[PKG-OpenRC-Debian] Bug#765070: openrc: [kfreebsd] segfault in loopsolver
Steven Chamberlain
steven at pyro.eu.org
Sat Oct 18 20:07:30 UTC 2014
tags 765070 + patch
thanks
I've found the reason for this!
In kfreebsd 9.2 or 10.x, kern.elf64.nxstack=1 by default, which means
executable stacks are not allowed. The segfault happens at:
| 1270: twalk(btree, idid_btree_builddescarray);
where function idid_btree_builddescarray() is defined on the stack,
nested inside of rc_deptree_solve_loop().
It is desirable to enforce nxstack, because in many other applications,
a buffer overflow could allow to modify a function on the stack, which
is later executed. So I'd like to work around this in openrc so it does
not need executable stacks at all.
(This bug would also affect regular FreeBSD, and perhaps GNU/Linux if
SElinux was enforcing nxstack).
Patch/debdiff attached! (Also dropped unnecessary libkvm dependency)
Thanks,
Regards,
--
Steven Chamberlain
steven at pyro.eu.org
-------------- next part --------------
diff -Nru openrc-0.13.1/debian/changelog openrc-0.13.1/debian/changelog
--- openrc-0.13.1/debian/changelog 2014-10-17 11:23:41.000000000 +0100
+++ openrc-0.13.1/debian/changelog 2014-10-18 20:56:05.000000000 +0100
@@ -1,3 +1,13 @@
+openrc (0.13.1-2) UNRELEASED; urgency=medium
+
+ * Add 0210-GNU-kFreeBSD_workaround-nxstack.patch:
+ - loopsolver: don't use executable stacks
+ - fixes a crash on newer versions of kfreebsd that enforce
+ non-executable stacks (Closes #765070)
+ * Drop unnecessary dependency on libkvm-dev [kfreebsd-any]
+
+ -- Steven Chamberlain <steven at pyro.eu.org> Sat, 18 Oct 2014 17:28:16 +0100
+
openrc (0.13.1-1) unstable; urgency=medium
* New upstream release
diff -Nru openrc-0.13.1/debian/control openrc-0.13.1/debian/control
--- openrc-0.13.1/debian/control 2014-10-17 11:28:46.000000000 +0100
+++ openrc-0.13.1/debian/control 2014-10-18 17:15:43.000000000 +0100
@@ -5,7 +5,7 @@
Uploaders: Roger Leigh <rleigh at debian.org>,
Thomas Goirand <zigo at debian.org>,
Benda Xu <heroxbd at gentoo.org>, Ritesh Raj Sarraf <rrs at debian.org>
-Build-Depends: debhelper (>= 9), libkvm-dev [kfreebsd-any]
+Build-Depends: debhelper (>= 9)
Standards-Version: 3.9.5
Homepage: http://www.gentoo.org/proj/en/base/openrc/
Vcs-Git: git://anonscm.debian.org/openrc/openrc.git
diff -Nru openrc-0.13.1/debian/patches/0200-GNU-kFreeBSD_add-missing-files.patch openrc-0.13.1/debian/patches/0200-GNU-kFreeBSD_add-missing-files.patch
--- openrc-0.13.1/debian/patches/0200-GNU-kFreeBSD_add-missing-files.patch 2014-10-17 11:26:39.000000000 +0100
+++ openrc-0.13.1/debian/patches/0200-GNU-kFreeBSD_add-missing-files.patch 2014-10-18 20:56:45.000000000 +0100
@@ -45,7 +45,7 @@
===================================================================
--- openrc.orig/mk/os-GNU-kFreeBSD.mk 2014-10-17 15:56:36.422098290 +0530
+++ openrc/mk/os-GNU-kFreeBSD.mk 2014-10-17 15:56:36.418098290 +0530
-@@ -3,7 +3,9 @@
+@@ -2,7 +2,9 @@
# Generic definitions
@@ -54,9 +54,8 @@
+
CPPFLAGS+= -D_BSD_SOURCE -D_XOPEN_SOURCE=700
LIBDL= -Wl,-Bdynamic -ldl
--LIBKVM?=
+ LIBKVM?=
-include ${MK}/os-BSD.mk
-+LIBKVM?= -lkvm
Index: openrc/conf.d/network.GNU-kFreeBSD.in
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
diff -Nru openrc-0.13.1/debian/patches/0210-GNU-kFreeBSD_workaround-nxstack.patch openrc-0.13.1/debian/patches/0210-GNU-kFreeBSD_workaround-nxstack.patch
--- openrc-0.13.1/debian/patches/0210-GNU-kFreeBSD_workaround-nxstack.patch 1970-01-01 01:00:00.000000000 +0100
+++ openrc-0.13.1/debian/patches/0210-GNU-kFreeBSD_workaround-nxstack.patch 2014-10-18 20:50:30.000000000 +0100
@@ -0,0 +1,64 @@
+From: Steven Chamberlain <steven at pyro.eu.org>
+Subject: loopsolver: don't use executable stacks
+Date: Sat, 18 Oct 2014 20:48:40 +0100
+
+Avoid use of executable stacks, since FreeBSD 9.2, 10.0 and newer
+enforce kern.elf64.nxstack / kern.elf32.nxstack by default.
+
+--- a/src/librc/librc-depend.c
++++ b/src/librc/librc-depend.c
+@@ -886,6 +886,27 @@
+ return '?';
+ }
+
++static int idid_count2;
++static idid_entry_t *idid_counters;
++
++static void
++idid_btree_builddescarray(const void *nodep, const VISIT which, const int depth) {
++ (void)depth;
++ switch (which) {
++ case preorder:
++ case leaf: {
++ const idid_entry_t *idid_entry_p = *(idid_entry_t * const*)nodep;
++
++ memcpy(&idid_counters[idid_count2], idid_entry_p, sizeof(idid_counters[idid_count2]));
++ idid_count2++;
++ break;
++ }
++ default:
++ break;
++ }
++ return;
++}
++
+ /*! Solves dependecies loops
+ * @param unap_matrix matrixes to scan ways to solve the loop
+ * @param service_id looped service id
+@@ -1243,26 +1264,6 @@
+ /* building array of dependencies sorted by descending presence counter */
+
+ {
+- int idid_count2;
+- idid_entry_t *idid_counters;
+-
+- void idid_btree_builddescarray(const void *nodep, const VISIT which, const int depth) {
+- (void)depth;
+- switch (which) {
+- case preorder:
+- case leaf: {
+- const idid_entry_t *idid_entry_p = *(idid_entry_t * const*)nodep;
+-
+- memcpy(&idid_counters[idid_count2], idid_entry_p, sizeof(idid_counters[idid_count2]));
+- idid_count2++;
+- break;
+- }
+- default:
+- break;
+- }
+- return;
+- }
+-
+ idid_counters = xmalloc(idid_count * sizeof(*idid_counters));
+
+ idid_count2 = 0;
diff -Nru openrc-0.13.1/debian/patches/series openrc-0.13.1/debian/patches/series
--- openrc-0.13.1/debian/patches/series 2014-10-17 12:14:03.000000000 +0100
+++ openrc-0.13.1/debian/patches/series 2014-10-18 20:45:36.000000000 +0100
@@ -5,4 +5,5 @@
0100-GNU-Hurd_PATH_MAX_and_defined.patch
0110-GNU-Hurd_add-missing-files.patch
0200-GNU-kFreeBSD_add-missing-files.patch
+0210-GNU-kFreeBSD_workaround-nxstack.patch
upstream-files-modified.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 551 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/openrc-devel/attachments/20141018/feb1f035/attachment-0001.sig>
More information about the OpenRC-devel
mailing list