Re: [capsicum] unexpected behavior from lcs_send_rights



On 8 Nov 2013, at 19:46, Pawel Jakub Dawidek <pjd at FreeBSD.org> wrote:

>> I'm using Capsicum based on FreeBSD 9.0-current, and getting some
>> unexpected behavior from the library function lcs_send_rights(). In
>> particular, if I use lcs_send_rights() to send n capabilities and then have
>> the host receive n capabilities, the host sometimes receives the first m <
>> n capabilities correctly, but then gets garbage values (negative ints) for
>> the remaining values. My success seems to vary with values of n.
>> 
>> Are there known issues with lcs_send_rights along these lines? Is it likely
>> that I'm breaking a key assumption of lcs_send_rights()? I can try and
>> provide more diagnostics as needed.
> 
> I cannot even locate lcs_send_rights() function anymore, a lot has
> changed.

lcs_send_rights() is an IPC routine in the old libcapsicum -- it wraps UNIX domain socket sendmsg().

> There is still a possibility we have a bug in FreeBSD when trying to
> send multiple file descriptors over unix domain socket. Is there any
> chance you could try FreeBSD 10? I'd recommend moving to this version
> anyway, as there were many, backward incompatible, changes.

It's possible for me to imagine a libcapsicum bug here -- or triggering a kernel bug along the above lines. Updating to a more recent kernel makes sense -- but Bill should watch out for changed semantics on some of the capability rights in 10 that might affect application semantics.

Robert



This archive was generated by a fusion of Pipermail (Mailman edition) and MHonArc.