From nobody Sat Mar 29 20:22:41 2025 X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ZQ832236jz5s2KS for ; Sat, 29 Mar 2025 20:22:54 +0000 (UTC) (envelope-from rick.macklem@gmail.com) Received: from mail-ed1-x532.google.com (mail-ed1-x532.google.com [IPv6:2a00:1450:4864:20::532]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4ZQ8316KBqz3mDF for ; Sat, 29 Mar 2025 20:22:53 +0000 (UTC) (envelope-from rick.macklem@gmail.com) Authentication-Results: mx1.freebsd.org; none Received: by mail-ed1-x532.google.com with SMTP id 4fb4d7f45d1cf-5e5e8274a74so5271907a12.1 for ; Sat, 29 Mar 2025 13:22:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1743279772; x=1743884572; darn=freebsd.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=FtpQ2pqSMEkUsZVhcjlum8cWPSNcHXLBOFpvTYztLmI=; b=ZhczQulpeIz/1ho/fiOA77oeKfDBSOBWZMqGwSeZeYdkp/mbs5G8l/tFznQkY9OWst 78ZFxs6er5+pUdYGznXjUOP1isaJfU+b+TVxTVB55VXYDXsDVRCHDfYN6Q+LnDDHuCA8 yqK/GjsHqjQM2G1b//QtUfQnv5l0ZORa+kQp+qyxLyynmc1aKLZjFuM9CF+HxrULELaj RT6tDyFB4n0b0g0vP5pAjri+bdggPfjoLP+ed5m0jXSYXz4G6BepfkPy210dJ9FmKfpL CKwp39RohPrcAkSjvDy8SN06MbOyBs4rc/Luuz28rInVtcN/AT8WoIbWZtmSA0V1aYwA gPuw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1743279772; x=1743884572; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=FtpQ2pqSMEkUsZVhcjlum8cWPSNcHXLBOFpvTYztLmI=; b=CFe4k51t/E5lazghAbQSlnhp2q7I4eetw0kWzVUzefUk+exRjrIxylt6OdmQv07ZKO 2vxldljO1U+nlnDKcqnq+Up0+i2cynTRQEUUCTlu5VEWgFUZdX3B6YjmHwIxa4nXUABF OUaxSI0ELfipNRa8vubruCYHU7iIgk/9pvvSP5lnIUfTvcvkE45YhGg+EXi0EodyJeHY hH2LdPo4MEBX5Dfd0L3E1JN0Xq9YgDK7BK7HizRsodjY9plxIVSZL5JgeqUtj7ptZNk3 jU8pGOxauX2XNVgmY/PWLeNMeCz7Kzpc6rFO3TZHF58KfiF+/GnYLKPe5J/e3wINpO6G g5qw== X-Forwarded-Encrypted: i=1; AJvYcCVr6sdpEG66BfmotGHpcczaEzHuw+yfIsWyMyn4lcOTP9eHNGIR66FpANHvyt4v7jAwt4UqF9B2H3HOZRDridc=@freebsd.org X-Gm-Message-State: AOJu0YxTrCN4nLXtWyyvHO1yw+sjuSR1GNegHSKZdyteotgEef7EyLRb tBwX/lFVLCml9mYPHebQsZXtLy2hDBdqao+ejmPLb7lPITgKPFxoOM1P7URWLfSWpe3MWSs95Bp MV7wOg26X8w++ddmxV/09IbNt2w== X-Gm-Gg: ASbGncvaRN+9lAogLNkqL4P6pDVzfeLxQ9jYPgCBD6pDcd1/1cqEj9PBkFMw5qutvFI F5Nsm3ub0SyUuWKCqpxhkjal0Pd157btzhgxkEq6KsGnxXPUVkqCMmaRC2Q6wqfbegorqKphyuG bgEXC5iRT/RZRKEPFylopELiqfXB4idckAeZsR5Hyqe6N6a54c7rXpjZtSRQ== X-Google-Smtp-Source: AGHT+IHb5OvtS4pJXa6azmoXna7oiPy48zOiOVvrHyHN3xliX5+B0qs7VxdqwSZ9t4knG22jbp5EVAwzBrQEO1XKCQI= X-Received: by 2002:a05:6402:2744:b0:5dc:74fd:abf1 with SMTP id 4fb4d7f45d1cf-5edfd0fd964mr3265040a12.15.1743279772035; Sat, 29 Mar 2025 13:22:52 -0700 (PDT) List-Id: Discussions about the use of FreeBSD-current List-Archive: https://lists.freebsd.org/archives/freebsd-current List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-current@FreeBSD.org MIME-Version: 1.0 References: <410014e4-75a6-4923-8f84-3935cab41c31@blastwave.org> <3dso3cojzxnylcfmpmgwzizp4omzpmnbfgz3zt5pvgeur4wss6@kblfkmtssebw> In-Reply-To: From: Rick Macklem Date: Sat, 29 Mar 2025 13:22:41 -0700 X-Gm-Features: AQ5f1JoTfAb6rjLcagjl-0ALzStOPFWhFJv4Mnm5kKw9XE3KQHOSwQD7W2VWvv0 Message-ID: Subject: Re: RFC: Solaris style extended attributes for FreeBSD To: Shawn Webb Cc: Dennis Clarke , freebsd-current@freebsd.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; TAGGED_FROM(0.00)[]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US] X-Rspamd-Queue-Id: 4ZQ8316KBqz3mDF X-Spamd-Bar: ---- On Sat, Mar 29, 2025 at 1:09=E2=80=AFPM Shawn Webb wrote: > > On Sat, Mar 29, 2025 at 01:04:08PM -0700, Rick Macklem wrote: > > On Sat, Mar 29, 2025 at 12:50=E2=80=AFPM Shawn Webb wrote: > > > > > > On Sat, Mar 29, 2025 at 12:39:02PM -0700, Rick Macklem wrote: > > > > > I had added filesystem extended attribute support to libarchive, = which > > > > > is what FreeBSD's tar(1) is based off of. I upstreamed that, so t= hat's > > > > > taken care of. FreeBSD's tar(1) has supported extended attributes > > > > > since 2020 (see libarchive PR 1409: > > > > > https://github.com/libarchive/libarchive/pull/1409) > > > > Ok, thanks for the info. If this stuff goes into FreeBSD, it probab= ly needs > > > > to be tweaked to use the different syscall API so that it can handl= e large > > > > attributes and maybe the attribute's mode. (someday, maybe?) > > > > > > I believe libarchive has been updated in FreeBSD since October 2020, > > > so the vendored libarchive in FreeBSD should already support it. But, > > > yeah, if FreeBSD makes changes to how extended attributes work, I or > > > someone else would need to update libarchive to account for that. > > > > > > Since HardenedBSD follows FreeBSD closely (we sync every six hours), = I > > > would probably volunteer to update the libarchive code. > > > > > > > > Just one data point here: HardenedBSD uses filesystem extended > > > > > attributes to toggle certain exploit mitigations on a per-applica= tion > > > > > basis. That's why we added support to libarchive: so we can ship > > > > > certain packages with exploit mitigations pre-toggled. > > > > Just curious. Does it use "system" or "user" attribute space? > > > > > > We use the system namespace, though the userland tool (hbsdcontrol) > > > was recently taught about the user namespace. The kernel side only > > > supports system namespace. So the user namespace support in > > > hbsdcontrol is somewhat meaningless. I do plan to eventually get to > > > the kernel side, but my TODO list continues growing. :-) > > Ok, this wouldn't be affected by the patches I've been doing, since the= y > > handle user space only. (system space will still work, but only via the > > extattr_XXX() APIs. > > Cool. I have another project that uses user namespaces: > https://git.hardenedbsd.org/shawn.webb/altfs > > AltFS is a fusefs driver that stores file payload in filesystem > extended attributes, using the user namespace. It only partially works > and again is bitten by more important items on my TODO list. It mainly > serves as a proof-of-concept for a weird data exfiltration technique. > Not at all meant for actual production use. > > Do you already have a patch for review in Phabric? I might want to add > myself to it so I can more easily keep informed. Not yet. I am still cleaning things up and testing. Also, there ahs not been much response related to the question "should this go in FreeBSD?". Dennis doesn't sounds like a "no" and the two posters on freebsd-hackers@ I assume are a"yes", but I haven't heard from anyone else. (Good technical comments, but not related to "should it be in FreeBSD?".) rick > > Thanks, > > -- > Shawn Webb > Cofounder / Security Engineer > HardenedBSD > > Tor-ified Signal: +1 303-901-1600 / shawn_webb_opsec.50 > https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/0= 3A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc