~sircmpwn/public-inbox

1 of 3: [drawterm] fix exit status for -G flag v1 PROPOSED

Fazlul Shahriar: 3
 fix drawterm compiles using gcc 10
 cpu: remove /env/PASS to avoid leaking password to the remote system
 Don't initialize /env with host env variables

 4 files changed, 8 insertions(+), 52 deletions(-)
Can we just totally unmount the host env for the builds.sr.ht drawterm
fork? I don't want to give guests anything at all by mistake.
It needs to be mounted because that's how we get the exit status from
Plan 9 to drawterm. We can however start off with an empty /env by
removing the call to initunix() in kern/devenv.c:/^envattach/, but
that also means drawterm won't have access to environment variables
such as $cpu, $auth, $USER, $PASS, etc. when calling getenv(). That
might be ok depending how drawterm is being used in builds.sr.ht.
On Mon, Jul 6, 2020 at 12:00 PM Drew DeVault <sir@cmpwn.com> wrote:
Thanks! Pushing these upstream now.
Is this live on builds.sr.ht now? I tried to run something and it
failed with "Unknown image 9front":
https://builds.sr.ht/~fhs/job/250663

On Wed, Jul 8, 2020 at 1:10 PM Drew DeVault <sir@cmpwn.com> wrote:
Yeah, it's live. This was an unrelated problem, which is solved now.
Ok, now I'm getting "Error: Settle timed out after 120 attempts".
https://builds.sr.ht/~fhs/job/251047

On Thu, Jul 9, 2020 at 9:18 AM Drew DeVault <sir@cmpwn.com> wrote:
Export patchset (mbox)
How do I use this?

Copy & paste the following snippet into your terminal to import this patchset into git:

curl -s https://lists.sr.ht/~sircmpwn/public-inbox/patches/11476/mbox | git am -3
Learn more about email & git
View this thread in the archives

[PATCH 1 of 3] fix drawterm compiles using gcc 10 Export this patch

# HG changeset patch
# User Ori Bernstein <ori@eigenstate.org>'
# Date 1588022377 25200
#      Mon Apr 27 14:19:37 2020 -0700
# Node ID 00923ffa8d7863471df5426d3bcc79baac7c252e
# Parent  b87549edc3d740dcb6bd35228cffa47f5384dcd6
fix drawterm compiles using gcc 10

-fno-common became the default, and and kmesg was relying
on common symbols being merged.

diff --git a/kern/dat.h b/kern/dat.h
--- a/kern/dat.h
+++ b/kern/dat.h
@@ -32,6 +32,7 @@
typedef struct RWlock	RWlock;
typedef struct Waitq	Waitq;
typedef struct Walkqid	Walkqid;
typedef struct Kmesg	Kmesg;
typedef int    Devgen(Chan*, char*, Dirtab*, int, int, Dir*);

#include "fcall.h"
@@ -477,8 +478,10 @@
 * Log console output so it can be retrieved via /dev/kmesg.
 * This is good for catching boot-time messages after the fact.
 */
struct {
struct Kmesg {
	Lock lk;
	uint n;
	char buf[16384];
} kmesg;
};

extern Kmesg kmesg;
diff --git a/kern/devcons.c b/kern/devcons.c
--- a/kern/devcons.c
+++ b/kern/devcons.c
@@ -13,6 +13,7 @@

void	(*screenputs)(char*, int) = 0;

Kmesg	kmesg;			/* console messages */
Queue*	kbdq;			/* unprocessed console input */
Queue*	lineq;			/* processed console input */
Queue*	kprintoq;		/* console output, for /dev/kprint */

[PATCH 3 of 3] cpu: remove /env/PASS to avoid leaking password to the remote system Export this patch

# HG changeset patch
# User cinap_lenrek@felloff.net
# Date 1593016961 -7200
#      Wed Jun 24 18:42:41 2020 +0200
# Node ID c657240ae8ff48e87ecba552a4c56c6c241eaa57
# Parent  96b769e0caffd7b3d60d2714c8309d86b400525f
cpu: remove /env/PASS to avoid leaking password to the remote system

diff --git a/cpu.c b/cpu.c
--- a/cpu.c
+++ b/cpu.c
@@ -110,7 +110,8 @@
	char *s;

	user = getenv("USER");
	pass = getenv("PASS");
	if((pass = getenv("PASS")) != nil)
		remove("/env/PASS");
	host = getenv("cpu");
	authserver = getenv("auth");

Can we just totally unmount the host env for the builds.sr.ht drawterm
fork? I don't want to give guests anything at all by mistake.

[PATCH] Don't initialize /env with host env variables Export this patch

# HG changeset patch
# User Fazlul Shahriar <fshahriar@gmail.com>
# Date 1594056181 14400
#      Mon Jul 06 13:23:01 2020 -0400
# Node ID 7afe16f1fa6a66a31eeab8032ee47c29489f423d
# Parent  c657240ae8ff48e87ecba552a4c56c6c241eaa57
Don't initialize /env with host env variables

This prevents builds.sr.ht guests from accessing host environment
variables.

diff --git a/kern/devenv.c b/kern/devenv.c
--- a/kern/devenv.c
+++ b/kern/devenv.c
@@ -11,7 +11,6 @@

static Egrp	*envgrp(Chan *c);
static int	envwriteable(Chan *c);
static void	initunix();

static Egrp	unixegrp;	/* unix environment group */

@@ -68,7 +67,6 @@
	if(spec && *spec) {
		error(Ebadarg);
	}
	initunix();
	c = devattach('e', spec);
	c->aux = &unixegrp;
	return c;
@@ -319,53 +317,6 @@

extern char **environ;

static void
initunix()
{
	Egrp *eg = &unixegrp;
	Evalue **ent, *e;
	char *eq, **envp, *line;
	int n;

	wlock(&eg->lk);

	if(eg->path > 0 || eg->ment > 0 || !environ){
		// already initialized or nothing in environent
		wunlock(&eg->lk);
		return;
	}

	for(envp = environ; *envp != nil; envp++)
		eg->ment++;
	ent = smalloc(sizeof(eg->ent[0])*eg->ment);
	eg->ent = ent;

	for(envp = environ; *envp != nil; envp++){
		line = *envp;
		n = strlen(line);

		eq = strchr(line, '=');
		if(eq == nil)
			eq = &line[n];
		e = smalloc(sizeof(Evalue));
		e->name = smalloc(eq-line+1);
		strncpy(e->name, line, eq-line);

		if(eq[0] != '\0')
			eq++;
		e->len = line+n-eq;
		e->value = smalloc(e->len);
		memmove(e->value, eq, e->len);

		e->qid.path = ++eg->path;
		e->qid.vers = 0;
		eg->vers++;
		eg->ent[eg->nent++] = e;
	}

	wunlock(&eg->lk);
}

void
envcpy(Egrp *to, Egrp *from)
{
Thanks! Pushing these upstream now.