From 612b0a41399d0ddf260f4f6dd989fcc97d069fbd Mon Sep 17 00:00:00 2001
From: teor <teor@torproject.org>
Date: Wed, 4 Sep 2019 15:40:57 +1000
Subject: subsys: Make the subsystem init order match the module dependencies

Fix levels for subsystems that depend on log/err
* winprocess (security) doesn't use err:
  * call windows process security APIs as early as possible
  * init err after winprocess
  * move wallclock so it's still after err
* network and time depend on log:
  * make sure that network and time can use logging.
  * init network and time after log

Add comments explaining the module init order.

Fixes bug 31615; bugfix on 0.4.0.1-alpha.
---
 changes/bug31615                 | 5 +++++
 src/lib/err/torerr_sys.c         | 5 ++++-
 src/lib/log/log_sys.c            | 2 ++
 src/lib/net/network_sys.c        | 4 +++-
 src/lib/process/winprocess_sys.c | 2 ++
 src/lib/thread/compat_threads.c  | 2 ++
 src/lib/time/time_sys.c          | 4 +++-
 src/lib/wallclock/approx_time.c  | 4 +++-
 8 files changed, 24 insertions(+), 4 deletions(-)
 create mode 100644 changes/bug31615

diff --git a/changes/bug31615 b/changes/bug31615
new file mode 100644
index 0000000000..49b13bea95
--- /dev/null
+++ b/changes/bug31615
@@ -0,0 +1,5 @@
+  o Minor bugfixes (subsystems):
+    - Make the subsystem init order match the subsystem module dependencies.
+      Call windows process security APIs as early as possible. Init log before
+      network and time, so that network and time can use logging.
+      Fixes bug 31615; bugfix on 0.4.0.1-alpha.
diff --git a/src/lib/err/torerr_sys.c b/src/lib/err/torerr_sys.c
index 3ab1b3c4e1..34f70f1f0b 100644
--- a/src/lib/err/torerr_sys.c
+++ b/src/lib/err/torerr_sys.c
@@ -33,7 +33,10 @@ subsys_torerr_shutdown(void)
 
 const subsys_fns_t sys_torerr = {
   .name = "err",
-  .level = -100,
+  /* Low-level error handling is a diagnostic feature, we want it to init
+   * right after windows process security, and shutdown last.
+   * (Security never shuts down.) */
+  .level = -99,
   .supported = true,
   .initialize = subsys_torerr_initialize,
   .shutdown = subsys_torerr_shutdown
diff --git a/src/lib/log/log_sys.c b/src/lib/log/log_sys.c
index d1080f2264..826358546a 100644
--- a/src/lib/log/log_sys.c
+++ b/src/lib/log/log_sys.c
@@ -29,6 +29,8 @@ subsys_logging_shutdown(void)
 const subsys_fns_t sys_logging = {
   .name = "log",
   .supported = true,
+  /* Logging depends on threads, approx time, raw logging, and security.
+   * Most other lib modules depend on logging. */
   .level = -90,
   .initialize = subsys_logging_initialize,
   .shutdown = subsys_logging_shutdown,
diff --git a/src/lib/net/network_sys.c b/src/lib/net/network_sys.c
index 9dfdb2b45a..e0a2625d73 100644
--- a/src/lib/net/network_sys.c
+++ b/src/lib/net/network_sys.c
@@ -37,7 +37,9 @@ subsys_network_shutdown(void)
 
 const subsys_fns_t sys_network = {
   .name = "network",
-  .level = -90,
+  /* Network depends on logging, and a lot of other modules depend on network.
+   */
+  .level = -80,
   .supported = true,
   .initialize = subsys_network_initialize,
   .shutdown = subsys_network_shutdown,
diff --git a/src/lib/process/winprocess_sys.c b/src/lib/process/winprocess_sys.c
index 1266babca8..407eeaaeed 100644
--- a/src/lib/process/winprocess_sys.c
+++ b/src/lib/process/winprocess_sys.c
@@ -58,6 +58,8 @@ subsys_winprocess_initialize(void)
 
 const subsys_fns_t sys_winprocess = {
   .name = "winprocess",
+  /* HeapEnableTerminationOnCorruption and setdeppolicy() are security
+   * features, we want them to run first. */
   .level = -100,
   .supported = WINPROCESS_SYS_ENABLED,
   .initialize = subsys_winprocess_initialize,
diff --git a/src/lib/thread/compat_threads.c b/src/lib/thread/compat_threads.c
index 35cfeba64c..1c4a5c4e3f 100644
--- a/src/lib/thread/compat_threads.c
+++ b/src/lib/thread/compat_threads.c
@@ -122,6 +122,8 @@ subsys_threads_initialize(void)
 const subsys_fns_t sys_threads = {
   .name = "threads",
   .supported = true,
+  /* Threads is used by logging, which is a diagnostic feature, we want it to
+   * init right after low-level error handling and approx time. */
   .level = -95,
   .initialize = subsys_threads_initialize,
 };
diff --git a/src/lib/time/time_sys.c b/src/lib/time/time_sys.c
index b3feb7b46a..8b9aa2856c 100644
--- a/src/lib/time/time_sys.c
+++ b/src/lib/time/time_sys.c
@@ -20,7 +20,9 @@ subsys_time_initialize(void)
 
 const subsys_fns_t sys_time = {
   .name = "time",
-  .level = -90,
+  /* Monotonic time depends on logging, and a lot of other modules depend on
+   * monotonic time. */
+  .level = -80,
   .supported = true,
   .initialize = subsys_time_initialize,
 };
diff --git a/src/lib/wallclock/approx_time.c b/src/lib/wallclock/approx_time.c
index 7b32804026..77eeddaf56 100644
--- a/src/lib/wallclock/approx_time.c
+++ b/src/lib/wallclock/approx_time.c
@@ -54,6 +54,8 @@ subsys_wallclock_initialize(void)
 const subsys_fns_t sys_wallclock = {
   .name = "wallclock",
   .supported = true,
-  .level = -99,
+  /* Approximate time is a diagnostic feature, we want it to init right after
+   * low-level error handling. */
+  .level = -98,
   .initialize = subsys_wallclock_initialize,
 };
-- 
cgit v1.2.3-54-g00ecf


From 2e2a35b6943810257b6917648db90ed5d46505e1 Mon Sep 17 00:00:00 2001
From: teor <teor@torproject.org>
Date: Tue, 10 Sep 2019 08:35:56 +1000
Subject: main: remove level number comments from the subsystem list (0.4.0)

These levels get out of date really easily: we'll implement a level
dump command in tor in 31614.

They also cause conflicts and inconsistencies when merging forward
level changes.

Part of 31615.
---
 src/app/main/subsystem_list.c | 30 ++++++++++++++++--------------
 1 file changed, 16 insertions(+), 14 deletions(-)

diff --git a/src/app/main/subsystem_list.c b/src/app/main/subsystem_list.c
index 3834176182..81b58cf708 100644
--- a/src/app/main/subsystem_list.c
+++ b/src/app/main/subsystem_list.c
@@ -27,23 +27,25 @@
 
 /**
  * Global list of the subsystems in Tor, in the order of their initialization.
+ * Want to know the exact level numbers?
+ * We'll implement a level dump command in #31614.
  **/
 const subsys_fns_t *tor_subsystems[] = {
-  &sys_winprocess, /* -100 */
-  &sys_torerr, /* -100 */
-  &sys_wallclock, /* -99 */
-  &sys_threads, /* -95 */
-  &sys_logging, /* -90 */
-  &sys_time, /* -90 */
-  &sys_network, /* -90 */
-  &sys_compress, /* -70 */
-  &sys_crypto, /* -60 */
-  &sys_tortls, /* -50 */
-  &sys_process, /* -35 */
+  &sys_winprocess,
+  &sys_torerr,
+  &sys_wallclock,
+  &sys_threads,
+  &sys_logging,
+  &sys_time,
+  &sys_network,
+  &sys_compress,
+  &sys_crypto,
+  &sys_tortls,
+  &sys_process,
 
-  &sys_orconn_event, /* -33 */
-  &sys_ocirc_event, /* -32 */
-  &sys_btrack, /* -30 */
+  &sys_orconn_event,
+  &sys_ocirc_event,
+  &sys_btrack,
 };
 
 const unsigned n_tor_subsystems = ARRAY_LENGTH(tor_subsystems);
-- 
cgit v1.2.3-54-g00ecf


From f1c57cd1e5d8ae88f28f764fef7f17081ebf2961 Mon Sep 17 00:00:00 2001
From: teor <teor@torproject.org>
Date: Tue, 10 Sep 2019 08:44:35 +1000
Subject: main: remove level number comments from the subsystem list (0.4.1)

Part of 31615.
---
 src/app/main/subsystem_list.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/app/main/subsystem_list.c b/src/app/main/subsystem_list.c
index c637887153..989b0d6f87 100644
--- a/src/app/main/subsystem_list.c
+++ b/src/app/main/subsystem_list.c
@@ -52,13 +52,13 @@ const subsys_fns_t *tor_subsystems[] = {
   &sys_ocirc_event,
   &sys_btrack,
 
-  &sys_mainloop, /* 5 */
-  &sys_or, /* 20 */
+  &sys_mainloop,
+  &sys_or,
 
-  &sys_relay, /* 50 */
+  &sys_relay,
 
 #ifdef HAVE_MODULE_DIRAUTH
-  &sys_dirauth, /* 70 */
+  &sys_dirauth,
 #endif
 };
 
-- 
cgit v1.2.3-54-g00ecf


From 5fa75a6cd45d81476d5648665717d46a406845bf Mon Sep 17 00:00:00 2001
From: teor <teor@torproject.org>
Date: Tue, 10 Sep 2019 09:04:38 +1000
Subject: main: remove level number comments from the subsystem list (master)

Part of 31615.
---
 src/app/main/subsystem_list.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/app/main/subsystem_list.c b/src/app/main/subsystem_list.c
index d525708e7b..67cb12363e 100644
--- a/src/app/main/subsystem_list.c
+++ b/src/app/main/subsystem_list.c
@@ -53,7 +53,7 @@ const subsys_fns_t *tor_subsystems[] = {
   &sys_ocirc_event,
   &sys_btrack,
 
-  &sys_evloop, /* -20 */
+  &sys_evloop,
 
   &sys_mainloop,
   &sys_or,
-- 
cgit v1.2.3-54-g00ecf


From 39c7f46d363d8a0b0ccb29bc967004160a477dda Mon Sep 17 00:00:00 2001
From: teor <teor@torproject.org>
Date: Tue, 10 Sep 2019 09:06:36 +1000
Subject: main: add some newlines to the subsystem list, for readability

---
 src/app/main/subsystem_list.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/app/main/subsystem_list.c b/src/app/main/subsystem_list.c
index 67cb12363e..1af9340c1a 100644
--- a/src/app/main/subsystem_list.c
+++ b/src/app/main/subsystem_list.c
@@ -39,11 +39,14 @@
 const subsys_fns_t *tor_subsystems[] = {
   &sys_winprocess,
   &sys_torerr,
+
   &sys_wallclock,
   &sys_threads,
   &sys_logging,
+
   &sys_time,
   &sys_network,
+
   &sys_compress,
   &sys_crypto,
   &sys_tortls,
-- 
cgit v1.2.3-54-g00ecf