lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <m1ejt22b44.fsf@ebiederm.dsl.xmission.com>
Date:	Sat, 21 Oct 2006 04:53:47 -0600
From:	ebiederm@...ssion.com (Eric W. Biederman)
To:	"Albert Cahalan" <acahalan@...il.com>
Cc:	linux-kernel <linux-kernel@...r.kernel.org>,
	"Andrew Morton" <akpm@...l.org>,
	"Linus Torvalds" <torvalds@...l.org>,
	"Cal Peake" <cp@...olutedigital.net>, "Andi Kleen" <ak@...e.de>,
	"Alan Cox" <alan@...rguk.ukuu.org.uk>
Subject: Re: [CFT] Grep to find users of sys_sysctl.

"Albert Cahalan" <acahalan@...il.com> writes:

> On 10/20/06, Eric W. Biederman <ebiederm@...ssion.com> wrote:
>> Jakub Jelinek <jakub@...hat.com> writes:
>>
>> > This assumes the binaries and/or libraries are not stripped, and they
>> > usually are stripped.  So, it is better to run something like:
>> > find / -type f -perm /111 | while read f; do readelf -Ws $f 2>/dev/null |
> fgrep
>> > -q sysctl@...BC && echo $f; done
>>
>> Russell King <rmk+lkml@....linux.org.uk> writes:
>> > glibc on ARM _requires_ sys_sysctl for userspace ioperm, inb, outb etc
>> > emulation.
>>
>>
>> It looks like we have a small but interesting set of sysctl users.
>>
>> The list of files below is a composite from a number of systems I have
>> access to, and the reply I have gotten so far.  I'm still hoping to hear
>> from other people so I can add some other users of sysctl to my list.
>
> So does Linux now only support GLIBC apps? That's what your
> grep seems to imply. At least one of the free Pascal compilers
> does not use GLIBC. You won't find a GLIBC sysctl symbol in
> any of the alternate C libraries (there are many) or even in libc5.
>
> Running your grep on developer machines is highly biased
> against legacy business apps.

Show me a better way to prove that sysctl is used, and to
find sysctl users.

Somehow we got this idea into our heads that sysctl doesn't
matter, after we got that idea into our heads people have figured
that breaking the ABI was a don't care case.  That has got to stop.
Either by deleting the syscall or by deciding to support it.

I am attempting to take that conjecture and find the truth of it.
At first approximation the conjecture appeared true.  You compile
out sysctl and nothing obviously breaks.

Please feel free to find other means to list binaries, that use
sysctl.  Showing that there is a diversity of users, and showing that
those users use sysctl in a variety of ways is the best way to get
all of the developers to understand that sysctl isn't something
that is unused and doesn't matter.

Arguing about ABIs and user entitlements because of those ABI doesn't
put the case anywhere near as strongly as empirical evidence does.
We support and maintain ABI's because we have users, not because it is
a good in and of itself.  And our ABI currently has a mechanism to
report sysctl value is not support in this kernel, and system call is
not supported in this kernel so unless I reuse the syscall number or
the sysctl entry number I am not breaking the ABI.

I think I have found enough users to show that sysctl has users and
most likely needs to be kept.  But the list I have is currently very
small, and would benefit from a larger list of users if we can find
them.

Eric
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ