Re: CVS commit: src/sys
BTW, the patch you submitted with the initial message in this thread
looks good for avoiding the issue. But I'm not sure it is a complete
solution.
In particular, you would need to build a 32-bit arm that contains ``no
options COMPAT_NETBSD32'' and then boot and load the compat_netbsd32
and compat_netbsd32_coredump modules
modload compat_netbsd32
modload compat_netbsd32_coredump
Then see if emulation of the old ABI still works, and check if core-
dump works for old-ADI programs; the test program I've been using for
core-dump checking is
#include
int main(int argc, void *argv) { abort(); }
I really have to leave and take care of some personal business, so I
would greatly appreciate if you can check this out.
Thanks!
On Wed, 4 Nov 2020, Paul Goyette wrote:
I guess I don't understand why a 32-bit architecture would also have
COMPAT_NETBSD32.
Christos, can you help out on this?
On Wed, 4 Nov 2020, Rin Okuyama wrote:
Hello again,
On 2020/11/02 3:51, Paul Goyette wrote:
Module Name:src
Committed By: pgoyette
Date: Sun Nov 1 18:51:03 UTC 2020
Modified Files:
src/sys/compat/netbsd32: netbsd32.h netbsd32_core.c
src/sys/kern: compat_stub.c files.kern kern_core.c kern_sig.c
sys_ptrace_common.c
src/sys/modules: Makefile
src/sys/modules/compat_netbsd32: Makefile
src/sys/modules/coredump: Makefile
src/sys/sys: compat_stub.h param.h signalvar.h
Added Files:
src/sys/modules/compat_netbsd32_coredump: Makefile
Log Message:
Separate the compat_netbsd32_coredump from the compat_netbsd32 and
coredump modules, into its own module.
Welcome to 7.99.75 !!!
To generate a diff of this commit:
cvs rdiff -u -r1.133 -r1.134 src/sys/compat/netbsd32/netbsd32.h
cvs rdiff -u -r1.15 -r1.16 src/sys/compat/netbsd32/netbsd32_core.c
cvs rdiff -u -r1.20 -r1.21 src/sys/kern/compat_stub.c
cvs rdiff -u -r1.53 -r1.54 src/sys/kern/files.kern
cvs rdiff -u -r1.33 -r1.34 src/sys/kern/kern_core.c
cvs rdiff -u -r1.394 -r1.395 src/sys/kern/kern_sig.c
cvs rdiff -u -r1.88 -r1.89 src/sys/kern/sys_ptrace_common.c
cvs rdiff -u -r1.247 -r1.248 src/sys/modules/Makefile
cvs rdiff -u -r1.35 -r1.36 src/sys/modules/compat_netbsd32/Makefile
cvs rdiff -u -r0 -r1.1 src/sys/modules/compat_netbsd32_coredump/Makefile
cvs rdiff -u -r1.7 -r1.8 src/sys/modules/coredump/Makefile
cvs rdiff -u -r1.24 -r1.25 src/sys/sys/compat_stub.h
cvs rdiff -u -r1.677 -r1.678 src/sys/sys/param.h
cvs rdiff -u -r1.102 -r1.103 src/sys/sys/signalvar.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
This commit breaks arm, i.e., ILP32 arch with COMPAT_NETBSD32. For arm,
coredump_elf32_hook is already hooked in the main kernel. Therefore,
compat_netbsd32_coredump_modcmd(MODULE_CMD_INIT) causes KASSERT failure:
panic: kernel diagnostic assertion "!*hooked" failed: file
"../../../../kern/kern_module_hook.c", line 70
Does the attached patch seem reasonable to you?
Thanks,
rin
++--+---+
| Paul Goyette | PGP Key fingerprint: | E-mail addresses: |
| (Retired) | FA29 0E3B 35AF E8AE 6651 | p...@whooppee.com |
| Software Developer | 0786 F758 55DE 53BA 7731 | pgoye...@netbsd.org |
++--+---+
!DSPAM:5fa2ae10252946113815662!
++--+---+
| Paul Goyette | PGP Key fingerprint: | E-mail addresses: |
| (Retired) | FA29 0E3B 35AF E8AE 6651 | p...@whooppee.com |
| Software Developer | 0786 F758 55DE 53BA 7731 | pgoye...@netbsd.org |
++--+---+
Re: CVS commit: src/sys/kern
OK, this is my mistake. When I change the calls in the ptrace_common
modcmd, I should also have renamed the functions (including their
entries in sys/ptrace.h). I will commit this shortly, before I leave.
Thanks for the "recipe" for reproducing the problem - I will try it
later when I return.
On Wed, 4 Nov 2020, Rin Okuyama wrote:
On 2020/11/04 22:52, Paul Goyette wrote:
On Wed, 4 Nov 2020, Rin Okuyama wrote:
ptrace_common_{init,fini} are called from the ptrace_common module's
modcmd routine in kern/sys_ptrace_common.c. The modcmd routine in
turn is called at module initialization time. In the case of a
built-in module, it will be called by module_init via init_main; if
the module is loaded (or auto-loaded) module_load will call the
modcmd routine.
The module will be built-in if either ``options PTRACE'' or ``file-
system PROCFS'' is set in the kernel configuration file.
Oops, sorry, I meant ptrace_{init,fini}(). These functions are not called
at all since this commit, which forbids ptrace(2) for non-root users.
If the module is built-in (``options PTRACE'' selected in the config
file), then the module will already have been initialized.
If the module is not built-in, then a privileged user will need to
modload(8) the module.
Prior to this change, the built-in ptrace_common module was calling
the ptrace module's init/fini routine. Quite likely ptrace_common
was built-in (due to inclusion of file-system PROCFS), so the init
was handled during init_main(). This change ensures that the ptrace
init/fini routines are called ONLY if the ptrace module itself (not
the ptrace_common) routine is built-in.
Please check to make sure that ``options PTRACE'' is included in
your kernel config.
Yes:
$ config -x netbsd.gdb | grep PTRACE
###> optionsPTRACE # Include ptrace(2) syscall
###> optionsPTRACE_HOOKS# Include ptrace hooks
The problem is that ptrace_{init,fini}() are not called from
ptrace_modcmd():
https://nxr.netbsd.org/xref/src/sys/kern/sys_ptrace.c#184
184 static int
185 ptrace_modcmd(modcmd_t cmd, void *arg)
186 {
187 int error;
188
189 switch (cmd) {
190 case MODULE_CMD_INIT:
191 error = syscall_establish(&emul_netbsd,
ptrace_syscalls);
192 break;
193 case MODULE_CMD_FINI:
194 error = syscall_disestablish(&emul_netbsd,
ptrace_syscalls);
195 break;
196 default:
197 error = ENOTTY;
198 break;
199 }
200 return error;
201 }
Can you easily confirm that ktrace(2) is unusable for non-privileged
users on 9.99.75 kernel:
$ gdb echo
GNU gdb (GDB) 8.3
...
(gdb) b main
Breakpoint 1 at 0x950: file /usr/src/bin/echo/echo.c, line 58.
(gdb) r
Starting program: /bin/echo
warning: Could not trace the inferior process.
Error:
warning: ptrace: Operation not permitted
terminate called after throwing an instance of
'gdb_exception_RETURN_MASK_ERROR'
[1] Abort trap (core dumped) gdb echo
Also, ptrace_{init,fini} should be moved from sys_ptrace_common.c to
sys_ptrace.c, IMO.
Thanks,
rin
!DSPAM:5fa2b869233318156490363!
++--+---+
| Paul Goyette | PGP Key fingerprint: | E-mail addresses: |
| (Retired) | FA29 0E3B 35AF E8AE 6651 | p...@whooppee.com |
| Software Developer | 0786 F758 55DE 53BA 7731 | pgoye...@netbsd.org |
++--+---+
Re: CVS commit: src/sys/kern
On Wed, 4 Nov 2020, Rin Okuyama wrote:
On 2020/11/04 22:52, Paul Goyette wrote:
On Wed, 4 Nov 2020, Rin Okuyama wrote:
ptrace_common_{init,fini} are called from the ptrace_common module's
modcmd routine in kern/sys_ptrace_common.c. The modcmd routine in
turn is called at module initialization time. In the case of a
built-in module, it will be called by module_init via init_main; if
the module is loaded (or auto-loaded) module_load will call the
modcmd routine.
The module will be built-in if either ``options PTRACE'' or ``file-
system PROCFS'' is set in the kernel configuration file.
Oops, sorry, I meant ptrace_{init,fini}(). These functions are not called
at all since this commit, which forbids ptrace(2) for non-root users.
If the module is built-in (``options PTRACE'' selected in the config
file), then the module will already have been initialized.
If the module is not built-in, then a privileged user will need to
modload(8) the module.
Prior to this change, the built-in ptrace_common module was calling
the ptrace module's init/fini routine. Quite likely ptrace_common
was built-in (due to inclusion of file-system PROCFS), so the init
was handled during init_main(). This change ensures that the ptrace
init/fini routines are called ONLY if the ptrace module itself (not
the ptrace_common) routine is built-in.
Please check to make sure that ``options PTRACE'' is included in
your kernel config.
Yes:
$ config -x netbsd.gdb | grep PTRACE
###> optionsPTRACE # Include ptrace(2) syscall
###> optionsPTRACE_HOOKS# Include ptrace hooks
The problem is that ptrace_{init,fini}() are not called from
ptrace_modcmd():
https://nxr.netbsd.org/xref/src/sys/kern/sys_ptrace.c#184
184 static int
185 ptrace_modcmd(modcmd_t cmd, void *arg)
186 {
187 int error;
188
189 switch (cmd) {
190 case MODULE_CMD_INIT:
191 error = syscall_establish(&emul_netbsd,
ptrace_syscalls);
192 break;
193 case MODULE_CMD_FINI:
194 error = syscall_disestablish(&emul_netbsd,
ptrace_syscalls);
195 break;
196 default:
197 error = ENOTTY;
198 break;
199 }
200 return error;
201 }
Yes that would be a problem.
Can you easily confirm that ktrace(2) is unusable for non-privileged
users on 9.99.75 kernel:
$ gdb echo
GNU gdb (GDB) 8.3
...
(gdb) b main
Breakpoint 1 at 0x950: file /usr/src/bin/echo/echo.c, line 58.
(gdb) r
Starting program: /bin/echo
warning: Could not trace the inferior process.
Error:
warning: ptrace: Operation not permitted
terminate called after throwing an instance of
'gdb_exception_RETURN_MASK_ERROR'
[1] Abort trap (core dumped) gdb echo
Also, ptrace_{init,fini} should be moved from sys_ptrace_common.c to
sys_ptrace.c, IMO.
I have some prior obligations, so I won't be able to look at this
until this evening.
Thanks for the detailed analysis.
++--+---+
| Paul Goyette | PGP Key fingerprint: | E-mail addresses: |
| (Retired) | FA29 0E3B 35AF E8AE 6651 | p...@whooppee.com |
| Software Developer | 0786 F758 55DE 53BA 7731 | pgoye...@netbsd.org |
++--+---+
Re: CVS commit: src/sys/kern
On 2020/11/04 22:52, Paul Goyette wrote:
On Wed, 4 Nov 2020, Rin Okuyama wrote:
ptrace_common_{init,fini} are called from the ptrace_common module's
modcmd routine in kern/sys_ptrace_common.c. The modcmd routine in
turn is called at module initialization time. In the case of a
built-in module, it will be called by module_init via init_main; if
the module is loaded (or auto-loaded) module_load will call the
modcmd routine.
The module will be built-in if either ``options PTRACE'' or ``file-
system PROCFS'' is set in the kernel configuration file.
Oops, sorry, I meant ptrace_{init,fini}(). These functions are not called
at all since this commit, which forbids ptrace(2) for non-root users.
If the module is built-in (``options PTRACE'' selected in the config
file), then the module will already have been initialized.
If the module is not built-in, then a privileged user will need to
modload(8) the module.
Prior to this change, the built-in ptrace_common module was calling
the ptrace module's init/fini routine. Quite likely ptrace_common
was built-in (due to inclusion of file-system PROCFS), so the init
was handled during init_main(). This change ensures that the ptrace
init/fini routines are called ONLY if the ptrace module itself (not
the ptrace_common) routine is built-in.
Please check to make sure that ``options PTRACE'' is included in
your kernel config.
Yes:
$ config -x netbsd.gdb | grep PTRACE
###> optionsPTRACE # Include ptrace(2) syscall
###> optionsPTRACE_HOOKS# Include ptrace hooks
The problem is that ptrace_{init,fini}() are not called from
ptrace_modcmd():
https://nxr.netbsd.org/xref/src/sys/kern/sys_ptrace.c#184
184 static int
185 ptrace_modcmd(modcmd_t cmd, void *arg)
186 {
187 int error;
188
189 switch (cmd) {
190 case MODULE_CMD_INIT:
191 error = syscall_establish(&emul_netbsd,
ptrace_syscalls);
192 break;
193 case MODULE_CMD_FINI:
194 error = syscall_disestablish(&emul_netbsd,
ptrace_syscalls);
195 break;
196 default:
197 error = ENOTTY;
198 break;
199 }
200 return error;
201 }
Can you easily confirm that ktrace(2) is unusable for non-privileged
users on 9.99.75 kernel:
$ gdb echo
GNU gdb (GDB) 8.3
...
(gdb) b main
Breakpoint 1 at 0x950: file /usr/src/bin/echo/echo.c, line 58.
(gdb) r
Starting program: /bin/echo
warning: Could not trace the inferior process.
Error:
warning: ptrace: Operation not permitted
terminate called after throwing an instance of 'gdb_exception_RETURN_MASK_ERROR'
[1] Abort trap (core dumped) gdb echo
Also, ptrace_{init,fini} should be moved from sys_ptrace_common.c to
sys_ptrace.c, IMO.
Thanks,
rin
Re: CVS commit: src/sys
> On Nov 4, 2020, at 5:33 AM, Paul Goyette wrote: > > I guess I don't understand why a 32-bit architecture would also have > COMPAT_NETBSD32. In this particular case, it's for the old 32-bit ABI that predates the EABI standard the ARM port now uses. -- thorpej
Re: CVS commit: src/sys/kern
On Wed, 4 Nov 2020, Rin Okuyama wrote:
ptrace_common_{init,fini} are called from the ptrace_common module's
modcmd routine in kern/sys_ptrace_common.c. The modcmd routine in
turn is called at module initialization time. In the case of a
built-in module, it will be called by module_init via init_main; if
the module is loaded (or auto-loaded) module_load will call the
modcmd routine.
The module will be built-in if either ``options PTRACE'' or ``file-
system PROCFS'' is set in the kernel configuration file.
Oops, sorry, I meant ptrace_{init,fini}(). These functions are not called
at all since this commit, which forbids ptrace(2) for non-root users.
If the module is built-in (``options PTRACE'' selected in the config
file), then the module will already have been initialized.
If the module is not built-in, then a privileged user will need to
modload(8) the module.
Prior to this change, the built-in ptrace_common module was calling
the ptrace module's init/fini routine. Quite likely ptrace_common
was built-in (due to inclusion of file-system PROCFS), so the init
was handled during init_main(). This change ensures that the ptrace
init/fini routines are called ONLY if the ptrace module itself (not
the ptrace_common) routine is built-in.
Please check to make sure that ``options PTRACE'' is included in
your kernel config.
++--+---+
| Paul Goyette | PGP Key fingerprint: | E-mail addresses: |
| (Retired) | FA29 0E3B 35AF E8AE 6651 | p...@whooppee.com |
| Software Developer | 0786 F758 55DE 53BA 7731 | pgoye...@netbsd.org |
++--+---+
Re: CVS commit: src/sys/kern
On 2020/11/04 22:31, Paul Goyette wrote:
On Wed, 4 Nov 2020, Rin Okuyama wrote:
Hi,
On 2020/10/26 0:55, Paul Goyette wrote:
Module Name: src
Committed By: pgoyette
Date: Sun Oct 25 15:55:37 UTC 2020
Modified Files:
src/sys/kern: sys_ptrace_common.c
Log Message:
ptrace_Common is a module unto itself. Don't use the ptrace module's
init/fini routines.
To generate a diff of this commit:
cvs rdiff -u -r1.87 -r1.88 src/sys/kern/sys_ptrace_common.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
This commit makes ptrace(2) unusable for non-privileged users;
ptrace_common_{init,fini}() should be called from somewhere.
ptrace_common_{init,fini} are called from the ptrace_common module's
modcmd routine in kern/sys_ptrace_common.c. The modcmd routine in
turn is called at module initialization time. In the case of a
built-in module, it will be called by module_init via init_main; if
the module is loaded (or auto-loaded) module_load will call the
modcmd routine.
The module will be built-in if either ``options PTRACE'' or ``file-
system PROCFS'' is set in the kernel configuration file.
Oops, sorry, I meant ptrace_{init,fini}(). These functions are not called
at all since this commit, which forbids ptrace(2) for non-root users.
Thanks,
rin
Re: CVS commit: src/sys
On Wed, Nov 04, 2020 at 05:33:29AM -0800, Paul Goyette wrote: > I guess I don't understand why a 32-bit architecture would also have > COMPAT_NETBSD32. (At least) mips and arm have various 32bit ABIs that are handled by COMPAT_NETBSD32. Martin
Re: CVS commit: src/sys
I guess I don't understand why a 32-bit architecture would also have COMPAT_NETBSD32. Christos, can you help out on this? On Wed, 4 Nov 2020, Rin Okuyama wrote: Hello again, On 2020/11/02 3:51, Paul Goyette wrote: Module Name:src Committed By: pgoyette Date: Sun Nov 1 18:51:03 UTC 2020 Modified Files: src/sys/compat/netbsd32: netbsd32.h netbsd32_core.c src/sys/kern: compat_stub.c files.kern kern_core.c kern_sig.c sys_ptrace_common.c src/sys/modules: Makefile src/sys/modules/compat_netbsd32: Makefile src/sys/modules/coredump: Makefile src/sys/sys: compat_stub.h param.h signalvar.h Added Files: src/sys/modules/compat_netbsd32_coredump: Makefile Log Message: Separate the compat_netbsd32_coredump from the compat_netbsd32 and coredump modules, into its own module. Welcome to 7.99.75 !!! To generate a diff of this commit: cvs rdiff -u -r1.133 -r1.134 src/sys/compat/netbsd32/netbsd32.h cvs rdiff -u -r1.15 -r1.16 src/sys/compat/netbsd32/netbsd32_core.c cvs rdiff -u -r1.20 -r1.21 src/sys/kern/compat_stub.c cvs rdiff -u -r1.53 -r1.54 src/sys/kern/files.kern cvs rdiff -u -r1.33 -r1.34 src/sys/kern/kern_core.c cvs rdiff -u -r1.394 -r1.395 src/sys/kern/kern_sig.c cvs rdiff -u -r1.88 -r1.89 src/sys/kern/sys_ptrace_common.c cvs rdiff -u -r1.247 -r1.248 src/sys/modules/Makefile cvs rdiff -u -r1.35 -r1.36 src/sys/modules/compat_netbsd32/Makefile cvs rdiff -u -r0 -r1.1 src/sys/modules/compat_netbsd32_coredump/Makefile cvs rdiff -u -r1.7 -r1.8 src/sys/modules/coredump/Makefile cvs rdiff -u -r1.24 -r1.25 src/sys/sys/compat_stub.h cvs rdiff -u -r1.677 -r1.678 src/sys/sys/param.h cvs rdiff -u -r1.102 -r1.103 src/sys/sys/signalvar.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. This commit breaks arm, i.e., ILP32 arch with COMPAT_NETBSD32. For arm, coredump_elf32_hook is already hooked in the main kernel. Therefore, compat_netbsd32_coredump_modcmd(MODULE_CMD_INIT) causes KASSERT failure: panic: kernel diagnostic assertion "!*hooked" failed: file "../../../../kern/kern_module_hook.c", line 70 Does the attached patch seem reasonable to you? Thanks, rin !DSPAM:5fa25cf9259143308188765! ++--+---+ | Paul Goyette | PGP Key fingerprint: | E-mail addresses: | | (Retired) | FA29 0E3B 35AF E8AE 6651 | p...@whooppee.com | | Software Developer | 0786 F758 55DE 53BA 7731 | pgoye...@netbsd.org | ++--+---+
Re: CVS commit: src/sys/kern
On Wed, 4 Nov 2020, Rin Okuyama wrote:
Hi,
On 2020/10/26 0:55, Paul Goyette wrote:
Module Name:src
Committed By: pgoyette
Date: Sun Oct 25 15:55:37 UTC 2020
Modified Files:
src/sys/kern: sys_ptrace_common.c
Log Message:
ptrace_Common is a module unto itself. Don't use the ptrace module's
init/fini routines.
To generate a diff of this commit:
cvs rdiff -u -r1.87 -r1.88 src/sys/kern/sys_ptrace_common.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
This commit makes ptrace(2) unusable for non-privileged users;
ptrace_common_{init,fini}() should be called from somewhere.
ptrace_common_{init,fini} are called from the ptrace_common module's
modcmd routine in kern/sys_ptrace_common.c. The modcmd routine in
turn is called at module initialization time. In the case of a
built-in module, it will be called by module_init via init_main; if
the module is loaded (or auto-loaded) module_load will call the
modcmd routine.
The module will be built-in if either ``options PTRACE'' or ``file-
system PROCFS'' is set in the kernel configuration file.
++--+---+
| Paul Goyette | PGP Key fingerprint: | E-mail addresses: |
| (Retired) | FA29 0E3B 35AF E8AE 6651 | p...@whooppee.com |
| Software Developer | 0786 F758 55DE 53BA 7731 | pgoye...@netbsd.org |
++--+---+
