** Changed in: qemu (Debian)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1726394
Title:
Passes through prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER,
Fix has been released with QEMU 2.11:
https://git.qemu.org/?p=qemu.git;a=commitdiff;h=a8b154a637b586441b
** Changed in: qemu
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
LP, this was unfair to reverse-pass me :-)
Anyway - done - thanks Julian and James C. for your work on that.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1726394
Title:
Passes through
See it passed [1] but britney not picking up.
Giving it some time to do so.
[1]:
https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac
/autopkgtest-bionic/bionic/amd64/o/open-
iscsi/20171114_135029_17bf1@/log.gz
--
You received this bug notification because
This bug was fixed in the package qemu - 1:2.10+dfsg-0ubuntu4
---
qemu (1:2.10+dfsg-0ubuntu4) bionic; urgency=medium
* Apply linux-user-return-EINVAL-from-prctl-PR_-_SECCOMP.patch from
James Cowgill to prevent qemu-user from forwarding prctl seccomp
calls (LP: #1726394)
Ok, thanks for the info Julian!
** Changed in: qemu (Ubuntu Xenial)
Status: Triaged => Won't Fix
** Changed in: qemu (Ubuntu Zesty)
Status: Triaged => Won't Fix
** Changed in: qemu (Ubuntu Artful)
Status: Triaged => Won't Fix
--
You received this bug notification because
I think we can skip SRUing this, apt now has a new workaround based on
execve()ing with QEMU_VERSION=meow, which calls qemu-user to exit with
0. It executes a program guaranteed to exit with 1, and just disables
seccomp if that exits with 0.
This was blocked migrating on a autopkgtest for a known issue now resolved.
TL;DR no bionic images. Resolved now, should migrate soon.
While the final fix now accepted in linux-user is slightly different,
the difference is only a comment. It is therefore fine if we pick this
up on next merge for
@pmaydell It's actually https://lists.gnu.org/archive/html/qemu-
devel/2017-11/msg00828.html :)
@paelzer It mostly depends how people run a apt 1.6 foreign architecture chroot
with the same pointer size as the host architecture - if they install qemu-user
inside the chroot, they're fine, if
v2 of the patch (https://lists.gnu.org/archive/html/qemu-
devel/2017-11/msg01199.html) has been accepted upstream, though it isn't
in master yet.
** Tags added: linux-user
** Changed in: qemu
Status: New => In Progress
--
You received this bug notification because you are a member of
FYI - this is from http://lists.nongnu.org/archive/html/qemu-
devel/2017-11/msg00417.html
Upstream response looks good, but not committed there yet.
@Julian - given the case will you need this as an SRU as well or is it
only tied to newer apt (or newer apt use cases)?
Test queues in Bionic are
** Changed in: qemu (Debian)
Status: Unknown => Confirmed
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1726394
Title:
Passes through prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, address)
** Bug watch added: Debian Bug tracker #880582
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880582
** Also affects: qemu (Debian) via
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880582
Importance: Unknown
Status: Unknown
--
You received this bug notification because
** Changed in: qemu (Ubuntu)
Status: Triaged => Fix Committed
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1726394
Title:
Passes through prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, address)
I worked around this in APT for now by ignoring EFAULT or rather,
printing a warning. It would be nice to not do this though.
** Also affects: qemu (Ubuntu)
Importance: Undecided
Status: New
** Changed in: qemu (Ubuntu)
Importance: Undecided => Medium
** Changed in: qemu (Ubuntu)
Returning EINVAL would make sense, as that's what a pre-seccomp kernel
or a kernel built without seccomp support would do.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1726394
Title:
Passes
16 matches
Mail list logo
