NetBSD Problem Report #53387

From www@NetBSD.org  Wed Jun 20 16:35:26 2018
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
	by mollari.NetBSD.org (Postfix) with ESMTPS id D33E97A14E
	for <gnats-bugs@gnats.NetBSD.org>; Wed, 20 Jun 2018 16:35:25 +0000 (UTC)
Message-Id: <20180620163524.ABB967A279@mollari.NetBSD.org>
Date: Wed, 20 Jun 2018 16:35:24 +0000 (UTC)
From: mayuresh@acm.org
Reply-To: mayuresh@acm.org
To: gnats-bugs@NetBSD.org
Subject: security/p11-kit getauxval related issues on arm
X-Send-Pr-Version: www-1.0

>Number:         53387
>Category:       pkg
>Synopsis:       security/p11-kit getauxval related issues on arm
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    pkg-manager
>State:          feedback
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Jun 20 16:40:00 +0000 2018
>Closed-Date:    
>Last-Modified:  Tue Nov 20 07:35:00 +0000 2018
>Originator:     Mayuresh
>Release:        pkgsrc current
>Organization:
>Environment:
NetBSD pi 8.0_RC1 NetBSD 8.0_RC1 (RPI2) #0: Sun Jun 17 16:30:05 IST 2018  root@pi:/usr/src/sys/arch/evbarm/compile/RPI2 evbarm

>Description:
The issue came to light with graphics/sane-backends program scanimage causing core dump on evbarm

assertion "type == AT_SECURE" failed: file "common/compat.c", line 801,
function "getauxval"
[1]   Abort trap (core dumped) scanimage

Reported in this thread
http://mail-index.netbsd.org/netbsd-users/2018/06/17/msg020956.html

Further analysis led to a potential bug in p11-kit
http://mail-index.netbsd.org/netbsd-users/2018/06/20/msg020981.html
>How-To-Repeat:
Build and run scanimage (graphics/sane-backends) on evbarm
>Fix:
Not known, but there are views on cited threads above.

>Release-Note:

>Audit-Trail:
From: "Tobias Nygren" <tnn@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/53387 CVS commit: pkgsrc/security/p11-kit
Date: Sun, 2 Sep 2018 07:49:51 +0000

 Module Name:	pkgsrc
 Committed By:	tnn
 Date:		Sun Sep  2 07:49:51 UTC 2018

 Modified Files:
 	pkgsrc/security/p11-kit: Makefile distinfo
 	pkgsrc/security/p11-kit/patches: patch-common_compat.c

 Log Message:
 p11-kit: Hide getauxval(). PR pkg/53387 (related to port-arm/53386)


 To generate a diff of this commit:
 cvs rdiff -u -r1.10 -r1.11 pkgsrc/security/p11-kit/Makefile
 cvs rdiff -u -r1.7 -r1.8 pkgsrc/security/p11-kit/distinfo
 cvs rdiff -u -r1.1 -r1.2 \
     pkgsrc/security/p11-kit/patches/patch-common_compat.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

State-Changed-From-To: open->closed
State-Changed-By: tnn@NetBSD.org
State-Changed-When: Sun, 02 Sep 2018 07:52:24 +0000
State-Changed-Why:
fixed


From: Patrick Welche <prlw1@cam.ac.uk>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: pkg/53387 (security/p11-kit getauxval related issues on arm)
Date: Fri, 7 Sep 2018 10:15:34 +0100

 In https://github.com/p11-glue/p11-kit/issues/192#issuecomment-419363073
 Daiki Ueno comments:

   We have the following snippet in p11-kit/Makefile.am:
 ```
   libp11_kit_la_LDFLAGS = \
           -no-undefined \
           -version-info $(P11KIT_LT_RELEASE) \
           -export-symbols-regex '^C_GetFunctionList|^p11_kit_'
 ```
   which reads that only functions matching the regex should be exported.

   Are you sure that `getauxval()` is exported from libp11-kit.so (try `nm -g
   <path-to>/libp11-kit.so)?


 Possibly a pkgsrc libtool problem instead?

State-Changed-From-To: closed->feedback
State-Changed-By: prlw1@NetBSD.org
State-Changed-When: Fri, 07 Sep 2018 09:23:21 +0000
State-Changed-Why:
Question arose when trying to get patch applied upstream.


From: "Maya Rashish" <maya@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/53387 CVS commit: src/crypto/external/bsd/openssl/dist/crypto
Date: Tue, 20 Nov 2018 07:30:18 +0000

 Module Name:	src
 Committed By:	maya
 Date:		Tue Nov 20 07:30:18 UTC 2018

 Modified Files:
 	src/crypto/external/bsd/openssl/dist/crypto: armcap.c ppccap.c

 Log Message:
 Don't expose a getauxval symbol.

 The code already knows how to handle it, but it assumes anyone who uses
 GCC or clang might resolve the getauxval function to something eventually.

 The only time we will expose getauxval is if a package tries to substitute
 getauxval too, and then code will start having mysterious failures.

 getauxval is purely a linux function (as far as I can see), so limit it to
 that.

 PR pkg/53387, PR port-arm/53386


 To generate a diff of this commit:
 cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssl/dist/crypto/armcap.c
 cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssl/dist/crypto/ppccap.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

>Unformatted:

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.43 2018/01/16 07:36:43 maya Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2017 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.