FreeBSD 1.x Binaries Work Except under Chroot

Konstantin Belousov kostikbel at gmail.com
Sat Aug 11 18:45:35 UTC 2012 

Why did you stripped the public list from the Cc: ?

On Fri, Aug 10, 2012 at 05:05:09PM -0400, Dan Plassche wrote:
> On Fri, Aug 10, 2012 at 1:07 PM, Konstantin Belousov
> <kostikbel at gmail.com> wrote:
> 
> > Try to ktrace the binaries to see what is going on. I suspect that
> > sources for 1.1.5 are not in our cvs/svn, so it is troublesome to
> > say anuthing without ktrace dump.
> 
> Ok, below is the kdump from running basename as a simple example
> that produces the "ld.so: whereis: libc.so.1.1" error under a
> chrooted environment.
> 
> I probably should have mentioned that I'm running these with
> "sysctl security.bsd.map_at_zero=1" set.  The static binaries
> in /bin and /sbin also work under the chroot, but the others in
> /usr/bin and /usr/sbin fail with the ld.so error.
You should have mentioned that it is only _some_ binaries which are
affected, since I was not able to reproduce your issue at all with
/bin/sh or /bin/ls in chroot. It took me a while to realize that you
specifically shown the trace for basename.

> 
> Here's the kdump:
>   1144 basename CALL
> compat.mmap(0x2006b000,0x6bb8,0x7,0x122,0xffffffff,0x4d000)
>   1144 basename RET   compat.mmap -1 errno 22 Invalid argument
And there is the problem, induced by more strict check added in r205536.
Try the patch below, it could be applicable to 8.2 still. It worked for
me on HEAD.

diff --git a/sys/vm/vm_mmap.c b/sys/vm/vm_mmap.c
index 3fccd9e..e89d586 100644
--- a/sys/vm/vm_mmap.c
+++ b/sys/vm/vm_mmap.c
@@ -207,11 +207,24 @@ sys_mmap(td, uap)
 
 	fp = NULL;
 
-	/* Make sure mapping fits into numeric range, etc. */
-	if ((uap->len == 0 && !SV_CURPROC_FLAG(SV_AOUT) &&
-	     curproc->p_osrel >= P_OSREL_MAP_ANON) ||
-	    ((flags & MAP_ANON) && (uap->fd != -1 || pos != 0)))
-		return (EINVAL);
+	/*
+	 * Enforce the constraints.
+	 * Mapping of length 0 allowed for old binaries.
+	 *
+	 * Anonymous mapping shall specify -1 as filedescriptor and
+	 * zero position for new code. Be nice to ancient a.out
+	 * binaries and correct pos for anonymous mapping, since old
+	 * ld.so sometimes issues anonymous map requests with non-zero
+	 * pos.
+	 */
+	if (!SV_CURPROC_FLAG(SV_AOUT)) {
+		if ((uap->len == 0 && curproc->p_osrel >= P_OSREL_MAP_ANON) ||
+		    ((flags & MAP_ANON) != 0 && (uap->fd != -1 || pos != 0)))
+			return (EINVAL);
+	} else {
+		if ((flags & MAP_ANON) != 0)
+			pos = 0;
+	}
 
 	if (flags & MAP_STACK) {
 		if ((uap->fd != -1) ||
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20120811/6d451ab7/attachment.pgp

More information about the freebsd-hackers mailing list