On Sun, Apr 24, 2016 at 05:53:45PM +0100, ra...@openmailbox.org wrote:
> I'm having a problem with pledge on openbsd
>
> #include <unistd.h>
> void main(void) { pledge("proc", NULL); fork(); }
>
> when I run this I get:
>
> Program received signal SIGABRT, Aborted.
> 0x000005f7309c70ba in mprotect () at <stdin>:2
>
> here is a backtrace
>
> #0 0x000005f7309c70ba in mprotect () at <stdin>:2
> #1 0x000005f7309c6cae in *_libc___cxa_finalize (dso=0x0)
> at /usr/src/lib/libc/stdlib/atexit.c:154
> #2 0x000005f7309c507e in *_libc_exit (status=1702)
> at /usr/src/lib/libc/stdlib/exit.c:57
> #3 0x000005f44cd009d8 in _start () from testprogram
> #4 0x0000000000000000 in ?? ()
>
> would this be a bug in pledge or am I using it wrong?
>
short story: the answer will be "wrong use" :)
when you pledge that only "proc" promise will be used, the kernel trusts
you, and enforce it.
in your simple program, you use effectively fork(2), which is allowed by
"proc" promise, but you use also the libc... which require something
other than "proc" promise.
if you look at your backtrace, you will see the syscall causing the
kill: mprotect(2). it is called from _libc_exit() (an internal renaming
for exit(3) function), which is called after the end of your main().
so the fork(2) was successfully called, and on program terminaison, the
kernel kills it because it tries to do something else (calling
mprotect(2)).
you should add "stdio" promise (it is rare that it isn't needed).
the other possibility is to terminate your program with _exit(2) syscall
(but there are differencies from exit(3) function: atexit(3) functions
aren't called, streams aren't flushed, open streams aren't closed...)
--
Sebastien Marie
