Re: iridium pledge violation

2017-12-10 Thread Theo de Raadt 
For example, here is my safety diff for cat.

The intrinsic beauty of it's memory handling is beyond words.

You just can't trust a virtual system to do it right; you always
need to check the underlying subsystem isn't messin' with ya.

Index: cat.c
===
RCS file: /cvs/src/bin/cat/cat.c,v
retrieving revision 1.26
diff -u -p -u -r1.26 cat.c
--- cat.c   19 Oct 2016 18:20:25 -  1.26
+++ cat.c   10 Dec 2017 19:24:21 -
@@ -35,6 +35,7 @@
 
 #include 
 #include 
+#include 
 
 #include 
 #include 
@@ -46,6 +47,7 @@
 #include 
 
 #define MAXIMUM(a, b)  (((a) > (b)) ? (a) : (b))
+#define MINIMUM(a, b)  (((a) < (b)) ? (a) : (b))
 
 extern char *__progname;
 
@@ -63,7 +65,7 @@ main(int argc, char *argv[])
 {
int ch;
 
-   if (pledge("stdio rpath", NULL) == -1)
+   if (pledge("stdio rpath ps", NULL) == -1)
err(1, "pledge");
 
while ((ch = getopt(argc, argv, "benstuv")) != -1)
@@ -228,12 +230,27 @@ raw_cat(int rfd)
static size_t bsize;
static char *buf = NULL;
struct stat sbuf;
+   int64_t physmem;
+   size_t siz = sizeof(physmem);
+   int mib[2];
+
+   /*
+* Ensure a fuse filesystem + uncooperative kernel cannot
+* force us to allocate a buffer which gets slow because it
+* gets pushed into swap
+*/
+   mib[0] = CTL_HW;
+   mib[1] = HW_PHYSMEM64;
+   if (sysctl(mib, 2, , , NULL, 0) < 0) {
+   warnx("physmem: failed to get hw.physmem");
+   physmem = 0x4*1024*1024;
+   }
 
wfd = fileno(stdout);
if (buf == NULL) {
if (fstat(wfd, ))
err(1, "stdout");
-   bsize = MAXIMUM(sbuf.st_blksize, BUFSIZ);
+   bsize = MINIMUM(MAXIMUM(sbuf.st_blksize, BUFSIZ), physmem);
if ((buf = malloc(bsize)) == NULL)
err(1, "malloc");
}

Re: iridium pledge violation

2017-12-10 Thread Theo de Raadt 
> I've just upgraded my workstation to the latest snapshot, including
> newer packages.  I use the signal chrome app in iridium and since it
> was complaining about needing an upgrade, I removed the (package
> version iridium-2017.11p0) app and tried to re-install it (iridium has
> a problem with upgrading installed apps; this is known upstream).
> 
> While trying to install, I get pledge violations:
> 
> 2017-12-10T18:47:46.313Z pom /bsd: iridium(85576): pledge sysctl 2: 6 19
> 2017-12-10T18:47:46.320Z pom /bsd: iridium[85576]: pledge "", syscall 202
> 2017-12-10T18:47:56.800Z pom /bsd: iridium(45150): pledge sysctl 2: 6 19
> 2017-12-10T18:47:56.804Z pom /bsd: iridium[45150]: pledge "", syscall 202
> 2017-12-10T18:47:56.807Z pom /bsd: iridium[45150]: pledge "stdio", syscall 133
> 
> Looks like iridium either needs a wider pledge or some stuff needs
> neutering.  Haven't looked in more detail yet.

trying to sysctl HW_PHYSMEM64, and then for some reason trying to sendto()
from a process (which i am sure is the right thing) marked "stdio".


Speaking of which, I'm working on a diff which makes all the bin/*
utilities check how much physical memory a machine has.

It's important!  You need to know how much physical memory you have so
that you don't exceed the sufficiently infinite virtual resources!

IF YOU ARE A GIGANTIC SLOPPY FAT PIG YOU SURE DO

iridium pledge violation

2017-12-10 Thread Paul de Weerd 
Hi all,

I've just upgraded my workstation to the latest snapshot, including
newer packages.  I use the signal chrome app in iridium and since it
was complaining about needing an upgrade, I removed the (package
version iridium-2017.11p0) app and tried to re-install it (iridium has
a problem with upgrading installed apps; this is known upstream).

While trying to install, I get pledge violations:

2017-12-10T18:47:46.313Z pom /bsd: iridium(85576): pledge sysctl 2: 6 19
2017-12-10T18:47:46.320Z pom /bsd: iridium[85576]: pledge "", syscall 202
2017-12-10T18:47:56.800Z pom /bsd: iridium(45150): pledge sysctl 2: 6 19
2017-12-10T18:47:56.804Z pom /bsd: iridium[45150]: pledge "", syscall 202
2017-12-10T18:47:56.807Z pom /bsd: iridium[45150]: pledge "stdio", syscall 133

Looks like iridium either needs a wider pledge or some stuff needs
neutering.  Haven't looked in more detail yet.

Paul

OpenBSD 6.2-current (GENERIC.MP) #265: Sat Dec  9 10:24:12 MST 2017
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 34243919872 (32657MB)
avail mem = 33199185920 (31661MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xec410 (88 entries)
bios0: vendor Dell Inc. version "A12" date 05/06/2015
bios0: Dell Inc. OptiPlex 9020
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP APIC FPDT SLIC LPIT SSDT SSDT SSDT HPET SSDT MCFG SSDT 
ASF! DMAR
acpi0: wakeup devices UAR1(S3) PXSX(S4) RP01(S4) PXSX(S4) PXSX(S4) PXSX(S4) 
RP05(S4) PXSX(S4) PXSX(S4) PXSX(S4) GLAN(S4) EHC1(S3) EHC2(S3) XHC_(S4) 
HDEF(S4) PEG0(S4) [...]
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz, 3692.05 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SENSOR,ARAT
cpu0: 256KB 64b/line 8-way L2 cache
acpitimer0: recalibrated TSC frequency 3392144776 Hz
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 99MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz, 3691.44 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SENSOR,ARAT
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 4 (application processor)
cpu2: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz, 3691.45 MHz
cpu2: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SENSOR,ARAT
cpu2: 256KB 64b/line 8-way L2 cache
cpu2: smt 0, core 2, package 0
cpu3 at mainbus0: apid 6 (application processor)
cpu3: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz, 3691.44 MHz
cpu3: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SENSOR,ARAT
cpu3: 256KB 64b/line 8-way L2 cache
cpu3: smt 0, core 3, package 0
cpu4 at mainbus0: apid 1 (application processor)
cpu4: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz, 3691.45 MHz
cpu4: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SENSOR,ARAT
cpu4: 256KB 64b/line 8-way L2 cache
cpu4: smt 1, core 0, package 0
cpu5 at mainbus0: apid 3 (application processor)
cpu5: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz, 3691.45 MHz
cpu5: