[PATCH bpf-next v2 1/2] bpf: Remove bpf_probe_write

linux-trace-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH bpf-next v2 1/2] bpf: Remove bpf_probe_write_user() warning message
@ 2024-11-27 11:10 Marco Elver
  2024-11-27 11:10 ` [PATCH bpf-next v2 2/2] bpf: Refactor bpf_tracing_func_proto() and remove bpf_get_probe_write_proto() Marco Elver
  2024-11-27 11:49 ` [PATCH bpf-next v2 1/2] bpf: Remove bpf_probe_write_user() warning message Jiri Olsa
  0 siblings, 2 replies; 6+ messages in thread
From: Marco Elver @ 2024-11-27 11:10 UTC (permalink / raw)
  To: elver, Alexei Starovoitov, Daniel Borkmann, Andrii Nakryiko
  Cc: Martin KaFai Lau, Eduard Zingerman, Song Liu, Yonghong Song,
	John Fastabend, KP Singh, Stanislav Fomichev, Hao Luo, Jiri Olsa,
	Nikola Grcevski, bpf, linux-trace-kernel, linux-kernel

The warning message for bpf_probe_write_user() was introduced in
96ae52279594 ("bpf: Add bpf_probe_write_user BPF helper to be called in
tracers"), with the following in the commit message:

    Given this feature is meant for experiments, and it has a risk of
    crashing the system, and running programs, we print a warning on
    when a proglet that attempts to use this helper is installed,
    along with the pid and process name.

After 8 years since 96ae52279594, bpf_probe_write_user() has found
successful applications beyond experiments [1, 2], with no other good
alternatives. Despite its intended purpose for "experiments", that
doesn't stop Hyrum's law, and there are likely many more users depending
on this helper: "[..] it does not matter what you promise [..] all
observable behaviors of your system will be depended on by somebody."

The ominous "helper that may corrupt user memory!" has offered no real
benefit, and has been found to lead to confusion where the system
administrator is loading programs with valid use cases.

As such, remove the warning message.

Link: https://lore.kernel.org/lkml/20240404190146.1898103-1-elver@google.com/ [1]
Link: https://lore.kernel.org/r/lkml/CAAn3qOUMD81-vxLLfep0H6rRd74ho2VaekdL4HjKq+Y1t9KdXQ@mail.gmail.com/ [2]
Link: https://lore.kernel.org/all/CAEf4Bzb4D_=zuJrg3PawMOW3KqF8JvJm9SwF81_XHR2+u5hkUg@mail.gmail.com/
Signed-off-by: Marco Elver <elver@google.com>
---
v2:
* Just delete the message entirely (suggested by Andrii Nakryiko)
---
 kernel/trace/bpf_trace.c | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
index 630b763e5240..0ab56af2e298 100644
--- a/kernel/trace/bpf_trace.c
+++ b/kernel/trace/bpf_trace.c
@@ -362,9 +362,6 @@ static const struct bpf_func_proto *bpf_get_probe_write_proto(void)
 	if (!capable(CAP_SYS_ADMIN))
 		return NULL;
 
-	pr_warn_ratelimited("%s[%d] is installing a program with bpf_probe_write_user helper that may corrupt user memory!",
-			    current->comm, task_pid_nr(current));
-
 	return &bpf_probe_write_user_proto;
 }
 
-- 
2.47.0.338.g60cca15819-goog


^ permalink raw reply related	[flat|nested] 6+ messages in thread

* [PATCH bpf-next v2 2/2] bpf: Refactor bpf_tracing_func_proto() and remove bpf_get_probe_write_proto()
  2024-11-27 11:10 [PATCH bpf-next v2 1/2] bpf: Remove bpf_probe_write_user() warning message Marco Elver
@ 2024-11-27 11:10 ` Marco Elver
  2024-11-27 11:49   ` Jiri Olsa
  2024-11-27 12:06   ` Marco Elver
  2024-11-27 11:49 ` [PATCH bpf-next v2 1/2] bpf: Remove bpf_probe_write_user() warning message Jiri Olsa
  1 sibling, 2 replies; 6+ messages in thread
From: Marco Elver @ 2024-11-27 11:10 UTC (permalink / raw)
  To: elver, Alexei Starovoitov, Daniel Borkmann, Andrii Nakryiko
  Cc: Martin KaFai Lau, Eduard Zingerman, Song Liu, Yonghong Song,
	John Fastabend, KP Singh, Stanislav Fomichev, Hao Luo, Jiri Olsa,
	Nikola Grcevski, bpf, linux-trace-kernel, linux-kernel

With bpf_get_probe_write_proto() no longer printing a message, we can
avoid it being a special case with its own permission check.

Refactor bpf_tracing_func_proto() similar to bpf_base_func_proto() to
have a section conditional on bpf_token_capable(CAP_SYS_ADMIN), where
the proto for bpf_probe_write_user() is returned. Finally, remove the
unnecessary bpf_get_probe_write_proto().

This simplifies the code, and adding additional CAP_SYS_ADMIN-only
helpers in future avoids duplicating the same CAP_SYS_ADMIN check.

Suggested-by: Andrii Nakryiko <andrii@kernel.org>
Signed-off-by: Marco Elver <elver@google.com>
---
v2:
* New patch.
---
 kernel/trace/bpf_trace.c | 30 ++++++++++++++++++------------
 1 file changed, 18 insertions(+), 12 deletions(-)

diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
index 0ab56af2e298..d312b77993dc 100644
--- a/kernel/trace/bpf_trace.c
+++ b/kernel/trace/bpf_trace.c
@@ -357,14 +357,6 @@ static const struct bpf_func_proto bpf_probe_write_user_proto = {
 	.arg3_type	= ARG_CONST_SIZE,
 };
 
-static const struct bpf_func_proto *bpf_get_probe_write_proto(void)
-{
-	if (!capable(CAP_SYS_ADMIN))
-		return NULL;
-
-	return &bpf_probe_write_user_proto;
-}
-
 #define MAX_TRACE_PRINTK_VARARGS	3
 #define BPF_TRACE_PRINTK_SIZE		1024
 
@@ -1417,6 +1409,12 @@ late_initcall(bpf_key_sig_kfuncs_init);
 static const struct bpf_func_proto *
 bpf_tracing_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 {
+	const struct bpf_func_proto *func_proto;
+
+	func_proto = bpf_base_func_proto(func_id, prog);
+	if (func_proto)
+		return func_proto;
+
 	switch (func_id) {
 	case BPF_FUNC_map_lookup_elem:
 		return &bpf_map_lookup_elem_proto;
@@ -1458,9 +1456,6 @@ bpf_tracing_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 		return &bpf_perf_event_read_proto;
 	case BPF_FUNC_get_prandom_u32:
 		return &bpf_get_prandom_u32_proto;
-	case BPF_FUNC_probe_write_user:
-		return security_locked_down(LOCKDOWN_BPF_WRITE_USER) < 0 ?
-		       NULL : bpf_get_probe_write_proto();
 	case BPF_FUNC_probe_read_user:
 		return &bpf_probe_read_user_proto;
 	case BPF_FUNC_probe_read_kernel:
@@ -1539,7 +1534,18 @@ bpf_tracing_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 	case BPF_FUNC_trace_vprintk:
 		return bpf_get_trace_vprintk_proto();
 	default:
-		return bpf_base_func_proto(func_id, prog);
+		break;
+	}
+
+	if (!bpf_token_capable(prog->aux->token, CAP_SYS_ADMIN))
+		return NULL;
+
+	switch (func_id) {
+	case BPF_FUNC_probe_write_user:
+		return security_locked_down(LOCKDOWN_BPF_WRITE_USER) < 0 ?
+		       NULL : &bpf_probe_write_user_proto;
+	default:
+		return NULL;
 	}
 }
 
-- 
2.47.0.338.g60cca15819-goog


^ permalink raw reply related	[flat|nested] 6+ messages in thread

* Re: [PATCH bpf-next v2 2/2] bpf: Refactor bpf_tracing_func_proto() and remove bpf_get_probe_write_proto()
  2024-11-27 11:10 ` [PATCH bpf-next v2 2/2] bpf: Refactor bpf_tracing_func_proto() and remove bpf_get_probe_write_proto() Marco Elver
@ 2024-11-27 11:49   ` Jiri Olsa
  2024-11-27 12:06   ` Marco Elver
  1 sibling, 0 replies; 6+ messages in thread
From: Jiri Olsa @ 2024-11-27 11:49 UTC (permalink / raw)
  To: Marco Elver
  Cc: Alexei Starovoitov, Daniel Borkmann, Andrii Nakryiko,
	Martin KaFai Lau, Eduard Zingerman, Song Liu, Yonghong Song,
	John Fastabend, KP Singh, Stanislav Fomichev, Hao Luo,
	Nikola Grcevski, bpf, linux-trace-kernel, linux-kernel

On Wed, Nov 27, 2024 at 12:10:01PM +0100, Marco Elver wrote:
> With bpf_get_probe_write_proto() no longer printing a message, we can
> avoid it being a special case with its own permission check.
> 
> Refactor bpf_tracing_func_proto() similar to bpf_base_func_proto() to
> have a section conditional on bpf_token_capable(CAP_SYS_ADMIN), where
> the proto for bpf_probe_write_user() is returned. Finally, remove the
> unnecessary bpf_get_probe_write_proto().
> 
> This simplifies the code, and adding additional CAP_SYS_ADMIN-only
> helpers in future avoids duplicating the same CAP_SYS_ADMIN check.
> 
> Suggested-by: Andrii Nakryiko <andrii@kernel.org>
> Signed-off-by: Marco Elver <elver@google.com>
> ---
> v2:
> * New patch.

Acked-by: Jiri Olsa <jolsa@kernel.org>

jirka

> ---
>  kernel/trace/bpf_trace.c | 30 ++++++++++++++++++------------
>  1 file changed, 18 insertions(+), 12 deletions(-)
> 
> diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
> index 0ab56af2e298..d312b77993dc 100644
> --- a/kernel/trace/bpf_trace.c
> +++ b/kernel/trace/bpf_trace.c
> @@ -357,14 +357,6 @@ static const struct bpf_func_proto bpf_probe_write_user_proto = {
>  	.arg3_type	= ARG_CONST_SIZE,
>  };
>  
> -static const struct bpf_func_proto *bpf_get_probe_write_proto(void)
> -{
> -	if (!capable(CAP_SYS_ADMIN))
> -		return NULL;
> -
> -	return &bpf_probe_write_user_proto;
> -}
> -
>  #define MAX_TRACE_PRINTK_VARARGS	3
>  #define BPF_TRACE_PRINTK_SIZE		1024
>  
> @@ -1417,6 +1409,12 @@ late_initcall(bpf_key_sig_kfuncs_init);
>  static const struct bpf_func_proto *
>  bpf_tracing_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
>  {
> +	const struct bpf_func_proto *func_proto;
> +
> +	func_proto = bpf_base_func_proto(func_id, prog);
> +	if (func_proto)
> +		return func_proto;
> +
>  	switch (func_id) {
>  	case BPF_FUNC_map_lookup_elem:
>  		return &bpf_map_lookup_elem_proto;
> @@ -1458,9 +1456,6 @@ bpf_tracing_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
>  		return &bpf_perf_event_read_proto;
>  	case BPF_FUNC_get_prandom_u32:
>  		return &bpf_get_prandom_u32_proto;
> -	case BPF_FUNC_probe_write_user:
> -		return security_locked_down(LOCKDOWN_BPF_WRITE_USER) < 0 ?
> -		       NULL : bpf_get_probe_write_proto();
>  	case BPF_FUNC_probe_read_user:
>  		return &bpf_probe_read_user_proto;
>  	case BPF_FUNC_probe_read_kernel:
> @@ -1539,7 +1534,18 @@ bpf_tracing_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
>  	case BPF_FUNC_trace_vprintk:
>  		return bpf_get_trace_vprintk_proto();
>  	default:
> -		return bpf_base_func_proto(func_id, prog);
> +		break;
> +	}
> +
> +	if (!bpf_token_capable(prog->aux->token, CAP_SYS_ADMIN))
> +		return NULL;
> +
> +	switch (func_id) {
> +	case BPF_FUNC_probe_write_user:
> +		return security_locked_down(LOCKDOWN_BPF_WRITE_USER) < 0 ?
> +		       NULL : &bpf_probe_write_user_proto;
> +	default:
> +		return NULL;
>  	}
>  }
>  
> -- 
> 2.47.0.338.g60cca15819-goog
> 

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH bpf-next v2 2/2] bpf: Refactor bpf_tracing_func_proto() and remove bpf_get_probe_write_proto()
  2024-11-27 11:10 ` [PATCH bpf-next v2 2/2] bpf: Refactor bpf_tracing_func_proto() and remove bpf_get_probe_write_proto() Marco Elver
  2024-11-27 11:49   ` Jiri Olsa
@ 2024-11-27 12:06   ` Marco Elver
  2024-11-27 12:11     ` Daniel Borkmann
  1 sibling, 1 reply; 6+ messages in thread
From: Marco Elver @ 2024-11-27 12:06 UTC (permalink / raw)
  To: elver, Alexei Starovoitov, Daniel Borkmann, Andrii Nakryiko
  Cc: Martin KaFai Lau, Eduard Zingerman, Song Liu, Yonghong Song,
	John Fastabend, KP Singh, Stanislav Fomichev, Hao Luo, Jiri Olsa,
	Nikola Grcevski, bpf, linux-trace-kernel, linux-kernel

On Wed, 27 Nov 2024 at 12:10, Marco Elver <elver@google.com> wrote:
>
> With bpf_get_probe_write_proto() no longer printing a message, we can
> avoid it being a special case with its own permission check.
>
> Refactor bpf_tracing_func_proto() similar to bpf_base_func_proto() to
> have a section conditional on bpf_token_capable(CAP_SYS_ADMIN), where
> the proto for bpf_probe_write_user() is returned. Finally, remove the
> unnecessary bpf_get_probe_write_proto().
>
> This simplifies the code, and adding additional CAP_SYS_ADMIN-only
> helpers in future avoids duplicating the same CAP_SYS_ADMIN check.
>
> Suggested-by: Andrii Nakryiko <andrii@kernel.org>
> Signed-off-by: Marco Elver <elver@google.com>
> ---
> v2:
> * New patch.
> ---
>  kernel/trace/bpf_trace.c | 30 ++++++++++++++++++------------
>  1 file changed, 18 insertions(+), 12 deletions(-)
>
> diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
> index 0ab56af2e298..d312b77993dc 100644
> --- a/kernel/trace/bpf_trace.c
> +++ b/kernel/trace/bpf_trace.c
> @@ -357,14 +357,6 @@ static const struct bpf_func_proto bpf_probe_write_user_proto = {
>         .arg3_type      = ARG_CONST_SIZE,
>  };
>
> -static const struct bpf_func_proto *bpf_get_probe_write_proto(void)
> -{
> -       if (!capable(CAP_SYS_ADMIN))
> -               return NULL;
> -
> -       return &bpf_probe_write_user_proto;
> -}
> -
>  #define MAX_TRACE_PRINTK_VARARGS       3
>  #define BPF_TRACE_PRINTK_SIZE          1024
>
> @@ -1417,6 +1409,12 @@ late_initcall(bpf_key_sig_kfuncs_init);
>  static const struct bpf_func_proto *
>  bpf_tracing_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
>  {
> +       const struct bpf_func_proto *func_proto;
> +
> +       func_proto = bpf_base_func_proto(func_id, prog);
> +       if (func_proto)
> +               return func_proto;

As indicated by the patch robot failure, we can't move this call up
and needs to remain the last call after all others because we may
override a function proto in bpf_base_func_proto here (like done for
BPF_FUNC_get_smp_processor_id).

Let me fix that.

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH bpf-next v2 2/2] bpf: Refactor bpf_tracing_func_proto() and remove bpf_get_probe_write_proto()
  2024-11-27 12:06   ` Marco Elver
@ 2024-11-27 12:11     ` Daniel Borkmann
  0 siblings, 0 replies; 6+ messages in thread
From: Daniel Borkmann @ 2024-11-27 12:11 UTC (permalink / raw)
  To: Marco Elver, Alexei Starovoitov, Andrii Nakryiko
  Cc: Martin KaFai Lau, Eduard Zingerman, Song Liu, Yonghong Song,
	John Fastabend, KP Singh, Stanislav Fomichev, Hao Luo, Jiri Olsa,
	Nikola Grcevski, bpf, linux-trace-kernel, linux-kernel

On 11/27/24 1:06 PM, Marco Elver wrote:
> On Wed, 27 Nov 2024 at 12:10, Marco Elver <elver@google.com> wrote:
>>
>> With bpf_get_probe_write_proto() no longer printing a message, we can
>> avoid it being a special case with its own permission check.
>>
>> Refactor bpf_tracing_func_proto() similar to bpf_base_func_proto() to
>> have a section conditional on bpf_token_capable(CAP_SYS_ADMIN), where
>> the proto for bpf_probe_write_user() is returned. Finally, remove the
>> unnecessary bpf_get_probe_write_proto().
>>
>> This simplifies the code, and adding additional CAP_SYS_ADMIN-only
>> helpers in future avoids duplicating the same CAP_SYS_ADMIN check.
>>
>> Suggested-by: Andrii Nakryiko <andrii@kernel.org>
>> Signed-off-by: Marco Elver <elver@google.com>
>> ---
>> v2:
>> * New patch.
>> ---
>>   kernel/trace/bpf_trace.c | 30 ++++++++++++++++++------------
>>   1 file changed, 18 insertions(+), 12 deletions(-)
>>
>> diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
>> index 0ab56af2e298..d312b77993dc 100644
>> --- a/kernel/trace/bpf_trace.c
>> +++ b/kernel/trace/bpf_trace.c
>> @@ -357,14 +357,6 @@ static const struct bpf_func_proto bpf_probe_write_user_proto = {
>>          .arg3_type      = ARG_CONST_SIZE,
>>   };
>>
>> -static const struct bpf_func_proto *bpf_get_probe_write_proto(void)
>> -{
>> -       if (!capable(CAP_SYS_ADMIN))
>> -               return NULL;
>> -
>> -       return &bpf_probe_write_user_proto;
>> -}
>> -
>>   #define MAX_TRACE_PRINTK_VARARGS       3
>>   #define BPF_TRACE_PRINTK_SIZE          1024
>>
>> @@ -1417,6 +1409,12 @@ late_initcall(bpf_key_sig_kfuncs_init);
>>   static const struct bpf_func_proto *
>>   bpf_tracing_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
>>   {
>> +       const struct bpf_func_proto *func_proto;
>> +
>> +       func_proto = bpf_base_func_proto(func_id, prog);
>> +       if (func_proto)
>> +               return func_proto;
> 
> As indicated by the patch robot failure, we can't move this call up
> and needs to remain the last call after all others because we may
> override a function proto in bpf_base_func_proto here (like done for
> BPF_FUNC_get_smp_processor_id).
> 
> Let me fix that.

I was about to comment on that, I would leave this as it was before,
otherwise rest lgtm.

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH bpf-next v2 1/2] bpf: Remove bpf_probe_write_user() warning message
  2024-11-27 11:10 [PATCH bpf-next v2 1/2] bpf: Remove bpf_probe_write_user() warning message Marco Elver
  2024-11-27 11:10 ` [PATCH bpf-next v2 2/2] bpf: Refactor bpf_tracing_func_proto() and remove bpf_get_probe_write_proto() Marco Elver
@ 2024-11-27 11:49 ` Jiri Olsa
  1 sibling, 0 replies; 6+ messages in thread
From: Jiri Olsa @ 2024-11-27 11:49 UTC (permalink / raw)
  To: Marco Elver
  Cc: Alexei Starovoitov, Daniel Borkmann, Andrii Nakryiko,
	Martin KaFai Lau, Eduard Zingerman, Song Liu, Yonghong Song,
	John Fastabend, KP Singh, Stanislav Fomichev, Hao Luo,
	Nikola Grcevski, bpf, linux-trace-kernel, linux-kernel

On Wed, Nov 27, 2024 at 12:10:00PM +0100, Marco Elver wrote:
> The warning message for bpf_probe_write_user() was introduced in
> 96ae52279594 ("bpf: Add bpf_probe_write_user BPF helper to be called in
> tracers"), with the following in the commit message:
> 
>     Given this feature is meant for experiments, and it has a risk of
>     crashing the system, and running programs, we print a warning on
>     when a proglet that attempts to use this helper is installed,
>     along with the pid and process name.
> 
> After 8 years since 96ae52279594, bpf_probe_write_user() has found
> successful applications beyond experiments [1, 2], with no other good
> alternatives. Despite its intended purpose for "experiments", that
> doesn't stop Hyrum's law, and there are likely many more users depending
> on this helper: "[..] it does not matter what you promise [..] all
> observable behaviors of your system will be depended on by somebody."
> 
> The ominous "helper that may corrupt user memory!" has offered no real
> benefit, and has been found to lead to confusion where the system
> administrator is loading programs with valid use cases.
> 
> As such, remove the warning message.
> 
> Link: https://lore.kernel.org/lkml/20240404190146.1898103-1-elver@google.com/ [1]
> Link: https://lore.kernel.org/r/lkml/CAAn3qOUMD81-vxLLfep0H6rRd74ho2VaekdL4HjKq+Y1t9KdXQ@mail.gmail.com/ [2]
> Link: https://lore.kernel.org/all/CAEf4Bzb4D_=zuJrg3PawMOW3KqF8JvJm9SwF81_XHR2+u5hkUg@mail.gmail.com/
> Signed-off-by: Marco Elver <elver@google.com>

Acked-by: Jiri Olsa <jolsa@kernel.org>

jirka

> ---
> v2:
> * Just delete the message entirely (suggested by Andrii Nakryiko)
> ---
>  kernel/trace/bpf_trace.c | 3 ---
>  1 file changed, 3 deletions(-)
> 
> diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
> index 630b763e5240..0ab56af2e298 100644
> --- a/kernel/trace/bpf_trace.c
> +++ b/kernel/trace/bpf_trace.c
> @@ -362,9 +362,6 @@ static const struct bpf_func_proto *bpf_get_probe_write_proto(void)
>  	if (!capable(CAP_SYS_ADMIN))
>  		return NULL;
>  
> -	pr_warn_ratelimited("%s[%d] is installing a program with bpf_probe_write_user helper that may corrupt user memory!",
> -			    current->comm, task_pid_nr(current));
> -
>  	return &bpf_probe_write_user_proto;
>  }
>  
> -- 
> 2.47.0.338.g60cca15819-goog
> 

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2024-11-27 12:27 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-11-27 11:10 [PATCH bpf-next v2 1/2] bpf: Remove bpf_probe_write_user() warning message Marco Elver
2024-11-27 11:10 ` [PATCH bpf-next v2 2/2] bpf: Refactor bpf_tracing_func_proto() and remove bpf_get_probe_write_proto() Marco Elver
2024-11-27 11:49   ` Jiri Olsa
2024-11-27 12:06   ` Marco Elver
2024-11-27 12:11     ` Daniel Borkmann
2024-11-27 11:49 ` [PATCH bpf-next v2 1/2] bpf: Remove bpf_probe_write_user() warning message Jiri Olsa

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).