Debian Bug report logs - #628383
[kfreebsd-*] test failure: test-secmem

version graph

Package: src:libgnome-keyring; Maintainer for src:libgnome-keyring is Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>;

Reported by: Christoph Egger <christoph@debian.org>

Date: Sat, 28 May 2011 14:51:01 UTC

Severity: serious

Tags: jessie, patch, sid

Found in versions libgnome-keyring/3.4.1-1, libgnome-keyring/3.0.2-2

Reply or subscribe to this bug.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>:
Bug#628383; Package src:libgnome-keyring. (Sat, 28 May 2011 14:51:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Christoph Egger <christoph@debian.org>:
New Bug report received and forwarded. Copy sent to Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>. (Sat, 28 May 2011 14:51:05 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Christoph Egger <christoph@debian.org>
To: submit@bugs.debian.org
Subject: libgnome-keyring: FTBFS: FAIL: test-secmem
Date: Sat, 28 May 2011 16:47:33 +0200
[Message part 1 (text/plain, inline)]
Package: src:libgnome-keyring
Version: 3.0.2-2
Severity: serious
Tags: sid wheezy
Justification: fails to build from source (but built successfully in the past)

Hi!

libgnome-keyring stopped to build on kfreebsd-* (and hurd-* due to a
failure in secmem test:

TEST: test-secmem... (pid=31379)
**
ERROR:test-secmem.c:72:test_alloc_free: assertion failed: (p != NULL)
  /secmem/alloc-free:                                                  FAIL
GTester: last random seed: R02Sbeb96584e65670220c34f0bd194f6fa4
(pid=31380)
**
ERROR:test-secmem.c:90:test_realloc_across: assertion failed: (p != NULL)
  /secmem/realloc-across:                                              FAIL
GTester: last random seed: R02S3904d93407e9ebac5a8a1c959b90f23f
(pid=31381)
**
ERROR:test-secmem.c:106:test_alloc_two: assertion failed: (p2 != NULL)
  /secmem/alloc-two:                                                   FAIL
GTester: last random seed: R02S69d454036a5063daea9149cdd10cb270
(pid=31382)
**
ERROR:test-secmem.c:134:test_realloc: assertion failed: (p != NULL)
  /secmem/realloc:                                                     FAIL
GTester: last random seed: R02S059c23e7291b3487c9a099de00b9ac3d
(pid=31383)
  /secmem/multialloc:                                                  OK
**
ERROR:test-secmem.c:226:test_clear: assertion failed: (p != NULL)
  /secmem/clear:                                                       FAIL
GTester: last random seed: R02S895c92a8c428d161d4194d5ac40e3598
(pid=31384)
memory does not belong to gnome-keyring: 0x00607690
test-secmem: egg-secure-memory.c:1131: egg_secure_free_full: Assertion `0 && "memory does does not belong to gnome-keyring"' failed.
  /secmem/strclear:                                                    FAIL
GTester: last random seed: R02S13505086090e4cbef97761a90816aa3e
(pid=31385)
FAIL: test-secmem
make[4]: *** [test] Error 1

Full build-log at
https://buildd.debian.org/status/fetch.php?pkg=libgnome-keyring&arch=kfreebsd-amd64&ver=3.0.2-2&stamp=1306232896

Regards

    Christoph

-- 
9FED 5C6C E206 B70A 5857  70CA 9655 22B9 D49A E731
Debian Developer | Lisp Hacker | CaCert Assurer

A. Because it breaks the logical sequence of discussion
Q. Why is top posting bad?
[Message part 2 (application/pgp-signature, inline)]

Changed Bug title to 'libgnome-keyring: FTBFS on kfreebsd-*, test suite failure in test-secmem' from 'libgnome-keyring: FTBFS: FAIL: test-secmem' Request was from Michael Biebl <biebl@debian.org> to control@bugs.debian.org. (Sat, 04 Jun 2011 15:06:03 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>:
Bug#628383; Package src:libgnome-keyring. (Wed, 06 Jul 2011 19:39:08 GMT) Full text and rfc822 format available.

Acknowledgement sent to Michael Biebl <biebl@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>. (Wed, 06 Jul 2011 19:39:08 GMT) Full text and rfc822 format available.

Message #12 received at 628383@bugs.debian.org (full text, mbox):

From: Michael Biebl <biebl@debian.org>
To: debian-bsd@lists.debian.org
Cc: 628383@bugs.debian.org
Subject: libgnome-keyring: FTBFS on kfreebsd-*, test suite failure in test-secmem
Date: Wed, 06 Jul 2011 21:36:33 +0200
[Message part 1 (text/plain, inline)]
Hi kfreebsd porters,

could you please look at [1]. Any help regarding this bug would be appreciated.

Cheers,
Michael

[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628383
-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?

[signature.asc (application/pgp-signature, attachment)]

Severity set to 'important' from 'serious' Request was from Michael Biebl <biebl@debian.org> to control@bugs.debian.org. (Thu, 29 Sep 2011 17:54:03 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>:
Bug#628383; Package src:libgnome-keyring. (Tue, 12 Jun 2012 00:45:06 GMT) Full text and rfc822 format available.

Acknowledgement sent to Steven Chamberlain <steven@pyro.eu.org>:
Extra info received and forwarded to list. Copy sent to Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>. (Tue, 12 Jun 2012 00:45:06 GMT) Full text and rfc822 format available.

Message #19 received at 628383@bugs.debian.org (full text, mbox):

From: Steven Chamberlain <steven@pyro.eu.org>
To: 628383@bugs.debian.org
Cc: "debian-bsd@lists.debian.org" <debian-bsd@lists.debian.org>
Subject: Re: Bug#628383: [kfreebsd-*] test failure: test-secmem
Date: Tue, 12 Jun 2012 01:40:43 +0100
retitle 628383 [kfreebsd-*] test failure: test-secmem
found 628383 3.4.1-1
thanks

Hi,

I've just reviewed/tested that this issue was still present in the
latest build, but libgnome-keyring no longer FTBFS since it ignores the
test failure (adjusting bug title accordingly).

Regards,
-- 
Steven Chamberlain
steven@pyro.eu.org




Changed Bug title to '[kfreebsd-*] test failure: test-secmem' from 'libgnome-keyring: FTBFS on kfreebsd-*, test suite failure in test-secmem' Request was from Steven Chamberlain <steven@pyro.eu.org> to control@bugs.debian.org. (Tue, 12 Jun 2012 00:45:08 GMT) Full text and rfc822 format available.

Marked as found in versions libgnome-keyring/3.4.1-1. Request was from Steven Chamberlain <steven@pyro.eu.org> to control@bugs.debian.org. (Tue, 12 Jun 2012 00:45:08 GMT) Full text and rfc822 format available.

Added tag(s) jessie. Request was from Julien Cristau <jcristau@debian.org> to control@bugs.debian.org. (Thu, 18 Apr 2013 17:43:21 GMT) Full text and rfc822 format available.

Severity set to 'serious' from 'important' Request was from Michael Biebl <biebl@debian.org> to control@bugs.debian.org. (Thu, 06 Jun 2013 06:06:04 GMT) Full text and rfc822 format available.

Removed tag(s) wheezy. Request was from Michael Biebl <biebl@debian.org> to control@bugs.debian.org. (Thu, 06 Jun 2013 06:06:07 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>:
Bug#628383; Package src:libgnome-keyring. (Fri, 07 Jun 2013 07:24:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Petr Salinger <Petr.Salinger@seznam.cz>:
Extra info received and forwarded to list. Copy sent to Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>. (Fri, 07 Jun 2013 07:24:04 GMT) Full text and rfc822 format available.

Message #34 received at 628383@bugs.debian.org (full text, mbox):

From: Petr Salinger <Petr.Salinger@seznam.cz>
To: 628383@bugs.debian.org
Subject: libgnome-keyring: FTBFS on kfreebsd-*, test suite failure in test-secmem
Date: Fri, 7 Jun 2013 09:21:01 +0200 (CEST)
Hi.

the test-secmem fails due to different restriction of FreeBSD kernel.

The FreeBSD kernel does not allow mlock()/mlockall() for ordinary user.

http://www.freebsd.org/cgi/man.cgi?query=mlock&sektion=2
http://www.freebsd.org/cgi/man.cgi?query=mlockall&sektion=2

"These calls are only available to the super-user."

This behaviour fully conforms to

http://pubs.opengroup.org/onlinepubs/9699919799/functions/mlock.html
http://pubs.opengroup.org/onlinepubs/9699919799/functions/mlockall.html

"Appropriate privileges are required to lock process memory ..."

Iff I do as a root in build directory:
 cd egg/tests
 chown root.root test-secmem
 chmod u+s test-secmem

I can later as ordinary user do
  cd egg/tests
  make check

with output:

TEST: test-secmem... (pid=13110)
  /secmem/alloc_free:                                                  OK
  /secmem/realloc_across:                                              OK
  /secmem/alloc_two:                                                   OK
  /secmem/realloc:                                                     OK
  /secmem/multialloc:                                                  OK
  /secmem/clear:                                                       OK
  /secmem/strclear:                                                    OK
PASS: test-secmem

So the code seems to work correctly when appropriate privileges are 
available.

Cheers

	Petr



Information forwarded to debian-bugs-dist@lists.debian.org, Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>:
Bug#628383; Package src:libgnome-keyring. (Fri, 07 Jun 2013 09:36:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Michael Biebl <biebl@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>. (Fri, 07 Jun 2013 09:36:04 GMT) Full text and rfc822 format available.

Message #39 received at 628383@bugs.debian.org (full text, mbox):

From: Michael Biebl <biebl@debian.org>
To: Petr Salinger <Petr.Salinger@seznam.cz>, 628383@bugs.debian.org
Subject: Re: Bug#628383: libgnome-keyring: FTBFS on kfreebsd-*, test suite failure in test-secmem
Date: Fri, 07 Jun 2013 11:33:32 +0200
[Message part 1 (text/plain, inline)]
Hi Petr,

Am 07.06.2013 09:21, schrieb Petr Salinger:
> the test-secmem fails due to different restriction of FreeBSD kernel.
> 
> The FreeBSD kernel does not allow mlock()/mlockall() for ordinary user.
> 
> http://www.freebsd.org/cgi/man.cgi?query=mlock&sektion=2
> http://www.freebsd.org/cgi/man.cgi?query=mlockall&sektion=2
> 
> "These calls are only available to the super-user."
> 
> This behaviour fully conforms to
> 
> http://pubs.opengroup.org/onlinepubs/9699919799/functions/mlock.html
> http://pubs.opengroup.org/onlinepubs/9699919799/functions/mlockall.html
> 
> "Appropriate privileges are required to lock process memory ..."
> 
> Iff I do as a root in build directory:
>  cd egg/tests
>  chown root.root test-secmem
>  chmod u+s test-secmem
> 
> I can later as ordinary user do
>   cd egg/tests
>   make check
> 
> with output:
> 
> TEST: test-secmem... (pid=13110)
>   /secmem/alloc_free:                                                  OK
>   /secmem/realloc_across:                                              OK
>   /secmem/alloc_two:                                                   OK
>   /secmem/realloc:                                                     OK
>   /secmem/multialloc:                                                  OK
>   /secmem/clear:                                                       OK
>   /secmem/strclear:                                                    OK
> PASS: test-secmem
> 
> So the code seems to work correctly when appropriate privileges are
> available.

What should be used on kfreebsd then to lock process memory as ordinary
user, ie. how can this bug be fixed?

Michael


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?

[signature.asc (application/pgp-signature, attachment)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>:
Bug#628383; Package src:libgnome-keyring. (Fri, 07 Jun 2013 10:21:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Petr Salinger <Petr.Salinger@seznam.cz>:
Extra info received and forwarded to list. Copy sent to Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>. (Fri, 07 Jun 2013 10:21:04 GMT) Full text and rfc822 format available.

Message #44 received at 628383@bugs.debian.org (full text, mbox):

From: Petr Salinger <Petr.Salinger@seznam.cz>
To: Michael Biebl <biebl@debian.org>
Cc: 628383@bugs.debian.org
Subject: Re: Bug#628383: libgnome-keyring: FTBFS on kfreebsd-*, test suite failure in test-secmem
Date: Fri, 7 Jun 2013 12:19:40 +0200 (CEST)
Hello Michael.

>> the test-secmem fails due to different restriction of FreeBSD kernel.
>> The FreeBSD kernel does not allow mlock()/mlockall() for ordinary user.

> What should be used on kfreebsd then to lock process memory as ordinary
> user, ie. how can this bug be fixed?

The problem with "secure memory" is that it only lowers probability of 
writing sensitive data to disk.
The rest of process memory (including stack) is still subject to swapping,
therefore sensitive data can still end in the disk.
And with "suspend to disk" even "secure memory" will end in the disk.

On the other hand, allowing ordinary user to consume unswappable memory
can lead to DoS.

The primary usage area of mlock() are "soft realtime" systems.

What are the users of this kind "secure memory" ?
Can they have suid bit set ?

The other solution might be to change code to only emit a warning
for EPERM failure of mlock()/munlock().

Currently, it is silent and returns NULL.

Petr

--- egg-secure-memory.c
+++ egg-secure-memory.c
@@ -875,14 +875,17 @@
        }

        if (mlock (pages, *sz) < 0) {
-               if (show_warning && egg_secure_warnings && errno != EPERM) {
+               if (show_warning && egg_secure_warnings) {
                        fprintf (stderr, "couldn't lock %lu bytes of memory (%s): %s\n",
                                 (unsigned long)*sz, during_tag, strerror (errno));
                        show_warning = 0;
                }
+               if (errno != EPERM)
+               {
                munmap (pages, *sz);
                return NULL;
        }
+       }

        DEBUG_ALLOC ("gkr-secure-memory: new block ", *sz);




Added tag(s) patch. Request was from Robert Millan <rmh@debian.org> to control@bugs.debian.org. (Tue, 07 Jan 2014 22:51:12 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Fri Apr 25 09:23:04 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.