From owner-freebsd-net@freebsd.org  Thu Apr  1 04:44:34 2021
Return-Path: <owner-freebsd-net@freebsd.org>
Delivered-To: freebsd-net@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8C4DC5BC147
 for <freebsd-net@mailman.nyi.freebsd.org>;
 Thu,  1 Apr 2021 04:44:34 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3])
 by mx1.freebsd.org (Postfix) with ESMTP id 4F9rFG3N3pz3M7R
 for <freebsd-net@freebsd.org>; Thu,  1 Apr 2021 04:44:34 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: by mailman.nyi.freebsd.org (Postfix)
 id 73D905BC191; Thu,  1 Apr 2021 04:44:34 +0000 (UTC)
Delivered-To: net@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 73A355BC05A
 for <net@mailman.nyi.freebsd.org>; Thu,  1 Apr 2021 04:44:34 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4F9rFG2m8Gz3M52
 for <net@FreeBSD.org>; Thu,  1 Apr 2021 04:44:34 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
 [IPv6:2610:1c1:1:606c::50:1d])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 51F9426346
 for <net@FreeBSD.org>; Thu,  1 Apr 2021 04:44:34 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
 by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 1314iYQq030463
 for <net@FreeBSD.org>; Thu, 1 Apr 2021 04:44:34 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
 by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 1314iYHd030462
 for net@FreeBSD.org; Thu, 1 Apr 2021 04:44:34 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to
 bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 254623] traceroute6: ICMP6 no longer works due to
 Capsicum'ization: data too short (-1 bytes) from invalid
Date: Thu, 01 Apr 2021 04:44:34 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: bin
X-Bugzilla-Version: 13.0-STABLE
X-Bugzilla-Keywords: needs-qa, regression
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: zlei.huang@gmail.com
X-Bugzilla-Status: Open
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: markj@FreeBSD.org
X-Bugzilla-Flags: maintainer-feedback? mfc-stable13?
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-254623-7501-XY65HS5btR@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-254623-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-254623-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Apr 2021 04:44:34 -0000

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D254623

--- Comment #7 from Zhenlei Huang <zlei.huang@gmail.com> ---
(In reply to Mark Johnston from comment #6)
The patch D29523 works greatly :)

I do not have a FreeBSD phabricator account, and just registered one and the
account is not approved yet. So I comment directly here.

Summary from review D29523:
> For ICMP6 we were using the same socket for both, and we limited rights
on the socket such that it's impossible to receive anything.

At first glance it seems the regression was due to no sufficient rights on
receiving socket, and I tried setting CAP_RECV on the receiving socket with=
out
luck, I also tried disabling capsicum entirely and it behaves the same. So =
the
root cause is not no sufficient rights on receiving socket.=20

Limit rights on the recv socket is great :)

PS, man of cap_rights_limit gives an example entering capability mode before
limiting rights. I tried setting CAP_RECV on recv socket after entering
capability mode it also works greatly :-)  I'm not familiar with capsicum a=
nd
it's pleasant if someone clarify this.

--=20
You are receiving this mail because:
You are on the CC list for the bug.=