I think we can skip SRUing this, apt now has a new workaround based on execve()ing with QEMU_VERSION=meow, which calls qemu-user to exit with 0. It executes a program guaranteed to exit with 1, and just disables seccomp if that exits with 0.
https://anonscm.debian.org/cgit/apt/apt.git/commit/?id=243acdee176dd90cb2838690cb5abbd64d4da905 It's hacky, but it works :) -- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1726394 Title: Passes through prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, address) Status in QEMU: In Progress Status in qemu package in Ubuntu: Fix Committed Status in qemu source package in Xenial: Triaged Status in qemu source package in Zesty: Triaged Status in qemu source package in Artful: Triaged Status in qemu package in Debian: Confirmed Bug description: qemu-user passes through prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, address) unmodified, but the third argument is an address to a BPF filter, causing an EFAULT. Now, the filter is architecture-specifc, so you can't just rewrite the addresses, so the safest bet is to just return an error here. I guess you should just return EINVAL, but not sure. I'd really like something that can be identified, so seccomp errors can be ignored when it's not supported. To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1726394/+subscriptions
