Page MenuHomeFreeBSD

trasz (Edward Tomasz Napierała)
User

Projects

User Details

User Since
Aug 2 2014, 12:45 PM (515 w, 1 d)

Recent Activity

Mon, May 27

trasz added inline comments to D44372: Allow subset of wait4(2) functionality in Capsicum mode.
Mon, May 27, 9:25 AM

Tue, May 21

trasz added a comment to D44373: Capsicum vs the Pathnames, a PoC.

@trasz : thanks for sending this review request. My general feeling is that I'm leery of relaxing the in-kernel security model, not just because of the potential for opening things we don't mean to open, but also because it complicates the model for those who are trying to understand it. "No global namespaces", while limiting, is a clearer rule than "no global namespaces unless you or your ancestor has previously called fchroot(2), unless-unless something has also called cap_enter(2) again to clear that magic vnode".

Tue, May 21, 11:44 AM

Sat, May 18

trasz added a comment to D44372: Allow subset of wait4(2) functionality in Capsicum mode.

(And also an earlier version of this did exactly that wrt idtype, that’s why the title still mentions the “limited subset”; only after that I’ve discovered that you can’t wait for arbitrary PIDs anyway.)

Sat, May 18, 5:32 PM
trasz added a comment to D44372: Allow subset of wait4(2) functionality in Capsicum mode.

I might be wrong, but isn’t this restriction already there, inherent to wait(2) APIs? You need to use kqueue to wait for non-children?

Sat, May 18, 5:30 PM

May 14 2024

trasz updated the diff for D44372: Allow subset of wait4(2) functionality in Capsicum mode.

Sigh, a typo.

May 14 2024, 10:25 AM
trasz updated the diff for D44372: Allow subset of wait4(2) functionality in Capsicum mode.

Man page fix from Brooks.

May 14 2024, 10:23 AM

May 13 2024

trasz updated the summary of D44373: Capsicum vs the Pathnames, a PoC.
May 13 2024, 10:07 AM

May 2 2024

trasz added inline comments to D41564: Add fchroot(2).
May 2 2024, 7:12 AM
trasz updated the diff for D41564: Add fchroot(2).

Use the right symbol version and bump Dd.

May 2 2024, 7:08 AM

May 1 2024

trasz added a comment to D45040: Allow rfork(2) in capsicum(4) capability mode.

There's a separate review for vfork (https://reviews.freebsd.org/D39829). And yeah, I've pasted Robert the link to this one here :)

May 1 2024, 10:36 PM
trasz updated the summary of D41564: Add fchroot(2).
May 1 2024, 6:17 PM
trasz updated the summary of D44372: Allow subset of wait4(2) functionality in Capsicum mode.
May 1 2024, 6:15 PM
trasz updated the diff for D41564: Add fchroot(2).

Add back procstat(1) bits and remove syscalls.map

May 1 2024, 10:49 AM
trasz added a reviewer for D41564: Add fchroot(2): capsicum.
May 1 2024, 10:39 AM
trasz requested review of D45040: Allow rfork(2) in capsicum(4) capability mode.
May 1 2024, 10:37 AM
trasz added a comment to D41564: Add fchroot(2).

As for CAP_FCHROOT - I think we should have it, if only for symmetry with CAP_FCHDIR. I don't really want to implement them - the lookup code isn't really suited for tracking rights for root and cwd, and so those two syscalls require full rights to succeed, not just a subset - but we could in the future.

May 1 2024, 8:05 AM
trasz retitled D41564: Add fchroot(2) from Add fchroot(2) and chroot -d to Add fchroot(2).
May 1 2024, 7:53 AM
trasz updated the diff for D41564: Add fchroot(2).

Update.

May 1 2024, 7:50 AM

Apr 22 2024

trasz updated the summary of D44372: Allow subset of wait4(2) functionality in Capsicum mode.
Apr 22 2024, 1:37 PM

Mar 27 2024

trasz added a reviewer for D44525: linux: support IUTF8: Linux Emulation.
Mar 27 2024, 1:29 PM
trasz requested review of D44525: linux: support IUTF8.
Mar 27 2024, 1:26 PM

Mar 22 2024

trasz abandoned D23333: Include comments in EC2 rc.conf and loader.conf.
Mar 22 2024, 9:36 AM · rc
trasz abandoned D3125: Justify the "Welcome to FreeBSD!" text in motd..
Mar 22 2024, 9:35 AM
trasz abandoned D15956: Add "Overview" to each menu.
Mar 22 2024, 9:35 AM
trasz abandoned D34004: website: Rework the downloads table.
Mar 22 2024, 9:35 AM
trasz abandoned D35244: mountroot: On failure return ENOENT, not ENODEV.
Mar 22 2024, 9:34 AM
trasz abandoned D24175: Clean up compiler warnings in sysctl(8).
Mar 22 2024, 9:33 AM
trasz abandoned D13211: Make the 'q' in ddb(4) pager actually abort the output.
Mar 22 2024, 9:32 AM
trasz abandoned D15800: Put the OTG entry in /etc/devd/otg.conf instead of /etc/devd.conf.
Mar 22 2024, 9:32 AM
trasz abandoned D26718: riscv: figure out tf_sepc update.
Mar 22 2024, 9:31 AM
trasz abandoned D27135: Questionable optimization for riscv cpu_fetch_syscall_args().
Mar 22 2024, 9:31 AM
trasz abandoned D27140: Rework handling of TDF_EXEC and TDF_FORK.
Mar 22 2024, 9:30 AM
trasz abandoned D27573: WIP: also handle sigfastblock.
Mar 22 2024, 9:30 AM
trasz abandoned D33967: handbook: Don't mention svnlite; it's obsolete.
Mar 22 2024, 9:29 AM
trasz abandoned D17582: sh: use larger BUFSIZ.
Mar 22 2024, 9:29 AM
trasz abandoned D26567: Reorder struct sysentvec.
Mar 22 2024, 9:28 AM
trasz abandoned D33971: website: Update link URLs, drop "purchase media", improve wording.
Mar 22 2024, 9:28 AM
trasz abandoned D26955: Try to canonicalize the first argument to mount(8).
Mar 22 2024, 9:27 AM
trasz abandoned D29750: rc: make 'ddb' and 'dumpon' require disks, not the other way around.
Mar 22 2024, 9:27 AM
trasz abandoned D29753: rc: remove redundant upercase dependencies.
Mar 22 2024, 9:25 AM
trasz abandoned D35222: Add kern.reboot_on_halt sysctl.
Mar 22 2024, 9:25 AM
trasz abandoned D29992: camcontrol(8): add "smart" command.
Mar 22 2024, 9:24 AM
trasz abandoned D27784: nsdispatch(3): drop useless atexit hook.
Mar 22 2024, 9:23 AM
trasz abandoned D27572: Add a mechanism to enable/disable syscall slow path.
Mar 22 2024, 9:23 AM
trasz abandoned D26624: Inline userret() in syscallret().
Mar 22 2024, 9:22 AM
trasz abandoned D27132: Clear TDB_USERWR in ast().
Mar 22 2024, 9:22 AM
trasz abandoned D26785: Get rid of useless stat(2) call.
Mar 22 2024, 9:22 AM
trasz abandoned D26650: Predict that the userspace trap will likely be syscall.
Mar 22 2024, 9:20 AM

Mar 21 2024

trasz added a comment to D44373: Capsicum vs the Pathnames, a PoC.

Can you describe the dlopen threat model a bit more? My assumption is, a typical Capsicum-aware app wouldn't be setting the rootdir/curdir at all. Or, if it does, it could call cap_enter(2) again before calling dlopen(3), clearing those vnodes.

Mar 21 2024, 2:03 PM
trasz updated the diff for D44372: Allow subset of wait4(2) functionality in Capsicum mode.

Fix panic which occured when the PID is specified explictly.
Also handle wait6(2). Add some documentation. Pacify a test.

Mar 21 2024, 1:33 PM
trasz added a comment to D44372: Allow subset of wait4(2) functionality in Capsicum mode.

I agree this should be documented somewhere, but at the moment wait(2) doesn't mention Capsicum at all, and capsicum(4) doesn't mention wait(2). Perhaps a paragraph in pdfork(2), something along the lines of "processes created with pdfork cannot be waited for by a parent running in capsicum(4) mode"?

Mar 21 2024, 12:45 PM

Mar 16 2024

trasz added inline comments to D44375: linux: use sa_family_t for address family conversions.
Mar 16 2024, 2:20 PM

Mar 15 2024

trasz added reviewers for D44373: Capsicum vs the Pathnames, a PoC: val_packett.cool, jonathan.
Mar 15 2024, 1:51 PM
trasz updated the summary of D44373: Capsicum vs the Pathnames, a PoC.
Mar 15 2024, 1:50 PM
trasz added a reviewer for D44373: Capsicum vs the Pathnames, a PoC: capsicum.
Mar 15 2024, 12:48 PM
trasz requested review of D44373: Capsicum vs the Pathnames, a PoC.
Mar 15 2024, 12:48 PM
trasz added a reviewer for D44372: Allow subset of wait4(2) functionality in Capsicum mode: capsicum.
Mar 15 2024, 12:24 PM
trasz requested review of D44372: Allow subset of wait4(2) functionality in Capsicum mode.
Mar 15 2024, 12:22 PM

Dec 27 2023

trasz added a comment to D42023: Ensure that automount(8) flushes autofs by checking fsid.

It appears to be working correctly now. Thank you all :)

Dec 27 2023, 3:17 PM

Dec 18 2023

trasz added a comment to D42023: Ensure that automount(8) flushes autofs by checking fsid.

I'm not sure what exactly happened here, but I suspect there was something wrong with testing it: while one of previous Kib's commits fixed the instapanic on "automount -c", it still doesn't work, see last few entries at https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=274992.

Dec 18 2023, 7:09 PM

Nov 10 2023

trasz added a comment to D42494: autofs: media: Always use sync option for fat*.

Thank you, I think I'm fine with toggling it from "async" to "sync" specifically for msdosfs.

Nov 10 2023, 5:11 PM

Nov 9 2023

trasz added a comment to D42494: autofs: media: Always use sync option for fat*.
In D42494#969894, @manu wrote:

I’m not a huge fan of this one tbh. I seem to remember I had it like this for a while, and it was 1. Unbearably slow and 2. Increased flash wear and tear.

For 1/ yes it will be slower. But safer.

Nov 9 2023, 3:45 PM
trasz added a comment to D42495: devd: autofs: Move autofs related events to a separate file.

Doesn't this also enable it by default? If so, it might be a good idea to fix the instapanic it's causing first, https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=274992.

Nov 9 2023, 3:35 PM

Nov 8 2023

trasz added a comment to D42494: autofs: media: Always use sync option for fat*.

I’m not a huge fan of this one tbh. I seem to remember I had it like this for a while, and it was 1. Unbearably slow and 2. Increased flash wear and tear.

Nov 8 2023, 8:16 AM

Sep 4 2023

trasz added a comment to D41564: Add fchroot(2).

I wonder if a chrootat(fd, path) that allows a NULL path would be more general?

Should there be a flags argument?

Sep 4 2023, 9:28 AM

Aug 31 2023

trasz abandoned D23334: release(7) ZFS support.

Implemented in a better way by https://reviews.freebsd.org/D34426.

Aug 31 2023, 3:31 AM

Aug 23 2023

trasz requested review of D41564: Add fchroot(2).
Aug 23 2023, 2:07 PM

Aug 17 2023

trasz added a comment to D38351: [RFC/Proposal] Mechanism for in-kernel AT_FDCWD substitution with provided FD for oblivious sandboxing with Capsicum.

FWIW, I've been playing with this idea on and off, and I have some patches, some of them not even entirely broken :) In particular I have fchroot(2) working: https://reviews.freebsd.org/D41564

Aug 17 2023, 3:07 PM

Jun 7 2023

trasz abandoned D25501: Autochroot prototype.

Implemented as https://reviews.freebsd.org/D38933.

Jun 7 2023, 12:29 PM

Apr 26 2023

trasz added a reviewer for D39829: Allow vfork(2) in capsicum(4) capability mode: capsicum.
Apr 26 2023, 12:36 PM
trasz requested review of D39829: Allow vfork(2) in capsicum(4) capability mode.
Apr 26 2023, 12:36 PM

Apr 22 2023

trasz accepted D39649: linux(4): Bump osrelease to 5.15.0.
Apr 22 2023, 3:00 PM · Linux Emulation

Apr 12 2023

trasz added a comment to D39507: linux: Make uname less weird.

well, the part after a dash is not standart, depends on a distributive, so we can put here any information, and it would be nice to print p_osrel of the current process here.
However, I would propose completely remove the pr_osrelease from struct linux_prison as we have pr_osrel and due to the pr_osrelease was intended to map into the vdso page at the Note section. But its not possible due to jails and can be removed now.

Apr 12 2023, 3:32 PM
trasz updated the summary of D39507: linux: Make uname less weird.
Apr 12 2023, 3:31 PM
trasz added a comment to D38933: namei: Add the abilty for the ABI to specify an alternate root path.
In D38933#897702, @mjg wrote:

I strongly suspect the right way is to have linux binaries auto chrooted to /compat/linux or whatever you are looking up against and then have nullfs mounts inside for /home, /tmp and whatever else which makes sense to share. This avoids any suspicious lookups like failing to find a file in Linux because it is missing when it should not and trying to pick up the FreeBSD one. This also avoids adding any complexity to the kernel.

Apr 12 2023, 3:28 PM · Linux Emulation
trasz added a comment to D38351: [RFC/Proposal] Mechanism for in-kernel AT_FDCWD substitution with provided FD for oblivious sandboxing with Capsicum.

Hah, I've been working on something similar, although from a somewhat different, CHERI-related, angle :)

Apr 12 2023, 11:34 AM

Apr 11 2023

trasz added a reviewer for D39507: linux: Make uname less weird: Linux Emulation.
Apr 11 2023, 4:22 PM
trasz requested review of D39507: linux: Make uname less weird.
Apr 11 2023, 4:22 PM

Mar 18 2023

ihor_antonovs.family awarded D7474: Add rc.conf support for foo_daemon="-r". a Like token.
Mar 18 2023, 9:32 PM · rc

Nov 19 2022

trasz added a comment to D37305: vm: reduce lock contention when processing vm batchqueues.

Only tangentially related, but I wonder if this constant shouldn't be defined for arm64 too?

Nov 19 2022, 4:09 PM

May 19 2022

trasz added a comment to D35244: mountroot: On failure return ENOENT, not ENODEV.

My first thought about ENODEV was something about GEOM. ENOENT, on the other hand, would make it obvious what's going on: the root device node is simply not there.

May 19 2022, 12:13 PM

May 18 2022

trasz added a comment to D35222: Add kern.reboot_on_halt sysctl.

I've been burned by this in the past, but I've assumed it's just me. This time, though, there was another person involved, and this made me reconsider. In this case it's not even that it's a remote machine: this is for a homebrew remote management mechanism; essentially we have BeagleBone Blacks hooked up to the actual machines (mechanically they are inside the machines), which provide remote console and virtual media, and halting one of those by mistake - for example when you fail to notice the cu(1) to the "real" machine has been disconnected - results in having to power cycle the whole thing, which is one thing our BBB-based remote management does not provide.

May 18 2022, 9:25 PM
trasz requested review of D35244: mountroot: On failure return ENOENT, not ENODEV.
May 18 2022, 1:19 PM
trasz requested review of D35243: cfumass: Make it possible to export a ready-made image.
May 18 2022, 1:10 PM

May 16 2022

trasz requested review of D35222: Add kern.reboot_on_halt sysctl.
May 16 2022, 3:00 PM

May 14 2022

trasz added a comment to D35133: arm64: Dump a basic information about generated trap..

Linux, it’s a Linux core file :-) The easiest way is to use debootstrap port to bootstrap an Ubuntu Bionic userland, then chroot there and do “apt install gdb”. See https://wiki.freebsd.org/LinuxJails.

May 14 2022, 9:26 PM
trasz added a comment to D35133: arm64: Dump a basic information about generated trap..

I’m not opposed to this patch, but isn’t this what core files are for?

May 14 2022, 2:49 PM

Feb 22 2022

trasz committed rG0bf6e572bd44: rc.d/linux: Attempt to mount only if necessary (authored by 0mp).
rc.d/linux: Attempt to mount only if necessary
Feb 22 2022, 1:25 PM
trasz committed rG099b125337de: rc: improve dependencies for growfs (authored by trasz).
rc: improve dependencies for growfs
Feb 22 2022, 1:25 PM

Feb 21 2022

trasz committed rGd3f0d2c0eef6: linux: Add additional ptracestop only if the debugger is Linux (authored by trasz).
linux: Add additional ptracestop only if the debugger is Linux
Feb 21 2022, 2:55 PM
trasz closed D34134: website: Get rid of tables for snapshots in where/.
Feb 21 2022, 2:38 PM
trasz committed R9:754da8344b84: website: Get rid of tables for snapshots in where/ (authored by trasz).
website: Get rid of tables for snapshots in where/
Feb 21 2022, 2:38 PM
trasz committed rGbb726462cbea: linux: Make PTRACE_GETREGSET return proper buffer size (authored by trasz).
linux: Make PTRACE_GETREGSET return proper buffer size
Feb 21 2022, 1:51 PM
trasz committed rGf89bad7c9c61: linux: Fix ptrace panic with ERESTART (authored by trasz).
linux: Fix ptrace panic with ERESTART
Feb 21 2022, 1:51 PM
trasz committed rGf4fd475d457d: linux: Improve debug for PTRACE_GETEVENTMSG (authored by trasz).
linux: Improve debug for PTRACE_GETEVENTMSG
Feb 21 2022, 1:51 PM
trasz committed rGfc36cd43fd7f: linux: implement PTRACE_EVENT_EXEC (authored by trasz).
linux: implement PTRACE_EVENT_EXEC
Feb 21 2022, 1:51 PM
trasz committed rG3b7841de78a3: linux: Make PTRACE_GET_SYSCALL_INFO handle EJUSTRETURN (authored by trasz).
linux: Make PTRACE_GET_SYSCALL_INFO handle EJUSTRETURN
Feb 21 2022, 1:51 PM
trasz committed rG046274e798e6: linux: Improve debug for PTRACE_GETREGSET (authored by trasz).
linux: Improve debug for PTRACE_GETREGSET
Feb 21 2022, 1:51 PM
trasz committed rGd33684f3710e: linux: Implement some bits of PTRACE_PEEKUSER (authored by trasz).
linux: Implement some bits of PTRACE_PEEKUSER
Feb 21 2022, 1:51 PM
trasz committed rG98e26c32bb74: linux: Improve debugging for PTRACE_GETREGSET (authored by trasz).
linux: Improve debugging for PTRACE_GETREGSET
Feb 21 2022, 1:51 PM