Subject: bin/29654: systrace might corrupt syscall arguments
To: None <gnats-admin@netbsd.org, netbsd-bugs@netbsd.org>
From: Christian Biere <christianbiere@gmx.de>
List: netbsd-bugs
Date: 03/10/2005 21:30:00
>Number: 29654
>Category: bin
>Synopsis: systrace might corrupt syscall arguments
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: bin-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Thu Mar 10 21:30:00 +0000 2005
>Originator: Christian Biere
>Release: NetBSD 2.99.11
>Environment:
System: NetBSD cyclonus 2.99.11 NetBSD 2.99.11 (STARSCREAM) #4: Fri Jan 7 14:02:19 CET 2005 bin@cyclonus:/usr/obj/sys/arch/i386/compile/STARSCREAM i386
Architecture: i386
Machine: i386
>Description:
When using systrace with pkgsrc/www/links I get the following log message:
Mar 10 21:59:02 localhost systrace: deny user: user, prog: /usr/pkg/bin/links,
pid: 5940(0)[0], policy: /usr/pkg/bin/links, filters: 71, syscall: netbsd-conne
ct(98), sockaddr: family(252)
After that, the process hangs in "systrmsg":
5940 user 10 0 4488K 4352K systrmsg 0:00 0.00% 0.00% links
links uses PF_INET, not protocol family 252. The connect() call happens
in connect.c dns_found(). By default, links fork()s a process to workaround
the blocking nature of gethostbyname() and this bug is probably related
to bin/29607 because the connect() call gets interrupted by SIGCHLD. If
I modify links to ignore SIGCHLD instead of catching it, the problem
disappears.
I suppose that either the kernel part of systrace causes a partial
copy resp. corruption of the syscall data or that it's caused by the
filter and/or log code in the userland part.
>How-To-Repeat:
Install pkgsrc/www/links.
systrace -A links http://www.example.com/
systrace -a links http://www.example.com/
However, if you use "netbsd-connect: permit" in the policy (leave out
any conditions or logging), the problem doesn't occur.
I tried to extend the program in bin/29607 to reproduce this problem
but couldn't trigger it.
>Fix: