#
339446 |
|
20-Oct-2018 |
jamie |
MFC r339409, r339420:
Add a new jail permission, allow.read_msgbuf. When true, jailed processes can see the dmesg buffer (this is the current behavior). When false (the new default), dmesg will be unavailable to jailed users, whether root or not.
The security.bsd.unprivileged_read_msgbuf sysctl still works as before, controlling system-wide whether non-root users can see the buffer.
PR: 211580 Submitted by: bz
|
#
338109 |
|
20-Aug-2018 |
kevans |
MFC boot tagging support: r337518, r337544-r337546, r337548, r337579-r337580, r337952
This is equivalent to what's in head, except the default is an empty boot tag string so that nothing gets output by default.
r337518: kern: Add a BOOT_TAG marker at the beginning of boot dmesg
From the "newly licensed to drive" PR department, add a BOOT_TAG marker (by default, --<<BOOT>>--, to the beginning of each boot's dmesg. This makes it easier to do textproc magic to locate the start of each boot and, of particular interest to some, the dmesg of the current boot.
The PR has a dmesg(8) component as well that I've opted not to include for the moment- it was the more contentious part of this PR.
bde@ also made the statement that this boot tag should be written with an ordinary printf, which I've- for the moment- declined to change about this patch to keep it more transparent to observer of the boot process.
PR: 43434 Submitted by: dak <aurelien.nephtali@wanadoo.fr> (basically rewritten)
r337544: msgbuf: Light detailing (const'ify and bool'itize)
r337545: BOOT_TAG: Make a config(5) option, expose as sysctl and loader tunable
BOOT_TAG lived shortly in sys/msgbuf.h, but this wasn't necessarily great for changing it or removing it. Move it into subr_prf.c and add options for it to opt_printf.h.
One can specify both the BOOT_TAG and BOOT_TAG_SZ (really, size of the buffer that holds the BOOT_TAG). We expose it as kern.boot_tag and also add a loader tunable by the same name that we'll fetch upon initialization of the msgbuf.
This allows for flexibility and also ensures that there's a consistent way to figure out the boot tag of the running kernel, rather than relying on headers to be in-sync.
Prodded super-super-lightly by: imp
r337546: subr_prf: Use "sizeof current_boot_tag" instead
r337548: subr_prf: style(9) the sizeof
Reported by: jkim, ian
r337579: boot tagging: minor fixes
msgbufinit may be called multiple times as we initialize the msgbuf into a progressively larger buffer. This doesn't happen as of now on head, but it may happen in the future and we generally support this. As such, only print the boot tag if we've just initialized the buffer for the first time.
The boot tag also now has a newline appended to it for better visibility, and has been switched to a normal printf, by requesto f bde, after we've denoted that the msgbuf is mapped.
r337580: subr_prf: remove think-o that had returned to local patch
Reported by: cognet
r337952: subr_prf: Don't write kern.boot_tag if it's empty
This change allows one to set kern.boot_tag="" and not get a blank line preceding other boot messages. While this isn't super critical- blank lines are easy to filter out both mentally and in processing dmesg later- it allows for a mode of operation that matches previous behavior.
I intend to MFC this whole series to stable/11 by the end of the month with boot_tag empty by default to make this effectively a nop in the stable branch.
|
#
331722 |
|
29-Mar-2018 |
eadler |
Revert r330897:
This was intended to be a non-functional change. It wasn't. The commit message was thus wrong. In addition it broke arm, and merged crypto related code.
Revert with prejudice.
This revert skips files touched in r316370 since that commit was since MFCed. This revert also skips files that require $FreeBSD$ property changes.
Thank you to those who helped me get out of this mess including but not limited to gonzo, kevans, rgrimes.
Requested by: gjb (re)
|
#
321107 |
|
18-Jul-2017 |
ngie |
MFC r307873,r314397,r314399,r314419,r314420,r314533,r316553:
r307873 (by marcel):
Include <stdarg.h> instead of <machine/stdarg.h> when compiled as part of libsbuf. The former is the standard header, and allows us to compile libsbuf on macOS/linux.
r314397 (by scottl):
Implement sbuf_prf(), which takes an sbuf and outputs it to stdout in the non-kernel case and to the console+log in the kernel case. For the kernel case it hooks the putbuf() machinery underneath printf(9) so that the buffer is written completely atomically and without a copy into another temporary buffer. This is useful for fixing compound console/log messages that become broken and interleaved when multiple threads are competing for the console.
r314399 (by scottl):
Add prototype for sbuf_putbuf()
r314419 (by jkim):
Include stdio.h to fix libsbuf build.
r314420 (by scottl):
Provide a comment on why stdio.h needs to be included.
r314533 (by scottl):
Expose the sbuf_putbuf() symbol to libsbuf. There are a few other symbols that are present but not exposed, like get/set/clear flags, not sure if they need to be exposed at this point.
r316553:
sbuf(3): expose sbuf_{clear,get,set}_flags(3) via libsbuf
These functions were added to sbuf(9) in r279992, but never exposed to userspace. Expose them now so they can be used/tested.
|