From owner-freebsd-ia64@FreeBSD.ORG Mon Aug 28 11:09:34 2006 Return-Path: X-Original-To: freebsd-ia64@FreeBSD.org Delivered-To: freebsd-ia64@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3359116A4DD for ; Mon, 28 Aug 2006 11:09:34 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1E9C843DE7 for ; Mon, 28 Aug 2006 11:08:20 +0000 (GMT) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (linimon@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k7SB86tJ071526 for ; Mon, 28 Aug 2006 11:08:06 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k7SB85KM071522 for freebsd-ia64@FreeBSD.org; Mon, 28 Aug 2006 11:08:05 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 28 Aug 2006 11:08:05 GMT Message-Id: <200608281108.k7SB85KM071522@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: linimon set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-ia64@FreeBSD.org Cc: Subject: Current problem reports assigned to you X-BeenThere: freebsd-ia64@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting FreeBSD to the IA-64 List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Aug 2006 11:09:34 -0000 Current FreeBSD problem reports Critical problems Serious problems S Tracker Resp. Description -------------------------------------------------------------------------------- o ia64/85772 ia64 [gpt] gpt (geom_) needs to adopt g_ctl o ia64/91846 ia64 TLS: malloc(3) exposes DTLS bug in non-threaded applic 2 problems total. Non-critical problems S Tracker Resp. Description -------------------------------------------------------------------------------- o ia64/86218 ia64 Mozilla / Firefox: regxpcom or regchrome broken on ia6 1 problem total. From owner-freebsd-ia64@FreeBSD.ORG Wed Aug 30 01:08:52 2006 Return-Path: X-Original-To: freebsd-ia64@hub.freebsd.org Delivered-To: freebsd-ia64@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BF98116A4DD; Wed, 30 Aug 2006 01:08:52 +0000 (UTC) (envelope-from marcel@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7980E43D49; Wed, 30 Aug 2006 01:08:52 +0000 (GMT) (envelope-from marcel@FreeBSD.org) Received: from freefall.freebsd.org (marcel@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k7U18qjv032963; Wed, 30 Aug 2006 01:08:52 GMT (envelope-from marcel@freefall.freebsd.org) Received: (from marcel@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k7U18p04032959; Wed, 30 Aug 2006 01:08:51 GMT (envelope-from marcel) Date: Wed, 30 Aug 2006 01:08:51 GMT From: Marcel Moolenaar Message-Id: <200608300108.k7U18p04032959@freefall.freebsd.org> To: marcel@xcllnt.net, marcel@FreeBSD.org, freebsd-ia64@FreeBSD.org Cc: Subject: Re: ia64/91846: TLS: malloc(3) exposes DTLS bug in non-threaded applications X-BeenThere: freebsd-ia64@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting FreeBSD to the IA-64 List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Aug 2006 01:08:52 -0000 Synopsis: TLS: malloc(3) exposes DTLS bug in non-threaded applications State-Changed-From-To: open->closed State-Changed-By: marcel State-Changed-When: Wed Aug 30 01:08:03 UTC 2006 State-Changed-Why: Fixed. The assignment to TP was being eliminated by GCC. use of inline assembly avoids this. http://www.freebsd.org/cgi/query-pr.cgi?pr=91846 From owner-freebsd-ia64@FreeBSD.ORG Fri Sep 1 07:11:08 2006 Return-Path: X-Original-To: ia64@FreeBSD.org Delivered-To: freebsd-ia64@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D656216A4DF; Fri, 1 Sep 2006 07:11:08 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6C56443D45; Fri, 1 Sep 2006 07:11:08 +0000 (GMT) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [209.31.154.41]) by cyrus.watson.org (Postfix) with ESMTP id 5650746CD9; Fri, 1 Sep 2006 03:11:07 -0400 (EDT) Date: Fri, 1 Sep 2006 08:11:07 +0100 (BST) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: ppc@FreeBSD.org, ia64@FreeBSD.org Message-ID: <20060901080402.W97485@fledge.watson.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: marcel@FreeBSD.org Subject: IA64, PPC system call path audit patches X-BeenThere: freebsd-ia64@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting FreeBSD to the IA-64 List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Sep 2006 07:11:08 -0000 (This is a resend of a previously sent patch to ppc@, FYI) Attached is a patch that adds the audit event points in the system call paths for ia64, the ia32 emulation in ia64, and the system call path for ppc. I'd like to get these committed in the next few days, but am not set up to test them. A head nod from ia64/ppc maintainers would be good regardless of whether audit itself has specifically been tested, and it also wouldn't hurt to compile boot it :-). (I'm set up to test/run audit on i386 and amd64, but not other platforms.) Thanks, Robert N M Watson Computer Laboratory University of Cambridge --- //depot/projects/trustedbsd/base/sys/ia64/ia32/ia32_trap.c 2006/08/05 14:21:26 +++ //depot/projects/trustedbsd/audit3/sys/ia64/ia32/ia32_trap.c 2006/08/06 13:19:15 @@ -46,6 +46,8 @@ #include #include +#include + extern char *syscallnames[]; static void @@ -122,7 +124,9 @@ PTRACESTOP_SC(p, td, S_PT_SCE); + AUDIT_SYSCALL_ENTER(code, td); error = (*callp->sy_call)(td, args64); + AUDIT_SYSCALL_EXIT(error, td); } switch (error) { --- //depot/projects/trustedbsd/base/sys/ia64/ia64/trap.c 2006/08/05 14:21:26 +++ //depot/projects/trustedbsd/audit3/sys/ia64/ia64/trap.c 2006/08/06 13:21:12 @@ -72,6 +72,8 @@ #include #endif +#include + #include static int print_usertrap = 0; @@ -1016,7 +1018,9 @@ PTRACESTOP_SC(p, td, S_PT_SCE); + AUDIT_SYSCALL_ENTER(code, td); error = (*callp->sy_call)(td, args); + AUDIT_SYSCALL_EXIT(error, td); if (error != EJUSTRETURN) { /* --- //depot/projects/trustedbsd/base/sys/powerpc/powerpc/trap.c 2006/08/05 14:21:26 +++ //depot/projects/trustedbsd/audit3/sys/powerpc/powerpc/trap.c 2006/08/06 13:22:21 @@ -55,6 +55,8 @@ #endif #include +#include + #include #include #include @@ -418,7 +420,9 @@ PTRACESTOP_SC(p, td, S_PT_SCE); + AUDIT_SYSCALL_ENTER(code, td); error = (*callp->sy_call)(td, params); + AUDIT_SYSCALL_EXIT(error, td); CTR3(KTR_SYSC, "syscall: p=%s %s ret=%x", p->p_comm, syscallnames[code], td->td_retval[0]); From owner-freebsd-ia64@FreeBSD.ORG Fri Sep 1 08:25:24 2006 Return-Path: X-Original-To: ia64@FreeBSD.org Delivered-To: freebsd-ia64@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5632D16A4DE; Fri, 1 Sep 2006 08:25:24 +0000 (UTC) (envelope-from peterc@chubb.wattle.id.au) Received: from mx.chubb.wattle.id.au (mx.chubb.wattle.id.au [66.29.2.6]) by mx1.FreeBSD.org (Postfix) with ESMTP id D616143D45; Fri, 1 Sep 2006 08:25:23 +0000 (GMT) (envelope-from peterc@chubb.wattle.id.au) Received: from c220-237-8-57.randw1.nsw.optusnet.com.au ([220.237.8.57] helo=quokka.chubb.wattle.id.au) by mx.chubb.wattle.id.au with esmtpsa (TLS-1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from ) id 1GJ4L9-0006KV-Np; Fri, 01 Sep 2006 18:25:29 +1000 Received: from localhost ([127.0.0.1] helo=quokka.chubb.wattle.id.au) by quokka with esmtp (Exim 4.63) (envelope-from ) id 1GJ4Kf-0001T9-Rr; Fri, 01 Sep 2006 18:24:57 +1000 Date: Fri, 01 Sep 2006 18:24:57 +1000 Message-ID: <87irk8at9i.wl%peterc@quokka.chubb.wattle.id.au> From: Peter Chubb To: Robert Watson In-Reply-To: <20060901080402.W97485@fledge.watson.org> References: <20060901080402.W97485@fledge.watson.org> User-Agent: Wanderlust/2.14.0 (Africa) SEMI/1.14.6 (Maruoka) FLIM/1.14.8 (=?ISO-8859-1?Q?Shij=F2?=) APEL/10.6 XEmacs/21.4 (patch 19) (Constant Variable) (i386-debian-linux) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") X-SA-Exim-Connect-IP: 220.237.8.57 X-SA-Exim-Rcpt-To: rwatson@FreeBSD.org, ppc@FreeBSD.org, ia64@FreeBSD.org, marcel@FreeBSD.org X-SA-Exim-Mail-From: peterc@chubb.wattle.id.au X-Spam-Checker-Version: SpamAssassin 3.1.4 (2006-07-26) on mx.chubb.wattle.id.au X-Spam-Level: X-Spam-Status: No, score=-100.7 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00, DNS_FROM_RFC_ABUSE,NO_DNS_FOR_FROM,SPF_SOFTFAIL,USER_IN_WHITELIST autolearn=no version=3.1.4 Content-Type: text/plain; charset=US-ASCII X-SA-Exim-Version: 4.2.1 (built Mon, 27 Mar 2006 13:42:28 +0200) X-SA-Exim-Scanned: Yes (on mx.chubb.wattle.id.au) Cc: marcel@FreeBSD.org, ppc@FreeBSD.org, ia64@FreeBSD.org Subject: Re: IA64, PPC system call path audit patches X-BeenThere: freebsd-ia64@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting FreeBSD to the IA-64 List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Sep 2006 08:25:24 -0000 You've only caught the IA64 slow path system call entries. The fast path is highly optimised assembly language inside arch/ia64/kernel/fsys.S, that avoids doing a trap at all. With a modern libc, syscall_via_break is only called for a very few system calls. -- Dr Peter Chubb http://www.gelato.unsw.edu.au peterc AT gelato.unsw.edu.au http://www.ertos.nicta.com.au ERTOS within National ICT Australia From owner-freebsd-ia64@FreeBSD.ORG Fri Sep 1 08:29:01 2006 Return-Path: X-Original-To: ia64@FreeBSD.org Delivered-To: freebsd-ia64@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 47D2616A4DA; Fri, 1 Sep 2006 08:29:01 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id F342A43D45; Fri, 1 Sep 2006 08:29:00 +0000 (GMT) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [209.31.154.41]) by cyrus.watson.org (Postfix) with ESMTP id 8968246CEB; Fri, 1 Sep 2006 04:29:00 -0400 (EDT) Date: Fri, 1 Sep 2006 09:29:00 +0100 (BST) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: Peter Chubb In-Reply-To: <87irk8at9i.wl%peterc@quokka.chubb.wattle.id.au> Message-ID: <20060901092636.E4921@fledge.watson.org> References: <20060901080402.W97485@fledge.watson.org> <87irk8at9i.wl%peterc@quokka.chubb.wattle.id.au> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: marcel@FreeBSD.org, ppc@FreeBSD.org, ia64@FreeBSD.org Subject: Re: IA64, PPC system call path audit patches X-BeenThere: freebsd-ia64@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting FreeBSD to the IA-64 List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Sep 2006 08:29:01 -0000 On Fri, 1 Sep 2006, Peter Chubb wrote: > You've only caught the IA64 slow path system call entries. The fast path is > highly optimised assembly language inside arch/ia64/kernel/fsys.S, that > avoids doing a trap at all. > > With a modern libc, syscall_via_break is only called for a very few system > calls. Hmm. I'm confused by the above comment -- I'm catching system calls on the kernel side of the system call invocation around the system call, not on the libc side. I only see two system call demux points in the src/sys/ia64 tree: ./ia32/ia32_trap.c: error = (*callp->sy_call)(td, args64); ./ia64/trap.c: error = (*callp->sy_call)(td, args); Both of which are covered in the patch I attached. I'm under the impression that the different mechanisms to enter the kernel system call path converge prior to the system call table evaluation, in the kernel trap code. Do I misunderstand? Robert N M Watson Computer Laboratory University of Cambridge From owner-freebsd-ia64@FreeBSD.ORG Fri Sep 1 08:40:06 2006 Return-Path: X-Original-To: ia64@FreeBSD.org Delivered-To: freebsd-ia64@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0EE9616A4DD; Fri, 1 Sep 2006 08:40:05 +0000 (UTC) (envelope-from peterc@chubb.wattle.id.au) Received: from mx.chubb.wattle.id.au (mx.chubb.wattle.id.au [66.29.2.6]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6152D43D45; Fri, 1 Sep 2006 08:40:05 +0000 (GMT) (envelope-from peterc@chubb.wattle.id.au) Received: from c220-237-8-57.randw1.nsw.optusnet.com.au ([220.237.8.57] helo=quokka.chubb.wattle.id.au) by mx.chubb.wattle.id.au with esmtpsa (TLS-1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from ) id 1GJ4ZN-0006M6-9d; Fri, 01 Sep 2006 18:40:11 +1000 Received: from localhost ([127.0.0.1] helo=quokka.chubb.wattle.id.au) by quokka with esmtp (Exim 4.63) (envelope-from ) id 1GJ4Yo-0001VV-Cc; Fri, 01 Sep 2006 18:39:34 +1000 Date: Fri, 01 Sep 2006 18:39:34 +1000 Message-ID: <87hczsasl5.wl%peterc@quokka.chubb.wattle.id.au> From: Peter Chubb To: Robert Watson In-Reply-To: <20060901092636.E4921@fledge.watson.org> References: <20060901080402.W97485@fledge.watson.org> <87irk8at9i.wl%peterc@quokka.chubb.wattle.id.au> <20060901092636.E4921@fledge.watson.org> User-Agent: Wanderlust/2.14.0 (Africa) SEMI/1.14.6 (Maruoka) FLIM/1.14.8 (Shijò) APEL/10.6 XEmacs/21.4 (patch 19) (Constant Variable) (i386-debian-linux) X-SA-Exim-Connect-IP: 220.237.8.57 X-SA-Exim-Rcpt-To: peterc@gelato.unsw.edu.au, rwatson@FreeBSD.org, ppc@FreeBSD.org, ia64@FreeBSD.org, marcel@FreeBSD.org X-SA-Exim-Mail-From: peterc@chubb.wattle.id.au X-Spam-Checker-Version: SpamAssassin 3.1.4 (2006-07-26) on mx.chubb.wattle.id.au X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00, DNS_FROM_RFC_ABUSE,GREYLIST_ISWHITE,NO_DNS_FOR_FROM,SPF_SOFTFAIL autolearn=no version=3.1.4 X-SA-Exim-Version: 4.2.1 (built Mon, 27 Mar 2006 13:42:28 +0200) X-SA-Exim-Scanned: Yes (on mx.chubb.wattle.id.au) Cc: marcel@FreeBSD.org, ia64@FreeBSD.org, ppc@FreeBSD.org Subject: Re: IA64, PPC system call path audit patches X-BeenThere: freebsd-ia64@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting FreeBSD to the IA-64 List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Sep 2006 08:40:06 -0000 >>>>> "Robert" == Robert Watson writes: Robert> On Fri, 1 Sep 2006, Peter Chubb wrote: >> You've only caught the IA64 slow path system call entries. The >> fast path is highly optimised assembly language inside >> arch/ia64/kernel/fsys.S, that avoids doing a trap at all. >> >> With a modern libc, syscall_via_break is only called for a very few >> system calls. Robert> Hmm. I'm confused by the above comment -- I'm catching system Robert> calls on the kernel side of the system call invocation around Robert> the system call, not on the libc side. I only see two system Robert> call demux points in the src/sys/ia64 tree: Sure. Original libcs call the system call using break 0x10000, which ends up in the code you saw. Recent libcs call via a gate page with an epc (execute privileged code) instruction that vectors direcgtly to the syscall implementation. Robert> ./ia32/ia32_trap.c: error = (*callp->sy_call)(td, args64); Robert> ./ia64/trap.c: error = (*callp->sy_call)(td, args); Take a look in gate.S, symbol _kernel_syscall_via_epc There's assembly language there that loads the function descriptor from the table and branches to it. THere are two kinds of system call implementations: fast (implemented directly in assembly language in fsys.S) and slow (the code in fsys.S `bubbles down' into kernel space and then invokes the syscall directly. Robert> Both of which are covered in the patch I attached. I'm under Robert> the impression that the different mechanisms to enter the Robert> kernel system call path converge prior to the system call Robert> table evaluation, in the kernel trap code. Do I Robert> misunderstand? Robert> Robert N M Watson Computer Laboratory University of Cambridge From owner-freebsd-ia64@FreeBSD.ORG Fri Sep 1 09:03:06 2006 Return-Path: X-Original-To: ia64@FreeBSD.org Delivered-To: freebsd-ia64@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B61C416A4DD; Fri, 1 Sep 2006 09:03:06 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6153643D46; Fri, 1 Sep 2006 09:03:06 +0000 (GMT) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [209.31.154.41]) by cyrus.watson.org (Postfix) with ESMTP id DC4BC46D9B; Fri, 1 Sep 2006 05:03:05 -0400 (EDT) Date: Fri, 1 Sep 2006 10:03:05 +0100 (BST) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: Peter Chubb In-Reply-To: <87hczsasl5.wl%peterc@quokka.chubb.wattle.id.au> Message-ID: <20060901095744.Q4921@fledge.watson.org> References: <20060901080402.W97485@fledge.watson.org> <87irk8at9i.wl%peterc@quokka.chubb.wattle.id.au> <20060901092636.E4921@fledge.watson.org> <87hczsasl5.wl%peterc@quokka.chubb.wattle.id.au> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: marcel@FreeBSD.org, ia64@FreeBSD.org, ppc@FreeBSD.org Subject: Re: IA64, PPC system call path audit patches X-BeenThere: freebsd-ia64@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting FreeBSD to the IA-64 List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Sep 2006 09:03:06 -0000 On Fri, 1 Sep 2006, Peter Chubb wrote: >>>>>> "Robert" == Robert Watson writes: > > Robert> On Fri, 1 Sep 2006, Peter Chubb wrote: > >>> You've only caught the IA64 slow path system call entries. The >>> fast path is highly optimised assembly language inside >>> arch/ia64/kernel/fsys.S, that avoids doing a trap at all. >>> >>> With a modern libc, syscall_via_break is only called for a very few >>> system calls. > > Robert> Hmm. I'm confused by the above comment -- I'm catching system > Robert> calls on the kernel side of the system call invocation around > Robert> the system call, not on the libc side. I only see two system > Robert> call demux points in the src/sys/ia64 tree: > > Sure. Original libcs call the system call using break 0x10000, which ends > up in the code you saw. Recent libcs call via a gate page with an epc > (execute privileged code) instruction that vectors direcgtly to the syscall > implementation. > > Robert> ./ia32/ia32_trap.c: error = (*callp->sy_call)(td, args64); > Robert> ./ia64/trap.c: error = (*callp->sy_call)(td, args); > > Take a look in gate.S, symbol _kernel_syscall_via_epc > > There's assembly language there that loads the function descriptor from the > table and branches to it. THere are two kinds of system call > implementations: fast (implemented directly in assembly language in fsys.S) > and slow (the code in fsys.S `bubbles down' into kernel space and then > invokes the syscall directly. As I read the epc_syscall code, it still passes through the kernel syscall() function, which is instrumented in the patch. Are you sure that the code does what you describe? My ia64 assembly reading skills are weak to non-existent, but the final branch in epc_syscall does seem to be to the C language syscall path. Robert N M Watson Computer Laboratory University of Cambridge From owner-freebsd-ia64@FreeBSD.ORG Fri Sep 1 10:02:56 2006 Return-Path: X-Original-To: ia64@FreeBSD.org Delivered-To: freebsd-ia64@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3713416A4DD; Fri, 1 Sep 2006 10:02:56 +0000 (UTC) (envelope-from peterc@chubb.wattle.id.au) Received: from mx.chubb.wattle.id.au (mx.chubb.wattle.id.au [66.29.2.6]) by mx1.FreeBSD.org (Postfix) with ESMTP id 80E6743D58; Fri, 1 Sep 2006 10:02:54 +0000 (GMT) (envelope-from peterc@chubb.wattle.id.au) Received: from c220-237-8-57.randw1.nsw.optusnet.com.au ([220.237.8.57] helo=quokka.chubb.wattle.id.au) by mx.chubb.wattle.id.au with esmtpsa (TLS-1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from ) id 1GJ5rP-0006RS-6y; Fri, 01 Sep 2006 20:02:53 +1000 Received: from localhost ([127.0.0.1] helo=quokka.chubb.wattle.id.au) by quokka with esmtp (Exim 4.63) (envelope-from ) id 1GJ5qv-0001gI-KY; Fri, 01 Sep 2006 20:02:21 +1000 Date: Fri, 01 Sep 2006 20:02:21 +1000 Message-ID: <87fyfbc3bm.wl%peterc@quokka.chubb.wattle.id.au> From: Peter Chubb To: Robert Watson In-Reply-To: <20060901095744.Q4921@fledge.watson.org> References: <20060901080402.W97485@fledge.watson.org> <87irk8at9i.wl%peterc@quokka.chubb.wattle.id.au> <20060901092636.E4921@fledge.watson.org> <87hczsasl5.wl%peterc@quokka.chubb.wattle.id.au> <20060901095744.Q4921@fledge.watson.org> User-Agent: Wanderlust/2.14.0 (Africa) SEMI/1.14.6 (Maruoka) FLIM/1.14.8 (Shijò) APEL/10.6 XEmacs/21.4 (patch 19) (Constant Variable) (i386-debian-linux) X-SA-Exim-Connect-IP: 220.237.8.57 X-SA-Exim-Rcpt-To: peterc@gelato.unsw.edu.au, rwatson@FreeBSD.org, ppc@FreeBSD.org, ia64@FreeBSD.org, marcel@FreeBSD.org X-SA-Exim-Mail-From: peterc@chubb.wattle.id.au X-Spam-Checker-Version: SpamAssassin 3.1.4 (2006-07-26) on mx.chubb.wattle.id.au X-Spam-Level: X-Spam-Status: No, score=-102.1 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00, DNS_FROM_RFC_ABUSE,GREYLIST_ISWHITE,NO_DNS_FOR_FROM,SPF_SOFTFAIL, USER_IN_WHITELIST autolearn=no version=3.1.4 X-SA-Exim-Version: 4.2.1 (built Mon, 27 Mar 2006 13:42:28 +0200) X-SA-Exim-Scanned: Yes (on mx.chubb.wattle.id.au) Cc: marcel@FreeBSD.org, ia64@FreeBSD.org, ppc@FreeBSD.org Subject: Re: IA64, PPC system call path audit patches X-BeenThere: freebsd-ia64@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting FreeBSD to the IA-64 List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Sep 2006 10:02:56 -0000 >>>>> "Robert" == Robert Watson writes: Robert> On Fri, 1 Sep 2006, Peter Chubb wrote: >>>>>>> "Robert" == Robert Watson writes: >> Robert> On Fri, 1 Sep 2006, Peter Chubb wrote: >> >>>> You've only caught the IA64 slow path system call entries. The >>>> fast path is highly optimised assembly language inside >>>> arch/ia64/kernel/fsys.S, that avoids doing a trap at all. >>>> >>>> With a modern libc, syscall_via_break is only called for a very >>>> few system calls. >> Robert> Hmm. I'm confused by the above comment -- I'm catching system Robert> calls on the kernel side of the system call invocation around Robert> the system call, not on the libc side. I only see two system Robert> call demux points in the src/sys/ia64 tree: >> Sure. Original libcs call the system call using break 0x10000, >> which ends up in the code you saw. Recent libcs call via a gate >> page with an epc (execute privileged code) instruction that vectors >> direcgtly to the syscall implementation. >> Robert> ./ia32/ia32_trap.c: error = (*callp->sy_call)(td, args64); Robert> ./ia64/trap.c: error = (*callp->sy_call)(td, args); >> Take a look in gate.S, symbol _kernel_syscall_via_epc >> >> There's assembly language there that loads the function descriptor >> from the table and branches to it. THere are two kinds of system >> call implementations: fast (implemented directly in assembly >> language in fsys.S) and slow (the code in fsys.S `bubbles down' >> into kernel space and then invokes the syscall directly. Robert> As I read the epc_syscall code, it still passes through the Robert> kernel syscall() function, which is instrumented in the patch. Robert> Are you sure that the code does what you describe? My ia64 Robert> assembly reading skills are weak to non-existent, but the Robert> final branch in epc_syscall does seem to be to the C language Robert> syscall path. AAArrrrgg. Sorry, I'm looking at Linux source (where the syscall path is a *lot* more streamlined than the FreeBSD source). My bad, I'll go away and hide in a corner. Peter C From owner-freebsd-ia64@FreeBSD.ORG Fri Sep 1 16:44:02 2006 Return-Path: X-Original-To: ia64@freebsd.org Delivered-To: freebsd-ia64@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E702416A4DA; Fri, 1 Sep 2006 16:44:02 +0000 (UTC) (envelope-from rick.jones2@hp.com) Received: from palrel12.hp.com (palrel12.hp.com [156.153.255.237]) by mx1.FreeBSD.org (Postfix) with ESMTP id ADB6A43DAB; Fri, 1 Sep 2006 16:43:37 +0000 (GMT) (envelope-from rick.jones2@hp.com) Received: from tardy.cup.hp.com (tardy.cup.hp.com [15.244.56.217]) by palrel12.hp.com (Postfix) with ESMTP id 23AD8346F3; Fri, 1 Sep 2006 09:43:37 -0700 (PDT) Received: from [127.0.0.1] (localhost [127.0.0.1]) by tardy.cup.hp.com (8.9.3 (PHNE_28810)/8.9.3 SMKit7.02) with ESMTP id JAA02339; Fri, 1 Sep 2006 09:43:36 -0700 (PDT) Message-ID: <44F86338.8080109@hp.com> Date: Fri, 01 Sep 2006 09:43:36 -0700 From: Rick Jones User-Agent: Mozilla/5.0 (X11; U; HP-UX 9000/785; en-US; rv:1.7.13) Gecko/20060601 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Robert Watson References: <20060901080402.W97485@fledge.watson.org> In-Reply-To: <20060901080402.W97485@fledge.watson.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Cc: marcel@freebsd.org, ppc@freebsd.org, ia64@freebsd.org Subject: Re: IA64, PPC system call path audit patches X-BeenThere: freebsd-ia64@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting FreeBSD to the IA-64 List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Sep 2006 16:44:03 -0000 Robert Watson wrote: > > (This is a resend of a previously sent patch to ppc@, FYI) > > Attached is a patch that adds the audit event points in the system call > paths for ia64, the ia32 emulation in ia64, and the system call path for > ppc. I'd like to get these committed in the next few days, but am not > set up to test them. A head nod from ia64/ppc maintainers would be good > regardless of whether audit itself has specifically been tested, and it > also wouldn't hurt to compile boot it :-). > > (I'm set up to test/run audit on i386 and amd64, but not other platforms.) On those platforms, what is the effect on say a loopback netperf TCP_RR test when the hooks are in place, and then both in place and enabled? rick jones http://www.netperf.org/ From owner-freebsd-ia64@FreeBSD.ORG Sat Sep 2 06:46:51 2006 Return-Path: X-Original-To: freebsd-ia64@freebsd.org Delivered-To: freebsd-ia64@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4AAF616A4DF for ; Sat, 2 Sep 2006 06:46:51 +0000 (UTC) (envelope-from avz@dvo.ru) Received: from ldap.dvo.ru (mail.dvo.ru [62.76.7.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3CAF743D49 for ; Sat, 2 Sep 2006 06:46:48 +0000 (GMT) (envelope-from avz@dvo.ru) Received: from [212.107.208.153] ([212.107.208.153]) by ldap.dvo.ru (8.13.7/8.13.6) with ESMTP id k826mAbu013213 for ; Sat, 2 Sep 2006 17:48:11 +1100 Message-ID: <44F9294F.4040603@dvo.ru> Date: Sat, 02 Sep 2006 17:48:47 +1100 From: Alexander Zatserkovniy User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.4) Gecko/20060730 SeaMonkey/1.0.2 MIME-Version: 1.0 To: freebsd-ia64@freebsd.org X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=KOI8-R Content-Transfer-Encoding: 7bit X-Antivirus: Dr.Web (R) for Mail Servers on ldap host X-Antivirus-Code: 100000 X-Spam-Status: No, score=-102.6 required=5.0 tests=BAYES_00, USER_IN_WHITELIST autolearn=ham version=3.1.5-gr0 X-Spam-Checker-Version: SpamAssassin 3.1.5-gr0 (2006-08-29) on ldap.dvo.ru Subject: Snort 2.6.0 fail with coredump during initializing daemon mode X-BeenThere: freebsd-ia64@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting FreeBSD to the IA-64 List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 02 Sep 2006 06:46:51 -0000 Hi! I've update snort with new port up to 2.6.0 and get the problem. Snort 2.6.0 works fine in command line wth my conf, but fail with coredump during initializing daemon mode. strings from from /var/log/messages : ......... Var 'bge0_ADDRESS' defined, value len = 25 chars Sep 2 17:18:00 nano snort[32936]: , value = 62.76.7.0/255.255.255.224 Sep 2 17:18:00 nano snort[32936]: Initializing daemon mode Sep 2 17:18:01 nano kernel: pid 32937 (snort), uid 0: exited on signal 11 (core dumped) Sep 2 17:18:01 nano snort[32936]: Child terminated unexpectedly Sep 2 17:18:01 nano snort[32936]: Daemon parent exiting Is it known problem? Thanks! Alexander