Date: Sat, 14 Nov 2020 23:56:29 +0100 From: Mateusz Guzik <mjguzik@gmail.com> To: Warner Losh <imp@bsdimp.com> Cc: Shawn Webb <shawn.webb@hardenedbsd.org>, src-committers <src-committers@freebsd.org>, svn-src-all <svn-src-all@freebsd.org>, svn-src-head <svn-src-head@freebsd.org> Subject: Re: svn commit: r367692 - head/sys/sys Message-ID: <CAGudoHHUAExwBNN7OXQ1BS9y-_ApDjYKEj84qSriAqLGiMO5Rg@mail.gmail.com> In-Reply-To: <CANCZdfoDZ1g%2BETja5j4zf5gj_3_y9aD_%2BuPdhuJ=jfwNZmxuvA@mail.gmail.com> References: <202011141920.0AEJKbpO050396@repo.freebsd.org> <20201114205036.tnxvwarsddmu4shz@mutt-hbsd> <CAGudoHGSxyVZAF%2BFF=LFR0pDkSbYd78Vo1xRYQnKo_hUPVhxgA@mail.gmail.com> <20201114205355.j2ejnhouipjr6yhk@mutt-hbsd> <CAGudoHEbHzJS3JBoqjX%2BXLeLotgKnxH2Mk-s9vxeC=B%2B3SEkqg@mail.gmail.com> <CANCZdfoDZ1g%2BETja5j4zf5gj_3_y9aD_%2BuPdhuJ=jfwNZmxuvA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
There are "KBI" breaking changes happening all the time and version bumps only sometimes happen. The build process already has infrastructure to rebuild all port kmods as well -- see PORTS_MODULES in make.conf(5) Perhaps it would be beneficial to add checking that the kernel is older than the to-be-loaded module and refuse otherwise. Can be overwritten by a loader.conf knob, then people who run into problems explicitly asked for it. But it's not clear to me if "older" should mean build date or revision or something else. Still, I suspect it will be mostly annoying to developers. Regardless, I have no intention to working on any of this. Maybe PORTS_MODULES is just not advertised enough. On 11/14/20, Warner Losh <imp@bsdimp.com> wrote: > true, but a version bump forces that and versions are cheap enough... > > Warner > > On Sat, Nov 14, 2020 at 1:58 PM Mateusz Guzik <mjguzik@gmail.com> wrote: > >> you are expected to recompile all your kernel modules every time you >> update head >> >> On 11/14/20, Shawn Webb <shawn.webb@hardenedbsd.org> wrote: >> > Are there any kernel modules (in base, in ports, or out-of-both-trees) >> > that access struct ucred? >> > >> > On Sat, Nov 14, 2020 at 09:51:47PM +0100, Mateusz Guzik wrote: >> >> I don't think so, it does not change any APIs >> >> >> >> On 11/14/20, Shawn Webb <shawn.webb@hardenedbsd.org> wrote: >> >> > On Sat, Nov 14, 2020 at 07:20:37PM +0000, Mateusz Guzik wrote: >> >> >> Author: mjg >> >> >> Date: Sat Nov 14 19:20:37 2020 >> >> >> New Revision: 367692 >> >> >> URL: https://svnweb.freebsd.org/changeset/base/367692 >> >> >> >> >> >> Log: >> >> >> cred: reorder cr_audit to be closer to the lock >> >> >> >> >> >> This makes cr_uid avoid sharing. >> >> >> >> >> >> Modified: >> >> >> head/sys/sys/ucred.h >> >> >> >> >> >> Modified: head/sys/sys/ucred.h >> >> >> >> ============================================================================== >> >> >> --- head/sys/sys/ucred.h Sat Nov 14 19:19:27 2020 (r367691) >> >> >> +++ head/sys/sys/ucred.h Sat Nov 14 19:20:37 2020 (r367692) >> >> >> @@ -63,6 +63,7 @@ struct ucred { >> >> >> struct mtx cr_mtx; >> >> >> u_int cr_ref; /* (c) reference count */ >> >> >> u_int cr_users; /* (c) proc + thread using this >> cred */ >> >> >> + struct auditinfo_addr cr_audit; /* Audit properties. */ >> >> >> #define cr_startcopy cr_uid >> >> >> uid_t cr_uid; /* effective user id */ >> >> >> uid_t cr_ruid; /* real user id */ >> >> >> @@ -78,7 +79,6 @@ struct ucred { >> >> >> void *cr_pspare2[2]; /* general use 2 */ >> >> >> #define cr_endcopy cr_label >> >> >> struct label *cr_label; /* MAC label */ >> >> >> - struct auditinfo_addr cr_audit; /* Audit properties. */ >> >> >> gid_t *cr_groups; /* groups */ >> >> >> int cr_agroups; /* Available groups */ >> >> >> gid_t cr_smallgroups[XU_NGROUPS]; /* storage for small >> groups */ >> >> > >> >> > Hey Mateusz, >> >> > >> >> > Since this changes KBI, does __FreeBSD_version need bumping? >> >> > >> >> > Thanks, >> >> > >> >> > -- >> >> > Shawn Webb >> >> > Cofounder / Security Engineer >> >> > HardenedBSD >> >> > >> >> > GPG Key ID: 0xFF2E67A277F8E1FA >> >> > GPG Key Fingerprint: D206 BB45 15E0 9C49 0CF9 3633 C85B 0AF8 AB23 >> 0FB2 >> >> > >> https://git-01.md.hardenedbsd.org/HardenedBSD/pubkeys/src/branch/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc >> >> > >> >> >> >> >> >> -- >> >> Mateusz Guzik <mjguzik gmail.com> >> > >> > -- >> > Shawn Webb >> > Cofounder / Security Engineer >> > HardenedBSD >> > >> > GPG Key ID: 0xFF2E67A277F8E1FA >> > GPG Key Fingerprint: D206 BB45 15E0 9C49 0CF9 3633 C85B 0AF8 AB23 0FB2 >> > >> https://git-01.md.hardenedbsd.org/HardenedBSD/pubkeys/src/branch/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc >> > >> >> >> -- >> Mateusz Guzik <mjguzik gmail.com> >> > -- Mateusz Guzik <mjguzik gmail.com>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAGudoHHUAExwBNN7OXQ1BS9y-_ApDjYKEj84qSriAqLGiMO5Rg>