From owner-freebsd-arch@FreeBSD.ORG Sun Apr 27 01:58:26 2008 Return-Path: Delivered-To: freebsd-arch@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A4ADD106564A for ; Sun, 27 Apr 2008 01:58:26 +0000 (UTC) (envelope-from obrien@NUXI.org) Received: from dragon.nuxi.org (trang.nuxi.org [74.95.12.85]) by mx1.freebsd.org (Postfix) with ESMTP id 565AB8FC12 for ; Sun, 27 Apr 2008 01:58:26 +0000 (UTC) (envelope-from obrien@NUXI.org) Received: from dragon.nuxi.org (obrien@localhost [127.0.0.1]) by dragon.nuxi.org (8.14.2/8.14.2) with ESMTP id m3R1OHuk009919; Sat, 26 Apr 2008 18:24:17 -0700 (PDT) (envelope-from obrien@dragon.nuxi.org) Received: (from obrien@localhost) by dragon.nuxi.org (8.14.2/8.14.1/Submit) id m3R1OGmZ009918; Sat, 26 Apr 2008 18:24:16 -0700 (PDT) (envelope-from obrien) Date: Sat, 26 Apr 2008 18:24:16 -0700 From: "David O'Brien" To: Jeremie Le Hen Message-ID: <20080427012416.GA9817@dragon.NUXI.org> Mail-Followup-To: obrien@freebsd.org, Jeremie Le Hen , freebsd-arch@FreeBSD.org References: <20080418132749.GB4840@obiwan.tataz.chchile.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20080418132749.GB4840@obiwan.tataz.chchile.org> X-Operating-System: FreeBSD 8.0-CURRENT User-Agent: Mutt/1.5.16 (2007-06-09) Cc: freebsd-arch@FreeBSD.org Subject: Re: Integration of ProPolice in FreeBSD X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: obrien@FreeBSD.org List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Apr 2008 01:58:26 -0000 On Fri, Apr 18, 2008 at 03:27:49PM +0200, Jeremie Le Hen wrote: > As you may already know I've integrated GCC's ProPolice into FreeBSD. > The build infrastructure overlord, namely ru@, (I'm quoting kan@) has > reviewed the patch and technically it is ready to hit the CVS tree. Please post the patch in this thread - your webserver has been very difficult to contact. thanks, -- David From owner-freebsd-arch@FreeBSD.ORG Mon Apr 28 00:19:31 2008 Return-Path: Delivered-To: arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2822E106566B for ; Mon, 28 Apr 2008 00:19:31 +0000 (UTC) (envelope-from gnn@neville-neil.com) Received: from outbound0.mx.meer.net (outbound0.mx.meer.net [209.157.153.23]) by mx1.freebsd.org (Postfix) with ESMTP id 055938FC0C for ; Mon, 28 Apr 2008 00:19:30 +0000 (UTC) (envelope-from gnn@neville-neil.com) Received: from mail.meer.net (mail.meer.net [209.157.152.14]) by outbound0.mx.meer.net (8.12.10/8.12.6) with ESMTP id m3S092ht042679; Sun, 27 Apr 2008 17:09:03 -0700 (PDT) (envelope-from gnn@neville-neil.com) Received: from mail2.meer.net (mail2.meer.net [64.13.141.16]) by mail.meer.net (8.13.3/8.13.3/meer) with ESMTP id m3S08MSi029667; Sun, 27 Apr 2008 17:08:24 -0700 (PDT) (envelope-from gnn@neville-neil.com) Received: from minion.local.neville-neil.com (71-217-30-178.tukw.qwest.net [71.217.30.178]) (authenticated bits=0) by mail2.meer.net (8.14.1/8.14.1) with ESMTP id m3S08DkJ073003; Sun, 27 Apr 2008 17:08:15 -0700 (PDT) (envelope-from gnn@neville-neil.com) Date: Sun, 27 Apr 2008 17:07:56 -0700 Message-ID: From: gnn@freebsd.org To: Andre Oppermann In-Reply-To: <4811E384.5020604@freebsd.org> References: <4811E384.5020604@freebsd.org> User-Agent: Wanderlust/2.15.5 (Almost Unreal) SEMI/1.14.6 (Maruoka) FLIM/1.14.9 (=?ISO-8859-4?Q?Goj=F2?=) APEL/10.7 Emacs/22.1.50 (i386-apple-darwin8.11.1) MULE/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII Cc: arch@freebsd.org Subject: Re: Accounting for mbufs and clusters assigned to a socket buffer X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Apr 2008 00:19:31 -0000 At Fri, 25 Apr 2008 15:58:28 +0200, andre wrote: > > gnn@freebsd.org wrote: > > Howdy, > > > > The following patch updates the kernel (CURRENT as of 23 April or so) > > and netstat(1) to show not only the bytes in the receive and send > > queues but also the mbuf and cluster usage per socket buffer. I'd be > > interested in people's comments on this. I'd like to extend such > > counting to show more information, in particular how much of a cluster > > or mbuf is actually in use. > > The intent of tracking that information is good. However there are some > problems with your approach: M_EXT does not mean the mbuf has a 2k cluster > attached. It could by any external storage. That is a 2k (classic) cluster, > a 4k (page size) cluster, a 9k cluster, a VM page (sendfile), and so on. Yup, this is a first cut. > The field sb_mbcnt already gives you the aggregated gross storage > space in use for the socket. And sb_cc tells how much actual > payload it contains. Right but it does not tell us the mix of clusters vs. mbufs, which is something useful for tuning. For instance, if you find you have a high use of clsuters but only because mbufs are 256 bytes, that is your application's normal traffic is on average 300 byte packets, that might lead you to push mbufs to 512 bytes. > Just printing the already available sb_mbcnt in netstat is probably > sufficient to get a good real memory usage picture. sb_mbcnt is > already exported in xsb and doesn't require a KPI change. > Well, it is perhaps interesting as it shows space wastage, but I don't think it's as complete a solution for showing the mix of cluster and mbuf usage. I do think I should come up with a way to print it though, which probably requires a new flag to netstat so that the normal usage is not polluted. Best, George From owner-freebsd-arch@FreeBSD.ORG Mon Apr 28 11:06:53 2008 Return-Path: Delivered-To: freebsd-arch@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E058D10656DD for ; Mon, 28 Apr 2008 11:06:53 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id BC47D8FC1C for ; Mon, 28 Apr 2008 11:06:53 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m3SB6rlf056061 for ; Mon, 28 Apr 2008 11:06:53 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m3SB6rTp056057 for freebsd-arch@FreeBSD.org; Mon, 28 Apr 2008 11:06:53 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 28 Apr 2008 11:06:53 GMT Message-Id: <200804281106.m3SB6rTp056057@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-arch@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-arch@FreeBSD.org X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Apr 2008 11:06:54 -0000 Current FreeBSD problem reports Critical problems Serious problems Non-critical problems S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/120749 arch [request] Suggest upping the default kern.ps_arg_cache 1 problem total. From owner-freebsd-arch@FreeBSD.ORG Fri May 2 07:04:06 2008 Return-Path: Delivered-To: freebsd-arch@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 05E3A106567B for ; Fri, 2 May 2008 07:04:06 +0000 (UTC) (envelope-from tataz@tataz.chchile.org) Received: from smtp5-g19.free.fr (smtp5-g19.free.fr [212.27.42.35]) by mx1.freebsd.org (Postfix) with ESMTP id 624718FC13 for ; Fri, 2 May 2008 07:04:05 +0000 (UTC) (envelope-from tataz@tataz.chchile.org) Received: from smtp5-g19.free.fr (localhost.localdomain [127.0.0.1]) by smtp5-g19.free.fr (Postfix) with ESMTP id EC5AA3F61E4; Fri, 2 May 2008 09:04:03 +0200 (CEST) Received: from tatooine.tataz.chchile.org (tataz.chchile.org [82.233.239.98]) by smtp5-g19.free.fr (Postfix) with ESMTP id BA8C33F6260; Fri, 2 May 2008 09:04:03 +0200 (CEST) Received: from obiwan.tataz.chchile.org (unknown [192.168.1.25]) by tatooine.tataz.chchile.org (Postfix) with ESMTP id 9533D9F282; Fri, 2 May 2008 07:01:47 +0000 (UTC) Received: by obiwan.tataz.chchile.org (Postfix, from userid 1000) id 879704089; Fri, 2 May 2008 09:01:47 +0200 (CEST) Date: Fri, 2 May 2008 09:01:47 +0200 From: Jeremie Le Hen To: obrien@freebsd.org Message-ID: <20080502070147.GE74500@obiwan.tataz.chchile.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="eAbsdosE1cNLO4uF" Content-Disposition: inline In-Reply-To: <20080427012416.GA9817@dragon.NUXI.org> User-Agent: Mutt/1.5.15 (2007-04-06) Cc: freebsd-arch@FreeBSD.org Subject: Re: Integration of ProPolice in FreeBSD X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 May 2008 07:04:06 -0000 --eAbsdosE1cNLO4uF Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hi David, Sorry for the late reply, I was abroad. On Sat, Apr 26, 2008 at 06:24:16PM -0700, David O'Brien wrote: > On Fri, Apr 18, 2008 at 03:27:49PM +0200, Jeremie Le Hen wrote: > > As you may already know I've integrated GCC's ProPolice into > > FreeBSD. The build infrastructure overlord, namely ru@, (I'm > > quoting kan@) has reviewed the patch and technically it is ready to > > hit the CVS tree. > > Please post the patch in this thread - your webserver has been very > difficult to contact. Indeed, sorry for the disturbance. I've attached the patch. This is what you should hit the tree, except there will be a few additional bits to prevent self foot-shooting when people will turn -fstack-protector into -fstack-protector-all in share/mk/bsd.sys.mk. I'm currently working on it. Thanks. Best regards, -- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org > --eAbsdosE1cNLO4uF Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="fbsd8-ssp.diff" Index: Makefile.inc1 =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/Makefile.inc1,v retrieving revision 1.601 diff -u -p -r1.601 Makefile.inc1 --- Makefile.inc1 2 Mar 2008 11:10:46 -0000 1.601 +++ Makefile.inc1 27 Mar 2008 21:24:53 -0000 @@ -216,6 +216,7 @@ BMAKE= MAKEOBJDIRPREFIX=${WORLDTMP} \ ${BMAKEENV} ${MAKE} -f Makefile.inc1 \ DESTDIR= \ BOOTSTRAPPING=${OSRELDATE} \ + -DWITHOUT_SSP \ -DWITHOUT_HTML -DWITHOUT_INFO -DNO_LINT -DWITHOUT_MAN \ -DWITHOUT_NLS -DNO_PIC -DWITHOUT_PROFILE -DNO_SHARED \ -DNO_CPU_CFLAGS -DNO_WARNS @@ -225,6 +226,7 @@ TMAKE= MAKEOBJDIRPREFIX=${OBJTREE} \ ${BMAKEENV} ${MAKE} -f Makefile.inc1 \ TARGET=${TARGET} TARGET_ARCH=${TARGET_ARCH} \ DESTDIR= \ + -DWITHOUT_SSP \ BOOTSTRAPPING=${OSRELDATE} -DNO_LINT -DNO_CPU_CFLAGS -DNO_WARNS # cross-tools stage @@ -437,7 +439,7 @@ build32: .if ${MK_KERBEROS} != "no" .for _t in obj depend all cd ${.CURDIR}/kerberos5/tools; \ - MAKEOBJDIRPREFIX=${OBJTREE}/lib32 ${MAKE} DESTDIR= ${_t} + MAKEOBJDIRPREFIX=${OBJTREE}/lib32 ${MAKE} -DWITHOUT_SSP DESTDIR= ${_t} .endfor .endif .for _t in obj includes @@ -459,7 +461,7 @@ build32: .endfor .for _dir in lib/ncurses/ncurses lib/ncurses/ncursesw lib/libmagic cd ${.CURDIR}/${_dir}; \ - MAKEOBJDIRPREFIX=${OBJTREE}/lib32 ${MAKE} DESTDIR= build-tools + MAKEOBJDIRPREFIX=${OBJTREE}/lib32 ${MAKE} -DWITHOUT_SSP DESTDIR= build-tools .endfor cd ${.CURDIR}; \ ${LIB32WMAKE} -f Makefile.inc1 libraries @@ -740,13 +742,13 @@ buildkernel: @echo "--------------------------------------------------------------" cd ${KRNLOBJDIR}/${_kernel}; \ MAKESRCPATH=${KERNSRCDIR}/dev/aic7xxx/aicasm \ - ${MAKE} -DNO_CPU_CFLAGS -f ${KERNSRCDIR}/dev/aic7xxx/aicasm/Makefile + ${MAKE} -DWITHOUT_SSP -DNO_CPU_CFLAGS -f ${KERNSRCDIR}/dev/aic7xxx/aicasm/Makefile # XXX - Gratuitously builds aicasm in the ``makeoptions NO_MODULES'' case. .if !defined(MODULES_WITH_WORLD) && !defined(NO_MODULES) && exists(${KERNSRCDIR}/modules) .for target in obj depend all cd ${KERNSRCDIR}/modules/aic7xxx/aicasm; \ MAKEOBJDIRPREFIX=${KRNLOBJDIR}/${_kernel}/modules \ - ${MAKE} -DNO_CPU_CFLAGS ${target} + ${MAKE} -DWITHOUT_SSP -DNO_CPU_CFLAGS ${target} .endfor .endif .if !defined(NO_KERNELDEPEND) Index: lib/libstand/Makefile =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/lib/libstand/Makefile,v retrieving revision 1.59 diff -u -p -r1.59 Makefile --- lib/libstand/Makefile 24 Oct 2007 21:32:57 -0000 1.59 +++ lib/libstand/Makefile 16 Apr 2008 09:11:15 -0000 @@ -12,6 +12,7 @@ NO_PIC= INCS= stand.h MAN= libstand.3 +WITHOUT_SSP= CFLAGS+= -ffreestanding -Wformat CFLAGS+= -I${.CURDIR} Index: rescue/librescue/Makefile =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/rescue/librescue/Makefile,v retrieving revision 1.9 diff -u -p -r1.9 Makefile --- rescue/librescue/Makefile 27 Jul 2006 12:28:05 -0000 1.9 +++ rescue/librescue/Makefile 16 Apr 2008 09:11:36 -0000 @@ -2,6 +2,8 @@ # $FreeBSD: src/rescue/librescue/Makefile,v 1.9 2006/07/27 12:28:05 yar Exp $ # +WITHOUT_SSP= + .include # Certain library entries have hard-coded references to Index: rescue/rescue/Makefile =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/rescue/rescue/Makefile,v retrieving revision 1.59 diff -u -p -r1.59 Makefile --- rescue/rescue/Makefile 5 Mar 2008 23:32:12 -0000 1.59 +++ rescue/rescue/Makefile 16 Apr 2008 09:12:02 -0000 @@ -2,6 +2,7 @@ # @(#)Makefile 8.1 (Berkeley) 6/2/93 NO_MAN= +WITHOUT_SSP= .include Index: share/mk/bsd.sys.mk =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/share/mk/bsd.sys.mk,v retrieving revision 1.44 diff -u -p -r1.44 bsd.sys.mk --- share/mk/bsd.sys.mk 22 Nov 2007 23:21:12 -0000 1.44 +++ share/mk/bsd.sys.mk 29 Mar 2008 23:13:06 -0000 @@ -74,5 +74,10 @@ CWARNFLAGS += -Werror CWARNFLAGS += -Wno-unknown-pragmas .endif +.if ${MK_SSP} != "no" && ${CC} != "icc" +CFLAGS += -fstack-protector +# Don't use -Wstack-protector as it breaks world with -Werror. +.endif + # Allow user-specified additional warning flags CFLAGS += ${CWARNFLAGS} Index: sys/boot/Makefile.inc =================================================================== RCS file: sys/boot/Makefile.inc diff -N sys/boot/Makefile.inc --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ sys/boot/Makefile.inc 16 Apr 2008 09:13:16 -0000 @@ -0,0 +1,2 @@ +# Really, there's no need for stack-smashing protection in /boot programs. +WITHOUT_SSP= Index: sys/boot/arm/Makefile.inc =================================================================== RCS file: sys/boot/arm/Makefile.inc diff -N sys/boot/arm/Makefile.inc --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ sys/boot/arm/Makefile.inc 28 Mar 2008 07:51:09 -0000 @@ -0,0 +1 @@ +.include "../Makefile.inc" Index: sys/boot/arm/at91/Makefile.inc =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/arm/at91/Makefile.inc,v retrieving revision 1.7 diff -u -p -r1.7 Makefile.inc --- sys/boot/arm/at91/Makefile.inc 13 Jul 2007 14:27:04 -0000 1.7 +++ sys/boot/arm/at91/Makefile.inc 28 Mar 2008 07:52:30 -0000 @@ -53,3 +53,5 @@ MK_FPGA:=no .endif .endif + +.include "../Makefile.inc" Index: sys/boot/efi/Makefile.inc =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/efi/Makefile.inc,v retrieving revision 1.7 diff -u -p -r1.7 Makefile.inc --- sys/boot/efi/Makefile.inc 12 Feb 2004 08:10:33 -0000 1.7 +++ sys/boot/efi/Makefile.inc 28 Mar 2008 06:55:25 -0000 @@ -5,3 +5,5 @@ BINDIR?= /boot # Options used when building app-specific efi components CFLAGS+= -ffreestanding -fshort-wchar -Wformat LDFLAGS+= -nostdlib + +.include "../Makefile.inc" Index: sys/boot/i386/Makefile.inc =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/i386/Makefile.inc,v retrieving revision 1.12 diff -u -p -r1.12 Makefile.inc --- sys/boot/i386/Makefile.inc 28 Sep 2006 10:02:04 -0000 1.12 +++ sys/boot/i386/Makefile.inc 28 Mar 2008 07:41:32 -0000 @@ -24,3 +24,5 @@ BTXDIR= ${.CURDIR}/../btx BTXLDR= ${BTXDIR}/btxldr/btxldr BTXKERN= ${BTXDIR}/btx/btx BTXCRT= ${BTXDIR}/lib/crt0.o + +.include "../Makefile.inc" Index: sys/boot/i386/loader/Makefile =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/i386/loader/Makefile,v retrieving revision 1.85 diff -u -p -r1.85 Makefile --- sys/boot/i386/loader/Makefile 29 May 2007 14:35:57 -0000 1.85 +++ sys/boot/i386/loader/Makefile 16 Apr 2008 09:14:10 -0000 @@ -1,5 +1,7 @@ # $FreeBSD: src/sys/boot/i386/loader/Makefile,v 1.85 2007/05/29 14:35:57 simokawa Exp $ +WITHOUT_SSP= + .include PROG= loader.sym Index: sys/boot/ia64/Makefile.inc =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/ia64/Makefile.inc,v retrieving revision 1.3 diff -u -p -r1.3 Makefile.inc --- sys/boot/ia64/Makefile.inc 12 Feb 2004 08:10:33 -0000 1.3 +++ sys/boot/ia64/Makefile.inc 28 Mar 2008 07:42:17 -0000 @@ -5,3 +5,5 @@ BINDIR?= /boot # Options used when building standalone components CFLAGS+= -ffreestanding -fshort-wchar -Wformat LDFLAGS+= -nostdlib + +.include "../Makefile.inc" Index: sys/boot/ia64/common/Makefile =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/ia64/common/Makefile,v retrieving revision 1.1 diff -u -p -r1.1 Makefile --- sys/boot/ia64/common/Makefile 5 Nov 2006 22:03:03 -0000 1.1 +++ sys/boot/ia64/common/Makefile 16 Apr 2008 09:14:35 -0000 @@ -1,5 +1,7 @@ # $FreeBSD: src/sys/boot/ia64/common/Makefile,v 1.1 2006/11/05 22:03:03 marcel Exp $ +WITHOUT_SSP= + .include LIB= ia64 Index: sys/boot/ia64/efi/Makefile =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/ia64/efi/Makefile,v retrieving revision 1.28 diff -u -p -r1.28 Makefile --- sys/boot/ia64/efi/Makefile 5 Nov 2006 22:03:03 -0000 1.28 +++ sys/boot/ia64/efi/Makefile 16 Apr 2008 09:15:11 -0000 @@ -1,6 +1,7 @@ # $FreeBSD: src/sys/boot/ia64/efi/Makefile,v 1.28 2006/11/05 22:03:03 marcel Exp $ NO_MAN= +WITHOUT_SSP= .include Index: sys/boot/ia64/ski/Makefile =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/ia64/ski/Makefile,v retrieving revision 1.20 diff -u -p -r1.20 Makefile --- sys/boot/ia64/ski/Makefile 5 Nov 2006 22:03:04 -0000 1.20 +++ sys/boot/ia64/ski/Makefile 16 Apr 2008 09:15:25 -0000 @@ -1,6 +1,7 @@ # $FreeBSD: src/sys/boot/ia64/ski/Makefile,v 1.20 2006/11/05 22:03:04 marcel Exp $ NO_MAN= +WITHOUT_SSP= .include Index: sys/boot/ofw/Makefile.inc =================================================================== RCS file: sys/boot/ofw/Makefile.inc diff -N sys/boot/ofw/Makefile.inc --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ sys/boot/ofw/Makefile.inc 28 Mar 2008 07:43:20 -0000 @@ -0,0 +1 @@ +.include "../Makefile.inc" Index: sys/boot/pc98/Makefile.inc =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/pc98/Makefile.inc,v retrieving revision 1.7 diff -u -p -r1.7 Makefile.inc --- sys/boot/pc98/Makefile.inc 15 Oct 2007 14:20:24 -0000 1.7 +++ sys/boot/pc98/Makefile.inc 28 Mar 2008 07:44:15 -0000 @@ -19,3 +19,5 @@ BTXDIR= ${.CURDIR}/../btx BTXLDR= ${BTXDIR}/btxldr/btxldr BTXKERN= ${BTXDIR}/btx/btx BTXCRT= ${BTXDIR}/lib/crt0.o + +.include "../Makefile.inc" Index: sys/boot/pc98/loader/Makefile =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/pc98/loader/Makefile,v retrieving revision 1.41 diff -u -p -r1.41 Makefile --- sys/boot/pc98/loader/Makefile 2 Nov 2006 00:26:45 -0000 1.41 +++ sys/boot/pc98/loader/Makefile 16 Apr 2008 09:15:51 -0000 @@ -1,5 +1,7 @@ # $FreeBSD: src/sys/boot/pc98/loader/Makefile,v 1.41 2006/11/02 00:26:45 marcel Exp $ +WITHOUT_SSP= + .include PROG= loader.sym Index: sys/boot/powerpc/Makefile.inc =================================================================== RCS file: sys/boot/powerpc/Makefile.inc diff -N sys/boot/powerpc/Makefile.inc --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ sys/boot/powerpc/Makefile.inc 28 Mar 2008 07:46:36 -0000 @@ -0,0 +1 @@ +.include "../Makefile.inc" Index: sys/boot/powerpc/ofw/Makefile =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/powerpc/ofw/Makefile,v retrieving revision 1.23 diff -u -p -r1.23 Makefile --- sys/boot/powerpc/ofw/Makefile 23 Feb 2008 17:48:23 -0000 1.23 +++ sys/boot/powerpc/ofw/Makefile 16 Apr 2008 09:16:20 -0000 @@ -1,5 +1,7 @@ # $FreeBSD: src/sys/boot/powerpc/ofw/Makefile,v 1.23 2008/02/23 17:48:23 marcel Exp $ +WITHOUT_SSP= + .include PROG= loader Index: sys/boot/sparc64/Makefile.inc =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/sparc64/Makefile.inc,v retrieving revision 1.1 diff -u -p -r1.1 Makefile.inc --- sys/boot/sparc64/Makefile.inc 9 Feb 2004 14:17:02 -0000 1.1 +++ sys/boot/sparc64/Makefile.inc 28 Mar 2008 07:49:09 -0000 @@ -3,3 +3,5 @@ BINDIR?= /boot CFLAGS+= -ffreestanding LDFLAGS+= -nostdlib + +.include "../Makefile.inc" Index: sys/boot/sparc64/loader/Makefile =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/sparc64/loader/Makefile,v retrieving revision 1.20 diff -u -p -r1.20 Makefile --- sys/boot/sparc64/loader/Makefile 17 Mar 2006 18:54:36 -0000 1.20 +++ sys/boot/sparc64/loader/Makefile 16 Apr 2008 09:16:39 -0000 @@ -1,5 +1,7 @@ # $FreeBSD: src/sys/boot/sparc64/loader/Makefile,v 1.20 2006/03/17 18:54:36 ru Exp $ +WITHOUT_SSP= + .include PROG= loader Index: sys/boot/uboot/Makefile.inc =================================================================== RCS file: sys/boot/uboot/Makefile.inc diff -N sys/boot/uboot/Makefile.inc --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ sys/boot/uboot/Makefile.inc 28 Mar 2008 07:50:18 -0000 @@ -0,0 +1 @@ +.include "../Makefile.inc" Index: sys/conf/files =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/conf/files,v retrieving revision 1.1284 diff -u -p -r1.1284 files --- sys/conf/files 26 Mar 2008 15:23:08 -0000 1.1284 +++ sys/conf/files 27 Mar 2008 21:24:57 -0000 @@ -1507,6 +1507,7 @@ kern/posix4_mib.c standard kern/sched_4bsd.c optional sched_4bsd kern/sched_ule.c optional sched_ule kern/serdev_if.m standard +kern/stack_protector.c standard kern/subr_acl_posix1e.c standard kern/subr_autoconf.c standard kern/subr_blist.c standard Index: sys/conf/kern.mk =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/conf/kern.mk,v retrieving revision 1.52 diff -u -p -r1.52 kern.mk --- sys/conf/kern.mk 24 May 2007 21:53:42 -0000 1.52 +++ sys/conf/kern.mk 29 Mar 2008 13:44:15 -0000 @@ -97,3 +97,10 @@ CFLAGS+= -ffreestanding .if ${CC} == "icc" CFLAGS+= -restrict .endif + +# +# GCC SSP support. +# +.if ${MK_SSP} != "no" && ${CC} != "icc" +CFLAGS+= -fstack-protector +.endif Index: sys/conf/kern.pre.mk =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/conf/kern.pre.mk,v retrieving revision 1.97 diff -u -p -r1.97 kern.pre.mk --- sys/conf/kern.pre.mk 2 Feb 2008 19:55:28 -0000 1.97 +++ sys/conf/kern.pre.mk 29 Mar 2008 14:06:45 -0000 @@ -3,10 +3,7 @@ # Part of a unified Makefile for building kernels. This part contains all # of the definitions that need to be before %BEFORE_DEPEND. -SRCCONF?= /etc/src.conf -.if exists(${SRCCONF}) -.include "${SRCCONF}" -.endif +.include # Can be overridden by makeoptions or /etc/make.conf KERNEL_KO?= kernel Index: sys/kern/stack_protector.c =================================================================== RCS file: sys/kern/stack_protector.c diff -N sys/kern/stack_protector.c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ sys/kern/stack_protector.c 29 Mar 2008 18:20:37 -0000 @@ -0,0 +1,32 @@ +#include +#include +#include +#include +#include + +#if defined(__SSP__) || defined(__SSP_ALL__) +long __stack_chk_guard[8] = {}; +void __stack_chk_fail(void); + +void +__stack_chk_fail(void) +{ + + panic("stack overflow detected; backtrace may be corrupted"); +} + +#define __arraycount(__x) (sizeof(__x) / sizeof(__x[0])) +static void +__stack_chk_init(void *dummy __unused) +{ + size_t i; + long guard[__arraycount(__stack_chk_guard)]; + + arc4rand(guard, sizeof(guard), 0); + for (i = 0; i < __arraycount(guard); i++) + __stack_chk_guard[i] = guard[i]; +} +/* SI_SUB_EVENTHANDLER is right after SI_SUB_LOCK used by arc4rand() init. */ +SYSINIT(stack_chk, SI_SUB_EVENTHANDLER, SI_ORDER_ANY, __stack_chk_init, NULL); + +#endif --eAbsdosE1cNLO4uF-- From owner-freebsd-arch@FreeBSD.ORG Fri May 2 15:52:45 2008 Return-Path: Delivered-To: freebsd-arch@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 55EAC1065679 for ; Fri, 2 May 2008 15:52:45 +0000 (UTC) (envelope-from xcllnt@mac.com) Received: from smtpoutm.mac.com (smtpoutm.mac.com [17.148.16.66]) by mx1.freebsd.org (Postfix) with ESMTP id DB95F8FC18 for ; Fri, 2 May 2008 15:52:44 +0000 (UTC) (envelope-from xcllnt@mac.com) Received: from mac.com (asmtp003-s [10.150.69.66]) by smtpoutm.mac.com (Xserve/smtpout003/MantshX 4.0) with ESMTP id m42Fqig3025479; Fri, 2 May 2008 08:52:44 -0700 (PDT) Received: from powerbook.jnpr.net (natint3.juniper.net [66.129.224.36]) (authenticated bits=0) by mac.com (Xserve/asmtp003/MantshX 4.0) with ESMTP id m42FqcDj005493 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Fri, 2 May 2008 08:52:39 -0700 (PDT) Message-Id: <8ED24288-618C-4B55-A27E-C5FAB2E046E8@mac.com> From: Marcel Moolenaar To: Jeremie Le Hen In-Reply-To: <20080502070147.GE74500@obiwan.tataz.chchile.org> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v919.2) Date: Fri, 2 May 2008 08:52:37 -0700 References: <20080502070147.GE74500@obiwan.tataz.chchile.org> X-Mailer: Apple Mail (2.919.2) Cc: obrien@FreeBSD.org, freebsd-arch@FreeBSD.org Subject: Re: Integration of ProPolice in FreeBSD X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 May 2008 15:52:45 -0000 On May 2, 2008, at 12:01 AM, Jeremie Le Hen wrote: >> Please post the patch in this thread - your webserver has been very >> difficult to contact. > > Indeed, sorry for the disturbance. I've attached the patch. This is > what you should hit the tree, except there will be a few additional > bits > to prevent self foot-shooting when people will turn -fstack-protector > into -fstack-protector-all in share/mk/bsd.sys.mk. I'm currently > working on it. Index: share/mk/bsd.sys.mk =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/share/mk/bsd.sys.mk,v retrieving revision 1.44 diff -u -p -r1.44 bsd.sys.mk --- share/mk/bsd.sys.mk 22 Nov 2007 23:21:12 -0000 1.44 +++ share/mk/bsd.sys.mk 29 Mar 2008 23:13:06 -0000 @@ -74,5 +74,10 @@ CWARNFLAGS += -Werror CWARNFLAGS += -Wno-unknown-pragmas .endif +.if ${MK_SSP} != "no" && ${CC} != "icc" +CFLAGS += -fstack-protector +# Don't use -Wstack-protector as it breaks world with -Werror. +.endif + # Allow user-specified additional warning flags CFLAGS += ${CWARNFLAGS} I may be better to explicitly test for GCC. I would not assume that GCC and ICC are the only options, even if they are now. There's a second place as well... Index: sys/boot/i386/Makefile.inc =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/i386/ Makefile.inc,v retrieving revision 1.12 diff -u -p -r1.12 Makefile.inc --- sys/boot/i386/Makefile.inc 28 Sep 2006 10:02:04 -0000 1.12 +++ sys/boot/i386/Makefile.inc 28 Mar 2008 07:41:32 -0000 @@ -24,3 +24,5 @@ BTXDIR= ${.CURDIR}/../btx BTXLDR= ${BTXDIR}/btxldr/btxldr BTXKERN= ${BTXDIR}/btx/btx BTXCRT= ${BTXDIR}/lib/crt0.o + +.include "../Makefile.inc" Index: sys/boot/i386/loader/Makefile =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/i386/loader/ Makefile,v retrieving revision 1.85 diff -u -p -r1.85 Makefile --- sys/boot/i386/loader/Makefile 29 May 2007 14:35:57 -0000 1.85 +++ sys/boot/i386/loader/Makefile 16 Apr 2008 09:14:10 -0000 @@ -1,5 +1,7 @@ # $FreeBSD: src/sys/boot/i386/loader/Makefile,v 1.85 2007/05/29 14:35:57 simokawa Exp $ +WITHOUT_SSP= + .include PROG= loader.sym Maybe second and third level makefiles should include ../../Makefile.inc and ../../../Makefile.inc resp. If, for arguments sake, we want to enable SSP in boot, then it's best if that only requires a single knob to be changed. This may not be a strong argument for SSP, but with Makefile.inc in place, I don't see a possible future in which another knob is added that controls overall behavior (e.g. something like the Watcom option to use argument passing in registers instead of on the stack for i386 -- you definitely want to have that apply to all code or none). Also, please make sure MK_SSP defaults to "no" on ia64. Thanks, -- Marcel Moolenaar xcllnt@mac.com