On Tue, Jan 14, 2020 at 09:51:05PM +0900, leeb wrote:
> Hello again tech@
>
> I've included diffs of what I've got so far at the bottom
> of this mail, but first a couple of questions:
>
> - Using the full 510-character limits for username and
> passphrase specified in the MBIM spec, kernel compilation
> fails due to tripping the 2047-byte stack frame warning
> when compiling the driver. That's the reason for the '100'
> magic numbers that I put in there temporarily.
>
> Any hints on the best way to handle this would be appreciated.
I would allocate mp dynamically instead of storing it on the stack.
In umb_ioctl(), you could change mp to a pointer type:
struct umb_parameter *mp;
The ioctl is allowed to sleep until memory is available (M_WAITOK), so
this allocation cannot fail and you don't need to check for NULL:
mp = malloc(sizeof(*mp), M_DEVBUF, M_ZERO | M_WAITOK);
free mp before umb_ioctl returns:
free(mp, M_DEVBUF, sizeof(*mp));
See 'man 9 malloc' for details.
> - I included the username/passphrase fields in the ifconfig
> output, as it seems to me that APN settings are generally
> made public so end-users can configure their own devices
> If needed I'll take it out, or perhaps change it to display
> '*set*' (or similar) if you think it should be hidden?
Genrally, the kernel should not return credentials to userland.
So these shouldn't just be hidden or obscured in ifconfig. Rather,
umb_ioctl should not copy such data out to any userland program.
This rule also applies to wifi and carp interfaces, for instance.
> A couple of other points:
>
> - Wireless providers where I am all seem to require a
> username/password with the APN. So I'm unable to confirm
> whether or not this breaks non-authenticated connections.
>
> - I've been building my kernel using the documented
> procedure, and have no problems there. I ran through a
> base system build and that (eventually) completed OK too.
> When compiling ifconfig(8), I've been doing 'make includes'
> in /usr/src (after installing and booting my new kernel),
> and using 'make ifconfig' and 'make install' in
> /usr/src/sbin/ifconfig. Is this OK? or should I be doing
> something else instead?
You should verify that 'make release' works after having completed a full
system build. The ramdisks use a special build of ifconfig so a check that
this still compiles is required. See 'man release' for details.
