From nobody Fri Oct 21 12:18:04 2022 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Mv3QR5th3z4gPZ2; Fri, 21 Oct 2022 12:18:07 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Mv3QR5PsCz3dVC; Fri, 21 Oct 2022 12:18:07 +0000 (UTC) (envelope-from kp@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1666354687; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=TWHWb2cBAb8BLCoC4FlDHS+NAXn3v62SLTi6S8ED2rc=; b=vNBpjgM7BQl7FiyNbU30Sy7e80HioNZ6d64RowSNDGNQz8t2mVILW8fF9H7gMQh3ErRBIj NyLHY/hiebcNRlLpdZshyzeMkxZIRt4BLZ+vVEdujBjXaJLMLPnM2tWqw9hdhf8VpdVH4g /9T2wfDC1vqPgWYgbv4D6LrAc+1FKIa+Tr4v/Wxw0r+f9U8LreO1fb839/1nnX2J+L4XI0 JYzIM/ET5RVJ5RnFDxPFaUdvJwcmhko6YCySjOZ7tgI68KvZnBNJQVR8kHjBLiHN2nQOZt UzXxNp2vIYD5D9ru3l2bEcVbK5GqbZJEpbVSMK3+/99DgoIjYV5TKs5qi/L76g== Received: from venus.codepro.be (venus.codepro.be [5.9.86.228]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mx1.codepro.be", Issuer "R3" (verified OK)) (Authenticated sender: kp) by smtp.freebsd.org (Postfix) with ESMTPSA id 4Mv3QR38rSzZGM; Fri, 21 Oct 2022 12:18:07 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: by venus.codepro.be (Postfix, authenticated sender kp) id 65BFD33D14; Fri, 21 Oct 2022 14:18:05 +0200 (CEST) From: Kristof Provost To: Konstantin Belousov Cc: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: Re: git: 9cabef3d146e - main - ldd: use direct exec mode unconditionally Date: Fri, 21 Oct 2022 14:18:04 +0200 X-Mailer: MailMate (1.14r5918) Message-ID: <7F982005-246F-4607-A17B-08C81CE65E0B@FreeBSD.org> In-Reply-To: <202210061550.296FoVrm088661@gitrepo.freebsd.org> References: <202210061550.296FoVrm088661@gitrepo.freebsd.org> List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="=_MailMate_88700A08-8CCC-47D7-900A-A7F6C692E0FB_=" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1666354687; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=TWHWb2cBAb8BLCoC4FlDHS+NAXn3v62SLTi6S8ED2rc=; b=ueiwuVBWS+NWsTTGTuTtpgbIO/OzY0VrKWQ89TwtZjDuROdqTD6s2mOX7IFg0DtA1oeufN eRIoCgSsQBtciCzGgKfTdPJTnTZM23n2C/B5v6U5FsQ/JhVCoBY3qdROC91nWfuNGluqhQ AOz+zjmhTUoORk2Ajae1B53cJJ3YeSKcKo+yyoCb6jKRYsPBtEcv0ZY2dxdgMDp19CPg6J awAIIeI9rJCc65pACVdx0M24c0TvwHCBnXcGdDHeUxJmO0mZLf7e6kN8LF1LtC2hEVlXlN ztFR/T3Zru+ojTV5cc7SLxmX2NUmF0MUvVr4tskFWT6JD2lx4YjTowMpV54oVQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1666354687; a=rsa-sha256; cv=none; b=CsI5giGTaiUe4IW+ruwle+8juN74sxtrqLHB4lYYp13cVaTMba8sCBcyzHnxqhl2cUELgN D394KUFx4Yz1F/SHBFLEfgadgvekoEuDhC5I/5We7njDCoz5fJ+rUtc0WEE12wcCi6cv6d vntrJxEuHSoDwd2QGSbgTpMCLwTDiaMVRHuwF7bUvdvs2wD4GR8HjEQwy1C+vvaz1Op8NK DD/O/qjwYso0omCpHadeZXmkcM9oW7C9IFo68FysY1FAicThJOxNlPEHlEmiYty7KWJZ/f 6GVg1yWLAyhSBJbB4NsrPKy74N42DBmdsGoRkntuehGaq02PTnMHsfxnZXaU0g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N --=_MailMate_88700A08-8CCC-47D7-900A-A7F6C692E0FB_= Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable On 6 Oct 2022, at 17:50, Konstantin Belousov wrote: > The branch main has been updated by kib: > > URL: = > https://cgit.FreeBSD.org/src/commit/?id=3D9cabef3d146e9a844813b6bc8952d= 6cf2e9d45e5 > > commit 9cabef3d146e9a844813b6bc8952d6cf2e9d45e5 > Author: Konstantin Belousov > AuthorDate: 2022-09-21 13:55:44 +0000 > Commit: Konstantin Belousov > CommitDate: 2022-10-06 15:50:26 +0000 > > ldd: use direct exec mode unconditionally > > Trying to exec malformed or unusual binary, for instance, a = > non-FreeBSD > ABI, or using a non-standard interpreter, might give unexpected = > outcome. > > Reported by: The UK's National Cyber Security Centre (NCSC) > Reviewed by: emaste, markj, philip > Discussed with: jhb > Sponsored by: The FreeBSD Foundation > admbug: 991 > PR: 127276, 175339, 231926 > MFC after: 1 week > Differential revision: https://reviews.freebsd.org/D36650 > This appears to break things for armv7 (running on aarch64). This manifests while building pfsense (for 3100 / armv7), which we do on = an aarch64 vm (to avoid having to deal with qemu, and because it=E2=80=99= s = faster). During that build a couple ports fail to build, including = databases/sqlite3. It fails running `/usr/bin/ldd -a = "/wrkdirs/usr/ports/databases/sqlite3/work-default/stage/usr/local/bin/sq= lite3" = "/wrkdirs/usr/ports/databases/sqlite3/work-default/stage/usr/local/lib/li= bsqlite3.so=E2=80=9D`, = which produces: ld-elf.so.1: = /wrkdirs/usr/ports/databases/sqlite3/work-default/stage/usr/local/bin/sql= ite3: = mmap of entire address space failed: Cannot allocate memory /wrkdirs/usr/ports/databases/sqlite3/work-default/stage/usr/local/bin/sq= lite3: = exit status 1 That fails doing the `mapbase =3D mmap(base_addr, mapsize, PROT_NONE, = base_flags, -1, 0);` call in rtld-elf=E2=80=99s map_object():217. That ca= ll = does `mmap(0x10000, 0x1dc000, PROT_NONE, 0x6010, -1, 0) =3D> 0xffffffff`.= With this patch reverted we can build successfully. Best regards, Kristof --=_MailMate_88700A08-8CCC-47D7-900A-A7F6C692E0FB_= Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

On 6 Oct 2022, at 17:50, Konstantin Belousov wrote:

The branch main has been updated by= kib:

URL: https://cgit.FreeBSD.org/src/co= mmit/?id=3D9cabef3d146e9a844813b6bc8952d6cf2e9d45e5

commit 9cabef3d146e9a844813b6bc8952d6cf2e9d45e5
Author: Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2022-09-21 13:55:44 +0000
Commit: Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2022-10-06 15:50:26 +0000

ldd: use direct exec mode unconditionally

Trying to exec malformed or unusual binary, for insta= nce, a non-FreeBSD
ABI, or using a non-standard interpreter, might give unexpected outco= me.

Reported by: The UK's National Cyber Security Cent= re (NCSC)
Reviewed by: emaste, markj, philip
Discussed with: jhb
Sponsored by: The FreeBSD Foundation
admbug: 991
PR: 127276, 175339, 231926
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D36650


This appears to break things for armv7 (running on aarch6= 4).

This manifests while building pfsense (for 3100 / armv7),= which we do on an aarch64 vm (to avoid having to deal with qemu, and bec= ause it=E2=80=99s faster).

During that build a couple ports fail to build, including= databases/sqlite3.
It fails running /usr/bin/ldd -a "/wrkdirs/usr/ports/databases/sqlite3/work-def= ault/stage/usr/local/bin/sqlite3" "/wrkdirs/usr/ports/databases= /sqlite3/work-default/stage/usr/local/lib/libsqlite3.so=E2=80=9D, = which produces:

ld=
-elf.so.1: /wrkdirs/usr/ports/databases/sqlite3/work-default/stage/usr/lo=
cal/bin/sqlite3: mmap of entire address space failed: Cannot allocate mem=
ory
/wrkdirs/usr/ports/databases/sqlite3/work-default/stage/usr/local/bin/sql=
ite3: exit status 1

That fails doing the mapbase =3D mmap(base_addr, mapsize, PROT_NONE,= base_flags, -1, 0); call in rtld-elf=E2=80=99s map_object():217. = That call does mmap(0x10000, 0x1dc000, PROT_NONE, 0x6010, -1, 0) =3D> 0xffffffff<= /code>.

With this patch reverted we can build successfully.

Best regards,
Kristof

--=_MailMate_88700A08-8CCC-47D7-900A-A7F6C692E0FB_=--