ASAN and dhcpcd with privilege separation

To: tech-toolchain%netbsd.org@localhost
Subject: ASAN and dhcpcd with privilege separation
From: Roy Marples <roy%marples.name@localhost>
Date: Sun, 31 Jan 2021 02:56:28 +0000

Hi List

I'm strugging to get dhcpcd to debug a deliberate leak with either gcc or clangASAN.


Disable ASLR:
sysctl -w security.pax.aslr.enabled=0

Compiling src/external/bsd/dhcpcd/sbin/dhcpcd like so:
CFLAGS=-fsanitize=address LDFLAGS=-fsanitize=address make

Apply this patch:
diff -r 7ea0253a7567 external/bsd/dhcpcd/dist/src/dhcpcd.c
--- a/external/bsd/dhcpcd/dist/src/dhcpcd.c     Fri Jan 29 07:58:57 2021 +0000
+++ b/external/bsd/dhcpcd/dist/src/dhcpcd.c     Sun Jan 31 02:50:23 2021 +0000
@@ -2614,7 +2614,7 @@
 #ifdef PRIVSEP
        eloop_free(ctx.ps_eloop);
 #endif
-       eloop_free(ctx.eloop);
+       //eloop_free(ctx.eloop);
        if (ctx.script != dhcpcd_default_script)
                free(ctx.script);
        if (ctx.options & DHCPCD_STARTED && !(ctx.options & DHCPCD_FORKED))


Test dhcpcd:
obj.amd64/dhcpcd -x
obj.amd64/dhcpcd -dB
wait a few moments
CTRL-C
No error reported

Disable SUID, chroot and resource limits. IE, just the privilege separation codeactive but everything runs root:

diff -r 7ea0253a7567 external/bsd/dhcpcd/dist/src/privsep.c
--- a/external/bsd/dhcpcd/dist/src/privsep.c    Fri Jan 29 07:58:57 2021 +0000
+++ b/external/bsd/dhcpcd/dist/src/privsep.c    Sun Jan 31 02:50:23 2021 +0000
@@ -114,6 +114,8 @@
 static int
 ps_dropprivs(struct dhcpcd_ctx *ctx)
 {
+return 0;
+
        struct passwd *pw = ctx->ps_user;

        if (ctx->options & DHCPCD_LAUNCHER)

Test again, still no error.
Disable the privsep code entirely, dhcpcd will run as a single process:
diff -r 7ea0253a7567 external/bsd/dhcpcd/dist/src/dhcpcd.c
--- a/external/bsd/dhcpcd/dist/src/dhcpcd.c     Fri Jan 29 07:58:57 2021 +0000
+++ b/external/bsd/dhcpcd/dist/src/dhcpcd.c     Sun Jan 31 02:50:23 2021 +0000
@@ -2160,7 +2160,7 @@
 #endif

 #ifdef PRIVSEP
-       ps_init(&ctx);
+       //ps_init(&ctx);
 #endif

 #ifndef SMALL

Now we get errors!
dhcpcd does not use threading at all, it's all many single processes.

Why does this not work for dhcpcd privilege separation? Anyone have an idea onhow to resolve this?


Please reply direct to me as well as I'm not subbed to this list.

Thanks

Roy

Follow-Ups:
- Re: ASAN and dhcpcd with privilege separation
  - From: Martin Husemann

Prev by Date: compiler verifications for NetBSD test suite
Next by Date: Re: ASAN and dhcpcd with privilege separation
Previous by Thread: compiler verifications for NetBSD test suite
Next by Thread: Re: ASAN and dhcpcd with privilege separation
Indexes:

Home | Main Index | Thread Index | Old Index