Date: Wed, 10 Jun 2009 18:26:31 +0200 From: Ed Schouten <ed@80386.nl> To: Jilles Tjoelker <jilles@stack.nl> Cc: Jille Timmermans <jille@quis.cx>, FreeBSD Current <current@freebsd.org> Subject: Re: panic: oof, we didn't get our fd while playing with devfs(8) and jails Message-ID: <20090610162631.GP48776@hoeg.nl> In-Reply-To: <20090609211621.GA24874@stack.nl> References: <4A2D62B6.9080207@quis.cx> <20090609211621.GA24874@stack.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
--drkdbItNQN0oJM6x Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hey Jilles, * Jilles Tjoelker <jilles@stack.nl> wrote: > This KASSERT may happen if you execute a setuid/setgid program with one > or more of fd 0, 1, 2 closed, and you cannot open /dev/null (e.g. not > present, bad permissions). The assertion checks td->td_retval[0] even if > kern_open() failed. After that, if td->td_retval[0] happened to be equal > to the expected value or INVARIANTS was disabled, the function checks if > kern_open() failed. If so, it returns an error which eventually causes > "whoops, no process anymore" process termination in do_execve() (appears > as SIGABRT). Too bad we don't have some kind of global nullfd that we could just dup everywhere. I really don't like the way how we depend on certain pathnames within the kernel. --=20 Ed Schouten <ed@80386.nl> WWW: http://80386.nl/ --drkdbItNQN0oJM6x Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iEYEARECAAYFAkov3rcACgkQ52SDGA2eCwWrygCfdwaVTlwcq5LuvJgtqlgdIdaV NDgAnjaV9zB+rwwWHLIM00iP8gxieFS0 =QvVN -----END PGP SIGNATURE----- --drkdbItNQN0oJM6x--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090610162631.GP48776>