lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <bd0914ce41785654abb7821f764c820815aea362.camel@trillion01.com>
Date: Sat, 23 Aug 2025 11:05:09 -0400
From: Olivier Langlois <olivier@...llion01.com>
To: linux-kernel@...r.kernel.org
Subject: [QUESTION] Core dumps inhibited for ASan binary with setcap
 capabilities despite fs.suid_dumpable=2

Hello LKML,

I'm encountering an issue where core dumps are not generated for an ASan-compiled binary with setcap capabilities (e.g.,
cap_net_admin,cap_net_raw,cap_sys_nice=ep), even with fs.suid_dumpable set to 2 and
ASAN_OPTIONS=disable_coredump=0:unmap_shadow_on_exit=1:abort_on_error=1.

Actually playing with fs.suid_dumpable settings has no incidence on the outcome. Whether it is 0 or 2.
I have tested playing with this setting as suggested by Grok...
(This email has mostly been generated by Grok. It cannot act as an agent yet...)

System details:
- Kernel: Linux aws-dublin 6.11.3-1-ec2 #1 SMP Sun, 13 Oct 2024 15:39:09 +0000 x86_64 GNU/Linux
- GCC: 15.1.1

Reproduction:

lano1106@...-dublin ~/dev/kraken $ cat test_asan.cpp 
#include <cstdlib>

int main() {
    *(int*)0 = 0;  // Force SEGV like your crash
    return 0;
}

lano1106@...-dublin ~/dev/kraken $ g++ -fsanitize=address -g test_asan.cpp -o test_asan
lano1106@...-dublin ~/dev/kraken $ ASAN_OPTIONS=disable_coredump=0:unmap_shadow_on_exit=1:abort_on_error=1 ./test_asan
AddressSanitizer:DEADLYSIGNAL
=================================================================
==3310744==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x56015f60f199 bp 0x7ffdd9466b50 sp 0x7ffdd9466b50 T0)
==3310744==The signal is caused by a WRITE memory access.
==3310744==Hint: address points to the zero page.
    #0 0x56015f60f199 in main /home/lano1106/dev/kraken/test_asan.cpp:4
    #1 0x7f2fc3a376b4  (/usr/lib/libc.so.6+0x276b4) (BuildId: 468e3585c794491a48ea75fceb9e4d6b1464fc35)
    #2 0x7f2fc3a37768 in __libc_start_main (/usr/lib/libc.so.6+0x27768) (BuildId: 468e3585c794491a48ea75fceb9e4d6b1464fc35)
    #3 0x56015f60f084 in _start (/home/lano1106/dev/kraken/test_asan+0x1084) (BuildId: 35f24e6e649e793dac986336cd20c25b0cc70e85)

==3310744==Register values:
rax = 0x0000000000000000  rbx = 0x0000000000000000  rcx = 0x0000000000000000  rdx = 0x0000000000000000  
rdi = 0x0000000000000000  rsi = 0x0000000000000003  rbp = 0x00007ffdd9466b50  rsp = 0x00007ffdd9466b50  
 r8 = 0x00007f2fc3bf6680   r9 = 0x00007f2fc3bf8000  r10 = 0x0000000000000000  r11 = 0x00007f2fc4130530  
r12 = 0x00007ffdd9466c78  r13 = 0x0000000000000001  r14 = 0x00007f2fc489f000  r15 = 0x000056015f611d78  
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/lano1106/dev/kraken/test_asan.cpp:4 in main
==3310744==ABORTING
Aborted (core dumped)
lano1106@...-dublin ~/dev/kraken :( $ sudo setcap cap_net_raw,cap_net_admin,cap_sys_nice=+ep test_asan
[sudo] password for lano1106: 
lano1106@...-dublin ~/dev/kraken $ ASAN_OPTIONS=disable_coredump=0:unmap_shadow_on_exit=1:abort_on_error=1 ./test_asan
AddressSanitizer:DEADLYSIGNAL
=================================================================
==3310762==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x556b9b127199 bp 0x7ffc9d3d1490 sp 0x7ffc9d3d1490 T0)
==3310762==The signal is caused by a WRITE memory access.
==3310762==Hint: address points to the zero page.
    #0 0x556b9b127199 in main /home/lano1106/dev/kraken/test_asan.cpp:4
    #1 0x7fa98f8376b4  (/usr/lib/libc.so.6+0x276b4) (BuildId: 468e3585c794491a48ea75fceb9e4d6b1464fc35)
    #2 0x7fa98f837768 in __libc_start_main (/usr/lib/libc.so.6+0x27768) (BuildId: 468e3585c794491a48ea75fceb9e4d6b1464fc35)
    #3 0x556b9b127084 in _start (/home/lano1106/dev/kraken/test_asan+0x1084) (BuildId: 35f24e6e649e793dac986336cd20c25b0cc70e85)

==3310762==Register values:
rax = 0x0000000000000000  rbx = 0x0000000000000000  rcx = 0x0000000000000000  rdx = 0x0000000000000000  
rdi = 0x0000000000000000  rsi = 0x0000000000000003  rbp = 0x00007ffc9d3d1490  rsp = 0x00007ffc9d3d1490  
 r8 = 0x00007fa98f9f6680   r9 = 0x00007fa98f9f8000  r10 = 0x0000000000000000  r11 = 0x00007fa98ff30530  
r12 = 0x00007ffc9d3d15b8  r13 = 0x0000000000000001  r14 = 0x00007fa9905db000  r15 = 0x0000556b9b129d78  
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/lano1106/dev/kraken/test_asan.cpp:4 in main
==3310762==ABORTING
lano1106@...-dublin ~/dev/kraken :( $ uname -a
Linux aws-dublin 6.11.3-1-ec2 #1 SMP Sun, 13 Oct 2024 15:39:09 +0000 x86_64 GNU/Linux

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ