mess revision 1.2
1 1.2 dholland $NetBSD: mess,v 1.2 2017/01/14 20:50:15 dholland Exp $ 2 1.1 dholland 3 1.1 dholland NetBSD Messes and Tentacular Horrors Roadmap 4 1.1 dholland ============================================ 5 1.1 dholland 6 1.1 dholland There are a number of places in NetBSD where the code is substandard, 7 1.1 dholland or messy, or badly structured, or just excessively complicated. These 8 1.1 dholland are liabilities. Fixing them is a goal, not just because they 9 1.1 dholland themselves cause problems but because every pile of glop in the system 10 1.1 dholland functions as an implicit excuse to not clean up others. 11 1.1 dholland 12 1.1 dholland There are two kinds of these messes: with some, the consequences are 13 1.1 dholland relatively localized, and while dealing with that particular area of 14 1.1 dholland the code may be nasty the issues are otherwise mostly not visible. 15 1.1 dholland With others, the horror spreads and contaminates everything that comes 16 1.1 dholland near it. The latter are particularly important to clean out. 17 1.1 dholland 18 1.1 dholland The things listed here are listed here because they have been cited as 19 1.1 dholland problems; some of these are regularly cited as problems. The goal of 20 1.1 dholland this file is not to criticize the code or point fingers (some of these 21 1.1 dholland messes come down to us all the way from 4.3 and are the result of 22 1.1 dholland always patching and never fixing; but some of them have been 23 1.1 dholland self-inflicted because they seemed like a good idea at the time, or 24 1.1 dholland they were what we had, or whatever) but to document areas that could 25 1.1 dholland use a good rototill or two. 26 1.1 dholland 27 1.1 dholland These are listed in a perceived order of priority based on how bad the 28 1.1 dholland mess is, how toxic it is to things around it, how much it's 29 1.1 dholland interfering with other development, and how unreliable the affected 30 1.1 dholland code is as a result. 31 1.1 dholland 32 1.1 dholland 1. namei, ufs_lookup, vfs_rename 33 1.1 dholland 2. buffercache 34 1.1 dholland 3. network interfaces 35 1.1 dholland 4. mbufs 36 1.1 dholland 5. tty code 37 1.1 dholland 6. nsswitch code in libc 38 1.1 dholland 7. proplib 39 1.1 dholland 8. kauth 40 1.1 dholland 9. sysmon_envsys 41 1.1 dholland 10. atf 42 1.1 dholland 11. pam 43 1.1 dholland 44 1.1 dholland 45 1.1 dholland Explanations 46 1.1 dholland ============ 47 1.1 dholland 48 1.1 dholland 49 1.1 dholland 1. namei, ufs_lookup, vfs_rename 50 1.1 dholland 51 1.1 dholland namei is central to everything and it's been horrible since at least 52 1.1 dholland 4.3 and maybe longer. A fair amount of work has been put into it, and 53 1.1 dholland a number of the particular horrors have been eliminated, but there's 54 1.1 dholland still quite a bit left to do. 55 1.1 dholland 56 1.1 dholland The immediate next step is to introduce VOP_PARSEPATH (a new VOP call 57 1.1 dholland to allow the two filesystems we have that consume more than one 58 1.1 dholland directory component at a time to do so in a more tractable way) and 59 1.1 dholland then it's time to start implementing namei_parent, a version that 60 1.1 dholland stops at the parent with one component name left to go. This will 61 1.1 dholland allow a much saner interface to directory ops, including rename, and 62 1.1 dholland once those are done a lot of the complexity currently in namei and in 63 1.1 dholland the VOP_LOOKUP interface can be removed. 64 1.1 dholland 65 1.1 dholland - dholland is working on this intermittently. 66 1.1 dholland - VOP_PARSEPATH is ready to commit and is expected to make 8.0. 67 1.1 dholland There is currently no clear timeframe for anything beyond that. 68 1.1 dholland - Responsible: dholland 69 1.1 dholland 70 1.1 dholland 71 1.1 dholland 2. buffercache 72 1.1 dholland 73 1.1 dholland The buffercache code is messy and full of flag words that filesystems 74 1.1 dholland muck with freely and not necessarily with correct locking. It is 75 1.1 dholland suspected that there is a lot of incorrect locking. Also, a lot of the 76 1.1 dholland naming and terminology (things like BO_DELWRI) is really ancient and 77 1.1 dholland reflects non-current assumptions about the way file system buffers 78 1.1 dholland should work. 79 1.1 dholland 80 1.2 dholland The first step on this is to disentangle the buffer cache 81 1.2 dholland (buffercache(9)) from the buffer I/O path (bufferio(9)) -- right now 82 1.2 dholland they both abusively share the same struct buf. 83 1.2 dholland 84 1.1 dholland - As of January 2017 nobody is currently working on this. 85 1.1 dholland - There is currently no clear timeframe or release target. 86 1.1 dholland - Contact dholland for further information. 87 1.1 dholland 88 1.1 dholland 89 1.1 dholland 3. network interfaces 90 1.1 dholland 91 1.1 dholland The network interface structure and its associated support code has no 92 1.1 dholland abstraction, no encapsulation, and no safety. It badly needs 93 1.1 dholland rationalization. 94 1.1 dholland 95 1.1 dholland - As of January 2017 nobody is currently working on this directly, 96 1.1 dholland though some aspects fall under the multiprocessor network stack 97 1.1 dholland project. 98 1.1 dholland - There is currently no clear timeframe or release target. 99 1.1 dholland - Contact rmind for further information. 100 1.1 dholland 101 1.1 dholland 102 1.1 dholland 4. mbufs 103 1.1 dholland 104 1.1 dholland The mbuf code has some concept of an interface, but lots of the code 105 1.1 dholland manipulating mbufs doesn't use that interface, and there's still no 106 1.1 dholland encapsulation and no safety. 107 1.1 dholland 108 1.1 dholland - As of January 2017 nobody is currently working on this directly, 109 1.1 dholland though some aspects fall under the multiprocessor network stack 110 1.1 dholland project. 111 1.1 dholland - There is currently no clear timeframe or release target. 112 1.1 dholland - Contact rmind or dholland for further information. 113 1.1 dholland 114 1.1 dholland 115 1.1 dholland 5. tty code 116 1.1 dholland 117 1.1 dholland The tty subsystem has no concept of an interface at all, and there are 118 1.1 dholland large wodges of code cutpasted all over everywhere in gazillions of 119 1.1 dholland tty client drivers. There's no encapsulation either and absolutely no 120 1.1 dholland safety. Furthermore the locking model is bodgy. 121 1.1 dholland 122 1.1 dholland In addition to this the division of responsibility between "tty" and 123 1.1 dholland "serial port" is wrong. There are a number of drivers (e.g. for mice) 124 1.1 dholland that are partially ttys because they're things that are more or less 125 1.1 dholland serial ports, but they were never meant to be used for logins and 126 1.1 dholland can't be. These should be disentangled from the tty layer. 127 1.1 dholland 128 1.1 dholland Finally, the notion of line disciplines is a legacy mess that ought to 129 1.1 dholland get turned into a system of device attachments - a line discipline is 130 1.1 dholland a driver attached on top of the line, except that the concept appeared 131 1.1 dholland long before anyone really thought up device attachments as we know 132 1.1 dholland them now. 133 1.1 dholland 134 1.1 dholland - As of January 2017 nobody is currently working on this. 135 1.1 dholland - There is currently no clear timeframe or release target. 136 1.1 dholland - Contact dholland for further information. 137 1.1 dholland 138 1.1 dholland 139 1.1 dholland 6. nsswitch code in libc 140 1.1 dholland 141 1.1 dholland The nsswitch code in libc is not all that bad in the sense of being 142 1.1 dholland horrible code you lose sanity points to look at, but it's structured 143 1.1 dholland all wrong. It can't be cleaned up without doing a libc bump, which is 144 1.1 dholland a big deal, but if we do ever manage to get that libc bump done it's 145 1.1 dholland important that the nsswitch code get revised then. 146 1.1 dholland 147 1.1 dholland - As of January 2017 nobody is currently working on this. 148 1.1 dholland - There is currently no clear timeframe or release target. 149 1.1 dholland - Contact dholland or joerg for further information. 150 1.1 dholland 151 1.1 dholland 152 1.1 dholland 7. proplib 153 1.1 dholland 154 1.1 dholland Removal of proplib is and has been a goal of several developers for 155 1.1 dholland some time, but there's not been any consensus on a replacement. Much 156 1.1 dholland has been written on this elsewhere so I'm not going to repeat it all 157 1.1 dholland here. 158 1.1 dholland 159 1.1 dholland - As of January 2017 nobody is currently working on this, but several 160 1.1 dholland partly-finished proplib replacement candidates exist. 161 1.1 dholland - There is currently no clear timeframe or release target. 162 1.1 dholland - Contact dholland, rmind, riastradh, or any of a number of other 163 1.1 dholland people for further information. 164 1.1 dholland 165 1.1 dholland 166 1.1 dholland 8. kauth 167 1.1 dholland 168 1.1 dholland kauth is far too complicated for security code and its API is full of 169 1.1 dholland void pointers and horribly unsafe. There is no consensus on what to do 170 1.1 dholland about it, though. Part of the problem is that kauth itself is at least 171 1.1 dholland three different things that need to be disentangled: (a) an API for 172 1.1 dholland random kernel code to issue security checks; (b) an implementation of 173 1.1 dholland security check logic; and (c) an extensibility framework for that 174 1.1 dholland security check logic. 175 1.1 dholland 176 1.1 dholland - As of January 2017 nobody is currently working on this. 177 1.1 dholland - There is currently no clear timeframe or release target. 178 1.1 dholland - Contact dholland for further information. 179 1.1 dholland 180 1.1 dholland 181 1.1 dholland 9. sysmon_envsys 182 1.1 dholland 183 1.1 dholland sysmon_envsys is also too complicated. XXX: someone fill in more here 184 1.1 dholland please. 185 1.1 dholland 186 1.1 dholland - As of January 2017 nobody is currently working on this. 187 1.1 dholland - There is currently no clear timeframe or release target. 188 1.1 dholland - Contact: ? (XXX) 189 1.1 dholland 190 1.1 dholland 191 1.1 dholland 10. atf 192 1.1 dholland 193 1.1 dholland atf is horribly complicated and very expensive (apparently it takes 194 1.1 dholland all day to compile just atf on an sgimips) and doesn't provide a whole 195 1.1 dholland lot of bang for the buck. It is also frequently cited as an impediment 196 1.1 dholland to getting new tests written and deployed. It is not at all clear what 197 1.1 dholland to do about it. 198 1.1 dholland 199 1.1 dholland - As of January 2017 nobody is currently working on this. 200 1.1 dholland - There is currently no clear timeframe or release target. 201 1.1 dholland - Contact: ? (XXX) 202 1.1 dholland 203 1.1 dholland 204 1.1 dholland 11. pam 205 1.1 dholland 206 1.1 dholland pam, though a more or less standard API/interface, has a range of 207 1.1 dholland problems, one being that after the manner of sysvinit it works by 208 1.1 dholland exposing a mechanism and you configure it by mucking with the 209 1.1 dholland mechanism until it produces the behavior you want. (Except that if you 210 1.1 dholland muck with its mechanism, you end up locking yourself out.) In practice 211 1.1 dholland editing pam configs seems to be limited to specialists, and that's 212 1.1 dholland really not suitable for security software. 213 1.1 dholland 214 1.1 dholland It is very unclear what to do about it though. It's a standard API and 215 1.1 dholland there are a number of 3rd-party pam modules, some of which people need 216 1.1 dholland to be able to use. Once upon a time there was a similar thing called 217 1.1 dholland bsdauth, but it never really seems to have been a credible alternative. 218 1.1 dholland Probably the right thing to do is to completely redesign 219 1.1 dholland how logging in works, but that's a Big Deal. 220 1.1 dholland 221 1.1 dholland - As of January 2017 nobody is currently working on this. 222 1.1 dholland - There is currently no clear timeframe or release target. 223 1.1 dholland - Contact: ? (XXX) 224
Indexes created Mon Sep 22 05:09:51 GMT 2025