svn commit: r315662 - in head: contrib/bsnmp/snmp_mibII contrib/ipfilter/ipsend lib/libprocstat sys/netinet sys/sys usr.bin/netstat usr.bin/sockstat usr.bin/systat usr.sbin/tcpdrop usr.sbin/trpt
Gleb Smirnoff
glebius at FreeBSD.org
Tue Mar 21 18:50:10 UTC 2017
John,
On Tue, Mar 21, 2017 at 10:40:34AM -0700, John Baldwin wrote:
J> First, this is a very good change and long overdue in divorcing the
J> user-facing structure for live system reporting vs the kernel structure.
J>
J> However, I realize you don't use info from netstat when debugging kernel
J> crash dumps, but other people _do_. It's ok if the kvm bits of netstat
J> require a matching kernel and thus require recompiling everytime the ABI
J> changes, but it is useful to have them. Please restore those.
I have very much anticipated this comment from you, John.
I would like to remind you, that we have had this very exact conversation
back when I removed kvm support from netstat/route.c. Let me search the
archives:
https://lists.freebsd.org/pipermail/svn-src-head/2015-April/070480.html
This conversation has had a continuation on IRC, which I don't archive.
AFAIR, first I told that with all my involvement into networking stack,
I never ever had experienced a need to run route stats on a core. The
debugger were the only useful tool. And that opinion was seconded by
other network hackers. Then we discussed that a proper tool chould use
dynamic type parsing and not kvm(3). You said that future gdb has python
scripting and that would work fine. Meanwhile, you insisted that I restore
the functionality. I resisted to put kvm(3) back into netstat/route.c, and
instead I created a gdb script that prints exactly what 'nestat -anr -M core'
prints. And I committed the script just to satisfy your demand:
tools/debugscripts/netstat-anr.gdb
Can you please fairly answer, have you (or anyone else) ever used the
script during these 2 years?
I believe, the inpcb/tcpcb printing from a core functionality has the
same level of real usefulness. I could create the same script for pcbs,
and I am afraid it is going to share fate of netstat-anr.gdb.
Today, I can actually bring yet another point on kvm(3) in netstat,
which I didn't bring in 2015. Now netstat is dependent on libxo, which
has a lot of complex things in it and was never reviewed wrt security
implications. Now netstat has only one last bit of kvm functionality
remaining - UNIX pcbs printing, which also has close to zero level
of usefulness. Once we remove it, we can remove setgid bit and kmem
access from /usr/bin/netstat and sleep better.
--
Totus tuus, Glebius.
More information about the svn-src-all
mailing list