Re: ASAN and dhcpcd with privilege separation

[Kamil Rytarowski <kamil%netbsd.org@localhost>]

On 31.01.2021 15:19, Roy Marples wrote:
> On 31/01/2021 14:10, Kamil Rytarowski wrote:
>> On 31.01.2021 13:21, Roy Marples wrote:
>>>
>>> What I want to end up with is some #ifdef SANITIZE foo so that enough is
>>> disabled to make it work.
>>
>> You can use something like this:
>>
>> #ifndef __has_feature
>> #define __has_feature(x)        0
>> #endif
>>
>> #if __has_feature(address_sanitizer) || \
>>      defined(__SANITIZE_ADDRESS__) || \
>>      __has_feature(leak_sanitizer) || \
>>      defined(__SANITIZE_LEAK__)
>>
>> asan_lsan_code_here();
>>
>> #else
>>
>> no_asan_lsan_code_here();
>>
>> #endif
> 
> Yes, but I don't know what to disable *in dhcpcd* other than the whole
> privsep code, which is what really needs testing!
> 
> I was hoping I could just disable dropping user, chroot and any platform
> sandboxing but if the sanitizers stop working when a process forks it's
> pretty useless at this point to continue.
> 
> Now if the expectation is that the sanitizers are supposed to work with
> socketpair, forking and moving data across the sockets to each other I'd
> love to know why it's not working for dhcpcd with the patches I posted
> previously.
> 
> Roy

The general hints are:

 - Avoid features that prevent ptrace(2) from working or disable LSan.
 - Log to a file and assure that the environment variables are preserved
in child processes.

If everything should work and it does not, then debug sanitizers and
there could be a bug (there are plenty).