From owner-soc-status@FreeBSD.ORG Tue Jun 15 16:05:15 2010 Return-Path: Delivered-To: soc-status@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1FB7A106567A for ; Tue, 15 Jun 2010 16:05:15 +0000 (UTC) (envelope-from jhb@freebsd.org) Received: from cyrus.watson.org (cyrus.watson.org [65.122.17.42]) by mx1.freebsd.org (Postfix) with ESMTP id D00808FC0A for ; Tue, 15 Jun 2010 16:05:14 +0000 (UTC) Received: from bigwig.baldwin.cx (66.111.2.69.static.nyinternet.net [66.111.2.69]) by cyrus.watson.org (Postfix) with ESMTPSA id 8304F46C42; Tue, 15 Jun 2010 12:05:14 -0400 (EDT) Received: from jhbbsd.localnet (smtp.hudson-trading.com [209.249.190.9]) by bigwig.baldwin.cx (Postfix) with ESMTPSA id C11218A03C; Tue, 15 Jun 2010 12:05:13 -0400 (EDT) From: John Baldwin To: Alexander Leidinger Date: Tue, 15 Jun 2010 12:04:55 -0400 User-Agent: KMail/1.12.1 (FreeBSD/7.3-CBSD-20100217; KDE/4.3.1; amd64; ; ) References: <20100614151113.17a1c368@kibab.com> <201006150958.29782.jhb@freebsd.org> <20100615164806.1731241umjjyw2is@webmail.leidinger.net> In-Reply-To: <20100615164806.1731241umjjyw2is@webmail.leidinger.net> MIME-Version: 1.0 Content-Type: Text/Plain; charset="utf-8" Content-Transfer-Encoding: 7bit Message-Id: <201006151204.56034.jhb@freebsd.org> X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0.1 (bigwig.baldwin.cx); Tue, 15 Jun 2010 12:05:13 -0400 (EDT) X-Virus-Scanned: clamav-milter 0.95.1 at bigwig.baldwin.cx X-Virus-Status: Clean X-Spam-Status: No, score=-2.5 required=4.2 tests=AWL,BAYES_00 autolearn=ham version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on bigwig.baldwin.cx Cc: Ilya Bakulin , soc-status@freebsd.org Subject: Re: [Status update] sysctlreg project X-BeenThere: soc-status@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Summer of Code Status Reports and Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jun 2010 16:05:15 -0000 On Tuesday 15 June 2010 10:48:06 am Alexander Leidinger wrote: > Quoting John Baldwin (from Tue, 15 Jun 2010 09:58:29 -0400): > > > On Tuesday 15 June 2010 3:24:52 am Alexander Leidinger wrote: > >> Quoting John Baldwin (from Mon, 14 Jun 2010 16:36:02 > > -0400): > >> > >> > Hmmm, is this spoofing a desired feature? If so, perhaps it should > >> > be done in > >> > userland via environment options that affect the feature_present(3) API in > >> > libc? (In that case you would write a little feature_present(1) util that > >> > uses the userland API and use this instead of direct sysctls in ports, > > etc.) > >> > >> Kris listed spoofing (no mention if only "spoof-off" or also > >> "spoof-on", but for "spoof-on" when the feature is not present in the > >> kernel we can only come up with scenarios where it will hurt) as > >> desired for the ports collection. > >> > >> Regarding an userland utility: > >> 1) To be able to spoof-off a feature in a jail (from the host, not > >> inside the jail) without the possibility that the jail-root is able to > >> turn it on again, a feature_present(1)+env will not help much, you > >> need to do this in the kernel. > >> 2) With 1) in mind, why another tool for the ports to query the > >> status, sysctl is enough. > > > > If you wish to do 1) though it seems wrong to have to have the same spoof > > settings for the entire host. It would seem that you would want to have > > different feature sets in different jails. So far the env approach has been > > good enough for spoofing uname data for ports builds. I see no reason why it > > shouldn't be equally functional for feature test overrides for ports builds. > > I agree that the env approach is enough if it is 'just ports'. What is > your proposal? Just taking care about ports and forget about jails in > the GSoC project? Based on Kris's description on the project page, I believe that he is only interested in this for the ports build angle. They use env vars to fake the uname output so that a jail of an older version builds as if it was truly running the older version. To me this seems to fit well with that. Part of the problem with doing the spoofing in the kernel is that to do it right requires making the spoof values jail-aware. The simplest way to do this is to probably hook into vimage. However, that is quite a bit of work and complexity to handle non-ports cases that may never occur in practice. I think for now the focus should be on solving the ports case which can be done rather simply in userland. If in the future someone comes up with a practical use case for spoofing these values that the env vars does not solve, then this could be revisited. -- John Baldwin