https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=277057
Bug ID: 277057
Summary: rights(4): Not all rights may be specified in a rights
mask
Product: Base System
Version: 15.0-CURRENT
Hardware: Any
OS: Any
Status: New
Severity: Affects Many People
Priority: ---
Component: bin
Assignee: [email protected]
Reporter: [email protected]
rights(4) says:
The following rights may be specified in a rights mask:
and proceeds to list most of the CAP_* rights, excluding only the UNUSED ones
and the some of compounds (like CAP_SOCK_CLIENT). And software does use them
that way, for example:
bin/cat/cat.c
144: cap_rights_init(&rights, CAP_READ | CAP_FSTAT | CAP_FCNTL |
CAP_SEEK),
However, not all rights may be specified in a mask together. It appears, from
testing, that only rights whose index is 0 may be ORed with other rights whose
index is 0, and similarly for index 1. Attempting to violate this rule will
trigger an assertion and abort the program:
Assertion failed: (i >= 0), function cap_rights_vset, file
/usr/home/somers/src/freebsd.org/src/sys/kern/subr_capability.c, line 188.
Process with PID 3539 exited with signal 6 and dumped core; attempting to
gather stack trace
[New LWP 100728]
Core was generated by `/usr/tests/sys/capsicum/rights -vdisks=/dev/vtbd1
/dev/vtbd2 /dev/vtbd3 /dev/vtb'.
Program terminated with signal SIGABRT, Aborted.
Sent by thr_kill() from pid 3539 and user 1000.
#0 thr_kill () at thr_kill.S:4
4 RSYSCALL(thr_kill)
#0 thr_kill () at thr_kill.S:4
#1 0x00003199593035d4 in __raise (s=s@entry=6) at
/usr/home/somers/src/freebsd.org/src/lib/libc/gen/raise.c:48
#2 0x00003199593b6999 in abort () at
/usr/home/somers/src/freebsd.org/src/lib/libc/stdlib/abort.c:61
#3 0x00003199592e68a1 in __assert (func=<optimized out>, file=<optimized out>,
line=line@entry=188, failedexpr=<optimized out>) at
/usr/home/somers/src/freebsd.org/src/lib/libc/gen/assert.c:47
#4 0x00003199593a93d0 in cap_rights_vset (rights=rights@entry=0x3199575d8c20,
ap=ap@entry=0x3199575d8bc0) at
/usr/home/somers/src/freebsd.org/src/sys/kern/subr_capability.c:188
#5 0x00003199593a9274 in __cap_rights_init (version=version@entry=0,
rights=rights@entry=0x3199575d8c20) at
/usr/home/somers/src/freebsd.org/src/sys/kern/subr_capability.c:260
#6 0x00003191372b3640 in atfu_orable_01_body (tc=<optimized out>) at
/usr/home/somers/src/freebsd.org/src/tests/sys/capsicum/rights.c:142
#7 0x0000319958eccff7 in atf_tc_run (tc=0x3191372b5bf0 <atfu_orable_01_tc>,
resfile=<optimized out>) at
/usr/home/somers/src/freebsd.org/src/contrib/atf/atf-c/tc.c:1054
#8 0x0000319958ecf0de in atf_tp_run (tp=tp@entry=0x3199575d90e8,
tcname=tcname@entry=0x37fd6da09020 "orable_01", resfile=0x6 <error: Cannot
access memory at address 0x6>) at
/usr/home/somers/src/freebsd.org/src/contrib/atf/atf-c/tp.c:201
#9 0x0000319958ecfaae in run_tc (tp=0x3199575d90e8, p=0x3199575d9100,
exitcode=<optimized out>) at
/usr/home/somers/src/freebsd.org/src/contrib/atf/atf-c/detail/tp_main.c:504
#10 controlled_main (argc=5, argv=<optimized out>, add_tcs_hook=0x3191372b30a0
<atfu_tp_add_tcs>, exitcode=<optimized out>) at
/usr/home/somers/src/freebsd.org/src/contrib/atf/atf-c/detail/tp_main.c:574
#11 atf_tp_main (argc=5, argv=<optimized out>, add_tcs_hook=0x3191372b30a0
<atfu_tp_add_tcs>) at
/usr/home/somers/src/freebsd.org/src/contrib/atf/atf-c/detail/tp_main.c:604
#12 0x00003199592d806a in __libc_start1 (argc=5, argv=0x3199575da1b0,
env=0x3199575da1e0, cleanup=<optimized out>, mainX=0x3191372b3080 <main>) at
/usr/home/somers/src/freebsd.org/src/lib/libc/csu/libc_start1.c:157
#13 0x00003191372b2ffd in _start () at
/usr/home/somers/src/freebsd.org/src/lib/csu/amd64/crt1_s.S:83
--
You are receiving this mail because:
You are the assignee for the bug.
