ktrace/kdump give incorrect message on unlinkat() failure due to capabilities
Ryan Stone
rysto32 at gmail.com
Sun Sep 22 00:44:11 UTC 2019
I have written a short test program that runs unlinkat(2) in
capability mode and fails due to not having the write capabilities:
https://people.freebsd.org/~rstone/src/unlink.c
If I run the binary under ktrace and look at the kdump output, it
gives the following incorrect output:
43775 unlink CALL unlinkat(0x3,0x7fffffffe995,0)
43775 unlink NAMI "from.QAUlAA0"
43775 unlink CAP operation requires CAP_LOOKUP, descriptor holds CAP_LOOKUP
43775 unlink RET unlinkat -1 errno 93 Capabilities insufficient
The message should instead say that the operation requires
CAP_UNLINKAT. Looking at sys/capsicum.h, I suspect that the problem
is related to the strange definition of CAP_UNLINKAT:
#define CAP_UNLINKAT (CAP_LOOKUP | 0x0000000010000000ULL)
I have observed the same problem with renameat(2) and
CAP_RENAMEAT_SOURCE and CAP_RENAMEAT_TARGET:
https://people.freebsd.org/~rstone/src/rename.c
More information about the freebsd-current
mailing list