lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20141124100138.GB1055@smipidev>
Date:	Mon, 24 Nov 2014 11:01:38 +0100
From:	Pieter Smith <pieter@...sman.nl>
To:	Josh Triplett <josh@...htriplett.org>
Cc:	Jeff Layton <jlayton@...chiereds.net>,
	David Miller <davem@...emloft.net>,
	alexander.h.duyck@...el.com, viro@...iv.linux.org.uk,
	ast@...mgrid.com, akpm@...ux-foundation.org, beber@...eeweb.net,
	catalina.mocanu@...il.com, dborkman@...hat.com,
	edumazet@...gle.com, ebiederm@...ssion.com, fabf@...net.be,
	fuse-devel@...ts.sourceforge.net, geert@...ux-m68k.org,
	hughd@...gle.com, iulia.manda21@...il.com, JBeulich@...e.com,
	bfields@...ldses.org, linux-api@...r.kernel.org,
	linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
	mcgrof@...e.com, mattst88@...il.com, mgorman@...e.de,
	mst@...hat.com, miklos@...redi.hu, netdev@...r.kernel.org,
	oleg@...hat.com, Paul.Durrant@...rix.com,
	paulmck@...ux.vnet.ibm.com, pefoley2@...oley.com, tgraf@...g.ch,
	therbert@...gle.com, willemb@...gle.com,
	xiaoguangrong@...ux.vnet.ibm.com, zhenglong.cai@...c.com.cn
Subject: Re: [PATCH 0/6] kernel tinification: optionally compile out splice
 family of syscalls (splice, vmsplice, tee and sendfile)

On Sun, Nov 23, 2014 at 04:32:51PM -0800, Josh Triplett wrote:
> On Sun, Nov 23, 2014 at 07:28:10PM -0500, Jeff Layton wrote:
> > On Sun, 23 Nov 2014 15:36:37 -0800
> > Josh Triplett <josh@...htriplett.org> wrote:
> > 
> > > On Sun, Nov 23, 2014 at 09:30:40PM +0100, Pieter Smith wrote:
> > > > On Sun, Nov 23, 2014 at 11:43:26AM -0800, Josh Triplett wrote:
> > > > > On Sun, Nov 23, 2014 at 01:46:23PM -0500, David Miller wrote:
> > > > > > Truly removing sendfile/sendpage means that you can't even compile NFS
> > > > > > into the tree.
> > > > > 
> > > > > If you mean the in-kernel nfsd (CONFIG_NFSD), that already has a large
> > > > > stack of "select" and "depends on", both directly and indirectly; adding
> > > > > a "select SPLICE_SYSCALL" to it seems fine.  (That select does need
> > > > > adding, though.  Pieter, you need to test-compile more than just
> > > > > tinyconfig and defconfig.  Try an allyesconfig with *just* splice turned
> > > > > off, and make sure that compiles.)
> > > > 
> > > > Did exacly that. Took forever on my hardware, but no problems.
> > > 
> > > Ah, I see.  Looking more closely at nfsd, it looks like it already has a
> > > code path for filesystems that don't do splice.  I think, rather than
> > > making nfsd select SPLICE_SYSCALL, that it would suffice to change the
> > > "rqstp->rq_splice_ok = true;" in svc_process_common (net/sunrpc/svc.c)
> > > to:
> > > 
> > > rqstp->rq_splice_ok = IS_ENABLED(CONFIG_SPLICE_SYSCALL);
> > > 
> > > Then nfsd should simply *always* fall back to its non-splice support.
> > > 
> > 
> > I'd probably prefer the above, actually. We have to keep supporting
> > non-splice enabled fs' for the forseeable future, so we may as well
> > allow people to run nfsd in such configurations. It could even be
> > useful for testing the non-splice-enabled codepaths.
> 
> Good point!
> 
> - Josh Triplett

I'll add this to svc_process_common. I can squash this into PATCH 3, which is
where the syscalls can be compiled out. The log entry may however get a little
crowded and multi-functional.

Should I keep this as a separate patch?
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ