From owner-freebsd-audit Tue Feb 20 17: 1:49 2001 Delivered-To: freebsd-audit@freebsd.org Received: from mail.gmx.net (mail.gmx.net [194.221.183.20]) by hub.freebsd.org (Postfix) with SMTP id 71EA537B401 for ; Tue, 20 Feb 2001 17:01:43 -0800 (PST) (envelope-from tmoestl@gmx.net) Received: (qmail 10850 invoked by uid 0); 21 Feb 2001 01:01:41 -0000 Received: from p3e9bc02a.dip.t-dialin.net (HELO forge.local) (62.155.192.42) by mail.gmx.net (mail08) with SMTP; 21 Feb 2001 01:01:41 -0000 Received: from tmm by forge.local with local (Exim 3.20 #1) id 14VNf1-0001E4-00 for ; Wed, 21 Feb 2001 02:01:39 +0100 Date: Wed, 21 Feb 2001 02:01:39 +0100 From: Thomas Moestl To: freebsd-audit@freebsd.org Subject: removing setgid kmem from pstat Message-ID: <20010221020139.A4016@crow.dom2ip.de> Mail-Followup-To: Thomas Moestl , freebsd-audit@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi, I have done yet another set of patches for setgid removal, this time for pstat. This change makes all options of pstat (except -v, see below) work with crash dumps via libkvm calls and with live kernels via sysctl. Note: pstat -v is broken (-v has been disabled for a while), so I did not care about any code needed for this option. Again, some kernel changes were needed. First of all, the kernel tty list as kept in kern/tty.c is used, so the drivers that did not register with this list (with ttyregister or ttymalloc) were changed to do so. Then, the kern.file and kern.ttys sysctls were changed - they now use a struct xfile or a struct xtty respectively that contain a little less information (for paranoia reasons) and are flat structures (previously, pointers were exported). I think there is no place where these where actually used save pstat and libkvm (see below). Because of the format change of the kern.file sysctl, I also had to change kvm_getfiles in libkvm. The output of this is quite different now (a simple array of struct xfile's), because less information is exported via the sysctl. Although I could spot no place where this was actually used, I guess a version number bump is needed. There is also a patch for nfsstat; this removes setgid install in the Makefile, and a comment and a little code no longer needed in the non-setgid case. nfsstat has apparently used sysctls on live kernels for years, and so setgid can be taken away without any real modifications. The new patches are at: - for pstat: http://www.tu-bs.de/~y0015675/pstat.diff - for nfsstat: http://www.tu-bs.de/~y0015675/nfsstat.diff - for libkvm: http://www.tu-bs.de/~y0015675/libkvm2.diff - for the kernel: http://www.tu-bs.de/~y0015675/sysctl6.diff The previously posted patches are at (please note that the iostat and sysctl5 patches have been updated since my last mail): http://www.tu-bs.de/~y0015675/vmstat.diff http://www.tu-bs.de/~y0015675/iostat.diff http://www.tu-bs.de/~y0015675/vinum.diff http://www.tu-bs.de/~y0015675/libdevstat.diff http://www.tu-bs.de/~y0015675/sysctl5.diff http://www.tu-bs.de/~y0015675/sysctl4.diff http://www.tu-bs.de/~y0015675/dmesg.diff http://www.tu-bs.de/~y0015675/sysctl3.diff http://www.tu-bs.de/~y0015675/systat.diff http://www.tu-bs.de/~y0015675/sysctl2.diff http://www.tu-bs.de/~y0015675/top.diff http://www.tu-bs.de/~y0015675/libkvm.diff http://www.tu-bs.de/~y0015675/sysctl.diff It would be nice if people with the respective hardware for the tty drivers I changed (dgb, rp, cy, stallion, rc) could give this patch a try (but please note that the new patches partly depend on the older ones, although this should only affect pstat). The changes are small, and I do not expect much problems. Please review and comment. - thomas To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message