From owner-freebsd-arch  Tue Dec 12  8:34: 2 2000
From owner-freebsd-arch@FreeBSD.ORG  Tue Dec 12 08:34:00 2000
Return-Path: <owner-freebsd-arch@FreeBSD.ORG>
Delivered-To: freebsd-arch@freebsd.org
Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31])
	by hub.freebsd.org (Postfix) with ESMTP id 2C57B37B400
	for <arch@FreeBSD.ORG>; Tue, 12 Dec 2000 08:33:59 -0800 (PST)
Received: (from des@localhost)
	by flood.ping.uio.no (8.9.3/8.9.3) id RAA61654;
	Tue, 12 Dec 2000 17:33:02 +0100 (CET)
	(envelope-from des@ofug.org)
Sender: des@ofug.org
X-URL: http://www.ofug.org/~des/
X-Disclaimer: The views expressed in this message do not necessarily
  coincide with those of any organisation or company with
  which I am or have been affiliated.
To: Julian Elischer <julian@elischer.org>
Cc: Poul-Henning Kamp <phk@critter.freebsd.dk>,
	Matt Dillon <dillon@earth.backplane.com>, kris@citusc.usc.edu,
	arch@FreeBSD.ORG
Subject: Re: Safe string formatting in the kernel
References: <18190.976606205@critter> <3A361F0E.F015A262@elischer.org>
From: Dag-Erling Smorgrav <des@ofug.org>
Date: 12 Dec 2000 17:33:01 +0100
In-Reply-To: Julian Elischer's message of "Tue, 12 Dec 2000 04:50:22 -0800"
Message-ID: <xzpitop4n2a.fsf@flood.ping.uio.no>
Lines: 28
User-Agent: Gnus/5.0802 (Gnus v5.8.2) Emacs/20.4
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Julian Elischer <julian@elischer.org> writes:
> Poul-Henning Kamp wrote:
> > There are several places where this new API would make the code
> > simpler and less prone to overflowable errors.  procfs and various
> > netgraph nodes spring to mind immediately.
> hmmm such as?

In procfs: portions of procfs_{map,rlimit,status,vnops}.c
In linprocfs: most of linprocfs_misc.c

Poul-Henning also mentioned the mn(4) and musycc(4) drivers.

Any part of the kernel that exports string sysctls will also benefit.
Most of the magic that's necessary for writeable string sysctls can be
eliminated by using sbufs in such a way that you'll be able to declare
string sysctls just as easily as integer sysctls (currently, each
writeable string sysctl requires ~20 lines of code).

Empirical tests show that the sbuf API adds less than 2 kB of code to
the kernel, and I believe (though I can't prove) that the amount of
duplicated code and static buffers that can be replaced with judicious
use of sbufs will more than outweigh that cost. In some cases (procfs
and linprocfs at least, but probably others too) using sbufs also
saves large amounts of syscall stack space.

DES
-- 
Dag-Erling Smorgrav - des@ofug.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message