Date: Wed, 14 Feb 2024 21:53:53 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 277057] rights(4): Not all rights may be specified in a rights mask Message-ID: <bug-277057-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D277057 Bug ID: 277057 Summary: rights(4): Not all rights may be specified in a rights mask Product: Base System Version: 15.0-CURRENT Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: bin Assignee: bugs@FreeBSD.org Reporter: asomers@FreeBSD.org rights(4) says: The following rights may be specified in a rights mask: and proceeds to list most of the CAP_* rights, excluding only the UNUSED on= es and the some of compounds (like CAP_SOCK_CLIENT). And software does use th= em that way, for example: bin/cat/cat.c 144: cap_rights_init(&rights, CAP_READ | CAP_FSTAT | CAP_FCNTL | CAP_SEEK), However, not all rights may be specified in a mask together. It appears, f= rom testing, that only rights whose index is 0 may be ORed with other rights wh= ose index is 0, and similarly for index 1. Attempting to violate this rule will trigger an assertion and abort the program: Assertion failed: (i >=3D 0), function cap_rights_vset, file /usr/home/somers/src/freebsd.org/src/sys/kern/subr_capability.c, line 188. Process with PID 3539 exited with signal 6 and dumped core; attempting to gather stack trace [New LWP 100728] Core was generated by `/usr/tests/sys/capsicum/rights -vdisks=3D/dev/vtbd1 /dev/vtbd2 /dev/vtbd3 /dev/vtb'. Program terminated with signal SIGABRT, Aborted. Sent by thr_kill() from pid 3539 and user 1000. #0 thr_kill () at thr_kill.S:4 4 RSYSCALL(thr_kill) #0 thr_kill () at thr_kill.S:4 #1 0x00003199593035d4 in __raise (s=3Ds@entry=3D6) at /usr/home/somers/src/freebsd.org/src/lib/libc/gen/raise.c:48 #2 0x00003199593b6999 in abort () at /usr/home/somers/src/freebsd.org/src/lib/libc/stdlib/abort.c:61 #3 0x00003199592e68a1 in __assert (func=3D<optimized out>, file=3D<optimiz= ed out>, line=3Dline@entry=3D188, failedexpr=3D<optimized out>) at /usr/home/somers/src/freebsd.org/src/lib/libc/gen/assert.c:47 #4 0x00003199593a93d0 in cap_rights_vset (rights=3Drights@entry=3D0x319957= 5d8c20, ap=3Dap@entry=3D0x3199575d8bc0) at /usr/home/somers/src/freebsd.org/src/sys/kern/subr_capability.c:188 #5 0x00003199593a9274 in __cap_rights_init (version=3Dversion@entry=3D0, rights=3Drights@entry=3D0x3199575d8c20) at /usr/home/somers/src/freebsd.org/src/sys/kern/subr_capability.c:260 #6 0x00003191372b3640 in atfu_orable_01_body (tc=3D<optimized out>) at /usr/home/somers/src/freebsd.org/src/tests/sys/capsicum/rights.c:142 #7 0x0000319958eccff7 in atf_tc_run (tc=3D0x3191372b5bf0 <atfu_orable_01_t= c>, resfile=3D<optimized out>) at /usr/home/somers/src/freebsd.org/src/contrib/atf/atf-c/tc.c:1054 #8 0x0000319958ecf0de in atf_tp_run (tp=3Dtp@entry=3D0x3199575d90e8, tcname=3Dtcname@entry=3D0x37fd6da09020 "orable_01", resfile=3D0x6 <error: C= annot access memory at address 0x6>) at /usr/home/somers/src/freebsd.org/src/contrib/atf/atf-c/tp.c:201 #9 0x0000319958ecfaae in run_tc (tp=3D0x3199575d90e8, p=3D0x3199575d9100, exitcode=3D<optimized out>) at /usr/home/somers/src/freebsd.org/src/contrib/atf/atf-c/detail/tp_main.c:504 #10 controlled_main (argc=3D5, argv=3D<optimized out>, add_tcs_hook=3D0x319= 1372b30a0 <atfu_tp_add_tcs>, exitcode=3D<optimized out>) at /usr/home/somers/src/freebsd.org/src/contrib/atf/atf-c/detail/tp_main.c:574 #11 atf_tp_main (argc=3D5, argv=3D<optimized out>, add_tcs_hook=3D0x3191372= b30a0 <atfu_tp_add_tcs>) at /usr/home/somers/src/freebsd.org/src/contrib/atf/atf-c/detail/tp_main.c:604 #12 0x00003199592d806a in __libc_start1 (argc=3D5, argv=3D0x3199575da1b0, env=3D0x3199575da1e0, cleanup=3D<optimized out>, mainX=3D0x3191372b3080 <ma= in>) at /usr/home/somers/src/freebsd.org/src/lib/libc/csu/libc_start1.c:157 #13 0x00003191372b2ffd in _start () at /usr/home/somers/src/freebsd.org/src/lib/csu/amd64/crt1_s.S:83 --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-277057-227>