coverletter explanation as sent to kernel-team list:
In bionic, all archs provided by Ubuntu either define __NR_pkey_mprotect
(arm/x86) or define __IGNORE_pkey_mprotect (powerpc/s390). This value was
used, until libseccomp was updated via bug 1815415, to instead (if
__NR_pkey_mprotect was not defined by the kernel headers) define it as a
negative error value:
+#define __PNR_pkey_mprotect -10201
+#ifndef __NR_pkey_mprotect
+#define __NR_pkey_mprotect __PNR_pkey_mprotect
+#endif /* __NR_pkey_mprotect */
systemd, the next time it was built against libseccomp, pulled that
__NR_pkey_mprotect value and started using it for ppc64el, though it was
a negative error value, so it would not actually work as a syscall number.
This caused the systemd test-seccomp autopkgtest to start failing, as
the systemd function it tested only issued the pkey_mprotect syscall if
__NR_pkey_mprotect was defined.
After these patches are applied to bionic, both libseccomp and systemd will
need to be rebuilt - libseccomp rebuilt against the kernel headers, and
systemd against the libseccomp headers.
Note this is not only a fix to allow a test to pass, this actually
provides the syscall number for the functionality on ppc64el on bionic,
which would have failed before (on ppc64el on bionic, but not x86/arm
on bionic); specifically one example is the systemd usage
MemoryDenyWriteExecution as shown in bug 1725348.
Also note that s390x also defines __IGNORE_pkey_mprotect, but the systemd
test only expects its test case to pass for select archs, and s390x is not
one of them, so it has always expected a failure there. It appears s390x
still does not support pkey_mprotect (it defined pkey_* starting at
commit b41c51c8e194c0bdfb4b1778a137aea8246c86cd, but appears to still
not support them).-- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1821625 Title: systemd 237-3ubuntu10.14 ADT test failure on Bionic ppc64el (test- seccomp) Status in libseccomp package in Ubuntu: Fix Released Status in linux package in Ubuntu: Fix Released Status in systemd package in Ubuntu: Invalid Status in libseccomp source package in Bionic: New Status in linux source package in Bionic: New Status in systemd source package in Bionic: Invalid Bug description: Starting with systemd 237-3ubuntu10.14, the testcase test-seccomp is failing on Bionic on ppc64el with the error messages: Operating on architecture: ppc Failed to add n/a() rule for architecture ppc, skipping: Bad address Operating on architecture: ppc64 Failed to add n/a() rule for architecture ppc64, skipping: Bad address Operating on architecture: ppc64-le Failed to add n/a() rule for architecture ppc64-le, skipping: Numerical argument out of domain Assertion 'p == MAP_FAILED' failed at ../src/test/test-seccomp.c:413, function test_memory_deny_write_execute_mmap(). Aborting. memoryseccomp-mmap terminated by signal ABRT. Assertion 'wait_for_terminate_and_check("memoryseccomp-mmap", pid, WAIT_LOG) == EXIT_SUCCESS' failed at ../src/test/test-seccomp.c:427, function test_memory_deny_write_execute_mmap(). Aborting. Aborted (core dumped) FAIL: test-seccomp (code: 134) Full logs at: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/ppc64el/s/systemd/20190302_025135_d0e38@/log.gz The testcase passed with systemd version 237-3ubuntu10.13 running on the same 4.15.0-45 kernel on ppc64el: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/ppc64el/s/systemd/20190228_154406_6b12f@/log.gz To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libseccomp/+bug/1821625/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
