This bug was fixed in the package libseccomp - 2.1.1-1ubuntu1~trusty3
---
libseccomp (2.1.1-1ubuntu1~trusty3) trusty-proposed; urgency=medium
* Cherrypick various bpf fixes to support argument filtering on 64-bit
(LP: #1653487)
- debian/patches/bpf-use-state-arch.patch: use
I've completed my verification of 2.1.1-1ubuntu1~trusty3 SRU for amd64
and i386.
I followed the test plan for this and bug #1653487 with additional
manual testing for lxc and docker debs along with various snaps (ufw,
lxd, docker (amd64 only since docker upstream doesn't provide 32 bit
images;
Furthermore, I triggered a rebuild for snapd/amd64, it succeeded and is
in trusty-proposed now.
** Tags removed: verification-needed
** Tags added: verification-done
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libseccomp
Hello Michael, or anyone else affected,
Accepted libseccomp into trusty-proposed. The package will build now and
be available at
https://launchpad.net/ubuntu/+source/libseccomp/2.1.1-1ubuntu1~trusty3
in a few hours, and then in the -proposed repository.
Please help us by testing this new
** Also affects: libseccomp (Ubuntu Trusty)
Importance: Undecided
Status: New
** Changed in: libseccomp (Ubuntu Trusty)
Status: New => In Progress
** Changed in: libseccomp (Ubuntu Trusty)
Importance: Undecided => High
** Changed in: libseccomp (Ubuntu Trusty)
Assignee:
I uploaded 2.1.1-1ubuntu1~trusty3 to fix this issue to trusty-proposed.
** Description changed:
[Impact]
A latent bug in libseccomp 2.1.0 and the proposed 2.1.1-1ubuntu1~trusty1 was
exposed in the snapd build testsuite when run on amd64. It has to do with
libseccomp's state machine not
** Summary changed:
- seccomp argument filtering not working on trusty
+ seccomp argument filtering not working on trusty amd64
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libseccomp in Ubuntu.
** Summary changed:
- seccomp argument filtering not working on trusty(?)
+ seccomp argument filtering not working on trusty
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libseccomp in Ubuntu.
** Description changed:
- [Impact]
- A latent bug in libseccomp 2.1.0 and the proposed 2.1.1-1ubuntu1~trusty1 was
exposed in the snapd build testsuite when run on amd64. It has to do with
libseccomp's state machine not always working correctly when using argument
filtering and there were no
** Description changed:
+ [Impact]
+ A latent bug in libseccomp 2.1.0 and the proposed 2.1.1-1ubuntu1~trusty1 was
exposed in the snapd build testsuite when run on amd64. It has to do with
libseccomp's state machine not always working correctly when using argument
filtering and there were no
I've identified the additional patches to make the testsuite happy and
will be testing the cherrypicked patches approach and upload to trusty-
proposed once testing is completed.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed
I'm not done looking at this, but I have confirmed this is a bug in libseccomp
so retargeting there. What is happening is that snap-confine is getting a
denial on geteuid (syscall 107) even though this syscall is included in the
filter. This indicates a problem in the filter setup in libseccomp
12 matches
Mail list logo