On Sat, 24 Aug 2019 23:41+0300, Konstantin Belousov wrote:> On Sat, Aug 24, 2019 at 10:04:49PM +0200, Trond Endrest?l wrote: > > > Disabling ASLR, kern.elf64.aslr.enable=0, before starting ntpd > > manually is a workaround, but this is not viable in the long run. > > Why ?I like to keep ALSR enabled in the hope that it actually achieves something. You are right, I can disable it completely.> > I tried changing command="/usr/sbin/${name}" to > > command="/usr/bin/proccontrol -m aslr -s disable /usr/sbin/${name}" in > > /etc/rc.d/ntpd, but that didn't go well. > > If you set kern.elf64.aslr.stack_gap to zero, does it help ?That helped. Thank you again. -- Trond.
Konstantin Belousov
2019-Aug-24 22:28 UTC
ntpd doesn't like ASLR on stable/12 post-r350672
On Sun, Aug 25, 2019 at 12:19:43AM +0200, Trond Endrest?l wrote:> On Sat, 24 Aug 2019 23:41+0300, Konstantin Belousov wrote: > > > I tried changing command="/usr/sbin/${name}" to > > > command="/usr/bin/proccontrol -m aslr -s disable /usr/sbin/${name}" in > > > /etc/rc.d/ntpd, but that didn't go well. > > > > If you set kern.elf64.aslr.stack_gap to zero, does it help ? > > That helped. Thank you again.Can you verify is ntpd sets new rlimit(RLIMIT_STACK) for the main thread, and if yes, what this new limit is ? aslr.stack_gap is the percentage for the gap on that stack, and since default size of the main stack limit is quite large 512M, even 3% (default gap upper limit) are whole 15M. If the new limit is less than 15M, there is a likely probability that only the gap is left after the rlimit(2) call, leaving no space for the program frames. At least this looks like a nice theory.