Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 45525 - systrace missing from gentoo-sources-2.4.25
Summary: systrace missing from gentoo-sources-2.4.25
Status: RESOLVED WONTFIX
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: x86 All
: High major (vote)
Assignee: Bob Johnson (RETIRED)
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-03-23 11:35 UTC by Neil Katin
Modified: 2004-03-29 18:38 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Neil Katin 2004-03-23 11:35:05 UTC
the patches for systrace dissappeared from gentoo-sources-2.4.25.  As near
as I can tell, there was no notice about this, so I'm hoping it was an
accident that can be easily fixed.

There may well be more stuff "missing" from 2.4.25: the patch set size
is 8 meg (uncompressed) instead of 20 meg for 2.4.22-r5:

20656 gentoo-sources-2.4.22-r5.patch
 8268 gentoo-sources-2.4.25.patch



supporting info:

There are no systrace patches in gentoo-sources-2.4.25.patch.bz2:

% bzcat gentoo-sources-2.4.25.patch.bz2 | grep SYSTR
%

The same search for 2.4.22-r5 (which is also the patch set for r7) has
a bunch of systrace related stuff:

% bzcat gentoo-sources-2.4.22-r5.patch.bz2 | grep SYSTR
+DRIVERS-$(CONFIG_SYSTRACE) += drivers/systrace/str.o
+bool 'Systrace support' CONFIG_SYSTRACE
+#ifdef CONFIG_SYSTRACE
+#endif /* CONFIG_SYSTRACE */
+#ifdef CONFIG_SYSTRACE
+#endif /* CONFIG_SYSTRACE */
+subdir-$(CONFIG_SYSTRACE)      += systrace
+       { 0x0090E0, "SYSTRAN CORP." },
+       case SYSTR_POLICY_NEW:
+       case SYSTR_POLICY_ASSIGN:
+       case SYSTR_POLICY_MODIFY:
+       if (fst->npolicies > SYSTR_MAX_POLICIES /* && !fst->issuser */)
+               pol->sysent[i] = SYSTR_POLICY_ASK;
+#ifndef SYSTRACE_PRIVATE_H
+#define SYSTRACE_PRIVATE_H
+#define POLICY_VALID(x)        ((x) == SYSTR_POLICY_PERMIT || \
+                        (x) == SYSTR_POLICY_ASK ||    \
+                        (x) == SYSTR_POLICY_NEVER)
+#endif /* SYSTRACE_PRIVATE_H */
+#define SYSTRACE_MINOR 226
+       SYSTRACE_MINOR,
+                       if (SYSTR_MSG_NOPROCESS(strp))
+               policy = SYSTR_POLICY_PERMIT;
+                       policy = SYSTR_POLICY_ASK;
+                               policy = SYSTR_POLICY_NEVER;
+       case SYSTR_POLICY_PERMIT:
+       case SYSTR_POLICY_ASK:
+                       if (strp->answer == SYSTR_POLICY_NEVER) {
+       case SYSTR_POLICY_NEVER:
+       if (repl->strr_nrepl < 0 || repl->strr_nrepl > SYSTR_MAXARGS)
+       if (ISSET(ans->stra_flags, SYSTR_FLAGS_RESULT))
+        if (ISSET(ans->stra_flags, SYSTR_FLAGS_SETEUID)) {
+        if (ISSET(ans->stra_flags, SYSTR_FLAGS_SETEGID)) {
+       case SYSTR_READ:
+       case SYSTR_WRITE:
+       case SYSTR_READ:
+       for (i = 0; i < argsize / sizeof(register_t) && i < SYSTR_MAXARGS; i++)
+       return (systrace_make_msg(strp, SYSTR_MSG_RES));
+       for (i = 0; i < (argsize / sizeof(register_t)) && i < SYSTR_MAXARGS; i++
)
+       return (systrace_make_msg(strp, SYSTR_MSG_ASK));
+        return (systrace_make_msg(strp, SYSTR_MSG_UGID));
+        return (systrace_make_msg(strp, SYSTR_MSG_EXECVE));
+       msg->msg_type = SYSTR_MSG_CHILD;
+#ifdef CONFIG_SYSTRACE
+#endif /* CONFIG_SYSTRACE */
+#ifndef _SYSTRACE_H
+#define _SYSTRACE_H
+#define SYSTR_EMULEN    8       /* sync with sys proc */
+        char emul[SYSTR_EMULEN];
+#define SYSTR_MAX_POLICIES      64
+#define SYSTR_MAXARGS           64
+        u32 args[SYSTR_MAXARGS];
+#define SYSTR_MSG_ASK     1
+#define SYSTR_MSG_RES     2
+#define SYSTR_MSG_EMUL    3
+#define SYSTR_MSG_CHILD   4
+#define SYSTR_MSG_UGID    5
+#define SYSTR_MSG_EXECVE  6
+#define SYSTR_MSG_NOPROCESS(x) \
+        ((x)->msg.msg_type == SYSTR_MSG_CHILD)
+#define SYSTR_READ              1
+#define SYSTR_WRITE             2
+#define SYSTR_POLICY_NEW        1
+#define SYSTR_POLICY_ASSIGN     2
+#define SYSTR_POLICY_MODIFY     3
+       int strr_argind[SYSTR_MAXARGS];
+       size_t strr_off[SYSTR_MAXARGS];
+       size_t strr_offlen[SYSTR_MAXARGS];
+#define SYSTR_POLICY_ASK        0
+#define SYSTR_POLICY_PERMIT     1
+#define SYSTR_POLICY_NEVER      2
+#define SYSTR_FLAGS_RESULT      0x001
+#define SYSTR_FLAGS_SETEUID     0x002
+#define SYSTR_FLAGS_SETEGID     0x004
+#endif /* _SYSTRACE_H */

<and so on...>

------------------------

And if someone could answer this question for me, I would appreciate
it (this is not directly related to the bug): where are the definitions
for the patch files kept?  I'm assuming somewhere in CVS, but it wasn't
obvious where?  I looked, but couldn't find it.  Thanks in advance.
Comment 1 Neil Katin 2004-03-23 23:17:00 UTC
Bug 45524 (CRYPTO_API missing) seems similar to this one, as does 45450
(i2c missing) (which was closed because i2c was dropped on purpose...)
Comment 2 Bob Johnson (RETIRED) gentoo-dev 2004-03-24 18:09:34 UTC
The gentoo-sources patchset was slimmed down considerable.
In its old form, it was almost impossible to maintain.

current patch list is /usr/src/linux-2.4.25-gentoo/patches.txt
Comment 3 Neil Katin 2004-03-24 21:47:34 UTC
IMHO slimming down the patches is a reasonable thing to do: I can understand the desire.  But doing it without notice, as part of a "minor" upgrade seems to be a mistake.  Shouldn't this at least have appeared in the forums, newsgroups, or cvs comments?  The weekly newsletter?  Or was it discussed, and I just didn't find it in any of the searches I did (always possible, I admit).

If you determined to cut down the patches, perhaps a note announcing that you are going to do it?  And where to get the patches from (as near as I can tell, we're outside of emerge-land to add patches back -- we have to retrieve the patches manually add them into the kernel by hand.  Right?)

Once again: I'm not challenging the decision, but I do think there really is a "bug" here with the lack of an announcment or transition plan.
Comment 4 David M. Andersen 2004-03-29 18:38:52 UTC
Other problems:

Can't install Extended Attributes/ACL support (REQUIRED FOR ME) - http://acl.bestbits.at/download.html

(Don't give me any nonsense about ACLs being evil...)

grsecurity makes it impossible to apply the patches.  I'm trying to modify the existing patches to make them compatible with grsecurity, but I might not bother.

2.4.25-gentoo doesn't seem nearly as cool as 2.4.22-r7. :-(

I might just go to 2.6, but I've heard problems about that too.