Re: bin/56471: ntpd dies at startup on macppc/current, sshd randomly dies

To: Martin Husemann <martin%duskware.de@localhost>
Subject: Re: bin/56471: ntpd dies at startup on macppc/current, sshd randomly dies
From: Jason Thorpe <thorpej%me.com@localhost>
Date: Sat, 30 Oct 2021 05:42:16 -0700

> On Oct 29, 2021, at 2:05 AM, Martin Husemann <martin%duskware.de@localhost> wrote:
> 
>  1213   1213 ntpd     CALL  compat_16___sigreturn14(0xffffe000)
>  1213   1213 ntpd     RET   compat_16___sigreturn14 -1 errno 22 Invalid argument
>  1213   1213 ntpd     CALL  exit(0x16)

I have attempted to reproduce this on NetBSD/alpha, which, like powerpc, also has compat_16___sigreturn14, to see if it was some common logic problem in libc or the kernel.  I used lots of debug logging to verify the code paths being taken.  Alpha works fine.  So it would seem this is a powerpc-specific problem.

The powerpc compat_16_sys___sigreturn14() has the following block:

        /*
         * Make sure SRR1 hasn't been maliciously tampered with.  
         */     
        if (!PSL_USEROK_P(sc.sc_frame.srr1))
                return (EINVAL);

I’m pretty sure this is what is tripping in the failure case.

In the powerpc sendsig_sigcontext(), that field is initialized like so:

        utf->srr1 = tf->tf_srr1 & PSL_USERSRR1;

For reference, those PSL_USER* macros are defined as:

#define PSL_USERSRR1            ((PSL_USERSET|PSL_USERMOD) & PSL_USERMASK)
#define PSL_USEROK_P(psl)       (((psl) & ~PSL_USERMOD) == PSL_USERSET)

...and on OEA machines (such as macppc), those expand to:

#define PSL_USERSET             cpu_psluserset
#define PSL_USERMOD             cpu_pslusermod
#define PSL_USERMASK            cpu_pslusermask

        /*
         * Configure a PSL user mask matching this processor.
         * Don't allow to set PSL_FP/PSL_VEC, since that will affect PCU.  
         */
        cpu_psluserset = PSL_EE | PSL_PR | PSL_ME | PSL_IR | PSL_DR | PSL_RI;
        cpu_pslusermod = PSL_FE0 | PSL_FE1 | PSL_LE | PSL_SE | PSL_BE;
#ifdef PPC_OEA601
        if (cpuvers == MPC601) {
                cpu_psluserset &= PSL_601_MASK; 
                cpu_pslusermod &= PSL_601_MASK; 
        }
#endif
#ifdef PPC_HIGH_VEC
        cpu_psluserset |= PSL_IP;       /* XXX ok? */
#endif

(register_t cpu_pslusermask = 0xffff;)

It would be really interesting to know what the value of sc.sc_frame.srr1 that sigreturn is objecting to.  Like, is it complete garbage?

-- thorpej

Follow-Ups:
- Re: bin/56471: ntpd dies at startup on macppc/current, sshd randomly dies
  - From: Jason Thorpe

References:
- bin/56471: ntpd dies at startup on macppc/current, sshd randomly dies
  - From: martin
- Re: bin/56471: ntpd dies at startup on macppc/current, sshd randomly dies
  - From: Martin Husemann

Prev by Date: NetBSD Nightly Trouble Ticket Report
Next by Date: Re: bin/56471: ntpd dies at startup on macppc/current, sshd randomly dies
Previous by Thread: Re: bin/56471: ntpd dies at startup on macppc/current, sshd randomly dies
Next by Thread: Re: bin/56471: ntpd dies at startup on macppc/current, sshd randomly dies
Indexes:

Home | Main Index | Thread Index | Old Index