Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Varnish>
  3. Dev
Re: [varnishcache/varnish-cache] explicit_bzero() causing havoc (#3051)
geoff at uplex
Sep 16, 2019, 5:35 AM
Post #1 of 6 (1068 views)
Permalink
On 9/16/19 13:37, Poul-Henning Kamp wrote:
> Solved in #3057

Repeating my comment in github on the commit (to make sure that everyone
can see it):

The EXPLICIT_BZERO check is still AC_REQUIRE'd in varnish.m4, from
VARNISH_PREREQ and _VARNISH_CHECK_DEVEL, which are used in VMOD
development. Since it's not defined now, this leads to a cascade of
error messages when autogen.sh is called for a VMOD.

Apparently these can be ignored -- I can now compile without a
workaround for ZERO_OBJ. Thank you, I will stop screaming into the abyss
now.

It's worth pointing out, however, that Colin Percival concluded in his
blog that not even this solution guarantees that the memset call won't
be optimized out:

https://www.daemonology.net/blog/2014-09-05-erratum.html

But this gets us much closer to something that will work on most
platforms. It's OpenSSL's solution for wiping keys in memory, so one
hopes that it works most of the time.


--
** * * UPLEX - Nils Goroll Systemoptimierung

Scheffelstraße 32
22301 Hamburg

Tel +49 40 2880 5731
Mob +49 176 636 90917
Fax +49 40 42949753

http://uplex.de

Attached Files:

Re: [varnishcache/varnish-cache] explicit_bzero() causing havoc (#3051) [ In reply to ]
geoff at uplex
Sep 16, 2019, 5:42 AM
Post #2 of 6 (1068 views)
Permalink
On 9/16/19 14:35, Geoff Simmons wrote:
>
> The EXPLICIT_BZERO check is still AC_REQUIRE'd in varnish.m4, from
> VARNISH_PREREQ and _VARNISH_CHECK_DEVEL, which are used in VMOD
> development. Since it's not defined now, this leads to a cascade of
> error messages when autogen.sh is called for a VMOD.

I might have mixed my message, so to emphasize, this is a bug that
should *not* go into a new release.


Best,
Geoff
--
** * * UPLEX - Nils Goroll Systemoptimierung

Scheffelstraße 32
22301 Hamburg

Tel +49 40 2880 5731
Mob +49 176 636 90917
Fax +49 40 42949753

http://uplex.de

Attached Files:

Re: [varnishcache/varnish-cache] explicit_bzero() causing havoc (#3051) [ In reply to ]
phk at phk
Sep 16, 2019, 7:31 AM
Post #3 of 6 (1068 views)
Permalink
--------
In message <7b7463af-bd3f-8cfe-acb9-d231cfaa37ab@uplex.de>, Geoff Simmons write
s:

>The EXPLICIT_BZERO check is still AC_REQUIRE'd in varnish.m4, from
>VARNISH_PREREQ and _VARNISH_CHECK_DEVEL, which are used in VMOD
>development. Since it's not defined now, this leads to a cascade of
>error messages when autogen.sh is called for a VMOD.

Ticket please, that is out of my comfort area.

>It's worth pointing out, however, that Colin Percival concluded in his
>blog that not even this solution guarantees that the memset call won't
>be optimized out:
>
>https://www.daemonology.net/blog/2014-09-05-erratum.html

I took that as more of a judgement of the sanity of the ISO-C
committee and compiler writers in general, as a problem we need
to deal with.

>But this gets us much closer to something that will work on most
>platforms. It's OpenSSL's solution for wiping keys in memory, so one
>hopes that it works most of the time.

Ohh God!

Now you just inspired all "cyberforces" to start implementing
compiler optimizations... :-)

--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
_______________________________________________
varnish-dev mailing list
varnish-dev@varnish-cache.org
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-dev
Re: [varnishcache/varnish-cache] explicit_bzero() causing havoc (#3051) [ In reply to ]
geoff at uplex
Sep 16, 2019, 9:18 AM
Post #4 of 6 (1068 views)
Permalink
On 9/16/19 16:31, Poul-Henning Kamp wrote:
>
>> The EXPLICIT_BZERO check is still AC_REQUIRE'd in varnish.m4, from
>> VARNISH_PREREQ and _VARNISH_CHECK_DEVEL, which are used in VMOD
>> development. Since it's not defined now, this leads to a cascade of
>> error messages when autogen.sh is called for a VMOD.
>
> Ticket please, that is out of my comfort area.

devnexen wrote to me that he has a PR up to fix that.

https://github.com/varnishcache/varnish-cache/pull/3062

Looks like the PR will fix the problem.

But it didn't make it into the release? Then there's a somewhat buggy
varnish.m4 in 6.3.0. The workaround is to just ignore the error
messages, but they're going to be annoying to look at from now on.


Best,
Geoff
--
** * * UPLEX - Nils Goroll Systemoptimierung

Scheffelstraße 32
22301 Hamburg

Tel +49 40 2880 5731
Mob +49 176 636 90917
Fax +49 40 42949753

http://uplex.de

Attached Files:

Re: [varnishcache/varnish-cache] explicit_bzero() causing havoc (#3051) [ In reply to ]
phk at phk
Sep 16, 2019, 9:26 AM
Post #5 of 6 (1068 views)
Permalink
--------
In message <d284001d-14c5-01fe-12c5-6419d3f64ce8@uplex.de>, Geoff Simmons write
s:

>But it didn't make it into the release? Then there's a somewhat buggy
>varnish.m4 in 6.3.0. The workaround is to just ignore the error
>messages, but they're going to be annoying to look at from now on.

It's not a LTS release so we'll survive...

--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
_______________________________________________
varnish-dev mailing list
varnish-dev@varnish-cache.org
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-dev
Re: [varnishcache/varnish-cache] explicit_bzero() causing havoc (#3051) [ In reply to ]
devnexen at gmail
Sep 17, 2019, 3:01 AM
Post #6 of 6 (1063 views)
Permalink
Hi agreed here "no duress, no stress" the PR can wait :-) Regards.

On Mon, 16 Sep 2019 at 16:26, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote:
>
> --------
> In message <d284001d-14c5-01fe-12c5-6419d3f64ce8@uplex.de>, Geoff Simmons write
> s:
>
> >But it didn't make it into the release? Then there's a somewhat buggy
> >varnish.m4 in 6.3.0. The workaround is to just ignore the error
> >messages, but they're going to be annoying to look at from now on.
>
> It's not a LTS release so we'll survive...
>
> --
> Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
> phk@FreeBSD.ORG | TCP/IP since RFC 956
> FreeBSD committer | BSD since 4.3-tahoe
> Never attribute to malice what can adequately be explained by incompetence.
> _______________________________________________
> varnish-dev mailing list
> varnish-dev@varnish-cache.org
> https://www.varnish-cache.org/lists/mailman/listinfo/varnish-dev
_______________________________________________
varnish-dev mailing list
varnish-dev@varnish-cache.org
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-dev

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal