From owner-freebsd-toolchain@FreeBSD.ORG Sun Nov 20 10:22:34 2011 Return-Path: Delivered-To: freebsd-toolchain@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4D13B106566C; Sun, 20 Nov 2011 10:22:34 +0000 (UTC) (envelope-from darcsis@gmail.com) Received: from mail-iy0-f182.google.com (mail-iy0-f182.google.com [209.85.210.182]) by mx1.freebsd.org (Postfix) with ESMTP id 088908FC14; Sun, 20 Nov 2011 10:22:33 +0000 (UTC) Received: by iakl21 with SMTP id l21so8618919iak.13 for ; Sun, 20 Nov 2011 02:22:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=from:to:cc:subject:in-reply-to:organization:references:user-agent :x-envelope-to:mail-followup-to:date:message-id:mime-version :content-type; bh=fLgatvBqu0VqhYe+wBsDaYkEDHI2dlqMtm/IXJ9bkCM=; b=ps6qrkakIk7SUIlS2Fq+5Kj8u8oXUPgBuGbFzJvMR6GkTkPd45L4Ux6+7Agkt3bBCt kLLN6QdTXQD9jDeT9mMwtYQBruXd50rRnVXT+D9OQytKzDZMUS5Sk6SkiTefW5ehDU1u 10pxYD2Dj26fCNY7frEflnp651MK09emF4mMM= Received: by 10.43.52.136 with SMTP id vm8mr8422727icb.26.1321782970996; Sun, 20 Nov 2011 01:56:10 -0800 (PST) Received: from localhost ([123.117.57.214]) by mx.google.com with ESMTPS id dm1sm7960019igb.6.2011.11.20.01.56.06 (version=TLSv1/SSLv3 cipher=OTHER); Sun, 20 Nov 2011 01:56:09 -0800 (PST) From: darcsis@gmail.com (Denise H. G.) To: Alexander Best In-Reply-To: <20111119112418.GA42980@freebsd.org> (Alexander Best's message of "Sat, 19 Nov 2011 11:24:18 +0000") Organization: Pluto The Planet References: <20111119112418.GA42980@freebsd.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.3 (berkeley-unix) X-Envelope-To: arundel@freebsd.org Mail-Followup-To: Alexander Best , freebsd-toolchain@freebsd.org Date: Sun, 20 Nov 2011 17:56:01 +0800 Message-ID: <8739djf77y.fsf@pluton.xbsd.name> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: freebsd-toolchain@freebsd.org Subject: Re: 'make installkernel' succeeding on read-only fs? X-BeenThere: freebsd-toolchain@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Maintenance of FreeBSD's integrated toolchain List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Nov 2011 10:22:34 -0000 On 2011/11/19 at 19:24, Alexander Best wrote: > > hi there, > just stumbled upon this little detail: > > 1) have "/" mounted read-only > 2) 'make buildkernel' > 3) 'make installkernel && echo "success"' > -> this will fail > 4) 'mount -uw /' > 5) 'make installkernel && echo "success"' > -> this will succeed > 6) 'mount -ur /' > 7) 'make installkernel && echo "success"' > -> this will succeed. why? According to mount(8), 'mount -ur /' will fail if / is already mounted read-write with any files currently opened by some processes. I think this might be your case. > > cheers. > alex > ................ -- If you've got them by the balls, their hearts and minds will follow. From owner-freebsd-toolchain@FreeBSD.ORG Sun Nov 20 12:28:02 2011 Return-Path: Delivered-To: freebsd-toolchain@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 1233) id 3BB42106564A; Sun, 20 Nov 2011 12:28:02 +0000 (UTC) Date: Sun, 20 Nov 2011 12:28:01 +0000 From: Alexander Best To: freebsd-toolchain@freebsd.org Message-ID: <20111120122801.GA51958@freebsd.org> References: <20111119112418.GA42980@freebsd.org> <8739djf77y.fsf@pluton.xbsd.name> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <8739djf77y.fsf@pluton.xbsd.name> Subject: Re: 'make installkernel' succeeding on read-only fs? X-BeenThere: freebsd-toolchain@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Maintenance of FreeBSD's integrated toolchain List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Nov 2011 12:28:02 -0000 On Sun Nov 20 11, Denise H. G. wrote: > > On 2011/11/19 at 19:24, Alexander Best wrote: > > > > hi there, > > just stumbled upon this little detail: > > > > 1) have "/" mounted read-only > > 2) 'make buildkernel' > > 3) 'make installkernel && echo "success"' > > -> this will fail > > 4) 'mount -uw /' > > 5) 'make installkernel && echo "success"' > > -> this will succeed > > 6) 'mount -ur /' > > 7) 'make installkernel && echo "success"' > > -> this will succeed. why? > > According to mount(8), 'mount -ur /' will fail if / is already mounted > read-write with any files currently opened by some processes. I think > this might be your case. i'd don't think so: otaku% sudo mount -uw / otaku% echo $? 0 otaku% sudo mount -ur / otaku% echo $? 0 ...also 'mount -p' reports "/" to be read-only again. ...also during 7), mkdir(1) returns an error that "/" isn't writable. it's install(1) that claims the kernel was successfully installed into /boot/kernel, although installation of the kernel didn't succeed. i don't think this is an install(1) issue, since in 3), install(1) returns an error. i think in 7), install(1)'s output gets somehow redirected to /dev/null, and its return value isn't being preserved. i'll try to use 'mount -ufr /' in 6) and see, if that has any impact. also after 6) i'll try to run install(1) manually to see, whether it actually reports an error (then the build(7) facility is to blame) or not (in which case there's a problem with install(1) itself). cheers. alex > > > > > cheers. > > alex > > ................ > > > > -- > If you've got them by the balls, > their hearts and minds will follow. From owner-freebsd-toolchain@FreeBSD.ORG Sun Nov 20 18:10:59 2011 Return-Path: Delivered-To: freebsd-toolchain@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 1233) id D240D1065670; Sun, 20 Nov 2011 18:10:59 +0000 (UTC) Date: Sun, 20 Nov 2011 18:10:59 +0000 From: Alexander Best To: freebsd-toolchain@freebsd.org Message-ID: <20111120181059.GA13718@freebsd.org> References: <20111119112418.GA42980@freebsd.org> <8739djf77y.fsf@pluton.xbsd.name> <20111120122801.GA51958@freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20111120122801.GA51958@freebsd.org> Subject: Re: 'make installkernel' succeeding on read-only fs? X-BeenThere: freebsd-toolchain@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Maintenance of FreeBSD's integrated toolchain List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Nov 2011 18:10:59 -0000 On Sun Nov 20 11, Alexander Best wrote: > On Sun Nov 20 11, Denise H. G. wrote: > > > > On 2011/11/19 at 19:24, Alexander Best wrote: > > > > > > hi there, > > > just stumbled upon this little detail: > > > > > > 1) have "/" mounted read-only > > > 2) 'make buildkernel' > > > 3) 'make installkernel && echo "success"' > > > -> this will fail > > > 4) 'mount -uw /' > > > 5) 'make installkernel && echo "success"' > > > -> this will succeed > > > 6) 'mount -ur /' > > > 7) 'make installkernel && echo "success"' > > > -> this will succeed. why? > > > > According to mount(8), 'mount -ur /' will fail if / is already mounted > > read-write with any files currently opened by some processes. I think > > this might be your case. > > i'd don't think so: > > otaku% sudo mount -uw / > otaku% echo $? > 0 > otaku% sudo mount -ur / > otaku% echo $? > 0 > > ...also 'mount -p' reports "/" to be read-only again. > > ...also during 7), mkdir(1) returns an error that "/" isn't writable. it's > install(1) that claims the kernel was successfully installed into /boot/kernel, > although installation of the kernel didn't succeed. > > i don't think this is an install(1) issue, since in 3), install(1) returns an > error. i think in 7), install(1)'s output gets somehow redirected to /dev/null, > and its return value isn't being preserved. > > i'll try to use 'mount -ufr /' in 6) and see, if that has any impact. also > after 6) i'll try to run install(1) manually to see, whether it actually > reports an error (then the build(7) facility is to blame) or not (in which case > there's a problem with install(1) itself). MYSTERY SOLVED! ;) install gets executed with the -p option, which implies the -C option. this means that install will do a comparison of the installed kernel in /boot/kernel and the one in /usr/obj, before actually executing. during the first installkernel invocation, the files differ, so install complains. during the second invocation the files don't differ. that's why install succeeds, although "/" is mounted read-only. ;) cheers. alex > > cheers. > alex > > > > > > > > > cheers. > > > alex > > > ................ > > > > > > > > -- > > If you've got them by the balls, > > their hearts and minds will follow. From owner-freebsd-toolchain@FreeBSD.ORG Mon Nov 21 00:55:36 2011 Return-Path: Delivered-To: freebsd-toolchain@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 1233) id 59FFD1065673; Mon, 21 Nov 2011 00:55:36 +0000 (UTC) Date: Mon, 21 Nov 2011 00:55:36 +0000 From: Alexander Best To: Dimitry Andric Message-ID: <20111121005536.GA89360@freebsd.org> References: <20111118143735.GA46352@freebsd.org> <4EC7973E.9010108@FreeBSD.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4EC7973E.9010108@FreeBSD.org> Cc: freebsd-toolchain@freebsd.org Subject: Re: -fstack-protector vs. -fstack-protector-all X-BeenThere: freebsd-toolchain@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Maintenance of FreeBSD's integrated toolchain List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Nov 2011 00:55:36 -0000 On Sat Nov 19 11, Dimitry Andric wrote: > On 2011-11-18 15:37, Alexander Best wrote: > > what are the reasons for using -fstack-protector instead of > > -fstack-protector-all in sys/conf/kern.mk? > > My guess would be one or more of the following: > > - The price in performance is too high > - The gain in security is too low > - Some routines in the kernel are run before the whole stack protection > infrastructure is in place, ergo they can't have stack protection > - There might be other problems with -fstack-protector-all, > lib/libc/Makefile says: > > # XXX For now, we don't allow libc to be compiled with > # -fstack-protector-all because it breaks rtld. We may want to make a librtld > # in the future to circumvent this. > SSP_CFLAGS:= ${SSP_CFLAGS:S/^-fstack-protector-all$/-fstack-protector/} defining -fstack-protector-all in sys/conf/kern.mk will only apply it to the kernel and its components and not to world, i believe. i've been running a kernel compiled with -fstack-protector-all and haven't experienced any issues with it, so far. cheers. alex From owner-freebsd-toolchain@FreeBSD.ORG Wed Nov 23 17:38:10 2011 Return-Path: Delivered-To: freebsd-toolchain@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9D8EA1065675; Wed, 23 Nov 2011 17:38:10 +0000 (UTC) (envelope-from darcsis@gmail.com) Received: from mail-gx0-f182.google.com (mail-gx0-f182.google.com [209.85.161.182]) by mx1.freebsd.org (Postfix) with ESMTP id 45A4B8FC1B; Wed, 23 Nov 2011 17:38:10 +0000 (UTC) Received: by ggnk5 with SMTP id k5so2329959ggn.13 for ; Wed, 23 Nov 2011 09:38:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=from:to:cc:subject:in-reply-to:organization:references:user-agent :x-envelope-to:mail-followup-to:date:message-id:mime-version :content-type; bh=3ZGHh1rLkgHA5pO/vcY5Lp3GgEYgduiiKg2htMNDwzw=; b=mUvRS76IayvMRPWAreQJwwBznat6ND1Dm1LAKqbPbgXmMaK1P9wmZc05lzyZJIqQIN Q2nEtpPR9lSJy7KgLYJeDS3/Y+QhXyOQZHgoduVemORxrNL26a6gsSGG4QnuIfuRc+mn uFJvZUBNcY6HgvlWGtsL1qzxcJrHcpK85A2q0= Received: by 10.50.207.99 with SMTP id lv3mr28874086igc.16.1322069889295; Wed, 23 Nov 2011 09:38:09 -0800 (PST) Received: from localhost ([123.117.36.84]) by mx.google.com with ESMTPS id p16sm75821548ibk.6.2011.11.23.09.38.04 (version=TLSv1/SSLv3 cipher=OTHER); Wed, 23 Nov 2011 09:38:07 -0800 (PST) From: darcsis@gmail.com (Denise H. G.) To: Alexander Best In-Reply-To: <20111120181059.GA13718@freebsd.org> (Alexander Best's message of "Sun, 20 Nov 2011 18:10:59 +0000") Organization: Pluto The Planet References: <20111119112418.GA42980@freebsd.org> <8739djf77y.fsf@pluton.xbsd.name> <20111120122801.GA51958@freebsd.org> <20111120181059.GA13718@freebsd.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.3 (berkeley-unix) X-Envelope-To: arundel@freebsd.org Mail-Followup-To: Alexander Best , freebsd-toolchain@freebsd.org Date: Thu, 24 Nov 2011 01:37:43 +0800 Message-ID: <87sjlehh94.fsf@pluton.xbsd.name> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: freebsd-toolchain@freebsd.org Subject: Re: 'make installkernel' succeeding on read-only fs? X-BeenThere: freebsd-toolchain@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Maintenance of FreeBSD's integrated toolchain List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Nov 2011 17:38:10 -0000 On 2011/11/21 at 02:10, Alexander Best wrote: > > On Sun Nov 20 11, Alexander Best wrote: >> On Sun Nov 20 11, Denise H. G. wrote: >> > >> > On 2011/11/19 at 19:24, Alexander Best wrote: >> > > >> > > hi there, >> > > just stumbled upon this little detail: >> > > >> > > 1) have "/" mounted read-only >> > > 2) 'make buildkernel' >> > > 3) 'make installkernel && echo "success"' >> > > -> this will fail >> > > 4) 'mount -uw /' >> > > 5) 'make installkernel && echo "success"' >> > > -> this will succeed >> > > 6) 'mount -ur /' >> > > 7) 'make installkernel && echo "success"' >> > > -> this will succeed. why? >> > >> > According to mount(8), 'mount -ur /' will fail if / is already mounted >> > read-write with any files currently opened by some processes. I think >> > this might be your case. >> >> i'd don't think so: >> >> otaku% sudo mount -uw / >> otaku% echo $? >> 0 >> otaku% sudo mount -ur / >> otaku% echo $? >> 0 >> >> ...also 'mount -p' reports "/" to be read-only again. >> >> ...also during 7), mkdir(1) returns an error that "/" isn't writable. it's >> install(1) that claims the kernel was successfully installed into /boot/kernel, >> although installation of the kernel didn't succeed. >> >> i don't think this is an install(1) issue, since in 3), install(1) returns an >> error. i think in 7), install(1)'s output gets somehow redirected to /dev/null, >> and its return value isn't being preserved. >> >> i'll try to use 'mount -ufr /' in 6) and see, if that has any impact. also >> after 6) i'll try to run install(1) manually to see, whether it actually >> reports an error (then the build(7) facility is to blame) or not (in which case >> there's a problem with install(1) itself). > > MYSTERY SOLVED! ;) > > install gets executed with the -p option, which implies the -C option. this > means that install will do a comparison of the installed kernel in /boot/kernel > and the one in /usr/obj, before actually executing. during the first > installkernel invocation, the files differ, so install complains. during the > second invocation the files don't differ. that's why install succeeds, although > "/" is mounted read-only. ;) > Great. I used to explicitly alias 'install' to 'install -C' in /etc/make.conf, which seems to accelerate installation processes. > cheers. > alex > >> >> cheers. >> alex >> >> > >> > > >> > > cheers. >> > > alex >> > > ................ >> > >> > >> > >> > -- >> > If you've got them by the balls, >> > their hearts and minds will follow. > ................ -- The first page the author turns to upon receiving an advance copy will be the page containing the worst error.