** No longer affects: lshw (Ubuntu Trusty) ** Description changed:
[Impact] - * lshw crashes with SEGV in privileged containers, unless you disable + * lshw crashes with SEGV in privileged containers, unless you disable the 'usb' test: $ lshw -disable usb [Test Case] ## Create a privileged container. ## $ lxc launch ubuntu:16.04 priv -c security.privileged=true Creating priv Starting priv ## Execute lshw inside the privileged container. ## $ lxc exec priv bash - root@priv:~# + root@priv:~# root@priv:~#lshw Segmentation fault + [Regression Potential] - [Regression Potential] + * Risks of regression are low. - * Risks of regression are low. + * I have tested lshw inside containers (unprivileges/privileges) and + baremetal with success connecting different types of usb device : + webcam, usb keys, ... The usb output of lshw cmd is shown as expected, + but this time without segfaulting when container in privilege mode. - * I have tested lshw inside containers (unprivileges/privileges) and baremetal with success connecting different types of usb device : webcam, usb keys, ... The usb output of lshw cmd is shown as expected, but this time without segfaulting when container in privilege mode. - - * Basically, the code look if both files doesn't exists + * Basically, the code look if both files doesn't exists #define PROCBUSUSBDEVICES "/proc/bus/usb/devices" #define SYSKERNELDEBUGUSBDEVICES "/sys/kernel/debug/usb/devices" ... - if (!exists(SYSKERNELDEBUGUSBDEVICES) && !exists(PROCBUSUSBDEVICES)) + if (!exists(SYSKERNELDEBUGUSBDEVICES) && !exists(PROCBUSUSBDEVICES)) __return false; I kept the above in place. But what if only 1 of the 2 files exists ? For that reason I added an extra verification if SYSKERNELDEBUGUSBDEVICES exist -> fopen SYSKERNELDEBUGUSBDEVICES. and if fopen SYSKERNELDEBUGUSBDEVICES fails and PROCBUSUSBDEVICES exist then -> fopen "PROCBUSUSBDEVICES" The code first look for SYSKERNELDEBUGUSBDEVICES and if it fails it jump to PROCBUSUSBDEVICES. But if PROCBUSUSBDEVICES fails there was no mechanism to skip, thus segfault. - I also added another if statement in case PROCBUSUSBDEVICES fails like in this situation (no such file or directory) in privileged container, same as if SYSKERNELDEBUGUSBDEVICES can't be opened to force to jump on trying PROCBUSUSBDEVICES. - + I also added another if statement in case PROCBUSUSBDEVICES fails like + in this situation (no such file or directory) in privileged container, + same as if SYSKERNELDEBUGUSBDEVICES can't be opened to force to jump on + trying PROCBUSUSBDEVICES. [Other Info] - - * Proposal made to lyonel/lshw (Lyonel Vincent being lshw maintainer) : - https://github.com/lyonel/lshw/pull/33 - * I also sent Lyonel an email to poke him. + * Proposal made to lyonel/lshw (Lyonel Vincent being lshw maintainer) : + https://github.com/lyonel/lshw/pull/33 + + * I also sent Lyonel an email to poke him. + + * This bug doesn't affect Trusty in privileged container. + Only Xenial and late after some upstream code change. [Original Description] When running lshw in a Xenial container, I'm getting a segmentation fault. I'll attach the apport crash dump. ``` stgraber@castiana:~$ lxc launch ubuntu:16.04 priv -c security.privileged=true Creating priv Starting priv stgraber@castiana:~$ lxc exec priv bash root@priv:~# lshw Segmentation fault root@priv:~# ``` [strace of lshw] open("/usr/share/hwdata/usb.ids", O_RDONLY) = -1 ENOENT (No such file or directory) open("/etc/usb.ids", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/usb.ids", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/local/share/usb.ids", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/lshw-common/usb.ids", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/usb.ids", O_RDONLY) = -1 ENOENT (No such file or directory) open("/sys/kernel/debug/usb/devices", O_RDONLY) = -1 EACCES (Permission denied) open("/proc/bus/usb/devices", O_RDONLY) = -1 ENOENT (No such file or directory) --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0} --- +++ killed by SIGSEGV +++ Segmentation fault -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1699161 Title: lshw crashes with SEGV in privileged containers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lshw/+bug/1699161/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs