From owner-svn-src-head@freebsd.org Sat Nov 14 20:53:57 2020 Return-Path: Delivered-To: svn-src-head@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id CADE34657D3 for ; Sat, 14 Nov 2020 20:53:57 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Received: from mail-qt1-x835.google.com (mail-qt1-x835.google.com [IPv6:2607:f8b0:4864:20::835]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CYSHT58pWz3wM3 for ; Sat, 14 Nov 2020 20:53:57 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Received: by mail-qt1-x835.google.com with SMTP id 7so9947145qtp.1 for ; Sat, 14 Nov 2020 12:53:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hardenedbsd.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=MI3KjUtXdLjBSnhZZnvEFEiFny91tgEvL+ju4y03RQY=; b=JmIOOf4Skwx+x7oZVJ+8H0TB6049GhITcFfGDpIaN54lpFLPB3HeTuYSm57lT6OEvd 4Zl3SzH6hJu27TmqKfk8J6lGlkJKSYWNXpf4A4TPqe6e6YMYnSNB12HdksjBGBcfuLB0 NoJSRcik+JimidCYBFucubTtitREHoZQGoqVnm7vACcXrdRicwn2HOcCqiff8Q2C3ZGz 7V5WjTrnG+BUb93WZVPdM4f0Tf0D+UDP6pWyOr2A0kv8JYjeZjdTZVVF35F9puwl7KOi xw7byn7pZbA2KJr28kXWsgUNImO+cOBU6xfXNLEuYjmAnelCIIs9B3QIvvkIIRa4y63z U59Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=MI3KjUtXdLjBSnhZZnvEFEiFny91tgEvL+ju4y03RQY=; b=kGg3n0KPHZTOKAw23w4UAxcS6zOqV/aglW+qByfLiVAWOcpqwng0mIEKHQtgUQNwJ6 Hekz12HvPhkA897EN5CSFHOYR0CV3YG7d6mXSNoFBDVUAJ5ovIO3Hi6HiVW/V/806fzV J7gvKU//txF4li1A7ZAA/D/GgK1+8Dhq+GKYVeNZ67AiCl0EJWQle3Ja7m2YaXPtI1Qa xcjixoacIlokRgVcANlk0Z29v9k2nhf9RPTCMI/BKroHzl9xfj/Stw/Dm4ol9qghB6L0 1nl33zTthS+MKpjO+zwglGGHEGNL3E7jO+zQvA/xZRIuR80tDn2v0t16r8TzRDM4O6fR ze8Q== X-Gm-Message-State: AOAM531ztD0VWLvcjKfxZpHXD+R6dPitZBwot2efn0pzn+vrUmUgjXyI Lj/PxtUZvZzPjdcK1u4PeNKeePzJCaR3y4bs X-Google-Smtp-Source: ABdhPJxgfxmetiuOdIj4uNRoyKHR3TVSTiQ7dAahrDzACjUn484upfT3hZXku9+RxBeg94YMICFViA== X-Received: by 2002:ac8:2fa2:: with SMTP id l31mr7793082qta.86.1605387236883; Sat, 14 Nov 2020 12:53:56 -0800 (PST) Received: from mutt-hbsd (pool-100-16-222-53.bltmmd.fios.verizon.net. [100.16.222.53]) by smtp.gmail.com with ESMTPSA id x71sm3696108qka.71.2020.11.14.12.53.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 14 Nov 2020 12:53:56 -0800 (PST) Date: Sat, 14 Nov 2020 15:53:55 -0500 From: Shawn Webb To: Mateusz Guzik Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r367692 - head/sys/sys Message-ID: <20201114205355.j2ejnhouipjr6yhk@mutt-hbsd> X-Operating-System: FreeBSD mutt-hbsd 13.0-CURRENT-HBSD FreeBSD 13.0-CURRENT-HBSD X-PGP-Key: http://pgp.mit.edu/pks/lookup?op=vindex&search=0xFF2E67A277F8E1FA References: <202011141920.0AEJKbpO050396@repo.freebsd.org> <20201114205036.tnxvwarsddmu4shz@mutt-hbsd> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="hlgimau7p42bbikt" Content-Disposition: inline In-Reply-To: X-Rspamd-Queue-Id: 4CYSHT58pWz3wM3 X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[] X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 14 Nov 2020 20:53:57 -0000 --hlgimau7p42bbikt Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Are there any kernel modules (in base, in ports, or out-of-both-trees) that access struct ucred? On Sat, Nov 14, 2020 at 09:51:47PM +0100, Mateusz Guzik wrote: > I don't think so, it does not change any APIs >=20 > On 11/14/20, Shawn Webb wrote: > > On Sat, Nov 14, 2020 at 07:20:37PM +0000, Mateusz Guzik wrote: > >> Author: mjg > >> Date: Sat Nov 14 19:20:37 2020 > >> New Revision: 367692 > >> URL: https://svnweb.freebsd.org/changeset/base/367692 > >> > >> Log: > >> cred: reorder cr_audit to be closer to the lock > >> > >> This makes cr_uid avoid sharing. > >> > >> Modified: > >> head/sys/sys/ucred.h > >> > >> Modified: head/sys/sys/ucred.h > >> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D > >> --- head/sys/sys/ucred.h Sat Nov 14 19:19:27 2020 (r367691) > >> +++ head/sys/sys/ucred.h Sat Nov 14 19:20:37 2020 (r367692) > >> @@ -63,6 +63,7 @@ struct ucred { > >> struct mtx cr_mtx; > >> u_int cr_ref; /* (c) reference count */ > >> u_int cr_users; /* (c) proc + thread using this cred */ > >> + struct auditinfo_addr cr_audit; /* Audit properties. */ > >> #define cr_startcopy cr_uid > >> uid_t cr_uid; /* effective user id */ > >> uid_t cr_ruid; /* real user id */ > >> @@ -78,7 +79,6 @@ struct ucred { > >> void *cr_pspare2[2]; /* general use 2 */ > >> #define cr_endcopy cr_label > >> struct label *cr_label; /* MAC label */ > >> - struct auditinfo_addr cr_audit; /* Audit properties. */ > >> gid_t *cr_groups; /* groups */ > >> int cr_agroups; /* Available groups */ > >> gid_t cr_smallgroups[XU_NGROUPS]; /* storage for small groups */ > > > > Hey Mateusz, > > > > Since this changes KBI, does __FreeBSD_version need bumping? > > > > Thanks, > > > > -- > > Shawn Webb > > Cofounder / Security Engineer > > HardenedBSD > > > > GPG Key ID: 0xFF2E67A277F8E1FA > > GPG Key Fingerprint: D206 BB45 15E0 9C49 0CF9 3633 C85B 0AF8 AB23 0FB2 > > https://git-01.md.hardenedbsd.org/HardenedBSD/pubkeys/src/branch/master= /Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc > > >=20 >=20 > --=20 > Mateusz Guzik --=20 Shawn Webb Cofounder / Security Engineer HardenedBSD GPG Key ID: 0xFF2E67A277F8E1FA GPG Key Fingerprint: D206 BB45 15E0 9C49 0CF9 3633 C85B 0AF8 AB23 0FB2 https://git-01.md.hardenedbsd.org/HardenedBSD/pubkeys/src/branch/master/Sha= wn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc --hlgimau7p42bbikt Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEA6TL67gupaZ9nzhT/y5nonf44foFAl+wQ+MACgkQ/y5nonf4 4foLOA//XUBGhKNLIdGAL8WAKKSqXimkpbehN+hL9yh5GbERMvnSiCBiumb+nFvL GrAw5Fmea4soSW4eZcZc4goRy9md5vy0e6BnMEt6MjM534RlWNDDDiwmN3gMlmFh Gw8MveFNqXwDaebeV5b3PCPCqKeMGV6aRjg8Vz4TGPBP+ClcN/FW99MAEsniERGV pJ3u1aGtoOPBgB5PaRLrUqylAFU8ol5aLi+rCk2buAZlKvjxHTMFS2C2Fskq+KeD LsHJmX9cWjktWCXjK8rhpbUGAbQxcviYy7627pNIzh1gXO6sM60Tw7wNDZpAgYF7 cZxgt1om69dLWjZCu9RULhFeNqkEAK6GNNI7VvVt3WMWfvjy3wOXTegmHXnwCfx1 eESkqJ+ufH86ZPs2tWPpso8mpf3tgN0b1uWa5p3JnTH4JWg19X8NNeSJQsh56SYD 986hFsNdrBdmDonwK0oDYbJUMShS2yUtfWNTuq/NBcjHiUPAObLyeNlC0LbD64YR vcfJBtpbsf26B2vqyBpqxqX6xJ2GFVItRWFSwRAGGoMKSIe1vkn8YbYyTKOvsPI4 ygYpfyDe9K5CXwkmyXbK8DivsmYiPDYzckSipekG3l58ikAs+aZTUtVpR6/NYRUU UlQVs4NmQNXeS/72GO9o8BNcZHQ5UkUKUyyo82m2XK81aA7691s= =pcKy -----END PGP SIGNATURE----- --hlgimau7p42bbikt--