Subject: Re: Death of the 'stackgap', systrace
To: Andrew Doran <ad@netbsd.org>
From: Erik Berls <cyber@ono-sendai.com>
List: tech-kern
Date: 07/13/2007 21:36:52
------=_Part_39060_28867924.1184387812320
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Do we have anything else that maps its functionality? I'd hate to lose it,
not that I have time to maintain it.
-=erik.
On 7/13/07, Andrew Doran <ad@netbsd.org> wrote:
>
> On Thu, Jul 12, 2007 at 09:59:27PM +0000, Christos Zoulas wrote:
> > In article <20070712202114.GY986@snowdrop.l8s.co.uk>,
> > David Laight <david@l8s.co.uk> wrote:
> > >After much hacking, there is now only one piece of code that relies on
> the
> > >'stackgap' [1], this isn't in the compat code, but is in
> kern/krn_systrace.c.
>
> Bravo! I'll chalk that one off the SMP task list that I have been keeping.
>
> > >Anyone any thoughts on how to implement the systrace STRIOCREPLACE
> ioctl?
> > >Or is systrace just such a nasty hack it deserves to die?
> >
> > I don't see how to, without changing a lot of other code. I think
> > that the current implementation of systrace is problematic in
> > threaded programs threads can interfere and change arguments of
> > syscalls after systrace have validated them but before the kernel
> > has executed them.
>
> It also needs per-thread credentials. Most of the infrastructure to do
> that
> is there, but it's a different need to the one that the current code
> meets.
> Anyway, it has tentacles, it's unmaintained and I haven't seen of much of
> a
> user base - I'd like to see it go.
>
> Andrew
>
------=_Part_39060_28867924.1184387812320
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Do we have anything else that maps its functionality? I'd hate to lose it, not that I have time to maintain it.<br><br>-=erik.<br><br><br><div><span class="gmail_quote">On 7/13/07, <b class="gmail_sendername">Andrew Doran
</b> <<a href="mailto:ad@netbsd.org">ad@netbsd.org</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">On Thu, Jul 12, 2007 at 09:59:27PM +0000, Christos Zoulas wrote:
<br>> In article <<a href="mailto:20070712202114.GY986@snowdrop.l8s.co.uk">20070712202114.GY986@snowdrop.l8s.co.uk</a>>,<br>> David Laight <<a href="mailto:david@l8s.co.uk">david@l8s.co.uk</a>> wrote:<br>
> >After much hacking, there is now only one piece of code that relies on the<br>> >'stackgap' [1], this isn't in the compat code, but is in kern/krn_systrace.c.<br><br>Bravo! I'll chalk that one off the SMP task list that I have been keeping.
<br><br>> >Anyone any thoughts on how to implement the systrace STRIOCREPLACE ioctl?<br>> >Or is systrace just such a nasty hack it deserves to die?<br>><br>> I don't see how to, without changing a lot of other code. I think
<br>> that the current implementation of systrace is problematic in<br>> threaded programs threads can interfere and change arguments of<br>> syscalls after systrace have validated them but before the kernel<br>> has executed them.
<br><br>It also needs per-thread credentials. Most of the infrastructure to do that<br>is there, but it's a different need to the one that the current code meets.<br>Anyway, it has tentacles, it's unmaintained and I haven't seen of much of a
<br>user base - I'd like to see it go.<br><br>Andrew<br></blockquote></div><br>
------=_Part_39060_28867924.1184387812320--