From: Mikhail Subject: Re: "got fetch" fails on PROFILE=1 build To: Sebastien Marie , gameoftrees@openbsd.org Date: Tue, 12 Apr 2022 13:02:52 +0300 On Mon, Apr 11, 2022 at 06:31:56PM +0200, Stefan Sperling wrote: > On Mon, Apr 11, 2022 at 05:47:17PM +0200, Sebastien Marie wrote: > > On Mon, Apr 11, 2022 at 06:01:16PM +0300, Mikhail wrote: > > > If got is compiled with PROFILE=1, "got fetch" and "got clone" don't > > > work with git:// repositories, it fails with this error: > > > > > > Connecting to "origin" git.gameoftrees.org > > > got: git.gameoftrees.org: no address associated with name > > > > > > After applying inlined patch it starts to work fine. Not sure if > > > "/etc/resolv.conf" should have gone in its own #define, because the path > > > is pretty standard. > > > > just a general remark about pledge(2) and unveil(2). > > > > both are linked: with PROFILE=1, pledge(2) isn't used (in order to be able to do > > profil(2)), but it introduces subtiles changes: a pledged process has some paths > > whitelisted regarding unveil(2) (like /etc/resolv.conf in this example). > > We could simply disable both pledge and unveil if profiling is used. > It is just a debug build so there is no reason to make things complicated. Disabling looks like the best solution. diff 20e420c8b1505de5032e4c2672147483bd15d616 /home/misha/work/got blob - 634d14fbd0d903b762d975a43ede19d0b14de466 file + got/got.c --- got/got.c +++ got/got.c @@ -318,12 +318,9 @@ static const struct got_error * apply_unveil(const char *repo_path, int repo_read_only, const char *worktree_path) { +#ifndef PROFILE const struct got_error *err; -#ifdef PROFILE - if (unveil("gmon.out", "rwc") != 0) - return got_error_from_errno2("unveil", "gmon.out"); -#endif if (repo_path && unveil(repo_path, repo_read_only ? "r" : "rwc") != 0) return got_error_from_errno2("unveil", repo_path); @@ -339,6 +336,7 @@ apply_unveil(const char *repo_path, int repo_read_only if (unveil(NULL, NULL) != 0) return got_error_from_errno("unveil"); +#endif return NULL; } @@ -829,12 +827,14 @@ cmd_import(int argc, char *argv[]) } } +#ifndef PROFILE if (unveil(path_dir, "r") != 0) { error = got_error_from_errno2("unveil", path_dir); if (logmsg_path) preserve_logmsg = 1; goto done; } +#endif error = apply_unveil(got_repo_get_path(repo), 0, NULL); if (error) { blob - fc67c23d9de31032415a5315451f590e9d291ed2 file + gotadmin/gotadmin.c --- gotadmin/gotadmin.c +++ gotadmin/gotadmin.c @@ -202,12 +202,9 @@ usage(int hflag, int status) static const struct got_error * apply_unveil(const char *repo_path, int repo_read_only) { +#ifndef PROFILE const struct got_error *err; -#ifdef PROFILE - if (unveil("gmon.out", "rwc") != 0) - return got_error_from_errno2("unveil", "gmon.out"); -#endif if (repo_path && unveil(repo_path, repo_read_only ? "r" : "rwc") != 0) return got_error_from_errno2("unveil", repo_path); @@ -220,6 +217,7 @@ apply_unveil(const char *repo_path, int repo_read_only if (unveil(NULL, NULL) != 0) return got_error_from_errno("unveil"); +#endif return NULL; } blob - 096f0320a2c1debb9a1de9ac9c0a8e2bbab704cd file + lib/dial.c --- lib/dial.c +++ lib/dial.c @@ -55,12 +55,14 @@ const struct got_error * got_dial_apply_unveil(const char *proto) { +#ifndef PROFILE if (strcmp(proto, "git+ssh") == 0 || strcmp(proto, "ssh") == 0) { if (unveil(GOT_DIAL_PATH_SSH, "x") != 0) { return got_error_from_errno2("unveil", GOT_DIAL_PATH_SSH); } } +#endif return NULL; } blob - 1235f3d15f5c154123999f3791ee35c3119cd238 file + tog/tog.c --- tog/tog.c +++ tog/tog.c @@ -2665,12 +2665,9 @@ input_log_view(struct tog_view **new_view, struct tog_ static const struct got_error * apply_unveil(const char *repo_path, const char *worktree_path) { +#ifndef PROFILE const struct got_error *error; -#ifdef PROFILE - if (unveil("gmon.out", "rwc") != 0) - return got_error_from_errno2("unveil", "gmon.out"); -#endif if (repo_path && unveil(repo_path, "r") != 0) return got_error_from_errno2("unveil", repo_path); @@ -2686,6 +2683,7 @@ apply_unveil(const char *repo_path, const char *worktr if (unveil(NULL, NULL) != 0) return got_error_from_errno("unveil"); +#endif return NULL; }