Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 932445 - sys-apps/busybox with KBUILD_OUTPUT resulting in sandbox violation error
Summary: sys-apps/busybox with KBUILD_OUTPUT resulting in sandbox violation error
Status: UNCONFIRMED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Embedded Gentoo Team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2024-05-22 09:06 UTC by Zyion Prayan
Modified: 2024-06-23 07:03 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Zyion Prayan 2024-05-22 09:06:04 UTC 
Setting KBUILD_OUTPUT=/usr/src/linux.build in make.conf result in sandbox violation when emerging sys-apps/busybox.

Reproducible: Always

Steps to Reproduce:
1. Set KBUILD_OUTPUT=/usr/src/linux.build in make.conf (so kernel source directory is pristine, manually compile kernel the old fashion way in KBUILD_OUTPUT=/usr/src/linux.build)
2. emerge -v sys-apps/busybox
3. observe sandbox violation
Actual Results:  
emerge -1v busybox output:

>>> Emerging (1 of 1) sys-apps/busybox-1.36.1-r2::gentoo
 * busybox-1.36.1.tar.bz2 BLAKE2B SHA512 size ;-) ...                                                                                                              [ ok ]
>>> Unpacking source...
>>> Unpacking busybox-1.36.1.tar.bz2 to /var/tmp/portage/sys-apps/busybox-1.36.1-r2/work
>>> Source unpacked in /var/tmp/portage/sys-apps/busybox-1.36.1-r2/work
>>> Preparing source in /var/tmp/portage/sys-apps/busybox-1.36.1-r2/work/busybox-1.36.1 ...
 * Applying busybox-1.26.2-bb.patch ...
patching file shell/ash.c
Hunk #1 succeeded at 164 with fuzz 2 (offset 20 lines).
Hunk #2 succeeded at 8268 (offset 694 lines).
patching file shell/hush.c
Hunk #1 succeeded at 329 with fuzz 2 (offset 108 lines).
Hunk #2 succeeded at 7516 (offset 1441 lines).
Hunk #3 succeeded at 8742 (offset 1807 lines).                                                                                                                     [ ok ]
 * Applying busybox-1.34.1-skip-selinux-search.patch ...                                                                                                           [ ok ]
 * Applying busybox-1.36.0-fortify-source-3-fixdep.patch ...                                                                                                       [ ok ]
 * Applying busybox-1.36.1-kernel-6.8.patch ...
patching file networking/tc.c
Hunk #3 succeeded at 380 with fuzz 1.
Hunk #4 succeeded at 452 with fuzz 1.                                                                                                                              [ ok ]
>>> Source prepared.
>>> Configuring source in /var/tmp/portage/sys-apps/busybox-1.36.1-r2/work/busybox-1.36.1 ...
 * Could not locate user configfile, so we will save a default one
make -j5 V=1 CROSS_COMPILE=x86_64-pc-linux-gnu- AR=x86_64-pc-linux-gnu-ar CC=x86_64-pc-linux-gnu-gcc HOSTCC=x86_64-pc-linux-gnu-gcc 'HOSTCFLAGS=-march=native -O2 -pipe -D_FILE_OFFSET_BITS=64' PKG_CONFIG=x86_64-pc-linux-gnu-pkg-config -j1 allyesconfig SKIP_SELINUX=y
make -C /usr/src/linux.build \
KBUILD_SRC=/var/tmp/portage/sys-apps/busybox-1.36.1-r2/work/busybox-1.36.1 \
KBUILD_EXTMOD="" -f /var/tmp/portage/sys-apps/busybox-1.36.1-r2/work/busybox-1.36.1/Makefile allyesconfig
make -f /var/tmp/portage/sys-apps/busybox-1.36.1-r2/work/busybox-1.36.1/scripts/Makefile.build obj=scripts/basic
 * ACCESS DENIED:  fopen_wr:           /usr/src/linux.build/scripts/basic/.fixdep.d
/var/tmp/portage/sys-apps/busybox-1.36.1-r2/work/busybox-1.36.1/scripts/basic/fixdep.c:419:1: fatal error: opening dependency file scripts/basic/.fixdep.d: Permission denied
  419 | }
      | ^
compilation terminated.
make[2]: *** [scripts/Makefile.host:104: scripts/basic/fixdep] Error 1
make[1]: *** [/var/tmp/portage/sys-apps/busybox-1.36.1-r2/work/busybox-1.36.1/Makefile:357: scripts_basic] Error 2
make: *** [Makefile:112: allyesconfig] Error 2
 * ERROR: sys-apps/busybox-1.36.1-r2::gentoo failed (configure phase):
 *   emake failed
 *
 * If you need support, post the output of `emerge --info '=sys-apps/busybox-1.36.1-r2::gentoo'`,
 * the complete build log and the output of `emerge -pqv '=sys-apps/busybox-1.36.1-r2::gentoo'`.
 * The complete build log is located at '/var/tmp/portage/sys-apps/busybox-1.36.1-r2/temp/build.log'.
 * The ebuild environment file is located at '/var/tmp/portage/sys-apps/busybox-1.36.1-r2/temp/environment'.
 * Working directory: '/var/tmp/portage/sys-apps/busybox-1.36.1-r2/work/busybox-1.36.1'
 * S: '/var/tmp/portage/sys-apps/busybox-1.36.1-r2/work/busybox-1.36.1'
 * ----------------------- SANDBOX ACCESS VIOLATION SUMMARY -----------------------
 * LOG FILE: "/var/tmp/portage/sys-apps/busybox-1.36.1-r2/temp/sandbox.log"
 *
VERSION 1.0
FORMAT: F - Function called
FORMAT: S - Access Status
FORMAT: P - Path as passed to function
FORMAT: A - Absolute Path (not canonical)
FORMAT: R - Canonical Path
FORMAT: C - Command Line

F: fopen_wr
S: deny
P: scripts/basic/.fixdep.d
A: /usr/src/linux.build/scripts/basic/.fixdep.d
R: /usr/src/linux.build/scripts/basic/.fixdep.d
C: /usr/libexec/gcc/x86_64-pc-linux-gnu/13/cc1 -quiet -I scripts/basic -D _FILE_OFFSET_BITS=64 -MD scripts/basic/.fixdep.d /var/tmp/portage/sys-apps/busybox-1.36.1-r2/work/busybox-1.36.1/scripts/basic/fixdep.c -march=skylake -mmmx -mpopcnt -msse -msse2 -msse3 -mssse3 -msse4.1 -msse4.2 -mavx -mavx2 -mno-sse4a -mno-fma4 -mno-xop -mfma -mno-avx512f -mbmi -mbmi2 -maes -mpclmul -mno-avx512vl -mno-avx512bw -mno-avx512dq -mno-avx512cd -mno-avx512er -mno-avx512pf -mno-avx512vbmi -mno-avx512ifma -mno-avx5124vnniw -mno-avx5124fmaps -mno-avx512vpopcntdq -mno-avx512vbmi2 -mno-gfni -mno-vpclmulqdq -mno-avx512vnni -mno-avx512bitalg -mno-avx512bf16 -mno-avx512vp2intersect -mno-3dnow -madx -mabm -mno-cldemote -mclflushopt -mno-clwb -mno-clzero -mcx16 -mno-enqcmd -mf16c -mfsgsbase -mfxsr -mno-hle -msahf -mno-lwp -mlzcnt -mmovbe -mno-movdir64b -mno-movdiri -mno-mwaitx -mno-pconfig -mno-pku -mno-prefetchwt1 -mprfchw -mno-ptwrite -mno-rdpid -mrdrnd -mrdseed -mno-rtm -mno-serialize -msgx -mno-sha -mno-shstk -mno-tbm -mno-tsxldtrk -mno-vaes -mno-waitpkg -mno-wbnoinvd -mxsave -mxsavec -mxsaveopt -mxsaves -mno-amx-tile -mno-amx-int8 -mno-amx-bf16 -mno-uintr -mno-hreset -mno-kl -mno-widekl -mno-avxvnni -mno-avx512fp16 -mno-avxifma -mno-avxvnniint8 -mno-avxneconvert -mno-cmpccxadd -mno-amx-fp16 -mno-prefetchi -mno-raoint -mno-amx-complex --param l1-cache-size=32 --param l1-cache-line-size=64 --param l2-cache-size=6144 -mtune=skylake -quiet -dumpdir scripts/basic/ -dumpbase fixdep.c -dumpbase-ext .c -O2 -fcf-protection -o -
 * --------------------------------------------------------------------------------

>>> Failed to emerge sys-apps/busybox-1.36.1-r2, Log file:
...


Expected Results:  
The resolution of bug #88088 already reset KBUILD_OUTPUT in src_compile and src_install.  Maybe ebuild should have reset KBUILD_OUTPUT in the src_configure stage too?
Comment 1 Peter Levine 2024-06-23 07:03:17 UTC 
KBUILD_OUTPUT appears to be set by KCONFIG on the first call to make, which is in src_configure().  In commit https://gitweb.gentoo.org/repo/gentoo.git/commit/sys-apps/busybox?id=25e0a98682b9ab600cb3a6ea3fc3834ce1cce8f6, it appears `unset KBUILD_OUTPUT` was removed from src_prepare() but left in src_compile().  Thus, it's not present during the first call to bbmake() (i.e., emake()), when called in src_configure().  Ideally, it should be declared in src_configure() or bbmake() and removed elsewhere.