Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:96825
Return-Path: <php-dev@coydogsoftware.net>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 62354 invoked from network); 10 Nov 2016 23:20:57 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 10 Nov 2016 23:20:57 -0000
Authentication-Results: pb1.pair.com smtp.mail=php-dev@coydogsoftware.net; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=php-dev@coydogsoftware.net; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain coydogsoftware.net designates 162.246.56.219 as permitted sender)
X-PHP-List-Original-Sender: php-dev@coydogsoftware.net
X-Host-Fingerprint: 162.246.56.219 unknown  
Received: from [162.246.56.219] ([162.246.56.219:40388] helo=sliver.coydogsoftware.net)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 1D/14-35596-7D005285 for <internals@lists.php.net>; Thu, 10 Nov 2016 18:20:55 -0500
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=coydogsoftware.net; s=default; h=In-Reply-To:Content-Type:MIME-Version:
	References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To:
	Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:
	Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:
	List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive;
	 bh=1mPbnQBW3e13AQ7AbN5DMVOiNH6pkOylzISIe2/OekA=; b=U2zMFFAY3jXIcuM65IJhu5+Eh
	pNpG5ry6Uza8pOejEV3ZuALeSkfG6KD9bGTPpl2hWgRzScZBCTmnma9JGYB3ji1DfESNGlIqk9DtD
	x+tERvfjg8c+1xh8fjpaBZS0hqjKvstU/j5NP2HBnyHq8FtcbcXTOjvmMFVQKfx1LBzLY=;
Received: from [162.246.56.219] (port=57774 helo=sliver.coydogsoftware.net)
	by sliver.coydogsoftware.net with esmtpsa (TLSv1:DHE-RSA-AES128-SHA:128)
	(Exim 4.87)
	(envelope-from <php-dev@coydogsoftware.net>)
	id 1c4yeL-0001aK-2q; Thu, 10 Nov 2016 17:20:53 -0600
Date: Thu, 10 Nov 2016 17:20:51 -0600
To: Dmitry Stogov <dmitry@zend.com>
Cc: "internals@lists.php.net" <internals@lists.php.net>,
	"rasmus@lerdorf.com" <rasmus@lerdorf.com>,
	Zeev Suraski <zeev@zend.com>,
	"Anatol Belski (ab@php.net)" <ab@php.net>
Message-ID: <20161110232051.GA3031@sliver.coydogsoftware.net>
References: <c807ed0e31518329dd1c1c04ffea8bee@coydogsoftware.net>
 <MWHPR02MB2477D7E9020C36136D13F10BBFB80@MWHPR02MB2477.namprd02.prod.outlook.com>
 <20161110141019.GA5119@sliver.coydogsoftware.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20161110141019.GA5119@sliver.coydogsoftware.net>
User-Agent: Mutt/1.5.20 (2009-12-10)
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - sliver.coydogsoftware.net
X-AntiAbuse: Original Domain - lists.php.net
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - coydogsoftware.net
X-Get-Message-Sender-Via: sliver.coydogsoftware.net: authenticated_id: php-dev@coydogsoftware.net
X-Authenticated-Sender: sliver.coydogsoftware.net: php-dev@coydogsoftware.net
X-Source: 
X-Source-Args: 
X-Source-Dir: 
Subject: Re: [PATCH] opcache bug #69090, prepend user identifier to keys
From: php-dev@coydogsoftware.net

Hello Dmitry,

A quick question after considering your comments and doing a bit more
homework on extension lifetime:

On Thu, Nov 10, 2016 at 08:10:19AM -0600, php-dev@coydogsoftware.net wrote:
> 
> On Thu, Nov 10, 2016 at 08:51:58AM +0000, Dmitry Stogov wrote:
> > 
> > The patch introduces syscall in the hot function (this may be
> > optimized).
> 
> Agreed. That isn't ideal. But the geteuid() call shouldn't be done
> during opcache initialization when the SHM object is initialized,
> because EUID might change afterwards. I didn't want to get EUID too
> early so I erred on the side of caution, getting it at the last possible
> moment. This is slower but safer because it prevents trivial cross-user
> cache access from PHP userland. I'm open to suggestion if there's a more
> "local" initialization function outside of key generation, which is
> guaranteed to run after EUID changes in both FPM user pool, and
> mod_ruid2/mod_php.

Looks like OPCache currently does not implement a request_startup_func for
per-request initialization. I'm assuming this was avoided for
performance reasons and due to no perceived need until now for
per-request initialization. This seems like it would be the proper point
in extension lifetime to call geteuid() and save results in the
zend_accel_globals struct to use during key construction. Correct? Any
objection to my implementing this?

I'm also thinking the stat() for device+inode should be done in opcache
code at file compilation time; correct?

Would this be a step in the right direction? Apologies if these are
basic questions; I'm new to PHP extensions but strongly motivated to fix
OPCache keys quickly. I may have time for a second pass at this over the
weekend.

-php-dev at coydogsoftware dot net