2.6.18-mm1 violates sandbox feature on linux distribution
Michael Rasenberger
Hash: SHA1
Hello,
when building external kernel module on gentoo linux distribution,
2.6.18-mm1 violates gentoo's sandbox feature due to file creation in
"as-instr" test in scripts/Kbuild.include. (AFAIK due to removal of
revert-x86_64-mm-detect-cfi.patch)
It probably also happens with other external built kernel modules on
gentoo and maybe with other distros using some kind of sandbox for
package installation.
Regards
Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFGr4OC0GEtIi2MlcRAkZzAJ0dJQr8TCZPwJqxLPBb8sTCieAEvgCffotW
rVnYUm7rljLJQEycEO6A2/I=
=Z5ti
-----END PGP SIGNATURE-----
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majo...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Sam Ravnborg
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello,
>
> when building external kernel module on gentoo linux distribution,
> 2.6.18-mm1 violates gentoo's sandbox feature due to file creation in
> "as-instr" test in scripts/Kbuild.include. (AFAIK due to removal of
> revert-x86_64-mm-detect-cfi.patch)
Can you point to to some description of this sandbox feature.
The error you point out looks pretty generic and should happen
in several places - so I need to understand what problem I shall
fix before trying to fix it.
The point is that we have other places where we create temporary files
so this should not be the only issue.
Sam
Mark Knecht
> On Wed, Sep 27, 2006 at 06:08:14PM +0000, Michael Rasenberger wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Hello,
> >
> > when building external kernel module on gentoo linux distribution,
> > 2.6.18-mm1 violates gentoo's sandbox feature due to file creation in
> > "as-instr" test in scripts/Kbuild.include. (AFAIK due to removal of
> > revert-x86_64-mm-detect-cfi.patch)
>
> Can you point to to some description of this sandbox feature.
> The error you point out looks pretty generic and should happen
> in several places - so I need to understand what problem I shall
> fix before trying to fix it.
>
> The point is that we have other places where we create temporary files
> so this should not be the only issue.
>
> Sam
Hi,
Some generic info supplied to folks who debug for Gentoo.
http://bugday.gentoo.org/sandbox.html
Hope this helps,
Mark
Michael Rasenberger
Hash: SHA1
Hello,
maybe this helps: http://bugday.gentoo.org/sandbox.html.
Basically the sandbox is a kind of security mechanism that prevents
files from being created outside a specific directory during package
installation phases (unpacking, compiling ..).
If the package uses KBuild to make a kernel module the sandbox is
triggered under 2.6.18-mm1 because of the temporary file creation in the
kernel directory.
Of course this feature can be bypassed (e.g. disable sandbox), but if
there is a way to do these tests without file creation it would be much
more consistent. Btw. is there a reason for creating the file? AFAICS
there is not test performed on it?
I have to admit that due to the nature of -mm of being a testbed this is
not a critical issue.
Michael
Sam Ravnborg wrote:
> On Wed, Sep 27, 2006 at 06:08:14PM +0000, Michael Rasenberger wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Hello,
>>
>> when building external kernel module on gentoo linux distribution,
>> 2.6.18-mm1 violates gentoo's sandbox feature due to file creation in
>> "as-instr" test in scripts/Kbuild.include. (AFAIK due to removal of
>> revert-x86_64-mm-detect-cfi.patch)
>
> Can you point to to some description of this sandbox feature.
> The error you point out looks pretty generic and should happen
> in several places - so I need to understand what problem I shall
> fix before trying to fix it.
>
> The point is that we have other places where we create temporary files
> so this should not be the only issue.
>
> Sam
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFIN4sC0GEtIi2MlcRAvrwAJ9fXuyfdd6DlpHlzZf0ndKC3WCFmQCfQ3to
E5BMlencOsGm/KMYADYp91A=
=n6sF
-----END PGP SIGNATURE-----
Daniel Drake
> Can you point to to some description of this sandbox feature.
> The error you point out looks pretty generic and should happen
> in several places - so I need to understand what problem I shall
> fix before trying to fix it.
It's basically a runtime linker hack (LD_PRELOAD?) which limits a
processes access to files to a certain portion of the filesystem. In
Gentoo's package compilation system, the compile processes are limited
in that they can only write to /var/tmp/portage/<packagename>
Writes onto other parts of the filesystem will cause the whole process
to bail out. Reads are OK. Compilation happens in
/var/tmp/portage/<packagename>/work and then installation happens in
/var/tmp/portage/<packagename>/image. When that is done, the package
manager moves the contents of image onto the real system (with sandbox
obviously disabled at this point).
> The point is that we have other places where we create temporary files
> so this should not be the only issue.
It should be noted that this issue is only related to compiling external
modules through kbuild. Actual kernel compilation is not done in the
sandbox.
If these other places have been introduced in 2.6.19 then yes there may
be other issues. However, this sandboxed module compilation system has
been working flawlessly for a long time now, so either those other
places don't matter or those build-paths simply don't happen in the
common cases.
This is a bigger problem for us now that this change has gone into
Linus' tree. Would you accept a patch to make this output to /dev/null
like many of the other toolchain checks do?
Thanks,
Daniel