Date: Fri, 23 Sep 2016 07:44:09 +0000 From: Ruslan Bukin <ruslan.bukin@cl.cam.ac.uk> To: Mariusz Zaborski <oshogbo@freebsd.org> Cc: src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r306174 - in head/sys: compat/cloudabi compat/linux kern netinet sys Message-ID: <20160923074409.GA78520@bsdpad.com> In-Reply-To: <CAGOYWV_wo4wO7FF6Cvuo6%2BAfB6G35ABEhnRp%2B7b9LSpOtRYy6g@mail.gmail.com> References: <201609220958.u8M9wkfh034759@repo.freebsd.org> <20160922143412.GA69951@bsdpad.com> <CAGOYWV_9hJpggps37fRB4pzYzSn4gSsv6n=xvvnkPfyvZGosMw@mail.gmail.com> <20160922145625.GA70214@bsdpad.com> <CAGOYWV9Tf8n=u3ynhmSNqbLHGd1uGf_So-ScUNsNmxuX9B_6sA@mail.gmail.com> <20160922152153.GA70762@bsdpad.com> <20160922161102.GA71374@bsdpad.com> <CAGOYWV_wo4wO7FF6Cvuo6%2BAfB6G35ABEhnRp%2B7b9LSpOtRYy6g@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi It is booting fine with patch. Thanks! Ruslan On Fri, Sep 23, 2016 at 12:34:40AM +0200, Mariusz Zaborski wrote: > Thanks, I was able to reproduce that :) > I attached the patch. Could you please confirm that it fix the problem? > > Thank you and sorry for inconveniences, > Mariusz > > On 22 September 2016 at 18:11, Ruslan Bukin <ruslan.bukin@cl.cam.ac.uk> wrote: > > I have just tested this with MIPS64EL and the result is the same. > > So you can try both EL or EB > > > > e.g. make -j16 TARGET=mips TARGET_ARCH=mips64el KERNCONF=MALTA64 buildkernel > > > > Ruslan > > > > On Thu, Sep 22, 2016 at 03:21:53PM +0000, Ruslan Bukin wrote: > >> Hi > >> > >> It reports nothing. Yes I use qemu: > >> /home/rb743/dev/qemu/qemu/build1/mips64-softmmu/qemu-system-mips64 -M malta -kernel ~/obj/mips.mips64/home/rb743/dev/freebsd-mips/sys/MALTA64/kernel -hda /home/rb743/world-mips64eb/mips64eb.img -nographic -smp 1 -cpu 5kf -net nic -net user -m 2048M -redir tcp:4022::22 > >> > >> Ruslan > >> > >> On Thu, Sep 22, 2016 at 05:11:07PM +0200, Mariusz Zaborski wrote: > >> > I tested it on the mips for Malta kernel and it's works fine. I will > >> > try to do it on mips64, are you using qemu to test it? > >> > What is ctrl + t reporting you? > >> > > >> > > >> > On 22 September 2016 at 16:56, Ruslan Bukin <ruslan.bukin@cl.cam.ac.uk> wrote: > >> > > May be. The next line should be > >> > > /etc/rc: WARNING: $hostname is not set -- see rc.conf(5). > >> > > > >> > > but it hangs before this line > >> > > > >> > > Ruslan > >> > > > >> > > On Thu, Sep 22, 2016 at 04:39:16PM +0200, Mariusz Zaborski wrote: > >> > >> Hi Ruslan, > >> > >> > >> > >> Does it hang on some network script? > >> > >> > >> > >> Thanks, > >> > >> Mariusz > >> > >> > >> > >> > >> > >> On 22 September 2016 at 16:34, Ruslan Bukin <ruslan.bukin@cl.cam.ac.uk> wrote: > >> > >> > Hi Mariusz > >> > >> > > >> > >> > my MIPS64EB kernel stops booting with this > >> > >> > > >> > >> > somewhere here: > >> > >> > [...] > >> > >> > Starting file system checks: > >> > >> > /dev/ada0: 20369 files, 794696 used, 7573573 free (933 frags, 946580 blocks, 0.0% fragmentation) > >> > >> > Mounting local filesystems:. > >> > >> > ELF ldconfig path: /lib /usr/lib /usr/lib/compat > >> > >> > random: unblocking device. > >> > >> > > >> > >> > any idea ? (should I rebuild something?) > >> > >> > > >> > >> > thanks! > >> > >> > > >> > >> > Ruslan > >> > >> > > >> > >> > On Thu, Sep 22, 2016 at 09:58:46AM +0000, Mariusz Zaborski wrote: > >> > >> >> Author: oshogbo > >> > >> >> Date: Thu Sep 22 09:58:46 2016 > >> > >> >> New Revision: 306174 > >> > >> >> URL: https://svnweb.freebsd.org/changeset/base/306174 > >> > >> >> > >> > >> >> Log: > >> > >> >> capsicum: propagate rights on accept(2) > >> > >> >> > >> > >> >> Descriptor returned by accept(2) should inherits capabilities rights from > >> > >> >> the listening socket. > >> > >> >> > >> > >> >> PR: 201052 > >> > >> >> Reviewed by: emaste, jonathan > >> > >> >> Discussed with: many > >> > >> >> Differential Revision: https://reviews.freebsd.org/D7724 > >> > >> >> > >> > >> >> Modified: > >> > >> >> head/sys/compat/cloudabi/cloudabi_sock.c > >> > >> >> head/sys/compat/linux/linux_socket.c > >> > >> >> head/sys/kern/kern_sendfile.c > >> > >> >> head/sys/kern/uipc_syscalls.c > >> > >> >> head/sys/netinet/sctp_syscalls.c > >> > >> >> head/sys/sys/socketvar.h > >> > >> >> > >> > >> >> Modified: head/sys/compat/cloudabi/cloudabi_sock.c > >> > >> >> ============================================================================== > >> > >> >> --- head/sys/compat/cloudabi/cloudabi_sock.c Thu Sep 22 09:33:22 2016 (r306173) > >> > >> >> +++ head/sys/compat/cloudabi/cloudabi_sock.c Thu Sep 22 09:58:46 2016 (r306174) > >> > >> >> @@ -210,7 +210,7 @@ cloudabi_sys_sock_stat_get(struct thread > >> > >> >> int error; > >> > >> >> > >> > >> >> error = getsock_cap(td, uap->sock, cap_rights_init(&rights, > >> > >> >> - CAP_GETSOCKOPT, CAP_GETPEERNAME, CAP_GETSOCKNAME), &fp, NULL); > >> > >> >> + CAP_GETSOCKOPT, CAP_GETPEERNAME, CAP_GETSOCKNAME), &fp, NULL, NULL); > >> > >> >> if (error != 0) > >> > >> >> return (error); > >> > >> >> so = fp->f_data; > >> > >> >> > >> > >> >> Modified: head/sys/compat/linux/linux_socket.c > >> > >> >> ============================================================================== > >> > >> >> --- head/sys/compat/linux/linux_socket.c Thu Sep 22 09:33:22 2016 (r306173) > >> > >> >> +++ head/sys/compat/linux/linux_socket.c Thu Sep 22 09:58:46 2016 (r306174) > >> > >> >> @@ -855,7 +855,7 @@ linux_accept_common(struct thread *td, i > >> > >> >> if (error == EFAULT && namelen != sizeof(struct sockaddr_in)) > >> > >> >> return (EINVAL); > >> > >> >> if (error == EINVAL) { > >> > >> >> - error1 = getsock_cap(td, s, &rights, &fp, NULL); > >> > >> >> + error1 = getsock_cap(td, s, &rights, &fp, NULL, NULL); > >> > >> >> if (error1 != 0) > >> > >> >> return (error1); > >> > >> >> so = fp->f_data; > >> > >> >> > >> > >> >> Modified: head/sys/kern/kern_sendfile.c > >> > >> >> ============================================================================== > >> > >> >> --- head/sys/kern/kern_sendfile.c Thu Sep 22 09:33:22 2016 (r306173) > >> > >> >> +++ head/sys/kern/kern_sendfile.c Thu Sep 22 09:58:46 2016 (r306174) > >> > >> >> @@ -502,7 +502,7 @@ sendfile_getsock(struct thread *td, int > >> > >> >> * The socket must be a stream socket and connected. > >> > >> >> */ > >> > >> >> error = getsock_cap(td, s, cap_rights_init(&rights, CAP_SEND), > >> > >> >> - sock_fp, NULL); > >> > >> >> + sock_fp, NULL, NULL); > >> > >> >> if (error != 0) > >> > >> >> return (error); > >> > >> >> *so = (*sock_fp)->f_data; > >> > >> >> > >> > >> >> Modified: head/sys/kern/uipc_syscalls.c > >> > >> >> ============================================================================== > >> > >> >> --- head/sys/kern/uipc_syscalls.c Thu Sep 22 09:33:22 2016 (r306173) > >> > >> >> +++ head/sys/kern/uipc_syscalls.c Thu Sep 22 09:58:46 2016 (r306174) > >> > >> >> @@ -89,20 +89,23 @@ static int sockargs(struct mbuf **, char > >> > >> >> /* > >> > >> >> * Convert a user file descriptor to a kernel file entry and check if required > >> > >> >> * capability rights are present. > >> > >> >> + * If required copy of current set of capability rights is returned. > >> > >> >> * A reference on the file entry is held upon returning. > >> > >> >> */ > >> > >> >> int > >> > >> >> getsock_cap(struct thread *td, int fd, cap_rights_t *rightsp, > >> > >> >> - struct file **fpp, u_int *fflagp) > >> > >> >> + struct file **fpp, u_int *fflagp, struct filecaps *havecapsp) > >> > >> >> { > >> > >> >> struct file *fp; > >> > >> >> int error; > >> > >> >> > >> > >> >> - error = fget_unlocked(td->td_proc->p_fd, fd, rightsp, &fp, NULL); > >> > >> >> + error = fget_cap(td, fd, rightsp, &fp, havecapsp); > >> > >> >> if (error != 0) > >> > >> >> return (error); > >> > >> >> if (fp->f_type != DTYPE_SOCKET) { > >> > >> >> fdrop(fp, td); > >> > >> >> + if (havecapsp != NULL) > >> > >> >> + filecaps_free(havecapsp); > >> > >> >> return (ENOTSOCK); > >> > >> >> } > >> > >> >> if (fflagp != NULL) > >> > >> >> @@ -188,7 +191,7 @@ kern_bindat(struct thread *td, int dirfd > >> > >> >> AUDIT_ARG_FD(fd); > >> > >> >> AUDIT_ARG_SOCKADDR(td, dirfd, sa); > >> > >> >> error = getsock_cap(td, fd, cap_rights_init(&rights, CAP_BIND), > >> > >> >> - &fp, NULL); > >> > >> >> + &fp, NULL, NULL); > >> > >> >> if (error != 0) > >> > >> >> return (error); > >> > >> >> so = fp->f_data; > >> > >> >> @@ -235,7 +238,7 @@ sys_listen(struct thread *td, struct lis > >> > >> >> > >> > >> >> AUDIT_ARG_FD(uap->s); > >> > >> >> error = getsock_cap(td, uap->s, cap_rights_init(&rights, CAP_LISTEN), > >> > >> >> - &fp, NULL); > >> > >> >> + &fp, NULL, NULL); > >> > >> >> if (error == 0) { > >> > >> >> so = fp->f_data; > >> > >> >> #ifdef MAC > >> > >> >> @@ -308,6 +311,7 @@ kern_accept4(struct thread *td, int s, s > >> > >> >> struct file *headfp, *nfp = NULL; > >> > >> >> struct sockaddr *sa = NULL; > >> > >> >> struct socket *head, *so; > >> > >> >> + struct filecaps fcaps; > >> > >> >> cap_rights_t rights; > >> > >> >> u_int fflag; > >> > >> >> pid_t pgid; > >> > >> >> @@ -318,7 +322,7 @@ kern_accept4(struct thread *td, int s, s > >> > >> >> > >> > >> >> AUDIT_ARG_FD(s); > >> > >> >> error = getsock_cap(td, s, cap_rights_init(&rights, CAP_ACCEPT), > >> > >> >> - &headfp, &fflag); > >> > >> >> + &headfp, &fflag, &fcaps); > >> > >> >> if (error != 0) > >> > >> >> return (error); > >> > >> >> head = headfp->f_data; > >> > >> >> @@ -331,7 +335,8 @@ kern_accept4(struct thread *td, int s, s > >> > >> >> if (error != 0) > >> > >> >> goto done; > >> > >> >> #endif > >> > >> >> - error = falloc(td, &nfp, &fd, (flags & SOCK_CLOEXEC) ? O_CLOEXEC : 0); > >> > >> >> + error = falloc_caps(td, &nfp, &fd, > >> > >> >> + (flags & SOCK_CLOEXEC) ? O_CLOEXEC : 0, &fcaps); > >> > >> >> if (error != 0) > >> > >> >> goto done; > >> > >> >> ACCEPT_LOCK(); > >> > >> >> @@ -440,6 +445,8 @@ noconnection: > >> > >> >> * a reference on nfp to the caller on success if they request it. > >> > >> >> */ > >> > >> >> done: > >> > >> >> + if (nfp == NULL) > >> > >> >> + filecaps_free(&fcaps); > >> > >> >> if (fp != NULL) { > >> > >> >> if (error == 0) { > >> > >> >> *fp = nfp; > >> > >> >> @@ -511,7 +518,7 @@ kern_connectat(struct thread *td, int di > >> > >> >> AUDIT_ARG_FD(fd); > >> > >> >> AUDIT_ARG_SOCKADDR(td, dirfd, sa); > >> > >> >> error = getsock_cap(td, fd, cap_rights_init(&rights, CAP_CONNECT), > >> > >> >> - &fp, NULL); > >> > >> >> + &fp, NULL, NULL); > >> > >> >> if (error != 0) > >> > >> >> return (error); > >> > >> >> so = fp->f_data; > >> > >> >> @@ -754,7 +761,7 @@ kern_sendit(struct thread *td, int s, st > >> > >> >> AUDIT_ARG_SOCKADDR(td, AT_FDCWD, mp->msg_name); > >> > >> >> cap_rights_set(&rights, CAP_CONNECT); > >> > >> >> } > >> > >> >> - error = getsock_cap(td, s, &rights, &fp, NULL); > >> > >> >> + error = getsock_cap(td, s, &rights, &fp, NULL, NULL); > >> > >> >> if (error != 0) > >> > >> >> return (error); > >> > >> >> so = (struct socket *)fp->f_data; > >> > >> >> @@ -923,7 +930,7 @@ kern_recvit(struct thread *td, int s, st > >> > >> >> > >> > >> >> AUDIT_ARG_FD(s); > >> > >> >> error = getsock_cap(td, s, cap_rights_init(&rights, CAP_RECV), > >> > >> >> - &fp, NULL); > >> > >> >> + &fp, NULL, NULL); > >> > >> >> if (error != 0) > >> > >> >> return (error); > >> > >> >> so = fp->f_data; > >> > >> >> @@ -1198,7 +1205,7 @@ sys_shutdown(struct thread *td, struct s > >> > >> >> > >> > >> >> AUDIT_ARG_FD(uap->s); > >> > >> >> error = getsock_cap(td, uap->s, cap_rights_init(&rights, CAP_SHUTDOWN), > >> > >> >> - &fp, NULL); > >> > >> >> + &fp, NULL, NULL); > >> > >> >> if (error == 0) { > >> > >> >> so = fp->f_data; > >> > >> >> error = soshutdown(so, uap->how); > >> > >> >> @@ -1257,7 +1264,7 @@ kern_setsockopt(struct thread *td, int s > >> > >> >> > >> > >> >> AUDIT_ARG_FD(s); > >> > >> >> error = getsock_cap(td, s, cap_rights_init(&rights, CAP_SETSOCKOPT), > >> > >> >> - &fp, NULL); > >> > >> >> + &fp, NULL, NULL); > >> > >> >> if (error == 0) { > >> > >> >> so = fp->f_data; > >> > >> >> error = sosetopt(so, &sopt); > >> > >> >> @@ -1323,7 +1330,7 @@ kern_getsockopt(struct thread *td, int s > >> > >> >> > >> > >> >> AUDIT_ARG_FD(s); > >> > >> >> error = getsock_cap(td, s, cap_rights_init(&rights, CAP_GETSOCKOPT), > >> > >> >> - &fp, NULL); > >> > >> >> + &fp, NULL, NULL); > >> > >> >> if (error == 0) { > >> > >> >> so = fp->f_data; > >> > >> >> error = sogetopt(so, &sopt); > >> > >> >> @@ -1376,7 +1383,7 @@ kern_getsockname(struct thread *td, int > >> > >> >> > >> > >> >> AUDIT_ARG_FD(fd); > >> > >> >> error = getsock_cap(td, fd, cap_rights_init(&rights, CAP_GETSOCKNAME), > >> > >> >> - &fp, NULL); > >> > >> >> + &fp, NULL, NULL); > >> > >> >> if (error != 0) > >> > >> >> return (error); > >> > >> >> so = fp->f_data; > >> > >> >> @@ -1463,7 +1470,7 @@ kern_getpeername(struct thread *td, int > >> > >> >> > >> > >> >> AUDIT_ARG_FD(fd); > >> > >> >> error = getsock_cap(td, fd, cap_rights_init(&rights, CAP_GETPEERNAME), > >> > >> >> - &fp, NULL); > >> > >> >> + &fp, NULL, NULL); > >> > >> >> if (error != 0) > >> > >> >> return (error); > >> > >> >> so = fp->f_data; > >> > >> >> > >> > >> >> Modified: head/sys/netinet/sctp_syscalls.c > >> > >> >> ============================================================================== > >> > >> >> --- head/sys/netinet/sctp_syscalls.c Thu Sep 22 09:33:22 2016 (r306173) > >> > >> >> +++ head/sys/netinet/sctp_syscalls.c Thu Sep 22 09:58:46 2016 (r306174) > >> > >> >> @@ -248,7 +248,7 @@ sys_sctp_generic_sendmsg (td, uap) > >> > >> >> } > >> > >> >> > >> > >> >> AUDIT_ARG_FD(uap->sd); > >> > >> >> - error = getsock_cap(td, uap->sd, &rights, &fp, NULL); > >> > >> >> + error = getsock_cap(td, uap->sd, &rights, &fp, NULL, NULL); > >> > >> >> if (error != 0) > >> > >> >> goto sctp_bad; > >> > >> >> #ifdef KTRACE > >> > >> >> @@ -361,7 +361,7 @@ sys_sctp_generic_sendmsg_iov(td, uap) > >> > >> >> } > >> > >> >> > >> > >> >> AUDIT_ARG_FD(uap->sd); > >> > >> >> - error = getsock_cap(td, uap->sd, &rights, &fp, NULL); > >> > >> >> + error = getsock_cap(td, uap->sd, &rights, &fp, NULL, NULL); > >> > >> >> if (error != 0) > >> > >> >> goto sctp_bad1; > >> > >> >> > >> > >> >> @@ -477,7 +477,7 @@ sys_sctp_generic_recvmsg(td, uap) > >> > >> >> > >> > >> >> AUDIT_ARG_FD(uap->sd); > >> > >> >> error = getsock_cap(td, uap->sd, cap_rights_init(&rights, CAP_RECV), > >> > >> >> - &fp, NULL); > >> > >> >> + &fp, NULL, NULL); > >> > >> >> if (error != 0) > >> > >> >> return (error); > >> > >> >> #ifdef COMPAT_FREEBSD32 > >> > >> >> > >> > >> >> Modified: head/sys/sys/socketvar.h > >> > >> >> ============================================================================== > >> > >> >> --- head/sys/sys/socketvar.h Thu Sep 22 09:33:22 2016 (r306173) > >> > >> >> +++ head/sys/sys/socketvar.h Thu Sep 22 09:58:46 2016 (r306174) > >> > >> >> @@ -321,6 +321,7 @@ extern u_long sb_max; > >> > >> >> extern so_gen_t so_gencnt; > >> > >> >> > >> > >> >> struct file; > >> > >> >> +struct filecaps; > >> > >> >> struct filedesc; > >> > >> >> struct mbuf; > >> > >> >> struct sockaddr; > >> > >> >> @@ -340,7 +341,7 @@ struct uio; > >> > >> >> */ > >> > >> >> int getsockaddr(struct sockaddr **namp, caddr_t uaddr, size_t len); > >> > >> >> int getsock_cap(struct thread *td, int fd, cap_rights_t *rightsp, > >> > >> >> - struct file **fpp, u_int *fflagp); > >> > >> >> + struct file **fpp, u_int *fflagp, struct filecaps *havecaps); > >> > >> >> void soabort(struct socket *so); > >> > >> >> int soaccept(struct socket *so, struct sockaddr **nam); > >> > >> >> void soaio_enqueue(struct task *task); > >> > >> >> > >> > > >> > diff --git a/sys/kern/kern_descrip.c b/sys/kern/kern_descrip.c > index 31072f1..47245e7 100644 > --- a/sys/kern/kern_descrip.c > +++ b/sys/kern/kern_descrip.c > @@ -2481,12 +2481,16 @@ int > fget_cap(struct thread *td, int fd, cap_rights_t *needrightsp, > struct file **fpp, struct filecaps *havecapsp) > { > - struct filedesc *fdp; > - struct file *fp; > + struct filedesc *fdp = td->td_proc->p_fd; > int error; > +#ifndef CAPABILITIES > + error = fget_unlocked(fdp, fd, needrightsp, fpp, NULL); > + if (error == 0 && havecapsp != NULL) > + filecaps_fill(havecapsp); > +#else > + struct file *fp; > seq_t seq; > > - fdp = td->td_proc->p_fd; > for (;;) { > error = fget_unlocked(fdp, fd, needrightsp, &fp, &seq); > if (error != 0) > @@ -2512,7 +2516,7 @@ get_locked: > FILEDESC_SLOCK(fdp); > error = fget_cap_locked(fdp, fd, needrightsp, fpp, havecapsp); > FILEDESC_SUNLOCK(fdp); > - > +#endif > return (error); > } >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160923074409.GA78520>