Page MenuHomeFreeBSD

sjg (Simon Gerraty)
User

Projects

User Details

User Since
Apr 9 2015, 9:27 PM (329 w, 3 d)

Recent Activity

Fri, Jul 23

sjg accepted D31268: Fix mac_veriexec version mismatch.

FWIW we don't build this as a loadable module - it is baked into our kernel

Fri, Jul 23, 12:14 AM

Sun, Jul 18

sjg added a comment to D31154: make buildworld with time logging for each stage.

Sounds like something that should be put in a variabe TIME_ENV ?= time env that way anyone who doesn't want it, or suspects it is causing trouble can TIME_ENV= to disable

Sun, Jul 18, 11:13 PM

Tue, Jul 6

sjg accepted D31015: Makefile: Fix MAKEOBJDIRPREFIX command-line variable check for bmake.
Tue, Jul 6, 3:33 AM
sjg added inline comments to D30990: src.sys.obj.mk: Export OBJTOP like OBJROOT.
Tue, Jul 6, 3:21 AM
sjg added a comment to D30962: veriexec: fix two compat issues in kernel manifest parser.

Sorry this does not look like a good idea.
1/ why would you want no_hash for a kernel module?
2/ why would you have a manifest with .ko.gz entries that cannot be loaded?

Tue, Jul 6, 3:14 AM
sjg added a comment to D30960: veriexec: handle VE_FINGERPRINT_IGNORE from vectx_open.

There should be no need for anything outside libsecureboot to grok VE_FINGERPRINT_IGNORE, vectx should not return an error status in such a case.
But we (I) do not expect vectx to be used for anything which does not require a valid fingerprint.

Tue, Jul 6, 3:09 AM
sjg accepted D30952: veriexec: Fix veriexec -i's confusion between loaded and locked states.

Oops - thanks

Tue, Jul 6, 3:00 AM

Jun 25 2021

sjg committed R10:68c4481aac28: Update to bmake-20210621 (authored by sjg).
Update to bmake-20210621
Jun 25 2021, 11:03 PM
sjg committed R10:b0c40a00a67f: Merge commit 'ee914ef902ae018bd4f67192832120f9bf05651f' into new_merge (authored by sjg).
Merge commit 'ee914ef902ae018bd4f67192832120f9bf05651f' into new_merge
Jun 25 2021, 11:02 PM
sjg committed R10:ee914ef902ae: Import bmake-20210621 (authored by sjg).
Import bmake-20210621
Jun 25 2021, 6:18 PM

Jun 3 2021

sjg added a comment to D30464: sh: Add -o verify to use O_VERIFY when sourcing scripts.

BTW wrt creating test cases, assuming you have a system which is capable of enforcing veriexec and still operate, a package which contains a manifest with various failures is handy.
I have something like that for testing the verifying loader - it cannot be installed using my package system; since it would fail all the pre-install checks, so a manual install.sh
script is provided.

Jun 3 2021, 5:51 PM
sjg added a comment to D30464: sh: Add -o verify to use O_VERIFY when sourcing scripts.
In D30464#686471, @imp wrote:
In D30464#686275, @sjg wrote:
vdot()
{
        if test -s $1 && _rc_verify $1 > /dev/null 2>&1; then
                . $1
        fi
}

Besides I believe there is race condition here. The file $1 can be tampered with after the call to _rc_verify and before the source call

$1 is a local variable to vdot. Who could possibly change it?

Jun 3 2021, 5:46 PM
sjg added a comment to D30464: sh: Add -o verify to use O_VERIFY when sourcing scripts.

AFAIK mac_veriexec does not block the opening of files with O_VERIFY if inactive. (i.e. the new sh verify option blocks nothing if mac_veriexec is inactive / not loaded).

Jun 3 2021, 5:44 PM

May 30 2021

sjg added a comment to D30464: sh: Add -o verify to use O_VERIFY when sourcing scripts.

Looks reasonable, assuming veriexec itself is reasonable (in many cases, it seems to me that verifying the root filesystem would be a simpler and more reliable approach).

May 30 2021, 11:26 PM
sjg accepted D30464: sh: Add -o verify to use O_VERIFY when sourcing scripts.

But fwiw

May 30 2021, 11:19 PM
sjg added a comment to D30464: sh: Add -o verify to use O_VERIFY when sourcing scripts.

And in run_rc_script we have

May 30 2021, 11:18 PM
sjg added a comment to D30464: sh: Add -o verify to use O_VERIFY when sourcing scripts.

Neat, but not going to be portable.
FWIW I use veriexec -x some/file to test whether the file is verified.
Eg. we modify rc.subr to provide a couple of functions is_verified and vdot which does . only after verify file.
This allows shell scripts to be careful about what they consume, while still being portable (not that big. a deal really ;-)
eg. our rc.subr has:

# _rc_verify file
#       if VERIEXEC is active check that $file is verified
#
veriexec=/sbin/veriexec
if test -s $veriexec && $veriexec -i active > /dev/null 2>&1; then
_rc_verify() { $veriexec -x $1; }
else
_rc_verify() { : ; }
fi
May 30 2021, 11:07 PM

Apr 30 2021

sjg requested changes to D29993: EFI secure boot VECTX related changes.
Apr 30 2021, 4:48 PM

Apr 26 2021

sjg accepted D29993: EFI secure boot VECTX related changes.

Thanks, I had to fix something similar recently - in libefi

Apr 26 2021, 8:16 PM
sjg added a comment to D29647: bmake: Also print -de error information when running multiple jobs.

ping @sjg. Is it okay if I commit this here, or should this be done upstream first?

Apr 26 2021, 7:03 PM

Feb 15 2021

sjg committed R10:85d6747a694a: bsd.links.mk wants full paths (authored by sjg).
bsd.links.mk wants full paths
Feb 15 2021, 6:06 PM
sjg committed R10:78968ce3ddbf: Merge bmake-20210206 (authored by sjg).
Merge bmake-20210206
Feb 15 2021, 4:56 PM
sjg committed R10:ee10666327b6: Links for bmake and bmake.1 (authored by sjg).
Links for bmake and bmake.1
Feb 15 2021, 1:23 AM

Feb 14 2021

sjg committed R10:66803b34a017: Only require mac_veriexec for verified_exec (authored by sjg).
Only require mac_veriexec for verified_exec
Feb 14 2021, 5:22 PM

Feb 11 2021

sjg committed R10:dba7b0ef928a: Merge bmake-20210206 (authored by sjg).
Merge bmake-20210206
Feb 11 2021, 6:05 AM
sjg committed R10:8b6f73e37baf: Import bmake-20210206 (authored by sjg).
Import bmake-20210206
Feb 11 2021, 1:54 AM
sjg added a comment to D28522: make: Reduce unnecessary calls to waitpid.

Don't do this - I plan to import newer bmake

Feb 11 2021, 1:19 AM

Feb 4 2021

sjg added inline comments to D28467: Emit an error when we seen absolute paths to .o files.
Feb 4 2021, 4:22 AM

Jan 22 2021

sjg added a comment to D28253: Remove all current uses of build-tools during buildworld.

The biggest "rough edge" with DIRDEPS_BUILD is lack of src dirs to represent packages or other natural targets in FreeBSD tree.
A directory is what the DIRDEPS_BUILD works with. In the Junos build and our internal FreeBSD build we have directories in which we build
each package (and each kernel we want), this makes build orchestration very simple.
Lack of it leaves you stuck with tree walks and special targets.

Jan 22 2021, 10:26 PM

Jan 21 2021

sjg added inline comments to D28253: Remove all current uses of build-tools during buildworld.
Jan 21 2021, 4:29 AM

Jan 15 2021

sjg committed R10:b14cfecbf0ed: pkgfs_open: follow symlinks (authored by sjg).
pkgfs_open: follow symlinks
Jan 15 2021, 1:34 AM

Jan 14 2021

sjg committed R10:06b9b3e0ad0d: Merge bmake-20210110 (authored by sjg).
Merge bmake-20210110
Jan 14 2021, 6:22 AM
sjg committed R10:8e11a9b4250b: Import bmake-20210110 (authored by sjg).
Import bmake-20210110
Jan 14 2021, 1:26 AM

Nov 24 2020

sjg updated the diff for D27364: mac_grantbylabel focused priv escallation via maclabel.

revert change to veriexec_fingerprint.c

Nov 24 2020, 10:59 PM
sjg added reviewers for D27364: mac_grantbylabel focused priv escallation via maclabel: stevek, emaste.

Ed, let me know who else should look...

Nov 24 2020, 10:51 PM
sjg updated the diff for D27364: mac_grantbylabel focused priv escallation via maclabel.

missed modules

Nov 24 2020, 10:49 PM
sjg requested review of D27364: mac_grantbylabel focused priv escallation via maclabel.
Nov 24 2020, 10:46 PM
sjg closed D27300: Update dirdeps.mk et al to latest.
Nov 24 2020, 9:46 PM
sjg committed rS367999: Update dirdeps.mk et al to latest.
Update dirdeps.mk et al to latest
Nov 24 2020, 9:46 PM

Nov 21 2020

sjg updated the diff for D27300: Update dirdeps.mk et al to latest.

Revert extra blank lines

Nov 21 2020, 2:40 AM
sjg updated the diff for D27300: Update dirdeps.mk et al to latest.

Grab LEVEL0_TARGETS from init.mk

Nov 21 2020, 2:38 AM
sjg added inline comments to D27300: Update dirdeps.mk et al to latest.
Nov 21 2020, 12:48 AM
sjg updated the diff for D27300: Update dirdeps.mk et al to latest.

remove refs to BUILD_AT_LEVEL0

Nov 21 2020, 12:44 AM

Nov 20 2020

sjg added inline comments to D27299: legacy: Use -isystem for system header overrides..
Nov 20 2020, 9:47 PM
sjg added a reviewer for D27300: Update dirdeps.mk et al to latest: bdrewery.
Nov 20 2020, 9:40 PM
sjg requested review of D27300: Update dirdeps.mk et al to latest.
Nov 20 2020, 9:38 PM
sjg committed rS367863: Merge bmake-20201117.
Merge bmake-20201117
Nov 20 2020, 6:03 AM
sjg committed rS367861: tag bmake-20201117.
tag bmake-20201117
Nov 20 2020, 3:56 AM

Nov 18 2020

sjg committed rS367808: Retain missing/sys/cdefs.h to support build on non-FreeBSD.
Retain missing/sys/cdefs.h to support build on non-FreeBSD
Nov 18 2020, 5:50 PM

Nov 16 2020

sjg added a comment to D27234: Attempt to unbreak bmake bootstrap on Linux.

The ksh issue is already fixed in bmake-20201114
can you try http://www.crufty.net:/ftp/pub/sjg/beta/bmake-20201114.tar.gz to confirm the other issue is also fixed

Nov 16 2020, 8:15 PM

Nov 10 2020

sjg accepted D27134: makeman: Don't require filemon with MK_DIRDEPS_BUILD..
Nov 10 2020, 4:43 AM

Nov 8 2020

sjg added inline comments to D27134: makeman: Don't require filemon with MK_DIRDEPS_BUILD..
Nov 8 2020, 2:27 AM

Nov 7 2020

sjg committed rS367465: Update to bmake-20201101.
Update to bmake-20201101
Nov 7 2020, 9:47 PM
sjg committed rS367461: tag bmake-20201101.
tag bmake-20201101
Nov 7 2020, 7:42 PM
sjg committed rS367460: Import bmake-20201101.
Import bmake-20201101
Nov 7 2020, 7:39 PM

Oct 9 2020

sjg added a comment to D26576: Skip two bmake tests when using a strict POSIX shell.

Should I wait for an upstream resolution? Or should I fix this revision and commit the workaround?

Oct 9 2020, 4:12 PM

Oct 3 2020

sjg added a comment to D26576: Skip two bmake tests when using a strict POSIX shell.
In D26576#593624, @sjg wrote:

Which version of Ubuntu are you talking about? I build all version of bmake on ubuntu without problem, and
the expected result for export.mk does not include any variable that does not consist of only [_A-Za-z0-9]

make-exported should be fixed - upstream

FYI later versions of bmake use -r for all tests to avoid contamination from your local makefiles.

export.exp contains the line &=ampersand which will not be printed by dash since it filters out that variable (& is not allowed in env vars by dash).

Oct 3 2020, 6:16 PM

Oct 2 2020

sjg added a comment to D26576: Skip two bmake tests when using a strict POSIX shell.

Which version of Ubuntu are you talking about? I build all version of bmake on ubuntu without problem, and
the expected result for export.mk does not include any variable that does not consist of only [_A-Za-z0-9]

Oct 2 2020, 11:51 PM

Sep 5 2020

sjg committed rS365366: Update to bmake-20200902.
Update to bmake-20200902
Sep 5 2020, 7:30 PM
sjg committed rS365363: tag bmake-20200902.
tag bmake-20200902
Sep 5 2020, 4:45 PM
sjg committed rS365361: Import bmake-20200902.
Import bmake-20200902
Sep 5 2020, 4:11 PM

Sep 4 2020

sjg accepted D26321: Avoid collisions with function names in openssl headers..
Sep 4 2020, 2:52 AM

Aug 29 2020

sjg closed D26235: zalloc_malloc:Free hexdump preceeding buffer when we detect overflow.
Aug 29 2020, 9:06 PM
sjg committed rS364965: zalloc_malloc:Free hexdump preceeding buffer when we detect overflow.
zalloc_malloc:Free hexdump preceeding buffer when we detect overflow
Aug 29 2020, 9:06 PM
sjg added inline comments to D26235: zalloc_malloc:Free hexdump preceeding buffer when we detect overflow.
Aug 29 2020, 8:59 PM
sjg updated the diff for D26235: zalloc_malloc:Free hexdump preceeding buffer when we detect overflow.

fix typo

Aug 29 2020, 8:57 PM
sjg updated the diff for D26235: zalloc_malloc:Free hexdump preceeding buffer when we detect overflow.

fix typo

Aug 29 2020, 8:49 PM
sjg updated the diff for D26235: zalloc_malloc:Free hexdump preceeding buffer when we detect overflow.

fix typo

Aug 29 2020, 8:05 PM
sjg added reviewers for D26235: zalloc_malloc:Free hexdump preceeding buffer when we detect overflow: imp, kevans, stevek.

Added the HEXDUMP_PAGER #ifdef, since otherwise pager (which we do not need in this case) causes linking issue for boot1

Aug 29 2020, 7:54 PM
sjg requested review of D26235: zalloc_malloc:Free hexdump preceeding buffer when we detect overflow.
Aug 29 2020, 7:51 PM
sjg committed rS364962: mac_veriexec_fingerprint_check_vnode: v_writecount > 0 means active writers.
mac_veriexec_fingerprint_check_vnode: v_writecount > 0 means active writers
Aug 29 2020, 4:27 PM
sjg committed rS364961: MFC loader fixes.
MFC loader fixes
Aug 29 2020, 4:23 PM

Aug 25 2020

sjg added a comment to D26169: Move libsqlite3 to the top of the SUBDIR list.
In D26169#581544, @sjg wrote:

Best way to get parallelism is to avoid tree walks.
Once system is pkg based, there should be a path to enabling that.

Does that mean this change is fine for now?

Aug 25 2020, 11:55 PM
sjg added a comment to D26169: Move libsqlite3 to the top of the SUBDIR list.

Best way to get parallelism is to avoid tree walks.
Once system is pkg based, there should be a path to enabling that.

Aug 25 2020, 4:53 AM

Aug 21 2020

sjg committed rS364443: veloader: insist on verifying .4th .lua etc.
veloader: insist on verifying .4th .lua etc
Aug 21 2020, 12:27 AM

Aug 2 2020

sjg committed rP543927: Add sjg.
Add sjg
Aug 2 2020, 1:08 AM

Jul 20 2020

sjg committed rS363352: Update to bmake-20200710.
Update to bmake-20200710
Jul 20 2020, 12:17 AM

Jul 19 2020

sjg committed rS363351: Revert that!.
Revert that!
Jul 19 2020, 11:56 PM
sjg committed rS363350: Oops missed Makefile.config.
Oops missed Makefile.config
Jul 19 2020, 11:54 PM

Jul 12 2020

sjg committed rS363117: Update to bmake-20200710.
Update to bmake-20200710
Jul 12 2020, 1:12 AM

Jul 11 2020

sjg committed rS363116: tag bmake-20200710.
tag bmake-20200710
Jul 11 2020, 10:46 PM
sjg committed rS363115: Import bmake-20200710.
Import bmake-20200710
Jul 11 2020, 10:45 PM

Jul 9 2020

sjg committed rS363035: Revert r363031.
Revert r363031
Jul 9 2020, 3:46 AM

Jul 8 2020

sjg committed rS363031: Update to bmake-20200704.
Update to bmake-20200704
Jul 8 2020, 9:20 PM
sjg committed rS363019: tag bmake-20200704.
tag bmake-20200704
Jul 8 2020, 6:33 PM
sjg committed rS363018: Import bmake-20200704.
Import bmake-20200704
Jul 8 2020, 6:32 PM

Jul 1 2020

sjg committed rS362822: tag bmake-20200629.
tag bmake-20200629
Jul 1 2020, 2:13 AM
sjg committed rS362821: Import bmake-20200629.
Import bmake-20200629
Jul 1 2020, 2:13 AM

Jun 27 2020

sjg accepted D25477: Kernel build changes for openzfs vendor import.

There is always room for improvement, but this seems generally ok.
FWIW the "how to write makefiles" doc I provide to devs at Juniper includes
"""

  1. Do not put anything in your makefile that you don't need
  2. Do not put anything in your makefile that you cannot explain the need for. Ie. if you cannot explain it, you don't need it, remove it.
  3. Do not cut/paste anything from your friend's makefile (see #1).
Jun 27 2020, 6:08 PM

Jun 26 2020

sjg added inline comments to D25477: Kernel build changes for openzfs vendor import.
Jun 26 2020, 11:02 PM
sjg added inline comments to D25477: Kernel build changes for openzfs vendor import.
Jun 26 2020, 9:43 PM

Jun 19 2020

sjg added a comment to D25346: bmake: Hide noisy spam behind debug options.

I think the following is sufficient:

Jun 19 2020, 4:41 AM

Jun 18 2020

sjg added a comment to D25346: bmake: Hide noisy spam behind debug options.

All in all the approach here looks wrong.
Let me ponder/poke...

Jun 18 2020, 11:45 PM
sjg added a comment to D25346: bmake: Hide noisy spam behind debug options.

This is nice. I'm not sure if using -s would make things harder when we need to check flags, but can get rid of 'make[N]: stopped in /foo/bar' is really helpful.

Jun 18 2020, 11:37 PM
sjg added a comment to D25346: bmake: Hide noisy spam behind debug options.

If the build log is 6Gb (because the build took 10hrs before it failed), the extra noise at the end is the least of your problems.
Needing to redo that job to have any clue as to when and why it failed is not an option.
So again, if make is exiting due to an error token, by all means keep quiet, but otherwise noise is better than silence.

Jun 18 2020, 11:32 PM
sjg added a comment to D25346: bmake: Hide noisy spam behind debug options.

Do you have an example of resulting output?

Jun 18 2020, 11:20 PM

Jun 16 2020

sjg committed rS362231: Make KENV_MVALLEN tunable.
Make KENV_MVALLEN tunable
Jun 16 2020, 5:03 PM

Jun 13 2020

sjg added reviewers for D25259: Make KENV_MVALLEN tunable: stevek, kevans.
Jun 13 2020, 5:28 PM
sjg requested review of D25259: Make KENV_MVALLEN tunable.
Jun 13 2020, 5:18 PM

Jun 12 2020

sjg committed rS362127: verify_pcr_export: bump kenv_mvallen if needed.
verify_pcr_export: bump kenv_mvallen if needed
Jun 12 2020, 9:55 PM