On Wed, Sep 04, 2013 at 12:14:03AM +0300, Konstantin Belousov wrote: > On Tue, Sep 03, 2013 at 08:25:29PM +0300, Vitalij Satanivskij wrote: > > KB> > > KB> Your installed libraries do not have proper debugging symbols. > > KB> Since the issue seems to be in the compat32 layer, you may try to start > > KB> with taking the ktrace of the failing program and see what syscall failed, > > KB> if any. > > For me problem gone after disabling > > options CAPABILITY_MODE # Capsicum capability mode > > options CAPABILITIES # Capsicum capabilities > > in kernel conf > > I'm found it when roll backing system to previos revisions. > > On r254268 uniq inside i386 jail say that = "unable to limit rights for " > > So I decide to check without Capsicum features... > Then the ktrace output would be esp. useful. Anyway, this is probably > cap_rights_limit(2) compat32 issue. Pawel may know more. cap_rights_limit(2) should have been fixed in r254491, so options CAPABILITIES should be OK (I have not tested such a kernel though). However, capability mode does not work with compat32. There is no sys/compat32/capabilities.conf (also, such a file would be poorly maintainable), and therefore capability mode does not permit any compat32 system calls. As a result, a compat32 capability mode process crashes after failing to invoke sys_exit. The below patch ('make sysent' should be run in sys/compat/freebsd32 after patching) makes the kernel admit that it does not support capability mode for compat32. This does not help if a 64-bit binary enters capability mode and then executes a 32-bit binary using fexecve(2) but otherwise it helps. It makes compat32 dhclient and uniq work again, albeit without Capsicum security enhancements. Making capability mode work for compat32 binaries would be better but if it is not possible for 10.0 then something like this patch should be committed. Index: sys/compat/freebsd32/freebsd32_capability.c =================================================================== --- sys/compat/freebsd32/freebsd32_capability.c (revision 255093) +++ sys/compat/freebsd32/freebsd32_capability.c (working copy) _at__at_ -50,6 +50,18 _at__at_ MALLOC_DECLARE(M_FILECAPS); int +freebsd32_cap_enter(struct thread *td, + struct freebsd32_cap_enter_args *uap) +{ + + /* + * We do not have an equivalent of capabilities.conf for freebsd32 + * compatibility, so do not allow capability mode for now. + */ + return (ENOSYS); +} + +int freebsd32_cap_rights_limit(struct thread *td, struct freebsd32_cap_rights_limit_args *uap) { _at__at_ -148,6 +160,14 _at__at_ #else /* !CAPABILITIES */ int +freebsd32_cap_enter(struct thread *td, + struct freebsd32_cap_enter_args *uap) +{ + + return (ENOSYS); +} + +int freebsd32_cap_rights_limit(struct thread *td, struct freebsd32_cap_rights_limit_args *uap) { Index: sys/compat/freebsd32/syscalls.master =================================================================== --- sys/compat/freebsd32/syscalls.master (revision 255093) +++ sys/compat/freebsd32/syscalls.master (working copy) _at__at_ -973,7 +973,7 _at__at_ 514 AUE_CAP_NEW NOPROTO { int cap_new(int fd, uint64_t rights); } 515 AUE_CAP_RIGHTS_GET NOPROTO { int cap_rights_get(int fd, \ uint64_t *rightsp); } -516 AUE_CAP_ENTER NOPROTO { int cap_enter(void); } +516 AUE_CAP_ENTER STD { int freebsd32_cap_enter(void); } 517 AUE_CAP_GETMODE NOPROTO { int cap_getmode(u_int *modep); } 518 AUE_PDFORK NOPROTO { int pdfork(int *fdp, int flags); } 519 AUE_PDKILL NOPROTO { int pdkill(int fd, int signum); } -- Jilles TjoelkerReceived on Wed Sep 04 2013 - 19:47:02 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:41 UTC