dhcpcd-discuss

Hi Roy,

We are running on an ARM32 with glibc 2.3.0. The distro is custom built using the Linux 4.9 kernel (with patches from our processor vendor) and built/configured using the Yocto project. 

I compiled with SECCOMP_FILTER_DEBUG, and saw this output:
root@RCFA-1048515:~# dhcpcd --nobackground --broadcast --timeout 10 -d br0
dhcpcd-9.3.2 starting
chrooting as dhcpcd to /var/lib/dhcpcd
sandbox: seccomp
spawned master process on PID 917
spawned privileged actioneer on PID 918
spawned controller proxy on PID 919
DUID 00:01:00:01:27:10:1b:c0:00:02:d9:1f:ff:c3
br0: executing: /lib/dhcpcd/dhcpcd-run-hooks PREINIT
br0: executing: /lib/dhcpcd/dhcpcd-run-hooks CARRIER
br0: IAID d9:1f:ff:c3
br0: delaying IPv4 for 0.6 seconds
br0: reading lease: /var/db/dhcpcd/br0.lease
br0: rebinding lease of 192.168.10.14
br0: sending REQUEST (xid 0x857d13e9), next in 4.8 seconds
br0: acknowledged 192.168.10.14 from 192.168.10.1
br0: probing address 192.168.10.14/24
br0: probing for 192.168.10.14
br0: ARP probing 192.168.10.14 (1 of 3), next in 1.7 seconds
br0: ARP probing 192.168.10.14 (2 of 3), next in 1.2 seconds
br0: ARP probing 192.168.10.14 (3 of 3), next in 2.0 seconds
br0: DAD completed for 192.168.10.14
br0: leased 192.168.10.14 for 300 seconds
br0: renew in 150 seconds, rebind in 262 seconds
br0: writing lease: /var/db/dhcpcd/br0.lease
br0: adding IP address 192.168.10.14/24 broadcast 192.168.10.255
br0: adding route to 192.168.10.0/24
br0: adding default route via 192.168.10.1
br0: ARP announcing 192.168.10.14 (1 of 2), next in 2.0 seconds
br0: executing: /lib/dhcpcd/dhcpcd-run-hooks BOUND
spawned listener 192.168.10.14 on PID 953
br0: ARP announcing 192.168.10.14 (2 of 2)
ps_seccomp_violation: unexpected syscall 221 (arch=0x40000028)

The unexpected syscall 221 correlates with attempting to dump the lease:
root@RCFA-1048515:~# dhcpcd --dumplease -4 -d br0
send OK
dhcpcd_readdump0: Connection reset by peer

Looks like it is a call to fnctl64. I added fnctl64 to ps_seccomp_filter, and tried again. This time dumping the lease failed with the a different message:
root@RCFA-1048515:~# dhcpcd --dumplease -4 br0
ps_seccomp_violation: unexpected syscall 197 (arch=0x40000028)

Syscall 197 is fstat64, so I added that to the filter too and then was able to dump the lease successfully. I've attached the patch file that appears to work for us with privsep enabled.

Thanks for the help.

-----Original Message-----
From: Roy Marples <roy@xxxxxxxxxxxx> 
Sent: Wednesday, November 11, 2020 3:37 AM
To: Matthew Clarkson <mclarkson@xxxxxxxxxxxxxxxxxxxx>
Cc: dhcpcd-discuss@xxxxxxxxxxxx
Subject: Re: dhcpcd dumplease reports "dhcpcd not running"

On 10/11/2020 09:11, Roy Marples wrote:
> Hi Matthew
> 
> On 09/11/2020 19:45, Matthew Clarkson wrote:
>> After applying the patch, I am able to dump the lease if dhcpcd is 
>> configured with --disable-privsep.
>>
>> With privsep enabled I am seeing the message "main: control_send: Broken pipe" 
>> the first time attempting to dump the lease and "dhcpcd is not 
>> running message" on subsequent attempts.
>>
>> Attached is strace of the first attempt showing EPIPE error when 
>> trying to write to the .unpriv socket, a listing of the run 
>> directory, and strace of the second dumplease attempt showing 
>> ECONNREFUSED when trying to connect to the socket (presumably because the first write attempt failed.
>>
>> Any thoughts are appreciated.
> 
> Sounds like the master dhcpcd process crashed!
> This is bad. I can't even replicate your problem.
> 
> Could you describe which OS you are using please?
> 
> To get more debug info we will probably need to strace -f the main 
> dhcpcd process rather than the calling client. FWIW, this works fine 
> for me on NetBSD-current and Devuan (pretty fresh).

I wonder if it's a new SECCOMP failure.
It works fine for me on AMD64. What CPU/libc/distro are you seeing this on?

Try adding -DSECCOMP_FILTER_DEBUG to CPPFLAGS and maybe dhcpcd can log more.

Roy

Attachment: privsep-linux.patch
Description: privsep-linux.patch