qmail-smtp fork/clone not working with grsec ....
Posted: Fri Oct 14, 2005 4:46 amHi,
im not so familiar with grsec to get this one:
qmail-smtp straces on a crashing run:
read(0, "c2h1ZWxjayBhMjgyMWU4NTllOGM0NmU3"..., 1024) = 57
fcntl64(1, F_GETFL) = 0x8001 (flags O_WRONLY|O_LARGEFILE)
close(2) = 0
fcntl64(1, F_DUPFD, 2) = 2
close(3) = -1 EBADF (Bad file descriptor)
pipe([3, 4]) = 0
clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0xb1ffc928) = 749
--- SIGCHLD (Child exited) @ 0 (0) ---
close(3) = 0
write(4, "shuelck\0<30955.1129277012@/bin/c"..., 79) = -1 EPIPE (Broken pipe)
--- SIGPIPE (Broken pipe) @ 0 (0) ---
select(2, NULL, [1], NULL, {1200, 0}) = 1 (out [1], left {1200, 0})
write(1, "454 oops, unable to write pipe a"..., 58) = 58
select(1, [0], NULL, NULL, {1200, 0} <unfinished ...>
qmail-smtp straces on a working run:
read(0, "c2h1ZWxjayBhMjgyMWU4NTllOGM0NmU3"..., 1024) = 57
fcntl64(1, F_GETFL) = 0x8002 (flags O_RDWR|O_LARGEFILE)
close(2) = 0
fcntl64(1, F_DUPFD, 2) = 2
close(3) = -1 EBADF (Bad file descriptor)
pipe([3, 4]) = 0
clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0xb7e71708) = 5968
close(3) = 0
write(4, "shuelck\0<5917.1129279564@/bin/ch"..., 78) = 78
close(4) = 0
waitpid(5968, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0) = 5968
--- SIGCHLD (Child exited) @ 0 (0) ---
select(2, NULL, [1], NULL, {1200, 0}) = 1 (out [1], left {1200, 0})
write(1, "235 ok, go ahead (#2.0.0)\r\n", 27) = 27
select(1, [0], NULL, NULL, {1200, 0}) = ? ERESTARTNOHAND (To be restarted)
--- SIGINT (Interrupt) @ 0 (0) ---
+++ killed by SIGINT +++
i think the point is :
clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0xb7e71708)
why is that not working with grsec ??
source corresponding:
int authenticate(void)
{
int child;
int wstat;
int pi[2];
if (!stralloc_0(&user)) die_nomem();
if (!stralloc_0(&pass)) die_nomem();
if (!stralloc_0(&resp)) die_nomem();
if (fd_copy(2,1) == -1) return err_pipe();
close(3);
if (pipe(pi) == -1) return err_pipe();
if (pi[0] != 3) return err_pipe();
switch(child = fork()) {
case -1:
return err_fork();
case 0:
close(pi[1]);
sig_pipedefault();
execvp(*childargs, childargs);
_exit(1);
}
close(pi[0]);
substdio_fdbuf(&ssup,write,pi[1],upbuf,sizeof upbuf);
if (substdio_put(&ssup,user.s,user.len) == -1) return err_write();
if (substdio_put(&ssup,pass.s,pass.len) == -1) return err_write();
if (substdio_put(&ssup,resp.s,resp.len) == -1) return err_write();
if (substdio_flush(&ssup) == -1) return err_write();
close(pi[1]);
byte_zero(pass.s,pass.len);
byte_zero(upbuf,sizeof upbuf);
if (wait_pid(&wstat,child) == -1) return err_child();
if (wait_crashed(wstat)) return err_child();
if (wait_exitcode(wstat)) { sleep(5); return 1; } /* no */
return 0; /* yes */
}
why is the cloning forking not working?
thanks for your help !
im not so familiar with grsec to get this one:
qmail-smtp straces on a crashing run:
read(0, "c2h1ZWxjayBhMjgyMWU4NTllOGM0NmU3"..., 1024) = 57
fcntl64(1, F_GETFL) = 0x8001 (flags O_WRONLY|O_LARGEFILE)
close(2) = 0
fcntl64(1, F_DUPFD, 2) = 2
close(3) = -1 EBADF (Bad file descriptor)
pipe([3, 4]) = 0
clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0xb1ffc928) = 749
--- SIGCHLD (Child exited) @ 0 (0) ---
close(3) = 0
write(4, "shuelck\0<30955.1129277012@/bin/c"..., 79) = -1 EPIPE (Broken pipe)
--- SIGPIPE (Broken pipe) @ 0 (0) ---
select(2, NULL, [1], NULL, {1200, 0}) = 1 (out [1], left {1200, 0})
write(1, "454 oops, unable to write pipe a"..., 58) = 58
select(1, [0], NULL, NULL, {1200, 0} <unfinished ...>
qmail-smtp straces on a working run:
read(0, "c2h1ZWxjayBhMjgyMWU4NTllOGM0NmU3"..., 1024) = 57
fcntl64(1, F_GETFL) = 0x8002 (flags O_RDWR|O_LARGEFILE)
close(2) = 0
fcntl64(1, F_DUPFD, 2) = 2
close(3) = -1 EBADF (Bad file descriptor)
pipe([3, 4]) = 0
clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0xb7e71708) = 5968
close(3) = 0
write(4, "shuelck\0<5917.1129279564@/bin/ch"..., 78) = 78
close(4) = 0
waitpid(5968, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0) = 5968
--- SIGCHLD (Child exited) @ 0 (0) ---
select(2, NULL, [1], NULL, {1200, 0}) = 1 (out [1], left {1200, 0})
write(1, "235 ok, go ahead (#2.0.0)\r\n", 27) = 27
select(1, [0], NULL, NULL, {1200, 0}) = ? ERESTARTNOHAND (To be restarted)
--- SIGINT (Interrupt) @ 0 (0) ---
+++ killed by SIGINT +++
i think the point is :
clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0xb7e71708)
why is that not working with grsec ??
source corresponding:
int authenticate(void)
{
int child;
int wstat;
int pi[2];
if (!stralloc_0(&user)) die_nomem();
if (!stralloc_0(&pass)) die_nomem();
if (!stralloc_0(&resp)) die_nomem();
if (fd_copy(2,1) == -1) return err_pipe();
close(3);
if (pipe(pi) == -1) return err_pipe();
if (pi[0] != 3) return err_pipe();
switch(child = fork()) {
case -1:
return err_fork();
case 0:
close(pi[1]);
sig_pipedefault();
execvp(*childargs, childargs);
_exit(1);
}
close(pi[0]);
substdio_fdbuf(&ssup,write,pi[1],upbuf,sizeof upbuf);
if (substdio_put(&ssup,user.s,user.len) == -1) return err_write();
if (substdio_put(&ssup,pass.s,pass.len) == -1) return err_write();
if (substdio_put(&ssup,resp.s,resp.len) == -1) return err_write();
if (substdio_flush(&ssup) == -1) return err_write();
close(pi[1]);
byte_zero(pass.s,pass.len);
byte_zero(upbuf,sizeof upbuf);
if (wait_pid(&wstat,child) == -1) return err_child();
if (wait_crashed(wstat)) return err_child();
if (wait_exitcode(wstat)) { sleep(5); return 1; } /* no */
return 0; /* yes */
}
why is the cloning forking not working?
thanks for your help !