From owner-freebsd-arch  Wed Apr 18 18:20:28 2001
Delivered-To: freebsd-arch@freebsd.org
Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16])
	by hub.freebsd.org (Postfix) with ESMTP id 32B0C37B42C
	for <arch@FreeBSD.ORG>; Wed, 18 Apr 2001 18:20:23 -0700 (PDT)
	(envelope-from bde@zeta.org.au)
Received: from bde.zeta.org.au (bde.zeta.org.au [203.2.228.102])
	by mailman.zeta.org.au (8.9.3/8.8.7) with ESMTP id LAA30760;
	Thu, 19 Apr 2001 11:20:12 +1000
Date: Thu, 19 Apr 2001 11:19:08 +1000 (EST)
From: Bruce Evans <bde@zeta.org.au>
X-Sender: bde@besplex.bde.org
To: Terry Lambert <tlambert@primenet.com>
Cc: Matt Dillon <dillon@earth.backplane.com>, arch@FreeBSD.ORG
Subject: Re: Found BAD BUG: squashed
In-Reply-To: <200104182323.QAA22635@usr07.primenet.com>
Message-ID: <Pine.BSF.4.21.0104191046120.5481-100000@besplex.bde.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Wed, 18 Apr 2001, Terry Lambert wrote:

> > :The cr_ref is an unsigned short, and ...

This was fixed in -current in:

    RCS file: /home/ncvs/src/sys/sys/ucred.h,v
    Working file: ucred.h
    head: 1.22
    ...
    ----------------------------
    revision 1.18
    date: 2000/11/27 00:09:16;  author: alfred;  state: Exp;  lines: +11 -3
    ucred system overhaul:
    ...
    4) expand the size of the refcount from a u_short to an u_int, by using
       shorts we might have an overflow.

    Glanced at by: jake
    ----------------------------

> > 
> >     Ahhh..  Excellent find Terry!
> > 
> >     Why do you want to cycle a new credential when the unsigned short
> >     ref count reaches 65535 (what you call the right fix) verses simply
> >     changing the ref count to an unsigned long (what you call the quick
> >     and dirty fix)?  That seems kinda reversed to me.

> Because my use is not the common use, and it bloats the cred
> structure to a non-4-byte boundary, which I thought might end
> up being problematic for some people.

Bloatage of struct ucred occurred in 4.4BSD when uid_t's and gid_t's
were changed from 16 bits to 32 bits.  "u_short cr_ref" is followed
by "uid_t cr_uid", so there are normally 2 bytes wasted after "cr_ref".
These bytes can used for larger reference counts without changing the
size of the struct, but not without breaking binary compatibility.
Fortunately, "cr_ref" is invalid in userland.

Bruce


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message