DEV Community: Kushagra Srivastava The latest articles on DEV Community by Kushagra Srivastava (@thesynthax). https://dev.to/thesynthax https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3396886%2F5e50b5d7-823f-42a5-aa11-e0d63f1cfeee.jpg DEV Community: Kushagra Srivastava https://dev.to/thesynthax en My Google Summer of Code Journey: Part 3 Kushagra Srivastava Sun, 21 Sep 2025 07:31:58 +0000 https://dev.to/thesynthax/my-google-summer-of-code-journey-part-3-44g1 https://dev.to/thesynthax/my-google-summer-of-code-journey-part-3-44g1 <h2> Time for a technical deep dive into my project. </h2> <p>In the previous blog, I gave an <strong>overview</strong> of my journey, mostly keeping it <strong>noob-friendly</strong> and showing what a realistic journey from the preparation, ideation, acceptance, to the completion looks like.</p> <p>This would be my last article about my GSoC journey. In this article, I’ll be going down into the <strong>technical</strong> <strong>depths</strong> of my project. You may or may not find it interesting, but if OS, kernels, concurrency, memory management (and <strong>mismanagement</strong> too) tickle your brain, do stick around. I’ll post more technical and non-technical content in the upcoming blogs.</p> <h2> Overview of my project. </h2> <p>As mentioned previously, I completed GSoC’25 in The FreeBSD Project. <strong>FreeBSD</strong>, as you might know, is a <strong>Unix-like</strong> operating system known for its stability, performance, and <strong>security</strong>. My project was medium-sized (175 hours), made of two small-sized projects, namely (i) <code>mac_do(4)</code> improvements and (ii) <code>mdo(1)</code> improvements.</p> <h2> mac_do(4) improvements </h2> <p><code>mac_do(4)</code> is a kernel security module that can enable <strong>controlled process credentials transitions</strong>, such as changing the user IDs or group IDs to particular values. Processes that make such requests and are authorized <code>mac_do(4)</code> do not need to be root or spawned from an executable with the <strong>setuid</strong> bit. It overcomes the fundamental security issues of programs like <code>sudo</code> or <code>doas</code>.</p> <p>I had two objectives for this module:</p> <ol> <li><p>Allow <code>mac_do(4)</code> to support a list of <strong>executables</strong> <strong>authorized</strong> to request credential transitions, and enable the ability to configure this list in <code>jail(8)</code>s.</p></li> <li><p>Allow <code>mac_do(4)</code> to support authorizing credential transitions outside the <code>setcred(2)</code> system call, i.e., implementing support for traditional system calls like <code>setuid(2)</code>, <code>setgid(2)</code>, <code>setgroups(2)</code>, etc.</p></li> </ol> <h3> Objective 1: Per-jail configurable list for executable paths </h3> <p>One major drawback of the original <code>mac_do(4)</code> module was that it was <strong>hardcoded</strong> to only allow processes that spawned from <code>/usr/bin/mdo</code>. Any other application wishing to take advantage of the credential transition capabilities would be <strong>out of luck</strong> due to this rigidity. As with the credential transition rules, it was my responsibility to make this configurable on a per-jail basis.</p> <p>The existing infrastructure was built around managing <code>rules</code> - the credential transition specifications. However, I needed to store and manage both <strong>rules</strong> and <strong>executable</strong> <strong>paths</strong> together. The original structure was simple:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight c"><code><span class="k">struct</span> <span class="n">rules</span> <span class="p">{</span> <span class="kt">char</span> <span class="n">string</span><span class="p">[</span><span class="n">MAC_RULE_STRING_LEN</span><span class="p">];</span> <span class="k">struct</span> <span class="n">rulehead</span> <span class="n">head</span><span class="p">;</span> <span class="k">volatile</span> <span class="n">u_int</span> <span class="n">use_count</span> <span class="n">__aligned</span><span class="p">(</span><span class="n">CACHE_LINE_SIZE</span><span class="p">);</span> <span class="p">};</span> </code></pre> </div> <p>This needed to evolve into something more comprehensive that could handle multiple types of <strong>configuration</strong> data while maintaining the same <strong>lifetime</strong> <strong>management</strong> and <strong>concurrency</strong> guarantees.</p> <p><strong>Introducing struct conf: A Unified Configuration Container</strong><br><br> The solution was to create a new <code>struct conf</code> that would encapsulate both rules and executable paths:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight c"><code><span class="k">struct</span> <span class="n">exec_paths</span> <span class="p">{</span> <span class="kt">char</span> <span class="n">exec_paths_str</span><span class="p">[</span><span class="n">EXEC_PATHS_MAXLEN</span><span class="p">];</span> <span class="kt">char</span> <span class="n">exec_paths</span><span class="p">[</span><span class="n">MAX_EXEC_PATHS</span><span class="p">][</span><span class="n">PATH_MAX</span><span class="p">];</span> <span class="kt">int</span> <span class="n">exec_path_count</span><span class="p">;</span> <span class="p">};</span> <span class="k">struct</span> <span class="n">conf</span> <span class="p">{</span> <span class="k">struct</span> <span class="n">rules</span> <span class="n">rules</span><span class="p">;</span> <span class="k">struct</span> <span class="n">exec_paths</span> <span class="n">exec_paths</span><span class="p">;</span> <span class="k">volatile</span> <span class="n">u_int</span> <span class="n">use_count</span> <span class="n">__aligned</span><span class="p">(</span><span class="n">CACHE_LINE_SIZE</span><span class="p">);</span> <span class="p">};</span> </code></pre> </div> <p>This design adds the new <code>exec_paths</code> functionality while preserving the original <code>struct rules</code>. In order to ensure <strong>atomic</strong> updates of both rules and executable paths, the <strong>reference</strong> <strong>counting</strong> mechanism that was previously at the rules level now functions at the configuration level.</p> <p><strong>Memory Management and Lifetime Challenges</strong><br><br> One of the trickiest aspects was migrating all the lifetime management logic from <code>rules</code> to <code>conf</code>. The original code had functions like:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight c"><code><span class="k">static</span> <span class="k">struct</span> <span class="n">rules</span> <span class="o">*</span><span class="n">alloc_rules</span><span class="p">(</span><span class="kt">void</span><span class="p">)</span> <span class="k">static</span> <span class="kt">void</span> <span class="n">toast_rules</span><span class="p">(</span><span class="k">struct</span> <span class="n">rules</span> <span class="o">*</span><span class="k">const</span> <span class="n">rules</span><span class="p">)</span> <span class="k">static</span> <span class="kt">void</span> <span class="n">hold_rules</span><span class="p">(</span><span class="k">struct</span> <span class="n">rules</span> <span class="o">*</span><span class="k">const</span> <span class="n">rules</span><span class="p">)</span> <span class="k">static</span> <span class="kt">void</span> <span class="n">drop_rules</span><span class="p">(</span><span class="k">struct</span> <span class="n">rules</span> <span class="o">*</span><span class="k">const</span> <span class="n">rules</span><span class="p">)</span> </code></pre> </div> <p>These all needed to be reimplemented for the new configuration structure:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight c"><code><span class="k">static</span> <span class="k">struct</span> <span class="n">conf</span> <span class="o">*</span><span class="nf">alloc_conf</span><span class="p">(</span><span class="kt">void</span><span class="p">)</span> <span class="k">static</span> <span class="kt">void</span> <span class="n">drop_conf</span><span class="p">(</span><span class="k">struct</span> <span class="n">conf</span> <span class="o">*</span><span class="k">const</span> <span class="n">conf</span><span class="p">)</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(</span><span class="n">refcount_release</span><span class="p">(</span><span class="o">&amp;</span><span class="n">conf</span><span class="o">-&gt;</span><span class="n">use_count</span><span class="p">))</span> <span class="p">{</span> <span class="n">toast_rules</span><span class="p">(</span><span class="o">&amp;</span><span class="n">conf</span><span class="o">-&gt;</span><span class="n">rules</span><span class="p">);</span> <span class="c1">// Clean up embedded rules</span> <span class="n">free</span><span class="p">(</span><span class="n">conf</span><span class="p">,</span> <span class="n">M_MAC_DO</span><span class="p">);</span> <span class="c1">// Free the container</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>The key insight was that <code>struct conf</code> now owns the <strong>lifetime</strong> of the <strong>embedded</strong> <code>struct rules</code>, so the cleanup process needed to handle the nested structure properly.</p> <p><strong>Deep vs Shallow Copying: A Critical Distinction</strong><br><br> I ran into a minor but significant copying problem when implementing configuration inheritance and updates. The dynamically allocated arrays (<code>uids</code> and <code>gids</code>) in the <code>struct rules</code> are not easily copied using <code>bcopy()</code>. I had to put deep cloning functions into practice:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight c"><code><span class="k">static</span> <span class="kt">void</span> <span class="nf">clone_rules</span><span class="p">(</span><span class="k">struct</span> <span class="n">rules</span> <span class="o">*</span><span class="n">dst</span><span class="p">,</span> <span class="k">struct</span> <span class="n">rules</span> <span class="o">*</span><span class="k">const</span> <span class="n">src</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// Copy the basic structure</span> <span class="n">strlcpy</span><span class="p">(</span><span class="n">dst</span><span class="o">-&gt;</span><span class="n">string</span><span class="p">,</span> <span class="n">src</span><span class="o">-&gt;</span><span class="n">string</span><span class="p">,</span> <span class="k">sizeof</span><span class="p">(</span><span class="n">dst</span><span class="o">-&gt;</span><span class="n">string</span><span class="p">));</span> <span class="n">STAILQ_INIT</span><span class="p">(</span><span class="o">&amp;</span><span class="n">dst</span><span class="o">-&gt;</span><span class="n">head</span><span class="p">);</span> <span class="c1">// Deep copy each rule with its dynamic arrays</span> <span class="n">STAILQ_FOREACH</span><span class="p">(</span><span class="n">src_rule</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">src</span><span class="o">-&gt;</span><span class="n">head</span><span class="p">,</span> <span class="n">r_entries</span><span class="p">)</span> <span class="p">{</span> <span class="n">dst_rule</span> <span class="o">=</span> <span class="n">malloc</span><span class="p">(</span><span class="k">sizeof</span><span class="p">(</span><span class="o">*</span><span class="n">dst_rule</span><span class="p">),</span> <span class="n">M_MAC_DO</span><span class="p">,</span> <span class="n">M_WAITOK</span> <span class="o">|</span> <span class="n">M_ZERO</span><span class="p">);</span> <span class="n">bcopy</span><span class="p">(</span><span class="n">src_rule</span><span class="p">,</span> <span class="n">dst_rule</span><span class="p">,</span> <span class="k">sizeof</span><span class="p">(</span><span class="o">*</span><span class="n">dst_rule</span><span class="p">));</span> <span class="k">if</span> <span class="p">(</span><span class="n">src_rule</span><span class="o">-&gt;</span><span class="n">uids_nb</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">)</span> <span class="p">{</span> <span class="n">dst_rule</span><span class="o">-&gt;</span><span class="n">uids</span> <span class="o">=</span> <span class="n">malloc</span><span class="p">(</span><span class="k">sizeof</span><span class="p">(</span><span class="o">*</span><span class="n">dst_rule</span><span class="o">-&gt;</span><span class="n">uids</span><span class="p">)</span> <span class="o">*</span> <span class="n">src_rule</span><span class="o">-&gt;</span><span class="n">uids_nb</span><span class="p">,</span> <span class="n">M_MAC_DO</span><span class="p">,</span> <span class="n">M_WAITOK</span><span class="p">);</span> <span class="n">bcopy</span><span class="p">(</span><span class="n">src_rule</span><span class="o">-&gt;</span><span class="n">uids</span><span class="p">,</span> <span class="n">dst_rule</span><span class="o">-&gt;</span><span class="n">uids</span><span class="p">,</span> <span class="k">sizeof</span><span class="p">(</span><span class="o">*</span><span class="n">dst_rule</span><span class="o">-&gt;</span><span class="n">uids</span><span class="p">)</span> <span class="o">*</span> <span class="n">src_rule</span><span class="o">-&gt;</span><span class="n">uids_nb</span><span class="p">);</span> <span class="p">}</span> <span class="c1">// Similar for gids...</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>This was required because jail configuration inheritance meant that a jail had to inherit from its parent, but as an <strong>independent</strong> <strong>copy</strong> rather than a <strong>shared</strong> <strong>reference</strong>, when it didn't specify its own rules or paths.</p> <p><strong>Concurrency and Prison Lock Management</strong><br><br> The kernel environment requires careful attention to <strong>locking</strong> and <strong>concurrency</strong>. The existing infrastructure used <strong>prison locks</strong> to protect <strong>jail-specific data</strong>, and I had to ensure this remained consistent:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight c"><code><span class="k">static</span> <span class="k">struct</span> <span class="n">conf</span> <span class="o">*</span> <span class="nf">find_conf</span><span class="p">(</span><span class="k">struct</span> <span class="n">prison</span> <span class="o">*</span><span class="k">const</span> <span class="n">pr</span><span class="p">,</span> <span class="k">struct</span> <span class="n">prison</span> <span class="o">**</span><span class="k">const</span> <span class="n">aprp</span><span class="p">)</span> <span class="p">{</span> <span class="k">struct</span> <span class="n">prison</span> <span class="o">*</span><span class="n">cpr</span><span class="p">,</span> <span class="o">*</span><span class="n">ppr</span><span class="p">;</span> <span class="k">struct</span> <span class="n">conf</span> <span class="o">*</span><span class="n">conf</span><span class="p">;</span> <span class="n">cpr</span> <span class="o">=</span> <span class="n">pr</span><span class="p">;</span> <span class="k">for</span> <span class="p">(;;)</span> <span class="p">{</span> <span class="n">prison_lock</span><span class="p">(</span><span class="n">cpr</span><span class="p">);</span> <span class="n">conf</span> <span class="o">=</span> <span class="n">osd_jail_get</span><span class="p">(</span><span class="n">cpr</span><span class="p">,</span> <span class="n">osd_jail_slot</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="n">conf</span> <span class="o">!=</span> <span class="nb">NULL</span><span class="p">)</span> <span class="k">break</span><span class="p">;</span> <span class="n">prison_unlock</span><span class="p">(</span><span class="n">cpr</span><span class="p">);</span> <span class="n">ppr</span> <span class="o">=</span> <span class="n">cpr</span><span class="o">-&gt;</span><span class="n">pr_parent</span><span class="p">;</span> <span class="n">MPASS</span><span class="p">(</span><span class="n">ppr</span> <span class="o">!=</span> <span class="nb">NULL</span><span class="p">);</span> <span class="c1">// prison0 always has config</span> <span class="n">cpr</span> <span class="o">=</span> <span class="n">ppr</span><span class="p">;</span> <span class="p">}</span> <span class="o">*</span><span class="n">aprp</span> <span class="o">=</span> <span class="n">cpr</span><span class="p">;</span> <span class="k">return</span> <span class="p">(</span><span class="n">conf</span><span class="p">);</span> <span class="p">}</span> </code></pre> </div> <p>The caller receives both the configuration and the prison that holds it, and must <strong>unlock</strong> that prison when done. This pattern ensures that the configuration remains valid for the duration of use while preventing deadlocks.</p> <p><strong>Jail Parameter Integration</strong><br><br> Adding the new executable paths required extending the <strong>jail</strong> <strong>parameter</strong> system. This meant implementing new sysctl handlers and jail management hooks:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight c"><code><span class="k">static</span> <span class="kt">int</span> <span class="nf">mac_do_sysctl_exec_paths</span><span class="p">(</span><span class="n">SYSCTL_HANDLER_ARGS</span><span class="p">)</span> <span class="p">{</span> <span class="kt">char</span> <span class="o">*</span><span class="k">const</span> <span class="n">buf</span> <span class="o">=</span> <span class="n">malloc</span><span class="p">(</span><span class="n">EXEC_PATHS_MAXLEN</span><span class="p">,</span> <span class="n">M_MAC_DO</span><span class="p">,</span> <span class="n">M_WAITOK</span><span class="p">);</span> <span class="k">struct</span> <span class="n">conf</span> <span class="o">*</span><span class="n">conf</span><span class="p">;</span> <span class="k">struct</span> <span class="n">prison</span> <span class="o">*</span><span class="n">pr</span><span class="p">;</span> <span class="n">conf</span> <span class="o">=</span> <span class="n">find_conf</span><span class="p">(</span><span class="n">td_pr</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">pr</span><span class="p">);</span> <span class="n">strlcpy</span><span class="p">(</span><span class="n">buf</span><span class="p">,</span> <span class="n">conf</span><span class="o">-&gt;</span><span class="n">exec_paths</span><span class="p">.</span><span class="n">exec_paths_str</span><span class="p">,</span> <span class="n">EXEC_PATHS_MAXLEN</span><span class="p">);</span> <span class="n">prison_unlock</span><span class="p">(</span><span class="n">pr</span><span class="p">);</span> <span class="c1">// Handle updates...</span> <span class="p">}</span> <span class="n">SYSCTL_PROC</span><span class="p">(</span><span class="n">_security_mac_do</span><span class="p">,</span> <span class="n">OID_AUTO</span><span class="p">,</span> <span class="n">exec_paths</span><span class="p">,</span> <span class="n">CTLTYPE_STRING</span> <span class="o">|</span> <span class="n">CTLFLAG_RW</span> <span class="o">|</span> <span class="n">CTLFLAG_PRISON</span> <span class="o">|</span> <span class="n">CTLFLAG_MPSAFE</span><span class="p">,</span> <span class="mi">0</span><span class="p">,</span> <span class="mi">0</span><span class="p">,</span> <span class="n">mac_do_sysctl_exec_paths</span><span class="p">,</span> <span class="s">"A"</span><span class="p">,</span> <span class="s">"Colon-separated list of allowed executables"</span><span class="p">);</span> </code></pre> </div> <p><strong>Transforming check_proc(): From Static to Dynamic</strong><br><br> The original <code>check_proc()</code> function was trivial; just a hardcoded string comparison:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight c"><code><span class="c1">// Original version</span> <span class="n">error</span> <span class="o">=</span> <span class="n">strcmp</span><span class="p">(</span><span class="n">path</span><span class="p">,</span> <span class="s">"/usr/bin/mdo"</span><span class="p">)</span> <span class="o">==</span> <span class="mi">0</span> <span class="o">?</span> <span class="mi">0</span> <span class="o">:</span> <span class="n">EPERM</span><span class="p">;</span> </code></pre> </div> <p>The new version needed to dynamically check against the jail's configured executable paths:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight c"><code><span class="k">static</span> <span class="kt">int</span> <span class="nf">check_proc</span><span class="p">(</span><span class="kt">void</span><span class="p">)</span> <span class="p">{</span> <span class="kt">char</span> <span class="o">*</span><span class="n">path</span><span class="p">,</span> <span class="o">*</span><span class="n">to_free</span><span class="p">;</span> <span class="kt">int</span> <span class="n">error</span> <span class="o">=</span> <span class="n">EPERM</span><span class="p">;</span> <span class="k">if</span> <span class="p">(</span><span class="n">vn_fullpath</span><span class="p">(</span><span class="n">curproc</span><span class="o">-&gt;</span><span class="n">p_textvp</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">path</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">to_free</span><span class="p">)</span> <span class="o">!=</span> <span class="mi">0</span><span class="p">)</span> <span class="k">return</span> <span class="p">(</span><span class="n">EPERM</span><span class="p">);</span> <span class="k">struct</span> <span class="n">conf</span> <span class="o">*</span><span class="n">conf</span><span class="p">;</span> <span class="k">struct</span> <span class="n">prison</span> <span class="o">*</span><span class="n">pr</span><span class="p">;</span> <span class="n">conf</span> <span class="o">=</span> <span class="n">find_conf</span><span class="p">(</span><span class="n">curproc</span><span class="o">-&gt;</span><span class="n">p_ucred</span><span class="o">-&gt;</span><span class="n">cr_prison</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">pr</span><span class="p">);</span> <span class="k">for</span> <span class="p">(</span><span class="kt">int</span> <span class="n">i</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span> <span class="n">i</span> <span class="o">&lt;</span> <span class="n">conf</span><span class="o">-&gt;</span><span class="n">exec_paths</span><span class="p">.</span><span class="n">exec_path_count</span><span class="p">;</span> <span class="n">i</span><span class="o">++</span><span class="p">)</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(</span><span class="n">strcmp</span><span class="p">(</span><span class="n">conf</span><span class="o">-&gt;</span><span class="n">exec_paths</span><span class="p">.</span><span class="n">exec_paths</span><span class="p">[</span><span class="n">i</span><span class="p">],</span> <span class="n">path</span><span class="p">)</span> <span class="o">==</span> <span class="mi">0</span><span class="p">)</span> <span class="p">{</span> <span class="n">error</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span> <span class="k">break</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="n">prison_unlock</span><span class="p">(</span><span class="n">pr</span><span class="p">);</span> <span class="n">free</span><span class="p">(</span><span class="n">to_free</span><span class="p">,</span> <span class="n">M_TEMP</span><span class="p">);</span> <span class="k">return</span> <span class="p">(</span><span class="n">error</span><span class="p">);</span> <span class="p">}</span> </code></pre> </div> <p>This change enables per-jail customization of authorized executables while maintaining the security model.</p> <p><strong>OSD Integration and Default Configuration</strong><br><br> The jail lifecycle hooks had to be updated to accommodate the new configuration structure for the <strong>Object-Specific Data (OSD)</strong> framework integration. The default configuration needed to provide backward compatibility:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight c"><code><span class="k">static</span> <span class="kt">void</span> <span class="nf">set_default_conf</span><span class="p">(</span><span class="k">struct</span> <span class="n">prison</span> <span class="o">*</span><span class="k">const</span> <span class="n">pr</span><span class="p">)</span> <span class="p">{</span> <span class="k">struct</span> <span class="n">conf</span> <span class="o">*</span><span class="k">const</span> <span class="n">conf</span> <span class="o">=</span> <span class="n">alloc_conf</span><span class="p">();</span> <span class="c1">// Maintain backward compatibility</span> <span class="n">strlcpy</span><span class="p">(</span><span class="n">conf</span><span class="o">-&gt;</span><span class="n">exec_paths</span><span class="p">.</span><span class="n">exec_paths_str</span><span class="p">,</span> <span class="s">"/usr/bin/mdo"</span><span class="p">,</span> <span class="n">EXEC_PATHS_MAXLEN</span><span class="p">);</span> <span class="n">strlcpy</span><span class="p">(</span><span class="n">conf</span><span class="o">-&gt;</span><span class="n">exec_paths</span><span class="p">.</span><span class="n">exec_paths</span><span class="p">[</span><span class="mi">0</span><span class="p">],</span> <span class="s">"/usr/bin/mdo"</span><span class="p">,</span> <span class="n">PATH_MAX</span><span class="p">);</span> <span class="n">conf</span><span class="o">-&gt;</span><span class="n">exec_paths</span><span class="p">.</span><span class="n">exec_path_count</span> <span class="o">=</span> <span class="mi">1</span><span class="p">;</span> <span class="n">set_conf</span><span class="p">(</span><span class="n">pr</span><span class="p">,</span> <span class="n">conf</span><span class="p">);</span> <span class="p">}</span> </code></pre> </div> <p><strong>The Result: Flexible, Per-Jail Configuration</strong><br><br> <code>mac_do(4)</code> was successfully transformed from a rigid, hardcoded system to one that is completely configurable. Now, administrators can specify a list of executable paths for various jails:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># System-wide configuration</span> sysctl security.mac.do.exec_paths<span class="o">=</span><span class="s2">"/usr/bin/mdo:/usr/local/bin/custom_tool"</span> <span class="c"># Per-jail configuration </span> jail <span class="nt">-c</span> <span class="nv">name</span><span class="o">=</span>myjail mac.do.exec_paths<span class="o">=</span><span class="s2">"/usr/bin/mdo:/usr/local/bin/jail_specific_tool"</span> </code></pre> </div> <h3> Objective 2: Implementing support for traditional credentials changing syscalls </h3> <p>One major drawback of the original <code>mac_do(4)</code> implementation was that it could only approve credential transitions that were requested using the specific <code>setcred(2)</code> system call. Traditional <strong>POSIX</strong> system calls such as <code>setuid(2)</code>, <code>setgid(2)</code>, and <code>setgroups(2)</code> are usually used in real-world applications, even though <code>setcred(2)</code> offers complete credential management. In order to intercept and authorize these common credential-changing functions, I had to extend <code>mac_do(4)</code>.</p> <p><strong>The Infrastructure Challenge</strong><br><br> The existing code already had a sophisticated infrastructure for handling <code>setcred(2)</code> through the MAC framework:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight c"><code><span class="k">struct</span> <span class="n">mac_do_data_header</span> <span class="p">{</span> <span class="kt">size_t</span> <span class="n">allocated_size</span><span class="p">;</span> <span class="kt">size_t</span> <span class="n">size</span><span class="p">;</span> <span class="kt">int</span> <span class="n">priv</span><span class="p">;</span> <span class="c1">// Privilege identifier</span> <span class="k">struct</span> <span class="n">conf</span> <span class="o">*</span><span class="n">conf</span><span class="p">;</span> <span class="c1">// Configuration to apply</span> <span class="p">};</span> <span class="k">struct</span> <span class="n">mac_do_setcred_data</span> <span class="p">{</span> <span class="k">struct</span> <span class="n">mac_do_data_header</span> <span class="n">hdr</span><span class="p">;</span> <span class="k">const</span> <span class="k">struct</span> <span class="n">ucred</span> <span class="o">*</span><span class="n">new_cred</span><span class="p">;</span> <span class="n">u_int</span> <span class="n">setcred_flags</span><span class="p">;</span> <span class="p">};</span> </code></pre> </div> <p>This infrastructure uses <strong>per-thread Object-Specific Data (OSD)</strong> to pass information between <strong>MAC</strong> hooks safely, handling <strong>concurrency</strong> and memory management automatically. The challenge was extending this pattern to handle multiple different system calls.</p> <p><strong>Creating Specialized Data Structures</strong><br><br> I created dedicated data structures for different categories of system calls:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight c"><code><span class="k">struct</span> <span class="n">mac_do_setuid_data</span> <span class="p">{</span> <span class="k">struct</span> <span class="n">mac_do_data_header</span> <span class="n">hdr</span><span class="p">;</span> <span class="n">uid_t</span> <span class="n">target_uid</span><span class="p">;</span> <span class="p">};</span> <span class="k">struct</span> <span class="n">mac_do_setgid_data</span> <span class="p">{</span> <span class="k">struct</span> <span class="n">mac_do_data_header</span> <span class="n">hdr</span><span class="p">;</span> <span class="n">gid_t</span> <span class="n">target_gid</span><span class="p">;</span> <span class="p">};</span> <span class="k">struct</span> <span class="n">mac_do_setgroups_data</span> <span class="p">{</span> <span class="k">struct</span> <span class="n">mac_do_data_header</span> <span class="n">hdr</span><span class="p">;</span> <span class="kt">int</span> <span class="n">ngroups</span><span class="p">;</span> <span class="n">gid_t</span> <span class="o">*</span><span class="n">groups</span><span class="p">;</span> <span class="p">};</span> </code></pre> </div> <p>Each structure shares the common header but carries syscall-specific data needed for authorization decisions.</p> <p><strong>Expanding the Privilege Grant Logic</strong><br><br> The original <code>mac_do_priv_grant()</code> function handled only <code>PRIV_CRED_SETCRED</code>. I extended it to handle all the new privilege types:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight c"><code><span class="k">static</span> <span class="kt">int</span> <span class="nf">mac_do_priv_grant</span><span class="p">(</span><span class="k">struct</span> <span class="n">ucred</span> <span class="o">*</span><span class="n">cred</span><span class="p">,</span> <span class="kt">int</span> <span class="n">priv</span><span class="p">)</span> <span class="p">{</span> <span class="k">switch</span> <span class="p">(</span><span class="n">priv</span><span class="p">)</span> <span class="p">{</span> <span class="k">case</span> <span class="n">PRIV_CRED_SETCRED</span><span class="p">:</span> <span class="p">{</span> <span class="c1">// Original setcred logic</span> <span class="k">break</span><span class="p">;</span> <span class="p">}</span> <span class="k">case</span> <span class="n">PRIV_CRED_SETUID</span><span class="p">:</span> <span class="k">case</span> <span class="n">PRIV_CRED_SETEUID</span><span class="p">:</span> <span class="k">case</span> <span class="n">PRIV_CRED_SETREUID</span><span class="p">:</span> <span class="k">case</span> <span class="n">PRIV_CRED_SETRESUID</span><span class="p">:</span> <span class="p">{</span> <span class="k">struct</span> <span class="n">mac_do_setuid_data</span> <span class="o">*</span><span class="n">data</span> <span class="o">=</span> <span class="n">fetch_data</span><span class="p">();</span> <span class="c1">// Check rules against target UID</span> <span class="n">STAILQ_FOREACH</span><span class="p">(</span><span class="n">rule</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">rules</span><span class="o">-&gt;</span><span class="n">head</span><span class="p">,</span> <span class="n">r_entries</span><span class="p">)</span> <span class="k">if</span> <span class="p">(</span><span class="n">rule_applies</span><span class="p">(</span><span class="n">rule</span><span class="p">,</span> <span class="n">cred</span><span class="p">))</span> <span class="p">{</span> <span class="n">error</span> <span class="o">=</span> <span class="n">rule_grant_user</span><span class="p">(</span><span class="n">rule</span><span class="p">,</span> <span class="n">cred</span><span class="p">,</span> <span class="n">data</span><span class="o">-&gt;</span><span class="n">target_uid</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="n">error</span> <span class="o">!=</span> <span class="n">EPERM</span><span class="p">)</span> <span class="k">break</span><span class="p">;</span> <span class="p">}</span> <span class="k">return</span> <span class="p">(</span><span class="n">error</span><span class="p">);</span> <span class="p">}</span> <span class="k">case</span> <span class="n">PRIV_CRED_SETGROUPS</span><span class="p">:</span> <span class="p">{</span> <span class="k">struct</span> <span class="n">mac_do_setgroups_data</span> <span class="o">*</span><span class="n">data</span> <span class="o">=</span> <span class="n">fetch_data</span><span class="p">();</span> <span class="c1">// Check rules against target groups</span> <span class="n">STAILQ_FOREACH</span><span class="p">(</span><span class="n">rule</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">rules</span><span class="o">-&gt;</span><span class="n">head</span><span class="p">,</span> <span class="n">r_entries</span><span class="p">)</span> <span class="k">if</span> <span class="p">(</span><span class="n">rule_applies</span><span class="p">(</span><span class="n">rule</span><span class="p">,</span> <span class="n">cred</span><span class="p">))</span> <span class="p">{</span> <span class="n">error</span> <span class="o">=</span> <span class="n">rule_grant_setgroups</span><span class="p">(</span><span class="n">rule</span><span class="p">,</span> <span class="n">cred</span><span class="p">,</span> <span class="n">data</span><span class="o">-&gt;</span><span class="n">ngroups</span><span class="p">,</span> <span class="n">data</span><span class="o">-&gt;</span><span class="n">groups</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="n">error</span> <span class="o">!=</span> <span class="n">EPERM</span><span class="p">)</span> <span class="k">break</span><span class="p">;</span> <span class="p">}</span> <span class="k">return</span> <span class="p">(</span><span class="n">error</span><span class="p">);</span> <span class="p">}</span> <span class="c1">// Similar cases for GID syscalls...</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p><strong>Implementing the Hook Triplets</strong><br><br> Each system call requires three MAC hooks: enter, check, and exit. I implemented these for all nine syscalls (<code>setuid</code>, <code>seteuid</code>, <code>setreuid</code>, <code>setresuid</code>, <code>setgid</code>, <code>setegid</code>, <code>setregid</code>, <code>setresgid</code>, <code>setgroups</code>). The pattern is consistent:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight c"><code><span class="k">static</span> <span class="kt">void</span> <span class="nf">mac_do_setuid_enter</span><span class="p">(</span><span class="kt">void</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// Set up per-thread data if authorized executable</span> <span class="k">if</span> <span class="p">(</span><span class="n">do_enabled</span> <span class="o">==</span> <span class="mi">0</span> <span class="o">||</span> <span class="n">check_proc</span><span class="p">()</span> <span class="o">!=</span> <span class="mi">0</span><span class="p">)</span> <span class="k">return</span><span class="p">;</span> <span class="n">conf</span> <span class="o">=</span> <span class="n">find_conf</span><span class="p">(</span><span class="n">curproc</span><span class="o">-&gt;</span><span class="n">p_ucred</span><span class="o">-&gt;</span><span class="n">cr_prison</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">pr</span><span class="p">);</span> <span class="n">hold_conf</span><span class="p">(</span><span class="n">conf</span><span class="p">);</span> <span class="n">data</span> <span class="o">=</span> <span class="n">alloc_data</span><span class="p">(</span><span class="n">data</span><span class="p">,</span> <span class="k">sizeof</span><span class="p">(</span><span class="o">*</span><span class="n">data</span><span class="p">));</span> <span class="n">set_data_header</span><span class="p">(</span><span class="n">data</span><span class="p">,</span> <span class="k">sizeof</span><span class="p">(</span><span class="o">*</span><span class="n">data</span><span class="p">),</span> <span class="n">PRIV_CRED_SETUID</span><span class="p">,</span> <span class="n">conf</span><span class="p">);</span> <span class="p">}</span> <span class="k">static</span> <span class="kt">int</span> <span class="nf">mac_do_check_setuid</span><span class="p">(</span><span class="k">struct</span> <span class="n">ucred</span> <span class="o">*</span><span class="n">cred</span><span class="p">,</span> <span class="n">uid_t</span> <span class="n">uid</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// Capture the target UID for privilege checking</span> <span class="n">data</span><span class="o">-&gt;</span><span class="n">target_uid</span> <span class="o">=</span> <span class="n">uid</span><span class="p">;</span> <span class="k">return</span> <span class="p">(</span><span class="mi">0</span><span class="p">);</span> <span class="p">}</span> <span class="k">static</span> <span class="kt">void</span> <span class="nf">mac_do_setuid_exit</span><span class="p">(</span><span class="kt">void</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// Clean up per-thread data</span> <span class="n">clear_data</span><span class="p">(</span><span class="n">data</span><span class="p">);</span> <span class="p">}</span> </code></pre> </div> <p><strong>Handling Complex Parameter Logic</strong><br><br> Some syscalls like <code>setreuid(2)</code> and <code>setresuid(2)</code> can take multiple UIDs where <code>-1</code> means "don't change". I had to implement logic to determine the effective target:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight c"><code><span class="k">static</span> <span class="kt">int</span> <span class="nf">mac_do_check_setreuid</span><span class="p">(</span><span class="k">struct</span> <span class="n">ucred</span> <span class="o">*</span><span class="n">cred</span><span class="p">,</span> <span class="n">uid_t</span> <span class="n">ruid</span><span class="p">,</span> <span class="n">uid_t</span> <span class="n">euid</span><span class="p">)</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(</span><span class="n">euid</span> <span class="o">!=</span> <span class="p">(</span><span class="n">uid_t</span><span class="p">)</span><span class="o">-</span><span class="mi">1</span><span class="p">)</span> <span class="n">data</span><span class="o">-&gt;</span><span class="n">target_uid</span> <span class="o">=</span> <span class="n">euid</span><span class="p">;</span> <span class="c1">// Effective UID takes priority</span> <span class="k">else</span> <span class="k">if</span> <span class="p">(</span><span class="n">ruid</span> <span class="o">!=</span> <span class="p">(</span><span class="n">uid_t</span><span class="p">)</span><span class="o">-</span><span class="mi">1</span><span class="p">)</span> <span class="n">data</span><span class="o">-&gt;</span><span class="n">target_uid</span> <span class="o">=</span> <span class="n">ruid</span><span class="p">;</span> <span class="c1">// Fall back to real UID</span> <span class="k">else</span> <span class="n">data</span><span class="o">-&gt;</span><span class="n">target_uid</span> <span class="o">=</span> <span class="n">cred</span><span class="o">-&gt;</span><span class="n">cr_uid</span><span class="p">;</span> <span class="c1">// No change requested</span> <span class="k">return</span> <span class="p">(</span><span class="mi">0</span><span class="p">);</span> <span class="p">}</span> </code></pre> </div> <p><strong>Adapting Group Authorization Logic</strong><br><br> The <code>setgroups(2)</code> syscall required special attention since it operates differently from <code>setcred(2)</code>. I created <code>rule_grant_setgroups()</code> that works directly with the group array:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight c"><code><span class="k">static</span> <span class="kt">int</span> <span class="nf">rule_grant_setgroups</span><span class="p">(</span><span class="k">const</span> <span class="k">struct</span> <span class="n">rule</span> <span class="o">*</span><span class="k">const</span> <span class="n">rule</span><span class="p">,</span> <span class="k">const</span> <span class="k">struct</span> <span class="n">ucred</span> <span class="o">*</span><span class="k">const</span> <span class="n">old_cred</span><span class="p">,</span> <span class="k">const</span> <span class="kt">int</span> <span class="n">ngroups</span><span class="p">,</span> <span class="k">const</span> <span class="n">gid_t</span> <span class="o">*</span><span class="k">const</span> <span class="n">groups</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// Check each group in the new groups array</span> <span class="k">for</span> <span class="p">(</span><span class="kt">int</span> <span class="n">new_idx</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span> <span class="n">new_idx</span> <span class="o">&lt;</span> <span class="n">ngroups</span><span class="p">;</span> <span class="o">++</span><span class="n">new_idx</span><span class="p">)</span> <span class="p">{</span> <span class="k">const</span> <span class="n">gid_t</span> <span class="n">gid</span> <span class="o">=</span> <span class="n">groups</span><span class="p">[</span><span class="n">new_idx</span><span class="p">];</span> <span class="n">bool</span> <span class="n">may_accept</span> <span class="o">=</span> <span class="nb">false</span><span class="p">;</span> <span class="c1">// Apply same rule logic as setcred supplementary groups</span> <span class="c1">// but work directly with the groups array</span> <span class="p">}</span> <span class="k">return</span> <span class="p">(</span><span class="mi">0</span><span class="p">);</span> <span class="p">}</span> </code></pre> </div> <p><strong>MAC Framework Integration</strong><br><br> Beyond the module changes, this required extending the MAC framework itself. I added new MAC policy entry points in the kernel:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight c"><code><span class="c1">// In mac_policy.h</span> <span class="k">typedef</span> <span class="nf">void</span> <span class="p">(</span><span class="o">*</span><span class="n">mpo_cred_setuid_enter_t</span><span class="p">)(</span><span class="kt">void</span><span class="p">);</span> <span class="k">typedef</span> <span class="nf">int</span> <span class="p">(</span><span class="o">*</span><span class="n">mpo_cred_check_setuid_t</span><span class="p">)(</span><span class="k">struct</span> <span class="n">ucred</span> <span class="o">*</span><span class="n">cred</span><span class="p">,</span> <span class="n">uid_t</span> <span class="n">uid</span><span class="p">);</span> <span class="k">typedef</span> <span class="nf">void</span> <span class="p">(</span><span class="o">*</span><span class="n">mpo_cred_setuid_exit_t</span><span class="p">)(</span><span class="kt">void</span><span class="p">);</span> <span class="c1">// ... and similar for all other syscalls</span> <span class="c1">// In kern_prot.c - example for setuid()</span> <span class="n">MAC_CRED_SETUID_ENTER</span><span class="p">();</span> <span class="n">error</span> <span class="o">=</span> <span class="n">priv_check_cred</span><span class="p">(</span><span class="n">oldcred</span><span class="p">,</span> <span class="n">PRIV_CRED_SETUID</span><span class="p">);</span> <span class="n">MAC_CRED_CHECK_SETUID</span><span class="p">(</span><span class="n">newcred</span><span class="p">,</span> <span class="n">uid</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="n">error</span><span class="p">)</span> <span class="p">{</span> <span class="n">MAC_CRED_SETUID_EXIT</span><span class="p">();</span> <span class="k">return</span> <span class="p">(</span><span class="n">error</span><span class="p">);</span> <span class="p">}</span> <span class="c1">// ... perform the actual credential change</span> <span class="n">MAC_CRED_SETUID_EXIT</span><span class="p">();</span> </code></pre> </div> <p>Finally, I registered all the new hooks in the MAC policy operations structure:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight c"><code><span class="k">static</span> <span class="k">struct</span> <span class="n">mac_policy_ops</span> <span class="n">do_ops</span> <span class="o">=</span> <span class="p">{</span> <span class="c1">// Original hooks</span> <span class="p">.</span><span class="n">mpo_cred_setcred_enter</span> <span class="o">=</span> <span class="n">mac_do_setcred_enter</span><span class="p">,</span> <span class="p">.</span><span class="n">mpo_cred_check_setcred</span> <span class="o">=</span> <span class="n">mac_do_check_setcred</span><span class="p">,</span> <span class="p">.</span><span class="n">mpo_cred_setcred_exit</span> <span class="o">=</span> <span class="n">mac_do_setcred_exit</span><span class="p">,</span> <span class="c1">// New UID syscall hooks</span> <span class="p">.</span><span class="n">mpo_cred_setuid_enter</span> <span class="o">=</span> <span class="n">mac_do_setuid_enter</span><span class="p">,</span> <span class="p">.</span><span class="n">mpo_cred_check_setuid</span> <span class="o">=</span> <span class="n">mac_do_check_setuid</span><span class="p">,</span> <span class="p">.</span><span class="n">mpo_cred_setuid_exit</span> <span class="o">=</span> <span class="n">mac_do_setuid_exit</span><span class="p">,</span> <span class="p">.</span><span class="n">mpo_cred_seteuid_enter</span> <span class="o">=</span> <span class="n">mac_do_seteuid_enter</span><span class="p">,</span> <span class="p">.</span><span class="n">mpo_cred_check_seteuid</span> <span class="o">=</span> <span class="n">mac_do_check_seteuid</span><span class="p">,</span> <span class="p">.</span><span class="n">mpo_cred_seteuid_exit</span> <span class="o">=</span> <span class="n">mac_do_seteuid_exit</span><span class="p">,</span> <span class="c1">// ... and similar triplets for all other syscalls</span> <span class="p">};</span> </code></pre> </div> <p><strong>The Result: Comprehensive Coverage</strong><br><br> This implementation allows credential transitions from any standard POSIX credential-changing function, not only <code>setcred(2)</code>, to be authorized by <code>mac_do(4)</code>. With <code>mac_do(4)</code> control, applications can now be deployed without setuid bits and still execute the required <strong>privilege</strong> <strong>escalations</strong>. All syscalls use the same rule syntax; for example, <code>uid=1000&gt;uid=0</code> will allow transitions to root through <code>setuid(2)</code>, <code>seteuid(2)</code>, or any other suitable syscall. <strong>Per-thread data isolation</strong>, appropriate cleanup on exceptions, and uniform rule application across all code paths are among the safety guarantees that the infrastructure upholds, just like the original <code>setcred(2)</code> implementation.</p> <h2> mdo(1) improvements </h2> <p><code>mdo(1)</code> is the companion userland program to <code>mac_do(4)</code> used for changing credentials by requesting <code>mac_do(4)</code> using the novel <code>setcred(2)</code> system call. Initially, it could only change to a target user.</p> <p>I had two objectives for this program:</p> <ol> <li><p>Extend <code>mdo(1)</code> to allow setting the <strong>primary</strong> <strong>group</strong> and secondary groups list, allowing <strong>explicit</strong> <strong>UID</strong> and <strong>GID</strong> overrides, and enabling users to have <strong>fine</strong>-<strong>grain</strong> control over the credentials.</p></li> <li><p>Allowing users to print the target part of <code>mac_do(4)</code> rules corresponding to the requested transition.</p></li> </ol> <h3> Objective 1: From Simple User Switching to Fine-Grained Credential Control </h3> <p>The original <code>mdo(1)</code> utility was quite basic; it could switch to a different user and either keep the current groups or replace them entirely with the target user's groups. The interface was minimal:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight c"><code><span class="k">while</span> <span class="p">((</span><span class="n">ch</span> <span class="o">=</span> <span class="n">getopt</span><span class="p">(</span><span class="n">argc</span><span class="p">,</span> <span class="n">argv</span><span class="p">,</span> <span class="s">"u:i"</span><span class="p">))</span> <span class="o">!=</span> <span class="o">-</span><span class="mi">1</span><span class="p">)</span> <span class="p">{</span> <span class="k">switch</span> <span class="p">(</span><span class="n">ch</span><span class="p">)</span> <span class="p">{</span> <span class="k">case</span> <span class="sc">'u'</span><span class="p">:</span> <span class="n">username</span> <span class="o">=</span> <span class="n">optarg</span><span class="p">;</span> <span class="k">break</span><span class="p">;</span> <span class="k">case</span> <span class="sc">'i'</span><span class="p">:</span> <span class="n">uidonly</span> <span class="o">=</span> <span class="nb">true</span><span class="p">;</span> <span class="c1">// Keep current groups</span> <span class="k">break</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>The enhanced version now supports a comprehensive set of options for precise credential control:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Basic usage remains the same</span> mdo <span class="nt">-u</span> alice <span class="nb">id</span> <span class="c"># But now you can do much more:</span> mdo <span class="nt">-u</span> bob <span class="nt">-g</span> wheel <span class="nt">-G</span> staff,operator /bin/sh mdo <span class="nt">-u</span> alice <span class="nt">-s</span> @,+wheel,+operator /usr/bin/id mdo <span class="nt">--ruid</span> 1002 <span class="nt">--svgid</span> 1003 <span class="nt">--egid</span> 1004 /bin/id </code></pre> </div> <p>Managing usernames and numeric IDs correctly was one of the initial difficulties. This logic was disjointed and a little brittle in the original code. I developed specific functions for parsing and checking stuff.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight c"><code><span class="k">static</span> <span class="n">uid_t</span> <span class="nf">parse_user_pwd</span><span class="p">(</span><span class="k">const</span> <span class="kt">char</span> <span class="o">*</span><span class="n">s</span><span class="p">,</span> <span class="k">struct</span> <span class="n">passwd</span> <span class="o">**</span><span class="n">pwd</span><span class="p">);</span> <span class="k">static</span> <span class="n">uid_t</span> <span class="nf">parse_user</span><span class="p">(</span><span class="k">const</span> <span class="kt">char</span> <span class="o">*</span><span class="n">s</span><span class="p">);</span> <span class="k">static</span> <span class="n">gid_t</span> <span class="nf">parse_group</span><span class="p">(</span><span class="k">const</span> <span class="kt">char</span> <span class="o">*</span><span class="n">s</span><span class="p">);</span> <span class="k">static</span> <span class="n">gid_t</span> <span class="o">*</span><span class="nf">realloc_groups</span><span class="p">(</span><span class="n">gid_t</span> <span class="o">*</span><span class="n">array</span><span class="p">,</span> <span class="kt">size_t</span> <span class="n">new_count</span><span class="p">);</span> <span class="k">static</span> <span class="kt">int</span> <span class="nf">id_cmp</span><span class="p">(</span><span class="k">const</span> <span class="kt">size_t</span> <span class="o">*</span><span class="n">id_a</span><span class="p">,</span> <span class="k">const</span> <span class="kt">size_t</span> <span class="o">*</span><span class="n">id_b</span><span class="p">);</span> <span class="k">static</span> <span class="kt">size_t</span> <span class="nf">remove_duplicates</span><span class="p">(</span><span class="n">gid_t</span> <span class="o">*</span><span class="n">array</span><span class="p">,</span> <span class="kt">size_t</span> <span class="n">count</span><span class="p">);</span> <span class="k">static</span> <span class="kt">size_t</span> <span class="nf">remove_groups_from_array</span><span class="p">(</span><span class="n">gid_t</span> <span class="o">*</span><span class="n">array</span><span class="p">,</span> <span class="kt">size_t</span> <span class="n">count</span><span class="p">,</span> <span class="k">const</span> <span class="n">gid_t</span> <span class="o">*</span><span class="n">remove_list</span><span class="p">,</span> <span class="kt">size_t</span> <span class="n">remove_count</span><span class="p">);</span> </code></pre> </div> <p>Then in the <code>main()</code> function, I started handling each option, starting with the user-related options, which were more straightforward than the group handling. I performed the relevant checks related to the absence of <code>-i</code>, <code>-g</code> or any explicit GID override, then moved on to setting the explicit UID options too. The most complex part was implementing the group management features. The new tool needed to support three different ways of specifying groups:</p> <p><strong>1. Exact Group Lists (</strong><code>-G</code><strong>):</strong> Specify precisely which supplementary groups to have:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>mdo <span class="nt">-u</span> bob <span class="nt">-G</span> wheel,staff,operator /bin/sh </code></pre> </div> <p><strong>2. Group Modifications (</strong><code>-s</code><strong>):</strong> Add/remove groups with a powerful syntax:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>mdo <span class="nt">-u</span> alice <span class="nt">-s</span> @,+wheel,+operator,-staff /usr/bin/id </code></pre> </div> <p><strong>3. Smart Defaults:</strong> Inherit from the user database or the current process as appropriate.</p> <p>The group modification syntax was particularly interesting to implement:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight c"><code><span class="k">while</span> <span class="p">((</span><span class="n">tok</span> <span class="o">=</span> <span class="n">strsep</span><span class="p">(</span><span class="o">&amp;</span><span class="n">p</span><span class="p">,</span> <span class="s">","</span><span class="p">))</span> <span class="o">!=</span> <span class="nb">NULL</span><span class="p">)</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(</span><span class="o">*</span><span class="n">tok</span> <span class="o">==</span> <span class="sc">'\0'</span><span class="p">)</span> <span class="k">continue</span><span class="p">;</span> <span class="k">if</span> <span class="p">(</span><span class="n">tok</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span> <span class="o">==</span> <span class="sc">'@'</span><span class="p">)</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(</span><span class="n">i</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">)</span> <span class="n">errx</span><span class="p">(</span><span class="n">EXIT_FAILURE</span><span class="p">,</span> <span class="s">"'@' must be the first token in -s option"</span><span class="p">);</span> <span class="n">supp_groups_reset</span> <span class="o">=</span> <span class="nb">true</span><span class="p">;</span> <span class="c1">// Start with empty group list</span> <span class="p">}</span> <span class="k">else</span> <span class="k">if</span> <span class="p">(</span><span class="n">tok</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span> <span class="o">==</span> <span class="sc">'+'</span> <span class="o">||</span> <span class="n">tok</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span> <span class="o">==</span> <span class="sc">'-'</span><span class="p">)</span> <span class="p">{</span> <span class="n">bool</span> <span class="n">is_add</span> <span class="o">=</span> <span class="n">tok</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span> <span class="o">==</span> <span class="sc">'+'</span><span class="p">;</span> <span class="k">const</span> <span class="kt">char</span> <span class="o">*</span><span class="n">gstr</span> <span class="o">=</span> <span class="n">tok</span> <span class="o">+</span> <span class="mi">1</span><span class="p">;</span> <span class="n">gid</span> <span class="o">=</span> <span class="n">parse_group</span><span class="p">(</span><span class="n">gstr</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="n">is_add</span><span class="p">)</span> <span class="p">{</span> <span class="n">supp_groups_add</span> <span class="o">=</span> <span class="n">realloc_groups</span><span class="p">(</span><span class="n">supp_groups_add</span><span class="p">,</span> <span class="n">add_count</span> <span class="o">+</span> <span class="mi">1</span><span class="p">);</span> <span class="n">supp_groups_add</span><span class="p">[</span><span class="n">add_count</span><span class="o">++</span><span class="p">]</span> <span class="o">=</span> <span class="n">gid</span><span class="p">;</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="n">groups_supp_del</span> <span class="o">=</span> <span class="n">realloc_groups</span><span class="p">(</span><span class="n">groups_supp_del</span><span class="p">,</span> <span class="n">rem_count</span> <span class="o">+</span> <span class="mi">1</span><span class="p">);</span> <span class="n">groups_supp_del</span><span class="p">[</span><span class="n">rem_count</span><span class="o">++</span><span class="p">]</span> <span class="o">=</span> <span class="n">gid</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p><strong>Managing Dynamic Arrays and Memory:</strong><br><br> Working with supplementary groups meant dealing with dynamic arrays that could grow and shrink. I needed utility functions for array manipulation:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight c"><code><span class="k">static</span> <span class="kt">size_t</span> <span class="nf">remove_duplicates</span><span class="p">(</span><span class="n">gid_t</span> <span class="o">*</span><span class="n">array</span><span class="p">,</span> <span class="kt">size_t</span> <span class="n">count</span><span class="p">)</span> <span class="p">{</span> <span class="kt">size_t</span> <span class="n">j</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span> <span class="k">if</span> <span class="p">(</span><span class="n">count</span> <span class="o">&lt;=</span> <span class="mi">1</span><span class="p">)</span> <span class="k">return</span> <span class="p">(</span><span class="n">count</span><span class="p">);</span> <span class="n">qsort</span><span class="p">(</span><span class="n">array</span><span class="p">,</span> <span class="n">count</span><span class="p">,</span> <span class="k">sizeof</span><span class="p">(</span><span class="n">gid_t</span><span class="p">),</span> <span class="n">gid_cmp</span><span class="p">);</span> <span class="c1">// Remove consecutive duplicates</span> <span class="k">for</span> <span class="p">(</span><span class="kt">size_t</span> <span class="n">i</span> <span class="o">=</span> <span class="mi">1</span><span class="p">;</span> <span class="n">i</span> <span class="o">&lt;</span> <span class="n">count</span><span class="p">;</span> <span class="n">i</span><span class="o">++</span><span class="p">)</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(</span><span class="n">array</span><span class="p">[</span><span class="n">i</span><span class="p">]</span> <span class="o">!=</span> <span class="n">array</span><span class="p">[</span><span class="n">j</span><span class="p">])</span> <span class="p">{</span> <span class="n">array</span><span class="p">[</span><span class="o">++</span><span class="n">j</span><span class="p">]</span> <span class="o">=</span> <span class="n">array</span><span class="p">[</span><span class="n">i</span><span class="p">];</span> <span class="p">}</span> <span class="p">}</span> <span class="k">return</span> <span class="p">(</span><span class="n">j</span> <span class="o">+</span> <span class="mi">1</span><span class="p">);</span> <span class="p">}</span> </code></pre> </div> <p>Much more intricate <strong>decision</strong> <strong>trees</strong> had to be handled by the updated version. For instance, explicitly specifying users is incompatible with the -k flag (keep current user):<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight c"><code><span class="k">if</span> <span class="p">(</span><span class="n">start_from_current_user</span> <span class="o">&amp;&amp;</span> <span class="p">(</span><span class="n">username_provided</span> <span class="o">||</span> <span class="n">ruid_str</span> <span class="o">!=</span> <span class="nb">NULL</span> <span class="o">||</span> <span class="n">svuid_str</span> <span class="o">!=</span> <span class="nb">NULL</span> <span class="o">||</span> <span class="n">euid_str</span> <span class="o">!=</span> <span class="nb">NULL</span><span class="p">))</span> <span class="n">errx</span><span class="p">(</span><span class="n">EXIT_FAILURE</span><span class="p">,</span> <span class="s">"-k incompatible with -u or specifying all users"</span><span class="p">);</span> </code></pre> </div> <p>And when we don't have a passwd entry but need to set groups, we must have explicit group specifications:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight c"><code><span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="n">start_from_current_groups</span> <span class="o">&amp;&amp;</span> <span class="n">pw</span> <span class="o">==</span> <span class="nb">NULL</span> <span class="o">&amp;&amp;</span> <span class="n">primary_group</span> <span class="o">==</span> <span class="nb">NULL</span> <span class="o">&amp;&amp;</span> <span class="p">(</span><span class="n">rgid_str</span> <span class="o">==</span> <span class="nb">NULL</span> <span class="o">||</span> <span class="n">svgid_str</span> <span class="o">==</span> <span class="nb">NULL</span> <span class="o">||</span> <span class="n">egid_str</span> <span class="o">==</span> <span class="nb">NULL</span><span class="p">))</span> <span class="n">errx</span><span class="p">(</span><span class="n">EXIT_FAILURE</span><span class="p">,</span> <span class="s">"must specify primary groups or a user with an entry in the password database"</span><span class="p">);</span> </code></pre> </div> <h3> Objective 2: Implementing --print-rule. </h3> <p>The only thing I had to do here was add this at the end:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight c"><code><span class="k">if</span> <span class="p">(</span><span class="n">print_rule</span><span class="p">)</span> <span class="p">{</span> <span class="n">fprintf</span><span class="p">(</span><span class="n">stdout</span><span class="p">,</span> <span class="s">"uid=%u,gid=%u,"</span><span class="p">,</span> <span class="n">wcred</span><span class="p">.</span><span class="n">sc_uid</span><span class="p">,</span> <span class="n">wcred</span><span class="p">.</span><span class="n">sc_gid</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="n">setcred_flags</span> <span class="o">&amp;</span> <span class="n">SETCREDF_SUPP_GROUPS</span> <span class="o">&amp;&amp;</span> <span class="n">wcred</span><span class="p">.</span><span class="n">sc_supp_groups_nb</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">)</span> <span class="p">{</span> <span class="n">fprintf</span><span class="p">(</span><span class="n">stdout</span><span class="p">,</span> <span class="s">"+gid="</span><span class="p">);</span> <span class="k">for</span> <span class="p">(</span><span class="kt">size_t</span> <span class="n">i</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span> <span class="n">i</span> <span class="o">&lt;</span> <span class="n">wcred</span><span class="p">.</span><span class="n">sc_supp_groups_nb</span><span class="p">;</span> <span class="n">i</span><span class="o">++</span><span class="p">)</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(</span><span class="n">i</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">)</span> <span class="n">fprintf</span><span class="p">(</span><span class="n">stdout</span><span class="p">,</span> <span class="s">","</span><span class="p">);</span> <span class="n">fprintf</span><span class="p">(</span><span class="n">stdout</span><span class="p">,</span> <span class="s">"%u"</span><span class="p">,</span> <span class="n">wcred</span><span class="p">.</span><span class="n">sc_supp_groups</span><span class="p">[</span><span class="n">i</span><span class="p">]);</span> <span class="p">}</span> <span class="p">}</span> <span class="n">fprintf</span><span class="p">(</span><span class="n">stdout</span><span class="p">,</span> <span class="s">"</span><span class="se">\n</span><span class="s">"</span><span class="p">);</span> <span class="n">exit</span><span class="p">(</span><span class="mi">0</span><span class="p">);</span> <span class="p">}</span> </code></pre> </div> <h2> Conclusion </h2> <p>I tried to fit as many technicalities as I could include in a small article, but truth be told, the actual project was way more involved than what I could show here. Those unending kernel crashes, VM restarts, hair-tearing moments while debugging. With every problem I tried to solve, it felt like how little I knew, and I had to learn everything on the go. With this, My Google Summer of Code Journey comes to an end. Hope you liked it!</p> <h2> TL;DR </h2> <p><strong>Go and read it.</strong></p> programming opensource freebsd kernel My Google Summer of Code Journey: Part 2 Kushagra Srivastava Tue, 16 Sep 2025 08:53:24 +0000 https://dev.to/thesynthax/my-google-summer-of-code-journey-part-2-4355 https://dev.to/thesynthax/my-google-summer-of-code-journey-part-2-4355 <h2> From failing to cracking to passing GSoC 2025 </h2> <p>In the <a href="https://dev.to/thesynthax/my-google-summer-of-code-journey-part-1-573f">previous blog</a>, I shared my story of dreaming, attempting, and failing GSoC. This one is about learning from my <strong>earlier mistakes</strong>, applying my knowledge, getting <strong>accepted</strong> into GSoC, and eventually passing it. I will discuss the details and technicalities in Part 3 of this blog.</p> <h2> Before getting accepted (Oct 2024 - Apr 2025) </h2> <p>It is October 2024, and I’m in my <strong>pre-final year</strong>. Over the summer, I had built some projects (more about them in the upcoming blogs), and I’d decided I wanted to dive into <strong>lower-level areas of software development</strong>: operating systems, <strong>kernels</strong>, networking, virtualization, and <strong>graphics</strong>. I started learning about system calls, kernel development, Linux internals, drivers, etc., but couldn’t go very deep because of time and college work.</p> <p>By the end of this semester (<strong>November</strong>), I had three organizations in my mind: The <strong>FreeBSD</strong> Project (OS), Haiku (OS), and FFmpeg (graphics). Now there is a reason for this. These orgs have a good track record of returning to GSoC each year, and their project ideas are posted on the ideas page all year round.</p> <p>Now,</p> <ol> <li>Haiku was written in C++, and the community wasn’t active.</li> <li> <strong>FFmpeg</strong> was tempting (filters, <strong>encoders</strong>, Vulkan, SIMD), but my college senior, who did GSoC 2024 with them, <strong>strictly warned me against it</strong> due to poor documentation and community support.</li> <li>That left <strong>FreeBSD</strong>, which I eventually picked by January 2025. (Lucky choice, since Haiku didn’t even make it to GSoC 2025.)</li> </ol> <p>Now things were different this time. I chose an organization that is <strong>not crowded</strong>, unlike most webdev organizations, like Rocket.Chat, so I did not have to worry about much <strong>competition</strong>. This is an <strong>advantage</strong> of choosing a tech stack like this (C, OS, kernels, etc).</p> <p>I went through the idea list and chose two projects to make proposals for:</p> <ol> <li> <strong>mac_do(4) and mdo(1) improvements</strong> (kernel security module)</li> <li> <strong>adding compressed qcow2 images creation using mkimg(1)</strong> (userland tool)</li> </ol> <p>This time, I <strong>didn’t contribute</strong> at all (which was a <strong>risky</strong> move), but I immediately started <strong>contacting mentors</strong> once orgs were announced. I read the FreeBSD Handbook, studied some code, and pestered ChatGPT endlessly, constantly learning new things about the things required to work on the project. I <strong>got replies</strong> from <strong>both mentors</strong>, answering all my queries.</p> <p>By March 2025, I was writing proposals for both projects <strong>simultaneously</strong>. It took me <strong>23</strong> days. I sent drafts to both mentors; one replied (kernel project) with some corrections, but said it <strong>looked solid</strong>. I was more confident about the <strong>userland</strong> project; it felt easier than kernel-level work. Unlike the previous year, this time I <strong>focused well on the proposals</strong>. The mentor and I exchanged emails for a few days before I submitted my final proposal on April 8, 2025.</p> <h2> Getting Accepted and Community Bonding (May 2025) </h2> <p>May 8, 2025, it’s 11:30 pm. No email.<br> 11:35 pm. Still nothing.<br> 11:42 pm. I got an email. I got <strong>rejected</strong>.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fy7wtaohrw8esztq0mjfo.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fy7wtaohrw8esztq0mjfo.png" alt="GSoC 2025 Acceptance email" width="800" height="410"></a></p> <p>I was devastated; those countless hours of learning, understanding deep concepts, and creating proposals, gone. I was shocked because I was pretty confident, but then, as I was accepting my reality that I wasn’t cut out for GSoC, I got an email saying, “GSoC 2025: <strong>Congratulations</strong>, your proposal with The <strong>FreeBSD</strong> Project has been accepted!”. (The previous mail was for the other proposal that I submitted.)</p> <p>I was ecstatic! A dream of <strong>seven years</strong> is finally coming true! I was hoping that the other project got selected, but at this point, it didn’t matter. I got selected for the “<strong>mac_do(4) and mdo(1) improvements</strong>” project.</p> <p>During the community bonding period, nothing much happened because my mentor was away for work, and I was chilling too, not putting much effort into learning more. This was a <strong>mistake</strong> that came back to bite me during the <strong>coding period</strong>.</p> <h2> The Coding Period (Jun 2025 - Aug 2025) </h2> <h3> June </h3> <p>My mentor and I connect on Signal. We have our first call to discuss our first task on the <code>mac_do(4)</code> kernel security module (the most difficult of the three tasks). And <strong>I was blank</strong>. What I wrote in my proposal only covered <strong>half of what was required</strong>. When the remaining details were being discussed, I didn’t know what to do or how to do it.</p> <p>Anyway, I started <strong>coding</strong>. After about three weeks, I opened a PR and took a break for a few days, while my mentor <strong>reviewed</strong> it, and I came to know that whatever I had coded was <strong>complete and utter BS</strong> (well, not exactly, but…). I had to <strong>refactor</strong> my code from scratch, <strong>rewrite</strong> most of the functions, and manage <strong>memory</strong> well while handling the <strong>kernel-level concurrency</strong> of the main <code>struct conf</code> that I had to work on. This task was difficult due to these concepts. Debugging was brutal; every memory management mistake risked a kernel panic and VM restart. I refactored my code for the rest of the month and opened a new PR.</p> <h3> July </h3> <p>I switched to the second task on the <code>mdo(1)</code> tool. This was a relatively easy task. I had to mainly add <strong>new functionalities</strong> and features to the existing minimal tool. This part felt chill, and after about ten days or so, I opened a PR for this task.</p> <p>My mentor gave an extensive review of the first task’s PR. Issues: memory leaks, <strong>use-after-free</strong> bugs, and <code>jail mutex</code> problems causing crashes. It seems a bit easier now, but just a few months back from today, I did not know what the hell I was doing. I had my mid-term evaluations that month, and thankfully, <strong>I passed</strong>. When I had my first call with my mentor in June, I was confident I would fail the mid-term evals. Anyway, I <strong>worked on the issues</strong> pointed out by my mentor, and July ended.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F2gbtaves87uvlk1ur4zm.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F2gbtaves87uvlk1ur4zm.png" alt="Midsem completion email" width="643" height="390"></a></p> <h3> August </h3> <p>By now, <strong>75%</strong> of the work was done on <strong>both</strong> tasks. The second task was almost complete, but the first task <strong>haunted</strong> me with a <strong>mysterious bug</strong>. Days and nights blurred as I tried to find it. I was afraid there was less time left since the third task <strong>hadn’t even been touched</strong>. I found the bug, fixed it, and immediately started working on the new task.</p> <p>My mentor and I discussed the third task, <strong>and I was blank again</strong>. This time, apparently, the task wasn’t difficult, but I was just not exposed to the files that he pointed out during the call, which I <strong>missed</strong> during my proposal. Anyway, I did that task in about two days, working about <strong>sixteen hours a day</strong>, because significant work remained, and only <strong>ten days</strong> remained until the end. In the final week, I wrapped up everything, added <strong>ATF tests</strong>, and fixed <strong>last-minute issues</strong> just before the deadline.</p> <h2> Looking Back </h2> <p>All in all, this was a wild experience for me. Coming from a <strong>not-so-low-level programming</strong> background, to completing a project that involved knowledge about <strong>deep kernel-level concurrency</strong>, it was a <strong>ride</strong>. This journey was an extremely fulfilling experience, and I felt a <strong>95% expansion</strong> of my brain after completing it.</p> <p>And yes, I <strong>passed my final evaluations</strong> and successfully <strong>completed</strong> Google Summer of Code 2025.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Foljyhkpsaehnhs1ieaio.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Foljyhkpsaehnhs1ieaio.png" alt="GSoC 2025 completion email" width="800" height="374"></a></p> <p>What did I learn?</p> <ol> <li>Orgs can skip GSoC some years, even with a long track record.</li> <li>I got lucky: I picked a project way beyond my league, and learned things the hard way.</li> <li>Maybe don’t slack off during the Community Bonding period.</li> </ol> <p>I’m genuinely thankful to my mentor, <strong>Olivier Certner</strong>, for being patient with my endless mistakes and questions, and to <strong>The FreeBSD Project</strong> for giving me the opportunity to work on something way beyond my comfort zone. Without their support, I wouldn’t have made it through.</p> programming kernel freebsd opensource My Google Summer of Code Journey: Part 1 Kushagra Srivastava Mon, 15 Sep 2025 14:47:21 +0000 https://dev.to/thesynthax/my-google-summer-of-code-journey-part-1-573f https://dev.to/thesynthax/my-google-summer-of-code-journey-part-1-573f <h2> My first failed attempt at GSoC (The history) </h2> <p>It’s 2018, I’m in class 10th, scrolling YouTube, and I stumble upon Google Summer of Code. I used to watch many videos related to software development back then. I am immediately fascinated by the program (initially, honestly, due to the crazy $5500 stipend it used to offer). I was bummed that students under 18 could not participate, but I decided <strong>I had to do it at least once during my undergrad.</strong></p> <p>Fast forward to <strong>early 2023</strong>, my 2nd year of B.Tech. This was the first time I actually tried to understand what it takes to get accepted into GSoC. I started watching videos about GSoC, checking out organizations, <strong>digging into old proposals online</strong>, and getting overwhelmed by the details and technicalities mentioned in those proposals. At this point, I was wading here and there, without any clear goals for my target organization, my choice of tech stack, or even whether I wanted to do GSoC. <strong>I didn’t have the programming and soft skills</strong> back then to even think about cracking GSoC (I will talk more about my technical journey in the upcoming blogs).</p> <p>Moving on to <strong>December 2023</strong>, I was into Full-stack Web Development. Again, <strong>I binged too many videos</strong> on YouTube about “how to crack GSoC”. But this time, my motivation had shifted. It wasn’t the stipend anymore, but the love for open-source (more about it in the upcoming blogs). I genuinely wanted to fulfill my dream from 5 years ago, contribute something meaningful to the organizations, and <strong>put my skills to good use</strong>.</p> <p>Here’s the problem, though: <strong>I watched too many videos that were catered to the Indian audience</strong>. The problem with that is that most of these videos talk about cracking GSoC as if it is some competition (<strong>JEEfication of GSoC</strong>), but very few of them actually talk about the fundamentals that must be focused on to get accepted in GSoC; most talk about the tips and tricks. They say you must start very early (<strong>by September-October</strong>) to get into GSoC, which I feel is untrue. I have seen many people around me getting accepted in just two months. I’d be lying if I said I did not use some of these “tips and tricks.” However, if you focus on the fundamentals, <strong>show that you are worth something</strong>, and communicate effectively, you will almost definitely be accepted.</p> <p>So anyway, I started shortlisting organizations according to my tech stack (It was MERN, xD. I didn’t have much choice because I only knew Game Development apart from that). I came across this golden website: <a href="https://gsocorganizations.dev" rel="noopener noreferrer">gsocorganizations.dev</a>. I selected all the years from 2018 to 2023, ensuring these organizations will return to GSoC in 2024 (not always, but yeah). <strong>I selected the relevant technologies, topics, and categories</strong> in the filter. I had a list of organizations at this point, namely Rocket.Chat, Zulip, Sugarlabs, and Oppia. I went with <strong>Rocket.Chat</strong>.</p> <p>The thing I liked about Rocket.Chat was that their <strong>communication</strong> system was top-notch. It used to happen on the Rocket.Chat application itself, and they created a channel for each of the project ideas that they listed. They were extremely welcoming to the community. By February 2024, I attended their meetings to learn how to create a Rocket.Chat app. In March, I started <strong>contributing</strong> to their projects, mainly to <strong>EmbeddedChat</strong>. I contributed because:</p> <ol> <li>Every YouTube guru said that you need to have at least 2-3 months of contributions to the organization in which you want to get accepted. I had only 2-3 weeks left before the deadline.</li> <li>Rocket.Chat created a leaderboard that showed the number of open PRs, merged PRs, and issues you’ve opened. You can check it out at <a href="https://gsoc.rocket.chat" rel="noopener noreferrer">gsoc.rocket.chat</a>.</li> </ol> <p>I had mixed feelings about the leaderboard because it felt unnecessary. Anyway, I contributed mostly <strong>small to medium-sized issues</strong>, opened about <strong>7 PRs, and 4 got merged</strong>, bringing my ranking to 15 out of 200 contributors. Felt okay about it, but not great, because the top 5 people had like 15 merged PRs and were bound to get accepted.</p> <p>That year, they had a bunch of AI/LLM integration project ideas. I picked “<strong>Chat thread summarizer using AI</strong>”. And here’s where I messed up: I didn’t use my time wisely. <strong>I focused on contribution too much</strong> and didn’t actually work on my proposal until the <strong>very last day</strong> (I know it's foolish).</p> <p>April 2, 2024, I woke up early and started building my proposal. Some ideas and <strong>implementation details</strong> were discussed in this project’s channel, but <strong>I barely talked to the potential mentor</strong> about the details, and I just started writing independently. I wrote whatever I knew could be relevant to the project, why it could be helpful, the implementation details, the timeline, the future work, etc. Honestly, <strong>the proposal wasn’t strong</strong>. I missed a lot of details.</p> <p>Meanwhile, this other guy who joined in March skyrocketed to rank 3 in just days and picked the same project idea. Looking at his contributions, I already knew he was going to beat me. Still, I wanted to at least finish and submit. At 6:30 pm (deadline was 11:30 pm), I submitted my proposal and called it a day.</p> <p>It’s May 1, 2024, and the results are announced. I knew <strong>I wasn’t going to get selected</strong>. And guess what… I did not get selected.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fula5ku9n3kf3byyqlw4f.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fula5ku9n3kf3byyqlw4f.png" alt="Image showing my rejection mail for GSoC 2024" width="800" height="293"></a></p> <p>That same guy got selected. I reached out to him and asked if he’d share his proposal. He did. And I was blown away. For what seemed like a small project, he had written a <strong>super-detailed proposal</strong>, covering every corner, but he was right in doing so, trying not to miss any details. I learnt a lot from his proposal and this journey. I just moved on to improve more.</p> <p>What did I learn?</p> <ol> <li> <strong>Stop binging videos</strong> and chasing “tips and tricks”.</li> <li>Focus on the fundamentals. Improve tech skills. Contribute. S*<em>how your worth. Communicate</em>*.</li> <li>Proposal vs Contributions? Honestly, depends on the org. If you’re unsure, focus on both equally.</li> </ol> <h3> Stay tuned for the comeback in the next part! </h3> programming webdev opensource softwaredevelopment