Merge branch 'ticket33316_squashed'

.gitignore

@@ -186,6 +186,8 @@ uptime-*.json
 /src/lib/libtor-geoip-testing.a
 /src/lib/libtor-intmath.a
 /src/lib/libtor-intmath-testing.a
+/src/lib/libtor-llharden.a
+/src/lib/libtor-llharden-testing.a
 /src/lib/libtor-lock.a
 /src/lib/libtor-lock-testing.a
 /src/lib/libtor-log.a

Makefile.am

@@ -70,6 +70,7 @@ TOR_UTIL_LIBS = \
 	src/lib/libtor-wallclock.a \
 	src/lib/libtor-err.a \
 	src/lib/libtor-version.a \
+	src/lib/libtor-llharden.a \
 	src/lib/libtor-intmath.a \
 	src/lib/libtor-ctime.a
 
@@ -104,6 +105,7 @@ TOR_UTIL_TESTING_LIBS = \
 	src/lib/libtor-wallclock-testing.a \
 	src/lib/libtor-err-testing.a \
 	src/lib/libtor-version-testing.a \
+	src/lib/libtor-llharden-testing.a \
 	src/lib/libtor-intmath.a \
 	src/lib/libtor-ctime-testing.a
 endif

changes/ticket33316

@@ -0,0 +1,15 @@
+  o Minor bugfixes (initialization):
+    - Initialize the subsystems in our code in an order more closely
+      corresponding to their dependencies, so that every system is
+      initialized before the ones that (theoretically) depend on it.
+      Fixes bug 33316; bugfix on 0.4.0.1-alpha.
+
+  o Minor features (tests):
+    - Initialize all subsystems at the beginning of our unit test harness,
+      to avoid crashes due to uninitialized subsystems.
+      Follow-up from ticket 33316.
+
+  o Code simplification and refactoring:
+    - Merge the orconn and ocirc events into the "core" subsystem, which
+      manages or connections and origin circuits.  Previously they
+      were isolated in subsystems of their own.

src/app/main/subsystem_list.c

@@ -14,9 +14,7 @@
 #include "lib/cc/torint.h"
 
 #include "core/mainloop/mainloop_sys.h"
-#include "core/or/ocirc_event_sys.h"
 #include "core/or/or_sys.h"
-#include "core/or/orconn_event_sys.h"
 #include "feature/control/btrack_sys.h"
 #include "lib/compress/compress_sys.h"
 #include "lib/crypt_ops/crypto_sys.h"
@@ -24,7 +22,7 @@
 #include "lib/log/log_sys.h"
 #include "lib/net/network_sys.h"
 #include "lib/process/process_sys.h"
-#include "lib/process/winprocess_sys.h"
+#include "lib/llharden/winprocess_sys.h"
 #include "lib/thread/thread_sys.h"
 #include "lib/time/time_sys.h"
 #include "lib/tls/tortls_sys.h"
@@ -46,28 +44,26 @@ const subsys_fns_t *tor_subsystems[] = {
   &sys_torerr,
 
   &sys_wallclock,
-  &sys_threads,
   &sys_logging,
+  &sys_threads,
 
   &sys_time,
-  &sys_network,
 
-  &sys_compress,
   &sys_crypto,
+  &sys_compress,
+  &sys_network,
   &sys_tortls,
-  &sys_process,
-
-  &sys_orconn_event,
-  &sys_ocirc_event,
-  &sys_btrack,
 
   &sys_evloop,
+  &sys_process,
 
   &sys_mainloop,
   &sys_or,
 
   &sys_relay,
 
+  &sys_btrack,
+
   &sys_dirauth,
 };
 

src/core/or/include.am

@@ -74,13 +74,11 @@ noinst_HEADERS +=					\
 	src/core/or/or_periodic.h			\
 	src/core/or/or_sys.h				\
 	src/core/or/orconn_event.h			\
-	src/core/or/orconn_event_sys.h			\
 	src/core/or/or_circuit_st.h			\
 	src/core/or/or_connection_st.h			\
 	src/core/or/or_handshake_certs_st.h		\
 	src/core/or/or_handshake_state_st.h		\
 	src/core/or/ocirc_event.h			\
-	src/core/or/ocirc_event_sys.h			\
 	src/core/or/origin_circuit_st.h			\
 	src/core/or/policies.h				\
 	src/core/or/port_cfg_st.h			\

src/core/or/ocirc_event.c

@@ -22,7 +22,7 @@
 
 #include "core/or/cpath_build_state_st.h"
 #include "core/or/ocirc_event.h"
-#include "core/or/ocirc_event_sys.h"
+#include "core/or/or_sys.h"
 #include "core/or/origin_circuit_st.h"
 #include "lib/subsys/subsys.h"
 
@@ -84,7 +84,7 @@ static dispatch_typefns_t ocirc_cevent_fns = {
   .fmt_fn = ocirc_cevent_fmt,
 };
 
-static int
+int
 ocirc_add_pubsub(struct pubsub_connector_t *connector)
 {
   if (DISPATCH_REGISTER_TYPE(connector, ocirc_state, &ocirc_state_fns))
@@ -119,10 +119,3 @@ ocirc_cevent_publish(ocirc_cevent_msg_t *msg)
 {
   PUBLISH(ocirc_cevent, msg);
 }
-
-const subsys_fns_t sys_ocirc_event = {
-  .name = "ocirc_event",
-  .supported = true,
-  .level = -32,
-  .add_pubsub = ocirc_add_pubsub,
-};

src/core/or/ocirc_event_sys.h

@@ -1,13 +0,0 @@
-/* Copyright (c) 2007-2020, The Tor Project, Inc. */
-
-/**
- * \file ocirc_event_sys.h
- * \brief Declare subsystem object for the origin circuit event module.
- **/
-
-#ifndef TOR_OCIRC_EVENT_SYS_H
-#define TOR_OCIRC_EVENT_SYS_H
-
-extern const struct subsys_fns_t sys_ocirc_event;
-
-#endif /* !defined(TOR_OCIRC_EVENT_SYS_H) */

src/core/or/or_sys.c

@@ -34,10 +34,22 @@ subsys_or_shutdown(void)
   policies_free_all();
 }
 
+static int
+subsys_or_add_pubsub(struct pubsub_connector_t *connector)
+{
+  int rv = 0;
+  if (orconn_add_pubsub(connector) < 0)
+    rv = -1;
+  if (ocirc_add_pubsub(connector) < 0)
+    rv = -1;
+  return rv;
+}
+
 const struct subsys_fns_t sys_or = {
   .name = "or",
   .supported = true,
   .level = 20,
   .initialize = subsys_or_initialize,
   .shutdown = subsys_or_shutdown,
+  .add_pubsub = subsys_or_add_pubsub,
 };

src/core/or/or_sys.h

@@ -14,4 +14,8 @@
 
 extern const struct subsys_fns_t sys_or;
 
+struct pubsub_connector_t;
+int ocirc_add_pubsub(struct pubsub_connector_t *connector);
+int orconn_add_pubsub(struct pubsub_connector_t *connector);
+
 #endif /* !defined(TOR_CORE_OR_OR_SYS_H) */

src/core/or/orconn_event.c

@@ -22,7 +22,7 @@
 
 #define ORCONN_EVENT_PRIVATE
 #include "core/or/orconn_event.h"
-#include "core/or/orconn_event_sys.h"
+#include "core/or/or_sys.h"
 
 DECLARE_PUBLISH(orconn_state);
 DECLARE_PUBLISH(orconn_status);
@@ -65,7 +65,7 @@ static dispatch_typefns_t orconn_status_fns = {
   .fmt_fn = orconn_status_fmt,
 };
 
-static int
+int
 orconn_add_pubsub(struct pubsub_connector_t *connector)
 {
   if (DISPATCH_REGISTER_TYPE(connector, orconn_state, &orconn_state_fns))
@@ -90,10 +90,3 @@ orconn_status_publish(orconn_status_msg_t *msg)
 {
   PUBLISH(orconn_status, msg);
 }
-
-const subsys_fns_t sys_orconn_event = {
-  .name = "orconn_event",
-  .supported = true,
-  .level = -33,
-  .add_pubsub = orconn_add_pubsub,
-};

src/core/or/orconn_event_sys.h

@@ -1,12 +0,0 @@
-/* Copyright (c) 2007-2020, The Tor Project, Inc. */
-
-/**
- * \file orconn_event_sys.h
- * \brief Declare subsystem object for the OR connection event module.
- **/
-#ifndef TOR_ORCONN_EVENT_SYS_H
-#define TOR_ORCONN_EVENT_SYS_H
-
-extern const struct subsys_fns_t sys_orconn_event;
-
-#endif /* !defined(TOR_ORCONN_EVENT_SYS_H) */

src/feature/control/btrack.c

@@ -57,7 +57,7 @@ btrack_add_pubsub(pubsub_connector_t *connector)
 const subsys_fns_t sys_btrack = {
   .name = "btrack",
   .supported = true,
-  .level = -30,
+  .level = 55,
   .initialize = btrack_init,
   .shutdown = btrack_fini,
   .add_pubsub = btrack_add_pubsub,

src/include.am

@@ -19,6 +19,7 @@ include src/lib/fs/include.am
 include src/lib/geoip/include.am
 include src/lib/include.libdonna.am
 include src/lib/intmath/include.am
+include src/lib/llharden/include.am
 include src/lib/lock/include.am
 include src/lib/log/include.am
 include src/lib/math/include.am

src/lib/compress/compress.c

@@ -695,6 +695,6 @@ subsys_compress_initialize(void)
 const subsys_fns_t sys_compress = {
   .name = "compress",
   .supported = true,
-  .level = -70,
+  .level = -55,
   .initialize = subsys_compress_initialize,
 };

src/lib/llharden/.may_include

@@ -0,0 +1,3 @@
+lib/llharden/*.h
+lib/subsys/*.h
+orconfig.h

src/lib/llharden/include.am

@@ -0,0 +1,19 @@
+
+noinst_LIBRARIES += src/lib/libtor-llharden.a
+
+if UNITTESTS_ENABLED
+noinst_LIBRARIES += src/lib/libtor-llharden-testing.a
+endif
+
+# ADD_C_FILE: INSERT SOURCES HERE.
+src_lib_libtor_llharden_a_SOURCES =		\
+	src/lib/llharden/winprocess_sys.c
+
+src_lib_libtor_llharden_testing_a_SOURCES = \
+	$(src_lib_libtor_llharden_a_SOURCES)
+src_lib_libtor_llharden_testing_a_CPPFLAGS = $(AM_CPPFLAGS) $(TEST_CPPFLAGS)
+src_lib_libtor_llharden_testing_a_CFLAGS = $(AM_CFLAGS) $(TEST_CFLAGS)
+
+# ADD_C_FILE: INSERT HEADERS HERE.
+noinst_HEADERS +=				\
+	src/lib/llharden/winprocess_sys.h

src/lib/llharden/lib_llharden.md

@@ -0,0 +1,6 @@
+@dir /lib/llharden
+@brief lib/llharden: low-level unconditional process hardening
+
+This module contains process hardening code that we want to run before any
+other code, including configuration.  It needs to be self-contained, since
+nothing else will be initialized at this point.

src/lib/llharden/winprocess_sys.c

@@ -8,7 +8,7 @@
 
 #include "orconfig.h"
 #include "lib/subsys/subsys.h"
-#include "lib/process/winprocess_sys.h"
+#include "lib/llharden/winprocess_sys.h"
 
 #include <stdbool.h>
 #include <stddef.h>

src/lib/net/network_sys.c

@@ -39,7 +39,7 @@ const subsys_fns_t sys_network = {
   .name = "network",
   /* Network depends on logging, and a lot of other modules depend on network.
    */
-  .level = -80,
+  .level = -55,
   .supported = true,
   .initialize = subsys_network_initialize,
   .shutdown = subsys_network_shutdown,

src/lib/process/include.am

@@ -16,8 +16,7 @@ src_lib_libtor_process_a_SOURCES =		\
 	src/lib/process/process_win32.c		\
 	src/lib/process/restrict.c		\
 	src/lib/process/setuid.c		\
-	src/lib/process/waitpid.c		\
+	src/lib/process/waitpid.c
-	src/lib/process/winprocess_sys.c
 
 src_lib_libtor_process_testing_a_SOURCES = \
 	$(src_lib_libtor_process_a_SOURCES)
@@ -35,5 +34,4 @@ noinst_HEADERS +=				\
 	src/lib/process/process_win32.h		\
 	src/lib/process/restrict.h		\
 	src/lib/process/setuid.h		\
-	src/lib/process/waitpid.h		\
+	src/lib/process/waitpid.h
-	src/lib/process/winprocess_sys.h

src/lib/process/process_sys.c

@@ -26,7 +26,7 @@ subsys_process_shutdown(void)
 
 const subsys_fns_t sys_process = {
   .name = "process",
-  .level = -35,
+  .level = -18,
   .supported = true,
   .initialize = subsys_process_initialize,
   .shutdown = subsys_process_shutdown

src/lib/thread/compat_threads.c

@@ -130,8 +130,6 @@ subsys_threads_initialize(void)
 const subsys_fns_t sys_threads = {
   .name = "threads",
   .supported = true,
-  /* Threads is used by logging, which is a diagnostic feature, we want it to
+  .level = -89,
-   * init right after low-level error handling and approx time. */
-  .level = -95,
   .initialize = subsys_threads_initialize,
 };

src/test/testing_common.c

@@ -273,7 +273,7 @@ main(int c, const char **v)
   int loglevel = LOG_ERR;
   int accel_crypto = 0;
 
-  subsystems_init_upto(SUBSYS_LEVEL_LIBS);
+  subsystems_init();
 
   options = options_new();