From owner-freebsd-hackers@FreeBSD.ORG Sun May 24 04:04:32 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 89E6D106566C for ; Sun, 24 May 2009 04:04:32 +0000 (UTC) (envelope-from bright@elvis.mu.org) Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by mx1.freebsd.org (Postfix) with ESMTP id 77E438FC12 for ; Sun, 24 May 2009 04:04:32 +0000 (UTC) (envelope-from bright@elvis.mu.org) Received: by elvis.mu.org (Postfix, from userid 1192) id 66CAA1A3C41; Sat, 23 May 2009 21:04:32 -0700 (PDT) Date: Sat, 23 May 2009 21:04:32 -0700 From: Alfred Perlstein To: Chuck Robey Message-ID: <20090524040432.GQ67847@elvis.mu.org> References: <4A11B893.1000808@telenix.org> <20090521003646.GS67847@elvis.mu.org> <4A15CE00.4040600@telenix.org> <20090522073130.GI67847@elvis.mu.org> <4A16B22C.6010201@telenix.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4A16B22C.6010201@telenix.org> User-Agent: Mutt/1.4.2.3i Cc: FreeBSD-Hackers Subject: Re: porting info for FreeBSD's kernel? X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 May 2009 04:04:32 -0000 * Chuck Robey [090522 07:09] wrote: > Alfred Perlstein wrote: > > I wouldn't sweat the compiler as much as the actual OS code, I think > > it should be relatively easy to trick the build to use an external > > compiler (ie, don't get caught up in the compiler bootstrap quagmire, > > leave that for later...) > > > > Anyhow, you're talking to someone that has studied, but not implemented > > a port, so take my advice with a few heaps of salt. :) > > > > Typically what people focus on is: > > > > 1) "how am I going to get the first line of dmesg to come up" > > 2) "how am I going to get to single user mode" > > 3) "multi user?" > > 4) cleanup of compiler and bootstrap issues. > > > > If you get sidetracked by #4, you can spend months doing that > > instead of just rolling with it when you get there. > > > > I'll admit it's not terribly hard to just get a foreign compiler to work, and > I've already gotten a version of gcc-4.3.1 jiggered. I was going to concentrate > next on cleaning up the compiler issue, which is why I wanted to get a > pronouncement on which way to go. If I simply try to duck as much of that > issue as possible, I can use the gcc-4.3.1 without huge problems. I can see > that fine ,,, BUT the next part, getting ghe booting working, that does seem to > be something which is necessary to do. How could U just duck out of that the > way I could easily do for the compiler? I mean, how could you cause the booting > to get fooled into thinking it was working? If you could give me an example of > any possible way to get past this issue, I'm willing to do as you request, if > only I could recognize the action you're asking me to take. Oh, I wasn't suggesting that you somehow fake up the loader part, you'll have to do that too! :) Perhaps a pre-step then should be: 0) get the loader working in some form. :>) > In the meantime (Until I understand what you're asking for) I'm rereading my > old Dragon book, so I can begin to understand what llvm is doing. From Sandeep > Patel, of llvm, btw, he tells me that the -A8 and -A9 work on llvm is going very > rapidly, and it may well be ready before we realize, so being able to push off > making the compiler decision is actually maybe quite agood thing to contemplate. you can really spend forever on this, again, unless you have a pressing need due to the compiler being completely broken, it's a bad idea to focus on cleanliness first. first work on getting it to boot, only stop if you hit a bug, don't "clean" or you'll never finish. again, this has only been my observation, I'm no porting OS master, but I have observed a few ports and my suggestions are what I've observed to have been the course of action of successful porters. I've also observed that whenever someone gets caught up in the details, they usually fail. good luck, -- - Alfred Perlstein From owner-freebsd-hackers@FreeBSD.ORG Sun May 24 10:26:19 2009 Return-Path: Delivered-To: freebsd-hackers@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C089C106564A; Sun, 24 May 2009 10:26:19 +0000 (UTC) (envelope-from nork@FreeBSD.org) Received: from sakura.ninth-nine.com (unknown [IPv6:2001:2f0:104:80a0:21b:78ff:fe37:f1cf]) by mx1.freebsd.org (Postfix) with ESMTP id 4D1E48FC14; Sun, 24 May 2009 10:26:19 +0000 (UTC) (envelope-from nork@FreeBSD.org) Received: from nadesico.ninth-nine.com (ns1.ninth-nine.com [219.127.74.121]) (authenticated bits=0) by sakura.ninth-nine.com (8.14.3/8.14.3/NinthNine) with ESMTP id n4OAQBoo059049; Sun, 24 May 2009 19:26:16 +0900 (JST) (envelope-from nork@FreeBSD.org) Date: Sun, 24 May 2009 19:26:11 +0900 From: Norikatsu Shigemura To: freebsd-hackers@FreeBSD.org Message-Id: <20090524192611.9becb1bc.nork@FreeBSD.org> X-Mailer: Sylpheed 2.6.0 (GTK+ 2.16.1; i386-portbld-freebsd8.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: imp@FreeBSD.org, freebsd-current@FreeBSD.org, freebsd-stable@FreeBSD.org Subject: [CFT] ssh/scp/ssh-add/ssh-agent/ssh-keygen on /rescue X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 May 2009 10:26:20 -0000 Hi. I wondered that ssh/scp (at least) was not in /rescue. They are the indispensable tools, and I also often use them in the emergency (single user mode). So I made a patch for src/rescue/rescue/Makefile and src/secure/usr.bin/scp/Makefile. Please review it. Changing point is: o Move some libraries to Common Libraries section. o Add ssh/scp/ssh-add/ssh-agent/ssh-keygen to /rescue member. o Cosmetics Change (labeled Common Libraries section). Sorry, this patch for 8-current. I'll try to MFC after kmacy's zfs/zpool support. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --- rescue/rescue/Makefile.orig 2009-05-23 11:30:38.830094000 +0900 +++ rescue/rescue/Makefile 2009-05-24 18:58:08.925195062 +0900 @@ -72,7 +72,7 @@ CRUNCH_PROGS_bin= cat chflags chio chmod cp date dd df echo \ ed expr getfacl hostname kenv kill ln ls mkdir mv \ pkill ps pwd realpath rm rmdir setfacl sh stty sync test -CRUNCH_LIBS+= -lcrypt -ledit -lkvm -ll -ltermcap -lutil +CRUNCH_LIBS+= -lcrypt -ledit -lkvm -ll -ltermcap # Additional options for specific programs CRUNCH_ALIAS_test= [ @@ -143,7 +143,7 @@ .if ${MK_ZFS} != "no" CRUNCH_LIBS+= -lzfs -lnvpair -luutil -lavl .endif -CRUNCH_LIBS+= -lgeom -lbsdxml -lkiconv -lmd -lreadline -lsbuf -lufs -lz +CRUNCH_LIBS+= -lgeom -lbsdxml -lkiconv -lreadline -lsbuf -lufs .if ${MACHINE_ARCH} == "i386" CRUNCH_PROGS_sbin+= bsdlabel sconfig fdisk @@ -206,13 +206,9 @@ CRUNCH_PROGS_usr.bin+= bzip2 CRUNCH_ALIAS_bzip2= bunzip2 bzcat -CRUNCH_LIBS+= -lbz2 CRUNCH_PROGS_usr.bin+= tar -CRUNCH_LIBS+= -larchive -lmd -.if ${MK_OPENSSL} != "no" -CRUNCH_LIBS+= -lcrypto -.endif +CRUNCH_LIBS+= -larchive CRUNCH_PROGS_usr.bin+= vi CRUNCH_ALIAS_vi= ex @@ -220,6 +216,25 @@ CRUNCH_PROGS_usr.bin+= id CRUNCH_ALIAS_id= groups whoami +.if ${MK_OPENSSL} != "no" && ${MK_OPENSSH} != "no" +CRUNCH_PROGS_usr.bin+= ssh +CRUNCH_PROGS_usr.bin+= scp +CRUNCH_BUILDOPTS_scp= BINDIR=${BINDIR} +CRUNCH_PROGS_usr.bin+= ssh-add +CRUNCH_PROGS_usr.bin+= ssh-agent +CRUNCH_PROGS_usr.bin+= ssh-keygen +CRUNCH_LIBS+= -lssh +.if ${MK_KERBEROS_SUPPORT} != "no" +CRUNCH_LIBS+= -lgssapi +.endif + +CRUNCH_SRCDIR_ssh= ${.CURDIR}/../../secure/usr.bin/ssh +CRUNCH_SRCDIR_scp= ${.CURDIR}/../../secure/usr.bin/scp +CRUNCH_SRCDIR_ssh-add= ${.CURDIR}/../../secure/usr.bin/ssh-add +CRUNCH_SRCDIR_ssh-agent= ${.CURDIR}/../../secure/usr.bin/ssh-agent +CRUNCH_SRCDIR_ssh-keygen= ${.CURDIR}/../../secure/usr.bin/ssh-keygen +.endif + ################################################################## # Programs from stock /usr/sbin # @@ -229,8 +244,14 @@ CRUNCH_PROGS_usr.sbin+= chown CRUNCH_ALIAS_chown= chgrp + ################################################################## -CRUNCH_LIBS+= -lm +# Common Libraries +# +.if ${MK_OPENSSL} != "no" +CRUNCH_LIBS+= -lcrypto +.endif +CRUNCH_LIBS+= -lmd -lutil -lbz2 -lz -lm ################################################################## # The following is pretty nearly a generic crunchgen-handling makefile --- secure/usr.bin/scp/Makefile.orig 2006-05-14 06:38:15.000000000 +0900 +++ secure/usr.bin/scp/Makefile 2009-05-24 15:39:20.594368170 +0900 @@ -1,7 +1,7 @@ # $FreeBSD: src/secure/usr.bin/scp/Makefile,v 1.16 2006/05/13 21:38:15 des Exp $ PROG= scp -CFLAGS+=-I${SSHDIR} -include ssh_namespace.h +CFLAGS+=-I${SSHDIR} -include ssh_namespace.h -D_PATH_SSH_PROGRAM='"${BINDIR}/ssh"' DPADD= ${LIBSSH} ${LIBCRYPT} ${LIBCRYPTO} ${LIBZ} LDADD= -lssh -lcrypt -lcrypto -lz - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - From owner-freebsd-hackers@FreeBSD.ORG Sun May 24 13:19:02 2009 Return-Path: Delivered-To: hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D01DE106566C for ; Sun, 24 May 2009 13:19:02 +0000 (UTC) (envelope-from James.McPherson@Sun.COM) Received: from sineb-mail-1.sun.com (sineb-mail-1.sun.com [192.18.19.6]) by mx1.freebsd.org (Postfix) with ESMTP id 504D08FC29 for ; Sun, 24 May 2009 13:19:02 +0000 (UTC) (envelope-from James.McPherson@Sun.COM) Received: from fe-apac-05.sun.com (fe-apac-05.sun.com [192.18.19.176] (may be forged)) by sineb-mail-1.sun.com (8.13.6+Sun/8.12.9) with ESMTP id n4ODIw6l022668 for ; Sun, 24 May 2009 13:19:01 GMT MIME-version: 1.0 Content-transfer-encoding: 7BIT Content-type: text/plain; CHARSET=US-ASCII Received: from conversion-daemon.mail-apac.sun.com by mail-apac.sun.com (Sun Java(tm) System Messaging Server 7u2-7.02 64bit (built Apr 16 2009)) id <0KK500700GPY2G00@mail-apac.sun.com> for hackers@freebsd.org; Sun, 24 May 2009 21:18:58 +0800 (SGT) Received: from blinder ([unknown] [220.157.71.44]) by mail-apac.sun.com (Sun Java(tm) System Messaging Server 7u2-7.02 64bit (built Apr 16 2009)) with ESMTPSA id <0KK5006L3GZFAV00@mail-apac.sun.com>; Sun, 24 May 2009 21:18:58 +0800 (SGT) Date: Sun, 24 May 2009 23:18:47 +1000 From: "James C. McPherson" Sender: James.McPherson@Sun.COM To: Undisclosed recipients: ; Message-id: <20090524231847.00006275@blinder> Organization: Sun Microsystems X-Mailer: Claws Mail 3.7.0 (GTK+ 2.16.1; i386-pc-solaris2.11) X-Mailman-Approved-At: Sun, 24 May 2009 13:26:13 +0000 Subject: Kernel Conference Australia 2009 - one week to go for earlybird registrations X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 May 2009 13:19:03 -0000 Dear friends and colleagues, just a quick note that if you were thinking about coming to Kernel Conference Austalia, then you should register without delay - the earlybird price of $195 expires on the 31st of May. That's this coming Sunday! The registration site is here: https://www.conveneit.com/secure/sun/kernel_jul_09/ In addition to our most excellent keynote speakers Jeff Bonwick, Bill Moore and Max Alt, you can meet, listen to and learn from Fernando Gont Results of a Security Assessment of Common Implementation Strategies of the TCP and IP Protocols Henning Brauer (OpenBSD) Faster Packets: Performance Tuning in the OpenBSD Network Stack and PF Gavin Maltby (Sun Microsystems) Hardware & Software Fault Management Architecture Pawel Dawidek (FreeBSD) GEOM - The FreeBSD way of handling storage John Sonnenschein (Sun Microsystems) Driver and Filesystem Development with the Solaris and OpenSolaris DDI/DKI David Gwynne (University of Queensland) MCLGETI: Effective Network Livelock Mitigation and More Cristina Cifuentes (Sun Microsystems) Finding Bugs in Open Source Kernels Using Parfait Sherry Moore (Sun Microsystems) Fast reboot support (and more) for OpenSolaris Max Bruning (Bruning Systems) Porting USB HID Device Drivers Between Linux and OpenSolaris James Morris (Red Hat) Linux Kernel Security Overview Percy Pari-Salas (Bond University) Automated Testing of OpenSolaris Vivek Joshi (Sun Microsystems) Porting OpenSolaris across architectures Jayakara Kini (Sun Microsystems) Crossbow for OpenSolaris Developers Garrett D'Amore (Sun Microsystems) Boomer: the new OpenSolaris audio system Pramod Batni (Sun Microsystems) Debugging and Diagnosing Interesting Kernel Problems Stewart Smith (Sun Microsystems) (Ab)use the Kernel: what a database server can do to your kernel The registration site is here: https://www.conveneit.com/secure/sun/kernel_jul_09/ I look forward to seeing you at Kernel Conference Australia Best regards, James C. McPherson -- Senior Kernel Software Engineer, Solaris Sun Microsystems http://blogs.sun.com/jmcp http://www.jmcp.homeunix.com/blog Kernel Conference Australia - http://au.sun.com/sunnews/events/2009/kernel From owner-freebsd-hackers@FreeBSD.ORG Mon May 25 08:58:07 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7C34D1065670 for ; Mon, 25 May 2009 08:58:07 +0000 (UTC) (envelope-from rodrigo@bebik.net) Received: from smtpfb1-g21.free.fr (smtpfb1-g21.free.fr [212.27.42.9]) by mx1.freebsd.org (Postfix) with ESMTP id D5E338FC1D for ; Mon, 25 May 2009 08:58:05 +0000 (UTC) (envelope-from rodrigo@bebik.net) Received: from smtp6-g21.free.fr (smtp6-g21.free.fr [212.27.42.6]) by smtpfb1-g21.free.fr (Postfix) with ESMTP id 3A0AA2E310 for ; Mon, 25 May 2009 10:38:53 +0200 (CEST) Received: from smtp6-g21.free.fr (localhost [127.0.0.1]) by smtp6-g21.free.fr (Postfix) with ESMTP id 59417E0811B for ; Mon, 25 May 2009 10:38:47 +0200 (CEST) Received: from hodja.bebik.net (hodja.bebik.net [82.235.223.127]) by smtp6-g21.free.fr (Postfix) with ESMTP id 78691E080DF for ; Mon, 25 May 2009 10:38:45 +0200 (CEST) Received: by hodja.bebik.net (Postfix, from userid 1001) id 634912847F; Mon, 25 May 2009 10:38:45 +0200 (CEST) Date: Mon, 25 May 2009 10:38:45 +0200 From: "Rodrigo OSORIO (ros)" To: freebsd-hackers@freebsd.org Message-ID: <20090525083845.GA95406@hodja.bebik.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.2i Subject: improve my USB knowledge X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 May 2009 08:58:07 -0000 Hi fellow hackers, This weekend I try to increase my knowledge about USB devices - I start from 0 - playing with one of this funny low cost USB gadgets. I read few articles about writing USB drivers, specially the Linux USB development guide, and I want to know if there is others (BSD related) articles or documents I can/must read. FYI, I work with the new USB stack in 8-CURRENT. regards, Rodrigo OSORIO From owner-freebsd-hackers@FreeBSD.ORG Mon May 25 11:40:47 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7538D10656F1 for ; Mon, 25 May 2009 11:40:47 +0000 (UTC) (envelope-from hselasky@c2i.net) Received: from swip.net (mailfe14.swipnet.se [212.247.155.161]) by mx1.freebsd.org (Postfix) with ESMTP id 08DEE8FC16 for ; Mon, 25 May 2009 11:40:46 +0000 (UTC) (envelope-from hselasky@c2i.net) X-Cloudmark-Score: 0.000000 [] X-Cloudmark-Analysis: v=1.0 c=1 a=j+k/Ze5hWUCaCztCgEjzDQ==:17 a=BwWTiKGVVWln0oj1wRgA:9 a=6Sr2RZelOs0eywLZLu4A:7 a=2SvVlP7qaeryf-qMfv4BE5MCk-MA:4 Received: from [81.191.55.181] (account mc467741@c2i.net HELO laptop) by mailfe14.swip.net (CommuniGate Pro SMTP 5.2.13) with ESMTPA id 504236252; Mon, 25 May 2009 13:40:44 +0200 From: Hans Petter Selasky To: freebsd-hackers@freebsd.org Date: Mon, 25 May 2009 13:44:45 +0200 User-Agent: KMail/1.9.7 References: <20090525083845.GA95406@hodja.bebik.net> In-Reply-To: <20090525083845.GA95406@hodja.bebik.net> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200905251344.46530.hselasky@c2i.net> Cc: "Rodrigo OSORIO \(ros\)" Subject: Re: improve my USB knowledge X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 May 2009 11:40:48 -0000 On Monday 25 May 2009, Rodrigo OSORIO (ros) wrote: > Hi fellow hackers, > > This weekend I try to increase my knowledge about USB devices - I start > from 0 - playing with one of this funny low cost USB gadgets. > I read few articles about writing USB drivers, specially the Linux USB > development guide, and I want to know if there is others (BSD related) > articles or documents I can/must read. FYI, I work with the new USB stack > in 8-CURRENT. > Hi, Maybe a good starting point would be usbconfig utility and the do_request command, which allows you to control your gadget through the control endpoint. Else there is the manpages: man libusb man usb --HPS From owner-freebsd-hackers@FreeBSD.ORG Mon May 25 13:10:40 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 878611065674 for ; Mon, 25 May 2009 13:10:40 +0000 (UTC) (envelope-from laladelausanne@gmail.com) Received: from mail-ew0-f159.google.com (mail-ew0-f159.google.com [209.85.219.159]) by mx1.freebsd.org (Postfix) with ESMTP id 1410E8FC1A for ; Mon, 25 May 2009 13:10:39 +0000 (UTC) (envelope-from laladelausanne@gmail.com) Received: by ewy3 with SMTP id 3so3160480ewy.43 for ; Mon, 25 May 2009 06:10:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:from:to :content-type:content-transfer-encoding:mime-version:subject:date :x-mailer; bh=ZYi0l5OwgRhp7VkvzpnsEGasKmsyLpeZGzQfj1Wdm1U=; b=jADD7TJUNGQzloe27SbIZ4hBjcczOpSQMfgvtzM1TTZDBV3Bb/52aDGvbCEFlbPOZo /roRS/jblq53MtwL+JQ6/Ht8M3wQk2ktue8KKBfLtEq8XgKEqr8mfASGCRc922MGfh/r mC2qitabUunQ1gZJ3gJ0pVa2KfqLxwwPQueaI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:from:to:content-type:content-transfer-encoding :mime-version:subject:date:x-mailer; b=qo2i8vxeCQbaWmH30ZkkzRQuP/f2WqhXbxSaf4Y3ZbLy8fSxhFEto4PHmy+JW9UfQE 6+E19hZgSRQbXfnCu2fJTEThVbN+1VhJfBbbEk5Wz9ITAAwIMpoBxOYRpMzkirlVeey7 k+TwsxG4Ys97H47oGXcARZ1BfdBC/zfftJaVQ= Received: by 10.216.1.202 with SMTP id 52mr1766083wed.15.1243255126255; Mon, 25 May 2009 05:38:46 -0700 (PDT) Received: from nslpc5.epfl.ch (nslpc5.epfl.ch [128.178.149.20]) by mx.google.com with ESMTPS id 10sm2581034eyd.42.2009.05.25.05.38.45 (version=TLSv1/SSLv3 cipher=RC4-MD5); Mon, 25 May 2009 05:38:45 -0700 (PDT) Message-Id: <5736C5AC-F5EC-4708-8815-1747A55AF81C@gmail.com> From: =?UTF-8?Q?Nikola_Kne=C5=BEevi=C4=87?= To: freebsd-hackers@freebsd.org Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v935.3) Date: Mon, 25 May 2009 14:38:44 +0200 X-Mailer: Apple Mail (2.935.3) Subject: How to visualize cache misses with pmc X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 May 2009 13:10:40 -0000 Hi, During the tuning of my system, I was using pmc(3) to get various counters. Most important was the number of retired instructions, which helped me to discover some bottlenecks. However, I now need to get L2 cache misses, which I do by running: sudo pmcstat -S L2_LD -O /tmp/sample.out and then run my module with its workload. At the end, I have the output in /tmp/sample.out. However, I don't know how to get that data to anything useful, as gprof output is not very meaningful. Any thoughts, hints, best practices? Cheers, Nikola From owner-freebsd-hackers@FreeBSD.ORG Mon May 25 13:34:32 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A637710656BE for ; Mon, 25 May 2009 13:34:32 +0000 (UTC) (envelope-from doconnor@gsoft.com.au) Received: from cain.gsoft.com.au (cain.gsoft.com.au [203.31.81.10]) by mx1.freebsd.org (Postfix) with ESMTP id 16F488FC15 for ; Mon, 25 May 2009 13:34:31 +0000 (UTC) (envelope-from doconnor@gsoft.com.au) Received: from inchoate.gsoft.com.au (ppp121-45-217-173.lns11.adl2.internode.on.net [121.45.217.173]) (authenticated bits=0) by cain.gsoft.com.au (8.13.8/8.13.8) with ESMTP id n4PDYMuK008923 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Mon, 25 May 2009 23:04:22 +0930 (CST) (envelope-from doconnor@gsoft.com.au) From: "Daniel O'Connor" To: freebsd-hackers@freebsd.org Date: Mon, 25 May 2009 23:03:04 +0930 User-Agent: KMail/1.9.10 References: <20090525083845.GA95406@hodja.bebik.net> In-Reply-To: <20090525083845.GA95406@hodja.bebik.net> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart1327523.3dt0pfBtOI"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200905252304.19081.doconnor@gsoft.com.au> X-Spam-Score: -1.21 () AWL,BAYES_00,RDNS_DYNAMIC X-Scanned-By: MIMEDefang 2.63 on 203.31.81.10 Cc: "Rodrigo OSORIO \(ros\)" Subject: Re: improve my USB knowledge X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 May 2009 13:34:33 -0000 --nextPart1327523.3dt0pfBtOI Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Mon, 25 May 2009, Rodrigo OSORIO (ros) wrote: > This weekend I try to increase my knowledge about USB devices - I > start from 0 - playing with one of this funny low cost USB gadgets. > I read few articles about writing USB drivers, specially the Linux > USB development guide, and I want to know if there is others (BSD > related) articles or documents I can/must read. FYI, I work with the > new USB stack in 8-CURRENT. libusb is moderately horrible but you can do stuff with it, I wrote a=20 driver for a USB TMC device in Python in an iterative fashion with the=20 pyusb port. =2D-=20 Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C --nextPart1327523.3dt0pfBtOI Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (FreeBSD) iD8DBQBKGp5b5ZPcIHs/zowRAoIAAJ9sINXJ/4v1sKz+uF9jXusORdGhvgCdG3qP v6mUmvmMBjmydtkiL0pAwpg= =RvV0 -----END PGP SIGNATURE----- --nextPart1327523.3dt0pfBtOI-- From owner-freebsd-hackers@FreeBSD.ORG Mon May 25 17:57:40 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 96EA1106564A for ; Mon, 25 May 2009 17:57:40 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outC.internet-mail-service.net (outc.internet-mail-service.net [216.240.47.226]) by mx1.freebsd.org (Postfix) with ESMTP id 7FD9D8FC2F for ; Mon, 25 May 2009 17:57:40 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 2ED13B9859; Mon, 25 May 2009 10:57:40 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id D9EF32D600E; Mon, 25 May 2009 10:57:39 -0700 (PDT) Message-ID: <4A1ADC13.2060702@elischer.org> Date: Mon, 25 May 2009 10:57:39 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.21 (Macintosh/20090302) MIME-Version: 1.0 To: "Rodrigo OSORIO (ros)" References: <20090525083845.GA95406@hodja.bebik.net> In-Reply-To: <20090525083845.GA95406@hodja.bebik.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-hackers@freebsd.org Subject: Re: improve my USB knowledge X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 May 2009 17:57:41 -0000 Rodrigo OSORIO (ros) wrote: > Hi fellow hackers, > > This weekend I try to increase my knowledge about USB devices - I start from 0 - > playing with one of this funny low cost USB gadgets. > I read few articles about writing USB drivers, specially the Linux USB > development guide, and I want to know if there is others (BSD related) > articles or documents I can/must read. FYI, I work with the new USB stack in 8-CURRENT. > > regards, > Rodrigo OSORIO > > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" I highly recommend that you rad the mindshare USB book. From owner-freebsd-hackers@FreeBSD.ORG Tue May 26 03:33:34 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0514F1065673 for ; Tue, 26 May 2009 03:33:34 +0000 (UTC) (envelope-from hiyorin@gmail.com) Received: from mail-pz0-f105.google.com (mail-pz0-f105.google.com [209.85.222.105]) by mx1.freebsd.org (Postfix) with ESMTP id CB4408FC17 for ; Tue, 26 May 2009 03:33:33 +0000 (UTC) (envelope-from hiyorin@gmail.com) Received: by pzk3 with SMTP id 3so3061310pzk.3 for ; Mon, 25 May 2009 20:33:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:content-type :content-transfer-encoding; bh=9xwijdRBIk3d8uBjLrh1VJe44b1hq1ZFHHEDXaiVPtc=; b=NsWHPx6kmipChyxkga2yrnN7VImSPM1KAQNXolPkj2nfA7dKcFYcdZGTLJX1hCxoJu lWi9Sek8ZYFYVFipod+ROqSJWliRL/C+RM/58h265YM1OZjG+giO5uPJt6j4Nj3ZY5zJ lpek/n66eC0ISDqPRVI9+9Z9oOYtxYg1dlQnE= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding; b=chX1bkua6J+fmzLBI5ixnrGsmE9IAsIAjeARKwtwWZ1wbKwcfG2S37TLTPecixak9i Xhqnr4SScyUl1SNSYMDm0vr/jaUHzID9ZC+gTYEbYMLto0ZdAXJkqMUwDK9gVSZQd9w2 WY8cjTwtgii/4lg7110P2yBAjlEDyYju8UxXQ= Received: by 10.114.134.1 with SMTP id h1mr16409470wad.47.1243306883879; Mon, 25 May 2009 20:01:23 -0700 (PDT) Received: from ?10.130.10.181? ([202.82.159.125]) by mx.google.com with ESMTPS id b39sm12201091rvf.1.2009.05.25.20.01.22 (version=TLSv1/SSLv3 cipher=RC4-MD5); Mon, 25 May 2009 20:01:23 -0700 (PDT) Message-ID: <4A1B5B80.1070207@gmail.com> Date: Tue, 26 May 2009 11:01:20 +0800 From: "C. C. Tang" User-Agent: Thunderbird 2.0.0.21 (Windows/20090302) MIME-Version: 1.0 To: freebsd-hackers@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Random(?) Fatal trap 12 in Freebsd 7.2 release X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2009 03:33:34 -0000 Sorry for my bad english. I am having a FreeBSD with Atom processor. It was running for 3 months without any panic when it is 7.1 release. After I upgraded it to 7.2 release weeks ago, it seems fine but it starts to have panic several days ago. The machine will sometimes panic without a heavy load(at least it is not in its peak load but usually it will panic at the time everybody is using it.) I would be grateful if anyone can help me to figure out what is the real problem... uname -a: FreeBSD xxxx 7.2-RELEASE FreeBSD 7.2-RELEASE #0: Fri May 1 08:49:13 UTC 2009 root@walker.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386 dmesg: Copyright (c) 1992-2009 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD is a registered trademark of The FreeBSD Foundation. FreeBSD 7.2-RELEASE #0: Fri May 1 08:49:13 UTC 2009 root@walker.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC Timecounter "i8254" frequency 1193182 Hz quality 0 CPU: Intel(R) Atom(TM) CPU 330 @ 1.60GHz (1618.46-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0x106c2 Stepping = 2 Features=0xbfe9fbff Features2=0x40e31d> AMD Features=0x20100000 AMD Features2=0x1 Cores per package: 2 Logical CPUs per core: 2 real memory = 2137391104 (2038 MB) avail memory = 2081775616 (1985 MB) ACPI APIC Table: FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs cpu0 (BSP): APIC ID: 0 cpu1 (AP/HT): APIC ID: 1 cpu2 (AP): APIC ID: 2 cpu3 (AP/HT): APIC ID: 3 ioapic0: Changing APIC ID to 2 ioapic0 irqs 0-23 on motherboard kbd1 at kbdmux0 acpi0: on motherboard acpi0: [ITHREAD] acpi0: Power Button (fixed) Timecounter "ACPI-fast" frequency 3579545 Hz quality 1000 acpi_timer0: <24-bit timer at 3.579545MHz> port 0x408-0x40b on acpi0 acpi_hpet0: iomem 0xfed00000-0xfed003ff on acpi0 Timecounter "HPET" frequency 14318180 Hz quality 900 acpi_button0: on acpi0 pcib0: port 0xcf8-0xcff on acpi0 pci0: on pcib0 vgapci0: port 0x30e0-0x30e7 mem 0x90300000-0x9037ffff,0x80000000-0x8fffffff,0x90380000-0x903bffff irq 16 at device 2.0 on pci0 agp0: on vgapci0 agp0: detected 7932k stolen memory agp0: aperture size is 256M pci0: at device 27.0 (no driver attached) pcib1: at device 28.0 on pci0 pci1: on pcib1 re0: port 0x2000-0x20ff mem 0x90200000-0x90200fff,0x90000000-0x9000ffff irq 16 at device 0.0 on pci1 re0: Using 1 MSI messages re0: Chip rev. 0x3c000000 re0: MAC rev. 0x00400000 miibus0: on re0 rgephy0: PHY 1 on miibus0 rgephy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-FDX, auto re0: Ethernet address: 00:1c:c0:a8:f3:73 re0: [FILTER] pcib2: at device 28.2 on pci0 pci2: on pcib2 pcib3: at device 28.3 on pci0 pci3: on pcib3 uhci0: port 0x3080-0x309f irq 23 at device 29.0 on pci0 uhci0: [GIANT-LOCKED] uhci0: [ITHREAD] usb0: on uhci0 usb0: USB revision 1.0 uhub0: on usb0 uhub0: 2 ports with 2 removable, self powered uhci1: port 0x3060-0x307f irq 19 at device 29.1 on pci0 uhci1: [GIANT-LOCKED] uhci1: [ITHREAD] usb1: on uhci1 usb1: USB revision 1.0 uhub1: on usb1 uhub1: 2 ports with 2 removable, self powered uhci2: port 0x3040-0x305f irq 18 at device 29.2 on pci0 uhci2: [GIANT-LOCKED] uhci2: [ITHREAD] usb2: on uhci2 usb2: USB revision 1.0 uhub2: on usb2 uhub2: 2 ports with 2 removable, self powered uhci3: port 0x3020-0x303f irq 16 at device 29.3 on pci0 uhci3: [GIANT-LOCKED] uhci3: [ITHREAD] usb3: on uhci3 usb3: USB revision 1.0 uhub3: on usb3 uhub3: 2 ports with 2 removable, self powered ehci0: mem 0x903c4000-0x903c43ff irq 23 at device 29.7 on pci0 ehci0: [GIANT-LOCKED] ehci0: [ITHREAD] usb4: EHCI version 1.0 usb4: companion controllers, 2 ports each: usb0 usb1 usb2 usb3 usb4: on ehci0 usb4: USB revision 2.0 uhub4: on usb4 uhub4: 8 ports with 8 removable, self powered pcib4: at device 30.0 on pci0 pci4: on pcib4 re1: port 0x1000-0x10ff mem 0x90100000-0x901000ff irq 21 at device 0.0 on pci4 re1: Chip rev. 0x04000000 re1: MAC rev. 0x00000000 miibus1: on re1 rgephy1: PHY 1 on miibus1 rgephy1: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-FDX, auto re1: Ethernet address: 00:16:01:5c:4a:0f re1: [FILTER] isab0: at device 31.0 on pci0 isa0: on isab0 atapci0: port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0x30b0-0x30bf irq 18 at device 31.1 on pci0 ata0: on atapci0 ata0: [ITHREAD] atapci1: port 0x30c8-0x30cf,0x30ec-0x30ef,0x30c0-0x30c7,0x30e8-0x30eb,0x30a0-0x30af irq 19 at device 31.2 on pci0 atapci1: [ITHREAD] ata2: on atapci1 ata2: [ITHREAD] ata3: on atapci1 ata3: [ITHREAD] pci0: at device 31.3 (no driver attached) sio0: <16550A-compatible COM port> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0 sio0: type 16550A sio0: [FILTER] cpu0: on acpi0 p4tcc0: on cpu0 cpu1: on acpi0 p4tcc1: on cpu1 cpu2: on acpi0 p4tcc2: on cpu2 cpu3: on acpi0 p4tcc3: on cpu3 pmtimer0 on isa0 orm0: at iomem 0xcb000-0xcbfff pnpid ORM0000 on isa0 atkbdc0: at port 0x60,0x64 on isa0 atkbd0: irq 1 on atkbdc0 kbd0 at atkbd0 atkbd0: [GIANT-LOCKED] atkbd0: [ITHREAD] ppc0: at port 0x378-0x37f irq 7 on isa0 ppc0: SMC-like chipset (ECP/EPP/PS2/NIBBLE) in COMPATIBLE mode ppc0: FIFO with 16/16/8 bytes threshold ppbus0: on ppc0 ppbus0: [ITHREAD] plip0: on ppbus0 plip0: WARNING: using obsoleted IFF_NEEDSGIANT flag lpt0: on ppbus0 lpt0: Interrupt-driven port ppi0: on ppbus0 ppc0: [GIANT-LOCKED] ppc0: [ITHREAD] sc0: at flags 0x100 on isa0 sc0: VGA <16 virtual consoles, flags=0x300> sio1: configured irq 3 not in bitmap of probed irqs 0 sio1: port may not be enabled vga0: at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0 Timecounters tick every 1.000 msec ad4: 476940MB at ata2-master SATA150 SMP: AP CPU #1 Launched! SMP: AP CPU #3 Launched! SMP: AP CPU #2 Launched! GEOM_LABEL: Label for provider ad4s2 is ufsid/497231edae4da529. GEOM_LABEL: Label for provider ad4s1a is ufsid/497231ebaad35c34. GEOM_LABEL: Label for provider ad4s1d is ufsid/497231f823755a18. GEOM_LABEL: Label for provider ad4s1e is ufsid/497231eb4cb04b76. GEOM_LABEL: Label for provider ad4s1f is ufsid/497231eb16db295a. Trying to mount root from ufs:/dev/ad4s1a GEOM_LABEL: Label ufsid/497231ebaad35c34 removed. GEOM_LABEL: Label for provider ad4s1a is ufsid/497231ebaad35c34. GEOM_LABEL: Label ufsid/497231eb4cb04b76 removed. GEOM_LABEL: Label for provider ad4s1e is ufsid/497231eb4cb04b76. GEOM_LABEL: Label ufsid/497231eb16db295a removed. GEOM_LABEL: Label for provider ad4s1f is ufsid/497231eb16db295a. GEOM_LABEL: Label ufsid/497231edae4da529 removed. GEOM_LABEL: Label for provider ad4s2 is ufsid/497231edae4da529. GEOM_LABEL: Label ufsid/497231f823755a18 removed. GEOM_LABEL: Label for provider ad4s1d is ufsid/497231f823755a18. GEOM_LABEL: Label ufsid/497231ebaad35c34 removed. GEOM_LABEL: Label ufsid/497231eb4cb04b76 removed. GEOM_LABEL: Label ufsid/497231eb16db295a removed. GEOM_LABEL: Label ufsid/497231edae4da529 removed. GEOM_LABEL: Label ufsid/497231f823755a18 removed. tap0: Ethernet address: 00:bd:9c:3f:00:00 re0: link state changed to DOWN re0: link state changed to UP The following is the info obtained by running crashinfo: ### instance 1 (May 21 about 23:00 local time) Fatal trap 12: page fault while in kernel mode cpuid = 2; apic id = 02 fault virtual address = 0x19 fault code = supervisor write, page not present instruction pointer = 0x20:0xc085af6c stack pointer = 0x28:0xe5a84bfc frame pointer = 0x28:0xe5a84c18 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 46 (syncer) trap number = 12 panic: page fault cpuid = 2 Uptime: 11d9h43m49s Physical memory: 2025 MB Dumping 294 MB: 279 263 247 231 215 199 183 167 151 135 119 103 87 71 55 39 23 7 #0 doadump () at pcpu.h:196 196 pcpu.h: No such file or directory. in pcpu.h (kgdb) #0 doadump () at pcpu.h:196 #1 0xc07e25a7 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:418 #2 0xc07e2879 in panic (fmt=Variable "fmt" is not available. ) at /usr/src/sys/kern/kern_shutdown.c:574 #3 0xc0ae3ebc in trap_fatal (frame=0xe5a84bbc, eva=25) at /usr/src/sys/i386/i386/trap.c:939 #4 0xc0ae4140 in trap_pfault (frame=0xe5a84bbc, usermode=0, eva=25) at /usr/src/sys/i386/i386/trap.c:852 #5 0xc0ae4aec in trap (frame=0xe5a84bbc) at /usr/src/sys/i386/i386/trap.c:530 #6 0xc0ac91fb in calltrap () at /usr/src/sys/i386/i386/exception.s:159 #7 0xc085af6c in __mnt_vnode_next (mvp=0xe5a84c48, mp=0xc5874b40) at /usr/src/sys/kern/vfs_mount.c:2033 #8 0xc0864202 in vfs_msync (mp=0xc5874b40, flags=2) at /usr/src/sys/kern/vfs_subr.c:3135 #9 0xc08644ba in sync_fsync (ap=0xe5a84cd4) at /usr/src/sys/kern/vfs_subr.c:3389 #10 0xc0af8e72 in VOP_FSYNC_APV (vop=0xc0c598a0, a=0xe5a84cd4) at vnode_if.c:1007 #11 0xc0864cc8 in sched_sync () at vnode_if.h:538 #12 0xc07bd059 in fork_exit (callout=0xc08645c0 , arg=0x0, frame=0xe5a84d38) at /usr/src/sys/kern/kern_fork.c:810 #13 0xc0ac9270 in fork_trampoline () at /usr/src/sys/i386/i386/exception.s:264 (kgdb) ### instance 2 (May 22 about 20:30 local time) Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 00 fault virtual address = 0xf3e83561 fault code = supervisor read, page not present instruction pointer = 0x20:0xc0880d65 stack pointer = 0x28:0xc53f7be0 frame pointer = 0x28:0xc53f7c00 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 19 (swi5: +) trap number = 12 panic: page fault cpuid = 0 Uptime: 21h4m54s Physical memory: 2025 MB Dumping 291 MB: 276 260 244 228 212 196 180 164 148 132 116 100 84 68 52 36 20 4 #0 doadump () at pcpu.h:196 196 pcpu.h: No such file or directory. in pcpu.h (kgdb) #0 doadump () at pcpu.h:196 #1 0xc07e25a7 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:418 #2 0xc07e2879 in panic (fmt=Variable "fmt" is not available. ) at /usr/src/sys/kern/kern_shutdown.c:574 #3 0xc0ae3ebc in trap_fatal (frame=0xc53f7ba0, eva=4092081505) at /usr/src/sys/i386/i386/trap.c:939 #4 0xc0ae4140 in trap_pfault (frame=0xc53f7ba0, usermode=0, eva=4092081505) at /usr/src/sys/i386/i386/trap.c:852 #5 0xc0ae4aec in trap (frame=0xc53f7ba0) at /usr/src/sys/i386/i386/trap.c:530 #6 0xc0ac91fb in calltrap () at /usr/src/sys/i386/i386/exception.s:159 #7 0xc0880d65 in ether_input (ifp=0xc5601800, m=0xc5a2c200) at /usr/src/sys/net/if_ethersubr.c:545 #8 0xc06c4348 in re_rxeof (sc=0xc561b000) at /usr/src/sys/dev/re/if_re.c:1982 #9 0xc06c5dce in re_int_task (arg=0xc561b000, npending=1) at /usr/src/sys/dev/re/if_re.c:2189 #10 0xc0817835 in taskqueue_run (queue=0xc5498400) at /usr/src/sys/kern/subr_taskqueue.c:282 #11 0xc0817973 in taskqueue_fast_run (dummy=0x0) at /usr/src/sys/kern/subr_taskqueue.c:460 #12 0xc07c050b in ithread_loop (arg=0xc55830b0) at /usr/src/sys/kern/kern_intr.c:1088 #13 0xc07bd059 in fork_exit (callout=0xc07c0350 , arg=0xc55830b0, frame=0xc53f7d38) at /usr/src/sys/kern/kern_fork.c:810 #14 0xc0ac9270 in fork_trampoline () at /usr/src/sys/i386/i386/exception.s:264 (kgdb) ### instance 3 (May 22 about 20:40 local time) Fatal trap 12: page fault while in kernel mode cpuid = 1; apic id = 01 fault virtual address = 0x200 fault code = supervisor read, page not present instruction pointer = 0x20:0x200 stack pointer = 0x28:0xc53ed8f0 frame pointer = 0x28:0xc53ed910 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 4 (g_down) trap number = 12 (bt is not available since the core dump seems lost. This panic occured immediately after rebooted from instance 2..) ### instance 4 (May 25 about 22:40 local time) Fatal trap 12: page fault while in kernel mode cpuid = 1; apic id = 01 fault virtual address = 0x3b57860 fault code = supervisor read, page not present instruction pointer = 0x20:0xc0a1cfb6 stack pointer = 0x28:0xe7d00a94 frame pointer = 0x28:0xe7d00ab0 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 62673 (httpd) trap number = 12 panic: page fault cpuid = 1 Uptime: 3d1h54m6s Physical memory: 2025 MB Dumping 275 MB: 260 244 228 212 196 180 164 148 132 116 100 84 68 52 36 20 4 #0 doadump () at pcpu.h:196 196 pcpu.h: No such file or directory. in pcpu.h (kgdb) #0 doadump () at pcpu.h:196 #1 0xc07e25a7 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:418 #2 0xc07e2879 in panic (fmt=Variable "fmt" is not available. ) at /usr/src/sys/kern/kern_shutdown.c:574 #3 0xc0ae3ebc in trap_fatal (frame=0xe7d00a54, eva=62224480) at /usr/src/sys/i386/i386/trap.c:939 #4 0xc0ae4140 in trap_pfault (frame=0xe7d00a54, usermode=0, eva=62224480) at /usr/src/sys/i386/i386/trap.c:852 #5 0xc0ae4aec in trap (frame=0xe7d00a54) at /usr/src/sys/i386/i386/trap.c:530 #6 0xc0ac91fb in calltrap () at /usr/src/sys/i386/i386/exception.s:159 #7 0xc0a1cfb6 in vm_map_entry_splay (addr=685764608, root=0xc60ac044) at /usr/src/sys/vm/vm_map.c:726 #8 0xc0a1d367 in vm_map_lookup_entry (map=0xc5d0fa24, address=685764608, entry=0xe7d00bf8) at /usr/src/sys/vm/vm_map.c:904 #9 0xc0a1e76a in vm_map_lookup (var_map=0xe7d00bf4, vaddr=685764608, fault_typea=Variable "fault_typea" is not available. ) at /usr/src/sys/vm/vm_map.c:3136 #10 0xc0a17f03 in vm_fault (map=0xc5d0fa24, vaddr=685764608, fault_type=2 '\002', fault_flags=8) at /usr/src/sys/vm/vm_fault.c:233 #11 0xc0ae402b in trap_pfault (frame=0xe7d00d38, usermode=1, eva=685767244) at /usr/src/sys/i386/i386/trap.c:829 #12 0xc0ae4977 in trap (frame=0xe7d00d38) at /usr/src/sys/i386/i386/trap.c:397 #13 0xc0ac91fb in calltrap () at /usr/src/sys/i386/i386/exception.s:159 #14 0x2809997e in ?? () Previous frame inner to this frame (corrupt stack?) (kgdb) From owner-freebsd-hackers@FreeBSD.ORG Tue May 26 06:30:12 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 610551065673 for ; Tue, 26 May 2009 06:30:12 +0000 (UTC) (envelope-from kostjn@peterhost.ru) Received: from mail.z8.ru (mail.z8.ru [80.93.58.56]) by mx1.freebsd.org (Postfix) with ESMTP id 1CC358FC14 for ; Tue, 26 May 2009 06:30:11 +0000 (UTC) (envelope-from kostjn@peterhost.ru) Received: from [85.235.196.139] (helo=kostjn.pht) by mail.z8.ru with esmtpa (Exim 4.67 (FreeBSD)) (envelope-from ) id 1M8qAh-000Nz0-33 for freebsd-hackers@freebsd.org; Tue, 26 May 2009 10:29:59 +0400 Message-ID: <4A1B8CF8.7030102@peterhost.ru> Date: Tue, 26 May 2009 10:32:24 +0400 From: Menshikov Konstantin User-Agent: Thunderbird 2.0.0.18 (X11/20090328) MIME-Version: 1.0 To: freebsd-hackers@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Disk quota for Jail. Discussion. X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2009 06:30:12 -0000 Hi. Jail now have no disk quotas. Users which use jail, use separate zfs or md device for jail, but it from a hopelessness. It is necessary to discuss possible ways of realisation. I suggest to make disk quotas for jail on the basis of the user quotas. Introduction. User UID and GID are located in inode and are always accessible. No information about jail in ufs is present. All activity jail is limited root path. The work scheme. In structure prison it is added structures containing disk quotas and usage. At start Jail, we calculate the size root path and number of files in it, thus receiving current use of a disk. In functions of allocation of disk blocks and inode, we check quotas and we increase current use. If jail exceeds a quota, inquiry about allocation of the disk block or inode it is rejected. After work end jail the information on disk use is lost. What do you think about it? There are other offers? -- Menshikov Konstantin. From owner-freebsd-hackers@FreeBSD.ORG Tue May 26 12:03:24 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9AA321065680 for ; Tue, 26 May 2009 12:03:24 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from mail.terabit.net.ua (mail.terabit.net.ua [195.137.202.147]) by mx1.freebsd.org (Postfix) with ESMTP id 3D7C38FC34 for ; Tue, 26 May 2009 12:03:23 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from skuns.zoral.com.ua ([91.193.166.194] helo=mail.zoral.com.ua) by mail.terabit.net.ua with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1M8vNG-000Fvt-TA; Tue, 26 May 2009 15:03:19 +0300 Received: from deviant.kiev.zoral.com.ua (root@deviant.kiev.zoral.com.ua [10.1.1.148]) by mail.zoral.com.ua (8.14.2/8.14.2) with ESMTP id n4QC3EXi054064 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 26 May 2009 15:03:14 +0300 (EEST) (envelope-from kostikbel@gmail.com) Received: from deviant.kiev.zoral.com.ua (kostik@localhost [127.0.0.1]) by deviant.kiev.zoral.com.ua (8.14.3/8.14.3) with ESMTP id n4QC3EaQ055482; Tue, 26 May 2009 15:03:14 +0300 (EEST) (envelope-from kostikbel@gmail.com) Received: (from kostik@localhost) by deviant.kiev.zoral.com.ua (8.14.3/8.14.3/Submit) id n4QC3DsJ055481; Tue, 26 May 2009 15:03:13 +0300 (EEST) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: deviant.kiev.zoral.com.ua: kostik set sender to kostikbel@gmail.com using -f Date: Tue, 26 May 2009 15:03:13 +0300 From: Kostik Belousov To: Menshikov Konstantin Message-ID: <20090526120313.GA1927@deviant.kiev.zoral.com.ua> References: <4A1B8CF8.7030102@peterhost.ru> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="QLtikqB3wVxGaUVK" Content-Disposition: inline In-Reply-To: <4A1B8CF8.7030102@peterhost.ru> User-Agent: Mutt/1.4.2.3i X-Virus-Scanned: clamav-milter 0.95.1 at skuns.kiev.zoral.com.ua X-Virus-Status: Clean X-Spam-Status: No, score=-4.4 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on skuns.kiev.zoral.com.ua X-Virus-Scanned: mail.terabit.net.ua 1M8vNG-000Fvt-TA 299cff901667d573a90bc5bbd351357d X-Terabit: YES Cc: freebsd-hackers@freebsd.org Subject: Re: Disk quota for Jail. Discussion. X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2009 12:03:26 -0000 --QLtikqB3wVxGaUVK Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, May 26, 2009 at 10:32:24AM +0400, Menshikov Konstantin wrote: > Hi. > Jail now have no disk quotas. > Users which use jail, use separate zfs or md device for jail, but it=20 > from a hopelessness. > It is necessary to discuss possible ways of realisation. > I suggest to make disk quotas for jail on the basis of the user quotas. >=20 > Introduction. > User UID and GID are located in inode and are always accessible. > No information about jail in ufs is present. All activity jail is=20 > limited root path. >=20 > The work scheme. > In structure prison it is added structures containing disk quotas and usa= ge. > At start Jail, we calculate the size root path and number of files in=20 > it, thus receiving current use of a disk. > In functions of allocation of disk blocks and inode, we check quotas and= =20 > we increase current use. UFS cannot determine whether the new allocation goes under the jail root or not. > If jail exceeds a quota, inquiry about allocation of the disk block or=20 > inode it is rejected. > After work end jail the information on disk use is lost. >=20 > What do you think about it? > There are other offers? > -- > Menshikov Konstantin. >=20 > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" --QLtikqB3wVxGaUVK Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iEYEARECAAYFAkob2oEACgkQC3+MBN1Mb4iBpACgo/032KYBBnt2K6Ety2UgWvZv 6F4AoOi9yZj9il5/SpsFIA5duCONcuqH =+nNi -----END PGP SIGNATURE----- --QLtikqB3wVxGaUVK-- From owner-freebsd-hackers@FreeBSD.ORG Tue May 26 12:33:19 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 138AD1065686 for ; Tue, 26 May 2009 12:33:19 +0000 (UTC) (envelope-from kostjn@peterhost.ru) Received: from mail.z8.ru (mail.z8.ru [80.93.58.56]) by mx1.freebsd.org (Postfix) with ESMTP id C04458FC1B for ; Tue, 26 May 2009 12:33:18 +0000 (UTC) (envelope-from kostjn@peterhost.ru) Received: from [85.235.196.139] (helo=kostjn.pht) by mail.z8.ru with esmtpa (Exim 4.67 (FreeBSD)) (envelope-from ) id 1M8vq9-0008dK-6k for freebsd-hackers@freebsd.org; Tue, 26 May 2009 16:33:09 +0400 Message-ID: <4A1BE1F8.9050804@peterhost.ru> Date: Tue, 26 May 2009 16:35:04 +0400 From: Menshikov Konstantin User-Agent: Thunderbird 2.0.0.18 (X11/20090328) MIME-Version: 1.0 CC: freebsd-hackers@freebsd.org References: <4A1B8CF8.7030102@peterhost.ru> <20090526120313.GA1927@deviant.kiev.zoral.com.ua> In-Reply-To: <20090526120313.GA1927@deviant.kiev.zoral.com.ua> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: Disk quota for Jail. Discussion. X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2009 12:33:19 -0000 Kostik Belousov wrote: > On Tue, May 26, 2009 at 10:32:24AM +0400, Menshikov Konstantin wrote: > >> Hi. >> Jail now have no disk quotas. >> Users which use jail, use separate zfs or md device for jail, but it >> from a hopelessness. >> It is necessary to discuss possible ways of realisation. >> I suggest to make disk quotas for jail on the basis of the user quotas. >> >> Introduction. >> User UID and GID are located in inode and are always accessible. >> No information about jail in ufs is present. All activity jail is >> limited root path. >> >> The work scheme. >> In structure prison it is added structures containing disk quotas and usage. >> At start Jail, we calculate the size root path and number of files in >> it, thus receiving current use of a disk. >> In functions of allocation of disk blocks and inode, we check quotas and >> we increase current use. >> > UFS cannot determine whether the new allocation goes under the jail > root or not. > Yes. But jail cannot allocate block and inode above root path. In allocation functions, whether for example ffs_alloc we have access to ucred process and we can check up there is a process in jail. >> If jail exceeds a quota, inquiry about allocation of the disk block or >> inode it is rejected. >> After work end jail the information on disk use is lost. >> >> What do you think about it? >> There are other offers? >> >> If jail will get access to disk devices in/dev/and will mount file system of a problem also will not arise, I think... Can be eat other problems which are not visible at first sight? From owner-freebsd-hackers@FreeBSD.ORG Tue May 26 12:36:37 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F32371065673 for ; Tue, 26 May 2009 12:36:36 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from mail.terabit.net.ua (mail.terabit.net.ua [195.137.202.147]) by mx1.freebsd.org (Postfix) with ESMTP id 968378FC18 for ; Tue, 26 May 2009 12:36:36 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from skuns.zoral.com.ua ([91.193.166.194] helo=mail.zoral.com.ua) by mail.terabit.net.ua with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1M8vtT-000JkP-Ag; Tue, 26 May 2009 15:36:35 +0300 Received: from deviant.kiev.zoral.com.ua (root@deviant.kiev.zoral.com.ua [10.1.1.148]) by mail.zoral.com.ua (8.14.2/8.14.2) with ESMTP id n4QCaWVF056238 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 26 May 2009 15:36:32 +0300 (EEST) (envelope-from kostikbel@gmail.com) Received: from deviant.kiev.zoral.com.ua (kostik@localhost [127.0.0.1]) by deviant.kiev.zoral.com.ua (8.14.3/8.14.3) with ESMTP id n4QCaWVF056001; Tue, 26 May 2009 15:36:32 +0300 (EEST) (envelope-from kostikbel@gmail.com) Received: (from kostik@localhost) by deviant.kiev.zoral.com.ua (8.14.3/8.14.3/Submit) id n4QCaWV3056000; Tue, 26 May 2009 15:36:32 +0300 (EEST) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: deviant.kiev.zoral.com.ua: kostik set sender to kostikbel@gmail.com using -f Date: Tue, 26 May 2009 15:36:32 +0300 From: Kostik Belousov To: Menshikov Konstantin Message-ID: <20090526123632.GB1927@deviant.kiev.zoral.com.ua> References: <4A1B8CF8.7030102@peterhost.ru> <20090526120313.GA1927@deviant.kiev.zoral.com.ua> <4A1BE1F8.9050804@peterhost.ru> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="iJxQupPLzo4E+zOu" Content-Disposition: inline In-Reply-To: <4A1BE1F8.9050804@peterhost.ru> User-Agent: Mutt/1.4.2.3i X-Virus-Scanned: clamav-milter 0.95.1 at skuns.kiev.zoral.com.ua X-Virus-Status: Clean X-Spam-Status: No, score=-4.4 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on skuns.kiev.zoral.com.ua X-Virus-Scanned: mail.terabit.net.ua 1M8vtT-000JkP-Ag 0332f6bdb3bfd0d578ff36265a6f78df X-Terabit: YES Cc: freebsd-hackers@freebsd.org Subject: Re: Disk quota for Jail. Discussion. X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2009 12:36:37 -0000 --iJxQupPLzo4E+zOu Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, May 26, 2009 at 04:35:04PM +0400, Menshikov Konstantin wrote: > Kostik Belousov wrote: > >On Tue, May 26, 2009 at 10:32:24AM +0400, Menshikov Konstantin wrote: > >>In structure prison it is added structures containing disk quotas and= =20 > >>usage. > >>At start Jail, we calculate the size root path and number of files in= =20 > >>it, thus receiving current use of a disk. > >>In functions of allocation of disk blocks and inode, we check quotas an= d=20 > >>we increase current use. > >> =20 > >UFS cannot determine whether the new allocation goes under the jail > >root or not. > > =20 > Yes. But jail cannot allocate block and inode above root path. In=20 > allocation functions, whether for example ffs_alloc we have access to=20 > ucred process and we can check up there is a process in jail. Yes, you can check this for jailed process. Think about non-jailed processes that can do allocation below the jail root. --iJxQupPLzo4E+zOu Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iEYEARECAAYFAkob4lAACgkQC3+MBN1Mb4glqgCfZYSHk0V1PwnEvo9b+FQMe45S vDsAoLur4g3iObSkj5FjOT7g8b4ZcRAi =AN0T -----END PGP SIGNATURE----- --iJxQupPLzo4E+zOu-- From owner-freebsd-hackers@FreeBSD.ORG Tue May 26 12:59:33 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CE1DB1065678 for ; Tue, 26 May 2009 12:59:33 +0000 (UTC) (envelope-from kostjn@peterhost.ru) Received: from mail.z8.ru (mail.z8.ru [80.93.58.56]) by mx1.freebsd.org (Postfix) with ESMTP id 87B328FC1F for ; Tue, 26 May 2009 12:59:33 +0000 (UTC) (envelope-from kostjn@peterhost.ru) Received: from [85.235.196.139] (helo=kostjn.pht) by mail.z8.ru with esmtpa (Exim 4.67 (FreeBSD)) (envelope-from ) id 1M8wFe-000HCe-Vh for freebsd-hackers@freebsd.org; Tue, 26 May 2009 16:59:31 +0400 Message-ID: <4A1BE827.2030303@peterhost.ru> Date: Tue, 26 May 2009 17:01:27 +0400 From: Menshikov Konstantin User-Agent: Thunderbird 2.0.0.18 (X11/20090328) MIME-Version: 1.0 CC: freebsd-hackers@freebsd.org References: <4A1B8CF8.7030102@peterhost.ru> <20090526120313.GA1927@deviant.kiev.zoral.com.ua> <4A1BE1F8.9050804@peterhost.ru> <20090526123632.GB1927@deviant.kiev.zoral.com.ua> In-Reply-To: <20090526123632.GB1927@deviant.kiev.zoral.com.ua> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: Disk quota for Jail. Discussion. X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2009 12:59:34 -0000 Kostik Belousov wrote: > On Tue, May 26, 2009 at 04:35:04PM +0400, Menshikov Konstantin wrote: > >> Kostik Belousov wrote: >> >>> On Tue, May 26, 2009 at 10:32:24AM +0400, Menshikov Konstantin wrote: >>> >>>> In structure prison it is added structures containing disk quotas and >>>> usage. >>>> At start Jail, we calculate the size root path and number of files in >>>> it, thus receiving current use of a disk. >>>> In functions of allocation of disk blocks and inode, we check quotas and >>>> we increase current use. >>>> >>>> >>> UFS cannot determine whether the new allocation goes under the jail >>> root or not. >>> >>> >> Yes. But jail cannot allocate block and inode above root path. In >> allocation functions, whether for example ffs_alloc we have access to >> ucred process and we can check up there is a process in jail. >> > > Yes, you can check this for jailed process. Think about non-jailed processes > that can do allocation below the jail root. > Processes out of jail are not considered. I do not understand, these processes have what relation to disk to quotas for jail. Please explain more in detail From owner-freebsd-hackers@FreeBSD.ORG Tue May 26 13:20:52 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 47D60106564A for ; Tue, 26 May 2009 13:20:52 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from mail.terabit.net.ua (mail.terabit.net.ua [195.137.202.147]) by mx1.freebsd.org (Postfix) with ESMTP id DDB7D8FC0A for ; Tue, 26 May 2009 13:20:51 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from skuns.zoral.com.ua ([91.193.166.194] helo=mail.zoral.com.ua) by mail.terabit.net.ua with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63 (FreeBSD)) (envelope-from ) id 1M8waH-000OTB-Sr; Tue, 26 May 2009 16:20:50 +0300 Received: from deviant.kiev.zoral.com.ua (root@deviant.kiev.zoral.com.ua [10.1.1.148]) by mail.zoral.com.ua (8.14.2/8.14.2) with ESMTP id n4QDKl7Q058983 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 26 May 2009 16:20:47 +0300 (EEST) (envelope-from kostikbel@gmail.com) Received: from deviant.kiev.zoral.com.ua (kostik@localhost [127.0.0.1]) by deviant.kiev.zoral.com.ua (8.14.3/8.14.3) with ESMTP id n4QDKlJn056316; Tue, 26 May 2009 16:20:47 +0300 (EEST) (envelope-from kostikbel@gmail.com) Received: (from kostik@localhost) by deviant.kiev.zoral.com.ua (8.14.3/8.14.3/Submit) id n4QDKkSd056315; Tue, 26 May 2009 16:20:46 +0300 (EEST) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: deviant.kiev.zoral.com.ua: kostik set sender to kostikbel@gmail.com using -f Date: Tue, 26 May 2009 16:20:46 +0300 From: Kostik Belousov To: Menshikov Konstantin Message-ID: <20090526132046.GC1927@deviant.kiev.zoral.com.ua> References: <4A1B8CF8.7030102@peterhost.ru> <20090526120313.GA1927@deviant.kiev.zoral.com.ua> <4A1BE1F8.9050804@peterhost.ru> <20090526123632.GB1927@deviant.kiev.zoral.com.ua> <4A1BE827.2030303@peterhost.ru> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="dXJXs/M7/ajzpbcK" Content-Disposition: inline In-Reply-To: <4A1BE827.2030303@peterhost.ru> User-Agent: Mutt/1.4.2.3i X-Virus-Scanned: clamav-milter 0.95.1 at skuns.kiev.zoral.com.ua X-Virus-Status: Clean X-Spam-Status: No, score=-4.4 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on skuns.kiev.zoral.com.ua X-Virus-Scanned: mail.terabit.net.ua 1M8waH-000OTB-Sr 796a0757b771879e6b657e77a0df30a4 X-Terabit: YES Cc: freebsd-hackers@freebsd.org Subject: Re: Disk quota for Jail. Discussion. X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2009 13:20:52 -0000 --dXJXs/M7/ajzpbcK Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, May 26, 2009 at 05:01:27PM +0400, Menshikov Konstantin wrote: > Kostik Belousov wrote: > >On Tue, May 26, 2009 at 04:35:04PM +0400, Menshikov Konstantin wrote: > > =20 > >>Kostik Belousov wrote: > >> =20 > >>>On Tue, May 26, 2009 at 10:32:24AM +0400, Menshikov Konstantin wrote: > >>> =20 > >>>>In structure prison it is added structures containing disk quotas and= =20 > >>>>usage. > >>>>At start Jail, we calculate the size root path and number of files in= =20 > >>>>it, thus receiving current use of a disk. > >>>>In functions of allocation of disk blocks and inode, we check quotas= =20 > >>>>and we increase current use. > >>>> =20 > >>>> =20 > >>>UFS cannot determine whether the new allocation goes under the jail > >>>root or not. > >>>=20 > >>> =20 > >>Yes. But jail cannot allocate block and inode above root path. In=20 > >>allocation functions, whether for example ffs_alloc we have access to= =20 > >>ucred process and we can check up there is a process in jail. > >> =20 > > > >Yes, you can check this for jailed process. Think about non-jailed=20 > >processes > >that can do allocation below the jail root. > > =20 > Processes out of jail are not considered. > I do not understand, these processes have what relation to disk to=20 > quotas for jail. Please explain more in detail Since the processes outside of the jail may allocate or delete blocks or inodes under the jail root, doing accounting only for actions initiated by jailed processes means that accounting does not reflect reality. --dXJXs/M7/ajzpbcK Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iEYEARECAAYFAkob7K4ACgkQC3+MBN1Mb4gOPQCgn/M4I6gRFY43uTSf1PdgTT4U uFEAn1Wln29DF/y743qBnyGq1/NtWwJU =hRFI -----END PGP SIGNATURE----- --dXJXs/M7/ajzpbcK-- From owner-freebsd-hackers@FreeBSD.ORG Tue May 26 13:44:46 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 51E261065673 for ; Tue, 26 May 2009 13:44:46 +0000 (UTC) (envelope-from tevans.uk@googlemail.com) Received: from mail-ew0-f164.google.com (mail-ew0-f164.google.com [209.85.219.164]) by mx1.freebsd.org (Postfix) with ESMTP id CDE508FC08 for ; Tue, 26 May 2009 13:44:45 +0000 (UTC) (envelope-from tevans.uk@googlemail.com) Received: by ewy8 with SMTP id 8so302390ewy.43 for ; Tue, 26 May 2009 06:44:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:subject:from:to:cc :in-reply-to:references:content-type:date:message-id:mime-version :x-mailer:content-transfer-encoding; bh=80vrfur26c2PQoxrhLXULY0aMKxc2f3CwF65wttTF2o=; b=POV8VDQBZJE4SJZcV3vsz1eUw0tLyzoNlUcg6UzvZTAFSGiW4+zZZVzYtgGxK2qktZ bVGd48FLL+uNE10iCGkT+RIs7wTGDQ01GRtDvm+iiIGSsYbIHJlOh9mN/RUowE2LTa+x hW+T+hnZ/osYxiND3NxJPrneTpmYPil6e0Z3g= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=subject:from:to:cc:in-reply-to:references:content-type:date :message-id:mime-version:x-mailer:content-transfer-encoding; b=uXWPwneHoj7/zllbtROgdyvIl5XTo+Z2dMVjXuWBKFjlViWnfRpO0wO6VxrGPxFlM3 Wqkzz5Sk9rOn7DxqLyCPoIdxdQeQ3xGVAusX5Eq20LrtEnQtXZF0h2Q1Y6P9By4NaBRz XkCV8s05ziOK4dd3reDy6qufg+FcPgWdx+T2s= Received: by 10.210.18.8 with SMTP id 8mr278888ebr.53.1243344265131; Tue, 26 May 2009 06:24:25 -0700 (PDT) Received: from ?127.0.0.1? (87-194-39-182.bethere.co.uk [87.194.39.182]) by mx.google.com with ESMTPS id 28sm8562204eyg.24.2009.05.26.06.24.24 (version=SSLv3 cipher=RC4-MD5); Tue, 26 May 2009 06:24:24 -0700 (PDT) From: Tom Evans To: Menshikov Konstantin In-Reply-To: <4A1BE827.2030303@peterhost.ru> References: <4A1B8CF8.7030102@peterhost.ru> <20090526120313.GA1927@deviant.kiev.zoral.com.ua> <4A1BE1F8.9050804@peterhost.ru> <20090526123632.GB1927@deviant.kiev.zoral.com.ua> <4A1BE827.2030303@peterhost.ru> Content-Type: text/plain Date: Tue, 26 May 2009 14:24:23 +0100 Message-Id: <1243344263.9871.2.camel@strangepork.london.mintel.ad> Mime-Version: 1.0 X-Mailer: Evolution 2.26.1.1 FreeBSD GNOME Team Port Content-Transfer-Encoding: 7bit Cc: freebsd-hackers@freebsd.org Subject: Re: Disk quota for Jail. Discussion. X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2009 13:44:46 -0000 On Tue, 2009-05-26 at 17:01 +0400, Menshikov Konstantin wrote: > Kostik Belousov wrote: > > On Tue, May 26, 2009 at 04:35:04PM +0400, Menshikov Konstantin wrote: > > > >> Kostik Belousov wrote: > >> > >>> On Tue, May 26, 2009 at 10:32:24AM +0400, Menshikov Konstantin wrote: > >>> > >>>> In structure prison it is added structures containing disk quotas and > >>>> usage. > >>>> At start Jail, we calculate the size root path and number of files in > >>>> it, thus receiving current use of a disk. > >>>> In functions of allocation of disk blocks and inode, we check quotas and > >>>> we increase current use. > >>>> > >>>> > >>> UFS cannot determine whether the new allocation goes under the jail > >>> root or not. > >>> > >>> > >> Yes. But jail cannot allocate block and inode above root path. In > >> allocation functions, whether for example ffs_alloc we have access to > >> ucred process and we can check up there is a process in jail. > >> > > > > Yes, you can check this for jailed process. Think about non-jailed processes > > that can do allocation below the jail root. > > > Processes out of jail are not considered. > I do not understand, these processes have what relation to disk to > quotas for jail. Please explain more in detail A process outside of the jail can still write to the file system that you consider to be jailed, depending upon permissions. If all your quota calculations are only triggered by jailed processes writing to the file system, then you can exceed quota trivially. Tom From owner-freebsd-hackers@FreeBSD.ORG Tue May 26 14:00:51 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9B1281065670 for ; Tue, 26 May 2009 14:00:51 +0000 (UTC) (envelope-from fhcarron@terra.es) Received: from IMPaqm4.telefonica.net (impaqm4.telefonica.net [213.4.129.19]) by mx1.freebsd.org (Postfix) with ESMTP id 0AB428FC08 for ; Tue, 26 May 2009 14:00:50 +0000 (UTC) (envelope-from fhcarron@terra.es) Received: from IMPmailhost1.adm.correo ([10.20.102.38]) by IMPaqm4.telefonica.net with bizsmtp id wD2k1b00G0piX6q3QDqoNd; Tue, 26 May 2009 15:50:48 +0200 Received: from [150.244.58.19] ([150.244.58.19]) by IMPmailhost1.adm.correo with BIZ IMP id wDqn1b00H0Qtfg61hDqo0b; Tue, 26 May 2009 15:50:48 +0200 X-TE-authinfo: authemail="fhcarron.terra.es" |auth_email="fhcarron@terra.es" X-TE-AcuTerraCos: auth_cuTerraCos="cosuiterc01" From: Fernando Herrero =?ISO-8859-1?Q?Carr=F3n?= To: freebsd-hackers@freebsd.org Content-Type: text/plain Date: Tue, 26 May 2009 15:50:47 +0200 Message-Id: <1243345847.1007.11.camel@nebet.ii.uam.es> Mime-Version: 1.0 X-Mailer: Evolution 2.26.0 FreeBSD GNOME Team Port Content-Transfer-Encoding: 7bit Subject: Help debugging kernel together with X X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2009 14:00:52 -0000 Hi list, I would like to ask for some help debugging the kernel. Here is the problem: I have a computer about five years old with an on-board graphics card (SiS 661). I am trying to install an ATI Radeon 128 on the AGP port. FreeBSD (FreeBSD 7.2-STABLE #10: Tue May 26 15:08:39 CEST 2009) is able to start DRM and AGP without trouble. However, whenever I start X (X.Org X Server 1.6.1; Release Date: 2009-4-14; Build Date: 11 May 2009 12:03:27PM) the system freezes with a blank screen with some apparent noisy green dots on it (reproducible, however). It does not panic, nor reboot. Now I suspect there is some problem on the AGP bridge driver since linux can run X without trouble (i.e. hardware and BIOS are ok). I have found someone reporting problems with this bridge long time ago with no answers (http://www.nabble.com/agp-on-sis-661-td1446998.html). So here I am trying to figure out where the system freezes. I have recompiled my kernel adding the following options: options KDB options DDB options MP_WATCHDOG options SW_WATCHDOG I am able to enter the debugger with ctrl+alt+esc from a console. So what I am trying to do is to have watchdogd time out and the debugger make a dump: ddb script kern.enter.watchdog=call doadump; reboot However, when I start X no timeout occurs, and the system stays freezed. Am I missing something on the workings of watchdogd? Thanks a lot for your help! Fernando From owner-freebsd-hackers@FreeBSD.ORG Tue May 26 14:05:07 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 44A24106566B for ; Tue, 26 May 2009 14:05:07 +0000 (UTC) (envelope-from freebsd-hackers@m.gmane.org) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by mx1.freebsd.org (Postfix) with ESMTP id EC74B8FC0C for ; Tue, 26 May 2009 14:05:05 +0000 (UTC) (envelope-from freebsd-hackers@m.gmane.org) Received: from list by ciao.gmane.org with local (Exim 4.43) id 1M8wiu-0002xF-OD for freebsd-hackers@freebsd.org; Tue, 26 May 2009 13:29:44 +0000 Received: from lara.cc.fer.hr ([161.53.72.113]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 26 May 2009 13:29:44 +0000 Received: from ivoras by lara.cc.fer.hr with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 26 May 2009 13:29:44 +0000 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-hackers@freebsd.org From: Ivan Voras Date: Tue, 26 May 2009 15:29:41 +0200 Lines: 31 Message-ID: References: <4A1B8CF8.7030102@peterhost.ru> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigDBB184BCAC00FB0D019DBADB" X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: lara.cc.fer.hr User-Agent: Thunderbird 2.0.0.21 (X11/20090409) In-Reply-To: <4A1B8CF8.7030102@peterhost.ru> X-Enigmail-Version: 0.95.7 Sender: news Subject: Re: Disk quota for Jail. Discussion. X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2009 14:05:07 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigDBB184BCAC00FB0D019DBADB Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Menshikov Konstantin wrote: > Hi. > Jail now have no disk quotas. > Users which use jail, use separate zfs or md device for jail, but it > from a hopelessness. Well, the ZFS way of doing things (per-filesystem quotas) is actually the right way to do it - it solves exactly the problem described. --------------enigDBB184BCAC00FB0D019DBADB Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkob7sUACgkQldnAQVacBcjJXgCfZUzqD3Bu5/lfBBbxh4bfYCF/ 6OMAniZjWgKz4N7Wd+yHQTPNPG0hHpim =miy3 -----END PGP SIGNATURE----- --------------enigDBB184BCAC00FB0D019DBADB-- From owner-freebsd-hackers@FreeBSD.ORG Tue May 26 15:39:17 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 57EE61065678 for ; Tue, 26 May 2009 15:39:17 +0000 (UTC) (envelope-from glen.j.barber@gmail.com) Received: from mail-bw0-f213.google.com (mail-bw0-f213.google.com [209.85.218.213]) by mx1.freebsd.org (Postfix) with ESMTP id D47F78FC1C for ; Tue, 26 May 2009 15:39:16 +0000 (UTC) (envelope-from glen.j.barber@gmail.com) Received: by bwz9 with SMTP id 9so3988375bwz.43 for ; Tue, 26 May 2009 08:39:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=rZk06YrQB8cbGQv+o2PFuIqs7HeiccPxoSbiKtm/+j4=; b=ubiN4LJT3KpN6YBVboewskTNd/GfIDq/PsdgiOuq+MHeKKbDNH5w5NBC4dnHJJwQBj jUzE/J9fia1gDoQZ9YejaSmqftcqYa6H4N2TjAy09SBdOyFCrsW4dVl3rBLWBl+kyXxE A6iXHRR53g3QDUU5fhKgxyN/TIEwcCiQ8cMyQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=mTFkVUej9DpIZPgB9RkSufEOOnbAJOd/T29ncvNbUzw/uW2miIMW/wqVkHq/VhO+MF yVndgvCKA4/h9qsllQLnN4366S4G3CfQKHmuVHaQgBjzas/NQyjh3fHBII4/6MOvKYYg oDoDysStTUhQhtcTunQLpLk+DO4eKrWwBFo/8= MIME-Version: 1.0 Received: by 10.223.121.6 with SMTP id f6mr4503856far.77.1243352355285; Tue, 26 May 2009 08:39:15 -0700 (PDT) In-Reply-To: <1243345847.1007.11.camel@nebet.ii.uam.es> References: <1243345847.1007.11.camel@nebet.ii.uam.es> Date: Tue, 26 May 2009 11:39:15 -0400 Message-ID: <4ad871310905260839u24ce71e9wbaa637712480c390@mail.gmail.com> From: Glen Barber To: =?ISO-8859-1?Q?Fernando_Herrero_Carr=F3n?= Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: freebsd-hackers@freebsd.org Subject: Re: Help debugging kernel together with X X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2009 15:39:17 -0000 Hi, Fernando 2009/5/26 Fernando Herrero Carr=F3n : > Hi list, > > I would like to ask for some help debugging the kernel. > > Here is the problem: > > I have a computer about five years old with an on-board graphics card > (SiS 661). I am trying to install an ATI Radeon 128 on the AGP port. > FreeBSD (FreeBSD 7.2-STABLE #10: Tue May 26 15:08:39 CEST 2009) is able > to start DRM and AGP without trouble. However, whenever I start X (X.Org > X Server 1.6.1; Release Date: 2009-4-14; Build Date: 11 May 2009 > 12:03:27PM) the system freezes with a blank screen with some apparent > noisy green dots on it (reproducible, however). It does not panic, nor > reboot. > > Now I suspect there is some problem on the AGP bridge driver since linux > can run X without trouble (i.e. hardware and BIOS are ok). I have found > someone reporting problems with this bridge long time ago with no > answers (http://www.nabble.com/agp-on-sis-661-td1446998.html). > > So here I am trying to figure out where the system freezes. I have > recompiled my kernel adding the following options: > > options =A0 =A0 =A0 =A0 KDB > options =A0 =A0 =A0 =A0 DDB > options =A0 =A0 =A0 =A0 MP_WATCHDOG > options =A0 =A0 =A0 =A0 SW_WATCHDOG > > I am able to enter the debugger with ctrl+alt+esc from a console. So > what I am trying to do is to have watchdogd time out and the debugger > make a dump: > > ddb script kern.enter.watchdog=3Dcall doadump; reboot > > However, when I start X no timeout occurs, and the system stays freezed. > Am I missing something on the workings of watchdogd? > What you're describing does not appear to be a kernel problem; it sounds like the typical 'Xorg update from hell' problem most experienced a while back. Have a look at /usr/ports/UPDATING, and search for 'AllowEmptyInput'. Adding the following to xorg.conf should correct the problem: Section "ServerFlags" option "AllowEmptyInput" "off" option "AutoAddDevices" "off" EndSection HTH --=20 Glen Barber From owner-freebsd-hackers@FreeBSD.ORG Tue May 26 15:42:51 2009 Return-Path: Delivered-To: freebsd-hackers@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A41C6106566B for ; Tue, 26 May 2009 15:42:51 +0000 (UTC) (envelope-from marck@rinet.ru) Received: from woozle.rinet.ru (woozle.rinet.ru [195.54.192.68]) by mx1.freebsd.org (Postfix) with ESMTP id 164B58FC1B for ; Tue, 26 May 2009 15:42:50 +0000 (UTC) (envelope-from marck@rinet.ru) Received: from localhost (localhost [127.0.0.1]) by woozle.rinet.ru (8.14.3/8.14.3) with ESMTP id n4QFNaJt078771 for ; Tue, 26 May 2009 19:23:36 +0400 (MSD) (envelope-from marck@rinet.ru) Date: Tue, 26 May 2009 19:23:36 +0400 (MSD) From: Dmitry Morozovsky To: freebsd-hackers@FreeBSD.org Message-ID: User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) X-NCC-RegID: ru.rinet X-OpenPGP-Key-ID: 6B691B03 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.2 (woozle.rinet.ru [0.0.0.0]); Tue, 26 May 2009 19:23:36 +0400 (MSD) Cc: Subject: MosChip 7840 dual port ucom X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2009 15:42:51 -0000 Dear colleagues, any hints/directions to get MosChip 7840 dual port USB to RS232 adapter working? In usbdevs output the device is shown as port 1 addr 2: high speed, power 100 mA, config 1, product 0x7840(0x7840), vendor 0x9710(0x9710), rev 0.01 Thanks in advance. -- Sincerely, D.Marck [DM5020, MCK-RIPE, DM3-RIPN] [ FreeBSD committer: marck@FreeBSD.org ] ------------------------------------------------------------------------ *** Dmitry Morozovsky --- D.Marck --- Wild Woozle --- marck@rinet.ru *** ------------------------------------------------------------------------ From owner-freebsd-hackers@FreeBSD.ORG Tue May 26 16:09:27 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 535831065674 for ; Tue, 26 May 2009 16:09:27 +0000 (UTC) (envelope-from kostjn@peterhost.ru) Received: from mail.z8.ru (mail.z8.ru [80.93.58.56]) by mx1.freebsd.org (Postfix) with ESMTP id 0A6808FC14 for ; Tue, 26 May 2009 16:09:26 +0000 (UTC) (envelope-from kostjn@peterhost.ru) Received: from [85.235.196.139] (helo=kostjn.pht) by mail.z8.ru with esmtpa (Exim 4.67 (FreeBSD)) (envelope-from ) id 1M8zDP-0007ig-R2 for freebsd-hackers@freebsd.org; Tue, 26 May 2009 20:09:23 +0400 Message-ID: <4A1C14A8.9010104@peterhost.ru> Date: Tue, 26 May 2009 20:11:20 +0400 From: Menshikov Konstantin User-Agent: Thunderbird 2.0.0.18 (X11/20090328) MIME-Version: 1.0 CC: freebsd-hackers@freebsd.org References: <4A1B8CF8.7030102@peterhost.ru> <20090526120313.GA1927@deviant.kiev.zoral.com.ua> <4A1BE1F8.9050804@peterhost.ru> <20090526123632.GB1927@deviant.kiev.zoral.com.ua> <4A1BE827.2030303@peterhost.ru> <1243344263.9871.2.camel@strangepork.london.mintel.ad> In-Reply-To: <1243344263.9871.2.camel@strangepork.london.mintel.ad> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: Disk quota for Jail. Discussion. X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2009 16:09:27 -0000 Tom Evans wrote: > On Tue, 2009-05-26 at 17:01 +0400, Menshikov Konstantin wrote: > >> Kostik Belousov wrote: >> >>> On Tue, May 26, 2009 at 04:35:04PM +0400, Menshikov Konstantin wrote: >>> >>> >>>> Kostik Belousov wrote: >>>> >>>> >>>>> On Tue, May 26, 2009 at 10:32:24AM +0400, Menshikov Konstantin wrote: >>>>> >>>>> >>>>>> In structure prison it is added structures containing disk quotas and >>>>>> usage. >>>>>> At start Jail, we calculate the size root path and number of files in >>>>>> it, thus receiving current use of a disk. >>>>>> In functions of allocation of disk blocks and inode, we check quotas and >>>>>> we increase current use. >>>>>> >>>>>> >>>>>> >>>>> UFS cannot determine whether the new allocation goes under the jail >>>>> root or not. >>>>> >>>>> >>>>> >>>> Yes. But jail cannot allocate block and inode above root path. In >>>> allocation functions, whether for example ffs_alloc we have access to >>>> ucred process and we can check up there is a process in jail. >>>> >>>> >>> Yes, you can check this for jailed process. Think about non-jailed processes >>> that can do allocation below the jail root. >>> >>> >> Processes out of jail are not considered. >> I do not understand, these processes have what relation to disk to >> quotas for jail. Please explain more in detail >> > > A process outside of the jail can still write to the file system that > you consider to be jailed, depending upon permissions. If all your quota > calculations are only triggered by jailed processes writing to the file > system, then you can exceed quota trivially. > > Tom > > The primary goal of disk quotas to limit allocation of disk blocks and inode to processes in jail during their work. Jail it is time essence. After end of work Jail, it does not exist. Let's consider disk quotas for Jail, as number of blocks or inode which jail can use during a session. I understand that if process out of jail will create in a root directory jail a file of the sizes in 1 GB, and process in jail will remove this file jail can exceed the limit on 1 GB. But there is no real necessity, in an operating time jail to write down in the root catalogue jail from the outside jail. From owner-freebsd-hackers@FreeBSD.ORG Tue May 26 16:23:49 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BC390106568B for ; Tue, 26 May 2009 16:23:49 +0000 (UTC) (envelope-from kostjn@peterhost.ru) Received: from mail.z8.ru (mail.z8.ru [80.93.58.56]) by mx1.freebsd.org (Postfix) with ESMTP id 74F108FC24 for ; Tue, 26 May 2009 16:23:49 +0000 (UTC) (envelope-from kostjn@peterhost.ru) Received: from [85.235.196.139] (helo=kostjn.pht) by mail.z8.ru with esmtpa (Exim 4.67 (FreeBSD)) (envelope-from ) id 1M8zRI-000A3k-C5 for freebsd-hackers@freebsd.org; Tue, 26 May 2009 20:23:44 +0400 Message-ID: <4A1C1805.8070906@peterhost.ru> Date: Tue, 26 May 2009 20:25:41 +0400 From: Menshikov Konstantin User-Agent: Thunderbird 2.0.0.18 (X11/20090328) MIME-Version: 1.0 CC: freebsd-hackers@freebsd.org References: <4A1B8CF8.7030102@peterhost.ru> In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: Disk quota for Jail. Discussion. X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2009 16:23:50 -0000 Ivan Voras wrote: > Menshikov Konstantin wrote: > >> Hi. >> Jail now have no disk quotas. >> Users which use jail, use separate zfs or md device for jail, but it >> from a hopelessness. >> > > Well, the ZFS way of doing things (per-filesystem quotas) is actually > the right way to do it - it solves exactly the problem described. > > > Yes, you are right. But this way, has some lacks. 1. For quota change jail, it is necessary to stop jail and to start procedure of change of the size of file system. In case of use ufs it is not simple. 2. In case of use zfs, as far as I know, it is impossible to use virtual file systems for example unionfs. From owner-freebsd-hackers@FreeBSD.ORG Tue May 26 20:32:45 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8362810656D9; Tue, 26 May 2009 20:32:45 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id 44A638FC1A; Tue, 26 May 2009 20:32:45 +0000 (UTC) (envelope-from des@des.no) Received: from ds4.des.no (cm-84.215.252.34.getinternet.no [84.215.252.34]) by smtp.des.no (Postfix) with ESMTP id 9C5706D41E; Tue, 26 May 2009 22:13:21 +0200 (CEST) Received: by ds4.des.no (Postfix, from userid 1001) id 87F43844DE; Tue, 26 May 2009 22:13:21 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Jakub Lach References: <23727599.post@talk.nabble.com> Date: Tue, 26 May 2009 22:13:21 +0200 In-Reply-To: <23727599.post@talk.nabble.com> (Jakub Lach's message of "Tue, 26 May 2009 10:18:50 -0700 (PDT)") Message-ID: <86prdvipwe.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.92 (berkeley-unix) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" Cc: freebsd-hackers@freebsd.org Subject: Re: FYI Lighttpd 1.4.23 /kernel (trailing '/' on regular file symlink) vulnerability X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2009 20:32:46 -0000 --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable [moving from security@ to hackers@] Jakub Lach writes: > http://www.freebsd.org/cgi/query-pr.cgi?pr=3Dkern/21768 Like bde@ pointed out, the patch is incorrect. It moves the test for v_type !=3D VDIR up to a point where, in the case of a symlink, v_type is always (by definition) VLNK. The reason why the current code does not work is that, in the symlink case, the v_type !=3D VDIR test is never reached: we will have jumped to either bad2 or success. However, it should be safe to move the test to after the success label, because trailing_slash is only ever true for the last component of the path we were asked to look up (see lines 520 through 535). The attached patch should work. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no --=-=-= Content-Type: text/x-patch Content-Disposition: inline; filename=symlink-slash.diff Index: sys/kern/vfs_lookup.c =================================================================== --- sys/kern/vfs_lookup.c (revision 192614) +++ sys/kern/vfs_lookup.c (working copy) @@ -800,14 +800,6 @@ goto success; } - /* - * Check for bogus trailing slashes. - */ - if (trailing_slash && dp->v_type != VDIR) { - error = ENOTDIR; - goto bad2; - } - nextname: /* * Not a symbolic link. If more pathname, @@ -861,6 +853,14 @@ VOP_UNLOCK(dp, 0); success: /* + * Check for bogus trailing slashes. + */ + if (trailing_slash && dp->v_type != VDIR) { + error = ENOTDIR; + goto bad2; + } + + /* * Because of lookup_shared we may have the vnode shared locked, but * the caller may want it to be exclusively locked. */ --=-=-=-- From owner-freebsd-hackers@FreeBSD.ORG Tue May 26 20:40:34 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7A45A1065738 for ; Tue, 26 May 2009 20:40:34 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id 3C5F38FC15 for ; Tue, 26 May 2009 20:40:33 +0000 (UTC) (envelope-from des@des.no) Received: from ds4.des.no (cm-84.215.252.34.getinternet.no [84.215.252.34]) by smtp.des.no (Postfix) with ESMTP id 47F0B6D41F; Tue, 26 May 2009 22:40:33 +0200 (CEST) Received: by ds4.des.no (Postfix, from userid 1001) id 3DB87844A1; Tue, 26 May 2009 22:40:33 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Jakub Lach References: <23727599.post@talk.nabble.com> <86prdvipwe.fsf@ds4.des.no> Date: Tue, 26 May 2009 22:40:33 +0200 In-Reply-To: <86prdvipwe.fsf@ds4.des.no> ("Dag-Erling =?utf-8?Q?Sm=C3=B8rg?= =?utf-8?Q?rav=22's?= message of "Tue, 26 May 2009 22:13:21 +0200") Message-ID: <86octflhry.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.92 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-hackers@freebsd.org Subject: Re: FYI Lighttpd 1.4.23 /kernel (trailing '/' on regular file symlink) vulnerability X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2009 20:40:35 -0000 Dag-Erling Sm=C3=B8rgrav writes: > The attached patch should work. Oops. It actually triggers a KASSERT. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-hackers@FreeBSD.ORG Tue May 26 21:20:04 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 72C1A1065675 for ; Tue, 26 May 2009 21:20:03 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id 52BA68FC12 for ; Tue, 26 May 2009 21:20:03 +0000 (UTC) (envelope-from des@des.no) Received: from ds4.des.no (cm-84.215.252.34.getinternet.no [84.215.252.34]) by smtp.des.no (Postfix) with ESMTP id 562456D41D; Tue, 26 May 2009 23:20:02 +0200 (CEST) Received: by ds4.des.no (Postfix, from userid 1001) id 45F81844BD; Tue, 26 May 2009 23:20:02 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Jakub Lach References: <23727599.post@talk.nabble.com> <86prdvipwe.fsf@ds4.des.no> Date: Tue, 26 May 2009 23:20:01 +0200 In-Reply-To: <86prdvipwe.fsf@ds4.des.no> ("Dag-Erling =?utf-8?Q?Sm=C3=B8rg?= =?utf-8?Q?rav=22's?= message of "Tue, 26 May 2009 22:13:21 +0200") Message-ID: <86my8z8su6.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.92 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-hackers@freebsd.org Subject: Re: FYI Lighttpd 1.4.23 /kernel (trailing '/' on regular file symlink) vulnerability X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2009 21:20:05 -0000 Dag-Erling Sm=C3=B8rgrav writes: > Like bde@ pointed out, the patch is incorrect. It moves the test for > v_type !=3D VDIR up to a point where, in the case of a symlink, v_type is > always (by definition) VLNK. Hmm, actually, symlinks are resolved in namei(), not lookup(). This is not going to be pretty. I'll be back later... DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-hackers@FreeBSD.ORG Wed May 27 07:58:28 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2513F1065674 for ; Wed, 27 May 2009 07:58:28 +0000 (UTC) (envelope-from danny@cs.huji.ac.il) Received: from kabab.cs.huji.ac.il (kabab.cs.huji.ac.il [132.65.16.84]) by mx1.freebsd.org (Postfix) with ESMTP id BF7B38FC15 for ; Wed, 27 May 2009 07:58:27 +0000 (UTC) (envelope-from danny@cs.huji.ac.il) Received: from pampa.cs.huji.ac.il ([132.65.80.32]) by kabab.cs.huji.ac.il with esmtp id 1M9E1q-000CGn-8M for freebsd-hackers@freebsd.org; Wed, 27 May 2009 10:58:26 +0300 X-Mailer: exmh version 2.7.2 01/07/2005 with nmh-1.2 To: freebsd-hackers@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 27 May 2009 10:58:26 +0300 From: Danny Braniss Message-ID: Subject: nfs_diskless_valid question X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2009 07:58:28 -0000 Hi, This variable is set by the boot process, and as far as I can tell modified as the boot process progresses, then by /etc/rc, and never again used. Is there some security reason that I'm not aware of, for this variable to be read-only? (sysctl won't change its value). thanks, danny From owner-freebsd-hackers@FreeBSD.ORG Wed May 27 09:39:31 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 502DD1065670 for ; Wed, 27 May 2009 09:39:31 +0000 (UTC) (envelope-from fhcarron@terra.es) Received: from IMPaqm1.telefonica.net (impaqm1.telefonica.net [213.4.149.61]) by mx1.freebsd.org (Postfix) with ESMTP id B1CD88FC13 for ; Wed, 27 May 2009 09:39:30 +0000 (UTC) (envelope-from fhcarron@terra.es) Received: from IMPmailhost4.adm.correo ([10.20.102.125]) by IMPaqm1.telefonica.net with bizsmtp id wYjD1b0032iL0W201ZfVc3; Wed, 27 May 2009 11:39:29 +0200 Received: from [150.244.58.19] ([150.244.58.19]) by IMPmailhost4.adm.correo with BIZ IMP id wZfV1b00H0Qtfg61kZfV1e; Wed, 27 May 2009 11:39:29 +0200 X-TE-authinfo: authemail="fhcarron.terra.es" |auth_email="fhcarron@terra.es" X-TE-AcuTerraCos: auth_cuTerraCos="cosuiterc01" From: Fernando Herrero =?ISO-8859-1?Q?Carr=F3n?= To: freebsd-hackers@freebsd.org In-Reply-To: <4ad871310905260839u24ce71e9wbaa637712480c390@mail.gmail.com> References: <1243345847.1007.11.camel@nebet.ii.uam.es> <4ad871310905260839u24ce71e9wbaa637712480c390@mail.gmail.com> Content-Type: text/plain; charset="UTF-8" Date: Wed, 27 May 2009 11:39:29 +0200 Message-Id: <1243417169.996.1.camel@nebet.ii.uam.es> Mime-Version: 1.0 X-Mailer: Evolution 2.26.0 FreeBSD GNOME Team Port Content-Transfer-Encoding: 8bit Subject: Re: Help debugging kernel together with X X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2009 09:39:31 -0000 Thanks Glen, Despite having fought many battles with the dreaded X.org update ¬¬, this seems not to be the problem now. I tried to install a new graphics card some time ago, before the upgrade and the result was the same. My concern right now is the behaviour of Watchdogs, I'll start a new, more specific thread. Thanks, Fernando El mar, 26-05-2009 a las 11:39 -0400, Glen Barber escribió: > Hi, Fernando > > 2009/5/26 Fernando Herrero Carrón : > > Hi list, > > > > I would like to ask for some help debugging the kernel. > > > > Here is the problem: > > > > I have a computer about five years old with an on-board graphics card > > (SiS 661). I am trying to install an ATI Radeon 128 on the AGP port. > > FreeBSD (FreeBSD 7.2-STABLE #10: Tue May 26 15:08:39 CEST 2009) is able > > to start DRM and AGP without trouble. However, whenever I start X (X.Org > > X Server 1.6.1; Release Date: 2009-4-14; Build Date: 11 May 2009 > > 12:03:27PM) the system freezes with a blank screen with some apparent > > noisy green dots on it (reproducible, however). It does not panic, nor > > reboot. > > > > Now I suspect there is some problem on the AGP bridge driver since linux > > can run X without trouble (i.e. hardware and BIOS are ok). I have found > > someone reporting problems with this bridge long time ago with no > > answers (http://www.nabble.com/agp-on-sis-661-td1446998.html). > > > > So here I am trying to figure out where the system freezes. I have > > recompiled my kernel adding the following options: > > > > options KDB > > options DDB > > options MP_WATCHDOG > > options SW_WATCHDOG > > > > I am able to enter the debugger with ctrl+alt+esc from a console. So > > what I am trying to do is to have watchdogd time out and the debugger > > make a dump: > > > > ddb script kern.enter.watchdog=call doadump; reboot > > > > However, when I start X no timeout occurs, and the system stays freezed. > > Am I missing something on the workings of watchdogd? > > > > What you're describing does not appear to be a kernel problem; it > sounds like the typical 'Xorg update from hell' problem most > experienced a while back. > > Have a look at /usr/ports/UPDATING, and search for 'AllowEmptyInput'. > > Adding the following to xorg.conf should correct the problem: > > Section "ServerFlags" > option "AllowEmptyInput" "off" > option "AutoAddDevices" "off" > EndSection > > HTH > From owner-freebsd-hackers@FreeBSD.ORG Wed May 27 10:10:57 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BF3351065700 for ; Wed, 27 May 2009 10:10:55 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) Received: from 0.mx.codelabs.ru (0.mx.codelabs.ru [144.206.177.45]) by mx1.freebsd.org (Postfix) with ESMTP id 5595A8FC17 for ; Wed, 27 May 2009 10:10:55 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) DomainKey-Signature: a=rsa-sha1; q=dns; c=simple; s=one; d=codelabs.ru; h=Received:Date:From:To:Cc:Subject:Message-ID:Reply-To:References:MIME-Version:Content-Type:Content-Disposition:In-Reply-To:Sender; b=EIT58IaQ/3H0h1RQ3zo+ejxG60hXC/tBqlcDFF5TE+1rSdJUM7Y+42xyu8Xidcu/MfO/COYAMfHGKSHa/a6ax0cn+biPy2baJc85Z/LbtXRG20HtiR6hW0F8YzQzBN05ZoMYDC+nCjoL1bld4ZXjJ/E7y0Fi/4okZtdDKhBsZRU=; Received: from shadow.codelabs.ru (shadow.codelabs.ru [144.206.177.8]) by 0.mx.codelabs.ru with esmtpsa (TLSv1:AES256-SHA:256) id 1M9Fo7-0000u9-S0; Wed, 27 May 2009 13:52:23 +0400 Date: Wed, 27 May 2009 13:52:21 +0400 From: Eygene Ryabinkin To: Dag-Erling Sm??rgrav Message-ID: <0vGjPHEq7MqxjtFmBufY+mBxlR4@7oUjtCwN654QcDr16CH+kAk8bJg> References: <23727599.post@talk.nabble.com> <86prdvipwe.fsf@ds4.des.no> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="7JfCtLOvnd9MIVvH" Content-Disposition: inline In-Reply-To: <86prdvipwe.fsf@ds4.des.no> Sender: rea-fbsd@codelabs.ru Cc: freebsd-hackers@freebsd.org, Jakub Lach Subject: Re: FYI Lighttpd 1.4.23 /kernel (trailing '/' on regular file symlink) vulnerability X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: rea-fbsd@codelabs.ru List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2009 10:10:59 -0000 --7JfCtLOvnd9MIVvH Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Dag-Erling, *, good day. Tue, May 26, 2009 at 10:13:21PM +0200, Dag-Erling Sm??rgrav wrote: > [moving from security@ to hackers@] > > Jakub Lach writes: > > http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/21768 > > Like bde@ pointed out, the patch is incorrect. It moves the test for > v_type != VDIR up to a point where, in the case of a symlink, v_type is > always (by definition) VLNK. > > The reason why the current code does not work is that, in the symlink > case, the v_type != VDIR test is never reached: we will have jumped to > either bad2 or success. However, it should be safe to move the test to > after the success label, because trailing_slash is only ever true for > the last component of the path we were asked to look up (see lines 520 > through 535). May be the attached patch will fix the thing? It works for me for 7.2 with WITNESS and INVARIANTS enabled. It adds an additional flag, but this was the only thing I was able to invent to avoid ABI breakage. -- Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;_.-\_ ', fsc/as # _.-'_./ {_.' ; / # -- FreeBSD Developers handbook {_.-``-' {_/ # --7JfCtLOvnd9MIVvH Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="vfs_lookup-trailing-symlink-with-slash.diff" Content-Transfer-Encoding: quoted-printable =46rom 029b779c2fe005fe0d043fb3f1990957927e6a18 Mon Sep 17 00:00:00 2001 =46rom: Eygene Ryabinkin Date: Wed, 27 May 2009 13:13:16 +0400 Subject: [PATCH] vfs lookups: properly handle the case of slash at the end = of symlink If symlink points to a non-directory object but the name has trailing slash, then the current lookup/namei implementation will dereference symlink and return dereferenced object instead of symlink even if NOFOLLOW mode is used. That's not good at all :(( Simple test: ----- $ ln -s /etc/motd file $ file file file: symbolic link to `/etc/motd' [ =3D=3D Unpatched variant =3D=3D ] $ file file/ file/: ASCII English text [ =3D=3D Patched variant =3D=3D ] $ file file/ file/: cannot open `file/' (Not a directory) ----- See also: http://www.freebsd.org/cgi/query-pr.cgi?pr=3Dkern/21768 See also: http://lists.freebsd.org/pipermail/freebsd-security/2009-May/0052= 19.html Signed-off-by: Eygene Ryabinkin --- sys/kern/vfs_lookup.c | 25 +++++++++++++++++-------- sys/sys/namei.h | 41 +++++++++++++++++++++-------------------- 2 files changed, 38 insertions(+), 28 deletions(-) diff --git a/sys/kern/vfs_lookup.c b/sys/kern/vfs_lookup.c index 3770b55..75b1772 100644 --- a/sys/kern/vfs_lookup.c +++ b/sys/kern/vfs_lookup.c @@ -138,6 +138,9 @@ namei(struct nameidata *ndp) cnp->cn_flags &=3D ~LOCKSHARED; fdp =3D p->p_fd; =20 + /* Drop internal flag: we will set it ourselves if we'll need it. */ + cnp->cn_flags &=3D ~SLASHSYMLINK; + /* * Get a buffer for the name to be translated, and copy the * name into the buffer. @@ -683,6 +686,12 @@ unionlookup: ndp->ni_vp =3D dp =3D tdp; } =20 + /* Set slashed symlink flag if we found slash at the end of symlink */ + if (dp->v_type =3D=3D VLNK && trailing_slash && + (cnp->cn_flags & ISLASTCN)) { + cnp->cn_flags |=3D SLASHSYMLINK; + } + /* * Check for symbolic link */ @@ -710,14 +719,6 @@ unionlookup: goto success; } =20 - /* - * Check for bogus trailing slashes. - */ - if (trailing_slash && dp->v_type !=3D VDIR) { - error =3D ENOTDIR; - goto bad2; - } - nextname: /* * Not a symbolic link. If more pathname, @@ -741,6 +742,14 @@ nextname: goto dirloop; } /* + * Check if we're processing slashed symlink and + * lookup target isn't a directory. + */ + if ((cnp->cn_flags & SLASHSYMLINK) && dp->v_type !=3D VDIR) { + error =3D ENOTDIR; + goto bad2; + } + /* * Disallow directory write attempts on read-only filesystems. */ if (rdonly && diff --git a/sys/sys/namei.h b/sys/sys/namei.h index ac3550d..d73da50 100644 --- a/sys/sys/namei.h +++ b/sys/sys/namei.h @@ -127,26 +127,27 @@ struct nameidata { * name being sought. The caller is responsible for releasing the * buffer and for vrele'ing ni_startdir. */ -#define RDONLY 0x0000200 /* lookup with read-only semantics */ -#define HASBUF 0x0000400 /* has allocated pathname buffer */ -#define SAVENAME 0x0000800 /* save pathname buffer */ -#define SAVESTART 0x0001000 /* save starting directory */ -#define ISDOTDOT 0x0002000 /* current component name is .. */ -#define MAKEENTRY 0x0004000 /* entry is to be added to name cache */ -#define ISLASTCN 0x0008000 /* this is last component of pathname */ -#define ISSYMLINK 0x0010000 /* symlink needs interpretation */ -#define ISWHITEOUT 0x0020000 /* found whiteout */ -#define DOWHITEOUT 0x0040000 /* do whiteouts */ -#define WILLBEDIR 0x0080000 /* new files will be dirs; allow trailing / */ -#define ISUNICODE 0x0100000 /* current component name is unicode*/ -#define ISOPEN 0x0200000 /* caller is opening; return a real vnode. */ -#define NOCROSSMOUNT 0x0400000 /* do not cross mount points */ -#define NOMACCHECK 0x0800000 /* do not perform MAC checks */ -#define MPSAFE 0x1000000 /* namei() must acquire Giant if needed. */ -#define GIANTHELD 0x2000000 /* namei() is holding giant. */ -#define AUDITVNODE1 0x4000000 /* audit the looked up vnode information */ -#define AUDITVNODE2 0x8000000 /* audit the looked up vnode information */ -#define PARAMASK 0xffffe00 /* mask of parameter descriptors */ +#define RDONLY 0x00000200 /* lookup with read-only semantics */ +#define HASBUF 0x00000400 /* has allocated pathname buffer */ +#define SAVENAME 0x00000800 /* save pathname buffer */ +#define SAVESTART 0x00001000 /* save starting directory */ +#define ISDOTDOT 0x00002000 /* current component name is .. */ +#define MAKEENTRY 0x00004000 /* entry is to be added to name cache */ +#define ISLASTCN 0x00008000 /* this is last component of pathname */ +#define ISSYMLINK 0x00010000 /* symlink needs interpretation */ +#define ISWHITEOUT 0x00020000 /* found whiteout */ +#define DOWHITEOUT 0x00040000 /* do whiteouts */ +#define WILLBEDIR 0x00080000 /* new files will be dirs; allow trailing / */ +#define ISUNICODE 0x00100000 /* current component name is unicode*/ +#define ISOPEN 0x00200000 /* caller is opening; return a real vnode. */ +#define NOCROSSMOUNT 0x00400000 /* do not cross mount points */ +#define NOMACCHECK 0x00800000 /* do not perform MAC checks */ +#define MPSAFE 0x01000000 /* namei() must acquire Giant if needed. */ +#define GIANTHELD 0x02000000 /* namei() is holding giant. */ +#define AUDITVNODE1 0x04000000 /* audit the looked up vnode information */ +#define AUDITVNODE2 0x08000000 /* audit the looked up vnode information */ +#define SLASHSYMLINK 0x10000000 /* last component was slashed symlink */ +#define PARAMASK 0x1ffffe00 /* mask of parameter descriptors */ =20 #define NDHASGIANT(NDP) (((NDP)->ni_cnd.cn_flags & GIANTHELD) !=3D 0) =20 --=20 1.6.3.1 --7JfCtLOvnd9MIVvH-- From owner-freebsd-hackers@FreeBSD.ORG Wed May 27 11:07:17 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3D03F1065686 for ; Wed, 27 May 2009 11:07:17 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id F1BD08FC20 for ; Wed, 27 May 2009 11:07:16 +0000 (UTC) (envelope-from des@des.no) Received: from ds4.des.no (cm-84.215.252.34.getinternet.no [84.215.252.34]) by smtp.des.no (Postfix) with ESMTP id 02F996D41D; Wed, 27 May 2009 13:07:16 +0200 (CEST) Received: by ds4.des.no (Postfix, from userid 1001) id E2DE5844CD; Wed, 27 May 2009 13:07:15 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: rea-fbsd@codelabs.ru References: <23727599.post@talk.nabble.com> <86prdvipwe.fsf@ds4.des.no> <0vGjPHEq7MqxjtFmBufY+mBxlR4@7oUjtCwN654QcDr16CH+kAk8bJg> Date: Wed, 27 May 2009 13:07:15 +0200 In-Reply-To: <0vGjPHEq7MqxjtFmBufY+mBxlR4@7oUjtCwN654QcDr16CH+kAk8bJg> (Eygene Ryabinkin's message of "Wed, 27 May 2009 13:52:21 +0400") Message-ID: <86vdnmiz30.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.92 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-hackers@freebsd.org, Jakub Lach Subject: Re: FYI Lighttpd 1.4.23 /kernel (trailing '/' on regular file symlink) vulnerability X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2009 11:07:17 -0000 Eygene Ryabinkin writes: > May be the attached patch will fix the thing?=20 I'm not entirely convinced. Try the regression test I wrote (head/tools/regression/vfs/trailing_slash.t) > It adds an additional flag, but this was the only thing I was able to > invent to avoid ABI breakage. The flag is a good idea, but I think the correct place to handle this is in namei(), around line 290 (don't be fooled by the comment on line 270; the code inside the if statement is for the *non*-symlink case). DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-hackers@FreeBSD.ORG Wed May 27 11:47:25 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 261B51065678 for ; Wed, 27 May 2009 11:47:25 +0000 (UTC) (envelope-from freebsd-hackers@m.gmane.org) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by mx1.freebsd.org (Postfix) with ESMTP id CF2DB8FC17 for ; Wed, 27 May 2009 11:47:24 +0000 (UTC) (envelope-from freebsd-hackers@m.gmane.org) Received: from list by ciao.gmane.org with local (Exim 4.43) id 1M9HbO-0003RY-4G for freebsd-hackers@freebsd.org; Wed, 27 May 2009 11:47:22 +0000 Received: from lara.cc.fer.hr ([161.53.72.113]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Wed, 27 May 2009 11:47:22 +0000 Received: from ivoras by lara.cc.fer.hr with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Wed, 27 May 2009 11:47:22 +0000 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-hackers@freebsd.org From: Ivan Voras Date: Wed, 27 May 2009 13:47:21 +0200 Lines: 48 Message-ID: References: <4A1B8CF8.7030102@peterhost.ru> <4A1C1805.8070906@peterhost.ru> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigDC3DBBC1DEA0D44635AFD7E9" X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: lara.cc.fer.hr User-Agent: Thunderbird 2.0.0.21 (X11/20090409) In-Reply-To: <4A1C1805.8070906@peterhost.ru> X-Enigmail-Version: 0.95.7 Sender: news Subject: Re: Disk quota for Jail. Discussion. X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2009 11:47:26 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigDC3DBBC1DEA0D44635AFD7E9 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Menshikov Konstantin wrote: > 2. In case of use zfs, as far as I know, it is impossible to use virtua= l > file systems for example unionfs. I don't know how stable is it in the long term, but it does work: www:/home/ivoras# mount /dev/mirror/root_a on / (ufs, local, soft-updates) devfs on /dev (devfs, local) data/backups on /backups (zfs, local) data on /data (zfs, local) data/home on /home (zfs, local) data/services on /services (zfs, local) data/storage on /storage (zfs, local) data/usrlocal on /usr/local (zfs, local) data/usrobj on /usr/obj (zfs, local) data/ports on /usr/ports (zfs, local) data/vardb on /var/db (zfs, local) data/varlog on /var/log (zfs, local) /dev/md0 on /tmp (ufs, local) /usr/ports/archivers on /home/tmp (nullfs, local) --------------enigDC3DBBC1DEA0D44635AFD7E9 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkodKEkACgkQldnAQVacBch76wCgi8BwkBNd0dDcVMRj4jc6vdPt +e8AoKIDA9tuhgEb1T/P+XeaG5Ri2aUg =wBYD -----END PGP SIGNATURE----- --------------enigDC3DBBC1DEA0D44635AFD7E9-- From owner-freebsd-hackers@FreeBSD.ORG Wed May 27 11:55:03 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B2F18106566B for ; Wed, 27 May 2009 11:55:03 +0000 (UTC) (envelope-from freebsd-hackers@m.gmane.org) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by mx1.freebsd.org (Postfix) with ESMTP id 6812B8FC1B for ; Wed, 27 May 2009 11:55:03 +0000 (UTC) (envelope-from freebsd-hackers@m.gmane.org) Received: from root by ciao.gmane.org with local (Exim 4.43) id 1M9Hio-0003sS-KE for freebsd-hackers@freebsd.org; Wed, 27 May 2009 11:55:02 +0000 Received: from lara.cc.fer.hr ([161.53.72.113]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Wed, 27 May 2009 11:55:02 +0000 Received: from ivoras by lara.cc.fer.hr with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Wed, 27 May 2009 11:55:02 +0000 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-hackers@freebsd.org From: Ivan Voras Date: Wed, 27 May 2009 13:50:40 +0200 Lines: 43 Message-ID: References: <4A1B8CF8.7030102@peterhost.ru> <4A1C1805.8070906@peterhost.ru> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig3E927BE6366790970454ECB2" X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: lara.cc.fer.hr User-Agent: Thunderbird 2.0.0.21 (X11/20090409) In-Reply-To: X-Enigmail-Version: 0.95.7 Sender: news Subject: Re: Disk quota for Jail. Discussion. X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2009 11:55:03 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig3E927BE6366790970454ECB2 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Ivan Voras wrote: > Menshikov Konstantin wrote: >=20 >=20 >> 2. In case of use zfs, as far as I know, it is impossible to use virtu= al >> file systems for example unionfs. >=20 > I don't know how stable is it in the long term, but it does work: >=20 > www:/home/ivoras# mount > /usr/ports/archivers on /home/tmp (nullfs, local) Sorry, I miseread your question as about nullfs. Yes, unionfs doesn't seem to work: www:~# mount_unionfs /usr/ports/archivers /home/tmp mount_unionfs: /home/tmp: : Operation not supported --------------enig3E927BE6366790970454ECB2 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkodKRAACgkQldnAQVacBcjamACePYu0WGxeglwAKiaPSP8uA+xN 07oAn0Ojb99dVSSLiBlEp17lP4b6RtTN =7RBE -----END PGP SIGNATURE----- --------------enig3E927BE6366790970454ECB2-- From owner-freebsd-hackers@FreeBSD.ORG Wed May 27 12:07:13 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3815C106568C for ; Wed, 27 May 2009 12:07:13 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) Received: from 0.mx.codelabs.ru (0.mx.codelabs.ru [144.206.177.45]) by mx1.freebsd.org (Postfix) with ESMTP id C34978FC2B for ; Wed, 27 May 2009 12:07:12 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) DomainKey-Signature: a=rsa-sha1; q=dns; c=simple; s=one; d=codelabs.ru; h=Received:Date:From:To:Cc:Subject:Message-ID:Reply-To:References:MIME-Version:Content-Type:Content-Disposition:In-Reply-To:Sender; b=DGPnnqWodrlW1brGyows1ybtD9ulS1wgOmoLkUskWeg1zK2/8zmJhaQTcPEp7Ck9Y0zKoupMNnhJbvxwMUervJ/bWnCecaZ/sPO6NIygDDO1KKrEjC315vydUGfCc6+xs0/OTU9skBnA0BgfBwEriSPCX+uQc8b1+pHP/DRnlTI=; Received: from void.codelabs.ru (void.codelabs.ru [144.206.177.25]) by 0.mx.codelabs.ru with esmtpsa (TLSv1:AES256-SHA:256) id 1M9HuZ-000Ceh-MY; Wed, 27 May 2009 16:07:11 +0400 Date: Wed, 27 May 2009 16:07:09 +0400 From: Eygene Ryabinkin To: Dag-Erling Sm??rgrav Message-ID: <15QQC+1YeDzOjf35dqyJmioc1ik@XX1fo6zQUfC4h0jjRC6IBz3oNH4> References: <23727599.post@talk.nabble.com> <86prdvipwe.fsf@ds4.des.no> <0vGjPHEq7MqxjtFmBufY+mBxlR4@7oUjtCwN654QcDr16CH+kAk8bJg> <86vdnmiz30.fsf@ds4.des.no> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="Nq2Wo0NMKNjxTN9z" Content-Disposition: inline In-Reply-To: <86vdnmiz30.fsf@ds4.des.no> Sender: rea-fbsd@codelabs.ru Cc: freebsd-hackers@freebsd.org, Jakub Lach Subject: Re: FYI Lighttpd 1.4.23 /kernel (trailing '/' on regular file symlink) vulnerability X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: rea-fbsd@codelabs.ru List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2009 12:07:14 -0000 --Nq2Wo0NMKNjxTN9z Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Wed, May 27, 2009 at 01:07:15PM +0200, Dag-Erling Sm??rgrav wrote: > Eygene Ryabinkin writes: > > May be the attached patch will fix the thing? > > I'm not entirely convinced. Try the regression test I wrote > (head/tools/regression/vfs/trailing_slash.t) I see: you mean that the bare '/' at the end of everything but directory should produce ENOTDIR. OK, patch was modified and now it passes all your checks. > > It adds an additional flag, but this was the only thing I was able to > > invent to avoid ABI breakage. > > The flag is a good idea, but I think the correct place to handle this is > in namei(), around line 290 The problem with the check in namei() itself is the cleanup of all locks that were held in the lookup(). If lookup() is finished without error, then the burden of cleanup is ours (namei's). I could duplicate the stuff, but why? lookup() already does it and it's better to keep the things in one place. The logics is laid as follows: if lookup() processes the last component and it had seen the trailing slash, the flag is set. When we have no more targets to get from the current path inside lookup(), check if slashed flag is set and reject anything that is non-directory. Such strategy should also handle the cases of dereferencing (FOLLOWs) of all symbolic links and when some link has slash at the end of the target name: 'ln -s /etc/motd somefile; ln -s somefile/ anotherfile; cat anotherfile' will fail on the last command. If one agrees on such behaviour, such test could be also added to the regression suite. > (don't be fooled by the comment on line 270; > the code inside the if statement is for the *non*-symlink case). Me sees this on the line 226, but may be I hadn't updated my 7.x. And yes, I know what was meant by '(cnp->cn_flags & ISSYMLINK) == 0' ;)) -- Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;_.-\_ ', fsc/as # _.-'_./ {_.' ; / # -- FreeBSD Developers handbook {_.-``-' {_/ # --Nq2Wo0NMKNjxTN9z Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="vfs_lookup-trailing-symlink-with-slash.diff" Content-Transfer-Encoding: quoted-printable =46rom 6109a710c794c4a68073d4299639cd858f762d24 Mon Sep 17 00:00:00 2001 =46rom: Eygene Ryabinkin Date: Wed, 27 May 2009 13:13:16 +0400 Subject: [PATCH] vfs lookups: properly handle the case of slash at the end = of symlink If symlink points to a non-directory object but the name has trailing slash, then the current lookup/namei implementation will dereference symlink and return dereferenced object instead of symlink even if NOFOLLOW mode is used. That's not good at all :(( Simple test: ----- $ ln -s /etc/motd file $ file file file: symbolic link to `/etc/motd' [ =3D=3D Unpatched variant =3D=3D ] $ file file/ file/: ASCII English text [ =3D=3D Patched variant =3D=3D ] $ file file/ file/: cannot open `file/' (Not a directory) ----- See also: http://www.freebsd.org/cgi/query-pr.cgi?pr=3Dkern/21768 See also: http://lists.freebsd.org/pipermail/freebsd-security/2009-May/0052= 19.html Signed-off-by: Eygene Ryabinkin --- sys/kern/vfs_lookup.c | 24 ++++++++++++++++-------- sys/sys/namei.h | 41 +++++++++++++++++++++-------------------- 2 files changed, 37 insertions(+), 28 deletions(-) diff --git a/sys/kern/vfs_lookup.c b/sys/kern/vfs_lookup.c index 3770b55..dc801fd 100644 --- a/sys/kern/vfs_lookup.c +++ b/sys/kern/vfs_lookup.c @@ -138,6 +138,9 @@ namei(struct nameidata *ndp) cnp->cn_flags &=3D ~LOCKSHARED; fdp =3D p->p_fd; =20 + /* Drop internal flag: we will set it ourselves if we'll need it. */ + cnp->cn_flags &=3D ~SLASHTARGET; + /* * Get a buffer for the name to be translated, and copy the * name into the buffer. @@ -683,6 +686,11 @@ unionlookup: ndp->ni_vp =3D dp =3D tdp; } =20 + /* Set "slashed" flag if we found slash at the end of the name */ + if (trailing_slash && (cnp->cn_flags & ISLASTCN)) { + cnp->cn_flags |=3D SLASHTARGET; + } + /* * Check for symbolic link */ @@ -710,14 +718,6 @@ unionlookup: goto success; } =20 - /* - * Check for bogus trailing slashes. - */ - if (trailing_slash && dp->v_type !=3D VDIR) { - error =3D ENOTDIR; - goto bad2; - } - nextname: /* * Not a symbolic link. If more pathname, @@ -741,6 +741,14 @@ nextname: goto dirloop; } /* + * Check if we're processing slashed name + * and lookup target isn't a directory. + */ + if ((cnp->cn_flags & SLASHTARGET) && dp->v_type !=3D VDIR) { + error =3D ENOTDIR; + goto bad2; + } + /* * Disallow directory write attempts on read-only filesystems. */ if (rdonly && diff --git a/sys/sys/namei.h b/sys/sys/namei.h index ac3550d..42e9601 100644 --- a/sys/sys/namei.h +++ b/sys/sys/namei.h @@ -127,26 +127,27 @@ struct nameidata { * name being sought. The caller is responsible for releasing the * buffer and for vrele'ing ni_startdir. */ -#define RDONLY 0x0000200 /* lookup with read-only semantics */ -#define HASBUF 0x0000400 /* has allocated pathname buffer */ -#define SAVENAME 0x0000800 /* save pathname buffer */ -#define SAVESTART 0x0001000 /* save starting directory */ -#define ISDOTDOT 0x0002000 /* current component name is .. */ -#define MAKEENTRY 0x0004000 /* entry is to be added to name cache */ -#define ISLASTCN 0x0008000 /* this is last component of pathname */ -#define ISSYMLINK 0x0010000 /* symlink needs interpretation */ -#define ISWHITEOUT 0x0020000 /* found whiteout */ -#define DOWHITEOUT 0x0040000 /* do whiteouts */ -#define WILLBEDIR 0x0080000 /* new files will be dirs; allow trailing / */ -#define ISUNICODE 0x0100000 /* current component name is unicode*/ -#define ISOPEN 0x0200000 /* caller is opening; return a real vnode. */ -#define NOCROSSMOUNT 0x0400000 /* do not cross mount points */ -#define NOMACCHECK 0x0800000 /* do not perform MAC checks */ -#define MPSAFE 0x1000000 /* namei() must acquire Giant if needed. */ -#define GIANTHELD 0x2000000 /* namei() is holding giant. */ -#define AUDITVNODE1 0x4000000 /* audit the looked up vnode information */ -#define AUDITVNODE2 0x8000000 /* audit the looked up vnode information */ -#define PARAMASK 0xffffe00 /* mask of parameter descriptors */ +#define RDONLY 0x00000200 /* lookup with read-only semantics */ +#define HASBUF 0x00000400 /* has allocated pathname buffer */ +#define SAVENAME 0x00000800 /* save pathname buffer */ +#define SAVESTART 0x00001000 /* save starting directory */ +#define ISDOTDOT 0x00002000 /* current component name is .. */ +#define MAKEENTRY 0x00004000 /* entry is to be added to name cache */ +#define ISLASTCN 0x00008000 /* this is last component of pathname */ +#define ISSYMLINK 0x00010000 /* symlink needs interpretation */ +#define ISWHITEOUT 0x00020000 /* found whiteout */ +#define DOWHITEOUT 0x00040000 /* do whiteouts */ +#define WILLBEDIR 0x00080000 /* new files will be dirs; allow trailing / */ +#define ISUNICODE 0x00100000 /* current component name is unicode*/ +#define ISOPEN 0x00200000 /* caller is opening; return a real vnode. */ +#define NOCROSSMOUNT 0x00400000 /* do not cross mount points */ +#define NOMACCHECK 0x00800000 /* do not perform MAC checks */ +#define MPSAFE 0x01000000 /* namei() must acquire Giant if needed. */ +#define GIANTHELD 0x02000000 /* namei() is holding giant. */ +#define AUDITVNODE1 0x04000000 /* audit the looked up vnode information */ +#define AUDITVNODE2 0x08000000 /* audit the looked up vnode information */ +#define SLASHTARGET 0x10000000 /* last component of the name was slashed */ +#define PARAMASK 0x1ffffe00 /* mask of parameter descriptors */ =20 #define NDHASGIANT(NDP) (((NDP)->ni_cnd.cn_flags & GIANTHELD) !=3D 0) =20 --=20 1.6.3.1 --Nq2Wo0NMKNjxTN9z-- From owner-freebsd-hackers@FreeBSD.ORG Wed May 27 12:39:08 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8B50E106566C for ; Wed, 27 May 2009 12:39:08 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id 4A6AD8FC16 for ; Wed, 27 May 2009 12:39:08 +0000 (UTC) (envelope-from des@des.no) Received: from ds4.des.no (cm-84.215.252.34.getinternet.no [84.215.252.34]) by smtp.des.no (Postfix) with ESMTP id 6D1576D41D; Wed, 27 May 2009 14:39:07 +0200 (CEST) Received: by ds4.des.no (Postfix, from userid 1001) id 621D2844CD; Wed, 27 May 2009 14:39:07 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: rea-fbsd@codelabs.ru References: <23727599.post@talk.nabble.com> <86prdvipwe.fsf@ds4.des.no> <0vGjPHEq7MqxjtFmBufY+mBxlR4@7oUjtCwN654QcDr16CH+kAk8bJg> <86vdnmiz30.fsf@ds4.des.no> <15QQC+1YeDzOjf35dqyJmioc1ik@XX1fo6zQUfC4h0jjRC6IBz3oNH4> Date: Wed, 27 May 2009 14:39:07 +0200 In-Reply-To: <15QQC+1YeDzOjf35dqyJmioc1ik@XX1fo6zQUfC4h0jjRC6IBz3oNH4> (Eygene Ryabinkin's message of "Wed, 27 May 2009 16:07:09 +0400") Message-ID: <86prdug1p0.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.92 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-hackers@freebsd.org, Jakub Lach Subject: Re: FYI Lighttpd 1.4.23 /kernel (trailing '/' on regular file symlink) vulnerability X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2009 12:39:08 -0000 Eygene Ryabinkin writes: > "Dag-Erling Sm=C3=B8rgrav" writes: > > (don't be fooled by the comment on line 270; > > the code inside the if statement is for the *non*-symlink case). > Me sees this on the line 226, but may be I hadn't updated my 7.x. I was working on head. The code is (mostly) the same, just shifted somewhere between ~50 and ~90 lines depending on where you look. Your patch should apply cleanly. BTW, you made a lot of whitespace changes in namei.h. This is generally frowned upon, as it makes the functional change almost impossible to spot in the diff. > And yes, I know what was meant by '(cnp->cn_flags & ISSYMLINK) =3D=3D 0' > ;)) I know you know :) I was just pointing out that the comment is misleading. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-hackers@FreeBSD.ORG Wed May 27 12:51:24 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 03BF8106564A for ; Wed, 27 May 2009 12:51:24 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [65.122.17.42]) by mx1.freebsd.org (Postfix) with ESMTP id D1C788FC1E for ; Wed, 27 May 2009 12:51:23 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [65.122.17.41]) by cyrus.watson.org (Postfix) with ESMTPS id 77BBA46C2B; Wed, 27 May 2009 08:51:23 -0400 (EDT) Date: Wed, 27 May 2009 13:51:23 +0100 (BST) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: Menshikov Konstantin In-Reply-To: <4A1BE827.2030303@peterhost.ru> Message-ID: References: <4A1B8CF8.7030102@peterhost.ru> <20090526120313.GA1927@deviant.kiev.zoral.com.ua> <4A1BE1F8.9050804@peterhost.ru> <20090526123632.GB1927@deviant.kiev.zoral.com.ua> <4A1BE827.2030303@peterhost.ru> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-hackers@freebsd.org Subject: Re: Disk quota for Jail. Discussion. X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2009 12:51:24 -0000 On Tue, 26 May 2009, Menshikov Konstantin wrote: >>> Yes. But jail cannot allocate block and inode above root path. In >>> allocation functions, whether for example ffs_alloc we have access to >>> ucred process and we can check up there is a process in jail. >> >> Yes, you can check this for jailed process. Think about non-jailed >> processes that can do allocation below the jail root. > > Processes out of jail are not considered. I do not understand, these > processes have what relation to disk to quotas for jail. Please explain more > in detail Historic UFS quotas are actually not interested in processes at all, really, except in as much as processes are where exception states are exposed. UFS quotas count blocks and inodes owned by users based on the 'uid' and 'gid' fields in the inode. There's now 'jailid' field, so quotas on this model can't capture the notion of per-jail quotas. In fact, quotacheck relies on being able to walk the file system looking only at file system data in order to establish initial usage accounting. You can imagine adding one, or managing the uid spaces across jails such that all uids are unique, etc, but all of these require some amount of rethinking. Or, some other model of quota. Frankly, I've always been a fan of the AFS model, now accessible locally via ZFS, in which lightweight volumes with quota limits are used for individual user home directories, virtual machines, etc. This was hard to do in FreeBSD before ZFS because (a) UFS didn't want to resize trivially and (b) having lots and lots of mountpoints and file systems wasn't something we made administratively easy. Robert N M Watson Computer Laboratory University of Cambridge From owner-freebsd-hackers@FreeBSD.ORG Wed May 27 13:10:32 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 82522106566C for ; Wed, 27 May 2009 13:10:32 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id 40BFB8FC12 for ; Wed, 27 May 2009 13:10:32 +0000 (UTC) (envelope-from des@des.no) Received: from ds4.des.no (cm-84.215.252.34.getinternet.no [84.215.252.34]) by smtp.des.no (Postfix) with ESMTP id 5F08B6D41D; Wed, 27 May 2009 15:10:31 +0200 (CEST) Received: by ds4.des.no (Postfix, from userid 1001) id 533E0844C2; Wed, 27 May 2009 15:10:31 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: yuri@rawbw.com References: <4A14F58F.8000801@rawbw.com> <4A1594DA.2010707@rawbw.com> Date: Wed, 27 May 2009 15:10:31 +0200 In-Reply-To: <4A1594DA.2010707@rawbw.com> (yuri@rawbw.com's message of "Thu, 21 May 2009 10:52:26 -0700") Message-ID: <86ljoig08o.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.92 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: Nate Eldredge , freebsd-hackers@freebsd.org Subject: Re: Why kernel kills processes that run out of memory instead of just failing memory allocation system calls? X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2009 13:10:32 -0000 Yuri writes: > I don't have strong opinion for or against "memory overcommit". But I > can imagine one could argue that fork with intent of exec is a faulty > scenario that is a relict from the past. It can be replaced by some > atomic method that would spawn the child without ovecommitting. You will very rarely see something like this: if ((pid =3D fork()) =3D=3D 0) { execve(path, argv, envp); _exit(1); } Usually, what you see is closer to this: if ((pid =3D fork()) =3D=3D 0) { for (int fd =3D 3; fd < getdtablesize(); ++fd) (void)close(fd); execve(path, argv, envp); _exit(1); } ...with infinite variation depending on whether the parent needs to communicate with the child, whether the child needs std{in,out,err} at all, etc. For the trivial case, there is always vfork(), which does not duplicate the address space, and blocks the parent until the child has execve()d. This allows you to pull cute tricks like this: volatile int error =3D 0; if ((pid =3D vfork()) =3D=3D 0) { error =3D execve(path, argv, envp); _exit(1); } if (pid =3D=3D -1 || error !=3D 0) perror("Failed to start subprocess"); DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-hackers@FreeBSD.ORG Wed May 27 13:16:29 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D4B06106566B for ; Wed, 27 May 2009 13:16:29 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) Received: from 0.mx.codelabs.ru (0.mx.codelabs.ru [144.206.177.45]) by mx1.freebsd.org (Postfix) with ESMTP id 571058FC2B for ; Wed, 27 May 2009 13:16:27 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) DomainKey-Signature: a=rsa-sha1; q=dns; c=simple; s=one; d=codelabs.ru; h=Received:Date:From:To:Cc:Subject:Message-ID:Reply-To:References:MIME-Version:Content-Type:Content-Disposition:In-Reply-To:Sender; b=a2DtkdXwfjqEYhcgwh7u/Hk4C6iZUDsa0Hz1gGWq9W9qnxphx3LcPlB/ItEcwa5yWR6KL7OcaksFiR2cFs+DPbvRCPxG6asjB+1l/RqIeAqRe8Lv6dyfatG/VWsk+ZZpD0AKQqhLjkbwAMUwz5l4KDlyMwj7cNzq0uHjljuZXPY=; Received: from daemon.grid.kiae.ru (daemon.grid.kiae.ru [144.206.66.47]) by 0.mx.codelabs.ru with esmtpsa (TLSv1:AES256-SHA:256) id 1M9Iza-000Jj8-O9; Wed, 27 May 2009 17:16:26 +0400 Date: Wed, 27 May 2009 17:16:25 +0400 From: Eygene Ryabinkin To: Dag-Erling Sm??rgrav Message-ID: References: <23727599.post@talk.nabble.com> <86prdvipwe.fsf@ds4.des.no> <0vGjPHEq7MqxjtFmBufY+mBxlR4@7oUjtCwN654QcDr16CH+kAk8bJg> <86vdnmiz30.fsf@ds4.des.no> <15QQC+1YeDzOjf35dqyJmioc1ik@XX1fo6zQUfC4h0jjRC6IBz3oNH4> <86prdug1p0.fsf@ds4.des.no> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="nFreZHaLTZJo0R7j" Content-Disposition: inline In-Reply-To: <86prdug1p0.fsf@ds4.des.no> Sender: rea-fbsd@codelabs.ru Cc: freebsd-hackers@freebsd.org, Jakub Lach Subject: Re: FYI Lighttpd 1.4.23 /kernel (trailing '/' on regular file symlink) vulnerability X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: rea-fbsd@codelabs.ru List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2009 13:16:30 -0000 --nFreZHaLTZJo0R7j Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Wed, May 27, 2009 at 02:39:07PM +0200, Dag-Erling Sm??rgrav wrote: > I was working on head. The code is (mostly) the same, just shifted > somewhere between ~50 and ~90 lines depending on where you look. Your > patch should apply cleanly. > > BTW, you made a lot of whitespace changes in namei.h. This is generally > frowned upon, as it makes the functional change almost impossible to > spot in the diff. Yes, spit the patch into two pieces. Thanks for the reminder! > > And yes, I know what was meant by '(cnp->cn_flags & ISSYMLINK) == 0' > > ;)) > > I know you know :) I was just pointing out that the comment is > misleading. Changed it too. All three pieces are attached. Regarding the 'ln -s /etc/motd file; ln -s file/ anotherone': do you (or anyone reading this) think that 'cat anotherone' should really show the contents of /etc/motd or patch's behaviour is good? -- Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;_.-\_ ', fsc/as # _.-'_./ {_.' ; / # -- FreeBSD Developers handbook {_.-``-' {_/ # --nFreZHaLTZJo0R7j Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="vfs_lookup-trailing-symlink-with-slash.diff" Content-Transfer-Encoding: quoted-printable =46rom 03483c8e800680a8b8a3d3f0d1debdf7fd883906 Mon Sep 17 00:00:00 2001 =46rom: Eygene Ryabinkin Date: Wed, 27 May 2009 13:13:16 +0400 Subject: [PATCH 1/3] vfs lookups: properly handle the case of slash at the = end of symlink If symlink points to a non-directory object but the name has trailing slash, then the current lookup/namei implementation will dereference symlink and return dereferenced object instead of symlink even if NOFOLLOW mode is used. That's not good at all :(( Simple test: ----- $ ln -s /etc/motd file $ file file file: symbolic link to `/etc/motd' [ =3D=3D Unpatched variant =3D=3D ] $ file file/ file/: ASCII English text [ =3D=3D Patched variant =3D=3D ] $ file file/ file/: cannot open `file/' (Not a directory) ----- See also: http://www.freebsd.org/cgi/query-pr.cgi?pr=3Dkern/21768 See also: http://lists.freebsd.org/pipermail/freebsd-security/2009-May/0052= 19.html Signed-off-by: Eygene Ryabinkin --- sys/kern/vfs_lookup.c | 24 ++++++++++++++++-------- sys/sys/namei.h | 3 ++- 2 files changed, 18 insertions(+), 9 deletions(-) diff --git a/sys/kern/vfs_lookup.c b/sys/kern/vfs_lookup.c index 3770b55..dc801fd 100644 --- a/sys/kern/vfs_lookup.c +++ b/sys/kern/vfs_lookup.c @@ -138,6 +138,9 @@ namei(struct nameidata *ndp) cnp->cn_flags &=3D ~LOCKSHARED; fdp =3D p->p_fd; =20 + /* Drop internal flag: we will set it ourselves if we'll need it. */ + cnp->cn_flags &=3D ~SLASHTARGET; + /* * Get a buffer for the name to be translated, and copy the * name into the buffer. @@ -683,6 +686,11 @@ unionlookup: ndp->ni_vp =3D dp =3D tdp; } =20 + /* Set "slashed" flag if we found slash at the end of the name */ + if (trailing_slash && (cnp->cn_flags & ISLASTCN)) { + cnp->cn_flags |=3D SLASHTARGET; + } + /* * Check for symbolic link */ @@ -710,14 +718,6 @@ unionlookup: goto success; } =20 - /* - * Check for bogus trailing slashes. - */ - if (trailing_slash && dp->v_type !=3D VDIR) { - error =3D ENOTDIR; - goto bad2; - } - nextname: /* * Not a symbolic link. If more pathname, @@ -741,6 +741,14 @@ nextname: goto dirloop; } /* + * Check if we're processing slashed name + * and lookup target isn't a directory. + */ + if ((cnp->cn_flags & SLASHTARGET) && dp->v_type !=3D VDIR) { + error =3D ENOTDIR; + goto bad2; + } + /* * Disallow directory write attempts on read-only filesystems. */ if (rdonly && diff --git a/sys/sys/namei.h b/sys/sys/namei.h index ac3550d..70e902c 100644 --- a/sys/sys/namei.h +++ b/sys/sys/namei.h @@ -146,7 +146,8 @@ struct nameidata { #define GIANTHELD 0x2000000 /* namei() is holding giant. */ #define AUDITVNODE1 0x4000000 /* audit the looked up vnode information */ #define AUDITVNODE2 0x8000000 /* audit the looked up vnode information */ -#define PARAMASK 0xffffe00 /* mask of parameter descriptors */ +#define SLASHTARGET 0x10000000 /* last component of the name was slashed */ +#define PARAMASK 0x1ffffe00 /* mask of parameter descriptors */ =20 #define NDHASGIANT(NDP) (((NDP)->ni_cnd.cn_flags & GIANTHELD) !=3D 0) =20 --=20 1.6.3.1 --nFreZHaLTZJo0R7j Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="vfs_lookup-trailing-symlink-with-slash-fix-whitespace.diff" Content-Transfer-Encoding: quoted-printable =46rom 2539d4f31a2f85504672e8113343242782e737a7 Mon Sep 17 00:00:00 2001 =46rom: Eygene Ryabinkin Date: Wed, 27 May 2009 17:06:39 +0400 Subject: [PATCH 2/3] namei.h: realign numbers Functional no-op, just for the eye's pleasure. Signed-off-by: Eygene Ryabinkin --- sys/sys/namei.h | 39 ++++++++++++++++++++------------------- 1 files changed, 20 insertions(+), 19 deletions(-) diff --git a/sys/sys/namei.h b/sys/sys/namei.h index 70e902c..c84a823 100644 --- a/sys/sys/namei.h +++ b/sys/sys/namei.h @@ -127,25 +127,26 @@ struct nameidata { * name being sought. The caller is responsible for releasing the * buffer and for vrele'ing ni_startdir. */ -#define RDONLY 0x0000200 /* lookup with read-only semantics */ -#define HASBUF 0x0000400 /* has allocated pathname buffer */ -#define SAVENAME 0x0000800 /* save pathname buffer */ -#define SAVESTART 0x0001000 /* save starting directory */ -#define ISDOTDOT 0x0002000 /* current component name is .. */ -#define MAKEENTRY 0x0004000 /* entry is to be added to name cache */ -#define ISLASTCN 0x0008000 /* this is last component of pathname */ -#define ISSYMLINK 0x0010000 /* symlink needs interpretation */ -#define ISWHITEOUT 0x0020000 /* found whiteout */ -#define DOWHITEOUT 0x0040000 /* do whiteouts */ -#define WILLBEDIR 0x0080000 /* new files will be dirs; allow trailing / */ -#define ISUNICODE 0x0100000 /* current component name is unicode*/ -#define ISOPEN 0x0200000 /* caller is opening; return a real vnode. */ -#define NOCROSSMOUNT 0x0400000 /* do not cross mount points */ -#define NOMACCHECK 0x0800000 /* do not perform MAC checks */ -#define MPSAFE 0x1000000 /* namei() must acquire Giant if needed. */ -#define GIANTHELD 0x2000000 /* namei() is holding giant. */ -#define AUDITVNODE1 0x4000000 /* audit the looked up vnode information */ -#define AUDITVNODE2 0x8000000 /* audit the looked up vnode information */ +#define RDONLY 0x00000200 /* lookup with read-only semantics */ +#define HASBUF 0x00000400 /* has allocated pathname buffer */ +#define SAVENAME 0x00000800 /* save pathname buffer */ +#define SAVESTART 0x00001000 /* save starting directory */ +#define ISDOTDOT 0x00002000 /* current component name is .. */ +#define MAKEENTRY 0x00004000 /* entry is to be added to name cache */ +#define ISLASTCN 0x00008000 /* this is last component of pathname */ +#define ISSYMLINK 0x00010000 /* symlink needs interpretation */ +#define ISWHITEOUT 0x00020000 /* found whiteout */ +#define DOWHITEOUT 0x00040000 /* do whiteouts */ +#define WILLBEDIR 0x00080000 /* new files will be dirs; + * allow trailing / */ +#define ISUNICODE 0x00100000 /* current component name is unicode*/ +#define ISOPEN 0x00200000 /* caller is opening; return a real vnode. */ +#define NOCROSSMOUNT 0x00400000 /* do not cross mount points */ +#define NOMACCHECK 0x00800000 /* do not perform MAC checks */ +#define MPSAFE 0x01000000 /* namei() must acquire Giant if needed. */ +#define GIANTHELD 0x02000000 /* namei() is holding giant. */ +#define AUDITVNODE1 0x04000000 /* audit the looked up vnode information */ +#define AUDITVNODE2 0x08000000 /* audit the looked up vnode information */ #define SLASHTARGET 0x10000000 /* last component of the name was slashed */ #define PARAMASK 0x1ffffe00 /* mask of parameter descriptors */ =20 --=20 1.6.3.1 --nFreZHaLTZJo0R7j Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="vfs_lookup-trailing-symlink-with-slash-fix-comment.diff" Content-Transfer-Encoding: quoted-printable =46rom e92f5e9751e04d458c3d8fcbd53d3cd727b1e75f Mon Sep 17 00:00:00 2001 =46rom: Eygene Ryabinkin Date: Wed, 27 May 2009 17:08:46 +0400 Subject: [PATCH 3/3] vfs_lookup: change misleading comment in namei() Signed-off-by: Eygene Ryabinkin --- sys/kern/vfs_lookup.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/sys/kern/vfs_lookup.c b/sys/kern/vfs_lookup.c index dc801fd..860bea0 100644 --- a/sys/kern/vfs_lookup.c +++ b/sys/kern/vfs_lookup.c @@ -227,7 +227,7 @@ namei(struct nameidata *ndp) vfslocked =3D (ndp->ni_cnd.cn_flags & GIANTHELD) !=3D 0; ndp->ni_cnd.cn_flags &=3D ~GIANTHELD; /* - * Check for symbolic link + * If not a symbolic link, we're done. */ if ((cnp->cn_flags & ISSYMLINK) =3D=3D 0) { if ((cnp->cn_flags & (SAVENAME | SAVESTART)) =3D=3D 0) { --=20 1.6.3.1 --nFreZHaLTZJo0R7j-- From owner-freebsd-hackers@FreeBSD.ORG Wed May 27 14:30:59 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E4FD81065675 for ; Wed, 27 May 2009 14:30:59 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id A34938FC20 for ; Wed, 27 May 2009 14:30:59 +0000 (UTC) (envelope-from des@des.no) Received: from ds4.des.no (cm-84.215.252.34.getinternet.no [84.215.252.34]) by smtp.des.no (Postfix) with ESMTP id 4356A6D41E; Wed, 27 May 2009 16:30:58 +0200 (CEST) Received: by ds4.des.no (Postfix, from userid 1001) id 39B4F844C2; Wed, 27 May 2009 16:30:58 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: rea-fbsd@codelabs.ru References: <23727599.post@talk.nabble.com> <86prdvipwe.fsf@ds4.des.no> <0vGjPHEq7MqxjtFmBufY+mBxlR4@7oUjtCwN654QcDr16CH+kAk8bJg> <86vdnmiz30.fsf@ds4.des.no> <15QQC+1YeDzOjf35dqyJmioc1ik@XX1fo6zQUfC4h0jjRC6IBz3oNH4> <86prdug1p0.fsf@ds4.des.no> Date: Wed, 27 May 2009 16:30:58 +0200 In-Reply-To: (Eygene Ryabinkin's message of "Wed, 27 May 2009 17:16:25 +0400") Message-ID: <86ab4yfwil.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.92 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-hackers@freebsd.org, Jakub Lach Subject: Re: FYI Lighttpd 1.4.23 /kernel (trailing '/' on regular file symlink) vulnerability X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2009 14:31:00 -0000 Eygene Ryabinkin writes: > Regarding the 'ln -s /etc/motd file; ln -s file/ anotherone': do you > (or anyone reading this) think that 'cat anotherone' should really > show the contents of /etc/motd or patch's behaviour is good? if you mean $ ln -fs /etc/motd foo $ ln -fs foo/ bar $ readlink foo bar /etc/motd foo/ $ cat foo then IMHO it should produce an error. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-hackers@FreeBSD.ORG Wed May 27 16:44:37 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E69501065733 for ; Wed, 27 May 2009 16:44:37 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id 9C1C28FC2D for ; Wed, 27 May 2009 16:44:37 +0000 (UTC) (envelope-from des@des.no) Received: from ds4.des.no (cm-84.215.252.34.getinternet.no [84.215.252.34]) by smtp.des.no (Postfix) with ESMTP id 292C16D41D; Wed, 27 May 2009 18:44:36 +0200 (CEST) Received: by ds4.des.no (Postfix, from userid 1001) id DD93684515; Wed, 27 May 2009 18:44:35 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: rea-fbsd@codelabs.ru References: <23727599.post@talk.nabble.com> <86prdvipwe.fsf@ds4.des.no> <0vGjPHEq7MqxjtFmBufY+mBxlR4@7oUjtCwN654QcDr16CH+kAk8bJg> <86vdnmiz30.fsf@ds4.des.no> <15QQC+1YeDzOjf35dqyJmioc1ik@XX1fo6zQUfC4h0jjRC6IBz3oNH4> <86prdug1p0.fsf@ds4.des.no> Date: Wed, 27 May 2009 18:44:35 +0200 In-Reply-To: (Eygene Ryabinkin's message of "Wed, 27 May 2009 17:16:25 +0400") Message-ID: <86vdnmijgs.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.92 (berkeley-unix) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" Cc: freebsd-hackers@freebsd.org, Jakub Lach Subject: Re: FYI Lighttpd 1.4.23 /kernel (trailing '/' on regular file symlink) vulnerability X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2009 16:44:38 -0000 --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Eygene Ryabinkin writes: > [new three-part patch] I committed the namei.h cleanup patch and the vfs_lookup.c comment patch. I made a number of changes to the trailing-slash patch. Can you double-check it before I commit it? DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no --=-=-= Content-Type: text/x-patch Content-Disposition: inline; filename=vfs_lookup-trailing-slash.diff Index: sys/kern/vfs_lookup.c =================================================================== --- sys/kern/vfs_lookup.c (revision 192899) +++ sys/kern/vfs_lookup.c (working copy) @@ -147,6 +147,9 @@ cnp->cn_flags &= ~LOCKSHARED; fdp = p->p_fd; + /* We will set this ourselves if we need it. */ + cnp->cn_flags &= ~TRAILINGSLASH; + /* * Get a buffer for the name to be translated, and copy the * name into the buffer. @@ -533,6 +536,8 @@ if (*cp == '\0') { trailing_slash = 1; *ndp->ni_next = '\0'; /* XXX for direnter() ... */ + if (cnp->cn_flags & ISLASTCN) + cnp->cn_flags |= TRAILINGSLASH; } } ndp->ni_next = cp; @@ -807,14 +812,6 @@ goto success; } - /* - * Check for bogus trailing slashes. - */ - if (trailing_slash && dp->v_type != VDIR) { - error = ENOTDIR; - goto bad2; - } - nextname: /* * Not a symbolic link. If more pathname, @@ -838,6 +835,14 @@ goto dirloop; } /* + * If we're processing a path with a trailing slash, + * check that the end result is a directory. + */ + if ((cnp->cn_flags & TRAILINGSLASH) && dp->v_type != VDIR) { + error = ENOTDIR; + goto bad2; + } + /* * Disallow directory write attempts on read-only filesystems. */ if (rdonly && Index: sys/sys/namei.h =================================================================== --- sys/sys/namei.h (revision 192900) +++ sys/sys/namei.h (working copy) @@ -143,6 +143,8 @@ #define AUDITVNODE1 0x04000000 /* audit the looked up vnode information */ #define AUDITVNODE2 0x08000000 /* audit the looked up vnode information */ #define PARAMASK 0x0ffffe00 /* mask of parameter descriptors */ +#define TRAILINGSLASH 0x10000000 /* path ended in a slash */ +#define PARAMASK 0x1ffffe00 /* mask of parameter descriptors */ #define NDHASGIANT(NDP) (((NDP)->ni_cnd.cn_flags & GIANTHELD) != 0) --=-=-=-- From owner-freebsd-hackers@FreeBSD.ORG Wed May 27 16:46:01 2009 Return-Path: Delivered-To: freebsd-hackers@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5759C10656DE for ; Wed, 27 May 2009 16:46:01 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id 0F2B58FC29 for ; Wed, 27 May 2009 16:46:00 +0000 (UTC) (envelope-from des@des.no) Received: from ds4.des.no (cm-84.215.252.34.getinternet.no [84.215.252.34]) by smtp.des.no (Postfix) with ESMTP id 29C1D6D41E; Wed, 27 May 2009 18:46:00 +0200 (CEST) Received: by ds4.des.no (Postfix, from userid 1001) id 1B6CD84514; Wed, 27 May 2009 18:46:00 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Bruce Evans References: <23727599.post@talk.nabble.com> <86prdvipwe.fsf@ds4.des.no> <20090527233110.E4243@delplex.bde.org> Date: Wed, 27 May 2009 18:46:00 +0200 In-Reply-To: <20090527233110.E4243@delplex.bde.org> (Bruce Evans's message of "Thu, 28 May 2009 01:15:17 +1000 (EST)") Message-ID: <86r5yaijef.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.92 (berkeley-unix) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" Cc: freebsd-hackers@FreeBSD.org, Jakub Lach Subject: Re: FYI Lighttpd 1.4.23 /kernel (trailing '/' on regular file symlink) vulnerability X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2009 16:46:02 -0000 --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Bruce Evans writes: > This seems to be equivalent to the patch in the PR at the time of PR, > except it risks breaking some other cases, so I don't see how it can > work. As discussed on -hackers, it doesn't. This one does, though. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no --=-=-= Content-Type: text/x-patch Content-Disposition: inline; filename=vfs_lookup-trailing-slash.diff Index: sys/kern/vfs_lookup.c =================================================================== --- sys/kern/vfs_lookup.c (revision 192899) +++ sys/kern/vfs_lookup.c (working copy) @@ -147,6 +147,9 @@ cnp->cn_flags &= ~LOCKSHARED; fdp = p->p_fd; + /* We will set this ourselves if we need it. */ + cnp->cn_flags &= ~TRAILINGSLASH; + /* * Get a buffer for the name to be translated, and copy the * name into the buffer. @@ -533,6 +536,8 @@ if (*cp == '\0') { trailing_slash = 1; *ndp->ni_next = '\0'; /* XXX for direnter() ... */ + if (cnp->cn_flags & ISLASTCN) + cnp->cn_flags |= TRAILINGSLASH; } } ndp->ni_next = cp; @@ -807,14 +812,6 @@ goto success; } - /* - * Check for bogus trailing slashes. - */ - if (trailing_slash && dp->v_type != VDIR) { - error = ENOTDIR; - goto bad2; - } - nextname: /* * Not a symbolic link. If more pathname, @@ -838,6 +835,14 @@ goto dirloop; } /* + * If we're processing a path with a trailing slash, + * check that the end result is a directory. + */ + if ((cnp->cn_flags & TRAILINGSLASH) && dp->v_type != VDIR) { + error = ENOTDIR; + goto bad2; + } + /* * Disallow directory write attempts on read-only filesystems. */ if (rdonly && Index: sys/sys/namei.h =================================================================== --- sys/sys/namei.h (revision 192900) +++ sys/sys/namei.h (working copy) @@ -143,6 +143,8 @@ #define AUDITVNODE1 0x04000000 /* audit the looked up vnode information */ #define AUDITVNODE2 0x08000000 /* audit the looked up vnode information */ #define PARAMASK 0x0ffffe00 /* mask of parameter descriptors */ +#define TRAILINGSLASH 0x10000000 /* path ended in a slash */ +#define PARAMASK 0x1ffffe00 /* mask of parameter descriptors */ #define NDHASGIANT(NDP) (((NDP)->ni_cnd.cn_flags & GIANTHELD) != 0) --=-=-=-- From owner-freebsd-hackers@FreeBSD.ORG Wed May 27 17:28:52 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D65111065EC1 for ; Wed, 27 May 2009 17:28:52 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) Received: from 0.mx.codelabs.ru (0.mx.codelabs.ru [144.206.177.45]) by mx1.freebsd.org (Postfix) with ESMTP id 6AC118FC21 for ; Wed, 27 May 2009 17:28:52 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) DomainKey-Signature: a=rsa-sha1; q=dns; c=simple; s=one; d=codelabs.ru; h=Received:Date:From:To:Cc:Subject:Message-ID:Reply-To:References:MIME-Version:Content-Type:Content-Disposition:In-Reply-To:Sender; b=V8D6jB5JzZ8YBVG7KfeH+Omhy4H6Vk+acVC8FMO2CH1cLd+m7+TpZQKAmeg1SaNtFwKaa1ZosWhb24AedXlYYPMtbleNLH8dah8hrtd/L44mRA5wDKq+4Lbbo5uopBeQKQiFIkzLqR0lMXVYOOJVFD7727FZ1D6TFZGQIGhk060=; Received: from daemon.grid.kiae.ru (daemon.grid.kiae.ru [144.206.66.47]) by 0.mx.codelabs.ru with esmtpsa (TLSv1:AES256-SHA:256) id 1M9Mvr-000K2T-7x; Wed, 27 May 2009 21:28:51 +0400 Date: Wed, 27 May 2009 21:28:49 +0400 From: Eygene Ryabinkin To: Dag-Erling Sm??rgrav Message-ID: References: <23727599.post@talk.nabble.com> <86prdvipwe.fsf@ds4.des.no> <0vGjPHEq7MqxjtFmBufY+mBxlR4@7oUjtCwN654QcDr16CH+kAk8bJg> <86vdnmiz30.fsf@ds4.des.no> <15QQC+1YeDzOjf35dqyJmioc1ik@XX1fo6zQUfC4h0jjRC6IBz3oNH4> <86prdug1p0.fsf@ds4.des.no> <86vdnmijgs.fsf@ds4.des.no> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="opJtzjQTFsWo+cga" Content-Disposition: inline In-Reply-To: <86vdnmijgs.fsf@ds4.des.no> Sender: rea-fbsd@codelabs.ru Cc: freebsd-hackers@freebsd.org, Jakub Lach Subject: Re: FYI Lighttpd 1.4.23 /kernel (trailing '/' on regular file symlink) vulnerability X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: rea-fbsd@codelabs.ru List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2009 17:28:54 -0000 --opJtzjQTFsWo+cga Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Wed, May 27, 2009 at 06:44:35PM +0200, Dag-Erling Sm??rgrav wrote: > Eygene Ryabinkin writes: > > [new three-part patch] > > I committed the namei.h cleanup patch and the vfs_lookup.c comment > patch. Thanks! > I made a number of changes to the trailing-slash patch. Can you > double-check it before I commit it? Yes, comments are below. > Index: sys/kern/vfs_lookup.c > =================================================================== > --- sys/kern/vfs_lookup.c (revision 192899) > +++ sys/kern/vfs_lookup.c (working copy) > @@ -147,6 +147,9 @@ > cnp->cn_flags &= ~LOCKSHARED; > fdp = p->p_fd; > > + /* We will set this ourselves if we need it. */ > + cnp->cn_flags &= ~TRAILINGSLASH; > + > /* > * Get a buffer for the name to be translated, and copy the > * name into the buffer. > @@ -533,6 +536,8 @@ > if (*cp == '\0') { > trailing_slash = 1; > *ndp->ni_next = '\0'; /* XXX for direnter() ... */ > + if (cnp->cn_flags & ISLASTCN) > + cnp->cn_flags |= TRAILINGSLASH; 'if ()' looks suspicious: ISLASTCN is set some lines below so it could be not yet flagged. Seems like we could omit 'if ()' clause but leave it's body for the current state of the code -- it will be equivalent to the mine's check. But for the clarity, I will leave the full condition, 'trailing_slash && (cnp->cn_flags & ISLASTCN)' somewhere below the block with ----- if (*ndp->ni_next == 0) cnp->cn_flags |= ISLASTCN; else cnp->cn_flags &= ~ISLASTCN; ----- My original intent was to push it to the bottom of the code to slightly optimize code path: some checks above could already fail and we won't have to perform our test. But now I feel that the best place for the test is immediately below the cited chunk of the code. The rest looks fine. Had you tried your variant of patch? May be I am missing something and the test for ISLASTCN really in place? By the way, I had somewhat extended your regression tests with the intermediate symlink tests, directory tests and device-as-a-target tests. Patches are attached. Will they go? Thanks! -- Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;_.-\_ ', fsc/as # _.-'_./ {_.' ; / # -- FreeBSD Developers handbook {_.-``-' {_/ # --opJtzjQTFsWo+cga Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="vfs-testsuite-dirs-and-double-links.diff" Content-Transfer-Encoding: quoted-printable =46rom 8ed2a144245bdb714217f982f6ee1f7d0b784b1c Mon Sep 17 00:00:00 2001 =46rom: Eygene Ryabinkin Date: Wed, 27 May 2009 20:55:50 +0400 Subject: [PATCH 4/5] vfs regression testuite: add double links and director= y tests Directory tests are to make sure that no regressions were introduced by patches -- they should work on the systems without patched vfs_lookup as at the patched ones. Double link tests should verify that if any part of the symlink chain has trailing slash, then target should be a directory. Signed-off-by: Eygene Ryabinkin --- tools/regression/vfs/trailing_slash.t | 67 +++++++++++++++++++++++++++++= +++- 1 files changed, 66 insertions(+), 1 deletions(-) diff --git a/tools/regression/vfs/trailing_slash.t b/tools/regression/vfs/t= railing_slash.t index fe6d799..5209979 100755 --- a/tools/regression/vfs/trailing_slash.t +++ b/tools/regression/vfs/trailing_slash.t @@ -6,8 +6,10 @@ # point to files. See kern/21768 # =20 +testdir=3D"/tmp/testdir-$$" testfile=3D"/tmp/testfile-$$" testlink=3D"/tmp/testlink-$$" +testlink1=3D"/tmp/testlink1-$$" =20 tests=3D" $testfile:$testlink:$testfile:0 @@ -18,8 +20,29 @@ $testfile/:$testlink:$testlink:1 $testfile/:$testlink:$testlink/:1 " =20 +tests1=3D" +$testfile:$testlink:$testlink:$testlink1:$testlink1:0 +$testfile:$testlink:$testlink/:$testlink1:$testlink1:1 +$testfile:$testlink:$testlink:$testlink1:$testlink1/:1 +$testfile:$testlink:$testlink/:$testlink1:$testlink1/:1 +$testfile/:$testlink:$testlink:$testlink1:$testlink1:1 +$testfile/:$testlink:$testlink/:$testlink1:$testlink1:1 +$testfile/:$testlink:$testlink:$testlink1:$testlink1/:1 +$testfile/:$testlink:$testlink/:$testlink1:$testlink1/:1 +" + +dirtests=3D" +$testdir:$testlink:$testdir:0 +$testdir:$testlink:$testdir/:0 +$testdir:$testlink:$testlink:0 +$testdir:$testlink:$testlink/:0 +$testdir/:$testlink:$testlink:0 +$testdir/:$testlink:$testlink/:0 +" + touch $testfile || exit 1 -trap "rm $testfile $testlink" EXIT +mkdir $testdir || exit 1 +trap "rm $testfile $testlink $testlink1; rmdir $testdir" EXIT =20 set $tests echo "1..$#" @@ -40,3 +63,45 @@ for testspec ; do n=3D$((n+1)) ) done + +set $tests1 +echo "1..$#" +n=3D1 +for testspec ; do + ( + IFS=3D: + set $testspec + unset IFS + ln -fs "$1" "$2" || exit 1 + ln -fs "$3" "$4" || exit 1 + cat "$5" >/dev/null 2>&1 + ret=3D$? + if [ "$ret" -eq "$6" ] ; then + echo "ok $n" + else + echo "fail $n - expected $6, got $ret" + fi + n=3D$((n+1)) + ) +done + +set $dirtests +echo "1..$#" +n=3D1 +for testspec ; do + ( + IFS=3D: + set $testspec + unset IFS + rm -f "$2" || exit 1 + ln -fs "$1" "$2" || exit 1 + touch "$3" >/dev/null 2>&1 + ret=3D$? + if [ "$ret" -eq "$4" ] ; then + echo "ok $n" + else + echo "fail $n - expected $4, got $ret" + fi + n=3D$((n+1)) + ) +done --=20 1.6.3.1 --opJtzjQTFsWo+cga Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="vfs-testsuite-devices-as-destination.diff" Content-Transfer-Encoding: quoted-printable =46rom 2da7b94bc81a81a41550a95821ed54744136400e Mon Sep 17 00:00:00 2001 =46rom: Eygene Ryabinkin Date: Wed, 27 May 2009 21:02:05 +0400 Subject: [PATCH 5/5] vfs regression testsuite: add tests for device being t= he destination Signed-off-by: Eygene Ryabinkin --- tools/regression/vfs/trailing_slash.t | 4 ++++ 1 files changed, 4 insertions(+), 0 deletions(-) diff --git a/tools/regression/vfs/trailing_slash.t b/tools/regression/vfs/t= railing_slash.t index 5209979..cd82a8b 100755 --- a/tools/regression/vfs/trailing_slash.t +++ b/tools/regression/vfs/trailing_slash.t @@ -18,6 +18,10 @@ $testfile:$testlink:$testlink:0 $testfile:$testlink:$testlink/:1 $testfile/:$testlink:$testlink:1 $testfile/:$testlink:$testlink/:1 +/dev/null:$testlink:$testlink:0 +/dev/null:$testlink:$testlink/:1 +/dev/null/:$testlink:$testlink:1 +/dev/null/:$testlink:$testlink/:1 " =20 tests1=3D" --=20 1.6.3.1 --opJtzjQTFsWo+cga-- From owner-freebsd-hackers@FreeBSD.ORG Wed May 27 17:51:09 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 447C71065763 for ; Wed, 27 May 2009 17:51:09 +0000 (UTC) (envelope-from oliver.pntr@gmail.com) Received: from mail-bw0-f213.google.com (mail-bw0-f213.google.com [209.85.218.213]) by mx1.freebsd.org (Postfix) with ESMTP id BD79F8FC0A for ; Wed, 27 May 2009 17:51:08 +0000 (UTC) (envelope-from oliver.pntr@gmail.com) Received: by bwz9 with SMTP id 9so4924846bwz.43 for ; Wed, 27 May 2009 10:51:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=ZEvrhSFii10dl/6bf11Ht3JjRBCT4NHisU+wjXHCS98=; b=JMFyba+A3lA+uNr1Ib5q/nOUrzK3GPQfMUDUNG73iygd5mcv5iZi3nu/B1srk7JTyF DHysEEmGQBL4TYAlBQC0qcUF24UX8tEQV6cG6PQY1LxZ3njqbXl72QGB9F6ySrEYO2HY Sc05SNQIRyfPnxk7U8s26zDfqtlV5mcIxT24E= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=q8Cy1h9PpkS9hxdz3SkxjRMYrsHxs5PZr1FuBAP2mTJKmYjgM3gLhoNZKQZCWcjmCv FHItBbjJ7gasfVtaELFdAw/2/dlPjCzLK0MxU+dR9bvnAVJiKAHXmWrZOMLH5X0dci+k CfBVMBhOiW+8pSnHiR9zBp0HSjFUQix7Y42lA= MIME-Version: 1.0 Received: by 10.103.244.19 with SMTP id w19mr152440mur.133.1243446667314; Wed, 27 May 2009 10:51:07 -0700 (PDT) In-Reply-To: <86vdnmijgs.fsf@ds4.des.no> References: <23727599.post@talk.nabble.com> <86prdvipwe.fsf@ds4.des.no> <0vGjPHEq7MqxjtFmBufY+mBxlR4@7oUjtCwN654QcDr16CH+kAk8bJg> <86vdnmiz30.fsf@ds4.des.no> <15QQC+1YeDzOjf35dqyJmioc1ik@XX1fo6zQUfC4h0jjRC6IBz3oNH4> <86prdug1p0.fsf@ds4.des.no> <86vdnmijgs.fsf@ds4.des.no> Date: Wed, 27 May 2009 19:51:07 +0200 Message-ID: <6101e8c40905271051r3bb9d633kec6d198d45fc9cf6@mail.gmail.com> From: Oliver Pinter To: =?ISO-8859-1?Q?Dag=2DErling_Sm=F8rgrav?= Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: freebsd-hackers@freebsd.org, Jakub Lach Subject: Re: FYI Lighttpd 1.4.23 /kernel (trailing '/' on regular file symlink) vulnerability X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2009 17:51:09 -0000 Hi! This is a redefinitions of PARAMASK in the patch, that you attached -------8<--------- ... #define PARAMASK 0x0ffffe00 /* mask of parameter descriptors */ +#define TRAILINGSLASH 0x10000000 /* path ended in a slash */ +#define PARAMASK 0x1ffffe00 /* mask of parameter descriptors */ ... -------8<--------- On 5/27/09, Dag-Erling Sm=F8rgrav wrote: > Eygene Ryabinkin writes: >> [new three-part patch] > > I committed the namei.h cleanup patch and the vfs_lookup.c comment > patch. > > I made a number of changes to the trailing-slash patch. Can you > double-check it before I commit it? > > DES > -- > Dag-Erling Sm=F8rgrav - des@des.no > > From owner-freebsd-hackers@FreeBSD.ORG Wed May 27 17:59:01 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7B62610657C0 for ; Wed, 27 May 2009 17:59:01 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id 340B28FC0C for ; Wed, 27 May 2009 17:58:59 +0000 (UTC) (envelope-from des@des.no) Received: from ds4.des.no (cm-84.215.252.34.getinternet.no [84.215.252.34]) by smtp.des.no (Postfix) with ESMTP id A7F266D41C; Wed, 27 May 2009 19:58:58 +0200 (CEST) Received: by ds4.des.no (Postfix, from userid 1001) id 970F884514; Wed, 27 May 2009 19:58:58 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Oliver Pinter References: <23727599.post@talk.nabble.com> <86prdvipwe.fsf@ds4.des.no> <0vGjPHEq7MqxjtFmBufY+mBxlR4@7oUjtCwN654QcDr16CH+kAk8bJg> <86vdnmiz30.fsf@ds4.des.no> <15QQC+1YeDzOjf35dqyJmioc1ik@XX1fo6zQUfC4h0jjRC6IBz3oNH4> <86prdug1p0.fsf@ds4.des.no> <86vdnmijgs.fsf@ds4.des.no> <6101e8c40905271051r3bb9d633kec6d198d45fc9cf6@mail.gmail.com> Date: Wed, 27 May 2009 19:58:58 +0200 In-Reply-To: <6101e8c40905271051r3bb9d633kec6d198d45fc9cf6@mail.gmail.com> (Oliver Pinter's message of "Wed, 27 May 2009 19:51:07 +0200") Message-ID: <86eiuaig0t.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.92 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-hackers@freebsd.org, Jakub Lach Subject: Re: FYI Lighttpd 1.4.23 /kernel (trailing '/' on regular file symlink) vulnerability X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2009 17:59:02 -0000 Oliver Pinter writes: > This is a redefinitions of PARAMASK in the patch, that you attached Sorry, I forgot to regenerate the patch after fixing it. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-hackers@FreeBSD.ORG Wed May 27 18:03:58 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D83841065674 for ; Wed, 27 May 2009 18:03:58 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id 923A88FC1A for ; Wed, 27 May 2009 18:03:58 +0000 (UTC) (envelope-from des@des.no) Received: from ds4.des.no (cm-84.215.252.34.getinternet.no [84.215.252.34]) by smtp.des.no (Postfix) with ESMTP id 8D7E56D41D; Wed, 27 May 2009 20:03:57 +0200 (CEST) Received: by ds4.des.no (Postfix, from userid 1001) id 7D81684491; Wed, 27 May 2009 20:03:57 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: rea-fbsd@codelabs.ru References: <23727599.post@talk.nabble.com> <86prdvipwe.fsf@ds4.des.no> <0vGjPHEq7MqxjtFmBufY+mBxlR4@7oUjtCwN654QcDr16CH+kAk8bJg> <86vdnmiz30.fsf@ds4.des.no> <15QQC+1YeDzOjf35dqyJmioc1ik@XX1fo6zQUfC4h0jjRC6IBz3oNH4> <86prdug1p0.fsf@ds4.des.no> <86vdnmijgs.fsf@ds4.des.no> Date: Wed, 27 May 2009 20:03:57 +0200 In-Reply-To: (Eygene Ryabinkin's message of "Wed, 27 May 2009 21:28:49 +0400") Message-ID: <86ab4yifsi.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.92 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-hackers@freebsd.org, Jakub Lach Subject: Re: FYI Lighttpd 1.4.23 /kernel (trailing '/' on regular file symlink) vulnerability X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2009 18:03:59 -0000 Eygene Ryabinkin writes: > 'if ()' looks suspicious: ISLASTCN is set some lines below so it could > be not yet flagged. Seems like we could omit 'if ()' clause but leave > it's body for the current state of the code -- it will be equivalent to > the mine's check. Yes, I was a little too quick there. You're right, we can just drop the if(). Actually, the reason why I moved this up is that I was considering eliminating the trailing_slash variable entirely. > By the way, I had somewhat extended your regression tests with the > intermediate symlink tests, directory tests and device-as-a-target > tests. Patches are attached. Will they go? I'll take a look at them later. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-hackers@FreeBSD.ORG Thu May 28 06:58:28 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DB637106568F for ; Thu, 28 May 2009 06:58:28 +0000 (UTC) (envelope-from kostjn@peterhost.ru) Received: from mail.z8.ru (mail.z8.ru [80.93.58.56]) by mx1.freebsd.org (Postfix) with ESMTP id 9464A8FC15 for ; Thu, 28 May 2009 06:58:28 +0000 (UTC) (envelope-from kostjn@peterhost.ru) Received: from [85.235.196.139] (helo=kostjn.pht) by mail.z8.ru with esmtpa (Exim 4.67 (FreeBSD)) (envelope-from ) id 1M9ZZE-0008Fz-Us for freebsd-hackers@freebsd.org; Thu, 28 May 2009 10:58:20 +0400 Message-ID: <4A1E3688.8050300@peterhost.ru> Date: Thu, 28 May 2009 11:00:24 +0400 From: Menshikov Konstantin User-Agent: Thunderbird 2.0.0.18 (X11/20090328) MIME-Version: 1.0 CC: freebsd-hackers@freebsd.org References: <4A1B8CF8.7030102@peterhost.ru> <20090526120313.GA1927@deviant.kiev.zoral.com.ua> <4A1BE1F8.9050804@peterhost.ru> <20090526123632.GB1927@deviant.kiev.zoral.com.ua> <4A1BE827.2030303@peterhost.ru> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: Disk quota for Jail. Discussion. X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 May 2009 06:58:29 -0000 Robert Watson wrote: > > On Tue, 26 May 2009, Menshikov Konstantin wrote: > >>>> Yes. But jail cannot allocate block and inode above root path. In >>>> allocation functions, whether for example ffs_alloc we have access >>>> to ucred process and we can check up there is a process in jail. >>> >>> Yes, you can check this for jailed process. Think about non-jailed >>> processes that can do allocation below the jail root. >> >> Processes out of jail are not considered. I do not understand, these >> processes have what relation to disk to quotas for jail. Please >> explain more in detail > > Historic UFS quotas are actually not interested in processes at all, > really, except in as much as processes are where exception states are > exposed. UFS quotas count blocks and inodes owned by users based on > the 'uid' and 'gid' fields in the inode. There's now 'jailid' field, > so quotas on this model can't capture the notion of per-jail quotas. > In fact, quotacheck relies on being able to walk the file system > looking only at file system data in order to establish initial usage > accounting. You can imagine adding one, or managing the uid spaces > across jails such that all uids are unique, etc, but all of these > require some amount of rethinking. > > Or, some other model of quota. Frankly, I've always been a fan of the > AFS model, now accessible locally via ZFS, in which lightweight > volumes with quota limits are used for individual user home > directories, virtual machines, etc. This was hard to do in FreeBSD > before ZFS because (a) UFS didn't want to resize trivially and (b) > having lots and lots of mountpoints and file systems wasn't something > we made administratively easy. > > Robert N M Watson > Computer Laboratory > University of Cambridge > Actually realisation of quotas for jail, is reduced to realisation of quotas on catalogue contents. And it is difficult, it is not necessary. Many thanks for answers and explanations. Menshikov Konstantin From owner-freebsd-hackers@FreeBSD.ORG Thu May 28 09:25:19 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B0C671065672 for ; Thu, 28 May 2009 09:25:19 +0000 (UTC) (envelope-from mel.flynn+fbsd.hackers@mailing.thruhere.net) Received: from mailhub.rachie.is-a-geek.net (rachie.is-a-geek.net [66.230.99.27]) by mx1.freebsd.org (Postfix) with ESMTP id 662EE8FC19 for ; Thu, 28 May 2009 09:25:19 +0000 (UTC) (envelope-from mel.flynn+fbsd.hackers@mailing.thruhere.net) Received: from sarevok.dnr.servegame.org (mailhub.lan.rachie.is-a-geek.net [192.168.2.11]) by mailhub.rachie.is-a-geek.net (Postfix) with ESMTP id B03337E83F; Thu, 28 May 2009 01:07:14 -0800 (AKDT) From: Mel Flynn To: freebsd-hackers@freebsd.org Date: Thu, 28 May 2009 11:07:12 +0200 User-Agent: KMail/1.11.3 (FreeBSD/8.0-CURRENT; KDE/4.2.3; i386; ; ) References: <23727599.post@talk.nabble.com> <86prdvipwe.fsf@ds4.des.no> <86my8z8su6.fsf@ds4.des.no> In-Reply-To: <86my8z8su6.fsf@ds4.des.no> MIME-Version: 1.0 Content-Type: Text/Plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Message-Id: <200905281107.12864.mel.flynn+fbsd.hackers@mailing.thruhere.net> Cc: Dag-Erling =?utf-8?q?Sm=C3=B8rgrav?= , Jakub Lach Subject: Re: FYI Lighttpd 1.4.23 /kernel (trailing '/' on regular file symlink) vulnerability X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 May 2009 09:25:20 -0000 On Tuesday 26 May 2009 23:20:01 Dag-Erling Sm=C3=B8rgrav wrote: > Dag-Erling Sm=C3=B8rgrav writes: > > Like bde@ pointed out, the patch is incorrect. It moves the test for > > v_type !=3D VDIR up to a point where, in the case of a symlink, v_type = is > > always (by definition) VLNK. > > Hmm, actually, symlinks are resolved in namei(), not lookup(). This is > not going to be pretty. I'll be back later... I don't pretend to comprehend the kernel side of things fully, but wouldn't= it=20 be easier to append a dot to all trailing slashes inside or before passing = to=20 namei? This works in userland at present and lighttpd could use something=20 similar as a work around until it's fixed: % echo this is foo > foo % ln -fs foo bar % cat bar/ this is foo % cat bar/. cat: bar/.: Not a directory =2D-=20 Mel From owner-freebsd-hackers@FreeBSD.ORG Thu May 28 09:57:04 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EB57F106564A for ; Thu, 28 May 2009 09:57:04 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) Received: from 0.mx.codelabs.ru (0.mx.codelabs.ru [144.206.177.45]) by mx1.freebsd.org (Postfix) with ESMTP id 9DD028FC08 for ; Thu, 28 May 2009 09:57:04 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) DomainKey-Signature: a=rsa-sha1; q=dns; c=simple; s=one; d=codelabs.ru; h=Received:Date:From:To:Cc:Subject:Message-ID:Reply-To:References:MIME-Version:Content-Type:Content-Disposition:In-Reply-To:Sender; b=T14EhhBVyXMFcE7DhERIQYo5fPF/eEjKIGVWiz8qs50zoLkfLz5z7as4eC8Q5d5Mhxsoi75vuCd1fY0HQIiwYptcZug2nwWhGJc2waINgKp8JOVAhBTJu8RY9fsz8gKrtw3gmcVfu+mlDHvC9dtvs16HBZRe5wGKa6MSvzduMc4=; Received: from void.codelabs.ru (void.codelabs.ru [144.206.177.25]) by 0.mx.codelabs.ru with esmtpsa (TLSv1:AES256-SHA:256) id 1M9cMA-000HrL-6T; Thu, 28 May 2009 13:57:02 +0400 Date: Thu, 28 May 2009 13:56:59 +0400 From: Eygene Ryabinkin To: Mel Flynn Message-ID: References: <23727599.post@talk.nabble.com> <86prdvipwe.fsf@ds4.des.no> <86my8z8su6.fsf@ds4.des.no> <200905281107.12864.mel.flynn+fbsd.hackers@mailing.thruhere.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200905281107.12864.mel.flynn+fbsd.hackers@mailing.thruhere.net> Sender: rea-fbsd@codelabs.ru Cc: freebsd-hackers@freebsd.org, Jakub Lach , Dag-Erling Sm??rgrav Subject: Re: FYI Lighttpd 1.4.23 /kernel (trailing '/' on regular file symlink) vulnerability X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: rea-fbsd@codelabs.ru List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 May 2009 09:57:05 -0000 Mel, good day. Thu, May 28, 2009 at 11:07:12AM +0200, Mel Flynn wrote: > On Tuesday 26 May 2009 23:20:01 Dag-Erling Sm??rgrav wrote: > > Dag-Erling Sm??rgrav writes: > > > Like bde@ pointed out, the patch is incorrect. It moves the test for > > > v_type != VDIR up to a point where, in the case of a symlink, v_type is > > > always (by definition) VLNK. > > > > Hmm, actually, symlinks are resolved in namei(), not lookup(). This is > > not going to be pretty. I'll be back later... > I don't pretend to comprehend the kernel side of things fully, but > wouldn't it be easier to append a dot to all trailing slashes inside > or before passing to namei? A dirty hack that puts some additional burden on the namei() ;-/ > This works in userland at present and lighttpd could use something > similar as a work around until it's fixed: Yes, this will work, but it is better to apply the real fix ;)) Dirty hacks aren't good at the long timescales -- they tend to obfuscate the code and put unneeded interprocedure constraints (you should prepend dot to the slash if you want to call namei()/we should add dot to slash to make our life easier/etc). -- Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;_.-\_ ', fsc/as # _.-'_./ {_.' ; / # -- FreeBSD Developers handbook {_.-``-' {_/ # From owner-freebsd-hackers@FreeBSD.ORG Thu May 28 21:30:17 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CE3AE106566B for ; Thu, 28 May 2009 21:30:17 +0000 (UTC) (envelope-from bright@elvis.mu.org) Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by mx1.freebsd.org (Postfix) with ESMTP id BBE718FC0A for ; Thu, 28 May 2009 21:30:17 +0000 (UTC) (envelope-from bright@elvis.mu.org) Received: by elvis.mu.org (Postfix, from userid 1192) id AB6BB1A3C3B; Thu, 28 May 2009 14:30:17 -0700 (PDT) Date: Thu, 28 May 2009 14:30:17 -0700 From: Alfred Perlstein To: Dag-Erling Sm??rgrav Message-ID: <20090528213017.GX67847@elvis.mu.org> References: <4A14F58F.8000801@rawbw.com> <4A1594DA.2010707@rawbw.com> <86ljoig08o.fsf@ds4.des.no> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <86ljoig08o.fsf@ds4.des.no> User-Agent: Mutt/1.4.2.3i Cc: Nate Eldredge , yuri@rawbw.com, freebsd-hackers@freebsd.org Subject: Re: Why kernel kills processes that run out of memory instead of just failing memory allocation system calls? X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 May 2009 21:30:18 -0000 * Dag-Erling Sm??rgrav [090527 06:10] wrote: > Yuri writes: > > I don't have strong opinion for or against "memory overcommit". But I > > can imagine one could argue that fork with intent of exec is a faulty > > scenario that is a relict from the past. It can be replaced by some > > atomic method that would spawn the child without ovecommitting. > > You will very rarely see something like this: > > if ((pid = fork()) == 0) { > execve(path, argv, envp); > _exit(1); > } > > Usually, what you see is closer to this: > > if ((pid = fork()) == 0) { > for (int fd = 3; fd < getdtablesize(); ++fd) > (void)close(fd); > execve(path, argv, envp); > _exit(1); > } I'm probably missing something, but couldn't you iterate in the parent setting the close-on-exec flag then vfork? I guess that wouldn't work for threads AND you'd have to undo it after the fork if you didn't want to retain that behavior? thanks, -Alfred From owner-freebsd-hackers@FreeBSD.ORG Fri May 29 04:54:08 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1806D106566C for ; Fri, 29 May 2009 04:54:08 +0000 (UTC) (envelope-from davidn04@gmail.com) Received: from mail-qy0-f173.google.com (mail-qy0-f173.google.com [209.85.221.173]) by mx1.freebsd.org (Postfix) with ESMTP id C86018FC12 for ; Fri, 29 May 2009 04:54:07 +0000 (UTC) (envelope-from davidn04@gmail.com) Received: by qyk3 with SMTP id 3so8483928qyk.3 for ; Thu, 28 May 2009 21:54:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:content-type:content-transfer-encoding; bh=1ldIw2Htf3u1ZOZh408gNCKkso2Eadl+BUbp5GJ9iPg=; b=d4iDKL3rKoHQv0/geBm4LmGcpipuDDawmeFxD1lqcQG17ahB2yUcP6yIghJk+YAHQi HbqpUT9ZUu0iojiAcLW6153xAK4VgDBRs3GezW2PYIeutLS98oJTGDxueHj0mgORDJXT 4nC2Wid211OgYgs32o1xlRYgBTgwof6FEew9Q= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type :content-transfer-encoding; b=YyPYM8XBR9a2J/cuUosuOKir4hcVLYkNfHH9HUvfRPvVETwjPTPQw05r8XkuZyuOqI MdZwOl93iFphp0Q40VGXb93yNiNsTX6FXHhCD7cyoY51HC+k6Y59lX58n7W++iyOygX4 rQ91TD7CTJNEvS2su8Rd551i98M8MReWS7TtY= MIME-Version: 1.0 Received: by 10.229.84.82 with SMTP id i18mr978435qcl.90.1243571224641; Thu, 28 May 2009 21:27:04 -0700 (PDT) Date: Fri, 29 May 2009 14:27:04 +1000 Message-ID: <4d7dd86f0905282127u5215979akdd8ea286c73f090e@mail.gmail.com> From: David N To: freebsd-hackers@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Debugging via DDB X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2009 04:54:08 -0000 Hi, I know this might sound like a newbie question. I'm trying to debug a "Lockup" on 7.2-RELEASE. I've compiled DDB and KDB into the kernel and make installkernel. (Can this be called a deadlock?) The machine still response to pings, but it looks like all disk activity has stopped. I can break into the debugger using CTRL-ALT-ESC, but after that, i dont know what I'm looking for in particular. bt (backtrace) gives me the stuff like the keyboard mutex ( i assume it was the last thing that happened, but obviously it was the break) Should I be including WITNESS? Regards David N From owner-freebsd-hackers@FreeBSD.ORG Fri May 29 06:04:31 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 620F51065672 for ; Fri, 29 May 2009 06:04:31 +0000 (UTC) (envelope-from mat.macy@gmail.com) Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.247]) by mx1.freebsd.org (Postfix) with ESMTP id 1B7C08FC1B for ; Fri, 29 May 2009 06:04:30 +0000 (UTC) (envelope-from mat.macy@gmail.com) Received: by an-out-0708.google.com with SMTP id c3so3152794ana.13 for ; Thu, 28 May 2009 23:04:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to:cc :content-type:content-transfer-encoding; bh=/XBaL5+jRvBLojIjxYAjYIiXiiAmewy7+Bf7jd/3V/4=; b=Y5w01pFFGEJkQB5CCj/ipF6Yj4ddf+VBDjW7++9vxeomTo1qWZa7CFbXsKqowTnrWL tYyuOh6aqNtSgNanSeNVZF8x5024RVJWa7C79icWHup4JRmi577QitGaxX5itXSC62z3 xr2KD+Tu8lNT0B7I5CLLzEjom5nFrMqfgo3QY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; b=TYRtygdAjFT5NE7nwH9U0rFaEuZP3PruP30o4VDxhY5BhIZOgApI1ajw7DKSb7F8ts 048+gIlaBsWd94DkUCgqm1Wn00TWa2WS2vw9MGxRDOkhWc9n42yrWZ8Cy0N2zaINKBO8 mlEYvqkUyQGA7P9CkDqXFnZqwbOHIyx/Bn1Xs= MIME-Version: 1.0 Sender: mat.macy@gmail.com Received: by 10.100.241.17 with SMTP id o17mr3100306anh.134.1243577069856; Thu, 28 May 2009 23:04:29 -0700 (PDT) In-Reply-To: <4d7dd86f0905282127u5215979akdd8ea286c73f090e@mail.gmail.com> References: <4d7dd86f0905282127u5215979akdd8ea286c73f090e@mail.gmail.com> Date: Thu, 28 May 2009 23:04:29 -0700 X-Google-Sender-Auth: 234b37b4925bbf8c Message-ID: <3c1674c90905282304s223349c4p8523abbbed8ade0b@mail.gmail.com> From: Kip Macy To: David N Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-hackers@freebsd.org Subject: Re: Debugging via DDB X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2009 06:04:31 -0000 On Thu, May 28, 2009 at 9:27 PM, David N wrote: > Hi, > > I know this might sound like a newbie question. > > I'm trying to debug a "Lockup" on 7.2-RELEASE. I've compiled DDB and > KDB into the kernel and make installkernel. (Can this be called a > deadlock?) > > The machine still response to pings, but it looks like all disk > activity has stopped. > > I can break into the debugger using CTRL-ALT-ESC, but after that, i > dont know what I'm looking for in particular. > > bt (backtrace) gives me the stuff like the keyboard mutex ( i assume > it was the last thing that happened, but obviously it was the break) > > Should I be including WITNESS? Include WITNESS. "ps" to list processes, "show proc" to see proc info, "thread " to switch to a thread, "show locks" to see locks held, show sleepc to see what you're blocked on (if a sleepq), and "show alllocks" to see all locks held -Kip From owner-freebsd-hackers@FreeBSD.ORG Fri May 29 09:49:23 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1A3491065673; Fri, 29 May 2009 09:49:23 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id A4A2F8FC17; Fri, 29 May 2009 09:49:22 +0000 (UTC) (envelope-from des@des.no) Received: from ds4.des.no (des.no [84.49.246.2]) by smtp.des.no (Postfix) with ESMTP id ED43F6D41C; Fri, 29 May 2009 11:49:21 +0200 (CEST) Received: by ds4.des.no (Postfix, from userid 1001) id BEEBC844EE; Fri, 29 May 2009 11:49:21 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Alfred Perlstein References: <4A14F58F.8000801@rawbw.com> <4A1594DA.2010707@rawbw.com> <86ljoig08o.fsf@ds4.des.no> <20090528213017.GX67847@elvis.mu.org> Date: Fri, 29 May 2009 11:49:21 +0200 In-Reply-To: <20090528213017.GX67847@elvis.mu.org> (Alfred Perlstein's message of "Thu, 28 May 2009 14:30:17 -0700") Message-ID: <863aaow866.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.92 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: Nate Eldredge , yuri@rawbw.com, freebsd-hackers@freebsd.org Subject: Re: Why kernel kills processes that run out of memory instead of just failing memory allocation system calls? X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2009 09:49:23 -0000 Alfred Perlstein writes: > Dag-Erling Sm=C3=B8rgrav writes: > > Usually, what you see is closer to this: > >=20 > > if ((pid =3D fork()) =3D=3D 0) { > > for (int fd =3D 3; fd < getdtablesize(); ++fd) > > (void)close(fd); > > execve(path, argv, envp); > > _exit(1); > > } > > I'm probably missing something, but couldn't you iterate=20 > in the parent setting the close-on-exec flag then vfork? This is an example, Alfred. Like most examples, it is greatly simplified. I invite you to peruse the source to find real-world instances of non-trivial fork() / execve() usage. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-hackers@FreeBSD.ORG Fri May 29 16:53:23 2009 Return-Path: Delivered-To: freebsd-hackers@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D31631065680 for ; Fri, 29 May 2009 16:53:23 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id 5626E8FC08 for ; Fri, 29 May 2009 16:53:23 +0000 (UTC) (envelope-from des@des.no) Received: from ds4.des.no (des.no [84.49.246.2]) by smtp.des.no (Postfix) with ESMTP id 4D85F6D41F; Fri, 29 May 2009 18:53:22 +0200 (CEST) Received: by ds4.des.no (Postfix, from userid 1001) id 273E1844EE; Fri, 29 May 2009 18:53:22 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Bruce Evans References: <23727599.post@talk.nabble.com> <86prdvipwe.fsf@ds4.des.no> <20090527233110.E4243@delplex.bde.org> <86r5yaijef.fsf@ds4.des.no> <20090529210855.V1643@besplex.bde.org> Date: Fri, 29 May 2009 18:53:22 +0200 In-Reply-To: <20090529210855.V1643@besplex.bde.org> (Bruce Evans's message of "Sat, 30 May 2009 02:01:47 +1000 (EST)") Message-ID: <86vdnju9z1.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.92 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-hackers@FreeBSD.org, Jakub Lach Subject: Re: FYI Lighttpd 1.4.23 /kernel (trailing '/' on regular file symlink) vulnerability X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2009 16:53:24 -0000 Bruce Evans writes: > Dag-Erling Sm=C3=B8rgrav writes: > % Index: sys/kern/vfs_lookup.c > % =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > % --- sys/kern/vfs_lookup.c (revision 192899) > % +++ sys/kern/vfs_lookup.c (working copy) > % @@ -147,6 +147,9 @@ > % cnp->cn_flags &=3D ~LOCKSHARED; > % fdp =3D p->p_fd; > % % + /* We will set this ourselves if we need it. */ > % + cnp->cn_flags &=3D ~TRAILINGSLASH; > % + > > Can TRAILINGSLASH ever be set here? Is namei() ever called recursively? "suspenders and a belt" It is hypothetically possible for the caller to have set it. > % /* > % * Get a buffer for the name to be translated, and copy the > % * name into the buffer. > % @@ -533,6 +536,8 @@ > % if (*cp =3D=3D '\0') { > % trailing_slash =3D 1; > > I thought at first that this flag can go away. I intend to remove it later - I just wanted to get the bug fixed first. I'm happy to hear that removing it will fix the two bugs introduced by the patch I committed :) DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-hackers@FreeBSD.ORG Fri May 29 16:58:09 2009 Return-Path: Delivered-To: freebsd-hackers@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5E77E106566B for ; Fri, 29 May 2009 16:58:09 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id 1E46F8FC15 for ; Fri, 29 May 2009 16:58:08 +0000 (UTC) (envelope-from des@des.no) Received: from ds4.des.no (des.no [84.49.246.2]) by smtp.des.no (Postfix) with ESMTP id 488EA6D421; Fri, 29 May 2009 18:58:08 +0200 (CEST) Received: by ds4.des.no (Postfix, from userid 1001) id 26FF4844EE; Fri, 29 May 2009 18:58:08 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Bruce Evans References: <23727599.post@talk.nabble.com> <86prdvipwe.fsf@ds4.des.no> <20090527233110.E4243@delplex.bde.org> <86r5yaijef.fsf@ds4.des.no> <20090529210855.V1643@besplex.bde.org> <86vdnju9z1.fsf@ds4.des.no> Date: Fri, 29 May 2009 18:58:08 +0200 In-Reply-To: <86vdnju9z1.fsf@ds4.des.no> ("Dag-Erling =?utf-8?Q?Sm=C3=B8rg?= =?utf-8?Q?rav=22's?= message of "Fri, 29 May 2009 18:53:22 +0200") Message-ID: <86r5y7u9r3.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.92 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-hackers@FreeBSD.org, Jakub Lach Subject: Re: FYI Lighttpd 1.4.23 /kernel (trailing '/' on regular file symlink) vulnerability X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2009 16:58:09 -0000 How's this? Index: sys/kern/vfs_lookup.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- sys/kern/vfs_lookup.c (revision 193028) +++ sys/kern/vfs_lookup.c (working copy) @@ -454,7 +454,6 @@ int docache; /* =3D=3D 0 do not cache last component */ int wantparent; /* 1 =3D> wantparent or lockparent flag */ int rdonly; /* lookup read-only flag bit */ - int trailing_slash; int error =3D 0; int dpunlocked =3D 0; /* dp has already been unlocked */ struct componentname *cnp =3D &ndp->ni_cnd; @@ -529,12 +528,10 @@ * trailing slashes to handle symlinks, existing non-directories * and non-existing files that won't be directories specially later. */ - trailing_slash =3D 0; while (*cp =3D=3D '/' && (cp[1] =3D=3D '/' || cp[1] =3D=3D '\0')) { cp++; ndp->ni_pathlen--; if (*cp =3D=3D '\0') { - trailing_slash =3D 1; *ndp->ni_next =3D '\0'; /* XXX for direnter() ... */ cnp->cn_flags |=3D TRAILINGSLASH; } @@ -711,7 +708,7 @@ error =3D EROFS; goto bad; } - if (*cp =3D=3D '\0' && trailing_slash && + if (*cp =3D=3D '\0' && (cnp->cn_flags & TRAILINGSLASH) && !(cnp->cn_flags & WILLBEDIR)) { error =3D ENOENT; goto bad; @@ -788,7 +785,7 @@ * Check for symbolic link */ if ((dp->v_type =3D=3D VLNK) && - ((cnp->cn_flags & FOLLOW) || trailing_slash || + ((cnp->cn_flags & FOLLOW) || (cnp->cn_flags & TRAILINGSLASH) || *ndp->ni_next =3D=3D '/')) { cnp->cn_flags |=3D ISSYMLINK; if (dp->v_iflag & VI_DOOMED) { BTW, what does the "XXX for direnter()" comment mean? DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-hackers@FreeBSD.ORG Fri May 29 18:35:17 2009 Return-Path: Delivered-To: freebsd-hackers@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2E5131065672 for ; Fri, 29 May 2009 18:35:17 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) Received: from 0.mx.codelabs.ru (0.mx.codelabs.ru [144.206.177.45]) by mx1.freebsd.org (Postfix) with ESMTP id D5C158FC1A for ; Fri, 29 May 2009 18:35:16 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) DomainKey-Signature: a=rsa-sha1; q=dns; c=simple; s=one; d=codelabs.ru; h=Received:Date:From:To:Cc:Subject:Message-ID:Reply-To:References:MIME-Version:Content-Type:Content-Disposition:In-Reply-To:Sender; b=L0kk78HjDbx1BFZyuZ8H6NKJeUpeXPZ7LiXhAD0CPRPcwMpyJCSgoKc71IuKF/QnD0ud/+Ad/fA/8M5jKb6iYnZT8N6FkQewNcFBb9k3En4ptTa26/SrqgmKdKa/m0JOxo8cJtCS11yUgXmz3FgfQKceeJnfD7yoNedo5UMnyZM=; Received: from phoenix.codelabs.ru (ppp85-141-65-62.pppoe.mtu-net.ru [85.141.65.62]) by 0.mx.codelabs.ru with esmtpsa (TLSv1:AES256-SHA:256) id 1MA6v8-0007l1-6m; Fri, 29 May 2009 22:35:10 +0400 Date: Fri, 29 May 2009 22:35:07 +0400 From: Eygene Ryabinkin To: Dag-Erling Sm??rgrav Message-ID: <7Wfi244TRj6h0BU0G5CUnAA6n1Y@BpFm1zkZmHABxHH1eUOcQSRoWTc> References: <23727599.post@talk.nabble.com> <86prdvipwe.fsf@ds4.des.no> <20090527233110.E4243@delplex.bde.org> <86r5yaijef.fsf@ds4.des.no> <20090529210855.V1643@besplex.bde.org> <86vdnju9z1.fsf@ds4.des.no> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <86vdnju9z1.fsf@ds4.des.no> Sender: rea-fbsd@codelabs.ru Cc: freebsd-hackers@FreeBSD.org, Jakub Lach , Bruce Evans Subject: Re: FYI Lighttpd 1.4.23 /kernel (trailing '/' on regular file symlink) vulnerability X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: rea-fbsd@codelabs.ru List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2009 18:35:17 -0000 Fri, May 29, 2009 at 06:53:22PM +0200, Dag-Erling Sm??rgrav wrote: > Bruce Evans writes: > > % /* > > % * Get a buffer for the name to be translated, and copy the > > % * name into the buffer. > > % @@ -533,6 +536,8 @@ > > % if (*cp == '\0') { > > % trailing_slash = 1; > > > > I thought at first that this flag can go away. > > I intend to remove it later - I just wanted to get the bug fixed first. > I'm happy to hear that removing it will fix the two bugs introduced by > the patch I committed :) What are those bugs? -- Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;_.-\_ ', fsc/as # _.-'_./ {_.' ; / # -- FreeBSD Developers handbook {_.-``-' {_/ # From owner-freebsd-hackers@FreeBSD.ORG Fri May 29 19:31:37 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EDCB5106567B for ; Fri, 29 May 2009 19:31:37 +0000 (UTC) (envelope-from bright@elvis.mu.org) Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by mx1.freebsd.org (Postfix) with ESMTP id DA23F8FC22 for ; Fri, 29 May 2009 19:31:37 +0000 (UTC) (envelope-from bright@elvis.mu.org) Received: by elvis.mu.org (Postfix, from userid 1192) id 94EA01A3C3B; Fri, 29 May 2009 12:31:37 -0700 (PDT) Date: Fri, 29 May 2009 12:31:37 -0700 From: Alfred Perlstein To: Dag-Erling Sm??rgrav Message-ID: <20090529193137.GH67847@elvis.mu.org> References: <4A14F58F.8000801@rawbw.com> <4A1594DA.2010707@rawbw.com> <86ljoig08o.fsf@ds4.des.no> <20090528213017.GX67847@elvis.mu.org> <863aaow866.fsf@ds4.des.no> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <863aaow866.fsf@ds4.des.no> User-Agent: Mutt/1.4.2.3i Cc: Nate Eldredge , yuri@rawbw.com, freebsd-hackers@freebsd.org Subject: Re: Why kernel kills processes that run out of memory instead of just failing memory allocation system calls? X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2009 19:31:38 -0000 * Dag-Erling Sm??rgrav [090529 02:49] wrote: > Alfred Perlstein writes: > > Dag-Erling Sm??rgrav writes: > > > Usually, what you see is closer to this: > > > > > > if ((pid = fork()) == 0) { > > > for (int fd = 3; fd < getdtablesize(); ++fd) > > > (void)close(fd); > > > execve(path, argv, envp); > > > _exit(1); > > > } > > > > I'm probably missing something, but couldn't you iterate > > in the parent setting the close-on-exec flag then vfork? > > This is an example, Alfred. Like most examples, it is greatly > simplified. I invite you to peruse the source to find real-world > instances of non-trivial fork() / execve() usage. It wasn't meant to critisize, just ask a question for the specific instance because it made me curious. I know how bad it can be with vfork as I observed a few fixes involving mistaken use of vfork at another job. So yes, there's more than one way to skin a cat for this particular example... but in practice using vfork()+exec() is hard to get right? -- - Alfred Perlstein From owner-freebsd-hackers@FreeBSD.ORG Fri May 29 23:50:36 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 94367106564A for ; Fri, 29 May 2009 23:50:36 +0000 (UTC) (envelope-from tam.sergio@gmail.com) Received: from mail-ew0-f164.google.com (mail-ew0-f164.google.com [209.85.219.164]) by mx1.freebsd.org (Postfix) with ESMTP id 2AC798FC25 for ; Fri, 29 May 2009 23:50:35 +0000 (UTC) (envelope-from tam.sergio@gmail.com) Received: by ewy8 with SMTP id 8so3148540ewy.43 for ; Fri, 29 May 2009 16:50:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:content-type:content-transfer-encoding; bh=Ou63ZLJ1ICTzwjR7L7CgTU4dAZ32d3/Z5T8D2UdLQL4=; b=xHpS0GjbokN9aTq1O1gwn1JsEmW2KHGTscKz6YsvhfOP8urLO2KY/Wy3kczCflHhdt QIKWXCHO4PatvpsI99F7fVR1pzX6M1bEuhQc5//OvwJ+qwRA+STO0r+qb/WopCYA2NyW 7zOlduGmhlmSNwfQK+Oa3ksXSfil7hryM+b2w= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type :content-transfer-encoding; b=spUKbL17xkFrZHh6YhiEyMQBpeNkKgP/RkGw/jcWi32zq5BeQtLkbETspChhBqnix9 p8KOr3DyLONtnZyWthizw2Yh0U+OGDAAFYPB1UhgKyTGYI9RrNIua7BwUdAZwVUBI1WO 652JGRiavkF6VxhAC+49o+8DwXrGC0cghY9HQ= MIME-Version: 1.0 Received: by 10.216.25.144 with SMTP id z16mr1097467wez.179.1243639134266; Fri, 29 May 2009 16:18:54 -0700 (PDT) Date: Fri, 29 May 2009 18:18:54 -0500 Message-ID: From: Sergio Tam To: freebsd-hackers@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: Log message X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2009 23:50:37 -0000 Hi On the /var/log/messages show this: kernel: pid 33785: corrected slot count (4->1) =BFWhats means? Thanks for your time. Regards From owner-freebsd-hackers@FreeBSD.ORG Sat May 30 00:00:29 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 456131065670 for ; Sat, 30 May 2009 00:00:29 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outS.internet-mail-service.net (outs.internet-mail-service.net [216.240.47.242]) by mx1.freebsd.org (Postfix) with ESMTP id 296768FC08 for ; Sat, 30 May 2009 00:00:29 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 754BDE3FC7; Fri, 29 May 2009 17:00:29 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id AAC482D6006; Fri, 29 May 2009 17:00:28 -0700 (PDT) Message-ID: <4A20771C.9040008@elischer.org> Date: Fri, 29 May 2009 17:00:28 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.21 (Macintosh/20090302) MIME-Version: 1.0 To: Sergio Tam References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Cc: freebsd-hackers@freebsd.org Subject: Re: Log message X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 May 2009 00:00:29 -0000 Sergio Tam wrote: > Hi > > On the /var/log/messages show this: > > kernel: pid 33785: corrected slot count (4->1) > > ¿Whats means? > > > Thanks for your time. > > Regards > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" It means that you are running an old system, using M:N threads and that the threading code somehow lost track of how may threads were running on that process. The system scheduler corrected it. I never figured out the situation when this occured but it goes away if you move to a newer version of the OS and go to linking with libthr. From owner-freebsd-hackers@FreeBSD.ORG Sat May 30 02:23:29 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 91D96106564A for ; Sat, 30 May 2009 02:23:29 +0000 (UTC) (envelope-from tam.sergio@gmail.com) Received: from mail-ew0-f164.google.com (mail-ew0-f164.google.com [209.85.219.164]) by mx1.freebsd.org (Postfix) with ESMTP id E59D38FC0C for ; Sat, 30 May 2009 02:23:28 +0000 (UTC) (envelope-from tam.sergio@gmail.com) Received: by ewy8 with SMTP id 8so3194434ewy.43 for ; Fri, 29 May 2009 19:23:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:content-type:content-transfer-encoding; bh=7UcRoM7hhMg65t1lSVcD3+HqwttNE/uEcxTaaY+TQM4=; b=wn8jZwkOysuFswv39x6K1Rp9ch+S1U2Yp/Mww4OtJ3yYjM/TERrFqF2ZRkAQ567Efd MEAHH8BnLXp239vqkbssWQHZDR7mrIddgJ/3/PUO33wCey6Xno/nD/ROHmoKfKueXx49 vG6B71LEl1pIfRtYfqVroJCIN7s+v6Yc7beRA= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type :content-transfer-encoding; b=IMZJ0nQpoakZyJ9yGxOW/ElwV+ihSQpyVzV511w8mwesjIrrDYD/0Qp51ZYW1Mi8sk pP54mh4coOB8aM5PeAdmQkgi+x+iwHoQUcQXbL55bdx84yzL3/iFyFTYeOlk4vGcbjt3 zQoZ4+7cRsdGXue/Sqqz7JnNEb/c2yozvJBhI= MIME-Version: 1.0 Received: by 10.216.36.84 with SMTP id v62mr1134174wea.128.1243650207988; Fri, 29 May 2009 19:23:27 -0700 (PDT) Date: Fri, 29 May 2009 21:23:27 -0500 Message-ID: From: Sergio Tam To: freebsd-hackers@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: Re: Log message X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 May 2009 02:23:30 -0000 2009/5/29 Julian Elischer : > Sergio Tam wrote: >> On the /var/log/messages show this: >> >> kernel: pid 33785: corrected slot count (4->1) >> >> =BFWhats means? > > It means that you are running an old system, using M:N threads and that t= he > threading code somehow lost track of how may threads were running on that > process. The system scheduler corrected it. > > I never figured out the situation when this occured but it goes away if y= ou > move to a newer version of the OS and go to linking with libthr. > Thank you very much. Regards. From owner-freebsd-hackers@FreeBSD.ORG Sat May 30 12:45:18 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F344B1065673 for ; Sat, 30 May 2009 12:45:17 +0000 (UTC) (envelope-from gemochka@gmail.com) Received: from mail-fx0-f163.google.com (mail-fx0-f163.google.com [209.85.220.163]) by mx1.freebsd.org (Postfix) with ESMTP id 8180A8FC08 for ; Sat, 30 May 2009 12:45:17 +0000 (UTC) (envelope-from gemochka@gmail.com) Received: by fxm7 with SMTP id 7so199197fxm.43 for ; Sat, 30 May 2009 05:45:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:content-type; bh=i1z7b9JCy5/n0f7npb0Sa+4bP81caRQ6pjJLGq6NOjY=; b=Zkrq8YNmija2qXRGg4otHFG4qOg3CX280XjLNCP7ow9v3+oZiVQ+ZUYe9pRrk5pm6T 3d+rXKkMtOU7mEIqQFtWxEJG8TNlSTXpyG6sEJeU2IfBzb6O/zGX+G+yR9l60I4VjzU/ DV5Ox5ByH85i52TKScIY1HOH91b5B7ZVfrAg4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=NYEOvtXyxIe/F02ytNMpqKN2KVElyWGOnASqRo/2vJwzj/mi7n5ACJy/COJFE8jikm jDUYmM6v2UAuegR2LTgdk8rBOEen+5mJs9BdSpvsmEIeueXz59c9wJoFcpsFvIHaOBFs Uw1pMFeRYHwoXXZacA0cXKfLwJdrA9UqVcMlQ= MIME-Version: 1.0 Received: by 10.103.244.4 with SMTP id w4mr2177814mur.90.1243685570827; Sat, 30 May 2009 05:12:50 -0700 (PDT) Date: Sat, 30 May 2009 16:12:50 +0400 Message-ID: <84133fac0905300512ja548f95v756eb4e006f06ac8@mail.gmail.com> From: Gema niskazhu To: freebsd-hackers@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: pf nat+bridge X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 May 2009 12:45:18 -0000 Hi all! First of all sorry for my bad english again =) I've got some problems with nat gw with pf. My situation is pretty simple: I've got 2 networks: external - 10.7.240.0/20 and a internal qemu network with a tap networking 192.168.0/24 External and internal ifaces are bridged cloned_interfaces="tap0 bridge0" autobridge_interfaces="bridge0" autobridge_bridge0="tap0 nfe0" I've dhcpd on nfe0 and it could be accesed through bridge. I've such a simple rule in pf.conf: qemu_if = "tap0" ext_if = "nfe0" nat on $ext_if from $qemu_if:network to any -> ($ext_if) pass from {lo0,$qemu_if:network } to any keep state But none packet forwarded if we try to acces external host from internal network. Is there any specificity of nat'ing bridged networks? Or i mistaken some where else? Sorry for dumb question. Thanks a lot in advance! From owner-freebsd-hackers@FreeBSD.ORG Sat May 30 17:52:48 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 45AE51065670 for ; Sat, 30 May 2009 17:52:48 +0000 (UTC) (envelope-from xorquewasp@googlemail.com) Received: from ey-out-2122.google.com (ey-out-2122.google.com [74.125.78.24]) by mx1.freebsd.org (Postfix) with ESMTP id C224C8FC19 for ; Sat, 30 May 2009 17:52:47 +0000 (UTC) (envelope-from xorquewasp@googlemail.com) Received: by ey-out-2122.google.com with SMTP id 22so200887eye.7 for ; Sat, 30 May 2009 10:52:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:received:date:from:to:subject :message-id:mime-version:content-type:content-disposition; bh=0Le95p4B3O37l6fz12ORqp4NyESIQZNcGQiDrk/ie7A=; b=n98ZPo4HowJbZV/d2nZ1swWdfjAGKWrH11+fOuBgkP71jiA9msKjQ48MfUOAB3ck+u fiwHVdnSFQTcss5Bu38xpU6qemCQepumB6bOyyOYwr7MR4hhdQgySucIGHzN/3Be1zix JWMSJ43MZRBbQgvT4p2OXpfkQFOFLBBaqbyNk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=date:from:to:subject:message-id:mime-version:content-type :content-disposition; b=MmljkZDVlb5pxL2cKzCWttBQXzPc3Mxc99Y8cEXEEda16jvDIa1m6wmt0vOlyEmvzf Pq4hLTllhBa6G4TPVBMjNcGItkwswLDVG2XOhtJb3OJyHmXvhOU3+W9DRMOOgnjxdtA2 /xYtQ+qcy7TqGA2l7h3YgUbzEDLTXoeAoXZB8= Received: by 10.210.37.16 with SMTP id k16mr1743860ebk.34.1243705966278; Sat, 30 May 2009 10:52:46 -0700 (PDT) Received: from logik.internal.network (81-86-41-187.dsl.pipex.com [81.86.41.187]) by mx.google.com with ESMTPS id 10sm3894416ewy.36.2009.05.30.10.52.44 (version=TLSv1/SSLv3 cipher=OTHER); Sat, 30 May 2009 10:52:44 -0700 (PDT) Received: by logik.internal.network (Postfix, from userid 11001) id 3B0A65D59; Sat, 30 May 2009 17:52:39 +0000 (UTC) Date: Sat, 30 May 2009 18:52:39 +0100 From: xorquewasp@googlemail.com To: freebsd-hackers@freebsd.org Message-ID: <20090530175239.GA25604@logik.internal.network> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Subject: Request for opinions - gvinum or ccd? X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 May 2009 17:52:48 -0000 Hello. I'm planning to stripe two disks into a RAID0 configuration. As far as I can tell, my hardware has no hardware RAID support and therefore I'll be going the software route. The machine in question is a workstation used to process large datasets (audio and video) and do lots of compilation. Simple question then as the handbook describes both ccd and gvinum - which should I pick? From owner-freebsd-hackers@FreeBSD.ORG Sat May 30 19:12:15 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C09A31065674 for ; Sat, 30 May 2009 19:12:15 +0000 (UTC) (envelope-from mwm-keyword-freebsdhackers2.e313df@mired.org) Received: from mired.org (two.mired.org [74.143.213.43]) by mx1.freebsd.org (Postfix) with ESMTP id 6D4098FC0C for ; Sat, 30 May 2009 19:12:15 +0000 (UTC) (envelope-from mwm-keyword-freebsdhackers2.e313df@mired.org) Received: (qmail 38984 invoked by uid 1001); 30 May 2009 14:43:55 -0400 Received: from bhuda.mired.org (localhost.localdomain [127.0.0.1]) by bhuda (tmda-ofmipd) with ESMTP; Sat, 30 May 2009 14:43:54 -0400 Date: Sat, 30 May 2009 14:43:54 -0400 To: xorquewasp@googlemail.com Message-ID: <20090530144354.2255f722@bhuda.mired.org> In-Reply-To: <20090530175239.GA25604@logik.internal.network> References: <20090530175239.GA25604@logik.internal.network> Organization: Meyer Consulting X-Mailer: Claws Mail 3.7.1 (GTK+ 2.14.7; amd64-portbld-freebsd7.1) Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAG1BMVEXguIzRkGnhyaz069mXhW0WHRnbrnR9WCQ6LB0CchNMAAACSUlEQVQ4jV2TQW7jMAxFGaPQOgQEdZaGMsgBrAvUA03dCxj1Uu4U2gfwQD7AGNax51NK07RcxXz6/CSl0Ij450vkPG1jzpIZM1UwDCl/xB14TWnNX8A00Qj5a0mnVFVbVUz4MeErea2HikSRqZzY894zwg9p2+/AtO8LzxFED+tNAUFeU29iFOLRxlZAcdo9A8wi8ZBMV4BKPde82Oxrvs6BTkulQIClte0DLFzzsKk9j1MBex8iUaP00Bd78S/muyFScrTXz6zLkEUxJp+SabQfNOs4f4Jpx5qSZ/304PWwlEWP1cOn/mJQR7EOD+uKhjcBLziuL7xoY5Xm+VFAUSw/LwwwsHEHxihpwV4EJH0xXRkbw1PkRw+X4pEuSJwBggqk+HEYKkiL5/74/nQkogigzQsAFrakxZyfw3wMIEEZPv4AWMfxwqE5GNxGaERjmH+PG8AE0L4/w9g0lsp1raLYAN5azQa+AOoO9NwcpFkTrG2VKNMNEL5UKUUAw34tha0z7onUG0oBoNtczE04GwFE3wCHc0ChezAJ6A1WMV81AtY7wDAJSlXwV+4cwBvsOsrQMRawfQEBz0deEZ7WNpV2szckIKo5VpDHDSDvF1GItwqqAlG01Hh50BGtVhuUkjkasg/14bYFGCgWg1fSWHvmOoJck2xdp9ZvZBHzDVTzX23TkrOn7qe5U2COEw5D4Vx3qEQpFY2Z/3QFnJxzp7YCmSMG19nOUoe869zZfOQb5ywQuWu0yCn5+8gxZz+BE7vG3j4/wbf4D/sXN9Wug1s7AAAAAElFTkSuQmCC Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Delivery-Agent: TMDA/1.1.12 (Macallan) From: Mike Meyer Cc: freebsd-hackers@freebsd.org Subject: Re: Request for opinions - gvinum or ccd? X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 May 2009 19:12:16 -0000 On Sat, 30 May 2009 18:52:39 +0100 xorquewasp@googlemail.com wrote: > Simple question then as the handbook describes both ccd and gvinum - > which should I pick? My first reaction was "neither", then I realized - you didn't say what version of FreeBSD you're running. But if you're running a supported version of FreeBSD, that doesn't change my answer. If you're running 5.3 or later, you probably want gstripe. If you're running something older than that, then gvinum won't be available either, so you'll need to use ccd. I always figured gvinum was a transition tool to help move from vinum to geom, which is why it's managed to get to the 7.0 release with some pretty painful bugs in it, which don't show up in gstripe. The handbook clearly needs to be rewritten - ccd isn't supported anymore, except via the geom ccd class. However, I think zfs is going to change it all again, so such a rewrite wont' be useful for very long. I don't think zfs supports a two-disk stripe, thought it does do JBOD. If you're running a 7.X 64-bit system with a couple of GIG of ram, expect it to be in service for years without having to reformat the disks, and can afford another drive, I'd recommend going to raidz on a three-drive system. That will give you close to the size/performance of your RAID0 system, but let you lose a disk without losing data. The best you can do with zfs on two disks is a mirror, which means write throughput will suffer. http://www.mired.org/consulting.html Independent Network/Unix/Perforce consultant, email for more information. O< ascii ribbon campaign - stop html mail - www.asciiribbon.org From owner-freebsd-hackers@FreeBSD.ORG Sat May 30 19:18:44 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4B0C1106566C for ; Sat, 30 May 2009 19:18:44 +0000 (UTC) (envelope-from xorquewasp@googlemail.com) Received: from mail-ew0-f212.google.com (mail-ew0-f212.google.com [209.85.219.212]) by mx1.freebsd.org (Postfix) with ESMTP id C279B8FC17 for ; Sat, 30 May 2009 19:18:43 +0000 (UTC) (envelope-from xorquewasp@googlemail.com) Received: by ewy8 with SMTP id 8so3507066ewy.43 for ; Sat, 30 May 2009 12:18:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:received:date:from:to:cc :subject:message-id:references:mime-version:content-type :content-disposition:in-reply-to; bh=dsT/5L1b4qdG13A5JhkrKOVqSvadVkJdDU1s851u634=; b=MPKCG58HspUlOum+ScsdnFxQsDDEiuEvUTMoQlpJ2D3H4DekWIQUO//RkirFtlOFxk kgtoA6uiaAohQwQHTWSg72D5boZw3vFMhEBIyFC3Pw1RNrgmoFaJlSGVf+3iajl+YH6z TFmZwl18XiL+urUAYvnH7ZyAfXguECGNGQwdw= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to; b=rKZHQGAK8vH7kFDRgIhV8glnwjMNqn8pe+p0DmKH3z45aAMJkJ/WJpaKq69tWJ3wUN zX6q8Rz9Sy5cs42fzW8TYY4VkpoMKcuYSEaz/OGlZbxfXeoC6oop2LVqbk9aIEE/lM4N pE6YPOUaLlD0w8u8MHsYBYLk2Boge0JMdejuE= Received: by 10.210.17.2 with SMTP id 2mr4201403ebq.0.1243711122234; Sat, 30 May 2009 12:18:42 -0700 (PDT) Received: from logik.internal.network (81-86-41-187.dsl.pipex.com [81.86.41.187]) by mx.google.com with ESMTPS id 22sm4043167ewy.40.2009.05.30.12.18.41 (version=TLSv1/SSLv3 cipher=OTHER); Sat, 30 May 2009 12:18:41 -0700 (PDT) Received: by logik.internal.network (Postfix, from userid 11001) id 3EF4D5D59; Sat, 30 May 2009 19:18:40 +0000 (UTC) Date: Sat, 30 May 2009 20:18:40 +0100 From: xorquewasp@googlemail.com To: Mike Meyer Message-ID: <20090530191840.GA68514@logik.internal.network> References: <20090530175239.GA25604@logik.internal.network> <20090530144354.2255f722@bhuda.mired.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20090530144354.2255f722@bhuda.mired.org> Cc: freebsd-hackers@freebsd.org Subject: Re: Request for opinions - gvinum or ccd? X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 May 2009 19:18:44 -0000 On 2009-05-30 14:43:54, Mike Meyer wrote: > On Sat, 30 May 2009 18:52:39 +0100 > xorquewasp@googlemail.com wrote: > > Simple question then as the handbook describes both ccd and gvinum - > > which should I pick? > > My first reaction was "neither", then I realized - you didn't say what > version of FreeBSD you're running. But if you're running a supported > version of FreeBSD, that doesn't change my answer. Sorry, yeah. FreeBSD 7.2-RELEASE on AMD64. > If you're running 5.3 or later, you probably want gstripe. If you're > running something older than that, then gvinum won't be available > either, so you'll need to use ccd. I always figured gvinum was a > transition tool to help move from vinum to geom, which is why it's > managed to get to the 7.0 release with some pretty painful bugs in it, > which don't show up in gstripe. That sounds like the kind of entertainment I don't particularly want! > The handbook clearly needs to be rewritten - ccd isn't supported > anymore, except via the geom ccd class. However, I think zfs is going > to change it all again, so such a rewrite wont' be useful for very > long. I don't think zfs supports a two-disk stripe, thought it does do > JBOD. > > If you're running a 7.X 64-bit system with a couple of GIG of ram, > expect it to be in service for years without having to reformat the > disks, and can afford another drive, I'd recommend going to raidz on a > three-drive system. That will give you close to the size/performance > of your RAID0 system, but let you lose a disk without losing data. The > best you can do with zfs on two disks is a mirror, which means write > throughput will suffer. Certainly a lot to think about. The system has 12gb currently, with room to upgrade. I currently have two 500gb drives and one 1tb drive. I wanted the setup to be essentially two drives striped, backed up onto one larger one nightly. I wanted the large backup drive to be as "isolated" as possible, eg, in the event of some catastrophic hardware failure, I can remove it and place it in another machine without a lot of stressful configuration to recover the data (not possible with a RAID configuration involving all three drives, as far as I'm aware). xw From owner-freebsd-hackers@FreeBSD.ORG Sat May 30 20:29:19 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 48045106566B for ; Sat, 30 May 2009 20:29:19 +0000 (UTC) (envelope-from mwm-keyword-freebsdhackers2.e313df@mired.org) Received: from mired.org (two.mired.org [74.143.213.43]) by mx1.freebsd.org (Postfix) with ESMTP id EDAD48FC1C for ; Sat, 30 May 2009 20:29:18 +0000 (UTC) (envelope-from mwm-keyword-freebsdhackers2.e313df@mired.org) Received: (qmail 86056 invoked by uid 1001); 30 May 2009 16:27:45 -0400 Received: from bhuda.mired.org (localhost.localdomain [127.0.0.1]) by bhuda (tmda-ofmipd) with ESMTP; Sat, 30 May 2009 16:27:45 -0400 Date: Sat, 30 May 2009 16:27:44 -0400 To: xorquewasp@googlemail.com Message-ID: <20090530162744.5d77e9d1@bhuda.mired.org> In-Reply-To: <20090530191840.GA68514@logik.internal.network> References: <20090530175239.GA25604@logik.internal.network> <20090530144354.2255f722@bhuda.mired.org> <20090530191840.GA68514@logik.internal.network> Organization: Meyer Consulting X-Mailer: Claws Mail 3.7.1 (GTK+ 2.14.7; amd64-portbld-freebsd7.1) Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAG1BMVEXguIzRkGnhyaz069mXhW0WHRnbrnR9WCQ6LB0CchNMAAACSUlEQVQ4jV2TQW7jMAxFGaPQOgQEdZaGMsgBrAvUA03dCxj1Uu4U2gfwQD7AGNax51NK07RcxXz6/CSl0Ij450vkPG1jzpIZM1UwDCl/xB14TWnNX8A00Qj5a0mnVFVbVUz4MeErea2HikSRqZzY894zwg9p2+/AtO8LzxFED+tNAUFeU29iFOLRxlZAcdo9A8wi8ZBMV4BKPde82Oxrvs6BTkulQIClte0DLFzzsKk9j1MBex8iUaP00Bd78S/muyFScrTXz6zLkEUxJp+SabQfNOs4f4Jpx5qSZ/304PWwlEWP1cOn/mJQR7EOD+uKhjcBLziuL7xoY5Xm+VFAUSw/LwwwsHEHxihpwV4EJH0xXRkbw1PkRw+X4pEuSJwBggqk+HEYKkiL5/74/nQkogigzQsAFrakxZyfw3wMIEEZPv4AWMfxwqE5GNxGaERjmH+PG8AE0L4/w9g0lsp1raLYAN5azQa+AOoO9NwcpFkTrG2VKNMNEL5UKUUAw34tha0z7onUG0oBoNtczE04GwFE3wCHc0ChezAJ6A1WMV81AtY7wDAJSlXwV+4cwBvsOsrQMRawfQEBz0deEZ7WNpV2szckIKo5VpDHDSDvF1GItwqqAlG01Hh50BGtVhuUkjkasg/14bYFGCgWg1fSWHvmOoJck2xdp9ZvZBHzDVTzX23TkrOn7qe5U2COEw5D4Vx3qEQpFY2Z/3QFnJxzp7YCmSMG19nOUoe869zZfOQb5ywQuWu0yCn5+8gxZz+BE7vG3j4/wbf4D/sXN9Wug1s7AAAAAElFTkSuQmCC Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Delivery-Agent: TMDA/1.1.12 (Macallan) From: Mike Meyer Cc: freebsd-hackers@freebsd.org Subject: Re: Request for opinions - gvinum or ccd? X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 May 2009 20:29:19 -0000 On Sat, 30 May 2009 20:18:40 +0100 xorquewasp@googlemail.com wrote: > > If you're running a 7.X 64-bit system with a couple of GIG of ram, > > expect it to be in service for years without having to reformat the > > disks, and can afford another drive, I'd recommend going to raidz on a > > three-drive system. That will give you close to the size/performance > > of your RAID0 system, but let you lose a disk without losing data. The > > best you can do with zfs on two disks is a mirror, which means write > > throughput will suffer. > > Certainly a lot to think about. > > The system has 12gb currently, with room to upgrade. I currently have > two 500gb drives and one 1tb drive. I wanted the setup to be essentially > two drives striped, backed up onto one larger one nightly. I wanted the > large backup drive to be as "isolated" as possible, eg, in the event of > some catastrophic hardware failure, I can remove it and place it in > another machine without a lot of stressful configuration to recover the > data (not possible with a RAID configuration involving all three drives, > as far as I'm aware). The last bit is wrong. Moving a zfs pool between two systems is pretty straightforward. The configuration information is on the drives; you just do "zpool import " after plugging them in, and if the mount point exists, it'll mount it. If the system crashed with the zfs pool active, you might have to do -f to force an import. Geom is pretty much the same way, except you can configure it to not write the config data to disk, thus forcing you to do it manually (what you expect). I'm not sure geom is as smart if the drives change names, though. RAID support and volume management has come a long way from the days of ccd and vinum. zfs in particular is a major advance. If you aren't aware of it's advantages, take the time to read the zfs & zpool man pages, at the very least, before committing to geom (not that geom isn't pretty slick in and of itself, but zfs solves a more pressing problem). Hmm. Come to think of it, you ought to be able to use gstrip to stripe your disks, then put a zpool on that, which should get you the advantages of zfs with a striped disk. But that does seem odd to me. http://www.mired.org/consulting.html Independent Network/Unix/Perforce consultant, email for more information. O< ascii ribbon campaign - stop html mail - www.asciiribbon.org From owner-freebsd-hackers@FreeBSD.ORG Sat May 30 21:33:35 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E9B3F106564A for ; Sat, 30 May 2009 21:33:35 +0000 (UTC) (envelope-from rpaulo@gmail.com) Received: from ey-out-2122.google.com (ey-out-2122.google.com [74.125.78.26]) by mx1.freebsd.org (Postfix) with ESMTP id 6E3B08FC15 for ; Sat, 30 May 2009 21:33:35 +0000 (UTC) (envelope-from rpaulo@gmail.com) Received: by ey-out-2122.google.com with SMTP id 22so215488eye.7 for ; Sat, 30 May 2009 14:33:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:sender:cc:message-id:from:to :in-reply-to:content-type:content-transfer-encoding:mime-version :subject:date:references:x-pgp-agent:x-mailer; bh=hyZLym44weMFO44EPgRkSzZCqbWnghxCnmwJD4DMVGQ=; b=lvJqm+uPUt/XNkkejFvs2tAHIDaZ05kYNcT9uYVkRFlN6tPAHxQBCOVe18r/6g+G7v tWKw6cQg5qNf8fsBgbmx6i1vONWgzTGQrluhw35SOR6LgXKz0XBsev9HLBK4mDqG1RnF O3+1k6UK61wNkFkmg32ulHZl8nzHQCtAma96A= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:cc:message-id:from:to:in-reply-to:content-type :content-transfer-encoding:mime-version:subject:date:references :x-pgp-agent:x-mailer; b=NImJ4MFuSBpbzC8PjJ7xxNiL5xHJHyxyL4jzp0QGoubRQvr0pZREyk8PqErI3SQhf5 CKFkqOKhDoQUpAleZpwvvKLBBKj95PaJpZYFvPKO38xHflvh/UYA54OAeWixcqDq1nFO C13MTDZ+rszhdlcwbms1gK17m2GBnzOgV4yY4= Received: by 10.211.168.5 with SMTP id v5mr1906848ebo.88.1243717609664; Sat, 30 May 2009 14:06:49 -0700 (PDT) Received: from epsilon.lan (bl6-153-43.dsl.telepac.pt [82.155.153.43]) by mx.google.com with ESMTPS id 5sm4961933eyf.48.2009.05.30.14.06.48 (version=TLSv1/SSLv3 cipher=RC4-MD5); Sat, 30 May 2009 14:06:49 -0700 (PDT) Sender: Rui Paulo Message-Id: <121BC59A-10A0-4894-A0BD-F47C75457096@freebsd.org> From: Rui Paulo To: Dmitry Morozovsky In-Reply-To: Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Apple-Mail-6--877564587" Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v935.3) Date: Sat, 30 May 2009 22:06:47 +0100 References: X-Pgp-Agent: GPGMail 1.2.0 (v56) X-Mailer: Apple Mail (2.935.3) Cc: freebsd-hackers@FreeBSD.org Subject: Re: MosChip 7840 dual port ucom X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 May 2009 21:33:36 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --Apple-Mail-6--877564587 Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit On 26 May 2009, at 16:23, Dmitry Morozovsky wrote: > Dear colleagues, > > any hints/directions to get MosChip 7840 dual port USB to RS232 > adapter > working? In usbdevs output the device is shown as > > port 1 addr 2: high speed, power 100 mA, config 1, product > 0x7840(0x7840), > vendor 0x9710(0x9710), rev 0.01 > > Thanks in advance. I believe this isn't supported under FreeBSD. The Linux driver is mos7840.c. Might not be very hard to do a FreeBSD driver. Regards, -- Rui Paulo -- Rui Paulo --Apple-Mail-6--877564587 content-type: application/pgp-signature; x-mac-type=70674453; name=PGP.sig content-description: This is a digitally signed message part content-disposition: inline; filename=PGP.sig content-transfer-encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Darwin) iEYEARECAAYFAkohn+cACgkQfD8M/ASTygIZUgCeNVEaRU1pO3EDuCW2oJBF68jI ds4AoJKL8g6VepB6Fibcj4nlVwkUJxn9 =NW0g -----END PGP SIGNATURE----- --Apple-Mail-6--877564587-- From owner-freebsd-hackers@FreeBSD.ORG Sat May 30 21:36:46 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6CBA7106566B for ; Sat, 30 May 2009 21:36:46 +0000 (UTC) (envelope-from xorquewasp@googlemail.com) Received: from mail-ew0-f212.google.com (mail-ew0-f212.google.com [209.85.219.212]) by mx1.freebsd.org (Postfix) with ESMTP id EA2BF8FC0C for ; Sat, 30 May 2009 21:36:45 +0000 (UTC) (envelope-from xorquewasp@googlemail.com) Received: by ewy8 with SMTP id 8so3553119ewy.43 for ; Sat, 30 May 2009 14:36:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:received:date:from:to:cc :subject:message-id:references:mime-version:content-type :content-disposition:in-reply-to; bh=MIleZUY4nCB4ClwDLGNTyEhRNC+CSI4Se7B8DdOQtA8=; b=QFaXUbW5Kl1Qye/pIASne9oQjOWy5Rlw2mRBbHRayqtIj1Vu6SWH8eBEl6xYiJAGJf QwxxjRsY63GELLgUu8D2sVG+33CZ4PHBmTvXqfjhqnCyK80doHrRf7JmOVe+PzsPAb1J rTjuqSrivsO8pb/qgPl3tRiR073+oS5L7c9Fs= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to; b=aIaNwe/YuVEfV9XC7D5mv1PesUvlZIPNBIYNesMaoOHn4tTD1BACGwGKuVSnrh5S8a tf+ZzAN+FSUbMg3vFzqfNsq3DlKsQz99tk32mUmjRbb0eDMc6Fqh5j3pDjsz5KMatz00 wFUgeyzH+lRq0FYTu2HkQznmP+hdp8W2ABYnY= Received: by 10.210.11.13 with SMTP id 13mr1962848ebk.31.1243719405059; Sat, 30 May 2009 14:36:45 -0700 (PDT) Received: from logik.internal.network (81-86-41-187.dsl.pipex.com [81.86.41.187]) by mx.google.com with ESMTPS id 24sm4448157ewy.49.2009.05.30.14.36.44 (version=TLSv1/SSLv3 cipher=OTHER); Sat, 30 May 2009 14:36:44 -0700 (PDT) Received: by logik.internal.network (Postfix, from userid 11001) id 40D0D5D59; Sat, 30 May 2009 21:36:43 +0000 (UTC) Date: Sat, 30 May 2009 22:36:43 +0100 From: xorquewasp@googlemail.com To: Mike Meyer Message-ID: <20090530213643.GA1478@logik.internal.network> References: <20090530175239.GA25604@logik.internal.network> <20090530144354.2255f722@bhuda.mired.org> <20090530191840.GA68514@logik.internal.network> <20090530162744.5d77e9d1@bhuda.mired.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20090530162744.5d77e9d1@bhuda.mired.org> Cc: freebsd-hackers@freebsd.org Subject: Re: Request for opinions - gvinum or ccd? X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 May 2009 21:36:46 -0000 On 2009-05-30 16:27:44, Mike Meyer wrote: > > The last bit is wrong. Moving a zfs pool between two systems is pretty > straightforward. The configuration information is on the drives; you > just do "zpool import " after plugging them in, and if the mount > point exists, it'll mount it. If the system crashed with the zfs pool > active, you might have to do -f to force an import. Geom is pretty > much the same way, except you can configure it to not write the config > data to disk, thus forcing you to do it manually (what you > expect). I'm not sure geom is as smart if the drives change names, > though. > > RAID support and volume management has come a long way from the days > of ccd and vinum. zfs in particular is a major advance. If you aren't > aware of it's advantages, take the time to read the zfs & zpool man > pages, at the very least, before committing to geom (not that geom > isn't pretty slick in and of itself, but zfs solves a more pressing > problem). > > Hmm. Come to think of it, you ought to be able to use gstrip to stripe > your disks, then put a zpool on that, which should get you the > advantages of zfs with a striped disk. But that does seem odd to me. I'll definitely be looking at ZFS. Thanks for the info. I've never been dead set on any option in particular, it's just that I wasn't aware of anything that would do what I wanted that wasn't just simple RAID0 and manual backups.