| Summary: | sys-fs/cryptsetup crashes when USE=-dynamic on hardened systems | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Flo <flo> |
| Component: | [OLD] Core system | Assignee: | Gentoo's Team for Core System packages <base-system> |
| Status: | RESOLVED DUPLICATE | ||
| Severity: | critical | CC: | azoff, gengor |
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | AMD64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Attachments: | Strace of segfaulting cryptsetup. | ||
|
Description
Flo
2008-02-13 11:07:47 UTC
reassigning to maintainer Is there any chance of getting this ebuild with the 1.0.6 version into portage in the next time ? (In reply to comment #0) > It fixed a nasty bug i had when running cryptsetup on an amd64 machine. > cryptsetup always segfaulted during formatting a partition. Just a quick question. I have myself stumbled on this bug and for me it doesn't seem like 1.0.6-pre* fixes it. However, if I compile sys-fs/crypsetup with USE=dynamic it will work once the system is booted, but not when it boots (missing lib as I have /usr on another partition). Therefor I know ask how you compiled 1.0.6-pre1 to get it working? I have tested running sys-fs/cryptsetup under the following kernels and all show the same result: * sys-kernel/hardened-sources-2.6.23-r7 * sys-kernel/hardened-sources-2.6.23-r8 * sys-kernel/gentoo-sources-2.6.22-r10 * sys-kernel/gentoo-sources-2.6.23-r9 * sys-kernel/vanilla-sources-2.6.23.16 With much help of #gentoo-hadened @ freenode, I/we have come to the conclusion that this has to do with the hardened profile. One of my other computers has basically the same hardware (minus a hardware raid-card) that has "normal" Gentoo amd64 doesn't show these problems. I can even run (with success) a binary from this host! I somehow fixed this after recompiling the world (emerge -e world) after removing -fforce-addr and using the vanilla specs for gcc. It didn't work at first, but after a reboot it started to work so I can't really tell if this is the key or something else happened during the merge. To reproduce (atleast my behavior), you can fetch stage3 from http://releases.barfoo.org/amd64/stages/hardened/current/ and just merge sys-fs/cryptsetup. Just make sure to have USE=-dynamic when merging. Probably here is plenty I missed, so if you got any questions, just hit me with it! Created attachment 145767 [details]
Strace of segfaulting cryptsetup.
I just unmerged the old 1.0.5 (the dependencies where still merged) and did the the usual "configure, make, make install"-shot, afterwards it worked perfectly with hardened profile, hardened source (pax, grsec enabled) and hardened gcc. All on the amd64 profile. Could you please try to move away your working binary and remerge sys-fs/cryptsetup with USE=dynamic and see if it still works for you? If it does, try removing dynamic and see if it breaks. I think that the reason it's working for you is that it isn't compiled statically as the ebuild does (by default). You were absolutely right. I added +dynamic and it works perfectly. I should visit freenode more often. No one was able to help me for months and i searched the web like hell for a solution, but the ONLY thing i never tried is to compile it with use dynamic. Thanks very much for your help! Reassigning back to herd since Benjamin has retired as a Gentoo developer (#89719). Also accidentially removed me from CC Confirmed. Segfaults with -dynamic. Fixed by re-emerging using +dynamic. Amd64 Hardened 2.6.35 gcc (Gentoo Hardened 4.4.4-r2 p1.2, pie-0.4.5) 4.4.4 *** This bug has been marked as a duplicate of bug 283470 *** |
