>Number:         30429
>Category:       bin
>Synopsis:       veriexecctl(8) fails with "Ioctl failed with error `Bad address' on file [...]"
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Jun 05 05:33:00 +0000 2005
>Originator:     Nino Dehne
>Release:        3.0_BETA
>Organization:
>Environment:
NetBSD [...] 3.0_BETA NetBSD 3.0_BETA (WRAP) #0: Sat Jun  4 12:13:20 CEST 2005  [...]:/usr/home/build/wrap/obj/usr/home/build/wrap/src/sys/arch/i386/compile/WRAP i386
>Description:
The setup: A set of selected files (sans man pages, docs, compiler, ..) of a fresh world from build.sh distribution resides in ${tmp}. A kernel was built with an embedded ram disk (65536KB) and options VERIFIED_EXEC, pseudo-device verifiedexec 1. ${tmp}/etc/rc.conf.d/veriexec contains veriexec="YES". ${tmp}/etc/signatures contains "<file> sha1 <hash>[ FILE]" lines. The contents of ${tmp} are embedded into the kernel which then goes onto a CF card (/dev/wd0a) as /netbsd. ${tmp}/netbsd is a symbolic link to "mnt/netbsd". ${tmp}/etc/fstab contains "/dev/wd0a /mnt ffs ro 1 1". This mean the (huge) kernel image is available uncompressed as /netbsd at runtime (netstat, ps, et al work).

When booting this setup I get "No fingerprint for [...] (dev [...], inode [...])" lines up until the point where /etc/rc.d/veriexec is run. At that point I get "Ioctl failed with error `Bad address' on file [...]" for every single line in /etc/signatures.
>How-To-Repeat:
See above. Whether the problem occurs with a smaller kernel without an embedded ram disk is not known.
>Fix:
Unknown.