From owner-freebsd-current@FreeBSD.ORG Fri Jun 1 09:35:58 2007 Return-Path: X-Original-To: current@FreeBSD.org Delivered-To: freebsd-current@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 286C916A468 for ; Fri, 1 Jun 2007 09:35:58 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42]) by mx1.freebsd.org (Postfix) with ESMTP id 0497A13C4B9 for ; Fri, 1 Jun 2007 09:35:58 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [209.31.154.41]) by cyrus.watson.org (Postfix) with ESMTP id B12E8473A0 for ; Fri, 1 Jun 2007 05:35:57 -0400 (EDT) Date: Fri, 1 Jun 2007 10:35:57 +0100 (BST) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: current@FreeBSD.org In-Reply-To: <20070601102516.Q77697@fledge.watson.org> Message-ID: <20070601103523.U77697@fledge.watson.org> References: <20070601102516.Q77697@fledge.watson.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: Subject: Re: Pending TrustedBSD stuff, etc. X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Jun 2007 09:35:58 -0000 On Fri, 1 Jun 2007, Robert Watson wrote: > On my TODO list still: This was supposed to go to re@, but current@ seems as reasonable a place to send it as any. Robert N M Watson Computer Laboratory University of Cambridge > > (1) Enable audit by default. Currently I'm working on an patch that moves > the > per-process audit state into the process credential, which both improves > audit performance for threaded apps, and also eliminates an extra memory > allocation per process fork. Once that's reviewed/tested, I'll do the > AUDIT enabled by default thing. > > (2) Finish eliminating SUSER_ALLOWJAIL. This is a purely syntactic patch in > that SUSER_ALLOWJAIL actually no longer does anything, but it touches a > significant percentage of kernel privilege checks, so requires careful > testing and review. This patch is in flight now also. > > (3) I might do one more minor OpenBSM import -- no real functional changes, > but documentation tweaks and cleanups, especially to the man pages. > > Things I would like to see happen, but may not get to: > > - For years, several of us have wanted to bump the System V IPC ABI to use > full-size uid's, etc. I laid the groundwork for this in 5.x by starting to > divorce the kernel and userspace data structures, but it's never happened. > We would provide binary system call compatibility to previous FreeBSD > versions, but because as the new API introduces new ABI system calls (etc) > it's somewhat disruptive, so can only happen on a major version number > change. > > - Peter Wemm has been talking about moving us to 64-bit inode numbers for > years; with the advent of very large file systems and their presumed > popularity over the coming 3-5 years, it would be really good to have this > in 7.0 or it will have to wait for 8.0. However, this is quite a > disruptive > change, as it requires package rebuilds, etc, and we're almost out of time. > > Robert N M Watson > Computer Laboratory > University of Cambridge >