Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 5 May 2013 20:49:50 +0200 (CEST)
From: Jens <jensl@...s.mine.nu>
To: musl@...ts.openwall.com
Subject: Re: procfs stdio writev problem


On Sun, 5 May 2013, Justin Cormack wrote:

> On Sun, May 5, 2013 at 10:16 AM, Jens <jensl@...s.mine.nu> wrote:
>>
>> Hello!
>>
>> I've noticed a problem when using bash linked with musl.
>>
>> laas:~# echo 60 > /proc/sys/kernel/panic
>> -su: echo: write error: Invalid argument
>>
>> laas:~# cat t.sh
>> #!/bin/bash
>> echo 60 > /proc/sys/kernel/panic
>>
>> laas:~# strace -f t.sh
>> ...
>> writev(1, [{"60", 2}, {"\n", 1}], 2)    = 2
>> writev(1, [{"", 0}, {"\n", 1}], 2)      = -1 EINVAL (Invalid argument)
>>
>> I'm guessing that musl uses writev in its stdio implementation.
>>
>> And I think the error is due to a simplistic implementation in procfs, that
>> parses each write on its own, and that the writev is split into several
>> writes.
>
> Looks to me at a quick glance like stdio needs something like (untested)
>
> --- ./src/stdio/__stdio_write.c~ 2012-12-01 22:56:34.156555480 +0000
> +++ ./src/stdio/__stdio_write.c 2013-05-05 10:59:49.856504883 +0100
> @@ -37,7 +37,7 @@
>  return iovcnt == 2 ? 0 : len-iov[0].iov_len;
>  }
>  rem -= cnt;
> - if (cnt > iov[0].iov_len) {
> + if (cnt >= iov[0].iov_len) {
>  f->wpos = f->wbase = f->buf;
>  cnt -= iov[0].iov_len;
>  iov++; iovcnt--;
>
> In the case where the kernel exactly eats the iov you need to move
> onto the next one rather than have a zero length write pointing just
> after the existing one, as that could be an invalid address.

In this case its not the zero length that is the problem.
The problem is that procfs treats each write (or apprently each part of 
the iov) as a separate operation.

So the first operation is "60" which is fine.
The next one is "\n" which is invalid.
So we get two operations instead of one.

The implementation in bash amounts to a printf("60") followed by 
putchar('\n');

The same thing in uclibc works as intended.

I guess I can patch bash, or use sysctl program.

AFAIK neither musl or procfs is doing anything wrong here, it just happens 
that a pure echo no longer works as it used to.

Cheers,
Jens

>
> Justin
>

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.