Unable to build a working "static" 1.19.3 build under uclibc hardened
Ed W
lists at wildgooses.com
Mon Aug 20 19:39:25 UTC 2012
Hi, I'm still trying to understand the details or figure out how to get
a backtrace, but although I can build a working dynamically linked
busybox 1.19.3, whenever I build the same config with "static" config
set I get a binary which behaves very strangely, in particular dying
whenever a sub process is used, or exiting the main executable:
# /tmp/busybox sh /tmp/test.sh
Killed (core dumped)
# cat /tmp/test.sh
#!/bin/sh
echo abcd | grep debug
The specifics of the build environment are a gentoo x86 chroot, running
uclibc 0.9.33.1, and a hardened gcc and toolchain. Kernel has PAX and
grsec enabled
Running up a busybox shell with this binary and then running any command
with a pipe (|) seems to cause the core dump message, then a second
attempt locks up the shell and trying to kill -9 the process from
another shell worryingly seems to take quite a significant number of
seconds before the task dies, something like a few 10s of seconds perhaps.
I see in my log files:
[5882184.345386] PAX: From 192.168.105.65: execution attempt in: (null),
00000000-00000000 00000000
[5882184.345391] PAX: terminating task: /tmp/busybox(busybox):20169,
uid/euid: 0/0, PC: (nil), SP: 00000000fdba1bc4
[5882184.345393] PAX: bytes at PC: ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ??
?? ?? ?? ?? ?? ?? ?? ??
[5882184.345415] PAX: bytes at SP-8: 0814ee3408138eb8 fdba1d280804faaa
08138eb8fdba1bc0 ffffffff00000000 fdba1d28080a9805 080b4efb00000001
0000000008138eb8 0815fdbcffffffff 0815fdac026176ba 08138eb8080a97d3
00000018080b18d3
Same build without static works fine (I notice that toggling static
toggles PIE - is this significant? I presume it makes no sense to have a
PIE enabled static executable..?)
I have previously successfully built a static 1.18.3 executable, but
foolishly can't lay my hands on the .config now... I'm just trying to
build various previous versions to see if this is a regression in 1.19,
but wanted to ask if there were any known regressions here, or if I'm
overlooking some obvious build process error that would be significant
with a hardened + static build? I'm not even sure of a sensible way to
get the core dump under gdb at the moment?
Thanks for any pointers
Ed W
More information about the busybox
mailing list