From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/9819 Path: news.gmane.org!not-for-mail From: Josiah Worcester Newsgroups: gmane.linux.lib.musl.general Subject: Re: AS-safe change for multithreaded setxid breaks chroot() along with set*id() Date: Fri, 01 Apr 2016 20:28:48 +0000 Message-ID: References: <20160401202249.GB961@lalala> Reply-To: musl@lists.openwall.com NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: multipart/alternative; boundary=94eb2c08fa667cfae5052f723a4a X-Trace: ger.gmane.org 1459542564 18585 80.91.229.3 (1 Apr 2016 20:29:24 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Fri, 1 Apr 2016 20:29:24 +0000 (UTC) To: musl@lists.openwall.com Original-X-From: musl-return-9832-gllmg-musl=m.gmane.org@lists.openwall.com Fri Apr 01 22:29:13 2016 Return-path: Envelope-to: gllmg-musl@m.gmane.org Original-Received: from mother.openwall.net ([195.42.179.200]) by plane.gmane.org with smtp (Exim 4.69) (envelope-from ) id 1am5gt-0005x1-Q2 for gllmg-musl@m.gmane.org; Fri, 01 Apr 2016 22:29:11 +0200 Original-Received: (qmail 11862 invoked by uid 550); 1 Apr 2016 20:29:09 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Original-Received: (qmail 11840 invoked from network); 1 Apr 2016 20:29:09 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=vlakQP/08dsP1K5FtOSoI8O5WJGsJH5fqF5RQbiTADk=; b=xzIR7cmkv39G57o3G51/kXc+TIfVcQtG1aiKElxJF2apb5WkMiogtNs3AbnJ4uURHe pXLjvELs+JLIoQ7HBJxcwaLToO6KT9VK9WTuWSfCUYE2MA9n2JG63RDEkj5F+2QCi886 b2bVwxpII4cVYn2g4fk/im+FMr7CMHMQ4+x7VT1xQV+OSyrJvA5hfNirodwGdXD6PToF 9QCS1ovEjBO8KWGXXOOK4E67kt6o9Q+a8ySYUsvtt5p4zvpNjlHFDANlIvo9s6wbAVN9 DIofLJqVWwTsTM08JlgnPmuLyVkc/hP5Y5xJXQcVWLP9gn69WHyC/Q4fY0trYiA1Ov4R 2OuQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=vlakQP/08dsP1K5FtOSoI8O5WJGsJH5fqF5RQbiTADk=; b=MzUBo8iPa6LLO6+mnxrolOrRvSE48QzUjCeD/NKJo8gW8ZiZwdxdHbdV+p7HHgEiSp ZfkJpaUhO7Lm9bqnOCPNH0UDolER97L+ayreukjw1HOL61+PE9uEtu6MPL+Dh5tNs3tG cAeUmeJbdkkzZBODD4rV5z6Z1ZGwl07G8nmwiJjRRjO3NkQVAPJObNbXiZTAKfCpZXD/ yJtp41kn0AAYEVxlmA7AddMV+Osajpt/Q3FvGmT6Zfjj7Mt2/n9DpCT5mMyuOMQkbY7Q TyEnAV0O6iv/KNl+jZv9RoPIAceof5RNd5lzIOC5bJQQXc1JtZXp2myMAIH9L7Ovd3e/ 7I7g== X-Gm-Message-State: AD7BkJLFgiUsBvFNrWjK5ljnnRadVXkEm/ew8OiDDDgN+rRvI6oPxR3+TuWshLnd/Bhpc0+1BwJjYKwHRLrI4A== X-Received: by 10.202.240.68 with SMTP id o65mr4053672oih.0.1459542537596; Fri, 01 Apr 2016 13:28:57 -0700 (PDT) In-Reply-To: <20160401202249.GB961@lalala> Xref: news.gmane.org gmane.linux.lib.musl.general:9819 Archived-At: --94eb2c08fa667cfae5052f723a4a Content-Type: text/plain; charset=UTF-8 On Fri, Apr 1, 2016 at 1:23 PM Lance Chen wrote: > Hello there, > > I have been trying to run powerdns on Alpine Linux, which features musl, > without success. It turns out that the AS-safe strategy introduced in > the patch > > http://git.musl-libc.org/cgit/musl/commit/?id=78a8ef47c4d92b7680c52a85f80a81e29da86bb9 > , > especially the use of reading /proc/self/task, causes the failure. The > failure condition is a combination of three features, pthread, chroot, > and set*id. After chroot()'ing to some directory, calling set*id() will > try to access /proc/self/task, and fail to find the directory in the new > root. I've created a minimal POC at > https://gist.github.com/Lance0312/c7a82793e35b322bfbdfe96b79dd3152. > > A fairly simple fix for this would be to create and mount /proc in the chroot. This is likely to be needed for some other interfaces in libc as well as other libraries and utilities, because there's functionality of Linux which is only really exposed in that filesystem. I don't know of anything in particular that would fail on glibc, but I am confident that you'll have issues, just like if you don't have /dev in the chroot. --94eb2c08fa667cfae5052f723a4a Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
On Fri, Apr 1,= 2016 at 1:23 PM Lance Chen <cyen0= 312@gmail.com> wrote:
Hello = there,

I have been trying to run powerdns on Alpine Linux, which features musl, without success. It turns out that the AS-safe strategy introduced in
the patch
http://git.m= usl-libc.org/cgit/musl/commit/?id=3D78a8ef47c4d92b7680c52a85f80a81e29da86bb= 9,
especially the use of reading /proc/self/task, causes the failure. The
failure condition is a combination of three features, pthread, chroot,
and set*id. After chroot()'ing to some directory, calling set*id() will=
try to access /proc/self/task, and fail to find the directory in the new root. I've created a minimal POC at
https://gist.github.com/Lance0312/= c7a82793e35b322bfbdfe96b79dd3152.
=C2=A0

A fairly simple fix fo= r this would be to create and mount /proc in the chroot. This is likely to = be needed for some other interfaces in libc as well as other libraries and = utilities, because there's functionality of Linux which is only really = exposed in that filesystem. I don't know of anything in particular that= would fail on glibc, but I am confident that you'll have issues, just = like if you don't have /dev in the chroot.=C2=A0
--94eb2c08fa667cfae5052f723a4a--