 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17]; RCVD_COUNT_THREE(0.00)[4]; TO_DN_ALL(0.00)[]; NEURAL_HAM_SHORT(-1.00)[-0.998]; FORGED_SENDER(0.30)[arrowd@freebsd.org,6yearold@gmail.com]; MIME_TRACE(0.00)[0:+,1:+,2:~]; R_DKIM_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; FROM_NEQ_ENVFROM(0.00)[arrowd@freebsd.org,6yearold@gmail.com]; RBL_DBL_DONT_QUERY_IPS(0.00)[209.85.208.182:from]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; TO_DOM_EQ_FROM_DOM(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; DMARC_NA(0.00)[freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[209.85.208.182:from:127.0.2.255]; RCVD_IN_DNSWL_NONE(0.00)[209.85.208.182:from]; RWL_MAILSPIKE_POSSIBLE(0.00)[209.85.208.182:from]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Apr 2021 08:41:45 -0000 Hello hackers. I'm trying to implement Linux acl_extended_file() function [1] within our libc. On Linux this function is implemented via getxattr, a function that reads extended attributes from the file [2][3] My implementation follows the Linux one: int acl_extended_file_np(const char *path_p) { return _acl_extended_file(extattr_get_file, path_p); } int _acl_extended_file(getattr_func f, const char* path_p) { int base_size = 9999; // figure out this later int retval; retval = f(path_p, POSIX1E_ACL_ACCESS_EXTATTR_NAMESPACE, POSIX1E_ACL_ACCESS_EXTATTR_NAME, NULL, 0); printf("Retval1: %d\n", retval); if (retval < 0 && errno != ENOATTR) return -1; if (retval > base_size) return 1; retval = f(path_p, POSIX1E_ACL_DEFAULT_EXTATTR_NAMESPACE, POSIX1E_ACL_DEFAULT_EXTATTR_NAME, NULL, 0); printf("Retval2: %d\n", retval); if (retval < 0 && errno != ENOATTR) return -1; if (retval > base_size) return 1; return 0; } However, when I tried to use it, I stumbled upon following differences: - It requires root permissions to operate. I guess this is because it tries to look at "system" extattr namespace. - It doesn't work anyways due to "Attribute not found" error. And indeed, the same behavior can be seen when using command line tools. On Linux: $ setfacl -m u:someuser:rwx somefile $ getfattr -d -m - somefile system.posix_acl_access= On FreeBSD: $ setfacl -m u:someuser:rwx:allow somefile $ sudo getextattr system posix1e.acl_access somefile failed: Attribute not found I guess that FreeBSD behaviour is actually not a bug and libacl just uses some internal knowledge about how ACL/xattr is implemented on Linux. If this is correct, how should I approach implementing this function on FreeBSD? Thanks in advance. [1] https://linux.die.net/man/3/acl_extended_file [2] http://git.savannah.nongnu.org/cgit/acl.git/tree/libacl/acl_extended_file.c [3] http://git.savannah.nongnu.org/cgit/acl.git/tree/libacl/__acl_extended_file.c From owner-freebsd-hackers@freebsd.org Tue Apr 27 14:09:21 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 732775F3039 for ; Tue, 27 Apr 2021 14:09:21 +0000 (UTC) (envelope-from fernando.apesteguia@gmail.com) Received: from mail-qv1-f48.google.com (mail-qv1-f48.google.com [209.85.219.48]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FV3Xw3pmsz4V5k for ; Tue, 27 Apr 2021 14:09:20 +0000 (UTC) (envelope-from fernando.apesteguia@gmail.com) Received: by mail-qv1-f48.google.com with SMTP id a30so2281332qvb.12 for ; Tue, 27 Apr 2021 07:09:20 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=rbQ4qeFr/chsi2nxo8vAi4/CLldGPiNtIrXTFTEf2JU=; b=YbwC3oLNksQubGqAKQh/K2hpaCuZgJanvpe9fW90iqje7FQFrP7h3ZzP1tbajtZBlG zIpGMDWlLPZaQL0pUBgpiJWnO1elFhHsQlJjLt2lTHTGFUjkWPaK7TS1FrRH6W2SFIhW T97/iYl1Jr5WgyTsshPBrJHoX20tr7feknZqCst3O1wJqePDoaHkA08er1QPn02r7onp f4uMjE6ggTrjVJXrxEe+D8hJxQuE51x8XtNSb/VgSoHlK60WBefdtzEkABVZhWNoFXgg B/cK5qXCGZhRuHMBembCp04uUGyVgFiGXg/yCD3WHoS2khIFvTKfCZV2OSFJi5kfcF0l 5C4g== X-Gm-Message-State: AOAM530miKENDnF+qw6bpvNUtUiRnDdHGm0Z/NWlks9ZknV9sykLvB/R bAgChk4kor1FffiE8TEAD/XX18ATVmXqeA== X-Google-Smtp-Source: ABdhPJx1BHA4rJWDqOlVCC3yZHpZVrLhvUrZgmnYpV8qMeP5dPSQt0RXQaNMocsoBByJd2C7JcrF2w== X-Received: by 2002:a05:6214:a43:: with SMTP id ee3mr11390335qvb.61.1619532555305; Tue, 27 Apr 2021 07:09:15 -0700 (PDT) Received: from mail-yb1-f169.google.com (mail-yb1-f169.google.com. [209.85.219.169]) by smtp.gmail.com with ESMTPSA id f24sm13783087qto.45.2021.04.27.07.09.14 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 27 Apr 2021 07:09:14 -0700 (PDT) Received: by mail-yb1-f169.google.com with SMTP id s9so11163144ybe.5 for ; Tue, 27 Apr 2021 07:09:14 -0700 (PDT) X-Received: by 2002:a25:d701:: with SMTP id o1mr499098ybg.377.1619532554581; Tue, 27 Apr 2021 07:09:14 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: =?UTF-8?Q?Fernando_Apestegu=C3=ADa?= Date: Tue, 27 Apr 2021 16:05:42 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Regular expression compilation fail in current To: Mark Millard Cc: FreeBSD Hackers Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Queue-Id: 4FV3Xw3pmsz4V5k X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of fernandoapesteguia@gmail.com designates 209.85.219.48 as permitted sender) smtp.mailfrom=fernandoapesteguia@gmail.com X-Spamd-Result: default: False [-2.44 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17]; RCVD_COUNT_THREE(0.00)[4]; TO_DN_ALL(0.00)[]; NEURAL_HAM_SHORT(-1.00)[-1.000]; RCPT_COUNT_TWO(0.00)[2]; FREEMAIL_TO(0.00)[yahoo.com]; FORGED_SENDER(0.30)[fernape@freebsd.org,fernandoapesteguia@gmail.com]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; R_MIXED_CHARSET(0.56)[subject]; R_DKIM_NA(0.00)[]; TAGGED_FROM(0.00)[]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; FROM_NEQ_ENVFROM(0.00)[fernape@freebsd.org,fernandoapesteguia@gmail.com]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[209.85.219.48:from]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; DMARC_NA(0.00)[freebsd.org]; SPAMHAUS_ZRD(0.00)[209.85.219.48:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[209.85.219.48:from]; RWL_MAILSPIKE_POSSIBLE(0.00)[209.85.219.48:from]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Apr 2021 14:09:21 -0000 On Tue, Apr 27, 2021 at 5:14 AM Mark Millard wrote: > > > > On 2021-Apr-26, at 06:31, Fernando Apestegu=C3=ADa wrote: > > > Hi there, > > > > I'm working with this port PR > > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D255182 > > > > and the problem seems to boil down to a regular expression that does > > not compile on current but it does in 12.2. > > > > The minimum repro is this one: > > > > #include > > #include > > > > int > > main() > > { > > regex_t regexp; > > int ret =3D regcomp(®exp, "\\s*", REG_EXTENDED | REG_ICASE | > > REG_NOSUB); > > Here is my stab at notes for this . . . > > It is not all that uncommon for error cases to be > initially mistreated but later toolchains to reject > instead of mistreating the same. I suspect that is > what is going on here. But the details seem to be > as follows. > > Using C++11's raw_characters notation to specify > string content, "\\s*" is: > > R"%(\s*)%" > > In other words, the content of the string is just: > > \s* > > (3 characters, plus a terminating '\0' present). > It is this later string contant that the regcomp > 2nd parameter points to and that leads to the > error report. > > The "s" is not valid after the backslash for Basic > Regular Expressions or for Extended Regular Expressions. > ( https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap09.htm= l ) > > REG_EESCAPE is described at: > > https://pubs.opengroup.org/onlinepubs/9699919799/functions/regcomp.html > > as: > > QUOTE > REG_EESCAPE > Trailing character in pattern. > END QUOTE > > In other words: an extra backslash not paired > with anything valid just after it --so it is > tailing whatever was before it. > > If you meant the parameter received to point in > memory to: > > \\s* > > ( 4 characters, plus a terminating '\0' after it, > a.k.a. R"%(\\s*)%" ) you likely want the C-string: > > "\\\\s*" > > as the argument, shown below: > > regcomp(®exp, "\\\\s*", REG_EXTENDED | REG_ICASE | REG_NOSUB) > > If you meant some other character sequence in memory, I'd > have to know what it was to try to back-translate it to > C-source that would produce the correct content in the > memory pointed to. > > > if ( ret !=3D 0) { > > printf("regexp compilation failed: %d\n", ret); > > } > > > > return 0; > > } > > > > This one works in 12.2 > > It might not be rejected, but was does it do? And is that > conformant with: > > https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap09.html > > ? > > > but fails to compile the regexp in FreeBSD > > 14.0-CURRENT #11 main-n245984-15221c552b3c with error 5 REG_EESCAPE > > `\' applied to unescapable character. > > > > Any help is appreciated. > > Note: While I used C++11's notation as one way of > indicating string content, no C standard has the > notation to my knowledge. Thanks for the explanation, Mark. > > =3D=3D=3D > Mark Millard > marklmi at yahoo.com > ( dsl-only.net went > away in early 2018-Mar) > From owner-freebsd-hackers@freebsd.org Tue Apr 27 17:20:35 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id DED7E5F805C for ; Tue, 27 Apr 2021 17:20:35 +0000 (UTC) (envelope-from bsd-lists@bsdforge.com) Received: from udns.ultimatedns.net (static-24-113-41-81.wavecable.com [24.113.41.81]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "ultimatedns.net", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FV7nb3WGzz4fX9; Tue, 27 Apr 2021 17:20:35 +0000 (UTC) (envelope-from bsd-lists@bsdforge.com) Received: from ultimatedns.net (localhost [127.0.0.1]) by udns.ultimatedns.net (8.16.1/8.16.1) with ESMTP id 13RHKiVx091346; Tue, 27 Apr 2021 10:20:51 -0700 (PDT) (envelope-from bsd-lists@bsdforge.com) MIME-Version: 1.0 Date: Tue, 27 Apr 2021 10:20:44 -0700 From: Chris To: Gleb Popov Cc: freebsd-hackers Subject: Re: ACLs are not reflected in FS extended attributes In-Reply-To: References: User-Agent: UDNSMS/17.0 Message-ID: <8653ba21fd5339eef180e7f4db4a5a76@bsdforge.com> X-Sender: bsd-lists@bsdforge.com Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4FV7nb3WGzz4fX9 X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [0.00 / 15.00]; ASN(0.00)[asn:11404, ipnet:24.113.0.0/16, country:US]; local_wl_ip(0.00)[24.113.41.81] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Apr 2021 17:20:35 -0000 On 2021-04-27 01:41, Gleb Popov wrote: > Hello hackers. > > I'm trying to implement Linux acl_extended_file() function [1] within our > libc. On Linux this function is implemented via getxattr, a function that > reads extended attributes from the file [2][3] > > My implementation follows the Linux one: > > > int > acl_extended_file_np(const char *path_p) > { > return _acl_extended_file(extattr_get_file, path_p); > } > > int _acl_extended_file(getattr_func f, const char* path_p) > { > int base_size = 9999; // figure out this later > int retval; > > retval = f(path_p, POSIX1E_ACL_ACCESS_EXTATTR_NAMESPACE, > POSIX1E_ACL_ACCESS_EXTATTR_NAME, NULL, 0); > printf("Retval1: %d\n", retval); > if (retval < 0 && errno != ENOATTR) > return -1; > if (retval > base_size) > return 1; > retval = f(path_p, POSIX1E_ACL_DEFAULT_EXTATTR_NAMESPACE, > POSIX1E_ACL_DEFAULT_EXTATTR_NAME, NULL, 0); > printf("Retval2: %d\n", retval); > if (retval < 0 && errno != ENOATTR) > return -1; > if (retval > base_size) > return 1; > return 0; > } > > > However, when I tried to use it, I stumbled upon following differences: > > - It requires root permissions to operate. I guess this is because it tries > to look at "system" extattr namespace. > - It doesn't work anyways due to "Attribute not found" error. > > And indeed, the same behavior can be seen when using command line tools. > On Linux: > $ setfacl -m u:someuser:rwx somefile > $ getfattr -d -m - somefile > system.posix_acl_access= > > > On FreeBSD: > $ setfacl -m u:someuser:rwx:allow somefile > $ sudo getextattr system posix1e.acl_access somefile > failed: Attribute not found > > I guess that FreeBSD behaviour is actually not a bug and libacl just uses > some internal knowledge about how ACL/xattr is implemented on Linux. If > this is correct, how should I approach implementing this function on > FreeBSD? > > Thanks in advance. Apologies in advance if I'm somehow off the mark here. But MacOS already does this. It might provide better examples for your needs. But as I understand it. The underlying file system needs to have space for, and be aware of your intentions in order to accomplish this. Which speaks to some degree to the error(s) you're receiving. Indeed. root will be the only one able fully see these attributes, unless you make some accommodations for user rights. IOW it'll somehow need to be incorporated with the permission setup already implemented in the existing file system. Again, if I've somehow glossed over your intentions, and missed something. My apologies. --Chris > > [1] https://linux.die.net/man/3/acl_extended_file > [2] > http://git.savannah.nongnu.org/cgit/acl.git/tree/libacl/acl_extended_file.c > [3] > http://git.savannah.nongnu.org/cgit/acl.git/tree/libacl/__acl_extended_file.c > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" From owner-freebsd-hackers@freebsd.org Tue Apr 27 17:42:23 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C92555F92DF for ; Tue, 27 Apr 2021 17:42:23 +0000 (UTC) (envelope-from bsd-lists@bsdforge.com) Received: from udns.ultimatedns.net (static-24-113-41-81.wavecable.com [24.113.41.81]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "ultimatedns.net", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FV8Gl3rnJz4gkK; Tue, 27 Apr 2021 17:42:22 +0000 (UTC) (envelope-from bsd-lists@bsdforge.com) Received: from ultimatedns.net (localhost [127.0.0.1]) by udns.ultimatedns.net (8.16.1/8.16.1) with ESMTP id 13RHgWEH068693; Tue, 27 Apr 2021 10:42:38 -0700 (PDT) (envelope-from bsd-lists@bsdforge.com) MIME-Version: 1.0 Date: Tue, 27 Apr 2021 10:42:32 -0700 From: Chris To: Gleb Popov Cc: freebsd-hackers Subject: Re: ACLs are not reflected in FS extended attributes In-Reply-To: <8653ba21fd5339eef180e7f4db4a5a76@bsdforge.com> References: <8653ba21fd5339eef180e7f4db4a5a76@bsdforge.com> User-Agent: UDNSMS/17.0 Message-ID: <931a90dd52a1e5c2066c7aed4b79b9dc@bsdforge.com> X-Sender: bsd-lists@bsdforge.com Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4FV8Gl3rnJz4gkK X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [0.00 / 15.00]; ASN(0.00)[asn:11404, ipnet:24.113.0.0/16, country:US]; local_wl_ip(0.00)[24.113.41.81] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Apr 2021 17:42:23 -0000 On 2021-04-27 10:20, Chris wrote: > On 2021-04-27 01:41, Gleb Popov wrote: >> Hello hackers. >> >> I'm trying to implement Linux acl_extended_file() function [1] within our >> libc. On Linux this function is implemented via getxattr, a function that >> reads extended attributes from the file [2][3] >> >> My implementation follows the Linux one: >> >> >> int >> acl_extended_file_np(const char *path_p) >> { >> return _acl_extended_file(extattr_get_file, path_p); >> } >> >> int _acl_extended_file(getattr_func f, const char* path_p) >> { >> int base_size = 9999; // figure out this later >> int retval; >> >> retval = f(path_p, POSIX1E_ACL_ACCESS_EXTATTR_NAMESPACE, >> POSIX1E_ACL_ACCESS_EXTATTR_NAME, NULL, 0); >> printf("Retval1: %d\n", retval); >> if (retval < 0 && errno != ENOATTR) >> return -1; >> if (retval > base_size) >> return 1; >> retval = f(path_p, POSIX1E_ACL_DEFAULT_EXTATTR_NAMESPACE, >> POSIX1E_ACL_DEFAULT_EXTATTR_NAME, NULL, 0); >> printf("Retval2: %d\n", retval); >> if (retval < 0 && errno != ENOATTR) >> return -1; >> if (retval > base_size) >> return 1; >> return 0; >> } >> >> >> However, when I tried to use it, I stumbled upon following differences: >> >> - It requires root permissions to operate. I guess this is because it tries >> to look at "system" extattr namespace. >> - It doesn't work anyways due to "Attribute not found" error. >> >> And indeed, the same behavior can be seen when using command line tools. >> On Linux: >> $ setfacl -m u:someuser:rwx somefile >> $ getfattr -d -m - somefile >> system.posix_acl_access= >> >> >> On FreeBSD: >> $ setfacl -m u:someuser:rwx:allow somefile >> $ sudo getextattr system posix1e.acl_access somefile >> failed: Attribute not found >> >> I guess that FreeBSD behaviour is actually not a bug and libacl just uses >> some internal knowledge about how ACL/xattr is implemented on Linux. If >> this is correct, how should I approach implementing this function on >> FreeBSD? >> >> Thanks in advance. > Apologies in advance if I'm somehow off the mark here. > But MacOS already does this. It might provide better examples for your > needs. > But as I understand it. The underlying file system needs to have space > for, and be aware of your intentions in order to accomplish this. Which > speaks to some degree to the error(s) you're receiving. Indeed. root > will be the only one able fully see these attributes, unless you make > some accommodations for user rights. IOW it'll somehow need to be > incorporated with the permission setup already implemented in the > existing file system. > Again, if I've somehow glossed over your intentions, and missed something. > My apologies. OK. Sorry. You're looking to bolt this feature on via a lib. I think permissions are going to be a hurdle here. Aren't they? I mean, won't you need to add an additional field for this new attribute in/for ls(1) to make any of this work? --Chris > > --Chris >> >> [1] https://linux.die.net/man/3/acl_extended_file >> [2] >> http://git.savannah.nongnu.org/cgit/acl.git/tree/libacl/acl_extended_file.c >> [3] >> http://git.savannah.nongnu.org/cgit/acl.git/tree/libacl/__acl_extended_file.c >> _______________________________________________ >> freebsd-hackers@freebsd.org mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers >> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" From owner-freebsd-hackers@freebsd.org Tue Apr 27 17:58:50 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 619BD5F99D0 for ; Tue, 27 Apr 2021 17:58:50 +0000 (UTC) (envelope-from ryan@ixsystems.com) Received: from mail-ot1-x32a.google.com (mail-ot1-x32a.google.com [IPv6:2607:f8b0:4864:20::32a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FV8dj4ys3z4hMG for ; Tue, 27 Apr 2021 17:58:49 +0000 (UTC) (envelope-from ryan@ixsystems.com) Received: by mail-ot1-x32a.google.com with SMTP id g4-20020a9d6b040000b029029debbbb3ecso23104749otp.7 for ; Tue, 27 Apr 2021 10:58:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ixsystems.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=CIaM7PgzV+YAZyorzcCtHQW9RHZH81vw1lMFIwo+f1k=; b=V9XfwZ1qj8cDitK57gHKxhTLnSHC6NUSsWhz6zHBc4KbVMzLACSJxK39xZ3XOSZCvu l8ecXkVrQ0Gr4a7rNkjgSvrrUSdKB5+EcLDl6771pygPra0wjdex9URFHuhm4utjOnkf Et8mhfpoHv3pJ/2eEstnKggV7oKLBUJ5Wds8Go4YfVwg8XnXVaGY0XGtSy/74J23p87F +mbauYE9Y4ZY0taixYm/IBWqD83DFPaiHPpwFyilivKnloWtaR+fi0vNA+MN0tZXIi0v n72EL2nUkiKKMgDVmr3EuEuIJZCDoJC5gR+xbHynZz48bGsaOvxHvUKl6apPDqF+JRAT nwfg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=CIaM7PgzV+YAZyorzcCtHQW9RHZH81vw1lMFIwo+f1k=; b=MmbutB0GX9/xeQvbLupZF/S3I+O3zxPLRfkyNJeok1XuLkgnnkJoPIH8EsrE7RaL3M qnXqDsMVJjHjeTz1IKyl3/xGm9wyp+XtWjmyd3VyXhKwyvjSWWaDi10ZhWZATnV5jfrI YqrjAK8T/A3i6KMl7wyazZRJiSCuqSJYdD5joLzGFUoY0P2+nAHO7K1DClWDMfzNueBO rarOHLgcaUxXFGq4vW0nfFIiw8HwBu6WadCxTBPjHFa6lKEp+n5NBhIw4PIVD6KaiTOC Zuz1LQ35I7oLIO7UWMX3txqN6ocah+n+vfqwdaLFRWD4wZSLhhQkIZGn1uQu+jR6JMuD jO3Q== X-Gm-Message-State: AOAM53037hg9GCd3+CLv8GhZKxK/Xe72feeVAJSMnbhVZKWZS1sjNBZo UimlzDGIX3DcDz6XD0Og7+PBSJJrlB22eqwGd0yOielu2z+WaO1o X-Google-Smtp-Source: ABdhPJxonbX03vF6k07poV8n8U0IeM62KDXW6uVB6lwFdZXXH183NPyP8UJ1LV1/oeESD7M5/qSZFthco89bHxf/h34= X-Received: by 2002:a9d:61d0:: with SMTP id h16mr21625570otk.363.1619546328171; Tue, 27 Apr 2021 10:58:48 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Ryan Moeller Date: Tue, 27 Apr 2021 13:58:37 -0400 Message-ID: Subject: Re: ACLs are not reflected in FS extended attributes To: Gleb Popov Cc: freebsd-hackers Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 4FV8dj4ys3z4hMG X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=ixsystems.com header.s=google header.b=V9XfwZ1q; dmarc=pass (policy=none) header.from=ixsystems.com; spf=pass (mx1.freebsd.org: domain of ryan@ixsystems.com designates 2607:f8b0:4864:20::32a as permitted sender) smtp.mailfrom=ryan@ixsystems.com X-Spamd-Result: default: False [-4.00 / 15.00]; RCVD_TLS_ALL(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[ixsystems.com:s=google]; FREEFALL_USER(0.00)[ryan]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::32a:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[ixsystems.com:+]; RCPT_COUNT_TWO(0.00)[2]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::32a:from]; NEURAL_HAM_SHORT(-1.00)[-1.000]; DMARC_POLICY_ALLOW(-0.50)[ixsystems.com,none]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::32a:from]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Apr 2021 17:58:50 -0000 ACLs on FreeBSD are not exposed through extended attributes but rather acl(9) interfaces in VFS implemented by each filesystem. There is a good selection of library interfaces already in acl(3). acl_extended_file(3) looks like it could be pretty much a convenience wrapper around acl_is_trivial_np(3). Hope that helps point you in the right direction! -Ryan On Tue, Apr 27, 2021 at 4:41 AM Gleb Popov wrote: > > Hello hackers. > > I'm trying to implement Linux acl_extended_file() function [1] within our > libc. On Linux this function is implemented via getxattr, a function that > reads extended attributes from the file [2][3] > > My implementation follows the Linux one: > > > int > acl_extended_file_np(const char *path_p) > { > return _acl_extended_file(extattr_get_file, path_p); > } > > int _acl_extended_file(getattr_func f, const char* path_p) > { > int base_size = 9999; // figure out this later > int retval; > > retval = f(path_p, POSIX1E_ACL_ACCESS_EXTATTR_NAMESPACE, > POSIX1E_ACL_ACCESS_EXTATTR_NAME, NULL, 0); > printf("Retval1: %d\n", retval); > if (retval < 0 && errno != ENOATTR) > return -1; > if (retval > base_size) > return 1; > retval = f(path_p, POSIX1E_ACL_DEFAULT_EXTATTR_NAMESPACE, > POSIX1E_ACL_DEFAULT_EXTATTR_NAME, NULL, 0); > printf("Retval2: %d\n", retval); > if (retval < 0 && errno != ENOATTR) > return -1; > if (retval > base_size) > return 1; > return 0; > } > > > However, when I tried to use it, I stumbled upon following differences: > > - It requires root permissions to operate. I guess this is because it tries > to look at "system" extattr namespace. > - It doesn't work anyways due to "Attribute not found" error. > > And indeed, the same behavior can be seen when using command line tools. > On Linux: > $ setfacl -m u:someuser:rwx somefile > $ getfattr -d -m - somefile > system.posix_acl_access= > > > On FreeBSD: > $ setfacl -m u:someuser:rwx:allow somefile > $ sudo getextattr system posix1e.acl_access somefile > failed: Attribute not found > > I guess that FreeBSD behaviour is actually not a bug and libacl just uses > some internal knowledge about how ACL/xattr is implemented on Linux. If > this is correct, how should I approach implementing this function on > FreeBSD? > > Thanks in advance. > > [1] https://linux.die.net/man/3/acl_extended_file > [2] > http://git.savannah.nongnu.org/cgit/acl.git/tree/libacl/acl_extended_file.c > [3] > http://git.savannah.nongnu.org/cgit/acl.git/tree/libacl/__acl_extended_file.c > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" -- Ryan Moeller iXsystems, Inc. OS Developer Email: ryan@iXsystems.com From owner-freebsd-hackers@freebsd.org Tue Apr 27 18:25:34 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6A2EB5FAA83 for ; Tue, 27 Apr 2021 18:25:34 +0000 (UTC) (envelope-from core-secretary@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 4FV9DZ2Gnfz4k2K for ; Tue, 27 Apr 2021 18:25:34 +0000 (UTC) (envelope-from core-secretary@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 4C2055FA77A; Tue, 27 Apr 2021 18:25:34 +0000 (UTC) Delivered-To: hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4BDCF5FA779 for ; Tue, 27 Apr 2021 18:25:34 +0000 (UTC) (envelope-from core-secretary@freebsd.org) Received: from mail-wr1-f50.google.com (mail-wr1-f50.google.com [209.85.221.50]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FV9DZ09S0z4k2J for ; Tue, 27 Apr 2021 18:25:33 +0000 (UTC) (envelope-from core-secretary@freebsd.org) Received: by mail-wr1-f50.google.com with SMTP id n2so7285943wrm.0 for ; Tue, 27 Apr 2021 11:25:33 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:reply-to:mime-version:date:subject:to :message-id; bh=mlUpLFlpFGINcpRyB+bcEefCam50huxOoShjBv1rN0U=; b=JZvswM1TMqn/8pqCDC1FbTETrFBUZj0pmznPVBdLCRx4IHhNIzHo7RV2dmnDwJGca5 EFhLOccJtdU9+zW6Efk9VOw14FD2esvnhXZYl/UcjsiqF9Nl6aSjkDG4/knDHnXdd2DO +p/SVKZzjZP8jaOC1ytVladAsZgU0NYIHuW/ynqT7cigny6mcC3lN3aymkAHAQqh+4fG aUtdcFSqHa+FsUyzSZ0Mw3WIWLNKezlzU/RED7ojHkwpz/O0i2jUEvyGUQhHjvmAChkr mGaaaBGnz+4+ZhcuDeICiME4WvL2GKd6KknqyyPytAE8HFWVSz7sZuEl4m4SQmbO6Bt4 WEkg== X-Gm-Message-State: AOAM531RSSLCYxePJHgFLdlYXEAKk7n+MBQzhutxulN3t5Ga6gGlqcaw 4vWbV52NkSNnoICWoQvfLQJ7bhsi X-Google-Smtp-Source: ABdhPJzwXlM5296w08K0rmKBKuCuyKGc2PkvnwbGAbApzazm+YC5o9DvpNzLbLgfpDowErbavPjtFw== X-Received: by 2002:adf:f908:: with SMTP id b8mr30025479wrr.184.1619547932587; Tue, 27 Apr 2021 11:25:32 -0700 (PDT) Received: from mx.bofh.network (mx.bofh.network. [2a01:4f8:13b:4347::12]) by smtp.gmail.com with ESMTPSA id x23sm642784wmj.43.2021.04.27.11.25.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 27 Apr 2021 11:25:31 -0700 (PDT) Received: from [192.168.30.215] (103-218-25-250.Dhaka.carnival.com.bd [103.218.25.250]) by mx.bofh.network (OpenSMTPD) with ESMTPSA id e1d673e3 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); Tue, 27 Apr 2021 18:25:28 +0000 (UTC) From: FreeBSD Core Team Secretary Content-Type: multipart/signed; boundary="Apple-Mail=_0DA14119-5EB0-4E0C-BA85-705DCB9499ED"; protocol="application/pgp-signature"; micalg=pgp-sha512 Reply-To: FreeBSD Core Team Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.60.0.2.21\)) Date: Wed, 28 Apr 2021 00:25:23 +0600 Subject: Best Practices virtual panel discussion To: FreeBSD Core Team Message-Id: <6A893CF7-5701-4070-B49C-DEDE1FE265CB@freebsd.org> X-Mailer: Apple Mail (2.3654.60.0.2.21) X-Rspamd-Queue-Id: 4FV9DZ09S0z4k2J X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [0.00 / 15.00]; local_wl_from(0.00)[freebsd.org]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US] X-Mailman-Approved-At: Tue, 27 Apr 2021 19:15:20 +0000 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Apr 2021 18:25:34 -0000 --Apple-Mail=_0DA14119-5EB0-4E0C-BA85-705DCB9499ED Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 The FreeBSD CORE Team invites you to a Best Practices virtual panel = discussion at either 1800 UTC on May 12, 2021, or 0200 UTC on May 26, = 2021. (We=E2=80=99re arranging two separate meetings to accommodate = attendees in different Time Zones.) The discussion will primarily cover = how developers can improve code coverage, code testing, code review, = documentation testing, and ports testing as well as how the Project can = maintain industry best practices to deliver a secure, high-performing = Operating System. We=E2=80=99ll have a diverse group of FreeBSD developers, drawing from = both ports and src contributors, so we hope to hear a wide range of = views from within the Project. Our moderator, Warner Losh, will lead the = panel discussion through several broad topics and will monitor IRC for = relevant questions or comments from the audience. We are still working = on the list of participants and will announce it in advance. Meanwhile, = we invite you to start asking yourself what we do well today as a = community, what obstacles we face in our current efforts, and what we = can strive toward in the future. The goals of these roundtables will be to gather source material for a = =E2=80=9CFreeBSD Best Practices=E2=80=9D handbook, to set the general = direction for the Project=E2=80=99s workflows, and to gather = requirements for additional tooling needed to expand our exsting CI = pipeline for pre-commit checks. We=E2=80=99ll discuss any open issues in = follow-up sessions at the Developers=E2=80=99 Summit in June. See https://wiki.freebsd.org/OfficeHours for updates, a link to the = agenda, and details on how to watch via live stream or participate via = an interactive meeting. Send questions to the moderator, Warner Losh, at = imp@FreeBSD.org. Thanks! We look forward to seeing you. Regards, Moin (bofh), with core-secretary@ hat on --Apple-Mail=_0DA14119-5EB0-4E0C-BA85-705DCB9499ED Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEES2Tp4L3ps+zAa1xm2MjIO0nybxcFAmCIVxNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDRC NjRFOUUwQkRFOUIzRUNDMDZCNUM2NkQ4QzhDODNCNDlGMjZGMTcACgkQ2MjIO0ny bxcQ6w/9HSxpBso5LsJFpyYYGx0hpEQu0bJTGWuEP1QqKTO7k7brcDglklH8C1pp G2tRlyzOovc0oeaxoIAu+yFtv9kDKa9b4HlBiS7iVBgtF7arMTQ+xvH37uiM8DCf CQ5mNGp+9PWXtv23BCBfY8fk5cJfEGUeFREo5jOhAmDDHS6Qau6FyQEQoEbtZ8xg nuj7m4R5VmeXJcTDXDZt6Adwp34KvbZsr509C7zZtLllURFLO6dEeHxFeuk2utfm tcD+cNA0TnXqbp6XizTVA628XIN04Zp+7/c3aZFwebh84zadKiH+QSQtwtnqFWra Mzr6Z5T4T1bRxD4taQpK+YI5A0Mzoh6swCI8F+YTDS51kS7dNVH/Nv+B55T7AvgM 8pSRnj3UuSyqAk1qRBJKTwEtFdg7iYT+Ma/ZBkmIdvIIW8Xg+J/6ElBwJqfYxD46 H2+UqpbcpQPtkfoX4GPF80cqnjWmdiy9T95IbevbCd03/ZwGgeEhpFZN9QWRo11G 4rwssNt6PVTlDOsJKc4MmdjgoiIRvrU6Vi7zxAYSsmpyWLR7f4J6xuy00cO9Fh8H XWhIkiW/0bbk/MdMZ5OO0C8w8qR97sTETanwfQqIz5J2wsyJxdpT0weoEgj7k2Ud na8ZS8m+BGygo5L/2pYHWX02+/pGWZMYx/H82veyRQOToWFT4vA= =JxC8 -----END PGP SIGNATURE----- --Apple-Mail=_0DA14119-5EB0-4E0C-BA85-705DCB9499ED-- From owner-freebsd-hackers@freebsd.org Tue Apr 27 19:31:28 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 79FE25FEDC2 for ; Tue, 27 Apr 2021 19:31:28 +0000 (UTC) (envelope-from grahamperrin@gmail.com) Received: from mail-wr1-x434.google.com (mail-wr1-x434.google.com [IPv6:2a00:1450:4864:20::434]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FVBhV75GBz4p9n for ; Tue, 27 Apr 2021 19:31:22 +0000 (UTC) (envelope-from grahamperrin@gmail.com) Received: by mail-wr1-x434.google.com with SMTP id q9so6446208wrs.6 for ; Tue, 27 Apr 2021 12:31:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding:content-language; bh=ImOeDSg4WW2Kl2JokLAAlIhYaDizOmmPAw6faL9wAYs=; b=uDWOSnXQ8Vt6sQxhMq6fl1mj6ykZ9IYuECoLn3gSyLhpfkOoZoX01O3zxZWql3cPy0 RozH4cLfP5wo1hRKUZS0PQ5otIZAe5iy4c54FToEB+E065t/IcQAbF9cil3+KTHEJJPk utfMf/nS1ZqwHpw9MB1/9imP6Q9X2yJC/o+rV66pwniiYbtfTAsu1VmBFwtr94xhgaOW 4IazQJD4kQe/YB3OoM0Q/hW4ITd+zjqA41s2xvRUG3J/5Y2oggN/ggHxM7Xd1eHoEVRK 0bH7UFrM2HEfeCQ256l2hDAwqS9BshBgAGU87/0LoPH4Kq77hcWyust9niM6SHcuzib6 7pIw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=ImOeDSg4WW2Kl2JokLAAlIhYaDizOmmPAw6faL9wAYs=; b=ZrX5csXU3Yo+ESosROXq7gRJu949QEoloRrxOQD7ThfK+x99ECLrag5KkcHVieL5ub 3MNrjVXhWn04mYmtVyLhzf0whblXGg4Wjx22nPufHbe1PwnIAgbZiK6xQoHxeqqynIz4 5BnLAm5pU2hb8cjTrbvYIYOCmEcT4PVO6YXjmk602TfyX7Pow7HHi9V4BH8nWHG2zLMS znUZXlQ2m02g5cdE6ywBur2hbELLFB+p6rs9MXnxnikqX3yzH0g63FvyreFsIJyXfXP9 0Q4OdybMiPGYu9bjZK2/iEUoL4enkFCdygm8m5mmGlTGAYkJJwtOkV0o1cHj5myEv5rb aERw== X-Gm-Message-State: AOAM531JRslxayUYwzPI9mAErQaqv6/OAkrPzIKN7AmrUQoPt1JMDpiC 40qUWd0TpeqCV2j+huHxEOVk8972/gGqAw== X-Google-Smtp-Source: ABdhPJzS8EUGqHYA5dKNOOXTo3tyPaHL367oRnfXJrVuDEilx+NOehaf9wps6p2y+3vZqQD8O4a8Kg== X-Received: by 2002:a5d:6648:: with SMTP id f8mr9739748wrw.396.1619551880836; Tue, 27 Apr 2021 12:31:20 -0700 (PDT) Received: from [192.168.1.10] (88-105-96-80.dynamic.dsl.as9105.com. [88.105.96.80]) by smtp.gmail.com with ESMTPSA id t14sm5082586wrz.55.2021.04.27.12.31.20 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 27 Apr 2021 12:31:20 -0700 (PDT) Subject: Alternatives to Bountysource (was: Bug bounty framework?) To: freebsd-hackers@freebsd.org References: <20210425184323.GR18217@blisses.org> <1219846208.215399.1619466917981@privateemail.com> From: Graham Perrin Message-ID: Date: Tue, 27 Apr 2021 20:31:19 +0100 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:78.0) Gecko/20100101 Thunderbird/78.10.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-GB X-Rspamd-Queue-Id: 4FVBhV75GBz4p9n X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=uDWOSnXQ; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of grahamperrin@gmail.com designates 2a00:1450:4864:20::434 as permitted sender) smtp.mailfrom=grahamperrin@gmail.com X-Spamd-Result: default: False [-2.00 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; TO_DN_NONE(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; SUBJECT_HAS_QUESTION(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[2a00:1450:4864:20::434:from]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; RECEIVED_SPAMHAUS_PBL(0.00)[88.105.96.80:received]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[2a00:1450:4864:20::434:from:127.0.2.255]; NEURAL_SPAM_SHORT(1.00)[1.000]; BLOCKLISTDE_FAIL(0.00)[88.105.96.80:query timed out,2a00:1450:4864:20::434:query timed out]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::434:from]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Apr 2021 19:31:28 -0000 On 27/04/2021 08:14, Gleb Popov wrote: > … bountysource.com, it is a TERRIBLE site. I was the one who > posted the rtsx driver bounty, and after a while it turned out that > BountySource quietly takes money from your balance as a "fee for > inactivity". I lost about $100 before noticing this. … Thanks for the hint; Re: alternatives to Bountysource, links out from may be of interest. (Some of the preceding comments were Ukraine-oriented.) HTH From owner-freebsd-hackers@freebsd.org Wed Apr 28 10:02:06 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D59835E37AC for ; Wed, 28 Apr 2021 10:02:06 +0000 (UTC) (envelope-from admin@districtemails.live) Received: from vps.districtemails.live (vps.districtemails.live [80.89.230.182]) by mx1.freebsd.org (Postfix) with ESMTP id 4FVZ1B0ccHz4T93 for ; Wed, 28 Apr 2021 10:02:05 +0000 (UTC) (envelope-from admin@districtemails.live) Received: from districtemails.live (localhost [127.0.0.1]) by vps.districtemails.live (Postfix) with ESMTP id 1A85342FFC34 for ; Wed, 28 Apr 2021 05:36:33 +0000 (UTC) From: "Email Administrator" To: freebsd-hackers@freebsd.org Subject: Email Security Notification Date: 27 Apr 2021 22:36:33 -0700 Message-ID: <20210427223632.4A374529086638CF@freebsd.org> X-Spamd-Bar: +++++++++++++ Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of admin@districtemails.live designates 80.89.230.182 as permitted sender) smtp.mailfrom=admin@districtemails.live X-Rspamd-Fuzzy: 60afa3c383e63088b9149d4cb18a56e8ffcf37a01450716ddaf0546310b8951eddceef4d07bdc2db5209f8ad0f9a25e570bb27d9423560cb78e2d70e44b35cf2 X-Spamd-Result: default: False [13.22 / 15.00]; R_SPF_ALLOW(0.00)[+mx]; TO_DN_NONE(0.00)[]; FUZZY_DENIED(8.52)[1:60afa3c383:0.65:txt]; NEURAL_HAM_SHORT(-1.00)[-1.000]; RBL_MAILSPIKE_BAD(1.00)[80.89.230.182:from]; FORGED_SENDER(0.30)[admin@freebsd.org,admin@districtemails.live]; RCVD_NO_TLS_LAST(0.10)[]; MIME_TRACE(0.00)[0:~]; RBL_DBL_DONT_QUERY_IPS(0.00)[80.89.230.182:from]; ASN(0.00)[asn:204601, ipnet:80.89.230.0/24, country:NL]; R_DKIM_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; TO_DOM_EQ_FROM_DOM(0.00)[]; ARC_NA(0.00)[]; FREEFALL_USER(0.00)[admin]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; FROM_NEQ_ENVFROM(0.00)[admin@freebsd.org,admin@districtemails.live]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; DMARC_NA(0.00)[freebsd.org]; NEURAL_SPAM_MEDIUM(1.00)[1.000]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[80.89.230.182:from:127.0.2.255]; BAD_REP_POLICIES(0.10)[]; NEURAL_SPAM_LONG(1.00)[1.000]; MIME_HTML_ONLY(0.20)[]; RBL_SENDERSCORE(2.00)[80.89.230.182:from]; RCVD_COUNT_TWO(0.00)[2]; GREYLIST(0.00)[pass,body]; MAILMAN_DEST(0.00)[freebsd-hackers] X-Rspamd-Queue-Id: 4FVZ1B0ccHz4T93 X-Spam: Yes MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Apr 2021 10:02:06 -0000 From owner-freebsd-hackers@freebsd.org Wed Apr 28 11:30:40 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 17D4E5E6BD9 for ; Wed, 28 Apr 2021 11:30:40 +0000 (UTC) (envelope-from ionut.mihalache1506@gmail.com) Received: from mail-wr1-x434.google.com (mail-wr1-x434.google.com [IPv6:2a00:1450:4864:20::434]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FVbzM2Vhmz4YKG; Wed, 28 Apr 2021 11:30:38 +0000 (UTC) (envelope-from ionut.mihalache1506@gmail.com) Received: by mail-wr1-x434.google.com with SMTP id x7so62600172wrw.10; Wed, 28 Apr 2021 04:30:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=jRJ51X0trcfx+jrdWhYqPkMdXXJ6HPcyOyKaMtl4RLA=; b=aKEaN1ZJesKrLHh2VxWXjTDjWz8WxBb4BrhYYLLS4dVq3pgKf9LDthycJ4PFDmT9Wv BTUVFz+dxg+gmjduPetpkUY489KDMrNCZqqQtt/P2UqpKQPQ4nszXQmWf9lHsV0WzrC3 +0sGL+QOgaajQLG7cvpfNKZjz0DarmnW4k+iLy6xeLebvKH1ngQ5uwsmMebg8n7lXvrq eHqi7y7Hnwr2D0+lbfyMT42eVgILcb9mcdeYO8PqykMp/NpdYHlKKoepnSwg4aW7D28c ybu7C6NRNGLxdJZ+7Gm6N0RPX7X2BJ3fm3jYY6QgtQeGnutyHpcMKMqWmPS2fKQaN47A 2zJQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=jRJ51X0trcfx+jrdWhYqPkMdXXJ6HPcyOyKaMtl4RLA=; b=p5IOpHWUhIcFz7lfpK3hmFgM7FAmvK4jEGGfOt2exfrpfBONKf4rP1R5VvuSx/Sw/s uTFlj7zw/o/4Y0MGXjkLXB5HlLWN4wRFErMnjyBaWoDeSoiZ2J/Ew89PBLUcVaRn2o14 0nlAcW9pEBsMtvGBPyTvo1PGKCLXjFNsmhwGfrr/jA0ojrRsEOQJR1SGFLQDsKwNVLdh 5clP/WmPv1wqdmQN5RUr62L0Q2eOqRE2BR8cCuGqdigSa5M3VAUKLxUhyjkPTuaPC/sh NLlMYk0w8X3eRSquv1/VONq/mtLqr5erVEeWx9ci5kyseyxi6DyHZeBtYkCT3ZEiX4CL FTKA== X-Gm-Message-State: AOAM531q17ToeGIzEajFfwUQrNfTMTnqERrpw+zWjQRnwhxsKB+MlWBK cB7QVBGBekEMBxNpN8wDXeXgVxlSeHE1jGXkCehFjznXTK0= X-Google-Smtp-Source: ABdhPJz8ivsnFJZk49uLSmpMw8w/vE97c1jzoIT59JMJCoc7Sz4XoSlXFIVY2LVnxB6Yie6t4ZEw5+c3dOxoSAoBRXg= X-Received: by 2002:a05:6000:1547:: with SMTP id 7mr3355358wry.388.1619609437460; Wed, 28 Apr 2021 04:30:37 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: =?UTF-8?Q?Ionu=C8=9B_Mihalache?= Date: Wed, 28 Apr 2021 14:30:26 +0300 Message-ID: Subject: Re: cap_sysctlbyname for hw.vmm.destroy To: Mark Johnston Cc: freebsd-hackers@freebsd.org X-Rspamd-Queue-Id: 4FVbzM2Vhmz4YKG X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=aKEaN1ZJ; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of ionutmihalache1506@gmail.com designates 2a00:1450:4864:20::434 as permitted sender) smtp.mailfrom=ionutmihalache1506@gmail.com X-Spamd-Result: default: False [-1.38 / 15.00]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; R_MIXED_CHARSET(0.62)[subject]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[2a00:1450:4864:20::434:from]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; NEURAL_SPAM_SHORT(1.00)[1.000]; SPAMHAUS_ZRD(0.00)[2a00:1450:4864:20::434:from:127.0.2.255]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::434:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Apr 2021 11:30:40 -0000 I tried to test the example from the documentation between here [1] and here [2]. The code stops here [3]. [1] - https://github.com/FreeBSD-UPB/freebsd-src/blob/3a08ffe4839de9b8396b1760f1d= c42b066428807/usr.sbin/bhyve/bhyverun.c#L1538 [2] - https://github.com/FreeBSD-UPB/freebsd-src/blob/3a08ffe4839de9b8396b1760f1d= c42b066428807/usr.sbin/bhyve/bhyverun.c#L1585 [3] - https://github.com/FreeBSD-UPB/freebsd-src/blob/3a08ffe4839de9b8396b1760f1d= c42b066428807/usr.sbin/bhyve/bhyverun.c#L1581 =C3=8En lun., 26 apr. 2021 la 20:40, Mark Johnston a sc= ris: > On Mon, Apr 26, 2021 at 05:16:14PM +0300, Ionu=C8=9B Mihalache wrote: > > Hello, > > > > I am working on adding capsicum support for the bhyve snapshot feature. > At > > the end of the suspend process, the guest should be destroyed and the > code > > handles this part with a sysctlbyname call which is not working in > > capability mode. I don't know what is the problem but even when using > > cap_sysctlbyname I still get the same error code (EPERM). I tried the > > example from the documentation aswell [1] and still the same error code= . > > What could be the problem? I have a FreeBSD13 host and a FreeBSD13 gues= t. > > I'm not sure why it would happen unless the casper process is somehow > running as a non-root user. Can you share the code you're testing > somewhere? > From owner-freebsd-hackers@freebsd.org Wed Apr 28 11:39:52 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B2D865E7347 for ; Wed, 28 Apr 2021 11:39:52 +0000 (UTC) (envelope-from jakehfreebsd@gmail.com) Received: from mail-oi1-x229.google.com (mail-oi1-x229.google.com [IPv6:2607:f8b0:4864:20::229]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FVcB00fglz4Yd3 for ; Wed, 28 Apr 2021 11:39:51 +0000 (UTC) (envelope-from jakehfreebsd@gmail.com) Received: by mail-oi1-x229.google.com with SMTP id z7so10522203oix.9 for ; Wed, 28 Apr 2021 04:39:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=bUOVvzul33xbaNmhaOy0yBdJvikHj1tbBgrEEGxDpUw=; b=e1YL3pfBIsglI8xkv8wEGjOnsAach3bFWXW6OgqX0TETJvrcUllg0tdsddCilqDuZD 3dszdmwAJisTcIOLjbUl1bFBGZWkcDtspkWujdNyQpgvHKC1v0HGjXP0E/dMimCHuxVK qo6iE7a1oaLbQXMnWjhHFFgm31RbJv1YDr+UY23tZBqEaZqxl5PcnZl0N9zjMMd9v1IW OerxSuL5xw7lSRutgxvxKRPJ34/6Db2DGOZRfo/NyYLjN1frb0Xsvuj3FdxjQi6IctX8 3r9O1AQY/y4nxBdvu4yVICAAL67kgKpmauJLfhMd/W8q2p4r9vdf4oRz+b1/AOyiWa7k JahA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=bUOVvzul33xbaNmhaOy0yBdJvikHj1tbBgrEEGxDpUw=; b=DCVn8BvhUjuHjbSeK/LK9IVZ+Q+fhU868t7gRs2Y2qtZoGVXtuNaalKhtWqLZP2tK3 kZ2CG1uM/k3d5L0zbTD1KeuSUF8jI99c9Is2OGIJKhuqO8qymqDMm2OKby9xG9m3RYA2 g7cunWZ3I558EImegKF7VQqAfPAvMMuJzd0gf6B1USEBzVCIjAPTuTeEQiOiH18PHY8L 7m7rI9iNszWPzEPaCyaoPRWRWg1o8QD3WZzpt33BEFpRDsL1vqliukC6vhjmjYyL0dF1 HY+fKRcOPI5+CLPbxqmsu0FZETzd8SJBkZLguNkXME2P8zX18+Aqct77TJUahXkoBtoI k87Q== X-Gm-Message-State: AOAM532HeHgdXVrDaiGrK1Y8tmeo80YnGV4HFpHu4ENPQj6R/EZuSPGA ljfo3OX/KOmj4Qw83AXk6ORJiAuoE5ThPwj+Ux5iExDpX9c= X-Google-Smtp-Source: ABdhPJx+YQHGDqGKYY1hDd92TwwIseyiq0+5Siv9tGVr0ivKYrMyp4eu6I6dRa1ak9wUPEDHWa62mPErpx7HbI2ysfQ= X-Received: by 2002:aca:bb06:: with SMTP id l6mr19984953oif.121.1619609990483; Wed, 28 Apr 2021 04:39:50 -0700 (PDT) MIME-Version: 1.0 From: jake h Date: Wed, 28 Apr 2021 21:39:39 +1000 Message-ID: Subject: Issues building FreeBSD-current (head f9668e4) To: freebsd-hackers@freebsd.org Content-Type: multipart/mixed; boundary="0000000000002870d405c106d695" X-Rspamd-Queue-Id: 4FVcB00fglz4Yd3 X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=e1YL3pfB; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of jakehfreebsd@gmail.com designates 2607:f8b0:4864:20::229 as permitted sender) smtp.mailfrom=jakehfreebsd@gmail.com X-Spamd-Result: default: False [0.10 / 15.00]; FREEMAIL_FROM(0.00)[gmail.com]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; HAS_ATTACHMENT(0.00)[]; TO_DN_NONE(0.00)[]; MIME_BASE64_TEXT_BOGUS(1.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; MIME_BASE64_TEXT(0.10)[]; CTYPE_MIXED_BOGUS(1.00)[]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:+,3:~,4:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::229:from]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[multipart/mixed,multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::229:from:127.0.2.255]; NEURAL_SPAM_SHORT(1.00)[0.996]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::229:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Apr 2021 11:39:52 -0000 --0000000000002870d405c106d695 Content-Type: text/plain; charset="UTF-8" Hey everyone, I have been having some issues building FreeBSD-current from src, on freebsd-13 (build 1300500). It appears to stem from several files compiling with -Werror , despite my specification in make.conf of -Wno-error . As these files then have warnings, the make kernel exits. A log of the error is attached. System info: Current version: 13.0 - STABLE, build 1300500 make.conf: CFLAGS= -Wall -Wextra -Wno-error Attempting to update to: 14-CURRENT (Git head f8668e4) Thanks in advance for any help you can provide, Jake --0000000000002870d405c106d695 Content-Type: text/plain; charset="US-ASCII"; name="build-log.txt" Content-Disposition: attachment; filename="build-log.txt" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_ko1dxnaq0 LS0tIGludF91dGlsLm8gLS0tCi91c3Ivc3JjL2NvbnRyaWIvbGx2bS1wcm9qZWN0L2NvbXBpbGVy LXJ0L2xpYi9idWlsdGlucy9pbnRfdXRpbC5jOjYzOjQyOiBlcnJvcjogdW51c2VkIHBhcmFtZXRl ciAnZmlsZScgWy1XZXJyb3IsLVd1bnVzZWQtcGFyYW1ldGVyXQp2b2lkIF9fY29tcGlsZXJydF9h Ym9ydF9pbXBsKGNvbnN0IGNoYXIgKmZpbGUsIGludCBsaW5lLCBjb25zdCBjaGFyICpmdW5jdGlv bikgewogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIF4KL3Vzci9zcmMv Y29udHJpYi9sbHZtLXByb2plY3QvY29tcGlsZXItcnQvbGliL2J1aWx0aW5zL2ludF91dGlsLmM6 NjM6NTI6IGVycm9yOiB1bnVzZWQgcGFyYW1ldGVyICdsaW5lJyBbLVdlcnJvciwtV3VudXNlZC1w YXJhbWV0ZXJdCnZvaWQgX19jb21waWxlcnJ0X2Fib3J0X2ltcGwoY29uc3QgY2hhciAqZmlsZSwg aW50IGxpbmUsIGNvbnN0IGNoYXIgKmZ1bmN0aW9uKSB7CiAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgIF4KL3Vzci9zcmMvY29udHJpYi9sbHZtLXByb2pl Y3QvY29tcGlsZXItcnQvbGliL2J1aWx0aW5zL2ludF91dGlsLmM6NjM6NzA6IGVycm9yOiB1bnVz ZWQgcGFyYW1ldGVyICdmdW5jdGlvbicgWy1XZXJyb3IsLVd1bnVzZWQtcGFyYW1ldGVyXQp2b2lk IF9fY29tcGlsZXJydF9hYm9ydF9pbXBsKGNvbnN0IGNoYXIgKmZpbGUsIGludCBsaW5lLCBjb25z dCBjaGFyICpmdW5jdGlvbikgewogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBeCi0tLSBnY2NfcGVyc29uYWxpdHlfdjAu byAtLS0KL3Vzci9zcmMvY29udHJpYi9sbHZtLXByb2plY3QvY29tcGlsZXItcnQvbGliL2J1aWx0 aW5zL2djY19wZXJzb25hbGl0eV92MC5jOjE1ODo0MjogZXJyb3I6IHVudXNlZCBwYXJhbWV0ZXIg J2V4Y2VwdGlvbk9iamVjdCcgWy1XZXJyb3IsLVd1bnVzZWQtcGFyYW1ldGVyXQpjb250aW51ZVVu d2luZChzdHJ1Y3QgX1Vud2luZF9FeGNlcHRpb24gKmV4Y2VwdGlvbk9iamVjdCwKICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBeCi91c3Ivc3JjL2NvbnRyaWIvbGx2bS1w cm9qZWN0L2NvbXBpbGVyLXJ0L2xpYi9idWlsdGlucy9nY2NfcGVyc29uYWxpdHlfdjAuYzoxNTk6 NDA6IGVycm9yOiB1bnVzZWQgcGFyYW1ldGVyICdjb250ZXh0JyBbLVdlcnJvciwtV3VudXNlZC1w YXJhbWV0ZXJdCiAgICAgICAgICAgICAgIHN0cnVjdCBfVW53aW5kX0NvbnRleHQgKmNvbnRleHQp IHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgXgovdXNyL3NyYy9jb250 cmliL2xsdm0tcHJvamVjdC9jb21waWxlci1ydC9saWIvYnVpbHRpbnMvZ2NjX3BlcnNvbmFsaXR5 X3YwLmM6MTg4Ojk6IGVycm9yOiB1bnVzZWQgcGFyYW1ldGVyICd2ZXJzaW9uJyBbLVdlcnJvciwt V3VudXNlZC1wYXJhbWV0ZXJdCiAgICBpbnQgdmVyc2lvbiwgX1Vud2luZF9BY3Rpb24gYWN0aW9u cywgdWludDY0X3QgZXhjZXB0aW9uQ2xhc3MsCiAgICAgICAgXgovdXNyL3NyYy9jb250cmliL2xs dm0tcHJvamVjdC9jb21waWxlci1ydC9saWIvYnVpbHRpbnMvZ2NjX3BlcnNvbmFsaXR5X3YwLmM6 MTg4OjUxOiBlcnJvcjogdW51c2VkIHBhcmFtZXRlciAnZXhjZXB0aW9uQ2xhc3MnIFstV2Vycm9y LC1XdW51c2VkLXBhcmFtZXRlcl0KICAgIGludCB2ZXJzaW9uLCBfVW53aW5kX0FjdGlvbiBhY3Rp b25zLCB1aW50NjRfdCBleGNlcHRpb25DbGFzcywKICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICBeCjQgZXJyb3JzIGdlbmVyYXRlZC4KLS0tIGludF91dGls Lm8gLS0tCjMgZXJyb3JzIGdlbmVyYXRlZC4KLS0tIGdjY19wZXJzb25hbGl0eV92MC5vIC0tLQoq KiogW2djY19wZXJzb25hbGl0eV92MC5vXSBFcnJvciBjb2RlIDEKCm1ha2VbNF06IHN0b3BwZWQg aW4gL3Vzci9zcmMvbGliL2xpYmdjY19laAotLS0gaW50X3V0aWwubyAtLS0KKioqIFtpbnRfdXRp bC5vXSBFcnJvciBjb2RlIDEKCm1ha2VbNF06IHN0b3BwZWQgaW4gL3Vzci9zcmMvbGliL2xpYmdj Y19laAotLS0gbGliL2xpYmNvbXBpbGVyX3J0X19QTCAtLS0KCm1ha2VbM106IHN0b3BwZWQgaW4g L3Vzci9zcmMKLS0tIGxpYi9saWJnY2NfZWhfX1BMIC0tLQoyIGVycm9ycwoKbWFrZVs0XTogc3Rv cHBlZCBpbiAvdXNyL3NyYy9saWIvbGliZ2NjX2VoCgptYWtlWzNdOiBzdG9wcGVkIGluIC91c3Iv c3JjCgptYWtlWzJdOiBzdG9wcGVkIGluIC91c3Ivc3JjCgptYWtlWzFdOiBzdG9wcGVkIGluIC91 c3Ivc3JjCgptYWtlOiBzdG9wcGVkIGluIC91c3Ivc3JjCgo= --0000000000002870d405c106d695-- From owner-freebsd-hackers@freebsd.org Wed Apr 28 13:52:55 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3D5A25F4F57 for ; Wed, 28 Apr 2021 13:52:55 +0000 (UTC) (envelope-from markjdb@gmail.com) Received: from mail-qt1-x831.google.com (mail-qt1-x831.google.com [IPv6:2607:f8b0:4864:20::831]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FVg7V3pjHz4hyt for ; Wed, 28 Apr 2021 13:52:54 +0000 (UTC) (envelope-from markjdb@gmail.com) Received: by mail-qt1-x831.google.com with SMTP id f12so46691741qtf.2 for ; Wed, 28 Apr 2021 06:52:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to; bh=TXEA6ibRkxYWqM2WGm9MprgQdHj2m0kPDleSt1VbTZs=; b=NCq9HwipAsctYp2jppNJ+Eft7Y/2VWX5xEgv8hOJrGHPLg/IeXEiNGUPh3gThtomjS qstjf8GnWIvuBGTfAD4m6fyxlH4loHalgCK5wtMlK1ldFGdTHi/TnsTCybVuXR+oZcm4 h1mkbTdPRfXiFiRB6wMWrM8rVFJEUHCsAIsjtcLX8WAkM/u5/gwsEp/KFbgt3mgotN1Y WvbP+x7UEXKubH/9AdUvdUTvGoIKUyKzofi33xFF+3bqMCbMb082spmZE3jNoOYVWMFi bl4eSqIZXEITmt3vkpXGjb5UYPPRWL9GTtaOgB/Pc2hLM2U0nMowCN3Jb7WdkOqvVlmC 7dPA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:from:to:cc:subject:message-id :references:mime-version:content-disposition :content-transfer-encoding:in-reply-to; bh=TXEA6ibRkxYWqM2WGm9MprgQdHj2m0kPDleSt1VbTZs=; b=fJTizSok3g62boq+y2wxyQZuVQqki0KedxAeMTyRHC1U99zuSQzjFqft11LJFJx8y+ k/kI3LRedVNCJ9CHYzDlsak7hEobEboQX7pd5NvETBIS2Nb8g7lGEHfmfKBirRLfRvI4 DQbOIsGbZWt1go+moaRNvXBMhyV7UbbGwI2olI7hTsBD0ywIrueWVKRKAN40LFmq6saN ocD+Y/V01IFl2NlwluBg6NmxfCFHMJ5YN+TQ9FelIOLYJ93U7s5PC7M83uY84VQPaZZ/ I+WqBjOyKageIAUx575I+i+U9kjO5Fg/nd2TWT4AjlRSyb8arzj/gsndrmN0LTyiXWHB MRFw== X-Gm-Message-State: AOAM5328HEk5ugaOz7YcFNCTF9SPVPdWoORYefRrYSxSwfmKXH4LDDII 6f2L6IY3NT2QXUERUTiTxZg= X-Google-Smtp-Source: ABdhPJwSIkSa1KENq3LXy0nzZkvqjS3/yb0keCZxuMwqfVqJOXhbUyiOfS+ZkyMZDZygXoieEIicSg== X-Received: by 2002:ac8:7fc5:: with SMTP id b5mr26811070qtk.41.1619617973387; Wed, 28 Apr 2021 06:52:53 -0700 (PDT) Received: from nuc ([142.126.164.150]) by smtp.gmail.com with ESMTPSA id c2sm5223086qkk.2.2021.04.28.06.52.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 28 Apr 2021 06:52:52 -0700 (PDT) Sender: Mark Johnston Date: Wed, 28 Apr 2021 09:52:55 -0400 From: Mark Johnston To: =?utf-8?B?SW9udcib?= Mihalache Cc: freebsd-hackers@freebsd.org Subject: Re: cap_sysctlbyname for hw.vmm.destroy Message-ID: References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-Rspamd-Queue-Id: 4FVg7V3pjHz4hyt X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=NCq9Hwip; dmarc=none; spf=pass (mx1.freebsd.org: domain of markjdb@gmail.com designates 2607:f8b0:4864:20::831 as permitted sender) smtp.mailfrom=markjdb@gmail.com X-Spamd-Result: default: False [-2.70 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FREEMAIL_TO(0.00)[gmail.com]; FORGED_SENDER(0.30)[markj@freebsd.org,markjdb@gmail.com]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; FROM_NEQ_ENVFROM(0.00)[markj@freebsd.org,markjdb@gmail.com]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::831:from]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; TAGGED_RCPT(0.00)[]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; DMARC_NA(0.00)[freebsd.org]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::831:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::831:from]; MID_RHS_NOT_FQDN(0.50)[]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Apr 2021 13:52:55 -0000 On Wed, Apr 28, 2021 at 02:30:26PM +0300, Ionuț Mihalache wrote: > I tried to test the example from the documentation between here [1] and > here [2]. The code stops here [3]. I think you're referencing an old version of the cap_sysctl man page? See the example from the copy in your repo: https://github.com/FreeBSD-UPB/freebsd-src/blob/3a08ffe4839de9b8396b1760f1dc42b066428807/lib/libcasper/services/cap_sysctl/cap_sysctl.3#L122 In particular, when setting limits consumers should not be building nvlists directly. > [1] - > https://github.com/FreeBSD-UPB/freebsd-src/blob/3a08ffe4839de9b8396b1760f1dc42b066428807/usr.sbin/bhyve/bhyverun.c#L1538 > [2] - > https://github.com/FreeBSD-UPB/freebsd-src/blob/3a08ffe4839de9b8396b1760f1dc42b066428807/usr.sbin/bhyve/bhyverun.c#L1585 > [3] - > https://github.com/FreeBSD-UPB/freebsd-src/blob/3a08ffe4839de9b8396b1760f1dc42b066428807/usr.sbin/bhyve/bhyverun.c#L1581 > > În lun., 26 apr. 2021 la 20:40, Mark Johnston a scris: > > > On Mon, Apr 26, 2021 at 05:16:14PM +0300, Ionuț Mihalache wrote: > > > Hello, > > > > > > I am working on adding capsicum support for the bhyve snapshot feature. > > At > > > the end of the suspend process, the guest should be destroyed and the > > code > > > handles this part with a sysctlbyname call which is not working in > > > capability mode. I don't know what is the problem but even when using > > > cap_sysctlbyname I still get the same error code (EPERM). I tried the > > > example from the documentation aswell [1] and still the same error code. > > > What could be the problem? I have a FreeBSD13 host and a FreeBSD13 guest. > > > > I'm not sure why it would happen unless the casper process is somehow > > running as a non-root user. Can you share the code you're testing > > somewhere? > > From owner-freebsd-hackers@freebsd.org Wed Apr 28 14:22:37 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 39EAE5F5920 for ; Wed, 28 Apr 2021 14:22:37 +0000 (UTC) (envelope-from ionut.mihalache1506@gmail.com) Received: from mail-wr1-x435.google.com (mail-wr1-x435.google.com [IPv6:2a00:1450:4864:20::435]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FVgnm1G3Vz4k3M; Wed, 28 Apr 2021 14:22:35 +0000 (UTC) (envelope-from ionut.mihalache1506@gmail.com) Received: by mail-wr1-x435.google.com with SMTP id z6so1995110wrm.4; Wed, 28 Apr 2021 07:22:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=+VEsq9QRRh0lhgetb6g8UDuGj4dtYHjcuVyHrA2y7es=; b=TLl8GJ0tEER5hOHD8zyL/G/YiqvqZlOCZCWh0aawMLgdtejWZQ2JgR843r0K3of/ng h2zXHlWZ5xXFljo63qOb09HS+5j6rYWHA7/ajCwO4OQujsxl7fteucGKaqBfqRm3DdLh cBEhtsREPQhKDXrhN92d7zxHJyWJPMm0Ph7koxcPYLCPj5PDuM9p73YWyemWHiZ0Rbhe 49Td/FumfpVdFTNCRUEYAaYgKvvak2DkGPXTbc6kn0wEERZqRtMmlMsvnMQTSnLLaHuB SeJaegwUXE8zeYrDDoYIF7x63Cp7WQ1Ds2EY2LA3Jpa2a8QT+13suLS54iA0DYbppE6z D1ug== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=+VEsq9QRRh0lhgetb6g8UDuGj4dtYHjcuVyHrA2y7es=; b=rrdN0L29p2iGh7iXK35acsj1nozh1qDTO26JDd+T8/S1q4mZkn5P85wZj/VHoT5eTd yCrEhK1MnZFcrV+JYit14UMt+9rq9xJLxSFVri2xq5hHkuFNsoGTLSbL3GT2i+Ihcq7d 8I0+JfdjfxR4as6WXhPB7BzFEbInxhFhn84NaBX0YJZm76ML5ISVOfP+u6d8yhtId7ra TNG773H6GrcIBiYjq5yLygWQJZnUwq2gqXiNPwm7p5xP5xPBXSQlGDxFj0cPfnPbNXHk jnr1guN0sr0bvuUy9eB8eMUUzHqwJA8W2DlSPhVZTI+JYYsgYrq823hZwYVqT/Auzo+S cF9Q== X-Gm-Message-State: AOAM530hI966ZV9o9bbRcCv6yc8kgh5n2/QRGKyY8b5WP9LO0Hb4A1BK Qhcs5Psr3nF78S1+FJ1x90f7+NrEksKz7MaZn/BPXsDnBoc= X-Google-Smtp-Source: ABdhPJxh0kmvqPD1GJsgU62s1X0/RRugX5938o6gZtuuTj4nLV2PHz+yO/ryWTf/4XpEfjalKGolNBSbPxUrpFI7mGE= X-Received: by 2002:a5d:4d0b:: with SMTP id z11mr37691444wrt.164.1619619754227; Wed, 28 Apr 2021 07:22:34 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: =?UTF-8?Q?Ionu=C8=9B_Mihalache?= Date: Wed, 28 Apr 2021 17:22:22 +0300 Message-ID: Subject: Re: cap_sysctlbyname for hw.vmm.destroy To: Mark Johnston Cc: freebsd-hackers@freebsd.org X-Rspamd-Queue-Id: 4FVgnm1G3Vz4k3M X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=TLl8GJ0t; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of ionutmihalache1506@gmail.com designates 2a00:1450:4864:20::435 as permitted sender) smtp.mailfrom=ionutmihalache1506@gmail.com X-Spamd-Result: default: False [-3.37 / 15.00]; TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RBL_DBL_DONT_QUERY_IPS(0.00)[2a00:1450:4864:20::435:from]; R_MIXED_CHARSET(0.62)[subject]; TAGGED_FROM(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; SPAMHAUS_ZRD(0.00)[2a00:1450:4864:20::435:from:127.0.2.255]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::435:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Apr 2021 14:22:37 -0000 I update the code now [1] but still the same error. Even without any limits the cap_sysctlbyname fails after using cap_enter. [1] - https://github.com/FreeBSD-UPB/freebsd-src/blob/c54dce7590b065a757dff0f68fd= 921aca380670f/usr.sbin/bhyve/bhyverun.c#L1567 =C3=8En mie., 28 apr. 2021 la 16:52, Mark Johnston a sc= ris: > On Wed, Apr 28, 2021 at 02:30:26PM +0300, Ionu=C8=9B Mihalache wrote: > > I tried to test the example from the documentation between here [1] and > > here [2]. The code stops here [3]. > > I think you're referencing an old version of the cap_sysctl man page? > See the example from the copy in your repo: > > https://github.com/FreeBSD-UPB/freebsd-src/blob/3a08ffe4839de9b8396b1760f= 1dc42b066428807/lib/libcasper/services/cap_sysctl/cap_sysctl.3#L122 > In particular, when setting limits consumers should not be building > nvlists directly. > > > [1] - > > > https://github.com/FreeBSD-UPB/freebsd-src/blob/3a08ffe4839de9b8396b1760f= 1dc42b066428807/usr.sbin/bhyve/bhyverun.c#L1538 > > [2] - > > > https://github.com/FreeBSD-UPB/freebsd-src/blob/3a08ffe4839de9b8396b1760f= 1dc42b066428807/usr.sbin/bhyve/bhyverun.c#L1585 > > [3] - > > > https://github.com/FreeBSD-UPB/freebsd-src/blob/3a08ffe4839de9b8396b1760f= 1dc42b066428807/usr.sbin/bhyve/bhyverun.c#L1581 > > > > =C3=8En lun., 26 apr. 2021 la 20:40, Mark Johnston = a > scris: > > > > > On Mon, Apr 26, 2021 at 05:16:14PM +0300, Ionu=C8=9B Mihalache wrote: > > > > Hello, > > > > > > > > I am working on adding capsicum support for the bhyve snapshot > feature. > > > At > > > > the end of the suspend process, the guest should be destroyed and t= he > > > code > > > > handles this part with a sysctlbyname call which is not working in > > > > capability mode. I don't know what is the problem but even when usi= ng > > > > cap_sysctlbyname I still get the same error code (EPERM). I tried t= he > > > > example from the documentation aswell [1] and still the same error > code. > > > > What could be the problem? I have a FreeBSD13 host and a FreeBSD13 > guest. > > > > > > I'm not sure why it would happen unless the casper process is somehow > > > running as a non-root user. Can you share the code you're testing > > > somewhere? > > > > From owner-freebsd-hackers@freebsd.org Wed Apr 28 14:41:53 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 57FCF5F60D8 for ; Wed, 28 Apr 2021 14:41:53 +0000 (UTC) (envelope-from markjdb@gmail.com) Received: from mail-qt1-x833.google.com (mail-qt1-x833.google.com [IPv6:2607:f8b0:4864:20::833]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FVhD0173rz4kvT for ; Wed, 28 Apr 2021 14:41:51 +0000 (UTC) (envelope-from markjdb@gmail.com) Received: by mail-qt1-x833.google.com with SMTP id o21so18705119qtp.7 for ; Wed, 28 Apr 2021 07:41:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to; bh=xhK03eKEAL1why/29TFbbjELulA2X5xnKbBS4Ij7GFM=; b=laGaXSPev+uikH6dAVVUYEZeXg1W6QGDGryCWGAupAjsJVXb2QBFVHHPDI5mZk8q5b A29rK/m1opY+9ywCPrsekTUAIR2kno/GVw1BK0ZrgsbfxnLvnEVPVRaBITjExacc1V2m N6PsYjFoFtN11PX4fMOX0e/8NTajg990RUiOKrugSrluz2P1CN0O7ZJ1G9srhVh3YMvl I5tsCpzXz5VvB8U51BQfhzQts/ETqWbTUkz5+adF+uLpU+U1HF/G3uIMC/jNUicCrxRp 66z6V1lRpw/9sujA1umpH5MpqIGImkLJKF9EunswurqyDKxE2+3t4XKLHNLGABqb6MD4 R/SQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:from:to:cc:subject:message-id :references:mime-version:content-disposition :content-transfer-encoding:in-reply-to; bh=xhK03eKEAL1why/29TFbbjELulA2X5xnKbBS4Ij7GFM=; b=HB9Tj6+lflvQAmirqBwWuPAvGHa85/uosfNc+/7pZAAbbRqau4B9Ax+gFd7W78V5qn 0sHXyMg6zEVyRVy6Twxu9P5PjCzZa3ATAEiI0OaZvgIcc+OjlDuFoQTMewM8zMWaRqqL jYaXBTVAf2ub7DBP/YzHveV+J1DQw3JT31PQmQrv9RH2x6Q/5gU2DC1i8rRPlTmTyJPE AXpoZuwCxU45PfgmLGMyOwvVursMl/VX0Qmap7bx9W7bJnJRNpIbUf6LKKn8WM0iQUD3 Hla4xezkaqn6HABuWyExJH9iPrD4pRvmmr8bJzhtu3E7JdLRCTXMcX5TCZFjvXFEAZz+ OF+A== X-Gm-Message-State: AOAM5332G2wQeoHQZlACKH+vuM1mF6myDKDUDVSdEsmhu0HAXI0cyip+ pwxR+x2l6pkHUoU4KFeDeUXYXUkO+OPFXw== X-Google-Smtp-Source: ABdhPJxnKSkUM6yFtVxG/YB5P/X2990fi2dFM+Ot7Ihs0YQrY9kvRd2eS5wy0dJLjQPzuZrZD9p8Sw== X-Received: by 2002:a05:622a:589:: with SMTP id c9mr26994312qtb.363.1619620911230; Wed, 28 Apr 2021 07:41:51 -0700 (PDT) Received: from nuc ([142.126.164.150]) by smtp.gmail.com with ESMTPSA id g16sm144346qtv.64.2021.04.28.07.41.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 28 Apr 2021 07:41:50 -0700 (PDT) Sender: Mark Johnston Date: Wed, 28 Apr 2021 10:41:51 -0400 From: Mark Johnston To: =?utf-8?B?SW9udcib?= Mihalache Cc: freebsd-hackers@freebsd.org Subject: Re: cap_sysctlbyname for hw.vmm.destroy Message-ID: References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-Rspamd-Queue-Id: 4FVhD0173rz4kvT X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=laGaXSPe; dmarc=none; spf=pass (mx1.freebsd.org: domain of markjdb@gmail.com designates 2607:f8b0:4864:20::833 as permitted sender) smtp.mailfrom=markjdb@gmail.com X-Spamd-Result: default: False [-2.70 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FREEMAIL_TO(0.00)[gmail.com]; FORGED_SENDER(0.30)[markj@freebsd.org,markjdb@gmail.com]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; FROM_NEQ_ENVFROM(0.00)[markj@freebsd.org,markjdb@gmail.com]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::833:from]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; TAGGED_RCPT(0.00)[]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; DMARC_NA(0.00)[freebsd.org]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::833:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::833:from]; MID_RHS_NOT_FQDN(0.50)[]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Apr 2021 14:41:53 -0000 There are two bugs in the example, also present in your WIP. I fixed them here: https://cgit.freebsd.org/src/commit/?id=44bbda649dc6c1cdc5a99641e14c77157967e140 On Wed, Apr 28, 2021 at 05:22:22PM +0300, Ionuț Mihalache wrote: > I update the code now [1] but still the same error. Even without any limits > the cap_sysctlbyname fails after using cap_enter. > > [1] - > https://github.com/FreeBSD-UPB/freebsd-src/blob/c54dce7590b065a757dff0f68fd921aca380670f/usr.sbin/bhyve/bhyverun.c#L1567 > > În mie., 28 apr. 2021 la 16:52, Mark Johnston a scris: > > > On Wed, Apr 28, 2021 at 02:30:26PM +0300, Ionuț Mihalache wrote: > > > I tried to test the example from the documentation between here [1] and > > > here [2]. The code stops here [3]. > > > > I think you're referencing an old version of the cap_sysctl man page? > > See the example from the copy in your repo: > > > > https://github.com/FreeBSD-UPB/freebsd-src/blob/3a08ffe4839de9b8396b1760f1dc42b066428807/lib/libcasper/services/cap_sysctl/cap_sysctl.3#L122 > > In particular, when setting limits consumers should not be building > > nvlists directly. > > > > > [1] - > > > > > https://github.com/FreeBSD-UPB/freebsd-src/blob/3a08ffe4839de9b8396b1760f1dc42b066428807/usr.sbin/bhyve/bhyverun.c#L1538 > > > [2] - > > > > > https://github.com/FreeBSD-UPB/freebsd-src/blob/3a08ffe4839de9b8396b1760f1dc42b066428807/usr.sbin/bhyve/bhyverun.c#L1585 > > > [3] - > > > > > https://github.com/FreeBSD-UPB/freebsd-src/blob/3a08ffe4839de9b8396b1760f1dc42b066428807/usr.sbin/bhyve/bhyverun.c#L1581 > > > > > > În lun., 26 apr. 2021 la 20:40, Mark Johnston a > > scris: > > > > > > > On Mon, Apr 26, 2021 at 05:16:14PM +0300, Ionuț Mihalache wrote: > > > > > Hello, > > > > > > > > > > I am working on adding capsicum support for the bhyve snapshot > > feature. > > > > At > > > > > the end of the suspend process, the guest should be destroyed and the > > > > code > > > > > handles this part with a sysctlbyname call which is not working in > > > > > capability mode. I don't know what is the problem but even when using > > > > > cap_sysctlbyname I still get the same error code (EPERM). I tried the > > > > > example from the documentation aswell [1] and still the same error > > code. > > > > > What could be the problem? I have a FreeBSD13 host and a FreeBSD13 > > guest. > > > > > > > > I'm not sure why it would happen unless the casper process is somehow > > > > running as a non-root user. Can you share the code you're testing > > > > somewhere? > > > > > > From owner-freebsd-hackers@freebsd.org Wed Apr 28 15:19:23 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id EAEE65F76D2 for ; Wed, 28 Apr 2021 15:19:23 +0000 (UTC) (envelope-from ionut.mihalache1506@gmail.com) Received: from mail-wm1-x334.google.com (mail-wm1-x334.google.com [IPv6:2a00:1450:4864:20::334]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FVj3H0D6Pz4myv; Wed, 28 Apr 2021 15:19:22 +0000 (UTC) (envelope-from ionut.mihalache1506@gmail.com) Received: by mail-wm1-x334.google.com with SMTP id a22-20020a05600c2256b0290142870824e9so2787606wmm.0; Wed, 28 Apr 2021 08:19:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=3OQa+icQWX3tRdHbgh9uNZOhtd7SFrXDC8tYEycqWLY=; b=I9gWRQoYUHc3ZyjBU9YLKYQwjoq02M/twHbCnvmgn3EN/Nt14/S95gjDfZBJH5tmbf OQR8kGE/0U3Y02q8ESZ40sX/ad0dEfi3R01bNcPQx88I8sO1kbmIy8+uAX/AJP4ACd7z CpMNBg+59ZUpxXi7cSVUbzGPPr7520qPkuvvx5fwRJZlgLI895Vl+5+e+lYy5jRP1lUR ny+GK09H1YjOefTuQkJUqPPZQzNHxd+fM6dqV7H0jh4BtNRNE0mOjsE1gf7s1fAjishF b9Qn+BosYRiW7PhWO0xQKqtiREi9b/Pb4WQpvDq2Wt4YbGAnI0EPHVBlGOjq6RwgDcbS 4C2Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=3OQa+icQWX3tRdHbgh9uNZOhtd7SFrXDC8tYEycqWLY=; b=obOjen016fkLppPPJoKYCMDCRV/SGeX05P7UEQsHgHcL/hsxhzX+HrgvrmcxzH+rM5 lkSvVNva6HzsW2L3eNVLzXvt7aqsS6jZ3wzvx0Ak7p0Qf23sAuJoOiel9mTTVMHBOTAg t4N6vSa0yBxnfLfEkg/wBV8aBaB1y3x5cS33AXq7jJOueeFePcxPIdB2fk6aw3exyiYb f1s7NQ75EB4wtPxyZWROlatiKCosvWnH3Hp795TrOwjXTEBmuoEejBSFqPMfnW9fyNEo z9j3XdjLrX65m2LDDe9GQvuuWtV25bALXHFHRhbPOC1eUNfQoLprp+VXAvo9+z+ktddX wKFg== X-Gm-Message-State: AOAM533Ne9HvZCv/tczscm1bhzybcwzENTHLnbXsTsbyC4qbo746XgIt +mDm8ly4LEygCPDOMlasCVgVbKwsVDsbvvFeGroJ50mz X-Google-Smtp-Source: ABdhPJzKNr6BRDZ2rbbDkzh8U8nK0u11mSgVwlEaFu7JVdnoY04v88otWxmRYga9sbudUariPh5wVTpdELJMQigq1Ek= X-Received: by 2002:a05:600c:40c4:: with SMTP id m4mr5139242wmh.25.1619623160835; Wed, 28 Apr 2021 08:19:20 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: =?UTF-8?Q?Ionu=C8=9B_Mihalache?= Date: Wed, 28 Apr 2021 18:19:09 +0300 Message-ID: Subject: Re: cap_sysctlbyname for hw.vmm.destroy To: Mark Johnston Cc: freebsd-hackers@freebsd.org X-Rspamd-Queue-Id: 4FVj3H0D6Pz4myv X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=I9gWRQoY; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of ionutmihalache1506@gmail.com designates 2a00:1450:4864:20::334 as permitted sender) smtp.mailfrom=ionutmihalache1506@gmail.com X-Spamd-Result: default: False [-3.38 / 15.00]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; R_MIXED_CHARSET(0.62)[subject]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[2a00:1450:4864:20::334:from]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; SPAMHAUS_ZRD(0.00)[2a00:1450:4864:20::334:from:127.0.2.255]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::334:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Apr 2021 15:19:24 -0000 Even with the fixes cap_sysctl still returns EPERM for that simple example. =C3=8En mie., 28 apr. 2021 la 17:41, Mark Johnston a sc= ris: > There are two bugs in the example, also present in your WIP. I fixed > them here: > > https://cgit.freebsd.org/src/commit/?id=3D44bbda649dc6c1cdc5a99641e14c771= 57967e140 > > On Wed, Apr 28, 2021 at 05:22:22PM +0300, Ionu=C8=9B Mihalache wrote: > > I update the code now [1] but still the same error. Even without any > limits > > the cap_sysctlbyname fails after using cap_enter. > > > > [1] - > > > https://github.com/FreeBSD-UPB/freebsd-src/blob/c54dce7590b065a757dff0f68= fd921aca380670f/usr.sbin/bhyve/bhyverun.c#L1567 > > > > =C3=8En mie., 28 apr. 2021 la 16:52, Mark Johnston = a > scris: > > > > > On Wed, Apr 28, 2021 at 02:30:26PM +0300, Ionu=C8=9B Mihalache wrote: > > > > I tried to test the example from the documentation between here [1] > and > > > > here [2]. The code stops here [3]. > > > > > > I think you're referencing an old version of the cap_sysctl man page? > > > See the example from the copy in your repo: > > > > > > > https://github.com/FreeBSD-UPB/freebsd-src/blob/3a08ffe4839de9b8396b1760f= 1dc42b066428807/lib/libcasper/services/cap_sysctl/cap_sysctl.3#L122 > > > In particular, when setting limits consumers should not be building > > > nvlists directly. > > > > > > > [1] - > > > > > > > > https://github.com/FreeBSD-UPB/freebsd-src/blob/3a08ffe4839de9b8396b1760f= 1dc42b066428807/usr.sbin/bhyve/bhyverun.c#L1538 > > > > [2] - > > > > > > > > https://github.com/FreeBSD-UPB/freebsd-src/blob/3a08ffe4839de9b8396b1760f= 1dc42b066428807/usr.sbin/bhyve/bhyverun.c#L1585 > > > > [3] - > > > > > > > > https://github.com/FreeBSD-UPB/freebsd-src/blob/3a08ffe4839de9b8396b1760f= 1dc42b066428807/usr.sbin/bhyve/bhyverun.c#L1581 > > > > > > > > =C3=8En lun., 26 apr. 2021 la 20:40, Mark Johnston a > > > scris: > > > > > > > > > On Mon, Apr 26, 2021 at 05:16:14PM +0300, Ionu=C8=9B Mihalache wr= ote: > > > > > > Hello, > > > > > > > > > > > > I am working on adding capsicum support for the bhyve snapshot > > > feature. > > > > > At > > > > > > the end of the suspend process, the guest should be destroyed > and the > > > > > code > > > > > > handles this part with a sysctlbyname call which is not working > in > > > > > > capability mode. I don't know what is the problem but even when > using > > > > > > cap_sysctlbyname I still get the same error code (EPERM). I > tried the > > > > > > example from the documentation aswell [1] and still the same > error > > > code. > > > > > > What could be the problem? I have a FreeBSD13 host and a > FreeBSD13 > > > guest. > > > > > > > > > > I'm not sure why it would happen unless the casper process is > somehow > > > > > running as a non-root user. Can you share the code you're testin= g > > > > > somewhere? > > > > > > > > > From owner-freebsd-hackers@freebsd.org Wed Apr 28 15:41:19 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 970C55F8114 for ; Wed, 28 Apr 2021 15:41:19 +0000 (UTC) (envelope-from markjdb@gmail.com) Received: from mail-qk1-x72c.google.com (mail-qk1-x72c.google.com [IPv6:2607:f8b0:4864:20::72c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FVjXZ5dqTz4nq5 for ; Wed, 28 Apr 2021 15:41:18 +0000 (UTC) (envelope-from markjdb@gmail.com) Received: by mail-qk1-x72c.google.com with SMTP id q127so4799260qkb.1 for ; Wed, 28 Apr 2021 08:41:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to; bh=7ppnMoDutvPWgtUw1hTIP6z4cJLhF1HuwODEAA39ZHQ=; b=q7XeKOhB6eiyjB9Bw4APcijSLIPSOAEXY+ikbdrr1llI3KASGJSTMexvK93E4u6T0H tvDcoNUJ7vCrYLXRBl4NkeUFkWeH95sfpBvDEjUfO2uUJ2UUH1QisGppazvgwXtX7+HF X1D8s5eZwBUr/93xzFGV6zsgLsWYLrvVvQLaxuiLcAcfyL/P/hP2IVY7YX5Yk2I2ELGW KSHBjdyUDeJ+DXMAt19NGqB0eBw6xKOdJflAAjigOdVHvz8C7e38EEooDzr6T0UmOsCi 8pAq+Iwcjelr/be1hN6K9MzB+doeRtU2Su+cTCCGCee+wh7wdCsCgWxT+TkaoaJKzAIZ sU7g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:from:to:cc:subject:message-id :references:mime-version:content-disposition :content-transfer-encoding:in-reply-to; bh=7ppnMoDutvPWgtUw1hTIP6z4cJLhF1HuwODEAA39ZHQ=; b=f9r+uvBzgd32DBYRVnoon9F6PogrdStEaxU1NpZdqEuE6+lQdwYXjovx+AdV7tHWRi 5Gj7nJNWF4hguJAbhnQrcQogkKZ11NnH3ow7zT2n2QA+mkcbmJEhW5qMPQnVeRFpC7ao 1vIzwJFU+BBzMpMSgCC7wRZiAnxVSvfVPq5LnOB9TTbMgmHEigjjZd7G84qsvcyyB+2r RLugXfhUCAAKil86LwODePG2XxciH6OF2BQ7g5c0aEyDwemnsuRbatiZYCJLtP6tGppa TIOUz05Q+iTqcciufooDVH8wHC9IN4TrFuWajKZY9P09vCCs5+9PY4K4TIJ8sR7vpLxH XhHw== X-Gm-Message-State: AOAM532BfJv4bVHJLMgCdjmQW+9ge3J01DPpvFzOiI08Gpd5M6GQG8by y0biH04PE4d0rE2UuW2s5hs= X-Google-Smtp-Source: ABdhPJxwbZrYmONyuOHNGWtqdo19IU5CSIoQlayUoJTJvYpudy9Qh72SWXiP49MrnAr6hrlLPiSRfw== X-Received: by 2002:a05:620a:228b:: with SMTP id o11mr1612348qkh.489.1619624477554; Wed, 28 Apr 2021 08:41:17 -0700 (PDT) Received: from nuc ([142.126.164.150]) by smtp.gmail.com with ESMTPSA id w4sm46813qkd.94.2021.04.28.08.41.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 28 Apr 2021 08:41:17 -0700 (PDT) Sender: Mark Johnston Date: Wed, 28 Apr 2021 11:41:18 -0400 From: Mark Johnston To: =?utf-8?B?SW9udcib?= Mihalache Cc: freebsd-hackers@freebsd.org Subject: Re: cap_sysctlbyname for hw.vmm.destroy Message-ID: References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-Rspamd-Queue-Id: 4FVjXZ5dqTz4nq5 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=q7XeKOhB; dmarc=none; spf=pass (mx1.freebsd.org: domain of markjdb@gmail.com designates 2607:f8b0:4864:20::72c as permitted sender) smtp.mailfrom=markjdb@gmail.com X-Spamd-Result: default: False [-2.70 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FREEMAIL_TO(0.00)[gmail.com]; FORGED_SENDER(0.30)[markj@freebsd.org,markjdb@gmail.com]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::72c:from]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; FROM_NEQ_ENVFROM(0.00)[markj@freebsd.org,markjdb@gmail.com]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; TAGGED_RCPT(0.00)[]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; DMARC_NA(0.00)[freebsd.org]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::72c:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::72c:from]; MID_RHS_NOT_FQDN(0.50)[]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Apr 2021 15:41:19 -0000 On Wed, Apr 28, 2021 at 06:19:09PM +0300, Ionuț Mihalache wrote: > Even with the fixes cap_sysctl still returns EPERM for that simple example. Are you sure that libcap_sysctl is actually being used? In other words, are you compiling with -DWITH_CASPER? If not, the program will call cap_enter() and then try to read the sysctl directly, since cap_sysctlbyname() will be a simple wrapper for sysctlbyname(). > > În mie., 28 apr. 2021 la 17:41, Mark Johnston a scris: > > > There are two bugs in the example, also present in your WIP. I fixed > > them here: > > > > https://cgit.freebsd.org/src/commit/?id=44bbda649dc6c1cdc5a99641e14c77157967e140 > > > > On Wed, Apr 28, 2021 at 05:22:22PM +0300, Ionuț Mihalache wrote: > > > I update the code now [1] but still the same error. Even without any > > limits > > > the cap_sysctlbyname fails after using cap_enter. From owner-freebsd-hackers@freebsd.org Wed Apr 28 20:24:40 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id DA3E56213AA; Wed, 28 Apr 2021 20:24:40 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: from mail-ej1-x62e.google.com (mail-ej1-x62e.google.com [IPv6:2a00:1450:4864:20::62e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FVqqW5S0tz3L4h; Wed, 28 Apr 2021 20:24:39 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: by mail-ej1-x62e.google.com with SMTP id u3so17834304eja.12; Wed, 28 Apr 2021 13:24:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=WaQ1AYUNFsGqpXUxlOu259Hw9o0TSksqJVfpZl4DBL8=; b=SqHyU33olYnG1O8G02lihvag/YUVv0q623Y0U8ivi2PHjHkAjhf0eZsl3TG7dW3LAL DJOduvNcU2yHa+kX6i0bfnh3MNFWIyzkjiK1MElDsDeuUvvX+ERuFG0ulWrcMRx8LDUt hVYn0mqGaCdGEMzV39qAYpWVxzlK/ywtMjG6kaZxWBmKgSBNRAlttFGLgbCpMOdPOj0M QmZN53zeNqMyEv8gski8RRZS7srQ1GFV+koB/Wb0TSKcEWljlzFLzCLgbOyhYCLw4ENt FTOwpw83/vfVd3ZYf3JwBa6z0KLOMb+Wh3uML0Jdzs7Uu5ploqOdKe+Q+TtzCBF6RRhz +85g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=WaQ1AYUNFsGqpXUxlOu259Hw9o0TSksqJVfpZl4DBL8=; b=NrkDgYPHI+bRrs13TkQipvn+w6AvTT8hWdOaP0ylu4/O5mn3gONsUR864satA3qkPj W+23R/fyXCLKkyCi6uAI1in4ejoccBkeQnZBOLhbHesa3HsZQEZUmoay5RH3LI47K3YC X5AGW1EqLfQzKfHeeUBcg2+bqVopPL87PnPGC74UI3NlHtqbePtoZe0UlIF8+8CgwBNN SS4Isv8IoTCLXYP+WW/EN+Vo7erqyKpmQgZ1BOG89NuqEVydWm1JRAPLAsSD0PPFIV3Q U9HTVLjeaHMIsO29u75r7qJ7GpOJaZHFmE4zlKS1IzdiT/tzZTsM/B72iWiPA+qomoy4 ZwLw== X-Gm-Message-State: AOAM531rIERG1vFiemy4JzpbM9wDKdwMaBlFf06qqSrZTXG6V4UswUFS kThruA7AYTUJgqikP+xTVFSiUSuM3PGq8QN7QJah3BdJ5efZMMN/ X-Google-Smtp-Source: ABdhPJymeYKbpB164tKGZd1sbS/D5zCYpO6g6/TGE5D5vFTn7DqtNwWzCPc4q4Cy4sssy3af6uo6suVxwbUtvm9pPus= X-Received: by 2002:a17:906:374b:: with SMTP id e11mr9536989ejc.328.1619641477875; Wed, 28 Apr 2021 13:24:37 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:ab4:8fc9:0:0:0:0:0 with HTTP; Wed, 28 Apr 2021 13:24:37 -0700 (PDT) In-Reply-To: References: <20210425184323.GR18217@blisses.org> <1219846208.215399.1619466917981@privateemail.com> From: grarpamp Date: Wed, 28 Apr 2021 16:24:37 -0400 Message-ID: Subject: Re: Bug bounty framework? To: freebsd-hackers@freebsd.org Cc: freebsd-questions@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 4FVqqW5S0tz3L4h X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=SqHyU33o; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of grarpamp@gmail.com designates 2a00:1450:4864:20::62e as permitted sender) smtp.mailfrom=grarpamp@gmail.com X-Spamd-Result: default: False [-2.48 / 15.00]; FREEMAIL_FROM(0.00)[gmail.com]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; TO_DN_NONE(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.48)[-0.484]; FROM_EQ_ENVFROM(0.00)[]; SUBJECT_ENDS_QUESTION(1.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[2a00:1450:4864:20::62e:from]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; MIME_TRACE(0.00)[0:+]; SPAMHAUS_ZRD(0.00)[2a00:1450:4864:20::62e:from:127.0.2.255]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::62e:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers,freebsd-questions] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Apr 2021 20:24:40 -0000 > BountySource quietly takes money from your balance as a "fee for Anyone can announce, fund, or even blog their own work on whatever projects and bounties they want, directly as developers or subgroups or entire OS projects, or from different groups of users or interests even corporates, with or without intermediary coordinators or coordination, even completely private with privacy capable coins, create M-of-N multisig completion of work contracts, endowments earn interest/dividends, etc... limitless varieties. Decentralized distributed cryptocurrency is the way forward and is the future, GovCorp money, payment, and financial systems have been deprecated since "The Times 03/Jan/2009"... https://coinmarketcap.com/ People are using cryptocurrency today. As such, all FreeBSD entities, devs and users should have a number of wallet addresses from among the more popular cryptos already generated and at the ready to receive/send. People would surely tip 10 DOGE to each of the next hundred bugfree commits, and 10 BCH for... Adopt and use crypto today :) From owner-freebsd-hackers@freebsd.org Wed Apr 28 20:57:26 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 69619622281 for ; Wed, 28 Apr 2021 20:57:26 +0000 (UTC) (envelope-from marklmi@yahoo.com) Received: from sonic316-55.consmr.mail.gq1.yahoo.com (sonic316-55.consmr.mail.gq1.yahoo.com [98.137.69.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FVrYK1bR2z3MJG for ; Wed, 28 Apr 2021 20:57:24 +0000 (UTC) (envelope-from marklmi@yahoo.com) X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1619643443; bh=FfnqdV09XPfIePOoo6uPIjlOvwTN1snVwngfCxYJZBY=; h=X-Sonic-MF:Subject:From:Date:To:From:Subject; b=iVvsuB56a6keBNq3/vBC6o6Di2XU3sVCD2KE3ifMiN9gzJq65Xk+ZeJHvTYncd8MLvKfyLUsbcWUEIvbvAUpNPpoIQMLNsq9+f0x+9Byvp/rySV0joruS9Qcs1oEE5eiBo6OwjkgqTbzKk0VM11V1nO5+mwIehN5qhOuSFSn9kgvzgZbXkOy0L0af8A/bimhuhvkE1Z6GJn8pQCSR0mRT7quslzysiIJwF3sQh/zZsXlTg8/VgznYNocu8RxNOnK5xeZV1xFhDUH2X2wrDNqGlT82fbrxzeIrGnFGlT3ahebcP7E3LdUnAonP+wAOg5XCuIvA3ddikKDGI+D+vb20A== X-YMail-OSG: dY0GNJkVM1ltQvELKt6yiSGTPC0kRbC3HPPIDYvZTwdfuby.jHHXOsJoACyTMS. pUDXlidzZexUJf0Nj__fyTlGxW.5dOObEjR2NuqXBiB8vwaFKAVJgc_pDnzYnCetZswSH7a_n8b5 CgYjxzv10Y1DqLhMpANbRlGkH1WWPJoBPFITsX9AQocvjbUaG1XZ84DG2aXSkpQcsA3X5XBlMbza V6ecbZzuUnXYzKs7PhIScEe_YI_NTLyncGhBAnHVg6CrfDPbviosRje7oryxA5mi1xoIFEXx2gzF S1IQwqiUjU0GBLvOFyp8VodO3P2hNh08G26MWvVw.XzzEeGJ2ZP1JUcXUCir0eqtmR3vH33meFMG Yo6qfAcChMNsU6pFm50S92jjneyRqQR5VCfBHmwcC5_wui7PzNWYfYiHxIHGQrfDeLeASvgYGMKY YTCTV2Gl6PAtAmn.Roy87MHHXA2xhBk6vgLSl_j0kmUsPcbNR7lDkzuLhN9oUEeL67VNomqT5Vtg nesPzw3r7h7.WjfiTRU.MkR1na0rj4tbnzNV_ajn1B3Wb6r_EgT_VPHoyyxsOj_Byn3IOyNTfnFx 86sE0N.YZlJmiu9w4OAMYFOd1Vom7MmC2L8rKhbWHlPwdPYvrO9Ed1f6HoojSVJdGkVWWelyWKbQ .RPlD8gfVzWsa22vslkoH99V24inhdLQm0g1wHz02GsvEhO9hnuVDQzFXNTMOIvWXJp8HBrkO7r3 Rv169zAxbv4nds9E3yjHEyCnZPjj2mo7G_waApng08BEWbQxSVIW0YChr2I32bWZh9HZaNqkfXhu pdzL3KFjvy5qqzHp31bMtStYV29M89tsPpdjbgO7eCUgloWbhYHIaXwl4hB3ML15RdpAi3FCoHHi 01IiztWaP.c._vexL6PlljloDjRb2QEgb6tTPrle_XlpjLngvYzLewAtxL8GMZ1QBFuSZ.OGzE4o Ey.jm8qoss43yMOJ95yZP2SgXgeZVs.v_sx0yiGnFZRmyrB6pLhgsURETt5WGUI.3FdKz7ll..9d U9xa60VieS8S.jeG.xJ4E2NcmzvfvNSuI97Zke2lm3r2fmFof7FJukQ9CmlWv2cFGSDoVWH9Ig2z msEvEJh6ygzyoD60VKQbsx6e1btfQS4oV2W_9piGYzw4AVYLv86jOgo4eMyL8gcz_yctkyspqELH 2du_0NQbKFXycOTfZLdNQc4SVOnPwV5WUd0l2qOscrtJCQQ6ywqZmIgZ7KhtBhE.13fZeqmPePq_ JRYtLg5kQBQvEZ9ylYBNIy.64Z7w3nokvZWrnD3HnXrBf_VTFzeM_UgdUfWkhKMmq.WCkmUCqmdH WqR3Kr3Vr4PG2rbF4Phg47AzZNsMQXgfkOkNZpouaa8eqhPnueuYtEK42xo1oRmBlCg5OzcfyEPg MuwRWFLFAKFnSKBtBQjqHH_Ergov6H_kEk8..6D7SUTZTCuXOWtqTW0V7XmRGSeC9JrKXya7eXZ4 2x7AxewP8Pkx9mJhRGRfaymk.lnnGuasUtKyRLLfeYO4lA6X8RP._WUp_DHsmBabJYHnjze42x.t KlTZLOI02usrayZGb6mCBgEcwzk4sTFYFR2YFE8zLom97toBsZMD7N0MoGz2qmq..2oESXRsbJyI MhqQ8kdspanWW948GRS9PL3vpM_bHJUHYwrZnUv_S6RykxJpngvslF3IrdRd2EYPh4tauME8XYOh 1ZRpx2WBvWdIyAoOkGwW61FYfxHidl0KOl0btDJ1UHQcBo_awLH2uEgrsWHlR8SmZFbizmqsTor1 9fq0il55EA2xzPh9HPSwVLbzoq34phuQWsUkQZq2gMf3hYH9y0q3h6vxIQcI2Owa7bLMYAePGN3. uLregQmw0V74toNEqPjaLLijgOy0xG.o78IjmOaKSC2nYAhQiPP69znBVxdhDj8s2w7U6bFz3DnK wVGWdkbZiQEwa4lsxV0WMeZWiqyHLduiEJeCRxdUdr6Ibwy8zmdlJdekywwCx9ntgYRkarY1Aenq rjaAQH2WV.nT4Pq6qOgB2ggo5cxoAQ_tqjhsuNjR5PpQQbznQrAC1Bayt0SdP.SPtSnqwi8So_Tz c0PxEOLaUpH4qn4ujrreZry_mOINg39X1al618IsENaZDH.42E.KBLkFm3B4xYdqkHUyyKEIBuia l35OACHJkaB6R2QL5Ef8wHZ50yFyvJEU_dSaB0A0eKq2KquiVQSM.8f2eRwB77ZHr4FANB2Z18yR g._lQL7a.sRCQjFn7aNXOaITkEWhkrYDXvBtERxcEfnvWLZXJFcEDJA1WBhXNsgsLP61b5OQHfMt rSuIaKvCKotLc05ZOBjR2y7fDHpEF7BPSMV5UfAn47EklvBk9NwpgQ02YkBEF.njVKFslTKzE1qr plYWohVMO82_WIFGabp3gI1rRn_2UkkhvRrGOAhl5lPK2EG_oQjCqe8rTh1lMAc1ohe3q3uxbF.x Q2gdDPxOurzWRJ6EJ.LBVrYLUMEM0SJH3BEVVHTa5Dt3xozaineZCBZFhWRv69SzQfIb7.g-- X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic316.consmr.mail.gq1.yahoo.com with HTTP; Wed, 28 Apr 2021 20:57:23 +0000 Received: by kubenode573.mail-prod1.omega.gq1.yahoo.com (VZM Hermes SMTP Server) with ESMTPA ID 38485bdf339202ee3edf3d5e42a72267; Wed, 28 Apr 2021 20:57:19 +0000 (UTC) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.60.0.2.21\)) Subject: Re: Issues building FreeBSD-current (head f9668e4) From: Mark Millard In-Reply-To: Date: Wed, 28 Apr 2021 13:57:18 -0700 Cc: freebsd-hackers@freebsd.org Content-Transfer-Encoding: quoted-printable Message-Id: <60A64E80-3B76-4760-B793-283FDF163D21@yahoo.com> References: To: jake h X-Mailer: Apple Mail (2.3654.60.0.2.21) X-Rspamd-Queue-Id: 4FVrYK1bR2z3MJG X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.50 / 15.00]; TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[yahoo.com]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ptr:yahoo.com]; DKIM_TRACE(0.00)[yahoo.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[yahoo.com,reject]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[yahoo.com]; ASN(0.00)[asn:36647, ipnet:98.137.64.0/20, country:US]; RBL_DBL_DONT_QUERY_IPS(0.00)[98.137.69.31:from]; DWL_DNSWL_NONE(0.00)[yahoo.com:dkim]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[yahoo.com:s=s2048]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; SPAMHAUS_ZRD(0.00)[98.137.69.31:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[98.137.69.31:from]; RWL_MAILSPIKE_POSSIBLE(0.00)[98.137.69.31:from]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Apr 2021 20:57:26 -0000 On 2021-Apr-28, at 04:39, jake h wrote: > Hey everyone, > I have been having some issues building FreeBSD-current from src, on > freebsd-13 (build 1300500). It appears to stem from several files = compiling > with -Werror , despite my specification in make.conf of -Wno-error . = As > these files then have warnings, the make kernel exits. A log of the = error > is attached. > System info: > Current version: 13.0 - STABLE, build 1300500 > make.conf: CFLAGS=3D -Wall -Wextra -Wno-error > Attempting to update to: 14-CURRENT (Git head f8668e4) >=20 Your use of the number from sys/sys/param.h : #define __FreeBSD_version 1300500 /* Master, propagated to newvers = */ is a bit problematical and does not identify a specific build or a specific commit. It would be incremented for any addition to the kernel Application Binary Interface, for example, but is left unchanged by most development activity. The 1300500 number was established in: author Glen Barber 2021-02-05 16:38:27 +0000 committer Glen Barber 2021-02-05 16:38:27 = +0000 commit 3c6a89748a01869c18955d5e3bfcdf35f6705d26 (patch) The next change to the figure was 2 months later, in: author Konstantin Belousov 2021-04-05 03:05:44 = +0000 committer Konstantin Belousov 2021-04-23 = 11:14:06 +0000 commit c3f97dd75a1c294c4f60f42b604ee8bcda17be09 (patch) It was changed to be: #define __FreeBSD_version 1300501 /* Master, propagated to newvers = */ All builds of any commit on the stable/13 branch between those use the 1300500 number. (On 2021-04-26 it was updated again, this time to 1300502 .) As for disabling treating things as errors . . . "man src.conf" reports, in part, WITHOUT_WARNS Set this to not add warning flags to the compiler = invocations. Useful as a temporary workaround when code enters the tree = which triggers warnings in environments that differ from the = original developer. WITHOUT_WERROR Set this to not treat compiler warnings as errors. Useful = as a temporary workaround when working on fixing compiler = warnings. When set, warnings are still printed in the build log but = do not fail the build. Direct manipulation of CFLAGS for this is not recommended and various Makefile contents may override the attempt to control CFLAGS (or part of its content). Other difficulties with having context to provide help . . . You did not include the text of the specific commands in the build that generated the output that you provided. My recent build of main (so: 14) was as of commit 1b00608b264f . The buildworld buildkernel sequence worked but was based on building from an environment running based on releng/13.0's release/13.0.0commit instead of on a stable/13 commit: # uname -apKU FreeBSD CA72_4c8G_ZFS 13.0-RELEASE FreeBSD 13.0-RELEASE #1 = releng/13.0-n244733-ea31abc261ff-dirty: Wed Apr 28 05:45:27 PDT 2021 = root@CA72_4c8G_ZFS:/usr/obj/BUILDs/13_0R-CA72-nodbg-clang/usr/src/arm64.aa= rch64/sys/GENERIC-NODBG-CA72 arm64 aarch64 1300139 1300139 But I can not even tell the relationship of 1b00608b264f to what you tried to build: https://cgit.freebsd.org/src/log/?qt=3Drange&q=3Df8668e4 reports no match for your "Git head f8668e4". Nor does: https://github.com/freebsd/freebsd-src/commit/f8668e4 find a match. For reference, for the main (so: 14) that I built . . . # ~/fbsd-based-on-what-freebsd.sh branch: main merge-base: 1b00608b264f1fac846e571e23d8ef7134834638 merge-base: CommitDate: 2021-04-27 19:18:13 +0000 1b00608b264f (HEAD -> main, freebsd/main, freebsd/HEAD) Merge llvm = commits for kernel address and memory sanitizer support n246360 (--first-parent --count for merge-base) and for what produced that output: # more ~/fbsd-based-on-what-freebsd.sh #! /bin/sh branch=3D"`git branch --show-current`" \ && echo "branch: $branch" \ && base=3D"`git merge-base freebsd/$branch HEAD`" \ && git log --oneline --no-color $base..HEAD \ && base_date=3D"`TZ=3DUTC git log --format=3Dfuller --date=3Diso-local = --no-color $base^..$base | grep CommitDate:`" \ && echo "merge-base: $base" \ && echo "merge-base: $base_date" \ && git log --oneline --no-color $base^..$base \ && echo "n`git rev-list --first-parent --count $base` (--first-parent = --count for merge-base)" When booted uname -apKU reports for the installed main build: # uname -apKU FreeBSD CA72_4c8G_ZFS 14.0-CURRENT FreeBSD 14.0-CURRENT #0 = main-n246360-1b00608b264f-dirty: Wed Apr 28 01:22:56 PDT 2021 = root@CA72_4c8G_ZFS:/usr/obj/BUILDs/main-CA72-nodbg-clang/usr/src/arm64.aar= ch64/sys/GENERIC-NODBG-CA72 arm64 aarch64 1400012 1400012 =3D=3D=3D Mark Millard marklmi at yahoo.com ( dsl-only.net went away in early 2018-Mar) From owner-freebsd-hackers@freebsd.org Wed Apr 28 21:13:20 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A302C6225CA for ; Wed, 28 Apr 2021 21:13:20 +0000 (UTC) (envelope-from marklmi@yahoo.com) Received: from sonic317-21.consmr.mail.gq1.yahoo.com (sonic317-21.consmr.mail.gq1.yahoo.com [98.137.66.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FVrvg4XtXz3NF4 for ; Wed, 28 Apr 2021 21:13:19 +0000 (UTC) (envelope-from marklmi@yahoo.com) X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1619644398; bh=QHi8rOdvm1+ZvvTfDy6DnrcJtSRckmvT3rNlPlm+poe=; h=X-Sonic-MF:Subject:From:Date:To:From:Subject; b=eCzN6FQIl6Vula00+H7cim5x2hnCnEM2NqCuPK7IyVdnKZIzVTHIcMZ3+YbTF5je+7p1/SoWhZDxT9p/9nH2Wk+PBDchw+W9RDoTtCqSQEhXNowj85enVSArLyChltFRMQfBpXfEY5M4qdhdmMKRlrsHGjIWZCvQwm/6x+AHr3pKSQHPSsBquUkxJ9B3Je8YiVlXDegTZhVIA7tJ46AXYLHMgO9pSxUx8zYj1ciSxOFm1my5X84gkl67P3u+alg137xOCp8QJmzBE+EN1eQuBE+7PKdnsy+2gtj2B4BLrsxu4xFD0c0Qc1uweYtqtO0CrK00qfyuuiMi/aOKHzkMdQ== X-YMail-OSG: ARN002sVM1lrL8GtXsGVFViBBpnF7lLbMcB102VOVI_JAPo2bLYMrXOJT4gJG6U isdknP1znhyxFuw6NOQO6bbajUyNEfXc_CJ2t3_ff2o_DbDJciPvGPOcXp1t7_cHbscH1NM_ZJ9p ohxTBBBZ06ZgZJ5qeVS6x_fEuCn5FTjrRCqGbSywDVvxs6IHb7kbN9SvMxnme5aCg8z84_XMD10e 4sBNwONL_v719JMwK_FltELOdHnFKX7cWhWrcV0YbgiWrnDLtFRUvW4DigfTW10pCjedUzEbnNCr DyVlkwq7UHKhSL6t0YJXMjdsh4bhs_PYwvRum8LySSWhFIOpnD0mKKIRGqqcyw4j.evDhNy.iAPo BnXrUlP5uQTbF6ynF4rDhBbG5SN1syQGQLO9Fc5iZ0kogFto3dd1bRBRFhH5dg.V48_AcgOCfe44 _Xh3tTRVIBx1vcutMXFnc8yhw9Hd00W3GZpAR1s9iahmyEfeed5kMzBTWA4B_pLVMhWy0TGEtz7Z dwUuOQR96AqfTRr0BGdqhU6cthbJoVSQYscBtR2nC5juSfziAM0GaPgdVsxDFuqgwxxlwUkRqpO3 sp4G5EZIWjpwfLp015i7YoW7rNXnGh0YJ.bqW0aYZTMRy.wT2_kFSFI3bUC1dydCX0cCSqrbnpGP Md.E9jUxDhDiG4i1Sk6QK_enX2Pdy9_SYOlgjB_VZQ5MeBxAqP7e7KAwpQclhziLtphobjiO7RQB S6cwOCUbUbwF1wuoJsSDUtU6aExduQUtCbMHcEEheZgJ6HyXwziie0DwGZJwlfqHgLGplEJug0Pr epf_PScbQMDW8eO2oVB2COXqBCEnuSke6uW5c8buIMHMfjC4Ipd71cwqUnZ6XMlHs7yyRr5LABJ1 wY69Fe8TRBLADmnvIp4fFzJilThSadovXQUI0mrXC_WOsOCdjvZQl32jnEtCfqg240LYCAPl8Q4O XxJ3RBXiVFXoOgTI9x3q1Tuso1U56V3K.tR5OntA984F.Zx2zM_mabituKNYrLOE4h0c6V8J9L84 KIV1sP5xUBdr4LcJaODrnvLEIzM3dxQJTAD7T689LsbHMNfD7GE2me6CVslSjNsdvkiEsABh5B9y QeWBQpXts6aRQbQBHnXw_TcWiwp_7vynitm6D59ybZLzf8S_IMoqjtEgEWCzXaN8sPxr5YHmK52s DqFjw7meEIeogC5In8dlH1kToEQCczZ1kZMyXRNRVgDJagOj6hMybpmYLD0TQmaAu9A9Y4pkeomF 8u_qLyjoIWcpXrXWqlrZgx8QnVd5Jys1u2AAxqSKRoNcTmb.9V2gA5JIC45GRQSxFHcCeeeYdRDc tEpB1QfXxwocUo3dJizAWNy0uyZGuvFVfTyc4U9j1gLm1V5odxRS_E2gzF.b19bHmucGHAPgs19J dZmGOCELOys7DdmaBhFDkz6fJXkHcv1HtbAhyq6Ac0t4sP8p.8TJN4apqlPzMJPwfn2wEApE5vlN 2KlLyxyva0JvzXIhYnCF70WSeATPvfqrUjdx3gSOUEwdF.zKHIvOcbTVJhZdMY6BKtM8r_Kgt9cK _q8c4NY55NRB8R7QAxK1koehmBEcI.m_8d_rLvgXebSA3xw8d0CfNrOHISVZMIaMsbpb5w6eYHPd TsEMZEAYVOmcO5jog4VzuIl.GttSLcKqBpVz6zs3f3R3kTgG.lhwNyuVhoPgOVSUVijS4NsGF6Hd R421CHeuo0zlqvt6YOZNcLrmFupskNW_sDDyZSTNHugwuhWoqMoCDeq49HS0opoVVmXI6bZtwQMI BKIyakdaAw4YgCigTkJiG0Aml_GwVu5MQfeJUOnnBtIu7vREM.xR3JNIXOxAGeG_G1axdoj5u1_S 9MRWD.m9r8fYSBjyKQe06krEOMZ_h7mOQELXu0TjImWR2bRpHwX8wuyv3ChsNpfCiOO0X3CD5Otv 49wJax2Ac2fxpNh1dhFvgb4vLEN3jnV8oLsPWhR9.e_m9F.EFRLlx.SIJ_ft3KJyjH4gm4HiE_yw NNwPGxQ0g4arqfV6V8etwT569sabSMOxQWuFuvlK4IDznzP2FSfJ0uWrFQ0C.lXJNB4ww.RWdSrb RDL1z16rliXkpbKJ9cxRIBTXaObPmzQ2lUi8aRWcCYaHBtgWbCxhZCONgnwc4MZWahD_EKfZ92wD 9oldJtBGH7d2YfrX6btlM5LGjcLe.mDyhBhwCF9owjtlovX1NfNjQ4SaZ7Yys3UIPpkcrOpVQXdO 6yhAcD3kj.KraEmkHHcX3eG.7JZJOWh6NvbOHzG1pKctO1r8FwiZhEzwsOS9AjXxlaBlMI0DLP3h ztjs9mHNzugvJpCtWyH6dW2f5wq6lF90QPDZkGFBX213.B1CFtNGM95na.C0wsUOF68h66joJ6q1 OQXGsfrAOz5YxzuexL23ZnCR6P6E_kNP_ImcOtUlaJbdGs_uH5goKxjqqBeCpf.YGDkmejweFbjC Nvb5G6EUFMTifWea8mSq93FFHv.266pcnMQAiZGH8MpsJNixtxmmg3WDoNzWIt70_ow8xpNkjyZV 6KfRK2INTK_BFzxE9o6VL2pOX1AoA2_QrCEcbeaonuigXFfr6 X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.gq1.yahoo.com with HTTP; Wed, 28 Apr 2021 21:13:18 +0000 Received: by kubenode572.mail-prod1.omega.gq1.yahoo.com (VZM Hermes SMTP Server) with ESMTPA ID ee7bc60df5b1d6a375ac54e03e4fcb4b; Wed, 28 Apr 2021 21:13:15 +0000 (UTC) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.60.0.2.21\)) Subject: Re: Issues building FreeBSD-current (head f9668e4) From: Mark Millard In-Reply-To: <60A64E80-3B76-4760-B793-283FDF163D21@yahoo.com> Date: Wed, 28 Apr 2021 14:13:15 -0700 Cc: freebsd-hackers@freebsd.org Content-Transfer-Encoding: quoted-printable Message-Id: References: <60A64E80-3B76-4760-B793-283FDF163D21@yahoo.com> To: jake h X-Mailer: Apple Mail (2.3654.60.0.2.21) X-Rspamd-Queue-Id: 4FVrvg4XtXz3NF4 X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.50 / 15.00]; TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[yahoo.com]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ptr:yahoo.com]; DKIM_TRACE(0.00)[yahoo.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[yahoo.com,reject]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[yahoo.com]; ASN(0.00)[asn:36647, ipnet:98.137.64.0/20, country:US]; MID_RHS_MATCH_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[yahoo.com:dkim]; ARC_NA(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[98.137.66.147:from]; R_DKIM_ALLOW(-0.20)[yahoo.com:s=s2048]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; SPAMHAUS_ZRD(0.00)[98.137.66.147:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[98.137.66.147:from]; RWL_MAILSPIKE_POSSIBLE(0.00)[98.137.66.147:from]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Apr 2021 21:13:20 -0000 On 2021-Apr-28, at 13:57, Mark Millard wrote: > On 2021-Apr-28, at 04:39, jake h wrote: >=20 >> Hey everyone, >> I have been having some issues building FreeBSD-current from src, on >> freebsd-13 (build 1300500). It appears to stem from several files = compiling >> with -Werror , despite my specification in make.conf of -Wno-error . = As >> these files then have warnings, the make kernel exits. A log of the = error >> is attached. >> System info: >> Current version: 13.0 - STABLE, build 1300500 >> make.conf: CFLAGS=3D -Wall -Wextra -Wno-error >> Attempting to update to: 14-CURRENT (Git head f8668e4) >>=20 >=20 > Your use of the number from sys/sys/param.h : >=20 > #define __FreeBSD_version 1300500 /* Master, propagated to newvers = */ >=20 > is a bit problematical and does not identify a specific > build or a specific commit. It would be incremented > for any addition to the kernel Application Binary > Interface, for example, but is left unchanged by most > development activity. >=20 > The 1300500 number was established in: >=20 > author Glen Barber 2021-02-05 16:38:27 = +0000 > committer Glen Barber 2021-02-05 16:38:27 = +0000 > commit 3c6a89748a01869c18955d5e3bfcdf35f6705d26 (patch) >=20 > The next change to the figure was 2 months later, in: >=20 > author Konstantin Belousov 2021-04-05 = 03:05:44 +0000 > committer Konstantin Belousov 2021-04-23 = 11:14:06 +0000 > commit c3f97dd75a1c294c4f60f42b604ee8bcda17be09 (patch) >=20 > It was changed to be: >=20 > #define __FreeBSD_version 1300501 /* Master, propagated to newvers = */ >=20 > All builds of any commit on the stable/13 branch between > those use the 1300500 number. (On 2021-04-26 it was updated > again, this time to 1300502 .) >=20 > As for disabling treating things as errors . . . >=20 > "man src.conf" reports, in part, >=20 > WITHOUT_WARNS > Set this to not add warning flags to the compiler = invocations. > Useful as a temporary workaround when code enters the tree = which > triggers warnings in environments that differ from the = original > developer. >=20 > WITHOUT_WERROR > Set this to not treat compiler warnings as errors. Useful = as a > temporary workaround when working on fixing compiler = warnings. > When set, warnings are still printed in the build log but = do not > fail the build. >=20 > Direct manipulation of CFLAGS for this is not recommended > and various Makefile contents may override the attempt to > control CFLAGS (or part of its content). >=20 > Other difficulties with having context to provide help > . . . >=20 > You did not include the text of the specific commands in the > build that generated the output that you provided. >=20 > My recent build of main (so: 14) was as of commit 1b00608b264f . > The buildworld buildkernel sequence worked but was based on > building from an environment running based on releng/13.0's > release/13.0.0commit instead of on a stable/13 commit: >=20 > # uname -apKU > FreeBSD CA72_4c8G_ZFS 13.0-RELEASE FreeBSD 13.0-RELEASE #1 = releng/13.0-n244733-ea31abc261ff-dirty: Wed Apr 28 05:45:27 PDT 2021 = root@CA72_4c8G_ZFS:/usr/obj/BUILDs/13_0R-CA72-nodbg-clang/usr/src/arm64.aa= rch64/sys/GENERIC-NODBG-CA72 arm64 aarch64 1300139 1300139 >=20 > But I can not even tell the relationship of 1b00608b264f to > what you tried to build: >=20 > https://cgit.freebsd.org/src/log/?qt=3Drange&q=3Df8668e4 >=20 > reports no match for your "Git head f8668e4". Nor does: >=20 > https://github.com/freebsd/freebsd-src/commit/f8668e4 >=20 > find a match. Ahh, I see the subject line lists f9668e4 instead. That is 8 commits more recent than what I built (as reported in my initial reply and shown again later below): https://cgit.freebsd.org/src/log/?qt=3Drange&q=3Df9668e4 reports (in part) . . . Commit message (Expand) Author Age Files Lines * Add rib_walk_from() wrapper for selective rib tree traversal. = Alexander V. Chernikov 13 hours 2 -0/+38 * cxgbe(4): Add support for NIC suspend/resume and live reset. = Navdeep Parhar 15 hours 6 -306/+1393 * geom_uzip(4): fix a typo Ceri Davies 16 hours = 1 -3/+3 * nfscl: add check for NULL clp and forced dismounts to = nfscl_delegreturnvp() Rick Macklem 21 hours 2 -3/+12 * nfsd: fix a NFSv4.1 Linux client mount stuck in CLOSE_WAIT = Rick Macklem 23 hours 1 -0/+5 * e1000: Rework em_msi_link interrupt filter Kevin Bowling = 23 hours 2 -18/+24 * [fib algo] Delay algo init at fib growth to to allow to reliably = use rib KPI. Alexander V. Chernikov 23 hours 3 -33/+76 * riscv: Remove old qemu compatibility code Brandon Bergren = 24 hours 2 -113/+0 * Merge llvm commits for kernel address and memory sanitizer = support Dimitry Andric 26 hours 2 -4/+14 None of that looks like it should make a difference vs. my buildworld buildkernel . > For reference, for the main (so: 14) that I built . . . >=20 > # ~/fbsd-based-on-what-freebsd.sh > branch: main > merge-base: 1b00608b264f1fac846e571e23d8ef7134834638 > merge-base: CommitDate: 2021-04-27 19:18:13 +0000 > 1b00608b264f (HEAD -> main, freebsd/main, freebsd/HEAD) Merge llvm = commits for kernel address and memory sanitizer support > n246360 (--first-parent --count for merge-base) >=20 > and for what produced that output: >=20 > # more ~/fbsd-based-on-what-freebsd.sh > #! /bin/sh > branch=3D"`git branch --show-current`" \ > && echo "branch: $branch" \ > && base=3D"`git merge-base freebsd/$branch HEAD`" \ > && git log --oneline --no-color $base..HEAD \ > && base_date=3D"`TZ=3DUTC git log --format=3Dfuller --date=3Diso-local = --no-color $base^..$base | grep CommitDate:`" \ > && echo "merge-base: $base" \ > && echo "merge-base: $base_date" \ > && git log --oneline --no-color $base^..$base \ > && echo "n`git rev-list --first-parent --count $base` (--first-parent = --count for merge-base)" >=20 > When booted uname -apKU reports for the installed main build: >=20 > # uname -apKU > FreeBSD CA72_4c8G_ZFS 14.0-CURRENT FreeBSD 14.0-CURRENT #0 = main-n246360-1b00608b264f-dirty: Wed Apr 28 01:22:56 PDT 2021 = root@CA72_4c8G_ZFS:/usr/obj/BUILDs/main-CA72-nodbg-clang/usr/src/arm64.aar= ch64/sys/GENERIC-NODBG-CA72 arm64 aarch64 1400012 1400012 It still appears that the basic information required to identify the issue in your context is likely missing. =3D=3D=3D Mark Millard marklmi at yahoo.com ( dsl-only.net went away in early 2018-Mar) From owner-freebsd-hackers@freebsd.org Thu Apr 29 10:36:55 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2457F6228AF for ; Thu, 29 Apr 2021 10:36:55 +0000 (UTC) (envelope-from zlei.huang@gmail.com) Received: from mail-pf1-x430.google.com (mail-pf1-x430.google.com [IPv6:2607:f8b0:4864:20::430]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FWBkt1N9jz4YLw for ; Thu, 29 Apr 2021 10:36:54 +0000 (UTC) (envelope-from zlei.huang@gmail.com) Received: by mail-pf1-x430.google.com with SMTP id i190so6201986pfc.12 for ; Thu, 29 Apr 2021 03:36:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=rsi2wI8abJdIH1oZRfLjpK9ZzU5K6KDwlFNgJwvdo4Y=; b=hzxt3tnUfSKa9fHsv8aoho3aomQTwpZuNPEf+fpl46oihNkstjSKgTbwDfJh+52ixg 9qd67rffS1H0kss9XLm2f4QF3N5xzTYBKdNcePFGWqN46hIM7PciZ4Og5gvar/IAbzXM 83n0SEK/A5g+C1VWJtz/okz3VFzHadJNsxBLm9uKtxSNHI/IlMFUpHcYIXTSATCBvSNW w+lkahl9jVM24BOY7OdINtVCpgajPzKoDsu8G3v+/QmX5L5t7eQYvEo16DG3yZbEXeh7 9De4lIaOnbA0YhgiwuS8eBeSQhW4jejJ+XKLllmn0otoq0hDM+y0CxYtXUKXtK/pmMXz OtSg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=rsi2wI8abJdIH1oZRfLjpK9ZzU5K6KDwlFNgJwvdo4Y=; b=YT8/dKKPEqbrWxbXj+v9RTuu+aNFcbK7tbN3BDCvjZtBxF+2dgvIt03h5c31d9oTM5 jUHdjRa78kMesjFkR/ssHfBU7w9JarLruw2xsPZJgLyS2ILvq3Y1WdykdGjxJQ758Fgp NDamjA/ULq3v+rml/ASj1pj3A2QCCy+dcNOZ4CTShhCqWf27ncDChu503CjVMFAOvGjI QCsTNO3PWR8DFPKm0lx/BijvtB56ClCsXWcl8VXM8uDrCjwI/VCYN6uU5iQMMzwjbHAm AgByDc7rZ9g8EX12ae9526q2W/x6iWmzU11NoqvjQJFZDVDIPvADjuaF/NOqDLTL7HFD zm/A== X-Gm-Message-State: AOAM5320JtF+fAOi6C9QFIuV5UEW6ZGqUMOcrgEITLDBuOrTZGa4pM0n MTwqXkl2RDtIFQniGGdGJOs= X-Google-Smtp-Source: ABdhPJxwWNbpKU+bECG9q9wbih+CayoPYLHauD3IBdcIfxfdbJNOJsU7FCPZVY+6jOL45AIaJMiXvw== X-Received: by 2002:a05:6a00:2389:b029:261:abe:184 with SMTP id f9-20020a056a002389b02902610abe0184mr33270979pfc.52.1619692612122; Thu, 29 Apr 2021 03:36:52 -0700 (PDT) Received: from [192.168.10.252] ([112.66.191.211]) by smtp.gmail.com with ESMTPSA id q10sm7451476pjf.1.2021.04.29.03.36.49 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 29 Apr 2021 03:36:51 -0700 (PDT) From: Zhenlei Huang Message-Id: Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\)) Subject: Re: Are there any RFCs for address selection for IPv4 Date: Thu, 29 Apr 2021 18:36:44 +0800 In-Reply-To: Cc: freebsd-hackers@freebsd.org To: Zhenlei Huang References: X-Mailer: Apple Mail (2.3608.120.23.2.4) X-Rspamd-Queue-Id: 4FWBkt1N9jz4YLw X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=hzxt3tnU; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of zleihuang@gmail.com designates 2607:f8b0:4864:20::430 as permitted sender) smtp.mailfrom=zleihuang@gmail.com X-Spamd-Result: default: False [-3.50 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::430:from]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; RECEIVED_SPAMHAUS_PBL(0.00)[112.66.191.211:received]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; TAGGED_RCPT(0.00)[]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::430:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::430:from]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Apr 2021 10:36:55 -0000 > On Apr 25, 2021, at 6:20 PM, Zhenlei Huang = wrote: >=20 > Hello hackers, >=20 > For IPv6 there's RFC 6724 to clarify the default address selection = procedure,=20 > both for source address selection and destination address selection. = Are there > any RFCs like RFC 6724 that are for IPv4?=20 >=20 > I'm exploring RFC 3927, consider this situation, a host configured = with link-local > address on NIC and global unicast alias address on loopback interface, = and default route to=20 > the link-local address of router (some ISPs do this). The current = implementation kernel > will use the link-local address as the source address when = initializing a connection to=20 > remote host via the default route. It seems wrong, as link-local = address are not=20 > routable as per RFC 3927. >=20 > So it is important if there's corresponding RFC clarify the source = address selection=20 > for IPv4. >=20 > Thanks :) After googling and hunting I found a fairly old RFC 1122. The section = 3.3.4.3 `Choosing a=20 Source Address` looks what I'm looking for. I did not find any further RFCs that update the section 3.3.4.3 of RFC = 1122. So I think it still applies to hosts / routers with link-local addresses. Then the source address selection falls into these three situation: 1. Multi-homed host with strong ES model. 2. Multi-homed host with weak ES model. 3. Router Suppose the host / router has one interface configured with LL address, = and routable addresses configured on other interfaces, to respect RFC 3927 section = 2.7, then for situation 2 and 3, a routable address should be selected if the = next-hop interface is unnumbered, ie. the interface is configured with only LL addresses. For situation 1, since it is strong ES model, and the interface is = unnumbered, no routable address is available, and the kernel should return a error EADDRNOTAVAIL = . I would like to borrow some rules from RFC 6724, for two addresses SA = and SB from the candidate set , a given destination address D Rule 1. Prefer same address. If SA =3D D, then prefer SA. Similarly, if SB =3D D, then prefer SB. Rule 2. Prefer appropriate scope. If Scope(SA) < Scope(SB): If Scope(SA) < Scope(D), then prefer SB and otherwise prefer SA. Similarly, if Scope(SB) < Scope(SA): If Scope(SB) < Scope(D), then prefer SA and otherwise prefer SB. Rule 3. Prefer outgoing interface. If SA is assigned to the interface that will be used to send to D and SB is assigned to a different interface, then prefer SA. Similarly, if SB is assigned to the interface that will be used to send to D and SA is assigned to a different interface, then prefer SB. Rule 4. Prefer directly connected. If DirectlyConnected(SA, D) and not DirectlyConnected(SB, D) then = prefer SA. If DirectlyConnected(SB, D) and not DirectlyConnected(SA, D) then = prefer SB. For situation 1, the order of rules should be 1, 3, 2, 4. And that might = result in un-routable packets with LL source address sent to next-hop. For situation 2 and 3, the order is 1, 2, 3, 4.=20 Feedbacks are welcome. Thanks, Zhenlei Huang From owner-freebsd-hackers@freebsd.org Thu Apr 29 18:09:41 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A5386632474 for ; Thu, 29 Apr 2021 18:09:41 +0000 (UTC) (envelope-from jsm@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FWNnK4LlJz4v4M for ; Thu, 29 Apr 2021 18:09:41 +0000 (UTC) (envelope-from jsm@FreeBSD.org) Received: from freebsd2.freebsd.lan (mail.northatlanticmusicsupplies.com [212.237.182.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: jsm) by smtp.freebsd.org (Postfix) with ESMTPSA id 4FF39B66E for ; Thu, 29 Apr 2021 18:09:41 +0000 (UTC) (envelope-from jsm@FreeBSD.org) To: freebsd-hackers@freebsd.org From: Jesper Schmitz Mouridsen Subject: hwpstate_intel cpufreq and est. Message-ID: <226bfdd6-2d24-2dc7-79e3-7dc33a56f2a2@FreeBSD.org> Date: Thu, 29 Apr 2021 20:09:20 +0200 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:78.0) Gecko/20100101 Thunderbird/78.9.1 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Apr 2021 18:09:41 -0000 Hi list. I am working on sysutils/libsysstat [1], I have maintained it over the years. I even have a little testprogram [2] Recently I  got a new CPU which uses freq_driver: hwpstate_intel. It seems to me from values from dev.cpu.X.freq that this drivers supports different freq levels per core? And that the BUG section in man cpufreq stating that "When multiple CPUs offer frequency control, they cannot be set to different levels and must all offer the same frequency settings." Does not apply to hwpstate_intel? Is this correct. My current code relies on this same freq on all cores bug. [1] https://www.freshports.org/sysutils/libsysstat [2] https://people.freebsd.org/~jsm/libsysstat-test.tar.gz Thanks Jesper Schmtiz Mouridsen. From owner-freebsd-hackers@freebsd.org Thu Apr 29 18:33:04 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A2D24632BEE for ; Thu, 29 Apr 2021 18:33:04 +0000 (UTC) (envelope-from jsm@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FWPJJ4JgNz4vrc for ; Thu, 29 Apr 2021 18:33:04 +0000 (UTC) (envelope-from jsm@FreeBSD.org) Received: from freebsd2.freebsd.lan (mail.northatlanticmusicsupplies.com [212.237.182.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: jsm) by smtp.freebsd.org (Postfix) with ESMTPSA id 4DBBFCD09 for ; Thu, 29 Apr 2021 18:33:04 +0000 (UTC) (envelope-from jsm@FreeBSD.org) Subject: Re: hwpstate_intel cpufreq and est. From: Jesper Schmitz Mouridsen To: freebsd-hackers@freebsd.org References: <226bfdd6-2d24-2dc7-79e3-7dc33a56f2a2@FreeBSD.org> Message-ID: Date: Thu, 29 Apr 2021 20:33:03 +0200 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:78.0) Gecko/20100101 Thunderbird/78.9.1 MIME-Version: 1.0 In-Reply-To: <226bfdd6-2d24-2dc7-79e3-7dc33a56f2a2@FreeBSD.org> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Apr 2021 18:33:04 -0000 On 29.04.2021 20.09, Jesper Schmitz Mouridsen wrote: > Hi list. > > I am working on sysutils/libsysstat [1], I have maintained it over the > years. > > I even have a little testprogram [2] > > Recently I  got a new CPU which uses freq_driver: hwpstate_intel. > > It seems to me from values from dev.cpu.X.freq that this drivers > supports different freq levels per core? > > And that the BUG section in man cpufreq stating that > > "When multiple CPUs offer frequency control, they cannot be set to > different levels and must all offer the same frequency settings." > > Does not apply to hwpstate_intel? Is this correct. My current code > relies on > > this same freq on all cores bug. > > [1] https://www.freshports.org/sysutils/libsysstat > > [2] https://people.freebsd.org/~jsm/libsysstat-test.tar.gz > > Thanks > > Jesper Schmtiz Mouridsen. > I think I found the answer in https://reviews.freebsd.org/D30004: Users running newer Intel(R) CPUs may find some differences in dynamic frequency control when upgrading to FreeBSD 13.0. A new driver for the Intel(R) Speed Shift(TM) feature set, available on certain SKUs, exposes the ability for the hardware to dynamically vary the core frequencies, including on a per core basis. > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to > "freebsd-hackers-unsubscribe@freebsd.org" From owner-freebsd-hackers@freebsd.org Fri Apr 30 16:28:51 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 62DF0624010; Fri, 30 Apr 2021 16:28:51 +0000 (UTC) (envelope-from kfv@kfv.io) Received: from mail.kfv.io (mail.kfv.io [95.217.128.176]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "kfv.io", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FWyVV00Wtz4txs; Fri, 30 Apr 2021 16:28:49 +0000 (UTC) (envelope-from kfv@kfv.io) Received: from x1 ( [91.184.67.30]) by srv.kfv.io (OpenSMTPD) with ESMTPSA id 71e18fba (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO); Fri, 30 Apr 2021 16:28:42 +0000 (UTC) Date: Fri, 30 Apr 2021 16:28:39 +0000 From: Faraz Vahedi To: Faraz Vahedi via freebsd-hackers Cc: freebsd-current@freebsd.org Subject: Re: Review Request for D25705 and D25711 Message-ID: <20210430162839.3p5rmmlkjaskd374@x1> References: <20210419194413.noxvxtmxzqzoh56i@x1> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="x3aahrgrqkxbplbx" Content-Disposition: inline In-Reply-To: <20210419194413.noxvxtmxzqzoh56i@x1> X-Rspamd-Queue-Id: 4FWyVV00Wtz4txs X-Spamd-Bar: ----- X-Spamd-Result: default: False [-5.60 / 15.00]; RCVD_TLS_ALL(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[kfv.io:s=dkim]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:95.217.128.176]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; RBL_DBL_DONT_QUERY_IPS(0.00)[95.217.128.176:from]; NEURAL_HAM_LONG(-1.00)[-1.000]; SPAMHAUS_ZRD(0.00)[95.217.128.176:from:127.0.2.255]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; DKIM_TRACE(0.00)[kfv.io:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[kfv.io,reject]; NEURAL_HAM_SHORT(-1.00)[-1.000]; SIGNED_PGP(-2.00)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; MID_RHS_NOT_FQDN(0.50)[]; ASN(0.00)[asn:24940, ipnet:95.217.0.0/16, country:DE]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-hackers,freebsd-current]; RECEIVED_SPAMHAUS_PBL(0.00)[91.184.67.30:received] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Apr 2021 16:28:51 -0000 --x3aahrgrqkxbplbx Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Apr 19, 2021 at 07:44:13PM +0000, Faraz Vahedi via freebsd-hackers = wrote: > Dear hackers and committers, >=20 > I have sent two small patches on freebsd-version(1) and > freebsd-update(8), D25705 and D25711 respectively, to > add -j flag for supporting jails. > I think they are both somewhat ready to either land or > to get some notes for improvements. They have been open > since July 2020, and I know everyone is too busy. > I understand the situation, but I would be very grateful > if anyone could give them a review and help. >=20 > I hope you are all doing well. Stay safe. >=20 > Yours faithfully, > Faraz Dear committers, The aforementioned patches are both tested and ready to either land or get their final review/suggestions. They are meant to improve jail management quality by facilitating the retrieving and upgrading of the userland version of jails. So a user could simply call freebsd-version(1) or freebsd-update(8) from the host, along with the -j flag, to specify which jail to retrieve or upgrade its userland version. So no need to manually set BASEDIR and UNAME_r anymore, just specify the jail name/id. I sincerely request a review, please. These small patches are open since July 2020. I appreciate your time. Cheers, Faraz --x3aahrgrqkxbplbx Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAABCAAdFiEER72OR2ke+5+zBDNGxovV64RZlvEFAmCMMC0ACgkQxovV64RZ lvGAMAf/ekLdR85IjThfQ64clVbNvjpEujQV1f7ci2MdT3boEwdf3VtQzvq7cxnW uPwIv7l/3Of1E1fCHOCkbOE04Zyi195Uhh+5NFFopg9U8DpyBongu9uwItizai5f Uzvpi3MxjYGaTquBlPuBSZ9EEE3DklbNUmw11lcb3xUwac390ykIcSVU1g2+JGYe tPSU8IgLMVuJbWpHK4cxW8gY2Dz3hmqtbaHeDp7VffatWeU9MTI31DYxfigcdgss GTcAcZNUEW7YJ6pNHm2Q9CvIiLlISGUjrNSlCPfmT56M/Rzx3kJGEMBpzUGcgFS3 lYCOaAueX2yHo/tD4kxU4Wd4s+JeEA== =Un/e -----END PGP SIGNATURE----- --x3aahrgrqkxbplbx-- From owner-freebsd-hackers@freebsd.org Fri Apr 30 22:15:56 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id E0CA662C036 for ; Fri, 30 Apr 2021 22:15:56 +0000 (UTC) (envelope-from leres@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FX6C038dpz3jW2 for ; Fri, 30 Apr 2021 22:15:56 +0000 (UTC) (envelope-from leres@freebsd.org) Received: from ice.alameda.xse.com (unknown [IPv6:2600:1700:a570:e20:f2ad:4eff:fe0b:a065]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: leres) by smtp.freebsd.org (Postfix) with ESMTPSA id 2C8C329C52 for ; Fri, 30 Apr 2021 22:15:56 +0000 (UTC) (envelope-from leres@freebsd.org) From: Craig Leres To: freebsd-hackers@freebsd.org Subject: Listen on IPv6 address on a downed interface fails, but IPv4 works? Message-ID: <6eec4dfb-ec5e-f39e-4c7c-1561c0a0eb23@freebsd.org> Date: Fri, 30 Apr 2021 15:15:54 -0700 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:78.0) Gecko/20100101 Thunderbird/78.10.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Apr 2021 22:15:56 -0000 We provide anycast recursive dns service to our users with a number of FreeBSD servers running bind916. The IPv4 and IPv6 addresses used are configured on lo1 and we have a daemon that ifconfig's lo1 up when queries seem to be working, otherwise down. And we use bird2 to advertise the lo1 anycast addresses via ospf. This has been in use for the last decade. Today when I upgraded the anycast resolvers to bind 9.16.15 I found that none of the named's were listening on the IPv6 anycast addresses anymore. The procedure is: ifconfig lo1 down [by stopping the daemon] [wait for the routes to be withdrawn] service named restart [wait for named to startup] ifconfig lo1 up [by starting the daemon] [verify the routes come back] When named starts up it creates socket for, and listens on each interface address. This works for the IPv4 addresses on the downed lo1 interface but not the IPv6 addresses. I see now that named is throwing errors, e.g: Apr 30 11:06:11 XXX.lbl.gov named[68006]: listening on IPv6 interface lo1, XXXX:XXXX:8000:XXXX:XXXX::1#53 Apr 30 11:06:11 ns1.lbl.gov named[68006]: creating IPv6 interface lo1 failed; interface ignored I thought this used to work. But it seems unreasonable to me that it works for IPv4 but not IPv6. Is this a problem with bind or with the IPv6 kernel stack? Craig From owner-freebsd-hackers@freebsd.org Sat May 1 09:29:40 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D4ECA5F8BDA for ; Sat, 1 May 2021 09:29:40 +0000 (UTC) (envelope-from ionut.mihalache1506@gmail.com) Received: from mail-wr1-x435.google.com (mail-wr1-x435.google.com [IPv6:2a00:1450:4864:20::435]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FXP8M5XMTz3sF6; Sat, 1 May 2021 09:29:39 +0000 (UTC) (envelope-from ionut.mihalache1506@gmail.com) Received: by mail-wr1-x435.google.com with SMTP id m9so460608wrx.3; Sat, 01 May 2021 02:29:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=yNNSdCvzpr6InWANqIJufpTtlQzpLjAdl0s8hV5Ge80=; b=VoPLxK54PGXOUgmNKSe9VY7vAnRkRYnkwv2/mQ8l78LD6qfHt3EjP01kRQUQCf3yi5 EHYW7M7FY/IVD+jE7erNkgbJ1rHAiKlDm0edDXGliLBes64tZ3S2W+2iCu9y8CguutGN dKMQLObvDhhy5T/coBaG+h+1tYY3lH6vCObWn6FmMe3MfoIdtc25VW01+ceLh+c7PBWI d3JU0N2fgTXdTFxLj/6Ku/eBa1tOXpk+1EdsIuaf6as+Hw6Zy3CpGk1xTGpjRZD8E74s KeRH56Jhi99T615jI7vVPQqgTtD6K+HqyxaPwq4NJrS2eVgpxmpnMivKoPzO8KSNUg11 J0eA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=yNNSdCvzpr6InWANqIJufpTtlQzpLjAdl0s8hV5Ge80=; b=sy3VTGmbtSJpxb4nzX4DislYZD4fibJZOU69srvBpsXsOY9wetwv9F3BS9bX5AXScD KNSnYmhJ+czrLCsC7D/SL9E1CF7hyePedpcg/nViR2xUWB9np6YmnOZlnH58EhPFZ06b TRpjrXxjn4wdUeHLbLdoR38U7vkdBB32jr8HRJ0/ACJYU/yBercVFkDtlpCsMP9rQlvM ThjfA2o3EBup2h6/bOKXfUe3zWEnzdYYCAQGPNePopcmjz7QTqNoj/PN2kCYmZu+qVnc /2Faz5UxcjcTKpeNSV+zy+j/iRmXJ12C7SYBBh1wMAt4hyUzEE7D0FAFpD7bPOlnMRo7 Xikw== X-Gm-Message-State: AOAM533wDXQw47fmocG15B6I+pg0sOUjTXC0hzD/YvPfE8YftTPRedls 1TkczUa1GesRcjJVPzAsgsczY8J7RVzxYWpKjJq8tM51Gcs= X-Google-Smtp-Source: ABdhPJxKUrmqxFkTI41D78NFa8YfbT3AKlaF+DJimghiUOMlFiWDXs1v3Q4Lp24c490PPZgmG5TWOxS2elfFnFI6ElU= X-Received: by 2002:a05:6000:1547:: with SMTP id 7mr13056619wry.388.1619861377838; Sat, 01 May 2021 02:29:37 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: =?UTF-8?Q?Ionu=C8=9B_Mihalache?= Date: Sat, 1 May 2021 12:29:26 +0300 Message-ID: Subject: Re: cap_sysctlbyname for hw.vmm.destroy To: Mark Johnston Cc: freebsd-hackers@freebsd.org X-Rspamd-Queue-Id: 4FXP8M5XMTz3sF6 X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=VoPLxK54; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of ionutmihalache1506@gmail.com designates 2a00:1450:4864:20::435 as permitted sender) smtp.mailfrom=ionutmihalache1506@gmail.com X-Spamd-Result: default: False [-1.47 / 15.00]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; R_MIXED_CHARSET(0.62)[subject]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[2a00:1450:4864:20::435:from]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; NEURAL_SPAM_SHORT(0.91)[0.907]; SPAMHAUS_ZRD(0.00)[2a00:1450:4864:20::435:from:127.0.2.255]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::435:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 May 2021 09:29:40 -0000 I did a clean buildworld with -DWITH_CASPER and -DHAVE_CASPER and now there is a linking problem. Here [1] I have the includes to test the example and here [2] I have the code. When trying to link there is a problem with cap_sysctl_limit_init, cap_sysctl_limit_name, cap_sysctl_limit, cap_sysctlbyname; the symbols are not found. If I comment those lines though, cap_service_open fails(this happens in bhyverun.c). When using the API here [3] there are no linking problems and cap_service_open works, but cap_sysctlbyname returns EPERM(I have here [4] the includes that I used). [1] - https://github.com/FreeBSD-UPB/freebsd-src/blob/2373ecaa6dea4f0491a3ccc6790= 17c025cbaf243/usr.sbin/bhyve/bhyverun.c#L36 [2] - https://github.com/FreeBSD-UPB/freebsd-src/blob/2373ecaa6dea4f0491a3ccc6790= 17c025cbaf243/usr.sbin/bhyve/bhyverun.c#L1569 [3] - https://github.com/FreeBSD-UPB/freebsd-src/blob/2373ecaa6dea4f0491a3ccc6790= 17c025cbaf243/lib/libvmmapi/vmmapi.c#L141 [4] - https://github.com/FreeBSD-UPB/freebsd-src/blob/2373ecaa6dea4f0491a3ccc6790= 17c025cbaf243/lib/libvmmapi/vmmapi.h#L38 =C3=8En mie., 28 apr. 2021 la 18:41, Mark Johnston a sc= ris: > On Wed, Apr 28, 2021 at 06:19:09PM +0300, Ionu=C8=9B Mihalache wrote: > > Even with the fixes cap_sysctl still returns EPERM for that simple > example. > > Are you sure that libcap_sysctl is actually being used? In other words, > are you compiling with -DWITH_CASPER? If not, the program will call > cap_enter() and then try to read the sysctl directly, since > cap_sysctlbyname() will be a simple wrapper for sysctlbyname(). > > > > > =C3=8En mie., 28 apr. 2021 la 17:41, Mark Johnston = a > scris: > > > > > There are two bugs in the example, also present in your WIP. I fixed > > > them here: > > > > > > > https://cgit.freebsd.org/src/commit/?id=3D44bbda649dc6c1cdc5a99641e14c771= 57967e140 > > > > > > On Wed, Apr 28, 2021 at 05:22:22PM +0300, Ionu=C8=9B Mihalache wrote: > > > > I update the code now [1] but still the same error. Even without an= y > > > limits > > > > the cap_sysctlbyname fails after using cap_enter. > From owner-freebsd-hackers@freebsd.org Sat May 1 13:29:31 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4BBD262AB72 for ; Sat, 1 May 2021 13:29:31 +0000 (UTC) (envelope-from markjdb@gmail.com) Received: from mail-il1-x133.google.com (mail-il1-x133.google.com [IPv6:2607:f8b0:4864:20::133]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FXVT63sZbz4Y3w for ; Sat, 1 May 2021 13:29:30 +0000 (UTC) (envelope-from markjdb@gmail.com) Received: by mail-il1-x133.google.com with SMTP id y10so683819ilv.0 for ; Sat, 01 May 2021 06:29:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to; bh=hFf1o4a9qisqtdaKQxWfqewYcN7bDgc7RiR+v0BpTKU=; b=kCA6ChK7OYC1Xi14rrrenYg7WgQhbNNQX+SJhVML1yPOxPa8NjtErw/wbuQ3u7xqL3 s10CmPpentYEFva/HJMn8hWmFvWAmjt0XEzAfHp/qdko+JrzIT6i5uZr9tnCxtpOmkw9 71d6t51dPxgAIGWHQEMn31cuw+nJ5Wc6bCdQi7xWhtWqVxzgMWCANjpocGm0LbJcjh4f B6Ojzra8aI4mNCGW8H1xoLMx6LrDuf8UosIlTEBMSb3FPw0D34sWeIiEB659Tksmn+N/ aaDLkUbAyZyENf6oGLhLA75NcgwbvjVnoN8+D+LkTegml6Kp7XoVfkAAGPJny/nZdZak 3jzA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:from:to:cc:subject:message-id :references:mime-version:content-disposition :content-transfer-encoding:in-reply-to; bh=hFf1o4a9qisqtdaKQxWfqewYcN7bDgc7RiR+v0BpTKU=; b=INMgwYZmaARUUa8gxN2/dpYzL/quZ5bP1LU63t6WfB6ravldZbQcFWVvjURFCsortm ygKNz9zOA15omOykTEuGKKwaECvZN6IhUuZy5hAUA+SmD9pMwwb/gmltNsoFo6ERG24L RWvqo0tWNHeILCw/ph+JPCItuOWR3ryS8buYyopsoCgDEU5kIC7IXbfnfz9+OQnaTnJ/ 7LljqoHv96UHwTFQ96RFRwbI3xtAajGIU5BkLxJJDq76t4zmBighB4rpLZb5mI80RjE+ akiirYNjWvPom5VkelBzT30vp8wRrZzEg1egY8K7fKL0KYS4y/H0Z2YBJ2UI1qf9y6LS caBg== X-Gm-Message-State: AOAM530pys5srbGcXl4gPDnmWcEyxgZmm28w4RqZ/J0mb05Nq1RH4c4q dlIkjUFg6TM/alwTvdaqfQZ85WulOwauQQ== X-Google-Smtp-Source: ABdhPJxxCwHP/ZLMbBk6MnYaFElpshuoil5asL1H1h01qKyjQ1udobOzSz2gcDURPr37BNcEiHzbvA== X-Received: by 2002:a92:130a:: with SMTP id 10mr8341078ilt.159.1619875769274; Sat, 01 May 2021 06:29:29 -0700 (PDT) Received: from nuc ([142.126.164.150]) by smtp.gmail.com with ESMTPSA id d16sm2478886ils.48.2021.05.01.06.29.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 01 May 2021 06:29:28 -0700 (PDT) Sender: Mark Johnston Date: Sat, 1 May 2021 09:29:30 -0400 From: Mark Johnston To: =?utf-8?B?SW9udcib?= Mihalache Cc: freebsd-hackers@freebsd.org Subject: Re: cap_sysctlbyname for hw.vmm.destroy Message-ID: References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-Rspamd-Queue-Id: 4FXVT63sZbz4Y3w X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=kCA6ChK7; dmarc=none; spf=pass (mx1.freebsd.org: domain of markjdb@gmail.com designates 2607:f8b0:4864:20::133 as permitted sender) smtp.mailfrom=markjdb@gmail.com X-Spamd-Result: default: False [-2.70 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FREEMAIL_TO(0.00)[gmail.com]; FORGED_SENDER(0.30)[markj@freebsd.org,markjdb@gmail.com]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::133:from]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; FROM_NEQ_ENVFROM(0.00)[markj@freebsd.org,markjdb@gmail.com]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; TAGGED_RCPT(0.00)[]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; DMARC_NA(0.00)[freebsd.org]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::133:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::133:from]; MID_RHS_NOT_FQDN(0.50)[]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 May 2021 13:29:31 -0000 On Sat, May 01, 2021 at 12:29:26PM +0300, Ionuț Mihalache wrote: > I did a clean buildworld with -DWITH_CASPER and -DHAVE_CASPER and now there > is a linking problem. Here [1] I have the includes to test the example and > here [2] I have the code. When trying to link there is a problem with > cap_sysctl_limit_init, > cap_sysctl_limit_name, cap_sysctl_limit, cap_sysctlbyname; the symbols are > not found. If I comment those lines though, cap_service_open fails(this > happens in bhyverun.c). When using the API here [3] there are no linking > problems and cap_service_open works, but cap_sysctlbyname returns EPERM(I > have here [4] the includes that I used). - You do not need to do a full buildworld. It is sufficient to rebuild bhyve itself with -DWITH_CASPER. Note that the bhyve Makefile does not define WITH_CASPER when snapshot support is enabled. - You need to add cap_sysctl to the list of libraries linked into bhyve, same as it currently links cap_pwd and cap_grp. > [1] - > https://github.com/FreeBSD-UPB/freebsd-src/blob/2373ecaa6dea4f0491a3ccc679017c025cbaf243/usr.sbin/bhyve/bhyverun.c#L36 > [2] - > https://github.com/FreeBSD-UPB/freebsd-src/blob/2373ecaa6dea4f0491a3ccc679017c025cbaf243/usr.sbin/bhyve/bhyverun.c#L1569 > [3] - > https://github.com/FreeBSD-UPB/freebsd-src/blob/2373ecaa6dea4f0491a3ccc679017c025cbaf243/lib/libvmmapi/vmmapi.c#L141 > [4] - > https://github.com/FreeBSD-UPB/freebsd-src/blob/2373ecaa6dea4f0491a3ccc679017c025cbaf243/lib/libvmmapi/vmmapi.h#L38