[Qemu-devel] [Bug 1525676] Re: qemu runas and sandbox option incompatible, process will hang in futex after setgid

Tue, 06 Jun 2017 16:46:46 -0700 

hmm, the change still did not made it upstream.
I lost track on it and only see it now checking bugs that became dormant - was 
that fixed in another way?

** Changed in: qemu (Ubuntu)
       Status: Triaged => Incomplete

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1525676

Title:
  qemu runas and sandbox option incompatible, process will hang in futex
  after setgid

Status in QEMU:
  New
Status in qemu package in Ubuntu:
  Incomplete

Bug description:
  With -runas [user] and -sandbox on, qemu process will fail in the
  process of dropping privileges. While setgid() is done (see below),
  setuid() is not attempted. Instead process blocks waiting for a futex
  never to come.

  [pid 21769] +++ killed by SIGSYS +++
  [pid 21767] <... tgkill resumed> )      = 0
  [pid 21767] tgkill(21767, 21768, SIGRT_1 <unfinished ...>
  [pid 21768] <... nanosleep resumed> {0, 7284187}) = ? ERESTART_RESTARTBLOCK 
(Interrupted by signal)
  [pid 21768] --- SIGRT_1 {si_signo=SIGRT_1, si_code=SI_TKILL, si_pid=21767, 
si_uid=0} ---
  [pid 21768] setgid(100)                 = 0
  [pid 21768] futex(0x7f7f0f53fd1c, FUTEX_WAKE_PRIVATE, 1) = 0
  [pid 21768] rt_sigreturn()              = -1 EINTR (Interrupted system call)
  [pid 21768] nanosleep({0, 7284187},  <unfinished ...>
  [pid 21767] <... tgkill resumed> )      = 0
  [pid 21767] futex(0x7ffd5a9b6890, FUTEX_WAIT_PRIVATE, 3, NULL <unfinished ...>
  [pid 21768] <... nanosleep resumed> 0x7f7f0f53eb00) = 0
  [pid 21768] futex(0x55f52acd1f44, FUTEX_WAIT, 4294967295, NULL

  This bug might be addresses in the discussion/patchset
  http://qemu.11.n7.nabble.com/PATCH-Add-syscalls-for-runas-and-chroot-
  to-the-seccomp-sandbox-td359588.html

  # lsb_release -rd
  Description:    Ubuntu 15.10
  Release:        15.10

  # apt-cache policy qemu-system-x86
  qemu-system-x86:
    Installed: 1:2.3+dfsg-5ubuntu9.1
    Candidate: 1:2.3+dfsg-5ubuntu9.1
    Version table:
   *** 1:2.3+dfsg-5ubuntu9.1 0
          500 http://archive.ubuntu.com/ubuntu/ wily-updates/main amd64 Packages
          500 http://archive.ubuntu.com/ubuntu/ wily-security/main amd64 
Packages
          100 /var/lib/dpkg/status
       1:2.3+dfsg-5ubuntu9 0
          500 http://archive.ubuntu.com/ubuntu/ wily/main amd64 Packages

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1525676/+subscriptions

Reply via email to